public function testShouldRejectExistingIfNotOwnedByMember() { $this->setExpectedException('ValidationException'); $this->member->logIn(); $this->address1->MemberID = 0; $this->address1->write(); $this->assertTrue($this->config->validateData(array('BillingAddressBookCheckoutComponent_BillingAddressID' => $this->address1->ID))); }
/** * If the REMOTE_USER is set and is in the Member table, log that member in. If * not, and Config::inst()->get('AuthRemoteUserExtension', 'auto_create_user') is set, add that * Member to the configured group, and log the new user in. Otherwise, do nothing. */ public function onAfterInit() { if (isset($_SERVER['REMOTE_USER'])) { $unique_identifier = $_SERVER['REMOTE_USER']; } elseif (isset($_SERVER['REDIRECT_REMOTE_USER'])) { $unique_identifier = $_SERVER['REDIRECT_REMOTE_USER']; } if (isset($unique_identifier)) { $unique_identifier_field = Member::config()->unique_identifier_field; $member = Member::get()->filter($unique_identifier_field, $unique_identifier)->first(); if ($member) { $member->logIn(); $this->owner->redirectBack(); } elseif (Config::inst()->get('AuthRemoteUserExtension', 'auto_create_user') && strlen(Config::inst()->get('AuthRemoteUserExtension', 'auto_user_group'))) { $group = Group::get()->filter('Title', Config::inst()->get('AuthRemoteUserExtension', 'auto_user_group'))->first(); if ($group) { $member = new Member(); $member->{$unique_identifier_field} = $unique_identifier; $member->write(); $member->Groups()->add($group); $member->logIn(); } } } }
/** * Assertion Consumer Service * * The user gets sent back here after authenticating with the IdP, off-site. * The earlier redirection to the IdP can be found in the SAMLAuthenticator::authenticate. * * After this handler completes, we end up with a rudimentary Member record (which will be created on-the-fly * if not existent), with the user already logged in. Login triggers memberLoggedIn hooks, which allows * LDAP side of this module to finish off loading Member data. * * @throws OneLogin_Saml2_Error */ public function acs() { $auth = Injector::inst()->get('SAMLHelper')->getSAMLAuth(); $auth->processResponse(); $error = $auth->getLastErrorReason(); if (!empty($error)) { SS_Log::log($error, SS_Log::ERR); Form::messageForForm("SAMLLoginForm_LoginForm", "Authentication error: '{$error}'", 'bad'); Session::save(); return $this->getRedirect(); } if (!$auth->isAuthenticated()) { Form::messageForForm("SAMLLoginForm_LoginForm", _t('Member.ERRORWRONGCRED'), 'bad'); Session::save(); return $this->getRedirect(); } $decodedNameId = base64_decode($auth->getNameId()); // check that the NameID is a binary string (which signals that it is a guid if (ctype_print($decodedNameId)) { Form::messageForForm("SAMLLoginForm_LoginForm", "Name ID provided by IdP is not a binary GUID.", 'bad'); Session::save(); return $this->getRedirect(); } // transform the NameId to guid $guid = LDAPUtil::bin_to_str_guid($decodedNameId); if (!LDAPUtil::validGuid($guid)) { $errorMessage = "Not a valid GUID '{$guid}' recieved from server."; SS_Log::log($errorMessage, SS_Log::ERR); Form::messageForForm("SAMLLoginForm_LoginForm", $errorMessage, 'bad'); Session::save(); return $this->getRedirect(); } // Write a rudimentary member with basic fields on every login, so that we at least have something // if LDAP synchronisation fails. $member = Member::get()->filter('GUID', $guid)->limit(1)->first(); if (!($member && $member->exists())) { $member = new Member(); $member->GUID = $guid; } $attributes = $auth->getAttributes(); foreach ($member->config()->claims_field_mappings as $claim => $field) { if (!isset($attributes[$claim][0])) { SS_Log::log(sprintf('Claim rule \'%s\' configured in LDAPMember.claims_field_mappings, but wasn\'t passed through. Please check IdP claim rules.', $claim), SS_Log::WARN); continue; } $member->{$field} = $attributes[$claim][0]; } $member->SAMLSessionIndex = $auth->getSessionIndex(); // This will throw an exception if there are two distinct GUIDs with the same email address. // We are happy with a raw 500 here at this stage. $member->write(); // This will trigger LDAP update through LDAPMemberExtension::memberLoggedIn. // Both SAML and LDAP identify Members by the GUID field. $member->logIn(); return $this->getRedirect(); }
