MySQL errors bypass

debian/changelog

@@ -1,4 +1,4 @@
-hedera-web (1.399-deb8) stable; urgency=low
+hedera-web (1.400-deb8) stable; urgency=low
 
   * Initial Release.
 

forms/account/conf/conf.js

@@ -60,7 +60,7 @@ Hedera.Conf = new Class
 		}
 		else
 		{
-			Htk.Toast.showError (_('Password doesn\'t meet the requirements'));
+			Htk.Toast.showError (error.message);
 			this.$('old-password').select ();
 		}
 	}

rest/core/account.php

@@ -2,15 +2,8 @@
 
 class Account
 {
-	const USER = 1 << 1;
+	static function sync ($db, $user, $password = NULL)
-	const PASS = 1 << 2;
-
-	static function sync ($db, $user, $password = NULL, $sync = self::USER)
 	{
-		$conf = $db->getRow (
-			'SELECT sambaHost, homesHost, sshUser, sshPass FROM account.accountConfig');
-		$sshPass = base64_decode ($conf['sshPass']);
-
 		$hasAccount = $db->getValue (
 			'SELECT COUNT(*) > 0
 				FROM account.user u
@@ -22,41 +15,49 @@ class Account
 		if (!$hasAccount)
 			return;
 
-		$sambaSsh = new SshConnection ($conf['sambaHost']
+		$conf = $db->getRow (
+			'SELECT sambaHost, homesHost, sshUser, sshPass
+				FROM account.accountConfig'
+		);
+		$sshPass = base64_decode ($conf['sshPass']);
+			
+		$samba = new SshConnection ($conf['sambaHost']
+			,$conf['sshUser']
+			,$sshPass
+		);
+		$homes = new SshConnection ($conf['homesHost']
 			,$conf['sshUser']
 			,$sshPass
 		);
 
-		if ($sync & self::USER)
-		{
-			$userId = $db->getValue ('SELECT id FROM account.user WHERE name = #', [$user]);
-			$accConf = $db->getRow ('SELECT uidBase, domain FROM account.accountConfig');
-
 		$escUser = SshConnection::escape ($user);
+
+		// Creates the Samba user and initializes it's home directory
+
+		$userId = $db->getValue (
+			'SELECT id FROM account.user WHERE name = #', [$user]);
+		$accConf = $db->getRow (
+			'SELECT uidBase, domain FROM account.accountConfig');
+
 		$escUid = SshConnection::escape ($accConf['uidBase'] + $userId);
 		$escMail = SshConnection::escape ("$user@{$accConf['domain']}");
 
-			$sambaSsh->exec (
+		$samba->exec (
 			"/mnt/cluster/scripts/create-user.sh $escUser $escUid $escMail");
-
+		$homes->exec (
-			$homesSsh = new SshConnection ($conf['homesHost']
-				,$conf['sshUser']
-				,$sshPass
-			);				
-			$homesSsh->exec (
 			"/mnt/storage/scripts/create-user.sh $escUser");
-		}
 
-		if ($sync & self::PASS && !empty ($password))
+		// Syncronizes the Samba password
-		{
+
-			$escUser = SshConnection::escape ($user);
+		if (empty ($password))
+			return;
+
 		$escPassword = SshConnection::escape ($password);
-			$sambaSsh->exec (
+		$samba->exec (
 			"/mnt/cluster/scripts/set-password.sh $escUser $escPassword");
 
 		new SshConnection ($conf['homesHost'], $user, $password);
 	}
-	}
 }
 
 class SshConnection
@@ -97,4 +98,3 @@ class SshConnection
 		return '"'. str_replace ('"', '\\"', $str) .'"';
 	}
 }
-

rest/core/change-password.php

@@ -16,7 +16,7 @@ class ChangePassword extends Vn\Web\JsonRequest
 
 		$db->query ('CALL account.userChangePassword (#, #)',
 			[$oldPassword, $newPassword]);
-		Account::sync ($db, $_SESSION['user'], $newPassword, Account::PASS | Account::USER);
+		Account::sync ($db, $_SESSION['user'], $newPassword);
 		return TRUE;
 	}
 }

