From: <de...@de...> - 2008-07-25 17:49:06
|
Author: CrawfordCurrie Date: 2008-07-25 12:49:12 -0500 (Fri, 25 Jul 2008) New Revision: 17132 Trac url: http://develop.twiki.org/trac/changeset/17132 Modified: twiki/trunk/UnitTestContrib/test/unit/Fn_REVINFO.pm twiki/trunk/UnitTestContrib/test/unit/Fn_SEARCH.pm twiki/trunk/UnitTestContrib/test/unit/RegisterTests.pm twiki/trunk/UnitTestContrib/test/unit/VariableTests.pm twiki/trunk/core/lib/TWiki/Attach.pm twiki/trunk/core/lib/TWiki/LoginManager/TemplateLogin.pm twiki/trunk/core/lib/TWiki/Render.pm twiki/trunk/core/lib/TWiki/Search.pm twiki/trunk/core/lib/TWiki/UI/Manage.pm twiki/trunk/core/lib/TWiki/UI/Register.pm twiki/trunk/core/lib/TWiki/UserMapping.pm twiki/trunk/core/lib/TWiki/Users.pm twiki/trunk/core/lib/TWiki/Users/BaseUserMapping.pm Log: Item5800: corrections to ensure that a prefixed mapping will work Modified: twiki/trunk/UnitTestContrib/test/unit/Fn_REVINFO.pm =================================================================== --- twiki/trunk/UnitTestContrib/test/unit/Fn_REVINFO.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/UnitTestContrib/test/unit/Fn_REVINFO.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -87,16 +87,14 @@ my $ui = $this->{twiki}->handleCommonTags( '%REVINFO{format="$username $wikiname"}%', $this->{test_web}, 'CrikeyMoses'); - # The wikiname can't be mapped back to a login name (the mapping is - # one-to-many) so the login name is unknown. - $this->assert_str_equals("unknown ScumBag", $ui); + $this->assert_str_equals("scum ScumBag", $ui); } sub test_compatibility2 { my $this = shift; - # Create a topic with raw meta to force a wikiname into the author field. - # The wikiname must be for a user who is in TWikiUsers. + # Create a topic with raw meta to force a login into the author field. + # The login must be for a user who is in TWikiUsers. # This test is specific to the "traditional" text database implementation, # either RcsWrap or RcsLite. if ($TWiki::cfg{StoreImpl} ne 'RcsLite' && Modified: twiki/trunk/UnitTestContrib/test/unit/Fn_SEARCH.pm =================================================================== --- twiki/trunk/UnitTestContrib/test/unit/Fn_SEARCH.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/UnitTestContrib/test/unit/Fn_SEARCH.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -607,10 +607,11 @@ 'QueryTopicTwo', $text); $this->{twiki}->finish(); - my $query = new CGI(""); + my $query = new TWiki::Request(""); $query->path_info("/$this->{test_web}/$this->{test_topic}"); $this->{twiki} = new TWiki(undef, $query); + $this->assert_str_equals($this->{test_web}, $this->{twiki}->{webName}); $TWiki::Plugins::SESSION = $this->{twiki}; } @@ -878,8 +879,7 @@ } - -sub verify_likeQuery { +sub verify_likeQuery2 { my $this = shift; $this->set_up_for_queries(); Modified: twiki/trunk/UnitTestContrib/test/unit/RegisterTests.pm =================================================================== --- twiki/trunk/UnitTestContrib/test/unit/RegisterTests.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/UnitTestContrib/test/unit/RegisterTests.