function doAction()
{
if (isset($_POST['logout'])) {
unset($_SESSION['cid']);
AuthCookie::destroyAuthentication();
$this->result = 'unlogged';
}
}
function doAction (){
//if parameters are set
if(!empty($this->login) or !empty($this->pass) and !isset($_POST['logout']) and !isset($_POST['reset'])){
//check login
$this->doLogin();
}
if(isset($_POST['logout'])){
unset($_SESSION['cid']);
AuthCookie::destroyAuthentication();
$this->result='unlogged';
}
if(isset($_POST['reset'])){
$outcome=sendResetLink($this->login);
if($outcome) $this->result='sent';
}
}
public function doAction()
{
if ($this->user_logged && !empty($this->userData)) {
//user has been validated, data was by Google
//check if user exists in db; if not, create
$result = tryInsertUserFromOAuth($this->userData);
if (false == $result) {
die("error in insert");
}
//set stuff
AuthCookie::setCredentials($this->userData['email'], $result['uid']);
//$_SESSION['cid'] = $this->userdata['email'];
$_theresAnonymousProject = isset($_SESSION['_anonym_pid']) && !empty($_SESSION['_anonym_pid']);
$_incomingFromNewProject = isset($_SESSION['_newProject']) && !empty($_SESSION['_newProject']);
if ($_theresAnonymousProject && $_incomingFromNewProject) {
//update anonymous project with user credentials
$result = updateProjectOwner($this->userData['email'], $_SESSION['_anonym_pid']);
}
}
//destroy session info of last anonymous project
unset($_SESSION['_anonym_pid']);
unset($_SESSION['_newProject']);
}
/**
* @param int $issue_id
* @param bool $redeemed_only
* @return array
* @access protected
*/
public function getIncidentTypes($issue_id, $redeemed_only)
{
$prj_id = Issue::getProjectID($issue_id);
AuthCookie::setProjectCookie($prj_id);
// FIXME: $customer_id unused
$customer_id = Issue::getCustomerID($issue_id);
if (!CRM::hasCustomerIntegration($prj_id)) {
// no customer integration
throw new RemoteApiException("No customer integration for issue #{$issue_id}");
}
$crm = CRM::getInstance($prj_id);
// FIXME: $all_types unused
$all_types = $crm->getIncidentTypes();
$contract = $crm->getContract(Issue::getContractID($issue_id));
if (!$contract->hasPerIncident()) {
// check if is per incident contract
throw new RemoteApiException("Customer for issue #{$issue_id} does not have a per-incident contract");
}
$incidents = $contract->getIncidents();
foreach ($incidents as $type_id => $type_details) {
$is_redeemed = $contract->isRedeemedIncident($issue_id, $type_id);
if ($redeemed_only && !$is_redeemed || !$redeemed_only && $is_redeemed) {
unset($incidents[$type_id]);
}
}
return $incidents;
}
/**
* Class constructor
*
* @param bool $isAuthRequired
*/
public function __construct($isAuthRequired = false)
{
if (!parent::isRightVersion()) {
header("Location: " . INIT::$HTTPHOST . INIT::$BASEURL . "badConfiguration", true, 303);
exit;
}
//SESSION ENABLED
parent::sessionStart();
//load Template Engine
require_once INIT::$ROOT . '/inc/PHPTAL/PHPTAL.php';
$this->supportedBrowser = $this->isSupportedWebBrowser();
//try to get user name from cookie if it is not present and put it in session
if (empty($_SESSION['cid'])) {
//log::doLog(get_class($this)." requires check for login");
$username_from_cookie = AuthCookie::getCredentials();
if ($username_from_cookie) {
$_SESSION['cid'] = $username_from_cookie['username'];
$_SESSION['uid'] = $username_from_cookie['uid'];
}
}
//even if no login in required, if user data is present, pull it out
if (!empty($_SESSION['cid'])) {
$userSearch = new Users_UserStruct();
$userSearch->email = $_SESSION['cid'];
$userDao = new Users_UserDao(Database::obtain());
$userObject = $userDao->read($userSearch);
/**
* @var $userObject Users_UserStruct
*/
$userObject = $userObject[0];
// $this->logged_user = getUserData( $_SESSION[ 'cid' ] );
$this->logged_user = $userObject;
}
if ($isAuthRequired) {
//if auth is required, stat procedure
$this->doAuth();
}
}
/**
* NOTE: this needs to be public for PHP 5.3 compatibility
*
