function addIssue($dbHandler, $argsObj, $itsObj)
{
$opOK = false;
$msg = '';
$resultsCfg = config_get('results');
$tcaseMgr = new testcase($dbHandler);
$dummy = $tcaseMgr->tree_manager->get_node_hierarchy_info($argsObj->tcversion_id);
$auditSign = $tcaseMgr->getAuditSignature((object) array('id' => $dummy['parent_id']));
$exec = current($tcaseMgr->getExecution($argsObj->exec_id, $argsObj->tcversion_id));
$dummy = $exec['status'];
if (isset($resultsCfg['code_status'][$exec['status']])) {
$dummy = $resultsCfg['code_status'][$exec['status']];
}
$exec['statusVerbose'] = sprintf(lang_get('issue_exec_result'), $dummy);
unset($tcaseMgr);
$signature = sprintf(lang_get('issue_generated_description'), $argsObj->exec_id, $exec['tester_login'], $exec['testplan_name']);
if ($exec['platform_id'] > 0) {
$signature .= sprintf(lang_get('issue_platform'), $exec['platform_name']);
}
$signature .= sprintf(lang_get('issue_build') . lang_get('execution_ts_iso'), $exec['build_name'], $exec['execution_ts']) . "\n" . $exec['statusVerbose'] . "\n\n" . $exec['execution_notes'];
$rs = $itsObj->addIssue($auditSign . ' - ' . sprintf(lang_get('execution_ts_iso'), $exec['execution_ts']), $signature);
if ($rs['status_ok']) {
$msg = $rs['msg'];
$opOK = true;
if (write_execution_bug($dbHandler, $argsObj->exec_id, $rs['id'])) {
logAuditEvent(TLS("audit_executionbug_added", $rs['id']), "CREATE", $argsObj->exec_id, "executions");
}
} else {
$msg = $rs['msg'];
}
return array($opOK, $msg);
}
/**
* authorization function verifies login & password and set user session data
* return map
*
*/
function doAuthorize(&$db, $login, $pwd)
{
$result = array('status' => tl::ERROR, 'msg' => null);
$_SESSION['locale'] = TL_DEFAULT_LOCALE;
if (!is_null($pwd) && !is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists) {
$password_check = auth_does_password_match($user, $pwd);
if ($password_check->status_ok && $user->isActive) {
// 20051007 MHT Solved 0000024 Session confusion
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
//Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
global $g_tlLogger;
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($db, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
}
return $result;
}
function doOperation(&$dbHandler, $argsObj, $operation)
{
$rights = implode("','", array_keys($argsObj->grant));
$op = new stdClass();
$op->role = new tlRole();
$op->role->rights = tlRight::getAll($dbHandler, "WHERE description IN ('{$rights}')");
$op->role->name = $argsObj->rolename;
$op->role->description = $argsObj->notes;
$op->role->dbID = $argsObj->roleid;
$op->userFeedback = null;
$op->template = 'rolesEdit.tpl';
$result = $op->role->writeToDB($dbHandler);
if ($result >= tl::OK) {
$auditCfg = null;
switch ($operation) {
case 'doCreate':
$auditCfg['msg'] = "audit_role_created";
$auditCfg['activity'] = "CREATE";
break;
case 'doUpdate':
$auditCfg['msg'] = "audit_role_saved";
$auditCfg['activity'] = "SAVE";
break;
}
logAuditEvent(TLS($auditCfg['msg'], $argsObj->rolename), $auditCfg['activity'], $op->role->dbID, "roles");
$op->template = null;
} else {
$op->userFeedback = getRoleErrorMessage($result);
}
return $op;
}
/**
* authorization function verifies login & password and set user session data
* return map
*
*/
function doAuthorize(&$db, $login, $pwd)
{
$result = array('status' => tl::ERROR, 'msg' => null);
$_SESSION['locale'] = TL_DEFAULT_LOCALE;
if (!is_null($pwd) && !is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($db, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists) {
