} } else { SP\Response::printJSON(_('Acción Inválida')); } if ($actionId == \SP\Controller\ActionsInterface::ACTION_ACC_NEW || $actionId == \SP\Controller\ActionsInterface::ACTION_ACC_COPY || $actionId === \SP\Controller\ActionsInterface::ACTION_ACC_EDIT_PASS) { if ($accountPassword != $accountPasswordR) { SP\Response::printJSON(_('Las claves no coinciden')); } // Encriptar clave de cuenta try { $accountEncPass = SP\Crypt::encryptData($accountPassword); } catch (\SP\SPException $e) { SP\Response::printJSON($e->getMessage()); } } $Account = new SP\Account(); switch ($actionId) { case \SP\Controller\ActionsInterface::ACTION_ACC_NEW: case \SP\Controller\ActionsInterface::ACTION_ACC_COPY: SP\Customer::$customerName = $newCustomer; // Comprobar si se ha introducido un nuevo cliente if ($customerId === 0 && $newCustomer) { try { SP\Customer::addCustomer(); $customerId = SP\Customer::$customerLastId; } catch (\SP\SPException $e) { SP\Response::printJSON($e->getMessage()); } } $Account->setAccountName($accountName); $Account->setAccountCategoryId($categoryId);
use SP\UserUtil; define('APP_ROOT', '..'); require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php'; SP\Request::checkReferer('POST'); if (!SP\Init::isLoggedIn()) { SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10); } $sk = SP\Request::analyze('sk', false); if (!$sk || !SessionUtil::checkSessionKey($sk)) { SP\Response::printJSON(_('CONSULTA INVÁLIDA')); } $frmAccountId = SP\Request::analyze('accountid', 0); $frmDescription = SP\Request::analyze('description'); if (!$frmDescription) { SP\Response::printJSON(_('Es necesaria una descripción')); } $accountRequestData = SP\Account::getAccountRequestData($frmAccountId); $recipients = array(UserUtil::getUserEmail($accountRequestData->account_userId), UserUtil::getUserEmail($accountRequestData->account_userEditId)); $requestUsername = SP\Session::getUserName(); $requestLogin = SP\Session::getUserLogin(); $log = new \SP\Log(_('Solicitud de Modificación de Cuenta')); $log->addDescription(SP\Html::strongText(_('Solicitante') . ': ') . $requestUsername . ' (' . $requestLogin . ')'); $log->addDescription(SP\Html::strongText(_('Cuenta') . ': ') . $accountRequestData->account_name); $log->addDescription(SP\Html::strongText(_('Cliente') . ': ') . $accountRequestData->customer_name); $log->addDescription(SP\Html::strongText(_('Descripción') . ': ') . $frmDescription); $mailto = implode(',', $recipients); if (strlen($mailto) > 1 && SP\Util::mailrequestIsEnabled() && SP\Email::sendEmail($log, $mailto)) { $log->writeLog(); SP\Response::printJSON(_('Solicitud enviada'), 0, "doAction('" . \SP\Controller\ActionsInterface::ACTION_ACC_SEARCH . "');"); } SP\Response::printJSON(_('Error al enviar la solicitud'));
/** * Procesar los resultados de la búsqueda y crear la variable que contiene los datos de cada cuenta * a mostrar. * * @param &$results array Con los resultados de la búsqueda */ private function processSearchResults(&$results) { // Variables para la barra de navegación $this->view->assign('firstPage', ceil(($this->view->limitStart + 1) / $this->view->limitCount)); $this->view->assign('lastPage', ceil(\SP\AccountSearch::$queryNumRows / $this->view->limitCount)); $this->view->assign('totalRows', \SP\AccountSearch::$queryNumRows); $this->view->assign('filterOn', $this->_filterOn); $limitLast = \SP\AccountSearch::$queryNumRows % $this->view->limitCount == 0 ? \SP\AccountSearch::$queryNumRows - $this->view->limitCount : floor(\SP\AccountSearch::$queryNumRows / $this->view->limitCount) * $this->view->limitCount; $this->view->assign('pagerOnnClick', array('first' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ', 0,1)', 'last' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . $limitLast . ',1)', 'prev' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . ($this->view->limitStart - $this->view->limitCount) . ',1)', 'next' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . ($this->view->limitStart + $this->view->limitCount) . ',1)')); $accountLink = Session::getUserPreferences()->isAccountLink(); $topNavbar = Session::getUserPreferences()->isTopNavbar(); $optionalActions = Session::getUserPreferences()->isOptionalActions(); // Variables de configuración $this->view->assign('accountLink', is_null($accountLink) ? \SP\Config::getValue('account_link', 0) : $accountLink); $this->view->assign('topNavbar', $topNavbar); $this->view->assign('optionalActions', $optionalActions); $this->view->assign('requestEnabled', \SP\Util::mailrequestIsEnabled()); $this->view->assign('isDemoMode', \SP\Util::demoIsEnabled()); $maxTextLength = \SP\Util::resultsCardsIsEnabled() ? 