function __construct($pdo) { $this->pdo = $pdo; $sm = new SecurityManager(); $sm->denyAll(); $sm->allow(SecurityManager::SECURITY_MANAGER_MASK_ADMIN); $sm->checkSecurity(); }
public static function instance() { if (self::$sm == null) { self::$sm = new SecurityManager(); } return self::$sm; }
/** * Forgot administrator password action * * @return void */ public function execute() { $email = (string) $this->getRequest()->getParam('email'); $params = $this->getRequest()->getParams(); if (!empty($email) && !empty($params)) { // Validate received data to be an email address if (\Zend_Validate::is($email, 'EmailAddress')) { try { $this->securityManager->performSecurityCheck(\Magento\Security\Model\PasswordResetRequestEvent::ADMIN_PASSWORD_RESET_REQUEST, $email); } catch (\Magento\Framework\Exception\SecurityViolationException $exception) { $this->messageManager->addErrorMessage($exception->getMessage()); $resultRedirect = $this->resultRedirectFactory->create(); return $resultRedirect->setPath('admin'); } $collection = $this->_objectManager->get('Magento\\User\\Model\\ResourceModel\\User\\Collection'); /** @var $collection \Magento\User\Model\ResourceModel\User\Collection */ $collection->addFieldToFilter('email', $email); $collection->load(false); if ($collection->getSize() > 0) { foreach ($collection as $item) { /** @var \Magento\User\Model\User $user */ $user = $this->_userFactory->create()->load($item->getId()); if ($user->getId()) { $newPassResetToken = $this->_objectManager->get('Magento\\User\\Helper\\Data')->generateResetPasswordLinkToken(); $user->changeResetPasswordLinkToken($newPassResetToken); $user->save(); $user->sendPasswordResetConfirmationEmail(); } break; } } // @codingStandardsIgnoreStart $this->messageManager->addSuccess(__('We\'ll email you a link to reset your password.')); // @codingStandardsIgnoreEnd $this->getResponse()->setRedirect($this->_objectManager->get('Magento\\Backend\\Helper\\Data')->getHomePageUrl()); return; } else { $this->messageManager->addError(__('Please correct this email address:')); } } elseif (!empty($params)) { $this->messageManager->addError(__('Please enter an email address.')); } $this->_view->loadLayout(); $this->_view->renderLayout(); }
/** * Check if the currently logged-in user has a certain privilege on a * node. * * @param string $node The full nodename of the node for which to check * access privileges. (modulename.nodename notation). * @param string $privilege The privilege to check (atkaction). * * @return bool True if the user has the privilege, false if not. */ public function allowed($node, $privilege) { if (isset($this->m_resultallowed['all'])) { return $this->m_resultallowed['all']; } if (isset($this->m_resultallowed[$node . '.' . $privilege])) { return $this->m_resultallowed[$node . '.' . $privilege]; } return parent::allowed($node, $privilege); }
public function loginEvent($runData) { $pl = $runData->getParameterList(); $uname = $pl->getParameterValue("name"); $upass = $pl->getParameterValue("password"); $userId = $pl->getParameterValue("welcome"); $keepLogged = $pl->getParameterValue("keepLogged"); $bindIP = $pl->getParameterValue("bindIP"); // decrypt! woooohhooooo!!!!!!!! $seed = $runData->sessionGet("login_seed"); if ($seed == null) { throw new ProcessException(_("You have been inactive quite long while trying to log in and your session data have expired. Please try to click 'log in' once again."), "no_seed"); } $uname = CryptUtils::rsaDecrypt($uname); $upass = CryptUtils::rsaDecrypt($upass); // remove seed if (preg_match('/^' . $seed . '/', $uname) == 0 || preg_match('/^' . $seed . '/', $upass) == 0) { EventLogger::instance()->logFailedLogin($uname); throw new ProcessException(_("The user and password do not match."), "login_invalid"); } $uname = preg_replace('/^' . $seed . '/', '', $uname); $upass = preg_replace('/^' . $seed . '/', '', $upass); if ($userId && is_numeric($userId) && $userId > 0) { $user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId); if ($user && $user->getPassword() !