Exemple #1
0
    /**

     * Update User

     *

     * @param string $userUid       Unique id of User

     * @param array  $arrayData     Data

     * @param string $userUidLogged Unique id of User logged

     *

     * return array Return data of the User updated

     */

    public function update($userUid, array $arrayData, $userUidLogged)

    {

        try {

            \G::LoadSystem("rbac");



            //Verify data

            $process = new \ProcessMaker\BusinessModel\Process();

            $validator = new \ProcessMaker\BusinessModel\Validator();



            $validator->throwExceptionIfDataIsNotArray($arrayData, "\$arrayData");

            $validator->throwExceptionIfDataIsEmpty($arrayData, "\$arrayData");



            //Set data

            $arrayData = array_change_key_case($arrayData, CASE_UPPER);

            $arrayDataBackup = $arrayData;



            //Verify data

            $this->throwExceptionIfNotExistsUser($userUid, $this->arrayFieldNameForException["usrUid"]);



            $this->throwExceptionIfDataIsInvalid($userUid, $arrayData);



            //Permission Admin

            $countPermission = 0;



            $permission = $this->loadUserRolePermission("PROCESSMAKER", $userUidLogged);



            foreach ($permission as $key => $value) {

                if ($value["PER_CODE"] == "PM_USERS") {

                    $countPermission = $countPermission + 1;

                }

            }



            if ($countPermission != 1) {

                throw new \Exception(\G::LoadTranslation("ID_USER_CAN_NOT_UPDATE", array($userUidLogged)));

            }



            //Update

            $cnn = \Propel::getConnection("workflow");



            try {

                $rbac = new \RBAC();

                $user = new \Users();



                $rbac->initRBAC();



                if (isset($arrayData["USR_NEW_PASS"])) {

                    $arrayData["USR_PASSWORD"] = \Bootstrap::hashPassword($arrayData["USR_NEW_PASS"]);

                }



                $arrayData["USR_UID"]              = $userUid;

                $arrayData["USR_LOGGED_NEXT_TIME"] = (isset($arrayData["USR_LOGGED_NEXT_TIME"]))? $arrayData["USR_LOGGED_NEXT_TIME"] : 0;

                $arrayData["USR_UPDATE_DATE"]      = date("Y-m-d H:i:s");



                $flagUserLoggedNextTime = false;



                if (isset($arrayData["USR_PASSWORD"])) {

                    if ($arrayData["USR_PASSWORD"] != "") {

                        //require_once 'classes/model/UsersProperties.php';



                        $userProperty = new \UsersProperties();

                        $aUserProperty = $userProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array(\Bootstrap::hashPassword($arrayData["USR_PASSWORD"])))));



                        $memKey = "rbacSession" . session_id();

                        $memcache = & \PMmemcached::getSingleton(defined("SYS_SYS")? SYS_SYS : "");



                        if (($rbac->aUserInfo = $memcache->get($memKey)) == false) {

                            $rbac->loadUserRolePermission("PROCESSMAKER", $userUidLogged);

                            $memcache->set($memKey, $rbac->aUserInfo, \PMmemcached::EIGHT_HOURS);

                        }



                        if ($rbac->aUserInfo["PROCESSMAKER"]["ROLE"]["ROL_CODE"] == "PROCESSMAKER_ADMIN") {

                            $aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s");

                            $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];

                            $userProperty->update($aUserProperty);

                        }



                        $aHistory = unserialize($aUserProperty["USR_PASSWORD_HISTORY"]);



                        if (!is_array($aHistory)) {

                            $aHistory = array();

                        }



                        if (!defined("PPP_PASSWORD_HISTORY")) {

                            define("PPP_PASSWORD_HISTORY", 0);

                        }



                        if (PPP_PASSWORD_HISTORY > 0) {

                            //it's looking a password igual into aHistory array that was send for post in md5 way

                            $c = 0;

                            $sw = 1;



                            while (count($aHistory) >= 1 && count($aHistory) > $c && $sw) {

                                if (strcmp(trim($aHistory[$c]), trim($arrayData['USR_PASSWORD'])) == 0) {

                                    $sw = 0;

                                }



                                $c++;

                            }



                            if ($sw == 0) {

                                $sDescription = G::LoadTranslation("ID_POLICY_ALERT") . ":\n\n";

                                $sDescription = $sDescription . " - " . G::LoadTranslation("PASSWORD_HISTORY") . ": " . PPP_PASSWORD_HISTORY . "\n";

                                $sDescription = $sDescription . "\n" . G::LoadTranslation("ID_PLEASE_CHANGE_PASSWORD_POLICY") . "";



                                throw new \Exception($this->arrayFieldNameForException["usrNewPass"] . ": " . $sDescription);

                            }



                            if (count($aHistory) >= PPP_PASSWORD_HISTORY) {

                                $sLastPassw = array_shift($aHistory);

                            }



                            $aHistory[] = $arrayData["USR_PASSWORD"];

                        }



                        $aUserProperty["USR_LAST_UPDATE_DATE"] = date("Y-m-d H:i:s");

                        $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];

                        $aUserProperty["USR_PASSWORD_HISTORY"] = serialize($aHistory);

                        $userProperty->update($aUserProperty);

                    } else {

                        $flagUserLoggedNextTime = true;

                    }

                } else {

                    $flagUserLoggedNextTime = true;

                }



                if ($flagUserLoggedNextTime) {

                    //require_once "classes/model/Users.php";

