/** * @param DownloadTokenModel $downloadToken * @return DownloadTokenModel */ public function create(models\ModelAbstract $downloadToken) { if (!$downloadToken instanceof DownloadTokenModel) { throw new InvalidArgumentException('Supplied data must be a download token model'); } $downloadToken->token = UserService::getInstance()->generatePassword(60); $brandService = BrandService::getInstance(); $brand = $brandService->loadByOrganization(\App::getOrgUserLogged()); $router = \Zend_Controller_Front::getInstance()->getRouter(); $downloadToken->url = $brand->endPoint . $router->assemble(array('controller' => $downloadToken->controller, 'action' => $downloadToken->action, 'token' => $downloadToken->token), 'downloadToken'); $downloadToken->orgId = \App::getOrgUserLogged()->getId(); $downloadToken->expireDatetime = \App::config('downloadTokenLifeTime', "+1 day"); $ident = \Zend_Auth::getInstance()->getIdentity(); if (isset($ident['username'])) { $downloadToken->username = $ident['username']; } if (isset($ident['authType'])) { $downloadToken->authType = $ident['authType']; } if (isset($ident['apiId'])) { $downloadToken->apiId = $ident['apiId']; } if (isset($ident['impersonation'])) { $downloadToken->impersonation = $ident['impersonation']; } return parent::create($downloadToken); }
/** * Route shutdown hook -- Check for router exceptions * * @param Zend_Controller_Request_Abstract $request */ public function dispatchLoopStartup(Zend_Controller_Request_Abstract $request) { $auth = Zend_Auth::getInstance(); $orgService = \Application\Service\OrgService::getInstance(); $identity = $auth->getIdentity(); //Bypass other auth methods if ($identity['authType'] != App_Controller_Plugin_Auth::AUTH_TYPE_AUTH_TOKEN) { return; } $front = Zend_Controller_Front::getInstance(); $bs = $front->getParam('bootstrap'); // Fetch logs and apply the token to them $multilog = $bs->getPluginResource('multiplelog'); if (empty($identity['impersonation']) || empty($identity['impersonation']['orgId'])) { return; } $orgId = $identity['impersonation']['orgId']; $userSrv = UserService::getInstance(); \App::log()->info($identity['username'] . " is running as " . $orgId . " admin"); $user = $userSrv->loadByUsername($identity['username']); $userSrv->generateImpersonatedUser($user, $identity['impersonation']); foreach ($multilog->getLogs() as $log) { $log->setEventItem('impersonated', "as {$orgId} admin"); $log->setEventItem('impersonatedOrgId', "{$orgId}"); $log->setEventItem('username', $identity['username'] . " as {$orgId} admin"); } // Application\Model\Mapper\ProtoAbstractMapper::$accountingUserId .= "_impersonated"; Application\Model\Mapper\ProtoAbstractMapper::$organizationId = $orgId; App_ListFilter::addDefaultExtraData('impersonated_org', $orgId); $org = OrgService::getInstance()->load($orgId); \App::getOrgUserLogged($org); }
public function loadCredentials($userOrId) { if (!$userOrId instanceof \Application\Model\UserModel) { $userOrId = \Application\Service\UserService::getInstance()->load($userOrId); } return $this->setCredentials($userOrId->getId(), $userOrId->getUserName(), $userOrId->getOrganizationId()); }
public function testUserChangePasswordAction() { $this->loginByUserId(App_Test_PHPUnit_Framework_TestCase::PROVIDER_COMMERCIAL_USER_ID); $userId = App_Test_PHPUnit_Framework_TestCase::CUSTOMER_USER_ID; $this->post(self::NS . '/reset-password', array(), array('userId' => $userId)); $this->assertResponseCode("200"); // Reset password action sets user status to pending // Undo it to avoid breaking next tests... $user = \Application\Service\UserService::getInstance()->load($userId); $user->setStatus(\Application\Model\UserModel::USER_STATUS_ACTIVATED); $user->save(); }
public function setUp() { $this->_org = new OrgMasterModel(array('name' => 'ORG_TEST' . microtime(true), 'description' => 'Description', 'status' => \Application\Model\OrgModelAbstract::ORG_STATUS_ACTIVATED, 'type' => OrgMasterModel::ORG_TYPE, 'defaultLanguage' => "es", 'primaryContact' => array('firstName' => 'pcfn', 'lastName' => 'pcln', 'phone' => '933453212', 'email' => '*****@*****.**', 'mobile' => '665348765', 'fax' => '933453232'), 'companyAddress' => array('line1' => 'line1', 'line2' => 'line2', 'city' => 'Barcelona', 'state' => 'Catalunya', 'country' => "ES", 'postalCode' => '08005'), 'customFieldName1' => 'a', 'customFieldName2' => 'b', 'customFieldName3' => 'c', 'customFieldName4' => 'd')); //Delete org if exist by name $org = OrgMasterMapper::getInstance()->findOneByName($this->_org->getName()); if ($org) { $org->delete(); } $this->_org->save(); $this->_user = new UserModel(array('userName' => 'userservicetest', 'password' => 'testing1234', 'email' => '*****@*****.**', 'firstName' => 'Tester', 'lastName' => 'Testal', 'phone' => '+34654654654', 'organizationId' => $this->_org->getId(), 'country' => "ES", 'language' => "es", 'timezone' => 'Europe/Madrid', 'role' => 'user', 'status' => 'pending', 'domains' => array('Domain Test 1', 'Domain Test 2'), 'monetaryDataAccess' => true)); $this->_service = UserService::getInstance(); self::initAuthUser(self::PROVIDER_COMMERCIAL_USER_ID); }
