示例#1
0
        // 修改用户密码。这是指用户修改自己帐户的密码,需提供旧密码
        // return:
        //      -1  error
        //      0   succeed
        public int ChangeUserPassword(
            string strLibraryCodeList,
            string strUserName,
            string strOldPassword,
            string strNewPassword,
            out string strError)
        {
            strError = "";
            int nRet = 0;

            if (String.IsNullOrEmpty(strUserName) == true)
            {
                strError = "strUserName参数值不能为空";
                return(-1);
            }

            this.m_lock.AcquireWriterLock(m_nLockTimeout);
            try
            {
                // 查重
                XmlNode node = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
                if (node == null)
                {
                    strError = "用户 '" + strUserName + "' 不存在";
                    return(-1);
                }

                string strExistLibraryCodeList = DomUtil.GetAttr(node, "libraryCode");

                // 2012/9/9
                // 分馆用户只允许修改馆代码属于管辖分馆的帐户
                if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
                {
                    if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
                        IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
                    {
                        strError = "当前用户只能修改图书馆代码完全完全属于 '" + strLibraryCodeList + "' 范围的用户的密码";
                        return(-1);
                    }
                }

                // 验证旧密码
#if NO
                // 以前的做法
                string strExistPassword = DomUtil.GetAttr(node, "password");
                if (String.IsNullOrEmpty(strExistPassword) == false)
                {
                    try
                    {
                        strExistPassword = Cryptography.Decrypt(strExistPassword,
                                                                EncryptKey);
                    }
                    catch
                    {
                        strError = "已经存在的(加密后)密码格式不正确";
                        return(-1);
                    }
                }

                if (strExistPassword != strOldPassword)
                {
                    strError = "所提供的旧密码经验证不匹配";
                    return(-1);
                }
#endif
                string strExistPassword = DomUtil.GetAttr(node, "password");
                nRet = LibraryServerUtil.MatchUserPassword(strOldPassword, strExistPassword, out strError);
                if (nRet == -1)
                {
                    return(-1);
                }
                if (nRet == 0)
                {
                    strError = "所提供的旧密码经验证不匹配";
                    return(-1);
                }

                // 设置新密码
#if NO
                // 以前的做法
                strNewPassword = Cryptography.Encrypt(strNewPassword,
                                                      EncryptKey);
                DomUtil.SetAttr(node, "password", strNewPassword);
#endif
                string strHashed = "";
                nRet = LibraryServerUtil.SetUserPassword(strNewPassword, out strHashed, out strError);
                if (nRet == -1)
                {
                    return(-1);
                }
                DomUtil.SetAttr(node, "password", strHashed);

                this.Changed = true;

                return(0);
            }
            finally
            {
                this.m_lock.ReleaseWriterLock();
            }

            // return 0;
        }
示例#2
0
        // 强制修改用户密码。不修改其他信息。
        public int ResetUserPassword(
            string strLibraryCodeList,
            string strUserName,
            string strOperator,
            string strNewPassword,
            string strClientAddress,
            out string strError)
        {
            strError = "";
            int nRet = 0;

            if (String.IsNullOrEmpty(strUserName) == true)
            {
                strError = "strUserName参数值不能为空";
                return(-1);
            }

            XmlNode nodeAccount       = null;
            string  strHashedPassword = "";

            this.m_lock.AcquireWriterLock(m_nLockTimeout);
            try
            {
                // 查重
                nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
                if (nodeAccount == null)
                {
                    strError = "用户 '" + strUserName + "' 不存在";
                    return(-1);
                }

                string strExistLibraryCodeList = DomUtil.GetAttr(nodeAccount, "libraryCode");

                // 2012/9/9
                // 分馆用户只允许修改馆代码属于管辖分馆的帐户
                if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
                {
                    if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
                        IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
                    {
                        strError = "当前用户只能重设 图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的用户的密码";
                        return(-1);
                    }
                }

                // 强制修改密码。无需验证旧密码
#if NO
                // 以前的做法
                strHashedPassword = Cryptography.Encrypt(strNewPassword,
                                                         EncryptKey);
                DomUtil.SetAttr(nodeAccount, "password", strHashedPassword);
#endif
                nRet = LibraryServerUtil.SetUserPassword(strNewPassword, out strHashedPassword, out strError);
                if (nRet == -1)
                {
                    return(-1);
                }
                DomUtil.SetAttr(nodeAccount, "password", strHashedPassword);

                this.Changed = true;
            }
            finally
            {
                this.m_lock.ReleaseWriterLock();
            }

            {
                XmlDocument domOperLog = PrepareOperlogDom("resetpassword", strOperator);

