function saveWorkerPeekAction() { $translate = DevblocksPlatform::getTranslationService(); $active_worker = CerberusApplication::getActiveWorker(); if (!$active_worker || !$active_worker->is_superuser || DEMO_MODE) { return; } @($id = DevblocksPlatform::importGPC($_POST['id'], 'integer')); @($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string')); @($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string')); @($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string')); @($title = DevblocksPlatform::importGPC($_POST['title'], 'string')); @($email = DevblocksPlatform::importGPC($_POST['email'], 'string')); @($password = DevblocksPlatform::importGPC($_POST['password'], 'string')); @($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0)); @($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0)); @($group_ids = DevblocksPlatform::importGPC($_POST['group_ids'], 'array')); @($group_roles = DevblocksPlatform::importGPC($_POST['group_roles'], 'array')); @($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0)); // [TODO] The superuser set bit here needs to be protected by ACL if (empty($first_name)) { $first_name = "Anonymous"; } if (!empty($id) && !empty($delete)) { // Can't delete or disable self if ($active_worker->id != $id) { DAO_Worker::deleteAgent($id); } } else { if (empty($id) && null == DAO_Worker::lookupAgentEmail($email)) { $workers = DAO_Worker::getAll(); $license = CerberusLicense::getInstance(); if (!empty($license) && !empty($license['serial']) || count($workers) < 3) { // Creating new worker. If password is empty, email it to them if (empty($password)) { $settings = DevblocksPlatform::getPluginSettingsService(); $replyFrom = $settings->get('cerberusweb.core', CerberusSettings::DEFAULT_REPLY_FROM); $replyPersonal = $settings->get('cerberusweb.core', CerberusSettings::DEFAULT_REPLY_PERSONAL, ''); $url = DevblocksPlatform::getUrlService(); $password = CerberusApplication::generatePassword(8); try { $mail_service = DevblocksPlatform::getMailService(); $mailer = $mail_service->getMailer(CerberusMail::getMailerDefaults()); $mail = $mail_service->createMessage(); $mail->setTo(array($email => $first_name . ' ' . $last_name)); $mail->setFrom(array($replyFrom => $replyPersonal)); $mail->setSubject('Your new helpdesk login information!'); $mail->generateId(); $headers = $mail->getHeaders(); $headers->addTextHeader('X-Mailer', 'Cerberus Helpdesk (Build ' . APP_BUILD . ')'); $body = sprintf("Your new helpdesk login information is below:\r\n" . "\r\n" . "URL: %s\r\n" . "Login: %s\r\n" . "Password: %s\r\n" . "\r\n" . "You should change your password from Preferences after logging in for the first time.\r\n" . "\r\n", $url->write('', true), $email, $password); $mail->setBody($body); if (!$mailer->send($mail)) { throw new Exception('Password notification email failed to send.'); } } catch (Exception $e) { // [TODO] need to report to the admin when the password email doesn't send. The try->catch // will keep it from killing php, but the password will be empty and the user will never get an email. } } $id = DAO_Worker::create($email, $password, '', '', ''); } } // end create worker // Update $fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled); // if we're resetting the password if (!empty($password)) { $fields[DAO_Worker::PASSWORD] = md5($password); } // Update worker DAO_Worker::updateAgent($id, $fields); // Update group memberships if (is_array($group_ids) && is_array($group_roles)) { foreach ($group_ids as $idx => $group_id) { if (empty($group_roles[$idx])) { DAO_Group::unsetTeamMember($group_id, $id); } else { DAO_Group::setTeamMember($group_id, $id, 2 == $group_roles[$idx]); } } } // Add the worker e-mail to the addresses table if (!empty($email)) { DAO_Address::lookupAddress($email, true); } // Addresses if (null == DAO_AddressToWorker::getByAddress($email)) { DAO_AddressToWorker::assign($email, $id); DAO_AddressToWorker::update($email, array(DAO_AddressToWorker::IS_CONFIRMED => 1)); } // Custom field saves @($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array())); DAO_CustomFieldValue::handleFormPost(ChCustomFieldSource_Worker::ID, $id, $field_ids); } if (!empty($view_id)) { $view = C4_AbstractViewLoader::getView($view_id); $view->render(); } //DevblocksPlatform::setHttpResponse(new DevblocksHttpResponse(array('config','workers'))); }