== md5($upass)) { $user = null; } } else { $user = SecurityManager::authenticateUser($uname, $upass); } if ($user == null) { EventLogger::instance()->logFailedLogin($uname); throw new ProcessException(_("The login and password do not match."), "login_invalid"); } $runData->resetSession(); $session = $runData->getSession(); $session->setUserId($user->getUserId()); // set other parameters $session->setStarted(new ODate()); $session->setLastAccessed(new ODate()); $user->setLastLogin(new ODate()); $user->save(); if ($keepLogged) { $session->setInfinite(true); } if ($bindIP) { $session->setCheckIp(true); } setcookie("welcome", $user->getUserId(), time() + 10000000, "/", GlobalProperties::$SESSION_COOKIE_DOMAIN); // log event EventLogger::instance()->logLogin(); }
/** * @param mixed $object * @param IMetaData $metaData * @param String $params * @throws EyeException * @throws EyeErrorException */ public function storeMeta($object, IMetaData $metaData = null, $params) { if (!$object instanceof EyeSysFile) { throw new EyeInvalidArgumentException('$object must be an EyeSysFile.'); } $urlParts = $object->getURLComponents(); $meta = $this->retrieveMeta($object, $params); SecurityManager::getInstance()->checkPermission($metaData, new MetaDataPermission('write', $meta, $object)); //{ // TODO: store metadata into database //} }
} if (!isset($stateObj)) { include_once SITE_CLASS_APPLICATION . "class.State.php"; $stateObj = new State(); } if (!isset($cntstObj)) { include_once SITE_CLASS_GEN . "class.countrystate.php"; $cntstObj = new CountryState(); } if (!isset($bnkObj)) { include_once SITE_CLASS_APPLICATION . "class.BankMaster.php"; $bnkObj = new BankMaster(); } if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'class.SecurityManager.php'; $secManObj = new SecurityManager(); } if (!isset($userActionObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.UserActionVerification.php'; $userActionObj = new UserActionVerification(); } if (!isset($emailObj)) { include_once SITE_CLASS_APPLICATION . 'class.EmailTemplate.php'; $emailObj = new EmailTemplate(); } if (!isset($sendMail)) { include SITE_CLASS_GEN . "class.sendmail.php"; $sendMail = new SendPHPMail(); } if (!isset($orgObj)) { require_once SITE_CLASS_APPLICATION . "organization/class.Organization.php";
include S_SECTIONS . "/member/memberaccess.php"; if (!isset($orgObj)) { require_once SITE_CLASS_APPLICATION . "organization/class.Organization.php"; $orgObj = new Organization(); } if (!isset($orgAssocObj)) { require_once SITE_CLASS_APPLICATION . "organization/class.OrganizationAssociation.php"; $orgAssocObj = new OrganizationAssociation(); } if (!isset($orgAssocVerifyObj)) { include_once SITE_CLASS_APPLICATION . "organization/class.OrganizationAssociationToVerify.php"; $orgAssocVerifyObj = new OrganizationAssociationToVerify(); } if (!isset($secManObj)) { require_once SITE_CLASS_APPLICATION . "{$usersec}/class.SecurityManager.php"; $secManObj = new SecurityManager(); } if (!isset($userActionObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.UserActionVerification.php'; $userActionObj = new UserActionVerification(); } if (!isset($emailObj)) { include_once SITE_CLASS_APPLICATION . 'class.EmailTemplate.php'; $emailObj = new EmailTemplate(); } if (!isset($sendMail)) { include_once SITE_CLASS_GEN . "class.sendmail.php"; $sendMail = new SendPHPMail(); } if (!isset($orgUsrObj)) { require_once SITE_CLASS_APPLICATION . "user/class.OrganizationUser.php";
public function processRequest(MMapRequest $request, MMapResponse $response, AppExecutionContext $appContext = null) { $status = ob_get_status(); $response->getHeaders()->append('Content-type:text/javascript'); if (isset($status['name']) && $status['name'] != 'ob_gzhandler') { ob_start("ob_gzhandler"); } try { MMapManager::startSession(); if (!