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -211,12 +211,24 @@ # See the pod doc in Unit::TestCase for details of how to use this sub fixture_groups { return ( - [ 'TemplateLoginManager', 'ApacheLoginManager', 'NoLoginManager' ], - [ 'AllowLoginName', 'DontAllowLoginName'], -# [ 'HtPasswdManager', 'NonePasswdManager'], - [ 'HtPasswdManager' ], -# [ 'TWikiUserMapping', 'BaseUserMapping' ] ); - [ 'TWikiUserMapping' ] ); + [ + 'TemplateLoginManager', + 'ApacheLoginManager', + 'NoLoginManager', + ], + [ + 'AllowLoginName', + 'DontAllowLoginName', + ], + [ + 'HtPasswdManager', + #'NonePasswdManager', + ], + [ + 'TWikiUserMapping', + #'BaseUserMapping', + ] + ); } #delay the calling of set_up til after the cfg's are set by above closure @@ -1462,7 +1474,8 @@ my $newPassU = '12345'; my $oldPassU = 1; #force set $this->assert($this->{twiki}->{users}->setPassword( $cUID, $newPassU, $oldPassU )); - $this->assert($this->{twiki}->{users}->checkPassword( $this->{new_user_login}, $newPassU )); + $this->assert($this->{twiki}->{users}->checkPassword( + $this->{new_user_login}, $newPassU )); my @emails = $this->{twiki}->{users}->getEmails($cUID); $this->assert_str_equals($this->{new_user_email}, $emails[0]); Modified: twiki/trunk/UnitTestContrib/test/unit/VariableTests.pm =================================================================== --- twiki/trunk/UnitTestContrib/test/unit/VariableTests.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/UnitTestContrib/test/unit/VariableTests.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -113,7 +113,7 @@ ScumBag $this->{users_web}.ScumBag scum, $this->{users_web}.ScumBag, scumbag\@example.com -scum,scumbag\@example.com,scum,ScumBag,$this->{users_web}.ScumBag +${TWiki::Users::TWikiUserMapping::TWIKI_USER_MAPPING_ID}scum,scumbag\@example.com,scum,ScumBag,$this->{users_web}.ScumBag BaseUserMapping_666,,guest,TWikiGuest,$this->{users_web}.TWikiGuest END $this->annotate("TWiki::cfg{Register}{AllowLoginName} == ".$TWiki::cfg{Register}{AllowLoginName}); Modified: twiki/trunk/core/lib/TWiki/Attach.pm =================================================================== --- twiki/trunk/core/lib/TWiki/Attach.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/Attach.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -239,9 +239,18 @@ return TWiki::Time::formatTime( $info->{date} || 0 ); } elsif ( $attr eq 'USER' ) { - my $infousername = $info->{user} || 'UnknownUser'; - $infousername =~ s/^$TWiki::cfg{UsersWebName}\.//; - return $users->webDotWikiName($infousername); + my $user = $info->{user} || 'UnknownUser'; + my $cUID; + if( $user ) { + $cUID = $users->getCanonicalUserID( $user ); + if (!$cUID) { + # Not a login name or a wiki name. Is it a valid cUID? + my $ln = $users->getLoginName($user); + $cUID = $user if defined $ln && $ln ne 'unknown'; + } + } + + return $users->webDotWikiName($cUID); } else { return $TWiki::TranslationToken.'A_'.$attr.$TWiki::TranslationToken; Modified: twiki/trunk/core/lib/TWiki/LoginManager/TemplateLogin.pm =================================================================== --- twiki/trunk/core/lib/TWiki/LoginManager/TemplateLogin.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/LoginManager/TemplateLogin.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -163,12 +163,8 @@ my $error = ''; if( $loginName ) { - my $cUID = $users->getCanonicalUserID($loginName); - my $validation; - if (defined($cUID)) { - $validation = $users->checkPassword( $cUID, $loginPass ); - $error = $users->passwordError(); - } + my $validation = $users->checkPassword( $loginName, $loginPass ); + $error = $users->passwordError(); if( $validation ) { $this->userLoggedIn( $loginName ); Modified: twiki/trunk/core/lib/TWiki/Render.pm =================================================================== --- twiki/trunk/core/lib/TWiki/Render.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/Render.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -1571,9 +1571,14 @@ my $un = ''; if( $user ) { my $users = $this->{session}->{users}; - $wun = $users->webDotWikiName($user) || 'Unknown User'; - $wn = $users->getWikiName( $user ) || 'UnknownUser'; - $un = $users->getLoginName($user) || 'unknown'; + my $cUID = $users->getCanonicalUserID( $user ); + if (!