function import_to_stormpath() { $dbprefix = elgg_get_config('dbprefix'); $subject = elgg_get_plugin_setting('import_subject', PLUGIN_ID); $message = elgg_get_plugin_setting('import_message', PLUGIN_ID); $site = elgg_get_site_entity(); $site_url = elgg_get_site_url(); if (!$subject || !$message) { error_log('no subject/message'); return true; } if (is_elgg18()) { $name_id = add_metastring('__stormpath_user'); $value_id = add_metastring(1); } else { $name_id = elgg_get_metastring_id('__stormpath_user'); $value_id = elgg_get_metastring_id(1); } $options = array('type' => 'user', 'joins' => array("LEFT JOIN {$dbprefix}metadata md ON md.entity_guid = e.guid AND md.name_id = {$name_id}"), 'wheres' => array('md.name_id IS NULL'), 'limit' => false); $batch = new \ElggBatch('elgg_get_entities', $options); $batch->setIncrementOffset(false); foreach ($batch as $user) { // search stormpath for a matching account $application = get_application(); $accts = $application->getAccounts(array('email' => $user->email)); $already_exists = false; foreach ($accts as $a) { $user->__stormpath_user = $a->href; error_log('set user ' . $user->username . ': ' . $a->href); $already_exists = true; break; } if ($already_exists) { continue; } // change it locally $password = generate_random_cleartext_password(); $user->salt = _elgg_generate_password_salt(); $user->password = generate_user_password($user, $password); $user->save(); error_log('adding to stormpath ' . $user->email); $result = add_to_stormpath($user, $password); if ($result) { // notify them of the change // replace tokens in the message $message_m = str_replace('{{password}}', $password, $message); $message_m = str_replace('{{name}}', $user->name, $message_m); $message_m = str_replace('{{username}}', $user->username, $message_m); $message_m = str_replace('{{email}}', $user->email, $message_m); $message_m = str_replace('{{forgot_password}}', $site_url . 'forgotpassword', $message_m); $message_m = str_replace('{{site_email}}', $site->email, $message_m); $message_m = str_replace('{{site_url}}', $site_url, $message_m); notify_user($user->guid, $site->guid, $subject, $message_m, null, 'email'); } } }
/** * plugin initialization */ function init() { // register actions elgg_register_action('elgg_stormpath/settings/save', __DIR__ . '/actions/stormpath/settings.php', 'admin'); // these things only work if we have a real api connection if (get_application()) { $importance = elgg_get_plugin_setting('importance', PLUGIN_ID); register_pam_handler(__NAMESPACE__ . '\\pam_handler', $importance); elgg_register_page_handler('stormpath', __NAMESPACE__ . '\\pagehandler'); // add new users to stormpath elgg_register_event_handler('create', 'user', __NAMESPACE__ . '\\event_user_create', 1000); // make admin users always validated elgg_register_event_handler('make_admin', 'user', __NAMESPACE__ . '\\validate_new_admin_user'); // mark users as unvalidated and disable when they register elgg_register_plugin_hook_handler('register', 'user', __NAMESPACE__ . '\\disable_new_user'); // canEdit override to allow not logged in code to disable a user elgg_register_plugin_hook_handler('permissions_check', 'user', __NAMESPACE__ . '\\allow_new_user_can_edit'); // add custom data to our stormpath user elgg_register_plugin_hook_handler('elgg_stormpath', 'import', __NAMESPACE__ . '\\stormpath_custom_data'); elgg_register_action('user/requestnewpassword', __DIR__ . '/actions/stormpath/requestnewpassword.php', 'public'); elgg_register_action('user/passwordreset', __DIR__ . '/actions/stormpath/passwordreset.php', 'public'); // differentiation for 1.8/newer compatibility if (is_elgg18()) { elgg_register_event_handler('login', 'user', __NAMESPACE__ . '\\event_user_login', 1000); elgg_unregister_plugin_hook_handler('usersettings:save', 'user', 'users_settings_save'); elgg_register_plugin_hook_handler('usersettings:save', 'user', __NAMESPACE__ . '\\users_settings_save'); } else { elgg_register_event_handler('login:after', 'user', __NAMESPACE__ . '\\event_user_login', 1000); elgg_unregister_plugin_hook_handler('usersettings:save', 'user', '_elgg_set_user_password'); elgg_register_plugin_hook_handler('usersettings:save', 'user', __NAMESPACE__ . '\\set_user_password'); } if (elgg_is_active_plugin('vroom')) { elgg_register_action('stormpath/import', __DIR__ . '/actions/stormpath/import.php', 'admin'); } } }
