/**
* Send JSON response on successful login
* @param String $uid
*/
public static function postlogin_hook($uid)
{
if (!self::$_isPersona) {
return;
}
\OCP\Util::writeLog(App::APP_ID, 'Check ambigous ', \OCP\Util::DEBUG);
if (self::$_isAmbigous) {
//Reply with error and logout
\OCP\User::logout();
\OCP\JSON::error(array('msg' => 'More than one user found'));
exit;
} else {
\OCP\JSON::success(array('msg' => 'Access granted'));
exit;
}
}
/**
* Action after user's authentification : if he is on the rejected group, he is logout and redirect to main page
*
* @author Victor Bordage-Gorry <*****@*****.**>
* @copyright 2015 CNRS DSI / GLOBALIS media systems
*
*/
public function postLogin()
{
// Verify default group
$defaultGroup = $this->config->getSystemValue('deletion_account_request_default_exclusion_group');
if ($this->groupManager->get($defaultGroup)->searchUsers(\OCP\User::getUser())) {
\OCP\User::logout();
\OC_Util::redirectToDefaultPage();
exit;
}
// Verify configuration groups
$configGroups = $this->config->getSystemValue('deletion_account_request_exclusion_groups');
if (!empty($configGroups)) {
foreach ($configGroups as $groupKey => $groupValue) {
if ($this->groupManager->get($groupValue) && $this->groupManager->get($groupValue)->searchUsers(\OCP\User::getUser())) {
\OCP\User::logout();
\OC_Util::redirectToDefaultPage();
exit;
}
}
}
}
/**
* @brief Startup encryption backend upon user login
* @note This method should never be called for users using client side encryption
*/
public static function login($params)
{
if (\OCP\App::isEnabled('files_encryption') === false) {
return true;
}
$l = new \OC_L10N('files_encryption');
$view = new \OC_FilesystemView('/');
// ensure filesystem is loaded
if (!\OC\Files\Filesystem::$loaded) {
\OC_Util::setupFS($params['uid']);
}
$privateKey = \OCA\Encryption\Keymanager::getPrivateKey($view, $params['uid']);
// if no private key exists, check server configuration
if (!$privateKey) {
//check if all requirements are met
if (!Helper::checkRequirements() || !Helper::checkConfiguration()) {
$error_msg = $l->t("Missing requirements.");
$hint = $l->t('Please make sure that PHP 5.3.3 or newer is installed and that OpenSSL together with the PHP extension is enabled and configured properly. For now, the encryption app has been disabled.');
\OC_App::disable('files_encryption');
\OCP\Util::writeLog('Encryption library', $error_msg . ' ' . $hint, \OCP\Util::ERROR);
\OCP\Template::printErrorPage($error_msg, $hint);
}
}
$util = new Util($view, $params['uid']);
// setup user, if user not ready force relogin
if (Helper::setupUser($util, $params['password']) === false) {
return false;
}
$session = $util->initEncryption($params);
// Check if first-run file migration has already been performed
$ready = false;
$migrationStatus = $util->getMigrationStatus();
if ($migrationStatus === Util::MIGRATION_OPEN && $session !== false) {
$ready = $util->beginMigration();
} elseif ($migrationStatus === Util::MIGRATION_IN_PROGRESS) {
// refuse login as long as the initial encryption is running
sleep(5);
\OCP\User::logout();
return false;
}
// If migration not yet done
if ($ready) {
$userView = new \OC_FilesystemView('/' . $params['uid']);
// Set legacy encryption key if it exists, to support
// depreciated encryption system
if ($userView->file_exists('encryption.key') && ($encLegacyKey = $userView->file_get_contents('encryption.key'))) {
$plainLegacyKey = Crypt::legacyDecrypt($encLegacyKey, $params['password']);
$session->setLegacyKey($plainLegacyKey);
}
// Encrypt existing user files
try {
$result = $util->encryptAll('/' . $params['uid'] . '/' . 'files', $session->getLegacyKey(), $params['password']);
} catch (\Exception $ex) {
\OCP\Util::writeLog('Encryption library', 'Initial encryption failed! Error: ' . $ex->getMessage(), \OCP\Util::FATAL);
$util->resetMigrationStatus();
\OCP\User::logout();
$result = false;
}
if ($result) {
\OC_Log::write('Encryption library', 'Encryption of existing files belonging to "' . $params['uid'] . '" completed', \OC_Log::INFO);
// Register successful migration in DB
$util->finishMigration();
}
}
return true;
}
if (sizeof($users) !== 1) {
// User not found
header('HTTP/1.0 404 Not Found');
exit;
}
// Token found login as that user
\OC_User::setUserId(array_shift($users));
$forceUserLogout = true;
}
// check if the user has the right permissions.
