Updated login to check user account status.

Merged changes with Jamie's changes from earlier this week.

git-svn-id: http://locode01.ad.dom/svn/WEBMIP/trunk@2904 248e525c-4dfb-0310-94bc-949c084e9493

Modules/mip_security.pck

@@ -84,6 +84,7 @@ recordThe resultant hash is recorded as the username 'password hash'
                                ,p_privilege      IN apex_authorization.privilege%TYPE DEFAULT 'A')
     RETURN BOOLEAN;
   
+
 END mip_security;
 /
 CREATE OR REPLACE PACKAGE BODY mip_security AS
@@ -108,6 +109,17 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
   END get_user_status;
   --
 
+  /**  Updates the user status
+    */
+  PROCEDURE set_user_status(p_username IN VARCHAR2, p_status IN VARCHAR2) IS
+  BEGIN
+    UPDATE parties prty
+       SET prty.status = upper(p_status)
+     WHERE upper(prty.username) = upper(p_username);
+    
+    COMMIT;
+  END;
+  
   /**
   Logs the user into the system and registers with APEX.
   
@@ -119,7 +131,30 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
                  ,p_password   IN VARCHAR2
                  ,p_session_id IN VARCHAR2
                  ,p_flow_page  IN VARCHAR2) IS
+    l_password_days NUMBER;
+    l_password_created_on DATE;
   BEGIN
+    -- check that the account is still valid (password etc.).
+    l_password_created_on := mip_parties.get_user_password_created(p_uname, p_password);
+    --
+    l_password_days := to_date(SYSDATE,'dd/mm/rrrr') - to_date(l_password_created_on,'dd/mm/rrrr');
+    -- check the user's password/account has not expired
+      IF NOT l_password_days 
+          < to_number(cout_system_configuration.get_configuration_item(p_parameter => 'USER_ACCOUNT_LOCK')) THEN
+        -- user account has expired, set the user account to locked and continue on our journey
+        set_user_status(p_username => p_uname
+                       ,p_status => 'LOCKED');
+                       
+      ELSIF NOT l_password_days
+          < to_number(cout_system_configuration.get_configuration_item(p_parameter => 'PASSWORD_EXPIRY_LIMIT')) THEN
+        -- user password has expired, set the user account to expired and continue on our journey
+        set_user_status(p_username => p_uname
+                       ,p_status => 'EXPIRED');
+                       
+      END IF;
+      --
+    
+    --  
     IF get_user_status(p_uname) = 'OPEN' THEN
       -- log in and flow to the requested page
       wwv_flow_custom_auth_std.login(p_uname      => p_uname
@@ -175,6 +210,8 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
        AND pwd.password_hash = get_hash(p_username
                                        ,p_password);
   
+    
+
     RETURN TRUE;
   EXCEPTION
     WHEN no_data_found THEN
@@ -274,8 +311,6 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
           RETURN TRUE;
       END;
     END IF;
-    --JP added block here due to error when no data found
-    BEGIN
     SELECT access_allowed
       INTO l_access_allowed
       FROM (SELECT auth.component_name
@@ -303,11 +338,6 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
                AND auth.component_type = p_component_type
              ORDER BY parl.rt_code)
      WHERE rownum < 2;
-      EXCEPTION
-        WHEN no_data_found THEN
-          -- no access if we can't find any data
-          RETURN FALSE;
-    END;
     IF nvl(l_access_allowed
           ,'NO') = 'YES' THEN
       RETURN TRUE;
@@ -435,7 +465,7 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
       ,SYSDATE
       ,NULL);
   
-    -- now we ned to update the user's status to OPEN
+    -- now we need to update the user's status to OPEN
     UPDATE parties
        SET status = 'OPEN'
      WHERE id = l_prty_id;
@@ -445,7 +475,8 @@ CREATE OR REPLACE PACKAGE BODY mip_security AS
       raise_application_error(-20002
                              ,SQLERRM);
   END new_password;
-
+  --
+  --
   PROCEDURE redirect_on_expired_account(p_username IN VARCHAR2) IS
   BEGIN
     IF get_user_status(p_username) = 'EXPIRED' THEN