public function executeSignin($request)
{
$this->form = new sfGuardFormSignin();
if ($request->isMethod('post')) {
$data = $request->getParameter('signin');
$adldap = new adLDAP(array('account_suffix' => '@sch.bme.hu', 'domain_controllers' => array('152.66.208.42'), 'ad_username' => $data['username'], 'ad_password' => $data['password']));
try {
$authUser = $adldap->authenticate($data['username'], $data['password']);
if ($authUser === true) {
$userData = $adldap->user_info($data['username']);
$user = Doctrine::getTable('sfGuardUser')->findOneBy('username', $data['username']);
$save = false;
if ($user) {
if ($user->Profile->full_name != $userData[0]["displayname"][0] || $user->Profile->email != $userData[0]["mail"][0]) {
$save = true;
}
} else {
$user = new sfGuardUser();
$save = true;
}
if ($save) {
$user->username = $data['username'];
$user->password = $data['password'];
$user->Profile->full_name = $userData[0]["displayname"][0];
$user->Profile->email = $userData[0]["mail"][0];
$user->save();
}
}
} catch (Exception $e) {
echo $e;
}
}
parent::executeSignin($request);
}
static function getUserMarkup(sfGuardUser $user)
{
if (!$user->id) {
throw new Exception("Can't get note markup for new user");
}
return '@' . $user->getProfile()->public_name;
}
/**
* @see sfValidatorBase
*/
protected function doClean($values)
{
// only validate if username and password are both present
if (isset($values[$this->getOption('username_field')]) && isset($values[$this->getOption('password_field')])) {
$username = $values[$this->getOption('username_field')];
$password = $values[$this->getOption('password_field')];
// user exists?
if ($user = sfGuardUserPeer::retrieveByUsername($username)) {
// password is ok?
if ($user->getIsActive()) {
if (Configuration::get('ldap_enabled', false)) {
if (authLDAP::checkPassword($username, $password)) {
return array_merge($values, array('user' => $user));
}
} elseif ($user->checkPassword($password)) {
return array_merge($values, array('user' => $user));
}
}
} elseif (Configuration::get('ldap_enabled', false) && Configuration::get('ldap_create_user', false) && authLDAP::checkPassword($username, $password)) {
$user = new sfGuardUser();
$user->setUsername($username);
$user->save();
$profile = new Profile();
$profile->setSfGuardUserId($user->getId());
$profile->save();
return array_merge($values, array('user' => $user));
}
if ($this->getOption('throw_global_error')) {
throw new sfValidatorError($this, 'invalid');
}
throw new sfValidatorErrorSchema($this, array($this->getOption('username_field') => new sfValidatorError($this, 'invalid')));
}
// assume a required error has already been thrown, skip validation
return $values;
}
/**
* Личные данные
*/
public function executeSignup()
{
$loginzaData = $this->getUser()->getAttribute('loginza.identity', false, 'loginza');
$this->forward404Unless($loginzaData);
$user = new sfGuardUser();
$user->fromArray($loginzaData);
$this->form = new sfGuardUserForm($user);
}
/**
*
* @param sfGuardUser $user or User ID
* @return boolean
* @throws Exception
*/
public function isSelfUser($user)
{
if ($user instanceof sfGuardUser) {
return $this->getGuardUser()->getId() == $user->getId();
} elseif (is_numeric($user)) {
return $user == $this->getGuardUser()->getId();
}
throw new Exception('wrong argument');
}
public static final function checkIfImInList(sfGuardUser $me, Doctrine_Collection $usersCollection)
{
foreach ($usersCollection as $user) {
if ($user->getId() === $me->getId()) {
return true;
}
}
return false;
}
/**
* @see sfTask
*/
protected function execute($arguments = array(), $options = array())
{
$databaseManager = new sfDatabaseManager($this->configuration);
$user = new sfGuardUser();
$user->setUsername($arguments['username']);
$user->setPassword($arguments['password']);
$user->save();
$this->logSection('guard', sprintf('Create user "%s"', $arguments['username']));
}
/**
* Gets or creates an sfGuardUser record by email
*
* The password and any other information is auto-generated in sfGuardUser
*/
public function getOrCreateUserByEmail($email)
{
$guardUser = $this->findOneByEmailAddress($email);
if (!$guardUser) {
$guardUser = new sfGuardUser();
$guardUser->username = $email;
