/** * Modifies an Issue's Reporter. * * @param integer $issue_id The id of the issue. * @param string $fullname The id of the user. * @param boolean $add_history If this should be logged. * @return int */ public static function update($issue_id, $email, $add_history = true) { $email = strtolower(Mail_Helper::getEmailAddress($email)); $usr_id = User::getUserIDByEmail($email, true); // If no valid user found reset to system account if (!$usr_id) { $usr_id = APP_SYSTEM_USER_ID; } $sql = 'UPDATE {{%issue}} SET iss_usr_id = ? WHERE iss_id = ?'; try { DB_Helper::getInstance()->query($sql, array($usr_id, $issue_id)); } catch (DbException $e) { return -1; } if ($add_history) { // TRANSLATORS: %1: email, %2: full name $current_usr_id = Auth::getUserID(); History::add($issue_id, $current_usr_id, 'issue_updated', 'Reporter was changed to {email} by {user}', array('email' => $email, 'user' => User::getFullName($current_usr_id))); } // Add new user to notification list if ($usr_id > 0) { Notification::subscribeEmail($usr_id, $issue_id, $email, Notification::getDefaultActions()); } return 1; }
/** * Adds an email to the outgoing mail queue. * * @param string $recipient The recipient of this email * @param array $headers The list of headers that should be sent with this email * @param string $body The body of the message * @param integer $save_email_copy Whether to send a copy of this email to a configurable address or not (eventum_sent@) * @param integer $issue_id The ID of the issue. If false, email will not be associated with issue. * @param string $type The type of message this is. * @param integer $sender_usr_id The id of the user sending this email. * @param integer $type_id The ID of the event that triggered this notification (issue_id, sup_id, not_id, etc) * @return true, or a PEAR_Error object */ public static function add($recipient, $headers, $body, $save_email_copy = 0, $issue_id = false, $type = '', $sender_usr_id = false, $type_id = false) { Workflow::modifyMailQueue(Auth::getCurrentProject(false), $recipient, $headers, $body, $issue_id, $type, $sender_usr_id, $type_id); // avoid sending emails out to users with inactive status $recipient_email = Mail_Helper::getEmailAddress($recipient); $usr_id = User::getUserIDByEmail($recipient_email); if (!empty($usr_id)) { $user_status = User::getStatusByEmail($recipient_email); // if user is not set to an active status, then silently ignore if (!User::isActiveStatus($user_status) && !User::isPendingStatus($user_status)) { return false; } } $to_usr_id = User::getUserIDByEmail($recipient_email); $recipient = Mail_Helper::fixAddressQuoting($recipient); $reminder_addresses = Reminder::_getReminderAlertAddresses(); // add specialized headers if (!empty($issue_id) && (!empty($to_usr_id) && User::getRoleByUser($to_usr_id, Issue::getProjectID($issue_id)) != User::getRoleID('Customer')) || @in_array(Mail_Helper::getEmailAddress($recipient), $reminder_addresses)) { $headers += Mail_Helper::getSpecializedHeaders($issue_id, $type, $headers, $sender_usr_id); } // try to prevent triggering absence auto responders $headers['precedence'] = 'bulk'; // the 'classic' way, works with e.g. the unix 'vacation' tool $headers['Auto-submitted'] = 'auto-generated'; // the RFC 3834 way if (empty($issue_id)) { $issue_id = 'null'; } // if the Date: header is missing, add it. if (empty($headers['Date'])) { $headers['Date'] = Mime_Helper::encode(date('D, j M Y H:i:s O')); } if (!empty($headers['To'])) { $headers['To'] = Mail_Helper::fixAddressQuoting($headers['To']); } // encode headers and add special mime headers $headers = Mime_Helper::encodeHeaders($headers); $res = Mail_Helper::prepareHeaders($headers); if (Misc::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return $res; } // convert array of headers into text headers list(, $text_headers) = $res; $params = array('maq_save_copy' => $save_email_copy, 'maq_queued_date' => Date_Helper::getCurrentDateGMT(), 'maq_sender_ip_address' => !empty($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', 'maq_recipient' => $recipient, 'maq_headers' => $text_headers, 'maq_body' => $body, 'maq_iss_id' => $issue_id, 'maq_subject' => $headers['Subject'], 'maq_type' => $type); if ($sender_usr_id) { $params['maq_usr_id'] = $sender_usr_id; } if ($type_id) { $params['maq_type_id'] = $type_id; } $stmt = 'INSERT INTO {{%mail_queue}} SET ' . DB_Helper::buildSet($params); try { DB_Helper::getInstance()->query($stmt, $params); } catch (DbException $e) { return $res; } return true; }
/** * Adds an email to the outgoing mail queue. * * @access public * @param string $recipient The recipient of this email * @param array $headers The list of headers that should be sent with this email * @param string $body The body of the message * @param integer $save_email_copy Whether to send a copy of this email to a configurable address or not (eventum_sent@) * @param integer $issue_id The ID of the issue. If false, email will not be associated with issue. * @param string $type The type of message this is. * @param integer $sender_usr_id The id of the user sending this email. * @param integer $type_id The ID of the event that triggered this notification (issue_id, sup_id, not_id, etc) * @return true, or a PEAR_Error object */ function add($recipient, $headers, $body, $save_email_copy = 0, $issue_id = false, $type = '', $sender_usr_id = false, $type_id = false) { // avoid sending emails out to users with inactive status $recipient_email = Mail_API::getEmailAddress($recipient); $usr_id = User::getUserIDByEmail($recipient_email); if (!empty($usr_id)) { $user_status = User::getStatusByEmail($recipient_email); // if user is not set to an active status, then