$check = auth_does_password_match($user, $pwd);
if (!$check->status_ok) {
$result = array('status' => tl::ERROR, 'msg' => $check->msg);
}
if ($check->status_ok && $user->isActive) {
// Need to do set COOKIE following Mantis model
$auth_cookie_name = config_get('auth_cookie');
$expireOnBrowserClose = false;
setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
// Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
$user->setUserSession($db);
global $g_tlLogger;
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
// setUserSession($db,$user->login, $user->dbID,$user->globalRoleID,$user->emailAddress, $user->locale,null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
}
return $result;
}
case 'doLogin':
case 'ajaxlogin':
doSessionStart();
unset($_SESSION['basehref']);
setPaths();
$op = doAuthorize($db, $args->login, $args->pwd);
if ($op['status'] < tl::OK) {
$gui->note = is_null($op['msg']) ? lang_get('bad_user_passwd') : $op['msg'];
if ($args->action == 'ajaxlogin') {
echo json_encode(array('success' => false, 'reason' => $gui->note));
} else {
$doRender = true;
}
} else {
$args->currentUser = $_SESSION['currentUser'];
logAuditEvent(TLS("audit_login_succeeded", $args->login, $_SERVER['REMOTE_ADDR']), "LOGIN", $args->currentUser->dbID, "users");
if ($args->action == 'ajaxlogin') {
echo json_encode(array('success' => true));
} else {
redirect($_SESSION['basehref'] . "index.php" . ($args->preqURI ? "?reqURI=" . urlencode($args->preqURI) : ""));
}
}
break;
case 'ajaxcheck':
doSessionStart();
unset($_SESSION['basehref']);
setPaths();
$validSession = checkSessionValid($db, false);
// Send a json reply, include localized strings for use in js to display a login form.
echo json_encode(array('validSession' => $validSession, 'username_label' => lang_get('login_name'), 'password_label' => lang_get('password'), 'login_label' => lang_get('btn_login')));
break;
} else {
$user = new tlUser();
$rx = $user->checkPasswordQuality($args->password);
if ($rx['status_ok'] >= tl::OK) {
$result = $user->setPassword($args->password);
if ($result >= tl::OK) {
$user->login = $args->login;
$user->emailAddress = $args->email;
$user->firstName = $args->firstName;
$user->lastName = $args->lastName;
$result = $user->writeToDB($db);
$cfg = config_get('notifications');
if ($cfg->userSignUp->enabled) {
notifyGlobalAdmins($db, $user);
}
logAuditEvent(TLS("audit_users_self_signup", $args->login), "CREATE", $user->dbID, "users");
redirect(TL_BASE_HREF . "login.php?note=first");
exit;
} else {
$message = getUserErrorMessage($result);
}
} else {
$message = $rx['msg'];
}
}
}
$smarty = new TLSmarty();
$gui = $args;
// we get info about THE DEFAULT AUTHENTICATION METHOD
$gui->external_password_mgmt = tlUser::isPasswordMgtExternal();
$gui->message = $message;
function doDelete(&$argsObj, &$cfieldMgr)
{
$op = new stdClass();
$op->user_feedback = '';
$op->cf = null;
$op->template = null;
$op->operation_descr = '';
$cf = $cfieldMgr->get_by_id($argsObj->cfield_id);
if ($cf) {
$cf = $cf[$argsObj->cfield_id];
if ($cfieldMgr->delete($argsObj->cfield_id)) {
logAuditEvent(TLS("audit_cfield_deleted", $cf['name']), "DELETE", $argsObj->cfield_id, "custom_fields");
}
}
return $op;
}
$user = new tlUser(intval($userID));
$user->readFromDB($db);
if (tlUser::isPasswordMgtExternal($user->authentication, $user->authentication)) {
$gui->external_password_mgmt = 1;
