Esempio n. 1
0
 /**
  * Called before each test method.
  */
 public function setUp()
 {
     $this->group = new ElggGroup();
     $this->group->membership = ACCESS_PUBLIC;
     $this->group->access_id = ACCESS_PUBLIC;
     $this->group->save();
     $this->user = new ElggUser();
     $this->user->username = '******' . rand();
     $this->user->save();
 }
 public function setUp()
 {
     elgg_register_notification_method('test');
     $this->user1 = new ElggUser();
     $this->user1->username = '******';
     $this->user1->save();
     $this->user2 = new ElggUser();
     $this->user2->username = '******';
     $this->user2->save();
     $this->group = new ElggGroup();
     $this->group->save();
 }
 /**
  * Called before each test object.
  */
 public function __construct()
 {
     parent::__construct();
     $this->user = new \ElggUser();
     $this->user->username = '******' . rand();
     $this->user->email = '*****@*****.**' . rand();
     $this->user->name = 'fake user ' . rand();
     $this->user->access_id = ACCESS_PUBLIC;
     $this->user->setPassword(rand());
     $this->user->owner_guid = 0;
     $this->user->container_guid = 0;
     $this->user->save();
 }
 /**
  * Called before each test object.
  */
 public function __construct()
 {
     parent::__construct();
     $this->user = new ElggUser();
     $this->user->username = '******' . rand();
     $this->user->email = '*****@*****.**' . rand();
     $this->user->name = 'fake user ' . rand();
     $this->user->access_id = ACCESS_PUBLIC;
     $this->user->salt = _elgg_generate_password_salt();
     $this->user->password = generate_user_password($this->user, rand());
     $this->user->owner_guid = 0;
     $this->user->container_guid = 0;
     $this->user->save();
 }
Esempio n. 5
0
/**
 * Enable personal and friend notifications for new users
 *
 * We do this using 'create, user' event instead of 'register, user' plugin
 * hook so that it affects also users created by an admin.
 *
 * @param  string   $event 'create'
 * @param  string   $type  'user'
 * @param  ElggUser $user
 * @return boolean
 */
function notification_tools_enable_for_new_user($event, $type, $user)
{
    $personal = elgg_get_plugin_setting('default_personal_methods', 'notification_tools');
    // Set methods for personal notifications
    if ($personal) {
        $personal_methods = explode(',', $personal);
        foreach ($personal_methods as $method) {
            $prefix = "notification:method:{$method}";
            $user->{$prefix} = true;
        }
    }
    $collection = elgg_get_plugin_setting('default_collection_methods', 'notification_tools');
    // Set methods for notifications about friends' activity
    if ($collection) {
        $collection_methods = explode(',', $collection);
        // Here we just mark the default methods. The core notification plugin
        // will take care of creating the actual 'notify<method>' relationships
        // between user and each friends.
        foreach ($collection_methods as $method) {
            $setting_name = "collections_notifications_preferences_{$method}";
            // The -1 seems like a weird value but that's what the core
            // is using for whatever reason.
            $user->{$setting_name} = '-1';
        }
    }
    $user->save();
    return true;
}
 protected function createTestUser($username = '******')
 {
     $user = new ElggUser();
     $user->username = $username;
     $guid = $user->save();
     // load user to have access to creation time
     return get_entity($guid);
 }
Esempio n. 7
0
 protected function createTestUser($username = '******')
 {
     // in case a test failure left the user
     $user = get_user_by_username($username);
     if ($user) {
         return $user;
     }
     $user = new \ElggUser();
     $user->username = $username;
     $guid = $user->save();
     // load user to have access to creation time
     return get_entity($guid);
 }
Esempio n. 8
0
 public function testCanEdit()
 {
     $user = new \ElggUser();
     $user->save();
     $id = $this->entity->annotate('test', 'foo', ACCESS_LOGGED_IN, elgg_get_logged_in_user_guid());
     $a = elgg_get_annotation_from_id($id);
     $this->assertTrue($a->canEdit());
     $this->assertFalse($a->canEdit($user->guid));
     $id = $this->entity->annotate('test', 'foo2', ACCESS_LOGGED_IN, $user->guid);
     $a = elgg_get_annotation_from_id($id);
     $this->assertTrue($a->canEdit());
     $this->assertTrue($a->canEdit($user->guid));
     $user->delete();
 }
 /**
  * Called before each test object.
