diff options
| author | ivan <ivan> | 2005-10-15 09:11:20 +0000 |
|---|---|---|
| committer | ivan <ivan> | 2005-10-15 09:11:20 +0000 |
| commit | d4d0590bef31071e8809ec046717444b95b3f30a (patch) | |
| tree | ee1236da50578390d2642114f28eaed99a5efb18 /rt/lib/RT/CurrentUser.pm | |
| parent | d39d52aac8f38ea9115628039f0df5aa3ac826de (diff) | |
import rt 3.4.4
Diffstat (limited to 'rt/lib/RT/CurrentUser.pm')
| -rwxr-xr-x | rt/lib/RT/CurrentUser.pm | 60 |
1 files changed, 52 insertions, 8 deletions
diff --git a/rt/lib/RT/CurrentUser.pm b/rt/lib/RT/CurrentUser.pm index d147fe62e..8e28801c1 100755 --- a/rt/lib/RT/CurrentUser.pm +++ b/rt/lib/RT/CurrentUser.pm @@ -1,8 +1,8 @@ -# {{{ BEGIN BPS TAGGED BLOCK +# BEGIN BPS TAGGED BLOCK {{{ # # COPYRIGHT: # -# This software is Copyright (c) 1996-2004 Best Practical Solutions, LLC +# This software is Copyright (c) 1996-2005 Best Practical Solutions, LLC # <jesse@bestpractical.com> # # (Except where explicitly superseded by other copyright notices) @@ -42,7 +42,8 @@ # works based on those contributions, and sublicense and distribute # those contributions and any derivatives thereof. # -# }}} END BPS TAGGED BLOCK +# END BPS TAGGED BLOCK }}} + =head1 NAME RT::CurrentUser - an RT object representing the current user @@ -244,6 +245,7 @@ sub LoadByGecos { Loads a User into this CurrentUser object. Takes a Name. + =cut sub LoadByName { @@ -350,12 +352,12 @@ specification. but currently doesn't =begin testing ok (my $cu = RT::CurrentUser->new('root')); -ok (my $lh = $cu->LanguageHandle); +ok (my $lh = $cu->LanguageHandle('en-us')); ok ($lh != undef); ok ($lh->isa('Locale::Maketext')); -ok ($cu->loc('TEST_STRING') eq "Concrete Mixer", "Localized TEST_STRING into English"); +is ($cu->loc('TEST_STRING'), "Concrete Mixer", "Localized TEST_STRING into English"); ok ($lh = $cu->LanguageHandle('fr')); -ok ($cu->loc('Before') eq "Avant", "Localized TEST_STRING into Frenc"); +is ($cu->loc('Before'), "Avant", "Localized TEST_STRING into Frenc"); =end testing @@ -366,7 +368,7 @@ sub LanguageHandle { if ( ( !defined $self->{'LangHandle'} ) || ( !UNIVERSAL::can( $self->{'LangHandle'}, 'maketext' ) ) || (@_) ) { - if ( (!$RT::SystemUser || $self->id == $RT::SystemUser->id() )) { + if ( !$RT::SystemUser or ($self->id || 0) == $RT::SystemUser->id() ) { @_ = qw(en-US); } @@ -400,7 +402,7 @@ sub loc { sub loc_fuzzy { my $self = shift; - return '' if $_[0] eq ''; + return '' if (!$_[0] || $_[0] eq ''); # XXX: work around perl's deficiency when matching utf8 data return $_[0] if Encode::is_utf8($_[0]); @@ -423,6 +425,48 @@ sub CurrentUser { } +=head2 Authenticate + +Takes $password, $created and $nonce, and returns a boolean value +representing whether the authentication succeeded. + +If both $nonce and $created are specified, validate $password against: + + encode_base64(sha1( + $nonce . + $created . + sha1_hex( "$username:$realm:$server_pass" ) + )) + +where $server_pass is the md5_hex(password) digest stored in the +database, $created is in ISO time format, and $nonce is a random +string no longer than 32 bytes. + +=cut + +sub Authenticate { + my ($self, $password, $created, $nonce, $realm) = @_; + + require Digest::MD5; + require Digest::SHA1; + require MIME::Base64; + + my $username = $self->UserObj->Name or return; + my $server_pass = $self->UserObj->__Value('Password') or return; + my $auth_digest = MIME::Base64::encode_base64(Digest::SHA1::sha1( + $nonce . + $created . + Digest::MD5::md5_hex("$username:$realm:$server_pass") + )); + + chomp($password); + chomp($auth_digest); + + return ($password eq $auth_digest); +} + +# }}} + eval "require RT::CurrentUser_Vendor"; die $@ if ($@ && $@ !~ qr{^Can't locate RT/CurrentUser_Vendor.pm}); |