/**
* Validate the provided session information is correct and current. Load the session.
*
* @param String $session_id -- The session ID that was returned by a call to login.
* @return true -- If the session is valid and loaded.
* @return false -- if the session is not valid.
*/
function validate_authenticated($session_id)
{
$GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated');
if (!empty($session_id)) {
// only initialize session once in case this method is called multiple times
if (!session_id()) {
session_id($session_id);
session_start();
}
if (!empty($_SESSION['is_valid_session']) && $this->is_valid_ip_address('ip_address') && $_SESSION['type'] == 'user') {
global $current_user;
require_once 'modules/Users/User.php';
$current_user = BeanFactory::getBean('Users', $_SESSION['user_id']);
$this->login_success();
$GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated - passed');
$GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated');
return true;
}
$GLOBALS['log']->debug("calling destroy");
session_destroy();
}
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated - validation failed');
return false;
}
public function tearDown()
{
foreach ($this->renames as $file) {
rename($file . ".bak", $file);
}
foreach ($this->deletes as $file) {
unlink($file);
}
unset($GLOBALS['logic_hook']);
LogicHook::refreshHooks();
}
public function setUp()
{
$this->user = SugarTestUserUtilities::createAnonymousUser();
$GLOBALS['current_user'] = $this->user;
//Setup logichook files
if (file_exists($this->casesHookFile)) {
$this->hasCustomCasesLogicHookFile = true;
copy($this->casesHookFile, $this->casesHookFile . '.bak');
}
$hook_array['after_relationship_add'][] = array(1, 'Cases increment count', $this->casesCountFile, 'CaseCount', 'countMe');
write_array_to_file("hook_array", $hook_array, $this->casesHookFile);
$this->useOutputBuffering = false;
LogicHook::refreshHooks();
//now write out the script that the logichook executes. This will keep track of times called
global $hookRunCount;
$hookRunCount = 0;
$fileCont = '<?php class CaseCount {
function countMe($bean, $event, $arguments){
global $hookRunCount;
if($event =="after_relationship_add" && $arguments["module"]=="Cases" && $arguments["related_module"]=="Emails")
$hookRunCount++;
}}?>';
file_put_contents($this->casesCountFile, $fileCont);
//setup test account for case
$this->account = new Account();
$this->account->name = 'test account for bug 39855';
$this->account->assigned_user_id = 'SugarUser';
$this->account->save();
//create case
$this->case = new aCase();
$this->case->name = 'test case for unitTest 49784';
$this->case->account_id = $this->account->id;
$this->case->status = 'New';
$this->case->save();
//retrieve so we have latest info (case number)
$this->case->retrieve($this->case->id);
//create email with case in subject
$this->email = new Email();
$this->email->type = 'inbound';
$this->email->status = 'unread';
$this->email->from_addr_name = $this->email->cleanEmails("*****@*****.**");
$this->email->to_addrs_names = $this->email->cleanEmails("*****@*****.**");
$this->email->cc_addrs_names = $this->email->cleanEmails("*****@*****.**");
$this->email->name = 'RE: [CASE:' . $this->case->case_number . '] ' . $this->case->name;
$this->email->save();
}
public function setUp()
{
//Setup mock logic hook files
if (file_exists($this->modulesHookFile)) {
$this->hasCustomModulesLogicHookFile = true;
copy($this->modulesHookFile, $this->modulesHookFile . '.bak');
} else {
write_array_to_file("test", array(), $this->modulesHookFile);
}
if (file_exists($this->contactsHookFile)) {
$this->hasCustomContactLogicHookFile = true;
copy($this->contactsHookFile, $this->contactsHookFile . '.bak');
} else {
write_array_to_file("test", array(), $this->contactsHookFile);
}
$this->useOutputBuffering = false;
LogicHook::refreshHooks();
}
function startSession()
{
$sessionIdCookie = isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : null;
if (isset($_REQUEST['MSID'])) {
session_id($_REQUEST['MSID']);
session_start();
if (isset($_SESSION['user_id']) && isset($_SESSION['seamless_login'])) {
unset($_SESSION['seamless_login']);
} else {
if (isset($_COOKIE['PHPSESSID'])) {
self::setCookie('PHPSESSID', '', time() - 42000, '/');
}
sugar_cleanup(false);
session_destroy();
exit('Not a valid entry method');
}
} else {
if (can_start_session()) {
session_start();
}
}
if (isset($_REQUEST['login_module']) && isset($_REQUEST['login_action']) && !($_REQUEST['login_module'] == 'Home' && $_REQUEST['login_action'] == 'index')) {
if (!is_null($sessionIdCookie) && empty($_SESSION)) {
self::setCookie('loginErrorMessage', 'LBL_SESSION_EXPIRED', time() + 30, '/');
}
}
self::trackLogin();
LogicHook::initialize()->call_custom_logic('', 'after_session_start');
}
/**
* Trigger custom logic for this module that is defined for the provided hook
* The custom logic file is located under custom/modules/[CURRENT_MODULE]/logic_hooks.php.
