/**
* authorization function verifies login & password and set user session data
* return map
*
*/
function doAuthorize(&$db, $login, $pwd)
{
$result = array('status' => tl::ERROR, 'msg' => null);
$_SESSION['locale'] = TL_DEFAULT_LOCALE;
if (!is_null($pwd) && !is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists) {
$password_check = auth_does_password_match($user, $pwd);
if ($password_check->status_ok && $user->isActive) {
// 20051007 MHT Solved 0000024 Session confusion
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
//Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
global $g_tlLogger;
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($db, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
}
return $result;
}
/**
* authorization function verifies login & password and set user session data
* return map
*
*/
function doAuthorize(&$db, $login, $pwd)
{
$result = array('status' => tl::ERROR, 'msg' => null);
$_SESSION['locale'] = TL_DEFAULT_LOCALE;
if (!is_null($pwd) && !is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists) {
$check = auth_does_password_match($user, $pwd);
if (!$check->status_ok) {
$result = array('status' => tl::ERROR, 'msg' => $check->msg);
}
if ($check->status_ok && $user->isActive) {
// Need to do set COOKIE following Mantis model
$auth_cookie_name = config_get('auth_cookie');
$expireOnBrowserClose = false;
setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
// Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
$user->setUserSession($db);
global $g_tlLogger;
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
// setUserSession($db,$user->login, $user->dbID,$user->globalRoleID,$user->emailAddress, $user->locale,null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
}
return $result;
}
/**
* for SSL Cliente Certificate we can not check password but
* 1. login exists
* 2. SSL context exist
*
* return map
*
*/
function doSSOClientCertificate(&$dbHandler, $apache_mod_ssl_env, $authCfg = null)
{
global $g_tlLogger;
$result = array('status' => tl::ERROR, 'msg' => null);
if (!isset($apache_mod_ssl_env['SSL_PROTOCOL'])) {
return $result;
}
// With this we trust SSL is enabled => go ahead with login control
$authCfg = is_null($authCfg) ? config_get('authentication') : $authCfg;
$login = $apache_mod_ssl_env[$authCfg['SSO_uid_field']];
if (!is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($dbHandler, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists && $user->isActive) {
// Need to do set COOKIE following Mantis model
$auth_cookie_name = config_get('auth_cookie');
$expireOnBrowserClose = false;
setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
// Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($dbHandler, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
return $result;
}
function saveImportedResultData(&$db, $resultData, $context)
{
if (!$resultData) {
return;
}
$debugMsg = ' FUNCTION: ' . __FUNCTION__;
$tables = tlObjectWithDB::getDBTables(array('executions', 'execution_bugs'));
$l18n = array('import_results_tc_not_found' => '', 'import_results_invalid_result' => '', 'tproject_id_not_found' => '', 'import_results_ok' => '');
foreach ($l18n as $key => $value) {
$l18n[$key] = lang_get($key);
}
// Get Column definitions to get size dinamically instead of create constants
$columnDef = array();
$adodbObj = $db->get_dbmgr_object();
$columnDef['execution_bugs'] = $adodbObj->MetaColumns($tables['execution_bugs']);
$keySet = array_keys($columnDef['execution_bugs']);
foreach ($keySet as $keyName) {
if (($keylow = strtolower($keyName)) != $keyName) {
$columnDef['execution_bugs'][$keylow] = $columnDef['execution_bugs'][$keyName];
unset($columnDef['execution_bugs'][$keyName]);
}
}
$user = new tlUser($context->userID);
$user->readFromDB($db);
$tcase_mgr = new testcase($db);
$resulstCfg = config_get('results');
$tcaseCfg = config_get('testcase_cfg');
$resultMap = array();
$tplan_mgr = null;
$tc_qty = sizeof($resultData);
if ($tc_qty) {
$tplan_mgr = new testplan($db);
$tproject_mgr = new testproject($db);
$build_mgr = new build_mgr($db);
}
// Need to do checks on common settings
//
// test project exists
//
// test plan id:
// belongs to target test project
// is active
// build id:
// belongs to target test plan
// is open
//
// platform id:
// is linked to target test plan
//
// execution type if not present -> set to MANUAL
// if presente is valid i.e. inside the TL domain
//
$checks = array();
$checks['status_ok'] = true;
$checks['msg'] = null;
$dummy = null;
if (!is_null($context->tprojectID) && intval($context->tprojectID) > 0) {
$dummy = array($tproject_mgr->get_by_id($context->tprojectID, array('output' => 'existsByID')));
} else {
if (!is_null($context->tprojectName)) {
$dummy = $tproject_mgr->get_by_name($context->tprojectName, null, array('output' => 'existsByName'));
}
}
