public static function checkIpAddress(array &$params, array &$response) { $oldIgnoreAcl = \GO::setIgnoreAclPermissions(); $userModel = \GO\Base\Model\User::model()->findSingleByAttribute('username', $params['username']); if (!$userModel) { return true; } $allowedIpAddresses = array(); //"127.0.0.1"); $whitelistIpAddressesStmt = Model\IpAddress::model()->find(\GO\Base\Db\FindParams::newInstance()->select('t.ip_address')->joinModel(array('model' => 'GO\\Ipwhitelist\\Model\\EnableWhitelist', 'localTableAlias' => 't', 'localField' => 'group_id', 'foreignField' => 'group_id', 'tableAlias' => 'ew', 'type' => 'INNER'))->joinModel(array('model' => 'GO\\Base\\Model\\UserGroup', 'localTableAlias' => 'ew', 'localField' => 'group_id', 'foreignField' => 'group_id', 'tableAlias' => 'usergroup', 'type' => 'INNER'))->criteria(\GO\Base\Db\FindCriteria::newInstance()->addCondition('user_id', $userModel->id, '=', 'usergroup'))); if (!empty($whitelistIpAddressesStmt) && $whitelistIpAddressesStmt->rowCount() > 0) { foreach ($whitelistIpAddressesStmt as $ipAddressModel) { // $enabledWhitelistModel = Model\EnableWhitelist::model()->findByPk($groupModel->id); // if (!empty($enabledWhitelistModel)) { // $ipAddressesStmt = Model\IpAddress::model()->findByAttribute('group_id',$groupModel->id); // foreach ($ipAddressesStmt as $ipAddressModel) { if (!in_array($ipAddressModel->ip_address, $allowedIpAddresses)) { $allowedIpAddresses[] = $ipAddressModel->ip_address; } // } // } } } \GO::setIgnoreAclPermissions($oldIgnoreAcl); if (count($allowedIpAddresses) > 0 && !in_array($_SERVER['REMOTE_ADDR'], $allowedIpAddresses)) { $response['feedback'] = sprintf(\GO::t('wrongLocation', 'ipwhitelist'), $_SERVER['REMOTE_ADDR']); $response['success'] = false; return false; } return true; }
public static function beforeLogin($params, &$response) { $oldIgnoreAcl = \GO::setIgnoreAclPermissions(true); $ia = new Authenticator(); if ($ia->setCredentials($params['username'], $params['password'])) { if ($ia->imapAuthenticate()) { if (!$ia->user) { \GO::debug("IMAPAUTH: Group-Office user doesn't exist."); if (!isset($params['first_name'])) { $response['needCompleteProfile'] = true; $response['success'] = false; $response['feedback'] = \GO::t('pleaseCompleteProfile', 'imapauth'); return false; } else { //user doesn't exist. create it now $user = new \GO\Base\Model\User(); $user->email = $ia->email; $user->username = $ia->goUsername; $user->password = $ia->imapPassword; $user->first_name = $params['first_name']; $user->middle_name = $params['middle_name']; $user->last_name = $params['last_name']; try { if (!$user->save()) { throw new \Exception("Could not save user: "******"\n", $user->getValidationErrors())); } if (!empty($ia->config['groups'])) { $user->addToGroups($ia->config['groups']); } $ia->user = $user; $user->checkDefaultModels(); //todo testen of deze regel nodig is om e-mail account aan te maken voor nieuwe gebruiker $ia->createEmailAccount($user, $ia->config, $ia->imapUsername, $ia->imapPassword); } catch (\Exception $e) { \GO::debug('IMAPAUTH: Failed creating user ' . $ia->goUsername . ' and e-mail ' . $ia->email . 'Exception: ' . $e->getMessage(), E_USER_WARNING); } } } } else { $response['feedback'] = GO::t('badLogin') . ' (IMAP)'; return false; } } \GO::setIgnoreAclPermissions($oldIgnoreAcl); }
