if (!$username) { CAppUI::setMsg("Auth-failed-nousername", UI_MSG_ERROR); } else { if ($user->user_type == 1 && (!$ldap_connection || $allow_login_as_ldap)) { // If admin: no need to give a password $_REQUEST['loginas'] = $username; CAppUI::login(); } else { if (!$password) { CAppUI::setMsg("Auth-failed-nopassword", UI_MSG_ERROR); } else { $_REQUEST['loginas'] = $username; if (CAppUI::conf("admin LDAP ldap_connection")) { $_REQUEST['passwordas'] = $password; CAppUI::login(true); } else { if (!CUser::checkPassword($username, $password)) { CAppUI::setMsg("Auth-failed-combination", UI_MSG_ERROR); } else { CAppUI::login(true); } } } } } if ($msg = CAppUI::getMsg()) { echo $msg; return; } else { CAppUI::callbackAjax('UserSwitch.reload'); }
/** * Put Request Handler * * This method is called when a request is a PUT * * @return array */ public function executePut() { $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $post_data = array('project_id' => 0, 'project_creator' => $AppUI->user_id, 'project_contacts' => $this->getParam('project_contacts'), 'project_name' => $this->getParam('project_name'), 'project_parent' => $this->getParam('project_parent'), 'project_owner' => $this->getParam('project_owner'), 'project_company' => $this->getParam('project_company'), 'project_location' => $this->getParam('project_location'), 'project_start_date' => $this->getParam('project_start_date'), 'project_end_date' => $this->getParam('project_end_date'), 'project_target_budget' => $this->getParam('project_target_budget'), 'project_actual_budget' => $this->getParam('project_actual_budget'), 'project_url' => $this->getParam('project_url'), 'project_demo_url' => $this->getParam('project_demo_url'), 'project_priority' => $this->getParam('project_priority'), 'project_short_name' => $this->getParam('project_short_name'), 'project_color_identifier' => $this->getParam('project_color_identifier'), 'project_type' => $this->getParam('project_type'), 'project_status' => $this->getParam('project_status'), 'project_description' => $this->getParam('project_description'), 'project_departments' => $this->getParam('project_departments', self::TYPE_ARRAY), 'project_active' => $this->getParam('project_active')); $project = new CProject(); $project->bind($post_data); $error_array = $project->store($AppUI); // Return all the validation messages if ($error_array !== true) { $error_message = ''; foreach ($error_array as $error) { $error_message .= $error . '. '; } throw new Frapi_Error('SAVE_ERROR', $error_message); } $project = (array) $project; $pd = CProject::getDepartments($AppUI, $project['project_id']); $project_departments = array(); foreach ($pd as $key => $value) { $project_departments[] = $value['dept_id']; } $project['project_departments'] = $project_departments; // Remove the data that is not for display unset($project['_tbl_prefix'], $project['_tbl'], $project['_tbl_key'], $project['_error'], $project['_query'], $project['_tbl_module']); $this->data['project'] = $project; $this->data['success'] = true; return new Frapi_Response(array('code' => 201, 'data' => $this->data)); }
global $ADODB_FETCH_MODE; global $w2p_performance_dbtime; global $w2p_performance_old_dbqueries; global $AppUI; global $w2Pconfig; require_once '../base.php'; require_once W2P_BASE_DIR . '/includes/config.php'; require_once W2P_BASE_DIR . '/includes/main_functions.php'; require_once W2P_BASE_DIR . '/includes/db_adodb.php'; /* * Need this to test actions that require permissions. */ $AppUI = new CAppUI(); $_POST['login'] = '******'; $_REQUEST['login'] = '******'; $AppUI->login('admin', 'passwd'); /* * Need this to not get the annoying timezone warnings in tests. */ $defaultTZ = w2PgetConfig('system_timezone', 'Europe/London'); $defaultTZ = '' == $defaultTZ ? 'Europe/London' : $defaultTZ; date_default_timezone_set($defaultTZ); require_once W2P_BASE_DIR . '/includes/session.php'; require_once 'PHPUnit/Framework.php'; require_once 'PHPUnit/Extensions/Database/TestCase.php'; /** * This class tests functionality for Tasks * * @author Trevor Morse <*****@*****.**> * @category Tasks * @package web2project