silently ignore if (!User::isActiveStatus($user_status) && !User::isPendingStatus($user_status)) { return false; } } $to_usr_id = User::getUserIDByEmail($recipient_email); $recipient = Mail_API::fixAddressQuoting($recipient); $reminder_addresses = Reminder::_getReminderAlertAddresses(); // add specialized headers if (!empty($issue_id) && (!empty($to_usr_id) && User::getRoleByUser($to_usr_id, Issue::getProjectID($issue_id)) > User::getRoleID("Customer")) || @in_array(Mail_API::getEmailAddress($to), $reminder_addresses)) { $headers += Mail_API::getSpecializedHeaders($issue_id, $type, $headers, $sender_usr_id); } if (empty($issue_id)) { $issue_id = 'null'; } // if the Date: header is missing, add it. if (!in_array('Date', array_keys($headers))) { $headers['Date'] = MIME_Helper::encode(date('D, j M Y H:i:s O')); } if (!empty($headers['To'])) { $headers['To'] = Mail_API::fixAddressQuoting($headers['To']); } list(, $text_headers) = Mail_API::prepareHeaders($headers); $stmt = "INSERT INTO\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "mail_queue\n (\n maq_save_copy,\n maq_queued_date,\n maq_sender_ip_address,\n maq_recipient,\n maq_headers,\n maq_body,\n maq_iss_id,\n maq_subject,\n maq_type"; if ($sender_usr_id != false) { $stmt .= ",\nmaq_usr_id"; } if ($type_id != false) { $stmt .= ",\nmaq_type_id"; } $stmt .= ") VALUES (\n {$save_email_copy},\n '" . Date_API::getCurrentDateGMT() . "',\n '" . getenv("REMOTE_ADDR") . "',\n '" . Misc::escapeString($recipient) . "',\n '" . Misc::escapeString($text_headers) . "',\n '" . Misc::escapeString($body) . "',\n " . Misc::escapeInteger($issue_id) . ",\n '" . Misc::escapeString($headers["Subject"]) . "',\n '{$type}'"; if ($sender_usr_id != false) { $stmt .= ",\n" . $sender_usr_id; } if ($type_id != false) { $stmt .= ",\n" . $type_id; } $stmt .= ")"; $res = $GLOBALS["db_api"]->dbh->query($stmt); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return $res; } else { return true; } }
/** * Method to check if the user has a valid auth cookie. * The cookie contents is validated for hash matching and user id from database. * * @return boolean */ public static function hasAuthCookie() { $cookie = self::getDecodedCookie(APP_COOKIE); if (!$cookie || empty($cookie['email']) || empty($cookie['hash'])) { return false; } $hash = self::generateHash($cookie['login_time'], $cookie['email']); if ($cookie['hash'] != $hash) { return false; } $usr_id = User::getUserIDByEmail($cookie['email']); return !!$usr_id; }
public static function isTokenValidForEmail($token, $email) { try { $usr_id = User::getUserIDByEmail($email, true); $active_tokens = self::getTokensForUser($usr_id); foreach ($active_tokens as $row) { if ($row['token'] == $token) { return true; } } return false; } catch (AuthException $e) { return false; } }
/** * Gets the current user ID. * * @access public * @return integer The ID of the user */ function getUserID() { $info = Auth::getCookieInfo(APP_COOKIE); if (empty($info)) { return ''; } else { return @User::getUserIDByEmail($info["email"]); } }
public function getUserIDByLogin($login) { $usr_id = User::getUserIDByEmail($login, true); if (!$usr_id) { // the login is not a local email address, try external id $usr_id = User::getUserIDByExternalID($login); } if ($usr_id) { $local_user_info = User::getDetails($usr_id); } if (!empty($local_user_info) && empty($local_user_info['usr_external_id'])) { // local user exists and is not associated with LDAP, don't try to update. return $usr_id; } // try to create or update local user from ldap info $created = $this->updateLocalUserFromBackend($login); return $created; }
public function getUserIDByLogin($login) { return User::getUserIDByEmail($login, true); }
<?php /* * Runonce script to set the sup_usr_id field in support_email */ include_once "../../../config.inc.php"; include_once APP_INC_PATH . "db_access.php"; $stmt = "SELECT\n sup_id,\n sup_from\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "support_email\n WHERE\n sup_usr_id IS NULL AND\n sup_iss_id != 0"; $res = $GLOBALS["db_api"]->dbh->getAssoc($stmt); foreach ($res as $sup_id => $email) { $usr_id = User::getUserIDByEmail(Mail_API::getEmailAddress($email)); if (!empty($usr_id)) { $stmt = "UPDATE\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "support_email\n SET\n sup_usr_id = {$usr_id}\n WHERE\n sup_id = {$sup_id}"; $update = $GLOBALS["db_api"]->dbh->query($stmt); if (PEAR::isError($update)) { echo "<pre>"; var_dump($update); echo "</pre>"; exit(1); } } } echo "complete";
/** * Creates an issue with the given email information. * * @param integer $prj_id The project ID * @param integer $usr_id The user responsible for this action * @param string $sender The original sender of this email * @param string $summary The issue summary * @param string $description The issue description * @param integer $category The category ID * @param integer $priority The priority ID * @param array $assignment The list of users to assign this issue to * @param string $date The date the email was originally sent. * @param string $msg_id The message ID of the email we are creating this issue from. * @param integer $severity * @param string $customer_id * @param string $contact_id * @param string $contract_id * @return int */ public static function createFromEmail($prj_id, $usr_id, $sender, $summary, $description, $category, $priority, $assignment, $date, $msg_id, $severity, $customer_id, $contact_id, $contract_id) { $exclude_list = array(); $managers = array(); $sender_email = Mail_Helper::getEmailAddress($sender); $sender_usr_id = User::getUserIDByEmail($sender_email, true); if (!empty($sender_usr_id)) { $reporter = $sender_usr_id; $exclude_list[] = $sender_usr_id; } $data = array('category' => $category, 'priority' => $priority, 'severity' => $severity, 'description' => $description, 'summary' => $summary, 'msg_id' => $msg_id, 'customer' => false, 'contact' => false, 'contract' => false, 'contact_person_lname' => '', 'contact_person_fname' => '', 'contact_email' => '', 'contact_phone' => '', 'contact_timezone' => ''); if (CRM::hasCustomerIntegration($prj_id)) { $crm = CRM::getInstance($prj_id); try { if ($contact_id != false) { $contact = $crm->getContact($contact_id); } else { $contact = $crm->getContactByEmail($sender_email); } // overwrite the reporter with the customer contact $reporter = User::getUserIDByContactID($contact->getContactID()); $data['contact'] = $contact->getContactID(); $data['contact_person_lname'] = $contact['last_name']; $data['contact_person_fname'] = $contact['first_name']; $data['contact_email'] = $sender_email; $data['contact_phone'] = $contact['phone']; $data['contact_timezone'] = Date_Helper::getPreferredTimezone($reporter); } catch (ContactNotFoundException $e) { } try { if ($contract_id != false) { $contract = $crm->getContract($contract_id); $data['contract'] = $contract->getContractID(); } elseif (isset($contact)) { // Just use first contract / customer for now. $contracts = $contact->getContracts(array('active' => true)); $contract = $contracts[0]; $data['contract'] = $contract->getContractID(); } } catch (ContractNotFoundException $e) { } try { if ($customer_id != false) { $customer = $crm->getCustomer($customer_id); $data['customer'] = $customer->getCustomerID(); } elseif (isset($contract)) { $customer = $contract->getCustomer(); $data['customer'] = $customer->getCustomerID(); } } catch (CustomerNotFoundException $e) { } } else { } if (empty($reporter)) { $reporter = APP_SYSTEM_USER_ID; } $data['reporter'] = $reporter; $issue_id = self::insertIssue($prj_id, $data); if ($issue_id == -1) { return -1; } $has_RR = false; // log the creation of the issue History::add($issue_id, $usr_id, 'issue_opened', 'Issue opened by {sender}', array('sender' => $sender)); $emails = array(); // if there are any technical account managers associated with this customer, add these users to the notification list if ($data['customer']) { $managers = CRM::getAccountManagers($prj_id, $data['customer']); foreach ($managers as $manager) { $emails[] = $manager['usr_email']; } } // add the reporter to the notification list $emails[] = $sender; $emails = array_unique($emails); $actions = Notification::getDefaultActions($issue_id, false, 'issue_from_email'); foreach ($emails as $address) { Notification::subscribeEmail($reporter, $issue_id, $address, $actions); } // only assign the issue to an user if the associated customer has any technical account managers $users = array(); $has_TAM = false; if (CRM::hasCustomerIntegration($prj_id) && count($managers) > 0) { foreach ($managers as $manager) { if ($manager['cam_type'] == 'intpart') { continue; } $users[] = $manager['cam_usr_id']; self::addUserAssociation($usr_id, $issue_id, $manager['cam_usr_id'], false); History::add($issue_id, $usr_id, 'issue_auto_assigned', 'Issue auto-assigned to {assignee} (TAM)', array('assignee' => User::getFullName($manager['cam_usr_id']))); } $has_TAM = true; } // now add the user/issue association if (@count($assignment) > 0) { foreach ($assignment as $ass_usr_id) { Notification::subscribeUser($reporter, $issue_id, $ass_usr_id, $actions); self::addUserAssociation(APP_SYSTEM_USER_ID, $issue_id, $ass_usr_id); if ($ass_usr_id != $usr_id) { $users[] = $ass_usr_id; } } } else { // only use the round-robin feature if this new issue was not // already assigned to a customer account manager if (count($managers) < 1) { $assignee = Round_Robin::getNextAssignee($prj_id); // assign the issue to the round robin person if (!empty($assignee)) { self::addUserAssociation(APP_SYSTEM_USER_ID, $issue_id, $assignee, false); History::add($issue_id, APP_SYSTEM_USER_ID, 'rr_issue_assigned', 'Issue auto-assigned to {assignee} (RR)', array('assignee' => User::getFullName($assignee))); $users[] = $assignee; $has_RR = true; } } } Workflow::handleNewIssue($prj_id, $issue_id, $has_TAM, $has_RR); // send special 'an issue was auto-created for you' notification back to the sender Notification::notifyAutoCreatedIssue($prj_id, $issue_id, $sender, $date, $summary); // also notify any users that want to receive emails anytime a new issue is created Notification::notifyNewIssue($prj_id, $issue_id, $exclude_list); return $issue_id; }
/** * Method used to update the details of a given subscription. * * @param $issue_id * @param integer $sub_id The subscription ID * @param $email * @return integer 1 if the update worked, -1 otherwise */ public static function update($issue_id, $sub_id, $email) { $usr_id = User::getUserIDByEmail(strtolower(Mail_Helper::getEmailAddress($email)), true); if (!empty($usr_id)) { $email = ''; } else { $usr_id = 0; } $prj_id = Issue::getProjectID($issue_id); // call workflow to modify actions or cancel adding this user. $actions = array(); $subscriber_usr_id = false; $workflow = Workflow::handleSubscription($prj_id, $issue_id, $subscriber_usr_id, $email, $actions); if ($workflow === false) { // cancel subscribing the user return -2; } // always set the type of notification to issue-level $stmt = "UPDATE\n {{%subscription}}\n SET\n sub_level='issue',\n sub_email=?,\n sub_usr_id=?\n WHERE\n sub_id=?"; try { DB_Helper::getInstance()->query($stmt, array($email, $usr_id, $sub_id)); } catch (DbException $e) { return -1; } $stmt = 'DELETE FROM {{%subscription_type}} WHERE sbt_sub_id=?'; DB_Helper::getInstance()->query($stmt, array($sub_id)); // now add them all again foreach ($_POST['actions'] as $sbt_type) { // FIXME: $sbt_type not validated for sane values self::addType($sub_id, $sbt_type); } // need to mark the issue as updated Issue::markAsUpdated($issue_id); $current_usr_id = Auth::getUserID(); History::add($issue_id, $current_usr_id, 'notification_updated', "Notification list entry ('{subscriber}') updated by {user}", array('subscriber' => self::getSubscriber($sub_id), 'user' => User::getFullName($current_usr_id))); return 1; }
