public function xRegenerateApiKeysAction()
{
$keys = Scalr::GenerateAPIKeys();
$this->user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$this->user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
$this->response->success('Keys have been regenerated');
$this->response->data(array('keys' => $keys));
}
public function xSaveAction()
{
$user = Scalr_Account_User::init();
$validator = new Scalr_Validator();
if (!$this->getParam('email')) {
throw new Scalr_Exception_Core('Email must be provided.');
}
if ($validator->validateEmail($this->getParam('email'), null, true) !== true) {
throw new Scalr_Exception_Core('Email should be correct');
}
if ($this->user->canManageAcl() || $this->user->isTeamOwner()) {
$newUser = false;
if ($this->getParam('id')) {
$user->loadById((int) $this->getParam('id'));
if (!$this->user->canEditUser($user)) {
throw new Scalr_Exception_InsufficientPermissions();
}
$user->updateEmail($this->getParam('email'));
} else {
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1);
$user->create($this->getParam('email'), $this->user->getAccountId());
$user->type = Scalr_Account_User::TYPE_TEAM_USER;
$newUser = true;
}
$sendResetLink = false;
if (!$this->getParam('password')) {
$password = CryptoTool::sault(10);
$sendResetLink = true;
} else {
$password = $this->getParam('password');
}
if ($password != '******') {
$user->updatePassword($password);
}
if (in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE)) && !$user->isAccountOwner()) {
$user->status = $this->getParam('status');
}
$user->fullname = $this->getParam('fullname');
$user->comments = $this->getParam('comments');
$user->save();
if ($this->getParam('enableApi')) {
$keys = Scalr::GenerateAPIKeys();
$user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true);
$user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
}
if ($newUser) {
if ($sendResetLink) {
try {
$hash = $this->getCrypto()->sault(10);
$user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash);
$clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname);
// Send reset password E-mail
$res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']);
} catch (Exception $e) {
}
}
}
$this->response->data(array('user' => array('id' => $user->getId(), 'email' => $user->getEmail(), 'fullname' => $user->fullname)));
$this->response->success('User successfully saved');
} else {
throw new Scalr_Exception_InsufficientPermissions();
}
}
/**
*
* @param integer $groupId
* @param string $login
* @param string $password
* @param string $email
* @return Scalr_Account_User
*/
public function createUser($email, $password, $type)
{
if (!$this->id) {
throw new Exception("Account is not created");
}
$this->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1);
$user = Scalr_Account_User::init()->create($email, $this->id);
$user->updatePassword($password);
$user->type = $type;
$user->status = Scalr_Account_User::STATUS_ACTIVE;
$user->save();
$keys = Scalr::GenerateAPIKeys();
$user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
return $user;
}
public function xSaveAction()
{
$user = Scalr_Account_User::init();
if (!$this->getParam('email')) {
throw new Scalr_Exception_Core('Email cannot be null');
}
if ($this->user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER || $this->user->isTeamOwner()) {
if ($this->getParam('id')) {
$user->loadById($this->getParam('id'));
if ($user->getAccountId() == $this->user->getAccountId()) {
if ($this->user->isTeamOwner() && $this->user->getId() != $user->getId()) {
if ($user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER || $user->isTeamOwner()) {
throw new Scalr_Exception_InsufficientPermissions();
}
}
} else {
throw new Scalr_Exception_InsufficientPermissions();
}
$user->updateEmail($this->getParam('email'));
} else {
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1);
$user->create($this->getParam('email'), $this->user->getAccountId());
$user->type = Scalr_Account_User::TYPE_TEAM_USER;
$newUser = true;
}
if (!$this->getParam('password')) {
$password = $this->getCrypto()->sault(10);
$sendResetLink = true;
} else {
$password = $this->getParam('password');
}
if ($password != '******') {
$user->updatePassword($password);
}
if (in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE)) && $user->getType() != Scalr_Account_User::TYPE_ACCOUNT_OWNER) {
$user->status = $this->getParam('status');
}
$user->fullname = $this->getParam('fullname');
$user->comments = $this->getParam('comments');
$user->save();
if ($this->getParam('enableApi')) {
$keys = Scalr::GenerateAPIKeys();
$user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true);
$user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
}
if ($newUser) {
if ($user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER) {