protected function actionReminderUsers($params) { \GO::setIgnoreAclPermissions(); $reminderModel = \GO\Base\Model\Reminder::model()->findByPk($params['reminder_id']); $response['success'] = true; $response['total'] = 0; $response['results'] = array(); $addUserIds = isset($params['add_users']) ? json_decode($params['add_users']) : array(); $delUserIds = isset($params['delete_keys']) ? json_decode($params['delete_keys']) : array(); $addGroupIds = isset($params['add_groups']) ? json_decode($params['add_groups']) : array(); try { $response['deleteSuccess'] = true; foreach ($delUserIds as $delUserId) { $reminderModel->removeManyMany('users', $delUserId); } } catch (\Exception $e) { $response['deleteSuccess'] = false; $response['deleteFeedback'] = $e->getMessage(); } foreach ($addGroupIds as $addGroupId) { $groupModel = \GO\Base\Model\Group::model()->findByPk($addGroupId); $stmt = $groupModel->users; while ($userModel = $stmt->fetch()) { if (!in_array($userModel->id, $addUserIds)) { $addUserIds[] = $userModel->id; } } } foreach ($addUserIds as $addUserId) { $remUserModel = \GO\Base\Model\ReminderUser::model()->findSingleByAttributes(array('user_id' => $addUserId, 'reminder_id' => $reminderModel->id)); if (empty($remUserModel)) { $remUserModel = new \GO\Base\Model\ReminderUser(); } $remUserModel->setAttributes(array('reminder_id' => $reminderModel->id, 'user_id' => $addUserId, 'time' => $reminderModel->time)); $remUserModel->save(); } if (!empty($reminderModel->users)) { $stmt = $reminderModel->users; while ($remUserModel = $stmt->fetch()) { $response['results'][] = array('id' => $remUserModel->id, 'name' => $remUserModel->name); $response['total'] += 1; } } return $response; }
/** * Delete's the module's tables etc. * * @return boolean */ public function uninstall() { $oldIgnore = \GO::setIgnoreAclPermissions(); // //call deleteUser for each user // $stmt = Model\User::model()->find(array('ignoreAcl'=>true)); // while($user = $stmt->fetch()){ // call_user_func(array(get_class($this),'deleteUser'), $user); // } //Uninstall cron jobs for this module $cronClasses = $this->findClasses('cron'); foreach ($cronClasses as $class) { $jobs = Cron\CronJob::model()->findByAttribute('job', $class->getName()); foreach ($jobs as $job) { $job->delete(); } } //delete all models from the Model\ModelType table. //They are used for faster linking and search cache. Each linkable model is mapped to an id in this table. $models = $this->getModels(); $modelTypes = array(); foreach ($models as $model) { $modelType = Model\ModelType::model()->findSingleByAttribute('model_name', $model->getName()); if ($modelType) { $modelTypes[] = $modelType->id; $modelType->delete(); } } if (!empty($modelTypes)) { $sql = "DELETE FROM `go_search_cache` WHERE model_type_id IN (" . implode(',', $modelTypes) . ")"; \GO::getDbConnection()->query($sql); $stmt = GO::getDbConnection()->query('SHOW TABLES'); while ($r = $stmt->fetch()) { $tableName = $r[0]; if (substr($tableName, 0, 9) == 'go_links_' && !is_numeric(substr($tableName, 9, 1))) { $sql = "DELETE FROM `{$tableName}` WHERE model_type_id IN (" . implode(',', $modelTypes) . ")"; \GO::getDbConnection()->query($sql); } } } $sqlFile = $this->path() . 'install/uninstall.sql'; if (file_exists($sqlFile)) { $queries = Util\SQL::getSqlQueries($sqlFile); foreach ($queries as $query) { \GO::getDbConnection()->query($query); } } \GO::clearCache(); \GO::setIgnoreAclPermissions($oldIgnore); return true; }
