void smartschoolTest::testSaveUser() {
y::ldap::server Server;
y::ldap::account & a = Server.getAccount(UID("unitTest"));
if(!a.isNew()) {
CPPUNIT_ASSERT(false);
}
a.role(ROLE(ROLE::NONE));
a.uid(UID("unitTest"));
a.gender(GENDER(GENDER::MALE));
a.street(STREET("my street"));
a.houseNumber(HOUSENUMBER(42));
a.houseNumberAdd(HOUSENUMBER_ADD("a"));
a.birthDay(DATE(DAY(9), MONTH(8), YEAR(1972)));
a.wisaID(WISA_ID(111111111));
a.password(PASSWORD("ABcd!eGf"));
a.ssPassword("ABcd!eGf");
a.cn(CN("unit"));
a.sn(SN("test"));
a.birthPlace(BIRTHPLACE("brussels"));
a.postalCode(POSTAL_CODE("1000"));
a.city(CITY("brussels"));
a.country(COUNTRY("belgie"));
a.mail(MAIL("*****@*****.**"));
// role is not set!
if(y::Smartschool().saveUser(a)) {
CPPUNIT_ASSERT(false);
}
a.role(ROLE(ROLE::STUDENT));
if(!y::Smartschool().saveUser(a)) {
CPPUNIT_ASSERT(false);
}
}
void main(void)
{
PASSWORD(); //Identication ROUTING
Dsta(); //Splesh Screen
SCAN(); //Animation ROUTING for LOADING
clrscr(); //Clear the screen
Window(1,1,80,25,LIGHTGRAY); //CREATE LIGHT GRAY screen
status_bar(); //CREAT Status Bar
Window(1,1,80,23,1); //CREAT Foure Ground Window
MAINMENU(1); //CALLING Mainmenu_ROUTING
}
void AddUser::okData()
{
RDSqlQuery *q;
RDSqlQuery *q1;
QString sql;
QString username=RDEscapeString(user_name_edit->text());
if(user_name_edit->text().isEmpty()) {
QMessageBox::warning(this,tr("Invalid Name"),tr("You must give the user a name!"));
return;
}
sql=QString().sprintf("insert into USERS set LOGIN_NAME=\"%s\",\
PASSWORD=PASSWORD(\"\")",
(const char *)username);
q=new RDSqlQuery(sql);
if(!q->isActive()) {
QMessageBox::warning(this,tr("User Exists"),tr("User Already Exists!"),
1,0,0);
delete q;
return;
}
delete q;
sql="select NAME from GROUPS";
q=new RDSqlQuery(sql);
while(q->next()) {
sql=QString().sprintf("insert into USER_PERMS set USER_NAME=\"%s\",\
GROUP_NAME=\"%s\"",
(const char *)username,
(const char *)q->value(0).toString());
q1=new RDSqlQuery(sql);
delete q1;
}
delete q;
EditUser *user=new EditUser(user_name_edit->text(),this,"user");
if(user->exec()<0) {
sql=QString().sprintf("delete from USER_PERMS where USER_NAME=\"%s\"",
(const char *)username);
q=new RDSqlQuery(sql);
delete q;
sql=QString().sprintf("delete from USERS where LOGIN_NAME=\"%s\"",
(const char *)username);
q=new RDSqlQuery(sql);
delete q;
delete user;
done(-1);
return;
}
delete user;
*user_name=user_name_edit->text();
done(0);
}
y::ldap::account::account(y::ldap::server * server) :
server(server),
// var name in ldap type and init is int?
