/**
* Obtener los datos para la presentación de la tabla de eventos
*/
public function getEventlog()
{
$this->setAction(self::ACTION_EVL);
if (!$this->checkAccess()) {
return;
}
$this->view->addTemplate('eventlog');
$this->view->assign('rowClass', 'row_even');
$this->view->assign('isDemoMode', \SP\Util::demoIsEnabled() || !\SP\Session::getUserIsAdminApp());
$this->view->assign('limitStart', isset($this->view->limitStart) ? (int) $this->view->limitStart : 0);
$this->view->assign('events', \SP\Log::getEvents($this->view->limitStart));
$this->view->assign('totalRows', \SP\Log::$numRows);
$this->view->assign('firstPage', ceil(($this->view->limitStart + 1) / self::MAX_ROWS));
$this->view->assign('lastPage', ceil(\SP\Log::$numRows / self::MAX_ROWS));
$limitLast = \SP\Log::$numRows % self::MAX_ROWS == 0 ? \SP\Log::$numRows - self::MAX_ROWS : floor(\SP\Log::$numRows / self::MAX_ROWS) * self::MAX_ROWS;
$this->view->assign('pagerOnnClick', array('first' => 'sysPassUtil.Common.navLog(0,' . $this->view->limitStart . ')', 'last' => 'sysPassUtil.Common.navLog(' . $limitLast . ',' . $this->view->limitStart . ')', 'prev' => 'sysPassUtil.Common.navLog(' . ($this->view->limitStart - self::MAX_ROWS) . ',' . $this->view->limitStart . ')', 'next' => 'sysPassUtil.Common.navLog(' . ($this->view->limitStart + self::MAX_ROWS) . ',' . $this->view->limitStart . ')'));
}
/**
* Establecer variables para los interfaces que muestran datos
*/
private function setShowData()
{
$this->view->assign('showHistory', ($this->_action == Acl::ACTION_ACC_VIEW || $this->_action == Acl::ACTION_ACC_VIEW_HISTORY) && Acl::checkUserAccess(Acl::ACTION_ACC_VIEW_HISTORY) && ($this->view->isModified || $this->_action == Acl::ACTION_ACC_VIEW_HISTORY));
$this->view->assign('showDetails', $this->_action == Acl::ACTION_ACC_VIEW || $this->_action == Acl::ACTION_ACC_VIEW_HISTORY || $this->_action == Acl::ACTION_ACC_DELETE);
$this->view->assign('showPass', $this->_action == Acl::ACTION_ACC_NEW || $this->_action == Acl::ACTION_ACC_COPY);
$this->view->assign('showFiles', ($this->_action == Acl::ACTION_ACC_EDIT || $this->_action == Acl::ACTION_ACC_VIEW || $this->_action == Acl::ACTION_ACC_VIEW_HISTORY) && (\SP\Util::fileIsEnabled() && Acl::checkUserAccess(Acl::ACTION_ACC_FILES)));
$this->view->assign('showViewPass', ($this->_action == Acl::ACTION_ACC_VIEW || $this->_action == Acl::ACTION_ACC_VIEW_HISTORY) && (Acl::checkAccountAccess(Acl::ACTION_ACC_VIEW_PASS, $this->_account->getAccountDataForACL()) && Acl::checkUserAccess(Acl::ACTION_ACC_VIEW_PASS)));
$this->view->assign('showSave', $this->_action == Acl::ACTION_ACC_EDIT || $this->_action == Acl::ACTION_ACC_NEW || $this->_action == Acl::ACTION_ACC_COPY);
$this->view->assign('showEdit', $this->_action == Acl::ACTION_ACC_VIEW && Acl::checkAccountAccess(Acl::ACTION_ACC_EDIT, $this->_account->getAccountDataForACL()) && Acl::checkUserAccess(Acl::ACTION_ACC_EDIT) && !$this->_account->getAccountIsHistory());
$this->view->assign('showEditPass', $this->_action == Acl::ACTION_ACC_EDIT || $this->_action == Acl::ACTION_ACC_VIEW && Acl::checkAccountAccess(Acl::ACTION_ACC_EDIT_PASS, $this->_account->getAccountDataForACL()) && Acl::checkUserAccess(Acl::ACTION_ACC_EDIT_PASS) && !$this->_account->getAccountIsHistory());