$checks['status_ok'] = !is_null($dummy);
if (!$checks['status_ok']) {
$checks['msg'][] = sprintf($l18n['tproject_id_not_found'], $context->tprojectID);
}
if (!$checks['status_ok']) {
foreach ($checks['msg'] as $warning) {
$resultMap[] = array($warning);
}
}
if ($doIt = $checks['status_ok']) {
$context->tprojectID = $dummy[0]['id'];
}
// --------------------------------------------------------------------
$dummy = null;
if (!is_null($context->tplanID) && intval($context->tplanID) > 0) {
$dummy = $tplan_mgr->get_by_id($context->tplanID, array('output' => 'minimun'));
if (!is_null($dummy)) {
$dummy['id'] = $context->tplanID;
}
} else {
if (!is_null($context->tplanName)) {
$dummy = $tplan_mgr->get_by_name($context->tplanName, $context->tprojectID, array('output' => 'minimun'));
if (!is_null($dummy)) {
$dummy = $dummy[0];
}
}
}
if (!is_null($dummy)) {
$context->tplanID = $dummy['id'];
}
if (intval($context->tprojectID) <= 0 && intval($context->tplanID) > 0) {
$dummy = $tplan_mgr->tree_manager->get_node_hierarchy_info($context->tplanID);
$context->tprojectID = $dummy['parent_id'];
}
// --------------------------------------------------------------------
// --------------------------------------------------------------------
$dummy = null;
$tplan_mgr->platform_mgr->setTestProjectID($context->tprojectID);
if (!is_null($context->platformID) && intval($context->platformID) > 0) {
$dummy = array($tplan_mgr->platform_mgr->getByID($context->platformID));
} else {
if (property_exists($context, 'platformName') && !is_null($context->platformName)) {
if (!is_null($xx = $tplan_mgr->platform_mgr->getID($context->platformName))) {
$dummy = array(0 => array('id' => $xx));
}
}
}
if (!is_null($dummy)) {
$context->platformID = $dummy[0]['id'];
}
// --------------------------------------------------------------------
// --------------------------------------------------------------------
$optGB = array('tplan_id' => $context->tplanID, 'output' => 'minimun');
$dummy = null;
if (!is_null($context->buildID) && intval($context->buildID) > 0) {
$dummy = array($build_mgr->get_by_id($context->buildID, $optGB));
} else {
if (!is_null($context->buildName)) {
$dummy = $build_mgr->get_by_name($context->buildName, $optGB);
}
}
if (!is_null($dummy)) {
$context->buildID = $dummy[0]['id'];
}
// --------------------------------------------------------------------
// --------------------------------------------------------------------
for ($idx = 0; $doIt && $idx < $tc_qty; $idx++) {
$tester_id = 0;
$tester_name = '';
$using_external_id = false;
$message = null;
$status_ok = true;
$tcase_exec = $resultData[$idx];
// New attribute "execution type" makes old XML import files incompatible
// Important NOTICE:
// tcase_exec is passed BY REFERENCE to allow check_exec_values()change execution type if needed
//
$checks = check_exec_values($db, $tcase_mgr, $user_mgr, $tcaseCfg, $tcase_exec, $columnDef['execution_bugs']);
$status_ok = $checks['status_ok'];
if ($status_ok) {
$tcase_id = $checks['tcase_id'];
$tcase_external_id = trim($tcase_exec['tcase_external_id']);
$tester_id = $checks['tester_id'];
// external_id has precedence over internal id
$using_external_id = $tcase_external_id != "";
} else {
foreach ($checks['msg'] as $warning) {
$resultMap[] = array($warning);
}
}
if ($status_ok) {
$tcase_identity = $using_external_id ? $tcase_external_id : $tcase_id;
$result_code = strtolower($tcase_exec['result']);
$result_is_acceptable = isset($resulstCfg['code_status'][$result_code]) ? true : false;
$notes = $tcase_exec['notes'];
$message = null;
$info_on_case = $tplan_mgr->getLinkInfo($context->tplanID, $tcase_id, $context->platformID);
if (is_null($info_on_case)) {
$message = sprintf($l18n['import_results_tc_not_found'], $tcase_identity);
} else {
if (!$result_is_acceptable) {
$message = sprintf($l18n['import_results_invalid_result'], $tcase_identity, $tcase_exec['result']);
} else {
$info_on_case = current($info_on_case);
$tcversion_id = $info_on_case['tcversion_id'];
$version = $info_on_case['version'];
$notes = $db->prepare_string(trim($notes));
// N.B.: db_now() returns an string ready to be used in an SQL insert
// example '2008-09-04', while $tcase_exec["timestamp"] => 2008-09-04
//
$execution_ts = $tcase_exec['timestamp'] != '' ? "'" . $tcase_exec["timestamp"] . "'" : $db->db_now();
if ($tester_id != 0) {
$tester_name = $tcase_exec['tester'];
} else {
$tester_name = $user->login;
$tester_id = $context->userID;
}
$addExecDuration = strlen($tcase_exec['execution_duration']) > 0 && is_numeric($tcase_exec['execution_duration']);
$sql = " /* {$debugMsg} */ " . " INSERT INTO {$tables['executions']} (build_id,tester_id,status,testplan_id," . " tcversion_id,execution_ts,notes,tcversion_number,platform_id,execution_type" . ($addExecDuration ? ',execution_duration' : '') . ")" . " VALUES ({$context->buildID}, {$tester_id},'{$result_code}',{$context->tplanID}, " . " {$tcversion_id},{$execution_ts},'{$notes}', {$version}, " . " {$context->platformID}, {$tcase_exec['execution_type']}" . ($addExecDuration ? ",{$tcase_exec['execution_duration']}" : '') . ")";
