/**
* Creates a native user in Omegaup and returns the DAO populated
*
* @param string $username optional
* @param string $password optional
* @param string $email optional
* @return user (DAO)
*/
public static function createUser($username = null, $password = null, $email = null, $verify = true)
{
// If data is not provided, generate it randomly
if (is_null($username)) {
$username = Utils::CreateRandomString();
}
if (is_null($password)) {
$password = Utils::CreateRandomString();
}
if (is_null($email)) {
$email = Utils::CreateRandomString() . '@mail.com';
}
// Populate a new Request to pass to the API
UserController::$permissionKey = uniqid();
$r = new Request(array('username' => $username, 'name' => $username, 'password' => $password, 'email' => $email, 'permission_key' => UserController::$permissionKey));
// Call the API
$response = UserController::apiCreate($r);
// If status is not OK
if (strcasecmp($response['status'], 'ok') !== 0) {
throw new Exception('UserFactory::createUser failed');
}
// Get user from db
$user = UsersDAO::FindByUsername($username);
if ($verify) {
UserController::$redirectOnVerify = false;
$user = self::verifyUser($user);
} else {
$user->verified = 0;
UsersDAO::save($user);
}
// Password came hashed from DB. Set password in plaintext
$user->setPassword($password);
return $user;
}
/**
*
* @param Request $r
* @return array
* @throws ForbiddenAccessException
*/
public static function apiGenerateOmiUsers(Request $r)
{
self::authenticateRequest($r);
$response = array();
$is_system_admin = Authorization::IsSystemAdmin($r['current_user_id']);
if ($r['contest_type'] == 'OMI') {
if (!$is_system_admin) {
throw new ForbiddenAccessException();
}
// Arreglo de estados de MX
$keys = array('OMI2015-AGU' => 4, 'OMI2015-BCN' => 4, 'OMI2015-BCS' => 4, 'OMI2015-CAM' => 4, 'OMI2015-COA' => 4, 'OMI2015-COL' => 4, 'OMI2015-CHP' => 4, 'OMI2015-CHH' => 8, 'OMI2015-DIF' => 4, 'OMI2015-DUR' => 4, 'OMI2015-GUA' => 4, 'OMI2015-GRO' => 4, 'OMI2015-HID' => 4, 'OMI2015-JAL' => 4, 'OMI2015-MEX' => 4, 'OMI2015-MIC' => 4, 'OMI2015-MOR' => 4, 'OMI2015-NAY' => 4, 'OMI2015-NLE' => 4, 'OMI2015-OAX' => 4, 'OMI2015-PUE' => 4, 'OMI2015-QUE' => 4, 'OMI2015-ROO' => 4, 'OMI2015-SLP' => 4, 'OMI2015-SIN' => 4, 'OMI2015-SON' => 4, 'OMI2015-TAB' => 4, 'OMI2015-TAM' => 4, 'OMI2015-TLA' => 4, 'OMI2015-VER' => 4, 'OMI2015-YUC' => 4, 'OMI2015-ZAC' => 4, 'OMI2015-INV' => 4);
} elseif ($r['contest_type'] == 'OMIPS') {
if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OMIPS2015-P' => 25, 'OMIPS2015-S' => 25);
} elseif ($r['contest_type'] == 'ORIG') {
if ($r['current_user']->getUsername() != 'kuko.coder' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('ORIG1516-CEL' => 38, 'ORIG1516-DHI' => 15, 'ORIG1516-GTO' => 14, 'ORIG1516-IRA' => 37, 'ORIG1516-PEN' => 22, 'ORIG1516-LEO' => 43, 'ORIG1516-SLP' => 14, 'ORIG1516-SLV' => 14, 'ORIG1516-URI' => 17, 'ORIG1516-VDS' => 15);
} elseif ($r['contest_type'] == 'OMIAGS') {
if ($r['current_user']->getUsername() != 'andreasantillana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OMIAGS' => 35);
} elseif ($r['contest_type'] == 'OSI') {
if ($r['current_user']->getUsername() != 'cope_quintana' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OSI16' => 120);
} elseif ($r['contest_type'] == 'UNAMFC') {
if ($r['current_user']->getUsername() != 'manuelalcantara52' && $r['current_user']->getUsername() != 'manuel52' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('UNAMFC15' => 30);
} elseif ($r['contest_type'] == 'OVI') {
if ($r['current_user']->getUsername() != 'covi.academico' && !$is_system_admin) {
throw new ForbiddenAccessException();
}
$keys = array('OVI15' => 200);
} else {
throw new InvalidParameterException('parameterNotInExpectedSet', 'contest_type', array('bad_elements' => $r['contest_type'], 'expected_set' => 'OMI, OMIAGS, ORIG, OSI, OVI'));