                // 2015/10/17 新增加的元素。此前缺这个元素。建议日志恢复的时候,忽略没有 userName 元素的日志记录
                DomUtil.SetElementText(domOperLog.DocumentElement,
                                       "userName",
                                       strUserName);
#if NO
                XmlNode node = domOperLog.CreateElement("newPassword");
                domOperLog.DocumentElement.AppendChild(node);

                node.InnerText = strHashedPassword;
#endif
                DomUtil.SetElementText(domOperLog.DocumentElement,
                                       "newPassword",
                                       strHashedPassword);

                // 写入日志
                nRet = this.OperLog.WriteOperLog(domOperLog,
                                                 strClientAddress,
                                                 out strError);
                if (nRet == -1)
                {
                    strError = "SetUser() API 写入日志时发生错误: " + strError;
                    return(-1);
                }
            }

            return(0);
        }
示例#3
0
        // 创建新用户
        // TODO: 对DOM加锁
        public int CreateUser(
            string strLibraryCodeList,
            string strUserName,
            string strOperator,
            UserInfo userinfo,
            string strClientAddress,
            out string strError)
        {
            strError = "";

            if (String.IsNullOrEmpty(strUserName) == true)
            {
                strError = "strUserName参数值不能为空";
                return(-1);
            }

            if (strUserName != userinfo.UserName)
            {
                strError = "strUserName参数值和userinfo.UserName不一致";
                return(-1);
            }

            // 2012/9/9
            // 分馆用户只允许创建馆代码属于管辖分馆的帐户
            if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
            {
                if (string.IsNullOrEmpty(userinfo.LibraryCode) == true ||
                    IsListInList(userinfo.LibraryCode, strLibraryCodeList) == false)
                {
                    strError = "当前用户只能创建图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的新用户";
                    return(-1);
                }
            }

            int nResultValue = -1;
            // 检查名字空间。
            // return:
            //      -2  not found script
            //      -1  出错
            //      0   成功
            int nRet = this.DoVerifyBarcodeScriptFunction(
                null,
                "",
                strUserName,
                out nResultValue,
                out strError);

            if (nRet == -2)
            {
                // 没有校验条码号功能,所以无法校验用户名和条码号名字空间的冲突
                goto SKIP_VERIFY;
            }
            if (nRet == -1)
            {
                strError = "校验用户名 '" + strUserName + "' 和条码号潜在冲突过程中(调用函数DoVerifyBarcodeScriptFunction()时)发生错误: " + strError;
                return(-1);
            }

            Debug.Assert(nRet == 0, "");

            if (nResultValue == -1)
            {
                strError = "校验用户名 '" + strUserName + "' 和条码号潜在冲突过程中发生错误: " + strError;
                return(-1);
            }

            if (nResultValue == 1)
            {
                strError = "名字 '" + strUserName + "' 和条码号名字空间发生冲突,不能作为用户名。";
                return(-1);
            }

SKIP_VERIFY:
            XmlNode nodeAccount = null;

            this.m_lock.AcquireWriterLock(m_nLockTimeout);
            try
            {
                // 查重
                nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
                if (nodeAccount != null)
                {
                    strError = "用户 '" + strUserName + "' 已经存在";
                    return(-1);
                }

                XmlNode root = this.LibraryCfgDom.DocumentElement.SelectSingleNode("accounts");
                if (root == null)
                {
                    root = this.LibraryCfgDom.CreateElement("accounts");
                    this.LibraryCfgDom.DocumentElement.AppendChild(root);
                }

                nodeAccount = this.LibraryCfgDom.CreateElement("account");
                root.AppendChild(nodeAccount);

                DomUtil.SetAttr(nodeAccount, "name", userinfo.UserName);

                if (String.IsNullOrEmpty(userinfo.Type) == false)
                {
                    DomUtil.SetAttr(nodeAccount, "type", userinfo.Type);
                }

                DomUtil.SetAttr(nodeAccount, "rights", userinfo.Rights);

                DomUtil.SetAttr(nodeAccount, "libraryCode", userinfo.LibraryCode);

                DomUtil.SetAttr(nodeAccount, "access", userinfo.Access);

                DomUtil.SetAttr(nodeAccount, "comment", userinfo.Comment);

                // 设置密码
                if (userinfo.SetPassword == true)
                {
#if NO
                    // 以前的做法
                    string strPassword = Cryptography.Encrypt(userinfo.Password,
                                                              EncryptKey);
                    DomUtil.SetAttr(nodeAccount, "password", strPassword);
#endif
                    string strHashed = "";
                    nRet = LibraryServerUtil.SetUserPassword(userinfo.Password, out strHashed, out strError);
                    if (nRet == -1)
                    {
                        return(-1);
                    }
                    DomUtil.SetAttr(nodeAccount, "password", strHashed);
                }

                this.Changed = true;

                // 2014/9/16
                if (userinfo.UserName == "reader")
                {
                    this.ClearLoginCache("");
                }
            }
            finally
            {
                this.m_lock.ReleaseWriterLock();
            }