  */
 public function __construct()
 {
     elgg_set_ignore_access(true);
     $this->entities = array();
     $this->subtypes = array('object' => array(), 'user' => array(), 'group' => array());
     // sites are a bit wonky.  Don't use them just now.
     $this->types = array('object', 'user', 'group');
     // create some fun objects to play with.
     // 5 with random subtypes
     for ($i = 0; $i < 5; $i++) {
         $subtype = 'test_object_subtype_' . rand();
         $e = new ElggObject();
         $e->subtype = $subtype;
         $e->save();
         $this->entities[] = $e;
         $this->subtypes['object'][] = $subtype;
     }
     // and users
     for ($i = 0; $i < 5; $i++) {
         $subtype = "test_user_subtype_" . rand();
         $e = new ElggUser();
         $e->username = "******" . rand();
         $e->subtype = $subtype;
         $e->save();
         $this->entities[] = $e;
         $this->subtypes['user'][] = $subtype;
     }
     // and groups
     for ($i = 0; $i < 5; $i++) {
         $subtype = "test_group_subtype_" . rand();
         $e = new ElggGroup();
         $e->subtype = $subtype;
         $e->save();
         $this->entities[] = $e;
         $this->subtypes['group'][] = $subtype;
     }
     parent::__construct();
 }
Esempio n. 10
0
 public function testElggRiverDisableEnable()
 {
     $user = new \ElggUser();
     $user->save();
     $entity = new \ElggObject();
     $entity->save();
     $params = array('view' => 'river/relationship/friend/create', 'action_type' => 'create', 'subject_guid' => $user->guid, 'object_guid' => $entity->guid);
     $id = elgg_create_river_item($params);
     $river = elgg_get_river(array('ids' => array($id)));
     $this->assertIdentical($river[0]->enabled, 'yes');
     $user->disable();
     // should no longer be able to get the river
     $river = elgg_get_river(array('ids' => array($id)));
     $this->assertIdentical($river, array());
     // renabling the user should re-enable the river
     access_show_hidden_entities(true);
     $user->enable();
     access_show_hidden_entities(false);
     $river = elgg_get_river(array('ids' => array($id)));
     $this->assertIdentical($river[0]->enabled, 'yes');
     $user->delete();
     $entity->delete();
 }
 function test_can_write_to_container()
 {
     $user = new \ElggUser();
     $user->username = '******' . rand();
     $user->name = 'test_user_name_' . rand();
     $user->email = '*****@*****.**';
     $user->container_guid = 0;
     $user->owner_guid = 0;
     $user->save();
     $object = new \ElggObject();
     $object->save();
     $group = new \ElggGroup();
     $group->save();
     // disable access overrides because we're admin.
     $ia = elgg_set_ignore_access(false);
     $this->assertFalse(can_write_to_container($user->guid, $object->guid));
     global $elgg_test_user;
     $elgg_test_user = $user;
     // register hook to allow access
     function can_write_to_container_test_hook($hook, $type, $value, $params)
     {
         global $elgg_test_user;
         if ($params['user']->getGUID() == $elgg_test_user->getGUID()) {
             return true;
         }
     }
     elgg_register_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
     $this->assertTrue(can_write_to_container($user->guid, $object->guid));
     elgg_unregister_plugin_hook_handler('container_permissions_check', 'all', 'can_write_to_container_test_hook');
     $this->assertFalse(can_write_to_container($user->guid, $group->guid));
     $group->join($user);
     $this->assertTrue(can_write_to_container($user->guid, $group->guid));
     elgg_set_ignore_access($ia);
     $user->delete();
     $object->delete();
     $group->delete();
 }
Esempio n. 12
0
/**
 * Logs in a specified ElggUser. For standard registration, use in conjunction
 * with authenticate.
