/** * Action to allow a user to change their password * */ public function changePasswordAction() { $this->view->passwordForm = $form = $this->_getFormChangePassword(); if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getUser()->getPassword(), $this->_options['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid current password'); return $this->forward('index'); } // update the users password $this->getUser()->setPassword(OSS_Auth_Password::hash($form->getValue('new_password'), $this->_options['resources']['auth']['oss'])); $this->getD2EM()->flush(); if ($this->_rememberMeEnabled()) { $this->_deleteRememberMeCookie($this->getUser()); } $this->changePasswordPostFlush(); $form->reset(); $this->getLogger()->info("User {$this->getUser()->getUsername()} changed password"); $this->addMessage(_('Your password has been changed.'), OSS_Message::SUCCESS); $this->redirect('profile/index'); } $this->forward('index'); }
public function setupAction() { if ($this->getD2EM()->getRepository('\\Entities\\Admin')->getCount() != 0) { $this->addMessage(_("Admins already exist in the system."), OSS_Message::INFO); $this->_redirect('auth/login'); } if ($this->getAuth()->getIdentity()) { $this->addMessage(_('You are already logged in.'), OSS_Message::INFO); $this->_redirect('domain/list'); } $this->view->form = $form = new ViMbAdmin_Form_Admin_AddEdit(); $form->removeElement('active'); $form->removeElement('super'); $form->removeElement('welcome_email'); if (!isset($this->_options['securitysalt']) || strlen($this->_options['securitysalt']) != 64) { $this->view->saltSet = false; $randomSalt = $this->view->randomSalt = OSS_String::salt(64); $form->getElement('salt')->setValue($randomSalt); $this->view->rememberSalt = OSS_String::salt(64); $this->view->passwordSalt = OSS_String::salt(64); } else { $this->view->saltSet = true; if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if ($form->getElement('salt')->getValue() != $this->_options['securitysalt']) { $this->addMessage(_("Incorrect security salt provided. Please copy and paste it from the <code>application.ini</code> file."), OSS_Message::INFO); } else { $admin = new \Entities\Admin(); $admin->setUsername($form->getValue('username')); $admin->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss'])); $admin->setSuper(true); $admin->setActive(true); $admin->setCreated(new \DateTime()); $admin->setModified(new \DateTime()); $this->getD2EM()->persist($admin); // we need to populate the Doctine migration table $dbversion = new \Entities\DatabaseVersion(); $dbversion->setVersion(ViMbAdmin_Version::DBVERSION); $dbversion->setName(ViMbAdmin_Version::DBVERSION_NAME); $dbversion->setAppliedOn(new \DateTime()); $this->getD2EM()->persist($dbversion); $this->getD2EM()->flush(); try { $mailer = $this->getMailer(); $mailer->setSubject(_('ViMbAdmin :: Your New Administrator Account')); $mailer->addTo($admin->getUsername()); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $this->view->username = $admin->getUsername(); $this->view->password = $form->getValue('password'); $mailer->setBodyText($this->view->render('admin/email/new_admin.phtml')); $mailer->send(); } catch (Zend_Mail_Exception $e) { $this->addMessage(_('Could not send welcome email to the new administrator. Please ensure you have configured a mail relay server in your <code>application.ini</code>.'), OSS_Message::ALERT); } $this->addMessage(_('Your administrator account has been added. Please log in below.'), OSS_Message::SUCCESS); } if (!(isset($this->_options['skipInstallPingback']) && $this->_options['skipInstallPingback'])) { try { // Try and track new installs to see if it is worthwhile continuing development include_once APPLICATION_PATH . '/../public/PiwikTracker.php'; if (class_exists('PiwikTracker')) { if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') { PiwikTracker::$URL = 'https://stats.opensolutions.ie/'; } else { PiwikTracker::$URL = 'http://stats.opensolutions.ie/'; } $piwikTracker = new PiwikTracker($idSite = 5); $piwikTracker->doTrackPageView('New V3 Install Completed'); $piwikTracker->doTrackGoal($idGoal = 2, $revenue = 1); } } catch (Exception $e) { } } $this->_redirect('auth/login'); } } }
