From df01e0113894d9dc220f0781daeab772d0d65b10 Mon Sep 17 00:00:00 2001
From: Meikel Bisping <info@mbisping.de>
Date: Wed, 17 Apr 2024 15:32:05 +0200
Subject: [PATCH] UHI Gueltigkeit von Benutzeraccounts

---
 src/de/superx/servlet/UserInitializer.java    | 31 ++++++++++++++++---
 .../conf/edustore/db/install/conf/kern.xml    |  4 +++
 2 files changed, 30 insertions(+), 5 deletions(-)

diff --git a/src/de/superx/servlet/UserInitializer.java b/src/de/superx/servlet/UserInitializer.java
index 37ed633..5e49448 100644
--- a/src/de/superx/servlet/UserInitializer.java
+++ b/src/de/superx/servlet/UserInitializer.java
@@ -3,6 +3,7 @@ package de.superx.servlet;
 import java.io.IOException;
 import java.lang.reflect.InvocationTargetException;
 import java.sql.Connection;
+import java.sql.DatabaseMetaData;
 import java.sql.Date;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
@@ -508,6 +509,7 @@ public class UserInitializer {
 		String client_ip = request.getRemoteAddr();
 		String client_dns = request.getRemoteHost();
 		String protend = "";
+		
 		userid = null;
 		// System.out.println("c1");
 		if (SxPools.get(mandantenID).getSqlDialect().equals("Postgres")) {
@@ -518,10 +520,14 @@ public class UserInitializer {
 		Connection myConnection = null;
 		try {
 			myConnection = SxPools.getConnection(mandantenID);
+			boolean isUserinfoMitGueltigkeit=checkUserinfoMitGueltigkeit(myConnection);
+			String select="select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch from userinfo where benutzer = ? ";
+			if (isUserinfoMitGueltigkeit) {
+				select+= "and ( (gueltig_von is null or gueltig_von<=today()) and (gueltig_bis is null or gueltig_bis>=today()) )";
+			}
 			Statement stm = myConnection.createStatement();
 			PreparedStatement pst = myConnection
-					.prepareStatement("select tid, passwd_sha, administration, kennwort,akt_versuch,max_versuch"
-							+ " from userinfo where benutzer = ?");
+					.prepareStatement(select);
 			pst.setString(1, user);
 			ResultSet rs = pst.executeQuery();
 			while (rs.next()) {
@@ -543,7 +549,7 @@ public class UserInitializer {
 				int akt_versuch = rs.getInt(5);
 				int max_versuch = rs.getInt(6);
 
-				if (akt_versuch > max_versuch) {
+				if (akt_versuch > max_versuch|| max_versuch==0) {
 					rs.close();
 					pst.close();
 					stm.close();
@@ -561,7 +567,7 @@ public class UserInitializer {
 						+ "'" + protend);
 				stm.close();
 				myConnection.close();
-				throw new NichtAngemeldetException("Kein Benutzer " + user + " in Datenbank vorhanden");
+				throw new NichtAngemeldetException("Kein gültiger Benutzer " + user + " in Datenbank vorhanden");
 			}
 			if (passwort == null)
 				passwort = "dummy"; // bei LDAP oder so
@@ -618,7 +624,22 @@ public class UserInitializer {
 
 		}
 	}
-
+	private boolean checkUserinfoMitGueltigkeit(Connection dbConnection) throws SQLException
+	{
+		boolean result=false;
+		Statement stm = dbConnection.createStatement();
+			DatabaseMetaData md = dbConnection.getMetaData();
+	
+			ResultSet	rs = md.getColumns(null, null, "userinfo", null);
+			while (rs.next()) {
+					if (rs.getString(4).equals("gueltig_von")) {
+					result=true;	
+				}
+			}
+			rs.close();
+			return result;
+			
+	}
 	private void updateLastLogin(Connection myConnection) throws SQLException {
 		PreparedStatement pst3 = myConnection.prepareStatement("select count(*) from user_pw where userinfo_id=?");
 		pst3.setInt(1, userid.intValue());
diff --git a/superx/WEB-INF/conf/edustore/db/install/conf/kern.xml b/superx/WEB-INF/conf/edustore/db/install/conf/kern.xml
index de8624e..af763f4 100644
--- a/superx/WEB-INF/conf/edustore/db/install/conf/kern.xml
+++ b/superx/WEB-INF/conf/edustore/db/install/conf/kern.xml
@@ -1728,6 +1728,8 @@
 				default ="0" notnull ="false" description="Darf der User Projekte sehen" />
 				<column name="extern_role_id" type="INTEGER" size="9"
                     default="" notnull="false" />
+                <column name="gueltig_von" type="date" description="Beginn Gültigkeit"/>
+                <column name="gueltig_bis" type="date" description="Ende Gültigkeit"/>
 			</columns>
 			<indexes>
 				<index name="i_userinfo" type="unique">
@@ -10539,6 +10541,8 @@ Außerdem können Sie hier dem Benutzer Berechtigungen über Gruppen, Sachgebiet
 <customfield name="name" nullFieldValue=""/>
 <customfield name="email" nullFieldValue=""/>
 <customfield name="admin" type="include" path="/edit/kern/userinfo_edit_admin.inc"/>
+<customfield name="gueltig_von" nullFieldValue=""/>
+<customfield name="gueltig_bis" nullFieldValue=""/>
 <customfield name="max_versuch" nullFieldValue=""/>
 <customfield name="akt_versuch" nullFieldValue=""/>
 <customfield name="password" type="include" path="/edit/kern/userinfo_edit_pw.inc"/>