* @param ReflectionMethod $method
* @param array $params Method parameters in already decoded into PHP types
* @param bool $public true if method should not be protected with login/password
* @param array $pdesc Parameter descriptions
* @return string
*/
public function handle($method, $params, $public, $pdesc)
{
// there's method to set this via $client->setAutoBase64(true);
// but nothing at server side. where we actually need it
$GLOBALS['XML_RPC_auto_base64'] = true;
try {
if (!$public) {
list($email, $password) = $this->getAuthParams($params);
if (!Auth::isCorrectPassword($email, $password) && !APIAuthToken::isTokenValidForEmail($password, $email)) {
// FIXME: role is not checked here
throw new RemoteApiException("Authentication failed for {$email}. Your login/password/api key is invalid or you do not have the proper role.");
}
AuthCookie::setAuthCookie($email);
}
if ($pdesc) {
$this->decodeParams($params, $pdesc);
}
$res = $method->invokeArgs($this->api, $params);
} catch (Exception $e) {
global $XML_RPC_erruser;
$code = $e->getCode() ?: 1;
$res = new XML_RPC_Response(0, $XML_RPC_erruser + $code, $e->getMessage());
}
if (!$res instanceof XML_RPC_Response) {
$res = new XML_RPC_Response(XML_RPC_Encode($res));
}
return $res;
}
/**
* Method used to get the system-wide defaults.
*
* @return string array of the default parameters
*/
public static function getDefaults()
{
$defaults = array('host' => 'localhost', 'port' => 443, 'context' => '/cas', 'customer_id_attribute' => '', 'contact_id_attribute' => '', 'create_users' => null, 'default_role' => array());
if (AuthCookie::hasAuthCookie()) {
// ensure there is entry for current project
$prj_id = Auth::getCurrentProject();
$defaults['default_role'][$prj_id] = 0;
}
return $defaults;
}
/*
* This file is part of the Eventum (Issue Tracking System) package.
*
* @copyright (c) Eventum Team
* @license GNU General Public License, version 2 or later (GPL-2+)
*
* For the full copyright and license information,
* please see the COPYING and AUTHORS files
* that were distributed with this source code.
*/
require_once __DIR__ . '/../../init.php';
// handle ajax upload
// FIXME: no identity logged who added the file.
try {
// check if logged in. if not, just give error
if (!AuthCookie::hasAuthCookie()) {
throw new BadFunctionCallException(ev_gettext('Must be logged in'));
}
if (!isset($_GET['file'])) {
// TRANSLATORS: this is technical error and should not be displayed to end users
throw new InvalidArgumentException(ev_gettext('No file argument'));
}
$file = (string) $_GET['file'];
if (!isset($_FILES[$file])) {
throw new InvalidArgumentException(ev_gettext('No files uploaded'));
}
$iaf_id = Attachment::addFiles($_FILES[$file]);
$res = array('error' => 0, 'iaf_id' => $iaf_id);
} catch (Exception $e) {
$code = $e->getCode();
$res = array('error' => $code ? $code : -1, 'message' => $e->getMessage());
/**
* Gets the current selected project from the project cookie.
*
* @return integer The project ID
*/
public static function getCurrentProject($redirect = true)
{
$cookie = AuthCookie::getProjectCookie();
if (!$cookie) {
return '';
}
$usr_id = self::getUserID();
$projects = Project::getAssocList($usr_id);
if ($usr_id == APP_SYSTEM_USER_ID) {
return isset($cookie['prj_id']) ? (int) $cookie['prj_id'] : null;
}
if ($projects != null && !in_array($cookie['prj_id'], array_keys($projects))) {
if ($redirect) {
self::redirect('select_project.php');
} else {
return false;
}
}
return $cookie['prj_id'];
}
/**
* Creates a new issue from an email if appropriate. Also returns if this message is related
* to a previous message.
*
* @param array $info An array of info about the email account.
* @param string $headers The headers of the email.
* @param string $message_body The body of the message.
* @param string $date The date this message was sent
* @param string $from The name and email address of the sender.
* @param string $subject The subject of this message.