$guardUser->save();
}
return $guardUser;
}
/**
* @see sfTask
*/
protected function execute($arguments = array(), $options = array())
{
$configuration = ProjectConfiguration::getApplicationConfiguration($arguments['application'], $options['env'], true);
$databaseManager = new sfDatabaseManager($configuration);
$user = new sfGuardUser();
$user->setUsername($arguments['username']);
$user->setPassword($arguments['password']);
$user->setIsActive(true);
$user->save();
$this->logSection('guard', sprintf('Create user "%s"', $arguments['username']));
}
/**
*
* @param sfGuardUser $user
* @return Doctrine_Query
*/
public function queryByMember(sfGuardUser $user, $is_member = true, $deleted_too = false)
{
if ($user->hasPermission(myUser::CREDENTIAL_ADMIN)) {
return $this->queryAll($deleted_too);
}
if ($is_member) {
return $this->queryAll($deleted_too)->innerJoin('c.CampaignRights cr')->andWhere('cr.user_id = ? AND cr.active = ?', array($user->getId(), 1));
} else {
return $this->queryAll($deleted_too)->andWhere('c.id NOT IN (SELECT cr.campaign_id FROM CampaignRights cr WHERE cr.user_id = ? AND cr.active = ?)', array($user->getId(), 1));
}
}
public function executeCreateUser(sfWebRequest $request)
{
$data = $request->getPostParameter('data');
$user = new sfGuardUser();
$user->username = $data['username'];
$user->password = $data['password'];
$user->save();
$this->setTemplate('showUsers');
// $this->settings = Doctrine_Core::getTable('Settings')->findOneById(1);
// echo $this->getUser()->getGuardUser()->getUsername();
// $this->forward404Unless($this->settings);
}
public function newPerson($name)
{
// Creating sfGuardUser
$guardUser = new sfGuardUser();
$guardUser->set('name', $name);
$guardUser->save();
// Creating the Person
$person = new Person();
$person->set('name', $name);
$person->set('sf_guard_user_id', $guardUser['id']);
$person->save();
return $person;
}
/**
* Accepts proof of identity from the client side Facebook SDK.
* https://developers.facebook.com/docs/howtos/login/signed-request/#step2
* This will not work if your site doesn't have a proper
* domain name (it will not work in dev, in most cases).
*/
public function executeFacebookLogin(sfWebRequest $request)
{
$fb = sfConfig::get('app_sfApplyPlugin_facebook');
$secret = isset($fb['secret']) ? $fb['secret'] : null;
if (!$secret) {
throw new sfException('app_sfApplyPlugin_facebook not configured, secret missing');
}
$signed_request = $request->getParameter('signed_request');
list($encoded_sig, $payload) = explode('.', $signed_request, 2);
// decode the data
$sig = $this->base64UrlDecode($encoded_sig);
$data = json_decode($this->base64UrlDecode($payload), true);
// Contrary to FB docs we're not done yet, we have to
// trade the 'code' in for an access token and then we
// can query for information about the user
$code = $data['code'];
$url = "https://graph.facebook.com/oauth/access_token?" . http_build_query(array('client_id' => $fb['id'], 'redirect_uri' => '', 'client_secret' => $secret, 'code' => $code));
$accessToken = file_get_contents($url);
parse_str($accessToken, $result);
$accessToken = $result['access_token'];
$me = json_decode(file_get_contents("https://graph.facebook.com/me?" . http_build_query(array('access_token' => $accessToken))), true);
if (!isset($me['email'])) {
$this->forward404();
}
$email = $me['email'];
$first_name = $me['first_name'];
$last_name = $me['last_name'];
$username = '******' . (isset($me['username']) ? $me['username'] : $me['id']);
if (strtoupper($data['algorithm']) !== 'HMAC-SHA256') {
$this->forward404();
}
// Adding the verification of the signed_request below
$expected_sig = hash_hmac('sha256', $payload, $secret, $raw = true);
if ($sig !== $expected_sig) {
$this->forward404();
}
$user = Doctrine::getTable('sfGuardUser')->findOneByEmailAddress($email);
if (!$user) {
$user = new sfGuardUser();
$user->setIsActive(true);
$user->setPassword(aGuid::generate());
$user->setEmailAddress($email);
$user->setUsername($username);
}
$user->setFirstName($firstName);
$user->setLastName($lastName);
$user->setEmailAddress($email);
$user->save();
$this->getUser()->signIn($user);
return $this->renderText('OK');
}
/**
* Verifica los datos para realizar la asignación.
