Project

General

Profile

Defect #879 » Redmine.pm.diff

New, better diff - Liwiusz Ociepa, 2008-03-18 12:19

View differences:

Redmine.pm 2008-03-18 12:08:17.240990915 +0100
90 90

  
91 91
use DBI;
92 92
use Digest::SHA1;
93
use Authen::Simple::LDAP;
93 94

  
94 95
use Apache2::Module;
95 96
use Apache2::Access;
......
140 141

  
141 142
    my $dbh = connect_database($r);
142 143
    my $sth = $dbh->prepare(
143
	"SELECT * FROM projects WHERE projects.identifier=? and projects.is_public=true;"
144
        "SELECT * FROM projects WHERE projects.identifier=? and projects.is_public=true;"
144 145
    );
145 146

  
146 147
    $sth->execute($project_id);
......
176 177
  my $pass_digest = Digest::SHA1::sha1_hex($redmine_pass);
177 178

  
178 179
  my $sth = $dbh->prepare(
179
      "SELECT hashed_password FROM members, projects, users WHERE projects.id=members.project_id AND users.id=members.user_id AND users.status=1 AND login=? AND identifier=?;"
180
      "SELECT hashed_password,coalesce(auth_source_id,0) FROM members, projects, users WHERE projects.id=members.project_id AND users.id=members.user_id AND users.status=1 AND login=? AND identifier=?;"
180 181
  );
181 182
  $sth->execute($redmine_user, $project_id);
182 183

  
183 184
  my $ret;
184 185
  while (my @row = $sth->fetchrow_array) {
185
      if ($row[0] eq $pass_digest) {
186
	  $ret = 1;
187
	  last;
186
      if ($row[1] eq 0) {
187
          if ($row[0] eq $pass_digest) {
188
              $ret = 1;
189
              last;
190
          }
191
      } else {
192
          my $sthldap = $dbh->prepare(
193
              "SELECT host,port,account,account_password,base_dn,attr_login from auth_sources WHERE id = ?;"
194
          );
195
          $sthldap->execute($row[1]);
196
          while (my @rowldap = $sthldap->fetchrow_array) {
197
            my $ldap = Authen::Simple::LDAP->new(
198
	        host 	=>	$rowldap[0],
199
		port	=>	$rowldap[1],
200
		basedn	=>	$rowldap[4],
201
		binddn	=>	$rowldap[2] ? $rowldap[2] : "",
202
		bindpw	=>	$rowldap[3] ? $rowldap[3] : "",
203
		filter	=>	"(".$rowldap[5]."=%s)"
204
	    );
205
	    $ret = 1 if ($ldap->authenticate($redmine_user, $redmine_pass));
206
          }
207
          $sthldap->finish();
188 208
      }
189 209
  }
210
  $sth->finish();
190 211
  $dbh->disconnect();
191 212

  
192 213
  $ret;
(3-3/6)