// 修改用户密码。这是指用户修改自己帐户的密码,需提供旧密码
// return:
// -1 error
// 0 succeed
public int ChangeUserPassword(
string strLibraryCodeList,
string strUserName,
string strOldPassword,
string strNewPassword,
out string strError)
{
strError = "";
int nRet = 0;
if (String.IsNullOrEmpty(strUserName) == true)
{
strError = "strUserName参数值不能为空";
return(-1);
}
this.m_lock.AcquireWriterLock(m_nLockTimeout);
try
{
// 查重
XmlNode node = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
if (node == null)
{
strError = "用户 '" + strUserName + "' 不存在";
return(-1);
}
string strExistLibraryCodeList = DomUtil.GetAttr(node, "libraryCode");
// 2012/9/9
// 分馆用户只允许修改馆代码属于管辖分馆的帐户
if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
{
if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
{
strError = "当前用户只能修改图书馆代码完全完全属于 '" + strLibraryCodeList + "' 范围的用户的密码";
return(-1);
}
}
// 验证旧密码
#if NO
// 以前的做法
string strExistPassword = DomUtil.GetAttr(node, "password");
if (String.IsNullOrEmpty(strExistPassword) == false)
{
try
{
strExistPassword = Cryptography.Decrypt(strExistPassword,
EncryptKey);
}
catch
{
strError = "已经存在的(加密后)密码格式不正确";
return(-1);
}
}
if (strExistPassword != strOldPassword)
{
strError = "所提供的旧密码经验证不匹配";
return(-1);
}
#endif
string strExistPassword = DomUtil.GetAttr(node, "password");
nRet = LibraryServerUtil.MatchUserPassword(strOldPassword, strExistPassword, out strError);
if (nRet == -1)
{
return(-1);
}
if (nRet == 0)
{
strError = "所提供的旧密码经验证不匹配";
return(-1);
}
// 设置新密码
#if NO
// 以前的做法
strNewPassword = Cryptography.Encrypt(strNewPassword,
EncryptKey);
DomUtil.SetAttr(node, "password", strNewPassword);
#endif
string strHashed = "";
nRet = LibraryServerUtil.SetUserPassword(strNewPassword, out strHashed, out strError);
if (nRet == -1)
{
return(-1);
}
DomUtil.SetAttr(node, "password", strHashed);
this.Changed = true;
return(0);
}
finally
{
this.m_lock.ReleaseWriterLock();
}
// return 0;
}
// 强制修改用户密码。不修改其他信息。
public int ResetUserPassword(
string strLibraryCodeList,
string strUserName,
string strOperator,
string strNewPassword,
string strClientAddress,
out string strError)
{
strError = "";
int nRet = 0;
if (String.IsNullOrEmpty(strUserName) == true)
{
strError = "strUserName参数值不能为空";
return(-1);
}
XmlNode nodeAccount = null;
string strHashedPassword = "";
this.m_lock.AcquireWriterLock(m_nLockTimeout);
try
{
// 查重
nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
if (nodeAccount == null)
{
strError = "用户 '" + strUserName + "' 不存在";
return(-1);
}
string strExistLibraryCodeList = DomUtil.GetAttr(nodeAccount, "libraryCode");
// 2012/9/9
// 分馆用户只允许修改馆代码属于管辖分馆的帐户
if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
{
if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
{
strError = "当前用户只能重设 图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的用户的密码";
return(-1);
}
}
// 强制修改密码。无需验证旧密码
#if NO
// 以前的做法
strHashedPassword = Cryptography.Encrypt(strNewPassword,
EncryptKey);
DomUtil.SetAttr(nodeAccount, "password", strHashedPassword);
#endif
nRet = LibraryServerUtil.SetUserPassword(strNewPassword, out strHashedPassword, out strError);
if (nRet == -1)
{
return(-1);
}
DomUtil.SetAttr(nodeAccount, "password", strHashedPassword);
this.Changed = true;
}
finally
{
this.m_lock.ReleaseWriterLock();
}
{
XmlDocument domOperLog = PrepareOperlogDom("resetpassword", strOperator);
// 2015/10/17 新增加的元素。此前缺这个元素。建议日志恢复的时候,忽略没有 userName 元素的日志记录
