/** * Create or update user information * @param array() $userInfoArr the user related information * @return array() create result. return detail information */ public static function editUser($userInfoArr, $pageActionType) { $resultInfo = array(); $actionType = BugfreeModel::ACTION_OPEN; $oldRecordAttributs = array(); if (!empty($userInfoArr['id'])) { $user = self::loadModel($userInfoArr['id']); if (isset($userInfoArr['realname']) && self::isRealnameExisted($userInfoArr['id'], $userInfoArr['realname'])) { $userInfoArr['realname'] = $userInfoArr['realname'] . '[' . $userInfoArr['username'] . ']'; } $oldRecordAttributs = $user->attributes; $actionType = BugfreeModel::ACTION_EDIT; $user->attributes = $userInfoArr; if (!empty($userInfoArr['change_password']) && CommonService::$TrueFalseStatus['TRUE'] == $userInfoArr['change_password']) { $user->scenario = 'password'; } } else { $user = new TestUser(); $user->attributes = $userInfoArr; if (TestUser::$Authmode['ldap'] == $_POST['TestUser']['authmode']) { $ldap = new LdapService(Yii::app()->params->ldap['user'], Yii::app()->params->ldap['pass']); if (empty($userInfoArr['username'])) { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail']['id'] = Yii::t('TestUser', 'username can not be blank'); return $resultInfo; } $ldapUserInfo = $ldap->search($userInfoArr['username']); if (empty($ldapUserInfo)) { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail']['id'] = Yii::t('TestUser', 'Domain Account not found'); return $resultInfo; } if (self::isRealnameExisted(0, $ldapUserInfo['realname'])) { $ldapUserInfo['realname'] = $ldapUserInfo['realname'] . '[' . $ldapUserInfo['username'] . ']'; } $user->attributes = $ldapUserInfo; $user->password = time(); } $user->is_dropped = CommonService::$TrueFalseStatus['FALSE']; $user->email_flag = CommonService::$TrueFalseStatus['TRUE']; $user->wangwang_flag = CommonService::$TrueFalseStatus['FALSE']; } if (!self::isUserEditable($user->id, $pageActionType)) { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail']['id'] = Yii::t('Common', 'Required URL not found or permission denied.'); return $resultInfo; } if ($user->save()) { $newRecord = self::loadModel($user->id); $addActionResult = AdminActionService::addActionNotes('test_user', $actionType, $newRecord, $oldRecordAttributs); $resultInfo['status'] = CommonService::$ApiResult['SUCCESS']; $resultInfo['detail'] = array('id' => $user->id); return $resultInfo; } else { $resultInfo['status'] = CommonService::$ApiResult['FAIL']; $resultInfo['detail'] = $user->getErrors(); } return $resultInfo; }
/** * authenticate * if user account is not existed, register it automatically * if ladp connect failed, use the database data to validate * after each ldap validation, update the user information to database * */ public function authenticate() { $user = TestUser::model()->findByAttributes(array('username' => $this->username)); if ($user == null) { $this->errorCode = self::ERROR_USER_NOT_FOUND; } else { if (CommonService::$TrueFalseStatus['TRUE'] == $user->is_dropped) { $this->errorCode = self::ERROR_USER_DISABLED; return !$this->errorCode; } if (TestUser::$Authmode['ldap'] == $user->authmode) { $ldap = new LdapService($this->username, $this->password); $userInfoArr = $ldap->search(); if (LdapService::ERROR_LDAP_MISS == $ldap->errorCode) { $this->errorCode = self::ERROR_LDAP_MISS; } else { if (LdapService::ERROR_CONNECT == $ldap->errorCode || LdapService::ERROR_BIND == $ldap->errorCode) { if (md5($this->password) !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->username = $user->username; $this->setState('realname', $user->realname); $this->setState('username', $user->username); $this->errorCode = self::ERROR_NONE; } } else { if (LdapService::ERROR_NONE == $ldap->errorCode) { if (empty($userInfoArr)) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $userInfo = $userInfoArr; $userInfo['id'] = $user->id; $userInfo['password'] = $this->password; $result = TestUserService::editUser($userInfo, TestUserService::LDAP_UPDATE_USER); if (CommonService::$ApiResult['SUCCESS'] == $result['status']) { $userNew = TestUser::model()->findByPk($user->id); $newRealName = $userNew['realname']; $this->_id = $user->id; $this->errorCode = self::ERROR_NONE; $this->setState('realname', $newRealName); $this->setState('username', $user->username); } else { $this->errorCode = self::ERROR_PASSWORD_INVALID; } } } } } } else { if (md5($this->password) !== $user->password) { $this->errorCode = self::ERROR_PASSWORD_INVALID; } else { $this->_id = $user->id; $this->username = $user->username; $this->setState('realname', $user->realname); $this->setState('username', $user->username); $this->errorCode = self::ERROR_NONE; } } } return !$this->errorCode; }