* @param array $to An array of to addresses
* @param array $cc An array of cc addresses
* @return array An array of information about the message
*/
public function createIssueFromEmail($info, $headers, $message_body, $date, $from, $subject, $to, $cc)
{
$should_create_issue = false;
$issue_id = '';
$associate_email = '';
$type = 'email';
$parent_id = '';
$customer_id = false;
$contact_id = false;
$contract_id = false;
$severity = false;
// we can't trust the in-reply-to from the imap c-client, so let's
// try to manually parse that value from the full headers
$references = Mail_Helper::getAllReferences($headers);
$message_id = Mail_Helper::getMessageID($headers, $message_body);
$workflow = Workflow::getIssueIDforNewEmail($info['ema_prj_id'], $info, $headers, $message_body, $date, $from, $subject, $to, $cc);
if (is_array($workflow)) {
if (isset($workflow['customer_id'])) {
$customer_id = $workflow['customer_id'];
}
if (isset($workflow['contract_id'])) {
$contract_id = $workflow['contract_id'];
}
if (isset($workflow['contact_id'])) {
$contact_id = $workflow['contact_id'];
}
if (isset($workflow['severity'])) {
$severity = $workflow['severity'];
}
if (isset($workflow['should_create_issue'])) {
$should_create_issue = $workflow['should_create_issue'];
} else {
$should_create_issue = true;
}
} elseif ($workflow == 'new') {
$should_create_issue = true;
} elseif (is_numeric($workflow)) {
$issue_id = $workflow;
} else {
$setup = Setup::get();
if ($setup['subject_based_routing']['status'] == 'enabled') {
// Look for issue ID in the subject line
// look for [#XXXX] in the subject line
if (preg_match("/\\[#(\\d+)\\]( Note| BLOCKED)*/", $subject, $matches)) {
$should_create_issue = false;
$issue_id = $matches[1];
if (!Issue::exists($issue_id, false)) {
$issue_id = '';
} elseif (!empty($matches[2])) {
$type = 'note';
}
} else {
$should_create_issue = true;
}
} else {
// - if this email is a reply:
if (count($references) > 0) {
foreach ($references as $reference_msg_id) {
// -> check if the replied email exists in the database:
if (Note::exists($reference_msg_id)) {
// note exists
// get what issue it belongs too.
$issue_id = Note::getIssueByMessageID($reference_msg_id);
$should_create_issue = false;
$type = 'note';
$parent_id = Note::getIDByMessageID($reference_msg_id);
break;
} elseif (self::exists($reference_msg_id) || Issue::getIssueByRootMessageID($reference_msg_id) != false) {
// email or issue exists
$issue_id = self::getIssueByMessageID($reference_msg_id);
if (empty($issue_id)) {
$issue_id = Issue::getIssueByRootMessageID($reference_msg_id);
}
if (empty($issue_id)) {
// parent email isn't associated with issue.
// --> create new issue, associate current email and replied email to this issue
$should_create_issue = true;
$associate_email = $reference_msg_id;
} else {
// parent email is associated with issue:
// --> associate current email with existing issue
$should_create_issue = false;
}
break;
} else {
// no matching note, email or issue:
// => create new issue and associate current email with it
$should_create_issue = true;
}
}
} else {
// - if this email is not a reply:
// -> create new issue and associate current email with it
$should_create_issue = true;
}
}
}
$sender_email = Mail_Helper::getEmailAddress($from);
if (Misc::isError($sender_email)) {
$sender_email = 'Error Parsing Email <>';
}
// only create a new issue if this email is coming from a known customer
if ($should_create_issue && $info['ema_issue_auto_creation_options']['only_known_customers'] == 'yes' && CRM::hasCustomerIntegration($info['ema_prj_id']) && !$customer_id) {
try {
$crm = CRM::getInstance($info['ema_prj_id']);
$should_create_issue = true;
} catch (CRMException $e) {
$should_create_issue = false;
}
}
// check whether we need to create a new issue or not
if ($info['ema_issue_auto_creation'] == 'enabled' && $should_create_issue && !Notification::isBounceMessage($sender_email)) {
$options = Email_Account::getIssueAutoCreationOptions($info['ema_id']);
AuthCookie::setAuthCookie(APP_SYSTEM_USER_ID);
AuthCookie::setProjectCookie($info['ema_prj_id']);
$issue_id = Issue::createFromEmail($info['ema_prj_id'], APP_SYSTEM_USER_ID, $from, Mime_Helper::decodeQuotedPrintable($subject), $message_body, @$options['category'], @$options['priority'], @$options['users'], $date, $message_id, $severity, $customer_id, $contact_id, $contract_id);
// add sender to authorized repliers list if they are not a real user
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if (empty($sender_usr_id)) {
Authorized_Replier::manualInsert($issue_id, $sender_email, false);
}
// associate any existing replied-to email with this new issue
if (!empty($associate_email) && !empty($reference_issue_id)) {
$reference_sup_id = self::getIDByMessageID($associate_email);
self::associate(APP_SYSTEM_USER_ID, $issue_id, array($reference_sup_id));
}
}
// need to check crm for customer association
if (!empty($from)) {
if (CRM::hasCustomerIntegration($info['ema_prj_id']) && !$customer_id) {
// check for any customer contact association
try {
$crm = CRM::getInstance($info['ema_prj_id']);
$contact = $crm->getContactByEmail($sender_email);
$contact_id = $contact->getContactID();
$contracts = $contact->getContracts(array(CRM_EXCLUDE_EXPIRED));
$contract = $contracts[0];
$customer_id = $contract->getCustomerID();
} catch (CRMException $e) {
$customer_id = null;
$contact_id = null;
}
}
}
return array('should_create_issue' => $should_create_issue, 'associate_email' => $associate_email, 'issue_id' => $issue_id, 'customer_id' => $customer_id, 'contact_id' => $contact_id, 'type' => $type, 'parent_id' => $parent_id);
}
/**
* Routes a draft to the correct issue.