* That file should define the $hook_version that should be used.
* It should also define the $hook_array. The $hook_array will be a two dimensional array
* the first dimension is the name of the event, the second dimension is the information needed
* to fire the hook. Each entry in the top level array should be defined on a single line to make it
* easier to automatically replace this file. There should be no contents of this file that are not replacable.
*
* $hook_array['before_save'][] = Array(1, testtype, 'custom/modules/Leads/test12.php', 'TestClass', 'lead_before_save_1');
* This sample line creates a before_save hook. The hooks are procesed in the order in which they
* are added to the array. The second dimension is an array of:
* processing index (for sorting before exporting the array)
* A logic type hook
* label/type
* php file to include
* php class the method is in
* php method to call
*
* The method signature for version 1 hooks is:
* function NAME(&$bean, $event, $arguments)
* $bean - $this bean passed in by reference.
* $event - The string for the current event (i.e. before_save)
* $arguments - An array of arguments that are specific to the event.
*/
function call_custom_logic($event, $arguments = array())
{
if (!isset($this->processed) || $this->processed == false) {
//add some logic to ensure we do not get into an infinite loop
if (!empty($this->logicHookDepth[$event])) {
if ($this->logicHookDepth[$event] > $this->max_logic_depth) {
return;
}
} else {
$this->logicHookDepth[$event] = 0;
}
//we have to put the increment operator here
//otherwise we may never increase the depth for that event in the case
//where one event will trigger another as in the case of before_save and after_save
//Also keeping the depth per event allow any number of hooks to be called on the bean
//and we only will return if one event gets caught in a loop. We do not increment globally
//for each event called.
$this->logicHookDepth[$event]++;
//method defined in 'include/utils/LogicHook.php'
$logicHook = new LogicHook();
$logicHook->setBean($this);
$logicHook->call_custom_logic($this->module_dir, $event, $arguments);
$this->logicHookDepth[$event]--;
//Fire dependency manager dependencies here for some custom logic types.
if (in_array($event, array('after_relationship_add', 'after_relationship_delete', 'before_delete'))) {
$this->updateRelatedCalcFields(isset($arguments['link']) ? $arguments['link'] : "");
}
}
}
/**
* Handle exception
* @param Exception $e
*/
protected function handleException(Exception $e)
{
$GLOBALS['log']->fatal('Exception in Controller: ' . $e);
$logicHook = new LogicHook();
SugarMetric_Manager::getInstance()->handleException($e);
if (isset($this->bean)) {
$logicHook->setBean($this->bean);
$logicHook->call_custom_logic($this->bean->module_dir, "handle_exception", $e);
} else {
$logicHook->call_custom_logic('', "handle_exception", $e);
}
}
* Portions created by SugarCRM are Copyright (C) SugarCRM, Inc.
* All Rights Reserved.
* Contributor(s): ______________________________________..
********************************************************************************/
// record the last theme the user used
$current_user->setPreference('lastTheme', $theme);
$GLOBALS['current_user']->call_custom_logic('before_logout');
// submitted by Tim Scott from SugarCRM forums
foreach ($_SESSION as $key => $val) {
$_SESSION[$key] = '';
// cannot just overwrite session data, causes segfaults in some versions of PHP
}
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
//Update the tracker_sessions table
$trackerManager = TrackerManager::getInstance();
if ($monitor = $trackerManager->getMonitor('tracker_sessions')) {
$monitor->setValue('user_id', $GLOBALS['current_user']->id);
$monitor->setValue('date_end', TimeDate::getInstance()->nowDb());
$seconds = strtotime($monitor->date_end) - strtotime($monitor->date_start);
$monitor->setValue('seconds', $seconds);
$monitor->setValue('active', 0);
$trackerManager->saveMonitor($monitor);
}
// clear out the authenticating flag
session_destroy();
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
/** @var AuthenticationController $authController */
$authController->authController->logout();
/**
* Log out of the session. This will destroy the session and prevent other's from using it.
*
* @param String $session -- Session ID returned by a previous call to login.