$gui->password_mgmt_feedback = sprintf(lang_get('password_mgmt_feedback'), trim($args->login));
}
}
}
if (!$gui->external_password_mgmt && $userID) {
echo __LINE__;
$result = resetPassword($db, $userID);
$gui->note = $result['msg'];
if ($result['status'] >= tl::OK) {
$user = new tlUser($userID);
if ($user->readFromDB($db) >= tl::OK) {
logAuditEvent(TLS("audit_pwd_reset_requested", $user->login), "PWD_RESET", $userID, "users");
}
redirect(TL_BASE_HREF . "login.php?note=lost");
exit;
} else {
if ($result['status'] == tlUser::E_EMAILLENGTH) {
$gui->note = lang_get('mail_empty_address');
} else {
if ($note != "") {
$gui->note = getUserErrorMessage($result['status']);
}
}
}
}
$smarty = new TLSmarty();
$smarty->assign('gui', $gui);
/**
* Deletes all testplan related role assignments for a given testplan
*
* @param int $id the testplan id
* @return tl::OK on success, tl::FALSE else
**/
function deleteUserRoles($id)
{
$debugMsg = 'Class:' . __CLASS__ . ' - Method: ' . __FUNCTION__;
$status = tl::ERROR;
$sql = " /* {$debugMsg} */ DELETE FROM {$this->tables['user_testplan_roles']} " . " WHERE testplan_id = {$id}";
if ($this->db->exec_query($sql)) {
$testPlan = $this->get_by_id($id);
if ($testPlan) {
logAuditEvent(TLS("audit_all_user_roles_removed_testplan", $testPlan['name']), "ASSIGN", $id, "testplans");
}
$status = tl::OK;
}
return $status;
}
function generateAPIKey(&$argsObj, &$user)
{
$op = new stdClass();
$op->status = tl::OK;
$op->user_feedback = null;
if ($user) {
$APIKey = new APIKey();
if ($APIKey->addKeyForUser($argsObj->userID) < tl::OK) {
logAuditEvent(TLS("audit_user_apikey_set", $user->login), "CREATE", $user->login, "users");
$op->user_feedback = lang_get('result_apikey_create_ok');
}
}
return $op;
}
/**
* set value of location attribute for one or multiple custom fields.
*
*
*/
function setDisplayLocation($tproject_id, $field_id_location)
{
$tproject_info = $this->tree_manager->get_node_hierarchy_info($tproject_id);
foreach ($field_id_location as $field_id => $location) {
$sql = "UPDATE {$this->tables['cfield_testprojects']} " . " SET location=" . intval($location) . " WHERE testproject_id={$tproject_id} AND field_id={$field_id} ";
$this->db->exec_query($sql);
}
if ($tproject_info) {
logAuditEvent(TLS("audit_cfield_location_changed", $tproject_info['name']), "SAVE", $tproject_id, "testprojects");
}
}
* @filesource attachmentdelete.php
* Deletes an attachment by a given id
*/
require_once '../../config.inc.php';
require_once '../functions/common.php';
require_once '../functions/attachments.inc.php';
testlinkInitPage($db, false, false, "checkRights");
$args = init_args();
$deleteDone = false;
if ($args->id) {
$attachmentRepository = tlAttachmentRepository::create($db);
$attachmentInfo = $attachmentRepository->getAttachmentInfo($args->id);
if ($attachmentInfo && checkAttachmentID($db, $args->id, $attachmentInfo)) {
$deleteDone = $attachmentRepository->deleteAttachment($args->id, $attachmentInfo);
if ($deleteDone) {
logAuditEvent(TLS("audit_attachment_deleted", $attachmentInfo['title']), "DELETE", $args->id, "attachments");
}
}
}
$smarty = new TLSmarty();
$smarty->assign('bDeleted', $deleteDone);
$smarty->display('attachmentdelete.tpl');
/**
* @return object returns the arguments for the page
*/
function init_args()
{
//the id (attachments.id) of the attachment to be deleted
$iParams = array("id" => array(tlInputParameter::INT_N));
$args = new stdClass();
G_PARAMS($iParams, $args);
/**
* Deletes item from inventory on db
*
* @param int $itemID