<?php namespace Arck\Stormpath; echo elgg_view('stormpath/admin/navigation'); $vroom = elgg_is_active_plugin('vroom'); $dbprefix = elgg_get_config('dbprefix'); if (is_elgg18()) { $name_id = add_metastring('__stormpath_user'); $value_id = add_metastring(1); } else { $name_id = elgg_get_metastring_id('__stormpath_user'); $value_id = elgg_get_metastring_id(1); } $count = elgg_get_entities(array('type' => 'user', 'joins' => array("LEFT JOIN {$dbprefix}metadata md ON md.entity_guid = e.guid AND md.name_id = {$name_id}"), 'wheres' => array('md.name_id IS NULL'), 'count' => true)); $title = elgg_echo('stormpath:import:title', array('<b>' . $count . '<b>')); if ($count) { $description = elgg_view('output/longtext', array('value' => elgg_echo('stormpath:import:description'))); if ($vroom) { $description .= elgg_view('output/longtext', array('value' => elgg_echo('stormpath:import:directory:instructions'))); $description .= elgg_view_form('stormpath/import'); } else { $description .= elgg_view('output/longtext', array('value' => elgg_echo('stormpath:import:required:vroom'))); } } else { $description = elgg_echo('stormpath:import:description:unnecessary'); } echo elgg_view_module('main', $title, $description);
/** * Called on usersettings save action - changes the users password * locally and on stormpath * * @param type $hook * @param type $type * @param type $return * @param type $params * @return boolean|null */ function set_user_password($hook = 'usersettings:save', $type = 'user', $return = true, $params = array()) { $current_password = get_input('current_password', null, false); $password = get_input('password', null, false); $password2 = get_input('password2', null, false); $user_guid = get_input('guid'); if ($user_guid) { $user = get_user($user_guid); } else { $user = elgg_get_logged_in_user_entity(); } if ($user && $password) { // let admin user change anyone's password without knowing it except his own. if (!elgg_is_admin_logged_in() || elgg_is_admin_logged_in() && $user->guid == elgg_get_logged_in_user_guid()) { $credentials = array('username' => $user->email, 'password' => $current_password); try { pam_handler($credentials); } catch (\LoginException $e) { register_error(elgg_echo('LoginException:ChangePasswordFailure')); return false; } } try { $result = validate_password($password); } catch (\RegistrationException $e) { register_error($e->getMessage()); return false; } if ($result) { if ($password == $password2) { // change it on stormpath if ($user->__stormpath_user) { try { $client = get_client(); $account = $client->dataStore->getResource($user->__stormpath_user, \Stormpath\Stormpath::ACCOUNT); $account->password = $password; $account->save(); } catch (\Exception $exc) { register_error($exc->getMessage()); return false; } } else { if ($password) { add_to_stormpath($user, $password); } } // change it locally $user->salt = _elgg_generate_password_salt(); $user->password = generate_user_password($user, $password); if (is_elgg18()) { $user->code = ''; if ($user->guid == elgg_get_logged_in_user_guid() && !empty($_COOKIE['elggperm'])) { // regenerate remember me code so no other user could // use it to authenticate later $code = _elgg_generate_remember_me_token(); $_SESSION['code'] = $code; $user->code = md5($code); setcookie("elggperm", $code, time() + 86400 * 30, "/"); } } else { _elgg_services()->persistentLogin->handlePasswordChange($user, elgg_get_logged_in_user_entity()); } if ($user->save()) { system_message(elgg_echo('user:password:success')); return true; } else { register_error(elgg_echo('user:password:fail')); } } else { register_error(elgg_echo('user:password:fail:notsame')); } } else { register_error(elgg_echo('user:password:fail:tooshort')); } } else { // no change return null; } return false; }