void login2::sLogin() { QSqlDatabase db; QString databaseURL; databaseURL = _databaseURL; /* if(_cloudOption->isChecked()) { if(_demoOption->isChecked()) databaseURL = _cloudDatabaseURL.arg(_company->text().trimmed(), "demo"); else databaseURL = _cloudDatabaseURL.arg(_company->text().trimmed(), "quickstart"); } */ QString protocol; QString hostName; QString dbName; QString port; parseDatabaseURL(databaseURL, protocol, hostName, dbName, port); if (_splash) { _splash->show(); _splash->raise(); _splash->showMessage(tr("Initializing the Database Connector"), SplashTextAlignment, SplashTextColor); qApp->processEvents(); } // Open the Database Driver if (_multipleConnections) db = QSqlDatabase::addDatabase("QPSQL7", dbName); else db = QSqlDatabase::addDatabase("QPSQL7"); if (!db.isValid()) { if (_splash) _splash->hide(); QMessageBox::warning( this, tr("No Database Driver"), tr("<p>A connection could not be established with " "the specified Database as the Proper Database " "Drivers have not been installed. Contact your " "Systems Administator.")); return; } if(hostName.isEmpty() || dbName.isEmpty()) { if (_splash) _splash->hide(); QMessageBox::warning(this, tr("Incomplete Connection Options"), tr("<p>One or more connection options are missing. " "Please check that you have specified the host " "name, database name, and any other required " "options.") ); return; } db.setDatabaseName(dbName); db.setHostName(hostName); db.setPort(port.toInt()); _cUsername = _username->text().trimmed(); _cPassword = _password->text().trimmed(); //_cCompany = _company->text().trimmed(); setCursor(QCursor(Qt::WaitCursor)); qApp->processEvents(); if (_splash) { _splash->showMessage(tr("Connecting to the Database"), SplashTextAlignment, SplashTextColor); qApp->processEvents(); } /* if(_cloudOption->isChecked()) { if(_cCompany.isEmpty()) { QMessageBox::warning(this, tr("Incomplete Connection Options"), tr("<p>You must specify the Cloud ID name to connect to the cloud.")); return; } } */ db.setUserName(_cUsername); QRegExp xtuplecloud(".*\\.xtuplecloud\\.com"); QRegExp xtuple(".*\\.xtuple\\.com"); bool isCloud = xtuplecloud.exactMatch(hostName); bool isXtuple = xtuple.exactMatch(hostName); QString salt; if(isCloud || isXtuple) { salt = "private"; } else { salt = "xTuple"; } // try connecting to the database in each of the following ways in this order QList<QPair<QString, QString> > method; method << QPair<QString, QString>("requiressl=1", QMd5(QString(_cPassword + salt + _cUsername))) << QPair<QString, QString>("requiressl=1", _cPassword) << QPair<QString, QString>("requiressl=1", QMd5(QString(_cPassword + "OpenMFG" + _cUsername))) << QPair<QString, QString>("", QMd5(QString(_cPassword + salt + _cUsername))) << QPair<QString, QString>("", _cPassword) << QPair<QString, QString>("", QMd5(QString(_cPassword + "OpenMFG" + _cUsername))) ; int methodidx; // not declared in for () because we'll need it later for (methodidx = 0; methodidx < method.size(); methodidx++) { db.setConnectOptions(method.at(methodidx).first); db.setPassword(method.at(methodidx).second); if (db.open()) break; // break instead of for-loop condition to preserve methodidx } // if connected using OpenMFG enhanced auth, remangle the password if (db.isOpen() && (methodidx == 2 || methodidx == 5)) XSqlQuery chgpass(QString("ALTER USER \"%1\" WITH PASSWORD '%2'") .arg(_cUsername, QMd5(QString(_cPassword + "xTuple" + _cUsername)))); else if (db.isOpen() && method.at(methodidx).first.isEmpty()) { XSqlQuery sslq("SHOW ssl;"); //TODO: Add SSL to installer and require it by default for all xTuple users /*if (sslq.first() && sslq.value("ssl").toString() != "on") QMessageBox::warning(this, tr("Could Not Enforce Security"), tr("The connection to the xTuple ERP Server is not " "secure. Please ask your administrator to set " "the 'ssl' configuration option to 'on'."));*/ } if (! db.isOpen()) { if (_splash) _splash->hide(); setCursor(QCursor(Qt::ArrowCursor)); QMessageBox::critical(this, tr("Cannot Connect to xTuple ERP Server"), tr("<p>Sorry, can't connect to the specified xTuple ERP server. " "<p>This may be due to a problem with your user name, password, or server connection information. " "<p>Below is more detail on the connection problem: " "<p>%1" ).arg(db.lastError().text())); if (!