SuperX
/
kern
6
0
Fork 0
Code Issues 8 Pull Requests Projects Releases Wiki Activity
Browse Source

UHI Gueltigkeit von Benutzeraccounts

userinfo_gueltigkeit
Meikel Bisping 7 months ago
parent
f19f5d5502
commit
3935ddfd5b
2 changed files with 30 additions and 5 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 29
      src/de/superx/servlet/UserInitializer.java
  2. 4
      superx/WEB-INF/conf/edustore/db/install/conf/kern.xml

29
src/de/superx/servlet/UserInitializer.java
Unescape View File

@ -3,6 +3,7 @@ package de.superx.servlet; @@ -3,6 +3,7 @@ package de.superx.servlet;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.sql.Connection;
import java.sql.DatabaseMetaData;
import java.sql.Date;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
@ -508,6 +509,7 @@ public class UserInitializer { @@ -508,6 +509,7 @@ public class UserInitializer {
String client_ip = request.getRemoteAddr();
String client_dns = request.getRemoteHost();
String protend = "";
userid = null;
// System.out.println("c1");
if (SxPools.get(mandantenID).getSqlDialect().equals("Postgres")) {
@ -518,10 +520,14 @@ public class UserInitializer { @@ -518,10 +520,14 @@ public class UserInitializer {
Connection myConnection = null;
try {
myConnection = SxPools.getConnection(mandantenID);
boolean isUserinfoMitGueltigkeit=checkUserinfoMitGueltigkeit(myConnection);
String select="select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch from userinfo where benutzer = ? ";
if (isUserinfoMitGueltigkeit) {
select+= "and ( (gueltig_von is null or gueltig_von<=today()) and (gueltig_bis is null or gueltig_bis>=today()) )";
}
Statement stm = myConnection.createStatement();
PreparedStatement pst = myConnection
.prepareStatement("select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch"
+ " from userinfo where benutzer = ?");
.prepareStatement(select);
pst.setString(1, user);
ResultSet rs = pst.executeQuery();
while (rs.next()) {
@ -543,7 +549,7 @@ public class UserInitializer { @@ -543,7 +549,7 @@ public class UserInitializer {
int akt_versuch = rs.getInt(5);
int max_versuch = rs.getInt(6);
if (akt_versuch > max_versuch) {
if (akt_versuch > max_versuch|| max_versuch==0) {
rs.close();
pst.close();
stm.close();
@ -561,7 +567,7 @@ public class UserInitializer { @@ -561,7 +567,7 @@ public class UserInitializer {
+ "'" + protend);
stm.close();
myConnection.close();
throw new NichtAngemeldetException("Kein Benutzer " + user + " in Datenbank vorhanden");
throw new NichtAngemeldetException("Kein gültiger Benutzer " + user + " in Datenbank vorhanden");
}
if (passwort == null)
passwort = "dummy"; // bei LDAP oder so
@ -618,7 +624,22 @@ public class UserInitializer { @@ -618,7 +624,22 @@ public class UserInitializer {
}
}
private boolean checkUserinfoMitGueltigkeit(Connection dbConnection) throws SQLException
{
boolean result=false;
Statement stm = dbConnection.createStatement();
DatabaseMetaData md = dbConnection.getMetaData();
ResultSet rs = md.getColumns(null, null, "userinfo", null);
while (rs.next()) {
if (rs.getString(4).equals("gueltig_von")) {
result=true;
}
}
rs.close();
return result;
}
private void updateLastLogin(Connection myConnection) throws SQLException {
PreparedStatement pst3 = myConnection.prepareStatement("select count(*) from user_pw where userinfo_id=?");
pst3.setInt(1, userid.intValue());

4
superx/WEB-INF/conf/edustore/db/install/conf/kern.xml
Unescape View File

@ -1728,6 +1728,8 @@ @@ -1728,6 +1728,8 @@
default ="0" notnull ="false" description="Darf der User Projekte sehen" />
<column name="extern_role_id" type="INTEGER" size="9"
default="" notnull="false" />
<column name="gueltig_von" type="date" description="Beginn Gültigkeit"/>
<column name="gueltig_bis" type="date" description="Ende Gültigkeit"/>
</columns>
<indexes>
<index name="i_userinfo" type="unique">
@ -10524,6 +10526,8 @@ Außerdem können Sie hier dem Benutzer Berechtigungen über Gruppen, Sachgebiet @@ -10524,6 +10526,8 @@ Außerdem können Sie hier dem Benutzer Berechtigungen über Gruppen, Sachgebiet
<customfield name="name" nullFieldValue=""/>
<customfield name="email" nullFieldValue=""/>
<customfield name="admin" type="include" path="/edit/kern/userinfo_edit_admin.inc"/>
<customfield name="gueltig_von" nullFieldValue=""/>
<customfield name="gueltig_bis" nullFieldValue=""/>
<customfield name="max_versuch" nullFieldValue=""/>
<customfield name="akt_versuch" nullFieldValue=""/>
<customfield name="password" type="include" path="/edit/kern/userinfo_edit_pw.inc"/>

Write Preview
Loading…
Cancel
Save