DomUtil.SetElementText(domOperLog.DocumentElement,
"userName",
strUserName);
#if NO
XmlNode node = domOperLog.CreateElement("newPassword");
domOperLog.DocumentElement.AppendChild(node);
node.InnerText = strHashedPassword;
#endif
DomUtil.SetElementText(domOperLog.DocumentElement,
"newPassword",
strHashedPassword);
// 写入日志
nRet = this.OperLog.WriteOperLog(domOperLog,
strClientAddress,
out strError);
if (nRet == -1)
{
strError = "SetUser() API 写入日志时发生错误: " + strError;
return(-1);
}
}
return(0);
}
// 创建新用户
// TODO: 对DOM加锁
public int CreateUser(
string strLibraryCodeList,
string strUserName,
string strOperator,
UserInfo userinfo,
string strClientAddress,
out string strError)
{
strError = "";
if (String.IsNullOrEmpty(strUserName) == true)
{
strError = "strUserName参数值不能为空";
return(-1);
}
if (strUserName != userinfo.UserName)
{
strError = "strUserName参数值和userinfo.UserName不一致";
return(-1);
}
// 2012/9/9
// 分馆用户只允许创建馆代码属于管辖分馆的帐户
if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
{
if (string.IsNullOrEmpty(userinfo.LibraryCode) == true ||
IsListInList(userinfo.LibraryCode, strLibraryCodeList) == false)
{
strError = "当前用户只能创建图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的新用户";
return(-1);
}
}
int nResultValue = -1;
// 检查名字空间。
// return:
// -2 not found script
// -1 出错
// 0 成功
int nRet = this.DoVerifyBarcodeScriptFunction(
null,
"",
strUserName,
out nResultValue,
out strError);
if (nRet == -2)
{
// 没有校验条码号功能,所以无法校验用户名和条码号名字空间的冲突
goto SKIP_VERIFY;
}
if (nRet == -1)
{
strError = "校验用户名 '" + strUserName + "' 和条码号潜在冲突过程中(调用函数DoVerifyBarcodeScriptFunction()时)发生错误: " + strError;
return(-1);
}
Debug.Assert(nRet == 0, "");
if (nResultValue == -1)
{
strError = "校验用户名 '" + strUserName + "' 和条码号潜在冲突过程中发生错误: " + strError;
return(-1);
}
if (nResultValue == 1)
{
strError = "名字 '" + strUserName + "' 和条码号名字空间发生冲突,不能作为用户名。";
return(-1);
}
SKIP_VERIFY:
XmlNode nodeAccount = null;
this.m_lock.AcquireWriterLock(m_nLockTimeout);
try
{
// 查重
nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
if (nodeAccount != null)
{
strError = "用户 '" + strUserName + "' 已经存在";
return(-1);
}
XmlNode root = this.LibraryCfgDom.DocumentElement.SelectSingleNode("accounts");
if (root == null)
{
root = this.LibraryCfgDom.CreateElement("accounts");
this.LibraryCfgDom.DocumentElement.AppendChild(root);
}
nodeAccount = this.LibraryCfgDom.CreateElement("account");
root.AppendChild(nodeAccount);
DomUtil.SetAttr(nodeAccount, "name", userinfo.UserName);
if (String.IsNullOrEmpty(userinfo.Type) == false)
{
DomUtil.SetAttr(nodeAccount, "type", userinfo.Type);
}
DomUtil.SetAttr(nodeAccount, "rights", userinfo.Rights);
DomUtil.SetAttr(nodeAccount, "libraryCode", userinfo.LibraryCode);
DomUtil.SetAttr(nodeAccount, "access", userinfo.Access);
DomUtil.SetAttr(nodeAccount, "comment", userinfo.Comment);
// 设置密码
if (userinfo.SetPassword == true)
{
#if NO
// 以前的做法
string strPassword = Cryptography.Encrypt(userinfo.Password,
EncryptKey);
DomUtil.SetAttr(nodeAccount, "password", strPassword);
#endif
string strHashed = "";
nRet = LibraryServerUtil.SetUserPassword(userinfo.Password, out strHashed, out strError);
if (nRet == -1)
{
return(-1);
}
DomUtil.SetAttr(nodeAccount, "password", strHashed);
}
this.Changed = true;
// 2014/9/16
if (userinfo.UserName == "reader")
{
this.ClearLoginCache("");
}
}
finally
{
this.m_lock.ReleaseWriterLock();
}
// 写入日志
{
XmlDocument domOperLog = PrepareOperlogDom("new", strOperator);