$this->view->assign('showDelete', $this->_action == Acl::ACTION_ACC_DELETE || $this->_action == Acl::ACTION_ACC_EDIT && Acl::checkAccountAccess(Acl::ACTION_ACC_DELETE, $this->_account->getAccountDataForACL()) && Acl::checkUserAccess(Acl::ACTION_ACC_DELETE));
$this->view->assign('showRestore', $this->_action == Acl::ACTION_ACC_VIEW_HISTORY && Acl::checkAccountAccess(Acl::ACTION_ACC_EDIT, $this->_account->getAccountDataForACL($this->_account->getAccountParentId())) && Acl::checkUserAccess(Acl::ACTION_ACC_EDIT));
}
/**
* Constructor
*
* @param $template \SP\Template con instancia de plantilla
*/
public function __construct(\SP\Template $template = null)
{
parent::__construct($template);
$this->view->assign('isDemo', \SP\Util::demoIsEnabled());
$this->view->assign('sk', SessionUtil::getSessionKey());
}
/**
* Obtener la pestaña de LDAP
* @return bool
*/
public function getLdapTab()
{
$this->setAction(self::ACTION_CFG_LDAP);
if (!$this->checkAccess(self::ACTION_CFG_GENERAL)) {
return;
}
$this->view->addTemplate('ldap');
$this->view->assign('chkLdap', \SP\Config::getValue('ldap_enabled') ? 'checked="checked"' : '');
$this->view->assign('chkLdapADS', \SP\Config::getValue('ldap_ads') ? 'checked="checked"' : '');
$this->view->assign('ldapIsAvailable', \SP\Util::ldapIsAvailable());
$this->view->assign('ldapServer', \SP\Config::getValue('ldap_server'));
$this->view->assign('ldapBindUser', \SP\Config::getValue('ldap_binduser'));
$this->view->assign('ldapBindPass', \SP\Config::getValue('ldap_bindpass'));
$this->view->assign('ldapBase', \SP\Config::getValue('ldap_base'));
$this->view->assign('ldapGroup', \SP\Config::getValue('ldap_group'));
$this->view->assign('groups', \SP\DB::getValuesForSelect('usrGroups', 'usergroup_id', 'usergroup_name'));
$this->view->assign('profiles', \SP\DB::getValuesForSelect('usrProfiles', 'userprofile_id', 'userprofile_name'));
$this->view->assign('ldapDefaultGroup', \SP\Config::getValue('ldap_defaultgroup'));
$this->view->assign('ldapDefaultProfile', \SP\Config::getValue('ldap_defaultprofile'));
$this->view->assign('actionId', $this->getAction(), 'ldap');
$this->view->append('tabs', array('title' => _('LDAP')));
$this->view->assign('tabIndex', $this->getTabIndex(), 'ldap');
}
/**
* Comprobar y forzar (si es necesario) la coneción HTTPS
*/
private static function checkHttps()
{
if (Util::forceHttpsIsEnabled() && !Util::httpsEnabled()) {
$port = $_SERVER['SERVER_PORT'] != 443 ? ':' . $_SERVER['SERVER_PORT'] : '';
$fullUrl = 'https://' . $_SERVER['SERVER_NAME'] . $port . $_SERVER['REQUEST_URI'];
header('Location: ' . $fullUrl);
}
}
/**
* Devolver el código QR de la peticíón HTTP en base64
*
* @return bool|string
*/
public function getUserQRCode()
{
$data = Util::getDataFromUrl($this->getUserQRUrl());
if ($data === false) {
return false;
}
return base64_encode($data);
}
/**
* Procesar los resultados de la búsqueda y crear la variable que contiene los datos de cada cuenta
* a mostrar.
