safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-284: Add convenience methods for determining whether a user account is disabled/expired.

Browse Source
This commit is contained in:
Michael Jumper
2017-06-04 14:08:49 -07:00
parent c87ec1bf5d
commit f4fce6a07a
2 changed files with 44 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/JDBCAuthenticationProviderService.java
View File

@@ -28,7 +28,6 @@ import org.apache.guacamole.auth.jdbc.sharing.user.SharedAuthenticatedUser;
import org.apache.guacamole.auth.jdbc.user.ModeledAuthenticatedUser;
import org.apache.guacamole.auth.jdbc.user.ModeledUser;
import org.apache.guacamole.auth.jdbc.user.ModeledUserContext;
import org.apache.guacamole.auth.jdbc.user.UserModel;
import org.apache.guacamole.auth.jdbc.user.UserService;
import org.apache.guacamole.net.auth.AuthenticatedUser;
import org.apache.guacamole.net.auth.AuthenticationProvider;
@@ -88,12 +87,7 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
// Retrieve user account for already-authenticated user
ModeledUser user = userService.retrieveUser(authenticationProvider, authenticatedUser);
if (user != null) {
// User data only exists for purposes of retrieval if the account
// is not disabled
UserModel userModel = user.getModel();
if (!userModel.isDisabled()) {
if (user != null && !user.isDisabled()) {
// Apply account restrictions if this extension authenticated
// the user OR if an account from this extension is explicitly
@@ -110,7 +104,7 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
throw new GuacamoleClientException("LOGIN.ERROR_NOT_ACCESSIBLE");
// Update password if password is expired
if (userModel.isExpired() || passwordPolicyService.isPasswordExpired(user))
if (user.isExpired() || passwordPolicyService.isPasswordExpired(user))
userService.resetExpiredPassword(user, authenticatedUser.getCredentials());
}
@@ -122,8 +116,6 @@ public class JDBCAuthenticationProviderService implements AuthenticationProvider
}
}
// Do not invalidate the authentication result of users who were
// authenticated via our own connection sharing links
if (authenticatedUser instanceof SharedAuthenticatedUser)

24
extensions/guacamole-auth-jdbc/modules/guacamole-auth-jdbc-base/src/main/java/org/apache/guacamole/auth/jdbc/user/ModeledUser.java
View File

@@ -766,4 +766,28 @@ public class ModeledUser extends ModeledDirectoryObject<UserModel> implements Us
return isActive(getAccessWindowStart(), getAccessWindowEnd());
}
/**
* Returns whether the user has been disabled. Disabled users are not
* allowed to login. Although their account data exists, all login attempts
* will fail as if the account does not exist.
*
* @return
* true if the account is disabled, false otherwise.
*/
public boolean isDisabled() {
return getModel().isDisabled();
}
/**
* Returns whether the user's password has expired. If a user's password is
* expired, it must be immediately changed upon login. A user account with
* an expired password cannot be used until the password has been changed.
*
* @return
* true if the user's password has expired, false otherwise.
*/
public boolean isExpired() {
return getModel().isExpired();
}
}