* @return integer returns tl::OK on success, tl:ERROR else
*/
public function deleteInventory($itemID)
{
$auditData = $this->getAuditData();
$auditData = current($auditData);
$this->inventoryId = $itemID;
// check existence / get name of the record
$recordset = $this->readDB($this->inventoryId);
if (!is_null($recordset)) {
$this->name = $recordset[0]['name'];
$result = $this->deleteFromDB();
if ($result == tl::OK) {
logAuditEvent(TLS("audit_inventory_deleted", $this->name, $auditData['tproject_name']), "DELETE", $this->name, "inventory");
$this->userFeedback = langGetFormated('inventory_delete_success', $this->name);
} else {
$this->userFeedback = langGetFormated('inventory_delete_fails', $this->name);
tLog('Internal error: The device "' . $this->name . '" was not deleted.', 'ERROR');
}
} else {
$this->userFeedback = lang_get('inventory_no_device') . ' ID=' . $this->inventoryId;
tLog('Internal error: The device "' . $this->name . '" was not deleted.', 'ERROR');
}
return $result;
}
/**
*
*
*/
function checkUserRightsFor(&$db, $pfn, $onFailureGoToLogin = false)
{
$script = basename($_SERVER['PHP_SELF']);
$currentUser = $_SESSION['currentUser'];
$doExit = false;
$action = null;
$m2call = $pfn;
$arguments = null;
if (is_object($pfn)) {
$m2call = $pfn->method;
$arguments = $pfn->args;
}
if (!$m2call($db, $currentUser, $arguments, $action)) {
if (!$action) {
$action = "any";
}
logAuditEvent(TLS("audit_security_user_right_missing", $currentUser->login, $script, $action), $action, $currentUser->dbID, "users");
$doExit = true;
}
if ($doExit) {
$myURL = $_SESSION['basehref'];
if ($onFailureGoToLogin) {
unset($_SESSION['currentUser']);
redirect($myURL . "login.php");
} else {
redirect($myURL, "top.location");
}
exit;
}
}
require_once 'exttable.class.php';
require_once "users.inc.php";
testlinkInitPage($db, false, false, "checkRights");
$smarty = new TLSmarty();
$templateCfg = templateConfiguration();
list($args, $gui) = initEnv($db);
switch ($args->operation) {
case 'disable':
// user cannot disable => inactivate itself
if ($args->user_id != $args->currentUserID) {
$user = new tlUser($args->user_id);
$gui->result = $user->readFromDB($db);
if ($gui->result >= tl::OK) {
$gui->result = $user->setActive($db, 0);
if ($gui->result >= tl::OK) {
logAuditEvent(TLS("audit_user_disabled", $user->login), "DISABLE", $args->user_id, "users");
$gui->user_feedback = sprintf(lang_get('user_disabled'), $user->login);
}
}
}
if ($gui->result != tl::OK) {
$gui->user_feedback = lang_get('error_user_not_disabled');
}
break;
default:
break;
}
$gui->matrix = $users = getAllUsersForGrid($db);
$gui->images = $smarty->getImages();
$gui->tableSet[] = buildMatrix($gui, $args);
$highlight = initialize_tabsmenu();
function unassign_from_tcase($req_id, $testcase_id)
{
$output = 0;
$sql = " DELETE FROM {$this->tables['req_coverage']} " . " WHERE req_id={$req_id} " . " AND testcase_id={$testcase_id}";
$result = $this->db->exec_query($sql);
if ($result && $this->db->affected_rows() == 1) {
$tcInfo = $this->tree_mgr->get_node_hierarchy_info($testcase_id);
$reqInfo = $this->tree_mgr->get_node_hierarchy_info($req_id);
if ($tcInfo && $reqInfo) {
logAuditEvent(TLS("audit_req_assignment_removed_tc", $reqInfo['name'], $tcInfo['name']), "ASSIGN", $this->object_table);
}
$output = 1;
}
return $output;
}
function checkUserRightsFor(&$db, $pfn)
{
$script = basename($_SERVER['PHP_SELF']);
$currentUser = $_SESSION['currentUser'];
$bExit = false;
$action = null;
