/** * Edit logged user profile. * Called with different POST format from "administration/users/edit user profile " and from "profile/edit my profile" * * @access public * @param void * @return null */ function edit_profile() { $user = Users::findById(get_id()); if (!$user instanceof User) { flash_error(lang('user dnx')); ajx_current("empty"); return; } // if $company = $user->getCompany(); if (!$company instanceof Company) { flash_error(lang('company dnx')); ajx_current("empty"); return; } // if if (!$user->canUpdateProfile(logged_user())) { flash_error(lang('no access permissions')); ajx_current("empty"); return; } // if $redirect_to = array_var($_GET, 'redirect_to'); if (trim($redirect_to) == '' || !is_valid_url($redirect_to)) { $redirect_to = $user->getCardUrl(); } // if tpl_assign('redirect_to', null); $user_data = array_var($_POST, 'user'); if (!is_array($user_data)) { $user_data = array('username' => $user->getUsername(), 'email' => $user->getEmail(), 'display_name' => $user->getDisplayName(), 'title' => $user->getTitle(), 'timezone' => $user->getTimezone(), 'auto_assign' => $user->getAutoAssign(), 'company_id' => $user->getCompanyId(), 'is_admin' => $user->isAdministrator(), 'type' => $user->getType()); // array } // if tpl_assign('user', $user); tpl_assign('company', $company); tpl_assign('user_data', $user_data); tpl_assign('billing_categories', BillingCategories::findAll()); if (is_array(array_var($_POST, 'user'))) { if (array_var($user_data, 'company_id') && !Companies::findById(array_var($user_data, 'company_id')) instanceof Company) { ajx_current("empty"); flash_error(lang("company dnx")); return; } try { DB::beginWork(); $user->setDisplayName(array_var($user_data, 'display_name')); $user->setEmail(array_var($user_data, 'email')); $user->setType(array_var($user_data, 'type')); $user->setTimezone(array_var($user_data, 'timezone')); $user->setTitle(array_var($user_data, 'title')); $user->setUpdatedOn(DateTimeValueLib::now()); if (logged_user()->isAdministrator()) { if ($user->getId() != 1) { // System admin cannot change it's company $user->setCompanyId(array_var($user_data, 'company_id')); } $user->setDefaultBillingId(array_var($user_data, 'default_billing_id')); $user->setUsername(array_var($user_data, 'username')); $project = Projects::findById(array_var($user_data, 'personal_project_id')); if ($project instanceof Project && $user->getPersonalProjectId() != $project->getId()) { $user->setPersonalProjectId($project->getId()); $project_user = ProjectUsers::findById(array('project_id' => $project->getId(), 'user_id' => $user->getId())); if (!$project_user) { $project_user = new ProjectUser(); $project_user->setUserId($user->getId()); $project_user->setProjectId($project->getId()); } $project_user->setAllPermissions(true); $project_user->save(); } } $user->save(); $autotimezone = array_var($user_data, 'autodetect_time_zone', null); if ($autotimezone !== null) { set_user_config_option('autodetect_time_zone', $autotimezone, $user->getId()); } $object_controller = new ObjectController(); $object_controller->add_custom_properties($user); if ($user->getId() != 1) { //System admin cannot change its own admin status if ($user->getType() == 'admin') { if ($user->getCompanyId() != owner_company()->getId()) { // external users can't be admins => set as Normal $user->setType('normal'); $user->setAsAdministrator(false); } else { $user->setAsAdministrator(true); } } else { $user->setAsAdministrator(false); } } DB::commit(); flash_success(lang('success update profile')); ajx_current("back"); ajx_add("overview-panel", "reload"); } catch (Exception $e) { DB::rollback(); ajx_current("empty"); flash_error($e->getMessage()); } // try } // if }
function create_user($user_data, $permissionsString) { $user = new User(); $user->setUsername(array_var($user_data, 'username')); $user->setDisplayName(array_var($user_data, 'display_name')); $user->setEmail(array_var($user_data, 'email')); $user->setCompanyId(array_var($user_data, 'company_id')); $user->setType(array_var($user_data, 'type')); $user->setTimezone(array_var($user_data, 'timezone')); if (!logged_user() instanceof User || can_manage_security(logged_user())) { $user->setCanEditCompanyData(array_var($user_data, 'can_edit_company_data')); $user->setCanManageSecurity(array_var($user_data, 'can_manage_security')); $user->setCanManageWorkspaces(array_var($user_data, 'can_manage_workspaces')); $user->setCanManageConfiguration(array_var($user_data, 