/**
  * Set user as a current if they are valid
  *
  * @param PFUser $user
  * @throws User_StatusDeletedException
  * @throws User_StatusSuspendedException
  * @throws User_StatusInvalidException
  * @throws User_StatusPendingException
  * @throws User_PasswordExpiredException
  */
 public function validateAndSetCurrentUser(PFUser $user)
 {
     $status_manager = new User_UserStatusManager();
     $status_manager->checkStatus($user);
     $this->password_expiration_checker->checkPasswordLifetime($user);
     $this->user_manager->setCurrentUser($user);
 }
 /**
  * Check URL is valid and redirect to the right host/url if needed.
  *
  * Force SSL mode if required except if request comes from localhost, or for api scripts
  *
  * Limit responsability of each method for sake of simplicity. For instance:
  * getRedirectionURL will not check all the server name or script name details
  * (localhost, api, etc). It only cares about generating the right URL.
  * 
  * @param Array $server
  *
  * @return void
  */
 public function assertValidUrl($server)
 {
     if (!$this->isException($server)) {
         $this->verifyProtocol($server);
         $this->verifyHost($server);
         $this->verifyRequest($server);
         $chunks = $this->getUrlChunks();
         if (isset($chunks)) {
             $location = $this->getRedirectionURL($server);
             $this->header($location);
         }
         $user = $this->getCurrentUser();
         $url = $this->getUrl();
         try {
             if (!$user->isAnonymous()) {
                 $password_expiration_checker = new User_PasswordExpirationChecker();
                 $password_expiration_checker->checkPasswordLifetime($user);
             }
             $group_id = isset($GLOBALS['group_id']) ? $GLOBALS['group_id'] : $url->getGroupIdFromUrl($server['REQUEST_URI']);
             if ($group_id) {
                 $project = $this->getProjectManager()->getProject($group_id);
                 $this->userCanAccessProject($user, $project);
             } else {
                 $this->checkRestrictedAccess($server);
             }
             return true;
         } catch (Project_AccessRestrictedException $exception) {
             $this->displayRestrictedUserError($url);
         } catch (Project_AccessPrivateException $exception) {
             $this->displayPrivateProjectError($url);
         } catch (Project_AccessProjectNotFoundException $exception) {
             $this->exitError($GLOBALS['Language']->getText('include_html', 'g_not_exist'), $exception->getMessage());
         } catch (Project_AccessDeletedException $exception) {
             $this->exitError($GLOBALS['Language']->getText('include_session', 'insufficient_g_access'), $exception->getMessage());
         } catch (User_PasswordExpiredException $exception) {
             if (!$this->isPageAllowedWhenPasswordExpired($server)) {
                 $GLOBALS['Response']->addFeedback(Feedback::ERROR, $GLOBALS['Language']->getText('include_account', 'change_pwd_err'));
                 $GLOBALS['Response']->redirect('/account/change_pw.php?user_id' . $user->getId());
             }
         }
     }
 }
Example #3
0
 /**
  * Login the user
  *
  * @deprected
  * @param $name string The login name submitted by the user
  * @param $pwd string The password submitted by the user
  * @param $allowpending boolean True if pending users are allowed (for verify.php). Default is false
  * @return PFUser Registered user or anonymous if the authentication failed
  */
 function login($name, $pwd, $allowpending = false)
 {
     try {
         $password_expiration_checker = new User_PasswordExpirationChecker();
         $password_handler = PasswordHandlerFactory::getPasswordHandler();
         $login_manager = new User_LoginManager(EventManager::instance(), $this, $password_expiration_checker, $password_handler);
         $status_manager = new User_UserStatusManager();
         $user = $login_manager->authenticate($name, $pwd);
         if ($allowpending) {
             $status_manager->checkStatusOnVerifyPage($user);
         } else {
             $status_manager->checkStatus($user);
         }
         $this->openWebSession($user);
         $password_expiration_checker->checkPasswordLifetime($user);
         $password_expiration_checker->warnUserAboutPasswordExpiration($user);
         $this->warnUserAboutAuthenticationAttempts($user);
         return $this->setCurrentUser($user);
     } catch (User_InvalidPasswordWithUserException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
         $accessInfo = $this->getUserAccessInfo($exception->getUser());
         $this->getDao()->storeLoginFailure($name, $_SERVER['REQUEST_TIME']);
     } catch (User_InvalidPasswordException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
     } catch (User_PasswordExpiredException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
         $GLOBALS['Response']->redirect('/account/change_pw.php?user_id=' . $exception->getUser()->getId());
     } catch (User_StatusInvalidException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
     } catch (SessionNotCreatedException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
     } catch (User_LoginException $exception) {
         $GLOBALS['Response']->addFeedback(Feedback::ERROR, $exception->getMessage());
     }
     return $this->setCurrentUser($this->createAnonymousUser());
 }