public function putVerify($verificationKey)
{
$emailVerification = EmailVerification::where('verification_key', '=', $verificationKey)->first();
$emailVerification->verify_date = new DateTime();
$userAccount = UserAccount::where('user_uid', '=', $emailVerification->user_uid)->first();
$user = User::getIndex($emailVerification->user_uid);
$username = $user->username;
$user->email = $emailVerification->email;
unset($user->owner);
unset($user->username);
$errors = array();
if ($userAccount->email_verified_flag != 1 || $user->isValid($errors)) {
$user->username = $username;
$user->modify();
} else {
$message = "This request could not be processed due to the following:<br/><br/>";
$message .= implode('<br/>', $errors);
$message .= "<br/><br/>If you believe this to be in error or a security issue, please contact the SWAMP immediately.";
return Response::make($message, 500);
}
// automatically send welcome email iff email has never been verified
//
if ($userAccount->email_verified_flag != 1) {
Mail::send('emails.welcome', array('user' => $user, 'logo' => Config::get('app.cors_url') . '/images/logos/swamp-logo-small.png', 'manual' => Config::get('app.cors_url') . '/documentation/SWAMP-UserManual.pdf'), function ($message) use($user) {
$message->to($user->email, $user->getFullName());
$message->subject('Welcome to the Software Assurance Marketplace');
});
}
$userAccount->email_verified_flag = 1;
$userAccount->save();
$emailVerification->save();
return Response::make('This email address has been verified.', 200);
}
public function deleteIndex($userUid)
{
$userAccount = UserAccount::where('user_uid', '=', $userUid)->first();
$userAccount->admin_flag = 0;
$userAccount->save();
return $userAccount;
}
public static function modifyPassword($user, $password)
{
// create LDAP connection
//
$ldapConnectionConfig = Config::get('ldap.connections.' . App::environment());
$ldapHost = $ldapConnectionConfig['host'];
$ldapPort = $ldapConnectionConfig['port'];
$ldapConnection = ldap_connect($ldapHost, $ldapPort);
if ($ldapConnection) {
// query LDAP for user info
//
ldap_set_option($ldapConnection, LDAP_OPT_PROTOCOL_VERSION, 3);
$ldapUser = $ldapConnectionConfig['users']['password_set_user'];
$ldapbind = ldap_bind($ldapConnection, $ldapUser['user'], $ldapUser['password']);
$dn = 'swampUuid=' . $user->user_uid . ',ou=people,o=SWAMP,dc=cosalab,dc=org';
$response = ldap_modify($ldapConnection, $dn, array('userPassword' => $password));
// close LDAP connection
//
ldap_close($ldapConnection);
// update user_account entry
//
$userAccount = UserAccount::where('user_uid', '=', $user->user_uid)->first();
$userAccount->ldap_profile_update_date = gmdate('Y-m-d H:i:s');
$userAccount->save();
return $user;
}
}
public function requestPermissions($userUid)
{
// Lookup relevant data
//
$active_user = User::getIndex(Session::get('user_uid'));
$user = User::getIndex($userUid);
$permissions = Permission::all();
$user_permissions = UserPermission::where('user_uid', '=', $userUid)->get();
// Permission classification holders
//
$new_permissions = array();
$updated_permissions = array();
// Requests for permissions the user already owns or do not exist should flag an error
//
$valid_permissions = [];
foreach ($permissions as $p) {
$valid_permissions[] = $p->permission_code;
}
if (!in_array(Input::get('permission_code'), $valid_permissions)) {
return Response::make('Invalid permission code detected.', 500);
}
$record = false;
foreach ($user_permissions as $up) {
if ($up->permission_code == Input::get('permission_code')) {
$record = $up;
break;
}
}
// an existing entry did for the permission did not exist for the user
//
if (!$record) {
