protected function _upgradeFrom3dot2(framework\Request $request) { set_time_limit(0); \thebuggenie\core\entities\tables\Milestones::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGMilestone::getB2DBTable()); \thebuggenie\core\entities\tables\Projects::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGProjectsTable::getTable()); \thebuggenie\core\entities\tables\Log::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGLogTable::getTable()); \thebuggenie\core\entities\tables\Users::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGUsersTable::getTable()); \thebuggenie\core\entities\tables\Issues::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGIssuesTable::getTable()); \thebuggenie\core\entities\tables\Workflows::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGWorkflowsTable::getTable()); \thebuggenie\core\entities\tables\IssueSpentTimes::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGIssueSpentTimesTable::getTable()); \thebuggenie\core\entities\tables\Comments::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGCommentsTable::getTable()); \thebuggenie\core\entities\tables\SavedSearches::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGSavedSearchesTable::getTable()); \thebuggenie\core\entities\tables\Settings::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGSettingsTable::getTable()); \thebuggenie\core\entities\tables\Notifications::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGNotificationsTable::getTable()); \thebuggenie\core\entities\tables\Permissions::getTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGPermissionsTable::getTable()); \thebuggenie\core\entities\Dashboard::getB2DBTable()->create(); \thebuggenie\core\entities\DashboardView::getB2DBTable()->upgrade(\thebuggenie\core\modules\installation\upgrade_32\TBGDashboardViewsTable::getTable()); \thebuggenie\core\entities\ApplicationPassword::getB2DBTable()->create(); \thebuggenie\core\entities\NotificationSetting::getB2DBTable()->create(); $transaction = \b2db\Core::startTransaction(); // Upgrade user passwords switch ($request['upgrade_passwords']) { case 'manual': $password = $request['manual_password']; foreach (\thebuggenie\core\entities\tables\Users::getTable()->selectAll() as $user) { $user->setPassword($password); $user->save(); } break; case 'auto': $field = $request['upgrade_passwords_pick'] == 'username' ? 'username' : 'email'; foreach (\thebuggenie\core\entities\tables\Users::getTable()->selectAll() as $user) { if ($field == 'username' && trim($user->getUsername())) { $user->setPassword(trim($user->getUsername())); $user->save(); } elseif ($field == 'email' && trim($user->getEmail())) { $user->setPassword(trim($user->getEmail())); $user->save(); } } break; } $adminuser = \thebuggenie\core\entities\User::getB2DBTable()->selectById(1); $adminuser->setPassword($request['admin_password']); $adminuser->save(); // Add new settings framework\Settings::saveSetting(framework\Settings::SETTING_SERVER_TIMEZONE, 'core', date_default_timezone_get(), 0, 1); foreach ($request->getParameter('status') as $scope_id => $status_id) { $scope = \thebuggenie\core\entities\tables\Scopes::getTable()->selectById((int) $scope_id); if ($scope instanceof \thebuggenie\core\entities\Scope) { $epic = new \thebuggenie\core\entities\Issuetype(); $epic->setName('Epic'); $epic->setIcon('epic'); $epic->setDescription('Issue type suited for entering epics'); $epic->setScope($scope_id); $epic->save(); framework\Settings::saveSetting('issuetype_epic', $epic->getID(), 'core', $scope_id); foreach (\thebuggenie\core\entities\tables\Workflows::getTable()->getAll((int) $scope_id) as $workflow) { $transition = new \thebuggenie\core\entities\WorkflowTransition(); $steps = $workflow->getSteps(); $step = array_shift($steps); $step->setLinkedStatusID((int) $status_id); $step->save(); $transition->setOutgoingStep($step); $transition->setName('Issue created'); $transition->setWorkflow($workflow); $transition->setScope($scope); $transition->setDescription('This is the initial transition for issues using this workflow'); $transition->save(); $workflow->setInitialTransition($transition); $workflow->save(); } \thebuggenie\core\entities\ActivityType::loadFixtures($scope); } } $transaction->commitAndEnd(); framework\Context::finishUpgrading(); foreach (framework\Context::getModules() as $module) { $module->upgrade(); } $this->upgrade_complete = true; }
/** * Change password ajax action * * @param \thebuggenie\core\framework\Request $request */ public function runAccountAddPassword(framework\Request $request) { $this->forward403unless($this->getUser()->hasPageAccess('account')); if (trim($request['name'])) { $password = new entities\ApplicationPassword(); $password->setUser($this->getUser()); $password->setName(trim($request['name'])); $visible_password = strtolower(entities\User::createPassword()); $password->setPassword($visible_password); $password->save(); $spans = ''; for ($cc = 0; $cc < 4; $cc++) { $spans .= '<span>' . substr($visible_password, $cc * 4, 4) . '</span>'; } return $this->renderJSON(array('password' => $spans)); } else { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('Please enter a valid name'))); } }
/** * Add a new application password: ajax action * * @param \thebuggenie\core\framework\Request $request */ public function runAccountAddPassword(framework\Request $request) { $this->forward403unless($this->getUser()->hasPageAccess('account')); $name = trim($request['name']); if ($name) { framework\Logging::log('Adding new application password for user.', 'account', framework\Logging::LEVEL_INFO); $password = new entities\ApplicationPassword(); $password->setUser($this->getUser()); $password->setName($name); $visible_password = strtolower(entities\User::createPassword()); // Internally creates a hash from this visible password & crypts that hash for storage $password->setPassword($visible_password); $password->save(); $spans = ''; for ($cc = 0; $cc < 4; $cc++) { $spans .= '<span>' . substr($visible_password, $cc * 4, 4) . '</span>'; } return $this->renderJSON(array('password' => $spans)); } else { $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => $this->getI18n()->__('Please enter a valid name'))); } }
/** * Authenticate an application using a one-time application password. * Creates a token to be used for subsequent requests. * * @param framework\Request $request */ public function runAuthenticate(framework\Request $request) { framework\Logging::log('Authenticating new application password.', 'api', framework\Logging::LEVEL_INFO); $username = trim($request['username']); $password = trim($request['password']); if ($username) { $user = tables\Users::getTable()->getByUsername($username); if ($password && $user instanceof entities\User) { // Generate token from the application password $token = entities\ApplicationPassword::createToken($password); // Crypt, for comparison with db value $hashed_token = entities\User::hashPassword($token, $user->getSalt()); foreach ($user->getApplicationPasswords() as $app_password) { // Only return the token for new application passwords! if (!$app_password->isUsed()) { if ($app_password->getHashPassword() == $hashed_token) { $app_password->useOnce(); $app_password->save(); return $this->renderJSON(array('token' => $token, 'name' => $app_password->getName(), 'created_at' => $app_password->getCreatedAt())); } } } } framework\Logging::log('No password matched.', 'api', framework\Logging::LEVEL_INFO); } $this->getResponse()->setHttpStatus(400); return $this->renderJSON(array('error' => 'Incorrect username or application password')); }