<?php
echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_ALL_TOKEN');
?>
</a>
</h3>
<ul class="entries-list tokens access-tokens">
<?php
if ($total > 0) {
?>
<?php
foreach ($tokens as $token) {
?>
<li>
<h4>
<?php
echo Hubzero\User\User::oneOrNew($token->get('uidNumber'))->get('name');
?>
</h4>
<a class="btn btn-secondary revoke confirm" data-txt-confirm="<?php
echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_TOKEN_CONFIRM');
?>
" href="<?php
echo Route::url($this->application->link('revoke') . '&token=' . $token->get('id') . '&return=tokens');
?>
">
<?php
echo Lang::txt('COM_DEVELOPER_API_APPLICATION_TOKENS_REVOKE_TOKEN');
?>
</a>
/**
* Hook for login failure
*
* @param unknown $response
* @return boolean
*/
public function onUserLoginFailure($response)
{
// Log attempt to the database
Hubzero\User\User::blank()->logger()->auth()->set(['user_id' => 0, 'username' => isset($response['username']) ? $response['username'] : '******', 'status' => 'failure'])->save();
return true;
}
/**
* Get a list of participants from a thread
*
* @return object
*/
public function participants()
{
$user = new \Hubzero\User\User();
return self::all()->select($this->getTableName() . '.anonymous')->select($this->getTableName() . '.created_by')->select($user->getTableName() . '.name')->join($user->getTableName(), $user->getTableName() . '.id', $this->getTableName() . '.created_by', 'left')->whereEquals('thread', $this->get('thread'))->group('created_by');
}
/**
* Add a user as a manager of a course
*
* @return void
*/
public function addTask()
{
// Check for request forgeries
Request::checkToken(['get', 'post']);
if ($this->getError()) {
return $this->displayTask();
}
// Incoming host
$m = Request::getVar('author', '');
$mbrs = explode(',', $m);
$mbrs = array_map('trim', $mbrs);
foreach ($mbrs as $mbr) {
$user = null;
if (!strstr($mbr, ' ')) {
$user = User::getInstance($mbr);
}
// Make sure the user exists
if (!is_object($user) || !$user->get('username')) {
$mbr = trim($mbr);
$mbr = preg_replace('/\\s+/', ' ', $mbr);
$user = new \Hubzero\User\User();
$user->set('name', $mbr);
$parts = explode(' ', $mbr);
if (count($parts) > 1) {
$surname = array_pop($parts);
$user->set('surname', $surname);
$givenName = array_shift($parts);
$user->set('givenName', $givenName);
if (!empty($parts)) {
$user->get('middleName', implode(' ', $parts));
}
}
}
$author = new Author($this->database);
$author->cid = $this->citation->id;
$author->author = $user->get('name');
$author->uidNumber = $user->get('id', 0);
$author->organization = $user->get('organization');
$author->givenName = $user->get('givenName');
$author->middleName = $user->get('middleName');
$author->surname = $user->get('surname');
$author->email = $user->get('email');
if (!$author->check()) {
$this->setError($author->getError());
continue;
}
if (!$author->store()) {
$this->setError($author->getError());
continue;
}
}
$this->saveAuthorsList();
// Push through to the view
$this->displayTask();
}
/**
* This method will return a user object
*
* If options['autoregister'] is true, if the user doesn't exist yet he will be created
*
* @param array $user Holds the user data.
* @param array $options Array holding options (remember, autoregister, group).
* @return object A User object
*/
protected function _getUser($user, $options = array())
{
$instance = Hubzero\User\User::oneByUsername($user['username']);
if ($id = intval($instance->get('id'))) {
return $instance;
}
//TODO : move this out of the plugin
$config = Component::params('com_members');
// Default to Registered.
$defaultUserGroup = $config->get('new_usertype', 2);
$instance->set('id', 0);
$instance->set('name', $user['fullname']);
$instance->set('username', $user['username']);
//$instance->set('password_clear', ((isset($user['password_clear'])) ? $user['password_clear'] : ''));
$instance->set('email', $user['email']);
// Result should contain an email (check)
$instance->set('usertype', 'deprecated');
$instance->set('accessgroups', array($defaultUserGroup));
$instance->set('activation', 1);
$instance->set('loginShell', '/bin/bash');
$instance->set('ftpShell', '/usr/lib/sftp-server');
// Check joomla user activation setting
// 0 = automatically confirmed
// 1 = require email confirmation (the norm)
// 2 = require admin confirmation
$useractivation = $config->get('useractivation', 1);
// If requiring admin approval, set user to not approved
if ($useractivation == 2) {
$instance->set('approved', 0);
} else {
$instance->set('approved', 2);
}
// Now, also check to see if user came in via an auth plugin, as that may affect their approval status
if (isset($user['auth_link'])) {
$domain = Hubzero\Auth\Domain::find_by_id($user['auth_link']->auth_domain_id);
if ($domain && is_object($domain)) {
$params = Plugin::params('authentication', $domain->authenticator);
if ($params && is_object($params) && $params->get('auto_approve', false)) {
$instance->set('approved', 2);
}
}
}
// If autoregister is set let's register the user
$autoregister = isset($options['autoregister']) ? $options['autoregister'] : $this->params->get('autoregister', 1);
if ($autoregister) {
if (!$instance->save()) {
return new Exception($instance->getError());
}
} else {
// No existing user and autoregister off, this is a temporary user.
$instance->set('tmp_user', true);
}
$instance->set('password_clear', isset($user['password_clear']) ? $user['password_clear'] : '');
return $instance;
}
/**
* Checks to see if the current user has exceeded the site
* login attempt limit for a given time period
*
* @param $user \Hubzero\User\User
*
* @return bool
*/
private function hasExceededLoginLimit($user)
{
$params = \Component::params('com_members');
$limit = (int) $params->get('login_attempts_limit', 10);
$timeframe = (int) $params->get('login_attempts_timeframe', 1);
$result = true;
// Get the user's tokens
$threshold = date("Y-m-d H:i:s", strtotime(\Date::toSql() . " {$timeframe} hours ago"));
$auths = new \Hubzero\User\Log\Auth();
$auths->whereEquals('username', $user->username)->whereEquals('status', 'failure')->where('logged', '>=', $threshold);
if ($auths->count() < $limit - 1) {
$result = false;
} else {
// Log attempt to the database
Hubzero\User\User::oneOrFail($user->id)->logger()->auth()->save(['username' => $user->username, 'status' => 'blocked']);
}
return $result;
}
