static function create_new_user($id) { $user = ORM::factory("pending_user", $id); $password = md5(uniqid(mt_rand(), true)); $new_user = identity::create_user($user->name, $user->full_name, $password, $user->email); $new_user->url = $user->url; $new_user->admin = false; $new_user->guest = false; $new_user->save(); $user->hash = md5(uniqid(mt_rand(), true)); $user->state = 2; $user->save(); self::send_user_created_confirmation($user, $password); return $new_user; }
static function create_new_user($id) { $user = ORM::factory("pending_user", $id); $password = md5(rand()); $new_user = identity::create_user($user->name, $user->full_name, $password); $new_user->email = $user->email; $new_user->url = $user->url; $new_user->admin = false; $new_user->guest = false; $new_user->save(); $default_group = module::get_var("registration", "default_group"); if (!empty($default_group)) { identity::add_user_to_group($new_user, $default_group); } $user->hash = md5(rand()); $user->state = 2; $user->save(); self::send_user_created_confirmation($user, $password); return $new_user; }
/** * Import a single user. */ static function import_user(&$queue) { $messages = array(); $g2_user_id = array_shift($queue); if (self::map($g2_user_id)) { return t("User with id: %id already imported, skipping", array("id" => $g2_user_id)); } if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) { self::set_map($g2_user_id, identity::guest()->id, "group"); return t("Skipping anonymous user"); } $g2_admin_group_id = g2(GalleryCoreApi::getPluginParameter("module", "core", "id.adminGroup")); try { $g2_user = g2(GalleryCoreApi::loadEntitiesById($g2_user_id)); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to import Gallery 2 user with id: %id\n%exception", array("id" => $g2_user_id, "exception" => (string) $e)), $e); } $g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId())); $user = identity::lookup_user_by_name($g2_user->getUsername()); if ($user) { $messages[] = t("Loaded existing user: '******'.", array("name" => $user->name)); } else { $email = $g2_user->getEmail(); if (empty($email) || !valid::email($email)) { $email = "*****@*****.**"; } try { $user = identity::create_user($g2_user->getUserName(), $g2_user->getFullName(), $g2_user->getHashedPassword(), $email); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to create user: '******' (id: %id)", array("name" => $g2_user->getUserName(), "id" => $g2_user_id)), $e, $messages); } if (class_exists("User_Model") && $user instanceof User_Model) { // This will work if G2's password is a PasswordHash password as well. $user->hashed_password = $g2_user->getHashedPassword(); } $messages[] = t("Created user: '******'.", array("name" => $user->name)); if ($email == "*****@*****.**") { $messages[] = t("Fixed invalid email (was '%invalid_email')", array("invalid_email" => $g2_user->getEmail())); } } $user->locale = $g2_user->getLanguage(); foreach ($g2_groups as $g2_group_id => $g2_group_name) { if ($g2_group_id == $g2_admin_group_id) { $user->admin = true; $messages[] = t("Added 'admin' flag to user"); } else { $group = identity::lookup_group(self::map($g2_group_id)); $user->add($group); $messages[] = t("Added user to group '%group'.", array("group" => $group->name)); } } try { $user->save(); self::set_map($g2_user->getId(), $user->id, "user"); } catch (Exception $e) { throw new G2_Import_Exception(t("Failed to create user: '******'", array("name" => $user->name)), $e, $messages); } return $messages; }
public function i_can_edit_test() { // Create a new user that belongs to no groups $user = identity::create_user("access_test", "Access Test", "*****", "*****@*****.**"); foreach ($user->groups() as $group) { $user->remove($group); } $user->save(); identity::set_active_user($user); // This user can't edit anything $root = item::root(); $this->assert_false(access::can("edit", $root)); // Now add them to a group that has edit permission $group = identity::create_group("access_test"); $group->add($user); $group->save(); access::allow($group, "edit", $root); $user = identity::lookup_user($user->id); // reload() does not flush related columns identity::set_active_user($user); // And verify that the user can edit. $this->assert_true(access::can("edit", $root)); }
