/**
* 根据id获得User完整信息,在整个会话期内只有一个User对象
* 本函数当前仅用于用户登陆认证环节
* 用户修改密码,要对一级缓存更新,二级缓存可不更新
* @param $name
* @return array
*/
public function getUserByName2($name)
{
if ($this->hasCache2 === true && $this->user !== NULL) {
Yii::trace("cache 2 get userName:"******"miniyun.cache2");
return $this->user;
}
$this->user = MiniUser::getInstance()->getUserByName($name);
return $this->user;
}
public function save()
{
if ($this->validate()) {
$userData = array("name" => $this->userName, "password" => $this->password, "is_admin" => 1, "email" => $this->email, "extend" => array("space" => $this->space));
MiniUser::getInstance()->create($userData);
MiniPlugin::getInstance()->enablePlugin("businessTheme");
return true;
}
return false;
}
/**
* 初始化参数对象
* 解析外部参数
* @param string $uri
* @param array $config
* @throws Exception
* @throws MException
* @return mix
*/
public static function initMThumbnailBase($uri, $config = NULL)
{
$thumbnailBase = new MThumbnailBase();
$format = "jpeg";
$size = "small";
if (isset($_REQUEST["format"])) {
$format = strtolower($_REQUEST["format"]);
}
// 默认值format
if ($format != "jpeg" && $format != "png") {
$format = "jpeg";
}
// 默认值size
if (isset($_REQUEST["size"])) {
$size = $_REQUEST["size"];
}
$signature = $_REQUEST["signature"];
// 解析文件路径,若返回false,则错误处理
$urlManager = new MUrlManager();
$path = $urlManager->parsePathFromUrl($uri);
if ($path == false) {
throw new MException(Yii::t('api', MConst::PATH_ERROR), MConst::HTTP_CODE_404);
}
$parts = array_slice(explode('/', $uri), 3);
$root = $parts[0];
// 检索的根路径
// 解析路径
$path = "/" . $path;
$path = MUtils::convertStandardPath($path);
// 用户信息
$user = MUserManager::getInstance()->getCurrentUser();
if (!empty($_REQUEST["userId"]) && $_REQUEST["userId"] != 'undefined' && $user['user_name'] == 'admin') {
$userId = $_REQUEST["userId"];
$user = MiniUser::getInstance()->getUser($userId);
}
if (dirname($path) == "/") {
$path = "/" . $user['id'] . $path;
}
$device = MUserManager::getInstance()->getCurrentDevice();
$thumbnailBase->user_id = $user["user_id"];
$thumbnailBase->user_nick = $user["user_name"];
$thumbnailBase->user_device_id = $device["device_id"];
$thumbnailBase->size = $size;
$thumbnailBase->format = $format;
$thumbnailBase->path = MUtils::convertStandardPath($path);
$thumbnailBase->root = $root;
$thumbnailBase->config = $config;
// 检查共享
$share_filter = MSharesFilter::init();
if ($share_filter->handlerCheck($thumbnailBase->user_id, $path, true)) {
$thumbnailBase->user_id = $share_filter->master;
$thumbnailBase->path = $share_filter->_path;
}
return $thumbnailBase;
}
/**
*
* 验证用户信息
* @param $userName
* @param $password
* @return bool
*/
public function validUser($userName, $password)
{
//迷你云第三方源验证
//admin为系统保留账号,不能进行第三方用户源的验证
if ($userName !== "admin") {
//是否开启用户源插件
$userSource = apply_filters('third_user_source', false);
//用户源插件未开启时
if ($userSource !== false) {
$userInfo = array();
$userInfo['userName'] = $userName;
$userInfo['password'] = $password;
$userData = $userSource->getUser($userInfo);
//返回false的情况
if (!$userData) {
//
//不存在judgeSelf方法则直接返回错误码
//
if (!method_exists($userSource, 'judgeSelf')) {
//
//设置错误码
//
$this->errorCode = $userSource->errorCode;
return false;
}
//迷你云系统进行验证
if ($userSource->judgeSelf()) {
$user = $this->validUserSelf($userName, $password);
return $user;
}
//
//设置错误码
//
$this->errorCode = $userSource->errorCode;
return false;
}
//存在该账号 则存储部分信息至迷你云数据库
$userData["name"] = $userData["user_name"];
$user = MiniUser::getInstance()->create($userData);
if (!empty($userData['departmentData'])) {
$model = new DepartmentBiz();
$model->import($userData['departmentData']);
}
if ($user["user_status"] == 0) {
$this->errorCode = MConst::ERROR_USER_DISABLED;
return false;
}
return $user;
}
}
//未开启则验证自有系统中是否存在此用户
return $this->validUserSelf($userName, $password);
}
/**
* 文件数据处理
*/
public function dealFile($file)
{
$user = MiniUser::getInstance()->getUser($file['user_id']);
$file['user_nick'] = $user['nick'];
$parentPath = explode('/', $file['file_path']);
array_pop($parentPath);
array_shift($parentPath);
array_shift($parentPath);
$parentPath = '/' . implode('/', $parentPath);
$file['parent_path'] = $parentPath;
return $file;
}
public function invoke()
{
$filter = new MUserFilter();
$filter->oauth2Judge();
//check user auth
$user = MUserManager::getInstance()->getCurrentUser();
$userId = $user["id"];
$user = MiniUser::getInstance()->getUser($userId);
if ($user["is_admin"] !== true) {
throw new MiniException(1200);
}
parent::invoke();
}
/**
* 获取events数据
*/
public function getList($path, $time, $deviceUuid, $pageSize, $currentPage)
{
$user = $this->user;
$userId = $user['id'];
$time = $this->getTime($time);
if ($path != "") {
$path = MiniUtil::joinPath($path);
}
$total = MiniEvent::getInstance()->getTotal($path, $time, $userId, $deviceUuid);
$totalPage = ceil($total / $pageSize);
$events = MiniEvent::getInstance()->getByCondition($path, $userId, $time, $deviceUuid, $pageSize, ($currentPage - 1) * $pageSize);
$itemList = array();
$data = array();
foreach ($events as $event) {
$item = array();
$device = MiniUserDevice::getInstance()->getUserDevice($event['user_device_id']);
$item['create_user_id'] = $device['user_id'];
