Esempio n. 1
0
 /**
  * Returns the JavaScript needed for performing client-side validation.
  * @param CModel $object the data object being validated
  * @param string $attribute the name of the attribute to be validated.
  * @return string the client-side validation script.
  * @see CActiveForm::enableClientValidation
  */
 public function clientValidateAttribute($object, $attribute)
 {
     // save the user ID
     $this->user_id = (int) $object->id;
     // extract the strenght data
     extract($this->strengthData(UserGroupsConfiguration::findRule('password_strength')));
     /*
     		$message=$this->message!==null ? $this->message : Yii::t('yii','{attribute} is not a valid email address.');
     		$message=strtr($message, array(
     			'{attribute}'=>$object->getAttributeLabel($attribute),
     		));
     */
     $condition = "!value.match({$pattern})";
     return "\r\nif(" . $condition . ") {\r\n\tmessages.push(" . CJSON::encode($message) . ");\r\n}\r\n";
 }
 private function update1_8()
 {
     if (UserGroupsConfiguration::findRule('version') >= 1.8) {
         return;
     }
     mkdir(Yii::app()->basePath . '/views/ugmail');
     // add the activation mail view
     $path = Yii::app()->basePath . '/views/ugmail/activation.php';
     $content = file_get_contents(Yii::app()->basePath . '/modules/userGroups/templates/template_activation.php');
     if (@file_put_contents($path, $content) === false) {
         throw new CHttpException(500, Yii::t('userGroupsModule.install', 'Unable to write the file {path}.', array('path' => $path)));
         return false;
     }
     // add the invitation mail view
     $path = Yii::app()->basePath . '/views/ugmail/invitation.php';
     $content = file_get_contents(Yii::app()->basePath . '/modules/userGroups/templates/template_invitation.php');
     if (@file_put_contents($path, $content) === false) {
         throw new CHttpException(500, Yii::t('userGroupsModule.install', 'Unable to write the file {path}.', array('path' => $path)));
         return false;
     }
     // add the password reset mail view
     $path = Yii::app()->basePath . '/views/ugmail/passreset.php';
     $content = file_get_contents(Yii::app()->basePath . '/modules/userGroups/templates/template_passreset.php');
     if (@file_put_contents($path, $content) === false) {
         throw new CHttpException(500, Yii::t('userGroupsModule.install', 'Unable to write the file {path}.', array('path' => $path)));
         return false;
     }
     // add new cron configuration
     $configuration_model = new UserGroupsConfiguration('installation');
     $configuration_model->rule = 'server_executed_crons';
     $configuration_model->value = 'FALSE';
     $configuration_model->options = 'BOOL';
     $configuration_model->description = 'if true crons must be executed from the server using a crontab';
     if (!$configuration_model->save()) {
         throw new CHttpException(500, Yii::t('userGroupsModule.install', 'Setting not installed. Installation abort.'));
     }
     // change version number
     $version_number = UserGroupsConfiguration::model()->findByAttributes(array('rule' => 'version'));
     $version_number->scenario = 'installation';
     $version_number->value = '1.8';
     $version_number->save();
     return true;
 }
 /**
  * Authenticates a user.
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     $model = UserGroupsUser::model()->findByAttributes(array('username' => $this->username));
     if (!count($model)) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } else {
         if ((int) $model->status === UserGroupsUser::WAITING_ACTIVATION) {
             $this->errorCode = self::ERROR_USER_INACTIVE;
         } else {
             if ($model->password !== md5($this->password . $model->getSalt())) {
                 $this->errorCode = self::ERROR_PASSWORD_INVALID;
             } else {
                 if ((int) $model->status === UserGroupsUser::WAITING_APPROVAL) {
                     $this->errorCode = self::ERROR_USER_APPROVAL;
                 } else {
                     if ((int) $model->status === UserGroupsUser::BANNED) {
                         $this->errorCode = self::ERROR_USER_BANNED;
                     } else {
                         if ((int) $model->status === UserGroupsUser::PASSWORD_CHANGE_REQUEST) {
                             $this->errorCode = self::ERROR_PASSWORD_REQUESTED;
                         } else {
                             $this->errorCode = self::ERROR_NONE;
                             $this->id = $model->id;
                             $this->name = $model->username;
                             $this->group = $model->group_id;