$record = new UserPermission(array('user_permission_uid' => GUID::create(), 'user_uid' => $userUid, 'permission_code' => Input::get('permission_code'), 'request_date' => gmdate('Y-m-d H:i:s'), 'user_comment' => Input::get('comment')));
if ($meta = $this->getMetaFields()) {
$record->meta_information = $meta;
}
$record->save();
$new_permissions[] = Input::get('title');
// we found an existing entry and update the information
} else {
if ($record->status == 'denied') {
return Response::make('You may not request denied permissions. Please contact SWAMP support staff if you feel permissions have been denied in error.', 400);
}
if ($meta = $this->getMetaFields()) {
$record->meta_information = $meta;
}
$record->request_date = gmdate('Y-m-d H:i:s');
$record->user_comment = Input::get('comment');
$record->save();
$updated_permissions[] = Input::get('title');
}
$admins = UserAccount::where('admin_flag', '=', 1)->get();
foreach ($admins as $admin) {
$admin = User::getIndex($admin->user_uid);
if ($admin && $admin->email && $admin->getFullName()) {
$cfg = array('new_permissions' => $new_permissions, 'updated_permissions' => $updated_permissions, 'url' => Config::get('app.cors_url') ?: '', 'comment' => Input::get('comment'), 'meta_information' => json_decode($record->meta_information, true), 'user' => $user);
Mail::send('emails.permission-request', $cfg, function ($message) use($admin) {
$message->to($admin->email, $admin->getFullName());
$message->subject('SWAMP Permission Request');
});
}
}
// record accepted policy
$permission = Permission::where('permission_code', '=', Input::get('permission_code'))->first();
if ($permission->policy_code) {
$up = UserPolicy::where('user_uid', '=', $user->user_uid)->where('policy_code', '=', $permission->policy_code)->first();
if (!$up) {
$up = new UserPolicy(array('user_policy_uid' => GUID::create(), 'user_uid' => $user->user_uid, 'policy_code' => $permission->policy_code));
}
$up->accept_flag = 1;
$up->save();
}
}
public function add()
{
// check to see if there is an LDAP connection for this environment
//
$ldapConnectionConfig = Config::get('ldap.connections.' . App::environment());
if ($ldapConnectionConfig) {
// use LDAP
//
LDAP::add($this);
} else {
// use SQL / Eloquent
//
$this->save();
}
// check for promo code information
//
$promoCodeId = null;
if (Input::has('promo')) {
$pdo = DB::connection('mysql')->getPdo();
$sth = $pdo->prepare('SELECT * FROM project.promo_code WHERE promo_code = :promo AND expiration_date > NOW()');
$sth->execute(array(':promo' => Input::get('promo')));
$result = $sth->fetchAll(PDO::FETCH_ASSOC);
$promoCodeId = $result != false && sizeof($result) > 0 ? $result[0]['promo_code_id'] : null;
}
// create new user account
//
$userAccount = new UserAccount(array('ldap_profile_update_date' => gmdate('Y-m-d H:i:s'), 'user_uid' => $this->user_uid, 'promo_code_id' => $promoCodeId, 'enabled_flag' => 1, 'owner_flag' => 0, 'admin_flag' => 0, 'email_verified_flag' => 0));
$userAccount->save();
// create linked account
//
if (Input::has('user_external_id') && Input::has('linked_account_provider_code')) {
$linkedAccount = new LinkedAccount(array('user_external_id' => Input::get('user_external_id'), 'linked_account_provider_code' => Input::get('linked_account_provider_code'), 'enabled_flag' => 1, 'user_uid' => $this->user_uid, 'create_date' => gmdate('Y-m-d H:i:s')));
$linkedAccount->save();
$userEvent = new UserEvent(array('user_uid' => $this->user_uid, 'event_type' => 'linkedAccountCreated', 'value' => json_encode(array('linked_account_provider_code' => 'github', 'user_external_id' => $linkedAccount->user_external_id, 'user_ip' => $_SERVER['REMOTE_ADDR']))));
$userEvent->save();
}
return $this;
}
