rename user_enabled to check_user_enabled

And add $noerr parameter.
2025-06-03 22:24:28 +00:00 · 2012-01-19 06:49:02 +01:00 · 2012-01-19 06:49:02 +01:00 · 7070c1aee5
commit 7070c1aee5
parent a427cecb2b
3 changed files with 15 additions and 12 deletions
--- a/PVE/API2/AccessControl.pm
+++ b/PVE/API2/AccessControl.pm
@ -140,6 +140,9 @@ __PACKAGE__->register_method ({
 	my $token;
 	eval {

+	    # test if user exists and is enabled
+	    $rpcenv->check_user_enabled($username);
+
 	    if ($param->{path} && $param->{privs}) {
 		my $privs = [ PVE::Tools::split_list($param->{privs}) ];
 		my $path = PVE::AccessControl::normalize_path($param->{path});
@ -154,9 +157,6 @@ __PACKAGE__->register_method ({
 		# got valid ticket
 		# Note: root@pam can create tickets for other users
 		
-		# test if user exists and is enabled
-		my $usercfg = cfs_read_file('user.cfg');
-		die "no such user ('$username')\n" if !user_enabled($usercfg, $username);
 	    } else {
 		$username = PVE::AccessControl::authenticate_user($username, $param->{password});
 	    }
--- a/PVE/AccessControl.pm
+++ b/PVE/AccessControl.pm
@ -323,10 +323,10 @@ sub authenticate_user_domain {
    }
 }

-sub user_enabled {
-    my ($usercfg, $username) = @_;
+sub check_user_enabled {
+    my ($usercfg, $username, $noerr) = @_;

-    $username = verify_username($username, 1);
+    $username = verify_username($username, $noerr);
    return undef if !$username;
 
    return 1 if $usercfg && $usercfg->{users}->{$username} &&
@ -334,7 +334,9 @@ sub user_enabled {

    return 1 if $username eq 'root@pam'; # root is always enabled

-    return 0;
+    die "no such user ('$username')\n" if !$noerr;
+ 
+    return undef;
 }

 # password should be utf8 encoded
@ -349,9 +351,10 @@ sub authenticate_user {

    my $usercfg = cfs_read_file('user.cfg');

-    if (!user_enabled($usercfg, $username)) {
+    eval { check_user_enabled($usercfg, $username); };
+    if (my $err = $@) {
 	sleep(2);
-	die "no such user ('$username')\n";
+	die $err;
    }

    my $ctime = time();
--- a/PVE/RPCEnvironment.pm
+++ b/PVE/RPCEnvironment.pm
@ -165,11 +165,11 @@ sub check {
    return 1;
 };

-sub user_enabled {
-    my ($self, $user) = @_;
+sub check_user_enabled {
+    my ($self, $user, $noerr) = @_;
    
    my $cfg = $self->{user_cfg};
-    return PVE::AccessControl::user_enabled($cfg, $user);
+    return PVE::AccessControl::check_user_enabled($cfg, $user, $noerr);
 }

 # initialize environment - must be called once at program startup