                             $this->groupName = $model->relUserGroupsGroup->groupname;
                             $this->level = $model->relUserGroupsGroup->level;
                             $this->accessRules = $this->accessRulesComputation($model);
                             $this->home = $model->home ? $model->home : $model->relUserGroupsGroup->home;
                             $this->recovery = false;
                             // load profile extension's data
                             $this->profileLoad($model);
                             // update the last login time
                             $model->last_login = date('Y-m-d H:i:s');
                             // run the cronjobs
                             if (UserGroupsConfiguration::findRule('server_executed_crons') === false) {
                                 UGCron::init();
                                 UGCron::add(new UGCJGarbageCollection());
                                 UGCron::add(new UGCJUnban());
                                 foreach (Yii::app()->controller->module->crons as $c) {
                                     UGCron::add(new $c());
                                 }
                                 //UGCron::run();
                             }
                             $model->save();
                         }
                     }
                 }
             }
         }
     }
     return !$this->errorCode;
 }
 private function returnPermissionResult($request, $current_module, $current_controller)
 {
     $r = explode('.', $request);
     switch (count($r)) {
         case 1:
             $module = $current_module;
             $controller = $current_controller;
             $permission = $r[0];
             break;
         case 2:
             $module = $current_module;
             $controller = $r[0];
             $permission = $r[1];
             break;
         case 3:
             $module = $r[0];
             $controller = $r[1];
             $permission = $r[2];
             break;
     }
     // check the permissions
     if (isset(Yii::app()->user->accessRules[$module][$controller][$permission])) {
         return true;
     } elseif (UserGroupsConfiguration::findRule('permission_cascade')) {
         if ($permission === 'read') {
             if (isset(Yii::app()->user->accessRules[$module][$controller]['write'])) {
                 return true;
             }
         }
         if ($permission === 'read' || $permission === 'write') {
             if (isset(Yii::app()->user->accessRules[$module][$controller]['admin'])) {
                 return true;
             }
         }
     } else {
         return false;
     }
 }
			<?php 
echo $form->passwordField($model, 'password_confirm');
?>
			<?php 
echo $form->error($model, 'password_confirm');
?>
		</div>

		<?php 
// additional fields of additional profiles supporting registration
foreach ($profiles as $p) {
    $this->renderPartial('//' . str_replace(array('{', '}'), NULL, $p['model']->tableName()) . '/' . $p['view'], array('form' => $form, 'model' => $p['model']));
}
?>
		<?php 
if (UserGroupsConfiguration::findRule('simple_password_reset') === false) {
    ?>
		<div class="row">
			<?php 
    echo $form->labelEx($model, 'question');
    ?>
			<?php 
    echo $form->textField($model, 'question');
    ?>
			<?php 
    echo $form->error($model, 'question');
    ?>
		</div>
		<div class="row">
			<?php 
    echo $form->labelEx($model, 'answer');
 /**
  * parameters additional preparations before saving the user
  */
 protected function beforeSave()
 {
     if (parent::beforeSave()) {
         // set the new user creation_date
         if ($this->isNewRecord) {
             $this->creation_date = date('Y-m-d H:i:s');
         }
         // populate the attributes when a new record is created in an admin scenario
         if ($this->scenario === 'admin' && $this->isNewRecord && (empty($this->password) || empty($this->username))) {
             $this->status = self::WAITING_ACTIVATION;
             $this->activation_code = uniqid();
             $this->activation_time = date('Y-m-d H:i:s');
             if (empty($this->username)) {
                 $this->username = uniqid('_user');
             }
         } else {
             if ($this->scenario === 'admin' && $this->isNewRecord || $this->scenario === 'recovery' || $this->scenario === 'swift_recovery') {
                 // sets the right status based on configurations
                 if ((int) $this->status === self::WAITING_ACTIVATION && UserGroupsConfiguration::findRule('user_need_approval') && ($this->scenario === 'recovery' || $this->scenario === 'swift_recovery')) {
                     $this->status = self::WAITING_APPROVAL;