$appContext instanceof AppExecutionContext) { $appContext = new AppExecutionContext(); $appContext->initFromRequest($request); } $appDesc = $appContext->getApplicationDescriptor(); // Check if the session has expired only if the application we want to execute is not "init" nor "logout" // FIXME: Not sure this way for checking session is the best here (maybe a flag in the metadata instead?) if ($appDesc->getName() != 'init' && $appDesc->getName() != 'logout') { MMapManager::checkSessionExpiration(); } // Restore parent process if available try { $checknum = (int) $request->getGET('checknum'); $procFather = ProcManager::getInstance()->getProcessByChecknum($checknum); ProcManager::getInstance()->setCurrentProcess($procFather); // Access control is based on current user, contained in the login context of // the current process, so we can only perform security checks when a process // is active. // In case no login context is defined, we can be sure that almost nothing unsafe // will be done, because this element is required in most of the operations. if ($procFather->getLoginContext() !== null) { SecurityManager::getInstance()->checkExecute($appDesc); } } catch (EyeProcException $e) { } // Start process (PHP) $this->startProcess($appContext); // Append necessary scripts and execute JS code (actually, only append it to the $response body) $appDesc->executeJavascript($appContext, $response); } catch (Exception $e) { self::$Logger->error('Uncaught exception while processing request: ' . $request); self::$Logger->error('Exception message: ' . $e->getMessage()); if (self::$Logger->isDebugEnabled()) { self::$Logger->debug(ExceptionStackUtil::getStackTrace($e, false)); } // Special processing on session expiration if ($e instanceof EyeSessionExpiredException) { $controlMessageBodyRenderer = new ControlMessageBodyRenderer(ControlMessageBodyRenderer::TYPE_SESSION_EXPIRED); } else { // Remove incomplete process $proc = $appContext->getProcess(); if ($proc instanceof Process) { try { ProcManager::getInstance()->kill($proc); } catch (Exception $e) { self::$Logger->error('Cannot kill incomplete process: ' . $proc); self::$Logger->error('Exception message: ' . $e->getMessage()); } } $controlMessageBodyRenderer = new ControlMessageBodyRenderer(ControlMessageBodyRenderer::TYPE_EXCEPTION, $e); } // When using qx.io.ScriptLoader on the JS side, no callback proxy is available // to intercept control messages, so we're using a little workaround here by // calling directly eyeos._callbackProxyWithContent() with the exception summary // in argument. $responseContent = $controlMessageBodyRenderer->getRenderedBody(); $response->setBody('eyeos._callbackProxyWithContent(null, null, null, ' . $responseContent . ');'); } $this->handleClientMessageQueue($response); }
public function doCheck($object, IPermission $perm, LoginContext $context = null) { if (SecurityManager::$Logger->isDebugEnabled()) { SecurityManager::$Logger->debug('Preparing to check permission with login context:'); SecurityManager::$Logger->debug(print_r($context, true)); } // A little "hack" here to avoid any lock to the root user due to configuration problem // in the next steps (= even without any configuration or with a broken configuration file, // the root will always have all the permissions on everything) $eyeosUser = null; try { $eyeosUser = $context->getEyeosUser(); if ($eyeosUser->getName() === 'root') { if (SecurityManager::$Logger->isInfoEnabled()) { SecurityManager::$Logger->info('Root user found in login context: bypassing any further security check for requested permission ' . $perm . '.'); } return; } } catch (EyeNullPointerException $e) { } $configuration = PolicyConfiguration::getConfiguration(); // Browse policy entries until we find one that matches the class of our object foreach ($configuration->getPolicyEntries() as $policyEntry) { $objectClass = $policyEntry->getObjectClass(); if ($object instanceof $objectClass) { // Check permission using each handler defined for this entry foreach ($policyEntry->getHandlerEntries() as $handlerEntry) { try { $handler = SecurityManager::getNewHandlerInstance($handlerEntry->getHandlerClass(), $handlerEntry->getParams()); try { $status = $handler->checkPermission($object, $perm, $context); // SUCCESS (access granted byt the current handler) if ($status === true) { if ($handlerEntry->getFlag() == PolicyHandlerEntry::FLAG_SUFFICIENT) { if ($this->firstRequiredError === null) { return; } } $this->success = true; } else { if (SecurityManager::$Logger->isInfoEnabled()) { $failureExceptionMessage = '(none available)'; if ($handler->getFailureException() !