/** * Gets the current user ID. * * @return integer The ID of the user */ public static function getUserID() { $info = self::getCookieInfo(APP_COOKIE); if (empty($info)) { return ''; } return User::getUserIDByEmail($info['email']); }
/** * Method used to add a customized warning message to the body * of outgoing emails. * * @param integer $issue_id The issue ID * @param string $to The recipient of the message * @param string $body The body of the message * @param array $headers The headers of the message * @return string The body of the message with the warning message, if appropriate */ public static function addWarningMessage($issue_id, $to, $body, $headers) { $setup = Setup::load(); if (@$setup['email_routing']['status'] == 'enabled' && $setup['email_routing']['warning']['status'] == 'enabled') { // check if the recipient can send emails to the customer $recipient_email = self::getEmailAddress($to); $recipient_usr_id = User::getUserIDByEmail($recipient_email); // don't add the warning message if the recipient is an unknown email address if (empty($recipient_usr_id)) { return $body; } else { // don't add anything if the recipient is a known customer contact $recipient_role_id = User::getRoleByUser($recipient_usr_id, Issue::getProjectID($issue_id)); if ($recipient_role_id == User::getRoleID('Customer')) { return $body; } else { if (!Support::isAllowedToEmail($issue_id, $recipient_email)) { $warning = self::getWarningMessage('blocked'); } else { $warning = self::getWarningMessage('allowed'); } if (@$headers['Content-Transfer-Encoding'] == 'base64') { return base64_encode($warning . "\n\n" . trim(base64_decode($body))); } else { return $warning . "\n\n" . $body; } } } } else { return $body; } }
/** * Authorize request. * TODO: translations * TODO: ip based control */ function authorizeRequest() { // try current auth cookie $usr_id = Auth::getUserID(); if (!$usr_id) { // otherwise setup HTTP Auth headers $authData = getAuthData(); if ($authData === null) { sendAuthenticateHeader(); echo 'Error: You are required to authenticate in order to access the requested RSS feed.'; exit; } list($authUser, $authPassword) = $authData; // check the authentication if (Validation::isWhitespace($authUser)) { sendAuthenticateHeader(); echo 'Error: Please provide your email address.'; exit; } if (Validation::isWhitespace($authPassword)) { sendAuthenticateHeader(); echo 'Error: Please provide your password.'; exit; } // check if user exists if (!Auth::userExists($authUser)) { sendAuthenticateHeader(); echo 'Error: The user specified does not exist.'; exit; } // check if the password matches if (!Auth::isCorrectPassword($authUser, $authPassword)) { sendAuthenticateHeader(); echo 'Error: The provided email address/password combo is not correct.'; exit; } // check if this user did already confirm his account if (Auth::isPendingUser($authUser)) { sendAuthenticateHeader(); echo 'Error: The provided user still needs to have its account confirmed.'; exit; } // check if this user is really an active one if (!Auth::isActiveUser($authUser)) { sendAuthenticateHeader(); echo 'Error: The provided user is currently set as an inactive user.'; exit; } $usr_id = User::getUserIDByEmail($authUser); Auth::createFakeCookie($usr_id); } // check if the required parameter 'custom_id' is really being passed if (empty($_GET['custom_id'])) { rssError("Error: The required 'custom_id' parameter was not provided."); exit; } // check if the passed 'custom_id' parameter is associated with the usr_id if (!Filter::isGlobal($_GET['custom_id']) && !Filter::isOwner($_GET['custom_id'], $usr_id)) { rssError('Error: The provided custom filter ID is not associated with the given email address.'); exit; } }
/** * Check if this email needs to be blocked and if so, block it. * * */ public static function blockEmailIfNeeded($email) { if (empty($email['issue_id'])) { return false; } $issue_id = $email['issue_id']; $prj_id = Issue::getProjectID($issue_id); $sender_email = strtolower(Mail_Helper::getEmailAddress($email['from'])); list($text_headers, $body) = Mime_Helper::splitHeaderBody($email['full_email']); if (Mail_Helper::isVacationAutoResponder($email['headers']) || Notification::isBounceMessage($sender_email) || !self::isAllowedToEmail($issue_id, $sender_email)) { // add the message body as a note $_POST = array('full_message' => $email['full_email'], 'title' => @$email['headers']['subject'], 'note' => Mail_Helper::getCannedBlockedMsgExplanation($issue_id) . $email['body'], 'message_id' => Mail_Helper::getMessageID($text_headers, $body)); // avoid having this type of message re-open the issue if (Mail_Helper::isVacationAutoResponder($email['headers'])) { $closing = true; $notify = false; } else { $closing = false; $notify = true; } $res = Note::insertFromPost(Auth::getUserID(), $issue_id, $email['headers']['from'], false, $closing, $notify, true); // associate the email attachments as internal-only files on this issue if ($res != -1) { self::extractAttachments($issue_id, $email['full_email'], true, $res); } $_POST['issue_id'] = $issue_id; $_POST['from'] = $sender_email; // avoid having this type of message re-open the issue if (Mail_Helper::isVacationAutoResponder($email['headers'])) { $email_type = 'vacation-autoresponder'; } else { $email_type = 'routed'; } Workflow::handleBlockedEmail($prj_id, $issue_id, $_POST, $email_type); // try to get usr_id of sender, if not, use system account $usr_id = User::getUserIDByEmail(Mail_Helper::getEmailAddress($email['from']), true); if (!$usr_id) { $usr_id = APP_SYSTEM_USER_ID; } History::add($issue_id, $usr_id, 'email_blocked', "Email from '{from}' blocked", array('from' => $email['from'])); return true; } return false; }