'can_manage_configuration')); $user->setCanManageContacts(array_var($user_data, 'can_manage_contacts')); $user->setCanManageTemplates(array_var($user_data, 'can_manage_templates')); $user->setCanManageReports(array_var($user_data, 'can_manage_reports')); $user->setCanManageTime(array_var($user_data, 'can_manage_time')); $user->setCanAddMailAccounts(array_var($user_data, 'can_add_mail_accounts')); $other_permissions = array(); Hook::fire('add_user_permissions', $user, $other_permissions); foreach ($other_permissions as $k => $v) { $user->setColumnValue($k, array_var($user_data, $k)); } } if (array_var($user_data, 'password_generator', 'random') == 'random') { // Generate random password $password = UserPasswords::generateRandomPassword(); } else { // Validate input $password = array_var($user_data, 'password'); if (trim($password) == '') { throw new Error(lang('password value required')); } // if if ($password != array_var($user_data, 'password_a')) { throw new Error(lang('passwords dont match')); } // if } // if $user->setPassword($password); $user->save(); $user_password = new UserPassword(); $user_password->setUserId($user->getId()); $user_password->setPasswordDate(DateTimeValueLib::now()); $user_password->setPassword(cp_encrypt($password, $user_password->getPasswordDate()->getTimestamp())); $user_password->password_temp = $password; $user_password->save(); if (array_var($user_data, 'autodetect_time_zone', 1) == 1) { set_user_config_option('autodetect_time_zone', 1, $user->getId()); } if ($user->getType() == 'admin') { if ($user->getCompanyId() != owner_company()->getId() || logged_user() instanceof User && !can_manage_security(logged_user())) { // external users can't be admins or logged user has no rights to create admins => set as Normal $user->setType('normal'); } else { $user->setAsAdministrator(true); } } /* create contact for this user*/ if (array_var($user_data, 'create_contact', 1)) { // if contact with same email exists take it, else create new $contact = Contacts::getByEmail($user->getEmail(), true); if (!$contact instanceof Contact) { $contact = new Contact(); $contact->setEmail($user->getEmail()); } else { if ($contact->isTrashed()) { $contact->untrash(); } } $contact->setFirstname($user->getDisplayName()); $contact->setUserId($user->getId()); $contact->setTimezone($user->getTimezone()); $contact->setCompanyId($user->getCompanyId()); $contact->save(); } else { $contact_id = array_var($user_data, 'contact_id'); $contact = Contacts::findById($contact_id); if ($contact instanceof Contact) { // user created from a contact $contact->setUserId($user->getId()); $contact->save(); } else { // if contact with same email exists use it as user's contact, without changing it $contact = Contacts::getByEmail($user->getEmail(), true); if ($contact instanceof Contact) { $contact->setUserId($user->getId()); if ($contact->isTrashed()) { $contact->untrash(); } $contact->save(); } } } $contact = $user->getContact(); if ($contact instanceof Contact) { // update contact data with data entered for this user $contact->setCompanyId($user->getCompanyId()); if ($contact->getEmail() != $user->getEmail()) { // make user's email the contact's main email address if ($contact->getEmail2() == $user->getEmail()) { $contact->setEmail2($contact->getEmail()); } else { if ($contact->getEmail3() == $user->getEmail()) { $contact->setEmail3($contact->getEmail()); } else { if ($contact->getEmail2() == "") { $contact->setEmail2($contact->getEmail()); } else { $contact->setEmail3($contact->getEmail()); } } } } $contact->setEmail($user->getEmail()); $contact->save(); } if (!$user->isGuest()) { /* create personal project or assing the selected*/ //if recived a personal project assing this //project as personal project for this user $new_project = null; $personalProjectId = array_var($user_data, 'personal_project', 0); $project = Projects::findById($personalProjectId); if (!