$db->exec_query($sql);
if (isset($tcase_exec['bug_id']) && !is_null($tcase_exec['bug_id']) && is_array($tcase_exec['bug_id'])) {
$execution_id = $db->insert_id($tables['executions']);
foreach ($tcase_exec['bug_id'] as $bug_id) {
$bug_id = trim($bug_id);
$sql = " /* {$debugMsg} */ " . " SELECT execution_id AS check_qty FROM {$tables['execution_bugs']} " . " WHERE bug_id = '{$bug_id}' AND execution_id={$execution_id} ";
$rs = $db->get_recordset($sql);
if (is_null($rs)) {
$sql = " /* {$debugMsg} */ " . " INSERT INTO {$tables['execution_bugs']} (bug_id,execution_id)" . " VALUES ('" . $db->prepare_string($bug_id) . "', {$execution_id} )";
$db->exec_query($sql);
}
}
}
$message = sprintf($l18n['import_results_ok'], $tcase_identity, $version, $tester_name, $resulstCfg['code_status'][$result_code], $execution_ts);
}
}
}
if (!is_null($message)) {
$resultMap[] = array($message);
}
}
return $resultMap;
}
function get_accessible_for_user($user_id, $output_type = 'map', $order_by = null)
{
$my['order_by'] = is_null($order_by) ? config_get('gui')->tprojects_combo_order_by : $order_by;
$items = array();
// Get default role
$sql = " SELECT id,role_id FROM {$this->tables['users']} where id={$user_id}";
$user_info = $this->db->get_recordset($sql);
$role_id = $user_info[0]['role_id'];
$sql = " SELECT nodes_hierarchy.name,testprojects.*\n \t FROM {$this->tables['nodes_hierarchy']} nodes_hierarchy\n \t JOIN {$this->object_table} testprojects ON nodes_hierarchy.id=testprojects.id\n\t LEFT OUTER JOIN {$this->tables['user_testproject_roles']} user_testproject_roles\n\t\t ON testprojects.id = user_testproject_roles.testproject_id AND\n\t\t \t user_testproject_roles.user_id = {$user_id} WHERE 1=1 ";
// Private test project
if ($role_id != TL_ROLES_ADMIN) {
if ($role_id != TL_ROLES_NO_RIGHTS) {
// $sql .= "(role_id IS NULL OR role_id != ".TL_ROLES_NO_RIGHTS.")";
// (A AND (B OR C) ) OR (NOT A AND C)
$sql .= " AND ";
$sql_public = " ( is_public = 1 AND (role_id IS NULL OR role_id != " . TL_ROLES_NO_RIGHTS . ") )";
$sql_private = " ( is_public = 0 AND role_id != " . TL_ROLES_NO_RIGHTS . ") ";
$sql .= " ( {$sql_public} OR {$sql_private} ) ";
} else {
// User need specific role
$sql .= " AND (role_id IS NOT NULL AND role_id != " . TL_ROLES_NO_RIGHTS . ")";
}
}
$userObj = new tlUser($user_id);
$userObj->readFromDB($this->db);
if ($userObj->hasRight($this->db, 'mgt_modify_product') != 'yes') {
$sql .= " AND active=1 ";
}
$sql .= $my['order_by'];
if ($output_type == 'array_of_map') {
$items = $this->db->get_recordset($sql);
$this->parseTestProjectRecordset($items);
$do_post_process = 0;
} else {
$arrTemp = $this->db->fetchRowsIntoMap($sql, 'id');
$do_post_process = 1;
}
if ($do_post_process && sizeof($arrTemp)) {
switch ($output_type) {
case 'map':
foreach ($arrTemp as $id => $row) {
$noteActive = '';
if (!$row['active']) {
$noteActive = TL_INACTIVE_MARKUP;
}
$items[$id] = $noteActive . $row['name'];
}
break;
case 'map_of_map':
foreach ($arrTemp as $id => $row) {
$items[$id] = array('name' => $row['name'], 'active' => $row['active']);
}
break;
}
}
return $items;
}
public static function doesUserExist(&$db, $login)
{
$user = new tlUser();
$user->login = $login;
if ($user->readFromDB($db, self::USER_O_SEARCH_BYLOGIN) >= tl::OK) {
return $user->dbID;
}
return null;
}
/**
*
*/
function setUpEnvForRemoteAccess(&$dbHandler, $apikey, $rightsCheck = null, $opt = null)
{
$my = array('opt' => array('setPaths' => false, 'clearSession' => false));
$my['opt'] = array_merge($my['opt'], (array) $opt);
if ($my['opt']['clearSession']) {
$_SESSION = null;
}
doSessionStart($my['opt']['setPaths']);
if (isset($_SESSION['locale']) && !is_null($_SESSION['locale'])) {
setDateTimeFormats($_SESSION['locale']);
}
doDBConnect($dbHandler);
$user = tlUser::getByAPIKey($dbHandler, $apikey);
if (count($user) == 1) {
$_SESSION['lastActivity'] = time();
$userObj = new tlUser(key($user));
$userObj->readFromDB($dbHandler);
$_SESSION['currentUser'] = $userObj;
$_SESSION['userID'] = $userObj->dbID;
$_SESSION['locale'] = $userObj->locale;
// if user do this:
// 1. login to test link
// 2. get direct link and open in new tab or new window while still logged
// 3. logout
// If user refresh tab / window open on (2), because on (3) we destroyed
// session we have loose basehref, and we are not able to recreate it.
// Without basehref we are not able to get CSS, JS, etc.
// In this situation we destroy session, this way user is forced to login
// again in one of two ways
// a. using the direct link
// b. using traditional login
// In both way we assure that behaivour will be OK.