/** * @param \Member $user * @return ApiSession */ public static function createSession($user) { $user->logIn(); /** @var \Member $user */ $user = \DataObject::get(\Config::inst()->get('BaseRestController', 'Owner'))->byID($user->ID); // create session $session = ApiSession::create(); $session->User = $user; $session->Token = AuthFactory::generate_token($user); return $session; }
function activate($data, $form, $request) { //Check if there's a temp member with a Verification Code equal to this //if there is, register the new member and log him in //if not, tell him the code is wrong //Check if this member already exists $tempMember = TempMember::codeExists($data); if (!$tempMember) { $form->sessionMessage(_t("Register.REGISTRATION ERROR", "There's no account waiting for activation with this code.\n\t\t\t\t\t\t\t\t\t If you already have an account log in here <a href=\"my-events/\">here</a>"), 'bad'); Director::redirectBack(); return; } // Create a new Member object $member = new Member(); $member->FirstName = $tempMember->FirstName; $member->Surname = $tempMember->Surname; $member->Phone = $tempMember->Phone; $member->Email = $tempMember->Email; $member->Password = $tempMember->Password; $member->ReceiveMail = $tempMember->ReceiveMail; $member->ReceiveMail = $tempMember->ReceiveMail; $member->RequestListedAsPresenter = $tempMember->RequestListedAsPresenter; $member->LocationAddress = $tempMember->LocationAddress; $member->LocationLatitude = $tempMember->LocationLatitude; $member->LocationLongitude = $tempMember->LocationLongitude; $member->Description = $tempMember->Description; // Write to db. // This needs to happen before we add it to a group $member->write(); if ($tempMember->RequestListedAsPresenter) { $presentorApproval = new PresentorApproval(); $presentorApproval->MemberID = $member->ID; $presentorApproval->MemberName = $tempMember->FirstName . ' ' . $tempMember->Surname; $presentorApproval->Message = $tempMember->Description; $presentorApproval->Email = $tempMember->Email; $presentorApproval->Confirmation = 'Pending'; $presentorApproval->IsDone = false; $presentorApproval->write(); } $tempMember->delete(); $member->logIn(); // Add the member to User Group // Check if it exists first if ($group = DataObject::get_one('Group', 'ID = 3')) { $member->Groups()->add($group); // Redirect based on URL // TO EDIT Director::redirect('SuccessVerification'); } else { $form->sessionMessage(_t("Register.REGISTRATION ERROR", "Your registration wasn't successful please try again"), 'bad'); Director::redirectBack(); } }
/** * Adds or modifies a job on the website. * * @param array $data * @param Form $form */ public function doJobForm() { $data = $this->request->postVars(); $form = new JobBoardForm($this); $form->loadDataFrom($data); $existed = false; if (!isset($data['JobID']) && !$data['JobID']) { $job = new Job(); } else { $job = Job::get()->byId($data['JobID']); $existed = true; if ($job && !$job->canEdit()) { return $this->owner->httpError(404); } else { $job = new Job(); } } $form->saveInto($job); $job->isActive = true; $job->write(); Session::set('JobID', $job->ID); $member = Member::get()->filter(array('Email' => $data['Email']))->first(); if (!$member) { $member = new Member(); $member->Email = $SQL_email; $member->FirstName = isset($data['Company']) ? $data['Company'] : false; $password = Member::create_new_password(); $member->Password = $password; $member->write(); $member->addToGroupByCode('job-posters', _t('Jobboard.JOBPOSTERSGROUP', 'Job Posters')); } $member->logIn(); $job->MemberID = $member->ID; $job->write(); if (!$existed) { $email = new Email(); $email->setSubject($data['EmailSubject']); $email->setFrom($data['EmailFrom']); $email->setTo($member->Email); // send the welcome email. $email->setTemplate('JobPosting'); $email->populateTemplate(array('Member' => $member, 'Password' => isset($password) ? $password : false, 'FirstPost' => $password ? true : false, 'Holder' => $this, 'Job' => $job)); if ($notify = $form->getController()->getJobNotifyAddress()) { $email->setBcc($notify); } $email->send(); } return $this->redirect($data['BackURL']); }
