From: terry%mozilla.org <> Date: Wed, 19 Jan 2000 06:41:24 +0000 (+0000) Subject: Added a way to disable a user. X-Git-Tag: bugzilla-2.12~453 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=17fc03c80dbd04261a1ba1c4cd343ae1997657ea;p=thirdparty%2Fbugzilla.git Added a way to disable a user. --- diff --git a/CGI.pl b/CGI.pl index f6ebcaaa6c..7a90130c68 100644 --- a/CGI.pl +++ b/CGI.pl @@ -487,6 +487,7 @@ sub PasswordForLogin { sub quietly_check_login() { $::usergroupset = '0'; my $loginok = 0; + $::disabledreason = ''; if (defined $::COOKIE{"Bugzilla_login"} && defined $::COOKIE{"Bugzilla_logincookie"}) { ConnectToDatabase(); @@ -499,16 +500,23 @@ sub quietly_check_login() { " and profiles.cryptpassword = logincookies.cryptpassword " . "and logincookies.hostname = " . SqlQuote($ENV{"REMOTE_HOST"}) . + ", profiles.disabledtext " . " from profiles,logincookies where logincookies.cookie = " . SqlQuote($::COOKIE{"Bugzilla_logincookie"}) . " and profiles.userid = logincookies.userid"); my @row; if (@row = FetchSQLData()) { - $loginok = $row[2]; - if ($loginok) { - $::usergroupset = $row[0]; - $::COOKIE{"Bugzilla_login"} = $row[1]; # Makes sure case is in - # canonical form. + my ($groupset, $loginname, $ok, $disabledtext) = (@row); + if ($ok) { + if ($disabledtext eq '') { + $loginok = 1; + $::usergroupset = $groupset; + $::COOKIE{"Bugzilla_login"} = $loginname; # Makes sure case + # is in + # canonical form. + } else { + $::disabledreason = $disabledtext; + } } } } @@ -639,6 +647,22 @@ sub confirm_login { my $loginok = quietly_check_login(); if ($loginok != 1) { + if ($::disabledreason) { + print "Set-Cookie: Bugzilla_login= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT +Set-Cookie: Bugzilla_logincookie= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT +Set-Cookie: Bugzilla_password= ; path=/; expires=Sun, 30-Jun-80 00:00:00 GMT +Content-type: text/html + +"; + PutHeader("Your account has been disabled"); + print $::disabledreason; + print "
\n"; + print "If you believe your account should be restored, please\n"; + print "send email to " . Param("maintainer") . " explaining\n"; + print "why.\n"; + PutFooter(); + exit(); + } print "Content-type: text/html\n\n"; PutHeader("Login", undef, undef, undef, 1); print "I need a legitimate e-mail address and password to continue.\n"; diff --git a/checksetup.pl b/checksetup.pl index 0028d7cced..69e31919af 100755 --- a/checksetup.pl +++ b/checksetup.pl @@ -625,6 +625,7 @@ $table{profiles} = realname varchar(255), groupset bigint not null, emailnotification enum("ExcludeSelfChanges", "CConly", "All") not null default "ExcludeSelfChanges", + disabledtext mediumtext not null, index(login_name)'; @@ -1024,7 +1025,13 @@ if (!GetFieldDef('bugs', 'keywords')) { push(@list, $k); } } - + + +# 2000-01-18 Added a "disabledtext" field to the profiles table. If not +# empty, then this account has been disabled, and this field is to contain +# text describing why. + +AddField('profiles', 'disabledtext', 'mediumtext not null'); diff --git a/editusers.cgi b/editusers.cgi index d4c3cfd166..f4a6c4dfbc 100755 --- a/editusers.cgi +++ b/editusers.cgi @@ -73,9 +73,10 @@ sub CheckUser ($) # Displays the form to edit a user parameters # -sub EmitFormElements ($$$$$) +sub EmitFormElements ($$$$$$) { - my ($user, $password, $realname, $groupset, $emailnotification) = @_; + my ($user, $password, $realname, $groupset, $emailnotification, + $disabledtext) = @_; print " Login name:\n"; print " \n"; @@ -102,6 +103,15 @@ sub EmitFormElements ($$$$$) print qq{$desc\n}; } print "\n"; + print "\n"; + print " Disable text:\n"; + print " \n"; + print " \n"; + print "\n"; + print " If non-empty, then the account will\n"; + print "be disabled, and this text should explain why.\n"; + SendSQL("SELECT bit,name,description,bit & $groupset != 0 FROM groups @@ -182,7 +192,7 @@ my $candelete = Param('allowuserdeletion'); unless ($action) { PutHeader("Select match string"); print qq{ -
