public function testUpdate()
{
$id = DM\Users::toId($this->testName);
$params = array('id' => $id, 'first_name' => '123', 'last_name' => '231', 'sex' => 'f', 'email' => 'f', 'password' => 'a', 'photo' => '/tmp/q.jpg', 'language_id' => 2, 'recover_hash' => '---', 'enabled' => 0, 'cid' => 1);
DM\Users::update($params);
$data = DM\Users::read($id);
$params['password'] = md5('aero' . $params['password']);
$this->assertArraySubset($params, $data);
//updateByName
unset($params['id']);
$params['name'] = $this->testName;
$params['password'] = '******';
$params['enabled'] = 1;
DM\Users::updateByName($params);
$data = DM\Users::read($id);
$params['password'] = md5('aero' . $params['password']);
$this->assertArraySubset($params, $data);
//verify password
$this->assertTrue(DM\Users::verifyPassword($id, 'b'), 'Wrong password');
//check id by mail
$id = DM\Users::getIdByEmail('f');
$this->assertTrue(is_numeric($id), 'Cant get Id by mail');
//check id by recover hash
$id = DM\Users::getIdByRecoveryHash('---');
$this->assertTrue(is_numeric($id), 'Cant get Id by recover hash');
//check owner
$this->assertTrue(DM\Users::getOwnerId($id) == 1, 'different owner set');
}
/**
*
* @return array
*/
public static function checkLogined()
{
$result = array('success' => false);
if (static::isOauth2Login()) {
$state = self::decodeState($_GET['state']);
$session_state = self::decodeState($_SESSION['oauth2state']);
if (isset($session_state['state']) && isset($state['state']) && $session_state['state'] == $state['state'] && isset($state['email'])) {
$userId = DM\Users::getIdByEmail($state['email']);
if (empty($userId)) {
$result['message'] = 'Email ' . $state['email'] . ' not authorized for this core. ' . L\get('Specify_username') . ' ';
} else {
$result = array('success' => true, 'user_id' => $userId, 'session_id' => $session_state['state']);
}
} else {
$result['message'] = 'WRONG STATE!!!';
}
} else {
$result['message'] = 'Is not Oauth login';
}
return $result;
}
/**
* Add a new user
* params: name, group_id
*/
public function addUser($p)
{
if (!User::isVerified()) {
return array('success' => false, 'verify' => true);
}
if (!Security::canManage()) {
throw new \Exception(L\get('Access_denied'));
}
$rez = array('success' => false, 'msg' => L\get('Missing_required_fields'));
$p['name'] = strip_tags($p['name']);
$p['name'] = trim($p['name']);
$p1 = empty($p['password']) ? '' : $p['password'];
$p2 = empty($p['confirm_password']) ? '' : $p['confirm_password'];
if (empty($p['name']) || $p1 != $p2) {
return $rez;
}
// validate input params
if (!preg_match('/^[a-z\\.0-9_]+$/i', $p['name'])) {
return array('success' => false, 'msg' => 'Invalid username. Use only letters, digits, "dot" and/or "underscore".');
}
$p['first_name'] = Purify::humanName($p['first_name']);
$p['last_name'] = Purify::humanName($p['last_name']);
if (!empty($p['email'])) {
if (!filter_var($p['email'], FILTER_VALIDATE_EMAIL)) {
return array('success' => false, 'msg' => L\get('InvalidEmail'));
}
}
//check if user with such email doesn exist
$user_id = DM\Users::getIdByEmail($p['email']);
if (!empty($user_id)) {
throw new \Exception(L\get('UserEmailExists'));
}
/*check user existance, if user already exists but is deleted
then its record will be used for new user */
$user_id = DM\Users::getIdByName($p['name']);
if (!empty($user_id)) {
throw new \Exception(L\get('User_exists'));
}
$params = array('name' => $p['name'], 'first_name' => $p['first_name'], 'last_name' => $p['last_name'], 'cid' => User::getId(), 'language_id' => Config::get('language_index'), 'email' => $p['email']);
if (!empty($p['password']) && !empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 2) {
$params['password'] = $p['password'];
}
$user_id = DM\Users::getIdByName($p['name'], false);
