Add functionality in rbac for enable or disable compatibility with soap login

2017-08-10 14:30:37 -04:00
parent 2cce81048b
commit 4683f5b59d
6 changed files with 66 additions and 11 deletions
--- a/gulliver/system/class.bootstrap.php
+++ b/gulliver/system/class.bootstrap.php
@@ -2577,18 +2577,37 @@ class Bootstrap
        return $var;
    }

+    /**
+     * Verify Hash password with password entered
+     *
+     * @param string $pass password
+     * @param string $userPass hash of password
+     * @return bool true or false
+     */
    public function verifyHashPassword ($pass, $userPass)
    {
+        global $RBAC;
        $passwordHashConfig = Bootstrap::getPasswordHashConfig();
        $hashTypeCurrent = $passwordHashConfig['current'];
        $hashTypePrevious = $passwordHashConfig['previous'];
-        if (Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) {
-            return true;
+        $acceptance = false;
+
+        if ($RBAC->getStatusLoginHash()) {
+            //To enable compatibility with soap login
+            if ($pass === $hashTypeCurrent . ':' . $userPass) {
+                $acceptance = true;
+            } else if ($pass === $hashTypePrevious . ':' . $userPass) {
+                $acceptance = true;
+            }
+        } else {
+            if (Bootstrap::hashPassword($pass, $hashTypeCurrent) == $userPass) {
+                $acceptance = true;
+            } else if (Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) {
+                $acceptance = true;
+            }
        }
-        if (Bootstrap::hashPassword($pass, $hashTypePrevious) == $userPass) {
-            return true;
-        }
-        return false;
+
+        return $acceptance;
    }

    /**