/** * Validate element value * * @param array $data * @param mixed $context * @return boolean */ public function isValid($data, $context = null, $removeNotPresentFields = false) { if ($context && isset($context['id'])) { $this->_userId = $context['id']; } //This validation is only for service provider users $user = UserService::getInstance()->load($this->_userId); if ($user->getOrgType() !== Application\Model\Organization\OrgServiceProviderModel::ORG_TYPE) { return true; } $encriptedPassword = sha1($data); return parent::isValid($encriptedPassword, $context, $removeNotPresentFields); }
/** * @param string $message * @param array|object $resource * @param null|string|Default_Model_User $user */ public function direct($message, $resource, $user = null) { /** @var $log Zend_Log */ $boot = $this->getFrontController()->getParam('bootstrap'); $multilog = $boot->getPluginResource('multiplelog'); $log = $multilog->getLog('audit'); // Assign username if (NULL === $user) { $ident = Zend_Auth::getInstance()->getIdentity(); $user = new UserModel(array('userName' => $ident['username'])); //Impersonation if (isset($ident['impersonation']) && isset($ident['impersonation'])) { UserService::getInstance()->generateImpersonatedUser($user, $ident['impersonation']); } } else { if (!$user instanceof UserModel) { $user = new UserModel(array('userName' => $user)); } } $log->setEventItem('username', $user->userName); if ($user->isImpersonating()) { $log->setEventItem('impersonated', "as " . $user->impersonatingOrgId . " admin"); } // Set the origin flag indicating an external API call if (!empty(\Application\Model\Mapper\OrganizationMapper::$accountingTransactionPrefix) && \Application\Model\Mapper\OrganizationMapper::$accountingTransactionPrefix == 'externalAuth') { $log->setEventItem('origin', 'external'); } else { $log->setEventItem('origin', 'portal'); } // Convert single resources to arrays if (!is_array($resource)) { $resource = array($resource); } // For each given resource log the action foreach ($resource as $res) { $log->setEventItem('resource', (string) $res); $log->audit($message); } }
public function init() { $this->_userSrv = \Application\Service\UserService::getInstance(); $this->_orgSrv = \Application\Service\OrgService::getInstance(); }
/** * Return an Instance of the user logged * * @return \Application\Model\CurrentUserModel */ public static function getUserLogged($setUser = NULL, $reset = false) { static $user; if ($reset) { $user = null; } if (NULL !== $setUser) { if (!$setUser instanceof CurrentUserModel) { $setUser = UserService::getInstance()->generateCurrentUser($setUser); } $user = $setUser; } if (empty($user)) { $user = UserService::getInstance()->generateCurrentUser(); } return $user; }
public function delete($orgOrId) { if (!isset($orgOrId) && !strlen($orgOrId)) { throw new InvalidArgumentException('function param cannot be null'); } if (!$orgOrId instanceof \Application\Model\OrgModelAbstract) { $org = $this->load($orgOrId); } else { $org = $orgOrId; } $validator = new \Application\Model\Validate\Organization\CustomerIsErasable(); if (!$validator->isValid($org)) { throw new ValidateException("customer {$orgOrId} is not erasable", array('validationErrors' => $validator->getMessages())); } $type = $this->getChildrenTypeByOrg($org); $filterListOrgService = $this->buildFilterList(array('type' => $type, \Application\Model\Filter\OrgFilterFields::PARENT_ID => $org->getId())); if ($org->getType() != OrgAggregatorModel::ORG_TYPE) { $list = $this->listAll($type, array('filterList' => $filterListOrgService)); $items = $list->getItems(); if (count($items) > 0) { throw new InvalidArgumentException('The organization has ChildOrgs and can not be deleted'); } } $templateService = TemplateService::getInstance(); $userService = UserService::getInstance(); $APPIdService = APIIdService::getInstance(); $this->deleteOrgElements($org, $templateService); $this->deleteOrgElements($org, $userService); $this->deleteOrgElements($org, $APPIdService); $mapper = $this->getMapperByType($this->getTypeById($org->getId())); $result = $mapper->delete($org->getId()); WatcherService::getInstance()->removeByScope('organization', $org->id); \App::audit('The organization with Id ' . $org->getId() . "has been deleted", $org); $this->_sendEvent('delete', $org); return $result; }
