public function method_POST(&$headers)
{
$auth = BeeHub::getAuth();
if (!$auth->is_authenticated()) {
throw DAV::forbidden();
}
$admin_functions = array('add_members', 'add_admins', 'delete_admins', 'delete_members');
if (!$this->is_admin()) {
foreach ($admin_functions as $function) {
if (isset($_POST[$function])) {
throw DAV::forbidden();
}
}
}
// Allow users to request or remove membership
$current_user = $auth->current_user();
if (isset($_POST['leave'])) {
$this->change_memberships($current_user, self::DELETE_MEMBER);
}
if (isset($_POST['join'])) {
$message = null;
if (!$this->is_member()) {
// This user is not invited for this group, so sent the administrators an e-mail with this request
$message = 'Dear sponsor administrator,
' . $current_user->prop(DAV::PROP_DISPLAYNAME) . ' (' . $current_user->prop(BeeHub::PROP_EMAIL) . ') wants to join the sponsor \'' . $this->prop(DAV::PROP_DISPLAYNAME) . '\'. One of the sponsor administrators needs to either accept or reject this membership request. Please see your notifications in BeeHub to do this:
' . BeeHub::urlbase(true) . '/system/?show_notifications=1
Best regards,
BeeHub';
$recipients = array();
foreach ($this->users as $user => $attributes) {
if ($attributes['is_admin']) {
$user = BeeHub::user($user);
$recipients[$user->prop(BeeHub::PROP_EMAIL)] = $user->prop(DAV::PROP_DISPLAYNAME);
}
}
}
$this->change_memberships(array($current_user->name), self::USER_ACCEPT);
if (!is_null($message)) {
BeeHub::email($recipients, 'BeeHub notification: membership request for sponsor ' . $this->prop(DAV::PROP_DISPLAYNAME), $message);
}
}
// Run administrator actions: add members, admins and requests
foreach ($admin_functions as $key) {
if (isset($_POST[$key])) {
if (!is_array($_POST[$key])) {
throw new DAV_Status(DAV::HTTP_BAD_REQUEST);
}
$members = array_map(array('BeeHub_Sponsor', 'get_user_name'), $_POST[$key]);
switch ($key) {
case 'add_members':
foreach ($members as $member) {
$user = BeeHub::user($member);
if (!$this->is_member($user)) {
// The user was not a member of this sponsor yet, so notify him/her
$message = 'Dear ' . $user->prop(DAV::PROP_DISPLAYNAME) . ',
You are now sponsored by \'' . $this->prop(DAV::PROP_DISPLAYNAME) . '\'.
Best regards,
BeeHub';
BeeHub::email(array($user->prop(BeeHub::PROP_EMAIL) => $user->prop(DAV::PROP_DISPLAYNAME)), 'BeeHub notification: new sponsor ' . $this->prop(DAV::PROP_DISPLAYNAME), $message);
}
}
$this->change_memberships($members, self::ADMIN_ACCEPT);
break;
case 'add_admins':
$this->change_memberships($members, self::SET_ADMIN);
break;
case 'delete_admins':
$this->check_admin_remove($members);
$this->change_memberships($members, self::UNSET_ADMIN);
break;
case 'delete_members':
$this->change_memberships($members, self::DELETE_MEMBER);
foreach ($members as $member) {
$user = BeeHub::user($member);
$message = 'Dear ' . $user->prop(DAV::PROP_DISPLAYNAME) . ',
Sponsor administrator ' . $current_user->prop(DAV::PROP_DISPLAYNAME) . ' removed you from the sponsor \'' . $this->prop(DAV::PROP_DISPLAYNAME) . '\'. If you believe you should be a member of this sponsor, please contact one of the sponsor administrators.
Best regards,
BeeHub';
BeeHub::email(array($user->prop(BeeHub::PROP_EMAIL) => $user->prop(DAV::PROP_DISPLAYNAME)), 'BeeHub notification: removed from sponsor ' . $this->prop(DAV::PROP_DISPLAYNAME), $message);
}
break;
default:
//Should/could never happen
throw new DAV_Status(DAV::HTTP_INTERNAL_SERVER_ERROR);
break;
}
}
}
}
/**
* Stores properties set earlier by set().
