use SP\UserPass;
use SP\UserPassRecover;
use SP\UserUtil;
define('APP_ROOT', '..');
require_once APP_ROOT . DIRECTORY_SEPARATOR . 'inc' . DIRECTORY_SEPARATOR . 'Base.php';
Request::checkReferer('POST');
if (!SP\Request::analyze('login', false)) {
return;
}
$userLogin = SP\Request::analyze('user');
$userPass = SP\Request::analyzeEncrypted('pass');
$masterPass = SP\Request::analyzeEncrypted('mpass');
if (!$userLogin || !$userPass) {
SP\Response::printJSON(_('Usuario/Clave no introducidos'));
}
$User = new SP\User();
$User->setUserLogin($userLogin);
$User->setUserPass($userPass);
if ($resLdap = SP\Auth::authUserLDAP($userLogin, $userPass)) {
$User->setUserName(SP\Auth::$userName);
$User->setUserEmail(SP\Auth::$userEmail);
}
$Log = new \SP\Log(_('Inicio sesión'));
// Autentificamos por LDAP
if ($resLdap === true) {
$Log->addDescription('(LDAP)');
$Log->addDescription(sprintf('%s: %s', _('Servidor Login'), \SP\Ldap::getLdapServer()));
// Verificamos si el usuario existe en la BBDD
if (!UserLdap::checkLDAPUserInDB($userLogin)) {
// Creamos el usuario de LDAP en MySQL
if (!\SP\UserLdap::newUserLDAP($User)) {
if (!$sk || !SessionUtil::checkSessionKey($sk)) {
SP\Response::printJSON(_('CONSULTA INVÁLIDA'));
}
// Variables POST del formulario
$actionId = SP\Request::analyze('actionId', 0);
$itemId = SP\Request::analyze('itemId', 0);
$onCloseAction = SP\Request::analyze('onCloseAction');
$activeTab = SP\Request::analyze('activeTab', 0);
$customFields = SP\Request::analyze('customfield');
// Acción al cerrar la vista
$doActionOnClose = $onCloseAction ? "sysPassUtil.Common.doAction('{$onCloseAction}','',{$activeTab});" : '';
$userLogin = UserUtil::getUserLoginById($itemId);
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDITPASS || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_DELETE) {
$isLdap = SP\Request::analyze('isLdap', 0);
$userPassR = SP\Request::analyzeEncrypted('passR');
$User = new SP\User();
$User->setUserId($itemId);
$User->setUserName(SP\Request::analyze('name'));
$User->setUserLogin(SP\Request::analyze('login'));
$User->setUserEmail(SP\Request::analyze('email'));
$User->setUserNotes(SP\Request::analyze('notes'));
$User->setUserGroupId(SP\Request::analyze('groupid', 0));
$User->setUserProfileId(SP\Request::analyze('profileid', 0));
$User->setUserIsAdminApp(SP\Request::analyze('adminapp', 0, false, 1));
$User->setUserIsAdminAcc(SP\Request::analyze('adminacc', 0, false, 1));
$User->setUserIsDisabled(SP\Request::analyze('disabled', 0, false, 1));
$User->setUserChangePass(SP\Request::analyze('changepass', 0, false, 1));
$User->setUserPass(SP\Request::analyzeEncrypted('pass'));
// Nuevo usuario o editar
if ($actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_NEW || $actionId === \SP\Controller\ActionsInterface::ACTION_USR_USERS_EDIT) {
if (!$User->getUserName() && !$isLdap) {