/** * Action FOR ADMINS AND SUPERADMINS to change the password of a mailbox. */ public function passwordAction() { if (!$this->getMailbox()) { $this->addMessage(_('No mailbox id passed.'), OSS_Message::ERROR); $this->redirect('list'); } $this->view->mailbox = $this->_mailbox; $this->view->form = $form = new ViMbAdmin_Form_Admin_Password(); if (isset($this->_options['defaults']['mailbox']['min_password_length'])) { $form->setMinPasswordLength($this->_options['defaults']['mailbox']['min_password_length']); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $this->notify('mailbox', 'password', 'postValidation', $this); $this->getMailbox()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), ['pwhash' => $this->_options['defaults']['mailbox']['password_scheme'], 'pwsalt' => isset($this->_options['defaults']['mailbox']['password_salt']) ? $this->_options['defaults']['mailbox']['password_salt'] : null, 'pwdovecot' => isset($this->_options['defaults']['mailbox']['dovecot_pw_binary']) ? $this->_options['defaults']['mailbox']['dovecot_pw_binary'] : null, 'username' => $this->getMailbox()->getUsername()])); $this->log(\Entities\Log::ACTION_MAILBOX_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for mailbox {$this->getMailbox()->getUsername()}"); $this->notify('mailbox', 'password', 'preFlush', $this); $this->getD2EM()->flush(); $this->notify('mailbox', 'password', 'postFlush', $this, ['options' => $this->_options]); if ($form->getValue('email')) { $mailer = $this->getMailer(); $mailer->setSubject(_('New Password for ' . $this->getMailbox()->getUsername())); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->getMailbox()->getUsername(), $this->getMailbox()->getName()); $this->view->admin = $this->getAdmin(); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('mailbox/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $vException) { $this->getLogger()->debug($vException->getTraceAsString()); $this->addMessage(_('Could not send email.'), OSS_Message::ALERT); $this->_redirect('mailbox/list'); } } $this->addMessage(_("Password has been sucessfully changed."), OSS_Message::SUCCESS); $this->_redirect('mailbox/list'); } }
/** * Set the password for an admin, and optionally send an email to him/her with the new password. */ public function passwordAction() { $redirectUrl = $this->getAdmin()->isSuper() ? 'admin/list' : 'domain/list'; if (!$this->getTargetAdmin()) { $this->addMessage('Invalid or non-existent admin.', OSS_Message::ERROR); $this->redirect($redirectUrl); } $this->view->targetAdmin = $this->getTargetAdmin(); $self = false; if ($this->getTargetAdmin()->getId() == $this->getAdmin()->getId()) { $self = true; } if (!$this->authorise(true, null, false) && !$self) { $this->getLogger()->alert(sprintf('Admin %s tried to set the password for %s but has no sufficient privileges.', $this->getAdmin()->getUsername(), $this->getTargetAdmin()->getUsername()), OSS_Message::ALERT); $this->addMessage(_('You have insufficient privileges for this task.'), OSS_Message::ERROR); $this->redirect($redirectUrl); } if ($self) { $this->view->form = $form = new ViMbAdmin_Form_Admin_ChangePassword(); } else { $this->view->form = $form = new ViMbAdmin_Form_Admin_Password(); } if ($this->getRequest()->isPost() && $form->isValid($_POST)) { if ($self) { if (!OSS_Auth_Password::verify($form->getValue('current_password'), $this->getTargetAdmin()->getPassword(), $this->getOptions()['resources']['auth']['oss'])) { $form->getElement('current_password')->addError('Invalid password.'); return; } } $this->getTargetAdmin()->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss'])); if (!$self) { $this->log(\Entities\Log::ACTION_ADMIN_PW_CHANGE, "{$this->getAdmin()->getFormattedName()} changed password for admin {$this->getTargetAdmin()->getFormattedName()}"); } $this->getD2EM()->flush(); if ($form->getValue('email')) { $mailer = $this->getMailer(); $mailer->setSubject(_('ViMbAdmin :: New Password')); $mailer->setFrom($this->_options['server']['email']['address'], $this->_options['server']['email']['name']); $mailer->addTo($this->getTargetAdmin()->getUsername()); $this->view->newPassword = $form->getValue('password'); $mailer->setBodyText($this->view->render('admin/email/change_password.phtml')); try { $mailer->send(); } catch (Zend_Mail_Exception $e) { $this->getLogger()->debug($e->getTraceAsString()); $this->addMessage(_('Sending the change password email failed.'), OSS_Message::INFO); } } if (!$self) { $this->addMessage("You have successfully changed the user's password.", OSS_Message::SUCCESS); } else { $this->addMessage("You have successfully changed your password.", OSS_Message::SUCCESS); } $this->redirect($redirectUrl); } }