_captive) { _username->setText(""); _username->setFocus(); } else _password->setFocus(); _password->setText(""); return; } /* xtsettingsSetValue("/xTuple/_demoOption", (bool)_demoOption->isChecked()); xtsettingsSetValue("/xTuple/_cloudOption", (bool)_cloudOption->isChecked()); xtsettingsSetValue("/xTuple/cloud_company", _company->text()); */ if (_splash) { _splash->showMessage(tr("Logging into the Database"), SplashTextAlignment, SplashTextColor); qApp->processEvents(); } if(!_nonxTupleDB) { QString loginqry = ""; if (_setSearchPath) loginqry="SELECT login(true) AS result, CURRENT_USER AS user;"; else loginqry="SELECT login() AS result, CURRENT_USER AS user;"; XSqlQuery login( loginqry ); setCursor(QCursor(Qt::ArrowCursor)); if (login.first()) { int result = login.value("result").toInt(); if (result < 0) { if (_splash) _splash->hide(); QMessageBox::critical(this, tr("Error Logging In"), storedProcErrorLookup("login", result)); return; } _user = login.value("user").toString(); _databaseURL = databaseURL; updateRecentOptions(); if (login.exec("SELECT getEffectiveXtUser() AS user;") && login.first() && ! login.value("user").toString().isEmpty()) _user = login.value("user").toString(); // no error check - older databases don't have getEffectiveXtUser accept(); } else if (login.lastError().type() != QSqlError::NoError) { if (_splash) _splash->hide(); QMessageBox::critical(this, tr("System Error"), tr("A System Error occurred at %1::%2:\n%3") .arg(__FILE__).arg(__LINE__) .arg(login.lastError().databaseText())); } else { if (_splash) _splash->hide(); QMessageBox::critical(this, tr("System Error"), tr("<p>An unknown error occurred at %1::%2. You may" " not log in to the specified xTuple ERP Server " "at this time.") .arg(__FILE__).arg(__LINE__)); } } else { setCursor(QCursor(Qt::ArrowCursor)); _databaseURL = databaseURL; updateRecentOptions(); accept(); } }
bool user::save() { QString username = _username->text().trimmed().toLower(); QList<GuiErrorCheck> errors; errors << GuiErrorCheck(! username.contains(QRegExp("[A-Za-z]")), _username, tr("You must enter a valid Username before you can save this User Account.")) << GuiErrorCheck(_username->text().contains(QRegExp("\\s")), _username, tr("The Username cannot include any spaces.")) << GuiErrorCheck(_passwd->text().isEmpty(), _passwd, tr("You must enter a valid Password before you can save this User Account.")) << GuiErrorCheck(_passwd->text() != _verify->text(), _passwd, tr("The entered password and verify do not match. " "Please enter both again carefully.")) ; if (GuiErrorCheck::reportErrors(this, tr("Cannot save User Account"), errors)) { if (_passwd->text() != _verify->text()) { _passwd->clear(); _verify->clear(); } return false; } QString passwd = _passwd->text(); if(_enhancedAuth->isChecked()) { QRegExp xtuplecloud(".*\\.xtuplecloud\\.com.*"); QRegExp xtuple(".*\\.xtuple\\.com.*"); bool isCloud = xtuplecloud.exactMatch(omfgThis->databaseURL()); bool isXtuple = xtuple.exactMatch(omfgThis->databaseURL()); QString salt; if(isCloud || isXtuple) { salt = "j3H44uadEI#8#kSmkh#H%JSLAKDOHImklhdfsn3#432?%^kjasdjla3uy989apa3uipoweurw-03235##+=-lhkhdNOHA?%@mxncvbwoiwerNKLJHwe278NH28shNeGc"; } else { salt = "xTuple"; } passwd = passwd + salt + username; passwd = QMd5(passwd); } XSqlQuery usrq; if (_mode == cNew) { usrq.prepare("SELECT usesysid" " FROM pg_user" " WHERE (usename=:username);" ); usrq.bindValue(":username", username); usrq.exec(); if (!usrq.first()) { usrq.prepare("SELECT createUser(:username, :createUsers);"); usrq.bindValue(":username", username); usrq.bindValue(":createUsers", QVariant(_createUsers->isChecked())); usrq.exec(); if (ErrorReporter::error(QtCriticalMsg, this, tr("Creating User"), usrq, __FILE__, __LINE__)) return false; } } else if (_mode == cEdit) { if(_createUsers->isEnabled()) { usrq.prepare("SELECT setUserCanCreateUsers(:username, :createUsers);"); usrq.bindValue(":username", username); usrq.bindValue(":createUsers", QVariant(_createUsers->isChecked())); usrq.exec(); if (ErrorReporter::error(QtCriticalMsg, this, tr("Saving