* @return Empty error on success, Error on failure
*/
function logout($session)
{
global $current_user;
$error = new SoapError();
LogicHook::initialize();
if (validate_authenticated($session)) {
$current_user->call_custom_logic('before_logout');
session_destroy();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
return $error->get_soap_array();
}
$error->set_error('no_session');
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
return $error->get_soap_array();
}
public static function refreshHooks()
{
self::$hooks = array();
}
/**
* Handle exception
*
* @param Exception $e
*/
protected function handleException(Exception $e)
{
$logicHook = LogicHook::instance();
$dir = '';
Log::fatal("Exception in Controller: [{$e->getMessage()}]:[File: {$e->getFile()}:{$e->getLine()}]");
if (isset($this->bean)) {
$logicHook->setBean($this->bean);
$dir = $this->bean->module_dir;
}
LogicHook::instance();
$logicHook->call_custom_logic($dir, "handle_exception", $e);
}
function sugar_cleanup($exit = false)
{
static $called = false;
if ($called) {
return;
}
$called = true;
set_include_path(realpath(dirname(__FILE__) . '/..') . PATH_SEPARATOR . get_include_path());
chdir(realpath(dirname(__FILE__) . '/..'));
global $sugar_config;
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('', 'server_round_trip');
//added this check to avoid errors during install.
if (empty($sugar_config['dbconfig'])) {
if ($exit) {
exit;
} else {
return;
}
}
if (!class_exists('Tracker', true)) {
require_once 'modules/Trackers/Tracker.php';
}
Tracker::logPage();
// Now write the cached tracker_queries
if (!empty($GLOBALS['savePreferencesToDB']) && $GLOBALS['savePreferencesToDB']) {
if (!class_exists('UserPreference', true)) {
}
UserPreference::savePreferencesToDB();
}
pre_login_check();
if (class_exists('DBManagerFactory')) {
$db = DBManagerFactory::getInstance();
$db->disconnect();
if ($exit) {
exit;
}
}
}
public function setUp()
{
$this->bean = new Account();
Bug52113TestHook::$count = 0;
LogicHook::refreshHooks();
}
if (!empty($_COOKIE['PHPSESSID']) && strcmp($_GET['PHPSESSID'], $_COOKIE['PHPSESSID']) == 0) {
session_id($_REQUEST['PHPSESSID']);
} else {
unset($_GET['PHPSESSID']);
}
}
if (!empty($sugar_config['session_dir'])) {
session_save_path($sugar_config['session_dir']);
}
SugarApplication::preLoadLanguages();
$timedate = TimeDate::getInstance();
$GLOBALS['sugar_version'] = $sugar_version;
$GLOBALS['sugar_flavor'] = $sugar_flavor;
$GLOBALS['timedate'] = $timedate;
$GLOBALS['js_version_key'] = md5($GLOBALS['sugar_config']['unique_key'] . $GLOBALS['sugar_version'] . $GLOBALS['sugar_flavor']);
$db = DBManagerFactory::getInstance();
$db->resetQueryCount();
$locale = new Localization();
// Emails uses the REQUEST_URI later to construct dynamic URLs.
// IIS does not pass this field to prevent an error, if it is not set, we will assign it to ''.
if (!isset($_SERVER['REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = '';
}
$current_user = new User();
$current_entity = null;
$system_config = new Administration();
$system_config->retrieveSettings();
LogicHook::instance()->call_custom_logic('core', 'after_entry_point');
}
//// END SETTING DEFAULT VAR VALUES
///////////////////////////////////////////////////////////////////////////////
/**
* This method will be called from the controller and is not meant to be overridden.
*/
public function process()
{
LogicHook::initialize();
$this->_checkModule();
//trackView has to be here in order to track for breadcrumbs
$this->_trackView();
if ($this->_getOption('show_header')) {
$this->displayHeader();
} else {
$this->renderJavascript();
}
$this->_buildModuleList();
$this->preDisplay();
$this->displayErrors();
$this->display();
if (!empty($this->module)) {
$GLOBALS['logic_hook']->call_custom_logic($this->module, 'after_ui_frame');
}
$GLOBALS['logic_hook']->call_custom_logic('', 'after_ui_frame');
if ($this->_getOption('show_subpanels')) {
$this->_displaySubPanels();
}
if ($this->action === 'Login') {
//this is needed for a faster loading login page ie won't render unless the tables are closed
ob_flush();
}
if ($this->_getOption('show_footer')) {
$this->displayFooter();
}
$GLOBALS['logic_hook']->call_custom_logic('', 'after_ui_footer');
//Do not track if there is no module or if module is not a String
$this->_track();
}
/**
* Sets up a user after successful authentication and session setup
*
* @returns bool Was the login successful
*/
protected function userAfterAuthenticate($userId, $oauthServer)
{
$valid = false;
if (!empty($GLOBALS['current_user'])) {
$valid = true;
$GLOBALS['logic_hook']->call_custom_logic('', 'after_load_user');
}
if ($GLOBALS['current_user']->status == 'Inactive' || $GLOBALS['current_user']->deleted == true) {
$valid = false;
}
if ($valid) {
SugarApplication::trackLogin();
// Setup visibility where needed
$oauthServer->setupVisibility();
LogicHook::initialize()->call_custom_logic('', 'after_session_start');
$this->user = $GLOBALS['current_user'];
$this->user->setupSession();
}
return $valid;
}
/**
* Validate the provided session information is correct and current. Load the session.
