// returns true if the provided identifier matches the barcode regex. static int oilsAuthIdentIsBarcode(const char* identifier, int org_id) { if (org_id < 1) org_id = oilsUtilsGetRootOrgId(); char* bc_regex = oilsUtilsFetchOrgSetting(org_id, "opac.barcode_regex"); if (!bc_regex) { // if no regex is set, assume any identifier starting // with a number is a barcode. bc_regex = strdup("^\\d"); // dupe for later free'ing } const char *err_str; int err_offset, match_ret; pcre *compiled = pcre_compile( bc_regex, 0, &err_str, &err_offset, NULL); if (compiled == NULL) { osrfLogError(OSRF_LOG_MARK, "Could not compile '%s': %s", bc_regex, err_str); free(bc_regex); pcre_free(compiled); return 0; } pcre_extra *extra = pcre_study(compiled, 0, &err_str); if(err_str != NULL) { osrfLogError(OSRF_LOG_MARK, "Could not study regex '%s': %s", bc_regex, err_str); free(bc_regex); pcre_free(compiled); return 0; } match_ret = pcre_exec( compiled, extra, identifier, strlen(identifier), 0, 0, NULL, 0); free(bc_regex); pcre_free(compiled); if (extra) pcre_free(extra); if (match_ret >= 0) return 1; // regex matched if (match_ret != PCRE_ERROR_NOMATCH) osrfLogError(OSRF_LOG_MARK, "Unknown error processing barcode regex"); return 0; // regex did not match }
/** @brief Determine the login timeout. @param userObj Pointer to an object describing the user. @param type Pointer to one of four possible character strings identifying the login type. @param orgloc Org unit to use for settings lookups (negative or zero means unspecified) @return The length of the timeout, in seconds. The default timeout value comes from the configuration file, and depends on the login type. The default may be overridden by a corresponding org unit setting. The @a orgloc parameter says what org unit to use for the lookup. If @a orgloc <= 0, or if the lookup for @a orgloc yields no result, we look up the setting for the user's home org unit instead (except that if it's the same as @a orgloc we don't bother repeating the lookup). Whether defined in the config file or in an org unit setting, a timeout value may be expressed as a raw number (i.e. all digits, possibly with leading and/or trailing white space) or as an interval string to be translated into seconds by PostgreSQL. */ static long oilsAuthGetTimeout( const jsonObject* userObj, const char* type, int orgloc ) { if(!_oilsAuthOPACTimeout) { /* Load the default timeouts */ jsonObject* value_obj; value_obj = osrf_settings_host_value_object( "/apps/open-ils.auth/app_settings/default_timeout/opac" ); _oilsAuthOPACTimeout = oilsUtilsIntervalToSeconds( jsonObjectGetString( value_obj )); jsonObjectFree(value_obj); if( -1 == _oilsAuthOPACTimeout ) { osrfLogWarning( OSRF_LOG_MARK, "Invalid default timeout for OPAC logins" ); _oilsAuthOPACTimeout = 0; } value_obj = osrf_settings_host_value_object( "/apps/open-ils.auth/app_settings/default_timeout/staff" ); _oilsAuthStaffTimeout = oilsUtilsIntervalToSeconds( jsonObjectGetString( value_obj )); jsonObjectFree(value_obj); if( -1 == _oilsAuthStaffTimeout ) { osrfLogWarning( OSRF_LOG_MARK, "Invalid default timeout for staff logins" ); _oilsAuthStaffTimeout = 0; } value_obj = osrf_settings_host_value_object( "/apps/open-ils.auth/app_settings/default_timeout/temp" ); _oilsAuthOverrideTimeout = oilsUtilsIntervalToSeconds( jsonObjectGetString( value_obj )); jsonObjectFree(value_obj); if( -1 == _oilsAuthOverrideTimeout ) { osrfLogWarning( OSRF_LOG_MARK, "Invalid default timeout for temp logins" ); _oilsAuthOverrideTimeout = 0; } value_obj = osrf_settings_host_value_object( "/apps/open-ils.auth/app_settings/default_timeout/persist" ); _oilsAuthPersistTimeout = oilsUtilsIntervalToSeconds( jsonObjectGetString( value_obj )); jsonObjectFree(value_obj); if( -1 == _oilsAuthPersistTimeout ) { osrfLogWarning( OSRF_LOG_MARK, "Invalid default timeout for persist logins" ); _oilsAuthPersistTimeout = 0; } osrfLogInfo(OSRF_LOG_MARK, "Set default auth timeouts: " "opac => %ld : staff => %ld : temp => %ld : persist => %ld", _oilsAuthOPACTimeout, _oilsAuthStaffTimeout, _oilsAuthOverrideTimeout, _oilsAuthPersistTimeout ); } int home_ou = (int) jsonObjectGetNumber( oilsFMGetObject( userObj, "home_ou" )); if(orgloc < 1) orgloc = home_ou; char* setting = NULL; long default_timeout = 0; if( !strcmp( type, OILS_AUTH_OPAC )) { setting = OILS_ORG_SETTING_OPAC_TIMEOUT; default_timeout = _oilsAuthOPACTimeout; } else if( !strcmp( type, OILS_AUTH_STAFF )) { setting = OILS_ORG_SETTING_STAFF_TIMEOUT; default_timeout = _oilsAuthStaffTimeout; } else if( !strcmp( type, OILS_AUTH_TEMP )) { setting = OILS_ORG_SETTING_TEMP_TIMEOUT; default_timeout = _oilsAuthOverrideTimeout; } else if( !strcmp( type, OILS_AUTH_PERSIST )) { setting = OILS_ORG_SETTING_PERSIST_TIMEOUT; default_timeout = _oilsAuthPersistTimeout; } // Get the org unit setting, if there is one. char* timeout = oilsUtilsFetchOrgSetting( orgloc, setting ); if(!timeout) { if( orgloc != home_ou ) { osrfLogDebug(OSRF_LOG_MARK, "Auth timeout not defined for org %d, " "trying home_ou %d", orgloc, home_ou ); timeout = oilsUtilsFetchOrgSetting( home_ou, setting ); } } if(!timeout) return default_timeout; // No override from org unit setting // Translate the org unit setting to a number long t; if( !*timeout ) { osrfLogWarning( OSRF_LOG_MARK, "Timeout org unit setting is an empty string for %s login; using default", timeout, type ); t = default_timeout; } else { // Treat timeout string as an interval, and convert it to seconds t = oilsUtilsIntervalToSeconds( timeout ); if( -1 == t ) { // Unable to convert; possibly an invalid interval string osrfLogError( OSRF_LOG_MARK, "Unable to convert timeout interval \"%s\" for %s login; using default", timeout, type ); t = default_timeout; } } free(timeout); return t; }