XmlNode node = domOperLog.CreateElement("account");
domOperLog.DocumentElement.AppendChild(node);
DomUtil.SetElementOuterXml(node, nodeAccount.OuterXml);
// 写入日志
nRet = this.OperLog.WriteOperLog(domOperLog,
strClientAddress,
out strError);
if (nRet == -1)
{
strError = "SetUser() API 写入日志时发生错误: " + strError;
return(-1);
}
}
return(0);
}
// 修改用户
public int ChangeUser(
string strLibraryCodeList,
string strUserName,
string strOperator,
UserInfo userinfo,
string strClientAddress,
out string strError)
{
strError = "";
int nRet = 0;
if (String.IsNullOrEmpty(strUserName) == true)
{
strError = "strUserName参数值不能为空";
return(-1);
}
if (strUserName != userinfo.UserName)
{
strError = "strUserName参数值和userinfo.UserName不一致";
return(-1);
}
XmlNode nodeAccount = null;
string strOldOuterXml = "";
this.m_lock.AcquireWriterLock(m_nLockTimeout);
try
{
// 查重
nodeAccount = this.LibraryCfgDom.DocumentElement.SelectSingleNode("//accounts/account[@name='" + strUserName + "']");
if (nodeAccount == null)
{
strError = "用户 '" + strUserName + "' 不存在";
return(-1);
}
strOldOuterXml = nodeAccount.OuterXml;
string strExistLibraryCodeList = DomUtil.GetAttr(nodeAccount, "libraryCode");
// 2012/9/9
// 分馆用户只允许修改馆代码属于管辖分馆的帐户
if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
{
if (string.IsNullOrEmpty(strExistLibraryCodeList) == true ||
IsListInList(strExistLibraryCodeList, strLibraryCodeList) == false)
{
strError = "当前用户只能修改图书馆代码完全属于 '" + strLibraryCodeList + "' 范围的用户信息";
return(-1);
}
}
// 2012/9/9
// 分馆用户只允许将帐户的馆代码修改到指定范围内
if (SessionInfo.IsGlobalUser(strLibraryCodeList) == false)
{
if (string.IsNullOrEmpty(userinfo.LibraryCode) == true ||
IsListInList(userinfo.LibraryCode, strLibraryCodeList) == false)
{
strError = "当前用户只能将用户信息的馆代码修改到完全属于 '" + strLibraryCodeList + "' 范围内的值";
return(-1);
}
}
DomUtil.SetAttr(nodeAccount, "name", userinfo.UserName);
DomUtil.SetAttr(nodeAccount, "type", userinfo.Type);
DomUtil.SetAttr(nodeAccount, "rights", userinfo.Rights);
DomUtil.SetAttr(nodeAccount, "libraryCode", userinfo.LibraryCode);
DomUtil.SetAttr(nodeAccount, "access", userinfo.Access);
DomUtil.SetAttr(nodeAccount, "comment", userinfo.Comment);
// 强制修改密码。无需验证旧密码
if (userinfo.SetPassword == true)
{
#if NO
// 以前的做法
string strPassword = Cryptography.Encrypt(userinfo.Password,
EncryptKey);
DomUtil.SetAttr(nodeAccount, "password", strPassword);
#endif
string strHashed = "";
nRet = LibraryServerUtil.SetUserPassword(userinfo.Password, out strHashed, out strError);
if (nRet == -1)
{
return(-1);
}
DomUtil.SetAttr(nodeAccount, "password", strHashed);
}
this.Changed = true;
// 2014/9/16
if (userinfo.UserName == "reader")
{
this.ClearLoginCache("");
}
}
finally
{
this.m_lock.ReleaseWriterLock();
}
// 写入日志
{
XmlDocument domOperLog = PrepareOperlogDom("change", strOperator);
if (string.IsNullOrEmpty(strOldOuterXml) == false)
{
XmlNode node_old = domOperLog.CreateElement("oldAccount");
domOperLog.DocumentElement.AppendChild(node_old);
node_old = DomUtil.SetElementOuterXml(node_old, strOldOuterXml);
DomUtil.RenameNode(node_old,
null,
"oldAccount");
}
XmlNode node = domOperLog.CreateElement("account");
domOperLog.DocumentElement.AppendChild(node);
DomUtil.SetElementOuterXml(node, nodeAccount.OuterXml);
// 写入日志
nRet = this.OperLog.WriteOperLog(domOperLog,
strClientAddress,
out strError);
if (nRet == -1)
{
strError = "SetUser() API 写入日志时发生错误: " + strError;
return(-1);
}
}
return(0);
}