/**
* Set user related info after login success
* @param CFilterChain $filterChain the filter chain that the filter is on.
* @return boolean whether the filtering process should continue and the action
* should be executed.
*/
public static function setUserInfo()
{
$userId = Yii::app()->user->id;
$accessableProducts = TestUserService::getAccessableProduct($userId);
if (empty($accessableProducts)) {
Yii::app()->user->logout();
return Yii::t('LoginForm', 'no accessable product');
}
$productCookieKey = $userId . "_product";
$productIdArr = array();
foreach ($accessableProducts as $productInfo) {
$productOptions[$productInfo['id']] = $productInfo['name'];
$productIdArr[] = $productInfo['id'];
}
$cookies = Yii::app()->request->getCookies();
if (empty($cookies[$productCookieKey]) || !in_array($cookies[$productCookieKey]->value, $productIdArr)) {
$cookie = new CHttpCookie($productCookieKey, $accessableProducts[0]['id']);
$cookie->expire = time() + 60 * 60 * 24 * 30;
//有限期30天
Yii::app()->request->cookies[$productCookieKey] = $cookie;
}
Yii::app()->user->setState('product', $cookies[$productCookieKey]->value);
Yii::app()->user->setState('visit_product_list', $productOptions);
Yii::app()->user->setState('visit_product_id', $productIdArr);
Yii::app()->user->setState('system_admin', TestUserService::isSystemAdmin(Yii::app()->user->id));
Yii::app()->user->setState('system_manager', TestUserService::isManager(Yii::app()->user->id));
Yii::app()->user->setState('my_query_div', 1);
}
public static function editGroup($params)
{
$resultInfo = array();
$actionType = BugfreeModel::ACTION_OPEN;
$oldRecordAttributs = array();
if (empty($params['id'])) {
$group = new UserGroup();
} else {
$group = self::loadModel($params['id']);
$oldRecordAttributs = $group->attributes;
if (!empty($group->group_user)) {
$oldRecordAttributs['group_user'] = join(',', $group->group_user);
}
$oldRecordAttributs['group_manager'] = $group->group_manager;
$actionType = BugfreeModel::ACTION_EDIT;
}
if (!self::isGroupEditable($group->id)) {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail']['id'] = Yii::t('Common', 'Required URL not found or permission denied.');
return $resultInfo;
}
$group->attributes = $params;
if (!$group->save()) {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail'] = $group->getErrors();
} else {
Yii::app()->db->createCommand()->delete('{{map_user_group}}', 'user_group_id=:groupId', array(':groupId' => $group->id));
$managerNameArr = CommonService::splitStringToArray(',', $params['group_manager']);
$managerIdArr = array();
foreach ($managerNameArr as $mangerName) {
$managerInfo = TestUserService::getUserInfoByRealname($mangerName);
if ($managerInfo !== null) {
$managerIdArr[] = $managerInfo['id'];
}
}
$allUserId = array_unique(array_merge($params['group_user'], $managerIdArr));
foreach ($allUserId as $userId) {
$mapUserGroup = new MapUserGroup();
$mapUserGroup->test_user_id = $userId;
$mapUserGroup->user_group_id = $group->id;
if (in_array($userId, $managerIdArr)) {
$mapUserGroup->is_admin = CommonService::$TrueFalseStatus['TRUE'];
} else {
$mapUserGroup->is_admin = CommonService::$TrueFalseStatus['FALSE'];
}
$mapUserGroup->save();
}
$newRecord = self::loadModel($group->id);
if (!empty($newRecord->group_user)) {
$newRecord->group_user = join(',', $newRecord->group_user);
}
$addActionResult = AdminActionService::addActionNotes('user_group', $actionType, $newRecord, $oldRecordAttributs);
$resultInfo['status'] = CommonService::$ApiResult['SUCCESS'];
$resultInfo['detail'] = array('id' => $group->id);
}
return $resultInfo;
}
/**
* Lists all models.
