/** * Set user related info after login success * @param CFilterChain $filterChain the filter chain that the filter is on. * @return boolean whether the filtering process should continue and the action * should be executed. */ public static function setUserInfo() { $userId = Yii::app()->user->id; $accessableProducts = TestUserService::getAccessableProduct($userId); if (empty($accessableProducts)) { Yii::app()->user->logout(); return Yii::t('LoginForm', 'no accessable product'); } $productCookieKey = $userId . "_product"; $productIdArr = array(); foreach ($accessableProducts as $productInfo) { $productOptions[$productInfo['id']] = $productInfo['name']; $productIdArr[] = $productInfo['id']; } $cookies = Yii::app()->request->getCookies(); if (empty($cookies[$productCookieKey]) || !in_array($cookies[$productCookieKey]->value, $productIdArr)) { $cookie = new CHttpCookie($productCookieKey, $accessableProducts[0]['id']); $cookie->expire = time() + 60 * 60 * 24 * 30; //有限期30天 Yii::app()->request->cookies[$productCookieKey] = $cookie; } Yii::app()->user->setState('product', $cookies[$productCookieKey]->value); Yii::app()->user->setState('visit_product_list', $productOptions); Yii::app()->user->setState('visit_product_id', $productIdArr); Yii::app()->user->setState('system_admin', TestUserService::isSystemAdmin(Yii::app()->user->id)); Yii::app()->user->setState('system_manager', TestUserService::isManager(Yii::app()->user->id)); Yii::app()->user->setState('my_query_div', 1); }
public static function editGroup($params) { $resultInfo = array(); $actionType = BugfreeModel::ACTION_OPEN; $oldRecordAttributs = array(); if (empty($params['id'])) { $group = new UserGroup(); } else { $group = self::loadModel($params['id']); $oldRecordAttributs = $group->attributes; if (!empty($group->group_user)) { $oldRecordAttributs['group_user'] = join(',', $group->group_user); } $oldRecordAttributs['group_manager'] = $group->group_manager; $actionType = BugfreeModel::ACTION_EDIT; } if (!self::isGroupEditable($group->id)) { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail']['id'] = Yii::t('Common', 'Required URL not found or permission denied.'); return $resultInfo; } $group->attributes = $params; if (!$group->save()) { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail'] = $group->getErrors(); } else { Yii::app()->db->createCommand()->delete('{{map_user_group}}', 'user_group_id=:groupId', array(':groupId' => $group->id)); $managerNameArr = CommonService::splitStringToArray(',', $params['group_manager']); $managerIdArr = array(); foreach ($managerNameArr as $mangerName) { $managerInfo = TestUserService::getUserInfoByRealname($mangerName); if ($managerInfo !== null) { $managerIdArr[] = $managerInfo['id']; } } $allUserId = array_unique(array_merge($params['group_user'], $managerIdArr)); foreach ($allUserId as $userId) { $mapUserGroup = new MapUserGroup(); $mapUserGroup->test_user_id = $userId; $mapUserGroup->user_group_id = $group->id; if (in_array($userId, $managerIdArr)) { $mapUserGroup->is_admin = CommonService::$TrueFalseStatus['TRUE']; } else { $mapUserGroup->is_admin = CommonService::$TrueFalseStatus['FALSE']; } $mapUserGroup->save(); } $newRecord = self::loadModel($group->id); if (!empty($newRecord->group_user)) { $newRecord->group_user = join(',', $newRecord->group_user); } $addActionResult = AdminActionService::addActionNotes('user_group', $actionType, $newRecord, $oldRecordAttributs); $resultInfo['status'] = CommonService::$ApiResult['SUCCESS']; $resultInfo['detail'] = array('id' => $group->id); } return $resultInfo; }