/** * Delete Request Handler * * This method is called when a request is a DELETE * * @return array */ public function executeDelete() { $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); $task_id = $this->getParam('task_id', self::TYPE_INT); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $task = new CTask(); $task->load($task_id); if (!$task->delete($AppUI)) { throw new Frapi_Error('PERMISSION_ERROR'); } $this->data['success'] = true; return $this->toArray(); }
/** * Put Request Handler * * This method is called when a request is a PUT * * @return array */ public function executePut() { /** * @todo Remove this once we figure out how to reference vars in file * that is autoloaded */ global $tracking_dynamics; $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); $hassign = $this->getParam('hassign'); $hdependencies = $this->getParam('hdependencies'); $notify = $this->getParam('task_notify'); $comment = $this->getParam('email_comment'); $task_id = $this->getParam('task_id'); $adjustStartDate = $this->getParam('set_task_start_date'); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $post_data = array('task_id' => 0, 'task_name' => $this->getParam('task_name'), 'task_status' => $this->getParam('task_status'), 'task_percent_complete' => $this->getParam('task_percent_complete'), 'task_milestone' => $this->getParam('task_milestone'), 'task_owner' => $this->getParam('task_owner'), 'task_access' => $this->getParam('task_access'), 'task_related_url' => $this->getParam('task_related_url'), 'task_parent' => $this->getParam('task_parent'), 'task_type' => $this->getParam('task_type'), 'task_target_budget' => $this->getParam('task_target_budget'), 'task_description' => $this->getParam('task_description'), 'task_start_date' => $this->getParam('task_start_date'), 'task_end_date' => $this->getParam('task_end_date'), 'task_duration' => $this->getParam('task_duration'), 'task_duration_type' => $this->getParam('task_duration_type'), 'task_dynamic' => $this->getParam('task_dynamic'), 'task_allow_other_user_tasklogs' => $this->getParam('task_allow_other_user_tasklogs'), 'task_project' => $this->getParam('task_project'), 'task_priority' => $this->getParam('task_priority')); // Include any files for handling module-specific requirements foreach (findTabModules('tasks', 'addedit') as $mod) { $fname = W2P_BASE_DIR . '/modules/' . $mod . '/tasks_dosql.addedit.php'; if (file_exists($fname)) { require_once $fname; } } // Find the task if we are set $task_end_date = null; if ($task_id) { $task->load($task_id); $task_end_date = new w2p_Utilities_Date($task->task_end_date); } $task = new CTask(); if (!$task->bind($post_data)) { throw new Frapi_Error('SAVE_ERROR', $task->getError()); } if ($task->task_dynamic != 1) { $task_dynamic_delay = $this->getParam('task_dynamic_nodelay') ? $this->getParam('task_dynamic_nodelay') : '0'; if (in_array($task->task_dynamic, $tracking_dynamics)) { $task->task_dynamic = $task_dynamic_delay ? 21 : 31; } else { $task->task_dynamic = $task_dynamic_delay ? 11 : 0; } } // Let's check if task_dynamic is unchecked if (!$this->getParam('task_dynamic')) { $task->task_dynamic = false; } // Make sure task milestone is set or reset as appropriate if ($this->getParam('task_milestone')) { $task->task_milestone = false; } //format hperc_assign user_id=percentage_assignment;user_id=percentage_assignment;user_id=percentage_assignment; $tmp_ar = explode(';', $this->getParam('hperc_assign')); $i_cmp = sizeof($tmp_ar); $hperc_assign_ar = array(); for ($i = 0; $i < $i_cmp; $i++) { $tmp = explode('=', $tmp_ar[$i]); if (count($tmp) > 1) { $hperc_assign_ar[$tmp[0]] = $tmp[1]; } elseif ($tmp[0] != '') { $hperc_assign_ar[$tmp[0]] = 100; } } // let's check if there are some assigned departments to task $task->task_departments = implode(',', $this->getParam('dept_ids', self::TYPE_ARRAY)); // convert dates to SQL format first if ($task->task_start_date) { $date = new w2p_Utilities_Date($task->task_start_date); $task->task_start_date = $date->format(FMT_DATETIME_MYSQL); } $end_date = null; if ($task->task_end_date) { if (strpos($task->task_end_date, '2400') !