\OCP\User::checkLoggedIn();
// rss is of content type text/xml
if (isset($_SERVER['HTTP_ACCEPT']) && stristr($_SERVER['HTTP_ACCEPT'], 'application/rss+xml')) {
header('Content-Type: application/rss+xml');
} else {
header('Content-Type: text/xml; charset=UTF-8');
}
// generate and show the rss feed
$l = \OCP\Util::getL10N('activity');
$data = new \OCA\Activity\Data(\OC::$server->getActivityManager());
$groupHelper = new \OCA\Activity\GroupHelper(\OC::$server->getActivityManager(), new \OCA\Activity\DataHelper(\OC::$server->getActivityManager(), new \OCA\Activity\ParameterHelper(new \OC\Files\View(''), \OC::$server->getConfig(), $l), $l), false);
$tmpl = new \OCP\Template('activity', 'rss');
$tmpl->assign('rssLang', \OC_Preferences::getValue(\OCP\User::getUser(), 'core', 'lang'));
$tmpl->assign('rssLink', \OC::$server->getURLGenerator()->getAbsoluteURL(\OC::$server->getURLGenerator()->linkToRoute('activity.rss')));
$tmpl->assign('rssPubDate', date('r'));
$tmpl->assign('user', \OCP\User::getUser());
$tmpl->assign('activities', $data->read($groupHelper, 0, 30, 'all'));
$tmpl->printPage();
if ($forceUserLogout) {
\OCP\User::logout();
}
/**
* @brief Loggs the user out including all the session data
* Logout, destroys session
*/
public function logout()
{
return \OCP\User::logout();
}
/**
* Adds the user to the reject group and send an email to the administrator to inform them of the request for deletion
*
* @author Victor Bordage-Gorry <*****@*****.**>
* @copyright 2015 CNRS DSI / GLOBALIS media systems
*
* @param string $requesterUid User's Uid
*/
public function mailDeleteAccount($requesterUid)
{
$reason = trim(strip_tags(stripslashes($_POST['deletion_reason'])));
if (empty($reason) || $reason === '') {
return false;
}
// User modification, add to rejected group
$user = $this->userManager->get($requesterUid);
$userGroups = $this->groupManager->getUserGroupIds($user);
// get the user's exclusion group.
$configGroups = $this->config->getSystemValue('deletion_account_request_exclusion_groups');
if (is_array($configGroups)) {
foreach ($configGroups as $groupKey => $groupValue) {
if (in_array($groupKey, $userGroups)) {
if ($this->groupManager->groupExists($groupValue)) {
$group = $this->groupManager->get($groupValue);
} else {
$group = $this->groupManager->createGroup($groupValue);
}
break;
}
}
}
// if $group unset, we use the default value
if (empty($group)) {
$val = $this->config->getSystemValue('deletion_account_request_default_exclusion_group');
if ($this->groupManager->groupExists($val)) {
$group = $this->groupManager->get($val);
} else {
$group = $this->groupManager->createGroup($val);
}
}
$group->addUser($user);
// get the admin's mail
$configMails = $this->config->getSystemValue('deletion_account_request_admin_emails');
if (is_array($configMails)) {
foreach ($configMails as $mailKey => $mailValue) {
if (in_array($mailKey, $userGroups)) {
$toAddress = $toName = $mailValue;
break;
}
}
}
// if $toAdress unset, we use the default value
if (empty($toAdress)) {
$toAddress = $toName = $this->config->getSystemValue('deletion_account_request_default_admin_email');
}
// Mail part
$theme = new \OC_Defaults();
$subject = (string) $this->l->t('Request for deleting account: %s', array($requesterUid));
// generate the content
$html = new \OCP\Template($this->appName, "mail_userdeletion_html", "");
$html->assign('overwriteL10N', $this->l);
$html->assign('requesterUid', $requesterUid);
$html->assign('reason', $_POST['deletion_reason']);
$htmlMail = $html->fetchPage();
$alttext = new \OCP\Template($this->appName, "mail_userdeletion_text", "");
$alttext->assign('overwriteL10N', $this->l);
$alttext->assign('requesterUid', $requesterUid);
$alttext->assign('reason', $reason);
$altMail = $alttext->fetchPage();
$fromAddress = $fromName = \OCP\Util::getDefaultEmailAddress('owncloud');
//sending
try {
\OCP\Util::sendMail($toAddress, $toName, $subject, $htmlMail, $fromAddress, $fromName, 1, $altMail);
} catch (\Exception $e) {
\OCP\Util::writeLog('user_account_actions', "Can't send mail for user creation: " . $e->getMessage(), \OCP\Util::ERROR);
}
// logout and redirect
\OCP\User::logout();
\OC_Util::redirectToDefaultPage();
exit;
}
