Menu
▾
▴
gemstracker-svn
|
From: <gem...@li...> - 2011-11-24 18:38:13
|
Revision: 285
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=285&view=rev
Author: matijsdejong
Date: 2011-11-24 18:38:06 +0000 (Thu, 24 Nov 2011)
Log Message:
-----------
Small fixes in cookie handling.
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2011-11-24 17:17:39 UTC (rev 284)
+++ trunk/library/classes/Gems/User/User.php 2011-11-24 18:38:06 UTC (rev 285)
@@ -374,7 +374,7 @@
$orgId = $this->_getVar('user_organization_id');
//If not set, read it from the cookie
- if (is_null($orgId)) {
+ if ($this->isCurrentUser() && is_null($orgId)) {
$orgId = Gems_Cookies::getOrganization(Zend_Controller_Front::getInstance()->getRequest());
}
return $orgId;
@@ -579,6 +579,19 @@
}
/**
+ * Is this organization in the list of currently allowed organizations?
+ *
+ * @param int $organizationId
+ * @return boolean
+ */
+ public function isAllowedOrganization($organizationId)
+ {
+ $orgs = $this->getAllowedOrganizations();
+
+ return isset($orgs[$organizationId]);
+ }
+
+ /**
* Checks if this user is the current user
*
* @return boolean
@@ -731,10 +744,10 @@
$this->session->requestCache = $requestCache;
}
}
- }
- if (! Gems_Cookies::setOrganization($organizationId, $this->basepath->getBasePath())) {
- throw new Exception($this->translate->_('Cookies must be enabled for this site.'));
+ if (! Gems_Cookies::setOrganization($organizationId, $this->basepath->getBasePath())) {
+ throw new Exception($this->translate->_('Cookies must be enabled for this site.'));
+ }
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2011-11-25 12:56:02
|
Revision: 288
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=288&view=rev
Author: matijsdejong
Date: 2011-11-25 12:55:53 +0000 (Fri, 25 Nov 2011)
Log Message:
-----------
Slight improvement in gotoStartPage: get rid of all parameters
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2011-11-24 19:06:39 UTC (rev 287)
+++ trunk/library/classes/Gems/User/User.php 2011-11-25 12:55:53 UTC (rev 288)
@@ -531,7 +531,7 @@
// Prevent redirecting to the current page.
if (! ($menuItem->is('controller', $request->getControllerName()) && $menuItem->is('action', $request->getActionName()))) {
$redirector = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector');
- $redirector->gotoRoute($menuItem->toRouteUrl($request));
+ $redirector->gotoRoute($menuItem->toRouteUrl($request), null, true);
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2011-12-09 12:40:52
|
Revision: 350
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=350&view=rev
Author: matijsdejong
Date: 2011-12-09 12:40:42 +0000 (Fri, 09 Dec 2011)
Log Message:
-----------
Fix where users stayed OldStaffUser
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2011-12-08 17:01:45 UTC (rev 349)
+++ trunk/library/classes/Gems/User/User.php 2011-12-09 12:40:42 UTC (rev 350)
@@ -215,6 +215,8 @@
*/
public function afterLogin($formValues) {
if (is_callable(array($this->definition, 'afterLogin'))) {
+ // Use the USERS organization, not the one he or she is using currently
+ $formValues['organization'] = $this->getBaseOrganizationId();
$this->definition->afterLogin($this->_authResult, $formValues);
}
}
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2012-04-18 12:53:32
|
Revision: 622
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=622&view=rev
Author: mennodekker
Date: 2012-04-18 12:53:21 +0000 (Wed, 18 Apr 2012)
Log Message:
-----------
And some more cleanup
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2012-04-18 12:44:04 UTC (rev 621)
+++ trunk/library/classes/Gems/User/User.php 2012-04-18 12:53:21 UTC (rev 622)
@@ -126,16 +126,7 @@
protected $userLoader;
/**
- * Use Zend_Auth for authentication
*
- * Warning: Zend_Auth contains only a partial ID of the current user, the base organization is missing
- *
- * @var boolean
- */
- protected $useZendAuth = false;
-
- /**
- *
* @var Gems_Util
*/
protected $util;
@@ -330,9 +321,6 @@
*/
public function authenticate($password)
{
- if ($this->useZendAuth) {
- $zendAuth = Zend_Auth::getInstance();
- }
$auths = $this->loadAuthorizers($password);
foreach ($auths as $result) {
@@ -341,11 +329,7 @@
}
if ($result instanceof Zend_Auth_Adapter_Interface) {
- if ($this->useZendAuth) {
- $result = $zendAuth->authenticate($result);
- } else {
- $result = $result->authenticate();
- }
+ $result = $result->authenticate();
}
if ($result instanceof Zend_Auth_Result) {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2012-05-03 14:25:44
|
Revision: 658
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=658&view=rev
Author: mennodekker
Date: 2012-05-03 13:25:28 +0000 (Thu, 03 May 2012)
Log Message:
-----------
