/**
* Checks whether or not the current user is a "regular" or "guest" user
*
* @return boolean
*/
public function isGuest()
{
return (bool) (!$this->isLoggedIn() || $this->getID() == framework\Settings::getDefaultUserID() && framework\Settings::isDefaultUserGuest());
}
protected static function initializeUser()
{
Logging::log('Loading user');
try {
Logging::log('is this logout?');
if (self::getRequest()->getParameter('logout')) {
Logging::log('yes');
self::logout();
} else {
Logging::log('no');
Logging::log('sets up user object');
$event = Event::createNew('core', 'pre_login');
$event->trigger();
if ($event->isProcessed()) {
self::loadUser($event->getReturnValue());
} elseif (!self::isCLI()) {
self::loadUser();
} else {
self::$_user = new User();
}
Event::createNew('core', 'post_login', self::getUser())->trigger();
Logging::log('loaded');
Logging::log('caching permissions');
self::cacheAllPermissions();
Logging::log('done (caching permissions)');
}
} catch (exceptions\ElevatedLoginException $e) {
Logging::log("Could not reauthenticate elevated permissions: " . $e->getMessage(), 'main', Logging::LEVEL_INFO);
self::setMessage('elevated_login_message_err', $e->getMessage());
self::$_redirect_login = '******';
} catch (\Exception $e) {
Logging::log("Something happened while setting up user: " . $e->getMessage(), 'main', Logging::LEVEL_WARNING);
$is_anonymous_route = self::isCLI() || self::getRouting()->isCurrentRouteAnonymousRoute();
if (!$is_anonymous_route) {
self::setMessage('login_message_err', $e->getMessage());
self::$_redirect_login = '******';
} else {
self::$_user = User::getB2DBTable()->selectById(Settings::getDefaultUserID());
}
}
Logging::log('...done');
}
protected function _populateScopeDetails()
{
if ($this->_unconfirmed_scopes === null || $this->_confirmed_scopes === null) {
$this->_unconfirmed_scopes = array();
$this->_confirmed_scopes = array();
if ($this->_scopes === null) {
$this->_scopes = array();
}
if ($this->getID() == framework\Settings::getDefaultUserID() && framework\Settings::isDefaultUserGuest()) {
$this->_confirmed_scopes[framework\Context::getScope()->getID()] = framework\Context::getScope();
} else {
$scopes = tables\UserScopes::getTable()->getScopeDetailsByUser($this->getID());
foreach ($scopes as $scope_id => $details) {
if (!$details['confirmed']) {
$this->_unconfirmed_scopes[$scope_id] = $details['scope'];
} else {
$this->_confirmed_scopes[$scope_id] = $details['scope'];
}
if (!array_key_exists($scope_id, $this->_scopes)) {
$this->_scopes[$scope_id] = $details['scope'];
}
}
}
}
}
public function runDeleteUser(framework\Request $request)
{
try {
try {
$return_options = array();
$user = entities\User::getB2DBTable()->selectByID($request['user_id']);
if ($user->getGroup() instanceof entities\Group) {
$return_options['update_groups'] = array('ids' => array(), 'membercounts' => array());
$group_id = $user->getGroup()->getID();
$return_options['update_groups']['ids'][] = $group_id;
$return_options['update_groups']['membercounts'][$group_id] = $user->getGroup()->getNumberOfMembers();
}
if (count($user->getTeams())) {
$return_options['update_teams'] = array('ids' => array(), 'membercounts' => array());
foreach ($user->getTeams() as $team) {
$team_id = $team->getID();
$return_options['update_teams']['ids'][] = $team_id;
$return_options['update_teams']['membercounts'][$team_id] = $team->getNumberOfMembers();
}
}
if (in_array($user->getID(), array(1, framework\Settings::getDefaultUserID()))) {
throw new \Exception(framework\Context::getI18n()->__("You cannot delete this system user"));
}
} catch (\Exception $e) {
}
if (!$user instanceof entities\User) {
throw new \Exception(framework\Context::getI18n()->__("You cannot delete this user"));
}
if (framework\Context::getScope()->isDefault()) {
$user->markAsDeleted();
$user->save();
$return_options['message'] = framework\Context::getI18n()->__('The user was deleted');
} else {
$user->removeScope(framework\Context::getScope()->getID());
$return_options['message'] = framework\Context::getI18n()->__('The user has been removed from this scope');
}
$return_options['total_count'] = entities\User::getUsersCount();
$return_options['more_available'] = framework\Context::getScope()->hasUsersAvailable();
return $this->renderJSON($return_options);
} catch (\Exception $e) {
$this->getResponse()->setHttpStatus(400);
return $this->renderJSON(array('error' => $e->getMessage()));
}
}
/**
* Whether or not the current user has voted