User Account"), usrq, __FILE__, __LINE__)) return false; } } if(_createUsers->isEnabled()) { usrq.prepare("SELECT pg_has_role(:username,'xtrole','member') AS result;"); usrq.bindValue(":username", username); usrq.exec(); if(usrq.first() && !usrq.value("result").toBool()) { usrq.exec( QString("ALTER GROUP xtrole ADD USER %1;") .arg(username) ); } if (ErrorReporter::error(QtCriticalMsg, this, tr("Saving User Account"), usrq, __FILE__, __LINE__)) return false; } if (_passwd->text() != " ") { usrq.prepare( QString( "ALTER USER \"%1\" WITH PASSWORD :password;") .arg(username) ); usrq.bindValue(":password", passwd); usrq.exec(); if (ErrorReporter::error(QtCriticalMsg, this, tr("Setting Password"), usrq, __FILE__, __LINE__)) return false; } usrq.prepare("SELECT setUserPreference(:username, 'DisableExportContents', :export)," " setUserPreference(:username, 'UseEnhancedAuthentication', :enhanced)," " setUserPreference(:username, 'selectedSites', :sites)," " setUserPreference(:username, 'propername', :propername)," " setUserPreference(:username, 'email', :email)," " setUserPreference(:username, 'initials', :initials)," " setUserPreference(:username, 'locale_id', text(:locale_id))," " setUserPreference(:username, 'agent', :agent)," " setUserPreference(:username, 'active', :active);"); usrq.bindValue(":username", username); usrq.bindValue(":export", (_exportContents->isChecked() ? "t" : "f")); usrq.bindValue(":enhanced", (_enhancedAuth->isChecked() ? "t" : "f")); usrq.bindValue(":sites", (_selectedSites->isChecked() ? "t" : "f")); usrq.bindValue(":propername", _properName->text()); usrq.bindValue(":email", _email->text()); usrq.bindValue(":initials", _initials->text()); usrq.bindValue(":locale_id", _locale->id()); usrq.bindValue(":agent", (_agent->isChecked() ? "t" : "f")); usrq.bindValue(":active", (_active->isChecked() ? "t" : "f")); usrq.exec(); if (ErrorReporter::error(QtCriticalMsg, this, tr("Saving User Account"), usrq, __FILE__, __LINE__)) return false; omfgThis->sUserUpdated(username); return true; }
bool userPreferences::save() { XSqlQuery userave; if (_currentpassword->text().length() == 0) { QMessageBox::warning( this, tr("Cannot save User"), tr( "You must enter a valid Current Password before you can save this User." )); _currentpassword->setFocus(); return false; } if (_newpassword->text().length() == 0) { QMessageBox::warning( this, tr("Cannot save User"), tr( "You must enter a valid Password before you can save this User." )); _newpassword->setFocus(); return false; } QString passwd = _newpassword->text(); QString currentpasswd = _currentpassword->text(); // TODO: have to compare this against something usefull if(currentpasswd != __password) { QMessageBox::warning( this, tr("Cannot save User"), tr( "Please Verify Current Password." )); _currentpassword->setFocus(); return false; } if (_newpassword->text() != _retypepassword->text()) { QMessageBox::warning( this, tr("Password do not Match"), tr( "The entered password and verify do not match\n" "Please enter both again carefully." )); _newpassword->clear(); _retypepassword->clear(); _newpassword->setFocus(); return false; } if (_newpassword->text() != " ") { userave.prepare( "SELECT usrpref_value " " FROM usrpref " " WHERE ( (usrpref_name = 'UseEnhancedAuthentication') " " AND (usrpref_username=:username) ); "); userave.bindValue(":username", _username->text().trimmed().toLower()); userave.exec(); if(userave.first()) { if (userave.value("usrpref_value").toString()=="t") { QRegExp xtuplecloud(".*\\.xtuplecloud\\.com.*"); QRegExp xtuple(".*\\.xtuple\\.com.*"); bool isCloud = xtuplecloud.exactMatch(omfgThis->databaseURL()); bool isXtuple = xtuple.exactMatch(omfgThis->databaseURL()); QString salt; if(isCloud || isXtuple) { salt = "private"; } else { salt = "xTuple"; } passwd = passwd + salt + _username->text(); passwd = QMd5(passwd); } } userave.prepare( QString( "ALTER USER \"%1\" WITH PASSWORD :password;") .arg(_username->text()) ); userave.bindValue(":password", passwd); userave.exec(); if (userave.lastError().type() != QSqlError::NoError) { systemError(this, userave.lastError().databaseText(), __FILE__, __LINE__); return false; } } return true; }