public function xRegenerateApiKeysAction() { $keys = Scalr::GenerateAPIKeys(); $this->user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $this->user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); $this->response->success('Keys have been regenerated'); $this->response->data(array('keys' => $keys)); }
public function xSaveAction() { $user = Scalr_Account_User::init(); $validator = new Scalr_Validator(); if (!$this->getParam('email')) { throw new Scalr_Exception_Core('Email must be provided.'); } if ($validator->validateEmail($this->getParam('email'), null, true) !== true) { throw new Scalr_Exception_Core('Email should be correct'); } if ($this->user->canManageAcl() || $this->user->isTeamOwner()) { $newUser = false; if ($this->getParam('id')) { $user->loadById((int) $this->getParam('id')); if (!$this->user->canEditUser($user)) { throw new Scalr_Exception_InsufficientPermissions(); } $user->updateEmail($this->getParam('email')); } else { $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1); $user->create($this->getParam('email'), $this->user->getAccountId()); $user->type = Scalr_Account_User::TYPE_TEAM_USER; $newUser = true; } $sendResetLink = false; if (!$this->getParam('password')) { $password = CryptoTool::sault(10); $sendResetLink = true; } else { $password = $this->getParam('password'); } if ($password != '******') { $user->updatePassword($password); } if (in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE)) && !$user->isAccountOwner()) { $user->status = $this->getParam('status'); } $user->fullname = $this->getParam('fullname'); $user->comments = $this->getParam('comments'); $user->save(); if ($this->getParam('enableApi')) { $keys = Scalr::GenerateAPIKeys(); $user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true); $user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); } if ($newUser) { if ($sendResetLink) { try { $hash = $this->getCrypto()->sault(10); $user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash); $clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname); // Send reset password E-mail $res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']); } catch (Exception $e) { } } } $this->response->data(array('user' => array('id' => $user->getId(), 'email' => $user->getEmail(), 'fullname' => $user->fullname))); $this->response->success('User successfully saved'); } else { throw new Scalr_Exception_InsufficientPermissions(); } }
/** * * @param integer $groupId * @param string $login * @param string $password * @param string $email * @return Scalr_Account_User */ public function createUser($email, $password, $type) { if (!$this->id) { throw new Exception("Account is not created"); } $this->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1); $user = Scalr_Account_User::init()->create($email, $this->id); $user->updatePassword($password); $user->type = $type; $user->status = Scalr_Account_User::STATUS_ACTIVE; $user->save(); $keys = Scalr::GenerateAPIKeys(); $user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); return $user; }
public function xSaveAction() { $user = Scalr_Account_User::init(); if (!$this->getParam('email')) { throw new Scalr_Exception_Core('Email cannot be null'); } if ($this->user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER || $this->user->isTeamOwner()) { if ($this->getParam('id')) { $user->loadById($this->getParam('id')); if ($user->getAccountId() == $this->user->getAccountId()) { if ($this->user->isTeamOwner() && $this->user->getId() != $user->getId()) { if ($user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER || $user->isTeamOwner()) { throw new Scalr_Exception_InsufficientPermissions(); } } } else { throw new Scalr_Exception_InsufficientPermissions(); } $user->updateEmail($this->getParam('email')); } else { $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1); $user->create($this->getParam('email'), $this->user->getAccountId()); $user->type = Scalr_Account_User::TYPE_TEAM_USER; $newUser = true; } if (!$this->getParam('password')) { $password = $this->getCrypto()->sault(10); $sendResetLink = true; } else { $password = $this->getParam('password'); } if ($password != '******') { $user->updatePassword($password); } if (in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE)) && $user->getType() != Scalr_Account_User::TYPE_ACCOUNT_OWNER) { $user->status = $this->getParam('status'); } $user->fullname = $this->getParam('fullname'); $user->comments = $this->getParam('comments'); $user->save(); if ($this->getParam('enableApi')) { $keys = Scalr::GenerateAPIKeys(); $user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true); $user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); } if ($newUser) { if ($user->getType() == Scalr_Account_User::TYPE_ACCOUNT_OWNER) { try { $clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $this->getParam('password')); global $Mailer; // Send welcome E-mail $Mailer->ClearAddresses(); $res = $Mailer->Send("emails/welcome.eml", array("client" => $clientinfo, "site_url" => "http://{$_SERVER['HTTP_HOST']}"), $user->getEmail(), ''); } catch (Exception $e) { } } elseif ($sendResetLink) { try { $hash = $this->getCrypto()->sault(10); $user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash); $clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname); global $Mailer; // Send reset password E-mail $Mailer->ClearAddresses(); $res = $Mailer->Send("emails/user_account_confirm.eml", array("client" => $clientinfo, "pwd_link" => "https://{$_SERVER['HTTP_HOST']}/#/confirmPasswordReset/{$hash}"), $clientinfo['email'], $clientinfo['fullname']); } catch (Exception $e) { } } } $this->response->data(array('user' => array('id' => $user->getId(), 'email' => $user->getEmail(), 'fullname' => $user->fullname))); $this->response->success('User successfully saved'); } else { throw new Scalr_Exception_InsufficientPermissions(); } }
public function xRegenerateApiKeysAction() { if ($this->user->isAdmin()) { throw new Scalr_Exception_InsufficientPermissions(); } $keys = Scalr::GenerateAPIKeys(); $this->user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $this->user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); $this->response->success('Keys have been regenerated'); $this->response->data(array('keys' => $keys)); }
public function xSaveAction() { $this->request->defineParams(array('teams' => array('type' => 'json'), 'action', 'password' => array('type' => 'string', 'rawValue' => true), 'currentPassword' => array('type' => 'string', 'rawValue' => true))); $user = Scalr_Account_User::init(); $validator = new Scalr_Validator(); if ($this->getParam('id')) { $user->loadById((int) $this->getParam('id')); } else { if ($this->getContainer()->config->get('scalr.auth_mode') == 'ldap') { throw new Exception("Adding new users is not supported with LDAP user management"); } } if ($this->getContainer()->config->get('scalr.auth_mode') != 'ldap') { if (!$this->getParam('email')) { throw new Scalr_Exception_Core('Email cannot be null'); } if ($validator->validateEmail($this->getParam('email'), null, true) !== true) { throw new Scalr_Exception_Core('Email should be correct'); } if ($this->getParam('id')) { if (!$this->user->canEditUser($user)) { throw new Scalr_Exception_InsufficientPermissions(); } $user->updateEmail($this->getParam('email')); } else { $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1); $user->create($this->getParam('email'), $this->user->getAccountId()); $user->type = Scalr_Account_User::TYPE_TEAM_USER; $newUser = true; } $password = $this->getParam('password'); if (!$newUser && $password) { $existingPasswordChanged = true; } else { if (!$password && ($this->request->hasParam('password') || $newUser)) { $password = $this->getCrypto()->sault(10); $sendResetLink = true; } } if (($existingPasswordChanged || !$newUser && $sendResetLink) && !$this->user->checkPassword($this->getParam('currentPassword'))) { $this->response->data(['errors' => ['currentPassword' => 'Invalid password']]); $this->response->failure(); return; } if ($password) { $user->updatePassword($password); } } if ($user->getId() != $this->user->getId() && in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE))) { $user->status = $this->getParam('status'); } if (!$user->isAccountOwner()) { if ($this->getParam('isAccountAdmin')) { if ($this->user->isAccountOwner() && $this->getParam('isAccountSuperAdmin')) { $user->type = Scalr_Account_User::TYPE_ACCOUNT_SUPER_ADMIN; } else { if ($user->type != Scalr_Account_User::TYPE_ACCOUNT_SUPER_ADMIN) { $user->type = Scalr_Account_User::TYPE_ACCOUNT_ADMIN; } } } else { $user->type = Scalr_Account_User::TYPE_TEAM_USER; } } $user->fullname = $this->getParam('fullname'); $user->comments = $this->getParam('comments'); $user->save(); $user->setAclRoles($this->getParam('teams')); if ($this->getParam('enableApi')) { $keys = Scalr::GenerateAPIKeys(); $user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true); $user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); } $creatorName = $this->user->fullname; if (empty($creatorName)) { $creatorName = $this->user->isAccountOwner() ? 'Account owner' : ($this->user->isAccountAdmin() ? 