                    $oUser = new \Users();

                    $aUser = $oUser->load($userUid);

                    //require_once "classes/model/UsersProperties.php";

                    $oUserProperty = new \UsersProperties();

                    $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($userUid, array("USR_PASSWORD_HISTORY" => serialize(array($aUser["USR_PASSWORD"]))));

                    $aUserProperty["USR_LOGGED_NEXT_TIME"] = $arrayData["USR_LOGGED_NEXT_TIME"];

                    $oUserProperty->update($aUserProperty);

                }



                //Update in rbac

                if (isset($arrayData["USR_ROLE"])) {

                    $rbac->updateUser($arrayData, $arrayData["USR_ROLE"]);

                } else {

                    $rbac->updateUser($arrayData);

                }



                //Update in workflow

                $result = $user->update($arrayData);



                //Save Calendar assigment

                if (isset($arrayData["USR_CALENDAR"])) {

                    //Save Calendar ID for this user

                    \G::LoadClass("calendar");



                    $calendar = new \Calendar();

                    $calendar->assignCalendarTo($userUid, $arrayData["USR_CALENDAR"], "USER");

                }



                //Return

                $arrayData = $arrayDataBackup;



                if (!$this->formatFieldNameInUppercase) {

                    $arrayData = array_change_key_case($arrayData, CASE_LOWER);

                }



                return $arrayData;

            } catch (\Exception $e) {

                $cnn->rollback();



                throw $e;

            }

        } catch (\Exception $e) {

            throw $e;

        }

    }
Exemple #2
0
 if (isset($form['USR_PASSWORD'])) {
     if ($form['USR_PASSWORD'] != '') {
         $aData['USR_PASSWORD'] = $form['USR_PASSWORD'];
         require_once 'classes/model/UsersProperties.php';
         $oUserProperty = new UsersProperties();
         $aUserProperty = $oUserProperty->loadOrCreateIfNotExists($form['USR_UID'], array('USR_PASSWORD_HISTORY' => serialize(array(md5($form['USR_PASSWORD'])))));
         $memKey = 'rbacSession' . session_id();
         $memcache =& PMmemcached::getSingleton(defined('SYS_SYS') ? SYS_SYS : '');
         if (($RBAC->aUserInfo = $memcache->get($memKey)) === false) {
             $RBAC->loadUserRolePermission($RBAC->sSystem, $_SESSION['USER_LOGGED']);
             $memcache->set($memKey, $RBAC->aUserInfo, PMmemcached::EIGHT_HOURS);
         }
         if ($RBAC->aUserInfo['PROCESSMAKER']['ROLE']['ROL_CODE'] == 'PROCESSMAKER_ADMIN') {
             $aUserProperty['USR_LAST_UPDATE_DATE'] = date('Y-m-d H:i:s');
             $aUserProperty['USR_LOGGED_NEXT_TIME'] = 1;
             $oUserProperty->update($aUserProperty);
         }
         $aErrors = $oUserProperty->validatePassword($form['USR_NEW_PASS'], $aUserProperty['USR_LAST_UPDATE_DATE'], 0);
         if (count($aErrors) > 0) {
             $sDescription = G::LoadTranslation('ID_POLICY_ALERT') . ':,';
             foreach ($aErrors as $sError) {
                 switch ($sError) {
                     case 'ID_PPP_MINIMUN_LENGTH':
                         $sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MINIMUN_LENGTH . ',';
                         break;
                     case 'ID_PPP_MAXIMUN_LENGTH':
                         $sDescription .= ' - ' . G::LoadTranslation($sError) . ': ' . PPP_MAXIMUN_LENGTH . ',';
                         break;
                     case 'ID_PPP_EXPIRATION_IN':
                         $sDescription .= ' - ' . G::LoadTranslation($sError) . ' ' . PPP_EXPIRATION_IN . ' ' . G::LoadTranslation('ID_DAYS') . ',';
                         break;
 public function setHashPassword($object)
 {
     $type = array('md5', 'sha256');
     if (!in_array($object->hash, $type)) {
         throw new Exception('Type: ' . $object->hash . ' No valid.');
         return false;
     }
     G::LoadClass("configuration");
     $config = new Configurations();
     $typeEncrypt = $config->getConfiguration('ENTERPRISE_SETTING_ENCRYPT', '');
     if ($typeEncrypt == null) {
         $typeEncrypt = array('current' => $object->hash, 'previous' => 'md5');
     } else {
         $typeEncrypt['previous'] = $typeEncrypt['current'];
         $typeEncrypt['current'] = $object->hash;
     }
     if ($object->hash != $typeEncrypt['previous']) {
         $config->aConfig = $typeEncrypt;
         $config->saveConfig('ENTERPRISE_SETTING_ENCRYPT', '');
     }
     require_once 'classes/model/RbacUsersPeer.php';
     require_once 'classes/model/UsersProperties.php';
     $userProperty = new UsersProperties();
     $criteria = new Criteria($object->workspace->dbInfo['DB_RBAC_NAME']);
     $criteria->add(RbacUsersPeer::USR_STATUS, 0, Criteria::NOT_EQUAL);
     $dataset = RbacUsersPeer::doSelectRS($criteria);
     $dataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
     while ($dataset->next()) {
         $row = $dataset->getRow();
         $property = $userProperty->loadOrCreateIfNotExists($row['USR_UID'], array());
         $property['USR_LOGGED_NEXT_TIME'] = 1;
         $userProperty->update($property);
     }
 }