public function AuthorizeUser($socservUserFields)
{
global $USER, $APPLICATION;
if (!isset($socservUserFields['XML_ID']) || $socservUserFields['XML_ID'] == '') {
return false;
}
if (!isset($socservUserFields['EXTERNAL_AUTH_ID']) || $socservUserFields['EXTERNAL_AUTH_ID'] == '') {
return false;
}
$oauthKeys = array();
if (isset($socservUserFields["OATOKEN"])) {
$oauthKeys["OATOKEN"] = $socservUserFields["OATOKEN"];
}
if (isset($socservUserFields["REFRESH_TOKEN"]) && $socservUserFields["REFRESH_TOKEN"] !== '') {
$oauthKeys["REFRESH_TOKEN"] = $socservUserFields["REFRESH_TOKEN"];
}
if (isset($socservUserFields["OATOKEN_EXPIRES"])) {
$oauthKeys["OATOKEN_EXPIRES"] = $socservUserFields["OATOKEN_EXPIRES"];
}
$errorCode = SOCSERV_AUTHORISATION_ERROR;
$dbSocUser = UserTable::getList(array('filter' => array('=XML_ID' => $socservUserFields['XML_ID'], '=EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID']), 'select' => array("ID", "USER_ID", "ACTIVE" => "USER.ACTIVE")));
$socservUser = $dbSocUser->fetch();
if ($USER->IsAuthorized()) {
if (!$this->checkRestrictions || !self::isSplitDenied()) {
if (!$socservUser) {
$socservUserFields["USER_ID"] = $USER->GetID();
$result = UserTable::add(UserTable::filterFields($socservUserFields));
$id = $result->getId();
} else {
$id = $socservUser['ID'];
// socservice link split
if ($socservUser['USER_ID'] != $USER->GetID()) {
if ($this->allowChangeOwner) {
$dbSocUser = UserTable::getList(array('filter' => array('=USER_ID' => $USER->GetID(), '=EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID']), 'select' => array("ID")));
if ($dbSocUser->fetch()) {
return SOCSERV_AUTHORISATION_ERROR;
} else {
$oauthKeys['USER_ID'] = $USER->GetID();
$oauthKeys['CAN_DELETE'] = 'Y';
}
} else {
return SOCSERV_AUTHORISATION_ERROR;
}
}
}
if ($_SESSION["OAUTH_DATA"] && is_array($_SESSION["OAUTH_DATA"])) {
$oauthKeys = array_merge($oauthKeys, $_SESSION['OAUTH_DATA']);
unset($_SESSION["OAUTH_DATA"]);
}
UserTable::update($id, $oauthKeys);
} else {
return SOCSERV_REGISTRATION_DENY;
}
} else {
$entryId = 0;
$USER_ID = 0;
if ($socservUser) {
$entryId = $socservUser['ID'];
if ($socservUser["ACTIVE"] === 'Y') {
$USER_ID = $socservUser["USER_ID"];
}
} else {
// check for user with old socialservices linking system (socservice ID in user's EXTERNAL_AUTH_ID)
$dbUsersOld = CUser::GetList($by = 'ID', $ord = 'ASC', array('XML_ID' => $socservUserFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID'], 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1")));
$socservUser = $dbUsersOld->Fetch();
if ($socservUser) {
$USER_ID = $socservUser["ID"];
} else {
// theoretically possible situation with abandoned external user w/o b_socialservices_user entry
$dbUsersNew = CUser::GetList($by = 'ID', $ord = 'ASC', array('XML_ID' => $socservUserFields['XML_ID'], 'EXTERNAL_AUTH_ID' => 'socservices', 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1")));
$socservUser = $dbUsersNew->Fetch();
if ($socservUser) {
$USER_ID = $socservUser["ID"];
} elseif (COption::GetOptionString("main", "new_user_registration", "N") == "Y" && COption::GetOptionString("socialservices", "allow_registration", "Y") == "Y") {
$socservUserFields['PASSWORD'] = randString(30);
//not necessary but...
$socservUserFields['LID'] = SITE_ID;
$def_group = Option::get('main', 'new_user_registration_def_group', '');
if ($def_group != '') {
$socservUserFields['GROUP_ID'] = explode(',', $def_group);
}
if ($this->checkRestrictions && !empty($socservUserFields['GROUP_ID']) && self::isAuthDenied($socservUserFields['GROUP_ID'])) {
$errorCode = SOCSERV_REGISTRATION_DENY;
} else {
$userFields = $socservUserFields;
$userFields["EXTERNAL_AUTH_ID"] = "socservices";
if (isset($userFields['PERSONAL_PHOTO']) && is_array($userFields['PERSONAL_PHOTO'])) {
$res = CFile::CheckImageFile($userFields["PERSONAL_PHOTO"]);
if ($res != '') {
unset($userFields['PERSONAL_PHOTO']);
}
}
$USER_ID = $USER->Add($userFields);
if ($USER_ID <= 0) {
$errorCode = SOCSERV_AUTHORISATION_ERROR;
}
}
} elseif (Option::get("main", "new_user_registration", "N") == "N") {
$errorCode = SOCSERV_REGISTRATION_DENY;
}
$socservUserFields['CAN_DELETE'] = 'N';
}
}
if (isset($_SESSION["OAUTH_DATA"]) && is_array($_SESSION["OAUTH_DATA"])) {
foreach ($_SESSION['OAUTH_DATA'] as $key => $value) {
$socservUserFields[$key] = $value;
}
unset($_SESSION["OAUTH_DATA"]);
}
if ($USER_ID > 0) {
$arGroups = $USER->GetUserGroup($USER_ID);
if ($this->checkRestrictions && self::isAuthDenied($arGroups)) {
return SOCSERV_AUTHORISATION_ERROR;
}
if ($entryId > 0) {
UserTable::update($entryId, UserTable::filterFields($socservUserFields));
} else {
$socservUserFields['USER_ID'] = $USER_ID;
UserTable::add(UserTable::filterFields($socservUserFields));
}
if (isset($socservUserFields["TIME_ZONE_OFFSET"]) && $socservUserFields["TIME_ZONE_OFFSET"] !== null) {
CTimeZone::SetCookieValue($socservUserFields["TIME_ZONE_OFFSET"]);
}
$USER->AuthorizeWithOtp($USER_ID);
if ($USER->IsJustAuthorized()) {
ContactTable::onUserLoginSocserv($socservUserFields);
foreach (GetModuleEvents("socialservices", "OnUserLoginSocserv", true) as $arEvent) {
ExecuteModuleEventEx($arEvent, array($socservUserFields));
}
}
} else {
return $errorCode;
}
// possible redirect after authorization, so no spreading. Store cookies in the session for next hit
$APPLICATION->StoreCookies();
}
return true;
}
