Allow user activation/deactivation (MySQL auth) (#10511)
* user deactivation feature * update db_schema.yaml * travis fix * readd sqlfile with alter statement * .. * revert force push * combine all queries * fix query * user enable/disable only visible on mysql authorization * Update form.blade.php * Update index.blade.php * disable 'enabled' on own profile * bootstraping checkboxes
This commit is contained in:
parent
552d487ae1
commit
ce628399a9
|
@ -20,7 +20,13 @@ class MysqlAuthorizer extends AuthorizerBase
|
|||
$username = $credentials['username'] ?? null;
|
||||
$password = $credentials['password'] ?? null;
|
||||
|
||||
$hash = User::thisAuth()->where(['username' => $username])->value('password');
|
||||
$user_data = User::thisAuth()->where(['username' => $username])->select('password', 'enabled')->first();
|
||||
$hash = $user_data->password;
|
||||
$enabled = $user_data->enabled;
|
||||
|
||||
if (! $enabled) {
|
||||
throw new AuthenticationException($message = 'login denied');
|
||||
}
|
||||
|
||||
// check for old passwords
|
||||
if (strlen($hash) == 32) {
|
||||
|
|
|
@ -13,7 +13,7 @@ class User extends Authenticatable
|
|||
use Notifiable;
|
||||
|
||||
protected $primaryKey = 'user_id';
|
||||
protected $fillable = ['realname', 'username', 'email', 'level', 'descr', 'can_modify_passwd', 'auth_type', 'auth_id'];
|
||||
protected $fillable = ['realname', 'username', 'email', 'level', 'descr', 'can_modify_passwd', 'auth_type', 'auth_id', 'enabled'];
|
||||
protected $hidden = ['password', 'remember_token', 'pivot'];
|
||||
protected $attributes = [ // default values
|
||||
'descr' => '',
|
||||
|
@ -158,6 +158,11 @@ class User extends Authenticatable
|
|||
$this->attributes['can_modify_passwd'] = $modify ? 1 : 0;
|
||||
}
|
||||
|
||||
public function setEnabledAttribute($enable)
|
||||
{
|
||||
$this->attributes['enabled'] = $enable ? 1 : 0;
|
||||
}
|
||||
|
||||
// ---- Define Relationships ----
|
||||
|
||||
public function apiToken()
|
||||
|
|
|
@ -0,0 +1,32 @@
|
|||
<?php
|
||||
|
||||
use Illuminate\Database\Migrations\Migration;
|
||||
use Illuminate\Database\Schema\Blueprint;
|
||||
|
||||
class AddEnabledToUsers extends Migration
|
||||
{
|
||||
|
||||
/**
|
||||
* Run the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function up()
|
||||
{
|
||||
Schema::table('users', function (Blueprint $table) {
|
||||
$table->boolean('enabled')->default(1);
|
||||
});
|
||||
}
|
||||
|
||||
/**
|
||||
* Reverse the migrations.