$project instanceof Project) { $project = new Project(); $wname = new_personal_project_name($user->getUsername()); $project->setName($wname); $wdesc = Localization::instance()->lang(lang('personal workspace description')); if (!is_null($wdesc)) { $project->setDescription($wdesc); } $project->setCreatedById($user->getId()); $project->save(); //Save to set an ID number $project->setP1($project->getId()); //Set ID number to the first project $project->save(); $new_project = $project; } $user->setPersonalProjectId($project->getId()); $project_user = new ProjectUser(); $project_user->setProjectId($project->getId()); $project_user->setUserId($user->getId()); $project_user->setCreatedById($user->getId()); $project_user->setAllPermissions(true); $project_user->save(); /* end personal project */ } $user->save(); ApplicationLogs::createLog($user, null, ApplicationLogs::ACTION_ADD); //TODO - Make batch update of these permissions if ($permissionsString && $permissionsString != '') { $permissions = json_decode($permissionsString); } else { $permissions = null; } if (is_array($permissions) && (!logged_user() instanceof User || can_manage_security(logged_user()))) { foreach ($permissions as $perm) { if (ProjectUser::hasAnyPermissions($perm->pr, $perm->pc)) { if (!$personalProjectId || $personalProjectId != $perm->wsid) { $relation = new ProjectUser(); $relation->setProjectId($perm->wsid); $relation->setUserId($user->getId()); $relation->setCheckboxPermissions($perm->pc, $user->isGuest() ? false : true); $relation->setRadioPermissions($perm->pr, $user->isGuest() ? false : true); $relation->save(); } } } } // if if ($new_project instanceof Project && logged_user() instanceof User && logged_user()->isProjectUser($new_project)) { evt_add("workspace added", array("id" => $new_project->getId(), "name" => $new_project->getName(), "color" => $new_project->getColor())); } // Send notification... try { if (array_var($user_data, 'send_email_notification')) { Notifier::newUserAccount($user, $password); } // if } catch (Exception $e) { } // try return $user; }
/** * Finish the installation - create owner company and administrator * * @param void * @return null */ function complete_installation() { if (Companies::getOwnerCompany() instanceof Company) { die('Owner company already exists'); // Somebody is trying to access this method even if the user already exists } // if $form_data = array_var($_POST, 'form'); tpl_assign('form_data', $form_data); if (array_var($form_data, 'submited') == 'submited') { try { $admin_password = trim(array_var($form_data, 'admin_password')); $admin_password_a = trim(array_var($form_data, 'admin_password_a')); if (trim($admin_password) == '') { throw new Error(lang('password value required')); } // if if ($admin_password != $admin_password_a) { throw new Error(lang('passwords dont match')); } // if DB::beginWork(); Users::delete(); // clear users table Companies::delete(); // clear companies table // Create the administrator user $administrator = new User(); $administrator->setId(1); $administrator->setCompanyId(1); $administrator->setUsername(array_var($form_data, 'admin_username')); $administrator->setEmail(array_var($form_data, 'admin_email')); $administrator->setPassword($admin_password); $administrator->setCanEditCompanyData(true); $administrator->setCanManageConfiguration(true); $administrator->setCanManageSecurity(true); $administrator->setCanManageWorkspaces(true); $administrator->setCanManageContacts(true); $administrator->setCanManageTemplates(true); $administrator->setCanManageReports(true); $administrator->setCanManageTime(true); $administrator->setCanAddMailAccounts(true); $administrator->setAutoAssign(false); $administrator->setPersonalProjectId(1); $administrator->setType('admin'); $administrator->save(); $group = new Group(); $group->setName('administrators'); $group->setAllPermissions(true); $group->setId(Group::CONST_ADMIN_GROUP_ID); $group->save(); $group_user = new GroupUser(); $group_user->setGroupId(Group::CONST_ADMIN_GROUP_ID); $group_user->setUserId($administrator->getId()); $group_user->save(); $project = new Project(); $project->setId(1); $project->setP1(1); $project->setName(new_personal_project_name($administrator->getUsername())); $project->setDescription(lang('files')); $project->setCreatedById($administrator->getId()); $project->save(); $project_user = new ProjectUser(); $project_user->setProjectId($project->getId()); $project_user->setUserId($administrator->getId()); $project_user->setCreatedById($administrator->getId()); $project_user->setAllPermissions(true); $project_user->save(); // Create a company $company = new Company(); $company->setId(1); $company->setClientOfId(0); $company->setName(array_var($form_data, 'company_name')); $company->setCreatedById(1); $company->save(); DB::commit(); $this->redirectTo('access', 'login'); } catch (Exception $e) { tpl_assign('error', $e); DB::rollback(); } // try } // if }