== false) { $task->task_end_date = str_replace('2400', '2359', $task->task_end_date); } $end_date = new w2p_Utilities_Date($task->task_end_date); $task->task_end_date = $end_date->format(FMT_DATETIME_MYSQL); } $error_array = $task->store($AppUI); // Return all the validation messages if ($error_array !== true) { $error_message = ''; foreach ($error_array as $error) { $error_message .= $error . '. '; } throw new Frapi_Error('SAVE_ERROR', $error_message); } $task_parent = $this->getParam('task_parent') ? $this->getParam('task_parent', SELF::TYPE_INT) : 0; $old_task_parent = $this->getParam('old_task_parent') ? $this->getParam('old_task_parent', SELF::TYPE_INT) : 0; if ($task_parent != $old_task_parent) { $oldTask = new CTask(); $oldTask->load($old_task_parent); $oldTask->updateDynamics(false); } // How to handle custom fields? Do we support it in api? // Now add any task reminders // If there wasn't a task, but there is one now, and // that task date is set, we need to set a reminder. if (empty($task_end_date) || !empty($end_date) && $task_end_date->dateDiff($end_date)) { $task->addReminder(); } if (isset($hassign)) { $task->updateAssigned($hassign, $hperc_assign_ar); } if (isset($hdependencies)) { // && !empty($hdependencies)) { // there are dependencies set! // backup initial start and end dates $tsd = new w2p_Utilities_Date($task->task_start_date); $ted = new w2p_Utilities_Date($task->task_end_date); // updating the table recording the // dependency relations with this task $task->updateDependencies($hdependencies, $task_parent); // we will reset the task's start date based upon dependencies // and shift the end date appropriately if ($adjustStartDate && !is_null($hdependencies)) { // load already stored task data for this task $tempTask = new CTask(); $tempTask->load($task->task_id); // shift new start date to the last dependency end date $nsd = new w2p_Utilities_Date($tempTask->get_deps_max_end_date($tempTask)); // prefer Wed 8:00 over Tue 16:00 as start date $nsd = $nsd->next_working_day(); // prepare the creation of the end date $ned = new w2p_Utilities_Date(); $ned->copy($nsd); if (empty($task->task_start_date)) { // appropriately calculated end date via start+duration $ned->addDuration($task->task_duration, $task->task_duration_type); } else { // calc task time span start - end $d = $tsd->calcDuration($ted); // Re-add (keep) task time span for end date. // This is independent from $obj->task_duration. // The value returned by Date::Duration() is always in hours ('1') $ned->addDuration($d, '1'); } // prefer tue 16:00 over wed 8:00 as an end date $ned = $ned->prev_working_day(); $task->task_start_date = $nsd->format(FMT_DATETIME_MYSQL); $task->task_end_date = $ned->format(FMT_DATETIME_MYSQL); $q = new w2p_Database_Query(); $q->addTable('tasks', 't'); $q->addUpdate('task_start_date', $task->task_start_date); $q->addUpdate('task_end_date', $task->task_end_date); $q->addWhere('task_id = ' . (int) $task->task_id); $q->addWhere('task_dynamic <> 1'); $q->exec(); $q->clear(); } $task->pushDependencies($task->task_id, $task->task_end_date); } unset($task->_query, $task->_error, $task->_tbl_prefix, $task->_tbl, $task->_tbl_key, $task->_tbl_module); $task = (array) $task; $this->data['task'] = $task; $this->data['success'] = true; return new Frapi_Response(array('code' => 201, 'data' => $this->data)); }
if (CAppUI::$token_expiration || $do_login) { $dialog = 1; } // Check ldap_guid or sining token if (CValue::get("ldap_guid") || $do_login) { $_REQUEST["login"] = 1; } // check if the user is trying to log in if (isset($_REQUEST["login"])) { $login_action = $_REQUEST["login"]; // login with "login=user:password" if (strpos($login_action, ":") !== false) { list($_REQUEST["username"], $_REQUEST["password"]) = explode(":", $login_action, 2); } include __DIR__ . "/locales/core.php"; if (null == ($ok = CAppUI::login())) { CAppUI::$instance->user_id = null; // we delete the session in case the user was deactivated CAppUI::setMsg("Auth-failed", UI_MSG_ERROR); } if (isset($_SESSION['browser']['deprecated']) && $_SESSION['browser']['deprecated'] && !CValue::get("password")) { // If we are not connecting directly $tpl = new CSmartyDP("style/mediboard"); $tpl->display("old_browser.tpl"); CApp::rip(); } // Login OK redirection for popup authentication $redirect = CValue::request("redirect"); $dialog = CValue::request("dialog"); parse_str($redirect, $parsed_redirect); if ($ok && $dialog && isset($parsed_redirect["login_info"])) {