                 } else {
                     $this->status = self::ACTIVE;
                 }
             }
         }
         // if it's a new record generates a new password if a password was defined
         if (($this->isNewRecord || $this->scenario === 'recovery' || $this->scenario === 'changePassword') && !empty($this->password)) {
             $this->password = md5($this->password . $this->getSalt());
         }
         // in the passRequest scenario change the status and delete the old password
         if ($this->scenario === 'passRequest') {
             $this->status = self::PASSWORD_CHANGE_REQUEST;
             $this->password = NULL;
             $this->activation_code = uniqid();
             $this->activation_time = date('Y-m-d H:i:s');
         }
         // on invitations set the waiting_activation status and activation code
         if ($this->scenario === 'invitation') {
             $this->status = self::WAITING_ACTIVATION;
             $this->username = uniqid('_user');
             $this->activation_code = uniqid();
             $this->activation_time = date('Y-m-d H:i:s');
             $this->group_id = UserGroupsConfiguration::findRule('user_registration_group');
         }
         // sets the correct user status and group upon registration based on the configurations
         if ($this->scenario === 'registration') {
             $this->group_id = UserGroupsConfiguration::findRule('user_registration_group');
             if (UserGroupsConfiguration::findRule('user_need_activation')) {
                 $this->status = self::WAITING_ACTIVATION;
                 $this->activation_code = uniqid();
                 $this->activation_time = date('Y-m-d H:i:s');
             } else {
                 if (UserGroupsConfiguration::findRule('user_need_approval')) {
                     $this->status = self::WAITING_APPROVAL;
                 } else {
                     $this->status = self::ACTIVE;
                 }
             }
         }
         // erese the activation code for security reasons
         if ((int) $this->status !== self::WAITING_ACTIVATION && (int) $this->status !== self::WAITING_APPROVAL && (int) $this->status !== self::PASSWORD_CHANGE_REQUEST) {
             $this->activation_code = NULL;
         }
         // sanitize the value of home
         if ($this->home === '0') {
             $this->home = NULL;
         }
         return true;
     }
     return false;
 }
Esempio n. 7
0
 /**
  * Returns the data model based on the primary key given in the GET variable.
  * Optionally sets a scenario
  * If the data model is not found, an HTTP exception will be raised.
  * @param integer the ID of the model to be loaded
  * @param string the scenario to apply to the model
  */
 public function loadModel($id, $scenario = false)
 {
     $model = UserGroupsUser::model()->findByPk((int) $id);
     if ($model === null || $model->relUserGroupsGroup->level > Yii::app()->user->level && !UserGroupsConfiguration::findRule('public_profiles')) {
         throw new CHttpException(404, Yii::t('userGroupsModule.general', 'The requested page does not exist.'));
     }
     if ($scenario) {
         $model->setScenario($scenario);
     }
     return $model;
 }
Esempio n. 8
0
    ?>
	<div class="info">
		<?php 
    echo CHtml::link(Yii::t('userGroupsModule.admin', 'click here update userGroups'), array('admin/update'));
    ?>
	</div>
	<?php 
}
?>
	<div class="userGroupsMenu-container">
		<?php 
$this->renderPartial('/admin/menu', array('mode' => 'profile', 'root' => true));
?>
	</div>
	<?php 
if (!UserGroupsConfiguration::findRule('dumb_admin') || Yii::app()->user->pbac('admin')) {
    ?>
	<?php 
    $this->renderPartial('configurations', array('confDataProvider' => $confDataProvider));
    ?>
	<hr/>
	<?php 
    $this->renderPartial('crons', array('cronDataProvider' => $cronDataProvider));
    ?>
	<hr/>
	<?php 
}
?>
	<?php 
$this->renderPartial('groups', array('groupModel' => $groupModel));
?>
Esempio n. 9
0
echo CHtml::submitButton(Yii::t('UserGroupsModule.general', 'ENTER_SITE'));
?>
					<noindex>
				<a href="/userGroups/user/passRequest/" rel="nofollow"><?php 
echo Yii::t('UserGroupsModule.general', 'LOST_PASSWORD');
?>
</a>
		</noindex>
				</td>
			</tr>
		</table>
		
		
		
		<?php 
if (UserGroupsConfiguration::findRule('registration')) {
    ?>
		<noindex>
			<p class="bottom-text">
				<big><?php 
    echo CHtml::link(Yii::t('UserGroupsModule.general', 'REGISTER'), array('/userGroups/user/register'));
    ?>
</big><br />
				<?php 
    echo Yii::t('UserGroupsModule.general', 'FILL_REG_FORM');
    ?>
 
			</p>
		</noindex>
		<?php 
}
Esempio n. 10
0
 /**
  * Authenticates a user.
