コード例 #1
0
 /**
  * This method is used to valide the user's authority with token in help desk chat system.
  * This method is invoked right before an action is executed.
  *
  * The method will trigger the [[EVENT_BEFORE_ACTION]] event. The return value of the method
  * will determine whether the action should continue to run.
  *
  * If you override this method, your code should look like the following:
  *
  * ```php
  * public function beforeAction($action)
  * {
  *     if (parent::beforeAction($action)) {
  *         // your custom code here
  *         return true;  // or false if needed
  *     } else {
  *         return false;
  *     }
  * }
  * ```
  * @param Action $action the action to be executed.
  * @return boolean whether the action should continue to run.
  * @author Harry Sun
  */
 public function beforeAction($action)
 {
     $route = $this->id . '/' . $action->id;
     //init i18n configuration from user agent
     Yii::$app->language = LanguageUtil::getBrowserLanguage();
     // the action ids without auth
     $noAuth = ['site/login', 'site/logout', 'conversation/state', 'conversation/message', 'setting/index', 'setting/self-helpdesk', 'site/send-reset-password-email', 'site/reset-password', 'help-desk/check-auth', 'conversation/user-state', 'issue/create-from-js-sdk', 'issue/remove-attachment'];
     if (in_array($route, $noAuth)) {
         return true;
     } else {
         $accessToken = $this->getQuery('accesstoken');
         $info = Token::getToken($accessToken);
         if (!empty($info) && isset($info->expireTime) && !MongodbUtil::isExpired($info->expireTime)) {
             Yii::$app->language = empty($info->language) ? LanguageUtil::DEFAULT_LANGUAGE : $info->language;
             $expireTime = new \MongoDate(time() + Token::EXPIRE_TIME);
             if ($info->expireTime < $expireTime) {
                 $info->expireTime = $expireTime;
             }
             $updateResult = $info->update();
             return true;
         }
         LogUtil::error(['accessToken' => $accessToken, 'message' => 'You have not logined']);
         throw new \yii\web\UnauthorizedHttpException('You have not logined');
     }
 }
コード例 #2
0
 public function actionUpdate($id)
 {
     $campaign = Campaign::findByPk($id);
     if (empty($campaign)) {
         throw new BadRequestHttpException(Yii::t('product', 'campaign_not_found'));
     }
     if (MongodbUtil::isExpired($campaign->endTime)) {
         throw new BadRequestHttpException(Yii::t('product', 'can_not_update'));
     }
     $params = $this->getParams();
     $params['startTime'] = empty($params['startTime']) ? $campaign->startTime : new \MongoDate(TimeUtil::ms2sTime($params['startTime']));
     $params['endTime'] = empty($params['endTime']) ? $campaign->endTime : new \MongoDate(TimeUtil::ms2sTime($params['endTime']));
     $attributeNames = null;
     foreach ($params as $key => $value) {
         if (in_array($key, ['productIds', 'gift', 'products', 'tags', 'channels'])) {
             $attributeNames[] = 'promotion';
             $promotion = $campaign->promotion;
             $promotion['type'] = Campaign::TYPE_PROMOTION_CODE;
             $key == 'productIds' ? $promotion['data'] = $params['productIds'] : '';
             $key == 'gift' ? $promotion['gift'] = $params['gift'] : '';
             $key == 'products' ? $promotion['products'] = $params['products'] : '';
             $key == 'tags' ? $promotion['tags'] = $params['tags'] : '';
             $key == 'channels' ? $promotion['channels'] = $params['channels'] : '';
             $campaign->promotion = $promotion;
         } else {
             if (in_array($key, ['participantCount', 'limitTimes'])) {
                 $attributeNames[] = $key;
                 $campaign->{$key} = is_null($value) ? null : intval($value);
             } else {
                 $attributeNames[] = $key;
                 $campaign->{$key} = $value;
             }
         }
     }
     $campaign->save(true, $attributeNames);
     return $campaign;
 }
コード例 #3
0
 /**
  * Activate
  *
  * <b>Request Type </b>: GET<br/>
  * <b>Request Endpoint </b>: http://{server-domain}/api/old-site/activate?code=abcd1234abcd1234<br/>
  *
  **/
 public function actionActivate()
 {
     $code = $this->getQuery('code');
     if (empty($code)) {
         $this->_activateFail(0);
         //此链接无效,请联系管理员
     }
     $validation = Validation::findOne(['code' => $code]);
     if (empty($validation)) {
         $this->_activateFail(0);
         //此链接无效,请联系管理员
     }
     if (empty($validation->expire) || MongodbUtil::isExpired($validation->expire)) {
         $this->_activateFail(1);
         //'此链接已过期,请联系管理员'
     }
     $userId = $validation->userId;
     if (User::updateAll(['isActivated' => User::ACTIVATED], ['_id' => $userId])) {
         $validation->delete();
         $this->redirect('/old/activate?type=0&link=' . urlencode('/site/login'));
         Yii::$app->end();
     }
     $this->_activateFail(1);
     //'此链接已过期,请联系管理员'
 }
コード例 #4
0
ファイル: Validation.php プロジェクト: timelessmemory/uhkklp
 /**
  * Validate code when activate user
  * @param $code, String.