*
* @param String $session_id -- The session ID that was returned by a call to login.
* @return true -- If the session is valid and loaded.
* @return false -- if the session is not valid.
*/
function validate_authenticated($session_id)
{
$GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated');
if (!empty($session_id)) {
session_id($session_id);
session_start();
if (!empty($_SESSION['is_valid_session']) && $_SESSION['ip_address'] == query_client_ip() && $_SESSION['type'] == 'user') {
global $current_user;
require_once 'modules/Users/User.php';
$current_user = new User();
$current_user->retrieve($_SESSION['user_id']);
$this->login_success();
$GLOBALS['log']->info('Begin: SoapHelperWebServices->validate_authenticated - passed');
$GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated');
return true;
}
$GLOBALS['log']->debug("calling destroy");
session_destroy();
}
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$GLOBALS['log']->info('End: SoapHelperWebServices->validate_authenticated - validation failed');
return false;
}
if (!empty($_COOKIE['PHPSESSID']) && strcmp($_GET['PHPSESSID'], $_COOKIE['PHPSESSID']) == 0) {
session_id($_REQUEST['PHPSESSID']);
} else {
unset($_GET['PHPSESSID']);
}
}
if (!empty($sugar_config['session_dir'])) {
session_save_path($sugar_config['session_dir']);
}
SugarApplication::preLoadLanguages();
$timedate = TimeDate::getInstance();
$GLOBALS['sugar_version'] = $sugar_version;
$GLOBALS['sugar_flavor'] = $sugar_flavor;
$GLOBALS['timedate'] = $timedate;
$GLOBALS['js_version_key'] = md5($GLOBALS['sugar_config']['unique_key'] . $GLOBALS['sugar_version'] . $GLOBALS['sugar_flavor']);
$db = DBManagerFactory::getInstance();
$db->resetQueryCount();
$locale = new Localization();
// Emails uses the REQUEST_URI later to construct dynamic URLs.
// IIS does not pass this field to prevent an error, if it is not set, we will assign it to ''.
if (!isset($_SERVER['REQUEST_URI'])) {
$_SERVER['REQUEST_URI'] = '';
}
$current_user = new User();
$current_entity = null;
$system_config = new Administration();
$system_config->retrieveSettings();
LogicHook::initialize()->call_custom_logic('', 'after_entry_point');
}
//// END SETTING DEFAULT VAR VALUES
///////////////////////////////////////////////////////////////////////////////
function sugar_cleanup($exit = false)
{
static $called = false;
if ($called) {
return;
}
$called = true;
set_include_path(realpath(dirname(__FILE__) . '/..') . PATH_SEPARATOR . get_include_path());
chdir(realpath(dirname(__FILE__) . '/..'));
global $sugar_config;
require_once 'include/utils/LogicHook.php';
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('', 'server_round_trip');
//added this check to avoid errors during install.
if (empty($sugar_config['dbconfig'])) {
if ($exit) {
exit;
} else {
return;
}
}
if (!class_exists('Tracker', true)) {
require_once 'modules/Trackers/Tracker.php';
}
Tracker::logPage();
// Now write the cached tracker_queries
if (!empty($GLOBALS['savePreferencesToDB']) && $GLOBALS['savePreferencesToDB']) {
if (isset($GLOBALS['current_user']) && $GLOBALS['current_user'] instanceof User) {
$GLOBALS['current_user']->savePreferencesToDB();
}
}
//check to see if this is not an `ajax call AND the user preference error flag is set
if (isset($_SESSION['USER_PREFRENCE_ERRORS']) && $_SESSION['USER_PREFRENCE_ERRORS'] && ($_REQUEST['action'] != 'modulelistmenu' && $_REQUEST['action'] != 'DynamicAction') && (empty($_REQUEST['to_pdf']) || !$_REQUEST['to_pdf']) && (empty($_REQUEST['sugar_body_only']) || !$_REQUEST['sugar_body_only'])) {
global $app_strings;
//this is not an ajax call and the user preference error flag is set, so reset the flag and print js to flash message
$err_mess = $app_strings['ERROR_USER_PREFS'];
$_SESSION['USER_PREFRENCE_ERRORS'] = false;
echo "\n\t\t<script>\n\t\t\tajaxStatus.flashStatus('{$err_mess}',7000);\n\t\t</script>";
}
pre_login_check();
if (class_exists('DBManagerFactory')) {
$db = DBManagerFactory::getInstance();
$db->disconnect();
if ($exit) {
exit;
}
}
}
/**
* Log the user into the application
*
* @param UserAuth array $user_auth -- Set user_name and password (password needs to be
* in the right encoding for the type of authentication the user is setup for. For Base
* sugar validation, password is the MD5 sum of the plain text password.