if (!$pfn($db, $currentUser, $action)) {
if (!$action) {
$action = "any";
}
logAuditEvent(TLS("audit_security_user_right_missing", $currentUser->login, $script, $action), $action, $currentUser->dbID, "users");
$bExit = true;
}
if ($bExit) {
$myURL = $_SESSION['basehref'];
redirect($myURL, "top.location");
exit;
}
}
/**
* Inserts a testproject related role for a given user
*
* @param integer $userID the id of the user
* @param integer $tproject_id
* @param integer $roleID the role id
*
* @return integer tl::OK on success, tl::ERROR else
**/
function addUserRole($userID, $tproject_id, $roleID)
{
$query = "INSERT INTO {$this->tables['user_testproject_roles']} " . "(user_id,testproject_id,role_id) VALUES ({$userID},{$tproject_id},{$roleID})";
if ($this->db->exec_query($query)) {
$testProject = $this->get_by_id($tproject_id);
$role = tlRole::getByID($this->db, $roleID, tlRole::TLOBJ_O_GET_DETAIL_MINIMUM);
$user = tlUser::getByID($this->db, $userID, tlUser::TLOBJ_O_GET_DETAIL_MINIMUM);
if ($user && $testProject && $role) {
logAuditEvent(TLS("audit_users_roles_added_testproject", $user->getDisplayName(), $testProject['name'], $role->name), "ASSIGN", $tproject_id, "testprojects");
}
return tl::OK;
}
return tl::ERROR;
}
function doDelete(&$argsObj, $basehref)
{
$dummy = $this->milestone_mgr->get_by_id($argsObj->id);
$milestone = $dummy[$argsObj->id];
$this->milestone_mgr->delete($argsObj->id);
logAuditEvent(TLS("audit_milestone_deleted", $milestone['testplan_name'], $milestone['name']), "DELETE", $argsObj->id, "milestones");
$obj = new stdClass();
$obj->template = $basehref . $this->viewAction . "?tproject_id=" . $argsObj->tproject_id . "&tplan_id=" . $argsObj->tplan_id;
$obj->user_feedback = sprintf(lang_get('milestone_deleted'), $milestone['name']);
$obj->main_descr = null;
$obj->title = lang_get('delete_milestone');
return $obj;
}
/**
* Deletes all testplan related role assignments for a given testplan
*
* @param int $id the testplan id
* @return tl::OK on success, tl::FALSE else
**/
function deleteUserRoles($id, $users = null, $opt = null)
{
$my['opt'] = array('auditlog' => true);
$my['opt'] = array_merge($my['opt'], (array) $opt);
$debugMsg = 'Class:' . __CLASS__ . ' - Method: ' . __FUNCTION__;
$status = tl::ERROR;
$sql = " /* {$debugMsg} */ DELETE FROM {$this->tables['user_testplan_roles']} " . " WHERE testplan_id = " . intval($id);
if (!is_null($users)) {
$sql .= " AND user_id IN(" . implode(',', $users) . ")";
}
if ($this->db->exec_query($sql) && $my['opt']['auditlog']) {
$testPlan = $this->get_by_id($id);
if ($testPlan) {
if (is_null($users)) {
logAuditEvent(TLS("audit_all_user_roles_removed_testplan", $testPlan['name']), "ASSIGN", $id, "testplans");
} else {
// TBD
}
}
$status = tl::OK;
}
return $status;
}
function deleteRole(&$db, $roleID)
{
$userFeedback = '';
$role = new tlRole($roleID);
$role->readFromDb($db);
if ($role->deleteFromDB($db) < tl::OK) {
$userFeedback = lang_get("error_role_deletion");
} else {
logAuditEvent(TLS("audit_role_deleted", $role->getDisplayName()), "DELETE", $roleID, "roles");
}
return $userFeedback;
}
require_once TL_ABS_PATH . 'lib' . DIRECTORY_SEPARATOR . 'bugtracking' . DIRECTORY_SEPARATOR . 'int_bugtracking.php';
}
require_once 'exec.inc.php';
testlinkInitPage($db);
$templateCfg = templateConfiguration();
$args = init_args($g_bugInterface);
checkRights($db, $_SESSION['currentUser'], $args);
$msg = "";
if ($args->bug_id != "") {
$msg = lang_get("error_wrong_BugID_format");
