public function testUpdate() { $id = DM\Users::toId($this->testName); $params = array('id' => $id, 'first_name' => '123', 'last_name' => '231', 'sex' => 'f', 'email' => 'f', 'password' => 'a', 'photo' => '/tmp/q.jpg', 'language_id' => 2, 'recover_hash' => '---', 'enabled' => 0, 'cid' => 1); DM\Users::update($params); $data = DM\Users::read($id); $params['password'] = md5('aero' . $params['password']); $this->assertArraySubset($params, $data); //updateByName unset($params['id']); $params['name'] = $this->testName; $params['password'] = '******'; $params['enabled'] = 1; DM\Users::updateByName($params); $data = DM\Users::read($id); $params['password'] = md5('aero' . $params['password']); $this->assertArraySubset($params, $data); //verify password $this->assertTrue(DM\Users::verifyPassword($id, 'b'), 'Wrong password'); //check id by mail $id = DM\Users::getIdByEmail('f'); $this->assertTrue(is_numeric($id), 'Cant get Id by mail'); //check id by recover hash $id = DM\Users::getIdByRecoveryHash('---'); $this->assertTrue(is_numeric($id), 'Cant get Id by recover hash'); //check owner $this->assertTrue(DM\Users::getOwnerId($id) == 1, 'different owner set'); }
/** * * @return array */ public static function checkLogined() { $result = array('success' => false); if (static::isOauth2Login()) { $state = self::decodeState($_GET['state']); $session_state = self::decodeState($_SESSION['oauth2state']); if (isset($session_state['state']) && isset($state['state']) && $session_state['state'] == $state['state'] && isset($state['email'])) { $userId = DM\Users::getIdByEmail($state['email']); if (empty($userId)) { $result['message'] = 'Email ' . $state['email'] . ' not authorized for this core. ' . L\get('Specify_username') . ' '; } else { $result = array('success' => true, 'user_id' => $userId, 'session_id' => $session_state['state']); } } else { $result['message'] = 'WRONG STATE!!!'; } } else { $result['message'] = 'Is not Oauth login'; } return $result; }
/** * Add a new user * params: name, group_id */ public function addUser($p) { if (!User::isVerified()) { return array('success' => false, 'verify' => true); } if (!Security::canManage()) { throw new \Exception(L\get('Access_denied')); } $rez = array('success' => false, 'msg' => L\get('Missing_required_fields')); $p['name'] = strip_tags($p['name']); $p['name'] = trim($p['name']); $p1 = empty($p['password']) ? '' : $p['password']; $p2 = empty($p['confirm_password']) ? '' : $p['confirm_password']; if (empty($p['name']) || $p1 != $p2) { return $rez; } // validate input params if (!preg_match('/^[a-z\\.0-9_]+$/i', $p['name'])) { return array('success' => false, 'msg' => 'Invalid username. Use only letters, digits, "dot" and/or "underscore".'); } $p['first_name'] = Purify::humanName($p['first_name']); $p['last_name'] = Purify::humanName($p['last_name']); if (!empty($p['email'])) { if (!filter_var($p['email'], FILTER_VALIDATE_EMAIL)) { return array('success' => false, 'msg' => L\get('InvalidEmail')); } } //check if user with such email doesn exist $user_id = DM\Users::getIdByEmail($p['email']); if (!empty($user_id)) { throw new \Exception(L\get('UserEmailExists')); } /*check user existance, if user already exists but is deleted then its record will be used for new user */ $user_id = DM\Users::getIdByName($p['name']); if (!empty($user_id)) { throw new \Exception(L\get('User_exists')); } $params = array('name' => $p['name'], 'first_name' => $p['first_name'], 'last_name' => $p['last_name'], 'cid' => User::getId(), 'language_id' => Config::get('language_index'), 'email' => $p['email']); if (!empty($p['password']) && !empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 2) { $params['password'] = $p['password']; } $user_id = DM\Users::getIdByName($p['name'], false); if (!empty($user_id)) { //update $params['id'] = $user_id; DM\Users::update($params); /* in case it was a deleted user we delete all old acceses */ DB\dbQuery('DELETE FROM users_groups_association WHERE user_id = $1', $user_id); DB\dbQuery('DELETE FROM tree_acl WHERE user_group_id = $1', $rez['data']['id']); /* end of in case it was a deleted user we delete all old acceses */ } else { //create $user_id = DM\Users::create($params); } $rez = array('success' => true, 'data' => array('id' => $user_id)); $p['id'] = $user_id; // associating user to group if group was specified if (isset($p['group_id']) && is_numeric($p['group_id'])) { DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid) VALUES($1, $2, $3) ON duplicate KEY UPDATE cid = $3', array($user_id, $p['group_id'], User::getId())); $rez['data']['group_id'] = $p['group_id']; } else { $rez['data']['group_id'] = 0; } //check if send invite is set and create notification if (!empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 1) { $this->sendResetPasswordMail($user_id, 'invite'); } Security::calculateUpdatedSecuritySets(); Solr\Client::runBackgroundCron(); return $rez; }
if (empty($templateIds)) { \CB\debug('receive comments cron: no comment template defined'); continue; } $templateId = array_shift($templateIds); $commentsObj = Objects::getCustomClassByType('comment'); foreach ($core['mails'] as $mail) { if (!Objects::idExists($mail['pid'])) { \CB\debug('receive comments cron: target id not found for mail "' . $mail['subject'] . '"'); continue; } $emailFrom = extractEmailFromText($mail['from']); // user email $emailTo = extractEmailFromText($mail['to']); // <*****@*****.**> $userId = DM\Users::getIdByEmail($emailFrom); $_SESSION['user'] = array('id' => $userId); $data = array('id' => null, 'pid' => $mail['pid'], 'oid' => $userId, 'cid' => $userId, 'template_id' => $templateId, 'data' => array('_title' => removeContentExtraBlock($mail['content'], $emailFrom, $emailTo)), 'sys_data' => array('mailId' => $mail['id'])); try { $commentId = $commentsObj->create($data); //add attachments if (!empty($mail['attachments'])) { saveObjectAttachments($commentId, $mail['attachments']); } } catch (Exception $e) { \CB\debug('Cannot create comment from ' . $mail['from'], $data); } $deleteMailIds[] = $mail['id']; } } if (!empty($mailConf['mailbox'])) {
/* try to get target folder from subject*/ $path = false; //case_nr /* try to find user from database that corresponds to this mail. Ex: Kell <*****@*****.**> */ $email = false; if (preg_match_all('/^[^<]*<?([^>]+)>?/i', $mail->from, $results)) { $email = $results[1][0]; } if ($email == false) { $delete_ids[] = $mailbox->getUniqueId($k); echo "\rcannot find senders email for: {$subject} ... skipping"; mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find ' . 'your email in received message. ' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r"); continue; } $user_id = DM\Users::getIdByEmail($email); if (!empty($user_id)) { if (empty($test_user_id)) { $delete_ids[] = $mailbox->getUniqueId($k); mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find your' . ' email address in our users database, please update your email ' . 'address in your user profile of casebox and resend your mail. ' . 'Wrong messages are deleted automatically.' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r"); echo "\rcannot find corresponding user in our database '.\n 'for email {$email} from message: {$subject} ... skipping"; continue; } else { $user_id = $test_user_id; } } /* end of try to find user from database that corresponds to this mail */ if (preg_match('/(\\([\\s]*(.+)[\\s]*\\))\\s*$/i', $subject, $matches)) { $subject = str_replace($matches[0], '', $subject); $path = $matches[2]; } else {