/** * Lists all models. */ public function actionIndex() { $pageSize = CommonService::getPageSize(); $criteria = new CDbCriteria(); $name = ''; if (isset($_GET['name'])) { $name = $_GET['name']; $userArr = TestUserService::getUserList($name, 'id'); $criteria->addInCondition('created_by', array_keys($userArr)); $criteria->addSearchCondition('ip', $name, true, 'OR'); } $dataProvider = new CActiveDataProvider('UserLog', array('criteria' => $criteria, 'sort' => array('defaultOrder' => array('id' => true)), 'pagination' => array('pageSize' => $pageSize))); $this->render('index', array('dataProvider' => $dataProvider, 'name' => $name)); }
/** * Authenticates the password. * This is the 'authenticate' validator as declared in rules(). */ public function authenticate($attribute, $params) { if (!$this->hasErrors()) { $identity = new UserIdentity($this->username, $this->password); if (0 == $this->isapi) { $identity->authenticate(); } else { $identity->apiAuthenticate(); } switch ($identity->errorCode) { case UserIdentity::ERROR_NONE: $accessableProducts = TestUserService::getAccessableProduct($identity->getId()); if (empty($accessableProducts)) { $this->addError('username', Yii::t('LoginForm', 'no accessable product')); } else { $duration = 0; if ($this->rememberMe) { // keep login state duration $duration = LoginForm::DURATION; } Yii::app()->user->login($identity, $duration); UserLogService::createUserLog(array('created_by' => Yii::app()->user->id, 'created_at' => date(CommonService::DATE_FORMAT), 'ip' => $_SERVER['REMOTE_ADDR'])); LoginService::setLanguageCookie($this->language); } break; case UserIdentity::ERROR_USERNAME_INVALID: $this->addError('username', Yii::t('LoginForm', 'username is incorrect')); break; case UserIdentity::ERROR_CONNECT: $this->addError('username', Yii::t('LoginForm', 'ldap connect failed')); break; case UserIdentity::ERROR_USER_DISABLED: $this->addError('username', Yii::t('LoginForm', 'user disabled')); break; case UserIdentity::ERROR_LDAP_MISS: $this->addError('username', Yii::t('LoginForm', 'ldap module disabled')); break; case UserIdentity::ERROR_USER_NOT_FOUND: $this->addError('username', Yii::t('LoginForm', 'user not found') . ' <a href="' . Yii::app()->createUrl('site/permission') . '">' . Yii::t('LoginForm', 'permission tips') . '</a>'); break; default: // UserIdentity::ERROR_PASSWORD_INVALID { $this->addError('password', Yii::t('LoginForm', 'password is incorrect')); break; } } }
protected function getProductId($infoType) { if (isset($_GET['product_id'])) { $productId = $_GET['product_id']; if (!Info::isProductAccessable($productId)) { throw new CHttpException(400, Yii::t('Common', 'Required URL not found or permission denied.')); } Yii::app()->user->setState('product', $productId); TestUserService::updateUserProductCookie($productId); return $productId; } else { throw new CHttpException(400, Yii::t('Common', 'Required URL not found or permission denied.')); } }
/** * find user by realname * * @param string $realName * @return array find user info array */ public function findUser($realName) { $code = API::ERROR_NONE; $info = ''; if (empty($realName)) { $code = API::ERROR_USER_EMPTY; $info = Yii::t('API', 'user realname empty error info'); } else { $userInfo = TestUserService::getUserInfoByRealname($realName); if ($userInfo != null) { $info['userinfo'] = $userInfo->attributes; unset($info['userinfo']['password']); } else { $info['userinfo'] = ''; } } return array($code, $info); }