== null) { $failureExceptionMessage = $handler->getFailureException()->getMessage(); } SecurityManager::$Logger->debug($handlerEntry->getHandlerClass() . ' failure message: ' . $failureExceptionMessage); } } } catch (EyeSecurityException $e) { if ($handlerEntry->getFlag() == PolicyHandlerEntry::FLAG_REQUISITE) { if (SecurityManager::$Logger->isInfoEnabled()) { SecurityManager::$Logger->info('Requested permission ' . $perm . ' denied object of class ' . get_class($object) . ' (REQUISITE handler ' . $handlerEntry->getHandlerClass() . ' failed).'); SecurityManager::$Logger->info($e->getMessage()); } $this->throwException($this->firstRequiredError, $e); } else { if ($handlerEntry->getFlag() == PolicyHandlerEntry::FLAG_REQUIRED) { if ($this->firstRequiredError === null) { $this->firstRequiredError = $e; } } else { if ($this->firstError === null) { $this->firstError = $e; } } } } } catch (EyeException $e) { $this->throwException(null, $e); } } if ($this->firstRequiredError !== null) { // A required handler failed if (SecurityManager::$Logger->isInfoEnabled()) { SecurityManager::$Logger->info('Requested permission ' . $perm . ' denied on object of class ' . get_class($object) . ' (a REQUIRED handler failed).'); SecurityManager::$Logger->info($this->firstRequiredError->getMessage()); } $this->throwException($this->firstRequiredError, null); } else { if (!$this->success && $this->firstError !== null) { // No handler succeeded: return the first error if (SecurityManager::$Logger->isInfoEnabled()) { SecurityManager::$Logger->info('Requested permission ' . $perm . ' denied on object of class ' . get_class($object) . '.'); SecurityManager::$Logger->info($this->firstError->getMessage()); } $this->throwException($this->firstError, null); } else { if (!$this->success) { // All handlers returned FALSE (= they could not perform permission checks for any reason) SecurityManager::$Logger->warn('All SecurityHandlers have been ignored for object of class ' . get_class($object) . '.'); $this->throwException(new EyeSecurityException('Permission check failure: all handlers ignored on object of class "' . $objectClass . '".'), null); } else { if (SecurityManager::$Logger->isDebugEnabled()) { SecurityManager::$Logger->debug('Permission ' . $perm . ' granted on object of class ' . get_class($object) . '.'); } return; } } } } } // No matching policy entry has been found for given $object: report it in the log and allow access if (!$this->success) { SecurityManager::$Logger->warn('No matching policy entry for object of class ' . get_class($object) . ' has been found.'); } }
<?php include S_SECTIONS . "/member/memberaccess.php"; //sendmail class incude include SITE_CLASS_GEN . "class.sendmail.php"; //initialization of senmail class object $sendMail = new SendPHPMail(); if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'class.SecurityManager.php'; $secManObj = new SecurityManager(); } if (!isset($orgUserObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.OrganizationUser.php'; $orgUserObj = new OrganizationUser(); } if (!isset($userToVerifyObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.OrganizationUserToverify.php'; $userToVerifyObj = new OrganizationUserToverify(); } if (!isset($emailObj)) { include_once SITE_CLASS_APPLICATION . 'class.EmailTemplate.php'; $emailObj = new EmailTemplate(); } $Data = PostVar("Data"); if (!isset($Data['eEmailNotification'])) { $Data['eEmailNotification'] = 'No'; } $Data['vPhone'] = $_POST['vPhoneCode'] . "-" . $Data['vPhone']; $Data['vMobile'] = $_POST['vMobileCode'] . "-" . $Data['vMobile']; //prints($Data);exit; if (count($emailArr) > 0) {