if ($g_bugInterface->checkBugID($args->bug_id)) {
$msg = lang_get("error_bug_does_not_exist_on_bts");
if ($g_bugInterface->checkBugID_existence($args->bug_id)) {
if (write_execution_bug($db, $args->exec_id, $args->bug_id)) {
$msg = lang_get("bug_added");
logAuditEvent(TLS("audit_executionbug_added", $args->bug_id), "CREATE", $args->exec_id, "executions");
}
}
}
}
$smarty = new TLSmarty();
$smarty->assign('bugIDMaxLength', $g_bugInterface->getBugIDMaxLength());
$smarty->assign('bts_url', $g_bugInterface->getEnterBugURL());
$smarty->assign('msg', $msg);
$smarty->assign('gui', $gui);
$smarty->display($templateCfg->template_dir . $templateCfg->default_template);
/**
*
* @return object returns the arguments of the page
*/
function init_args($bugInterface)
/**
*
*/
function deleteAttachment(&$dbHandler, $fileID, $checkOnSession = true)
{
$repo = tlAttachmentRepository::create($dbHandler);
$info = $repo->getAttachmentInfo($fileID);
if ($info) {
$doIt = true;
if ($checkOnSession) {
$doIt = checkAttachmentID($dbHandler, $fileID, $info);
}
if ($doIt) {
if ($repo->deleteAttachment($fileID, $info)) {
logAuditEvent(TLS("audit_attachment_deleted", $info['title']), "DELETE", $fileID, "attachments");
}
}
}
}
/**
*
*/
function createNewPassword(&$dbHandler, &$argsObj, &$userObj, $newPasswordSendMethod)
{
$op = new stdClass();
$op->user_feedback = '';
$op->new_password = '';
// Try to validate mail configuration
//
// From Zend Documentation
// You may find you also want to match IP addresses, Local hostnames, or a combination of all allowed types.
// This can be done by passing a parameter to Zend_Validate_Hostname when you instantiate it.
// The paramter should be an integer which determines what types of hostnames are allowed.
// You are encouraged to use the Zend_Validate_Hostname constants to do this.
// The Zend_Validate_Hostname constants are: ALLOW_DNS to allow only DNS hostnames, ALLOW_IP to allow IP addresses,
// ALLOW_LOCAL to allow local network names, and ALLOW_ALL to allow all three types.
//
$validator = new Zend_Validate_Hostname(Zend_Validate_Hostname::ALLOW_ALL);
$smtp_host = config_get('smtp_host');
$password_on_screen = $newPasswordSendMethod == 'display_on_screen';
if ($validator->isValid($smtp_host) || $password_on_screen) {
$dummy = resetPassword($dbHandler, $argsObj->user_id, $newPasswordSendMethod);
$op->user_feedback = $dummy['msg'];
$op->status = $dummy['status'];
$op->new_password = $dummy['password'];
if ($op->status >= tl::OK) {
logAuditEvent(TLS("audit_pwd_reset_requested", $userObj->login), "PWD_RESET", $argsObj->user_id, "users");
$op->user_feedback = lang_get('password_reseted');
if ($password_on_screen) {
$op->user_feedback = lang_get('password_set') . $dummy['password'];
}
} else {
$op->user_feedback = sprintf(lang_get('password_cannot_be_reseted_reason'), $op->user_feedback);
}
} else {
$op->status = tl::ERROR;
$op->user_feedback = lang_get('password_cannot_be_reseted_invalid_smtp_hostname');
}
return $op;
}
/**
*
* @param stdClassObject $argsObj
* @param hash $op
*/
function authorizePostProcessing($argsObj, $op)
{
$note = null;
$renderLoginScreen = false;
if ($op['status'] == tl::OK) {
// Login successful, redirect to destination
logAuditEvent(TLS("audit_login_succeeded", $argsObj->login, $_SERVER['REMOTE_ADDR']), "LOGIN", $_SESSION['currentUser']->dbID, "users");
if ($argsObj->action == 'ajaxlogin') {
echo json_encode(array('success' => true));
} else {
// If destination param is set redirect to given page ...
