0
1
Fork 0

MySQL errors bypass

This commit is contained in:
Juan Ferrer Toribio 2017-05-02 14:33:48 +02:00
parent cb305ca7d9
commit c500f53749
9 changed files with 65 additions and 67 deletions

2
debian/changelog vendored
View File

@ -1,4 +1,4 @@
hedera-web (1.399-deb8) stable; urgency=low
hedera-web (1.400-deb8) stable; urgency=low
* Initial Release.

View File

@ -60,7 +60,7 @@ Hedera.Conf = new Class
}
else
{
Htk.Toast.showError (_('Password doesn\'t meet the requirements'));
Htk.Toast.showError (error.message);
this.$('old-password').select ();
}
}

View File

@ -2,15 +2,8 @@
class Account
{
const USER = 1 << 1;
const PASS = 1 << 2;
static function sync ($db, $user, $password = NULL, $sync = self::USER)
static function sync ($db, $user, $password = NULL)
{
$conf = $db->getRow (
'SELECT sambaHost, homesHost, sshUser, sshPass FROM account.accountConfig');
$sshPass = base64_decode ($conf['sshPass']);
$hasAccount = $db->getValue (
'SELECT COUNT(*) > 0
FROM account.user u
@ -22,40 +15,48 @@ class Account
if (!$hasAccount)
return;
$sambaSsh = new SshConnection ($conf['sambaHost']
$conf = $db->getRow (
'SELECT sambaHost, homesHost, sshUser, sshPass
FROM account.accountConfig'
);
$sshPass = base64_decode ($conf['sshPass']);
$samba = new SshConnection ($conf['sambaHost']
,$conf['sshUser']
,$sshPass
);
$homes = new SshConnection ($conf['homesHost']
,$conf['sshUser']
,$sshPass
);
if ($sync & self::USER)
{
$userId = $db->getValue ('SELECT id FROM account.user WHERE name = #', [$user]);
$accConf = $db->getRow ('SELECT uidBase, domain FROM account.accountConfig');
$escUser = SshConnection::escape ($user);
$escUser = SshConnection::escape ($user);
$escUid = SshConnection::escape ($accConf['uidBase'] + $userId);
$escMail = SshConnection::escape ("$user@{$accConf['domain']}");
// Creates the Samba user and initializes it's home directory
$sambaSsh->exec (
"/mnt/cluster/scripts/create-user.sh $escUser $escUid $escMail");
$userId = $db->getValue (
'SELECT id FROM account.user WHERE name = #', [$user]);
$accConf = $db->getRow (
'SELECT uidBase, domain FROM account.accountConfig');
$homesSsh = new SshConnection ($conf['homesHost']
,$conf['sshUser']
,$sshPass
);
$homesSsh->exec (
"/mnt/storage/scripts/create-user.sh $escUser");
}
$escUid = SshConnection::escape ($accConf['uidBase'] + $userId);
$escMail = SshConnection::escape ("$user@{$accConf['domain']}");
if ($sync & self::PASS && !empty ($password))
{
$escUser = SshConnection::escape ($user);
$escPassword = SshConnection::escape ($password);
$sambaSsh->exec (
"/mnt/cluster/scripts/set-password.sh $escUser $escPassword");
$samba->exec (
"/mnt/cluster/scripts/create-user.sh $escUser $escUid $escMail");
$homes->exec (
"/mnt/storage/scripts/create-user.sh $escUser");
new SshConnection ($conf['homesHost'], $user, $password);
}
// Syncronizes the Samba password
if (empty ($password))
return;
$escPassword = SshConnection::escape ($password);
$samba->exec (
"/mnt/cluster/scripts/set-password.sh $escUser $escPassword");
new SshConnection ($conf['homesHost'], $user, $password);
}
}
@ -97,4 +98,3 @@ class SshConnection
return '"'. str_replace ('"', '\\"', $str) .'"';
}
}

View File

@ -16,7 +16,7 @@ class ChangePassword extends Vn\Web\JsonRequest
$db->query ('CALL account.userChangePassword (#, #)',
[$oldPassword, $newPassword]);
Account::sync ($db, $_SESSION['user'], $newPassword, Account::PASS | Account::USER);
Account::sync ($db, $_SESSION['user'], $newPassword);
return TRUE;
}
}

7
rest/core/locale/es.json Executable file
View File

@ -0,0 +1,7 @@
{
"InvalidAction": "Acción inválida"
,"EmptyQuery": "Consulta vacía"
,"Invalid password": "Contraseña inválida"
,"Password does not meet requirements":
"La nueva contraseña no reune los requisitos de seguridad necesarios"
}

View File

@ -53,35 +53,17 @@ class Query extends Vn\Web\JsonRequest
}
catch (Vn\Db\Exception $e)
{
$row = NULL;
$code = $e->getCode ();
$message = $e->getMessage ();
switch ($code)
if ($e->getCode () == 1644)
{
case 1644: // ER_SIGNAL_EXCEPTION
{
$sql = 'SELECT description, #code code '.
'FROM sql_message WHERE code = #code';
$row = $db->getRow ($sql, ['code' => $message]);
break;
}
case 1305: // ER_SP_DOES_NOT_EXIST
{
if (strpos ($message, 'EXCEPTION') === FALSE)
break;
$dbMessage = $e->getMessage ();
$sql = 'SELECT description FROM sql_message WHERE code = #';
$message = $db->getValue ($sql, [$dbMessage]);
$sql = 'SELECT description, @err code '.
'FROM sql_message WHERE code = @err';
$row = $db->getRow ($sql);
break;
}
if ($message)
throw new Lib\UserException ($message, $dbMessage);
}
if ($row)
throw new Lib\UserException ($row['description'], $row['code']);
else
throw $e;
throw $e;
}
return $results;

View File

@ -19,7 +19,7 @@ class SetPassword extends Vn\Web\JsonRequest
$db->query ('CALL account.userSetPassword (#, #)',
[$setUser, $setPassword]);
Account::sync ($db, $setUser, $setPassword, Account::PASS);
Account::sync ($db, $setUser, $setPassword);
return TRUE;
}
}

View File

@ -12,7 +12,7 @@ class SyncUser extends Vn\Web\JsonRequest
function run ($db)
{
Account::sync ($db, $_REQUEST['syncUser'], NULL, Account::USER);
Account::sync ($db, $_REQUEST['syncUser'], NULL);
return TRUE;
}
}

View File

@ -2,6 +2,7 @@
namespace Vn\Web;
use Vn\Db;
use Vn\Lib\Locale;
use Vn\Lib\UserException;
@ -144,7 +145,7 @@ abstract class Service
$db->query ('CALL account.userLogin (#, #)',
[$user, $_POST['password']]);
}
catch (\Vn\Db\Exception $e)
catch (Db\Exception $e)
{
if ($e->getMessage () == 'INVALID_CREDENTIALS')
throw new BadLoginException ();
@ -287,9 +288,17 @@ abstract class Service
if ($method::PARAMS !== NULL && !$method->checkParams ($_REQUEST, $method::PARAMS))
throw new UserException (s('Missing parameters'));
Locale::addPath ("rest/{$_REQUEST['method']}");
Locale::addPath ('rest/'. dirname ($_REQUEST['method']));
try {
$res = $method->run ($methodDb);
}
catch (Db\Exception $e)
{
if ($e->getCode () == 1644)
throw new UserException (s($e->getMessage ()));
}
$res = $method->run ($methodDb);
$db->query ('CALL account.userLogout ()');
return $res;