// Default catchall DAO_Group::updateTeam($dispatch_gid, array(DAO_Group::IS_DEFAULT => 1)); } // If this worker doesn't exist, create them if (null === ($lookup = DAO_Worker::lookupAgentEmail($worker_email))) { $worker_id = DAO_Worker::create($worker_email, $worker_pass, 'Super', 'User', 'Administrator'); // Superuser bit $fields = array(DAO_Worker::IS_SUPERUSER => 1); DAO_Worker::updateAgent($worker_id, $fields); // Add the worker e-mail to the addresses table if (!empty($worker_email)) { DAO_Address::lookupAddress($worker_email, true); } // Authorize this e-mail address (watchers, etc.) DAO_AddressToWorker::assign($worker_email, $worker_id); DAO_AddressToWorker::update($worker_email, array(DAO_AddressToWorker::IS_CONFIRMED => 1)); // Default group memberships if (!empty($dispatch_gid)) { DAO_Group::setTeamMember($dispatch_gid, $worker_id, true); } if (!empty($support_gid)) { DAO_Group::setTeamMember($support_gid, $worker_id, true); } if (!empty($sales_gid)) { DAO_Group::setTeamMember($sales_gid, $worker_id, true); } } // Send a first ticket which allows people to reply for support if (null !== ($default_from = $settings->get(CerberusSettings::DEFAULT_REPLY_FROM, ''))) { $message = new CerberusParserMessage(); $message->headers['from'] = '"WebGroup Media, LLC." <*****@*****.**>';
private function _handleImportWorker($xml) { $settings = CerberusSettings::getInstance(); $logger = DevblocksPlatform::getConsoleLog(); $sFirstName = (string) $xml->first_name; $sLastName = (string) $xml->last_name; $sEmail = (string) $xml->email; $sPassword = (string) $xml->password; $isSuperuser = (int) $xml->is_superuser; // Dupe check worker email if (null != ($worker_id = DAO_Worker::lookupAgentEmail($sEmail))) { $logger->info('[Importer] Avoiding creating duplicate worker #' . $worker_id . ' (' . $sEmail . ')'); return true; } $worker_id = DAO_Worker::create($sEmail, CerberusApplication::generatePassword(8), $sFirstName, $sLastName, ''); DAO_Worker::updateAgent($worker_id, array(DAO_Worker::PASSWORD => $sPassword, DAO_Worker::IS_SUPERUSER => intval($isSuperuser))); // Address to Worker DAO_AddressToWorker::assign($sEmail, $worker_id); DAO_AddressToWorker::update($sEmail, array(DAO_AddressToWorker::IS_CONFIRMED => 1)); $logger->info('[Importer] Imported worker #' . $worker_id . ' (' . $sEmail . ')'); DAO_Worker::clearCache(); return true; }
private function _sendConfirmationEmail($to, $worker) { $translate = DevblocksPlatform::getTranslationService(); $settings = DevblocksPlatform::getPluginSettingsService(); $url_writer = DevblocksPlatform::getUrlService(); $tpl = DevblocksPlatform::getTemplateService(); // Tentatively assign the e-mail address to this worker DAO_AddressToWorker::assign($to, $worker->id); // Create a confirmation code and save it $code = CerberusApplication::generatePassword(20); DAO_AddressToWorker::update($to, array(DAO_AddressToWorker::CODE => $code, DAO_AddressToWorker::CODE_EXPIRE => time() + 24 * 60 * 60)); // Email the confirmation code to the address // [TODO] This function can return false, and we need to do something different if it does. CerberusMail::quickSend($to, vsprintf($translate->_('prefs.address.confirm.mail.subject'), $settings->get('cerberusweb.core', CerberusSettings::HELPDESK_TITLE)), vsprintf($translate->_('prefs.address.confirm.mail.body'), array($worker->getName(), $url_writer->write('c=preferences&a=confirm_email&code=' . $code, true)))); $output = array(vsprintf($translate->_('prefs.address.confirm.mail.subject'), $to)); $tpl->assign('pref_success', $output); }