function changeMyPassword()
{
global $remote_username, $user_auth_src;
if ($user_auth_src != 'database') {
showFuncMessage(__FUNCTION__, 'ERR1');
return;
}
assertStringArg('oldpassword');
assertStringArg('newpassword1');
assertStringArg('newpassword2');
$remote_userid = getUserIDByUsername($remote_username);
$userinfo = spotEntity('user', $remote_userid);
if ($userinfo['user_password_hash'] != sha1($_REQUEST['oldpassword'])) {
showFuncMessage(__FUNCTION__, 'ERR2');
return;
}
if ($_REQUEST['newpassword1'] != $_REQUEST['newpassword2']) {
showFuncMessage(__FUNCTION__, 'ERR3');
return;
}
commitUpdateUserAccount($remote_userid, $userinfo['user_name'], $userinfo['user_realname'], sha1($_REQUEST['newpassword1']));
showFuncMessage(__FUNCTION__, 'OK');
}
function constructUserCell($username)
{
if (NULL !== ($userid = getUserIDByUsername($username))) {
return spotEntity('user', $userid);
}
$ret = array('realm' => 'user', 'user_name' => $username, 'user_realname' => '', 'etags' => array(), 'itags' => array());
$ret['atags'] = generateEntityAutoTags($ret);
return $ret;
}
function checkAutotagName($atag_name)
{
global $user_defined_atags;
static $entityIDs = array('' => array('object', 'Object'), 'ipv4net' => array('ipv4net', 'IPv4 network'), 'ipv6net' => array('ipv6net', 'IPv6 network'), 'rack' => array('rack', 'Rack'), 'row' => array('row', 'Row'), 'location' => array('location', 'Location'), 'ipvs' => array('ipvs', 'Virtual service'), 'ipv4rsp' => array('ipv4rspool', 'RS pool'), 'file' => array('file', 'File'), 'vst' => array('vst', '802.1Q template'), 'user' => array('user', 'User'));
// autotags that don't require a regexp to match
$simple_autotags = array('$aggregate', '$any_file', '$any_ip4net', '$any_ip6net', '$any_ipv4rsp', '$any_ipv4vs', '$any_location', '$any_net', '$any_object', '$any_op', '$any_rack', '$any_row', '$any_rsp', '$any_vs', '$nameless', '$no_asset_tag', '$portless', '$runs_8021Q', '$type_mark', '$type_tcp', '$type_udp', '$unmounted', '$untagged', '$unused');
switch (1) {
case in_array($atag_name, $simple_autotags):
break;
case preg_match('/^\\$(.*)?id_(\\d+)$/', $atag_name, $m) && isset($entityIDs[$m[1]]):
list($realm, $description) = $entityIDs[$m[1]];
$recid = $m[2];
try {
spotEntity($realm, $m[2]);
} catch (EntityNotFoundException $e) {
return "{$description} with ID '{$recid}' does not exist.";
}
break;
case preg_match('/^\\$username_/', $atag_name):
$recid = preg_replace('/^\\$username_/', '', $atag_name);
global $require_local_account;
if ($require_local_account and NULL === getUserIDByUsername($recid)) {
return "Local user account '{$recid}' does not exist.";
}
break;
case preg_match('/^\\$page_([\\p{L}0-9]+)$/u', $atag_name, $m):
$recid = $m[1];
global $page;
if (!isset($page[$recid])) {
return "Page number '{$recid}' does not exist.";
}
break;
case preg_match('/^\\$(tab|op)_[\\p{L}0-9_]+$/u', $atag_name):
case preg_match('/^\\$typeid_\\d+$/', $atag_name):
// FIXME: check value validity
// FIXME: check value validity
case preg_match('/^\\$cn_.+$/', $atag_name):
// FIXME: check name validity and asset existence
// FIXME: check name validity and asset existence
case preg_match('/^\\$lgcn_.+$/', $atag_name):
// FIXME: check name validity
// FIXME: check name validity
case preg_match('/^\\$(vlan|fromvlan|tovlan)_\\d+$/', $atag_name):
case preg_match('/^\\$(masklen_eq|spare)_\\d{1,3}$/', $atag_name):
case preg_match('/^\\$attr_\\d+(_\\d+)?$/', $atag_name):
case preg_match('/^\\$ip4net(-\\d{1,3}){5}$/', $atag_name):
case preg_match('/^\\$(8021Q_domain|8021Q_tpl)_\\d+$/', $atag_name):
case preg_match('/^\\$client_([0-9a-fA-F.:]+)$/', $atag_name):
