public function setEnabledFlag($linkedAccountId)
 {
     $value = Input::get('enabled_flag');
     $active_user = User::getIndex(Session::get('user_uid'));
     $account = LinkedAccount::where('linked_account_id', '=', $linkedAccountId)->first();
     $user = User::getIndex($account->user_uid);
     if ($user->user_uid == $active_user->user_uid || $active_user->isAdmin()) {
         $account->enabled_flag = $value ? 1 : 0;
         $account->save();
         $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountToggled', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR'], 'enabled' => $account->enabled_flag))));
         $userEvent->save();
         return Response::make('The status of this linked account has been updated.');
     } else {
         return Response::make('Unable to update this linked account.  Insufficient privileges.', 500);
     }
 }
Beispiel #2
0
 public function add()
 {
     // check to see if there is an LDAP connection for this environment
     //
     $ldapConnectionConfig = Config::get('ldap.connections.' . App::environment());
     if ($ldapConnectionConfig) {
         // use LDAP
         //
         LDAP::add($this);
     } else {
         // use SQL / Eloquent
         //
         $this->save();
     }
     // check for promo code information
     //
     $promoCodeId = null;
     if (Input::has('promo')) {
         $pdo = DB::connection('mysql')->getPdo();
         $sth = $pdo->prepare('SELECT * FROM project.promo_code WHERE promo_code = :promo AND expiration_date > NOW()');
         $sth->execute(array(':promo' => Input::get('promo')));
         $result = $sth->fetchAll(PDO::FETCH_ASSOC);
         $promoCodeId = $result != false && sizeof($result) > 0 ? $result[0]['promo_code_id'] : null;
     }
     // create new user account
     //
     $userAccount = new UserAccount(array('ldap_profile_update_date' => gmdate('Y-m-d H:i:s'), 'user_uid' => $this->user_uid, 'promo_code_id' => $promoCodeId, 'enabled_flag' => 1, 'owner_flag' => 0, 'admin_flag' => 0, 'email_verified_flag' => 0));
     $userAccount->save();
     // create linked account
     //
     if (Input::has('user_external_id') && Input::has('linked_account_provider_code')) {
         $linkedAccount = new LinkedAccount(array('user_external_id' => Input::get('user_external_id'), 'linked_account_provider_code' => Input::get('linked_account_provider_code'), 'enabled_flag' => 1, 'user_uid' => $this->user_uid, 'create_date' => gmdate('Y-m-d H:i:s')));
         $linkedAccount->save();
         $userEvent = new UserEvent(array('user_uid' => $this->user_uid, 'event_type' => 'linkedAccountCreated', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $linkedAccount->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR']))));
         $userEvent->save();
     }
     return $this;
 }
 public function githubLogin()
 {
     // Attempt to load the github account the user is currently logged in as.
     //
     if (!Session::has('github_access_token')) {
         return Response::make('Unauthorized GitHub access.', 401);
     }
     $token = Session::get('github_access_token');
     $ch = curl_init('https://api.github.com/user');
     curl_setopt($ch, CURLOPT_HTTPHEADER, array("Authorization: token {$token}"));
     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
     curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
     curl_setopt($ch, CURLOPT_USERAGENT, 'SWAMP');
     $response = curl_exec($ch);
     $github_user = json_decode($response);
     if (!property_exists($github_user, 'id')) {
         return Response::make('Unable to authenticate with GitHub.', 401);
     }
     $account = LinkedAccount::where('user_external_id', '=', $github_user->id)->first();
     if ($account) {
         $user = User::getIndex($account->user_uid);
         if ($user) {
             if ($user->hasBeenVerified()) {
                 if ($user->isEnabled()) {
                     $userAccount = $user->getUserAccount();
                     $userAccount->penultimate_login_date = $userAccount->ultimate_login_date;
                     $userAccount->ultimate_login_date = gmdate('Y-m-d H:i:s');
                     $userAccount->save();
                     $userEvent = new UserEvent(array('user_uid' => $user->user_uid, 'event_type' => 'linkedAccountSignIn', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $account->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR']))));
                     $userEvent->save();
                     $res = Response::json(array('user_uid' => $user->user_uid, 'access_token' => $token));
                     Session::set('timestamp', time());
                     Session::set('user_uid', $user->user_uid);
                     return $res;
                 } else {
                     return Response::make('User has not been approved.', 401);
                 }
             } else {
                 return Response::make('User email has not been verified.', 401);
             }
         } else {
             return Response::make('Incorrect username or password.', 401);
         }
     } else {
         return Response::make('Account not found.', 401);
     }
 }