try {
$clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $this->getParam('password'));
global $Mailer;
// Send welcome E-mail
$Mailer->ClearAddresses();
$res = $Mailer->Send("emails/welcome.eml", array("client" => $clientinfo, "site_url" => "http://{$_SERVER['HTTP_HOST']}"), $user->getEmail(), '');
} catch (Exception $e) {
}
} elseif ($sendResetLink) {
try {
$hash = $this->getCrypto()->sault(10);
$user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash);
$clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname);
global $Mailer;
// Send reset password E-mail
$Mailer->ClearAddresses();
$res = $Mailer->Send("emails/user_account_confirm.eml", array("client" => $clientinfo, "pwd_link" => "https://{$_SERVER['HTTP_HOST']}/#/confirmPasswordReset/{$hash}"), $clientinfo['email'], $clientinfo['fullname']);
} catch (Exception $e) {
}
}
}
$this->response->data(array('user' => array('id' => $user->getId(), 'email' => $user->getEmail(), 'fullname' => $user->fullname)));
$this->response->success('User successfully saved');
} else {
throw new Scalr_Exception_InsufficientPermissions();
}
}
public function xRegenerateApiKeysAction()
{
if ($this->user->isAdmin()) {
throw new Scalr_Exception_InsufficientPermissions();
}
$keys = Scalr::GenerateAPIKeys();
$this->user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$this->user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
$this->response->success('Keys have been regenerated');
$this->response->data(array('keys' => $keys));
}
public function xSaveAction()
{
$this->request->defineParams(array('teams' => array('type' => 'json'), 'action', 'password' => array('type' => 'string', 'rawValue' => true), 'currentPassword' => array('type' => 'string', 'rawValue' => true)));
$user = Scalr_Account_User::init();
$validator = new Scalr_Validator();
if ($this->getParam('id')) {
$user->loadById((int) $this->getParam('id'));
} else {
if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') {
throw new Exception("Adding new users is not supported with LDAP user management");
}
}
if ($this->getContainer()->config->get('scalr.auth_mode') != 'ldap') {
if (!$this->getParam('email')) {
throw new Scalr_Exception_Core('Email cannot be null');
}
if ($validator->validateEmail($this->getParam('email'), null, true) !== true) {
throw new Scalr_Exception_Core('Email should be correct');
}
if ($this->getParam('id')) {
if (!$this->user->canEditUser($user)) {
throw new Scalr_Exception_InsufficientPermissions();
}
$user->updateEmail($this->getParam('email'));
} else {
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1);
$user->create($this->getParam('email'), $this->user->getAccountId());
$user->type = Scalr_Account_User::TYPE_TEAM_USER;
$newUser = true;
}
$password = $this->getParam('password');
if (!$newUser && $password) {
$existingPasswordChanged = true;
} else {
if (!$password && ($this->request->hasParam('password') || $newUser)) {
$password = $this->getCrypto()->sault(10);
$sendResetLink = true;
}
}
if (($existingPasswordChanged || !$newUser && $sendResetLink) && !$this->user->checkPassword($this->getParam('currentPassword'))) {
$this->response->data(['errors' => ['currentPassword' => 'Invalid password']]);
$this->response->failure();
return;
}
if ($password) {
$user->updatePassword($password);
}
}
if ($user->getId() != $this->user->getId() && in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE))) {
$user->status = $this->getParam('status');
}
if (!$user->isAccountOwner()) {
if ($this->getParam('isAccountAdmin')) {
if ($this->user->isAccountOwner() && $this->getParam('isAccountSuperAdmin')) {
$user->type = Scalr_Account_User::TYPE_ACCOUNT_SUPER_ADMIN;
} else {
if ($user->type != Scalr_Account_User::TYPE_ACCOUNT_SUPER_ADMIN) {
$user->type = Scalr_Account_User::TYPE_ACCOUNT_ADMIN;
}
}
} else {
$user->type = Scalr_Account_User::TYPE_TEAM_USER;
}
}
$user->fullname = $this->getParam('fullname');
$user->comments = $this->getParam('comments');
$user->save();
$user->setAclRoles($this->getParam('teams'));
if ($this->getParam('enableApi')) {
$keys = Scalr::GenerateAPIKeys();
$user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true);
$user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
}
$creatorName = $this->user->fullname;
if (empty($creatorName)) {
$creatorName = $this->user->isAccountOwner() ? 'Account owner' : ($this->user->isAccountAdmin() ? 'Account admin' : 'Team user');
}
if ($newUser) {
try {
$clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $password);
$url = Scalr::config('scalr.endpoint.scheme') . "://" . Scalr::config('scalr.endpoint.host');
