From: erickson Date: Thu, 21 Jan 2010 21:42:12 +0000 (+0000) Subject: backporting 13623: fix for login failure reports inactive account X-Git-Url: https://old-git.evergreen-ils.org/?a=commitdiff_plain;h=8591263ae0decc5c1b8a6434fae27e8fc92337de;p=Evergreen.git backporting 13623: fix for login failure reports inactive account git-svn-id: svn://svn.open-ils.org/ILS/branches/rel_1_6_0@15363 dcc99617-32d9-48b4-a31d-7c20da2025e4 --- diff --git a/Open-ILS/src/c-apps/oils_auth.c b/Open-ILS/src/c-apps/oils_auth.c index f74dcd6566..b553c5f9ac 100644 --- a/Open-ILS/src/c-apps/oils_auth.c +++ b/Open-ILS/src/c-apps/oils_auth.c @@ -371,7 +371,7 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { const char* type = jsonObjectGetString(jsonObjectGetKeyConst(args, "type")); double orgloc = jsonObjectGetNumber(jsonObjectGetKeyConst(args, "org")); const char* workstation = jsonObjectGetString(jsonObjectGetKeyConst(args, "workstation")); - char* barcode = jsonObjectToSimpleString(jsonObjectGetKeyConst(args, "barcode")); + const char* barcode = jsonObjectGetString(jsonObjectGetKeyConst(args, "barcode")); const char* ws = (workstation) ? workstation : ""; @@ -379,7 +379,6 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { if(!type) type = OILS_AUTH_STAFF; if( !( (uname || barcode) && password) ) { - free(barcode); return osrfAppRequestRespondException( ctx->session, ctx->request, "username/barcode and password required for method: %s", ctx->method->name ); } @@ -392,10 +391,10 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { if(!userObj) { response = oilsNewEvent( OSRF_LOG_MARK, OILS_EVENT_AUTH_FAILED ); - osrfLogInfo(OSRF_LOG_MARK, "failed login: username=%s, barcode=%s, workstation=%s", uname, barcode, ws ); + osrfLogInfo(OSRF_LOG_MARK, "failed login: username=%s, barcode=%s, workstation=%s", + uname, (barcode ? barcode : "(none)"), ws ); osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); oilsEventFree(response); - free(barcode); return 0; } @@ -407,18 +406,20 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { if( passOK < 0 ) { jsonObjectFree(userObj); - free(barcode); return passOK; } /* first see if their account is inactive */ char* active = oilsFMGetString(userObj, "active"); if( !oilsUtilsIsDBTrue(active) ) { - response = oilsNewEvent(OSRF_LOG_MARK, "PATRON_INACTIVE"); + if( passOK ) + response = oilsNewEvent( OSRF_LOG_MARK, "PATRON_INACTIVE" ); + else + response = oilsNewEvent( OSRF_LOG_MARK, OILS_EVENT_AUTH_FAILED ); + osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); oilsEventFree(response); jsonObjectFree(userObj); - free(barcode); free(active); return 0; } @@ -429,7 +430,6 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); oilsEventFree(response); jsonObjectFree(userObj); - free(barcode); return 0; } @@ -437,7 +437,6 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { /* check to see if the user is even allowed to login */ if( oilsAuthCheckLoginPerm( ctx, userObj, type ) == -1 ) { jsonObjectFree(userObj); - free(barcode); return 0; } @@ -450,7 +449,6 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { jsonObjectFree(userObj); osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); oilsEventFree(response); - free(barcode); return 0; } @@ -471,13 +469,13 @@ int oilsAuthComplete( osrfMethodContext* ctx ) { } else { response = oilsNewEvent( OSRF_LOG_MARK, OILS_EVENT_AUTH_FAILED ); - osrfLogInfo(OSRF_LOG_MARK, "failed login: username=%s, barcode=%s, workstation=%s", uname, barcode, ws ); + osrfLogInfo(OSRF_LOG_MARK, "failed login: username=%s, barcode=%s, workstation=%s", + uname, (barcode ? barcode : "(none)"), ws ); } jsonObjectFree(userObj); osrfAppRespondComplete( ctx, oilsEventToJSON(response) ); oilsEventFree(response); - free(barcode); if(freeable_uname) free(freeable_uname);