_uidNumber (TYPE_UIDNUMBER , UID_NUMBER (0 )),
_uid (TYPE_UID , UID ("")),
_dn ("DN" , DN ("")),
_cn (TYPE_CN , CN ("")),
_sn ("sn" , SN ("")),
_fullName ("displayName" , FULL_NAME ("")),
_homeDir ("homeDirectory" , HOMEDIR ("")),
_wisaID ("wisaID" , WISA_ID (0 )),
_wisaName (TYPE_WISANAME , WISA_NAME ("")),
_mail ("mail" , MAIL ("")),
_mailAlias ("mailAlias" , MAIL_ALIAS ("")),
_birthDay ("birthday" , DATE(DAY(1), MONTH(1), YEAR(1))),
_password ("gMailPassword" , PASSWORD ("")),
_role ("schoolRole" , ROLE(ROLE::NONE)),
_groupID ("gidNumber" , GID_NUMBER (0 )),
_schoolClass ("class" , SCHOOLCLASS("")),
_classChange ("classChangeDate" , DATE(DAY(1), MONTH(1), YEAR(1))),
_birthPlace ("placeOfBirth" , BIRTHPLACE ("")),
_gender ("gender" , GENDER(GENDER::MALE) ),
_adminGroup ("adminGroupID" , ADMINGROUP (0 )),
_registerID ("nationalRegisterID", REGISTER_ID("")),
_nationality ("nationality" , NATION ("")),
_stemID ("stemID" , STEM_ID (0 )),
_schoolID ("schoolID" , SCHOOL_ID (0 )),
_houseNumber ("houseNumber" , HOUSENUMBER(0 )),
_houseNumberAdd("houseNumberAdd" , HOUSENUMBER_ADD("") ),
_city ("location" , CITY ("")),
_postalCode ("postalCode" , POSTAL_CODE("")),
_street ("street" , STREET ("")),
_country ("co" , COUNTRY ("")),
_new(true),
_hasKrbName(false),
_hasSchoolPersonClass(false),
_importStatus(WI_NOT_ACCOUNTED),
_flaggedForRemoval(false)
{}
bool authModel::validateField(Field field) {
if(field == RememberMeField) return true;
y::ldap::account & account = ldapServer.getAccount(UID(valueText(LoginNameField)));
if(field == LoginNameField) {
if(!account.isNew()) {
setValid(LoginNameField);
return true;
} else {
setValidation(LoginNameField,
Wt::WValidator::Result(Wt::WValidator::Invalid,
Wt::WString::tr("Wt.Auth.user-name-invalid")));
return false;
}
}
if(field == PasswordField) {
if(account.isNew()) return false;
if(ldapServer.auth(account.dn(), PASSWORD(valueText(PasswordField)))) {
setValid(PasswordField);
Wt::Auth::User user = users().findWithIdentity(Wt::Auth::Identity::LoginName, account.uid().get().db());
if(!user.isValid()) {
Wt::Auth::User user = users().registerNew();
user.addIdentity(Wt::Auth::Identity::LoginName, account.uid().get().db());
}
return true;
} else {
setValidation(PasswordField,
Wt::WValidator::Result(Wt::WValidator::Invalid,
Wt::WString::tr("Wt.Auth.password-invalid")));
return false;
}
}
return true;
}
void y::ldap::account::clear() {
_new = true;
_hasKrbName = false;
_hasSchoolPersonClass = false;
_uidNumber .reset(UID_NUMBER (0 ));
_uid .reset(UID (""));
_dn .reset(DN (""));
_cn .reset(CN (""));
_sn .reset(SN (""));
_fullName .reset(FULL_NAME (""));
_homeDir .reset(HOMEDIR (""));
_wisaID .reset(WISA_ID (0 ));
_wisaName .reset(WISA_NAME (""));
_mail .reset(MAIL (""));
_mailAlias .reset(MAIL_ALIAS (""));
_birthDay .reset(DATE(DAY(1), MONTH(1), YEAR(1)));
_password .reset(PASSWORD (""));
_role .reset(ROLE(ROLE::NONE));
_groupID .reset(GID_NUMBER (0 ));
_schoolClass .reset(SCHOOLCLASS(""));
_birthPlace .reset(BIRTHPLACE (""));
_gender .reset(GENDER(GENDER::MALE));
_adminGroup .reset(ADMINGROUP (0 ));
_registerID .reset(REGISTER_ID(""));
_nationality .reset(NATION (""));
_stemID .reset(STEM_ID (0 ));
_schoolID .reset(SCHOOL_ID (0 ));
_street .reset(STREET (""));
_houseNumber .reset(HOUSENUMBER(0 ));
_houseNumberAdd.reset(HOUSENUMBER_ADD(""));
_city .reset(CITY (""));
_postalCode .reset(POSTAL_CODE(""));
_country .reset(COUNTRY (""));
_ssPassword.clear();
_flaggedForRemoval = false;
}
void studentPasswords::changePasswords() {
buttons->hide();
table->hide();
pfile.clear(string("wachtwoorden ") + currentClass);
y::ldap::schoolClass & sc = server->getClass(CN(currentClass));
progress->setRange(0, sc.students().size());
progress->show();
bool csv = false;
