function changeMyPassword() { global $remote_username, $user_auth_src; if ($user_auth_src != 'database') { showFuncMessage(__FUNCTION__, 'ERR1'); return; } assertStringArg('oldpassword'); assertStringArg('newpassword1'); assertStringArg('newpassword2'); $remote_userid = getUserIDByUsername($remote_username); $userinfo = spotEntity('user', $remote_userid); if ($userinfo['user_password_hash'] != sha1($_REQUEST['oldpassword'])) { showFuncMessage(__FUNCTION__, 'ERR2'); return; } if ($_REQUEST['newpassword1'] != $_REQUEST['newpassword2']) { showFuncMessage(__FUNCTION__, 'ERR3'); return; } commitUpdateUserAccount($remote_userid, $userinfo['user_name'], $userinfo['user_realname'], sha1($_REQUEST['newpassword1'])); showFuncMessage(__FUNCTION__, 'OK'); }
function constructUserCell($username) { if (NULL !== ($userid = getUserIDByUsername($username))) { return spotEntity('user', $userid); } $ret = array('realm' => 'user', 'user_name' => $username, 'user_realname' => '', 'etags' => array(), 'itags' => array()); $ret['atags'] = generateEntityAutoTags($ret); return $ret; }
function checkAutotagName($atag_name) { global $user_defined_atags; static $entityIDs = array('' => array('object', 'Object'), 'ipv4net' => array('ipv4net', 'IPv4 network'), 'ipv6net' => array('ipv6net', 'IPv6 network'), 'rack' => array('rack', 'Rack'), 'row' => array('row', 'Row'), 'location' => array('location', 'Location'), 'ipvs' => array('ipvs', 'Virtual service'), 'ipv4rsp' => array('ipv4rspool', 'RS pool'), 'file' => array('file', 'File'), 'vst' => array('vst', '802.1Q template'), 'user' => array('user', 'User')); // autotags that don't require a regexp to match $simple_autotags = array('$aggregate', '$any_file', '$any_ip4net', '$any_ip6net', '$any_ipv4rsp', '$any_ipv4vs', '$any_location', '$any_net', '$any_object', '$any_op', '$any_rack', '$any_row', '$any_rsp', '$any_vs', '$nameless', '$no_asset_tag', '$portless', '$runs_8021Q', '$type_mark', '$type_tcp', '$type_udp', '$unmounted', '$untagged', '$unused'); switch (1) { case in_array($atag_name, $simple_autotags): break; case preg_match('/^\\$(.*)?id_(\\d+)$/', $atag_name, $m) && isset($entityIDs[$m[1]]): list($realm, $description) = $entityIDs[$m[1]]; $recid = $m[2]; try { spotEntity($realm, $m[2]); } catch (EntityNotFoundException $e) { return "{$description} with ID '{$recid}' does not exist."; } break; case preg_match('/^\\$username_/', $atag_name): $recid = preg_replace('/^\\$username_/', '', $atag_name); global $require_local_account; if ($require_local_account and NULL === getUserIDByUsername($recid)) { return "Local user account '{$recid}' does not exist."; } break; case preg_match('/^\\$page_([\\p{L}0-9]+)$/u', $atag_name, $m): $recid = $m[1]; global $page; if (!isset($page[$recid])) { return "Page number '{$recid}' does not exist."; } break; case preg_match('/^\\$(tab|op)_[\\p{L}0-9_]+$/u', $atag_name): case preg_match('/^\\$typeid_\\d+$/', $atag_name): // FIXME: check value validity // FIXME: check value validity case preg_match('/^\\$cn_.+$/', $atag_name): // FIXME: check name validity and asset existence // FIXME: check name validity and asset existence case preg_match('/^\\$lgcn_.+$/', $atag_name): // FIXME: check name validity // FIXME: check name validity case preg_match('/^\\$(vlan|fromvlan|tovlan)_\\d+$/', $atag_name): case preg_match('/^\\$(masklen_eq|spare)_\\d{1,3}$/', $atag_name): case preg_match('/^\\$attr_\\d+(_\\d+)?$/', $atag_name): case preg_match('/^\\$ip4net(-\\d{1,3}){5}$/', $atag_name): case preg_match('/^\\$(8021Q_domain|8021Q_tpl)_\\d+$/', $atag_name): case preg_match('/^\\$client_([0-9a-fA-F.:]+)$/', $atag_name): break; default: foreach ($user_defined_atags as $regexp) { if (preg_match($regexp, $atag_name)) { break 2; } } return "Martian autotag {{$atag_name}}."; } }