* @param String $application -- The name of the application you are logging in from. (Currently unused).
* @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported
* @return Array - id - String id is the session_id of the session that was created.
* - module_name - String - module name of user
* - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name,
* - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat
* @exception 'SoapFault' -- The SOAP error, if any
*/
public function login($user_auth, $application, $name_value_list = array())
{
$GLOBALS['log']->info("Begin: SugarWebServiceImpl->login({$user_auth['user_name']}, {$application}, " . print_r($name_value_list, true) . ")");
global $sugar_config, $system_config;
$error = new SoapError();
$user = new User();
$success = false;
//rrs
$system_config = new Administration();
$system_config->retrieveSettings('system');
$authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate');
//rrs
if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN' && $authController->authController->userAuthenticateClass != "LDAPAuthenticateUser") {
$user_auth['password'] = md5($user_auth['password']);
}
$isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true));
$usr_id = $user->retrieve_user_id($user_auth['user_name']);
if ($usr_id) {
$user->retrieve($usr_id);
}
if ($isLoginSuccess) {
if ($_SESSION['hasExpiredPassword'] == '1') {
$error->set_error('password_expired');
$GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
}
if (!empty($user) && !empty($user->id) && !$user->is_group) {
$success = true;
global $current_user;
$current_user = $user;
}
} else {
if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') {
$error->set_error('lockout_reached');
$GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
} else {
if (function_exists('mcrypt_cbc') && $authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] !== 'PLAIN')) {
$password = self::$helperObject->decrypt_string($user_auth['password']);
$authController->loggedIn = false;
// reset login attempt to try again with decrypted password
if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) {
$success = true;
}
} else {
if ($authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] == 'PLAIN')) {
$authController->loggedIn = false;
// reset login attempt to try again with md5 password
if ($authController->login($user_auth['user_name'], md5($user_auth['password']), array('passwordEncrypted' => true)) && isset($_SESSION['authenticated_user_id'])) {
$success = true;
} else {
$error->set_error('ldap_error');
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
}
}
}
}
}
if ($success) {
session_start();
global $current_user;
//$current_user = $user;
self::$helperObject->login_success($name_value_list);
$current_user->loadPreferences();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['user_id'] = $current_user->id;
$_SESSION['type'] = 'user';
$_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user);
$_SESSION['authenticated_user_id'] = $current_user->id;
$_SESSION['unique_key'] = $sugar_config['unique_key'];
$GLOBALS['log']->info('End: SugarWebServiceImpl->login - successful login');
$current_user->call_custom_logic('after_login');
$nameValueArray = array();
global $current_language;
$nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id);
$nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name);
$nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language);
$cur_id = $current_user->getPreference('currency');
$nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id);
$nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user));
$nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team);
$nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef'));
$nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef'));
$num_grp_sep = $current_user->getPreference('num_grp_sep');
$dec_sep = $current_user->getPreference('dec_sep');
$nameValueArray['user_number_seperator'] = self::$helperObject->get_name_value('user_number_seperator', empty($num_grp_sep) ? $sugar_config['default_number_grouping_seperator'] : $num_grp_sep);
$nameValueArray['user_decimal_seperator'] = self::$helperObject->get_name_value('user_decimal_seperator', empty($dec_sep) ? $sugar_config['default_decimal_seperator'] : $dec_sep);
$nameValueArray['mobile_max_list_entries'] = self::$helperObject->get_name_value('mobile_max_list_entries', $sugar_config['wl_list_max_entries_per_page']);
$nameValueArray['mobile_max_subpanel_entries'] = self::$helperObject->get_name_value('mobile_max_subpanel_entries', $sugar_config['wl_list_max_entries_per_subpanel']);
$currencyObject = new Currency();
$currencyObject->retrieve($cur_id);
$nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name);
$_SESSION['user_language'] = $current_language;
return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray);
}
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$error->set_error('invalid_login');
self::$helperObject->setFaultObject($error);
$GLOBALS['log']->error('End: SugarWebServiceImpl->login - failed login');
}
public function testprocess_hooks()
{
//execute the method and test if it doesn't throws an exception
$LogicHook = new LogicHook();
$LogicHook->setBean(new Account());
$hooks = $LogicHook->loadHooks('');
try {
$LogicHook->process_hooks($hooks, 'after_ui_footer', array());
$this->assertTrue(true);
} catch (Exception $e) {
$this->fail();
}
}
/**
* Trigger custom logic for this module that is defined for the provided hook
* The custom logic file is located under custom/modules/[CURRENT_MODULE]/logic_hooks.php.
* That file should define the $hook_version that should be used.
