/**
* @dataProvider providerTestMigration
*/
public function testMigration($kuserId)
{
$this->assertNull($this->kuser);
$this->kuser = kuserPeer::retrieveByPK($kuserId);
$this->assertNotNull($this->kuser);
$this->assertEquals($this->kuser->getFullName(), trim($this->kuser->getFirstName() . ' ' . $this->kuser->getLastName()));
if ($this->kuser->getSalt() && $this->kuser->getSha1Password() && in_array($this->kuser->getPartnerId(), $this->loginPartnerIds)) {
$this->assertTrue($this->kuser->getLoginDataId());
$loginData1 = UserLoginDataPeer::retrieveByPK($this->kuser->getLoginDataId());
$this->assertNotNull($loginData1);
$loginData2 = UserLoginDataPeer::getByEmail($this->kuser->getEmail());
$this->assertNotNull($loginData2);
$this->assertEquals($loginData1->getId(), $loginData2->getId());
$this->assertEquals($this->kuser->getSalt(), $loginData2->getSalt());
$this->assertEquals($this->kuser->getSha1Password(), $loginData2->getSha1Password());
$this->assertEquals($this->kuser->getEmail(), $loginData2->getLoginEmail());
$c = new Criteria();
$c->addAnd(UserLoginDataPeer::LOGIN_EMAIL, $this->kuser->getEmail());
$loginDatas = UserLoginDataPeer::doSelect($c);
$this->assertEquals(count($loginDatas), 1);
$this->assertEquals($loginDatas[0]->getId(), $loginData1->getId());
$allKusers = kuserPeer::getByLoginDataAndPartner($this->kuser->getLoginDataId(), $this->kuser->getPartnerId());
$this->assertEquals(count($allKusers), 1);
} else {
if ($this->kuser->getPartnerId() != $this->adminConsolePartnerId && substr($this->kuser->getPuserId(), 0, 9) != '__ADMIN__') {
$this->assertNull($this->kuser->getLoginDataId());
}
}
if ($this->kuser->getPartnerId() == $this->adminConsolePartnerId || substr($this->kuser->getPuserId(), 0, 9) == '__ADMIN__') {
$this->assertTrue($this->kuser->getIsAdmin());
} else {
$this->assertFalse($this->kuser->getIsAdmin());
}
if ($this->kuser->getIsAdmin()) {
$this->assertTrue($this->kuser->getIsAdmin());
}
}
}
$new_kuser = new kuser();
$new_login_data = new UserLoginData();
$partner = PartnerPeer::retrieveByPK($user->getPartnerId());
if (!$partner) {
KalturaLog::alert('!!! ERROR - Partner ID [' . $user->getPartnerId() . '] not found on DB but set for admin user id [' . $lastUser . '] !!!');
echo '!!! ERROR - Partner ID [' . $user->getPartnerId() . '] not found on DB but set for admin user id [' . $lastUser . '] !!!';
continue;
}
list($firstName, $lastName) = kString::nameSplit($user->getFullName());
$c = new Criteria();
$c->addAnd(UserLoginDataPeer::LOGIN_EMAIL, $user->getEmail());
$existing_login_data = UserLoginDataPeer::doSelectOne($c);
if ($existing_login_data) {
if ($user->getPartnerId() === $existing_login_data->getConfigPartnerId()) {
$checkKuser = kuserPeer::getByLoginDataAndPartner($existing_login_data->getId(), $user->getPartnerId());
if ($checkKuser && $checkKuser->getIsAdmin()) {
KalturaLog::notice('!!! NOTICE - Existing ADMIN login data found with id [' . $existing_login_data->getId() . '] partner [' . $existing_login_data->getConfigPartnerId() . '] - skipping user id [' . $lastUser . '] of partner [' . $user->getPartnerId() . '] since this was probably caused by a bug');
echo '!!! NOTICE - Existing ADMIN login data found with id [' . $existing_login_data->getId() . '] partner [' . $existing_login_data->getConfigPartnerId() . '] - skipping user id [' . $lastUser . '] of partner [' . $user->getPartnerId() . '] since this was probably caused by a bug';
continue;
}
}
KalturaLog::alert('!!! ERROR - Existing login data found with id [' . $existing_login_data->getId() . '] partner [' . $existing_login_data->getConfigPartnerId() . '] - skipping user id [' . $lastUser . '] of partner [' . $user->getPartnerId() . '] !!!!');
echo '!!! ERROR - Existing login data found with id [' . $existing_login_data->getId() . '] partner [' . $existing_login_data->getConfigPartnerId() . '] - skipping user id [' . $lastUser . '] of partner [' . $user->getPartnerId() . '] !!!!';