|
||||
*
|
||||
* @return void
|
||||
*/
|
||||
public function down()
|
||||
{
|
||||
Schema::table('users', function (Blueprint $table) {
|
||||
$table->dropColumn('enabled');
|
||||
});
|
||||
}
|
||||
}
|
|
@ -1788,6 +1788,7 @@ users:
|
|||
- { Field: created_at, Type: timestamp, 'Null': false, Extra: '', Default: '1970-01-02 00:00:01' }
|
||||
- { Field: updated_at, Type: timestamp, 'Null': false, Extra: '', Default: CURRENT_TIMESTAMP }
|
||||
- { Field: remember_token, Type: varchar(100), 'Null': true, Extra: '' }
|
||||
- { Field: enabled, Type: tinyint(1), 'Null': false, Extra: '', Default: '1' }
|
||||
Indexes:
|
||||
PRIMARY: { Name: PRIMARY, Columns: [user_id], Unique: true, Type: BTREE }
|
||||
username: { Name: username, Columns: [auth_type, username], Unique: true, Type: BTREE }
|
||||
|
|
|
@ -6,6 +6,16 @@
|
|||
</div>
|
||||
</div>
|
||||
|
||||
@if(\LibreNMS\Config::get('auth_mechanism') == 'mysql')
|
||||
<div class="form-group @if($errors->has('enabled')) has-error @endif">
|
||||
<label for="enabled" class="control-label col-sm-3">@lang('Enabled')</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="hidden" value="@if(Auth::id() == $user->user_id) 1 else 0 @endif" name="enabled">
|
||||
<input type="checkbox" id="enabled" name="enabled" data-size="small" @if(old('enabled', $user->enabled)) checked @endif @if(Auth::id() == $user->user_id) disabled @endif>
|
||||
</div>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<div class="form-group @if($errors->has('email')) has-error @endif">
|
||||
<label for="email" class="control-label col-sm-3">@lang('Email')</label>
|
||||
<div class="col-sm-9">
|
||||
|
@ -68,15 +78,16 @@
|
|||
@endif
|
||||
|
||||
@if(\LibreNMS\Authentication\LegacyAuth::get()->canUpdatePasswords())
|
||||
<div class="form-group @if($errors->has('can_modify_passwd')) has-error @endif">
|
||||
<div class="col-sm-9 col-sm-offset-3">
|
||||
<div class="checkbox">
|
||||
<label class="checkbox-inline">
|
||||
<input type="hidden" value="0" name="can_modify_passwd">
|
||||
<input type="checkbox" id="can_modify_passwd" name="can_modify_passwd" @if(old('can_modify_passwd', $user->can_modify_passwd)) checked @endif> @lang('Can Modify Password')
|
||||
</label>
|
||||
</div>
|
||||
<span class="help-block">{{ $errors->first('can_modify_passwd') }}</span>
|
||||
</div>
|
||||
<div class="form-group @if($errors->has('can_modify_passwd')) has-error @endif">
|
||||
<label for="can_modify_passwd" class="control-label col-sm-3">@lang('Can Modify Password')</label>
|
||||
<div class="col-sm-9">
|
||||
<input type="hidden" value="0" name="can_modify_passwd">
|
||||
<input type="checkbox" id="can_modify_passwd" name="can_modify_passwd" data-size="small" @if(old('can_modify_passwd', $user->can_modify_passwd)) checked @endif>
|
||||
<span class="help-block">{{ $errors->first('can_modify_passwd') }}</span>
|
||||
</div>
|
||||
</div>
|
||||
@endif
|
||||
|
||||
<script>
|
||||
$("[type='checkbox']").bootstrapSwitch();
|
||||
</script>
|
||||
|
|
|
@ -17,6 +17,9 @@
|
|||
<th data-column-id="level" data-formatter="level" data-type="numeric">@lang('Access')</th>
|
||||
<th data-column-id="auth_type" data-visible="{{ $multiauth ? 'true' : 'false' }}">@lang('Auth')</th>
|
||||
<th data-column-id="email">@lang('Email')</th>
|
||||
@if(\LibreNMS\Authentication\LegacyAuth::getType() == 'mysql')
|
||||
<th data-column-id="enabled">@lang('Enabled')</th>
|
||||
@endif
|
||||
<th data-column-id="descr">@lang('Description')</th>
|
||||
<th data-column-id="action" data-formatter="actions" data-sortable="false" data-searchable="false">@lang('Actions')</th>
|
||||
</tr>
|
||||
|
@ -30,6 +33,9 @@
|
|||
<td>{{ $user->level }}</td>
|
||||
<td>{{ $user->auth_type }}</td>
|
||||
<td>{{ $user->email }}</td>
|
||||
@if(\LibreNMS\Authentication\LegacyAuth::getType() == 'mysql')
|
||||
<td>{{ $user->enabled }}</td>
|
||||
@endif
|
||||
<td>{{ $user->descr }}</td>
|
||||
<td></td>
|
||||
</tr>
|
||||
|
|
Loading…
Reference in New Issue