/**
* Add forecast date for suspended user
*
* @param PFUser user
*
*/
public function addUserDeletionForecastDate(PFUser $user)
{
$directoryCleanUpDao = $this->getLDAPDirectoryCleanUpDao();
$deletionDate = $_SERVER['REQUEST_TIME'] + $this->retentionPeriod * 24 * 60 * 60;
$creationResult = $directoryCleanUpDao->createForecastDeletionDate($user->getId(), $deletionDate);
if (!$creationResult) {
$this->getBackendLogger()->error("[LDAP Clean Up] Error when adding forecast deletion date to user " . $user->getUserName());
} else {
$this->getBackendLogger()->info("[LDAP Clean Up] Forecast deletion date added to user " . $user->getUserName());
}
}
/**
* Add a new user into a given project
*
* @param Integer $group_id Project id
* @param PFUser $user User to add
*
* @return Boolean
*/
function account_add_user_obj_to_group($group_id, PFUser $user)
{
//user was found but if it's a pending account adding
//is not allowed
if (!$user->isActive() && !$user->isRestricted()) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'account_notactive', $user->getUserName()));
return false;
}
//if not already a member, add it
$res_member = db_query("SELECT user_id FROM user_group WHERE user_id=" . $user->getId() . " AND group_id='" . db_ei($group_id) . "'");
if (db_numrows($res_member) < 1) {
//not already a member
db_query("INSERT INTO user_group (user_id,group_id) VALUES (" . db_ei($user->getId()) . "," . db_ei($group_id) . ")");
//if no unix account, give them a unix_uid
if ($user->getUnixStatus() == 'N' || !$user->getUnixUid()) {
$user->setUnixStatus('A');
$um = UserManager::instance();
$um->assignNextUnixUid($user);
$um->updateDb($user);
}
// Raise an event
$em = EventManager::instance();
$em->processEvent('project_admin_add_user', array('group_id' => $group_id, 'user_id' => $user->getId(), 'user_unix_name' => $user->getUserName()));
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('include_account', 'user_added'));
account_send_add_user_to_group_email($group_id, $user->getId());
group_add_history('added_user', $user->getUserName(), $group_id, array($user->getUserName()));
return true;
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'user_already_member'));
}
return false;
}
public function exportUser(PFUser $user, SimpleXMLElement $members_node, $child_name)
{
if ($user->getLdapId()) {
$member_node = $members_node->addChild($child_name, $user->getLdapId());
$member_node->addAttribute('format', 'ldap');
} else {
$member_node = $members_node->addChild($child_name, $user->getUserName());
$member_node->addAttribute('format', 'username');
}
}
private function fetchFormattedMailUserInfo(PFUser $user)
{
$hp = Codendi_HTMLPurifier::instance();
if ($user && !$user->isAnonymous()) {
$user_info = '<a href="mailto:' . $hp->purify($user->getEmail()) . '">' . $hp->purify($user->getRealName()) . ' (' . $hp->purify($user->getUserName()) . ')
</a>';
} else {
$user = UserManager::instance()->getUserAnonymous();
$user->setEmail($this->changeset->getEmail());
$user_info = $GLOBALS['Language']->getText('tracker_include_artifact', 'anon_user');
}
return $user_info;
}
/**
* Create new account
*
* @param PFUser $user
*
* @return PFUser
*/
function createAccount($user)
{
$dao = $this->getDao();
$user_id = $dao->create($user->getUserName(), $user->getEmail(), $user->getPassword(), $user->getRealName(), $user->getRegisterPurpose(), $user->getStatus(), $user->getShell(), $user->getUnixStatus(), $user->getUnixUid(), $user->getUnixBox(), $user->getLdapId(), $_SERVER['REQUEST_TIME'], $user->getConfirmHash(), $user->getMailSiteUpdates(), $user->getMailVA(), $user->getStickyLogin(), $user->getAuthorizedKeys(), $user->getNewMail(), $user->getTimeZone(), $user->getTheme(), $user->getLanguageID(), $user->getExpiryDate(), $_SERVER['REQUEST_TIME']);
if (!$user_id) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_exit', 'error'));
return 0;
} else {