/** * Log the user in via an existing Facebook account connection. * * @return SS_HTTPResponse **/ public function login() { $form = $this->Form(); if ($this->request->getVar("error")) { $form->sessionMessage("Unable to obtain access to Facebook.", "bad"); return $this->renderWith(array("FacebookController", "Page", "Controller")); } $facebookApp = FacebookApp::get()->first(); if (!$facebookApp || !$facebookApp->EnableFacebookLogin) { $form->sessionMessage("Facebook Login is disabled.", "bad"); } else { if ($member = Member::currentUser()) { $member->logOut(); } $facebook = $facebookApp->getFacebook(); $user = $facebook->getUser(); if ($user) { $member = Member::get()->filter("FacebookUserID", $user)->first(); if ($member) { $member->logIn(); $form->sessionMessage("You have logged in with your Facebook account.", "good"); $member->extend("onAfterMemberLogin"); } else { if ($facebookApp->EnableFacebookSignup) { // Attempt to sign the user up. $member = new Member(); // Load the user from Faceook $user_profile = $facebook->api("/me"); if ($user_profile) { // Fill in the required fields. $access_token = Session::get("fb_" . $facebookApp->FacebookConsumerKey . "_access_token"); $signup = $member->connectFacebookAccount($user_profile, $access_token, $facebookApp->config()->get("required_user_fields")); if ($signup->valid()) { $member->logIn(); $form->sessionMessage("You have signed up with your Facbeook account.", "good"); // Facebook Hooks $this->extend("onAfterFacebookSignup", $member); } else { $form->sessionMessage($signup->message(), "bad"); } } else { $form->sessionMessage("Unable to load your Facbeook account.", "bad"); } } else { $form->sessionMessage("Unable to log in with Facebook.", "bad"); } } } else { $params = $facebookApp->getLoginUrlParams(); $url = $facebook->getLoginUrl($params); if ($url) { return $this->redirect($url, 302); } else { $form->sessionMessage("Unable to login to Facebook at this time.", "bad"); } } } // Extend Failed facebook login if (!Member::currentUser()) { $this->extend("onAfterFailedFacebookLogin"); } return $this->renderWith(array("FacebookController", "Page", "Controller")); }
public function testSetsOwnerOnFirstWrite() { Session::set('loggedInAs', null); $member1 = new Member(); $member1->write(); $member2 = new Member(); $member2->write(); $file1 = new File(); $file1->write(); $this->assertEquals(0, $file1->OwnerID, 'Owner not written when no user is logged in'); $member1->logIn(); $file2 = new File(); $file2->write(); $this->assertEquals($member1->ID, $file2->OwnerID, 'Owner written when user is logged in'); $member2->logIn(); $file2->forceChange(); $file2->write(); $this->assertEquals($member1->ID, $file2->OwnerID, 'Owner not overwritten on existing files'); }
/** * No validation errors occured, so we register the customer and send * mails with further instructions for the double opt-in procedure. * * @param SS_HTTPRequest $data SS session data * @param Form $form the form object * @param array $formData CustomHTMLForms session data * @param bool $doRedirect Set to true to redirect after submitSuccess * * @return void * * @author Sebastian Diel <*****@*****.**>, * Roland Lehmann <*****@*****.**>, * Sascha Koehler <*****@*****.**> * @since 28.01.2015 */ protected function submitSuccess($data, $form, $formData, $doRedirect = true) { $anonymousCustomer = false; /* * Logout anonymous users and save their shoppingcart temporarily. */ if (SilvercartCustomer::currentUser()) { $anonymousCustomer = SilvercartCustomer::currentUser(); SilvercartCustomer::currentUser()->logOut(); } // Aggregate Data and set defaults $formData['MemberID'] = Member::currentUserID(); $formData['Locale'] = Translatable::get_current_locale(); if ($this->demandBirthdayDate()) { $formData['Birthday'] = $formData['BirthdayYear'] . '-' . $formData['BirthdayMonth'] . '-' . $formData['BirthdayDay']; if ($this->UseMinimumAgeToOrder()) { if (!SilvercartConfig::CheckMinimumAgeToOrder($formData['Birthday'])) { $this->errorMessages['BirthdayDay'] = array('message' => SilvercartConfig::MinimumAgeToOrderError(), 'fieldname' => _t('SilvercartPage.BIRTHDAY'), 'BirthdayDay' => array('message' => SilvercartConfig::MinimumAgeToOrderError())); $this->errorMessages['BirthdayMonth'] = array('message' => SilvercartConfig::MinimumAgeToOrderError(), 'fieldname' => _t('SilvercartPage.BIRTHDAY'), 'BirthdayMonth' => array('message' => SilvercartConfig::MinimumAgeToOrderError())); $this->errorMessages['BirthdayYear'] = array('message' => SilvercartConfig::MinimumAgeToOrderError(), 'fieldname' => _t('SilvercartPage.BIRTHDAY'), 'BirthdayYear' => array('message' => SilvercartConfig::MinimumAgeToOrderError())); $this->setSubmitSuccess(false); return $this->submitFailure($data, $form); } } } // Create