Fix bug #491019.

git-svn-id: svn+ssh://svn.fedorahosted.org/svn/pki/trunk@470 c9f7a03b-bd48-0410-a16d-cbbf54688b0b
author: jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2009-05-20 21:06:05 +0000
committer: jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b> 2009-05-20 21:06:05 +0000
commit: 5c408cae66651900db0236f81012cdc0b91e249a (patch)
tree: b7a4426abdfe8a6ea60bf6b3ebce8996d2156d59
parent: 43a2722e8a963cc8c4f5bd67786e9273e34def6e (diff)
3 files changed, 84 insertions, 3 deletions
diff --git a/pki/dogtag/tps-ui/shared/cgi-bin/sow/cfg.pl b/pki/dogtag/tps-ui/shared/cgi-bin/sow/cfg.pl
index bbd4863bc..598cba3df 100755
--- a/pki/dogtag/tps-ui/shared/cgi-bin/sow/cfg.pl
+++ b/pki/dogtag/tps-ui/shared/cgi-bin/sow/cfg.pl
@@ -3,7 +3,7 @@
 # --- BEGIN COPYRIGHT BLOCK ---
 # This library is free software; you can redistribute it and/or
 # modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation.
+# License as published by the Free Software Foundation;
 # 
 # This library is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -141,3 +141,43 @@ sub is_agent()
     return 1;
   }
 }
+
+sub is_user()
+{
+  my ($dn) = @_;
+
+  my $uid = $dn;
+  # need to map a subject dn into user DN
+  $uid =~ /uid=([^,]*)/; # retrieve the uid
+  $uid = $1;
+
+  my $x_host = get_ldap_host();
+  $x_port = get_ldap_port();
+  my $x_basedn = get_base_dn();
+  chomp($x_basedn);
+  my $x_binddn = `grep -e "^tokendb.bindDN" $cfg | cut -c16-`;
+  chomp($x_binddn);
+  my $x_bindpwdpath = `grep -e "^tokendb.bindPassPath" $cfg | cut -c22-`;
+  chomp($x_bindpwdpath);
+  my $x_bindpwd = `grep -e "^tokendbBindPass" $x_bindpwdpath | cut -c17-`;
+  chomp($x_bindpwd);
+
+   my $cmd = $ldapsearch . " " .
+            "-D \"" . $x_binddn . "\" " .
+            "-w \"" . $x_bindpwd . "\" " .
+            "-b \"" . "ou=people,".$x_basedn . "\" " .
+            "-h \"" . $x_host . "\" " .
+            "-p \"" . $x_port ."\" " .
+            "-1 \"(uid=" . $uid . "*)\" | wc -l";
+
+
+  my $matched = `$cmd`;
+
+  chomp($matched);
+
+  if ($matched eq "0" || $matched eq "") {
+    return 0;
+  } else {
+    return 1;
+  }
+}
diff --git a/pki/dogtag/tps-ui/shared/cgi-bin/sow/format.html b/pki/dogtag/tps-ui/shared/cgi-bin/sow/format.html
index 391ddf53e..8b419948a 100755
--- a/pki/dogtag/tps-ui/shared/cgi-bin/sow/format.html
+++ b/pki/dogtag/tps-ui/shared/cgi-bin/sow/format.html
@@ -1,7 +1,7 @@
 <!-- --- BEGIN COPYRIGHT BLOCK ---
      This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
-     License as published by the Free Software Foundation.
+     License as published by the Free Software Foundation; either
      
      This library is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -28,6 +28,7 @@
 <link rel="stylesheet" href="/esc/sow/css/style.css" media="screen" type="text/css">
 <script type="text/javascript">
 <!--
+
 function UserOnCOOLKeyStateError()
 {
   toggleAjaxProgress('ajax-pb', 'off');
@@ -108,6 +109,26 @@ function UserOnCOOLKeyInserted(keyType, keyID)
     updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
   }
   UserSelectRowByKeyID(keyType, keyID);
+
+  var uid = null;
+  var isAgent = false;
+
+  if(keyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(keyType,keyID);
+
+    if(uid)
+    {
+        isAgent = window.IsAgentOrUser(uid,"agent");
+    }      
+    if(isAgent == true)
+    {
+        MyAlert("You can't Format a card that belongs to another Security Officer!");
+
+        updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" SECURITY OFFICER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
 }
 
 function UserOnCOOLKeyRemoved(keyType, keyID)
diff --git a/pki/dogtag/tps-ui/shared/cgi-bin/sow/formatso.html b/pki/dogtag/tps-ui/shared/cgi-bin/sow/formatso.html
index 579aa31fb..6f0b78358 100755
--- a/pki/dogtag/tps-ui/shared/cgi-bin/sow/formatso.html
+++ b/pki/dogtag/tps-ui/shared/cgi-bin/sow/formatso.html
@@ -1,7 +1,7 @@
 <!-- --- BEGIN COPYRIGHT BLOCK ---
      This library is free software; you can redistribute it and/or
      modify it under the terms of the GNU Lesser General Public
-     License as published by the Free Software Foundation.
+     License as published by the Free Software Foundation; either
      
      This library is distributed in the hope that it will be useful,
      but WITHOUT ANY WARRANTY; without even the implied warranty of
@@ -88,6 +88,26 @@ function UserOnCOOLKeyInserted(keyType, keyID)
     updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" is detected!');
   }
   UserSelectRowByKeyID(keyType, keyID);
+
+   var uid = null;
+  var isUser = false;
+
+  if(keyStatus == "ENROLLED")
+  {
+    uid =  GetCoolKeyIssuedTo(keyType,keyID);
+
+    if(uid)
+    {
+        isUser = IsAgentOrUser(uid,"user");
+    }
+    if(isUser == true)
+    {
+        MyAlert("You can't Format a User card here!  Try another card.");
+
+        updateKeyText('A ' + keyStatus + ' smartcard "' + keyID + '" USER is detected!');
+        toggleButton('enrollbtn','off');
+    }
+  }
 }
 
 function UserOnCOOLKeyRemoved(keyType, keyID)
author	jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2009-05-20 21:06:05 +0000
committer	jmagne <jmagne@c9f7a03b-bd48-0410-a16d-cbbf54688b0b>	2009-05-20 21:06:05 +0000
commit	5c408cae66651900db0236f81012cdc0b91e249a (patch)
tree	b7a4426abdfe8a6ea60bf6b3ebce8996d2156d59
parent	43a2722e8a963cc8c4f5bd67786e9273e34def6e (diff)