//
if (!isset($_SESSION['basehref'])) {
session_unset();
session_destroy();
if (property_exists($rightsCheck, 'redirect_target') && !is_null($rightsCheck->redirect_target)) {
redirect($rightsCheck->redirect_target);
} else {
// best guess for all features that live on ./lib/results/
redirect("../../login.php?note=logout");
}
exit;
}
if (!is_null($rightsCheck)) {
checkUserRightsFor($dbHandler, $rightsCheck, true);
}
}
}
/**
* reset user password in DB
*
* @param resource &$db reference to database handler
* @param integer $userID
* @param string &$errorMsg reference to error message
*
* @return integer result status code
*/
function resetPassword(&$db, $userID, &$errorMsg)
{
$errorMsg = '';
$user = new tlUser($userID);
$result = $user->readFromDB($db);
if ($result >= tl::OK) {
$result = tlUser::E_EMAILLENGTH;
if ($user->emailAddress != "") {
$newPassword = tlUser::generatePassword(8, 4);
$result = $user->setPassword($newPassword);
if ($result >= tl::OK) {
// BUGID 3396
$msgBody = lang_get('your_password_is') . "\n\n" . $newPassword . "\n\n" . lang_get('contact_admin');
$mail_op = @email_send(config_get('from_email'), $user->emailAddress, lang_get('mail_passwd_subject'), $msgBody);
if ($mail_op->status_ok) {
$result = $user->writePasswordToDB($db);
// BUGID 3396
} else {
$result = tl::ERROR;
$errorMsg = $mail_op->msg;
}
}
}
}
$errorMsg = $errorMsg != "" ? $errorMsg : getUserErrorMessage($result);
return $result;
}
// need to know if auth method for user allows reset
$user = new tlUser(intval($userID));
$user->readFromDB($db);
if (tlUser::isPasswordMgtExternal($user->authentication, $user->authentication)) {
$gui->external_password_mgmt = 1;
$gui->password_mgmt_feedback = sprintf(lang_get('password_mgmt_feedback'), trim($args->login));
}
}
}
if (!$gui->external_password_mgmt && $userID) {
echo __LINE__;
$result = resetPassword($db, $userID);
$gui->note = $result['msg'];
if ($result['status'] >= tl::OK) {
$user = new tlUser($userID);
if ($user->readFromDB($db) >= tl::OK) {
logAuditEvent(TLS("audit_pwd_reset_requested", $user->login), "PWD_RESET", $userID, "users");
}
redirect(TL_BASE_HREF . "login.php?note=lost");
exit;
} else {
if ($result['status'] == tlUser::E_EMAILLENGTH) {
$gui->note = lang_get('mail_empty_address');
} else {
if ($note != "") {
$gui->note = getUserErrorMessage($result['status']);
}
}
}
}
$smarty = new TLSmarty();
function saveImportedResultData(&$db, $resultData, $context)
{
if (!$resultData) {
return;
}
$debugMsg = ' FUNCTION: ' . __FUNCTION__;
$tables = tlObjectWithDB::getDBTables(array('executions', 'execution_bugs'));
$l18n = array('import_results_tc_not_found' => '', 'import_results_invalid_result' => '', 'tproject_id_not_found' => '', 'import_results_ok' => '');
foreach ($l18n as $key => $value) {
$l18n[$key] = lang_get($key);
}
// Get Column definitions to get size dinamically instead of create constants
$columnDef = array();
$adodbObj = $db->get_dbmgr_object();
$columnDef['execution_bugs'] = $adodbObj->MetaColumns($tables['execution_bugs']);
$keySet = array_keys($columnDef['execution_bugs']);
foreach ($keySet as $keyName) {
if (($keylow = strtolower($keyName)) != $keyName) {
$columnDef['execution_bugs'][$keylow] = $columnDef['execution_bugs'][$keyName];
unset($columnDef['execution_bugs'][$keyName]);
}
}
$user = new tlUser($context->userID);
$user->readFromDB($db);
$tcase_mgr = new testcase($db);
$resulstCfg = config_get('results');
$tcaseCfg = config_get('testcase_cfg');
$resultMap = array();
$tplan_mgr = null;
$tc_qty = sizeof($resultData);
if ($tc_qty) {
$tplan_mgr = new testplan($db);
$tproject_mgr = new testproject($db);
}
// Need to do checks on common settings
//
// test project exists
//
// test plan id:
// belongs to target test project
// is active
// build id:
// belongs to target test plan
// is open
//
// platform id:
// is linked to target test plan
//
$checks['status_ok'] = true;
$checks['msg'] = null;
$dummy = $tproject_mgr->get_by_id($context->tprojectID);
$checks['status_ok'] = !is_null($dummy);
if (!$checks['status_ok']) {
$checks['msg'][] = sprintf($l19n['tproject_id_not_found'], $context->tprojectID);
}
// if( $checks['status_ok'] )
// {
//
// }
if (!$checks['status_ok']) {
foreach ($checks['msg'] as $warning) {
$resultMap[] = array($warning);
}
}
$doIt = $checks['status_ok'];
// --------------------------------------------------------------------
for ($idx = 0; $doIt && $idx < $tc_qty; $idx++) {
$tester_id = 0;
$tester_name = '';
$using_external_id = false;
$message = null;
$status_ok = true;
$tcase_exec = $resultData[$idx];
$checks = check_exec_values($db, $tcase_mgr, $user_mgr, $tcaseCfg, $tcase_exec, $columnDef['execution_bugs']);
$status_ok = $checks['status_ok'];
if ($status_ok) {
$tcase_id = $checks['tcase_id'];
$tcase_external_id = trim($tcase_exec['tcase_external_id']);
$tester_id = $checks['tester_id'];
// external_id has precedence over internal id
$using_external_id = $tcase_external_id != "";
} else {
foreach ($checks['msg'] as $warning) {
$resultMap[] = array($warning);
}
}
if ($status_ok) {
$tcase_identity = $using_external_id ? $tcase_external_id : $tcase_id;
$result_code = strtolower($tcase_exec['result']);
$result_is_acceptable = isset($resulstCfg['code_status'][$result_code]) ? true : false;
$notes = $tcase_exec['notes'];