<?php /** * Action File For Admin change password * * @package addadminchangepassword_a.php * @Section general * @author Andrew Dev */ //sendmail class incude include SITE_CLASS_GEN . "class.sendmail.php"; $sendMail = new SendPHPMail(); if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'securitymanager/class.SecurityManager.php'; $secManObj = new SecurityManager(); } $gdbobj->getRequestVars(); //prints($_POST);exit; $password = md5(PostVar('vPassword')); $Data['vPassword'] = $password; $iSMID = PostVar("iSMID"); $arr = $secManObj->select($iSMID); $secManObj->setAllVar($arr); $secManObj->setAllVar($Data); $where = "iSMID = '" . $iSMID . "'"; $res = $secManObj->update($where); if ($res) { $NAME = $arr[0]['vFirstName'] . " " . $arr[0]['vLastName']; //set the valuse of the body of email format $body_arr = array("#NAME#", "#PASSWORD#", "#MAIL_FOOTER#", "#SITE_URL#"); $post_arr = array($NAME, PostVar('vPassword'), $MAIL_FOOTER, SITE_URL_DUM);
/** * @param mixed $object * @param IMetaData $metaData * @param String $params * @throws EyeException * @throws EyeErrorException */ public function storeMeta($object, IMetaData $metaData = null, $params) { if (!$object instanceof EyeosUser) { throw new EyeInvalidArgumentException('$object must be an EyeosUser.'); } $meta = $this->retrieveMeta($object, $params); SecurityManager::getInstance()->checkPermission($meta, new MetaDataPermission('write', $metaData, $object)); $filepath = $this->getUserSettingsPath($object); $dir = dirname($filepath); if (!is_dir($dir)) { if (!mkdir($dir, 0777, true)) { throw new EyeIOException('Unable to create necessary directories for meta file ' . $filepath . '.'); } } $provider = new SimpleXMLMetaProvider((string) $params, array(SimpleXMLMetaProvider::PARAM_FILEPATH => $filepath, SimpleXMLMetaProvider::PARAM_FORMATOUTPUT => true)); $provider->storeMeta(null, $metaData); }
<?php include S_SECTIONS . "/member/memberaccess.php"; if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'class.SecurityManager.php'; $secManObj = new SecurityManager(); } $order = $_POST['order']; $Data['tDashboard'] = $order; $secManObj->setAllVar($Data); $where = " iSMID = '" . $_SESSION['SESS_' . PRJ_CONST_PREFIX . '_ID'] . "'"; $res = $secManObj->updateData($Data, $where); exit;
include S_SECTIONS . "/member/memberaccess.php"; if (!isset($orgObj)) { include_once SITE_CLASS_APPLICATION . "organization/class.Organization.php"; $orgObj = new Organization(); } if (!isset($orgUserPermObj)) { include_once SITE_CLASS_APPLICATION . "user/class.OrganizationUserPermission.php"; $orgUserPermObj = new OrganizationUserPermission(); } if (!isset($orgUserPermVerifyObj)) { include_once SITE_CLASS_APPLICATION . "user/class.OrganizationUserPermissionToVerify.php"; $orgUserPermVerifyObj = new OrganizationUserPermissionToVerify(); } if (!isset($secManObj)) { require_once SITE_CLASS_APPLICATION . "securitymanager/class.SecurityManager.php"; $secManObj = new SecurityManager(); } if (!isset($orgUsrObj)) { require_once SITE_CLASS_APPLICATION . "user/class.OrganizationUser.php"; $orgUsrObj = new OrganizationUser(); } if (!isset($userToVerifyObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.OrganizationUserToverify.php'; $userToVerifyObj = new OrganizationUserToverify(); } if (!isset($userActionObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.UserActionVerification.php'; $userActionObj = new UserActionVerification(); } if (!isset($emailObj)) { include_once SITE_CLASS_APPLICATION . 'class.EmailTemplate.php';
private function updateUserWorkgroupAssignation_private(IUserWorkgroupAssignation $assignation) { SecurityManager::getInstance()->checkPermission($assignation, new SimplePermission('', array('update'))); try { $this->eyeosDAO->update($assignation); } catch (Exception $e) { //{ //TODO: rollback //} throw new EyeUMException('Unable to update user/workgroup assignation between user ID "' . $assignation->getUserId() . '" and workgroup ID "' . $assignation->getWorkgroupId() . '".', 0, $e); } }
public function checkGuard(Object $object) { if (!SecurityManager::checkPermission($this)) { throw new SecurityException("Access denied by System Security Manager"); } }
