[interchange] Enable case-insensitivity in UserDB for indirect_login.
Dan Browning
interchange-cvs at icdevgroup.org
Sat Apr 2 06:39:30 UTC 2011
commit 393f8c7a580b092b9ba380223954b96d5080a061
Author: Daniel Browning <db at kavod.com>
Date: Fri Apr 1 22:17:53 2011 -0700
Enable case-insensitivity in UserDB for indirect_login.
This patch allows catalogs that are using the indirect_login feature to
combine that with ignore_case to enable case-insensitive logins.
A common use-case is to have email address be the indirect login field, so
one thing to be aware of is that it's legal for two separate e-mail
addresses to differ in capitalization only (e.g. user at domain is distinct
from User at domain).
lib/Vend/UserDB.pm | 26 ++++++++++++++++++--------
1 files changed, 18 insertions(+), 8 deletions(-)
---
diff --git a/lib/Vend/UserDB.pm b/lib/Vend/UserDB.pm
index cb149e0..37c895b 100644
--- a/lib/Vend/UserDB.pm
+++ b/lib/Vend/UserDB.pm
@@ -1704,26 +1704,36 @@ sub change_pass {
}
eval {
+ # Create copies so that ignore_case doesn't lc the originals.
+ my $vend_username = $Vend::username;
+ my $cgi_mv_username = $CGI::values{mv_username};
+ if ($self->{OPTIONS}{ignore_case}) {
+ $vend_username = lc $vend_username;
+ $cgi_mv_username = lc $cgi_mv_username
+ if defined $cgi_mv_username;
+ }
+
+ # Database operations still use the mixed-case original.
my $super = $Vend::superuser || (
$Vend::admin and
$self->{DB}->field($Vend::username, $self->{LOCATION}{SUPER})
);
- if ($self->{USERNAME} ne $Vend::username or
- defined $CGI::values{mv_username} and
- $self->{USERNAME} ne $CGI::values{mv_username}
+ if ($self->{USERNAME} ne $vend_username or
+ defined $cgi_mv_username and
+ $self->{USERNAME} ne $cgi_mv_username
) {
if ($super) {
- if ($CGI::values{mv_username} and
- $CGI::values{mv_username} ne $self->{USERNAME}) {
+ if ($cgi_mv_username and
+ $cgi_mv_username ne $self->{USERNAME}) {
$original_self = $self;
- $options{username} = $CGI::values{mv_username};
+ $options{username} = $cgi_mv_username;
undef $self;
}
} else {
errmsg("Unprivileged user '%s' attempted to change password of user '%s'",
- $Vend::username, $self->{USERNAME}) if $options{log};
- die errmsg("You are not allowed to change another user's password.") . "\n";
+ $vend_username, $self->{USERNAME}) if $options{log};
+ die errmsg("You are not allowed to change another user's password.");
}
}
More information about the interchange-cvs
mailing list