function deleteUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentiasls) { $pACL = new paloACL($pDB); $pORGZ = new paloSantoOrganization($pDB); $idUser = getParameter("id"); $exito = false; $idOrgReload = $pACL->getIdOrganizationUser($idUser); if ($idOrgReload == false) { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", _tr($pACL->errMsg)); return reportUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentiasls); } if ($arrCredentiasls['userlevel'] == "superadmin") { if ($idUser == 1) { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", _tr("The admin user cannot be deleted because is the default Elastix administrator. You can delete any other user.")); return reportUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentiasls); } else { $exito = $pORGZ->deleteUserOrganization($idUser); } } else { if ($idOrgReload == $arrCredentiasls['id_organization']) { $exito = $pORGZ->deleteUserOrganization($idUser); } else { $pORGZ->errMsg = _tr("Invalid User"); } } if ($exito) { $smarty->assign("mb_title", _tr("MESSAGE")); $smarty->assign("mb_message", _tr("The user was deleted successfully")); //mostramos el mensaje para crear los archivos de ocnfiguracion $pAstConf = new paloSantoASteriskConfig($pDB); $orgTmp2 = $pORGZ->getOrganization(array("id" => $idOrgReload)); $pAstConf->setReloadDialplan($orgTmp2[0]["domain"], true); $content = reportUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentiasls); } else { $smarty->assign("mb_title", _tr("ERROR")); $smarty->assign("mb_message", _tr($pORGZ->errMsg)); $content = reportUser($smarty, $module_name, $local_templates_dir, $pDB, $arrConf, $arrCredentiasls); } return $content; }
if (!$pACL->getIdUser($_POST['input_user'])) { // not exists user? writeLOG("audit.log", "LOGIN {$user}: Authentication Failure to Web Interface login. Invalid user {$user} from {$_SERVER['REMOTE_ADDR']}."); } else { writeLOG("audit.log", "LOGIN {$user}: Authentication Failure to Web Interface login. Failed password for {$user} from {$_SERVER['REMOTE_ADDR']}."); } // Debo hacer algo aquí? } } // 2) Autentico usuario if (isset($_SESSION['elastix_user']) && isset($_SESSION['elastix_pass']) && $pACL->authenticateUser($_SESSION['elastix_user'], $_SESSION['elastix_pass'])) { $idUser = $pACL->getIdUser($_SESSION['elastix_user']); $pMenu = new paloMenu($arrConf['elastix_dsn']['elastix']); //obtenemos los menu a los que el usuario tiene acceso $arrMenuFiltered = $pMenu->filterAuthorizedMenus($idUser, 'yes'); $id_organization = $pACL->getIdOrganizationUser($idUser); if ($id_organization == false) { die("Error to retrieve User Info. " . $pACL->errMsg); } $_SESSION['elastix_organization'] = $id_organization; if (!is_array($arrMenuFiltered)) { $arrMenuFiltered = array(); } //traducir el menu al idioma correspondiente foreach ($arrMenuFiltered as $idMenu => $arrMenuItem) { $arrMenuFiltered[$idMenu]['description'] = _tr($arrMenuItem['description']); } //variables de smarty usadas en los templates $smarty->assign("THEMENAME", $arrConf['mainTheme']); $smarty->assign("WEBPATH", "web/"); $smarty->assign("WEBCOMMON", "../" . $arrConf['webCommon'] . "/");
/** funcion que sirve para obtener las credenciales de un usuario @return Array => ( idUser => (idUser or ""), id_organization => (ID_ORG or false), userlevel => (superadmin,organization), domain => (dominio de la ORG or false) ) */ function getUserCredentials($username) { global $arrConf, $elxPath; require_once "{$elxPath}/libs/paloSantoACL.class.php"; $pdbACL = new paloDB($arrConf['elastix_dsn']['elastix']); $pACL = new paloACL($pdbACL); $userLevel1 = "other"; $idOrganization = $domain = false; $idUser = $pACL->getIdUser($username); if ($idUser != false) { $idOrganization = $pACL->getIdOrganizationUser($idUser); if ($idOrganization != false) { if ($pACL->isUserSuperAdmin($username)) { $userLevel1 = "superadmin"; } elseif ($pACL->isUserAdministratorGroup($username)) { $userLevel1 = "admin"; } } } if ($idOrganization != false) { //obtenemos el dominio de las organizacion $query = "SELECT domain from organization where id=?"; $result = $pdbACL->getFirstRowQuery($query, false, array($idOrganization)); if ($result == false) { $domain = false; } else { if (!preg_match("/^(([[:alnum:]-]+)\\.)+([[:alnum:]])+\$/", $result[0])) { $domain = false; } else { $domain = $result[0]; } } } return array("idUser" => $idUser, "id_organization" => $idOrganization, "userlevel" => $userLevel1, "domain" => $domain); }