*/
public function actionIndex()
{
$pageSize = CommonService::getPageSize();
$criteria = new CDbCriteria();
$name = '';
if (isset($_GET['name'])) {
$name = $_GET['name'];
$userArr = TestUserService::getUserList($name, 'id');
$criteria->addInCondition('created_by', array_keys($userArr));
$criteria->addSearchCondition('ip', $name, true, 'OR');
}
$dataProvider = new CActiveDataProvider('UserLog', array('criteria' => $criteria, 'sort' => array('defaultOrder' => array('id' => true)), 'pagination' => array('pageSize' => $pageSize)));
$this->render('index', array('dataProvider' => $dataProvider, 'name' => $name));
}
/**
* Authenticates the password.
* This is the 'authenticate' validator as declared in rules().
*/
public function authenticate($attribute, $params)
{
if (!$this->hasErrors()) {
$identity = new UserIdentity($this->username, $this->password);
if (0 == $this->isapi) {
$identity->authenticate();
} else {
$identity->apiAuthenticate();
}
switch ($identity->errorCode) {
case UserIdentity::ERROR_NONE:
$accessableProducts = TestUserService::getAccessableProduct($identity->getId());
if (empty($accessableProducts)) {
$this->addError('username', Yii::t('LoginForm', 'no accessable product'));
} else {
$duration = 0;
if ($this->rememberMe) {
// keep login state duration
$duration = LoginForm::DURATION;
}
Yii::app()->user->login($identity, $duration);
UserLogService::createUserLog(array('created_by' => Yii::app()->user->id, 'created_at' => date(CommonService::DATE_FORMAT), 'ip' => $_SERVER['REMOTE_ADDR']));
LoginService::setLanguageCookie($this->language);
}
break;
case UserIdentity::ERROR_USERNAME_INVALID:
$this->addError('username', Yii::t('LoginForm', 'username is incorrect'));
break;
case UserIdentity::ERROR_CONNECT:
$this->addError('username', Yii::t('LoginForm', 'ldap connect failed'));
break;
case UserIdentity::ERROR_USER_DISABLED:
$this->addError('username', Yii::t('LoginForm', 'user disabled'));
break;
case UserIdentity::ERROR_LDAP_MISS:
$this->addError('username', Yii::t('LoginForm', 'ldap module disabled'));
break;
case UserIdentity::ERROR_USER_NOT_FOUND:
$this->addError('username', Yii::t('LoginForm', 'user not found') . ' <a href="' . Yii::app()->createUrl('site/permission') . '">' . Yii::t('LoginForm', 'permission tips') . '</a>');
break;
default:
// UserIdentity::ERROR_PASSWORD_INVALID {
$this->addError('password', Yii::t('LoginForm', 'password is incorrect'));
break;
}
}
}
protected function getProductId($infoType)
{
if (isset($_GET['product_id'])) {
$productId = $_GET['product_id'];
if (!Info::isProductAccessable($productId)) {
throw new CHttpException(400, Yii::t('Common', 'Required URL not found or permission denied.'));
}
Yii::app()->user->setState('product', $productId);
TestUserService::updateUserProductCookie($productId);
return $productId;
} else {
throw new CHttpException(400, Yii::t('Common', 'Required URL not found or permission denied.'));
}
}
/**
* find user by realname
*
* @param string $realName
* @return array find user info array
*/
public function findUser($realName)
{
$code = API::ERROR_NONE;
$info = '';
if (empty($realName)) {
$code = API::ERROR_USER_EMPTY;
$info = Yii::t('API', 'user realname empty error info');
} else {
$userInfo = TestUserService::getUserInfoByRealname($realName);
if ($userInfo != null) {
$info['userinfo'] = $userInfo->attributes;
unset($info['userinfo']['password']);
} else {
$info['userinfo'] = '';
}
}
return array($code, $info);
}
/**
* Lists all models.