$item['file_path'] = MiniUtil::getRelativePath($event['file_path']);
$item['action'] = $event['action'];
$item['user_name'] = $user['user_name'];
$item['user_device_type'] = $device['user_device_type'];
if ($device['user_id'] == $userId) {
$item['user_self'] = true;
} else {
$item['user_self'] = false;
$user = MiniUser::getInstance()->getById($device['user_id']);
$userMetas = MiniUserMeta::getInstance()->getUserMetas($device['user_id']);
if (isset($userMetas['nick'])) {
$item['user_name'] = $userMetas['nick'];
} else {
$item['user_name'] = $user['user_name'];
}
}
$item['created_at'] = MiniUtil::formatTime(strtotime($event['created_at']));
$item['user_device_name'] = $device['user_device_name'];
$item['context'] = MiniUtil::getRelativePath($event['context']);
$item['device_uuid'] = $device['user_device_uuid'];
if ($event['action'] == 2) {
//判断是否是重命名还是创建
$fromParent = CUtils::pathinfo_utf($event['file_path']);
$toParent = CUtils::pathinfo_utf($event['context']);
if ($fromParent['dirname'] == $toParent['dirname']) {
$item['action'] = MConst::RENAME;
}
}
$itemList[] = $item;
}
$data['events'] = $itemList;
$data['totalPage'] = $totalPage;
return $data;
}
public function createArray($value)
{
$messageData = array();
foreach ($value as $list) {
$userList = MiniUser::getInstance()->getUser($list['uu_id']);
$messageData['userName'] = $userList['user_name'];
$messageData['content'] = $list["content"];
$messageData['created_at'] = $list['created_at'];
$messageData['updated_at'] = $list['updated_at'];
$messageData['status'] = $list['status'];
$messageData['id'] = $list['id'];
$messageList[] = $messageData;
}
return $messageList;
}
/**
* 删除多余数据
*/
private function modifyData()
{
$users = MiniUser::getInstance()->getAll();
foreach ($users as $user) {
$path = "/" . $user["id"];
$file = MiniFile::getInstance()->getByPath($path);
if (!empty($file)) {
if ($user["id"] === $file["user_id"]) {
try {
MiniFile::getInstance()->deleteFile($file["id"]);
} catch (Exception $e) {
}
}
}
}
}
public function getOnlineUsers($refresh = false)
{
$data = array();
if (empty($this->items) || $refresh) {
$devices = MiniOnlineDevice::getInstance()->getOnlineDevices();
foreach ($devices as $item) {
$appId = $item["application_id"];
$device = MiniUserDevice::getInstance()->getUserDevice($item["device_id"]);
$user = MiniUser::getInstance()->getUser($device["user_id"]);
$online = array("name" => $user["user_name"], "nick" => $user['nick'], "appname" => $appId, "deviceName" => $device["user_device_name"], "deviceType" => $device["user_device_type"], "lastLoginTime" => $item["updated_at"], "avatar" => $user["avatar"]);
array_push($this->items, $online);
}
}
$data['list'] = $this->items;
$data['total'] = MiniOnlineDevice::getInstance()->getOnlineCount();
return $data;
}
/**
* 搜索用户
*/
public function searchFriends($key)
{
$userId = $this->user["id"];
$items = MiniUser::getInstance()->searchByName($userId, $key);
$users = array();
foreach ($items as $item) {
$friend = array();
$friend["id"] = $item["id"];
$friend["nick"] = $item["nick"];
$friend["name"] = $item["user_name"];
$friend["avatar"] = $item['avatar'];
$arr = MiniUserGroupRelation::getInstance()->findUserGroup($userId, $item["id"]);
$friend["user_group"] = $arr;
array_push($users, $friend);
}
return $users;
}
/**
* 群组下的用户列表
*/
public function userList($groupId)
{
$items = MiniUserGroupRelation::getInstance()->getList($groupId);
if ($items['success'] == true) {
$list = $items['list'];
$userList = array();
foreach ($list as $item) {
$arr = array();
$user = MiniUser::getInstance()->getUser($item['user_id']);
$arr['id'] = $item['user_id'];
$arr['name'] = $user['user_name'];
$arr['nick'] = $user['nick'];
$arr['avatar'] = $user['avatar'];
array_push($userList, $arr);
}
$items['list'] = $userList;
return $items;
} else {
return $items;
}
}
/**
* 分享用户指定分享
* @param $userNames
* @return bool
*/
public function sendToTransfer($userNames)
{
$link = MiniLink::getInstance()->getByKey($this->key);
if ($link === NULL) {
return;
}
$file = MiniFile::getInstance()->getById($link["file_id"]);
if ($file === NULL) {
return;
}
$deviceId = $this->device["id"];
if (count($userNames) > 0) {
foreach ($userNames as $name) {
$user = MiniUser::getInstance()->getUserByName($name);
if ($user === NULL) {
continue;
}
MiniFile::getInstance()->copy($file["id"], $user['id'], $deviceId, 0);
}
return true;
}
return false;
}
/**
* 查找文件是否被锁定
*/
public function status($filePath)
{
$fileMeta = MiniFileMeta::getInstance()->getFileMeta($filePath, 'lock');
$isLock = false;
$userId = $this->user['id'];
$isSelf = false;
//判断是否自己去操作修改
$index = 0;
$minArray = array();
$effectArray = array();
if (count($fileMeta) != 0) {
$metaValues = unserialize($fileMeta['meta_value']);
$nowTime = time();
foreach ($metaValues as $metaValue) {
$openTime = strtotime($metaValue['open_time']);
if ($metaValue['user_id'] == $userId && $nowTime - $openTime < 1800) {
$isSelf = true;
break;
}
if ($nowTime - $openTime < 1800) {
$effectArray[] = $metaValue;
$index++;
}
}
$sortArray = $this->quickSort($effectArray);
if (count($sortArray) != 0) {
$minArray = $sortArray[count($sortArray) - 1];
$user = MiniUser::getInstance()->getById($minArray['user_id']);
$minArray['user_name'] = $user['nick'];