/** * Lists all models. */ public function actionIndex() { $name = ''; $pageSize = CommonService::getPageSize(); $productIdNameArr = ProductService::getActiveProductIdNameArr(); $criteria = new CDbCriteria(); if (CommonService::$TrueFalseStatus['FALSE'] == Yii::app()->user->getState('system_admin')) { $managedProducts = TestUserService::getManagedProduct(Yii::app()->user->id); $criteria->addInCondition('id', $managedProducts); $criteria->addCondition('is_dropped="0"'); } if (isset($_GET['name'])) { $name = $_GET['name']; $criteria->addSearchCondition('name', $name); } $dataProvider = new CActiveDataProvider('Product', array('criteria' => $criteria, 'sort' => array('defaultOrder' => array('is_dropped' => false, 'display_order' => true)), 'pagination' => array('pageSize' => $pageSize))); $this->render('index', array('dataProvider' => $dataProvider, 'name' => $name, 'productIdNameArr' => $productIdNameArr)); }
public function actionUserList() { $q = ''; $type = 'realname'; if (!empty($_GET['q'])) { $q = strtolower($_GET['q']); } if (!empty($_GET['type'])) { $type = $_GET['type']; } $prefixId = 0; if (!empty($_GET['p'])) { $prefixId = $_GET['p']; } $items = TestUserService::getUserList($q, $type); $items = TestUserService::handleActiveClose($prefixId, $q, $items); foreach ($items as $key => $value) { echo "{$key}|{$value}\n"; } }
/** * basic info convert * * @todo convert $action for bug import * * @param array $basicInfo * @param string $infoType * @return string */ private function basicInfoConv($basicInfo, $infoType) { // hard code for productmodule_id if (isset($basicInfo['productmodule_id'])) { $moduleSplitterPos = strpos($basicInfo['productmodule_id'], ProductModule::MODULE_SPLITTER); if (false !== $moduleSplitterPos) { $moduleName = substr($basicInfo['productmodule_id'], $moduleSplitterPos + 1); $moduleInfo = ProductModule::model()->findByAttributes(array('product_id' => $basicInfo['product_id'], 'full_path_name' => $moduleName)); if (!empty($moduleInfo)) { $basicInfo['productmodule_id'] = $moduleInfo->id; } } else { //$basicInfo['productmodule_id'] = 0; } } // hard code for id if (isset($basicInfo['id']) && '' == $basicInfo['id']) { unset($basicInfo['id']); } // hard code for delete_flag if (isset($basicInfo['delete_flag'])) { $basicInfo['delete_flag'] = CommonService::getTrueFalseValue($basicInfo['delete_flag']); } if (isset($basicInfo['priority'])) { if (Info::TYPE_CASE == $infoType) { $basicInfo['priority'] = ProductService::getCasePriorityValueByName($basicInfo['product_id'], $basicInfo['priority']); } else { if (Info::TYPE_BUG == $infoType) { $basicInfo['priority'] = ProductService::getBugPriorityValueByName($basicInfo['product_id'], $basicInfo['priority']); } } } if (isset($basicInfo['severity']) && Info::TYPE_BUG == $infoType) { $basicInfo['severity'] = ProductService::getBugSeverityValueByName($basicInfo['product_id'], $basicInfo['severity']); } // @TODO convert for bug import $bugUserKeyArr = array('resolved_by', 'closed_by'); foreach ($bugUserKeyArr as $bugUserKey) { if (isset($basicInfo[$bugUserKey])) { $resolvedByInfo = TestUserService::getUserInfoByRealname($basicInfo[$bugUserKey]); if (!empty($resolvedByInfo)) { $basicInfo[$bugUserKey] = $resolvedByInfo['id']; } else { unset($basicInfo[$bugUserKey]); } } } $bugDateKeyArr = array('resolved_at', 'closed_at'); foreach ($bugDateKeyArr as $bugDateKey) { if (empty($basicInfo[$bugDateKey])) { unset($basicInfo[$bugDateKey]); } } return $basicInfo; }
public function actionDisable() { $userInfo['id'] = $_GET['id']; $userInfo['is_dropped'] = $_GET['is_dropped']; $editResult = TestUserService::editUser($userInfo, TestUserService::ADMIN_EDIT_USER); if ($editResult['status'] == CommonService::$ApiResult['SUCCESS']) { echo ''; } else { echo Yii::t('Common', 'Operate failed'); } }