*/
public function actionIndex()
{
$name = '';
$pageSize = CommonService::getPageSize();
$productIdNameArr = ProductService::getActiveProductIdNameArr();
$criteria = new CDbCriteria();
if (CommonService::$TrueFalseStatus['FALSE'] == Yii::app()->user->getState('system_admin')) {
$managedProducts = TestUserService::getManagedProduct(Yii::app()->user->id);
$criteria->addInCondition('id', $managedProducts);
$criteria->addCondition('is_dropped="0"');
}
if (isset($_GET['name'])) {
$name = $_GET['name'];
$criteria->addSearchCondition('name', $name);
}
$dataProvider = new CActiveDataProvider('Product', array('criteria' => $criteria, 'sort' => array('defaultOrder' => array('is_dropped' => false, 'display_order' => true)), 'pagination' => array('pageSize' => $pageSize)));
$this->render('index', array('dataProvider' => $dataProvider, 'name' => $name, 'productIdNameArr' => $productIdNameArr));
}
public function actionUserList()
{
$q = '';
$type = 'realname';
if (!empty($_GET['q'])) {
$q = strtolower($_GET['q']);
}
if (!empty($_GET['type'])) {
$type = $_GET['type'];
}
$prefixId = 0;
if (!empty($_GET['p'])) {
$prefixId = $_GET['p'];
}
$items = TestUserService::getUserList($q, $type);
$items = TestUserService::handleActiveClose($prefixId, $q, $items);
foreach ($items as $key => $value) {
echo "{$key}|{$value}\n";
}
}
/**
* basic info convert
*
* @todo convert $action for bug import
*
* @param array $basicInfo
* @param string $infoType
* @return string
*/
private function basicInfoConv($basicInfo, $infoType)
{
// hard code for productmodule_id
if (isset($basicInfo['productmodule_id'])) {
$moduleSplitterPos = strpos($basicInfo['productmodule_id'], ProductModule::MODULE_SPLITTER);
if (false !== $moduleSplitterPos) {
$moduleName = substr($basicInfo['productmodule_id'], $moduleSplitterPos + 1);
$moduleInfo = ProductModule::model()->findByAttributes(array('product_id' => $basicInfo['product_id'], 'full_path_name' => $moduleName));
if (!empty($moduleInfo)) {
$basicInfo['productmodule_id'] = $moduleInfo->id;
}
} else {
//$basicInfo['productmodule_id'] = 0;
}
}
// hard code for id
if (isset($basicInfo['id']) && '' == $basicInfo['id']) {
unset($basicInfo['id']);
}
// hard code for delete_flag
if (isset($basicInfo['delete_flag'])) {
$basicInfo['delete_flag'] = CommonService::getTrueFalseValue($basicInfo['delete_flag']);
}
if (isset($basicInfo['priority'])) {
if (Info::TYPE_CASE == $infoType) {
$basicInfo['priority'] = ProductService::getCasePriorityValueByName($basicInfo['product_id'], $basicInfo['priority']);
} else {
if (Info::TYPE_BUG == $infoType) {
$basicInfo['priority'] = ProductService::getBugPriorityValueByName($basicInfo['product_id'], $basicInfo['priority']);
}
}
}
if (isset($basicInfo['severity']) && Info::TYPE_BUG == $infoType) {
$basicInfo['severity'] = ProductService::getBugSeverityValueByName($basicInfo['product_id'], $basicInfo['severity']);
}
// @TODO convert for bug import
$bugUserKeyArr = array('resolved_by', 'closed_by');
foreach ($bugUserKeyArr as $bugUserKey) {
if (isset($basicInfo[$bugUserKey])) {
$resolvedByInfo = TestUserService::getUserInfoByRealname($basicInfo[$bugUserKey]);
if (!empty($resolvedByInfo)) {
$basicInfo[$bugUserKey] = $resolvedByInfo['id'];
} else {
unset($basicInfo[$bugUserKey]);
}
}
}
$bugDateKeyArr = array('resolved_at', 'closed_at');
foreach ($bugDateKeyArr as $bugDateKey) {
if (empty($basicInfo[$bugDateKey])) {
unset($basicInfo[$bugDateKey]);