* @param sfGuardUser $lider
* @param sfGuardUser $discipulo
* @param type $actualizacion
* @param type $correo
* @return string
*/
private function validaAsignacion(sfGuardUser $lider, sfGuardUser $discipulo, $actualizacion, $correo = null)
{
$resultado = 'ok';
if ($lider->getGenero() != $discipulo->getGenero()) {
$resultado = "Los géneros del Líder y del Discípulo no coinciden";
}
if ($actualizacion != 'ok') {
$resultado = "Error al actualizar discipulo: " . $actualizacion;
}
if ($correo && ($correo <= 0 || is_nan($correo)) && sfConfig::get('app_envia_mails')) {
$resultado = "Error al enviar el correo: " . $correo;
}
return $resultado;
}
/**
* @see sfTask
*/
protected function execute($arguments = array(), $options = array())
{
$databaseManager = new sfDatabaseManager($this->configuration);
$user = new sfGuardUser();
$user->setUsername($arguments['username']);
$user->setPassword($arguments['password']);
$user->save();
$profile = new Profile();
$profile->setNickname($arguments['nickname']);
$profile->setEmail($arguments['email']);
$profile->setSfGuardUserId($user->getId());
$profile->save();
$this->logSection('crew', sprintf('Create user "%s"', $arguments['username']));
}
private function registerUser($username, $data = NULL)
{
try {
$gingerKey = sfConfig::get('app_portail_ginger_key');
if ($gingerKey != "abc") {
$ginger = new \Ginger\Client\GingerClient(sfConfig::get('app_portail_ginger_key'));
$cotisants = $ginger->getUser($username);
} else {
$cotisants = new stdClass();
$cotisants->mail = $username . "@etu.utc.fr";
$cotisants->prenom = "Le";
$cotisants->nom = "Testeur";
$cotisants->type = "etu";
}
if (!$data) {
$data = new sfGuardUser();
}
$data->setUsername($username);
$data->setEmailAddress($cotisants->mail);
$data->setFirstName($cotisants->prenom);
$data->setLastName($cotisants->nom);
$data->setIsActive(true);
$data->save();
$profile = new Profile();
$profile->setUser($data);
$profile->setDomain($cotisants->type);
$profile->save();
return $data;
} catch (\Ginger\Client\ApiException $ex) {
$this->setFlash('error', "Il n'a pas été possible de vous identifier. Merci de contacter simde@assos.utc.fr en précisant votre login et le code d'erreur " . $ex->getCode() . ".");
}
return false;
}
/**
* executeRegister
*
* @access public
* @return void
*/
public function executeRegister(sfWebRequest $request)
{
$this->form = new sfGuardFormRegister();
if ($request->isMethod(sfRequest::POST)) {
$this->form->bind($request->getParameter($this->form->getName()));
if ($this->form->isValid()) {
$values = $this->form->getValues();
$sfGuardUser = new sfGuardUser();
$sfGuardUser->fromArray($values, BasePeer::TYPE_FIELDNAME);
if (isset($values['email'])) {
$sfGuardUser->setEmail($values['email']);
}
$sfGuardUser->setIsActive(false);
$sfGuardUser->save();
$messageParams = array('sfGuardUser' => $sfGuardUser, 'password' => $values['password']);
$body = $this->getComponent($this->getModuleName(), 'send_request_confirm', $messageParams);
$from = sfConfig::get('app_sf_guard_extra_plugin_mail_from', '*****@*****.**');
$fromName = sfConfig::get('app_sf_guard_extra_plugin_name_from', 'noreply');
