<?php echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_ALL_TOKEN'); ?> </a> </h3> <ul class="entries-list tokens access-tokens"> <?php if ($total > 0) { ?> <?php foreach ($tokens as $token) { ?> <li> <h4> <?php echo Hubzero\User\User::oneOrNew($token->get('uidNumber'))->get('name'); ?> </h4> <a class="btn btn-secondary revoke confirm" data-txt-confirm="<?php echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_TOKEN_CONFIRM'); ?> " href="<?php echo Route::url($this->application->link('revoke') . '&token=' . $token->get('id') . '&return=tokens'); ?> "> <?php echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_TOKEN'); ?> </a>
/** * Hook for login failure * * @param unknown $response * @return boolean */ public function onUserLoginFailure($response) { // Log attempt to the database Hubzero\User\User::blank()->logger()->auth()->set(['user_id' => 0, 'username' => isset($response['username']) ? $response['username'] : '******', 'status' => 'failure'])->save(); return true; }
/** * Get a list of participants from a thread * * @return object */ public function participants() { $user = new \Hubzero\User\User(); return self::all()->select($this->getTableName() . '.anonymous')->select($this->getTableName() . '.created_by')->select($user->getTableName() . '.name')->join($user->getTableName(), $user->getTableName() . '.id', $this->getTableName() . '.created_by', 'left')->whereEquals('thread', $this->get('thread'))->group('created_by'); }
/** * Add a user as a manager of a course * * @return void */ public function addTask() { // Check for request forgeries Request::checkToken(['get', 'post']); if ($this->getError()) { return $this->displayTask(); } // Incoming host $m = Request::getVar('author', ''); $mbrs = explode(',', $m); $mbrs = array_map('trim', $mbrs); foreach ($mbrs as $mbr) { $user = null; if (!strstr($mbr, ' ')) { $user = User::getInstance($mbr); } // Make sure the user exists if (!is_object($user) || !$user->get('username')) { $mbr = trim($mbr); $mbr = preg_replace('/\\s+/', ' ', $mbr); $user = new \Hubzero\User\User(); $user->set('name', $mbr); $parts = explode(' ', $mbr); if (count($parts) > 1) { $surname = array_pop($parts); $user->set('surname', $surname); $givenName = array_shift($parts); $user->set('givenName', $givenName); if (!empty($parts)) { $user->get('middleName', implode(' ', $parts)); } } } $author = new Author($this->database); $author->cid = $this->citation->id; $author->author = $user->get('name'); $author->uidNumber = $user->get('id', 0); $author->organization = $user->get('organization'); $author->givenName = $user->get('givenName'); $author->middleName = $user->get('middleName'); $author->surname = $user->get('surname'); $author->email = $user->get('email'); if (!$author->check()) { $this->setError($author->getError()); continue; } if (!$author->store()) { $this->setError($author->getError()); continue; } } $this->saveAuthorsList(); // Push through to the view $this->displayTask(); }
/** * This method will return a user object * * If options['autoregister'] is true, if the user doesn't exist yet he will be created * * @param array $user Holds the user data. * @param array $options Array holding options (remember, autoregister, group). * @return object A User object */ protected function _getUser($user, $options = array()) { $instance = Hubzero\User\User::oneByUsername($user['username']); if ($id = intval($instance->get('id'))) { return $instance; } //TODO : move this out of the plugin $config = Component::params('com_members'); // Default to Registered. $defaultUserGroup = $config->get('new_usertype', 2); $instance->set('id', 0); $instance->set('name', $user['fullname']); $instance->set('username', $user['username']); //$instance->set('password_clear', ((isset($user['password_clear'])) ? $user['password_clear'] : '')); $instance->set('email', $user['email']); // Result should contain an email (check) $instance->set('usertype', 'deprecated'); $instance->set('accessgroups', array($defaultUserGroup)); $instance->set('activation', 1); $instance->set('loginShell', '/bin/bash'); $instance->set('ftpShell', '/usr/lib/sftp-server'); // Check joomla user activation setting // 0 = automatically confirmed // 1 = require email confirmation (the norm) // 2 = require admin confirmation $useractivation = $config->get('useractivation', 1); // If requiring admin approval, set user to not approved if ($useractivation == 2) { $instance->set('approved', 0); } else { $instance->set('approved', 2); } // Now, also check to see if user came in via an auth plugin, as that may affect their approval status if (isset($user['auth_link'])) { $domain = Hubzero\Auth\Domain::find_by_id($user['auth_link']->auth_domain_id); if ($domain && is_object($domain)) { $params = Plugin::params('authentication', $domain->authenticator); if ($params && is_object($params) && $params->get('auto_approve', false)) { $instance->set('approved', 2); } } } // If autoregister is set let's register the user $autoregister = isset($options['autoregister']) ? $options['autoregister'] : $this->params->get('autoregister', 1); if ($autoregister) { if (!$instance->save()) { return new Exception($instance->getError()); } } else { // No existing user and autoregister off, this is a temporary user. $instance->set('tmp_user', true); } $instance->set('password_clear', isset($user['password_clear']) ? $user['password_clear'] : ''); return $instance; }
/** * Checks to see if the current user has exceeded the site * login attempt limit for a given time period * * @param $user \Hubzero\User\User * * @return bool */ private function hasExceededLoginLimit($user) { $params = \Component::params('com_members'); $limit = (int) $params->get('login_attempts_limit', 10); $timeframe = (int) $params->get('login_attempts_timeframe', 1); $result = true; // Get the user's tokens $threshold = date("Y-m-d H:i:s", strtotime(\Date::toSql() . " {$timeframe} hours ago")); $auths = new \Hubzero\User\Log\Auth(); $auths->whereEquals('username', $user->username)->whereEquals('status', 'failure')->where('logged', '>=', $threshold); if ($auths->count() < $limit - 1) { $result = false; } else { // Log attempt to the database Hubzero\User\User::oneOrFail($user->id)->logger()->auth()->save(['username' => $user->username, 'status' => 'blocked']); } return $result; }