public function resetPasswordAction() { $this->view->form = $form = $this->_getFormResetPassword(); $form->getElement('username')->setValue($this->_getParam("username", "")); if ($this->getRequest()->isPost() && $form->isValid($_POST)) { $user = $this->getD2EM()->getRepository($this->getOptions()['resources']['auth']['oss']['entity'])->findOneByUsername($form->getValue('username')); if (!$user) { $this->addMessage('Invalid username / token combination. Please check your details and try again.', OSS_Message::SUCCESS); } else { // start by removing expired preferences if ($user->cleanExpiredPreferences()) { $this->getD2EM()->flush(); } if (!in_array($form->getValue('token'), $user->getIndexedPreference('tokens.password_reset'))) { $this->addMessage('Invalid username / token combination. Please check your details and try again.', OSS_Message::ERROR); } else { $user->setPassword(OSS_Auth_Password::hash($form->getValue('password'), $this->_options['resources']['auth']['oss'])); $user->deletePreference('tokens.password_reset'); if (method_exists($user, 'setFailedLogins')) { $user->setFailedLogins(0); } $this->_deleteRememberMeCookie($user); if ($this->resetPasswordPreFlush($user, $form)) { $this->getD2EM()->flush(); } $this->clearUserFromCache($user->getId()); $this->view->user = $user; $mailer = $this->getMailer(); $mailer->setFrom($this->_options['identity']['mailer']['email'], $this->_options['identity']['mailer']['name']); $mailer->addTo($user->getEmail(), $user->getFormattedName()); $mailer->setSubject($this->_options['identity']['sitename'] . ' - Your Password Has Been Reset'); $this->resolveTemplate($mailer, 'reset-password'); $mailer->send(); $this->addMessage('Your password has been successfully changed. Please log in below with your new password.', OSS_Message::SUCCESS); $this->getLogger()->info(sprintf(_("%s has completed a password reset"), $user->getUsername())); $this->_redirect('auth/login'); } } } else { $form->getElement('username')->setValue($this->_getParam('username', '')); $form->getElement('token')->setValue($this->_getParam('token', '')); } }
/** * Creates/updates/deletes the user for a contact when adding / editing a contact * * @param IXP_Form_Contact $form The form object * @param \Entities\Contact $contact The Doctrine2 entity (being edited or blank for add) * @param bool $isEdit True of we are editing an object, false otherwise */ private function _processUser($form, $contact, $isEdit) { if ($form->getValue("login")) { // the contact has a user already or one needs to be created if (!($user = $contact->getUser())) { $user = new \Entities\User(); $contact->setUser($user); $user->setCreated(new DateTime()); $user->setCreator($this->getUser()->getUsername()); // these should only be updated by CUSTADMIN on creation of a login account if ($this->getUser()->getPrivs() <= \Entities\User::AUTH_CUSTADMIN) { $user->setPrivs(\Entities\User::AUTH_CUSTUSER); $user->setPassword(OSS_Auth_Password::hash(OSS_String::random(16), $this->_options['resources']['auth']['oss'])); $user->setUsername($form->getValue("username")); } else { // if this is an admin user, let them start with no unread notes if ($form->getValue("privs") == \Entities\User::AUTH_SUPERUSER) { $user->setPreference('customer-notes.read_upto', time()); } } $this->getD2EM()->persist($user); $this->_feParams->userStatus = "created"; } $user->setCustomer($contact->getCustomer()); $user->setDisabled($form->getValue("disabled")); $user->setEmail($form->getValue("email")); $user->setLastupdated(new DateTime()); $user->setLastupdatedby($this->getUser()->getId()); // SUPERADMIN can update these always if ($this->getUser()->getPrivs() == \Entities\User::AUTH_SUPERUSER) { if ($form->getValue("password", '') != '') { $user->setPassword(OSS_Auth_Password::hash($form->getValue("password"), $this->_options['resources']['auth']['oss'])); } // ensure the username is not already taken if ($user->getUsername() != $form->getValue("username") && $this->getD2R('\\Entities\\User')->findOneBy(['username' => $form->getValue("username")])) { $this->addMessage('That username is already is use by another user', OSS_Message::ERROR); return false; } $user->setUsername($form->getValue("username")); $user->setPrivs($form->getValue("privs")); } $this->getLogger()->info("{$this->getUser()->getUsername()} created user {$user->getUsername()}"); } else { if ($contact->getUser()) { $this->_deleteUser($contact); } } return true; }