/** * Returns if the specified user is authorized to reply to this issue. * * @access public * @param integer $issue_id The id of the issue. * @param string $email The email address to check. * @return boolean If the specified user is allowed to reply to the issue. */ function isAuthorizedReplier($issue_id, $email) { $email = strtolower(Mail_API::getEmailAddress($email)); // first check if this is an actual user or just an email address $user_emails = User::getAssocEmailList(); if (in_array($email, array_keys($user_emails))) { // real user, get id $usr_id = User::getUserIDByEmail($email); return Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id); } else { // not a real user $stmt = "SELECT\n COUNT(*) AS total\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue_user_replier\n WHERE\n iur_iss_id=" . Misc::escapeInteger($issue_id) . " AND\n iur_email='" . Misc::escapeString($email) . "'"; $res = $GLOBALS["db_api"]->dbh->getOne($stmt); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return false; } else { if ($res > 0) { return true; } else { return false; } } } }
/** * Format is "clock [in|out]" * * @param Net_SmartIRC $irc * @param Net_SmartIRC_data $data */ public final function clock(Net_SmartIRC $irc, Net_SmartIRC_data $data) { if (!$this->isAuthenticated($data)) { return; } switch (count($data->messageex)) { case 1: break; case 2: if (in_array($data->messageex[1], array('in', 'out'))) { break; } // fall through to an error // fall through to an error default: $this->sendResponse($data->nick, 'Error: wrong parameter count for "CLOCK" command. Format is "!clock [in|out]".'); return; } $command = isset($data->messageex[1]) ? $data->messageex[1] : null; // FIXME: handle if $email is empty $email = $this->bot->getEmailByNickname($data->nick); $usr_id = User::getUserIDByEmail($email); if ($command == 'in') { $res = User::clockIn($usr_id); } elseif ($command == 'out') { $res = User::clockOut($usr_id); } else { if (User::isClockedIn($usr_id)) { $msg = 'clocked in'; } else { $msg = 'clocked out'; } $this->sendResponse($data->nick, "You are currently {$msg}."); return; } if ($res == 1) { $this->sendResponse($data->nick, "Thank you, you are now clocked {$command}."); } else { $this->sendResponse($data->nick, "Error clocking {$command}."); } }
exit; } // check if the required parameter 'custom_id' is really being passed if (empty($HTTP_GET_VARS['custom_id'])) { returnError("Error: The required 'custom_id' parameter was not provided."); exit; } $usr_id = User::getUserIDByEmail($HTTP_SERVER_VARS['PHP_AUTH_USER']); // check if the passed 'custom_id' parameter is associated with the usr_id if (!Filter::isGlobal($HTTP_GET_VARS['custom_id']) && !Filter::isOwner($HTTP_GET_VARS['custom_id'], $usr_id)) { returnError('Error: The provided custom filter ID is not associated with the given email address.'); exit; } } $filter = Filter::getDetails($HTTP_GET_VARS["custom_id"], FALSE); Auth::createFakeCookie(User::getUserIDByEmail($HTTP_SERVER_VARS['PHP_AUTH_USER']), $filter['cst_prj_id']); $options = array('users' => $filter['cst_users'], 'keywords' => $filter['cst_keywords'], 'priority' => $filter['cst_iss_pri_id'], 'category' => $filter['cst_iss_prc_id'], 'status' => $filter['cst_iss_sta_id'], 'hide_closed' => $filter['cst_hide_closed'], 'hide_answered' => $filter['cst_hide_answered'], 'sort_by' => $filter['cst_sort_by'], 'sort_order' => $filter['cst_sort_order']); $issues = Issue::getListing($filter['cst_prj_id'], $options, 0, 'ALL', TRUE); $issues = $issues['list']; $project_title = Project::getName($filter['cst_prj_id']); Issue::getDescriptionByIssues($issues); Header("Content-Type: text/xml; charset=" . APP_CHARSET); echo '<?xml version="1.0" encoding="' . APP_CHARSET . '"?>' . "\n"; ?> <rss version="2.0" > <channel> <title><?php echo htmlspecialchars($setup['tool_caption']); ?> - <?php
/** * Method used to add a customized warning message to the body * of outgoing emails. * * @access public * @param integer $issue_id The issue ID * @param string $to The recipient of the message * @param string $body The body of the message * @return string The body of the message with the warning message, if appropriate */ function addWarningMessage($issue_id, $to, $body) { $setup = Setup::load(); if (@$setup['email_routing']['status'] == 'enabled' && $setup['email_routing']['warning']['status'] == 'enabled') { // check if the recipient can send emails to the customer $recipient_email = Mail_API::getEmailAddress($to); $recipient_usr_id = User::getUserIDByEmail($recipient_email); // don't add the warning message if the recipient is an unknown email address if (empty($recipient_usr_id)) { return $body; } else { // don't add anything if the recipient is a known customer contact $recipient_role_id = User::getRoleByUser($recipient_usr_id, Issue::getProjectID($issue_id)); if ($recipient_role_id == User::getRoleID('Customer')) { return $body; } else { if (!Support::isAllowedToEmail($issue_id, $recipient_email)) { return Mail_API::getWarningMessage('blocked') . "\n\n" . $body; } else { return Mail_API::getWarningMessage('allowed') . "\n\n" . $body; } } } } else { return $body; } }