protected function actionProfile() { $user = \GO::user(); $contact = $user->contact; //set additional required fields $contact->setValidationRule('address', 'required', true); $contact->setValidationRule('zip', 'required', true); $contact->setValidationRule('city', 'required', true); // $user->setValidationRule('passwordConfirm', 'required', false); $user->setValidationRule('password', 'required', false); \GO::config()->password_validate = false; if ($contact->company) { $company = $contact->company; } else { $company = new \GO\Addressbook\Model\Company(); $company->addressbook_id = $contact->addressbook_id; } if (\GO\Base\Util\Http::isPostRequest()) { if (!empty($_POST['currentPassword']) && !empty($_POST['User']['password'])) { if (!$user->checkPassword($_POST['currentPassword'])) { GOS::site()->notifier->setMessage('error', "Huidig wachtwoord onjuist"); unset($_POST['User']['password']); unset($_POST['User']['passwordConfirm']); } } else { unset($_POST['User']['password']); unset($_POST['User']['passwordConfirm']); } $user->setAttributes($_POST['User']); $contact->setAttributes($_POST['Contact']); $company->setAttributes($_POST['Company']); $company->checkVatNumber = true; if (!empty($_POST['Company']['postAddressIsEqual'])) { $company->setPostAddressFromVisitAddress(); } if (!GOS::site()->notifier->hasMessage('error') && $user->validate() && $contact->validate() && $company->validate()) { \GO::setIgnoreAclPermissions(); //allow guest to create user $user->save(); $company->save(); $contact->company_id = $company->id; $contact->save(); GOS::site()->notifier->setMessage('success', GOS::t('formEditSuccess')); } else { GOS::site()->notifier->setMessage('error', "Please check the form for errors"); } } $company->post_address_is_address = false; if ($company->address == $company->post_address && $company->address_no == $company->post_address_no && $company->city == $company->post_city) { $company->post_address_is_address = true; } //clear values for form $user->password = ""; $user->passwordConfirm = ""; echo $this->render('profile', array('user' => $user, 'contact' => $contact, 'company' => $company)); }
/** * Call a method of a module class. eg. \GO\Notes\NotesModule::firstRun * * @deprecated Preferrably use events with listeners because it has better performance * @param string $method * @param array $params */ public function callModuleMethod($method, $params = array(), $ignoreAclPermissions = true) { $oldIgnore = \GO::setIgnoreAclPermissions($ignoreAclPermissions); $modules = $this->getAllModules(); foreach ($modules as $module) { // if($this->_isAllowed($module->id)){ $file = $module->path . ucfirst($module->id) . 'Module.php'; //todo load listeners if (file_exists($file)) { //require_once($file); $class = 'GO\\' . ucfirst($module->id) . '\\' . ucfirst($module->id) . 'Module'; $object = new $class(); if (method_exists($object, $method)) { // \GO::debug('Calling '.$class.'::'.$method); call_user_func_array(array($object, $method), $params); //$object->$method($params); } } // } } \GO::setIgnoreAclPermissions($oldIgnore); }
public function defaultAttributes() { $settings = Settings::model()->getDefault(\GO::user()); $defaultTasklist = Tasklist::model()->findByPk($settings->default_tasklist_id); if (empty($defaultTasklist)) { $oldPermissions = \GO::setIgnoreAclPermissions(true); $defaultTasklist = new Tasklist(); $defaultTasklist->name = \GO::user()->name; $defaultTasklist->user_id = \GO::user()->id; if ($defaultTasklist->save()) { $settings->default_tasklist_id = $defaultTasklist->id; $settings->save(); } \GO::setIgnoreAclPermissions($oldPermissions); } $defaults = array('status' => Task::STATUS_NEEDS_ACTION, 'start_time' => time(), 'due_time' => time(), 'tasklist_id' => $defaultTasklist->id); if ($settings->remind) { $defaults['reminder'] = $this->getDefaultReminder(time()); } return $defaults; }
