Exemplo n.º 1
0
 /**
  * This is a option-less authentication. Either your login works or it doesn't.
  * Other apps implementing this interface may need to know what you're trying to do 
  * in order to make a decision; $pa_options is an associative array of User handler-specific
  * keys and values that can contain such information
  */
 public function authenticate(&$ps_username, $ps_password = "", $pa_options = null)
 {
     // if user doesn't exist, try creating it through the authentication backend, if the backend supports it
     if (strlen($ps_username) > 0 && !$this->load($ps_username)) {
         if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_AUTOCREATE_USERS__)) {
             try {
                 $va_values = AuthenticationManager::getUserInfo($ps_username, $ps_password);
             } catch (Exception $e) {
                 $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('There was an error while trying to fetch information for a new user from the current authentication backend. The message was %1 : %2', get_class($e), $e->getMessage())));
                 return false;
             }
             if (!is_array($va_values) || sizeof($va_values) < 1) {
                 return false;
             }
             // @todo: check sanity on values from plugins before inserting them?
             foreach ($va_values as $vs_k => $vs_v) {
                 if (in_array($vs_k, array('roles', 'groups'))) {
                     continue;
                 }
                 $this->set($vs_k, $vs_v);
             }
             $vn_mode = $this->getMode();
             $this->setMode(ACCESS_WRITE);
             $this->insert();
             if (!$this->getPrimaryKey()) {
                 $this->setMode($vn_mode);
                 $this->opo_log->log(array('CODE' => 'SYS', 'SOURCE' => 'ca_users/authenticate', 'MESSAGE' => _t('User could not be created after getting info from authentication adapter. API message was: %1', join(" ", $this->getErrors()))));
                 return false;
             }
             if (is_array($va_values['groups']) && sizeof($va_values['groups']) > 0) {
                 $this->addToGroups($va_values['groups']);
             }
             if (is_array($va_values['roles']) && sizeof($va_values['roles']) > 0) {
                 $this->addRoles($va_values['roles']);
             }
             if (is_array($va_values['preferences']) && sizeof($va_values['preferences']) > 0) {
                 foreach ($va_values['preferences'] as $vs_pref => $vs_pref_val) {
                     $this->setPreference($vs_pref, $vs_pref_val);
                 }
             }
             $this->update();
             // restore mode
             $this->setMode($vn_mode);
         }
     }
     if (AuthenticationManager::authenticate($ps_username, $ps_password, $pa_options)) {
         $this->load($ps_username);
         return true;
     }
     // check ips
     if (!isset($pa_options["dont_check_ips"]) || !$pa_options["dont_check_ips"]) {
         if ($vn_user_id = $this->ipAuthenticate()) {
             if ($this->load($vn_user_id)) {
                 $ps_username = $this->get("user_name");
                 return 2;
             }
         }
     }
     return false;
 }
Exemplo n.º 2
0
 public function Save()
 {
     AssetLoadManager::register('tableList');
     $t_user = $this->getUserObject();
     $this->opo_app_plugin_manager->hookBeforeUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
     $vb_send_activation_email = false;
     if ($t_user->get("user_id") && $this->request->config->get("email_user_when_account_activated") && $_REQUEST["active"] != $t_user->get("active")) {
         $vb_send_activation_email = true;
     }
     $t_user->setMode(ACCESS_WRITE);
     foreach ($t_user->getFormFields() as $vs_f => $va_field_info) {
         // dont get/set password if backend doesn't support it
         if ($vs_f == 'password' && !AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) {
             continue;
         }
         $t_user->set($vs_f, $_REQUEST[$vs_f]);
         if ($t_user->numErrors()) {
             $this->request->addActionErrors($t_user->errors(), 'field_' . $vs_f);
         }
     }
     if ($this->request->getParameter('entity_id', pInteger) == 0) {
         $t_user->set('entity_id', null);
     }
     if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_UPDATE_PASSWORDS__)) {
         if ($this->request->getParameter('password', pString) != $this->request->getParameter('password_confirm', pString)) {
             $this->request->addActionError(new ApplicationError(1050, _t("Password does not match confirmation. Please try again."), "administrate/UserController->Save()", '', false, false), 'field_password');
         }
     }
     AppNavigation::clearMenuBarCache($this->request);
     // clear menu bar cache since changes may affect content
     if ($this->request->numActionErrors() == 0) {