/** * Import a single user. */ static function import_user(&$queue) { $g2_user_id = array_shift($queue); if (self::map($g2_user_id)) { return t("User with id: %id already imported, skipping", array("id" => $g2_user_id)); } if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) { self::set_map($g2_user_id, identity::guest()->id); return t("Skipping anonymous user"); } $g2_admin_group_id = g2(GalleryCoreApi::getPluginParameter("module", "core", "id.adminGroup")); try { $g2_user = g2(GalleryCoreApi::loadEntitiesById($g2_user_id)); } catch (Exception $e) { return t("Failed to import Gallery 2 user with id: %id\n%exception", array("id" => $g2_user_id, "exception" => $e->__toString())); } $g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId())); try { $user = identity::create_user($g2_user->getUsername(), $g2_user->getfullname(), ""); $message = t("Created user: '******'.", array("name" => $user->name)); } catch (Exception $e) { // @todo For now we assume this is a "duplicate user" exception $user = identity::lookup_user_by_name($g2_user->getUsername()); $message = t("Loaded existing user: '******'.", array("name" => $user->name)); } $user->hashed_password = $g2_user->getHashedPassword(); $user->email = $g2_user->getEmail(); $user->locale = $g2_user->getLanguage(); foreach ($g2_groups as $g2_group_id => $g2_group_name) { if ($g2_group_id == $g2_admin_group_id) { $user->admin = true; $message .= t("\n\tAdded 'admin' flag to user"); } else { $group = identity::lookup_group(self::map($g2_group_id)); $user->add($group); $message .= t("\n\tAdded user to group '%group'.", array("group" => $group->name)); } } $user->save(); self::set_map($g2_user->getId(), $user->id); return $message; }
static function random_user($password = "******") { $rand = "name_" . rand(); return identity::create_user($rand, $rand, $password, "{$rand}@rand.com"); }
static function album_add_form_completed($album, $form) { if ($form->privacy->private->checked) { $username = $form->privacy->username->value; $password = $form->privacy->password->value; // TODO validation // create a group based on username $group = identity::create_group($username); // create a user based on username $user = identity::create_user($username, $username, $password, $username . "@unknown.com"); identity::add_user_to_group($user, $group); // create user home $home = ORM::factory("user_home")->where("id", "=", $user->id)->find(); $home->id = $user->id; $home->home = $album->id; $home->save(); // reload album $album->reload(); // set permissions // deny all groups. $groups = ORM::factory("group")->find_all(); foreach ($groups as $group2) { if ($group->id != $group2->id) { access::deny($group2, "view", $album); access::deny($group2, "view_full", $album); } } // deny all other albums $albums = ORM::factory("item")->where("type", "=", "album")->find_all(); foreach ($albums as $albumt) { access::deny($group, "view", $albumt); } // allow access to newly created group access::allow($group, "view_full", $album); $parents = $album->parents(); foreach ($parents as $parent) { access::allow($group, "view", $parent); } access::allow($group, "view", $album); } }
static function create_new_user($id) { $user = ORM::factory("pending_user", $id); $password = md5(uniqid(mt_rand(), true)); $new_user = identity::create_user($user->name, $user->full_name, $password, $user->email); $new_user->url = $user->url; $new_user->admin = false; $new_user->guest = false; $new_user->save(); $group_id = module::get_var("registration", "default_group"); if ($group_id != null) { $default_group = group::lookup($group_id); if ($default_group != null) { $default_group->add($new_user); $default_group->save(); } } $user->hash = md5(uniqid(mt_rand(), true)); $user->state = 2; $user->save(); self::send_user_created_confirmation($user, $password); return $new_user; }
/** * authenticate the user * * @param string $url * @return boolean */ private function _auth($url) { $form = auth::get_login_form($url); $validform = $form->validate(); $valid = false; if ($validform) { // retrieve the values from the form $name = $form->login->inputs["name"]->value; $pass = $form->login->password->value; // do we have a user? $user = identity::lookup_user_by_name($name); $validuser = empty($user) ? false : true; // is the user authentic? $checkpass = $this->_checkpass($name, $pass); /* * we are concerned with these three possibilities: * 1. there is no valid user or no valid password * 2. there is no valid user but a valid password * 3. there is a valid user and a valid password */ // 1. there is no valid user or no valid password: error if (!$validuser || !$checkpass) { $form->login->inputs["name"]->add_error("invalid_login", 1); $name = $form->login->inputs["name"]->value; log::warning("user", t("Failed login for %name", array("name" => $name))); module::event("user_auth_failed", $name); } // 2. there is no valid user but a valid password: create account if allowed if (!$validuser && $checkpass && $this->create_account) { $account = $this->pam_auth->getAccount(); if ($account) { $password = md5(uniqid(mt_rand(), true)); $new_user = identity::create_user($account->name, $account->full_name, $password, $account->email); $new_user->url = ''; $new_user->admin = false; $new_user->guest = false; $new_user->save(); $user = identity::lookup_user_by_name($account->name); $validuser = empty($user) ? false : true; } } // 3. there is a valid user and a valid password: load user account if ($validuser && $checkpass) { auth::login($user); $valid = true; } } // regenerate the session id to avoid session trapping Session::instance()->regenerate(); return array($valid, $form); }