Changeset 27349

Show
Ignore:
Timestamp:
15.05.2013 16:12:53 (6 years ago)
Author:
ak19
Message:

1. Updated timestamp for a key that has been reused should not have a newline at its end. 2. Changed baseaction::authenticate_user() to go through dbutil to read users.gdb and key.gdb rather than directly using db2txt, since it makes the code easier to understand.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/perllib/cgiactions/baseaction.pm

    r27323 r27349  
    248248    my $users_db_file_path = &util::filename_cat($etc_directory, "users.gdb"); 
    249249 
    250     # Use db2txt to get the user accounts information 
    251     my $users_db_content = ""; 
    252     open(USERS_DB, "db2txt \"$users_db_file_path\" |"); 
    253     while (<USERS_DB>) { 
    254     $users_db_content .= $_; 
    255     } 
    256  
    257     # Get the user account information from the users.gdb database 
    258     my %users_db_data = (); 
    259     foreach my $users_db_entry (split(/-{70}/, $users_db_content)) { 
    260     if ($users_db_entry =~ /\n?\[(.+)\]\n/) { 
    261         $users_db_data{$1} = $users_db_entry; 
    262     } 
    263     } 
    264  
     250    # Use dbutil to get the user accounts information 
     251    # infodbtype can be different for different collections, but the userDB and keyDB are gdbm 
     252 
     253    my $user_rec = &dbutil::read_infodb_entry("gdbm", $users_db_file_path, $username); 
    265254    # Check username 
    266     my $user_data = $users_db_data{$username}; 
    267     if (!defined $user_data) { 
     255    if (!defined $user_rec) { 
    268256    $gsdl_cgi->generate_error("Authentication failed: no account for user '$username'."); 
    269257    } 
     
    271259    # Check password 
    272260    if(defined $user_password) { 
    273     my ($valid_user_password) = ($user_data =~ /\<password\>(.*)/); 
     261    my $valid_user_password = $user_rec->{"password"}->[0]; 
    274262    if ($user_password ne $valid_user_password) { 
    275263        $gsdl_cgi->generate_error("Authentication failed: incorrect password."); 
     
    281269    # if the key validates, refresh the key again by setting its timestamp to the present time. 
    282270 
    283     # Use db2txt to get the key accounts information 
     271    # Use dbutil to get the key accounts information 
    284272    my $key_db_file_path = &util::filename_cat($etc_directory, "key.gdb"); 
    285      
    286     my $key_db_content = ""; 
    287     open(USERS_DB, "db2txt \"$key_db_file_path\" |"); 
    288     while (<USERS_DB>) { 
    289         $key_db_content .= $_; 
    290     } 
    291      
    292     my %key_db_data = (); 
    293     foreach my $key_db_entry (split(/-{70}/, $key_db_content)) { 
    294         if ($key_db_entry =~ /\n?\[(.+)\]\n/) { 
    295         $key_db_data{$1} = $key_db_entry; 
    296         } 
    297     } 
    298  
    299     # check key entry 
    300     my $key_data = $key_db_data{$user_key}; 
    301     if (!defined $key_data) { 
     273    my $key_rec = &dbutil::read_infodb_entry("gdbm", $key_db_file_path, $user_key); 
     274 
     275    if (!defined $key_rec) { 
    302276         
    303277        #$gsdl_cgi->generate_error("Authentication failed: invalid key $user_key. Does not exist."); 
     
    305279    } 
    306280    else { 
    307         my ($valid_username) = ($key_data =~ /\<user\>(.*)/); 
     281        my $valid_username = $key_rec->{"user"}->[0]; 
    308282        if ($username ne $valid_username) { 
    309283        $gsdl_cgi->generate_error("Authentication failed: key does not belong to user."); 
     
    316290        my $current_timestamp = time; #localtime(time); 
    317291         
    318         my ($keycreation_time) = ($key_data =~ /\<time\>(.*)/); # of the form: 2013/05/06 14:39:23 
     292        my $keycreation_time = $key_rec->{"time"}->[0]; # of the form: 2013/05/06 14:39:23 
    319293        if ($keycreation_time !~ m/^\s*$/) { # not empty 
    320294         
     
    328302             
    329303            # beware http://community.activestate.com/forum/posixstrftime-problem-e-numeric-day-month 
    330             my $current_time = strftime("%Y/%m/%d %H:%M:%S\n", localtime($current_timestamp)); # POSIX 
     304            my $current_time = strftime("%Y/%m/%d %H:%M:%S", localtime($current_timestamp)); # POSIX 
    331305             
    332306            # infodbtype can be different for different collections, but the key DB is gdbm