From: jonl Date: Mon, 16 Jan 2012 18:24:38 +0000 (+0100) Subject: Changed list node to provide more data. Added change_pw functionality/node. Changed... X-Git-Url: https://git.defcon.no/?a=commitdiff_plain;h=423b15a32911b49e31599ce079ceb0935323fee3;p=hermes Changed list node to provide more data. Added change_pw functionality/node. Changed remove to use the new sql_dbexec_rows --- diff --git a/lib/user_functions.php b/lib/user_functions.php index 7944551..adad1be 100644 --- a/lib/user_functions.php +++ b/lib/user_functions.php @@ -79,7 +79,26 @@ function delete_kamailio_subscriber( $username, $domain ) sql_clean($username), sql_clean($domain) ); - if ( ! sql_dbexec( $config['kamailio_db'], $query ) ) return false; + if ( sql_dbexec_rows( $config['kamailio_db'], $query) != 1 ) return false; + return true; +} + + +function update_kamailio_pw ( $username, $domain, $password ) +{ + global $config; + + if ( ! ($username && $domain && $password)) + return false; + + $query = sprintf("UPDATE %s SET password = '%s' WHERE username = '%s' AND domain = '%s'", + $config['kamailio_subscriber_table'], + sql_clean($password), + sql_clean($username), + sql_clean($domain) + + ); + if ( sql_dbexec_rows( $config['kamailio_db'], $query) != 1 ) return false; return true; } @@ -134,14 +153,32 @@ function delete_provision_user( $username, $domain ) sql_clean($username), sql_clean($domain) ); - if ( ! sql_dbexec( $config['provision_db'], $query ) ) return false; + if ( sql_dbexec_rows( $config['provision_db'], $query) != 1 ) return false; + return true; +} + +function update_provision_pw ( $username, $domain, $password ) +{ + global $config; + + if ( ! ($username && $domain && $password)) + return false; + + $query = sprintf("UPDATE %s SET password = '%s' WHERE username = '%s' AND domain = '%s'", + $config['provision_users_table'], + sql_clean($password), + sql_clean($username), + sql_clean($domain) + + ); + if ( sql_dbexec_rows( $config['provision_db'], $query) != 1 ) return false; return true; } function list_users ( $search = null ) { global $config; - $query = sprintf("SELECT CONCAT(username, '@', domain) FROM %s ORDER BY username,domain", $config['provision_users_table'] ); + $query = sprintf("SELECT CONCAT(username, '@', domain), displayname FROM %s ORDER BY username,domain", $config['provision_users_table'] ); if ( array_key_exists ( 'search', $_GET ) ) { @@ -154,7 +191,7 @@ function list_users ( $search = null ) $list = array(); while ( $row = mysql_fetch_row( $result ) ) { - array_push( $list, $row[0] ); + array_push( $list, array( "user" => $row[0], "displayname" => $row[1] ) ); } return $list; print json_encode( array( 'response' => 'ok', 'list' => $list )); diff --git a/user.php b/user.php index f4ca316..87dbe53 100644 --- a/user.php +++ b/user.php @@ -386,6 +386,7 @@ if ( !$config['sql_link'] ) /* Required parameters should be... ( username & domain ) | user + password * Verify that no associations/relations exist in 'provision.phones' * Verify that the user exists ... @@ -395,8 +396,9 @@ if ( !$config['sql_link'] ) * Update user passwords in 'provision' and 'kamailio' as appropriate * On other failures, return 'response' => 'failed' with 'cause' => 'error' (may set 'detail' => 'message') */ - if ( ( array_key_exists( 'username', $_GET) && array_key_exists( 'domain', $_GET ) ) - || array_key_exists('user', $_GET) ) + if ( array_key_exists('password', $_GET) && + ( ( array_key_exists( 'username', $_GET) && array_key_exists( 'domain', $_GET ) ) + || array_key_exists('user', $_GET) )) { $username = ""; @@ -416,7 +418,38 @@ if ( !$config['sql_link'] ) } list ( $username, $domain ) = $user; } - print json_encode ( array( 'response' => 'failed', 'cause' => 'notimplemented', 'detail' => 'Requested feature valid, but not implemented' ) ); + $password = $_GET['password']; + + // Check compatibility of password? TODO... + // Fetch old password for rollback? TODO... + // Verify that user exists for provisioning + if ( ! is_provision_user( $username, $domain ) ) + { + print json_encode( array ( 'response' => 'failed', 'cause' => 'nonexistant', 'detail' => '' . $username . '@' . $domain . ' does not exist.')); + break; + } + if ( is_provision_user( $username, $domain ) ) + { + print "WTF"; + // Update provisioning password + if (! update_provision_pw( $username, $domain, $password ) ) + { + print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to update provisioning password' ) ); + break; + } + } + // Check for user in kamailio + if ( is_kamailio_subscriber( $username, $domain ) ) + { + // Update kamailio password + if (! update_kamailio_pw( $username, $domain, $password ) ) + { + print json_encode( array( 'response' => 'failed', 'cause' => 'dbfail', 'detail' => 'Failed to update kamailio password' ) ); + break; + } + } + print json_encode( array ( 'response' => 'ok', 'detail' => 'Password changed for user '.$username.'@'.$domain.'.')); + break; } else print json_encode( array( 'response' => 'invalid', 'cause' => 'parameters' ) );