/** * Gets the current user ID. * * @return integer The ID of the user */ public static function getUserID() { $info = AuthCookie::getAuthCookie(); if (!$info) { return ''; } return User::getUserIDByEmail($info['email']); }
public function updateLocalUserFromBackend($remote) { $setup = self::loadSetup(); $usr_id = User::getUserIDByEmail($remote['mail'], true); $data = array('password' => '', 'full_name' => $remote['firstname'] . ' ' . $remote['lastname'], 'external_id' => $remote['uid']); if (!empty($setup['customer_id_attribute'])) { $data['customer_id'] = $remote[$setup['customer_id_attribute']]; } if (!empty($setup['contact_id_attribute'])) { $data['contact_id'] = $remote[$setup['contact_id_attribute']]; } // if local user found, update it and return usr id if ($usr_id) { // do not reset user password, it maybe be set locally before this unset($data['password']); // perspective what is main address and what is alias may be different in CAS and in eventum $emails = array($remote['mail']); $email = User::getEmail($usr_id); if (($key = array_search($email, $emails)) !== false) { unset($emails[$key]); $data['email'] = $email; } else { if (count($emails) < 1) { throw new AuthException('E-mail is required'); } // just use first email $data['email'] = array_shift($emails); } // do not clear full name if for some reason it is empty if (empty($data['full_name'])) { unset($data['full_name']); } $update = User::update($usr_id, $data, false); if ($update > 0) { $this->updateAliases($usr_id, $emails); } return $usr_id; } else { // create new local user $setup = self::loadSetup(); if ($setup['create_users'] == false) { throw new AuthException('User does not exist and will not be created.'); } $data['role'] = $setup['default_role']; $emails = array($remote['mail']); if (count($emails) < 1) { throw new AuthException('E-mail is required'); } $data['email'] = array_shift($emails); if (!empty($data['customer_id']) && !empty($data['contact_id'])) { foreach ($data['role'] as $prj_id => $role) { if ($role > 0) { $data['role'][$prj_id] = User::ROLE_CUSTOMER; } } } $usr_id = User::insert($data); if ($usr_id > 0 && $emails) { $this->updateAliases($usr_id, $emails); } } return $usr_id; }
// +----------------------------------------------------------------------+ // | Authors: João Prado Maia <*****@*****.**> | // +----------------------------------------------------------------------+ // // @(#) $Id: s.forgot_password.php 1.8 03/12/12 19:09:43-00:00 jpradomaia $ // include_once "config.inc.php"; include_once APP_INC_PATH . "class.template.php"; include_once APP_INC_PATH . "class.user.php"; include_once APP_INC_PATH . "class.mail.php"; include_once APP_INC_PATH . "db_access.php"; $tpl = new Template_API(); $tpl->setTemplate("forgot_password.tpl.html"); if (@$HTTP_POST_VARS["cat"] == "reset_password") { if (empty($HTTP_POST_VARS["email"])) { $tpl->assign("result", 4); } $usr_id = User::getUserIDByEmail($HTTP_POST_VARS["email"]); if (empty($usr_id)) { $tpl->assign("result", 5); } else { $info = User::getDetails($usr_id); if (!User::isActiveStatus($info["usr_status"])) { $tpl->assign("result", 3); } else { User::sendPasswordConfirmationEmail($usr_id); $tpl->assign("result", 1); } } } $tpl->displayTemplate();
/** * Returns the status of the user associated with the given email address. * * @param string $email The email address * @return string The user status */ public static function getStatusByEmail($email) { static $returns; if (isset($returns[$email])) { return $returns[$email]; } $email = User::getEmail(User::getUserIDByEmail($email, true)); $stmt = 'SELECT usr_status FROM {{%user}} WHERE usr_email=?'; try { $res = DB_Helper::getInstance()->getOne($stmt, array($email)); } catch (DbException $e) { return ''; } $returns[$email] = $res; return $res; }
/** * Creates an issue with the given email information. * * @access public * @param integer $prj_id The project ID * @param integer $usr_id The user responsible for this action * @param string $sender The original sender of this email * @param string $summary The issue summary * @param string $description The issue description * @param integer $category The category ID * @param integer $priority The priority ID * @param array $assignment The list of users to assign this issue to * @param string $date The date the email was originally sent. * @param string $msg_id The message ID of the email we are creating this issue from. * @return void */ function createFromEmail($prj_id, $usr_id, $sender, $summary, $description, $category, $priority, $assignment, $date, $msg_id) { $exclude_list = array(); $sender_email = Mail_API::getEmailAddress($sender); $sender_usr_id = User::getUserIDByEmail($sender_email); if (!empty($sender_usr_id)) { $reporter = $sender_usr_id; $exclude_list[] = $sender_usr_id; } else { $reporter = APP_SYSTEM_USER_ID; } if (Customer::hasCustomerIntegration($prj_id)) { list($customer_id, $customer_contact_id) = Customer::getCustomerIDByEmails($prj_id, array($sender_email)); if (!empty($customer_id)) { $contact = Customer::getContactDetails($prj_id, $customer_contact_id); // overwrite the reporter with the customer contact $reporter = User::getUserIDByContactID($customer_contact_id); $contact_timezone = Date_API::getPreferredTimezone($reporter); } } else { $customer_id = FALSE; } $initial_status = Project::getInitialStatus($prj_id); // add new issue $stmt = "INSERT INTO\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue\n (\n iss_prj_id,\n"; if (!empty($category)) { $stmt .= "iss_prc_id,\n"; } $stmt .= "iss_pri_id,\n iss_usr_id,"; if (!empty($initial_status)) { $stmt .= "iss_sta_id,"; } if (!empty($customer_id)) { $stmt .