}
self::$permissionKey = $r['permission_key'] = self::randomString(32);
foreach ($keys as $k => $n) {
$digits = floor(log10($n) + 1);
for ($i = 1; $i <= $n; $i++) {
$username = $k . '-' . str_pad($i, $digits, '0', STR_PAD_LEFT);
$password = self::randomString(8);
if (self::omiPrepareUser($r, $username, $password)) {
$response[$username] = $password;
}
// Add user to contest if needed
if (!is_null($r['contest_alias'])) {
$addUserRequest = new Request();
$addUserRequest['auth_token'] = $r['auth_token'];
$addUserRequest['usernameOrEmail'] = $username;
$addUserRequest['contest_alias'] = $r['contest_alias'];
ContestController::apiAddUser($addUserRequest);
}
}
}
return $response;
}
public function LoginViaFacebook()
{
//ok, the user does not have any auth token
//if he wants to test facebook login
//Facebook must send me the state=something
//query, so i dont have to be testing
//facebook sessions on every single petition
//made from the front-end
if (!isset($_GET['state'])) {
return false;
}
//if that is not true, may still be logged with
//facebook, lets test that
$facebook = self::getFacebookInstance();
// Get User ID
$fb_user = $facebook->getUser();
if ($fb_user == 0) {
self::$log->info('FB session unavailable.');
return false;
}
// We may or may not have this data based on whether the user is logged in.
// If we have a $fb_user id here, it means we know the user is logged into
// Facebook, but we don't know if the access token is valid. An access
// token is invalid if the user logged out of Facebook.
try {
// Proceed knowing you have a logged in user who's authenticated.
$fb_user_profile = $facebook->api('/me');
} catch (FacebookApiException $e) {
$fb_user = null;
self::$log->error('FacebookException:' . $e);
return false;
}
//ok we know the user is logged in,
//lets look for his information on the database
//if there is none, it means that its the first
//time the user has been here, lets register his info
self::$log->info('User is logged in via facebook !!');
$results = UsersDAO::FindByEmail($fb_user_profile['email']);
if (!is_null($results)) {
//user has been here before with facebook!
$vo_User = $results;
self::$log->info('user has been here before with facebook!');
} else {
// The user has never been here before, let's register him
// I have a problem with this:
$username = self::getUniqueUsernameFromEmail($fb_user_profile['email']);
// Even if the user gave us his/her email, we should not
// just go ahead and assume its ok to share with the world
// maybe we could do:
// $username = str_replace(" ", "_", $fb_user_profile["name"] ),
UserController::$permissionKey = uniqid();
$r = new Request(array('name' => $fb_user_profile['name'], 'username' => $username, 'email' => $fb_user_profile['email'], 'facebook_user_id' => $fb_user_profile['id'], 'password' => null, 'permission_key' => UserController::$permissionKey, 'ignore_password' => true));
try {
$res = UserController::apiCreate($r);
} catch (ApiException $e) {
self::$log->error('Unable to login via Facebook ' . $e);
return false;
}
$vo_User = UsersDAO::getByPK($res['user_id']);
}
//since we got here, this user does not have
//any auth token, lets give him one
//so we dont have to call facebook to see
//if he is still logged in, and he can call
//the api
$this->RegisterSession($vo_User);
}
/**
* Tests usernames with invalid chars. Exception is expected
*
* @expectedException InvalidParameterException
*/
public function testUsernameWithInvalidChars()
{
UserController::$permissionKey = uniqid();
// Inflate request
$r = new Request(array('username' => 'ínvalid username', 'password' => Utils::CreateRandomString(), 'email' => Utils::CreateRandomString() . '@' . Utils::CreateRandomString() . '.com', 'permission_key' => UserController::$permissionKey));
// Call API
$response = UserController::apiCreate($r);