         if (!$t_user->getPrimaryKey()) {
             $t_user->insert();
             $vs_message = _t("Added user");
         } else {
             $t_user->update();
             $vs_message = _t("Saved changes to user");
         }
         $this->opo_app_plugin_manager->hookAfterUserSaveData(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
         if ($t_user->numErrors()) {
             foreach ($t_user->errors() as $o_e) {
                 $this->request->addActionError($o_e, 'general');
                 $this->notification->addNotification($o_e->getErrorDescription(), __NOTIFICATION_TYPE_ERROR__);
             }
         } else {
             // Save roles
             $va_set_user_roles = $this->request->getParameter('roles', pArray);
             if (!is_array($va_set_user_roles)) {
                 $va_set_user_roles = array();
             }
             $va_existing_user_roles = $t_user->getUserRoles();
             $va_role_list = $t_user->getRoleList();
             foreach ($va_role_list as $vn_role_id => $va_role_info) {
                 if ($va_existing_user_roles[$vn_role_id] && !in_array($vn_role_id, $va_set_user_roles)) {
                     // remove role
                     $t_user->removeRoles($vn_role_id);
                     continue;
                 }
                 if (!$va_existing_user_roles[$vn_role_id] && in_array($vn_role_id, $va_set_user_roles)) {
                     // add role
                     $t_user->addRoles($vn_role_id);
                     continue;
                 }
             }
             // Save groups
             $va_set_user_groups = $this->request->getParameter('groups', pArray);
             if (!is_array($va_set_user_groups)) {
                 $va_set_user_groups = array();
             }
             $va_existing_user_groups = $t_user->getUserGroups();
             $va_group_list = $t_user->getGroupList();
             foreach ($va_group_list as $vn_group_id => $va_group_info) {
                 if ($va_existing_user_groups[$vn_group_id] && !in_array($vn_group_id, $va_set_user_groups)) {
                     // remove group
                     $t_user->removeFromGroups($vn_group_id);
                     continue;
                 }
                 if (!$va_existing_user_groups[$vn_group_id] && in_array($vn_group_id, $va_set_user_groups)) {
                     // add group
                     $t_user->addToGroups($vn_group_id);
                     continue;
                 }
             }
             // Save profile prefs
             $va_profile_prefs = $t_user->getValidPreferences('profile');
             if (is_array($va_profile_prefs) && sizeof($va_profile_prefs)) {
                 $this->opo_app_plugin_manager->hookBeforeUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user));
                 $va_changed_prefs = array();
                 foreach ($va_profile_prefs as $vs_pref) {
                     if ($this->request->getParameter('pref_' . $vs_pref, pString) != $t_user->getPreference($vs_pref)) {
                         $va_changed_prefs[$vs_pref] = true;
                     }
                     $t_user->setPreference($vs_pref, $this->request->getParameter('pref_' . $vs_pref, pString));
                 }
                 $t_user->update();
                 $this->opo_app_plugin_manager->hookAfterUserSavePrefs(array('user_id' => $t_user->getPrimaryKey(), 'instance' => $t_user, 'modified_prefs' => $va_changed_prefs));
             }
             if ($vb_send_activation_email) {
                 # --- send email confirmation
                 $o_view = new View($this->request, array($this->request->getViewsDirectoryPath()));
                 # -- generate email subject line from template
                 $vs_subject_line = $o_view->render("mailTemplates/account_activation_subject.tpl");
                 # -- generate mail text from template - get both the text and the html versions
                 $vs_mail_message_text = $o_view->render("mailTemplates/account_activation.tpl");
                 $vs_mail_message_html = $o_view->render("mailTemplates/account_activation_html.tpl");
                 caSendmail($t_user->get('email'), $this->request->config->get("ca_admin_email"), $vs_subject_line, $vs_mail_message_text, $vs_mail_message_html);
             }
             $this->notification->addNotification($vs_message, __NOTIFICATION_TYPE_INFO__);
         }
     } else {
         $this->notification->addNotification(_t("Your entry has errors. See below for details."), __NOTIFICATION_TYPE_ERROR__);
     }
     if ($this->request->numActionErrors()) {
         $this->render('user_edit_html.php');
     } else {
         // success
         // If we are editing the user record of the currently logged in user
         // we have a problem: the request object flushes out changes to its own user object
         // for the logged-in user at the end of the request overwriting any changes we've made.