}
}
if (!$isSelf && $index > 0) {
$isLock = true;
}
return array('success' => $isLock, 'data' => $minArray);
}
/**
* 获取文件信息
* @param $key
* @throws MiniException
* @return mixed
*/
public function getInfo($key)
{
$link = MiniLink::getInstance()->getByKey($key);
if ($link !== NULL) {
$file = MiniFile::getInstance()->getById($link["file_id"]);
if ($file !== NULL) {
$data = array();
$info = $this->do2vo($file);
if ($link['password'] != "-1") {
$info["is_set_password"] = true;
} else {
$info["is_set_password"] = false;
}
if (intval($link['expiry']) !== -1) {
if (intval($link['expiry']) - intval(time()) > 0) {
$info["is_in_expiry"] = true;
} else {
$info["is_in_expiry"] = false;
}
$info['in_expiry'] = $link['expiry'];
} else {
$info["is_in_expiry"] = true;
}
if (intval($link['user_id']) === intval($this->user['id'])) {
$info["is_owner"] = true;
} else {
$info["is_owner"] = false;
}
$user = MiniUser::getInstance()->getById($file["user_id"]);
$info["user_name"] = $user["user_name"];
$data["info"] = $info;
return $data;
}
}
throw new MiniException(1300);
}
/**
* 获得当前用户
* @return array|null
*/
public function getUser()
{
if (isset($this->user)) {
return $this->user;
}
$user = MUserManager::getInstance()->getCurrentUser();
if (!empty($user)) {
$user = MiniUser::getInstance()->getUser($user["id"]);
$data = array();
$data['user_uuid'] = $user["user_uuid"];
$data['user_name'] = $user["user_name"];
$data['display_name'] = $user["nick"];
$data['space'] = (double) $user["space"];
$data['used_space'] = (double) $user["usedSpace"];
$data['email'] = $user["email"];
$data['phone'] = $user["phone"];
$data['avatar'] = $user["avatar"];
$data['is_admin'] = $user["is_admin"];
$data['code'] = MiniOption::getInstance()->getOptionValue("code");
$this->user = $data;
return $data;
}
return NULL;
}
/**
* 获得拥有权限的用户列表
*/
public function getPrivilegeList($filePath)
{
//获得绝对路径
$privileges = MiniUserPrivilege::getInstance()->getPrivilegeList($filePath);
$groupPrivileges = MiniGroupPrivilege::getInstance()->getPrivilegeList($filePath);
$data = array();
foreach ($privileges as $item) {
$user = MiniUser::getInstance()->getUser($item['user_id']);
$privilege = array();
$privilege['id'] = $user['user_id'];
$privilege['name'] = $user['user_name'];
$privilege['nick'] = $user['nick'];
$privilege['avatar'] = $user['avatar'];
$privilege['user_status'] = $user['user_status'];
$permission = $item['permission'];
$readValue = substr($permission, 0, 1);
$modifyValue = substr($permission, 1);
$dirCreateValue = substr($permission, 1, 1);
$dirRenameValue = substr($permission, 2, 1);
$dirDelValue = substr($permission, 3, 1);
$fileUploadValue = substr($permission, 4, 1);
$contentValue = substr($permission, 5, 1);
$fileRenameValue = substr($permission, 6, 1);
$fileDelValue = substr($permission, 7, 1);
$previewValue = substr($permission, 8, 1);
if ($readValue == '1') {
//read权限 与js格式转化为一致
$privilege['view'] = true;
} else {
$privilege['view'] = false;
}
if ($dirCreateValue == '1') {
//dir_create权限 与js格式转化为一致
$privilege['dir_create'] = true;
} else {
$privilege['dir_create'] = false;
}
if ($dirRenameValue == '1') {
//dir_rename权限 与js格式转化为一致
$privilege['dir_rename'] = true;
} else {
$privilege['dir_rename'] = false;
}
if ($dirDelValue == '1') {
//dir_del权限 与js格式转化为一致
$privilege['dir_delete'] = true;
} else {
$privilege['dir_delete'] = false;
}
if ($fileUploadValue == '1') {
//file_upload权限 与js格式转化为一致
$privilege['file_upload'] = true;
} else {
$privilege['file_upload'] = false;
}
if ($fileRenameValue == '1') {
//file_rename权限 与js格式转化为一致
$privilege['file_rename'] = true;
} else {
$privilege['file_rename'] = false;
}
if ($contentValue == '1') {
//content权限 与js格式转化为一致
$privilege['file_edit'] = true;
} else {
$privilege['file_edit'] = false;
}
if ($fileDelValue == '1') {
//file_del权限 与js格式转化为一致
$privilege['file_delete'] = true;
} else {
$privilege['file_delete'] = false;
}
if ($previewValue == '1') {
//preview权限 与js格式转化为一致
$privilege['download'] = true;
} else {
$privilege['download'] = false;
}
if ($modifyValue == '11111111') {
$privilege['modified'] = true;
} else {
$privilege['modified'] = false;
}
$privilege['type'] = "0";
array_push($data, $privilege);
}
foreach ($groupPrivileges as $item) {
$group = MiniGroup::getInstance()->getById($item['group_id']);
$privilege = array();
$privilege['id'] = $item['group_id'];
$privilege['name'] = $group['group_name'];
$privilege['nick'] = $group['group_name'];
$privilege['avatar'] = MiniHttp::getMiniHost() . "static/images/icon_group.png";
$permission = $item['permission'];
$readValue = substr($permission, 0, 1);
$modifyValue = substr($permission, 1);
$dirCreateValue = substr($permission, 1, 1);
$dirRenameValue = substr($permission, 2, 1);
$dirDelValue = substr($permission, 3, 1);
$fileUploadValue = substr($permission, 4, 1);
$contentValue = substr($permission, 5, 1);
$fileRenameValue = substr($permission, 6, 1);
$fileDelValue = substr($permission, 7, 1);
$previewValue = substr($permission, 8, 1);
if ($readValue == '1') {
//read权限 与js格式转化为一致
$privilege['view'] = true;
} else {
$privilege['view'] = false;
}
if ($dirCreateValue == '1') {
//dir_create权限 与js格式转化为一致
$privilege['dir_create'] = true;
} else {