continue;
}
$new_login_data->setConfigPartnerId($user->getPartnerId());
$new_login_data->setLoginEmail($user->getEmail());
$new_login_data->setFirstName($firstName);
$new_login_data->setLastName($lastName);
$new_login_data->setSalt($user->getSalt());
/**
* Adds a new user login data record
* @param unknown_type $loginEmail
* @param unknown_type $password
* @param unknown_type $partnerId
* @param unknown_type $firstName
* @param unknown_type $lastName
* @param bool $checkPasswordStructure backward compatibility - some extensions are registering a partner and setting its first password without checking its structure
*
* @throws kUserException::INVALID_EMAIL
* @throws kUserException::INVALID_PARTNER
* @throws kUserException::PASSWORD_STRUCTURE_INVALID
* @throws kUserException::LOGIN_ID_ALREADY_USED
* @throws kUserException::ADMIN_LOGIN_USERS_QUOTA_EXCEEDED
*/
public static function addLoginData($loginEmail, $password, $partnerId, $firstName, $lastName, $isAdminUser, $checkPasswordStructure = true, &$alreadyExisted = null)
{
if (!kString::isEmailString($loginEmail)) {
throw new kUserException('', kUserException::INVALID_EMAIL);
}
$partner = partnerPeer::retrieveByPK($partnerId);
if (!$partner) {
throw new kUserException('', kUserException::INVALID_PARTNER);
}
if ($isAdminUser) {
$userQuota = $partner->getAdminLoginUsersQuota();
$adminLoginUsersNum = $partner->getAdminLoginUsersNumber();
// check if login users quota exceeded - value -1 means unlimited
if ($adminLoginUsersNum && (is_null($userQuota) || $userQuota != -1 && $userQuota <= $adminLoginUsersNum)) {
throw new kUserException('', kUserException::ADMIN_LOGIN_USERS_QUOTA_EXCEEDED);
}
}
$existingData = self::getByEmail($loginEmail);
if (!$existingData) {
if ($checkPasswordStructure && !UserLoginDataPeer::isPasswordStructureValid($password)) {
throw new kUserException('', kUserException::PASSWORD_STRUCTURE_INVALID);
}
// create a new login data record
$loginData = new UserLoginData();
$loginData->setConfigPartnerId($partnerId);
$loginData->setLoginEmail($loginEmail);
$loginData->setFirstName($firstName);
$loginData->setLastName($lastName);
$loginData->setPassword($password);
$loginData->setLoginAttempts(0);
$loginData->setLoginBlockedUntil(null);
$loginData->resetPreviousPasswords();
$loginData->save();
// now $loginData has an id and hash key can be generated
$hashKey = $loginData->newPassHashKey();
$loginData->setPasswordHashKey($hashKey);
$loginData->save();
$alreadyExisted = false;
return $loginData;
} else {
// add existing login data if password is valid
$existingKuser = kuserPeer::getByLoginDataAndPartner($existingData->getId(), $partnerId);
if ($existingKuser) {
// partner already has a user with the same login data
throw new kUserException('', kUserException::LOGIN_ID_ALREADY_USED);
}
KalturaLog::debug('Existing login data with the same email & password exists - returning id [' . $existingData->getId() . ']');
$alreadyExisted = true;
if ($isAdminUser && !$existingData->isLastLoginPartnerIdSet()) {
$existingData->setLastLoginPartnerId($partnerId);
$existingData->save();
}
return $existingData;
}
}
/**
* Tests UserService->addAction()
*/
public function testAddAction()
{
$this->startSession(KalturaSessionType::ADMIN, null);
$this->dummyPartner->setAdminLoginUsersQuota(5);
$this->dummyPartner->save();
// -- add a normal end user
$newUser = $this->createUser(false, false, __FUNCTION__);
// check the returned user
$createdUser = $this->addUser($newUser);
$this->assertNotNull($createdUser);
$this->assertEquals($newUser->id, $createdUser->id);
$this->assertEquals($newUser->email, $createdUser->email);
$this->assertEquals($newUser->firstName, $createdUser->firstName);
$this->assertEquals($newUser->lastName, $createdUser->lastName);
$this->assertEquals('', $createdUser->roleIds);
// check the user returned from the api