$res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/referral.eml.php', array("creatorName" => $creatorName, "clientFirstname" => $clientinfo['firstname'], "email" => $clientinfo['email'], "password" => $clientinfo['password'], "siteUrl" => $url, "wikiUrl" => \Scalr::config('scalr.ui.wiki_url'), "supportUrl" => \Scalr::config('scalr.ui.support_url'), "isUrl" => preg_match('/^http(s?):\\/\\//i', \Scalr::config('scalr.ui.support_url'))), $user->getEmail());
} catch (Exception $e) {
}
} elseif ($sendResetLink) {
try {
$hash = $this->getCrypto()->sault(10);
$user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash);
$clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname);
$res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']);
} catch (Exception $e) {
}
} else {
if ($existingPasswordChanged) {
// Send notification E-mail
$this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail()), $user->getEmail(), $user->fullname);
}
}
$userTeams = array();
$troles = $this->getContainer()->acl->getUserRoleIdsByTeam($user->id, array_map(create_function('$v', 'return $v["id"];'), $user->getTeams()), $user->getAccountId());
foreach ($troles as $teamId => $roles) {
$userTeams[$teamId] = array('roles' => $roles);
}
$data = ['user' => $user->getUserInfo(), 'teams' => $userTeams];
if ($existingPasswordChanged && $user->getId() == $this->user->getId()) {
Scalr_Session::create($this->user->getId());
$data['specialToken'] = Scalr_Session::getInstance()->getToken();
}
$this->response->data($data);
$this->response->success('User successfully saved');
}
public function xSaveAction()
{
$this->request->defineParams(array('teams' => array('type' => 'json'), 'action'));
$user = Scalr_Account_User::init();
$validator = new Scalr_Validator();
if (!$this->getParam('email')) {
throw new Scalr_Exception_Core('Email cannot be null');
}
if ($validator->validateEmail($this->getParam('email'), null, true) !== true) {
throw new Scalr_Exception_Core('Email should be correct');
}
if ($this->getParam('id')) {
$user->loadById((int) $this->getParam('id'));
if (!$this->user->canEditUser($user)) {
throw new Scalr_Exception_InsufficientPermissions();
}
$user->updateEmail($this->getParam('email'));
} else {
$this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1);
$user->create($this->getParam('email'), $this->user->getAccountId());
$user->type = Scalr_Account_User::TYPE_TEAM_USER;
$newUser = true;
}
$password = $this->getParam('password');
if ($password === '' || $newUser && !$password) {
$password = $this->getCrypto()->sault(10);
$sendResetLink = true;
}
if ($password) {
$user->updatePassword($password);
}
if ($user->getId() != $this->user->getId() && in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE))) {
$user->status = $this->getParam('status');
}
if (!$user->isAccountOwner()) {
$user->type = $this->getParam('isAccountAdmin') ? Scalr_Account_User::TYPE_ACCOUNT_ADMIN : Scalr_Account_User::TYPE_TEAM_USER;
}
$user->fullname = $this->getParam('fullname');
$user->comments = $this->getParam('comments');
$user->save();
$user->setAclRoles($this->getParam('teams'));
if ($this->getParam('enableApi')) {
$keys = Scalr::GenerateAPIKeys();
$user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true);
$user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']);
$user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']);
}
$creatorName = $this->user->fullname;
if (empty($creatorName)) {
$creatorName = $this->user->isAccountOwner() ? 'Account owner' : ($this->user->isAccountAdmin() ? 'Account admin' : 'Team user');
}
if ($newUser) {
try {
$clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $password);
$res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/welcome.eml.php', array("creatorName" => $creatorName, "clientFirstname" => $clientinfo['firstname'], "email" => $clientinfo['email'], "password" => $clientinfo['password'], "siteUrl" => "http://{$_SERVER['HTTP_HOST']}", "wikiUrl" => \Scalr::config('scalr.ui.wiki_url'), "supportUrl" => \Scalr::config('scalr.ui.support_url'), "isUrl" => preg_match('/^http(s?):\\/\\//i', \Scalr::config('scalr.ui.support_url'))), $user->getEmail());
} catch (Exception $e) {
}
} elseif ($sendResetLink) {
try {
$hash = $this->getCrypto()->sault(10);
$user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash);
$clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname);
$res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']);
} catch (Exception $e) {
}
}
$userTeams = array();
$troles = $this->environment->acl->getUserRoleIdsByTeam($user->id, array_map(create_function('$v', 'return $v["id"];'), $user->getTeams()), $user->getAccountId());
foreach ($troles as $teamId => $roles) {
$userTeams[$teamId] = array('roles' => $roles);
}
$this->response->data(array('user' => $user->getUserInfo(), 'teams' => $userTeams));
$this->response->success('User successfully saved');
}
