FIX Check of date of validity
This commit is contained in:
Laurent Destailleur
parent
dfcba30577
commit
0765a1196f
@ -144,6 +144,7 @@ class DolibarrApiAccess implements iAuthenticate
|
||||
throw new RestException(503, 'Error when searching login user from api key');
|
||||
}
|
||||
|
||||
|
||||
$genericmessageerroruser = 'Error user not valid (not found or bad status or bad validity dates) (conf->entity='.$conf->entity.')';
|
||||
|
||||
$fuser = new User($this->db);
|
||||
@ -151,8 +152,12 @@ class DolibarrApiAccess implements iAuthenticate
|
||||
if ($result <= 0) {
|
||||
throw new RestException(503, $genericmessageerroruser);
|
||||
}
|
||||
if ($fuser->statut == 0) {
|
||||
throw new RestException(503, 'Error when fetching user. This user has been locked or disabled');
|
||||
|
||||
// Check if user status is enabled
|
||||
if ($fuser->statut != $fuser::STATUS_ENABLED) {
|
||||
// Status is disabled
|
||||
dol_syslog("The user has been disabled");
|
||||
throw new RestException(503, $genericmessageerroruser);
|
||||
}
|
||||
|
||||
// Check if session was unvalidated by a password change
|
||||
|
||||
@ -131,6 +131,13 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check if user status is enabled
|
||||
if ($user->statut != $user::STATUS_ENABLED) {
|
||||
// Status is disabled
|
||||
dol_syslog("The user has been disabled.");
|
||||
return false;
|
||||
}
|
||||
|
||||
// Check if session was unvalidated by a password change
|
||||
if (($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])) {
|
||||
// Session is no more valid
|
||||
|
||||
@ -303,7 +303,7 @@ ErrorValueForTooLow=Value for <b>%s</b> is too low
|
||||
ErrorValueCantBeNull=Value for <b>%s</b> can't be null
|
||||
ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission
|
||||
ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s)
|
||||
ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password change. Please relogin.
|
||||
ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password or dates of validity change. Please relogin.
|
||||
|
||||
# Warnings
|
||||
WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup.
|
||||
|
||||
@ -881,7 +881,7 @@ if (!defined('NOLOGIN')) {
|
||||
|
||||
$resultFetchUser = $user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); // value for $login was retrieved previously when checking password.
|
||||
if ($resultFetchUser <= 0 || $user->isNotIntoValidityDateRange()) {
|
||||
dol_syslog('User not found, connexion refused');
|
||||
dol_syslog('User not found or not valid, connexion refused');
|
||||
session_destroy();
|
||||
session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie
|
||||
session_name($sessionname);
|
||||
@ -949,15 +949,22 @@ if (!defined('NOLOGIN')) {
|
||||
dol_syslog("- This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG);
|
||||
|
||||
$resultFetchUser = $user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1));
|
||||
|
||||
//var_dump(dol_print_date($user->flagdelsessionsbefore, 'dayhour', 'gmt')." ".dol_print_date($_SESSION["dol_logindate"], 'dayhour', 'gmt'));
|
||||
|
||||
if ($resultFetchUser <= 0
|
||||
|| ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])
|
||||
|| ($user->isNotIntoValidtyDateRange())) {
|
||||
|| ($user->status != $user::STATUS_ENABLED)
|
||||
|| ($user->isNotIntoValidityDateRange())) {
|
||||
if ($resultFetchUser <= 0) {
|
||||
// Account has been removed after login
|
||||
dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING);
|
||||
} elseif ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) {
|
||||
// Session is no more valid
|
||||
dol_syslog("The user has a date for session invalidation = ".$user->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions.");
|
||||
} elseif ($user->status != $user::STATUS_ENABLED) {
|
||||
// User is not enabled
|
||||
dol_syslog("The user login is disabled");
|
||||
} else {
|
||||
// User validity dates are no more valid
|
||||
dol_syslog("The user login has a validity between [".$user->datestartvalidity." and ".$user->dateendvalidity."], curren date is ".dol_now());
|
||||
|
||||
@ -2702,24 +2702,26 @@ class User extends CommonObject
|
||||
* Return a link with photo
|
||||
* Use this->id,this->photo
|
||||
*
|
||||
* @return int 0=No more valid, >0 if OK
|
||||
* @return int 0=Valid, >0 if not valid
|
||||
*/
|
||||
public function isNotIntoValidtyDateRange()
|
||||
public function isNotIntoValidityDateRange()
|
||||
{
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
|
||||
|
||||
$now = dol_now();
|
||||
|
||||
//dol_syslog("isNotIntoValidityDateRange ".$this->datestartvalidity);
|
||||
|
||||
// Check date start validity
|
||||
if ($this->datestartvalidity && $this->datestartvalidity > dol_get_last_hour($now)) {
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
// Check date end validity
|
||||
if ($this->dateendvalidity && $this->dateendvalidity < dol_get_first_hour($now)) {
|
||||
return 0;
|
||||
return 1;
|
||||
}
|
||||
|
||||
return 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user