From 6f2e10c95aae25ede82a3326525e3110ec13705e Mon Sep 17 00:00:00 2001 From: Chris Sharp Date: Fri, 4 Sep 2020 08:41:15 -0400 Subject: [PATCH] re-comment out the KCLS stuff --- .../perlmods/lib/OpenILS/WWW/EGCatLoader/Ecard.pm | 224 ++++++++++----------- 1 file changed, 112 insertions(+), 112 deletions(-) diff --git a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Ecard.pm b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Ecard.pm index 1e47c2ad32..e3fb93054b 100644 --- a/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Ecard.pm +++ b/Open-ILS/src/perlmods/lib/OpenILS/WWW/EGCatLoader/Ecard.pm @@ -62,93 +62,93 @@ my @api_fields = ( # TODO: wrap the following in a check for a library setting as to whether or not # to require emailed verification -# Random 6-character alpha-numeric code that avoids look-alike characters -# https://ux.stackexchange.com/questions/53341/are-there-any-letters-numbers-that-should-be-avoided-in-an-id -# Also exclude vowels to avoid creating any real (potentially offensive) words. -my @code_chars = ('C','D','F','H','J'..'N','P','R','T','V','W','X','3','4','7','9'); -sub generate_verify_code { - my $string = ''; - $string .= $code_chars[rand @code_chars] for 1..6; - return $string; -} - - -# only if we're verifying the card via email -sub load_ecard_verify { - my $self = shift; - my $cgi = $self->cgi; - $self->collect_header_footer; - - # Loading the form. - return Apache2::Const::OK if $cgi->request_method eq 'GET'; - - #$self->verify_ecard; - return Apache2::Const::OK; -} - -sub verify_ecard { - my $self = shift; - my $cgi = $self->cgi; - my $ctx = $self->ctx; - $self->log_params; - - my $verify_code = $ctx->{verify_code} = $cgi->param('verification_code'); - my $barcode = $ctx->{barcode} = $cgi->param('barcode'); - - $ctx->{verify_failed} = 1; - - my $e = new_editor(); - - my $au = $e->search_actor_user({ - profile => $PROVISIONAL_ECARD_GRP, - ident_type => $ECARD_VERIFY_IDENT, - ident_value => $verify_code - })->[0]; - - if (!$au) { - $logger->warn( - "ECARD: No provisional ecard found with code $verify_code"); - sleep 2; # Mitigate brute-force attacks - return; - } - - my $card = $e->search_actor_card({ - usr => $au->id, - barcode => $barcode - })->[0]; - - if (!$card) { - $logger->warn("ECARD: Failed to match verify code ". - "($verify_code) with provided barcode ($barcode)"); - sleep 2; # Mitigate brute-force attacks - return; - } - - # Verification looks good. Update the account. - - my $grp = new_editor()->retrieve_permission_grp_tree($FULL_ECARD_GRP); - - $au->profile($grp->id); - $au->expire_date( - DateTime->now(time_zone => 'local')->add( - seconds => interval_to_seconds($grp->perm_interval))->iso8601() - ); - - $e->xact_begin; - - unless ($e->update_actor_user($au)) { - $logger->error("ECARD update failed for $barcode: " . $e->die_event); - return; - } - - $e->commit; - $logger->info("ECARD: Update to full ecard succeeded for $barcode"); - - $ctx->{verify_success} = 1; - $ctx->{verify_failed} = 0; - - return; -} +## Random 6-character alpha-numeric code that avoids look-alike characters +## https://ux.stackexchange.com/questions/53341/are-there-any-letters-numbers-that-should-be-avoided-in-an-id +## Also exclude vowels to avoid creating any real (potentially offensive) words. +#my @code_chars = ('C','D','F','H','J'..'N','P','R','T','V','W','X','3','4','7','9'); +#sub generate_verify_code { +# my $string = ''; +# $string .