*
* @param string $full_message The complete draft.
* @return mixed true or array(ERROR_CODE, ERROR_STRING) in case of failure
*/
public static function route_drafts($full_message)
{
// save the full message for logging purposes
Draft::saveRoutedMessage($full_message);
if (preg_match('/^(boundary=).*/m', $full_message)) {
$pattern = "/(Content-Type: multipart\\/)(.+); ?\r?\n(boundary=)(.*)\$/im";
$replacement = '$1$2; $3$4';
$full_message = preg_replace($pattern, $replacement, $full_message);
}
// need some validation here
if (empty($full_message)) {
return array(self::EX_NOINPUT, ev_gettext('Error: The email message was empty.') . "\n");
}
// remove the reply-to: header
if (preg_match('/^(reply-to:).*/im', $full_message)) {
$full_message = preg_replace("/^(reply-to:).*\n/im", '', $full_message, 1);
}
// check if the draft interface is even supposed to be enabled
$setup = Setup::get();
if ($setup['draft_routing']['status'] != 'enabled') {
return array(self::EX_CONFIG, ev_gettext('Error: The email draft interface is disabled.') . "\n");
}
if (empty($setup['draft_routing']['address_prefix'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address prefix.') . "\n");
}
if (empty($setup['draft_routing']['address_host'])) {
return array(self::EX_CONFIG, ev_gettext('Error: Please configure the email address domain.') . "\n");
}
$structure = Mime_Helper::decode($full_message, true, false);
// find which issue ID this email refers to
if (isset($structure->headers['to'])) {
$issue_id = self::getMatchingIssueIDs($structure->headers['to'], 'draft');
}
// validation is always a good idea
if (empty($issue_id) and isset($structure->headers['cc'])) {
// we need to try the Cc header as well
$issue_id = self::getMatchingIssueIDs($structure->headers['cc'], 'draft');
}
if (empty($issue_id)) {
return array(self::EX_DATAERR, ev_gettext('Error: The routed email had no associated Eventum issue ID or had an invalid recipient address.') . "\n");
}
$prj_id = Issue::getProjectID($issue_id);
// check if the sender is allowed in this issue' project and if it is an internal user
$sender_email = strtolower(Mail_Helper::getEmailAddress($structure->headers['from']));
$sender_usr_id = User::getUserIDByEmail($sender_email, true);
if (!empty($sender_usr_id)) {
$sender_role = User::getRoleByUser($sender_usr_id, $prj_id);
if ($sender_role < User::ROLE_USER) {
return array(self::EX_NOPERM, ev_gettext("Error: The sender of this email is not allowed in the project associated with issue #{$issue_id}.") . "\n");
}
}
AuthCookie::setAuthCookie(User::getUserIDByEmail($sender_email));
AuthCookie::setProjectCookie($prj_id);
$body = $structure->body;
Draft::saveEmail($issue_id, @$structure->headers['to'], @$structure->headers['cc'], @$structure->headers['subject'], $body, false, false, false);
// XXX: need to handle attachments coming from drafts as well?
$usr_id = Auth::getUserID();
History::add($issue_id, $usr_id, 'draft_routed', 'Draft routed from {from}', array('from' => $structure->headers['from']));
return true;
}