  * @return String, error code or userId
  *
  * @author Sara Zhang
  */
 public static function validateCode($code, $isDeleted = true)
 {
     if (empty($code)) {
         return self::LINK_INVALID;
     }
     $validation = Validation::findOne(['code' => $code]);
     if (empty($validation)) {
         return self::LINK_INVALID;
     }
     if (empty($validation->expire) || MongodbUtil::isExpired($validation->expire)) {
         return self::LINK_EXPIRED;
     }
     $userId = $validation->userId;
     if ($validation->toValidateAccount) {
         $user = User::findOne(['_id' => $userId]);
         $attributes = ['status' => Account::STATUS_ACTIVATED, 'trialStartAt' => new \MongoDate(), 'trialEndAt' => new \MongoDate(strtotime("+30 day"))];
         Account::updateAll($attributes, ['_id' => $user->accountId]);
     }
     if ($isDeleted) {
         $validation->delete();
     }
     return $userId;
 }
コード例 #5
0
 public static function isAlreadyPrepay($orderNumber)
 {
     $condition = ['orderNumber' => $orderNumber, 'status' => self::STATUS_PREPARE];
     $payment = self::find()->where($condition)->orderBy(['createdAt' => SORT_DESC])->one();
     if (empty($payment)) {
         return false;
     }
     if (MongodbUtil::isExpired($payment->timeExpire)) {
         return false;
     }
     return true;
 }
コード例 #6
0
 public function checkAuth($module, $token)
 {
     $baseId = Yii::$app->id;
     $moduleId = $module->id;
     //init i18n configuration from user agent
     Yii::$app->language = LanguageUtil::getBrowserLanguage();
     if ($baseId === $moduleId) {
         return true;
     }
     //accountId
     $accountId = $this->getAccountIdFromCookies();
     if (!empty($accountId) && $this->validateSignature()) {
         return true;
     }
     if (!empty($token)) {
         $info = Token::getToken($token);
         if (!empty($info)) {
             //set the language for i18n
             Yii::$app->language = empty($info->language) ? LanguageUtil::DEFAULT_LANGUAGE : $info->language;
             // If $module is a child module, use the parent module
             if (!empty($module->module->id) && $module->module->id !== $baseId) {
                 $module = $module->module;
                 $moduleId = $module->id;
             }
             if (isset($info->expireTime) && !MongodbUtil::isExpired($info->expireTime)) {
                 if (isset($module->roleAccess) && !empty($roleAccess = $module->roleAccess) && in_array($info->role, $roleAccess) && in_array($moduleId, $info->enabledMods)) {
                     //set the current user
                     $userId = $this->getUserId();
                     $controllerId = $this->owner->id;
                     $actionId = $this->owner->action->id;
                     // the current route
                     // change 'POST product/products' to 'product/product/create'
                     $route = "{$moduleId}/{$controllerId}/{$actionId}";
                     // find the sensitive operation with route
                     $condition = ['isActivated' => true, 'actions' => $route, 'accountId' => $info->accountId];
                     $option = SensitiveOperation::findOne($condition);
                     if (!empty($option)) {
                         // admin has all sensitive operation access authority
                         if ($info->role !== User::ROLE_ADMIN) {
                             if ($info->role !== User::ROLE_OPERATOR) {
                                 // other's role hasn't sensitive operation access authority
                                 throw new ForbiddenHttpException(Yii::t('common', 'no_permission'));
                             } else {
                                 if (empty($option->users) || !in_array($info->userId, $option->users)) {
                                     throw new ForbiddenHttpException(Yii::t('common', 'no_permission'));
                                 }
                             }
                         }
                     }
                     define('CURRENT_USER_ID', $userId);
                     $info->expireTime = new \MongoDate(time() + Token::EXPIRE_TIME);
                     $updateResult = $info->update();
                     $this->updateAccessTokenExpire();
                     LogUtil::info(['tokenId' => $info->_id, 'updateResult' => $updateResult]);
                     return true;
                 } else {
                     throw new ForbiddenHttpException(Yii::t('common', 'no_permission'));
                 }
             } else {
                 Yii::$app->language = LanguageUtil::getBrowserLanguage();
                 throw new UnauthorizedHttpException(Yii::t('common', 'login_timeout'));
             }
         }
     }
     throw new UnauthorizedHttpException(Yii::t('common', 'not_logined'));
 }