*
* @param &$results array Con los resultados de la búsqueda
*/
private function processSearchResults(&$results)
{
// Variables para la barra de navegación
$this->view->assign('firstPage', ceil(($this->view->limitStart + 1) / $this->view->limitCount));
$this->view->assign('lastPage', ceil(\SP\AccountSearch::$queryNumRows / $this->view->limitCount));
$this->view->assign('totalRows', \SP\AccountSearch::$queryNumRows);
$this->view->assign('filterOn', $this->_filterOn);
$limitLast = \SP\AccountSearch::$queryNumRows % $this->view->limitCount == 0 ? \SP\AccountSearch::$queryNumRows - $this->view->limitCount : floor(\SP\AccountSearch::$queryNumRows / $this->view->limitCount) * $this->view->limitCount;
$this->view->assign('pagerOnnClick', array('first' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ', 0,1)', 'last' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . $limitLast . ',1)', 'prev' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . ($this->view->limitStart - $this->view->limitCount) . ',1)', 'next' => 'sysPassUtil.Common.searchSort(' . $this->view->searchKey . ',' . ($this->view->limitStart + $this->view->limitCount) . ',1)'));
$accountLink = Session::getUserPreferences()->isAccountLink();
$topNavbar = Session::getUserPreferences()->isTopNavbar();
$optionalActions = Session::getUserPreferences()->isOptionalActions();
// Variables de configuración
$this->view->assign('accountLink', is_null($accountLink) ? \SP\Config::getValue('account_link', 0) : $accountLink);
$this->view->assign('topNavbar', $topNavbar);
$this->view->assign('optionalActions', $optionalActions);
$this->view->assign('requestEnabled', \SP\Util::mailrequestIsEnabled());
$this->view->assign('isDemoMode', \SP\Util::demoIsEnabled());
$maxTextLength = \SP\Util::resultsCardsIsEnabled() ? 40 : 60;
$wikiEnabled = \SP\Util::wikiIsEnabled();
if ($wikiEnabled) {
$wikiSearchUrl = \SP\Config::getValue('wiki_searchurl', false);
$this->view->assign('wikiFilter', explode(',', \SP\Config::getValue('wiki_filter')));
$this->view->assign('wikiPageUrl', \SP\Config::getValue('wiki_pageurl'));
}
$this->setSortFields();
$objAccount = new \SP\Account();
foreach ($results as $account) {
$objAccount->setAccountId($account->account_id);
$objAccount->setAccountUserId($account->account_userId);
$objAccount->setAccountUserGroupId($account->account_userGroupId);
$objAccount->setAccountOtherUserEdit($account->account_otherUserEdit);
$objAccount->setAccountOtherGroupEdit($account->account_otherGroupEdit);
// Obtener los datos de la cuenta para aplicar las ACL
$accountAclData = $objAccount->getAccountDataForACL();
// Establecer los permisos de acceso
$accView = \SP\Acl::checkAccountAccess(self::ACTION_ACC_VIEW, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_VIEW);
$accViewPass = \SP\Acl::checkAccountAccess(self::ACTION_ACC_VIEW_PASS, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_VIEW_PASS);
$accEdit = \SP\Acl::checkAccountAccess(self::ACTION_ACC_EDIT, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_EDIT);
$accCopy = \SP\Acl::checkAccountAccess(self::ACTION_ACC_COPY, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_COPY);
$accDel = \SP\Acl::checkAccountAccess(self::ACTION_ACC_DELETE, $accountAclData) && \SP\Acl::checkUserAccess(self::ACTION_ACC_DELETE);
$show = $accView || $accViewPass || $accEdit || $accCopy || $accDel;
// Obtenemos datos si el usuario tiene acceso a los datos de la cuenta
if ($show) {
$secondaryGroups = \SP\Groups::getGroupsNameForAccount($account->account_id);
$secondaryUsers = UserAccounts::getUsersNameForAccount($account->account_id);
$secondaryAccesses = '<em>(G) ' . $account->usergroup_name . '*</em><br>';
if ($secondaryGroups) {
foreach ($secondaryGroups as $group) {
$secondaryAccesses .= '<em>(G) ' . $group . '</em><br>';
}
}
if ($secondaryUsers) {
foreach ($secondaryUsers as $user) {
$secondaryAccesses .= '<em>(U) ' . $user . '</em><br>';
}
}
$accountNotes = '';
if ($account->account_notes) {
