Changeset 933 for LATMOS-Accounts


Ignore:
Timestamp:
04/19/12 02:03:05 (12 years ago)
Author:
nanardon
Message:
  • denied userPassword attribute to be read, the only way to setup password is to use set_password functions.
Location:
LATMOS-Accounts/lib/LATMOS/Accounts
Files:
8 edited

Legend:

Unmodified
Added
Removed

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases.pm

    r892 r933  
    654654        # check attribute exists in source: 
    655655        my $attr = $srcobj->attribute($_) or next; 
     656        $attr->readable or next; 
    656657        if (! $options{onepass}) { 
    657658            if ($options{firstpass}) { 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ad/User.pm

    r861 r933  
    115115        labeledURI => {}, 
    116116        wWWHomePage => {}, 
     117        userPassword => { readable => 0 }, 
    117118    } 
    118119} 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Attributes.pm

    r861 r933  
    126126} 
    127127 
     128sub readable { 
     129    my ($self) = @_; 
     130    if (ref $self->{readable} eq 'CODE') { 
     131        return $self->{readable}->($self->object) || 0; 
     132    } else { 
     133        return defined($_[0]->{readable}) ? $_[0]->{readable} : 1; 
     134    } 
     135} 
     136 
    128137sub readonly {  
    129138    my ($self) = @_; 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Heimdal/User.pm

    r917 r933  
    3838        uid 
    3939        modName 
    40         userPassword 
    4140            )) { 
    4241        $info->{$_} = { ro => 1 }; 
    4342    } 
     43    $info->{userPassword} = { ro => 1, readable => 0 }; 
    4444    foreach (qw( 
    4545        krb5ValidEnd 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Ldap/User.pm

    r861 r933  
    116116        pwdChangedTime => { ro => 1 }, 
    117117        labeledURI => {}, 
     118        userPassword => { readable => 0, }, 
    118119    } 
    119120    ); 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Objects.pm

    r861 r933  
    144144    my @attrs = map { $base->attribute($class->type, $_) } keys %{$info || {}}; 
    145145    @attrs = grep { ! $_->ro } @attrs if($for =~ /w/); 
     146    @attrs = grep { $_->readable } @attrs if($for =~ /r/); 
    146147    map { $_->name } grep { !$_->hidden }  @attrs; 
    147148} 
     
    216217    my $attribute = $self->attribute($cfield) or do { 
    217218        $self->base->log(LA_WARN, "Unknow attribute $cfield"); 
     219        return; 
     220    }; 
     221    $attribute->readable or do { 
     222        $self->base->log(LA_WARN, "Attribute $cfield is not readable"); 
    218223        return; 
    219224    }; 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Sql/User.pm

    r916 r933  
    185185            expired => { ro => 1 }, 
    186186            active => { ro => 1 }, 
    187                 pwdAccountLockedTime => { managed => 1, ro => 1 } 
     187                pwdAccountLockedTime => { managed => 1, ro => 1 }, 
     188            userPassword => { readable => 0, }, 
    188189        } 
    189190    ) 

  • LATMOS-Accounts/lib/LATMOS/Accounts/Bases/Unix/User.pm

    r861 r933  
    4545        loginShell      => { iname => 'shell' }, 
    4646        userPassword    => { 
    47             iname => ($base->{use_shadow} ? 'spassword' : 'password') 
     47            iname => ($base->{use_shadow} ? 'spassword' : 'password'), 
     48            readable => 0, 
    4849        }, 
    4950        memberOf        => { delayed => 1, }, 
Note: See TracChangeset for help on using the changeset viewer.