new regular customer and perform a log in $customer = new Member(); // Pass shoppingcart to registered customer and delete the anonymous // customer. if ($anonymousCustomer) { $newShoppingCart = $anonymousCustomer->getCart()->duplicate(true); foreach ($anonymousCustomer->getCart()->SilvercartShoppingCartPositions() as $shoppingCartPosition) { $newShoppingCartPosition = $shoppingCartPosition->duplicate(false); $newShoppingCartPosition->SilvercartShoppingCartID = $newShoppingCart->ID; $newShoppingCartPosition->write(); $shoppingCartPosition->transferToNewPosition($newShoppingCartPosition); } $customer->SilvercartShoppingCartID = $newShoppingCart->ID; $anonymousCustomer->delete(); } $customer->castedUpdate($formData); $customer->write(); $customer->logIn(); $customer->changePassword($formData['Password']); $customerGroup = $this->getTargetCustomerGroup($formData); if ($customerGroup) { $customer->Groups()->add($customerGroup); } // Create ShippingAddress for customer and populate it with registration data $address = new SilvercartAddress(); $address->castedUpdate($formData); $country = DataObject::get_by_id('SilvercartCountry', (int) $formData['Country']); if ($country) { $address->SilvercartCountryID = $country->ID; } $address->write(); $this->extend('updateRegisteredAddress', $address, $data, $form, $formData); //connect the ShippingAddress and the InvoiceAddress to the customer $customer->SilvercartShippingAddressID = $address->ID; $customer->SilvercartInvoiceAddressID = $address->ID; $customer->SilvercartAddresses()->add($address); $customer->write(); // Remove from the anonymous newsletter recipients list if (SilvercartAnonymousNewsletterRecipient::doesExist($customer->Email)) { $recipient = SilvercartAnonymousNewsletterRecipient::getByEmailAddress($customer->Email); if ($recipient->NewsletterOptInStatus) { $customer->NewsletterOptInStatus = 1; $customer->NewsletterConfirmationHash = $recipient->NewsletterOptInConfirmationHash; $customer->write(); } SilvercartAnonymousNewsletterRecipient::removeByEmailAddress($customer->Email); } if ($customer->SubscribedToNewsletter && !$customer->NewsletterOptInStatus) { SilvercartNewsletter::subscribeRegisteredCustomer($customer); } $this->extend('updateRegisteredCustomer', $customer, $data, $form, $formData); if ($doRedirect) { // Redirect to welcome page if (array_key_exists('backlink', $formData) && !empty($formData['backlink'])) { $this->controller->redirect($formData['backlink']); } else { $this->controller->redirect($this->controller->PageByIdentifierCode('SilvercartRegisterConfirmationPage')->Link()); } } }
/** * Test that a member can be authenticated via their temp id */ public function testAuthenticateByTempID() { $member = new Member(); $member->Email = '*****@*****.**'; $member->PasswordEncryption = "sha1"; $member->Password = "******"; $member->write(); // Make form $controller = new Security(); $form = new Form($controller, 'Form', new FieldList(), new FieldList()); // If the user has never logged in, then the tempid should be empty $tempID = $member->TempIDHash; $this->assertEmpty($tempID); // If the user logs in then they have a temp id $member->logIn(true); $tempID = $member->TempIDHash; $this->assertNotEmpty($tempID); // Test correct login $result = MemberAuthenticator::authenticate(array('tempid' => $tempID, 'Password' => 'mypassword'), $form); $this->assertNotEmpty($result); $this->assertEquals($result->ID, $member->ID); $this->assertEmpty($form->Message()); // Test incorrect login $form->clearMessage(); $result = MemberAuthenticator::authenticate(array('tempid' => $tempID, 'Password' => 'notmypassword'), $form); $this->assertEmpty($result); $this->assertEquals('The provided details don't seem to be correct. Please try again.', $form->Message()); $this->assertEquals('bad', $form->MessageType()); }
/** * Creates an anonymous customer if there's no currentMember object. * * @return Member * * @author Sebastian Diel <*****@*****.**>, * Sascha Koehler <*****@*****.**> * @since 15.11.2014 */ public static function createAnonymousCustomer() { $member = self::currentUser(); if (!$member) { $member = new Member(); $member->write(); // Add customer to intermediate group $customerGroup = Group::get()->filter('Code', 'anonymous')->first(); if ($customerGroup) { $member->Groups()->add($customerGroup); } $member->logIn(true); } return $member; }