issue #0001097 : Simplify auth request and remove access for user with accesWS define
This commit is contained in:
Michael RICOIS
parent
a3132bc835
commit
ce8192b9ae
@ -18,6 +18,16 @@ class WsScore
|
||||
protected $dbConfig; //Configuration BDD Zend
|
||||
protected $tabInfoUser; //Stockage des informations utilisateurs
|
||||
|
||||
/**
|
||||
* List all application IPs
|
||||
* @var array
|
||||
*/
|
||||
protected $listApplicationIp = array (
|
||||
'127.0.0.1', //Development, and WebService himself
|
||||
'88.191.79.121', //Extranet
|
||||
'78.31.45.206', //SDSL RAMBOUILLET
|
||||
);
|
||||
|
||||
protected $listeDroits = array(
|
||||
'KBIS' => 'Extrait RCS',
|
||||
'ACTES' => 'Pièces officielles',
|
||||
@ -104,7 +114,7 @@ class WsScore
|
||||
define ('DATE_LISIBLE', substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
|
||||
define ('TIME_LISIBLE', substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));
|
||||
|
||||
$dbConfig = new Zend_Config_Ini(APPLICATION_PATH . '/configs/databases.ini', APPLICATION_ENV);
|
||||
$dbConfig = new Zend_Config_Ini(APPLICATION_PATH . '/configs/databases.ini');
|
||||
$this->dbConfig = $dbConfig->db;
|
||||
}
|
||||
|
||||
@ -279,13 +289,10 @@ class WsScore
|
||||
$iDbCrm = new WDB('sdv1');
|
||||
$rep = $iDbCrm->select(
|
||||
'utilisateurs u, clients c',
|
||||
'u.login, u.id, u.email, u.password, u.idClient, u.typeCompte, u.actif, u.filtre_ip, u.civilite,'.
|
||||
' u.nom, u.prenom, u.tel, u.fax, u.mobile, u.profil, u.raisonSociale, u.siret, u.adrNum,'.
|
||||
' u.adrIndRep, u.adrTypeVoie, u.adrLibVoie, u.adrCp, u.adrVille, u.adrComp, u.tel, u.fax,'.
|
||||
' u.mobile, u.pref, u.rechRefType, u.profil, u.dateInscription, u.dateValidation, u.nombreConnexions,'.
|
||||
' u.dateDerniereConnexion, u.droits, u.referenceParDefaut, u.nbReponses, u.formatMail,'.
|
||||
' u.dateDebutCompte, u.dateFinCompte, u.maxFicheId, c.droits AS droitsClients, c.test AS clientTest,'.
|
||||
' c.typeScore, c.timeout',
|
||||
'u.login, u.id, u.email, u.password, u.idClient, u.typeCompte, u.actif, u.filtre_ip, u.profil,'.
|
||||
' u.pref, u.rechRefType, u.profil, u.nombreConnexions, u.dateDerniereConnexion, u.droits,'.
|
||||
' u.referenceParDefaut, u.nbReponses, u.formatMail, u.dateDebutCompte, u.dateFinCompte, u.accesWS,'.
|
||||
' c.droits AS droitsClients, c.test AS clientTest, c.typeScore, c.timeout',
|
||||
"u.login='$login' AND u.idClient=c.id AND u.actif=1 AND u.deleted=0 AND c.actif='Oui'",
|
||||
false, MYSQL_ASSOC
|
||||
);
|
||||
@ -307,28 +314,10 @@ class WsScore
|
||||
'typeCompte' => $tabRep['typeCompte'],
|
||||
'idClient' => $tabRep['idClient'],
|
||||
'filtre_ip' => $tabRep['filtre_ip'],
|
||||
'ipPasserelle' => '',
|
||||
'ipConnexion' => $ipConnexion,
|
||||
'civilite' => $tabRep['civilite'],
|
||||
'nom' => $tabRep['nom'],
|
||||
'prenom' => $tabRep['prenom'],
|
||||
'raisonSociale' => $tabRep['raisonSociale'],
|
||||
'siret' => $tabRep['siret'],
|
||||
'adrNum' => $tabRep['adrNum'],
|
||||
'adrIndRep' => $tabRep['adrIndRep'],
|
||||
'adrTypeVoie' => $tabRep['adrTypeVoie'],
|
||||
'adrLibVoie' => $tabRep['adrLibVoie'],
|
||||
'adrCp' => $tabRep['adrCp'],
|
||||
'adrVille' => $tabRep['adrVille'],
|
||||
'adrComp' => $tabRep['adrComp'],
|
||||
'tel' => $tabRep['tel'],
|
||||
'fax' => $tabRep['fax'],
|
||||
'mobile' => $tabRep['mobile'],
|
||||
'pref' => $tabRep['pref'],
|
||||
'rechRefType' => $tabRep['rechRefType'],
|
||||
'profil' => $tabRep['profil'],
|
||||
'dateInscription' => $tabRep['dateInscription'],
|
||||
'dateValidation' => $tabRep['dateValidation'],
|
||||
'nombreConnexions' => $tabRep['nombreConnexions'],
|
||||
'dateDerniereConnexion' => $tabRep['dateDerniereConnexion'],
|
||||
'droits' => $tabRep['droits'],
|
||||
@ -341,8 +330,6 @@ class WsScore
|
||||
'referenceParDefaut' => $tabRep['referenceParDefaut'],
|
||||
'dateDebutCompte' => $tabRep['dateDebutCompte'],
|
||||
'dateFinCompte' => $tabRep['dateFinCompte'],
|
||||
'maxFicheId' => $tabRep['maxFicheId'],
|
||||
'typeScore' => $tabRep['typeScore'],
|
||||
);
|
||||
debugLog('W',"CheckAuth $login/$password OK", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
|
||||
|
||||
@ -368,6 +355,16 @@ class WsScore
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Acces WS, block access to other apps
|
||||
*/
|
||||
if ($tabRep['accesWS']==1) {
|
||||
if ( in_array($ipConnexion, $this->listApplicationIp) && $tabRep['idClient']!=1 ) {
|
||||
file_put_contents('test.log', 'ERREUR', FILE_APPEND);
|
||||
return '0901';
|
||||
}
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
debugLog('W',"CheckAuth $login/$password incorrect (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user