}
/**
* Tests usernames with invalid chars. Exception is expected
*
* @expectedException InvalidParameterException
*/
public function testUsernameWithInvalidChars()
{
UserController::$permissionKey = uniqid();
// Inflate request
$r = new Request(array("username" => "ínvalid username", "password" => Utils::CreateRandomString(), "email" => Utils::CreateRandomString() . "@" . Utils::CreateRandomString() . ".com", "permission_key" => UserController::$permissionKey));
// Call API
$response = UserController::apiCreate($r);
}
/**
*
* @param Request $r
* @return array
* @throws ForbiddenAccessException
*/
public static function apiGenerateOmiUsers(Request $r)
{
self::authenticateRequest($r);
$response = array();
if ($r["contest_type"] == "OMI") {
if (!Authorization::IsSystemAdmin($r["current_user_id"])) {
throw new ForbiddenAccessException();
}
// Arreglo de estados de MX
$keys = array("OMI2015-AGU" => 4, "OMI2015-BCN" => 4, "OMI2015-BCS" => 4, "OMI2015-CAM" => 4, "OMI2015-COA" => 4, "OMI2015-COL" => 4, "OMI2015-CHP" => 4, "OMI2015-CHH" => 8, "OMI2015-DIF" => 4, "OMI2015-DUR" => 4, "OMI2015-GUA" => 4, "OMI2015-GRO" => 4, "OMI2015-HID" => 4, "OMI2015-JAL" => 4, "OMI2015-MEX" => 4, "OMI2015-MIC" => 4, "OMI2015-MOR" => 4, "OMI2015-NAY" => 4, "OMI2015-NLE" => 4, "OMI2015-OAX" => 4, "OMI2015-PUE" => 4, "OMI2015-QUE" => 4, "OMI2015-ROO" => 4, "OMI2015-SLP" => 4, "OMI2015-SIN" => 4, "OMI2015-SON" => 4, "OMI2015-TAB" => 4, "OMI2015-TAM" => 4, "OMI2015-TLA" => 4, "OMI2015-VER" => 4, "OMI2015-YUC" => 4, "OMI2015-ZAC" => 4, "OMI2015-INV" => 4);
} else {
if ($r["contest_type"] == "OMIPS") {
if (!Authorization::IsSystemAdmin($r["current_user_id"])) {
throw new ForbiddenAccessException();
}
$keys = array("OMIPS2015-P" => 25, "OMIPS2015-S" => 25);
} else {
if ($r["contest_type"] == "ORIG") {
if (!($r["current_user"]->getUsername() == "kuko.coder" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("ORIG1516-CEL" => 38, "ORIG1516-DHI" => 15, "ORIG1516-GTO" => 14, "ORIG1516-IRA" => 37, "ORIG1516-PEN" => 22, "ORIG1516-LEO" => 43, "ORIG1516-SLP" => 14, "ORIG1516-SLV" => 14, "ORIG1516-URI" => 17, "ORIG1516-VDS" => 15);
} else {
if ($r["contest_type"] == "OMIAGS") {
if (!($r["current_user"]->getUsername() == "andreasantillana" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OMIAGS" => 35);
} else {
if ($r["contest_type"] == "OSI") {
if (!($r["current_user"]->getUsername() == "cope_quintana" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OSI16" => 120);
} else {
if ($r["contest_type"] == "UNAMFC") {
if (!($r["current_user"]->getUsername() == "manuelalcantara52" || $r["current_user"]->getUsername() == "manuel52" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("UNAMFC15" => 30);
} else {
if ($r["contest_type"] == "OVI") {
if (!($r["current_user"]->getUsername() == "covi.academico" || Authorization::IsSystemAdmin($r["current_user_id"]))) {
throw new ForbiddenAccessException();
}
$keys = array("OVI15" => 200);
} else {
throw new InvalidParameterException("parameterNotInExpectedSet", "contest_type", array("bad_elements" => $r["contest_type"], "expected_set" => "OMI, OMIAGS, ORIG, OSI, OVI"));
}
}
}
}
}
}
}
self::$permissionKey = $r['permission_key'] = self::randomString(32);
foreach ($keys as $k => $n) {
$digits = floor(log10($n) + 1);
for ($i = 1; $i <= $n; $i++) {
$username = $k . "-" . str_pad($i, $digits, '0', STR_PAD_LEFT);
$password = self::randomString(8);
if (self::omiPrepareUser($r, $username, $password)) {
$response[$username] = $password;
}
// Add user to contest if needed
if (!is_null($r["contest_alias"])) {
$addUserRequest = new Request();
$addUserRequest["auth_token"] = $r["auth_token"];
$addUserRequest["usernameOrEmail"] = $username;
$addUserRequest["contest_alias"] = $r["contest_alias"];
ContestController::apiAddUser($addUserRequest);
}
}
}
return $response;
}