if (!empty($argsObj->destination) && preg_match("/linkto.php/", $argsObj->destination)) {
redirect($argsObj->destination);
} else {
// ... or show main page
redirect($_SESSION['basehref'] . "index.php?caller=login" . ($argsObj->preqURI ? "&reqURI=" . urlencode($argsObj->preqURI) : ""));
}
exit;
// hmm seems is useless
}
} else {
$note = is_null($op['msg']) ? lang_get('bad_user_passwd') : $op['msg'];
if ($argsObj->action == 'ajaxlogin') {
echo json_encode(array('success' => false, 'reason' => $note));
} else {
$renderLoginScreen = true;
}
}
return array($renderLoginScreen, $note);
}
function doDelete($argsObj, &$tprojectMgr, $sessionTprojectID)
{
$ope_status = $tprojectMgr->delete($argsObj->tprojectID);
$op = new stdClass();
$op->status_ok = $ope_status['status_ok'];
$op->reloadType = 'none';
if ($ope_status['status_ok']) {
$op->reloadType = 'reloadNavBar';
$op->msg = sprintf(lang_get('test_project_deleted'), $argsObj->tprojectName);
logAuditEvent(TLS("audit_testproject_deleted", $argsObj->tprojectName), "DELETE", $argsObj->tprojectID, "testprojects");
} else {
$op->msg = lang_get('info_product_not_deleted_check_log') . ' ' . $ope_status['msg'];
}
return $op;
}
function doUpdate(&$argsObj, &$buildMgr, &$tplanMgr, $dateFormat)
{
$op = new stdClass();
$op->operation_descr = '';
$op->user_feedback = '';
$op->template = "buildEdit.tpl";
$op->notes = $argsObj->notes;
$op->status_ok = 0;
$op->buttonCfg = null;
$oldObjData = $buildMgr->get_by_id($argsObj->build_id);
$oldname = $oldObjData['name'];
$check = crossChecks($argsObj, $tplanMgr, $dateFormat);
if ($check->status_ok) {
$user_feedback = lang_get("cannot_update_build");
if ($buildMgr->update($argsObj->build_id, $argsObj->build_name, $argsObj->notes, $argsObj->is_active, $argsObj->is_open, $argsObj->release_date)) {
if ($argsObj->closed_on_date == '') {
$argsObj->closed_on_date = mktime(0, 0, 0, date("m"), date("d"), date("Y"));
}
if ($argsObj->is_open == 1) {
$targetDate = null;
} else {
$targetDate = date("Y-m-d", $argsObj->closed_on_date);
}
$buildMgr->setClosedOnDate($argsObj->build_id, $targetDate);
$op->user_feedback = '';
$op->notes = '';
$op->template = null;
$op->status_ok = 1;
logAuditEvent(TLS("audit_build_saved", $argsObj->tproject_name, $argsObj->tplan_name, $argsObj->build_name), "SAVE", $argsObj->build_id, "builds");
}
}
if (!$op->status_ok) {
$op->operation_descr = lang_get('title_build_edit') . TITLE_SEP_TYPE3 . $oldname;
$op->buttonCfg = new stdClass();
$op->buttonCfg->name = "do_update";
$op->buttonCfg->value = lang_get('btn_save');
$op->user_feedback = $check->user_feedback;
}
return $op;
}
/**
* for SSL Cliente Certificate we can not check password but
* 1. login exists
* 2. SSL context exist
*
* return map
*
*/
function doSSOClientCertificate(&$dbHandler, $apache_mod_ssl_env, $authCfg = null)
{
global $g_tlLogger;
$result = array('status' => tl::ERROR, 'msg' => null);
if (!isset($apache_mod_ssl_env['SSL_PROTOCOL'])) {
return $result;
}
// With this we trust SSL is enabled => go ahead with login control
$authCfg = is_null($authCfg) ? config_get('authentication') : $authCfg;
$login = $apache_mod_ssl_env[$authCfg['SSO_uid_field']];
if (!is_null($login)) {
$user = new tlUser();
$user->login = $login;
$login_exists = $user->readFromDB($dbHandler, tlUser::USER_O_SEARCH_BYLOGIN) >= tl::OK;
