/** * Update User * * @param string $userUid Unique id of User * @param array $arrayData Data * @param string $userUidLogged Unique id of User logged * * return array Return data of the User updated */ public function update($userUid, array $arrayData, $userUidLogged) { try { \G::LoadSystem("rbac"); //Verify data $process = new \ProcessMaker\BusinessModel\Process(); $validator = new \ProcessMaker\BusinessModel\Validator(); $validator->throwExceptionIfDataIsNotArray($arrayData, "\$arrayData"); $validator->throwExceptionIfDataIsEmpty($arrayData, "\$arrayData"); //Set data $arrayData = array_change_key_case($arrayData, CASE_UPPER); $arrayDataBackup = $arrayData; //Verify data $this->throwExceptionIfNotExistsUser($userUid, $this->arrayFieldNameForException["usrUid"]); $this->throwExceptionIfDataIsInvalid($userUid, $arrayData); //Permission Admin $countPermission = 0; $permission = $this->loadUserRolePermission("PROCESSMAKER", $userUidLogged); foreach ($permission as $key => $value) { if ($value["PER_CODE"] == "PM_USERS") { $countPermission = $countPermission + 1; } } if ($countPermission != 1) { throw new \Exception(\G::LoadTranslation("ID_USER_CAN_NOT_UPDATE", array($userUidLogged))); } //Update $cnn = \Propel::getConnection("workflow"); try { $rbac = new \RBAC(); $user = new \Users(); $rbac->initRBAC(); if (isset($arrayData["USR_NEW_PASS"])) { $arrayData["USR_PASSWORD"] = \Bootstrap::hashPassword($arrayData["USR_NEW_PASS"]); } $arrayData["USR_UID"] = $userUid; $arrayData["USR_LOGGED_NEXT_TIME"] = (isset($arrayData["USR_LOGGED_NEXT_TIME"]))? $arrayData["USR_LOGGED_NEXT_TIME"] : 0; $arrayData["USR_UPDATE_DATE"] = date("Y-m-d H:i:s"); $flagUserLoggedNextTime = false; if (isset($arrayData["USR_PASSWORD"])) { if ($arrayData["USR_PASSWORD"] != "") { //require_once 'classes/model/UsersProperties.php'; $userProperty = new \UsersProperties(); $aUserProperty = $userProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array(\Bootstrap::hashPassword($arrayData["USR_PASSWORD"]))))); $memKey = "rbacSession" . session_id(); $memcache = & \PMmemcached::getSingleton(defined("SYS_SYS")? SYS_SYS : ""); if (($rbac->aUserInfo = $memcache->get($memKey)) == false) { $rbac->loadUserRolePermission("PROCESSMAKER", $userUidLogged); $memcache->set($memKey, $rbac->aUserInfo, \PMmemcached::EIGHT_HOURS); } if ($rbac->aUserInfo["PROCESSMAKER"]["ROLE"]["ROL_CODE"] == "PROCESSMAKER_ADMIN") { $aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s"); $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"]; $userProperty->update($aUserProperty); } $aHistory = unserialize($aUserProperty["USR_PASSWORD_HISTORY"]); if (!is_array($aHistory)) { $aHistory = array(); } if (!defined("PPP_PASSWORD_HISTORY")) { define("PPP_PASSWORD_HISTORY", 0); } if (PPP_PASSWORD_HISTORY > 0) { //it's looking a password igual into aHistory array that was send for post in md5 way $c = 0; $sw = 1; while (count($aHistory) >= 1 && count($aHistory) > $c && $sw) { if (strcmp(trim($aHistory[$c]), trim($arrayData['USR_PASSWORD'])) == 0) { $sw = 0; } $c++; } if ($sw == 0) { $sDescription = G::LoadTranslation("ID_POLICY_ALERT") . ":\n\n"; $sDescription = $sDescription . " - " . G::LoadTranslation("PASSWORD_HISTORY") . ": " . PPP_PASSWORD_HISTORY . "\n"; $sDescription = $sDescription . "\n" . G::LoadTranslation("ID_PLEASE_CHANGE_PASSWORD_POLICY") . ""; throw new \Exception($this->arrayFieldNameForException["usrNewPass"] . ": " . $sDescription); } if (count($aHistory) >= PPP_PASSWORD_HISTORY) { $sLastPassw = array_shift($aHistory); } $aHistory[] = $arrayData["USR_PASSWORD"]; } $aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s"); $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"]; $aUserProperty["USR_PASSWORD_HISTORY"] = serialize($aHistory); $userProperty->update($aUserProperty); } else { $flagUserLoggedNextTime = true; } } else { $flagUserLoggedNextTime = true; } if ($flagUserLoggedNextTime) { //require_once "classes/model/Users.php"; $oUser = new \Users(); $aUser = $oUser->load($userUid); //require_once "classes/model/UsersProperties.php"; $oUserProperty = new \UsersProperties(); $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array($aUser["USR_PASSWORD"])))); $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"]; $oUserProperty->update($aUserProperty); } //Update in rbac if (isset($arrayData["USR_ROLE"])) { $rbac->updateUser($arrayData, $arrayData["USR_ROLE"]); } else { $rbac->updateUser($arrayData); } //Update in workflow $result = $user->update($arrayData); //Save Calendar assigment if (isset($arrayData["USR_CALENDAR"])) { //Save Calendar ID for this user \G::LoadClass("calendar"); $calendar = new \Calendar(); $calendar->assignCalendarTo($userUid, $arrayData["USR_CALENDAR"], "USER"); } //Return $arrayData = $arrayDataBackup; if (!$this->formatFieldNameInUppercase) { $arrayData = array_change_key_case($arrayData, CASE_LOWER); } return $arrayData; } catch (\Exception $e) { $cnn->rollback(); throw $e; } } catch (\Exception $e) { throw $e; } }
if (isset($form['USR_PASSWORD'])) { if ($form['USR_PASSWORD'] != '') { $aData['USR_PASSWORD'] = $form['USR_PASSWORD']; require_once 'classes/model/UsersProperties.php'; $oUserProperty = new UsersProperties(); $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($form['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($form['USR_PASSWORD']))))); $memKey = 'rbacSession' . session_id(); $memcache =& PMmemcached::getSingleton(defined('SYS_SYS') ? SYS_SYS : ''); if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) { $RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']); $memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS); } if ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE'] == 'PROCESSMAKER_ADMIN') { $aUserProperty['USR_LAST_UPDATE_DATE'] = date('Y-m-d H:i:s'); $aUserProperty['USR_LOGGED_NEXT_TIME'] = 1; $oUserProperty->update($aUserProperty); } $aErrors = $oUserProperty->validatePassword($form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0); if (count($aErrors) > 0) { $sDescription = G::LoadTranslation('ID_POLICY_ALERT') . ':,'; foreach ($aErrors as $sError) { switch ($sError) { case 'ID_PPP_MINIMUN_LENGTH': $sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUN_LENGTH . ','; break; case 'ID_PPP_MAXIMUN_LENGTH': $sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUN_LENGTH . ','; break; case 'ID_PPP_EXPIRATION_IN': $sDescription .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . ','; break;
public function setHashPassword($object) { $type = array('md5', 'sha256'); if (!in_array($object->hash, $type)) { throw new Exception('Type: ' . $object->hash . ' No valid.'); return false; } G::LoadClass("configuration"); $config = new Configurations(); $typeEncrypt = $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', ''); if ($typeEncrypt == null) { $typeEncrypt = array('current' => $object->hash, 'previous' => 'md5'); } else { $typeEncrypt['previous'] = $typeEncrypt['current']; $typeEncrypt['current'] = $object->hash; } if ($object->hash != $typeEncrypt['previous']) { $config->aConfig = $typeEncrypt; $config->saveConfig('ENTERPRISE_SETTING_ENCRYPT', ''); } require_once 'classes/model/RbacUsersPeer.php'; require_once 'classes/model/UsersProperties.php'; $userProperty = new UsersProperties(); $criteria = new Criteria($object->workspace->dbInfo['DB_RBAC_NAME']); $criteria->add(RbacUsersPeer::USR_STATUS, 0, Criteria::NOT_EQUAL); $dataset = RbacUsersPeer::doSelectRS($criteria); $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC); while ($dataset->next()) { $row = $dataset->getRow(); $property = $userProperty->loadOrCreateIfNotExists($row['USR_UID'], array()); $property['USR_LOGGED_NEXT_TIME'] = 1; $userProperty->update($property); } }