public function init() { $this->_userSrv = UserService::getInstance(); $this->_orgSrv = OrgService::getInstance(); $this->_presetModelValues = array_merge(array('organizationId' => App::getOrgUserLogged()->id), $this->_presetModelValues); }
public function init() { $this->_userSrv = UserService::getInstance(); }
protected function _checkUserPassword($user) { $now = time(); $last = $user->getLastPasswordChange(); $type = OrgService::getInstance()->getTypeById($user->getOrganizationId()); // Check depends on user organization type if ($last && in_array($type, self::$_lastPasswordInactivity['orgTypes']) && $now - $last > self::$_lastPasswordInactivity['interval']) { // Inject change password token $passwordToken = UserService::getInstance()->generateAndSaveLostPasswordToken($user); $this->getResponse()->setHeader('X-M2M-PasswordExpiredToken', $passwordToken->getToken(), true); // Stop auth process throw new \Application\Exceptions\ForbiddenException("User password has expired", PermissionCodes::AUTH_PASSWORD_HAS_EXPIRED); } }
public function loginByUserName($userName, $authType = null) { $user = \Application\Service\UserService::getInstance()->loadByUsername($userName); \App_Test_PHPUnit_Framework_TestCase::initAuthUser($user, $authType); }
public function setUp() { $this->_validateCollection = new Validate\UserPasswordValidate(); $ident = Zend_Auth::getInstance()->getIdentity(); $this->_user = \Application\Service\UserService::getInstance()->load($ident['id']); }
/** * Called before Zend_Controller_Front exits its dispatch loop. * * @return void */ public function dispatchLoopShutdown() { if (!Zend_Session::sessionExists() || !Zend_Auth::getInstance()->hasIdentity()) { return; } $ident = Zend_Auth::getInstance()->getIdentity(); // Session management by auth type $isTemporalLogin = in_array($ident['authType'], array(self::AUTH_TYPE_REGULAR, self::AUTH_TYPE_CORE, self::AUTH_TYPE_ACTIVATION_TOKEN, self::AUTH_TYPE_LOST_PASSWORD_TOKEN, self::AUTH_TYPE_PASSWORD_EXPIRED_TOKEN)); $isVaporLogin = in_array($ident['authType'], array(self::AUTH_TYPE_LOST_PASSWORD, self::AUTH_TYPE_ASYNC, self::AUTH_TYPE_EXTERNAL, self::AUTH_TYPE_DOWNLOAD_TOKEN, self::AUTH_TYPE_THIRD_PARTY)); /* * When request has used a vapor login or a failed temporal login we regenerate session. * But if request is a success temporal login we add auth token header */ if ($isVaporLogin) { // Destroy the session Zend_Session::destroy(); $this->getResponse()->clearHeader('X-Csrf-Token'); $_SESSION = array(); } else { if ($isTemporalLogin) { if ($this->getResponse()->isException()) { // Destroy the identity Zend_Auth::getInstance()->clearIdentity(); // Regenerate a new session if (!Zend_Session::isRegenerated()) { Zend_Session::regenerateId(); } } else { if (!empty($ident['id'])) { // Regenerate session $this->getResponse()->setHeader('X-M2M-AuthToken', $ident['token'], true); // Save last user access $user = UserService::getInstance()->load($ident['id']); $user->setLastLogin(time()); $user->save(); // Add user language (UX requirement) $this->getResponse()->setHeader('X-M2M-UserLanguage', $user->getLanguage(), true); } } } } }
* @var MongoCollection */ $db = $cli->getResource('mongo'); $config = $cli->getConfig('resources.inactivity.lastLogin'); $regex = new MongoRegex("/^(" . implode('|', $config['orgTypes']) . ").+/i"); $time = time() - $config['interval']; $cursor = $db->user->find(array("organizationId" => $regex, "lastLogin" => array('$lt' => new \MongoDate($time)), "status" => 'activated', "deleted" => array('$exists' => false))); $count = 0; foreach ($cursor as $data) { try { //echo json_encode($data) . "\n"; $user = \Application\Service\UserService::getInstance()->load($data['_id']); // Prepare request App_Controller_Plugin_TrackingToken::generateToken($user->getUserName(), $user->getOrganizationId()); $org = \Application\Service\OrgService::getInstance()->load($user->getOrganizationId()); App::getOrgUserLogged($org); // Send request \Application\Service\UserService::getInstance()->blockDueToInactivity($user); $count++; } catch (Exception $e) { echo "Error with user " . $data['_id'] . ": " . $e->getMessage(); } } echo "{$count} inactive users successfully blocked \n"; } catch (Exception $e) { echo 'AN ERROR HAS OCCURRED:' . PHP_EOL; echo $e->getMessage() . PHP_EOL; exit(1); } // generally speaking, this script will be run from the command line exit(0);