* @return void
* @throws DAV_Status in particular 507 (Insufficient Storage)
*/
public function storeProperties()
{
if (!$this->touched) {
return;
}
$collection = BeeHub::getNoSQL()->users;
$document = $collection->findOne(array('name' => $this->name));
if (isset($this->stored_props[DAV::PROP_DISPLAYNAME])) {
$document['displayname'] = $this->stored_props[DAV::PROP_DISPLAYNAME];
} else {
unset($document['displayname']);
}
if (isset($this->stored_props[BeeHub::PROP_X509])) {
$document['x509'] = $this->stored_props[BeeHub::PROP_X509];
} else {
unset($document['x509']);
}
// Check whether the SURFconext ID already exists
if (isset($this->stored_props[BeeHub::PROP_SURFCONEXT])) {
$conextDuplicate = $collection->findOne(array('surfconext_id' => $this->stored_props[BeeHub::PROP_SURFCONEXT]), array('name' => true));
if (!is_null($conextDuplicate) && $conextDuplicate['name'] !== $this->name) {
throw new DAV_Status(DAV::HTTP_CONFLICT, "This SURFconext id is already used by a different BeeHub user.");
}
$document['surfconext_id'] = @$this->stored_props[BeeHub::PROP_SURFCONEXT];
$document['surfconext_description'] = @$this->stored_props[BeeHub::PROP_SURFCONEXT_DESCRIPTION];
} else {
unset($document['surfconext_id'], $document['surfconext_description']);
}
$p_sponsor = basename(@$this->stored_props[BeeHub::PROP_SPONSOR]);
if (isset($document['sponsors']) && is_array($document['sponsors']) && in_array($p_sponsor, $document['sponsors'])) {
$document['default_sponsor'] = $p_sponsor;
}
$change_email = false;
if (@$this->stored_props[BeeHub::PROP_EMAIL] !== @$document['email']) {
$change_email = true;
$document['unverified_email'] = @$this->stored_props[BeeHub::PROP_EMAIL];
$document['verification_code'] = md5(time() . '0-c934q2089#$#%@#$jcq2iojc43q9 i1d' . rand(0, 10000));
$document['verification_expiration'] = time() + 60 * 60 * 24;
}
// Write all data to database
$saveResult = $collection->save($document);
if (!$saveResult['ok']) {
throw new DAV_Status(DAV::HTTP_INTERNAL_SERVER_ERROR);
}
// Notify the user if needed
if ($change_email) {
$activation_link = BeeHub::urlbase(true) . DAV::encodeURIFullPath($this->path) . '?verification_code=' . $document['verification_code'];
$message = 'Dear ' . $document['displayname'] . ',
This e-mail address (' . $document['unverified_email'] . ') is added to the BeeHub account \'' . $this->name . '\'. You need to confirm this action by following this link:
' . $activation_link . '
If this link doesn\'t work, on your profile page go to the tab \'Verify e-mail address\' and fill out the following verification code:
' . $document['verification_code'] . '
Note that your verification code is only valid for 24 hours. Also, for new users, if you don\'t have a validated e-mail address, your account will automatically be removed after 24 hours.
If this was a mistake, or you do not want to add this e-mail address to this BeeHub account, you don\'t have to do anything.
Best regards,
BeeHub';
BeeHub::email(array($document['unverified_email'] => $document['displayname']), 'Verify e-mail address for BeeHub', $message);
}
// Update the json file containing all displaynames of all privileges
self::update_principals_json();
$this->touched = false;
}
BeeHub::htmlError('<p>The form was not correctly filled out.</p>', DAV::HTTP_BAD_REQUEST);
}
} else {
// Send a new reset code
if (!is_null($user)) {
$reset_code = $user->create_password_reset_code();
$reset_link = BeeHub::urlbase(true) . '/system/password_reset.php?reset_code=' . $reset_code . '&username='******'Dear ' . $user->prop(DAV::PROP_DISPLAYNAME) . ',
A password reset was requested for your BeeHub account. You can confirm this action by following this link:
' . $reset_link . '
If this link doesn\'t work, you can go to BeeHub and choose \'I forgot my password\' in the login menu. Here, on the \'Enter reset code\' tab you can fill out the following details:
Username: '******'
Reset code: ' . $reset_code . '
Note that you\'re reset code is only valid for 1 hours.
If this was a mistake, or you do not want to reset the password for your BeeHub account, you don\'t have to do anything.
Best regards,
BeeHub';
$sub = array($user->prop(BeeHub::PROP_EMAIL) => $user->prop(DAV::PROP_DISPLAYNAME));
BeeHub::email($sub, 'Password reset for BeeHub', $message);
}
require 'views/password_reset_code_sent.php';
}
}