echo $actionName; ?> </h2> <hr /> <?php //lock_version should be the keyword to check if this record has been modified by other action echo $form->hiddenField($model, 'lock_version', array('value' => $model->lock_version)); ?> <div class="row"> <?php if ($model->isNewRecord) { echo $form->label($model, 'authmode'); echo $form->dropDownList($model, 'authmode', TestUserService::getAuthModeOptions(), array('onchange' => 'setInternalInfo($(this).val())', 'class' => 'required')); } else { echo $form->label($model, 'authmode'); echo CHtml::encode(TestUserService::getModeMessage($model->authmode)); } ?> </div> <div class="row"> <?php if ($model->isNewRecord) { echo $form->label($model, 'username'); echo $form->textField($model, 'username', array('size' => 45, 'maxlength' => 45, 'class' => 'required')); } else { echo $form->label($model, 'username'); echo CHtml::encode($model->username); } ?>
/** * authenticate * if user account is not existed, register it automatically * if ladp connect failed, use the database data to validate * after each ldap validation, update the user information to database * */ public function authenticate() { $user = TestUser::model()->findByAttributes(array('username' => $this->username)); if ($user == null) { $this->errorCode = self::ERROR_USER_NOT_FOUND; } else { if (CommonService::$TrueFalseStatus['TRUE'] == $user->is_dropped) { $this->errorCode = self::ERROR_USER_DISABLED; return !$this->errorCode; } if (TestUser::$Authmode['ldap'] == $user->authmode) { $ldap = new LdapService($this->username, $this->password); $userInfoArr = $ldap->search(); if (LdapService::ERROR_LDAP_MISS == $ldap->errorCode) { $this->errorCode = self::ERROR_LDAP_MISS; } else { if (LdapService::ERROR_CONNECT == $ldap->errorCode || LdapService::ERROR_BIND == $ldap->errorCode) { if (md5($this->password) !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->username = $user->username; $this->setState('realname', $user->realname); $this->setState('username', $user->username); $this->errorCode = self::ERROR_NONE; } } else { if (LdapService::ERROR_NONE == $ldap->errorCode) { if (empty($userInfoArr)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $userInfo = $userInfoArr; $userInfo['id'] = $user->id; $userInfo['password'] = $this->password; $result = TestUserService::editUser($userInfo, TestUserService::LDAP_UPDATE_USER); if (CommonService::$ApiResult['SUCCESS'] == $result['status']) { $userNew = TestUser::model()->findByPk($user->id); $newRealName = $userNew['realname']; $this->_id = $user->id; $this->errorCode = self::ERROR_NONE; $this->setState('realname', $newRealName); $this->setState('username', $user->username); } else { $this->errorCode = self::ERROR_PASSWORD_INVALID; } } } } } } else { if (md5($this->password) !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->username = $user->username; $this->setState('realname', $user->realname); $this->setState('username', $user->username); $this->errorCode = self::ERROR_NONE; } } } return !$this->errorCode; }
/** * Get query string with one field * * @author Yupeng Lee<*****@*****.**> * @param string $fieldName FieldName * @param string $operatorName =,<,>,<= eg. * @param string $fieldValue FieldValue * @return string Query string for SQL */ private static function baseGetFieldQueryStr($searchFieldConfig, $type, $fieldName, $operatorName, $fieldValue) { $basicTableName = '{{' . $type . 