Browse Source

UHI Gueltigkeit von Benutzeraccounts

userinfo_gueltigkeit
Meikel Bisping 7 months ago
parent
commit
3935ddfd5b
  1. 29
      src/de/superx/servlet/UserInitializer.java
  2. 4
      superx/WEB-INF/conf/edustore/db/install/conf/kern.xml

29
src/de/superx/servlet/UserInitializer.java

@ -3,6 +3,7 @@ package de.superx.servlet;
import java.io.IOException; import java.io.IOException;
import java.lang.reflect.InvocationTargetException; import java.lang.reflect.InvocationTargetException;
import java.sql.Connection; import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.Date; import java.sql.Date;
import java.sql.PreparedStatement; import java.sql.PreparedStatement;
import java.sql.ResultSet; import java.sql.ResultSet;
@ -508,6 +509,7 @@ public class UserInitializer {
String client_ip = request.getRemoteAddr(); String client_ip = request.getRemoteAddr();
String client_dns = request.getRemoteHost(); String client_dns = request.getRemoteHost();
String protend = ""; String protend = "";
userid = null; userid = null;
// System.out.println("c1"); // System.out.println("c1");
if (SxPools.get(mandantenID).getSqlDialect().equals("Postgres")) { if (SxPools.get(mandantenID).getSqlDialect().equals("Postgres")) {
@ -518,10 +520,14 @@ public class UserInitializer {
Connection myConnection = null; Connection myConnection = null;
try { try {
myConnection = SxPools.getConnection(mandantenID); myConnection = SxPools.getConnection(mandantenID);
boolean isUserinfoMitGueltigkeit=checkUserinfoMitGueltigkeit(myConnection);
String select="select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch from userinfo where benutzer = ? ";
if (isUserinfoMitGueltigkeit) {
select+= "and ( (gueltig_von is null or gueltig_von<=today()) and (gueltig_bis is null or gueltig_bis>=today()) )";
}
Statement stm = myConnection.createStatement(); Statement stm = myConnection.createStatement();
PreparedStatement pst = myConnection PreparedStatement pst = myConnection
.prepareStatement("select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch" .prepareStatement(select);
+ " from userinfo where benutzer = ?");
pst.setString(1, user); pst.setString(1, user);
ResultSet rs = pst.executeQuery(); ResultSet rs = pst.executeQuery();
while (rs.next()) { while (rs.next()) {
@ -543,7 +549,7 @@ public class UserInitializer {
int akt_versuch = rs.getInt(5); int akt_versuch = rs.getInt(5);
int max_versuch = rs.getInt(6); int max_versuch = rs.getInt(6);
if (akt_versuch > max_versuch) { if (akt_versuch > max_versuch|| max_versuch==0) {
rs.close(); rs.close();
pst.close(); pst.close();
stm.close(); stm.close();
@ -561,7 +567,7 @@ public class UserInitializer {
+ "'" + protend); + "'" + protend);
stm.close(); stm.close();
myConnection.close(); myConnection.close();
throw new NichtAngemeldetException("Kein Benutzer " + user + " in Datenbank vorhanden"); throw new NichtAngemeldetException("Kein gültiger Benutzer " + user + " in Datenbank vorhanden");
} }
if (passwort == null) if (passwort == null)
passwort = "dummy"; // bei LDAP oder so passwort = "dummy"; // bei LDAP oder so
@ -618,7 +624,22 @@ public class UserInitializer {
} }
} }
private boolean checkUserinfoMitGueltigkeit(Connection dbConnection) throws SQLException
{
boolean result=false;
Statement stm = dbConnection.createStatement();
DatabaseMetaData md = dbConnection.getMetaData();
ResultSet rs = md.getColumns(null, null, "userinfo", null);
while (rs.next()) {
if (rs.getString(4).equals("gueltig_von")) {
result=true;
}
}
rs.close();
return result;
}
private void updateLastLogin(Connection myConnection) throws SQLException { private void updateLastLogin(Connection myConnection) throws SQLException {
PreparedStatement pst3 = myConnection.prepareStatement("select count(*) from user_pw where userinfo_id=?"); PreparedStatement pst3 = myConnection.prepareStatement("select count(*) from user_pw where userinfo_id=?");
pst3.setInt(1, userid.intValue()); pst3.setInt(1, userid.intValue());

4
superx/WEB-INF/conf/edustore/db/install/conf/kern.xml

@ -1728,6 +1728,8 @@
default ="0" notnull ="false" description="Darf der User Projekte sehen" /> default ="0" notnull ="false" description="Darf der User Projekte sehen" />
<column name="extern_role_id" type="INTEGER" size="9" <column name="extern_role_id" type="INTEGER" size="9"
default="" notnull="false" /> default="" notnull="false" />
<column name="gueltig_von" type="date" description="Beginn Gültigkeit"/>
<column name="gueltig_bis" type="date" description="Ende Gültigkeit"/>
</columns> </columns>
<indexes> <indexes>
<index name="i_userinfo" type="unique"> <index name="i_userinfo" type="unique">
@ -10524,6 +10526,8 @@ Außerdem können Sie hier dem Benutzer Berechtigungen über Gruppen, Sachgebiet
<customfield name="name" nullFieldValue=""/> <customfield name="name" nullFieldValue=""/>
<customfield name="email" nullFieldValue=""/> <customfield name="email" nullFieldValue=""/>
<customfield name="admin" type="include" path="/edit/kern/userinfo_edit_admin.inc"/> <customfield name="admin" type="include" path="/edit/kern/userinfo_edit_admin.inc"/>
<customfield name="gueltig_von" nullFieldValue=""/>
<customfield name="gueltig_bis" nullFieldValue=""/>
<customfield name="max_versuch" nullFieldValue=""/> <customfield name="max_versuch" nullFieldValue=""/>
<customfield name="akt_versuch" nullFieldValue=""/> <customfield name="akt_versuch" nullFieldValue=""/>
<customfield name="password" type="include" path="/edit/kern/userinfo_edit_pw.inc"/> <customfield name="password" type="include" path="/edit/kern/userinfo_edit_pw.inc"/>

Loading…
Cancel
Save