/**
* Register billing account
*
* <b>Request Type</b>: POST<br/><br/>
* <b>Request Endpoint</b>:http://{server-domain}/site/register<br/><br/>
* <b>Content-type</b>: application/json<br/><br/>
* <b>Summary</b>: This api is used for registering user.
* <br/><br/>
*
* <b>Request Params</b>:<br/>
* name: string, the user name<br/>
* email: string, the user email<br/>
* password: string, the user password<br/>
* <br/><br/>
*
* <b>Response Params:</b><br/>
* ack: integer, mark the create result, 1 means create successfully, 0 means create fail<br/>
* message: string, if create fail, it contains the error message<br/>
* data: array, json array to describe all users detail information<br/>
* <br/><br/>
*
* <b>Request Example:</b><br/>
* <pre>
* {
* "name" : "harrysun",
* "email" : "*****@*****.**",
* "password" : "abc123_"
* }
* </pre>
* <br/><br/>
*
* <b>Response Example</b>:<br/>
* <pre>
* {
* 'ack' : 1,
* 'message': ''
* }
* </pre>
*/
public function actionRegister()
{
$data = $this->getParams();
$account = new Account();
$account->save();
$user = new User();
$user->name = $data['name'];
$user->email = $data['email'];
$user->salt = StringUtil::rndString(6);
$user->password = User::encryptPassword($data['password'], $user->salt);
$user->accountId = $account->_id;
$user->role = User::ROLE_ADMIN;
$user->isActivated = User::NOT_ACTIVATED;
$user->avatar = Yii::$app->params['defaultAvatar'];
$user->language = 'zh_cn';
if ($user->validate()) {
// all inputs are valid
if ($user->save()) {
$validation = new Validation();
$validation->userId = $user->_id;
$validation->code = StringUtil::uuid();
$validation->expire = new \MongoDate(strtotime('+1 day'));
if ($validation->save()) {
$mail = Yii::$app->mail;
$host = Yii::$app->request->hostInfo;
$vars = ['name' => $user->name, 'link' => $host . '/api/old-site/activate?code=' . $validation->code, 'host' => $host];
$mail->setView('//mail/register', $vars, '//layouts/email');
$mail->sendMail($user->email, '欢迎注册WeMarketing');
return ["ack" => 1, "message" => 'Register success.'];
} else {
return ["ack" => 0, "message" => 'Validation save fail.'];
}
} else {
return ["ack" => 0, "message" => 'Register user fail.'];
}
} else {
// validation failed: $errors is an array containing error messages
$errors = $user->errors;
//revert the accout data
Account::deleteAll(['_id' => $account->_id]);
return ["ack" => 0, "message" => $errors];
}
}
/**
* Create a new user
*
* <b>Request Type</b>: PUT<br/><br/>
* <b>Request Endpoint</b>:http://{server-domain}/management/user<br/><br/>
* <b>Content-type</b>: application/json<br/><br/>
* <b>Summary</b>: This api is used for billing account to update password.
* <br/><br/>
*
* <b>Request Params</b>:<br/>
* id: int, the user id, required<br/>
* currentPwd: string, the user currentPwd, required<br/>
* newPwd: string, the user newPwd, required<br/>
* newPwdC: string, the user newPwdC, required<br/>
* <br/><br/>
*
* <b>Response Params:</b><br/>
* ack: integer, mark the update result, 0 means update successfully, 1 means update fail<br/>
* data: array, json array to describe the user updated<br/>
* <br/><br/>
*
* <b>Request Example:</b><br/>
* <pre>
* {
* "id" : "547eaf82e9c2fb52478b4567,
* "currentPwd" : "6c302344ab2117ee4ce52b7d8952c689",
* "newPwd" : "6c302344ab2117ee4ce52b7d8952c689",
* "newPwdC" : "6c302344ab2117ee4ce52b7d8952c689"
* }
* </pre>
* <br/><br/>
*
* <b>Response Example</b>:<br/>
* <pre>
* {
* 'ack' : 1,
* 'data': {"msg": "success", "user": {password:"******"}}
* }
* </pre>
*/
public function actionUpdatepassword()
{
$params = $this->getParams();
if (empty($params['id']) || empty($params['currentPwd']) || empty($params['newPwd']) || empty($params['newPwdC'])) {
throw new BadRequestHttpException(Yii::t('common', 'parameters_missing'));
}
// validate if the userid is correct
$user = User::findOne(['_id' => new \MongoId($params['id'])]);
if (empty($user)) {
throw new BadRequestHttpException(Yii::t('common', 'incorrect_userid'));
}
// validate if the current password is correct
if (!$user->validatePassword($params['currentPwd'])) {
throw new InvalidParameterException(['formTip_currentPwd' => Yii::t('management', 'management_user_currentpwd_error')]);
} else {
if ($params['currentPwd'] === $params['newPwd']) {
throw new InvalidParameterException(['formTip_newPwd' => Yii::t('management', 'mamagement_user_newpwd_error')]);
}
}
// check if the two passwords match
if ($params['newPwd'] !== $params['newPwdC']) {
throw new BadRequestHttpException(Yii::t('management', 'management_user_twopwd_error'));
}
// update the user information
$user->password = User::encryptPassword($params['newPwd'], $user->salt);
if (!$user->save()) {
throw new ServerErrorHttpException(Yii::t('management', 'management_user_updatepwd_fail'));
}
return ['result' => 'success'];
}