$to = $sfGuardUser->getEmail();
$toName = $sfGuardUser->getUsername();
$subject = sfConfig::get('app_sf_guard_extra_plugin_subject_confirm', 'Confirm Registration');
$mailer = $this->getMailer();
$message = $mailer->compose(array($from => $fromName), array($to => $toName), $subject, $body);
$mailer->send($message);
$this->getUser()->setFlash('values', $values);
$this->getUser()->setFlash('sfGuardUser', $sfGuardUser);
return $this->redirect('@sf_guard_do_register');
}
}
}
public function createUser(array $guard_tab, $ei_user_tab)
{
$new_guard = new sfGuardUser();
$new_guard->setId($guard_tab['id']);
$new_guard->setUsername($guard_tab['username']);
$new_guard->setFirstName($guard_tab['first_name']);
$new_guard->setLastName($guard_tab['last_name']);
$new_guard->setEmailAddress($guard_tab['email_address']);
$new_guard->setPassword($guard_tab['password']);
$new_guard->save();
/* Création du EiUser */
EiUserTable::createUser($ei_user_tab, $new_guard->getId());
return $new_guard;
}
public function executeReactivate(sfRequest $request)
{
$user = sfGuardUser::getUserByUsername($request->getParameter('username'));
if (!$user || $user->getIsActive()) {
return;
}
try {
// Create the mailer and message objects
$mailer = $this->getMailer();
// Render message parts
$profile = $user->getProfile();
$profile->setValidate('n' . self::createGuid());
$profile->save();
$mailContext = array('name' => $profile->getFullname(), 'validate' => $profile->getValidate());
$message = Swift_Message::newInstance();
$from = sfConfig::get('app_sfApplyPlugin_from');
$message->setFrom($from['email'], $from['fullname']);
$message->setTo($profile->getEmail(), $profile->getUser()->getUsername());
$message->setSubject(sfConfig::get('app_sfApplyPlugin_apply_subject', "Активация аккаунта на сайте " . $request->getHost()));
$message->setBody($this->getPartial('sfApply/sendValidateNew', $mailContext), 'text/html');
$message->addPart($this->getPartial('sfApply/sendValidateNewText', $mailContext), 'text/plain');
$mailer->send($message);
return 'After';
} catch (Exception $e) {
$mailer->disconnect();
$profile = $this->form->getObject();
$user = $profile->getUser();
$user->delete();
// You could re-throw $e here if you want to
// make it available for debugging purposes
return 'MailerError';
}
}
/**
* Signs in the user on the application.
*
* @param sfGuardUser $user The sfGuardUser id
* @param boolean $remember Whether or not to remember the user
* @param Doctrine_Connection $con A Doctrine_Connection object
*/
public function signIn($user, $auth_key = null, $con = null)
{
// signin
$this->setApiUserid($user->getId());
$this->setAuthenticated(true);
$this->clearCredentials();
$this->addCredentials($user->getAllPermissionNames());
// save last login
$user->setLastLogin(date('Y-m-d H:i:s'));
$user->save($con);
// Set login messages
$message = array();
foreach ($user->getUndisplayedLoginMessages() as $message) {
$messages[] = $message->getMessage();
$message->setDisplayed(true);
$message->save();
}
if (count($message) > 0) {
$this->setFlash('login', $messages);
}
// remember?