if (!empty($user_id)) {
//update
$params['id'] = $user_id;
DM\Users::update($params);
/* in case it was a deleted user we delete all old acceses */
DB\dbQuery('DELETE FROM users_groups_association WHERE user_id = $1', $user_id);
DB\dbQuery('DELETE FROM tree_acl WHERE user_group_id = $1', $rez['data']['id']);
/* end of in case it was a deleted user we delete all old acceses */
} else {
//create
$user_id = DM\Users::create($params);
}
$rez = array('success' => true, 'data' => array('id' => $user_id));
$p['id'] = $user_id;
// associating user to group if group was specified
if (isset($p['group_id']) && is_numeric($p['group_id'])) {
DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid)
VALUES($1, $2, $3)
ON duplicate KEY
UPDATE cid = $3', array($user_id, $p['group_id'], User::getId()));
$rez['data']['group_id'] = $p['group_id'];
} else {
$rez['data']['group_id'] = 0;
}
//check if send invite is set and create notification
if (!empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 1) {
$this->sendResetPasswordMail($user_id, 'invite');
}
Security::calculateUpdatedSecuritySets();
Solr\Client::runBackgroundCron();
return $rez;
}
if (empty($templateIds)) {
\CB\debug('receive comments cron: no comment template defined');
continue;
}
$templateId = array_shift($templateIds);
$commentsObj = Objects::getCustomClassByType('comment');
foreach ($core['mails'] as $mail) {
if (!Objects::idExists($mail['pid'])) {
\CB\debug('receive comments cron: target id not found for mail "' . $mail['subject'] . '"');
continue;
}
$emailFrom = extractEmailFromText($mail['from']);
// user email
$emailTo = extractEmailFromText($mail['to']);
// <*****@*****.**>
$userId = DM\Users::getIdByEmail($emailFrom);
$_SESSION['user'] = array('id' => $userId);
$data = array('id' => null, 'pid' => $mail['pid'], 'oid' => $userId, 'cid' => $userId, 'template_id' => $templateId, 'data' => array('_title' => removeContentExtraBlock($mail['content'], $emailFrom, $emailTo)), 'sys_data' => array('mailId' => $mail['id']));
try {
$commentId = $commentsObj->create($data);
//add attachments
if (!empty($mail['attachments'])) {
saveObjectAttachments($commentId, $mail['attachments']);
}
} catch (Exception $e) {
\CB\debug('Cannot create comment from ' . $mail['from'], $data);
}
$deleteMailIds[] = $mail['id'];
}
}
if (!empty($mailConf['mailbox'])) {
/* try to get target folder from subject*/
$path = false;
//case_nr
/* try to find user from database that corresponds to this mail.
Ex: Kell <*****@*****.**> */
$email = false;
if (preg_match_all('/^[^<]*<?([^>]+)>?/i', $mail->from, $results)) {
$email = $results[1][0];
}
if ($email == false) {
$delete_ids[] = $mailbox->getUniqueId($k);
echo "\rcannot find senders email for: {$subject} ... skipping";
mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find ' . 'your email in received message. ' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r");
continue;
}
$user_id = DM\Users::getIdByEmail($email);
if (!empty($user_id)) {
if (empty($test_user_id)) {
$delete_ids[] = $mailbox->getUniqueId($k);
mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find your' . ' email address in our users database, please update your email ' . 'address in your user profile of casebox and resend your mail. ' . 'Wrong messages are deleted automatically.' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r");
echo "\rcannot find corresponding user in our database '.\n 'for email {$email} from message: {$subject} ... skipping";
continue;
} else {
$user_id = $test_user_id;
}
}
/* end of try to find user from database that corresponds to this mail */
if (preg_match('/(\\([\\s]*(.+)[\\s]*\\))\\s*$/i', $subject, $matches)) {
$subject = str_replace($matches[0], '', $subject);
$path = $matches[2];
} else {
