#1464 Automatic users' digests generation

lib/redmine_dmsf.rb

@@ -78,6 +78,7 @@ require "#{File.dirname(__FILE__)}/redmine_dmsf/errors/dmsf_lock_error"
 require "#{File.dirname(__FILE__)}/redmine_dmsf/errors/dmsf_zip_max_files_error"
 
 # Hooks
+require "#{File.dirname(__FILE__)}/redmine_dmsf/hooks/controllers/account_controller_hooks"
 require "#{File.dirname(__FILE__)}/redmine_dmsf/hooks/controllers/search_controller_hooks"
 require "#{File.dirname(__FILE__)}/redmine_dmsf/hooks/controllers/issues_controller_hooks"
 require "#{File.dirname(__FILE__)}/redmine_dmsf/hooks/views/view_projects_form_hook"

lib/redmine_dmsf/hooks/controllers/account_controller_hooks.rb

@@ -0,0 +1,50 @@
+# frozen_string_literal: true
+
+# Redmine plugin for Document Management System "Features"
+#
+# Karel Pičman <karel.picman@kontron.com>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+
+module RedmineDmsf
+  module Hooks
+    module Controllers
+      # Account controller hooks
+      class AccountControllerHooks < Redmine::Hook::Listener
+        def controller_account_success_authentication_after(context = {})
+          return unless context.is_a?(Hash)
+
+          controller = context[:controller]
+          return unless controller
+
+          user = context[:user]
+          return unless user
+
+          # Updates user's DMSF WebDAV digest
+          if controller.params[:password].present?
+            token = Token.find_by(user_id: user.id, action: 'dmsf-webdav-digest')
+            token ||= Token.create!(user_id: user.id, action: 'dmsf-webdav-digest')
+            token.value = Digest::MD5.hexdigest(
+              "#{user.login}:#{RedmineDmsf::Webdav::AUTHENTICATION_REALM}:#{controller.params[:password]}"
+            )
+            token.save
+          end
+        rescue StandardError => e
+          Rails.logger.error e.message
+        end
+      end
+    end
+  end
+end

lib/redmine_dmsf/webdav/dmsf_controller.rb

@@ -69,19 +69,23 @@ module RedmineDmsf
           nc = params['nc']
           user = User.find_by(login: username)
           unless user
-            log_error('Digest authentication: provided user name has no match in the DB')
+            Rails.logger.error 'Digest authentication: provided user name has no match in the DB'
+            raise Unauthorized
+          end
+          unless user.active?
+            Rails.logger.error l(:notice_account_locked)
             raise Unauthorized
           end
           token = Token.find_by(user_id: user.id, action: 'dmsf-webdav-digest')
           if token.nil? && defined?(EasyExtensions)
             if user.easy_digest_token_expired?
-              log_error('Digest authentication: digest token expired')
+              Rails.logger.error "Digest authentication: #{user} is locked"
               raise Unauthorized
             end
             ha1 = user.easy_digest_token
           else
             unless token
-              log_error("Digest authentication: no digest found for #{user}")
+              Rails.logger.error "Digest authentication: no digest found for #{user}"
               raise Unauthorized
             end
             ha1 = token.value