$privilege['dir_create'] = false;
}
if ($dirRenameValue == '1') {
//dir_rename权限 与js格式转化为一致
$privilege['dir_rename'] = true;
} else {
$privilege['dir_rename'] = false;
}
if ($dirDelValue == '1') {
//dir_del权限 与js格式转化为一致
$privilege['dir_delete'] = true;
} else {
$privilege['dir_delete'] = false;
}
if ($fileUploadValue == '1') {
//file_upload权限 与js格式转化为一致
$privilege['file_upload'] = true;
} else {
$privilege['file_upload'] = false;
}
if ($fileRenameValue == '1') {
//file_rename权限 与js格式转化为一致
$privilege['file_rename'] = true;
} else {
$privilege['file_rename'] = false;
}
if ($contentValue == '1') {
//content权限 与js格式转化为一致
$privilege['file_edit'] = true;
} else {
$privilege['file_edit'] = false;
}
if ($fileDelValue == '1') {
//file_del权限 与js格式转化为一致
$privilege['file_delete'] = true;
} else {
$privilege['file_delete'] = false;
}
if ($previewValue == '1') {
//preview权限 与js格式转化为一致
$privilege['download'] = true;
} else {
$privilege['download'] = false;
}
if ($modifyValue == '11111111') {
$privilege['modified'] = true;
} else {
$privilege['modified'] = false;
}
$privilege['type'] = "1";
array_push($data, $privilege);
}
return $data;
}
/**
*
* 删除用户相关信息
* @userIds 用户列表{1,2,3,4,5}这样的格式
*/
public function deleteUsers($userIds)
{
if ($userIds != '' && strlen($userIds) > 0) {
$ids = explode(',', $userIds);
$userFile = new UserFile();
foreach ($ids as $id) {
// 删除用户共享文件
$userFile->deleteSharedFolders($id);
//删除所有标签信息
Tag::model()->deleteUserAllTag($id);
//删除我的最爱文件
FileStar::model()->deleteUserAllStar($id);
}
//删除用户的文件信息
$userFile->deleteUserFile($userIds);
//删除用户的群组部门关系
MiniUserGroupRelation::getInstance()->deleteUserRelation($userIds);
//删除用户的事件信息
MiniEvent::getInstance()->deleteByIds($userIds);
//删除用户Meta以及用户自己
foreach ($ids as $id) {
//删除用户自身
MiniUser::getInstance()->deleteUser($id);
}
}
}
/**
* Grant or deny a requested access token.
*
* This would be called from the "/token" endpoint as defined in the spec.
* Obviously, you can call your endpoint whatever you want.
*
* @see http://tools.ietf.org/html/draft-ietf-oauth-v2-10#section-4
*
* @ingroup oauth2_section_4
*/
public function grantAccessToken()
{
$filters = array("grant_type" => array("filter" => FILTER_VALIDATE_REGEXP, "options" => array("regexp" => OAUTH2_GRANT_TYPE_REGEXP), "flags" => FILTER_REQUIRE_SCALAR), "scope" => array("flags" => FILTER_REQUIRE_SCALAR), "code" => array("flags" => FILTER_REQUIRE_SCALAR), "redirect_uri" => array("filter" => FILTER_SANITIZE_URL), "username" => array("flags" => FILTER_REQUIRE_SCALAR), "password" => array("flags" => FILTER_REQUIRE_SCALAR), "assertion_type" => array("flags" => FILTER_REQUIRE_SCALAR), "assertion" => array("flags" => FILTER_REQUIRE_SCALAR), "refresh_token" => array("flags" => FILTER_REQUIRE_SCALAR));
if ($_SERVER["REQUEST_METHOD"] == "GET") {
$input = filter_input_array(INPUT_GET, $filters);
} else {
$input = filter_input_array(INPUT_POST, $filters);
}
// Grant Type must be specified.
if (!$input["grant_type"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST, 'Invalid grant_type parameter or parameter missing');
}
// Make sure we've implemented the requested grant type
if (!in_array($input["grant_type"], $this->getSupportedGrantTypes())) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_UNSUPPORTED_GRANT_TYPE);
}
// Authorize the client
$client = $this->getClientCredentials();
$result = $this->checkClientCredentials($client[0], $client[1]);
if ($result === FALSE) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_CLIENT);
}
//
// judage app disable
//
if ($result['enabled'] == 0) {
$this->errorJsonResponse(OAUTH2_HTTP_LOCKED, SYSTEM_ERROR_APP_DISABLED);
}
if (!$this->checkRestrictedGrantType($client[0], $input["grant_type"])) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_UNAUTHORIZED_CLIENT);
}
//custom lifttime
$this->setVariable("access_token_lifetime", 2592000);
// 30day
$this->setVariable("refresh_token_lifetime", 31536000);
// 365day
// Do the granting
switch ($input["grant_type"]) {
//免登陆接口
case OAUTH2_GRANT_TYPE_FREE_LOGIN:
$stored = $this->checkUserCredentials($client[0], "", "");
//store the device_id
$this->setVariable('device_id', $stored["device_id"]);
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
if ($stored === FALSE) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT);
}
break;
case OAUTH2_GRANT_TYPE_AUTH_CODE:
if (!$input["code"] || !$input["redirect_uri"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST);
}
$stored = $this->getAuthCode($input["code"]);
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
// Ensure that the input uri starts with the stored uri
if ($stored === NULL || strcasecmp(substr($input["redirect_uri"], 0, strlen($stored["redirect_uri"])), $stored["redirect_uri"]) !== 0 || $client[0] != $stored["client_id"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT);
}
if ($stored["expires"] < time()) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_EXPIRED_TOKEN);
}
break;
case OAUTH2_GRANT_TYPE_USER_CREDENTIALS:
if (!$input["username"] || !$input["password"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST, 'Missing parameters. "username" and "password" required');
}
//客户端禁用,给出提示
$this->filterPClientEnabled();