/** * Page with a form to create a new ticket. */ protected function actionNewTicket() { // Check for the user to be logged in and check if it is allowed to use anonymous ticket creation if (!\GO::user() && GOS::site()->config->tickets_allow_anonymous !== true) { throw new \GO\Base\Exception\AccessDenied(); } // Create a new ticket object $ticket = new \GO\Tickets\Model\Ticket(); // Check if the user is logged in. if (\GO::user()) { // Find the contact model of the current user. $contact = \GO::user()->contact; // Set the ticketfields values from the contact model. if ($contact) { $ticket->setFromContact($contact); } } if (isset($_GET['type_id'])) { $ticket->type_id = $_GET['type_id']; } // Create a new message object $message = new \GO\Tickets\Model\Message(); // Create an instance of the uploader $uploader = new \GO\Site\Widgets\Uploader('uploader', $_REQUEST, 'createticket'); // Authorize the uploader to handle the uploaded files \GO\Base\Authorized\Actions::setAuthorized('plupload'); // enable ACL \GO::setIgnoreAclPermissions(false); // Retreive the tickettypes for showing in the dropdownlist if (!\GO::user()) { $ticketTypes = \GO\Tickets\Model\Type::model()->find(\GO\Base\Db\FindParams::newInstance()->criteria(\GO\Base\Db\FindCriteria::newInstance()->addCondition('publish_on_site', true))->order('name')->ignoreAcl()); } else { $ticketTypes = \GO\Tickets\Model\Type::model()->find(\GO\Base\Db\FindParams::newInstance()->order('name')); } // disable ACL again \GO::setIgnoreAclPermissions(true); // Check for the form post if (\GO\Base\Util\Http::isPostRequest()) { // Set the ticket attributes $ticket->setAttributes($_POST['Ticket']); // Try to save the ticket if ($ticket->save()) { // Add the posted attributes to the message object $message->setAttributes($_POST['Message']); // If the ticket is closed by the user if (isset($_POST['CloseTicket'])) { $message->setStatus(\GO\Tickets\Model\Ticket::STATUS_CLOSED); } // Add a message to the ticket. if ($ticket->addMessage($message)) { // If saving is OK then redirect to the ticket page $this->redirect(array('/tickets/site/showTicket', 'ticket_number' => $ticket->ticket_number, 'ticket_verifier' => $ticket->ticket_verifier)); } } } // Render the ticket page $this->render("ticket", array('ticket' => $ticket, 'message' => $message, 'uploader' => $uploader, 'ticketTypes' => $ticketTypes)); }
/** * Create an exception for a recurring series. * * @param int $exceptionDate * @return Event */ public function createExceptionEvent($exceptionDate, $attributes = array(), $dontSendEmails = false) { if (!$this->isRecurring()) { throw new \Exception("Can't create exception event for non recurring event " . $this->id); } $oldIgnore = \GO::setIgnoreAclPermissions(); $returnEvent = false; if ($this->isResource()) { $stmt = array($this); } else { $stmt = $this->getRelatedParticipantEvents(true); } //A meeting can be multiple related events sharing the same uuid $resources = array(); foreach ($stmt as $event) { //workaround for old events that don't have the exception ID set. In this case //getRelatedParticipantEvents fails. This won't happen with new events if (!$event->isRecurring()) { continue; } \GO::debug("Creating exception for related participant event " . $event->name . " (" . $event->id . ") " . date('c', $exceptionDate)); $exceptionEvent = $event->getExceptionEvent($exceptionDate); $exceptionEvent->dontSendEmails = $dontSendEmails; $exceptionEvent->setAttributes($attributes); if (!$exceptionEvent->save()) { throw new \Exception("Could not create exception: " . var_export($exceptionEvent->getValidationErrors(), true)); } $event->copyLinks($exceptionEvent); $event->addException($exceptionDate, $exceptionEvent->id); $event->duplicateRelation('participants', $exceptionEvent, array('dontCreateEvent' => true)); if (!$event->isResource() && $event->is_organizer) { $stmt = $event->resources(); foreach ($stmt as $resource) { $resources[] = $resource; } $resourceExceptionEvent = $exceptionEvent; } if ($event->id == $this->id) { $returnEvent = $exceptionEvent; } } foreach ($resources as $resource) { \GO::debug("Creating exception for resource: " . $resource->name); $resource->createExceptionEvent($exceptionDate, array('resource_event_id' => $resourceExceptionEvent->id), $dontSendEmails); } \GO::setIgnoreAclPermissions($oldIgnore); return $returnEvent; }
