1 |
diff -up e-smith-base-5.2.0/root/etc/e-smith/web/panels/password/cgi-bin/userpassword.allow-admin-pwd-change e-smith-base-5.2.0/root/etc/e-smith/web/panels/password/cgi-bin/userpassword |
2 |
--- e-smith-base-5.2.0/root/etc/e-smith/web/panels/password/cgi-bin/userpassword.allow-admin-pwd-change 2008-08-20 23:17:24.000000000 +0200 |
3 |
+++ e-smith-base-5.2.0/root/etc/e-smith/web/panels/password/cgi-bin/userpassword 2010-03-09 20:52:12.000000000 +0100 |
4 |
@@ -26,8 +26,10 @@ use strict; |
5 |
use esmith::FormMagick; |
6 |
use esmith::util; |
7 |
use esmith::ConfigDB; |
8 |
+use esmith::AccountsDB; |
9 |
|
10 |
our $configdb = esmith::ConfigDB->open(); |
11 |
+our $accountsdb = esmith::AccountsDB->open(); |
12 |
my $fm = new esmith::FormMagick; |
13 |
$fm->display(); |
14 |
|
15 |
@@ -117,14 +119,47 @@ Validates the password using the desired |
16 |
=cut |
17 |
|
18 |
sub check_password { |
19 |
- my $fm = shift; |
20 |
- my $pass1 = shift; |
21 |
- |
22 |
- my $check_type; |
23 |
- my $rec = $configdb->get('passwordstrength'); |
24 |
+ |
25 |
+ my $fm = shift; |
26 |
+ |
27 |
+ my $pass1 = $fm->{cgi}->param('pass'); |
28 |
+ my $acctName = $fm->{cgi}->param('account'); |
29 |
+ |
30 |
+ my $check_type; |
31 |
+ my $rec = $configdb->get('passwordstrength'); |
32 |
+ |
33 |
+ if (is_admin($acctName)) |
34 |
+ $check_type = ($rec ? ($rec->prop('Admin') || 'none') : 'none'); |
35 |
+ else |
36 |
$check_type = ($rec ? ($rec->prop('Users') || 'none') : 'none'); |
37 |
- |
38 |
- return $fm->validate_password($check_type,$pass1); |
39 |
+ |
40 |
+ return $fm->validate_password($check_type,$pass1); |
41 |
+} |
42 |
+ |
43 |
+=pod |
44 |
+ |
45 |
+=head2 is_admin |
46 |
+ |
47 |
+Checks whether the user is admin or member of the so-called Domain Admins group |
48 |
+ |
49 |
+=cut |
50 |
+ |
51 |
+sub is_admin { |
52 |
+ |
53 |
+ my $fm = shift; |
54 |
+ my $acctName = shift; |
55 |
+ |
56 |
+ if ($acctName eq 'admin') return 1; |
57 |
+ |
58 |
+ # Find possible Domain Admins group |
59 |
+ my $adminGroup = $db->get_all_by_prop('Description' => 'Domain Admins') || ''; |
60 |
+ |
61 |
+ if ($adminGroup eq '') return false; |
62 |
+ |
63 |
+ my $members = $accountsdb->getprop($adminGroup, 'Members') || ''; |
64 |
+ |
65 |
+ return (",$members," =~ m/,$acctName,/); |
66 |
+ |
67 |
} |
68 |
|
69 |
__DATA__ |