$stored = $this->checkUserCredentials($client[0], $input["username"], $input["password"]);
//store the device_id
$this->setVariable('device_id', $stored["device_id"]);
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
if ($stored === FALSE) {
//为密码锁定与错误提示提供数据
$userName = $_REQUEST['username'];
if (empty($userName)) {
$userName = $_POST['username'];
}
$name = urldecode($userName);
$isEnabled = MiniUser::getInstance()->isEnabled($name);
if (!$isEnabled) {
$errorDescription = array("is_disabled" => 1);
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT, $errorDescription);
} else {
$isLock = MiniUser::getInstance()->isLock($name);
$errorCount = MiniUser::getInstance()->getPasswordErrorCount($name);
$errorDescription = array("is_lock" => $isLock, "error_count" => $errorCount);
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT, $errorDescription);
}
}
break;
case OAUTH2_GRANT_TYPE_ASSERTION:
if (!$input["assertion_type"] || !$input["assertion"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST);
}
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
$stored = $this->checkAssertion($client[0], $input["assertion_type"], $input["assertion"]);
if ($stored === FALSE) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT);
}
break;
case OAUTH2_GRANT_TYPE_REFRESH_TOKEN:
if (!$input["refresh_token"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST, 'No "refresh_token" parameter found');
}
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
$stored = $this->getRefreshToken($input["refresh_token"]);
if ($stored === NULL || $client[0] != $stored["client_id"]) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT);
}
if ($stored["expires"] < time()) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_EXPIRED_TOKEN);
}
//获取device_id store the device_id
$storedOauth = $this->getAccessToken($stored["token"]);
$this->setVariable('device_id', $storedOauth["device_id"]);
// store the refresh token locally so we can delete it when a new refresh token is generated
$this->setVariable('_old_oauth_token', $stored["token"]);
$this->setVariable('_old_refresh_token', $input["refresh_token"]);
$this->setVariable('_old_scope', $storedOauth["scope"]);
break;
case OAUTH2_GRANT_TYPE_NONE:
$stored = $this->checkNoneAccess($client[0]);
// 用户被禁用
if (CUserValid::$userDisabled == true) {
$this->errorJsonResponse(OAUTH2_HTTP_DISABLED, SYSTEM_ERROR_USER_DISABLED);
}
if ($stored === FALSE) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_REQUEST);
}
}
// Check scope, if provided
if ($input["scope"] && (!is_array($stored) || !isset($stored["scope"]) || !$this->checkScope($input["scope"], $stored["scope"]))) {
$this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_SCOPE);
}
if (!$input["scope"]) {
$input["scope"] = NULL;
}
if ($input["grant_type"] == OAUTH2_GRANT_TYPE_REFRESH_TOKEN) {
$token = $this->createAccessToken($client[0], $this->getVariable("_old_scope"));
} else {
$token = $this->getToken($client[0], $input["scope"], $this->getVariable('device_id'));
if (!$token) {
$token = $this->createAccessToken($client[0], $input["scope"]);
}
}
$this->sendJsonHeaders();
return $token;
}
/**
* 修改密码
*/
public function updatePassword($newPassword, $password)
{
$userId = $this->user['id'];
$userName = $this->user['user_name'];
$model = new CUserValid();
$success = $model->validUser($userName, $password);
if ($success != false) {
MiniUser::getInstance()->updatePassword($userId, $newPassword);
$success = true;
}
return $success;
}
/**
* 后台创建用户
*/
public function adminCreateUser($userData)
{
if ($this->validateName($userData["user_name"])) {
//用户验证随机数
$salt = MiniUtil::genRandomString(6);
//存储User数据
$user = new User();
$user["user_uuid"] = uniqid();
$user["user_name"] = trim($userData["user_name"]);
$user["salt"] = $salt;
$user["user_status"] = 1;
$user["user_pass"] = MiniUtil::signPassword($userData["password"], $salt);
$user->save();
//存储UserMeta数据
if (strlen($userData["email"])) {
//email
$userMeta = new UserMeta();
$userMeta["user_id"] = $user["id"];
$userMeta["meta_key"] = "email";
$userMeta["meta_value"] = $userData["email"];
$userMeta->save();
}
if (strlen($userData["nick"])) {
//nick
$userMeta = new UserMeta();
$userMeta["user_id"] = $user["id"];
$userMeta["meta_key"] = "nick";
$userMeta["meta_value"] = $userData["nick"];
$userMeta->save();
}
$userMeta = new UserMeta();
//管理员
$userMeta["user_id"] = $user["id"];
$userMeta["meta_key"] = "is_admin";
$userMeta["meta_value"] = $userData["is_admin"];
$userMeta->save();
$userMeta = new UserMeta();
//空间数
$userMeta["user_id"] = $user["id"];
$userMeta["meta_key"] = "space";
$userMeta["meta_value"] = $userData["space"];
$userMeta->save();
//更新用户的拼音信息
MiniUser::getInstance()->updateUserNamePinYin($user["id"]);
return true;
}
return 'exist';
}
/**
* 获取目录树
* @param $parentGroupId
* @param bool $showUser
* @return array
*/
public function getTreeNodes($parentGroupId, $showUser = true)
{
$relations = MiniGroupRelation::getInstance()->getByParentId($parentGroupId);
$userRelations = MiniUserGroupRelation::getInstance()->getByGroupId($parentGroupId);
if (isset($relations)) {
foreach ($relations as $relation) {
$group = $this->getById($relation['group_id']);
$newGroup[] = $group['id'];