 * 
 * @see authenticate
 * @param ElggUser $user A valid Elgg user object
 * @param boolean $persistent Should this be a persistent login?
 * @return true|false Whether login was successful
 */
function login(ElggUser $user, $persistent = false)
{
    global $CONFIG;
    if ($user->isBanned()) {
        return false;
    }
    // User is banned, return false.
    if (check_rate_limit_exceeded($user->guid)) {
        return false;
    }
    // Check rate limit
    $_SESSION['user'] = $user;
    $_SESSION['guid'] = $user->getGUID();
    $_SESSION['id'] = $_SESSION['guid'];
    $_SESSION['username'] = $user->username;
    $_SESSION['name'] = $user->name;
    $code = md5($user->name . $user->username . time() . rand());
    $user->code = md5($code);
    $_SESSION['code'] = $code;
    if ($persistent) {
        setcookie("elggperm", $code, time() + 86400 * 30, "/");
    }
    if (!$user->save() || !trigger_elgg_event('login', 'user', $user)) {
        unset($_SESSION['username']);
        unset($_SESSION['name']);
        unset($_SESSION['code']);
        unset($_SESSION['guid']);
        unset($_SESSION['id']);
        unset($_SESSION['user']);
        setcookie("elggperm", "", time() - 86400 * 30, "/");
        return false;
    }
    // Users privilege has been elevated, so change the session id (help prevent session hijacking)
    session_regenerate_id();
    // Update statistics
    set_last_login($_SESSION['guid']);
    reset_login_failure_count($user->guid);
    // Reset any previous failed login attempts
    // Set admin shortcut flag if this is an admin
    if (isadminloggedin()) {
        global $is_admin;
        $is_admin = true;
    }
    return true;
}
Esempio n. 13
0
 public function testUpdateAbilityDependsOnCanEdit()
 {
     $this->entity->access_id = ACCESS_PRIVATE;
     $this->assertTrue($this->entity->save());
     // even owner can't bypass permissions
     elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse'], 999);
     $this->assertFalse($this->entity->save());
     elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getFalse']);
     $user = new ElggUser();
     $user->save();
     $old_user = $this->replaceSession($user);
     $this->assertFalse($this->entity->save());
     elgg_register_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']);
     // even though this user can't look up the entity via the DB, permission allows update.
     $this->assertFalse(has_access_to_entity($this->entity, $user));
     $this->assertTrue($this->entity->save());
     elgg_unregister_plugin_hook_handler('permissions_check', 'object', [Elgg\Values::class, 'getTrue']);
     // can save with access ignore
     $ia = elgg_set_ignore_access();
     $this->assertTrue($this->entity->save());
     elgg_set_ignore_access($ia);
     $this->replaceSession($old_user);
     $user->delete();
 }
Esempio n. 14
0
 public function test_elgg_metadata_multiple_values()
 {
     $u1 = new ElggUser();
     $u1->username = rand();
     $u1->save();
     $u2 = new ElggUser();
     $u2->username = rand();
     $u2->save();
     $obj = new ElggObject();
     $obj->owner_guid = $u1->guid;
     $obj->container_guid = $u1->guid;
     $obj->access_id = ACCESS_PUBLIC;
     $obj->save();
     $md_values = array('one', 'two', 'three');
     // need to fake different logins.
     // good times without mocking.