$args = \GO\Base\Util\Cli::parseArgs(); if (isset($args['c'])) { define("GO_CONFIG_FILE", $args['c']); } } try { $exampleUsage = 'sudo -u www-data php /var/www/trunk/www/install/autoinstall.php --adminusername=admin --adminpassword=admin --adminemail=admin@intermesh.dev --modules="email,addressbook,files"'; $requiredArgs = array('adminusername', 'adminpassword', 'adminemail'); foreach ($requiredArgs as $ra) { if (empty($args[$ra])) { throw new Exception($ra . " must be supplied.\n\nExample usage:\n\n" . $exampleUsage . "\n\n"); } } chdir(dirname(__FILE__)); require '../GO.php'; \GO::setIgnoreAclPermissions(); $stmt = \GO::getDbConnection()->query("SHOW TABLES"); if ($stmt->rowCount()) { throw new Exception("Automatic installation of Group-Office aborted because database is not empty"); } else { echo "Database connection established. Database is empty\n"; } \GO\Base\Util\SQL::executeSqlFile('install.sql'); $dbVersion = \GO\Base\Util\Common::countUpgradeQueries("updates.php"); \GO::config()->save_setting('version', $dbVersion); \GO::config()->save_setting('upgrade_mtime', \GO::config()->mtime); $adminGroup = new \GO\Base\Model\Group(); $adminGroup->id = 1; $adminGroup->name = \GO::t('group_admins'); $adminGroup->save(); $everyoneGroup = new \GO\Base\Model\Group();
public function run($action = '', $params = array(), $render = true, $checkPermissions = true) { try { if (empty($action)) { $this->_action = $action = strtolower($this->defaultAction); } else { $this->_action = $action = strtolower($action); } $ignoreAcl = in_array($action, $this->ignoreAclPermissions()) || in_array('*', $this->ignoreAclPermissions()); if ($ignoreAcl) { $oldIgnore = \GO::setIgnoreAclPermissions(true); } $this->beforeAction(); if (!$this->_checkPermission($action)) { throw new \GO\Base\Exception\AccessDenied(); } $methodName = 'action' . $action; //$this->$methodName($_REQUEST); $this->callActionMethod($methodName, $params); //restore old value for acl permissions if this method was allowed for guests. if (isset($oldIgnore)) { \GO::setIgnoreAclPermissions($oldIgnore); } } catch (\GO\Base\Exception\MissingParameter $e) { echo $this->render('/site/404', array('error' => $e)); } catch (\GO\Base\Exception\AccessDenied $e) { \GO::debug($e->getMessage()); \GO::debug($e->getTraceAsString()); if (!\GO::user()) { //Path the page you tried to visit into lastPath session for redirecting after login \GO::session()->values['sites']['returnUrl'] = \Site::request()->getRequestUri(); $loginpath = array('site/account/login'); $this->redirect($loginpath); } else { // $controller = new \GO\Site\Controller\SiteController(); echo $this->render('/site/error', array('error' => $e)); } //echo $this->render('error', array('error'=>$e)); } catch (\GO\Base\Exception\NotFound $e) { header("HTTP/1.0 404 Not Found"); header("Status: 404 Not Found"); echo $this->render('/site/404', array('error' => $e)); } catch (\Exception $e) { echo $this->render('/site/error', array('error' => $e)); } }