$cUID) { + my $ln = $users->getLoginName($user); + $cUID = $user if defined $ln && $ln ne 'unknown'; + } + $wun = $users->webDotWikiName($cUID) || 'Unknown User'; + $wn = $users->getWikiName( $cUID ) || 'UnknownUser'; + $un = $users->getLoginName($cUID) || 'unknown'; } my $value = $format || 'r$rev - $date - $time - $wikiusername'; Modified: twiki/trunk/core/lib/TWiki/Search.pm =================================================================== --- twiki/trunk/core/lib/TWiki/Search.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/Search.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -197,7 +197,6 @@ my( $this, $web, $query, @topicList ) = @_; my $store = $this->{session}->{store}; - my $matches = $store->searchInWebMetaData( $query, $web, \@topicList); Modified: twiki/trunk/core/lib/TWiki/UI/Manage.pm =================================================================== --- twiki/trunk/core/lib/TWiki/UI/Manage.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/UI/Manage.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -87,26 +87,26 @@ my $webName = $session->{webName}; my $topic = $session->{topicName}; my $query = $session->{request}; - my $user = $session->{user}; + my $cUID = $session->{user}; my $password = $query->param( 'password' ); # check if user entry exists my $users = $session->{users}; - if( !$users->userExists( $user )) { + if( !$users->userExists( $cUID )) { throw TWiki::OopsException( 'attention', web => $webName, topic => $topic, def => 'notwikiuser', - params => [ $session->{users}->getWikiName( $user ) ] ); + params => [ $session->{users}->getWikiName( $cUID ) ] ); } #check to see it the user we are trying to remove is a member of a group. #initially we refuse to delete the user #in a later implementation we will remove the from the group #(if Access.pm implements it..) - my $git = $users->eachMembership($user); + my $git = $users->eachMembership($cUID); if( $git->hasNext() ) { my $list = ''; while ($git->hasNext()) { @@ -117,24 +117,25 @@ web => $webName, topic => $topic, def => 'in_a_group', - params => [ $session->{users}->getWikiName( $user ), $list ] ); + params => [ $session->{users}->getWikiName( $cUID ), $list ] ); } - unless( $users->checkPassword($user, $password)) { + unless( $users->checkPassword( + $session->{users}->getLoginName($cUID), $password)) { throw TWiki::OopsException( 'attention', web => $webName, topic => $topic, def => 'wrong_password' ); } - $users->removeUser( $user ); + $users->removeUser( $cUID ); throw TWiki::OopsException( 'attention', def => 'remove_user_done', web => $webName, topic => $topic, - params => [ $users->getWikiName( $user ) ] ); + params => [ $users->getWikiName( $cUID ) ] ); } sub _isValidHTMLColor { @@ -149,7 +150,7 @@ my $topicName = $session->{topicName}; my $webName = $session->{webName}; my $query = $session->{request}; - my $user = $session->{user}; + my $cUID = $session->{user}; my $newWeb = $query->param( 'newweb' ) || ''; unless( $newWeb ) { @@ -200,14 +201,14 @@ my $opts = { # Set permissions such that only the creating user can modify the # web preferences - ALLOWTOPICCHANGE => $session->{users}->getWikiName($user), + ALLOWTOPICCHANGE => $session->{users}->getWikiName($cUID), ALLOWTOPICRENAME => 'nobody', }; foreach my $p ($query->param()) { $opts->{uc($p)} = $query->param($p); } - my $err = $session->{store}->createWeb( $user, $newWeb, $baseWeb, $opts ); + my $err = $session->{store}->createWeb( $cUID, $newWeb, $baseWeb, $opts ); if( $err ) { throw TWiki::OopsException ( 'attention', def => 'web_creation_error', @@ -434,7 +435,7 @@ my $oldWeb = $session->{webName}; my $query = $session->{request}; - my $user = $session->{user}; + my $cUID = $session->{user}; # If the user is not allowed to rename anything in the current web - stop here TWiki::UI::checkAccess( $session, $oldWeb, undef, @@ -540,12 +541,12 @@ $webIter = TWiki::Sandbox::untaintUnchecked( $webIter ); $webTopic = TWiki::Sandbox::untaintUnchecked( $webTopic ); if( $confirm eq 'getlock' ) { - $store->setLease( $webIter, $webTopic, $user, + $store->setLease( $webIter, $webTopic, $cUID, $TWiki::cfg{LeaseLength}); $lease_ref = $store->getLease( $webIter, $webTopic ); } elsif( $confirm eq 'cancel' ) { $lease_ref = $store->getLease( $webIter, $webTopic ); - if( $lease_ref->{user} eq $user ) { + if( $lease_ref->{user} eq $cUID ) { $store->clearLease( $webIter, $webTopic ); } } @@ -555,11 +556,11 @@ $modifyingLockedTopics++ if( defined($webTopicInfo{modify}{$ref}{leaseuser} ) && - $webTopicInfo{modify}{$ref}{leaseuser} ne $user ); + $webTopicInfo{modify}{$ref}{leaseuser} ne $cUID ); $webTopicInfo{modify}{$ref}{summary} = $refs{$ref}; $webTopicInfo{modify}{$ref}{access} = $session->security->checkAccessPermission( - 'CHANGE', $user, undef, undef, $webTopic, $webIter); + 'CHANGE', $cUID, undef, undef, $webTopic, $webIter); if( !$webTopicInfo{modify}{$ref}{access} ) { $webTopicInfo{modify}{$ref}{accessReason} = $session->security->getReason(); @@ -579,12 +580,12 @@ foreach my $webTopic ( @webTopicList ) { $webTopic = TWiki::Sandbox::untaintUnchecked( $webTopic ); if( $confirm eq 'getlock' ) { - $store->setLease( $webIter, $webTopic, $user, + $store->setLease( $webIter, $webTopic, $cUID, $TWiki::cfg{LeaseLength}); $lease_ref = $store->getLease( $webIter, $webTopic ); } elsif ($confirm eq 'cancel') { $lease_ref = $store->getLease( $webIter, $webTopic ); - if( $lease_ref->{user} eq $user ) { + if( $lease_ref->{user} eq $cUID ) { $store->clearLease( $webIter, $webTopic ); } } @@ -594,10 +595,10 @@ $movingLockedTopics++ if( defined($webTopicInfo{move}{$wit}{leaseuser}) && - $webTopicInfo{move}{$wit}{leaseuser} ne $user ); + $webTopicInfo{move}{$wit}{leaseuser} ne $cUID ); $webTopicInfo{move}{$wit}{access} = $session->security->checkAccessPermission( - 'RENAME', $user, undef, undef, $webTopic, $webIter); + 'RENAME', $cUID, undef, undef, $webTopic, $webIter); $webTopicInfo{move}{$wit}{accessReason} = $session->security->getReason(); $totalWebAccess = ($totalWebAccess & @@ -617,7 +618,7 @@ # its subwebs. push( @{$webTopicInfo{movelocked}}, grep { defined($webTopicInfo{move}{$_}{leaseuser}) && - $webTopicInfo{move}{$_}{leaseuser} ne $user } + $webTopicInfo{move}{$_}{leaseuser} ne $cUID } sort keys %{$webTopicInfo{move}} ); # Next, build up a list of all the referrers which the @@ -630,7 +631,7 @@ # currently locked. push( @{$webTopicInfo{modifylocked}}, grep { defined($webTopicInfo{modify}{$_}{leaseuser}) && - $webTopicInfo{modify}{$_}{leaseuser} ne $user } + $webTopicInfo{modify}{$_}{leaseuser} ne $cUID } sort keys %{$webTopicInfo{modify}} ); unless( $confirm ) { @@ -951,7 +952,7 @@ $oldWeb =~ s/\./\//go; $newWeb =~ s/\./\//go; - my $user = $session->{user}; + my $cUID = $session->{user}; if( $store->webExists( $newWeb )) { throw TWiki::OopsException( 'attention', @@ -966,7 +967,7 @@ _updateWebReferringTopics( $session, $oldWeb, $newWeb, $refs ); try { - $store->moveWeb( $oldWeb, $newWeb, $user ); + $store->moveWeb( $oldWeb, $newWeb, $cUID ); } catch Error::Simple with { my $e = shift; throw