From c500f53749173b51405a959161293c2f27f83e77 Mon Sep 17 00:00:00 2001 From: Juan Ferrer Toribio Date: Tue, 2 May 2017 14:33:48 +0200 Subject: [PATCH] MySQL errors bypass --- debian/changelog | 2 +- forms/account/conf/conf.js | 2 +- rest/core/account.php | 68 +++++++++++++++++------------------ rest/core/change-password.php | 2 +- rest/core/locale/es.json | 7 ++++ rest/core/query.php | 32 ++++------------- rest/core/set-password.php | 2 +- rest/core/sync-user.php | 2 +- web/service.php | 15 ++++++-- 9 files changed, 65 insertions(+), 67 deletions(-) create mode 100755 rest/core/locale/es.json diff --git a/debian/changelog b/debian/changelog index e9e978a3..88a4c572 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -hedera-web (1.399-deb8) stable; urgency=low +hedera-web (1.400-deb8) stable; urgency=low * Initial Release. diff --git a/forms/account/conf/conf.js b/forms/account/conf/conf.js index 0e7246d6..bedca053 100644 --- a/forms/account/conf/conf.js +++ b/forms/account/conf/conf.js @@ -60,7 +60,7 @@ Hedera.Conf = new Class } else { - Htk.Toast.showError (_('Password doesn\'t meet the requirements')); + Htk.Toast.showError (error.message); this.$('old-password').select (); } } diff --git a/rest/core/account.php b/rest/core/account.php index 58d0cfd5..1984e7ba 100755 --- a/rest/core/account.php +++ b/rest/core/account.php @@ -2,15 +2,8 @@ class Account { - const USER = 1 << 1; - const PASS = 1 << 2; - - static function sync ($db, $user, $password = NULL, $sync = self::USER) + static function sync ($db, $user, $password = NULL) { - $conf = $db->getRow ( - 'SELECT sambaHost, homesHost, sshUser, sshPass FROM account.accountConfig'); - $sshPass = base64_decode ($conf['sshPass']); - $hasAccount = $db->getValue ( 'SELECT COUNT(*) > 0 FROM account.user u @@ -21,41 +14,49 @@ class Account if (!$hasAccount) return; + + $conf = $db->getRow ( + 'SELECT sambaHost, homesHost, sshUser, sshPass + FROM account.accountConfig' + ); + $sshPass = base64_decode ($conf['sshPass']); - $sambaSsh = new SshConnection ($conf['sambaHost'] + $samba = new SshConnection ($conf['sambaHost'] + ,$conf['sshUser'] + ,$sshPass + ); + $homes = new SshConnection ($conf['homesHost'] ,$conf['sshUser'] ,$sshPass ); - if ($sync & self::USER) - { - $userId = $db->getValue ('SELECT id FROM account.user WHERE name = #', [$user]); - $accConf = $db->getRow ('SELECT uidBase, domain FROM account.accountConfig'); + $escUser = SshConnection::escape ($user); - $escUser = SshConnection::escape ($user); - $escUid = SshConnection::escape ($accConf['uidBase'] + $userId); - $escMail = SshConnection::escape ("$user@{$accConf['domain']}"); + // Creates the Samba user and initializes it's home directory - $sambaSsh->exec ( - "/mnt/cluster/scripts/create-user.sh $escUser $escUid $escMail"); + $userId = $db->getValue ( + 'SELECT id FROM account.user WHERE name = #', [$user]); + $accConf = $db->getRow ( + 'SELECT uidBase, domain FROM account.accountConfig'); - $homesSsh = new SshConnection ($conf['homesHost'] - ,$conf['sshUser'] - ,$sshPass - ); - $homesSsh->exec ( - "/mnt/storage/scripts/create-user.sh $escUser"); - } + $escUid = SshConnection::escape ($accConf['uidBase'] + $userId); + $escMail = SshConnection::escape ("$user@{$accConf['domain']}"); - if ($sync & self::PASS && !empty ($password)) - { - $escUser = SshConnection::escape ($user); - $escPassword = SshConnection::escape ($password); - $sambaSsh->exec ( - "/mnt/cluster/scripts/set-password.sh $escUser $escPassword"); + $samba->exec ( + "/mnt/cluster/scripts/create-user.sh $escUser $escUid $escMail"); + $homes->exec ( + "/mnt/storage/scripts/create-user.sh $escUser"); - new SshConnection ($conf['homesHost'], $user, $password); - } + // Syncronizes the Samba password + + if (empty ($password)) + return; + + $escPassword = SshConnection::escape ($password); + $samba->exec ( + "/mnt/cluster/scripts/set-password.sh $escUser $escPassword"); + + new SshConnection ($conf['homesHost'], $user, $password); } } @@ -97,4 +98,3 @@ class SshConnection return '"'. str_replace ('"', '\\"', $str) .'"'; } } - diff --git a/rest/core/change-password.php b/rest/core/change-password.php index 5b53adfc..2ea7b523 100755 --- a/rest/core/change-password.php +++ b/rest/core/change-password.php @@ -16,7 +16,7 @@ class ChangePassword extends Vn\Web\JsonRequest $db->query ('CALL account.userChangePassword (#, #)', [$oldPassword, $newPassword]); - Account::sync ($db, $_SESSION['user'], $newPassword, Account::PASS | Account::USER); + Account::sync ($db, $_SESSION['user'], $newPassword); return TRUE; } } diff --git a/rest/core/locale/es.json b/rest/core/locale/es.json new file mode 100755 index 00000000..f33bd628 --- /dev/null +++ b/rest/core/locale/es.json @@ -0,0 +1,7 @@ +{ + "InvalidAction": "Acción inválida" + ,"EmptyQuery": "Consulta vacía" + ,"Invalid password": "Contraseña inválida" + ,"Password does not meet requirements": + "La nueva contraseña no reune los requisitos de seguridad necesarios" +} diff --git a/rest/core/query.php b/rest/core/query.php index a1641e43..1e3243c1 100755 --- a/rest/core/query.php +++ b/rest/core/query.php @@ -53,35 +53,17 @@ class Query extends Vn\Web\JsonRequest } catch (Vn\Db\Exception $e) { - $row = NULL; - $code = $e->getCode (); - $message = $e->getMessage (); - - switch ($code) + if ($e->getCode () == 1644) { - case 1644: // ER_SIGNAL_EXCEPTION - { - $sql = 'SELECT description, #code code '. - 'FROM sql_message WHERE code = #code'; - $row = $db->getRow ($sql, ['code' => $message]); - break; - } - case 1305: // ER_SP_DOES_NOT_EXIST - { - if (strpos ($message, 'EXCEPTION') === FALSE) - break; + $dbMessage = $e->getMessage (); + $sql = 'SELECT description FROM sql_message WHERE code = #'; + $message = $db->getValue ($sql, [$dbMessage]); - $sql = 'SELECT description, @err code '. - 'FROM sql_message WHERE code = @err'; - $row = $db->getRow ($sql); - break; - } + if ($message) + throw new Lib\UserException ($message, $dbMessage); } - if ($row) - throw new Lib\UserException ($row['description'], $row['code']); - else - throw $e; + throw $e; } return $results; diff --git a/rest/core/set-password.php b/rest/core/set-password.php index 446390c3..fb74615b 100755 --- a/rest/core/set-password.php +++ b/rest/core/set-password.php @@ -19,7 +19,7 @@ class SetPassword extends Vn\Web\JsonRequest $db->query ('CALL account.userSetPassword (#, #)', [$setUser, $setPassword]); - Account::sync ($db, $setUser, $setPassword, Account::PASS); + Account::sync ($db, $setUser, $setPassword); return TRUE; } } diff --git a/rest/core/sync-user.php b/rest/core/sync-user.php index 21b0abd1..0d6198de 100755 --- a/rest/core/sync-user.php +++ b/rest/core/sync-user.php @@ -12,7 +12,7 @@ class SyncUser extends Vn\Web\JsonRequest function run ($db) { - Account::sync ($db, $_REQUEST['syncUser'], NULL, Account::USER); + Account::sync ($db, $_REQUEST['syncUser'], NULL); return TRUE; } } diff --git a/web/service.php b/web/service.php index cd3d92e1..8ec6e3ab 100755 --- a/web/service.php +++ b/web/service.php @@ -2,6 +2,7 @@ namespace Vn\Web; +use Vn\Db; use Vn\Lib\Locale; use Vn\Lib\UserException; @@ -144,7 +145,7 @@ abstract class Service $db->query ('CALL account.userLogin (#, #)', [$user, $_POST['password']]); } - catch (\Vn\Db\Exception $e) + catch (Db\Exception $e) { if ($e->getMessage () == 'INVALID_CREDENTIALS') throw new BadLoginException (); @@ -287,9 +288,17 @@ abstract class Service if ($method::PARAMS !== NULL && !$method->checkParams ($_REQUEST, $method::PARAMS)) throw new UserException (s('Missing parameters')); - Locale::addPath ("rest/{$_REQUEST['method']}"); + Locale::addPath ('rest/'. dirname ($_REQUEST['method'])); + + try { + $res = $method->run ($methodDb); + } + catch (Db\Exception $e) + { + if ($e->getCode () == 1644) + throw new UserException (s($e->getMessage ())); + } - $res = $method->run ($methodDb); $db->query ('CALL account.userLogout ()'); return $res;