* It should also define the $hook_array. The $hook_array will be a two dimensional array
* the first dimension is the name of the event, the second dimension is the information needed
* to fire the hook. Each entry in the top level array should be defined on a single line to make it
* easier to automatically replace this file. There should be no contents of this file that are not replacable.
*
* $hook_array['before_save'][] = Array(1, testtype, 'custom/modules/Leads/test12.php', 'TestClass', 'lead_before_save_1');
* This sample line creates a before_save hook. The hooks are procesed in the order in which they
* are added to the array. The second dimension is an array of:
* processing index (for sorting before exporting the array)
* A logic type hook
* label/type
* php file to include
* php class the method is in
* php method to call
*
* The method signature for version 1 hooks is:
* function NAME(&$bean, $event, $arguments)
* $bean - $this bean passed in by reference.
* $event - The string for the current event (i.e. before_save)
* $arguments - An array of arguments that are specific to the event.
*/
function call_custom_logic($event, $arguments = null)
{
if (!isset($this->processed) || $this->processed == false) {
//add some logic to ensure we do not get into an infinite loop
if (!empty($this->logicHookDepth[$event])) {
if ($this->logicHookDepth[$event] > 10) {
return;
}
} else {
$this->logicHookDepth[$event] = 0;
}
//we have to put the increment operator here
//otherwise we may never increase the depth for that event in the case
//where one event will trigger another as in the case of before_save and after_save
//Also keeping the depth per event allow any number of hooks to be called on the bean
//and we only will return if one event gets caught in a loop. We do not increment globally
//for each event called.
$this->logicHookDepth[$event]++;
//method defined in 'include/utils/LogicHook.php'
$logicHook = new LogicHook();
$logicHook->setBean($this);
$logicHook->call_custom_logic($this->module_dir, $event, $arguments);
}
}
/**
* Log the user into the application
*
* @param UserAuth array $user_auth -- Set user_name and password (password needs to be
* in the right encoding for the type of authentication the user is setup for. For Base
* sugar validation, password is the MD5 sum of the plain text password.
* @param String $application -- The name of the application you are logging in from. (Currently unused).
* @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported
* @return Array - id - String id is the session_id of the session that was created.
* - module_name - String - module name of user
* - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name,
* - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat
* @exception 'SoapFault' -- The SOAP error, if any
*/
public function login($user_auth, $application, $name_value_list)
{
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->login');
global $sugar_config, $system_config;
$error = new SoapError();
$user = new User();
$success = false;
if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN') {
$user_auth['password'] = md5($user_auth['password']);
}
//rrs
$system_config = new Administration();
$system_config->retrieveSettings('system');
$authController = new AuthenticationController();
//rrs
$isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true));
$usr_id = $user->retrieve_user_id($user_auth['user_name']);
if ($usr_id) {
$user->retrieve($usr_id);
}
if ($isLoginSuccess) {
if ($_SESSION['hasExpiredPassword'] == '1') {
$error->set_error('password_expired');
$GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
}
if (!empty($user) && !empty($user->id) && !$user->is_group) {
$success = true;
global $current_user;
$current_user = $user;
}
} else {
if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') {
$error->set_error('lockout_reached');
$GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
} else {
if (function_exists('mcrypt_cbc')) {
$password = self::$helperObject->decrypt_string($user_auth['password']);
if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) {
$success = true;
}
}
}
}
if ($success) {
session_start();
global $current_user;
//$current_user = $user;
self::$helperObject->login_success($name_value_list);
$current_user->loadPreferences();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['user_id'] = $current_user->id;
$_SESSION['type'] = 'user';
$_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user);
$_SESSION['authenticated_user_id'] = $current_user->id;
$_SESSION['unique_key'] = $sugar_config['unique_key'];
$current_user->call_custom_logic('after_login');
$GLOBALS['log']->info('End: SugarWebServiceImpl->login - succesful login');
$nameValueArray = array();
global $current_language;
$nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id);
$nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name);
$nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language);
$cur_id = $current_user->getPreference('currency');
$nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id);
$nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user));
$nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team);
$nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef'));
$nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef'));
$currencyObject = new Currency();
$currencyObject->retrieve($cur_id);
$nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name);
$_SESSION['user_language'] = $current_language;
return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray);
}
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$error->set_error('invalid_login');
self::$helperObject->setFaultObject($error);
$GLOBALS['log']->info('End: SugarWebServiceImpl->login - failed login');
}
/**
* This method will be called from the controller and is not meant to be overridden.