$getUser = $this->client->user->get($newUser->id);
$this->assertNotNull($getUser);
$this->assertEquals($createdUser, $getUser);
$dbUser = kuserPeer::getKuserByPartnerAndUid(self::TEST_PARTNER_ID, $newUser->id);
$this->assertNotNull($dbUser);
// check that no login data was created
$this->assertNull($dbUser->getLoginDataId());
$this->assertFalse($getUser->loginEnabled);
$newUser = null;
$getUser = null;
$createdUser = null;
$newUserId = null;
// -- add a login end user
$newUser = $this->createUser(true, false, __FUNCTION__);
$createdUser = $this->addUser($newUser);
$this->assertEquals($newUser->id, $createdUser->id);
$this->assertEquals($newUser->email, $createdUser->email);
$this->assertEquals($newUser->firstName, $createdUser->firstName);
$this->assertEquals($newUser->lastName, $createdUser->lastName);
$this->assertEquals('', $createdUser->roleIds);
$dbUser = kuserPeer::getKuserByPartnerAndUid(self::TEST_PARTNER_ID, $newUser->id);
$this->assertNotNull($dbUser);
// check the user returned from the api
$getUser = $this->client->user->get($newUser->id);
$this->assertNotNull($getUser);
$this->assertEquals($createdUser, $getUser);
// check that login data was created
$this->assertNotNull($dbUser->getLoginDataId());
$loginData = UserLoginDataPeer::retrieveByPK($dbUser->getLoginDataId());
$this->assertTrue($getUser->loginEnabled);
$this->assertEquals($dbUser->getLoginDataId(), $loginData->getId());
$dbUser2 = kuserPeer::getByLoginDataAndPartner($dbUser->getLoginDataId(), self::TEST_PARTNER_ID);
$this->assertNotNull($dbUser2);
$this->assertEquals($dbUser, $dbUser2);
$this->assertEquals($newUser->firstName, $loginData->getFirstName());
$this->assertEquals($newUser->lastName, $loginData->getLastName());
$this->assertEquals($newUser->email, $loginData->getLoginEmail());
$this->assertEquals(self::TEST_PARTNER_ID, $loginData->getConfigPartnerId());
// try to login with the new data and check that ks is not an admin ks
$ks = $this->client->user->loginByLoginId($getUser->email, $newUser->password, self::TEST_PARTNER_ID);
$this->assertNotNull($ks);
$ks = kSessionUtils::crackKs($ks);
$this->assertNotNull($ks);
$this->assertFalse($ks->isAdmin());
$ks2 = $this->client->user->login(self::TEST_PARTNER_ID, $newUser->id, $newUser->password);
$this->assertNotNull($ks2);
$ks2 = kSessionUtils::crackKs($ks2);
$this->assertNotNull($ks2);
$this->assertFalse($ks2->isAdmin());
}
/**
* Disallow user to login with an id/password.
* Passing either a loginId or a userId is allowed.
*
* @action disableLogin
*
* @param string $userId
* @param string $loginId
*
* @return KalturaUser
*
* @throws KalturaErrors::USER_LOGIN_ALREADY_DISABLED
* @throws KalturaErrors::PROPERTY_VALIDATION_CANNOT_BE_NULL
* @throws KalturaErrors::USER_NOT_FOUND
* @throws KalturaErrors::CANNOT_DISABLE_LOGIN_FOR_ADMIN_USER
*
*/
public function disableLoginAction($userId = null, $loginId = null)
{
if (!$loginId && !userId) {
throw new KalturaAPIException(KalturaErrors::PROPERTY_VALIDATION_CANNOT_BE_NULL, 'userId');
}
$user = null;
try {
if ($loginId) {
$loginData = UserLoginDataPeer::getByEmail($loginId);
if (!$loginData) {
throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND);
}
$user = kuserPeer::getByLoginDataAndPartner($loginData->getId(), $this->getPartnerId());
} else {
$user = kuserPeer::getKuserByPartnerAndUid($this->getPArtnerId(), $userId);
}
if (!$user) {
throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND);
}
$user->disableLogin();
} catch (Exception $e) {
$code = $e->getCode();
if ($code == kUserException::USER_LOGIN_ALREADY_DISABLED) {
throw new KalturaAPIException(KalturaErrors::USER_LOGIN_ALREADY_DISABLED);
}
if ($code == kUserException::CANNOT_DISABLE_LOGIN_FOR_ADMIN_USER) {
throw new KalturaAPIException(KalturaErrors::CANNOT_DISABLE_LOGIN_FOR_ADMIN_USER);
}
throw $e;
}
$apiUser = new KalturaUser();
$apiUser->fromObject($user);
return $apiUser;
}
