From 43689709fc9f87f1026377a435dcef11be9a4bdc Mon Sep 17 00:00:00 2001 From: cmadjar Date: Tue, 28 Feb 2023 14:11:52 -0500 Subject: [PATCH] make the number of days since last login before making a user inactive add default value to config fix phrasing of the config to something hopefully clearer modify RB to add the new config --- SQL/0000-00-03-ConfigTables.sql | 2 ++ ...ate_max_days_inactive_config_for_users.sql | 24 +++++++++++++++++++ php/libraries/SinglePointLogin.class.inc | 20 ++++++++++++---- raisinbread/RB_files/RB_Config.sql | 1 + raisinbread/RB_files/RB_ConfigSettings.sql | 2 +- 5 files changed, 44 insertions(+), 5 deletions(-) create mode 100644 SQL/New_patches/2023-02-28_create_max_days_inactive_config_for_users.sql diff --git a/SQL/0000-00-03-ConfigTables.sql b/SQL/0000-00-03-ConfigTables.sql index aeae7243dd9..8f7b898ea12 100644 --- a/SQL/0000-00-03-ConfigTables.sql +++ b/SQL/0000-00-03-ConfigTables.sql @@ -62,6 +62,7 @@ INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, Parent, Label, OrderNumber) SELECT 'usePwnedPasswordsAPI', 'Whether to query the Have I Been Pwned password API on password changes to prevent the usage of common and breached passwords', 1, 0, 'boolean', ID, 'Enable "Pwned Password" check', 27 FROM ConfigSettings WHERE Name="study"; INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, Parent, Label, OrderNumber) SELECT 'dateDisplayFormat', 'The date format to use throughout LORIS for displaying date information - formats for date inputs are browser- and locale-dependent.', 1, 0, 'text', ID, 'Date display format', 28 FROM ConfigSettings WHERE Name="study"; INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, Parent, Label, OrderNumber) SELECT 'adminContactEmail', 'An email address that users can write to in order to report issues or ask question', 1, 0, 'text', ID, 'Administrator Email', 29 FROM ConfigSettings WHERE Name="study"; +INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, Parent, Label, OrderNumber) SELECT 'UserMaximumDaysInactive', 'The maximum number of days since last login before making a user inactive', 1, 0, 'text', ID, 'Maximum Days Before Making User Inactive', 30 FROM ConfigSettings WHERE Name="study"; INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, Label, OrderNumber) VALUES ('paths', 'Specify directories where LORIS-related files are stored or created. Take care when editing these fields as changing them incorrectly can cause certain modules to lose functionality.', 1, 0, 'Paths', 2); INSERT INTO ConfigSettings (Name, Description, Visible, AllowMultiple, DataType, Parent, Label, OrderNumber) SELECT 'imagePath', 'Path to images for display in Imaging Browser (e.g. /data/$project/data/) ', 1, 0, 'text', ID, 'Images', 9 FROM ConfigSettings WHERE Name="paths"; @@ -202,6 +203,7 @@ INSERT INTO Config (ConfigID, Value) SELECT ID, "Modify this to your project's c INSERT INTO Config (ConfigID, Value) SELECT ID, "" FROM ConfigSettings WHERE Name="CSPAdditionalHeaders"; INSERT INTO Config (ConfigID, Value) SELECT ID, "Ymd" FROM ConfigSettings WHERE Name="dobFormat"; INSERT INTO Config (ConfigID, Value) SELECT ID, "Ymd" FROM ConfigSettings WHERE Name="dodFormat"; +INSERT INTO Config (ConfigID, Value) SELECT ID, "365" FROM ConfigSettings WHERE Name="UserMaximumDaysInactive"; INSERT INTO Config (ConfigID, Value) SELECT ID, "/data/%PROJECTNAME%/data/" FROM ConfigSettings WHERE Name="imagePath"; diff --git a/SQL/New_patches/2023-02-28_create_max_days_inactive_config_for_users.sql b/SQL/New_patches/2023-02-28_create_max_days_inactive_config_for_users.sql new file mode 100644 index 00000000000..87a230ece9c --- /dev/null +++ b/SQL/New_patches/2023-02-28_create_max_days_inactive_config_for_users.sql @@ -0,0 +1,24 @@ +INSERT INTO ConfigSettings + ( + Name, + Description, + Visible, + AllowMultiple, + DataType, + Parent, + Label, + OrderNumber + ) + SELECT + 'UserMaximumDaysInactive', + 'The maximum number of days since last login before making a user inactive', + 1, + 0, + 'text', + ID, + 'Maximum Days Before Making User Inactive', + 30 + FROM ConfigSettings + WHERE Name="study"; + +INSERT INTO Config (ConfigID, Value) SELECT ID, "365" FROM ConfigSettings WHERE Name="UserMaximumDaysInactive"; diff --git a/php/libraries/SinglePointLogin.class.inc b/php/libraries/SinglePointLogin.class.inc index a61219692ac..0b86424a0e3 100644 --- a/php/libraries/SinglePointLogin.class.inc +++ b/php/libraries/SinglePointLogin.class.inc @@ -253,6 +253,16 @@ class SinglePointLogin $this->_lastError = ''; + $factory = NDB_Factory::singleton(); + $config = $factory->config(); + + $maxDaysInactive = $config->getSetting("UserMaximumDaysInactive"); + if (!empty($maxDaysInactive) && is_numeric($maxDaysInactive)) { + $maxDaysInactive = intval($maxDaysInactive); + } else { + $maxDaysInactive = null; + } + /////////////////////////// ///initialization///// ////////////////////////// @@ -356,7 +366,8 @@ class SinglePointLogin } if ($row['Active'] == 'N' - || $this->disabledDueToInactivity($username, 365) + || (!empty($maxDaysInactive) + && $this->disabledDueToInactivity($username, $maxDaysInactive)) ) { $this->_lastError = "Your account has been deactivated." . " Please contact your project administrator to" @@ -401,7 +412,7 @@ class SinglePointLogin && ($currentDay < strtotime($row['active_from'])) ) { $this->_lastError = "Your account is not active yet." - ." According to our records it will be active from + ." According to our records it will be active from {$row['active_from']}" . " Please contact your project administrator"; return false; @@ -416,7 +427,8 @@ class SinglePointLogin return false; } if ($row['Active'] == 'N' - || $this->disabledDueToInactivity($username, 365) + || (!empty($maxDaysInactive) + && $this->disabledDueToInactivity($username, $maxDaysInactive)) ) { $this->_lastError = "Your account has been deactivated." . " Please contact your project administrator to" @@ -600,7 +612,7 @@ class SinglePointLogin $DB = \NDB_Factory::singleton()->database(); $query = "SELECT MAX(Login_timestamp) as Login_timestamp - FROM user_login_history + FROM user_login_history WHERE UserID = :username"; $row = $DB->pselectRow($query, ['username' => $username]); diff --git a/raisinbread/RB_files/RB_Config.sql b/raisinbread/RB_files/RB_Config.sql index 7f18fa43790..6b8cb893afb 100644 --- a/raisinbread/RB_files/RB_Config.sql +++ b/raisinbread/RB_files/RB_Config.sql @@ -111,5 +111,6 @@ INSERT INTO `Config` (`ID`, `ConfigID`, `Value`) VALUES (122,126,'0'); INSERT INTO `Config` (`ID`, `ConfigID`, `Value`) VALUES (123,127,''); INSERT INTO `Config` (`ID`, `ConfigID`, `Value`) VALUES (124,128,''); INSERT INTO `Config` (`ID`, `ConfigID`, `Value`) VALUES (125,129,''); +INSERT INTO `Config` (`ID`, `ConfigID`, `Value`) VALUES (126,129,'365'); UNLOCK TABLES; SET FOREIGN_KEY_CHECKS=1; diff --git a/raisinbread/RB_files/RB_ConfigSettings.sql b/raisinbread/RB_files/RB_ConfigSettings.sql index 33dc2a9d6c9..070ba56c6cb 100644 --- a/raisinbread/RB_files/RB_ConfigSettings.sql +++ b/raisinbread/RB_files/RB_ConfigSettings.sql @@ -27,7 +27,6 @@ INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMult INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (26,'paths','Specify directories where LORIS-related files are stored or created. Take care when editing these fields as changing them incorrectly can cause certain modules to lose functionality.',1,0,NULL,NULL,'Paths',2); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (27,'imagePath','Path to images for display in Imaging Browser (e.g. /data/$project/data/) ',1,0,'web_path',26,'Images',9); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (28,'base','The base filesystem path where LORIS is installed',1,0,'web_path',26,'Base',1); -INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (32,'DownloadPath','Where files are downloaded',1,0,'web_path',26,'Downloads',4); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (33,'log','Path to logs (relative path starting from /var/www/$projectname)',1,0,'path',26,'Logs',2); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (34,'IncomingPath','Path for imaging data transferred to the project server (e.g. /data/incoming/$project/)',1,0,'web_path',26,'Incoming data',7); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (35,'MRICodePath','Path to directory where Loris-MRI (git) code is installed',1,0,'path',26,'LORIS-MRI code',6); @@ -119,5 +118,6 @@ INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMult INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (126,'createVisit','Enable visit creation in the imaging pipeline',1,0,'boolean',69,'Enable visit creation',11); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (127,'default_project','Default project used when creating scan candidate or visit',1,0,'text',69,'Default project',12); INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (128,'default_cohort','Default cohort used when creating scan visit',1,0,'text',69,'Default cohort',13); +INSERT INTO `ConfigSettings` (`ID`, `Name`, `Description`, `Visible`, `AllowMultiple`, `DataType`, `Parent`, `Label`, `OrderNumber`) VALUES (129,'UserMaximumDaysInactive','The maximum number of days since last login before making a user inactive.',1,0,'text',1,'Maximum Days Before Making User Inactive',30); UNLOCK TABLES; SET FOREIGN_KEY_CHECKS=1;