= "\n iss_customer_id,\n iss_customer_contact_id,\n iss_contact_person_lname,\n iss_contact_person_fname,\n iss_contact_email,\n iss_contact_phone,\n iss_contact_timezone,"; } $stmt .= "\n iss_created_date,\n iss_last_public_action_date,\n iss_last_public_action_type,\n iss_summary,\n iss_description,\n iss_root_message_id\n ) VALUES (\n " . $prj_id . ",\n"; if (!empty($category)) { $stmt .= Misc::escapeInteger($category) . ",\n"; } $stmt .= Misc::escapeInteger($priority) . ",\n " . Misc::escapeInteger($reporter) . ","; if (!empty($initial_status)) { $stmt .= Misc::escapeInteger($initial_status) . ","; } if (!empty($customer_id)) { $stmt .= "\n " . Misc::escapeInteger($customer_id) . ",\n " . Misc::escapeInteger($customer_contact_id) . ",\n '" . Misc::escapeString($contact['last_name']) . "',\n '" . Misc::escapeString($contact['first_name']) . "',\n '" . Misc::escapeString($sender_email) . "',\n '" . Misc::escapeString($contact['phone']) . "',\n '" . Misc::escapeString($contact_timezone) . "',"; } $stmt .= "\n '" . Date_API::getCurrentDateGMT() . "',\n '" . Date_API::getCurrentDateGMT() . "',\n 'created',\n '" . Misc::escapeString($summary) . "',\n '" . Misc::escapeString($description) . "',\n '" . Misc::escapeString($msg_id) . "'\n )"; $res = $GLOBALS["db_api"]->dbh->query($stmt); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return -1; } else { $new_issue_id = $GLOBALS["db_api"]->get_last_insert_id(); $has_TAM = false; $has_RR = false; // log the creation of the issue History::add($new_issue_id, $usr_id, History::getTypeID('issue_opened'), 'Issue opened by ' . $sender); $emails = array(); $manager_usr_ids = array(); if (Customer::hasCustomerIntegration($prj_id) && !empty($customer_id)) { // if there are any technical account managers associated with this customer, add these users to the notification list $managers = Customer::getAccountManagers($prj_id, $customer_id); $manager_usr_ids = array_keys($managers); $manager_emails = array_values($managers); $emails = array_merge($emails, $manager_emails); } // add the reporter to the notification list $emails[] = $sender; $emails = array_unique($emails); // COMPAT: version >= 4.0.1 $actions = Notification::getDefaultActions(); foreach ($emails as $address) { Notification::subscribeEmail($reporter, $new_issue_id, $address, $actions); } // only assign the issue to an user if the associated customer has any technical account managers $users = array(); if (Customer::hasCustomerIntegration($prj_id) && count($manager_usr_ids) > 0) { foreach ($manager_usr_ids as $manager_usr_id) { $users[] = $manager_usr_id; Issue::addUserAssociation(APP_SYSTEM_USER_ID, $new_issue_id, $manager_usr_id, false); History::add($new_issue_id, $usr_id, History::getTypeID('issue_auto_assigned'), 'Issue auto-assigned to ' . User::getFullName($manager_usr_id) . ' (TAM)'); } $has_TAM = true; } // now add the user/issue association if (@count($assignment) > 0) { for ($i = 0; $i < count($assignment); $i++) { Notification::subscribeUser($reporter, $new_issue_id, $assignment[$i], $actions); Issue::addUserAssociation(APP_SYSTEM_USER_ID, $new_issue_id, $assignment[$i]); if ($assignment[$i] != $usr_id) { $users[] = $assignment[$i]; } } } else { // only use the round-robin feature if this new issue was not // already assigned to a customer account manager if (@count($manager_usr_ids) < 1) { $assignee = Round_Robin::getNextAssignee($prj_id); // assign the issue to the round robin person if (!empty($assignee)) { Issue::addUserAssociation(APP_SYSTEM_USER_ID, $new_issue_id, $assignee, false); History::add($new_issue_id, APP_SYSTEM_USER_ID, History::getTypeID('rr_issue_assigned'), 'Issue auto-assigned to ' . User::getFullName($assignee) . ' (RR)'); $users[] = $assignee; $has_RR = true; } } } if (count($users) > 0) { $has_assignee = true; } // send special 'an issue was auto-created for you' notification back to the sender Notification::notifyAutoCreatedIssue($prj_id, $new_issue_id, $sender, $date, $summary); // also notify any users that want to receive emails anytime a new issue is created Notification::notifyNewIssue($prj_id, $new_issue_id, $exclude_list); Workflow::handleNewIssue($prj_id, $new_issue_id, $has_TAM, $has_RR); return $new_issue_id; } }
/** * @param int $issue_id * @param int $project_id * @param string $new_replier * @return string * @access protected */ public function addAuthorizedReplier($issue_id, $project_id, $new_replier) { $usr_id = Auth::getUserID(); $replier_usr_id = User::getUserIDByEmail($new_replier); // if this is an actual user, not just an email address check permissions if (!empty($replier_usr_id)) { // check if the assignee is even allowed to be in the given project $projects = Project::getRemoteAssocListByUser($replier_usr_id); if (!in_array($project_id, array_keys($projects))) { throw new RemoteApiException("The given user is not permitted in the project associated with issue #{$issue_id}"); } } // check if user is already authorized if (Authorized_Replier::isAuthorizedReplier($issue_id, $new_replier)) { throw new RemoteApiException("The given user is already an authorized replier on issue #{$issue_id}"); } $res = Authorized_Replier::remoteAddAuthorizedReplier($issue_id, $usr_id, $new_replier); if ($res == -1) { throw new RemoteApiException("Could not add '{$new_replier}' as an authorized replier to issue #{$issue_id}"); } return 'OK'; }