40 : 60; $wikiEnabled = \SP\Util::wikiIsEnabled(); if ($wikiEnabled) { $wikiSearchUrl = \SP\Config::getValue('wiki_searchurl', false); $this->view->assign('wikiFilter', explode(',', \SP\Config::getValue('wiki_filter'))); $this->view->assign('wikiPageUrl', \SP\Config::getValue('wiki_pageurl')); } $this->setSortFields(); $objAccount = new \SP\Account(); foreach ($results as $account) { $objAccount->setAccountId($account->account_id); $objAccount->setAccountUserId($account->account_userId); $objAccount->setAccountUserGroupId($account->account_userGroupId); $objAccount->setAccountOtherUserEdit($account->account_otherUserEdit); $objAccount->setAccountOtherGroupEdit($account->account_otherGroupEdit); // Obtener los datos de la cuenta para aplicar las ACL $accountAclData = $objAccount->getAccountDataForACL(); // Establecer los permisos de acceso $accView = \SP\Acl::checkAccountAccess(self::ACTION_ACC_VIEW, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_VIEW); $accViewPass = \SP\Acl::checkAccountAccess(self::ACTION_ACC_VIEW_PASS, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_VIEW_PASS); $accEdit = \SP\Acl::checkAccountAccess(self::ACTION_ACC_EDIT, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_EDIT); $accCopy = \SP\Acl::checkAccountAccess(self::ACTION_ACC_COPY, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_COPY); $accDel = \SP\Acl::checkAccountAccess(self::ACTION_ACC_DELETE, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_DELETE); $show = $accView || $accViewPass || $accEdit || $accCopy || $accDel; // Obtenemos datos si el usuario tiene acceso a los datos de la cuenta if ($show) { $secondaryGroups = \SP\Groups::getGroupsNameForAccount($account->account_id); $secondaryUsers = UserAccounts::getUsersNameForAccount($account->account_id); $secondaryAccesses = '<em>(G) ' . $account->usergroup_name . '*</em><br>'; if ($secondaryGroups) { foreach ($secondaryGroups as $group) { $secondaryAccesses .= '<em>(G) ' . $group . '</em><br>'; } } if ($secondaryUsers) { foreach ($secondaryUsers as $user) { $secondaryAccesses .= '<em>(U) ' . $user . '</em><br>'; } } $accountNotes = ''; if ($account->account_notes) { $accountNotes = strlen($account->account_notes) > 300 ? substr($account->account_notes, 0, 300) . "..." : $account->account_notes; $accountNotes = nl2br(wordwrap(htmlspecialchars($accountNotes), 50, '<br>', true)); } } // Variable $accounts de la plantilla utilizada para obtener los datos de las cuentas $this->view->append('accounts', array('id' => $account->account_id, 'name' => $account->account_name, 'login' => \SP\Html::truncate($account->account_login, $maxTextLength), 'category_name' => $account->category_name, 'customer_name' => \SP\Html::truncate($account->customer_name, $maxTextLength), 'customer_link' => $wikiEnabled ? $wikiSearchUrl . $account->customer_name : '', 'color' => $this->pickAccountColor($account->account_customerId), 'url' => $account->account_url, 'url_short' => \SP\Html::truncate($account->account_url, $maxTextLength), 'url_islink' => preg_match("#^https?://.*#i", $account->account_url) ? true : false, 'notes' => $accountNotes, 'accesses' => isset($secondaryAccesses) ? $secondaryAccesses : '', 'numFiles' => \SP\Util::fileIsEnabled() ? $account->num_files : 0, 'show' => $show, 'showView' => $accView, 'showViewPass' => $accViewPass, 'showEdit' => $accEdit, 'showCopy' => $accCopy, 'showDel' => $accDel)); } }
SP\Response::printJSON(_('Clave maestra actualizada') . ';;' . _('Reinicie la sesión para cambiarla')); } elseif ($newMasterPass == '' && $currentMasterPass == '') { SP\Response::printJSON(_('Clave maestra no indicada')); } elseif ($confirmPassChange == 0) { SP\Response::printJSON(_('Se ha de confirmar el cambio de clave')); } if ($newMasterPass == $currentMasterPass) { SP\Response::printJSON(_('Las claves son idénticas')); } elseif ($newMasterPass != $newMasterPassR) { SP\Response::printJSON(_('Las claves maestras no coinciden')); } elseif (!SP\Crypt::checkHashPass($currentMasterPass, ConfigDB::getValue('masterPwd'), true)) { SP\Response::printJSON(_('La clave maestra actual no coincide')); } $hashMPass = SP\Crypt::mkHashPassword($newMasterPass); if (!$noAccountPassChange) { $Account = new SP\Account(); if (!$Account->updateAccountsMasterPass($currentMasterPass, $newMasterPass)) { SP\Response::printJSON(_('Errores al actualizar las claves de las cuentas')); } $AccountHistory = new SP\AccountHistory(); if (!$AccountHistory->updateAccountsMasterPass($currentMasterPass, $newMasterPass, $hashMPass)) { SP\Response::printJSON(_('Errores al actualizar las claves de las cuentas del histórico')); } if (!\SP\CustomFields::updateCustomFieldsCrypt($currentMasterPass, $newMasterPass)) { SP\Response::printJSON(_('Errores al actualizar datos de campos personalizados')); } } if (SP\Util::demoIsEnabled()) { SP\Response::printJSON(_('Ey, esto es una DEMO!!')); } // ConfigDB::readConfig();