     $original_user = elgg_get_logged_in_user_entity();
     $_SESSION['user'] = $u1;
     elgg_set_ignore_access(false);
     // add metadata as one user
     $obj->test = $md_values;
     // check only these md exists
     $db_prefix = elgg_get_config('dbprefix');
     $q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = {$obj->guid}";
     $data = get_data($q);
     $this->assertEqual(count($md_values), count($data));
     foreach ($data as $md_row) {
         $md = elgg_get_metadata_from_id($md_row->id);
         $this->assertTrue(in_array($md->value, $md_values));
         $this->assertEqual('test', $md->name);
     }
     // add md w/ same name as a different user
     $_SESSION['user'] = $u2;
     $md_values2 = array('four', 'five', 'six', 'seven');
     $obj->test = $md_values2;
     $q = "SELECT * FROM {$db_prefix}metadata WHERE entity_guid = {$obj->guid}";
     $data = get_data($q);
     $this->assertEqual(count($md_values2), count($data));
     foreach ($data as $md_row) {
         $md = elgg_get_metadata_from_id($md_row->id);
         $this->assertTrue(in_array($md->value, $md_values2));
         $this->assertEqual('test', $md->name);
     }
     $_SESSION['user'] = $original_user;
     $obj->delete();
     $u1->delete();
     $u2->delete();
 }
Esempio n. 15
0
 /**
  * Tests get_entity_statistics() with an owner
  * @covers get_entity_statistics()
  */
 function test_owned_get_entity_statistics()
 {
     $user = new \ElggUser();
     $user->save();
     $subtype = 'issue7845' . rand(0, 100);
     $object = new \ElggObject();
     $object->subtype = $subtype;
     $object->owner_guid = $user->guid;
     $object->save();
     $stats = get_entity_statistics($user->guid);
     $this->assertEqual($stats['object'][$subtype], 1);
     $user->delete();
 }
Esempio n. 16
0
/**
 * Logs in a specified ElggUser. For standard registration, use in conjunction
 * with elgg_authenticate.
 *
 * @see elgg_authenticate
 *
 * @param ElggUser $user       A valid Elgg user object
 * @param boolean  $persistent Should this be a persistent login?
 *
 * @return true or throws exception
 * @throws LoginException
 */
function login(ElggUser $user, $persistent = false)
{
    // User is banned, return false.
    if ($user->isBanned()) {
        throw new LoginException(elgg_echo('LoginException:BannedUser'));
    }
    $_SESSION['user'] = $user;
    $_SESSION['guid'] = $user->getGUID();
    $_SESSION['id'] = $_SESSION['guid'];
    $_SESSION['username'] = $user->username;
    $_SESSION['name'] = $user->name;
    // if remember me checked, set cookie with token and store token on user
    if ($persistent) {
        $code = md5($user->name . $user->username . time() . rand());
        $_SESSION['code'] = $code;
        $user->code = md5($code);
        setcookie("elggperm", $code, time() + 86400 * 30, "/");
    }
    if (!$user->save() || !elgg_trigger_event('login', 'user', $user)) {
        unset($_SESSION['username']);
        unset($_SESSION['name']);
        unset($_SESSION['code']);
        unset($_SESSION['guid']);
        unset($_SESSION['id']);
        unset($_SESSION['user']);
        setcookie("elggperm", "", time() - 86400 * 30, "/");
        throw new LoginException(elgg_echo('LoginException:Unknown'));
    }
    // Users privilege has been elevated, so change the session id (prevents session fixation)
    session_regenerate_id();
    // Update statistics
    set_last_login($_SESSION['guid']);
    reset_login_failure_count($user->guid);
    // Reset any previous failed login attempts
    // if memcache is enabled, invalidate the user in memcache @see https://github.com/Elgg/Elgg/issues/3143
    if (is_memcache_available()) {
        // this needs to happen with a shutdown function because of the timing with set_last_login()
        register_shutdown_function("_elgg_invalidate_memcache_for_entity", $_SESSION['guid']);
    }
    return true;
}
Esempio n. 17
0
/**
 * Logs in a specified ElggUser. For standard registration, use in conjunction
 * with elgg_authenticate.
 *
 * @see elgg_authenticate
 *
 * @param ElggUser $user       A valid Elgg user object
 * @param boolean  $persistent Should this be a persistent login?