TWiki::OopsException( 'attention', @@ -1181,7 +1182,7 @@ my $store = $session->{store}; my $renderer = $session->renderer; require TWiki::Render; - my $user = $session->{user}; + my $cUID = $session->{user}; my $options = { pre => 1, # process lines in PRE blocks @@ -1196,7 +1197,7 @@ $session->normalizeWebTopicName( '', $item ); if ( $store->topicExists($itemWeb, $itemTopic) ) { - $store->lockTopic( $user, $itemWeb, $itemTopic ); + $store->lockTopic( $cUID, $itemWeb, $itemTopic ); try { my( $meta, $text ) = $store->readTopic( undef, $itemWeb, $itemTopic, undef ); @@ -1207,14 +1208,14 @@ ( qw/^(FIELD|FORM|TOPICPARENT)$/, undef, \&TWiki::Render::replaceTopicReferences, $options ); - $store->saveTopic( $user, $itemWeb, $itemTopic, + $store->saveTopic( $cUID, $itemWeb, $itemTopic, $text, $meta, { minor => 1 } ); } catch TWiki::AccessControlException with { my $e = shift; $session->writeWarning( $e->stringify() ); } finally { - $store->unlockTopic( $user, $itemWeb, $itemTopic ); + $store->unlockTopic( $cUID, $itemWeb, $itemTopic ); }; } } @@ -1227,7 +1228,7 @@ my $renderer = $session->renderer; require TWiki::Render; - my $user = $session->{user}; + my $cUID = $session->{user}; my $options = { oldWeb => $oldWeb, @@ -1239,7 +1240,7 @@ $session->normalizeWebTopicName( '', $item ); if ( $store->topicExists($itemWeb, $itemTopic) ) { - $store->lockTopic( $user, $itemWeb, $itemTopic ); + $store->lockTopic( $cUID, $itemWeb, $itemTopic ); try { my( $meta, $text ) = $store->readTopic( undef, $itemWeb, $itemTopic, undef ); @@ -1251,14 +1252,14 @@ ( qw/^(FIELD|FORM|TOPICPARENT)$/, undef, \&TWiki::Render::replaceWebReferences, $options ); - $store->saveTopic( $user, $itemWeb, $itemTopic, + $store->saveTopic( $cUID, $itemWeb, $itemTopic, $text, $meta, { minor => 1 } ); } catch TWiki::AccessControlException with { my $e = shift; $session->writeWarning( $e->stringify() ); } finally { - $store->unlockTopic( $user, $itemWeb, $itemTopic ); + $store->unlockTopic( $cUID, $itemWeb, $itemTopic ); }; } } @@ -1299,7 +1300,7 @@ my $session = shift; my $topic = $session->{topicName}; my $web = $session->{webName}; - my $user = $session->{user}; + my $cUID = $session->{user}; # set up editing session my ( $currMeta, $currText ) = @@ -1327,13 +1328,13 @@ if ( $originalrev ) { my ( $date, $author, $rev ) = $newMeta->getRevisionInfo(); # If the last save was by me, don't merge - if ( $rev ne $originalrev && $author ne $user ) { + if ( $rev ne $originalrev && $author ne $cUID ) { $newMeta->merge( $currMeta ); } } try { - $session->{store}->saveTopic( $user, $web, $topic, + $session->{store}->saveTopic( $cUID, $web, $topic, $currText, $newMeta, $saveOpts ); } catch Error::Simple with { throw TWiki::OopsException( 'attention', @@ -1371,9 +1372,9 @@ # read the current topic my ( $meta, $text ) = $session->{store}->readTopic( undef, $web, $topic, undef ); - my $user = $session->{user}; + my $cUID = $session->{user}; if ( !$session->security->checkAccessPermission( - 'change', $user, $text, $meta, $topic, $web ) ) { + 'change', $cUID, $text, $meta, $topic, $web ) ) { # user has no permission to change the topic throw TWiki::OopsException( 'accessdenied', def => 'topic_access', Modified: twiki/trunk/core/lib/TWiki/UI/Register.pm =================================================================== --- twiki/trunk/core/lib/TWiki/UI/Register.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/UI/Register.