if ($auth_key) {
$this->setApiAuthkey($auth_key);
$api_key = sfConfig::get('app_web_app_api_key');
$api = ApiKeyTable::getInstance()->findOneBy('api_key', $api_key);
$auth_key = sfGuardUserAuthKeyTable::getInstance()->getMostRecentValidByApiKeyIdAndAuthKey($api->getIncremented(), $auth_key);
$expires = strtotime($auth_key->getExpiresAt());
// make key as a cookie
$remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $auth_key->getAuthKey(), $expires);
}
}
public function executeCreateTicket()
{
$subject = strip_tags($this->getRequestParameter('subject'));
$message = strip_tags($this->getRequestParameter('message'));
sfTicketPeer::createTicket($subject, $message, sfGuardUser::getProfileUserId($this->getContext()->getUser()));
return $this->redirect('sfSupport/history');
}
/**
* @param sfGuardUser $user
* @return array
*/
public function getUsersInTeamIDs(sfGuardUser $user)
{
$ids = array();
$ids[] = $user->getId();
$q = $this->createQuery('u')->leftJoin('u.TeamMember tm')->where('tm.manager_id = ?', $user->getId());
$team_manager = $this->userTeamManager($user);
if ($team_manager) {
$ids[] = $team_manager;
$q->orWhere('tm.manager_id = ?', $team_manager);
}
$users = $q->execute();
foreach ($users as $user) {
$ids[] = $user->getId();
}
return array_unique($ids);
}
public function createItem(EiScenario $ei_scenario, EiDelivery $ei_delivery, EiTicket $ei_ticket, sfGuardUser $guard_user, Doctrine_Connection $conn = null)
{
if ($conn == null) {
$conn = Doctrine_Manager::connection();
}
$stmt = $conn->prepare("INSERT INTO ei_package_scenario_conflict (ei_scenario_id,delivery_id,package_id, package_ref,resolved_date,resolved_author,created_at,updated_at) " . "VALUES (:ei_scenario_id,:delivery_id,:package_id, :package_ref,:resolved_date,:resolved_author,:created_at,:updated_at) " . "ON DUPLICATE KEY UPDATE ei_scenario_id=ei_scenario_id, delivery_id=delivery_id, package_id=:package_id,package_ref=:package_ref");
$stmt->bindValue("ei_scenario_id", $ei_scenario->getId());
$stmt->bindValue("delivery_id", $ei_delivery->getId());
$stmt->bindValue("package_id", $ei_ticket->getTicketId());
$stmt->bindValue("package_ref", $ei_ticket->getTicketRef());
$stmt->bindValue("resolved_date", date('Y-m-d H:i:s'));
$stmt->bindValue("resolved_author", $guard_user->getId());
$stmt->bindValue("created_at", date('Y-m-d H:i:s'));
$stmt->bindValue("updated_at", date('Y-m-d H:i:s'));
$stmt->execute(array());
}
/**
* @see sfTask
*/
protected function execute($arguments = array(), $options = array())
{
$databaseManager = new sfDatabaseManager($this->configuration);
$user = new sfGuardUser();
$user->setEmailAddress($arguments['email_address']);
$user->setUsername($arguments['username']);
$user->setPassword($arguments['password']);
$user->setFirstName($arguments['first_name']);
$user->setLastName($arguments['last_name']);
$user->setIsActive(true);
$user->setIsSuperAdmin($options['is-super-admin']);
$user->save();
$this->logSection('guard', sprintf('Create user "%s"', $arguments['username']));
}
protected function doClean($values)
{
$username = isset($values[$this->getOption('username_field')]) ? $values[$this->getOption('username_field')] : '';
bhLDAP::debug('######## Username: '******'password_field')]) ? $values[$this->getOption('password_field')] : '';
bhLDAP::debug('######## User exists?');
$user = Doctrine::getTable('sfGuardUser')->findOneByUsername($username);
// bhLDAP::debugDump($user, "user:");
if (!$user) {
if (bhLDAP::checkPassword($username, $password)) {
// pretend the user exists, then check AD password
bhLDAP::debug('######## User does not exist. Creating dummy user.');
$user = new sfGuardUser();
$user->setUsername($username);
$user->setSalt('unused');
$user->setPassword('unused');
$user->setUserProfile(new UserProfile());
$user->save();
}
return array_merge($values, array('user' => $user));
}
// password is ok?