$user->setId($user_id);
$this->assignNextUnixUid($user);
$em = $this->_getEventManager();
$em->processEvent(Event::USER_MANAGER_CREATE_ACCOUNT, array('user' => $user));
// Create the first layout for the user and add some initial widgets
$lm = $this->_getWidgetLayoutManager();
$lm->createDefaultLayoutForUser($user_id);
switch ($user->getStatus()) {
case PFUser::STATUS_PENDING:
if (ForgeConfig::get('sys_user_approval')) {
$this->pending_user_notifier->notifyAdministrator($user);
}
break;
case PFUser::STATUS_ACTIVE:
case PFUser::STATUS_RESTRICTED:
$em->processEvent('project_admin_activate_user', array('user_id' => $user_id));
break;
}
return $user;
}
}
private function getUserName(PFUser $user)
{
return $user->getUserName();
}
/**
* @param Git_RemoteServer_GerritServer $server
* @param PFUser $gerrit_users_to_suspend
*
* @throws Git_Driver_Gerrit_Exception
*/
public function setUserAccountInactive(Git_RemoteServer_GerritServer $server, PFUser $user)
{
$query = self::COMMAND . ' set-account --inactive ' . $user->getUserName();
try {
$this->ssh->execute($server, $query);
$this->logger->info($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_successful', array($user->getId(), $user->getUserName(), $server)));
} catch (Git_Driver_Gerrit_RemoteSSHCommandFailure $exception) {
$this->logger->error($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_error', array($user->getId(), $user->getUserName(), $server, $exception->getStdErr())));
}
}
private function addUser(Project $project, PFUser $user)
{
include_once "account.php";
$this->logger->info("Add user {$user->getUserName()} to project.");
if (!account_add_user_obj_to_group($project->getID(), $user)) {
throw new UserNotAddedAsProjectMemberException($GLOBALS['Response']->getRawFeedback());
}
}
/**
* XXX: USE IN TESTS ONLY !!!
*
* Wraps svn_get_revisions for testing purpose.
*/
public function getRawRevisionsAndCount($limit, PFUser $author)
{
return svn_get_revisions($this->project, 0, $limit, '', $author->getUserName(), '', '', 0, false);
}
/** @return Tracker_Artifact */
private function createArtifact(PFUser $user, Tracker $tracker, $title, $body)
{
$this->logger->debug("Receiving new artifact from " . $user->getUserName());
if (!$tracker->userCanSubmitArtifact($user)) {
$this->logger->info("User " . $user->getUnixName() . " has no right to create an artifact in tracker #" . $tracker->getId());
$this->notifier->sendErrorMailInsufficientPermissionCreation($user->getEmail(), $title);
return;
}
$title_field = $tracker->getTitleField();
$description_field = $tracker->getDescriptionField();
if (!$title_field || !$description_field) {
throw new Tracker_Artifact_MailGateway_TrackerMissingSemanticException();
}
$field_data = array($title_field->getId() => $title, $description_field->getId() => $body);
UserManager::instance()->setCurrentUser($user);
return $this->artifact_factory->createArtifact($tracker, $field_data, $user, '');
}
public function userCanRead(PFUser $user, Project $project, $svnpath)
{
include_once 'www/svn/svn_utils.php';
return svn_utils_check_access($user->getUserName(), $project->getSVNRootPath(), $svnpath);
}
/**
* @param Git_RemoteServer_GerritServer $server
* @param PFUser $user
*
* @return Guzzle\Http\Message\Response
*/
public function setUserAccountInactive(Git_RemoteServer_GerritServer $server, PFUser $user)
{
try {
$this->sendRequest($server, $this->guzzle_client->delete($this->getGerritURL($server, '/accounts/' . urlencode($user->getUserName()) . '/active'), $this->getRequestOptions()));
$this->logger->info($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_successful', array($user->getId(), $user->getUserName(), $server)));
return true;
} catch (Exception $exception) {
$this->logger->error($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_error', array($user->getId(), $user->getUserName(), $server, $exception->getMessage())));
}
}