/** * Creates a default model for the user. * * This function is automaticall called in afterSave of the user model and * after a module is installed. * * @param User $user * @return AbstractUserDefaultModel */ public function getDefault(User $user, &$createdNew = false) { if (!$user) { return false; } $settingsModelName = $this->settingsModelName(); if ($settingsModelName) { $settingsModel = \GO::getModel($settingsModelName)->findByPk($user->id); if (!$settingsModel) { $settingsModel = new $settingsModelName(); $settingsModel->user_id = $user->id; } else { $pk = $settingsModel->{$this->settingsPkAttribute()}; $defaultModel = $this->findByPk($pk, false, true); if ($defaultModel && $defaultModel->checkPermissionLevel(Acl::WRITE_PERMISSION)) { return $defaultModel; } } } $defaultModel = $this->findSingleByAttribute('user_id', $user->id); if (!$defaultModel) { $className = $this->className(); $defaultModel = new $className(); $defaultModel->user_id = $user->id; if (isset($this->columns['name'])) { // $defaultModel->name = $user->name; // $defaultModel->makeAttributeUnique('name'); $defaultModel->setDefaultAttributes($user); } //any user may do this. $oldIgnore = \GO::setIgnoreAclPermissions(true); $defaultModel->save(); \GO::setIgnoreAclPermissions($oldIgnore); $createdNew = true; } if ($settingsModelName) { $settingsModel->{$this->settingsPkAttribute()} = $defaultModel->id; $settingsModel->save(); } return $defaultModel; }
/** * Adds missing files and folders from the filesystem to the database and * removes files and folders from the database that are not on the filesystem. * * @param boolean $recurseAll * @param boolean $recurseOneLevel */ public function syncFilesystem($recurseAll = false, $recurseOneLevel = true) { if (\GO::config()->debug) { \GO::debug("syncFilesystem " . $this->path); } $oldIgnoreAcl = \GO::setIgnoreAclPermissions(true); $oldCache = \GO::$disableModelCache; GO::$disableModelCache = $recurseAll; // if(class_exists("GO\Filesearch\FilesearchModule")) // \GO\Filesearch\FilesearchModule::$disableIndexing=true; if ($this->fsFolder->exists()) { $items = $this->fsFolder->ls(); foreach ($items as $item) { try { //\GO::debug("FS SYNC: Adding fs ".$item->name()." to database"); if ($item->isFile()) { $file = $this->hasFile($item->name()); if (!$file) { $this->addFile($item->name()); } else { //this will update timestamp and size of file if ($file->mtime != $file->fsFile->mtime()) { $file->save(); } } } else { $willSync = $recurseOneLevel || $recurseAll; $folder = $this->hasFolder($item->name()); if (!$folder) { $folder = $this->addFolder($item->name(), false, !$willSync); } if ($willSync) { $folder->syncFilesystem($recurseAll, false); } } } catch (\Exception $e) { echo "<span style='color:red;'>" . $e->getMessage() . "</span>\n"; } } } else { $this->fsFolder->create(); } //make sure no filesystem items are deleted. Sometimes folders are stored as files somehow. $oldFileDeleteInDatabaseOnly = File::$deleteInDatabaseOnly; $oldFolderDeleteInDatabaseOnly = Folder::$deleteInDatabaseOnly; File::$deleteInDatabaseOnly = true; Folder::$deleteInDatabaseOnly = true; $stmt = $this->folders(); while ($folder = $stmt->fetch()) { try { if (!$folder->fsFolder->exists() || $folder->fsFolder->isFile()) { $folder->delete(true); } } catch (\Exception $e) { echo "<span style='color:red;'>" . $e->getMessage() . "</span>\n"; } } $stmt = $this->files(); while ($file = $stmt->fetch()) { try { if (!$file->fsFile->exists() || $file->fsFile->isFolder()) { $file->delete(true); } } catch (\Exception $e) { echo "<span style='color:red;'>" . $e->getMessage() . "</span>\n"; } } $this->mtime = $this->fsFolder->mtime(); $this->save(true); \GO::$disableModelCache = $oldCache; \GO::setIgnoreAclPermissions($oldIgnoreAcl); File::$deleteInDatabaseOnly = $oldFileDeleteInDatabaseOnly; Folder::$deleteInDatabaseOnly = $oldFolderDeleteInDatabaseOnly; }