if ($login_exists && $user->isActive) {
// Need to do set COOKIE following Mantis model
$auth_cookie_name = config_get('auth_cookie');
$expireOnBrowserClose = false;
setcookie($auth_cookie_name, $user->getSecurityCookie(), $expireOnBrowserClose, '/');
// Disallow two sessions within one browser
if (isset($_SESSION['currentUser']) && !is_null($_SESSION['currentUser'])) {
$result['msg'] = lang_get('login_msg_session_exists1') . ' <a style="color:white;" href="logout.php">' . lang_get('logout_link') . '</a>' . lang_get('login_msg_session_exists2');
} else {
// Setting user's session information
$_SESSION['currentUser'] = $user;
$_SESSION['lastActivity'] = time();
$g_tlLogger->endTransaction();
$g_tlLogger->startTransaction();
setUserSession($dbHandler, $user->login, $user->dbID, $user->globalRoleID, $user->emailAddress, $user->locale, null);
$result['status'] = tl::OK;
}
} else {
logAuditEvent(TLS("audit_login_failed", $login, $_SERVER['REMOTE_ADDR']), "LOGIN_FAILED", $user->dbID, "users");
}
}
return $result;
}
function deleteKeywords($tcID, $kwID = null, $audit = self::AUDIT_ON)
{
$sql = " DELETE FROM {$this->tables['testcase_keywords']} WHERE testcase_id = {$tcID} ";
if (!is_null($kwID)) {
if (is_array($kwID)) {
$sql .= " AND keyword_id IN (" . implode(',', $kwID) . ")";
$key4log = $kwID;
} else {
$sql .= " AND keyword_id = {$kwID}";
$key4log = array($kwID);
}
} else {
$key4log = array_keys((array) $this->get_keywords_map($tcID));
}
$result = $this->db->exec_query($sql);
if ($result) {
$tcInfo = $this->tree_manager->get_node_hierarchy_info($tcID);
if ($tcInfo && $key4log) {
foreach ($key4log as $key2get) {
$keyword = tlKeyword::getByID($this->db, $key2get);
if ($keyword && $audit == self::AUDIT_ON) {
logAuditEvent(TLS("audit_keyword_assignment_removed_tc", $keyword->name, $tcInfo['name']), "ASSIGN", $tcID, "nodes_hierarchy");
}
}
}
}
return $result;
}
$gui->notes = $of->CreateHTML();
}
break;
case 'do_create':
$template = 'planEdit.tpl';
$status_ok = false;
$of->Value = $args->notes;
$gui->testplan_name = $args->testplan_name;
$gui->is_active = $args->active == 'on' ? 1 : 0;
$gui->is_public = $args->is_public == 'on' ? 1 : 0;
if (!$name_exists) {
$new_tplan_id = $tplan_mgr->create($args->testplan_name, $args->notes, $args->tproject_id, $args->active, $args->is_public);
if ($new_tplan_id == 0) {
$gui->user_feedback = $db->error_msg();
} else {
logAuditEvent(TLS("audit_testplan_created", $args->tproject_name, $args->testplan_name), "CREATED", $new_tplan_id, "testplans");
$cf_map = $tplan_mgr->get_linked_cfields_at_design($new_tplan_id, $args->tproject_id);
$tplan_mgr->cfield_mgr->design_values_to_db($_REQUEST, $new_tplan_id, $cf_map);
$status_ok = true;
$template = null;
$gui->user_feedback = '';
// Operations Order is CRITIC
if ($args->copy) {
$options = array('items2copy' => $args->copy_options, 'copy_assigned_to' => $args->copy_assigned_to, 'tcversion_type' => $args->tcversion_type);
$tplan_mgr->copy_as($args->source_tplanid, $new_tplan_id, $args->testplan_name, $args->tproject_id, $args->user_id, $options);
}
if (!$args->is_public) {
// does user have an SPECIFIC role on TestPlan ?
// if answer is yes => do nothing
if (!tlUser::hasRoleOnTestPlan($db, $args->user_id, $new_tplan_id)) {
$effectiveRole = $args->user->getEffectiveRole($db, $args->tproject_id, null);