diff --git a/CHANGELOG.md b/CHANGELOG.md index c2d67fa1f2..9fac928d24 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -35,6 +35,7 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/). - [#6175](https://github.com/apache/trafficcontrol/issues/6175) - POST request to /api/4.0/phys_locations accepts mismatch values for regionName. - Fixed Traffic Monitor parsing stats_over_http output so that multiple stats for the same underlying delivery service (when the delivery service has more than 1 regex) are properly summed together. This makes the resulting data more accurate in addition to fixing the "new stat is lower than last stat" warnings. - Traffic Ops: Sanitize username before executing LDAP query +- [#6457](https://github.com/apache/trafficcontrol/issues/6457) - Fix broken user registration and password reset, due to the last_authenticated value being null. - [#6367](https://github.com/apache/trafficcontrol/issues/6367) - Fix PUT `user/current` to work with v4 User Roles and Permissions - [#6266](https://github.com/apache/trafficcontrol/issues/6266) - Removed postgresql13-devel requirement for traffic_ops - [#6446](https://github.com/apache/trafficcontrol/issues/6446) - Revert Traffic Router rollover file pattern to the one previously used in `log4j.properties` with Log4j 1.2 diff --git a/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.down.sql b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.down.sql new file mode 100644 index 0000000000..084106c81e --- /dev/null +++ b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.down.sql @@ -0,0 +1,16 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with this + * work for additional information regarding copyright ownership. The ASF + * licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ diff --git a/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.up.sql b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.up.sql new file mode 100644 index 0000000000..651c9f5044 --- /dev/null +++ b/traffic_ops/app/db/migrations/2022010715281600_remove_null_last_authenticated.up.sql @@ -0,0 +1,20 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with this + * work for additional information regarding copyright ownership. The ASF + * licenses this file to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT + * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the + * License for the specific language governing permissions and limitations under + * the License. + */ + +UPDATE public.tm_user +SET last_authenticated = now() +WHERE last_authenticated IS NULL; diff --git a/traffic_ops/traffic_ops_golang/login/login.go b/traffic_ops/traffic_ops_golang/login/login.go index 0f31a355cb..f4507d782e 100644 --- a/traffic_ops/traffic_ops_golang/login/login.go +++ b/traffic_ops/traffic_ops_golang/login/login.go @@ -232,6 +232,13 @@ func TokenLoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { return } + _, dbErr := db.Exec(UpdateLoginTimeQuery, username) + if dbErr != nil { + dbErr = fmt.Errorf("unable to update authentication time for user '%s': %w", username, dbErr) + api.HandleErr(w, r, nil, http.StatusInternalServerError, nil, dbErr) + return + } + w.Header().Set(rfc.ContentType, rfc.ApplicationJSON) api.WriteAndLogErr(w, r, append(respBts, '\n')) @@ -372,6 +379,12 @@ func OauthLoginHandler(db *sqlx.DB, cfg config.Config) http.HandlerFunc { } if userAllowed && authenticated { + _, dbErr := db.Exec(UpdateLoginTimeQuery, form.Username) + if dbErr != nil { + dbErr = fmt.Errorf("unable to update authentication time for user '%s': %w", form.Username, dbErr) + api.HandleErr(w, r, nil, http.StatusInternalServerError, nil, dbErr) + return + } httpCookie := tocookie.GetCookie(userId, defaultCookieDuration, cfg.Secrets[0]) http.SetCookie(w, httpCookie) resp = struct { diff --git a/traffic_portal/app/src/common/api/UserService.js b/traffic_portal/app/src/common/api/UserService.js index 11195afc2c..4e7fe31fb6 100644 --- a/traffic_portal/app/src/common/api/UserService.js +++ b/traffic_portal/app/src/common/api/UserService.js @@ -82,14 +82,12 @@ var UserService = function($http, locationUtils, userModel, messageModel, ENV) { ); }; - // todo: change to use query param when it is supported - this.updateUser = function(user) { - return $http.put(ENV.api.unstable + "users/" + user.id, user).then( + this.updateCurrentUser = function(user) { + // We should be using PUT 'user/current' to update the current user + const currUser = { user }; + return $http.put(ENV.api.unstable + 'user/current', currUser).then( function(result) { - if (userModel.user.id === user.id) { - // if you are updating the currently logged in user... - userModel.setUser(user); - } + userModel.setUser(user); messageModel.setMessages(result.data.alerts, false); return result; }, @@ -100,6 +98,24 @@ var UserService = function($http, locationUtils, userModel, messageModel, ENV) { ); }; + // todo: change to use query param when it is supported + this.updateUser = function(user) { + if (userModel.user.id === user.id) { + return this.updateCurrentUser(user); + } else { + return $http.put(ENV.api.unstable + "users/" + user.id, user).then( + function(result) { + messageModel.setMessages(result.data.alerts, false); + return result; + }, + function(err) { + messageModel.setMessages(err.data.alerts, false); + throw err; + } + ); + } + }; + this.registerUser = function(registration) { return $http.post(ENV.api.unstable + "users/register", registration).then( function(result) { diff --git a/traffic_portal/app/src/modules/private/user/UserController.js b/traffic_portal/app/src/modules/private/user/UserController.js index e4d29d39a7..f8afd5d14c 100644 --- a/traffic_portal/app/src/modules/private/user/UserController.js +++ b/traffic_portal/app/src/modules/private/user/UserController.js @@ -51,6 +51,9 @@ var UserController = function($scope, $state, $location, $uibModal, formUtils, l $scope.user = userModel.user; $scope.confirmSave = function(user, usernameField) { + if (usernameField === undefined) { + usernameField = user.username; + } if (usernameField.$dirty) { var params = { title: 'Reauthentication Required',