bool enableScopeScans(IUserDescriptor *udesc, bool enable, int * err) { bool superUser; StringBuffer username; StringBuffer password; udesc->getUserName(username); udesc->getPassword(password); Owned<ISecUser> user = ldapsecurity->createUser(username); user->credentials().setPassword(password); if (!ldapsecurity->authenticateUser(*user,superUser) || !superUser) { *err = -1; return false; } unsigned flags = getLDAPflags(); if (enable) { DBGLOG("Scope Scans Enabled by user %s",username.str()); flags |= (unsigned)DLF_SCOPESCANS; } else { DBGLOG("Scope Scans Disabled by user %s",username.str()); flags &= ~(unsigned)DLF_SCOPESCANS; } setLDAPflags(flags); *err = 0; return true; }
bool enableScopeScans(IUserDescriptor *udesc, bool enable, int * err) { bool superUser; StringBuffer username; StringBuffer password; udesc->getUserName(username); udesc->getPassword(password); Owned<ISecUser> user = ldapsecurity->createUser(username); //Check user's digital signature, if present bool authenticated = false; if (!isEmptyString(udesc->querySignature())) { if (nullptr == pDSM) pDSM = queryDigitalSignatureManagerInstanceFromEnv(); if (pDSM && pDSM->isDigiVerifierConfigured()) { StringBuffer b64Signature(udesc->querySignature()); if (!pDSM->digiVerify(username, b64Signature))//digital signature valid? { ERRLOG("LDAP: enableScopeScans(%s) : Invalid user digital signature", username.str()); *err = -1; return false; } else authenticated = true; } } if (!authenticated) { user->credentials().setPassword(password); if (!ldapsecurity->authenticateUser(*user, &superUser) || !superUser) { *err = -1; return false; } } unsigned flags = getLDAPflags(); if (enable) { DBGLOG("Scope Scans Enabled by user %s",username.str()); flags |= (unsigned)DLF_SCOPESCANS; } else { DBGLOG("Scope Scans Disabled by user %s",username.str()); flags &= ~(unsigned)DLF_SCOPESCANS; } setLDAPflags(flags); *err = 0; return true; }