rest/core/locale/es.json

@@ -0,0 +1,7 @@
+{
+	 "InvalidAction": "Acción inválida"
+	,"EmptyQuery": "Consulta vacía"
+	,"Invalid password": "Contraseña inválida"
+	,"Password does not meet requirements":
+		"La nueva contraseña no reune los requisitos de seguridad necesarios"
+}

rest/core/query.php

@@ -53,34 +53,16 @@ class Query extends Vn\Web\JsonRequest
 		}
 		catch (Vn\Db\Exception $e)
 		{
-			$row = NULL;
+			if ($e->getCode () == 1644)
-			$code = $e->getCode ();
+			{
-			$message = $e->getMessage ();
+				$dbMessage = $e->getMessage ();
+				$sql = 'SELECT description FROM sql_message WHERE code = #';
+				$message = $db->getValue ($sql, [$dbMessage]);
 
-			switch ($code)
+				if ($message)
-			{
+					throw new Lib\UserException ($message, $dbMessage);
-				case 1644: // ER_SIGNAL_EXCEPTION
-				{
-					$sql = 'SELECT description, #code code '.
-						'FROM sql_message WHERE code = #code';
-					$row = $db->getRow ($sql, ['code' => $message]);
-					break;
-				}
-				case 1305: // ER_SP_DOES_NOT_EXIST
-				{
-					if (strpos ($message, 'EXCEPTION') === FALSE)
-						break;
-
-					$sql = 'SELECT description, @err code '.
-						'FROM sql_message WHERE code = @err';
-					$row = $db->getRow ($sql);
-					break;
-				}
 			}
 
-			if ($row)
-				throw new Lib\UserException ($row['description'], $row['code']);
-			else
 			throw $e;
 		}
 

rest/core/set-password.php

@@ -19,7 +19,7 @@ class SetPassword extends Vn\Web\JsonRequest
 		
 		$db->query ('CALL account.userSetPassword (#, #)',
 			[$setUser, $setPassword]);
-		Account::sync ($db, $setUser, $setPassword, Account::PASS);
+		Account::sync ($db, $setUser, $setPassword);
 		return TRUE;
 	}
 }

rest/core/sync-user.php

@@ -12,7 +12,7 @@ class SyncUser extends Vn\Web\JsonRequest
 
 	function run ($db)
 	{
-		Account::sync ($db, $_REQUEST['syncUser'], NULL, Account::USER);	
+		Account::sync ($db, $_REQUEST['syncUser'], NULL);	
 		return TRUE;
 	}
 }

web/service.php

@@ -2,6 +2,7 @@
 
 namespace Vn\Web;
 
+use Vn\Db;
 use Vn\Lib\Locale;
 use Vn\Lib\UserException;
 
@@ -144,7 +145,7 @@ abstract class Service
 				$db->query ('CALL account.userLogin (#, #)',
 					[$user, $_POST['password']]);
 			}
-			catch (\Vn\Db\Exception $e)
+			catch (Db\Exception $e)
 			{
 				if ($e->getMessage () == 'INVALID_CREDENTIALS')
 					throw new BadLoginException ();
@@ -287,9 +288,17 @@ abstract class Service
 		if ($method::PARAMS !== NULL && !$method->checkParams ($_REQUEST, $method::PARAMS))
 			throw new UserException  (s('Missing parameters'));
 		
-		Locale::addPath ("rest/{$_REQUEST['method']}");
+		Locale::addPath ('rest/'. dirname ($_REQUEST['method']));
 
+		try {
 			$res = $method->run ($methodDb);
+		}
+		catch (Db\Exception $e)
+		{
+			if ($e->getCode () == 1644)
+				throw new UserException (s($e->getMessage ()));
+		}
+
 		$db->query ('CALL account.userLogout ()');
 		
 		return $res;