function findAutoTagWarnings($expr) { global $user_defined_atags; $self = __FUNCTION__; static $entityIDs = array('' => array('object', 'Object'), 'ipv4net' => array('ipv4net', 'IPv4 network'), 'ipv6net' => array('ipv6net', 'IPv6 network'), 'rack' => array('rack', 'Rack'), 'row' => array('row', 'Row'), 'location' => array('location', 'Location'), 'ipvs' => array('ipv4vs', 'Virtual service'), 'ipv4rsp' => array('ipv4rspool', 'RS pool'), 'file' => array('file', 'File'), 'vst' => array('vst', '802.1Q template'), 'user' => array('user', 'User')); switch ($expr['type']) { case 'LEX_TRUE': case 'LEX_FALSE': case 'LEX_PREDICATE': case 'LEX_TAG': return array(); case 'LEX_AUTOTAG': switch (1) { case preg_match('/^\\$(.*)?id_(\\d+)$/', $expr['load'], $m) && isset($entityIDs[$m[1]]): list($realm, $description) = $entityIDs[$m[1]]; try { spotEntity($realm, $m[2]); return array(); } catch (EntityNotFoundException $e) { return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "{$description} with ID '{$recid}' does not exist.")); } case preg_match('/^\\$username_/', $expr['load']): $recid = preg_replace('/^\\$username_/', '', $expr['load']); global $require_local_account; if (!$require_local_account) { return array(); } if (NULL !== getUserIDByUsername($recid)) { return array(); } return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Local user account '{$recid}' does not exist.")); case preg_match('/^\\$page_([\\p{L}0-9]+)$/u', $expr['load'], $m): $recid = $m[1]; global $page; if (isset($page[$recid])) { return array(); } return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Page number '{$recid}' does not exist.")); case preg_match('/^\\$(tab|op)_[\\p{L}0-9_]+$/u', $expr['load']): case preg_match('/^\\$any_(op|rack|object|ip4net|ip6net|net|ipv4vs|vs|ipv4rsp|rsp|file|location|row)$/', $expr['load']): case preg_match('/^\\$typeid_\\d+$/', $expr['load']): // FIXME: check value validity // FIXME: check value validity case preg_match('/^\\$cn_.+$/', $expr['load']): // FIXME: check name validity and asset existence // FIXME: check name validity and asset existence case preg_match('/^\\$lgcn_.+$/', $expr['load']): // FIXME: check name validity // FIXME: check name validity case preg_match('/^\\$(vlan|fromvlan|tovlan)_\\d+$/', $expr['load']): case preg_match('/^\\$(aggregate|unused|nameless|portless|unmounted|untagged|no_asset_tag|runs_8021Q)$/', $expr['load']): case preg_match('/^\\$(masklen_eq|spare)_\\d{1,3}$/', $expr['load']): case preg_match('/^\\$attr_\\d+(_\\d+)?$/', $expr['load']): case preg_match('/^\\$ip4net(-\\d{1,3}){5}$/', $expr['load']): case preg_match('/^\\$(8021Q_domain|8021Q_tpl)_\\d+$/', $expr['load']): case preg_match('/^\\$type_(tcp|udp|mark)$/', $expr['load']): return array(); default: foreach ($user_defined_atags as $regexp) { if (preg_match($regexp, $expr['load'])) { return array(); } } return array(array('header' => refRCLineno($expr['lineno']), 'class' => 'warning', 'text' => "Martian autotag '{$expr['load']}'")); } case 'SYNT_NOT_EXPR': return $self($expr['load']); case 'SYNT_AND_EXPR': case 'SYNT_EXPR': return array_merge($self($expr['left']), $self($expr['right'])); default: return array(array('header' => "internal error in {$self}", 'class' => 'error', 'text' => "Skipped expression of unknown type '{$expr['type']}'")); } }
function trigger_passwdchange() { global $user_auth_src, $remote_username; return $user_auth_src == 'database' || 1 === getUserIDByUsername($remote_username) ? 'std' : ''; }