summaryrefslogtreecommitdiffstats
path: root/lib/authenticator-plaintext.lua
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2008-05-01 20:49:59 +0000
committerTed Trask <ttrask01@yahoo.com>2008-05-01 20:49:59 +0000
commitfbda79f377ffbad71b38d2ddf273913dc95ab177 (patch)
treecac8faf1dc9d33aa5044140b32f0eba8d2cea3b2 /lib/authenticator-plaintext.lua
parent21b0abee37316cd578a984c3de0ec878a8b41f72 (diff)
downloadacf-core-fbda79f377ffbad71b38d2ddf273913dc95ab177.tar.bz2
acf-core-fbda79f377ffbad71b38d2ddf273913dc95ab177.tar.xz
Modified roles, logon, and authenticator
git-svn-id: svn://svn.alpinelinux.org/acf/core/trunk@1095 ab2d0c66-481e-0410-8bed-d214d4d58bed
Diffstat (limited to 'lib/authenticator-plaintext.lua')
-rw-r--r--lib/authenticator-plaintext.lua137
1 files changed, 62 insertions, 75 deletions
diff --git a/lib/authenticator-plaintext.lua b/lib/authenticator-plaintext.lua
index b8cf598..c68ec2b 100644
--- a/lib/authenticator-plaintext.lua
+++ b/lib/authenticator-plaintext.lua
@@ -57,39 +57,6 @@ pvt.get_id = function(userid, authstruct)
return nil
end
---- public methods
-
--- This function returns true or false, and
--- if false: the reason for failure
-authenticate = function ( self, userid, password )
- password = password or ""
- userid = userid or ""
-
- local t = pvt.parse_authfile(self.conf.confdir .. "/passwd")
-
- if t == false then
- return false, "password file is missing"
- else
- if userid ~= nil then
- local id = pvt.get_id (userid, t)
- if id == false or id == nil then
- return false, "Userid not found"
- end
- if id.password ~= password then
- return false, "Invalid password"
- end
- else
- return false
- end
- return true
- end
-end
-
-pvt.permission_to_change = function()
- --FIXME: Check if user is allowed to change things
- return true
-end
-
pvt.weak_password = function(password)
-- If password is too short, return false
if (#password < 4) then
@@ -149,6 +116,35 @@ local validate_settings = function (self, userid, username, password, password_c
return true, errormessage
end
+--- public methods
+
+-- This function returns true or false, and
+-- if false: the reason for failure
+authenticate = function ( self, userid, password )
+ password = password or ""
+ userid = userid or ""
+
+ local t = pvt.parse_authfile(self.conf.confdir .. "/passwd")
+
+ if t == false then
+ return false, "password file is missing"
+ end
+
+ if userid ~= nil then
+ local id = pvt.get_id (userid, t)
+ if id == false or id == nil then
+ return false, "Userid not found"
+ end
+ if id.password ~= fs.md5sum_string(password) then
+ return false, "Invalid password"
+ end
+ else
+ return false
+ end
+
+ return true
+end
+
-- This function returns the username and roles
-- or false on an error
get_userinfo = function ( self, userid )
@@ -183,18 +179,27 @@ list_users = function (self)
end
end
+
list_roles = function (self)
local output = {"CREATE","UPDATE","DELETE","READ"}
return output
end
-change_settings = function (self, userid, parameter, value)
+change_setting = function (self, userid, parameter, value)
+ local result = true
local errormessage = {}
- local passwd_path = self.conf.confdir .. "/passwd"
- -- We start by checking if user is allowed to do changes
- if not (pvt.permission_to_change) then
- errormessage.permissions = "No permission to change!"
+ -- Get the current user info
+ local userinfo = get_userinfo(self, userid)
+ if userinfo == nil then
+ errormessage.userid = "This userid does not exist!"
+ result = false
+ end
+
+ -- Check if user entered available commands
+ if not (userid) or not (parameter) or not (pvt.availablefields(parameter)) or not (value) then
+ errormessage.userid = "You need to enter valid userid, parameter and value!"
+ result = false
end
-- Check if userid already used
@@ -202,52 +207,34 @@ change_settings = function (self, userid, parameter, value)
for k,v in pairs(list_users(self)) do
if (v == value) then
errormessage.userid = "This userid already exists!"
+ result = false
end
end
end
- -- Check if user entered available commands
- if not (userid) or not (parameter) or not (pvt.availablefields(parameter)) then
- errormessage.userid = "You need to enter valid userid, parameter and value!"
- end
-
- -- Check if password is weak
- if (parameter == "password") then
- local weak_password_result, weak_password_errormessage = pvt.weak_password(value)
- if (weak_password_result) then
- errormessage.password = weak_password_errormessage
+ if result == true then
+ -- Validate parameter
+ userinfo[parameter] = value
+ local password, password_confirm
+ if (parameter == "password") then
+ userinfo.password = fs.md5sum_string(value)
+ password = value
+ password_confirm = value
end
+ result, errormessage = validate_settings(self, username.userid, userinfo.username, password, password_confirm, userinfo.roles)
end
- -- Return false if some errormessages is set
- for k,v in pairs(errormessage) do
- return false, errormessage
- end
-
- -- If the parameter is password, then scramble the password
- if (parameter == "password") then
- value = fs.md5sum_string(value)
- end
+ -- Write the updated user
+ if (result == true) then
+ delete_user(self, userid)
- local passwdfilecontent = fs.read_file_as_array(passwd_path)
- local changes
- for k,v in pairs(passwdfilecontent) do
- if ( string.match(v, "^".. userid .. ":") ) then
- changes = {}
- -- Get current values
- changes.userid, changes.password, changes.username, changes.roles =
- string.match(v, "([^:]*):([^:]*):([^:]*):(.*)")
- -- Actually change the value (remove all ':')
- changes[parameter] = string.gsub(value, ":", "")
- -- Update the table with the new values
- passwdfilecontent[k] = changes.userid .. ":" .. changes.password .. ":".. changes.username .. ":" .. changes.roles
- end
+ -- Set path to passwordfile
+ local passwd_path = self.conf.confdir .. "/passwd"
+ -- Write the newline into the file
+ fs.write_line_file(passwd_path, userinfo.userid .. ":" .. userinfo.password .. ":" .. userinfo.username .. ":" .. table.concat(userinfo.roles,",") )
end
-
- --Write changes to file
- fs.write_file(passwd_path, table.concat(passwdfilecontent,"\n"))
- return true
+ return result, errormessage
end
-- For an existing user, change the settings that are non-nil
@@ -278,7 +265,7 @@ change_settings = function (self, userid, username, password, password_confirm,
end
userinfo.roles = roles or userinfo.roles
- -- write the updated user
+ -- Write the updated user
delete_user(self, userid)
-- Set path to passwordfile