 *
 * @return true or throws exception
 * @throws LoginException
 */
function login(ElggUser $user, $persistent = false)
{
    global $CONFIG;
    // User is banned, return false.
    if ($user->isBanned()) {
        throw new LoginException(elgg_echo('LoginException:BannedUser'));
    }
    $_SESSION['user'] = $user;
    $_SESSION['guid'] = $user->getGUID();
    $_SESSION['id'] = $_SESSION['guid'];
    $_SESSION['username'] = $user->username;
    $_SESSION['name'] = $user->name;
    // if remember me checked, set cookie with token and store token on user
    if ($persistent) {
        $code = md5($user->name . $user->username . time() . rand());
        $_SESSION['code'] = $code;
        $user->code = md5($code);
        setcookie("elggperm", $code, time() + 86400 * 30, "/");
    }
    if (!$user->save() || !elgg_trigger_event('login', 'user', $user)) {
        unset($_SESSION['username']);
        unset($_SESSION['name']);
        unset($_SESSION['code']);
        unset($_SESSION['guid']);
        unset($_SESSION['id']);
        unset($_SESSION['user']);
        setcookie("elggperm", "", time() - 86400 * 30, "/");
        throw new LoginException(elgg_echo('LoginException:Unknown'));
    }
    // Users privilege has been elevated, so change the session id (prevents session fixation)
    session_regenerate_id();
    // Update statistics
    set_last_login($_SESSION['guid']);
    reset_login_failure_count($user->guid);
    // Reset any previous failed login attempts
    return true;
}
Esempio n. 18
0
/**
 * Enable notifier by default for new users according to plugin settings.
 *
 * We do this using 'create, user' event instead of 'register, user' plugin
 * hook so that it affects also users created by an admin.
 *
 * @param string   $event 'create'
 * @param string   $type  'user'
 * @param ElggUser $user  The user that was created
 * @return boolean
 */
function notifier_enable_for_new_user($event, $type, $user)
{
    $personal = (bool) elgg_get_plugin_setting('enable_personal', 'notifier');
    $collections = (bool) elgg_get_plugin_setting('enable_collections', 'notifier');
    if ($personal) {
        $prefix = "notification:method:notifier";
        $user->{$prefix} = true;
    }
    if ($collections) {
        /**
         * This function is triggered before invite code is checked so it's
         * enough just to add the setting. Notifications plugin will take care
         * of adding the 'notifynotifier' relationship in case user was invited.
         */
        $user->collections_notifications_preferences_notifier = '-1';
    }
    $user->save();
    return true;
}
Esempio n. 19
0
 public function testCreateWithContainerGuidEqualsZero()
 {
     $user = new \ElggUser();
     $user->save();
     $object = new \ElggObject();
     $object->owner_guid = $user->guid;
     $object->container_guid = 0;
     // If container_guid attribute is not updated with owner_guid attribute
     // ElggEntity::getContainerEntity() would return false
     // thus terminating save()
     $this->assertTrue($object->save());
     $this->assertEqual($user->guid, $object->getContainerGUID());
     $user->delete();
 }
Esempio n. 20
0
 public function testAccessCaching()
 {
     // create a new user to check against
     $user = new ElggUser();
     $user->username = '******';
     $user->save();
     foreach (array('get_access_list', 'get_access_array') as $func) {
         $cache = _elgg_get_access_cache();
         $cache->clear();
         // admin users run tests, so disable access
         elgg_set_ignore_access(true);
         $access = $func($user->getGUID());
         elgg_set_ignore_access(false);
         $access2 = $func($user->getGUID());
         $this->assertNotEqual($access, $access2, "Access test for {$func}");
     }
     $user->delete();
 }
Esempio n. 21
0
 /**
  * Registers a user, returning false if the username already exists
  *
  * @param string $username              The username of the new user
  * @param string $password              The password
  * @param string $name                  The user's display name
  * @param string $email                 The user's email address
  * @param bool   $allow_multiple_emails Allow the same email address to be
  *                                      registered multiple times?
  *
  * @return int|false The new user's GUID; false on failure
  * @throws \RegistrationException
  */
 function register($username, $password, $name, $email, $allow_multiple_emails = false)
 {
     // no need to trim password.