/**
* create a user by email(generate-by-email)
*/
public function actionGenerateByEmail($email)
{
$email = mb_strtolower($email);
$user = User::getByEmail($email);
if (!empty($user)) {
echo 'email is used' . PHP_EOL;
return;
}
$name = Yii::$app->params['defaultName'];
$accountId = Account::create('', '', $name);
$attributes = ['status' => Account::STATUS_ACTIVATED, 'availableExtMods' => Yii::$app->params['extMods'], 'serviceStartAt' => new \MongoDate()];
Account::updateAll($attributes, ['_id' => $accountId]);
$salt = StringUtil::rndString(6);
$password = User::encryptPassword(md5(Yii::$app->params['defaultPwd']), $salt);
$user = new User();
$user->email = $email;
$user->accountId = $accountId;
$user->name = $name;
$user->role = User::ROLE_ADMIN;
$user->isActivated = User::ACTIVATED;
$user->avatar = Yii::$app->params['defaultAvatar'];
$user->language = Yii::$app->params['defaultLanguage'];
$user->salt = $salt;
$user->password = $password;
if (!$user->save()) {
Account::deleteAll(['_id' => $accountId]);
SensitiveOperation::deleteAll(['accountId' => $accountId]);
MessageTemplate::deleteAll(['accountId' => $accountId]);
echo 'create account fail' . PHP_EOL;
} else {
echo 'create account successfully' . PHP_EOL;
}
}
/**
* Update user password
*
* <b>Request Type</b>: PUT<br/><br/>
* <b>Request Endpoint</b>:http://{server-domain}/common/user<br/><br/>
* <b>Content-type</b>: application/json<br/><br/>
* <b>Summary</b>: This api is used for billing account to update password.
* <br/><br/>
*
* <b>Request Params</b>:<br/>
* id: int, the user id, required<br/>
* currentPwd: string, the user currentPwd, required<br/>
* newPwd: string, the user newPwd, required<br/>
* newPwdC: string, the user newPwdC, required<br/>
* <br/><br/>
*
* <b>Response Params:</b><br/>
* ack: integer, mark the update result, 0 means update successfully, 1 means update fail<br/>
* data: array, json array to describe the user updated<br/>
* <br/><br/>
*
* <b>Request Example:</b><br/>
* <pre>
* {
* "id" : "547eaf82e9c2fb52478b4567,
* "currentPwd" : "6c302344ab2117ee4ce52b7d8952c689",
* "newPwd" : "6c302344ab2117ee4ce52b7d8952c689",
* "newPwdC" : "6c302344ab2117ee4ce52b7d8952c689"
* }
* </pre>
* <br/><br/>
*
* <b>Response Example</b>:<br/>
* <pre>
* {
* 'ack' : 1,
* 'data': {"msg": "success", "user": {password:"******"}}
* }
* </pre>
*/
public function actionUpdatepassword()
{
$params = $this->getParams();
if (empty($params['id'])) {
throw new BadRequestHttpException("Parameters missing");
}
// validate if the userid is correct
$user = User::findOne(['_id' => new \MongoId($params['id'])]);
if (empty($user)) {
throw new BadRequestHttpException("Incorrect userid");
}
if (empty($params['currentPwd']) || $params['currentPwd'] === md5('')) {
throw new InvalidParameterException(['old-password' => Yii::t('common', 'required_filed')]);
}
// validate if the current password is correct
if (!$user->validatePassword($params['currentPwd'])) {
throw new InvalidParameterException(['old-password' => Yii::t('common', 'common_user_currentpwd_error')]);
}
if (empty($params['newPwd']) || $params['newPwd'] === md5('')) {
throw new InvalidParameterException(['new-password' => Yii::t('common', 'required_filed')]);
}
if (empty($params['newPwdC']) || $params['newPwdC'] === md5('')) {
throw new InvalidParameterException(['confirm-password' => Yii::t('common', 'required_filed')]);
}
// check if the two passwords match
if ($params['newPwd'] !== $params['newPwdC']) {
throw new InvalidParameterException(['new-password' => Yii::t('common', 'common_user_currentpwd_error')]);
}
// check the new password is same as the current password
if ($params['currentPwd'] == $params['newPwd']) {
throw new InvalidParameterException(['new-password' => Yii::t('common', 'newpwd_equals_old_error')]);
}
// update the user information
$user->password = User::encryptPassword($params['newPwd'], $user->salt);
if (!$user->save()) {
throw new ServerErrorHttpException("Save user failed!");
}
return ['result' => 'success'];
}
public function actionResetpassword()
{
$code = $this->getParams('code');
$newPassword = $this->getParams('password');
$result = Validation::validateCode($code);
if ($result == Validation::LINK_INVALID) {
throw new BadRequestHttpException(Yii::t('common', 'link_invalid'));
} else {
if ($result == Validation::LINK_EXPIRED) {
throw new BadRequestHttpException(Yii::t('common', 'link_expired'));
}
}
$userId = $result;
$user = User::findByPk($userId);
if (empty($user)) {
throw new BadRequestHttpException(Yii::t('commmon', 'incorrect_userid'));
}
// update the user password
$user->password = User::encryptPassword($newPassword, $user->salt);
if (!$user->save()) {
throw new ServerErrorHttpException("Save user failed!");
}
Validation::deleteAll(['userId' => $userId]);
return ['status' => 'ok'];
}