$newGroup[] = $group['group_name'];
$groups[] = $group;
}
}
if (0 < count($groups)) {
for ($i = 0; $i < count($groups); $i++) {
$groups[$i]['nodes'] = $this->getTreeNodes($groups[$i]['id'], $showUser);
if ($groups[$i]['nodes'] == NULL) {
$groups[$i]['nodes'] = array();
}
}
}
if ($showUser) {
if ($userRelations) {
foreach ($userRelations as $userRelation) {
$user = array();
$userInfo = MiniUser::getInstance()->getById($userRelation['user_id']);
$user['id'] = $userInfo['id'];
$user['user_name'] = $userInfo['nick'];
$user['group_id'] = $parentGroupId;
$groups[] = $user;
}
}
}
return $groups;
}
public function updateData()
{
MiniUser::getInstance()->updateAllUserNamePinyin();
}
public function getPermission($path, $userId)
{
$file = MiniFile::getInstance()->getByPath($path);
if (empty($file)) {
throw new MFilesException(Yii::t('api', MConst::PARAMS_ERROR), MConst::HTTP_CODE_400);
}
//查询公共目录
$pathArr = explode('/', $path);
$masterId = $pathArr[1];
$master = MiniUser::getInstance()->getUser($masterId, false);
$shareUserNick = $master['nick'];
$privilegeLength = 9;
$file = MiniFile::getInstance()->getByPath($path);
$fileType = $file['file_type'];
if ($fileType == 2) {
//如果刚好是共享目录
if ((int) $masterId != $userId) {
//该共享目录非当前用户目录时才会涉及权限
$userPrivilege = MiniUserPrivilege::getInstance()->getSpecifyPrivilege($userId, $path);
if (empty($userPrivilege)) {
//如果不存在user_privilege,则向上查找group_privilege和department_privilege
$groupPermission = GroupPermissionBiz::getInstance()->getPermission($path, $userId);
$departmentPrivilege = new DepartmentPermissionBiz();
$departmentPermission = $departmentPrivilege->getPermission($userId, $path);
if (empty($groupPermission)) {
$permission = $departmentPermission;
}
if (empty($departmentPermission)) {
$permission = $groupPermission;
}
if (!empty($groupPermission) && !empty($departmentPermission)) {
$permission = '';
$total = $groupPermission + $departmentPermission;
for ($i = 0; $i < $privilegeLength; $i++) {
$value = substr($total, $i, 1);
if ($value == '1' || $value == '2') {
$permission .= '1';
} else {
$permission .= '0';
}
}
}
if (empty($groupPermission) && empty($departmentPermission)) {
$permission = null;
}
} else {
$permission = $userPrivilege['permission'];
}
if ($permission == null) {
return array('permission' => $permission);
}
return array("permission" => $permission, "share_root_path" => $path, "share_user_nick" => $shareUserNick, "is_share_folder" => true, 'can_set_share' => 0);
}
return array("permission" => MConst::SUPREME_PERMISSION, "share_root_path" => $path, "share_user_nick" => $shareUserNick, 'can_set_share' => 1);
}
if ($fileType == 1 || $fileType == 0) {
//普通目录情况
$model = new GeneralFolderPermissionBiz($path);
// if($model->permission == null){
if ($model->isChildrenShared($path)) {
$permission = MConst::SUPREME_PERMISSION;
return array("permission" => $permission, "share_user_nick" => $shareUserNick, 'children_shared' => true, 'can_set_share' => 0);
}
// }
if ($model->isShared) {
//如果该普通目录向上或者向下有共享
if ($model->isParentShared($path)) {
//如果是父目录被共享
if ((int) $masterId != $userId) {
//非共享者本人操作此文件
$permission = $model->permission;
return array("permission" => $permission, "share_root_path" => $model->shareRootPath, "share_user_nick" => $shareUserNick, "is_share_folder" => true, 'can_set_share' => 0);
} else {
//本人操作文件
$permission = MConst::SUPREME_PERMISSION;
return array("permission" => $permission, "share_root_path" => $model->shareRootPath, "share_user_nick" => $shareUserNick, "is_share_folder" => true, 'can_set_share' => 0);
}
}
} else {
//向上向下均没有共享
return null;
}
}
if ($fileType == 4) {
//公共目录情况
$model = new PublicFolderPermissionBiz();
$permission = $model->getPublicPermission($path);
if ($permission == null) {
return null;
}
if ((int) $masterId != $userId) {
//非共享者本人操作此文件
return array("permission" => $permission, "share_user_nick" => $shareUserNick, "is_public_folder" => true, 'can_set_share' => 0);
} else {
$permission = MConst::SUPREME_PERMISSION;
return array("permission" => $permission, "share_user_nick" => $shareUserNick, "is_public_folder" => true, 'can_set_share' => 0);
}
}
}
/**
* 同步所有域帐号
*/
public function actionSyncUsers()
{
$ldapInfo = array();
$userSource = apply_filters('third_user_source', false);
if ($userSource == false) {
echo 'LDAP插件未启用';
exit;
}
$ldapInfo['ldap_host'] = MiniOption::getInstance()->getOptionValue('ldap_host');
$ldapInfo['ldap_port'] = MiniOption::getInstance()->getOptionValue('ldap_port');
$ldapInfo['ldap_base_cn'] = MiniOption::getInstance()->getOptionValue('ldap_base_cn');
$ldapInfo['ldap_primary_key'] = MiniOption::getInstance()->getOptionValue('ldap_primary_key');
$ldapInfo['ldap_nick'] = MiniOption::getInstance()->getOptionValue('ldap_nick');
$ldapInfo['department_alias'] = MiniOption::getInstance()->getOptionValue('ldap_department_name');
$ldapInfo['ldap_test_user_name'] = MiniOption::getInstance()->getOptionValue('ldap_test_user_name');
$ldapInfo['ldap_test_password'] = MiniOption::getInstance()->getOptionValue('ldap_test_password');
$ldapInfo['ldap_sync_department'] = MiniOption::getInstance()->getOptionValue('ldap_sync_department');
foreach ($ldapInfo as $info) {
if (empty($info)) {
echo 'LDAP插件未设置!';
exit;