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -616,14 +616,14 @@ my $requestUser = $session->{user}; my $oldpassword = $query->param( 'oldpassword' ); - my $user = $query->param( 'username' ); + my $login = $query->param( 'username' ); my $passwordA = $query->param( 'password' ); my $passwordB = $query->param( 'passwordA' ); my $email = $query->param( 'email' ); my $topicName = $query->param( 'TopicName' ); # check if required fields are filled in - unless( $user ) { + unless( $login ) { throw TWiki::OopsException( 'attention', web => $webName, topic => $topic, @@ -633,12 +633,12 @@ my $users = $session->{users}; - unless ($user) { + unless ($login) { throw TWiki::OopsException( 'attention', web => $webName, topic => $topic, def => 'notwikiuser', - params => [ $user ] ); + params => [ $login ] ); } my $changePass = 0; @@ -670,16 +670,15 @@ params => [ 'oldpassword' ] ); } - my $cUID = $users->getCanonicalUserID($user); - unless( $users->isAdmin( $requestUser ) || - $users->checkPassword( $cUID, $oldpassword)) { + $users->checkPassword( $login, $oldpassword)) { throw TWiki::OopsException( 'attention', web => $webName, topic => $topic, def => 'wrong_password'); } + my $cUID = $users->getCanonicalUserID($login); if( defined $email ) { my $return = $users->setEmails($cUID, split(/\s+/, $email) ); } @@ -701,7 +700,7 @@ topic => $topic, def => 'password_not_changed'); } else { - $session->writeLog('changepasswd', $user); + $session->writeLog('changepasswd', $login); } # OK - password changed throw TWiki::OopsException( 'attention', Modified: twiki/trunk/core/lib/TWiki/UserMapping.pm =================================================================== --- twiki/trunk/core/lib/TWiki/UserMapping.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/UserMapping.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -416,7 +416,7 @@ ---++ ObjectMethod checkPassword( $login, $passwordU ) -> $boolean -Finds if the password is valid for the given user. This is called using +Finds if the password is valid for the given login. This is called using a login name rather than a cUID because the user may not have been mapped at the time it is called. Modified: twiki/trunk/core/lib/TWiki/Users/BaseUserMapping.pm =================================================================== --- twiki/trunk/core/lib/TWiki/Users/BaseUserMapping.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/Users/BaseUserMapping.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -93,7 +93,7 @@ TWikiRegistrationAgent => $this->{mapping_id}.'222' }; $this->{U2E} = {$this->{mapping_id}.'333' => $TWiki::cfg{WebMasterEmail}}; - $this->{U2P} = {$this->{mapping_id}.'333' => $TWiki::cfg{Password}}; + $this->{L2P} = {$TWiki::cfg{AdminUserLogin} => $TWiki::cfg{Password}}; $this->{GROUPS} = { $TWiki::cfg{SuperAdminGroup} => [$this->{mapping_id}.'333'], @@ -121,7 +121,7 @@ my $this = shift; undef $this->{U2L}; undef $this->{U2W}; - undef $this->{U2P}; + undef $this->{L2P}; undef $this->{U2E}; undef $this->{L2U}; undef $this->{W2U}; @@ -377,7 +377,7 @@ =pod ----++ ObjectMethod checkPassword( $cUID, $passwordU ) -> $boolean +---++ ObjectMethod checkPassword( $login, $passwordU ) -> $boolean Finds if the password is valid for the given user. @@ -386,15 +386,15 @@ =cut sub checkPassword { - my( $this, $cUID, $pass ) = @_; + my( $this, $login, $pass ) = @_; - my $hash = $this->{U2P}->{$cUID}; + my $hash = $this->{L2P}->{$login}; if( $hash && crypt( $pass, $hash ) eq $hash ) { - return 1; #yay, you've passed + return 1; # yay, you've passed } # be a little more helpful to the admin - if( $cUID eq $this->{mapping_id}.'333' && !$hash ) { - $this->{error} = 'To login as '.$this->getLoginName($cUID). + if( $login eq $TWiki::cfg{AdminUserLogin} && !$hash ) { + $this->{error} = 'To login as '.