break;
default:
foreach ($user_defined_atags as $regexp) {
if (preg_match($regexp, $atag_name)) {
break 2;
}
}
return "Martian autotag {{$atag_name}}.";
}
}
function findAutoTagWarnings($expr)
{
global $user_defined_atags;
$self = __FUNCTION__;
static $entityIDs = array('' => array('object', 'Object'), 'ipv4net' => array('ipv4net', 'IPv4 network'), 'ipv6net' => array('ipv6net', 'IPv6 network'), 'rack' => array('rack', 'Rack'), 'row' => array('row', 'Row'), 'location' => array('location', 'Location'), 'ipvs' => array('ipv4vs', 'Virtual service'), 'ipv4rsp' => array('ipv4rspool', 'RS pool'), 'file' => array('file', 'File'), 'vst' => array('vst', '802.1Q template'), 'user' => array('user', 'User'));
switch ($expr['type']) {
case 'LEX_TRUE':
case 'LEX_FALSE':
case 'LEX_PREDICATE':
case 'LEX_TAG':
return array();
case 'LEX_AUTOTAG':
switch (1) {
case preg_match('/^\\$(.*)?id_(\\d+)$/', $expr['load'], $m) && isset($entityIDs[$m[1]]):
list($realm, $description) = $entityIDs[$m[1]];
try {
spotEntity($realm, $m[2]);
return array();
} catch (EntityNotFoundException $e) {
return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "{$description} with ID '{$recid}' does not exist."));
}
case preg_match('/^\\$username_/', $expr['load']):
$recid = preg_replace('/^\\$username_/', '', $expr['load']);
global $require_local_account;
if (!$require_local_account) {
return array();
}
if (NULL !== getUserIDByUsername($recid)) {
return array();
}
return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Local user account '{$recid}' does not exist."));
case preg_match('/^\\$page_([\\p{L}0-9]+)$/u', $expr['load'], $m):
$recid = $m[1];
global $page;
if (isset($page[$recid])) {
return array();
}
return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Page number '{$recid}' does not exist."));
case preg_match('/^\\$(tab|op)_[\\p{L}0-9_]+$/u', $expr['load']):
case preg_match('/^\\$any_(op|rack|object|ip4net|ip6net|net|ipv4vs|vs|ipv4rsp|rsp|file|location|row)$/', $expr['load']):
case preg_match('/^\\$typeid_\\d+$/', $expr['load']):
// FIXME: check value validity
// FIXME: check value validity
case preg_match('/^\\$cn_.+$/', $expr['load']):
// FIXME: check name validity and asset existence
// FIXME: check name validity and asset existence
case preg_match('/^\\$lgcn_.+$/', $expr['load']):
// FIXME: check name validity
// FIXME: check name validity
case preg_match('/^\\$(vlan|fromvlan|tovlan)_\\d+$/', $expr['load']):
case preg_match('/^\\$(aggregate|unused|nameless|portless|unmounted|untagged|no_asset_tag|runs_8021Q)$/', $expr['load']):
case preg_match('/^\\$(masklen_eq|spare)_\\d{1,3}$/', $expr['load']):
case preg_match('/^\\$attr_\\d+(_\\d+)?$/', $expr['load']):
case preg_match('/^\\$ip4net(-\\d{1,3}){5}$/', $expr['load']):
case preg_match('/^\\$(8021Q_domain|8021Q_tpl)_\\d+$/', $expr['load']):
case preg_match('/^\\$type_(tcp|udp|mark)$/', $expr['load']):
return array();
default:
foreach ($user_defined_atags as $regexp) {
if (preg_match($regexp, $expr['load'])) {
return array();
}
}
return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Martian autotag '{$expr['load']}'"));
}
case 'SYNT_NOT_EXPR':
return $self($expr['load']);
case 'SYNT_AND_EXPR':
case 'SYNT_EXPR':
return array_merge($self($expr['left']), $self($expr['right']));
default:
return array(array('header' => "internal error in {$self}", 'class' => 'error', 'text' => "Skipped expression of unknown type '{$expr['type']}'"));
}
}
function trigger_passwdchange()
{
global $user_auth_src, $remote_username;
return $user_auth_src == 'database' || 1 === getUserIDByUsername($remote_username) ? 'std' : '';
}