         //
         // To avoid this we check here to see if we're editing the currently logged-in
         // user and reload the request's copy if needed.
         if ($t_user->getPrimaryKey() == $this->request->user->getPrimaryKey()) {
             $this->request->user->load($t_user->getPrimaryKey());
         }
         $this->ListUsers();
     }
 }
Exemplo n.º 3
0
 public function DoReset()
 {
     if (!AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_RESET_PASSWORDS__)) {
         $this->Login();
         return;
     }
     $vs_token = $this->getRequest()->getParameter('token', pString);
     $vs_username = $this->getRequest()->getParameter('username', pString);
     $t_user = new ca_users();
     $vs_pw = $this->getRequest()->getParameter('password', pString);
     $vs_pw_check = $this->getRequest()->getParameter('password2', pString);
     if ($t_user->load($vs_username)) {
         if ($t_user->isValidToken($vs_token)) {
             // no password match
             if ($vs_pw !== $vs_pw_check) {
                 $this->notification->addNotification(_t("Passwords did not match. Please try again."), __NOTIFICATION_TYPE_ERROR__);
                 $this->view->setVar('notifications', $this->notification->getNotifications());
                 $this->view->setVar('renderForm', true);
                 $this->view->setVar('token', $vs_token);
                 $this->view->setVar('username', $vs_username);
                 $this->render('password_reset_form_html.php');
             } else {
                 $t_user->set('password', $vs_pw);
                 $t_user->setMode(ACCESS_WRITE);
                 $t_user->update();
                 $this->notification->addNotification(_t("Password was successfully changed. You can now log in with your new password."), __NOTIFICATION_TYPE_INFO__);
                 $this->view->setVar('notifications', $this->notification->getNotifications());
                 $this->Login();
             }
         }
     }
 }
Exemplo n.º 4
0
print caFormSubmitButton($this->request, __CA_NAV_BUTTON_LOGIN__, _t("Login"), "login", array('icon_position' => __CA_NAV_BUTTON_ICON_POS_RIGHT__));
?>
</div>
						<script type="text/javascript">
							jQuery(document).ready(function() {
								var pdfInfo = caUI.utils.getAcrobatInfo();
								jQuery("#login").append(
									"<input type='hidden' name='_screen_width' value='"+ screen.width + "'/>" +
									"<input type='hidden' name='_screen_height' value='"+ screen.height + "'/>" +
									"<input type='hidden' name='_has_pdf_plugin' value='"+ ((pdfInfo && pdfInfo['acrobat'] && (pdfInfo['acrobat'] === 'installed')) ? 1 : 0) + "'/>"
								);
							});
						</script>
					</form>
<?php 
if (AuthenticationManager::supports(__CA_AUTH_ADAPTER_FEATURE_RESET_PASSWORDS__)) {
    ?>
					<div id="forgotLink"><?php 
    print caNavLink($this->request, _t("Forgot your password?"), 'forgotLink', 'system/auth', 'forgot', '');
    ?>
</div>
<?php 
} else {
    if ($vs_adapter_account_link = AuthenticationManager::getAccountManagementLink()) {
        ?>
	<div id="forgotLink"><a href="<?php 
        print $vs_adapter_account_link;
        ?>
" target="_blank"><?php 
        print _t("Manage your account");
        ?>