$login. ', you must set {Password} in configure'; } return 0; Modified: twiki/trunk/core/lib/TWiki/Users.pm =================================================================== --- twiki/trunk/core/lib/TWiki/Users.pm 2008-07-25 16:42:25 UTC (rev 17131) +++ twiki/trunk/core/lib/TWiki/Users.pm 2008-07-25 17:49:12 UTC (rev 17132) @@ -109,6 +109,7 @@ # override (in TWiki.pm) $this->{remoteUser} = $this->{loginManager}->loadSession( $session->{remoteUser} ); + $this->{remoteUser} = $TWiki::cfg{DefaultUserLogin} unless ( defined( $this->{remoteUser} ) ); @@ -258,8 +259,9 @@ my $cUID; if( defined($login) && $login ne '' ) { + # In the case of a user mapper that accepts any identifier as + # a cUID, $cUID = $this->getCanonicalUserID($login); - # see BugsItem4771 - it seems that authenticated, but unmapped # users have rights too if( !defined($cUID) ) { @@ -413,31 +415,21 @@ } elsif( defined( $this->{wikiName2cUID}->{$identifier} )) { $cUID = $this->{wikiName2cUID}->{$identifier}; } else { - # See if any known mappings recognise the identifier as a cUID - my $testMapping = $this->_getMapping( undef, $identifier, undef, 1 ); + # See if a mapping recognises the identifier as a login name + my $mapping = $this->_getMapping( undef, $identifier, undef, 1 ); + $cUID = $mapping->login2cUID( $identifier ) if $mapping; + unless( $cUID ) { + # Finally see if it's a valid user wikiname - if( $testMapping && $testMapping->getLoginName($identifier) ) { - # The mapping claims to recognise this cUID - $cUID = $identifier; - } else { - # See if the current mapping recognises the identifier as a - # login name - my $mapping = $this->_getMapping( - undef, $identifier, $identifier ); - $cUID = $mapping->login2cUID( $identifier ); - unless ($cUID) { - # Finally see if it's a valid user wikiname + # Strip users web id (legacy, probably specific to + # TWikiUserMappingContrib but may be used by other mappers + # that support user topics) + my ( $dummy, $nid ) = + $this->{session}->normalizeWebTopicName( '', $identifier ); + $identifier = $nid if ($dummy eq $TWiki::cfg{UsersWebName}); - # Strip users web id (legacy, probably specific to - # TWikiUserMappingContrib but may be used by other mappers - # that support user topics) - my ( $dummy, $nid ) = - $this->{session}->normalizeWebTopicName( '', $identifier ); - $identifier = $nid if ($dummy eq $TWiki::cfg{UsersWebName}); - - my $found = $this->findUserByWikiName($identifier); - $cUID = $found->[0] if ( $found && scalar(@$found) ); - } + my $found = $this->findUserByWikiName($identifier); + $cUID = $found->[0] if ( $found && scalar(@$found) ); } } return $cUID; @@ -612,7 +604,7 @@ my $mapping = $this->_getMapping($cUID); my $login; if( $cUID && $mapping ) { - $login = $mapping->getLoginName($cUID) + $login = $mapping->getLoginName($cUID); } if( defined $login ) { @@ -832,9 +824,12 @@ =pod ----++ ObjectMethod checkPassword( $cUID, $passwordU ) -> $boolean +---++ ObjectMethod checkLogin( $login, $passwordU ) -> $boolean -Finds if the password is valid for the given user. +Finds if the password is valid for the given user. This method is +called using the login name rather than the $cUID so that it can be called +with a user who can be authenticated, but may not be mappable to a +cUID (yet). Returns 1 on success, undef on failure. @@ -844,8 +839,9 @@ =cut sub checkPassword { - my ( $this, $cUID, $pw ) = @_; - return $this->_getMapping($cUID)->checkPassword( $cUID, $pw ); + my ( $this, $login, $pw ) = @_; + my $mapping = $this->_getMapping(undef, $login, undef, 0); + return $mapping->checkPassword( $login, $pw ); } =pod |