'Account admin' : 'Team user'); } if ($newUser) { try { $clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $password); $url = Scalr::config('scalr.endpoint.scheme') . "://" . Scalr::config('scalr.endpoint.host'); $res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/referral.eml.php', array("creatorName" => $creatorName, "clientFirstname" => $clientinfo['firstname'], "email" => $clientinfo['email'], "password" => $clientinfo['password'], "siteUrl" => $url, "wikiUrl" => \Scalr::config('scalr.ui.wiki_url'), "supportUrl" => \Scalr::config('scalr.ui.support_url'), "isUrl" => preg_match('/^http(s?):\\/\\//i', \Scalr::config('scalr.ui.support_url'))), $user->getEmail()); } catch (Exception $e) { } } elseif ($sendResetLink) { try { $hash = $this->getCrypto()->sault(10); $user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash); $clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname); $res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']); } catch (Exception $e) { } } else { if ($existingPasswordChanged) { // Send notification E-mail $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/password_change_notification.eml', array('{{fullname}}' => $user->fullname ? $user->fullname : $user->getEmail()), $user->getEmail(), $user->fullname); } } $userTeams = array(); $troles = $this->getContainer()->acl->getUserRoleIdsByTeam($user->id, array_map(create_function('$v', 'return $v["id"];'), $user->getTeams()), $user->getAccountId()); foreach ($troles as $teamId => $roles) { $userTeams[$teamId] = array('roles' => $roles); } $data = ['user' => $user->getUserInfo(), 'teams' => $userTeams]; if ($existingPasswordChanged && $user->getId() == $this->user->getId()) { Scalr_Session::create($this->user->getId()); $data['specialToken'] = Scalr_Session::getInstance()->getToken(); } $this->response->data($data); $this->response->success('User successfully saved'); }
public function xSaveAction() { $this->request->defineParams(array('teams' => array('type' => 'json'), 'action')); $user = Scalr_Account_User::init(); $validator = new Scalr_Validator(); if (!$this->getParam('email')) { throw new Scalr_Exception_Core('Email cannot be null'); } if ($validator->validateEmail($this->getParam('email'), null, true) !== true) { throw new Scalr_Exception_Core('Email should be correct'); } if ($this->getParam('id')) { $user->loadById((int) $this->getParam('id')); if (!$this->user->canEditUser($user)) { throw new Scalr_Exception_InsufficientPermissions(); } $user->updateEmail($this->getParam('email')); } else { $this->user->getAccount()->validateLimit(Scalr_Limits::ACCOUNT_USERS, 1); $user->create($this->getParam('email'), $this->user->getAccountId()); $user->type = Scalr_Account_User::TYPE_TEAM_USER; $newUser = true; } $password = $this->getParam('password'); if ($password === '' || $newUser && !$password) { $password = $this->getCrypto()->sault(10); $sendResetLink = true; } if ($password) { $user->updatePassword($password); } if ($user->getId() != $this->user->getId() && in_array($this->getParam('status'), array(Scalr_Account_User::STATUS_ACTIVE, Scalr_Account_User::STATUS_INACTIVE))) { $user->status = $this->getParam('status'); } if (!$user->isAccountOwner()) { $user->type = $this->getParam('isAccountAdmin') ? Scalr_Account_User::TYPE_ACCOUNT_ADMIN : Scalr_Account_User::TYPE_TEAM_USER; } $user->fullname = $this->getParam('fullname'); $user->comments = $this->getParam('comments'); $user->save(); $user->setAclRoles($this->getParam('teams')); if ($this->getParam('enableApi')) { $keys = Scalr::GenerateAPIKeys(); $user->setSetting(Scalr_Account_User::SETTING_API_ENABLED, true); $user->setSetting(Scalr_Account_User::SETTING_API_ACCESS_KEY, $keys['id']); $user->setSetting(Scalr_Account_User::SETTING_API_SECRET_KEY, $keys['key']); } $creatorName = $this->user->fullname; if (empty($creatorName)) { $creatorName = $this->user->isAccountOwner() ? 'Account owner' : ($this->user->isAccountAdmin() ? 'Account admin' : 'Team user'); } if ($newUser) { try { $clientinfo = array('fullname' => $user->fullname, 'firstname' => $user->fullname, 'email' => $user->getEmail(), 'password' => $password); $res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/welcome.eml.php', array("creatorName" => $creatorName, "clientFirstname" => $clientinfo['firstname'], "email" => $clientinfo['email'], "password" => $clientinfo['password'], "siteUrl" => "http://{$_SERVER['HTTP_HOST']}", "wikiUrl" => \Scalr::config('scalr.ui.wiki_url'), "supportUrl" => \Scalr::config('scalr.ui.support_url'), "isUrl" => preg_match('/^http(s?):\\/\\//i', \Scalr::config('scalr.ui.support_url'))), $user->getEmail()); } catch (Exception $e) { } } elseif ($sendResetLink) { try { $hash = $this->getCrypto()->sault(10); $user->setSetting(Scalr_Account::SETTING_OWNER_PWD_RESET_HASH, $hash); $clientinfo = array('email' => $user->getEmail(), 'fullname' => $user->fullname); $res = $this->getContainer()->mailer->sendTemplate(SCALR_TEMPLATES_PATH . '/emails/user_account_confirm.eml', array("{{fullname}}" => $clientinfo['fullname'], "{{pwd_link}}" => "https://{$_SERVER['HTTP_HOST']}/#/guest/updatePassword/?hash={$hash}"), $clientinfo['email'], $clientinfo['fullname']); } catch (Exception $e) { } } $userTeams = array(); $troles = $this->environment->acl->getUserRoleIdsByTeam($user->id, array_map(create_function('$v', 'return $v["id"];'), $user->getTeams()), $user->getAccountId()); foreach ($troles as $teamId => $roles) { $userTeams[$teamId] = array('roles' => $roles); } $this->response->data(array('user' => $user->getUserInfo(), 'teams' => $userTeams)); $this->response->success('User successfully saved'); }