}
}
return $basicInfo;
}
public function actionDisable()
{
$userInfo['id'] = $_GET['id'];
$userInfo['is_dropped'] = $_GET['is_dropped'];
$editResult = TestUserService::editUser($userInfo, TestUserService::ADMIN_EDIT_USER);
if ($editResult['status'] == CommonService::$ApiResult['SUCCESS']) {
echo '';
} else {
echo Yii::t('Common', 'Operate failed');
}
}
echo $actionName;
?>
</h2>
<hr />
<?php
//lock_version should be the keyword to check if this record has been modified by other action
echo $form->hiddenField($model, 'lock_version', array('value' => $model->lock_version));
?>
<div class="row">
<?php
if ($model->isNewRecord) {
echo $form->label($model, 'authmode');
echo $form->dropDownList($model, 'authmode', TestUserService::getAuthModeOptions(), array('onchange' => 'setInternalInfo($(this).val())', 'class' => 'required'));
} else {
echo $form->label($model, 'authmode');
echo CHtml::encode(TestUserService::getModeMessage($model->authmode));
}
?>
</div>
<div class="row">
<?php
if ($model->isNewRecord) {
echo $form->label($model, 'username');
echo $form->textField($model, 'username', array('size' => 45, 'maxlength' => 45, 'class' => 'required'));
} else {
echo $form->label($model, 'username');
echo CHtml::encode($model->username);
}
?>
/**
* authenticate
* if user account is not existed, register it automatically
* if ladp connect failed, use the database data to validate
* after each ldap validation, update the user information to database
*
*/
public function authenticate()
{
$user = TestUser::model()->findByAttributes(array('username' => $this->username));
if ($user == null) {
$this->errorCode = self::ERROR_USER_NOT_FOUND;
} else {
if (CommonService::$TrueFalseStatus['TRUE'] == $user->is_dropped) {
$this->errorCode = self::ERROR_USER_DISABLED;
return !$this->errorCode;
}
if (TestUser::$Authmode['ldap'] == $user->authmode) {
$ldap = new LdapService($this->username, $this->password);
$userInfoArr = $ldap->search();
if (LdapService::ERROR_LDAP_MISS == $ldap->errorCode) {
$this->errorCode = self::ERROR_LDAP_MISS;
} else {
if (LdapService::ERROR_CONNECT == $ldap->errorCode || LdapService::ERROR_BIND == $ldap->errorCode) {
if (md5($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->setState('realname', $user->realname);
$this->setState('username', $user->username);
$this->errorCode = self::ERROR_NONE;
}
} else {
if (LdapService::ERROR_NONE == $ldap->errorCode) {
if (empty($userInfoArr)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$userInfo = $userInfoArr;
$userInfo['id'] = $user->id;
$userInfo['password'] = $this->password;
$result = TestUserService::editUser($userInfo, TestUserService::LDAP_UPDATE_USER);
if (CommonService::$ApiResult['SUCCESS'] == $result['status']) {
$userNew = TestUser::model()->findByPk($user->id);
$newRealName = $userNew['realname'];
$this->_id = $user->id;
$this->errorCode = self::ERROR_NONE;
$this->setState('realname', $newRealName);
$this->setState('username', $user->username);
} else {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
}
}
}
}
}
} else {
if (md5($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->setState('realname', $user->realname);
$this->setState('username', $user->username);
$this->errorCode = self::ERROR_NONE;
}
}
}
return !$this->errorCode;
}
/**
* Get query string with one field
*
* @author Yupeng Lee<*****@*****.**>
* @param string $fieldName FieldName
* @param string $operatorName =,<,>,<= eg.