public static function extractDomainObjectFromRequest($request, $table, $param = null, $doSecurity = false) { if ($param == null) { $param = $table . "Id"; $param[0] = strtolower($param[0]); } self::requireParam($request, $param); $obj = Doctrine::getTable($table)->find($request->getParameter($param)); if ($obj) { if ($doSecurity && !SecurityManager::verify($obj)) { if (sfContext::getInstance()->getUser()->isAuthenticated()) { throw new Exception("User tried to access a {$table} that doesnt belong to it! userId=" . sfContext::getInstance()->getUser()->getId()); } else { sfContext::getInstance()->getController()->redirect("login/index"); } } return $obj; } else { throw new Exception("Could not find {$table} with id=" . $request->getParameter($param)); } }
$ogGalleryManager->fEditorID = $oUser->getID(); // bringing up if (!$ogGalleryManager->initialize()) { _throw("FNoGalleryTables", "There is no gallery and images tables present in DB"); } // security managers initialization (for current FA and 'global' for entire site) if ($fusebox['mode'] == "development" || $oUser->isDev()) { $oSecurityManager = new SecurityManager($oDB, $oUser, $oFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_LOOSE, true); $ogSecurityManager = new SecurityManager($oDB, $oUser, $ogFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_LOOSE, true); } else { if ($fusebox['globalSecurityMode'] == "STRICT") { $oSecurityManager = new SecurityManager($oDB, $oUser, $oFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_STRICT, false); $ogSecurityManager = new SecurityManager($oDB, $oUser, $ogFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_STRICT, false); } elseif ($fusebox['globalSecurityMode'] == "LOOSE") { $oSecurityManager = new SecurityManager($oDB, $oUser, $oFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_LOOSE, false); $ogSecurityManager = new SecurityManager($oDB, $oUser, $ogFuseaction, $fusebox['tableSecurity'], $fusebox['tableGroups'], $fusebox['tableUsersGroups'], $fusebox['defaultGroup'], SECURITYMODE_LOOSE, false); } else { _throw("FUncertainSecurityMode", "Security mode is uncertain"); } } if (!$oSecurityManager->initialize() || !$ogSecurityManager->initialize()) { _throw("FNoSecurityTables", "There are no security tables \"{$fusebox['tableGroups']}\" and/or \"{$fusebox['tableSecurity']}\" present in DB"); } // checking that default user group exists and add it if needed if (!$oSecurityManager->checkGroup($fusebox['defaultGroup'])) { $tmpoGroup = new Group(0, $fusebox['defaultGroup']); if ($oSecurityManager->addGroup($tmpoGroup)) { unset($tmpoGroup); } else { _throw("FCannotAddDefaultGroup", "Cannot add default security group"); }
function remove($id) { $sm = new SecurityManager(); $sm->denyAll(); $sm->allow(SecurityManager::SECURITY_MANAGER_MASK_ADMIN); $sm->checkSecurity(); if ($id == -1) { throw new SecuritySevereException("Could not delete the SuperAdmin"); } $sth = $this->pdo->prepare("UPDATE users SET active = 0 WHERE id = ?"); $res = $sth->execute(array($id)); if ($res == 0) { throw new Exception("Impossible de supprimer cet utilisateur."); } if (isset($_REQUEST["origin"])) { header('Location: ' . $_REQUEST["origin"]); } else { header('Location: ' . '/monitoring/?v=dashboard&cat=users'); } }
/** * @param mixed $object * @param IMetaData $metaData * @param String $params * @throws EyeException * @throws EyeErrorException */ public function storeMeta($object, IMetaData $metaData = null, $params) { if (!$object instanceof EyeUserFile) { throw new EyeInvalidArgumentException('$object must be an EyeUserFile.'); } $meta = $this->retrieveMeta($object, $params); SecurityManager::getInstance()->checkPermission($metaData, new MetaDataPermission('write', $meta, $object)); $urlParts = $object->getURLComponents(); if ($urlParts['path'] == '/') { $filepath = $this->getUserMetaFilesPath($urlParts['principalname']) . '/' . USERS_FILES_DIR . USERS_METAFILES_EXTENSION; } else { $filepath = $this->getUserMetaFilesPath($urlParts['principalname']) . '/' . USERS_FILES_DIR . $urlParts['path'] . USERS_METAFILES_EXTENSION; } $dir = dirname($filepath); if (!is_dir($dir)) { if (!mkdir($dir, 0777, true)) { throw new EyeIOException('Unable to create necessary directories for meta file ' . $filepath . '.'); } } $provider = new SimpleXMLMetaProvider((string) $params, array(SimpleXMLMetaProvider::PARAM_FILEPATH => $filepath)); $provider->storeMeta(null, $metaData); }