*
* @return boolean
*/
public function hasUserVoted($user_id, $up)
{
$user_id = is_object($user_id) ? $user_id->getID() : $user_id;
$this->_setupVotes();
if ($user_id == \thebuggenie\core\framework\Settings::getDefaultUserID() && \thebuggenie\core\framework\Settings::isDefaultUserGuest() || !$this->getProject()->canVoteOnIssues()) {
return true;
}
if (array_key_exists($user_id, $this->_votes)) {
return $up ? (int) $this->_votes[$user_id] > 0 : (int) $this->_votes[$user_id] < 0;
} else {
return false;
}
}
/**
* Prune users from users table who aren't in LDAP
*
* @param \thebuggenie\core\framework\Request $request
*/
public function runPruneUsers(framework\Request $request)
{
$validgroups = framework\Context::getModule('auth_ldap')->getSetting('groups');
$base_dn = framework\Context::getModule('auth_ldap')->getSetting('b_dn');
$dn_attr = framework\Context::getModule('auth_ldap')->getSetting('dn_attr');
$username_attr = framework\Context::getModule('auth_ldap')->getSetting('u_attr');
$fullname_attr = framework\Context::getModule('auth_ldap')->getSetting('f_attr');
$email_attr = framework\Context::getModule('auth_ldap')->getSetting('e_attr');
$groups_members_attr = framework\Context::getModule('auth_ldap')->getSetting('g_attr');
$user_class = framework\Context::getModule('auth_ldap')->getSetting('u_type');
$group_class = framework\Context::getModule('auth_ldap')->getSetting('g_type');
$users = \thebuggenie\core\entities\User::getAll();
$deletecount = 0;
try {
$connection = framework\Context::getModule('auth_ldap')->connect();
framework\Context::getModule('auth_ldap')->bind($connection, framework\Context::getModule('auth_ldap')->getSetting('control_user'), framework\Context::getModule('auth_ldap')->getSetting('control_pass'));
$default = framework\Settings::getDefaultUserID();
foreach ($users as $user) {
if ($user->getID() == $default) {
continue;
}
$username = $user->getUsername();
$fields = array($fullname_attr, $email_attr, 'cn', $dn_attr);
$filter = '(&(objectClass=' . framework\Context::getModule('auth_ldap')->escape($user_class) . ')(' . $username_attr . '=' . framework\Context::getModule('auth_ldap')->escape($username) . '))';
$results = ldap_search($connection, $base_dn, $filter, $fields);
if (!$results) {
framework\Logging::log('failed to search for user: '******'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('Search failed: ') . ldap_error($connection));
}
$data = ldap_get_entries($connection, $results);
/*
* If a user is not found, delete it
*/
if ($data['count'] != 1) {
$user->delete();
$deletecount++;
continue;
}
if ($validgroups != '') {
if (strstr($validgroups, ',')) {
$groups = explode(',', $validgroups);
} else {
$groups = array();
$groups[] = $validgroups;
}
$allowed = false;
foreach ($groups as $group) {
$fields2 = array($groups_members_attr);
$filter2 = '(&(objectClass=' . framework\Context::getModule('auth_ldap')->escape($group_class) . ')(cn=' . framework\Context::getModule('auth_ldap')->escape($group) . '))';
$results2 = ldap_search($connection, $base_dn, $filter2, $fields2);
if (!$results2) {
framework\Logging::log('failed to search for user: '******'ldap', framework\Logging::LEVEL_FATAL);
throw new \Exception(framework\Context::geti18n()->__('Search failed: ') . ldap_error($connection));
}
$data2 = ldap_get_entries($connection, $results2);
if ($data2['count'] != 1) {
continue;
}
foreach ($data2[0][$groups_members_attr] as $member) {
$member = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $member);
$user_dn = preg_replace('/(?<=,) +(?=[a-zA-Z])/', '', $data[0][strtolower($dn_attr)][0]);
if (!is_numeric($member) && strtolower($member) == strtolower($user_dn)) {
$allowed = true;
}
}
}
/*
* If a user is not allowed access, delete it
*/
if ($allowed == false) {
$user->delete();
$deletecount++;
continue;
}
}
}
} catch (\Exception $e) {
ldap_unbind($connection);
framework\Context::setMessage('module_error', framework\Context::getI18n()->__('Pruning failed'));
framework\Context::setMessage('module_error_details', $e->getMessage());
$this->forward(framework\Context::getRouting()->generate('configure_module', array('config_module' => 'auth_ldap')));
}
ldap_unbind($connection);
framework\Context::setMessage('module_message', framework\Context::getI18n()->__('Pruning successful! %del users deleted', array('%del' => $deletecount)));
$this->forward(framework\Context::getRouting()->generate('configure_module', array('config_module' => 'auth_ldap')));
}