}
}
$ldapUsrDom = "@" . $this->getLdapHost($ldapInfo['ldap_base_cn']);
$ldapConn = @ldap_connect($ldapInfo['ldap_host'], $ldapInfo['ldap_port']);
@ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
// @ldap_bind($ldapConn,iconv('utf-8', $ldapInfo['ldap_coding'],$ldapInfo['ldap_test_user_name'].$ldapUsrDom),$ldapInfo['ldap_test_password']); //验证账号与密码
@ldap_bind($ldapConn);
$attrItems = array("ou", "dn", "mail", "telephoneNumber", $ldapInfo['ldap_nick'], "useraccountcontrol", $ldapInfo['department_alias']);
$results = @ldap_search($ldapConn, $ldapInfo['ldap_base_cn'], "(|(sn=*)(givenname=*))", $attrItems);
$entries = @ldap_get_entries($ldapConn, $results);
$results2 = @ldap_search($ldapConn, $ldapInfo['ldap_base_cn'], "(ou=*)", $attrItems);
$entries2 = @ldap_get_entries($ldapConn, $results2);
foreach ($entries as $key => $entry) {
$userData = array();
$extend = array();
if (!empty($entry['dn'])) {
$userData['user_status'] = 1;
$dn = $entry['dn'];
$cn = explode(',', $dn)[0];
$department = $this->getDepartment($dn);
$userName = explode('=', $cn)[1];
$userData['nick'] = $userName;
$userData['name'] = $userName;
if (!empty($entry['telephonenumber'])) {
$extend['phone'] = $entry['telephonenumber'][0];
}
if (!empty($entry[$ldapInfo['ldap_nick']])) {
$extend['nick'] = $entry[$ldapInfo['ldap_nick']][0];
}
if (!empty($entry['mail'])) {
$extend['email'] = $entry['mail'][0];
}
if (!empty($entry['dn'])) {
$extend['dn'] = $entry['dn'];
}
if (!empty($extend)) {
$userData['extend'] = $extend;
}
}
if (!empty($userData)) {
MiniUser::getInstance()->create($userData);
echo '已导入:' . $userData['name'] . "\n";
if ($key + 1 == $entries['count']) {
echo '共导入' . $entries['count'] . "位用户\n";
}
if ($ldapInfo['ldap_sync_department'] != 'false' && !empty($department)) {
$this->importDepartment($userName, $department, $entries2, $ldapInfo['department_alias']);
}
}
}
}
/**
* 根据用户名+密码查询账号是否在AD服务器中
* @param string $userName
* @param string $password
* @return array|bool
*/
function getMember($userName, $password)
{
$adWhiteListOpen = MiniOption::getInstance()->getOptionValue('ad_white_list_open');
if ($adWhiteListOpen == 'true') {
$user = MiniUser::getInstance()->getUserByName($userName);
if (empty($user)) {
$this->code = -2;
return false;
}
}
$ldapUsrDom = "@" . $this->getHost();
$userName = str_replace($ldapUsrDom, "", $userName);
$ldapConn = @ldap_connect($this->host, $this->port);
if (!$ldapConn) {
$this->code = -1;
#服务器无法连接
return false;
}
@ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
$loginResult = @ldap_bind($ldapConn, iconv('utf-8', $this->coding, $userName . $ldapUsrDom), $password);
//验证账号与密码
if (!$loginResult) {
$this->code = -2;
#测试帐号与密码错误
return false;
}
$dn = $this->filter;
$attrItems = array("ou", "sn", "mail", "telephonenumber", "displayname", "department");
$query = "(&(userprincipalname=" . iconv('utf-8', $this->coding, $userName . $ldapUsrDom) . "))";
//验证账号是否在过滤条件中
$results = @ldap_search($ldapConn, $dn, $query, $attrItems);
$entries = @ldap_get_entries($ldapConn, $results);
if ($entries['count'] == 0) {
$this->code = -2;
#测试帐号与密码错误
return false;
}
$output = array();
$extend = array();
$extend["nick"] = $userName;
$output["user_name"] = $userName;
if ($entries['count'] != 0) {
$entries = @ldap_get_entries($ldapConn, $results);
array_shift($entries);
if (count($entries) > 0) {
//获得更加详细的信息
$entry = $entries[0];
$phoneInfo = $this->getValue("telephonenumber", $entry);
//获得电话号码
if ($phoneInfo != null) {
$extend["phone"] = $phoneInfo;
}
$displayNameInfo = $this->getValue("displayname", $entry);
//获得昵称与全名
if ($displayNameInfo != null) {
$extend["nick"] = $displayNameInfo;
} else {
$extend["nick"] = $userName;
}
$mailInfo = $this->getValue("mail", $entry);
//获得电子邮件
if ($mailInfo != null) {
$extend["email"] = $mailInfo;
}
if ($this->syncDepartment != 'false') {
$department = $this->getValue("dn", $entry);
//获得昵称与全名
if ($department != null) {
$departmentInfo = $this->getDevelopment($department);
if (!empty($departmentInfo)) {
$output['departmentData'][0][] = $departmentInfo;
$output['departmentData'][0][] = $userName;
}
}
}
}
}
$output["extend"] = $extend;
ldap_close($ldapConn);
return $output;
}
/**
* 更新用户属性
* @param int $userId
* @param string $key
* @param string $value
* @return array
*/
public function updateMeta($userId, $key, $value)
{
//更新数据库
$userMeta = UserMeta::model()->findByAttributes(array('user_id' => $userId, 'meta_key' => $key));
if (empty($userMeta)) {
$userMeta = new UserMeta();
$userMeta["user_id"] = $userId;
$userMeta["meta_key"] = $key;
}
$userMeta["meta_value"] = $value;
$userMeta->save();
if ($this->hasCache === true) {
//清空缓存以用户Id为主键的cache
$userCacheId = $this->getCacheKey($userId);
$this->deleteCache($userCacheId);
//清空缓存用户信息
MiniUser::getInstance()->cleanCache($userId);
}
if ($key === "nick") {
//如修改昵称,则将用户的拼音信息一起更换
MiniUser::getInstance()->updateUserNamePinYin($userId);
}
return $userMeta;
}
/**
* 历史版本恢复
* @param int $deviceId
* @param string $filePath
* @param string $signature
* @return bool
*/
public function recover($deviceId, $filePath, $signature)
{
$version = MiniVersion::getInstance()->getBySignature($signature);
$file = $this->getModelByPath($filePath);