bhLDAP::debug('######## Checking Password...');
if ($user->checkPassword($password)) {
bhLDAP::debug('######## Check Password successful...');
return array_merge($values, array('user' => $user));
}
bhLDAP::debug('######## Check Password failed...');
if ($this->getOption('throw_global_error')) {
throw new sfValidatorError($this, 'invalid');
}
throw new sfValidatorErrorSchema($this, array($this->getOption('username_field') => new sfValidatorError($this, 'invalid')));
}
public function queryByUser(sfGuardUser $user)
{
if ($user->hasPermission(myUser::CREDENTIAL_ADMIN)) {
return $this->queryAll()->innerJoin('w.Petition p')->innerJoin('p.Campaign c')->where('p.status != ? AND c.status = ?', array(Petition::STATUS_DELETED, CampaignTable::STATUS_ACTIVE));
}
return $this->queryAll()->innerJoin('w.Petition p')->leftJoin('p.PetitionRights pr ON p.id = pr.petition_id and pr.user_id = ?', $user->getId())->innerJoin('p.Campaign c')->leftJoin('c.CampaignRights cr ON c.id = cr.campaign_id and cr.user_id = ?', $user->getId())->where('p.status != ? AND c.status = ?', array(Petition::STATUS_DELETED, CampaignTable::STATUS_ACTIVE))->andWhere('w.user_id = ? OR (cr.user_id = ? AND pr.user_id = ? AND cr.active = 1 AND pr.active = 1 AND (pr.admin = 1 OR pr.member = 1) AND (cr.admin = 1 OR cr.member = 1))', array($user->getId(), $user->getId(), $user->getId()));
}
protected function sync_accounts_maint()
{
//query all accounts
$q = Doctrine_Query::create()->select("*")->from("RidAccounts")->setHydrationMode(Doctrine::HYDRATE_ARRAY);
$results = $q->execute();
//check for record in SfGuardUser
foreach ($results as $r) {
$this->SfGuardUserSync = Doctrine_Core::getTable('SfGuardUser')->findOneByEmailAddress($r['email']);
//if missing create
if ($this->SfGuardUserSync == '') {
//doctrine, create record in sf_guard_user
$NewFacebookUser = new sfGuardUser();
//$NewFacebookUser->id = $r['id'];
$NewFacebookUser->email_address = $r['email'];
$NewFacebookUser->save();
}
}
}
public static function updateOrCreateFbUser($profile)
{
$sfGuardUser = Doctrine_Core::getTable('sfGuardUser')->findOneByFacebookId($profile['id']);
if (!$sfGuardUser) {
$sfGuardUser = new sfGuardUser();
$sfGuardUser->setUsername('FB_' . $profile['id']);
$sfGuardUser->facebook_id = $profile['id'];
$sfGuardUser->first_name = $profile['first_name'];
$sfGuardUser->last_name = $profile['last_name'];
if (array_key_exists('email', $profile)) {
$sfGuardUser->email_address = $profile['email'];
} else {
$sfGuardUser->email_address = $profile['id'] . '@fb.com';
}
$sfGuardUser->save();
}
return $sfGuardUser;
}
/**
* This is a symfony workaround. As soon as someone logs in check if they are in the DB.
* If they aren't just insert them so they can authenticate.
*
* @param sfWebRequest $request
*/
public function executeSignin($request)
{
if ($request->isMethod("post")) {
$form = new sfGuardFormSignin();
$username = $request->getParameter($form->getName() . "[username]");
$c = new Criteria();
$c->add(sfGuardUserPeer::USERNAME, $username);
$res = sfGuardUserPeer::doCount($c);
// if they dont exist in the db then stick them in so LDAP works
if ($res == 0) {
$u = new sfGuardUser();
$u->setUsername($username);
$u->save();
$u->getProfile();
}
}
parent::executeSignin($request);
}
protected function setUp()
{
$conn = Doctrine_Manager::connection('sqlite://memory', 'doctrine');
Doctrine_Manager::getInstance()->setCurrentConnection('doctrine');
try {
Doctrine_Manager::getInstance()->dropDatabases('doctrine');
} catch (Doctrine_Export_Exception $e) {
/* database did not exist so ignore.. */
}
Doctrine_Manager::getInstance()->createDatabases('doctrine');
Doctrine_Core::createTablesFromArray(array('sfGuardUser', 'UserLoginHistory'));
$sfGuardUser = new sfGuardUser();
$sfGuardUser->username = '******';
$sfGuardUser->first_name = 'Christian';
$sfGuardUser->last_name = 'Schaefer';
$sfGuardUser->email_address = '*****@*****.**';
$sfGuardUser->save();
}