<?php /** * Add/Update File For Security Manager * @package addsecuritymanager.inc.php * @Section security_manager */ if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'securitymanager/class.SecurityManager.php'; $secManObj = new SecurityManager(); } $gdbobj->getRequestVars(); if (!isset($adminUserObj)) { include_once SITE_CLASS_APPLICATION . 'class.AdminUser.php'; $adminUserObj = new AdminUser(); } if (!isset($countryObj)) { include_once SITE_CLASS_APPLICATION . "class.Country.php"; $countryObj = new Country(); } if (!isset($stateObj)) { include_once SITE_CLASS_APPLICATION . "class.State.php"; $stateObj = new State(); } if (!isset($cntstObj)) { include_once SITE_CLASS_GEN . "class.countrystate.php"; $cntstObj = new CountryState(); } $view = GetVar("view"); $iSMID = GetVar("iSMID"); $file = GetVar("file");
public function updateCollaboratorPermission(IShareable $object, AbstractEyeosPrincipal $collaborator, IPermission $permission) { try { if ($object->getId() === null) { throw new EyeNullPointerException('$object ID cannot be null.'); } $handlerClassName = null; foreach (self::getAllShareableObjectsHandlers() as $handler) { if ($handler->checkType($object)) { $handlerClassName = get_class($handler); break; } } if ($handlerClassName === null) { throw new EyeHandlerNotFoundException('Unable to find a ShareableObjectHandler for object of class ' . get_class($object) . '.'); } $owner = $object->getShareOwner(); SecurityManager::getInstance()->checkPermission($object, new SharePermission(array('updatecollaborator'), $collaborator)); //prepare query array $shareInfoQuery = array(self::SHAREINFO_KEY_OWNERID => $owner->getId(), self::SHAREINFO_KEY_SHAREABLEID => $object->getId(), self::SHAREINFO_KEY_COLLABORATORID => $collaborator->getId(), self::SHAREINFO_KEY_PERMISSIONACTIONS => $permission->getActionsAsString(), self::SHAREINFO_KEY_HANDLERCLASSNAME => $handlerClassName); $this->getProvider()->updateShareInfo($owner, $shareInfoQuery); // TODO: we could also add the ShareInfo object containing the old permission as a // "related source" of the event $event = new SharingEvent(new BasicShareInfo($owner, $object, $collaborator, $permission, $handlerClassName)); foreach ($this->listeners as $listener) { $listener->collaboratorPermissionUpdated($event); } } catch (Exception $e) { self::$Logger->warn('Unable to update collaborator ' . $collaborator->getName() . ' permissions for object of class ' . get_class($object) . '.'); if (self::$Logger->isDebugEnabled()) { self::$Logger->debug(ExceptionStackUtil::getStackTrace($e, false)); } throw $e; } }
} $newpass = $password; // $generalobj->GenerateAdminPass('5'); // $pswd = $memArr[0]['vPassword']; // $newpass = $generalobj->decrypt($pswd); // $Data['vPassword'] = $generalobj->encrypt($pswd); /* if(trim($memtype) == '') { $where = " iUserId = '".$memArr[0]['iUserId']."'"; $res = $dbobj->MySQLQueryPerform(PRJ_DB_PREFIX.'_user',$Data,'update',$where); } */ if ($memtype == 'securitymanager') { if (!isset($secManObj)) { require_once SITE_CLASS_APPLICATION . "securitymanager/class.SecurityManager.php"; $secManObj = new SecurityManager(); } $where = " (vUserName='******') "; $data['vActivationCode'] = ''; $data['vPassword'] = $generalobj->encrypt($newpass); $id = $secManObj->updateData($data, $where); } else { if ($memtype == 'orguser') { if (!isset($orgUsrObj)) { require_once SITE_CLASS_APPLICATION . "user/class.OrganizationUser.php"; $orgUsrObj = new OrganizationUser(); } $where = " (vUserName='******') "; $data['vActivationCode'] = ''; $data['vPassword'] = $generalobj->encrypt($newpass); $id = $orgUsrObj->updateData($data, $where);