*/
public function process()
{
LogicHook::initialize();
$this->_checkModule();
//trackView has to be here in order to track for breadcrumbs
$this->_trackView();
//For the ajaxUI, we need to use output buffering to return the page in an ajax friendly format
if ($this->_getOption('json_output')) {
ob_start();
if (!empty($_REQUEST['ajax_load']) && !empty($_REQUEST['loadLanguageJS'])) {
echo $this->_getModLanguageJS();
}
}
if ($this->_getOption('show_header')) {
$this->displayHeader();
} else {
$this->renderJavascript();
}
$this->_buildModuleList();
$this->preDisplay();
$this->displayErrors();
$this->display();
if (!empty($this->module)) {
$GLOBALS['logic_hook']->call_custom_logic($this->module, 'after_ui_frame');
} else {
$GLOBALS['logic_hook']->call_custom_logic('', 'after_ui_frame');
}
if ($this->_getOption('show_subpanels') && !empty($_REQUEST['record'])) {
$this->_displaySubPanels();
}
if ($this->action === 'Login') {
//this is needed for a faster loading login page ie won't render unless the tables are closed
ob_flush();
}
if ($this->_getOption('show_footer')) {
$this->displayFooter();
}
$GLOBALS['logic_hook']->call_custom_logic('', 'after_ui_footer');
if ($this->_getOption('json_output')) {
$content = ob_get_clean();
$module = $this->module;
$ajax_ret = array('content' => mb_detect_encoding($content) == "UTF-8" ? $content : utf8_encode($content), 'menu' => array('module' => $module, 'label' => translate($module), $this->getMenu($module)), 'title' => $this->getBrowserTitle(), 'action' => isset($_REQUEST['action']) ? $_REQUEST['action'] : "", 'record' => isset($_REQUEST['record']) ? $_REQUEST['record'] : "", 'favicon' => $this->getFavicon());
if (SugarThemeRegistry::current()->name == 'Classic') {
$ajax_ret['moduleList'] = $this->displayHeader(true);
}
if (empty($this->responseTime)) {
$this->_calculateFooterMetrics();
}
$ajax_ret['responseTime'] = $this->responseTime;
$json = getJSONobj();
echo $json->encode($ajax_ret);
$GLOBALS['app']->headerDisplayed = false;
ob_flush();
}
//Do not track if there is no module or if module is not a String
$this->_track();
}
/**
* Log out of the session. This will destroy the session and prevent other's from using it.
*
* @param String $session -- Session ID returned by a previous call to login.
* @return Empty
* @exception 'SoapFault' -- The SOAP error, if any
*/
function logout($session)
{
global $current_user;
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->logout');
$error = new SoapError();
LogicHook::initialize();
if (!self::$helperObject->checkSessionAndModuleAccess($session, 'invalid_session', '', '', '', $error)) {
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
$GLOBALS['log']->info('End: SugarWebServiceImpl->logout');
return;
}
// if
$current_user->call_custom_logic('before_logout');
session_destroy();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
$GLOBALS['log']->info('End: SugarWebServiceImpl->logout');
}
function startSession()
{
$sessionIdCookie = isset($_COOKIE['PHPSESSID']) ? $_COOKIE['PHPSESSID'] : null;
if (isset($_REQUEST['MSID'])) {
session_id($_REQUEST['MSID']);
session_start();
if (!isset($_SESSION['user_id'])) {
if (isset($_COOKIE['PHPSESSID'])) {
self::setCookie('PHPSESSID', '', time() - 42000, '/');
}
sugar_cleanup(false);
session_destroy();
exit('Not a valid entry method');
}
} else {
if (can_start_session()) {
session_start();
}
}
//set the default module to either Home or specified default
$default_module = !empty($GLOBALS['sugar_config']['default_module']) ? $GLOBALS['sugar_config']['default_module'] : 'Home';
//set session expired message if login module and action are set to a non login default
//AND session id in cookie is set but super global session array is empty
if (isset($_REQUEST['login_module']) && isset($_REQUEST['login_action']) && !($_REQUEST['login_module'] == $default_module && $_REQUEST['login_action'] == 'index')) {
if (!is_null($sessionIdCookie) && empty($_SESSION)) {
self::setCookie('loginErrorMessage', 'LBL_SESSION_EXPIRED', time() + 30, '/');
}
}
LogicHook::initialize()->call_custom_logic('', 'after_session_start');
}
/**
* Handle exception
* @param Exception $e
*/
protected function handleException(Exception $e)
{
$GLOBALS['log']->fatal('Exception in Controller: ' . $e->getMessage());
$logicHook = new LogicHook();
if (isset($this->bean)) {
$logicHook->setBean($this->bean);
$logicHook->call_custom_logic($this->bean->module_dir, "handle_exception", $e);
} else {
$logicHook->call_custom_logic('', "handle_exception", $e);
}
}
/**
* Called when a user requests to logout. Should invalidate the session and redirect
* to the login page.