* @param string $fieldValue FieldValue
* @return string Query string for SQL
*/
private static function baseGetFieldQueryStr($searchFieldConfig, $type, $fieldName, $operatorName, $fieldValue)
{
$basicTableName = '{{' . $type . 'view}}';
$fieldValue = trim($fieldValue);
$fieldValue = addslashes($fieldValue);
//handle search value %,_
if ($operatorName == 'LIKE' || $operatorName == 'NOT LIKE') {
$fieldValue = str_replace('%', '\\%', $fieldValue);
$fieldValue = str_replace('_', '\\_', $fieldValue);
}
$queryStr = '';
if ($fieldValue == '') {
return self::handleEmptyQuery($searchFieldConfig, $basicTableName, $fieldName, $operatorName, $fieldValue);
} elseif (Info::MARK == $fieldName) {
$inOrNotIn = ' not in ';
if ('1' == $fieldValue) {
$inOrNotIn = ' in ';
}
return $basicTableName . '.id ' . $inOrNotIn . ' (select info_id from {{map_user_' . $type . '}} where test_user_id=' . Yii::app()->user->id . ')';
} elseif ('delete_flag' == $fieldName) {
$fieldValue = CommonService::getTrueFalseValue($fieldValue);
}
//basic search field's name should be transfer to user id
$fieldType = $searchFieldConfig[$fieldName]['type'];
if (Info::$InputType['date'] == $fieldType) {
//date related search
if (preg_match('/^-?[1-9]\\d*$|^0$/', $fieldValue)) {
//如果输入为整数,则进行日期的换算
$fieldValue = date("Y-m-d", mktime(0, 0, 0, date("m"), date("d") + $fieldValue, date("Y")));
}
} elseif (Info::$InputType['multipeople'] == $fieldType && true == $searchFieldConfig[$fieldName]['isBasic']) {
$userNameArr = CommonService::splitStringToArray(',', $fieldValue);
$userIdArr = array();
foreach ($userNameArr as $userName) {
$userInfo = TestUserService::getUserInfoByRealname($userName);
if (empty($userInfo)) {
$userIdArr[] = '-99999';
} else {
$userIdArr[] = $userInfo['id'];
}
}
$fieldValue = join(',', $userIdArr);
}
if ($operatorName == 'LIKE') {
$queryStr = "LIKE '%{$fieldValue}%' ";
} elseif ($operatorName == 'NOT LIKE') {
$queryStr = "NOT LIKE '%{$fieldValue}%' ";
} elseif ($operatorName == 'UNDER') {
$queryStr = "LIKE '{$fieldValue}%' ";
} elseif ($operatorName == '!=') {
if (Info::$InputType['date'] == $fieldType) {
$queryStr = "NOT " . self::sysStrToDateSql($fieldValue);
} else {
$queryStr = "<> '" . $fieldValue . "' ";
}
} elseif ($operatorName == '=') {
if (Info::$InputType['date'] == $fieldType) {
$queryStr = self::sysStrToDateSql($fieldValue);
} elseif (Info::$InputType['multipeople'] == $fieldType) {
$queryStr = "LIKE '%" . $fieldValue . "%' ";
} else {
$queryStr = $operatorName . " '{$fieldValue}' ";
}
} elseif ($operatorName == 'IN') {
$fieldValueArr = CommonService::splitStringToArray(',', $fieldValue);
$inValueStr = '';
foreach ($fieldValueArr as $valueTmp) {
if ('' == $inValueStr) {
$inValueStr = '"' . $valueTmp . '"';
} else {
$inValueStr .= ',"' . $valueTmp . '"';
}
}
$queryStr = "IN ({$inValueStr}) ";
} else {
if (($operatorName == '>' || $operatorName == '<=') && Info::$InputType['date'] == $fieldType) {
$dateTimeArray = explode(" ", self::sysStrToDateSql($fieldValue));
$fieldValue = $dateTimeArray[4] . ' ' . $dateTimeArray[5];
$queryStr = $operatorName . " {$fieldValue} ";
} elseif (($operatorName == '>=' || $operatorName == '<') && Info::$InputType['date'] == $fieldType) {
$dateTimeArray = explode(" ", self::sysStrToDateSql($fieldValue));
$fieldValue = $dateTimeArray[1] . ' ' . $dateTimeArray[2];
$queryStr = $operatorName . " {$fieldValue} ";
} else {
$queryStr = $operatorName . " '{$fieldValue}' ";
}
}
if ('' != $queryStr) {
if (true == $searchFieldConfig[$fieldName]['isBasic']) {
$fieldName = $basicTableName . '.' . $fieldName;
}
if ($operatorName == 'UNDER') {
$likeFieldValue = str_replace('%', '\\%', $fieldValue);
$likeFieldValue = str_replace('_', '\\_', $likeFieldValue);
$queryStr = '(' . $fieldName . " LIKE '{$likeFieldValue}" . ProductModule::MODULE_SPLITTER . "%' or " . $fieldName . " = '{$fieldValue}')";
} else {
$queryStr = $fieldName . ' ' . $queryStr;
}
}
if ($operatorName == '!=') {
$queryStr = '(' . $queryStr . ' or ' . $fieldName . ' is null or ' . $fieldName . ' ="")';
}
return $queryStr;
}