+ List users with login name matching: @@ -205,7 +215,8 @@ List users with login name matching: if ($action eq 'list') { PutHeader("Select user"); - my $query = "SELECT login_name,realname FROM profiles WHERE login_name "; + my $query = "SELECT login_name,realname,disabledtext " . + "FROM profiles WHERE login_name "; if ($::FORM{'matchtype'} eq 'substr') { $query .= "like"; $::FORM{'matchstr'} = '%' . $::FORM{'matchstr'} . '%'; @@ -234,11 +245,17 @@ if ($action eq 'list') { if ($count % 100 == 0) { print "$header"; } - my ($user, $realname) = FetchSQLData(); + my ($user, $realname, $disabledtext) = FetchSQLData(); + my $s = ""; + my $e = ""; + if ($disabledtext) { + $s = ""; + $e = ""; + } $realname ||= "missing"; print "\n"; - print " $user\n"; - print " $realname\n"; + print " $s$user$e\n"; + print " $s$realname$e\n"; if ($candelete) { print " Delete\n"; } @@ -273,7 +290,7 @@ if ($action eq 'add') { print "\n"; print "\n"; - EmitFormElements('', '', '', 0, 'ExcludeSelfChanges'); + EmitFormElements('', '', '', 0, 'ExcludeSelfChanges', ''); print "
\n
\n"; print "\n"; @@ -298,6 +315,7 @@ if ($action eq 'new') { # Cleanups and valididy checks my $realname = trim($::FORM{realname} || ''); my $password = trim($::FORM{password} || ''); + my $disabledtext = trim($::FORM{disabledtext} || ''); unless ($user) { print "You must enter a name for the new user. Please press\n"; @@ -335,13 +353,15 @@ if ($action eq 'new') { # Add the new user SendSQL("INSERT INTO profiles ( " . - "login_name, password, cryptpassword, realname, groupset" . - " ) VALUES ( " . - SqlQuote($user) . "," . - SqlQuote($password) . "," . - "encrypt(" . SqlQuote($password) . ")," . - SqlQuote($realname) . "," . - $bits . ")" ); + "login_name, password, cryptpassword, realname, groupset, " . + "disabledtext" . + " ) VALUES ( " . + SqlQuote($user) . "," . + SqlQuote($password) . "," . + "encrypt(" . SqlQuote($password) . ")," . + SqlQuote($realname) . "," . + $bits . "," . + SqlQuote($disabledtext) . ")" ); #+++ send e-mail away @@ -525,16 +545,18 @@ if ($action eq 'edit') { CheckUser($user); # get data of user - SendSQL("SELECT password, realname, groupset, emailnotification + SendSQL("SELECT password, realname, groupset, emailnotification, + disabledtext FROM profiles WHERE login_name=" . SqlQuote($user)); - my ($password, $realname, $groupset, $emailnotification) = FetchSQLData(); + my ($password, $realname, $groupset, $emailnotification, + $disabledtext) = FetchSQLData(); print "\n"; print "\n"; EmitFormElements($user, $password, $realname, $groupset, - $emailnotification); + $emailnotification, $disabledtext); print "
\n"; @@ -543,6 +565,8 @@ if ($action eq 'edit') { print "\n"; print "\n"; print "\n"; + print "\n"; print "\n"; print "\n"; @@ -568,6 +592,8 @@ if ($action eq 'update') { my $passwordold = trim($::FORM{passwordold} || ''); my $emailnotification = trim($::FORM{emailnotification} || ''); my $emailnotificationold = trim($::FORM{emailnotificationold} || ''); + my $disabledtext = trim($::FORM{disabledtext} || ''); + my $disabledtextold = trim($::FORM{disabledtextold} || ''); my $groupsetold = trim($::FORM{groupsetold} || ''); my $groupset = "0"; @@ -609,6 +635,18 @@ if ($action eq 'update') { WHERE login_name=" . SqlQuote($userold)); print "Updated real name.
\n"; } + if ($disabledtext ne $disabledtextold) { + SendSQL("UPDATE profiles + SET disabledtext=" . SqlQuote($disabledtext) . " + WHERE login_name=" . SqlQuote($userold)); + SendSQL("SELECT userid + FROM profiles + WHERE login_name=" . SqlQuote($user)); + my $userid = FetchOneColumn(); + SendSQL("DELETE FROM logincookies + WHERE userid=" . $userid); + print "Updated disabled text.
\n"; + } if ($user ne $userold) { unless ($user) { print "Sorry, I can't delete the user's name.";