# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at https://mozilla.org/MPL/2.0/.
##### Configuration - password ###########################################
#' Configuration - password
#'
#' @name configuration_password
#' @include dMeasure.R
#' needs access to dMeasure and methods and fields
#' @include calculation_definitions.R
#' needs access to functions
#' check password against the current identified user
#'
#' @param dMeasure_obj dMeasure object
#' @param password the password
#'
#' @return TRUE if password is correct
#' otherwise stops with error
#' @export
<- (dMeasure_obj, password) {
dMeasure_obj$(password)
}
.public(, "user_login", (password) {
if ((self$)) {
("No user identified!")
}
if (self$()) {
("No password set for currently identified user!")
}
if (!::(password, self$$Password)) {
("Wrong password")
} {
self$authenticated <-
}
(self$authenticated)
})
#' is password for the current identified user available?
#'
#' returns TRUE if password is not set (NA) or empty
#'
#' @param dMeasure_obj dMeasure object
#'
#' @return TRUE if password is not available
#' @export
<- (dMeasure_obj) {
dMeasure_obj$()
}
.public(, "empty_password", () {
# returns true if password for identified user is not defined, or empty
# this is used by Dailymeasure to prompt for a password to be set
empty <-
if ((self$$Password) || # NULL
(self$$Password) || # NA
(self$$Password) == 0 || # integer(0)
(self$$Password) == 0) { # empty string
empty <-
}
(empty)
})
#' Logout current identified user
#'
#' @param dMeasure_obj dMeasure object
#' @param password the password
#'
#' @return authentication status
#' error (stop) if no identified user
#' warning if not authenticated (logged in)
<- (dMeasure_obj) {
dMeasure_obj$()
}
.public(, "user_logout", () {
if ((self$ %>>% dplyr::collect()) ||
(self$ %>>% dplyr::collect()) == 0) {
# no identified user
} if (self$authenticated == ) {
# user not authetnicated
}
self$authenticated <-
(self$authenticated)
})
.private(, "change_password", (, newpassword) {
# change password of named 'name' (Fullname) user to 'newpassword'
if (!newpassword == "") {
# only encode password if it isn't a reset ("")
newpassword <- ::(newpassword)
}
# encode (actually 'tag') the password, if not an empty string
# tagging (hash) defined in calculation_definitions.R
# replace password
id <- private$.UserConfig %>>%
dplyr::(Fullname == ) %>>%
dplyr::pull(id)
query <- "UPDATE Users SET Password = ? WHERE id = ?"
# write to configuration database
data_for_sql <- (newpassword, id)
self$config_db$dbSendQuery(query, data_for_sql)
# if the connection is a pool, can't send write query (a statement) directly
# so use the object's method
private$trigger(self$config_db_trigR) # send a trigger signal
})
#' Set password of currently identified user
#'
#' if there is an old password, that must be specified
#' if there is no old password, then 'oldpassword' does not need to be defined
#'
#' @param dMeasure_obj dMeasure object
#' @param newpassword the new password
#' @param oldpassword=NULL the old password (if one exists)
#'
#' @return TRUE if password is successfully set
#' otherwise, stops with error
#' @examples
#' \dontrun{
#' a <- dMeasure::dMeasure$new()
#' a$open_emr_db()
#' a$password.set(newpassword = "catsrule", oldpassword = "bluewhale")
#' }
#' @export
<- (dMeasure_obj, newpassword, oldpassword = ) {
dMeasure_obj$(newpassword, oldpassword)
}
.public(, "password.set", (newpassword, oldpassword = ) {
if ((self$)) {
("No user identified!")
}
if (stringi::stri_length(newpassword) < 6 &
stringi::stri_length(newpassword) != 0 &
!("RequirePasswords" %in% self$())) {
# passwords not actually required
("Password must be at least six (6) characters long, or empty.")
}
if (stringi::stri_length(newpassword) < 6 &
("RequirePasswords" %in% self$())) {
# passwords required
("Password must be at least six (6) characters long, and passwords are required.")
}
if (self$()) {
# no password yet set for currently identified user,
# so just accept the 'newpassword'
private$change_password(self$$Fullname, newpassword)
# change SQLite configuration database
self$authenticated <-
} {
# there is an old password, which needs to be compared with 'oldpassword'
if (!::(oldpassword, self$$Password)) {
("Old password incorrect")
} {
# old password specified correctly
private$change_password(self$$Fullname, newpassword)
# change private$.UserConfig and SQLite configuration database
self$authenticated <-
}
}
self$() # re-read 'identified user' configuration, as password has changed
(self$authenticated)
})
#' password.reset
#'
#' Reset pass of (another) user to empty string
#'
#' @param dMeasure_obj dMeasure R6 object
#' @param user Full name of user (not the current identified user)
#' @param newpassword the new password ("" empty string by default)
#'
#' No return value
#' Error (stop) if trying to reset a user which
#' doesn't exist, or trying to reset own password
#' @export
<- (dMeasure_obj, user, newpassword = "") {
dMeasure_obj$(user, newpassword = "")
}
.public(, "password.reset", (user,
newpassword = "") {
(permission <- self$(),
= (w)
((
w,
"'UserAdmin' permission required to reset/edit other passwords."
))
)
if (!(user %in% self$$Fullname)) {
("Only configured users can have a password reset!")
}
if ((self$$Fullname) == 0) {
("You are not logged in as an identified user.")
}
if (user == self$$Fullname) {
("Can't remove/reset your own password!")
}
if (!(newpassword == "")) {
# 'resetting' password is ""
if (stringi::stri_length(newpassword) < 6) {
("Password must be at least six (6) characters long")
}
}
private$change_password(user, newpassword)
# change SQLite configuration database
(self)
})