     $username = trim($username);
     $name = trim(strip_tags($name));
     $email = trim($email);
     // A little sanity checking
     if (empty($username) || empty($password) || empty($name) || empty($email)) {
         return false;
     }
     // Make sure a user with conflicting details hasn't registered and been disabled
     $access_status = access_get_show_hidden_status();
     access_show_hidden_entities(true);
     if (!validate_email_address($email)) {
         throw new \RegistrationException(_elgg_services()->translator->translate('registration:emailnotvalid'));
     }
     if (!validate_password($password)) {
         throw new \RegistrationException(_elgg_services()->translator->translate('registration:passwordnotvalid'));
     }
     if (!validate_username($username)) {
         throw new \RegistrationException(_elgg_services()->translator->translate('registration:usernamenotvalid'));
     }
     if ($user = get_user_by_username($username)) {
         throw new \RegistrationException(_elgg_services()->translator->translate('registration:userexists'));
     }
     if (!$allow_multiple_emails && get_user_by_email($email)) {
         throw new \RegistrationException(_elgg_services()->translator->translate('registration:dupeemail'));
     }
     access_show_hidden_entities($access_status);
     // Create user
     $user = new \ElggUser();
     $user->username = $username;
     $user->email = $email;
     $user->name = $name;
     $user->access_id = ACCESS_PUBLIC;
     $user->setPassword($password);
     $user->owner_guid = 0;
     // Users aren't owned by anyone, even if they are admin created.
     $user->container_guid = 0;
     // Users aren't contained by anyone, even if they are admin created.
     $user->language = _elgg_services()->translator->getCurrentLanguage();
     if ($user->save() === false) {
         return false;
     }
     // Turn on email notifications by default
     set_user_notification_setting($user->getGUID(), 'email', true);
     return $user->getGUID();
 }
Esempio n. 22
0
/**
 * Insert user into elgg user table using info from ldap
 * Tries to insert, otherwise returns error
 *
 * @return user or error (false?)
 */
function cas_insertUser($username, $ldap_attributes, $config)
{
    // name is 'cn' in ldap
    $name = $ldap_attributes['cn'];
    // remove periods from ldap username
    // ex. anthony.hopkins -> anthonyhopkins
    $uname = !empty($ldap_attributes['textUid']) ? $ldap_attributes['textUid'] : str_replace(".", "", $username);
    $email = $ldap_attributes['mail'];
    $user = new ElggUser();
    $user->username = $uname;
    $user->email = $email;
    $user->name = $name;
    $user->access_id = 2;
    $user->salt = generate_random_cleartext_password();
    // Note salt generated before password!
    // cas users don't need password stored locally
    // so create an invalid password
    // a real password can be saved at a later time if they become a local user
    $user->password = md5(time());
    //generate_user_password($user, $password);
    // returns guid or false
    $guid = $user->save();
    if (!$guid) {
        return false;
    }
    $obj = get_entity($guid);
    if (isset($config->casadminuser) && $config->casadminuser == $uname) {
        if ($obj instanceof \ElggUser) {
            //set context for permissions check
            elgg_push_context('au_cas_auth_make_admin');
            if (make_user_admin($guid)) {
                system_message(elgg_echo('admin:user:makeadmin:yes'));
            } else {
                register_error(elgg_echo('admin:user:makeadmin:no'));
            }
            // set context back
            elgg_pop_context();
        } else {
            register_error(elgg_echo('admin:user:makeadmin:no'));
        }
    }
    return $user;
}
Esempio n. 23
0
 /**
  * Make sure entity is loaded from cache during save operations
  * See #10612
  */
 public function testNewUserLoadedFromCacheDuringSaveOperations()
 {
     $user = new \ElggUser();
     // Add temporary metadata, annotation and private settings
     // to extend the scope of tests and catch issues with save operations
     $user->test_metadata = 'bar';