$message = null;
$filters = array('tcase_id' => $tcase_id, 'build_id' => $context->buildID, 'platform_id' => $context->platformID);
$linked_cases = $tplan_mgr->get_linked_tcversions($context->tplanID, $filters);
$info_on_case = $linked_cases[$tcase_id];
if (!$linked_cases) {
$message = sprintf($l18n['import_results_tc_not_found'], $tcase_identity);
} else {
if (!$result_is_acceptable) {
$message = sprintf($l18n['import_results_invalid_result'], $tcase_identity, $tcase_exec['result']);
} else {
$tcversion_id = $info_on_case['tcversion_id'];
$version = $info_on_case['version'];
$notes = $db->prepare_string(trim($notes));
// N.B.: db_now() returns an string ready to be used in an SQL insert
// example '2008-09-04', while $tcase_exec["timestamp"] => 2008-09-04
//
$execution_ts = $tcase_exec['timestamp'] != '' ? "'" . $tcase_exec["timestamp"] . "'" : $db->db_now();
if ($tester_id != 0) {
$tester_name = $tcase_exec['tester'];
} else {
$tester_name = $user->login;
$tester_id = $context->userID;
}
// BUGID 3543 - added execution_type
$sql = " /* {$debugMsg} */ " . " INSERT INTO {$tables['executions']} (build_id,tester_id,status,testplan_id," . " tcversion_id,execution_ts,notes,tcversion_number,platform_id,execution_type)" . " VALUES ({$context->buildID}, {$tester_id},'{$result_code}',{$context->tplanID}, " . " {$tcversion_id},{$execution_ts},'{$notes}', {$version}, " . " {$context->platformID}, {$tcase_exec['execution_type']})";
$db->exec_query($sql);
// BUGID 3331
if (isset($tcase_exec['bug_id'])) {
$execution_id = $db->insert_id($tables['executions']);
foreach ($tcase_exec['bug_id'] as $bug_id) {
$bug_id = trim($bug_id);
$sql = " /* {$debugMsg} */ " . " SELECT execution_id AS check_qty FROM {$tables['execution_bugs']} " . " WHERE bug_id = '{$bug_id}' AND execution_id={$execution_id} ";
$rs = $db->get_recordset($sql);
if (is_null($rs)) {
$sql = " /* {$debugMsg} */ " . " INSERT INTO {$tables['execution_bugs']} (bug_id,execution_id)" . " VALUES ('" . $db->prepare_string($bug_id) . "', {$execution_id} )";
$db->exec_query($sql);
}
}
}
$message = sprintf($l18n['import_results_ok'], $tcase_identity, $version, $tester_name, $resulstCfg['code_status'][$result_code], $execution_ts);
}
}
}
if (!is_null($message)) {
$resultMap[] = array($message);
}
}
return $resultMap;
}
function saveImportedTCData(&$db, $tcData, $tproject_id, $container_id, $userID, $kwMap, $duplicatedLogic = array('hitCriteria' => 'name', 'actionOnHit' => null))
{
static $messages;
static $fieldSizeCfg;
static $feedbackMsg;
static $tcase_mgr;
static $tproject_mgr;
static $req_spec_mgr;
static $req_mgr;
static $safeSizeCfg;
static $linkedCustomFields;
static $tprojectHas;
static $reqSpecSet;
static $getVersionOpt;
static $userObj;
if (!$tcData) {
return;
}
// $tprojectHas = array('customFields' => false, 'reqSpec' => false);
$hasCustomFieldsInfo = false;
$hasRequirements = false;
if (is_null($messages)) {
$feedbackMsg = array();
$messages = array();
$fieldSizeCfg = config_get('field_size');
$tcase_mgr = new testcase($db);
$tproject_mgr = new testproject($db);
$req_spec_mgr = new requirement_spec_mgr($db);
$req_mgr = new requirement_mgr($db);
$userObj = new tlUser();
$k2l = array('already_exists_updated', 'original_name', 'testcase_name_too_long', 'start_warning', 'end_warning', 'testlink_warning', 'hit_with_same_external_ID');
foreach ($k2l as $k) {
$messages[$k] = lang_get($k);
}
$messages['start_feedback'] = $messages['start_warning'] . "\n" . $messages['testlink_warning'] . "\n";
$messages['cf_warning'] = lang_get('no_cf_defined_can_not_import');
$messages['reqspec_warning'] = lang_get('no_reqspec_defined_can_not_import');
$feedbackMsg['cfield'] = lang_get('cf_value_not_imported_missing_cf_on_testproject');
$feedbackMsg['tcase'] = lang_get('testcase');
$feedbackMsg['req'] = lang_get('req_not_in_req_spec_on_tcimport');
$feedbackMsg['req_spec'] = lang_get('req_spec_ko_on_tcimport');
// because name can be changed automatically during item creation
// to avoid name conflict adding a suffix automatically generated,
// is better to use a max size < max allowed size
$safeSizeCfg = new stdClass();
$safeSizeCfg->testcase_name = $fieldSizeCfg->testcase_name * 0.8;
// Get CF with scope design time and allowed for test cases linked to this test project
$linkedCustomFields = $tcase_mgr->cfield_mgr->get_linked_cfields_at_design($tproject_id, 1, null, 'testcase', null, 'name');
$tprojectHas['customFields'] = !is_null($linkedCustomFields);
$reqSpecSet = $tproject_mgr->getReqSpec($tproject_id, null, array('RSPEC.id', 'NH.name AS title', 'RSPEC.doc_id as rspec_doc_id', 'REQ.req_doc_id'), 'req_doc_id');
$tprojectHas['reqSpec'] = !is_null($reqSpecSet) && count($reqSpecSet) > 0;
$getVersionOpt = array('output' => 'minimun');
$tcasePrefix = $tproject_mgr->getTestCasePrefix($tproject_id);
}
$resultMap = array();
$tc_qty = sizeof($tcData);
$userIDCache = array();
for ($idx = 0; $idx < $tc_qty; $idx++) {
$tc = $tcData[$idx];
$name = $tc['name'];
$summary = $tc['summary'];
$steps = $tc['steps'];
// I've changed value to use when order has not been provided
// from testcase:DEFAULT_ORDER to a counter, because with original solution
// an issue arise with 'save execution and go next'
// if use has not provided order I think is OK TestLink make any choice.