            // 写入日志
            {
                XmlDocument domOperLog = PrepareOperlogDom("new", strOperator);
                XmlNode     node       = domOperLog.CreateElement("account");
                domOperLog.DocumentElement.AppendChild(node);

                DomUtil.SetElementOuterXml(node, nodeAccount.OuterXml);

                // 写入日志
                nRet = this.OperLog.WriteOperLog(domOperLog,
                                                 strClientAddress,
                                                 out strError);
                if (nRet == -1)
                {
                    strError = "SetUser() API 写入日志时发生错误: " + strError;
                    return(-1);
                }
            }

            return(0);
        }
示例#4
0
        // 修改用户
        public int ChangeUser(
            string strLibraryCodeList,
            string strUserName,
            string strOperator,
            UserInfo userinfo,
            string strClientAddress,
            out string strError)
        {
            strError = "";
            int nRet = 0;

            if (String.IsNullOrEmpty(strUserName) == true)
            {
                strError = "strUserName参数值不能为空";
                return(-1);
            }

            if (strUserName != userinfo.UserName)
            {
                strError = "strUserName参数值和userinfo.UserName不一致";
                return(-1);
            }

            XmlNode nodeAccount    = null;
            string  strOldOuterXml = "";

            this.m_lock.AcquireWriterLock(m_nLockTimeout);
            try
            {
                // 查重
                nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
                if (nodeAccount == null)
                {
                    strError = "用户 '" + strUserName + "' 不存在";
                    return(-1);
                }

                strOldOuterXml = nodeAccount.OuterXml;

                string strExistLibraryCodeList = DomUtil.GetAttr(nodeAccount, "libraryCode");

                // 2012/9/9
                // 分馆用户只允许修改馆代码属于管辖分馆的帐户
                if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
                {
                    if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
                        IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
                    {
                        strError = "当前用户只能修改图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的用户信息";
                        return(-1);
                    }
                }

                // 2012/9/9
                // 分馆用户只允许将帐户的馆代码修改到指定范围内
                if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
                {
                    if (string.IsNullOrEmpty(userinfo.LibraryCode) == true ||
                        IsListInList(userinfo.LibraryCode, strLibraryCodeList) == false)
                    {
                        strError = "当前用户只能将用户信息的馆代码修改到完全属于 '" + strLibraryCodeList + "' 范围内的值";
                        return(-1);
                    }
                }

                DomUtil.SetAttr(nodeAccount, "name", userinfo.UserName);
                DomUtil.SetAttr(nodeAccount, "type", userinfo.Type);
                DomUtil.SetAttr(nodeAccount, "rights", userinfo.Rights);
                DomUtil.SetAttr(nodeAccount, "libraryCode", userinfo.LibraryCode);
                DomUtil.SetAttr(nodeAccount, "access", userinfo.Access);
                DomUtil.SetAttr(nodeAccount, "comment", userinfo.Comment);

                // 强制修改密码。无需验证旧密码
                if (userinfo.SetPassword == true)
                {
#if NO
                    // 以前的做法
                    string strPassword = Cryptography.Encrypt(userinfo.Password,
                                                              EncryptKey);
                    DomUtil.SetAttr(nodeAccount, "password", strPassword);
#endif
                    string strHashed = "";
                    nRet = LibraryServerUtil.SetUserPassword(userinfo.Password, out strHashed, out strError);
                    if (nRet == -1)
                    {
                        return(-1);
                    }
                    DomUtil.SetAttr(nodeAccount, "password", strHashed);
                }

                this.Changed = true;

                // 2014/9/16
                if (userinfo.UserName == "reader")
                {
                    this.ClearLoginCache("");
                }
            }
            finally
            {
                this.m_lock.ReleaseWriterLock();
            }

            // 写入日志
            {
                XmlDocument domOperLog = PrepareOperlogDom("change", strOperator);

                if (string.IsNullOrEmpty(strOldOuterXml) == false)
                {
                    XmlNode node_old = domOperLog.CreateElement("oldAccount");
                    domOperLog.DocumentElement.AppendChild(node_old);
                    node_old = DomUtil.SetElementOuterXml(node_old, strOldOuterXml);
                    DomUtil.RenameNode(node_old,
                                       null,
                                       "oldAccount");
                }

                XmlNode node = domOperLog.CreateElement("account");
                domOperLog.DocumentElement.AppendChild(node);

                DomUtil.SetElementOuterXml(node, nodeAccount.OuterXml);

                // 写入日志
                nRet = this.OperLog.WriteOperLog(domOperLog,
                                                 strClientAddress,
                                                 out strError);
                if (nRet == -1)
                {
                    strError = "SetUser() API 写入日志时发生错误: " + strError;
                    return(-1);
                }
            }
            return(0);
        }