if ($version["id"] == $file['version_id']) {
return true;
}
$device = MiniUserDevice::getInstance()->getById($deviceId);
$userId = $device["user_id"];
$user = MiniUser::getInstance()->getUser($userId);
$userNick = $user["nick"];
// events表 相关操作
$userDeviceName = $device["user_device_name"];
$userDeviceId = $device["id"];
$signature = $version['file_signature'];
$action = CConst::MODIFY_FILE;
$file->file_update_time = time();
$context = array('hash' => $signature, 'rev' => (int) $version["id"], 'bytes' => (int) $version['file_size'], 'update_time' => (int) $file->file_update_time, 'create_time' => (int) $file['file_create_time']);
$filePath = $file['file_path'];
$eventUuid = MiniUtil::getEventRandomString(CConst::LEN_EVENT_UUID);
MiniEvent::getInstance()->createEvent($file['user_id'], $userDeviceId, $action, $filePath, serialize($context), $eventUuid);
//create event
// files表相关操作
$file->version_id = $version["id"];
$file->event_uuid = $eventUuid;
$file->file_size = $version['file_size'];
$file->save();
// meta表相关操作
$fileMeta = FileMeta::model()->find('file_path = ?', array($filePath));
$versions = CUtils::getFileVersions($userDeviceName, $version['file_size'], $version["id"], CConst::WEB_RESTORE, $userId, $userNick, $fileMeta['meta_value']);
$fileMeta->meta_value = $versions;
$fileMeta->save();
//更新版本引用数
MiniVersion::getInstance()->updateRefCountByIds(array($version["id"]), TRUE);
return true;
}
/**
* 同步所有域帐号
*/
public function actionSyncUsers()
{
$adInfo = array();
$userSource = apply_filters('third_user_source', false);
if ($userSource == false) {
echo 'AD插件未启用';
exit;
}
$adInfo['ad_ldap_host'] = MiniOption::getInstance()->getOptionValue('ad_ldap_host');
$adInfo['ad_ldap_port'] = MiniOption::getInstance()->getOptionValue('ad_ldap_port');
$adInfo['ad_ldap_base_cn'] = MiniOption::getInstance()->getOptionValue('ad_ldap_base_cn');
$adInfo['ad_test_user_name'] = MiniOption::getInstance()->getOptionValue('ad_test_user_name');
$adInfo['ad_test_password'] = MiniOption::getInstance()->getOptionValue('ad_test_password');
$adInfo['ad_sync_department'] = MiniOption::getInstance()->getOptionValue('ad_sync_department');
foreach ($adInfo as $info) {
if (empty($info)) {
echo 'AD插件未设置!';
exit;
}
}
$ldapUsrDom = "@" . $this->getAdHost($adInfo['ad_ldap_base_cn']);
$ldapConn = @ldap_connect($adInfo['ad_ldap_host'], $adInfo['ad_ldap_port']);
@ldap_set_option($ldapConn, LDAP_OPT_PROTOCOL_VERSION, 3);
@ldap_set_option($ldapConn, LDAP_OPT_REFERRALS, 0);
@ldap_bind($ldapConn, iconv('utf-8', $adInfo['ad_coding'], $adInfo['ad_test_user_name'] . $ldapUsrDom), $adInfo['ad_test_password']);
//验证账号与密码
$attrItems = array("ou", "dn", "mail", "telephonenumber", "displayname", "useraccountcontrol");
$results = @ldap_search($ldapConn, $adInfo['ad_ldap_base_cn'], "(|(sn=*)(givenname=*))", $attrItems);
$entries = @ldap_get_entries($ldapConn, $results);
foreach ($entries as $entry) {
$userData = array();
$extend = array();
if (!empty($entry['dn'])) {
$userStatusNum = $entry['useraccountcontrol'][0];
if ($userStatusNum == '66050') {
$userData['user_status'] = 0;
} else {
$userData['user_status'] = 1;
}
$dn = $entry['dn'];
$cn = explode(',', $dn)[0];
$department = $this->getDepartment($dn);
$userName = explode('=', $cn)[1];
$userData['nick'] = $userName;
$userData['name'] = $userName;
if (!empty($entry['telephonenumber'])) {
$extend['phone'] = $entry['telephonenumber'][0];
}
if (!empty($entry['displayname'])) {
$extend['nick'] = $entry['displayname'][0];
}
if (!empty($entry['mail'])) {
$extend['email'] = $entry['mail'][0];
}
if (!empty($extend)) {
$userData['extend'] = $extend;
}
}
if (!empty($userData)) {
MiniUser::getInstance()->create($userData);
if ($adInfo['ad_sync_department'] != 'false' && !empty($department)) {
$this->importDepartment($userName, $department);
}
}
}
}
/**
* 执行查询用户设备信息
*
* @return mixed $value 返回最终需要执行完的结果
* @throws
* @since 1.0.7
*/
private function judgeDevice()
{
$deviceType = $_REQUEST['device_type'];
//这里对iPhone/iPad做了一个补偿操作,此前的绑定设备类型出了错误。因为类型是6而不是5
if (MiniHttp::isiPhone()) {
$deviceType = 6;
}
$deviceName = urldecode($_REQUEST['device_name']);
$deviceInfo = $_REQUEST['device_info'];
if (!empty($deviceType) && !empty($deviceName) && !empty($deviceInfo)) {
} else {
# 当用户传递过来的设备信息都为空时,表示为三方开发者
if (empty($deviceType) && empty($deviceName) && empty($deviceInfo)) {
$deviceType = 10;
$deviceName = "第三方用户";
$deviceInfo = "第三方设备";
} else {
throw new MAuthorizationException("param_is_null", MConst::HTTP_CODE_400);
}
}
//如被锁定,且是网页端则不进行登录。
$userName = $_REQUEST['username'];
if (empty($userName)) {
$userName = $_POST['username'];
}
$name = urldecode($userName);
$isLock = MiniUser::getInstance()->isLock($name);
$user = false;
if (!($isLock && MiniHttp::clientIsBrowser())) {
$user = self::searchUser();
}
if ($user === false) {
//如果用户在非锁定状态,则错误数+1
if (!$isLock) {
MiniUser::getInstance()->setPasswordError($name);
}
return false;
} else {
//如果用户登录正确,则把密码错误次数清空
MiniUser::getInstance()->cleanPasswordError($name);
}
if (!$user["user_status"]) {
throw new MAuthorizationException("User has disabled.", MConst::HTTP_CODE_407);
}
//对设备进行检测
$device = DeviceManager::getDevice($user["id"], $deviceType, $deviceName, $deviceInfo);
return $device;
}