$node_order = isset($tc['node_order']) ? intval($tc['node_order']) : $idx + 1;
$internalid = $tc['internalid'];
$preconditions = $tc['preconditions'];
$exec_type = isset($tc['execution_type']) ? $tc['execution_type'] : TESTCASE_EXECUTION_TYPE_MANUAL;
$importance = isset($tc['importance']) ? $tc['importance'] : MEDIUM;
$externalid = $tc['externalid'];
if (intval($externalid) <= 0) {
$externalid = null;
}
$personID = $userID;
if (!is_null($tc['author_login'])) {
if (isset($userIDCache[$tc['author_login']])) {
$personID = $userIDCache[$tc['author_login']];
} else {
$userObj->login = $tc['author_login'];
if ($userObj->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) == tl::OK) {
$personID = $userObj->dbID;
}
// I will put always a valid userID on this cache,
// this way if author_login does not exit, and is used multiple times
// i will do check for existence JUST ONCE.
$userIDCache[$tc['author_login']] = $personID;
}
}
$name_len = tlStringLen($name);
if ($name_len > $fieldSizeCfg->testcase_name) {
// Will put original name inside summary
$xx = $messages['start_feedback'];
$xx .= sprintf($messages['testcase_name_too_long'], $name_len, $fieldSizeCfg->testcase_name) . "\n";
$xx .= $messages['original_name'] . "\n" . $name . "\n" . $messages['end_warning'] . "\n";
$summary = nl2br($xx) . $summary;
$name = tlSubStr($name, 0, $safeSizeCfg->testcase_name);
}
$kwIDs = null;
if (isset($tc['keywords']) && $tc['keywords']) {
$kwIDs = implode(",", buildKeywordList($kwMap, $tc['keywords']));
}
$doCreate = true;
if ($duplicatedLogic['actionOnHit'] == 'update_last_version') {
switch ($duplicatedLogic['hitCriteria']) {
case 'name':
$info = $tcase_mgr->getDuplicatesByName($name, $container_id);
break;
case 'internalID':
$dummy = $tcase_mgr->tree_manager->get_node_hierarchy_info($internalid, $container_id);
if (!is_null($dummy)) {
$info = null;
$info[$internalid] = $dummy;
}
break;
case 'externalID':
$info = $tcase_mgr->get_by_external($externalid, $container_id);
break;
}
if (!is_null($info)) {
$tcase_qty = count($info);
switch ($tcase_qty) {
case 1:
$doCreate = false;
$tcase_id = key($info);
$last_version = $tcase_mgr->get_last_version_info($tcase_id, $getVersionOpt);
$tcversion_id = $last_version['id'];
$ret = $tcase_mgr->update($tcase_id, $tcversion_id, $name, $summary, $preconditions, $steps, $personID, $kwIDs, $node_order, $exec_type, $importance);
$ret['id'] = $tcase_id;
$ret['tcversion_id'] = $tcversion_id;
$resultMap[] = array($name, $messages['already_exists_updated']);
break;
case 0:
$doCreate = true;
break;
default:
$doCreate = false;
break;
}
}
}
if ($doCreate) {
// Want to block creation of with existent EXTERNAL ID, if containers ARE DIFFERENT.
$item_id = intval($tcase_mgr->getInternalID($externalid, array('tproject_id' => $tproject_id)));
if ($item_id > 0) {
// who is his parent ?
$owner = $tcase_mgr->getTestSuite($item_id);
if ($owner != $container_id) {
// Get full path of existent Test Cases
$stain = $tcase_mgr->tree_manager->get_path($item_id, null, 'name');
$n = count($stain);
$stain[$n - 1] = $tcasePrefix . config_get('testcase_cfg')->glue_character . $externalid . ':' . $stain[$n - 1];
$stain = implode('/', $stain);
$resultMap[] = array($name, $messages['hit_with_same_external_ID'] . $stain);
$doCreate = false;
}
}
}
if ($doCreate) {
$createOptions = array('check_duplicate_name' => testcase::CHECK_DUPLICATE_NAME, 'action_on_duplicate_name' => $duplicatedLogic['actionOnHit'], 'external_id' => $externalid);
if ($ret = $tcase_mgr->create($container_id, $name, $summary, $preconditions, $steps, $personID, $kwIDs, $node_order, testcase::AUTOMATIC_ID, $exec_type, $importance, $createOptions)) {
$resultMap[] = array($name, $ret['msg']);
}
}
}
return $resultMap;
}
}
if ($op['status_ok']) {
$gui->id = $args->testsuiteID;
$gui->page_title = lang_get('container_title_testsuite');
$gui->refreshTree = $args->refreshTree;
$identity = new stdClass();
$identity->id = $args->testsuiteID;
$identity->tproject_id = $args->tproject_id;
$tsuite_mgr->show($smarty, $gui, $identity);
} else {
// $userInput is used to maintain data filled by user if there is
// a problem with test suite name.
