From 5e5c97773393b47374e6f180a9610a4870adeb80 Mon Sep 17 00:00:00 2001 From: Carlos Ruiz Date: Fri, 12 Aug 2022 11:15:28 +0200 Subject: [PATCH] IDEMPIERE-5382 Allow just one MFA registration per mechanism (FHCA-3822) (#1439) --- .../i9/oracle/202208112323_IDEMPIERE-5382.sql | 22 +++++++++++++++++++ .../202208112323_IDEMPIERE-5382.sql | 19 ++++++++++++++++ .../org/compiere/model/MMFARegistration.java | 4 ++-- .../src/org/compiere/process/MFARegister.java | 4 ++++ 4 files changed, 47 insertions(+), 2 deletions(-) create mode 100644 migration/i9/oracle/202208112323_IDEMPIERE-5382.sql create mode 100644 migration/i9/postgresql/202208112323_IDEMPIERE-5382.sql diff --git a/migration/i9/oracle/202208112323_IDEMPIERE-5382.sql b/migration/i9/oracle/202208112323_IDEMPIERE-5382.sql new file mode 100644 index 0000000000..b6e9ade436 --- /dev/null +++ b/migration/i9/oracle/202208112323_IDEMPIERE-5382.sql @@ -0,0 +1,22 @@ +-- IDEMPIERE-5382 Allow just one MFA registration per mechanism (FHCA-3822) +SELECT register_migration_script('202208112323_IDEMPIERE-5382.sql') FROM dual; + +SET SQLBLANKLINES ON +SET DEFINE OFF + +-- Aug 11, 2022, 11:23:34 PM CEST +INSERT INTO AD_Val_Rule (AD_Val_Rule_ID,Name,Type,Code,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,EntityType,AD_Val_Rule_UU) VALUES (200163,'MFA_Method not registered by user','S','NOT EXISTS (SELECT 1 FROM MFA_Registration r WHERE r.AD_User_ID=@#AD_User_ID@ AND r.MFA_Method_ID=MFA_Method.MFA_Method_ID AND IsValid=''Y'' AND AD_Client_ID IN (0,@#AD_Client_ID@) AND IsActive=''Y'')',0,0,'Y',TO_TIMESTAMP('2022-08-11 23:23:32','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-08-11 23:23:32','YYYY-MM-DD HH24:MI:SS'),100,'D','608b9cef-4d8e-4e34-b803-7129422b58b0') +; + +-- Aug 11, 2022, 11:23:40 PM CEST +UPDATE AD_Process_Para SET AD_Val_Rule_ID=200163,Updated=TO_TIMESTAMP('2022-08-11 23:23:40','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Process_Para_ID=200350 +; + +-- Aug 11, 2022, 11:27:20 PM CEST +UPDATE AD_Column SET SeqNo=3,Updated=TO_TIMESTAMP('2022-08-11 23:27:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Column_ID=214468 +; + +-- Aug 11, 2022, 11:27:32 PM CEST +UPDATE AD_Column SET IsIdentifier='Y', SeqNo=1,Updated=TO_TIMESTAMP('2022-08-11 23:27:32','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Column_ID=214475 +; + diff --git a/migration/i9/postgresql/202208112323_IDEMPIERE-5382.sql b/migration/i9/postgresql/202208112323_IDEMPIERE-5382.sql new file mode 100644 index 0000000000..8ee7fcd92e --- /dev/null +++ b/migration/i9/postgresql/202208112323_IDEMPIERE-5382.sql @@ -0,0 +1,19 @@ +-- IDEMPIERE-5382 Allow just one MFA registration per mechanism (FHCA-3822) +SELECT register_migration_script('202208112323_IDEMPIERE-5382.sql') FROM dual; + +-- Aug 11, 2022, 11:23:34 PM CEST +INSERT INTO AD_Val_Rule (AD_Val_Rule_ID,Name,Type,Code,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,EntityType,AD_Val_Rule_UU) VALUES (200163,'MFA_Method not registered by user','S','NOT EXISTS (SELECT 1 FROM MFA_Registration r WHERE r.AD_User_ID=@#AD_User_ID@ AND r.MFA_Method_ID=MFA_Method.MFA_Method_ID AND IsValid=''Y'' AND AD_Client_ID IN (0,@#AD_Client_ID@) AND IsActive=''Y'')',0,0,'Y',TO_TIMESTAMP('2022-08-11 23:23:32','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-08-11 23:23:32','YYYY-MM-DD HH24:MI:SS'),100,'D','608b9cef-4d8e-4e34-b803-7129422b58b0') +; + +-- Aug 11, 2022, 11:23:40 PM CEST +UPDATE AD_Process_Para SET AD_Val_Rule_ID=200163,Updated=TO_TIMESTAMP('2022-08-11 23:23:40','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Process_Para_ID=200350 +; + +-- Aug 11, 2022, 11:27:20 PM CEST +UPDATE AD_Column SET SeqNo=3,Updated=TO_TIMESTAMP('2022-08-11 23:27:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Column_ID=214468 +; + +-- Aug 11, 2022, 11:27:32 PM CEST +UPDATE AD_Column SET IsIdentifier='Y', SeqNo=1,Updated=TO_TIMESTAMP('2022-08-11 23:27:32','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Column_ID=214475 +; + diff --git a/org.adempiere.base/src/org/compiere/model/MMFARegistration.java b/org.adempiere.base/src/org/compiere/model/MMFARegistration.java index 2774ce61fe..ae1be16a99 100644 --- a/org.adempiere.base/src/org/compiere/model/MMFARegistration.java +++ b/org.adempiere.base/src/org/compiere/model/MMFARegistration.java @@ -81,7 +81,7 @@ public class MMFARegistration extends X_MFA_Registration { + " WHERE AD_User_ID=?" + " AND MFA_Method_ID=?" + " AND IsValid='Y'" - + " AND AD_Client_ID=?" + + " AND AD_Client_ID IN (0,?)" + " AND IsActive='Y'"); if (prm != null) { sql.append(" AND ParameterValue=?"); @@ -102,7 +102,7 @@ public class MMFARegistration extends X_MFA_Registration { + " SET IsActive='N'" + " WHERE AD_User_ID=?" + " AND MFA_Method_ID=?" - + " AND AD_Client_ID=?" + + " AND AD_Client_ID IN (0,?)" + " AND IsValid='N'" + " AND IsActive='Y'" + " AND MFA_Registration_ID!=?"); diff --git a/org.adempiere.base/src/org/compiere/process/MFARegister.java b/org.adempiere.base/src/org/compiere/process/MFARegister.java index 6badf3a1f3..cff609c49e 100644 --- a/org.adempiere.base/src/org/compiere/process/MFARegister.java +++ b/org.adempiere.base/src/org/compiere/process/MFARegister.java @@ -29,6 +29,7 @@ package org.compiere.process; import java.util.logging.Level; +import org.adempiere.exceptions.AdempiereException; import org.compiere.model.IMFAMechanism; import org.compiere.model.MMFAMethod; import org.compiere.model.MMFARegistration; @@ -78,6 +79,9 @@ public class MFARegister extends SvrProcess { MMFAMethod method = new MMFAMethod(getCtx(), p_MFA_Method_ID, get_TrxName()); IMFAMechanism mechanism = method.getMFAMechanism(); + if (MMFARegistration.alreadyExistsValid(method, null)) + throw new AdempiereException(Msg.getMsg(getCtx(), "MFAMethodAlreadyRegistered")); + retArray = mechanism.register(getCtx(), method, p_ParameterValue, get_TrxName()); if (retArray == null || retArray.length == 0 || ! (retArray[0] instanceof String) ) throw new AdempiereSystemError("Wrong return from mechanism.validate");