} if (!isset($orgprefObj)) { include_once SITE_CLASS_APPLICATION . "organization/class.OrganizationPreference.php"; $orgprefObj = new OrganizationPreference(); } if (!isset($statusmasterObj)) { include_once SITE_CLASS_APPLICATION . "class.StatusMaster.php"; $statusmasterObj = new StatusMaster(); } if (!isset($orgUsrObj)) { require_once SITE_CLASS_APPLICATION . "user/class.OrganizationUser.php"; $orgUsrObj = new OrganizationUser(); } if (!isset($secManObj)) { require_once SITE_CLASS_APPLICATION . "securitymanager/class.SecurityManager.php"; $secManObj = new SecurityManager(); } if (!isset($emailObj)) { include_once SITE_CLASS_APPLICATION . 'class.EmailTemplate.php'; $emailObj = new EmailTemplate(); } if (!isset($userActionObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.UserActionVerification.php'; $userActionObj = new UserActionVerification(); } if (!isset($sendMail)) { include SITE_CLASS_GEN . "class.sendmail.php"; $sendMail = new SendPHPMail(); } if (!isset($pohObj)) { include_once SITE_CLASS_APPLICATION . "user/class.PurchaseOrderHeading.php";
<?php /** * Action file for add/Update of securitymanager * * @package addsecuritymanager_a.php * @section action/security_manager * @author Jack Scott */ //sendmail class incude include SITE_CLASS_GEN . "class.sendmail.php"; //initialization of senmail class object $sendMail = new SendPHPMail(); if (!isset($secManObj)) { include_once SITE_CLASS_APPLICATION . 'securitymanager/class.SecurityManager.php'; $secManObj = new SecurityManager(); } if (!isset($adminUserObj)) { include_once SITE_CLASS_APPLICATION . 'class.AdminUser.php'; $adminUserObj = new AdminUser(); } //prints($_POST);exit; // print_r($Data);exit; $view = PostVar("view"); $Data = PostVar("Data"); $dupl = PostVar('dpr'); if (!isset($Data['eEmailNotification'])) { $Data['eEmailNotification'] = 'No'; } $Data_access = PostVar("Data_access"); $vPassword = $generalobj->encrypt(PostVar('vPassword'));
public function checkWritePermission() { SecurityManager::getInstance()->checkWrite($this); }
public function executeDeleteSubscribers(sfWebRequest $request) { $minyanUserIds = $request->getParameter('minyanUserIds'); if (is_array($minyanUserIds)) { foreach ($minyanUserIds as $id) { $minyanUser = Doctrine::getTable('MinyanUser')->find($id); if (SecurityManager::verify($minyanUser)) { $minyanUser->delete(); } } } $this->getUser()->setFlash('subscribersSuccess', 'Deleted selected users successfully.'); echo Utils::ajaxResponse(true); return sfView::NONE; }
$uvdtl['vMailSubject_en'] = $email_cnt[0]['vSub_en']; $uvdtl['vMailSubject_fr'] = $email_cnt[0]['vSub_fr']; $uvdtl['tMailContent_en'] = $emailContent_en; $uvdtl['tMailContent_fr'] = $emailContent_fr; $uvdtl['iCreatedBy'] = $_SESSION['SESS_' . PRJ_CONST_PREFIX . '_ID']; $uvdtl['eCreatedType'] = $_SESSION['SESS_' . PRJ_CONST_PREFIX . '_USER_TYPE_SHORT']; $uvdtl['dActionDate'] = date("Y-m-d H:i:s"); if (!isset($userActionObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.UserActionVerification.php'; $userActionObj = new UserActionVerification(); } $ua = $userActionObj->insert($uvdtl); // if (!isset($secManObj)) { require_once SITE_CLASS_APPLICATION . "securitymanager/class.SecurityManager.php"; $secManObj = new SecurityManager(); } if (!isset($orgUserObj)) { include_once SITE_CLASS_APPLICATION . 'user/class.OrganizationUser.php'; $orgUserObj = new OrganizationUser(); } // if ($sess_usertype_short == 'OA') { $smwhr = " AND eEmailNotification='Yes' AND eStatus='Active' "; $smgrs = $secManObj->getDetails('vEmail', $smwhr); $oawhr = " AND iUserID!='" . $sess_id . "' AND eStatus='Active' AND eUserType='Admin' AND iOrganizationID='" . $assocs[$l]['iBuyer2Id'] . "' AND eEmailNotification='Yes' "; $oadms = $orgUserObj->getDetails('vEmail', $oawhr); } else { $smgrs = ''; $smwhr = " AND iSMID!='" . $sess_id . "' AND eEmailNotification='Yes' AND eStatus='Active' "; $smgrs = $secManObj->getDetails('vEmail', $smwhr);
public static function checkpass($id, $password) { $CI =& get_instance(); $CI->load->model('User_model'); $user = $CI->User_model->is_role(TRUE)->is_mapper(FALSE)->get($id); return SecurityManager::validate($password, $user['password'], $user['password_salt']); }