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     $model = UserGroupsUser::model()->findByAttributes(array('username' => $this->username));
     //Тупая битриксовская проверка пароля.
     if ($model && $model->is_bitrix_pass) {
         if (strlen($model->password) > 32) {
             $salt = substr($model->password, 0, strlen($model->password) - 32);
             $db_password = substr($model->password, -32);
         } else {
             $salt = "";
             $db_password = $model->password;
         }
         $user_password = md5($salt . $this->password);
         //echo $salt.'<br/>'.$user_password.'<br/>'.$db_password;
         //die();
     } elseif ($model && !$model->is_bitrix_pass) {
         $user_password = md5($this->password . $model->getSalt());
         $db_password = $model->password;
     }
     if (!count($model)) {
         $this->errorCode = self::ERROR_USERNAME_INVALID;
     } else {
         if ((int) $model->status === UserGroupsUser::WAITING_ACTIVATION) {
             $this->errorCode = self::ERROR_USER_INACTIVE;
         } else {
             if (!$this->hash && $user_password !== $db_password || $this->hash && $model->password != $this->hash) {
                 $this->errorCode = self::ERROR_PASSWORD_INVALID;
             } else {
                 if ((int) $model->status === UserGroupsUser::WAITING_APPROVAL) {
                     $this->errorCode = self::ERROR_USER_APPROVAL;
                 } else {
                     if ((int) $model->status === UserGroupsUser::BANNED) {
                         $this->errorCode = self::ERROR_USER_BANNED;
                     } else {
                         if ((int) $model->status === UserGroupsUser::PASSWORD_CHANGE_REQUEST) {
                             $this->errorCode = self::ERROR_PASSWORD_REQUESTED;
                         } else {
                             $this->errorCode = self::ERROR_NONE;
                             $this->id = $model->id;
                             $this->name = $model->username;
                             $this->group = $model->group_id;
                             $this->groupName = $model->relUserGroupsGroup->groupname;
                             $this->level = $model->relUserGroupsGroup->level;
                             $this->accessRules = $this->accessRulesComputation($model);
                             $this->home = $model->home ? $model->home : $model->relUserGroupsGroup->home;
                             $this->recovery = false;
                             // load profile extension's data
                             $this->profileLoad($model);
                             // update the last login time
                             $model->last_login = date('Y-m-d H:i:s');
                             // run the cronjobs
                             if (UserGroupsConfiguration::findRule('server_executed_crons') === false) {
                                 UGCron::init();
                                 UGCron::add(new UGCJGarbageCollection());
                                 UGCron::add(new UGCJUnban());
                                 if (Yii::app()->controller->module) {
                                     foreach (Yii::app()->controller->module->crons as $c) {
                                         UGCron::add(new $c());
                                     }
                                 }
                                 UGCron::run();
                             }
                             $model->save();
                         }
                     }
                 }
             }
         }
     }
     return !$this->errorCode;
 }
 /**
  * this action executes every single cron
  */
 public function actionCron()
 {
     if (UserGroupsConfiguration::findRule('server_executed_crons') !== true) {
         return;
     }
     UGCron::init();
     UGCron::add(new UGCJGarbageCollection());
     UGCron::add(new UGCJUnban());
     foreach (Yii::app()->controller->module->crons as $c) {
         UGCron::add(new $c());
     }
     UGCron::run();
 }
Esempio n. 12
0
 /**
  * Authenticates a user based on {@link username}.
  * This method is required by {@link IUserIdentity}.
  * @return boolean whether authentication succeeds.
  */
 public function authenticate()
 {
     if ($this->service && $this->service->isAuthenticated) {
         $this->username = $this->service->serviceName . '#' . $this->service->id;
         $this->setState('name', $this->username);
         $this->setState('service', $this->service->serviceName);
         $this->errorCode = self::ERROR_NONE;
         $model = UserGroupsUser::model()->findByAttributes(array('xml_id' => $this->service->id, 'external_auth_id' => $this->service->getAttribute('external_auth_id') ? $this->service->getAttribute('external_auth_id') : $this->service->serviceName));
         if (!$model) {
             $model = new UserGroupsUser();
             $model->username = $this->username;
             $model->email = $this->service->getAttribute('email');
             if (!$model->email && $this->service->serviceName == 'yandex') {
                 $model->email = $this->service->getAttribute('name') . '@yandex.ru';
             }
             $model->name = $this->service->getAttribute('name');
             $model->last_name = $this->service->getAttribute('lastname');
             $model->group_id = 2;
             $model->status = 4;
             $model->params = array_keys($model->ParamsFields);
             $model->xml_id = $this->service->id;