protected function getMatchingIdsInDb(DataAccessObject $dao, PermissionsManager $permissionManager, Tracker $tracker, PFUser $user, array $criteria)
{
$dump_criteria = array();
foreach ($criteria as $c) {
$dump_criteria[$c->field->getName()] = $c->field->getCriteriaValue($c);
}
$dao->logStart(__METHOD__, json_encode(array('user' => $user->getUserName(), 'project' => $tracker->getGroupId(), 'query' => $dump_criteria, 'trackers' => array($tracker->getId()))));
$matching_ids = array();
$group_id = $tracker->getGroupId();
$permissions = $permissionManager->getPermissionsAndUgroupsByObjectid($tracker->getId());
$contributor_field = $tracker->getContributorField();
$contributor_field_id = $contributor_field ? $contributor_field->getId() : null;
$additional_from = array();
$additional_where = array();
foreach ($criteria as $c) {
if ($f = $c->getFrom()) {
$additional_from[] = $f;
}
if ($w = $c->getWhere()) {
$additional_where[] = $w;
}
}
$matching_ids['id'] = '';
$matching_ids['last_changeset_id'] = '';
$matching_ids_result = $dao->searchMatchingIds($group_id, $tracker->getId(), $additional_from, $additional_where, $user, $permissions, $contributor_field_id);
if ($matching_ids_result) {
$matching_ids = $matching_ids_result->getRow();
if ($matching_ids) {
if (substr($matching_ids['id'], -1) === ',') {
$matching_ids['id'] = substr($matching_ids['id'], 0, -1);
}
if (substr($matching_ids['last_changeset_id'], -1) === ',') {
$matching_ids['last_changeset_id'] = substr($matching_ids['last_changeset_id'], 0, -1);
}
}
}
$nb_matching = $matching_ids['id'] ? substr_count($matching_ids['id'], ',') + 1 : 0;
$dao->logEnd(__METHOD__, $nb_matching);
return $matching_ids;
}
private function appendDocuments(DOMElement $parent_node, PFUser $admin_user, $doc_group_id)
{
foreach ($this->dao->searchAllDocs($doc_group_id) as $row) {
$creator_name = $admin_user->getUserName();
$creator = $this->user_manager->getUserById($row['created_by']);
if ($creator !== null && ($creator->isActive() || $creator->isRestricted())) {
$creator_name = $creator->getUnixName();
}
$document = $this->createDocument($row['title'], $row['description'], $row['createdate'], $row['updatedate'], $creator_name);
$this->appendPermissions($document, $row['docid'], self::DOCUMENT_PERMISSION_TYPE);
$this->appendFile($document, $row, $creator_name);
$parent_node->appendChild($document);
}
}
public function __construct(PFUser $user)
{
$this->user_name = $user->getUserName();
$this->real_name = $user->getRealName();
$this->avatar = $user->getAvatarUrl();
}
/**
* Update wiki page
* @param PFUser $user
* @param String $new_name
* @return Boolean
*/
function updatePageName($user, $new_name)
{
$sql = 'UPDATE plugin_phpwiki_page SET pagename = ' . $this->da->quoteSmart($new_name) . ' WHERE pagename = ' . $this->da->quoteSmart($user->getUserName());
return $this->update($sql);
}
private function getUserLdapId(PFUser $user)
{
return strtolower($user->getUserName());
}
/**
* Rename User home directory
*
* @param PFUser $user a user
* @param String $newName the new name of user home directory
*
* @return boolean
*/
public function renameUserHomeDirectory($user, $newName)
{
return rename($GLOBALS['homedir_prefix'] . '/' . $user->getUserName(), $GLOBALS['homedir_prefix'] . '/' . $newName);
}
private function writeSSHFile(PFUser $user, $ssh_dir)
{
$authorized_keys_new = "{$ssh_dir}/authorized_keys_new";
touch($authorized_keys_new);
$this->backend->chmod($authorized_keys_new, 0600);
$ssh_keys = implode("\n", $user->getAuthorizedKeysArray());
if (file_put_contents($authorized_keys_new, $ssh_keys) === false) {
throw new RuntimeException("Unable to write authorized_keys_new file for " . $user->getUserName());
}
if (rename($authorized_keys_new, "{$ssh_dir}/authorized_keys") === false) {
throw new RuntimeException("Unable to rename {$authorized_keys_new} file for " . $user->getUserName());
}
}