= $code_chars[rand @code_chars] for 1..6; +# return $string; +#} +# +# +## only if we're verifying the card via email +#sub load_ecard_verify { +# my $self = shift; +# my $cgi = $self->cgi; +# $self->collect_header_footer; +# +# # Loading the form. +# return Apache2::Const::OK if $cgi->request_method eq 'GET'; +# +# #$self->verify_ecard; +# return Apache2::Const::OK; +#} +# +#sub verify_ecard { +# my $self = shift; +# my $cgi = $self->cgi; +# my $ctx = $self->ctx; +# $self->log_params; +# +# my $verify_code = $ctx->{verify_code} = $cgi->param('verification_code'); +# my $barcode = $ctx->{barcode} = $cgi->param('barcode'); +# +# $ctx->{verify_failed} = 1; +# +# my $e = new_editor(); +# +# my $au = $e->search_actor_user({ +# profile => $PROVISIONAL_ECARD_GRP, +# ident_type => $ECARD_VERIFY_IDENT, +# ident_value => $verify_code +# })->[0]; +# +# if (!$au) { +# $logger->warn( +# "ECARD: No provisional ecard found with code $verify_code"); +# sleep 2; # Mitigate brute-force attacks +# return; +# } +# +# my $card = $e->search_actor_card({ +# usr => $au->id, +# barcode => $barcode +# })->[0]; +# +# if (!$card) { +# $logger->warn("ECARD: Failed to match verify code ". +# "($verify_code) with provided barcode ($barcode)"); +# sleep 2; # Mitigate brute-force attacks +# return; +# } +# +# # Verification looks good. Update the account. +# +# my $grp = new_editor()->retrieve_permission_grp_tree($FULL_ECARD_GRP); +# +# $au->profile($grp->id); +# $au->expire_date( +# DateTime->now(time_zone => 'local')->add( +# seconds => interval_to_seconds($grp->perm_interval))->iso8601() +# ); +# +# $e->xact_begin; +# +# unless ($e->update_actor_user($au)) { +# $logger->error("ECARD update failed for $barcode: " . $e->die_event); +# return; +# } +# +# $e->commit; +# $logger->info("ECARD: Update to full ecard succeeded for $barcode"); +# +# $ctx->{verify_success} = 1; +# $ctx->{verify_failed} = 0; +# +# return; +#} sub log_params { @@ -554,31 +554,31 @@ sub add_survey_responses { # TODO: this is KCLS-specific, but maybe we can make it something # generic for adding stat cats to the patron -sub add_stat_cats { - my $self = shift; - my $cgi = $self->cgi; - my $user = $self->ctx->{user}; - - my $ds_map = Fieldmapper::actor::stat_cat_entry_user_map->new; - $ds_map->isnew(1); - $ds_map->stat_cat(12); - $ds_map->stat_cat_entry('KCLS'); - - my $events = $cgi->param('events_mailing'); - my $em_map = Fieldmapper::actor::stat_cat_entry_user_map->new; - $em_map->isnew(1); - $em_map->stat_cat(3); - $em_map->stat_cat_entry($events ? 'Y' : 'N'); - - my $foundation = $cgi->param('foundation_mailing'); - my $fm_map = Fieldmapper::actor::stat_cat_entry_user_map->new; - $fm_map->isnew(1); - $fm_map->stat_cat(4); - $fm_map->stat_cat_entry($foundation ? 'Y' : 'N'); - - $user->stat_cat_entries([$ds_map, $em_map, $fm_map]); - return 1; -} +#sub add_stat_cats { +# my $self = shift; +# my $cgi = $self->cgi; +# my $user = $self->ctx->{user}; +# +# my $ds_map = Fieldmapper::actor::stat_cat_entry_user_map->new; +# $ds_map->isnew(1); +# $ds_map->stat_cat(12); +# $ds_map->stat_cat_entry('KCLS'); +# +# my $events = $cgi->param('events_mailing'); +# my $em_map = Fieldmapper::actor::stat_cat_entry_user_map->new; +# $em_map->isnew(1); +# $em_map->stat_cat(3); +# $em_map->stat_cat_entry($events ? 'Y' : 'N'); +# +# my $foundation = $cgi->param('foundation_mailing'); +# my $fm_map = Fieldmapper::actor::stat_cat_entry_user_map->new; +# $fm_map->isnew(1); +# $fm_map->stat_cat(4); +# $fm_map->stat_cat_entry($foundation ? 'Y' : 'N'); +# +# $user->stat_cat_entries([$ds_map, $em_map, $fm_map]); +# return 1; +#} # Returns true if no dupes found, false if dupes are found. sub check_dupes { -- 2.11.0