     $user->annotate('test_annotation', 'baz');
     $user->setPrivateSetting('test_setting', 'foo');
     $metadata_called = false;
     $metadata_event_handler = function ($event, $type, $metadata) use(&$metadata_called) {
         /* @var $metadata \ElggMetadata */
         $entity = get_entity($metadata->entity_guid);
         $this->assertEqual($metadata->entity_guid, $entity->guid);
         $metadata_called = true;
     };
     $annotation_called = false;
     $annotation_event_handler = function ($event, $type, $annotation) use(&$annotation_called) {
         /* @var $metadata \ElggAnnotation */
         $entity = get_entity($annotation->entity_guid);
         $this->assertEqual($annotation->entity_guid, $entity->guid);
         $annotation_called = true;
     };
     elgg_register_event_handler('create', 'metadata', $metadata_event_handler);
     elgg_register_event_handler('create', 'annotation', $annotation_event_handler);
     $user->save();
     elgg_unregister_event_handler('create', 'metadata', $metadata_event_handler);
     elgg_unregister_event_handler('create', 'annotation', $annotation_event_handler);
     $user->delete();
     $this->assertTrue($metadata_called);
     $this->assertTrue($annotation_called);
 }
Esempio n. 24
0
elgg_set_context($context);
// we have no local users, create a new one
$user = new \ElggUser();
$user->username = preg_replace("/[^a-zA-Z0-9]/", "", $account->username);
$user->email = $account->email;
$user->name = $account->fullName;
$user->access_id = ACCESS_PUBLIC;
$user->salt = _elgg_generate_password_salt();
// set invalid PW that will never work for local login.  This can be changed by the user later
// but won't leave a secondary local login by accident
$user->password = _elgg_generate_password_salt();
$user->owner_guid = 0;
// Users aren't owned by anyone, even if they are admin created.
$user->container_guid = 0;
// Users aren't contained by anyone, even if they are admin created.
$user->language = get_current_language();
$user->save();
$user->__stormpath_user = $account->href;
elgg_set_user_validation_status($user->guid, TRUE, 'stormpath');
// Turn on email notifications by default
set_user_notification_setting($user->getGUID(), 'email', true);
// done with our extra permissions
elgg_pop_context();
login($user, true);
if ($user[0]->language) {
    $message = elgg_echo('loginok', array(), $user[0]->language);
} else {
    $message = elgg_echo('loginok');
}
system_message($message);
forward($login_forward);
Esempio n. 25
0
/**
 * Create a new user from Twitter information
 * 
 * @param object $twitter Twitter OAuth response
 * @return ElggUser
 */
function twitter_api_create_user($twitter)
{
    // check new registration allowed
    if (!twitter_api_allow_new_users_with_twitter()) {
        register_error(elgg_echo('registerdisabled'));
        forward();
    }
    // Elgg-ify Twitter credentials
    $username = $twitter->screen_name;
    while (get_user_by_username($username)) {
        // @todo I guess we just hope this is good enough
        $username = $twitter->screen_name . '_' . rand(1000, 9999);
    }
    $password = generate_random_cleartext_password();
    $name = $twitter->name;
    $user = new ElggUser();
    $user->username = $username;
    $user->name = $name;
    $user->access_id = ACCESS_PUBLIC;
    $user->setPassword($password);
    $user->owner_guid = 0;
    $user->container_guid = 0;
    if (!$user->save()) {
        register_error(elgg_echo('registerbad'));
        forward();
    }
    return $user;
}
Esempio n. 26
0
 public function testAddMemberToACLRemoveMember()
 {
     // create a new user to check against
     $user = new \ElggUser();
     $user->username = '******';
     $user->save();
     $acl_id = create_access_collection('test acl');
     $result = add_user_to_access_collection($user->guid, $acl_id);
     $this->assertTrue($result);
     if ($result) {
         $this->assertTrue($user->delete());
         // since there are no more members this should return false
         $acl_members = get_members_of_access_collection($acl_id, true);
         $this->assertFalse($acl_members);
     }
     delete_access_collection($acl_id);
 }