fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix code review

Browse Source 
o
This commit is contained in:
Marco A. Nina Mena
2017-08-10 16:30:32 -04:00
parent f41ae291d9
commit 2820ba7de3
3 changed files with 18 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
gulliver/system/class.bootstrap.php
View File

@@ -2584,7 +2584,7 @@ class Bootstrap
* @param string $userPass hash of password * @param string $userPass hash of password
* @return bool true or false * @return bool true or false
*/ */
public function verifyHashPassword ($pass, $userPass) public function verifyHashPassword($pass, $userPass)
{ {
global $RBAC; global $RBAC;
$passwordHashConfig = Bootstrap::getPasswordHashConfig(); $passwordHashConfig = Bootstrap::getPasswordHashConfig();
@@ -2592,11 +2592,11 @@ class Bootstrap
$hashTypePrevious = $passwordHashConfig['previous']; $hashTypePrevious = $passwordHashConfig['previous'];
$acceptance = false; $acceptance = false;
if ($RBAC->getStatusLoginHash()) { if ($RBAC->loginWithHash()) {
//To enable compatibility with soap login //To enable compatibility with soap login
if ($pass === $hashTypeCurrent . ':' . $userPass) { if ((Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) || ($pass === $hashTypeCurrent . ':' . $userPass)) {
$acceptance = true; $acceptance = true;
} else if ($pass === $hashTypePrevious . ':' . $userPass) { } else if ((Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) || ($pass === $hashTypePrevious . ':' . $userPass)) {
$acceptance = true; $acceptance = true;
} }
} else { } else {

12
gulliver/system/class.rbac.php
View File

@@ -1580,27 +1580,27 @@ class RBAC
} }
/** /**
* Enable compatibility with soap login * Enable compatibility with hash login
*/ */
public function enableLoginSoapWithHash() public function enableLoginWithHash()
{ {
$this->enableLoginHash = true; $this->enableLoginHash = true;
} }
/** /**
* Disable compatibility with soap login * Disable compatibility with hash login
*/ */
public function disableLoginSoapWithHash () public function disableLoginWithHash()
{ {
$this->enableLoginHash = false; $this->enableLoginHash = false;
} }
/** /**
* Return status login with soap * Return status login with hash
* *
* @return bool * @return bool
*/ */
public function getStatusLoginHash () public function loginWithHash()
{ {
return $this->enableLoginHash; return $this->enableLoginHash;
} }

12
workflow/engine/classes/class.wsBase.php
View File

@@ -65,8 +65,12 @@ class wsBase
global $RBAC; global $RBAC;
try { try {
//To enable compatibility with soap login, method Enable. //To enable compatibility with hash login, method Enable.
$RBAC->enableLoginSoapWithHash(); //It's necessary to enable the hash start session because there are use cases in both,
//the web entry and in the case planner, where the password is still used in the hash
//format so that is possible to start a session. Thiw way we will mantain the
//compatibility with this type of loggin.
$RBAC->enableLoginWithHash();
$uid = $RBAC->VerifyLogin( $userid, $password ); $uid = $RBAC->VerifyLogin( $userid, $password );
switch ($uid) { switch ($uid) {
@@ -119,8 +123,8 @@ class wsBase
$wsResponse = unserialize( $e->getMessage() ); $wsResponse = unserialize( $e->getMessage() );
} }
//To enable compatibility with soap login, method disable. //To enable compatibility with hash login, method disable.
$RBAC->disableLoginSoapWithHash(); $RBAC->disableLoginWithHash();
return $wsResponse; return $wsResponse;
} }