$userInput = $_REQUEST;
if ($gui->midAirCollision = $op['reason'] == 'midAirCollision') {
$foe = new tlUser($op['more']['updater_id']);
$foe->readFromDB($db);
$gui->midAirCollisionMsg['main'] = sprintf(lang_get('collision_detected_some_one_else'), $op['more']['modification_ts'], $foe->login, $foe->emailAddress);
$gui->midAirCollisionMsg['details'] = sprintf(lang_get('collision_detected_choices'), $foe->login);
}
renderTestSuiteForManagement($smarty, $args, $gui, $tsuite_mgr, $keywordSet, $userInput);
}
break;
case 'do_move_tcase_set':
moveTestCases($smarty, $template_dir, $tsuite_mgr, $tree_mgr, $args);
break;
case 'do_copy_tcase_set':
$op = copyTestCases($smarty, $template_dir, $tsuite_mgr, $tcase_mgr, $args);
$refreshTree = $op['refreshTree'];
moveTestCasesViewer($db, $smarty, $tproject_mgr, $tree_mgr, $args, $op['userfeedback']);
break;
case 'delete_testcases':
/**
* reset user password in DB
*
* @param resource &$db reference to database handler
* @param integer $userID
* @param string $newPasswordSendMethod, default 'send_password_by_mail'
*
* @return hash
* status: integer result status code
* password: new password
* msg: error message (if any)
*/
function resetPassword(&$db, $userID, $passwordSendMethod = 'send_password_by_mail')
{
$retval = array('status' => tl::OK, 'password' => '', 'msg' => '');
$user = new tlUser($userID);
$retval['status'] = $user->readFromDB($db);
// Reset can be done ONLY if user authentication method allows it.
$doIt = false;
if ($retval['status'] >= tl::OK) {
$cfg = config_get('authentication');
$cfg = $cfg['domain'];
$doIt = isset($cfg[$user->authentication]) && $cfg[$user->authentication]['allowPasswordManagement'];
}
if ($doIt) {
$retval['status'] = tlUser::E_EMAILLENGTH;
if (trim($user->emailAddress) != "") {
$newPassword = tlUser::generatePassword(8, 4);
$retval['status'] = $user->setPassword($newPassword, $cfg[$user->authentication]);
if ($retval['status'] >= tl::OK) {
$retval['password'] = $newPassword;
$mail_op = new stdClass();
$mail_op->status_ok = false;
if ($passwordSendMethod == 'send_password_by_mail') {
$msgBody = lang_get('your_password_is') . "\n\n" . $newPassword . "\n\n" . lang_get('contact_admin');
$mail_op = @email_send(config_get('from_email'), $user->emailAddress, lang_get('mail_passwd_subject'), $msgBody);
}
if ($mail_op->status_ok || $passwordSendMethod == 'display_on_screen') {
$retval['status'] = $user->writePasswordToDB($db);
} else {
$retval['status'] = tl::ERROR;
$retval['msg'] = $mail_op->msg;
}
}
}
}
$retval['msg'] = $retval['msg'] != "" ? $retval['msg'] : getUserErrorMessage($retval['status']);
return $retval;
}
testlinkInitPage($db, false, false, "checkRights");
$templateCfg = templateConfiguration();
$args = init_args();
$grants = getGrantsForUserMgmt($db, $args->currentUser);
$sqlResult = null;
$action = null;
$user_feedback = '';
$orderBy = new stdClass();
$orderBy->type = 'order_by_login';
$orderBy->dir = array('order_by_login_dir' => 'asc');
switch ($args->operation) {
case 'disable':
// user cannot disable => inactivate itself
if ($args->user_id != $args->currentUserID) {
$user = new tlUser($args->user_id);
$sqlResult = $user->readFromDB($db);
if ($sqlResult >= tl::OK) {
$userLogin = $user->login;
$sqlResult = $user->setActive($db, 0);
if ($sqlResult >= tl::OK) {
logAuditEvent(TLS("audit_user_disabled", $user->login), "DISABLE", $args->user_id, "users");
$user_feedback = sprintf(lang_get('user_disabled'), $userLogin);
}
}
}
if ($sqlResult != tl::OK) {
$user_feedback = lang_get('error_user_not_disabled');
}
$orderBy->type = $args->user_order_by;
$orderBy->dir = $args->order_by_dir;
break;
/**
* Verify if user is log in. Redirect to login page if not.
*
* @param integer $db DB identifier
* @param boolean $redirect if true (default) redirects user to login page, otherwise returns true/false as login status
**/
function checkSessionValid(&$db, $redirect = true)
{
$isValidSession = false;
if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0) {
/** @TODO martin:
Talk with Andreas to understand:
1. advantages of this approach
2. do we need to recreate it every time ? why ?
