importPackage(com.ebasetech.xi.api);importPackage(com.ebasetech.xi.services);

1. importPackage(com.ebasetech.xi.api);
2. importPackage(com.ebasetech.xi.services);
3.  
4. try {
5. var eBaseDomain=getSystemVar("EbaseDomain");
6.  
7. fields.USERID.value=fields.PARAM1_VALUE.value;
8. fields.PASSWORD.value=fields.PARAM2_VALUE.value;
9.  
10. tables.USERS.WHERECLAUSE.value="WHERE LOWER(Username)='" + fields.PARAM1_VALUE.value.toLowerCase() + "' AND CONVERT(VARCHAR(MAX),DecryptByKey(Password))='" + fields.PARAM2_VALUE.value + "'";
11.  
12. tables.USERS.fetchTable();
13.  
14. // User account is not enabled
15. if (tables.USERS.rowCount > 0 && tables.USERS.ENABLED.value != 1) {
16. fields.USERID.value=null;
17. fields.ERRORCODE.value = "999";
18. fields.ERRORDESCRIPTION.value = "Your Intranet account is disabled. Please contact the system administrator";
19.  
20. // Add log to indicate failed login
21. addIntranetLog(fields.PARAM1_VALUE.value,null,"Failed login because of disabled Intranet Account","INTRANET LOGIN",system.variables.$BROWSER_IP_ADDRESS.value);
22. } else if (tables.USERS.rowCount == 1) {
23. // Before adding all of the users' role below, make sure that they have access to the HR Menu. If they don't, Ebase will ended up in a never ending loop because
24. // the user doesn't have the HR role so they won't be able to access the HR page. This fixes that problem by granting the user access to the HR if they don't have access already
25. tables.HasAccessToHRMenu.Username.value=tables.USERS.USERNAME.value;
26. tables.HasAccessToHRMenu.fetchTable();
27.  
28. if (tables.HasAccessToHRMenu.HasAccess.value=='N') {
29. // This update will insert a row into users_auth for the current user and the HR menu ID
30. resources.HasAccessToHRMenu.update();
31. }
32.  
33. // Required for eBase SecurityManager to know that the authentication was successfull
34. fields.USERID.value=tables.USERS.REALNAME.value;
35.  
36. // Add these values as credentials so they can be referenced in any script
37. tables.CREDENTIALS.insertRow();
38. tables.CREDENTIALS.ID.value="REALNAME";
39. tables.CREDENTIALS.VALUE.value=tables.USERS.REALNAME.value;
40. tables.CREDENTIALS.updateTable();
41.  
42. tables.CREDENTIALS.insertRow();
43. tables.CREDENTIALS.ID.value="USERID";
44. tables.CREDENTIALS.VALUE.value=tables.USERS.USERID.value;
45. tables.CREDENTIALS.updateTable();
46.  
47. tables.CREDENTIALS.insertRow();
48. tables.CREDENTIALS.ID.value="USERNAME";
49. tables.CREDENTIALS.VALUE.value=tables.USERS.USERNAME.value;
50. tables.CREDENTIALS.updateTable();
51.  
52. tables.CREDENTIALS.insertRow();
53. tables.CREDENTIALS.ID.value="SECID";
54. tables.CREDENTIALS.VALUE.value=tables.USERS.SECID.value;
55. tables.CREDENTIALS.updateTable();
56.  
57. tables.CREDENTIALS.insertRow();
58. tables.CREDENTIALS.ID.value="EMAILADDRESS";
59. tables.CREDENTIALS.VALUE.value=tables.USERS.EMAIL.value;
60. tables.CREDENTIALS.updateTable();
61.  
62. tables.CREDENTIALS.insertRow();
63. tables.CREDENTIALS.ID.value="IGNOREMAINTAINANCEMODE";
64. tables.CREDENTIALS.VALUE.value=(tables.USERS.IGNOREMAINTAINANCEMODE.value == 1 ? 'Y' : 'N');
65. tables.CREDENTIALS.updateTable();
66.  
67. tables.CREDENTIALS.insertRow();
68. tables.CREDENTIALS.ID.value="FORCEPASSWORDRESET";
69. tables.CREDENTIALS.VALUE.value=(tables.USERS.FORCEPASSWORDRESET.value == 1 ? 'Y' : 'N');
70. tables.CREDENTIALS.updateTable();
71.  
72. // Get all the menus that this user is authorized for based on their user ID
73. tables.GENERATE_USER_MENU.UserID.value=tables.USERS.USERID.value;
74. tables.GENERATE_USER_MENU.fetchTable();
75.  
76. if ( tables.GENERATE_USER_MENU.rowCount > 0 ) {
77. var allMenuRows=tables.GENERATE_USER_MENU;
78. var menuRows=allMenuRows.getRows();
79.  
80. while (menuRows.next()) {
81. // Add the menu name to the custom roles so it can be used to determine whether a user has access to that menu
82. tables.CUSTOMROLES.insertRow();
83. tables.CUSTOMROLES.ROLEID.value=allMenuRows.MENUNAME.value;
84. tables.CUSTOMROLES.updateTable();
85. }
86. }
87.  
88. // Get all of the users' permissions based on their user ID
89. tables.Permissions.UserID.value=tables.USERS.USERID.value;
90. tables.Permissions.fetchTable();
91.  
92. var allPermissions=tables.Permissions;
93. var allPermissionsRows=allPermissions.getRows();
94.  
95. while (allPermissionsRows.next()) {
96. tables.CREDENTIALS.insertRow();
97. tables.CREDENTIALS.ID.value=allPermissions.PermissionName.value.toUpperCase(); // Instead of fixing all places that reference the check to see if the user has the permission, I make this upper case so its always consistent
98. tables.CREDENTIALS.VALUE.value=(allPermissions.HasAccess.value==true ? 1 : 0);
99. tables.CREDENTIALS.updateTable();
100. }
101. } else {
102. fields.USERID.value = null;
103.  
104. fields.ERRORCODE.value = "999991";
105. fields.ERRORDESCRIPTION.value = "Your username or password is not correct";
106. //print("Login failed with the username " + fields.PARAM1_VALUE.value);
107.  
108. // Add log to indicate failed login
109. addIntranetLog(fields.PARAM1_VALUE.value,null,"Failed login because of an incorrect username or password 1","INTRANET LOGIN",null);
110. }
111. } catch (e) {
112. fields.USERID.value = null;
113. fields.ERRORCODE.value = "999991";
114. fields.ERRORDESCRIPTION.value = "Your username or password is not correct";
115.  
116. // Add log to indicate failed login
117. addIntranetLog(fields.PARAM1_VALUE.value,null,"Failed login because of an incorrect username or password (in catch statement)","INTRANET LOGIN",system.variables.$BROWSER_IP_ADDRESS.value);
118. }