Unit test no longer fails on notice for missing $_SERVER['REMOTE_ADDR'] when run from commandline
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2012-05-03 10:56:16 UTC (rev 657)
+++ trunk/library/classes/Gems/User/User.php 2012-05-03 13:25:28 UTC (rev 658)
@@ -421,7 +421,10 @@
*/
protected function authorizeIp()
{
- if ($this->util->isAllowedIP($_SERVER['REMOTE_ADDR'], $this->getAllowedIPRanges())) {
+ //In unit test REMOTE_ADDR is not available and will return null
+ $request = Zend_Controller_Front::getInstance()->getRequest();
+ $remoteIp = $request->getServer('REMOTE_ADDR');
+ if ($this->util->isAllowedIP($remoteIp, $this->getAllowedIPRanges())) {
return true;
} else {
return $this->translate->_('You are not allowed to login from this location.');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2012-05-07 13:44:37
|
Revision: 675
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=675&view=rev
Author: matijsdejong
Date: 2012-05-07 13:44:28 +0000 (Mon, 07 May 2012)
Log Message:
-----------
Debug code still active
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2012-05-07 12:03:15 UTC (rev 674)
+++ trunk/library/classes/Gems/User/User.php 2012-05-07 13:44:28 UTC (rev 675)
@@ -446,7 +446,7 @@
//In unit test REMOTE_ADDR is not available and will return null
$request = Zend_Controller_Front::getInstance()->getRequest();
$remoteIp = $request->getServer('REMOTE_ADDR');
-
+
//special case: project user should have no restriction
if ($this->project->getSuperAdminName() == $this->getLoginName()) {
return true;
@@ -1224,7 +1224,7 @@
} else {
$fields = $this->getMailFields($locale);
}
- MUtil_Echo::track($fields, $bbBodyTemplate);
+ // MUtil_Echo::track($fields, $bbBodyTemplate);
$fields = MUtil_Ra::braceKeys($fields, '{', '}');
$mail->setSubject(strtr($subjectTemplate, $fields));
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
|
From: <gem...@li...> - 2012-06-05 08:33:51
|
Revision: 736
http://gemstracker.svn.sourceforge.net/gemstracker/?rev=736&view=rev
Author: mennodekker
Date: 2012-06-05 08:33:42 +0000 (Tue, 05 Jun 2012)
Log Message:
-----------
Check for blocked logins first
Only increment failed logins when password failed (use case: project admin tried from not allowed ip blocks access from valid location)
Modified Paths:
--------------
trunk/library/classes/Gems/User/User.php
Modified: trunk/library/classes/Gems/User/User.php
===================================================================
--- trunk/library/classes/Gems/User/User.php 2012-06-04 13:13:16 UTC (rev 735)
+++ trunk/library/classes/Gems/User/User.php 2012-06-05 08:33:42 UTC (rev 736)
@@ -238,7 +238,7 @@
*
* @param Zend_Auth_Result $result
*/
- protected function afterAuthorization(Zend_Auth_Result $result)
+ protected function afterAuthorization(Zend_Auth_Result $result, $lastAuthorizer = null)
{
try {
$select = $this->db->select();
@@ -256,7 +256,7 @@
$values['gula_failed_logins'] = 0;
$values['gula_last_failed'] = null;
$values['gula_block_until'] = null;
- $values['since_last'] = $this->failureBlockCount + 1;
+ $values['since_last'] = $this->failureIgnoreTime + 1;
}
if ($result->isValid()) {
@@ -270,7 +270,8 @@
// Reset the counters when the last login was longer ago than the delay factor
if ($values['since_last'] > $this->failureIgnoreTime) {
$values['gula_failed_logins'] = 1;
- } else {
+ } elseif ($lastAuthorizer === 'pwd') {
+ // Only increment failed login when password failed
$values['gula_failed_logins'] += 1;
}
@@ -288,6 +289,7 @@
// Always record the last fail
$values['gula_last_failed'] = new Zend_Db_Expr('CURRENT_TIMESTAMP');
+ $values['gula_failed_logins'] = max(1, $values['gula_failed_logins']);
// Response gets slowly slower
$sleepTime = min($values['gula_failed_logins'] - 1, 10) * 2;
@@ -323,7 +325,8 @@
{
$auths = $this->loadAuthorizers($password);
- foreach ($auths as $result) {
+ $lastAuthorizer = null;
+ foreach ($auths as $lastAuthorizer => $result) {
if (is_callable($result)) {
$result = call_user_func($result);
}
@@ -357,7 +360,7 @@
}
}
- $this->afterAuthorization($result);
+ $this->afterAuthorization($result, $lastAuthorizer);
// MUtil_Echo::track($result);
$this->_authResult = $result;
@@ -1086,16 +1089,16 @@
*/
protected function loadAuthorizers($password)
{
+ if ($this->isBlockable()) {
+ $auths['block'] = array($this, 'authorizeBlock');
+ }
+
// organization ip restriction
$auths['orgip'] = array($this, 'authorizeOrgIp');
// group ip restriction
$auths['ip'] = array($this, 'authorizeIp');
- if ($this->isBlockable()) {
- $auths['block'] = array($this, 'authorizeBlock');
- }
-
if ($this->isActive()) {
$auths['pwd'] = $this->definition->getAuthAdapter($this, $password);
} else {
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X