if(((Wt::WCheckBox*)(table->elementAt(1,1)->widget(0)))->isChecked()) csv = true;
if(((Wt::WCheckBox*)(table->elementAt(1,2)->widget(0)))->isChecked()) csv = true;
if(((Wt::WCheckBox*)(table->elementAt(1,3)->widget(0)))->isChecked()) csv = true;
int row = 0;
for(auto it = sc.students().begin(); it != sc.students().end(); ++it) {
y::ldap::account & a = server->getAccount(DN(*it));
// check main account
if(((Wt::WCheckBox*)(table->elementAt(row+2, 1)->widget(0)))->isChecked()) {
pfile.addLine(a.fullName().get());
{
if(!csv) {
string s("Klas: ");
s += a.schoolClass().get();
pfile.addLine(s);
} else {
pfile.addCsv(a.schoolClass().get());
}
}
{
if(!csv) {
string s("Login: "******"Nieuw wachtwoord: ");
s += a.getPasswordText();
pfile.addLine(s);
string s2("Eenmalig Smartschool Wachtwoord: ");
s2 += sspassword;
pfile.addLine(s2);
} else {
pfile.addCsv(a.getPasswordText());
pfile.addCsv(sspassword);
}
}
if(!csv) {
pfile.addLine(" ");
pfile.addLine("Laat je wachtwoord niet rondslingeren! Je bent verantwoordelijk voor je account. Indien je dit wachtwoord niet kan onthouden, pas dan je wachtwoord zelf aan via http://apps.sanctamaria-aarschot.be");
pfile.addLine(" ");
}
}
// check co-account 1
if(((Wt::WCheckBox*)(table->elementAt(row+2, 2)->widget(0)))->isChecked()) {
{
if(!csv) {
string s("Wachtwoord voor ");
s += a.fullName().get();
pfile.addLine(s);
} else {
pfile.addLine(a.fullName().get());
pfile.addCsv("1ste co-account");
}
}
if (!csv) {
string s(a.street().get());
s += " ";
s += string(a.houseNumber().get());
s += " ";
s += a.houseNumberAdd().get();
pfile.addLine(s);
}
if (!csv) {
string s(a.postalCode().get());
s += " ";
s += string(a.city().get());
pfile.addLine(s);
}
{
if(!csv) {
string s("Klas: ");
s += a.schoolClass().get();
pfile.addLine(s);
} else {
pfile.addCsv(a.schoolClass().get());
}
}
{
if(!csv) {
string s("Login: "******"Wachtwoord 1ste Co-account: ");
s += password;
pfile.addLine(s);
} else {
pfile.addCsv(password);
}
}
if(!csv) {
pfile.addLine(" ");
pfile.addLine("Met dit wachtwoord kan je als ouder inloggen op http://sanctamaria-aarschot.smartschool.be");
pfile.addLine(" ");
}
}
// check co-account 2
if(((Wt::WCheckBox*)(table->elementAt(row+2, 3)->widget(0)))->isChecked()) {
{
if(!csv) {
string s("Wachtwoord voor ");
s += a.fullName().get();
pfile.addLine(s);
} else {
pfile.addLine(a.fullName().get());
pfile.addCsv("2de co-account");
}
}
if(!csv) {
string s(a.street().get());
s += " ";
s += string(a.houseNumber().get());
s += " ";
s += a.houseNumberAdd().get();
pfile.addLine(s);
}
if(!csv) {
string s(a.postalCode().get());
s += " ";
s += string(a.city().get());
pfile.addLine(s);
}
{
if(!csv) {
string s("Klas: ");
s += a.schoolClass().get();
pfile.addLine(s);
} else {
pfile.addCsv(a.schoolClass().get());
}
}
{
if(!csv) {
string s("Login: "******"Wachtwoord 2de Co-account: ");
s += password;
pfile.addLine(s);
} else {
pfile.addCsv(password);
}
}
if(!csv) {
pfile.addLine(" ");
pfile.addLine("Met dit wachtwoord kan je als ouder inloggen op http://sanctamaria-aarschot.smartschool.be");
pfile.addLine(" ");
}
}
progress->setValue(row);
row++;
}
server->commitChanges();
progress->hide();
anchor->show();
}
int32 login_parse(int32 fd)
{
login_session_data_t* sd = (login_session_data_t*)session[fd]->session_data;
//check if sd will not defined
if (sd == nullptr)
{
session[fd]->session_data = new login_session_data_t{};
sd = (login_session_data_t*)session[fd]->session_data;
sd->serviced = 0;
login_sd_list.push_back(sd);
sd->client_addr = session[fd]->client_addr;
sd->login_fd = fd;
}
if (session[fd]->flag.eof)
{
do_close_login(sd, fd);
return 0;
}
//all auth packets have one structure:
// [login][passwords][code] => summary assign 33 bytes
if (session[fd]->rdata.size() == 33)