             $model->external_auth_id = $this->service->getAttribute('external_auth_id') ? $this->service->getAttribute('external_auth_id') : $this->service->serviceName;
             $model->save();
         }
         if (!$model) {
             $this->errorCode = self::ERROR_USERNAME_INVALID;
         } else {
             if ((int) $model->status === UserGroupsUser::WAITING_ACTIVATION) {
                 $this->errorCode = self::ERROR_USER_INACTIVE;
             } else {
                 if ((int) $model->status === UserGroupsUser::WAITING_APPROVAL) {
                     $this->errorCode = self::ERROR_USER_APPROVAL;
                 } else {
                     if ((int) $model->status === UserGroupsUser::BANNED) {
                         $this->errorCode = self::ERROR_USER_BANNED;
                     } else {
                         if ((int) $model->status === UserGroupsUser::PASSWORD_CHANGE_REQUEST) {
                             $this->errorCode = self::ERROR_PASSWORD_REQUESTED;
                         } else {
                             $this->errorCode = self::ERROR_NONE;
                             $this->id = $model->id;
                             $this->name = $model->username;
                             $this->group = $model->group_id;
                             $this->groupName = $model->relUserGroupsGroup->groupname;
                             $this->level = $model->relUserGroupsGroup->level;
                             $this->accessRules = $this->accessRulesComputation($model);
                             $this->home = $model->home ? $model->home : $model->relUserGroupsGroup->home;
                             $this->recovery = false;
                             // load profile extension's data
                             $this->profileLoad($model);
                             // update the last login time
                             $model->last_login = date('Y-m-d H:i:s');
                             // run the cronjobs
                             if (UserGroupsConfiguration::findRule('server_executed_crons') === false) {
                                 UGCron::init();
                                 UGCron::add(new UGCJGarbageCollection());
                                 UGCron::add(new UGCJUnban());
                                 foreach (Yii::app()->controller->module->crons as $c) {
                                     UGCron::add(new $c());
                                 }
                                 UGCron::run();
                             }
                             $model->save();
                         }
                     }
                 }
             }
         }
     } else {
         $this->errorCode = self::ERROR_NOT_AUTHENTICATED;
     }
     return !$this->errorCode;
 }
 /**
  * @param IWebUser $user the user
  * @return boolean whether the page can be accessed according to the user group level
  */
 protected function isLevelMatched($user)
 {
     if ((int) $user->getLevel() === UserGroupsUser::ROOT_LEVEL || empty($this->level)) {
         return true;
     } else {
         if (UserGroupsConfiguration::findRule('super_admin') && isset(Yii::app()->user->accessRules['userGroups']['admin']['admin'])) {
             return true;
         } else {
             if ($user->getIsGuest() || $user->getRecovery()) {
                 return false;
             }
         }
     }
     // check if all the rules have to match to grant access
     if (isset($this->level['strict'])) {
         $strict = true;
     }
     foreach ($this->level as $l) {
         if (is_numeric($l) && $l === $user->getLevel()) {
             $return = true;
         } else {
             if (!is_numeric($l)) {
                 $comparison = $user->getLevel() . $l;
                 if (eval("return {$comparison};")) {
                     $return = true;
                 } else {
                     $strict_end = false;
                 }
             } else {
                 $strict_end = false;
             }
         }
         // if the rule is not strict and there was a match returns true
         // otherwise if the rule is strict and there's not return return false
         if (!isset($strict) && isset($return)) {
             return true;
         } else {
             if (isset($strict) && isset($strict_end)) {
                 return false;
             }
         }
     }
     if (isset($return)) {
         return $return;
     }
     return false;
 }
<?php

$this->breadcrumbs = array(Yii::app()->user->name . ' ' . Yii::t('userGroupsModule.general', 'profile') => array('/userGroups'), Yii::t('userGroupsModule.general', 'Root Tools'));
?>
<div id="userGroups-container">
	<?php 
if ((int) Yii::app()->user->id === UserGroupsUser::ROOT && UserGroupsConfiguration::findRule('version') < UserGroupsInstallation::VERSION) {
    ?>
	<div class="info">
		<?php 
    echo CHtml::link(Yii::t('userGroupsModule.admin', 'click here update userGroups'), array('admin/update'));
    ?>
	</div>
	<?php 
}
?>
	<div class="userGroupsMenu-container">
		<?php 
$this->renderPartial('/admin/menu', array('mode' => 'profile', 'root' => true));
?>
	</div>
	<?php 
/* SUDEEP MODIFICATION Disabeled by Sudeep Talati on 4 Jan as User can get confused and mess it*/
//if (!UserGroupsConfiguration::findRule('dumb_admin') || Yii::app()->user->pbac('admin')):
?>
	<?php 
//$this->renderPartial('configurations', array('confDataProvider'=>$confDataProvider))
?>
	<hr/>
	<?php 
//$this->renderPartial('crons', array('cronDataProvider'=>$cronDataProvider))