*/
public function logout()
{
$GLOBALS['current_user']->call_custom_logic('before_logout');
$this->authController->logout();
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout');
}
/**
* Log the user into the application
*
* @param UserAuth array $user_auth -- Set user_name and password (password needs to be
* in the right encoding for the type of authentication the user is setup for. For Base
* sugar validation, password is the MD5 sum of the plain text password.
* @param String $application -- The name of the application you are logging in from. (Currently unused).
* @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported
* @return Array - id - String id is the session_id of the session that was created.
* - module_name - String - module name of user
* - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name,
* - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat
* @exception 'SoapFault' -- The SOAP error, if any
*/
public function login($user_auth, $application, $name_value_list = array())
{
$GLOBALS['log']->info('Begin: SugarWebServiceImpl->login');
global $sugar_config;
$error = new SoapError();
$user = BeanFactory::getBean('Users');
$success = false;
$authController = AuthenticationController::getInstance();
if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN' && $authController->authController->userAuthenticateClass != "LDAPAuthenticateUser") {
$user_auth['password'] = md5($user_auth['password']);
}
$isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true));
$usr_id = $user->retrieve_user_id($user_auth['user_name']);
if ($usr_id) {
$user->retrieve($usr_id);
}
if ($isLoginSuccess) {
if ($_SESSION['hasExpiredPassword'] == '1') {
$error->set_error('password_expired');
$GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
}
if (!empty($user) && !empty($user->id) && !$user->is_group) {
$success = true;
global $current_user;
$current_user = $user;
}
} else {
if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') {
$error->set_error('lockout_reached');
$GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']);
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
} else {
if ($authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] !== 'PLAIN')) {
$error->set_error('ldap_error');
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
self::$helperObject->setFaultObject($error);
return;
} else {
if (function_exists('mcrypt_cbc')) {
$password = self::$helperObject->decrypt_string($user_auth['password']);
if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) {
$success = true;
}
}
}
}
}
if ($success) {
session_start();
global $current_user;
//$current_user = $user;
self::$helperObject->login_success($name_value_list);
$current_user->loadPreferences();
$_SESSION['is_valid_session'] = true;
$_SESSION['ip_address'] = query_client_ip();
$_SESSION['user_id'] = $current_user->id;
$_SESSION['type'] = 'user';
$_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user);
$_SESSION['authenticated_user_id'] = $current_user->id;
$_SESSION['unique_key'] = $sugar_config['unique_key'];
$current_user->call_custom_logic('after_login');
$GLOBALS['log']->info('End: SugarWebServiceImpl->login - succesful login');
$nameValueArray = array();
global $current_language;
$nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id);
$nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name);
$nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language);
$cur_id = $current_user->getPreference('currency');
$nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id);
$nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user));
$nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team);
$nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef'));
$nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef'));
$num_grp_sep = $current_user->getPreference('num_grp_sep');
$dec_sep = $current_user->getPreference('dec_sep');
$nameValueArray['user_number_seperator'] = self::$helperObject->get_name_value('user_number_seperator', empty($num_grp_sep) ? $sugar_config['default_number_grouping_seperator'] : $num_grp_sep);
$nameValueArray['user_decimal_seperator'] = self::$helperObject->get_name_value('user_decimal_seperator', empty($dec_sep) ? $sugar_config['default_decimal_seperator'] : $dec_sep);
$nameValueArray['mobile_max_list_entries'] = self::$helperObject->get_name_value('mobile_max_list_entries', $sugar_config['wl_list_max_entries_per_page']);
$nameValueArray['mobile_max_subpanel_entries'] = self::$helperObject->get_name_value('mobile_max_subpanel_entries', $sugar_config['wl_list_max_entries_per_subpanel']);
if ($application == 'mobile') {
$modules = $availModuleNames = array();
$availModules = array_keys($_SESSION['avail_modules']);
//ACL check already performed.
$modules = self::$helperObject->get_visible_mobile_modules($availModules);
$nameValueArray['available_modules'] = $modules;
//Get the vardefs md5
foreach ($modules as $mod_def) {
$availModuleNames[] = $mod_def['module_key'];
}
$nameValueArray['vardefs_md5'] = self::get_module_fields_md5(session_id(), $availModuleNames);
}
$currencyObject = BeanFactory::getBean('Currencies', $cur_id);
$nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name);
$_SESSION['user_language'] = $current_language;
return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray);
}
LogicHook::initialize();
$GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed');
$error->set_error('invalid_login');
self::$helperObject->setFaultObject($error);
$GLOBALS['log']->info('End: SugarWebServiceImpl->login - failed login');
}
/**
* Static Function which returns and instance of LogicHook
*
* @param SugarBean|null $bean
*
* @return LogicHook
*/
public static function instance(SugarBean $bean = null)
{
if (is_null(static::$instance)) {
static::$instance = new static();
}
static::$instance->setBean($bean);
return static::$instance;
}