* a) store just data -not all object
* b) do not read again and again the same data from DB
* c) this function check JUST session validity
**/
$now = time();
$lastActivity = $_SESSION['lastActivity'];
if ($now - $lastActivity <= config_get("sessionInactivityTimeout") * 60) {
$_SESSION['lastActivity'] = $now;
$user = new tlUser($_SESSION['userID']);
$user->readFromDB($db);
$_SESSION['currentUser'] = $user;
$isValidSession = true;
}
}
if (!$isValidSession && $redirect) {
$ip = $_SERVER["REMOTE_ADDR"];
tLog('Invalid session from ' . $ip . '. Redirected to login page.', 'INFO');
$fName = "login.php";
$baseDir = dirname($_SERVER['SCRIPT_FILENAME']);
while (!file_exists($baseDir . DIRECTORY_SEPARATOR . $fName)) {
$fName = "../" . $fName;
}
redirect($fName . "?note=expired", "top.location");
exit;
}
return $isValidSession;
}
/**
* Generate the API Key
*
* @param struct $args
* @param string $args["user"]
* @param string $args["pass"]
* @return string
* @access public
*/
public function generateAPIKey($args)
{
$this->_setArgs($args);
$login = $this->args[self::$userParamName];
$pwd = $this->args['pass'];
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($this->dbObj, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
$checkBD = $user->comparePassword($pwd) == tl::OK;
$checkLDAP = ldap_authenticate($login, $pwd);
if ($checkBD or $checkLDAP->status_ok) {
$user_id = tlUser::doesUserExist($this->dbObj, $login);
if (is_null($user_id)) {
$this->errors[] = new IXR_Error(NO_USER_BY_THIS_LOGIN, 'This is a valid user, but is not on TestLink DB');
} else {
$op = new stdClass();
$op->status = tl::OK;
$op->user_feedback = null;
$APIKey = new APIKey();
$ak = $APIKey->getAPIKey($user_id);
if (!is_null($ak)) {
return $ak;
}
if ($APIKey->addKeyForUser($user_id) >= tl::OK) {
return $APIKey->getAPIKey($user_id);
} else {
$this->errors[] = new IXR_Error(NO_DEV_KEY, NO_DEV_KEY_STR);
}
}
} else {
$this->errors[] = new IXR_Error(INVALID_AUTH, INVALID_AUTH_STR);
}
return $this->errors;
}
* @copyright 2007-2011, TestLink community
* @version CVS: $Id: userInfo.php,v 1.34 2011/01/10 15:38:55 asimon83 Exp $
* @link http://www.teamst.org/index.php
*
*
* @internal Revisions:
* 20101008 - Julian - reload navBar after changing personal data (localization)
*/
require_once '../../config.inc.php';
require_once 'users.inc.php';
require_once '../../lib/api/APIKey.php';
testlinkInitPage($db);
$templateCfg = templateConfiguration();
$args = init_args();
$user = new tlUser($args->userID);
$user->readFromDB($db);
$gui = new stdClass();
$gui->tproject_id = $args->tproject_id;
$gui->update_title_bar = 0;
$gui->external_password_mgmt = tlUser::isPasswordMgtExternal();
$gui->mgt_view_events = $user->hasRight($db, "mgt_view_events", $gui->tproject_id);
$op = new stdClass();
$op->auditMsg = null;
$op->user_feedback = null;
$op->status = tl::OK;
$doUpdate = false;
switch ($args->doAction) {
case 'editUser':
$doUpdate = true;
foreach ($args->user as $key => $value) {
$user->{$key} = $value;
* @since 1.9.9
*
*/
require_once "../../config.inc.php";
require_once 'exttable.class.php';
require_once "users.inc.php";
testlinkInitPage($db, false, false, "checkRights");
$smarty = new TLSmarty();
$templateCfg = templateConfiguration();
list($args, $gui) = initEnv($db);
switch ($args->operation) {
case 'disable':
// user cannot disable => inactivate itself
if ($args->user_id != $args->currentUserID) {
$user = new tlUser($args->user_id);
$gui->result = $user->readFromDB($db);
if ($gui->result >= tl::OK) {
$gui->result = $user->setActive($db, 0);
if ($gui->result >= tl::OK) {
logAuditEvent(TLS("audit_user_disabled", $user->login), "DISABLE", $args->user_id, "users");
$gui->user_feedback = sprintf(lang_get('user_disabled'), $user->login);
}
}
}
if ($gui->result != tl::OK) {
$gui->user_feedback = lang_get('error_user_not_disabled');
}
break;
default:
break;
}
/**
* checks if the default password for the admin accout is still set
*
* @return boolean returns true if the default password for the admin account is set,
* false else
* @author Andreas Morsing
**/
function checkForAdminDefaultPwd(&$db)
{
$passwordHasDefaultValue = false;
$user = new tlUser();
$user->login = "******";
if ($user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK && $user->comparePassword("admin") >= tl::OK) {
$passwordHasDefaultValue = true;
}
return $passwordHasDefaultValue;
}
/**
* Verify if Session is valid,
* Redirect to login page if not.
*
* @param integer $db DB handler
* @param boolean $redirect if true (default) redirects user to login page,
* otherwise returns true/false as login status
**/
function checkSessionValid(&$db, $redirect = true)
{
$isValidSession = false;
if (isset($_SESSION['userID']) && $_SESSION['userID'] > 0) {
$now = time();
$renewSession = $now - $_SESSION['lastActivity'] <= config_get("sessionInactivityTimeout") * 60;
if ($renewSession) {
$_SESSION['lastActivity'] = $now;
// Because this method is called each time we access a page,
// is OK to re-read user info, to update all info than can be changed like roles and rights.
// What we are done with user object in session, IMHO is some sort of BAD Global coupling
// We are illuding ourselve we are using cached data but is not RIGHT.
$user = new tlUser($_SESSION['userID']);
$user->readFromDB($db);
$_SESSION['currentUser'] = $user;
$isValidSession = true;
}
}
if (!$isValidSession && $redirect) {
$ip = $_SERVER["REMOTE_ADDR"];
tLog('Invalid session from ' . $ip . '. Redirected to login page.', 'INFO');
$fName = "login.php";
$baseDir = dirname($_SERVER['SCRIPT_FILENAME']);
while (!file_exists($baseDir . DIRECTORY_SEPARATOR . $fName)) {
$fName = "../" . $fName;
}
$destination = "&destination=" . urlencode($_SERVER['REQUEST_URI']);
redirect($fName . "?note=expired" . $destination, "top.location");
exit;
}
return $isValidSession;
}
