Exemple #1
0
 public static function beforeLogin($params, &$response)
 {
     $oldIgnoreAcl = \GO::setIgnoreAclPermissions(true);
     $ia = new Authenticator();
     if ($ia->setCredentials($params['username'], $params['password'])) {
         if ($ia->imapAuthenticate()) {
             if (!$ia->user) {
                 \GO::debug("IMAPAUTH: Group-Office user doesn't exist.");
                 if (!isset($params['first_name'])) {
                     $response['needCompleteProfile'] = true;
                     $response['success'] = false;
                     $response['feedback'] = \GO::t('pleaseCompleteProfile', 'imapauth');
                     return false;
                 } else {
                     //user doesn't exist. create it now
                     $user = new \GO\Base\Model\User();
                     $user->email = $ia->email;
                     $user->username = $ia->goUsername;
                     $user->password = $ia->imapPassword;
                     $user->first_name = $params['first_name'];
                     $user->middle_name = $params['middle_name'];
                     $user->last_name = $params['last_name'];
                     try {
                         if (!$user->save()) {
                             throw new \Exception("Could not save user: "******"\n", $user->getValidationErrors()));
                         }
                         if (!empty($ia->config['groups'])) {
                             $user->addToGroups($ia->config['groups']);
                         }
                         $ia->user = $user;
                         $user->checkDefaultModels();
                         //todo testen of deze regel nodig is om e-mail account aan te maken voor nieuwe gebruiker
                         $ia->createEmailAccount($user, $ia->config, $ia->imapUsername, $ia->imapPassword);
                     } catch (\Exception $e) {
                         \GO::debug('IMAPAUTH: Failed creating user ' . $ia->goUsername . ' and e-mail ' . $ia->email . 'Exception: ' . $e->getMessage(), E_USER_WARNING);
                     }
                 }
             }
         } else {
             $response['feedback'] = GO::t('badLogin') . ' (IMAP)';
             return false;
         }
     }
     \GO::setIgnoreAclPermissions($oldIgnoreAcl);
 }
Exemple #2
0
 /**
  * 
  * @param \GO\Base\Ldap\Record $user
  * @param type $password
  * @return \GO\Base\Model\User
  */
 public function syncUserWithLdapRecord(\GO\Base\Ldap\Record $record, $password = null)
 {
     //disable password validation because we can't control the external passwords
     \GO::config()->password_validate = false;
     $attr = $this->getUserAttributes($record);
     if (!empty($attr['exclude'])) {
         \GO::debug("LDAPAUTH: User is excluded from LDAP by mapping!");
         return false;
     }
     unset($attr['exclude']);
     try {
         $user = \GO\Base\Model\User::model()->findSingleByAttribute('username', $attr['username']);
         if ($user) {
             \GO::debug("LDAPAUTH: Group-Office user already exists.");
             if (isset($password) && !$user->checkPassword($password)) {
                 \GO::debug('LDAPAUTH: LDAP password has been changed. Updating Group-Office database');
                 $user->password = $password;
             }
             if (empty(\GO::config()->ldap_auth_dont_update_profiles)) {
                 //never update the e-mail address because the user
                 //can't change it to something invalid.
                 if ($this->validateUserEmail($record, $user->email)) {
                     unset($attr['email']);
                 }
                 $user->setAttributes($attr);
                 $user->cutAttributeLengths();
                 \GO::debug('LDAPAUTH: updating user profile');
                 \GO::debug($attr);
                 $this->_updateContact($user, $attr);
             } else {
                 \GO::debug('LDAPAUTH: Profile updating from LDAP is disabled');
             }
             if (!$user->save()) {
                 throw new \Exception("Could not save user: "******"\n", $user->getValidationErrors()));
             }
         } else {
             \GO::debug("LDAPAUTH: Group-Office user does not exist. Attempting to create it.");
             \GO::debug($attr);
             $user = new \GO\Base\Model\User();
             $user->setAttributes($attr);
             $user->cutAttributeLengths();
             $user->password = $password;
             if (!$user->save()) {
                 throw new \Exception("Could not save user: "******"\n", $user->getValidationErrors()));
             }
             if (!empty(\GO::config()->ldap_groups)) {
                 $user->addToGroups(explode(',', \GO::config()->ldap_groups));
             }
             $this->_updateContact($user, $attr);
             $user->checkDefaultModels();
         }
     } catch (\Exception $e) {
         \GO::debug('LDAPAUTH: Failed creating user ' . $attr['username'] . ' Exception: ' . $e->getMessage(), E_USER_WARNING);
         return false;
     }
     return $user;
 }