{
char* buff = &session[fd]->rdata[0];
int8 code = ref<uint8>(buff, 32);
std::string name(buff, buff + 16);
std::string password(buff + 16, buff + 32);
std::fill_n(sd->login, sizeof sd->login, '\0');
std::copy(name.cbegin(), name.cend(), sd->login);
//data check
if (check_string(name, 16) && check_string(password, 16))
{
ShowWarning(CL_WHITE"login_parse" CL_RESET":" CL_WHITE"%s" CL_RESET" send unreadable data\n", ip2str(sd->client_addr, nullptr));
session[fd]->wdata.resize(1);
ref<uint8>(session[fd]->wdata.data(), 0) = LOGIN_ERROR;
do_close_login(sd, fd);
return -1;
}
switch (code)
{
case LOGIN_ATTEMPT:
{
const char* fmtQuery = "SELECT accounts.id,accounts.status \
FROM accounts \
WHERE accounts.login = '******' AND accounts.password = PASSWORD('%s')";
int32 ret = Sql_Query(SqlHandle, fmtQuery, name.c_str(), password.c_str());
if (ret != SQL_ERROR && Sql_NumRows(SqlHandle) != 0)
{
ret = Sql_NextRow(SqlHandle);
sd->accid = (uint32)Sql_GetUIntData(SqlHandle, 0);
uint8 status = (uint8)Sql_GetUIntData(SqlHandle, 1);
if (status & ACCST_NORMAL)
{
//fmtQuery = "SELECT * FROM accounts_sessions WHERE accid = %d AND client_port <> 0";
//int32 ret = Sql_Query(SqlHandle,fmtQuery,sd->accid);
//if( ret != SQL_ERROR && Sql_NumRows(SqlHandle) != 0 )
//{
// ref<uint8>(session[fd]->wdata,0) = 0x05; // SESSION has already activated
// WFIFOSET(fd,33);
// do_close_login(sd,fd);
// return 0;
//}
fmtQuery = "UPDATE accounts SET accounts.timelastmodify = NULL WHERE accounts.id = %d";
Sql_Query(SqlHandle, fmtQuery, sd->accid);
fmtQuery = "SELECT charid, server_addr, server_port \
FROM accounts_sessions JOIN accounts \
ON accounts_sessions.accid = accounts.id \
WHERE accounts.id = %d;";
ret = Sql_Query(SqlHandle, fmtQuery, sd->accid);
if (ret != SQL_ERROR && Sql_NumRows(SqlHandle) == 1)
{
while (Sql_NextRow(SqlHandle) == SQL_SUCCESS)
{
uint32 charid = Sql_GetUIntData(SqlHandle, 0);
uint64 ip = Sql_GetUIntData(SqlHandle, 1);
uint64 port = Sql_GetUIntData(SqlHandle, 2);
ip |= (port << 32);
zmq::message_t chardata(sizeof(charid));
ref<uint32>((uint8*)chardata.data(), 0) = charid;
zmq::message_t empty(0);
queue_message(ip, MSG_LOGIN, &chardata, &empty);
}
}
memset(&session[fd]->wdata[0], 0, 33);
session[fd]->wdata.resize(33);
ref<uint8>(session[fd]->wdata.data(), 0) = LOGIN_SUCCESS;
ref<uint32>(session[fd]->wdata.data(), 1) = sd->accid;
flush_fifo(fd);
do_close_tcp(fd);
}
else if (status & ACCST_BANNED)
{
memset(&session[fd]->wdata[0], 0, 33);
session[fd]->wdata.resize(33);
// ref<uint8>(session[fd]->wdata,0) = LOGIN_SUCCESS;
do_close_login(sd, fd);
}
//////22/03/2012 Fix for when a client crashes before fully logging in:
// Before: When retry to login, would freeze client since login data corrupt.
// After: Removes older login info if a client logs in twice (based on acc id!)
//check for multiple logins from this account id
int numCons = 0;
for (login_sd_list_t::iterator i = login_sd_list.begin(); i != login_sd_list.end(); ++i) {
if ((*i)->accid == sd->accid) {
numCons++;
}
}
if (numCons > 1) {
ShowInfo("login_parse:" CL_WHITE"<%s>" CL_RESET" has logged in %i times! Removing older logins.\n", name.c_str(), numCons);
for (int j = 0; j < (numCons - 1); j++) {
for (login_sd_list_t::iterator i = login_sd_list.begin(); i != login_sd_list.end(); ++i) {
if ((*i)->accid == sd->accid) {
//ShowInfo("Current login fd=%i Removing fd=%i \n",sd->login_fd,(*i)->login_fd);
login_sd_list.erase(i);
break;
}
}
}
}
//////
ShowInfo("login_parse:" CL_WHITE"<%s>" CL_RESET" was connected\n", name.c_str(), status);
return 0;
}
y::ldap::account & y::ldap::account::password(const PASSWORD& value) {
_passwordClearText = value.get();
_password(PASSWORD(string(y::utils::sha1(_passwordClearText.utf8()))));
return *this;
}