'view}}'; $fieldValue = trim($fieldValue); $fieldValue = addslashes($fieldValue); //handle search value %,_ if ($operatorName == 'LIKE' || $operatorName == 'NOT LIKE') { $fieldValue = str_replace('%', '\\%', $fieldValue); $fieldValue = str_replace('_', '\\_', $fieldValue); } $queryStr = ''; if ($fieldValue == '') { return self::handleEmptyQuery($searchFieldConfig, $basicTableName, $fieldName, $operatorName, $fieldValue); } elseif (Info::MARK == $fieldName) { $inOrNotIn = ' not in '; if ('1' == $fieldValue) { $inOrNotIn = ' in '; } return $basicTableName . '.id ' . $inOrNotIn . ' (select info_id from {{map_user_' . $type . '}} where test_user_id=' . Yii::app()->user->id . ')'; } elseif ('delete_flag' == $fieldName) { $fieldValue = CommonService::getTrueFalseValue($fieldValue); } //basic search field's name should be transfer to user id $fieldType = $searchFieldConfig[$fieldName]['type']; if (Info::$InputType['date'] == $fieldType) { //date related search if (preg_match('/^-?[1-9]\\d*$|^0$/', $fieldValue)) { //如果输入为整数,则进行日期的换算 $fieldValue = date("Y-m-d", mktime(0, 0, 0, date("m"), date("d") + $fieldValue, date("Y"))); } } elseif (Info::$InputType['multipeople'] == $fieldType && true == $searchFieldConfig[$fieldName]['isBasic']) { $userNameArr = CommonService::splitStringToArray(',', $fieldValue); $userIdArr = array(); foreach ($userNameArr as $userName) { $userInfo = TestUserService::getUserInfoByRealname($userName); if (empty($userInfo)) { $userIdArr[] = '-99999'; } else { $userIdArr[] = $userInfo['id']; } } $fieldValue = join(',', $userIdArr); } if ($operatorName == 'LIKE') { $queryStr = "LIKE '%{$fieldValue}%' "; } elseif ($operatorName == 'NOT LIKE') { $queryStr = "NOT LIKE '%{$fieldValue}%' "; } elseif ($operatorName == 'UNDER') { $queryStr = "LIKE '{$fieldValue}%' "; } elseif ($operatorName == '!=') { if (Info::$InputType['date'] == $fieldType) { $queryStr = "NOT " . self::sysStrToDateSql($fieldValue); } else { $queryStr = "<> '" . $fieldValue . "' "; } } elseif ($operatorName == '=') { if (Info::$InputType['date'] == $fieldType) { $queryStr = self::sysStrToDateSql($fieldValue); } elseif (Info::$InputType['multipeople'] == $fieldType) { $queryStr = "LIKE '%" . $fieldValue . "%' "; } else { $queryStr = $operatorName . " '{$fieldValue}' "; } } elseif ($operatorName == 'IN') { $fieldValueArr = CommonService::splitStringToArray(',', $fieldValue); $inValueStr = ''; foreach ($fieldValueArr as $valueTmp) { if ('' == $inValueStr) { $inValueStr = '"' . $valueTmp . '"'; } else { $inValueStr .= ',"' . $valueTmp . '"'; } } $queryStr = "IN ({$inValueStr}) "; } else { if (($operatorName == '>' || $operatorName == '<=') && Info::$InputType['date'] == $fieldType) { $dateTimeArray = explode(" ", self::sysStrToDateSql($fieldValue)); $fieldValue = $dateTimeArray[4] . ' ' . $dateTimeArray[5]; $queryStr = $operatorName . " {$fieldValue} "; } elseif (($operatorName == '>=' || $operatorName == '<') && Info::$InputType['date'] == $fieldType) { $dateTimeArray = explode(" ", self::sysStrToDateSql($fieldValue)); $fieldValue = $dateTimeArray[1] . ' ' . $dateTimeArray[2]; $queryStr = $operatorName . " {$fieldValue} "; } else { $queryStr = $operatorName . " '{$fieldValue}' "; } } if ('' != $queryStr) { if (true == $searchFieldConfig[$fieldName]['isBasic']) { $fieldName = $basicTableName . '.' . $fieldName; } if ($operatorName == 'UNDER') { $likeFieldValue = str_replace('%', '\\%', $fieldValue); $likeFieldValue = str_replace('_', '\\_', $likeFieldValue); $queryStr = '(' . $fieldName . " LIKE '{$likeFieldValue}" . ProductModule::MODULE_SPLITTER . "%' or " . $fieldName . " = '{$fieldValue}')"; } else { $queryStr = $fieldName . ' ' . $queryStr; } } if ($operatorName == '!=') { $queryStr = '(' . $queryStr . ' or ' . $fieldName . ' is null or ' . $fieldName . ' ="")'; } return $queryStr; }