/** * Check if this email needs to be blocked and if so, block it. * * */ function blockEmailIfNeeded($email) { global $HTTP_POST_VARS; if (empty($email['issue_id'])) { return false; } $issue_id = $email['issue_id']; $prj_id = Issue::getProjectID($issue_id); $sender_email = strtolower(Mail_API::getEmailAddress($email['headers']['from'])); if (Mail_API::isVacationAutoResponder($email['headers']) || Notification::isBounceMessage($sender_email) || !Support::isAllowedToEmail($issue_id, $sender_email)) { // add the message body as a note $HTTP_POST_VARS = array('blocked_msg' => $email['full_email'], 'title' => @$email['headers']['subject'], 'note' => Mail_API::getCannedBlockedMsgExplanation($issue_id) . $email['body']); // avoid having this type of message re-open the issue if (Mail_API::isVacationAutoResponder($email['headers'])) { $closing = true; } else { $closing = false; } $res = Note::insert(Auth::getUserID(), $issue_id, $email['headers']['from'], false, $closing); // associate the email attachments as internal-only files on this issue if ($res != -1) { Support::extractAttachments($issue_id, $email['full_email'], true, $res); } $HTTP_POST_VARS['issue_id'] = $issue_id; $HTTP_POST_VARS['from'] = $sender_email; // avoid having this type of message re-open the issue if (Mail_API::isVacationAutoResponder($email['headers'])) { $email_type = 'vacation-autoresponder'; } else { $email_type = 'routed'; } Workflow::handleBlockedEmail($prj_id, $issue_id, $HTTP_POST_VARS, $email_type); // try to get usr_id of sender, if not, use system account $usr_id = User::getUserIDByEmail(Mail_API::getEmailAddress($email['from'])); if (!$usr_id) { $usr_id = APP_SYSTEM_USER_ID; } // log blocked email History::add($issue_id, $usr_id, History::getTypeID('email_blocked'), "Email from '" . $email['from'] . "' blocked."); return true; } return false; }
$prj_id = Issue::getProjectID($HTTP_GET_VARS['issue']); if (Customer::hasCustomerIntegration($prj_id)) { // check if the selected emails all have sender email addresses that are associated with the issue' customer $senders = Support::getSender($HTTP_GET_VARS['item']); $sender_emails = array(); for ($i = 0; $i < count($senders); $i++) { $email = Mail_API::getEmailAddress($senders[$i]); $sender_emails[$email] = $senders[$i]; } $customer_id = Issue::getCustomerID($HTTP_GET_VARS['issue']); if (!empty($customer_id)) { $contact_emails = array_keys(Customer::getContactEmailAssocList($prj_id, $customer_id)); $unknown_contacts = array(); foreach ($sender_emails as $email => $address) { if (!@in_array($email, $contact_emails)) { $usr_id = User::getUserIDByEmail($email); if (empty($usr_id)) { $unknown_contacts[] = $address; } else { // if we got a real user ID, check if the customer user is the correct one // (i.e. a contact from the customer associated with the selected issue) if (User::getRoleByUser($usr_id, $prj_id) == User::getRoleID('Customer')) { // also check if the associated customer ID, if any, matches the one in the issue $user_customer_id = User::getCustomerID($usr_id); if ($user_customer_id != $customer_id) { $unknown_contacts[] = $address; } } } } }
public function clockUser(&$irc, &$data) { if (!$this->_isAuthenticated($irc, $data)) { return; } $email = $this->_getEmailByNickname($data->nick); $pieces = explode(' ', $data->message); if (count($pieces) == 2 && $pieces[1] != 'in' && $pieces[1] != 'out') { $this->sendResponse($irc, $data->nick, 'Error: wrong parameter count for "CLOCK" command. Format is "!clock [in|out]".'); return; } if (@$pieces[1] == 'in') { $res = User::clockIn(User::getUserIDByEmail($email)); } elseif (@$pieces[1] == 'out') { $res = User::clockOut(User::getUserIDByEmail($email)); } else { if (User::isClockedIn(User::getUserIDByEmail($email))) { $msg = 'clocked in'; } else { $msg = 'clocked out'; } $this->sendResponse($irc, $data->nick, "You are currently {$msg}."); return; } if ($res == 1) { $this->sendResponse($irc, $data->nick, 'Thank you, you are now clocked ' . $pieces[1] . '.'); } else { $this->sendResponse($irc, $data->nick, 'Error clocking ' . $pieces[1] . '.'); } }
/** * Returns if the specified user is authorized to reply to this issue. * * @param integer $issue_id The id of the issue. * @param string $email The email address to check. * @return boolean If the specified user is allowed to reply to the issue. */ public static function isAuthorizedReplier($issue_id, $email) { // XXX: Add caching $email = strtolower(Mail_Helper::getEmailAddress($email)); // first check if this is an actual user or just an email address $usr_id = User::getUserIDByEmail($email, true); if (!empty($usr_id)) { // real user, get id $is_usr_authorized = self::isUserAuthorizedReplier($issue_id, $usr_id); if ($is_usr_authorized) { return true; } // if user is not authorized by user ID, continue to check by email in case the user account was added // after the email address was added to authorized repliers list. } // not a real user $stmt = 'SELECT COUNT(*) AS total FROM {{%issue_user_replier}} WHERE iur_iss_id=? AND iur_email=?'; try { $res = DB_Helper::getInstance()->getOne($stmt, array($issue_id, $email)); } catch (DbException $e) { return false; } if ($res > 0) { return true; } else { return false; } }
function timeClock($p) { $email = XML_RPC_decode($p->getParam(0)); $password = XML_RPC_decode($p->getParam(1)); $auth = authenticate($email, $password); if (is_object($auth)) { return $auth; } $action = XML_RPC_decode($p->getParam(2)); if ($action == "in") { $res = User::clockIn(User::getUserIDByEmail($email)); } elseif ($action == "out") { $res = User::clockOut(User::getUserIDByEmail($email)); } else { if (User::isClockedIn(User::getUserIDByEmail($email))) { $msg = "is clocked in"; } else { $msg = "is clocked out"; } return new XML_RPC_Response(XML_RPC_Encode("{$email} " . $msg . ".\n")); } if ($res == 1) { return new XML_RPC_Response(XML_RPC_Encode("{$email} successfully clocked " . $action . ".\n")); } else { return new XML_RPC_Response(0, $XML_RPC_erruser + 1, "Error clocking " . $action . ".\n"); } }