/**
* Save access data specified for a user in UserManagement form (groups association)
*
*
*/
public function saveAccessData($p)
{
if (!User::isVerified()) {
return array('success' => false, 'verify' => true);
}
if (!Security::canManage()) {
throw new \Exception(L\get('Access_denied'));
}
$p = (array) $p;
@($user_id = $this->extractId($p['id']));
/* analize groups:
- for newly associated groups the access should be updated
- for deassociated groups the access also should be reviewed/**/
/* get current user groups */
$current_groups = UsersGroups::getGroupIdsForUser($user_id);
$updating_groups = Util\toNumericArray(@$p['groups']);
$new_groups = array_diff($updating_groups, $current_groups);
$deleting_groups = array_diff($current_groups, $updating_groups);
foreach ($new_groups as $group_id) {
DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid)
VALUES($1, $2, $3)
ON DUPLICATE KEY
UPDATE uid = $3', array($user_id, $group_id, $_SESSION['user']['id'])) or die(DB\dbQueryError());
}
if (!empty($deleting_groups)) {
DB\dbQuery('DELETE
FROM users_groups_association
WHERE user_id = $1
AND group_id IN (' . implode(', ', $deleting_groups) . ')', $user_id) or die(DB\dbQueryError());
}
Security::calculateUpdatedSecuritySets($user_id);
Solr\Client::runBackgroundCron();
return array('success' => true);
}
/**
* set all sessions and cookie credentials after autentifications
* @param type $userId
*/
public static function setAsLoged($userId, $key)
{
// $logActionType = 'login';
$coreName = Config::get('core_name');
$ips = '|' . Util\getIPs() . '|';
$_SESSION['ips'] = $ips;
$_SESSION['key'] = $key;
$_COOKIE['key'] = $_SESSION['key'];
if (php_sapi_name() == "cli") {
$_COOKIE['key'] = $_SESSION['key'];
} else {
setcookie('key', $_SESSION['key'], 0, '/' . $coreName . '/', $_SERVER['SERVER_NAME'], !empty($_SERVER['HTTPS']), true);
}
$rez = array('success' => true, 'user' => array());
$r = User::getPreferences($userId);
if (!empty($r)) {
$r['admin'] = Security::isAdmin($userId);
$r['manage'] = Security::canManage($userId);
$r['first_name'] = htmlentities($r['first_name'], ENT_QUOTES, 'UTF-8');
$r['last_name'] = htmlentities($r['last_name'], ENT_QUOTES, 'UTF-8');
//set default theme
if (empty($r['cfg']['theme'])) {
$r['cfg']['theme'] = 'classic';
}
// do not expose security params
unset($r['cfg']['security']);
$rez['user'] = $r;
$_SESSION['user'] = $r;
if (php_sapi_name() == "cli") {
$_COOKIE['key'] = $_SESSION['key'];
} else {
setcookie('L', $r['language']);
}
// set user groups
$rez['user']['groups'] = UsersGroups::getGroupIdsForUser();
$_SESSION['user']['groups'] = $rez['user']['groups'];
$_SESSION['user']['TSV_checked'] = true;
}
return $rez;
}
/**
* login method for user authentication
* @param varchar $login username
* @param varchar $pass password
* @return array json responce
*/
public static function login($login, $pass)
{
$logActionType = 'login';
$ips = '|' . Util\getIPs() . '|';
$coreName = Config::get('core_name');
@(list($login, $loginAs) = explode('/', $login));
$_SESSION['ips'] = $ips;
$_SESSION['key'] = md5($ips . $login . $pass . time());
$_COOKIE['key'] = $_SESSION['key'];
setcookie('key', $_SESSION['key'], 0, '/' . $coreName . '/', $_SERVER['SERVER_NAME'], !empty($_SERVER['HTTPS']), true);
$rez = array('success' => false);
$user_id = false;
/* try to authentificate */
$res = DB\dbQuery('CALL p_user_login($1, $2, $3)', array($login, $pass, $ips)) or die(DB\dbQueryError());
if (($r = $res->fetch_assoc()) && $r['status'] == 1) {
$user_id = $r['user_id'];
}
$res->close();
DB\dbCleanConnection();
if ($user_id) {
$rez = array('success' => true, 'user' => array());
if (!empty($loginAs) && $login == 'root') {
$user_id = DM\User::getIdByName($loginAs);
}
$r = User::getPreferences($user_id);
if (!empty($r)) {
$r['admin'] = Security::isAdmin($user_id);
$r['manage'] = Security::canManage($user_id);
$r['first_name'] = htmlentities($r['first_name'], ENT_QUOTES, 'UTF-8');
$r['last_name'] = htmlentities($r['last_name'], ENT_QUOTES, 'UTF-8');
//set default theme
if (empty($r['cfg']['theme'])) {
$r['cfg']['theme'] = 'classic';
}
// do not expose security params
unset($r['cfg']['security']);
$rez['user'] = $r;
$_SESSION['user'] = $r;
setcookie('L', $r['language']);
// set user groups
$rez['user']['groups'] = UsersGroups::getGroupIdsForUser();
$_SESSION['user']['groups'] = $rez['user']['groups'];
}
} else {
//check if login exists and add user id to session for logging
$user_id = DM\User::getIdByName($login);
if (!empty($user_id)) {
$_SESSION['user']['id'] = $user_id;
$logActionType = 'login_fail';
}
$rez['msg'] = L\get('Auth_fail');
}
// $logParams = array(
// 'type' => $logActionType
// ,'data' => array(
// 'id' => @$_SESSION['user']['id']
// ,'name' => @Util\coalesce($_SESSION['user']['name'], $login)
// ,'result' => isset($_SESSION['user'])
// ,'info' => 'user: '.$login."\nip: ".$ips
// )
// );
// Log::add($logParams);
return $rez;
}