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @return Array(session_id, error) -- session_id is the id of the session that was * created. Error is set if there was any error during creation. */ function login($user_auth, $application = 'test') { $error = new SoapError(); $success = false; $user_auth["user_name"] = addslashes($user_auth["user_name"]); $user_auth["password"] = addslashes($user_auth["password"]); $_POST['login'] = '******'; $_REQUEST['login'] = '******'; if (isset($user_auth["user_name"]) || isset($user_auth["password"])) { dPsessionStart(array('AppUI')); $AppUI = new CAppUI(); $ok = $AppUI->login($user_auth["user_name"], $user_auth["password"]); if (!$ok) { $error->set_error('invalid_login'); return array('id' => -1, 'error' => $error->get_soap_array()); $AppUI->setMsg('Login Failed'); } else { //Register login in user_acces_log $AppUI->registerLogin(); addHistory('login', $AppUI->user_id, 'login', $AppUI->user_first_name . ' ' . $AppUI->user_last_name); $_SESSION['AppUI'] = $AppUI; $success = true; } } if ($success) { $_SESSION['is_valid_session'] = true; $_SESSION['type'] = 'user'; return array('id' => session_id(), 'error' => $error); } $error->set_error('invalid_login'); return array('id' => -1, 'error' => $error); }
/** * Put Request Handler * * This method is called when a request is a PUT * * @return array */ public function executePut() { $valid = $this->hasRequiredParameters($this->requiredParams); if ($valid instanceof Frapi_Error) { return $valid; } $username = $this->getParam('username'); $password = $this->getParam('password'); // Attempt to login as user, a little bit of a hack as we currently // require the $_POST['login'] var to be set as well as a global AppUI $AppUI = new CAppUI(); $GLOBALS['AppUI'] = $AppUI; $_POST['login'] = '******'; if (!$AppUI->login($username, $password)) { throw new Frapi_Error('INVALID_LOGIN'); } $post_data = array('contact_id' => 0, 'contact_first_name' => $this->getParam('contact_first_name'), 'contact_last_name' => $this->getParam('contact_last_name'), 'contact_order_by' => $this->getParam('contact_order_by'), 'contact_private' => $this->getParam('contact_private'), 'contact_job' => $this->getParam('contact_job'), 'contact_company_name' => $this->getParam('contact_company_name'), 'contact_company' => $this->getParam('contact_company'), 'contact_department_name' => $this->getParam('contact_department_name'), 'contact_department' => $this->getParam('contact_department'), 'contact_title' => $this->getParam('contact_title'), 'contact_type' => $this->getParam('contact_type'), 'contact_address1' => $this->getParam('contact_address1'), 'contact_address2' => $this->getParam('contact_address2'), 'contact_city' => $this->getParam('contact_city'), 'contact_state' => $this->getParam('contact_state'), 'contact_zip' => $this->getParam('contact_zip'), 'contact_country' => $this->getParam('contact_country'), 'contact_birthday' => $this->getParam('contact_birthday'), 'contact_notes' => $this->getParam('contact_notes')); // Ugh, the store method uses $_POST directly for contact methods :( $_POST['contact_methods'] = $this->getParam('contact_methods'); $contact = new CContact(); $contact->bind($post_data); $error_array = $contact->store($AppUI); if ($error_array !== true) { $error_message = ''; foreach ($error_array as $error) { $error_message .= $error . '. '; } throw new Frapi_Error('SAVE_ERROR', $error_message); } /* * TODO: How do we handle extra fields? */ $contact = (array) $contact; // Remove the data that is not for display unset($contact['tbl_prefix'], $contact['_tbl'], $contact['_tbl_key'], $contact['_error'], $contact['_query']); $this->data['contact'] = $contact; $this->data['success'] = true; return new Frapi_Response(array('code' => 201, 'data' => $this->data)); }