$accountNotes = strlen($account->account_notes) > 300 ? substr($account->account_notes, 0, 300) . "..." : $account->account_notes;
$accountNotes = nl2br(wordwrap(htmlspecialchars($accountNotes), 50, '<br>', true));
}
}
// Variable $accounts de la plantilla utilizada para obtener los datos de las cuentas
$this->view->append('accounts', array('id' => $account->account_id, 'name' => $account->account_name, 'login' => \SP\Html::truncate($account->account_login, $maxTextLength), 'category_name' => $account->category_name, 'customer_name' => \SP\Html::truncate($account->customer_name, $maxTextLength), 'customer_link' => $wikiEnabled ? $wikiSearchUrl . $account->customer_name : '', 'color' => $this->pickAccountColor($account->account_customerId), 'url' => $account->account_url, 'url_short' => \SP\Html::truncate($account->account_url, $maxTextLength), 'url_islink' => preg_match("#^https?://.*#i", $account->account_url) ? true : false, 'notes' => $accountNotes, 'accesses' => isset($secondaryAccesses) ? $secondaryAccesses : '', 'numFiles' => \SP\Util::fileIsEnabled() ? $account->num_files : 0, 'show' => $show, 'showView' => $accView, 'showViewPass' => $accViewPass, 'showEdit' => $accEdit, 'showCopy' => $accCopy, 'showDel' => $accDel));
}
}
/**
* Obtener los datos para el interface de comprobación de actualizaciones
*/
public function getCheckUpdates()
{
$updates = \SP\Util::checkUpdates();
$this->view->addTemplate('update');
if (is_array($updates)) {
$description = nl2br($updates['description']);
$version = $updates['version'];
$this->view->assign('hasUpdates', true);
$this->view->assign('title', $updates['title']);
$this->view->assign('url', $updates['url']);
$this->view->assign('description', sprintf('%s - %s <br><br>%s', _('Descargar nueva versión'), $version, $description));
} else {
$this->view->assign('hasUpdates', false);
$this->view->assign('status', $updates);
}
$notices = \SP\Util::checkNotices();
$numNotices = count($notices);
$noticesTitle = '';
if ($notices !== false && $numNotices > 0) {
$noticesTitle = sprintf('%s <br><br>', _('Avisos de sysPass'));
foreach ($notices as $notice) {
$noticesTitle .= sprintf('%s <br>', $notice[0]);
}
}
$this->view->assign('numNotices', $numNotices);
$this->view->assign('noticesTitle', $noticesTitle);
}
/**
* Comprobar si la salida comprimida en con zlib está activada.
* No es compatible con ob_gzhandler()
*
* @return bool
*/
private function checkZlib()
{
return Util::boolval(ini_get('zlib.output_compression'));
}
/**
* Comrpueba y actualiza la versión de la aplicación.
*/
private static function checkVersion()
{
if (substr(self::$_SUBURI, -9) != 'index.php' || Request::analyze('logout', 0) === 1) {
return;
}
$update = false;
$configVersion = (int) str_replace('.', '', Config::getValue('version'));
$databaseVersion = (int) str_replace('.', '', ConfigDB::getValue('version'));
$appVersion = (int) implode(Util::getVersion(true));
if ($databaseVersion < $appVersion && Request::analyze('nodbupgrade', 0) === 0) {
if (Upgrade::needDBUpgrade($databaseVersion)) {
if (!self::checkMaintenanceMode(true)) {
if (Config::getValue('upgrade_key', 0) === 0) {
Config::setValue('upgrade_key', sha1(uniqid(mt_rand(), true)));
Config::setValue('maintenance', true);
}
self::initError(_('La aplicación necesita actualizarse'), sprintf(_('Si es un administrador pulse en el enlace: %s'), '<a href="index.php?upgrade=1&a=upgrade">' . _('Actualizar') . '</a>'));
}
$action = Request::analyze('a');
$hash = Request::analyze('h');
if ($action === 'upgrade' && $hash === Config::getValue('upgrade_key', 0)) {
if ($update = Upgrade::doUpgrade($databaseVersion)) {
ConfigDB::setValue('version', $appVersion);
Config::setValue('maintenance', false);
Config::deleteParam('upgrade_key');
}
} else {
$controller = new Controller\MainC();
$controller->getUpgrade();
$controller->view();
exit;
}
}
}
if ($configVersion < $appVersion && Upgrade::needConfigUpgrade($appVersion) && Upgrade::upgradeConfig($appVersion)) {
Config::setValue('version', $appVersion);
$update = true;
}
if ($update === true) {
$log = new Log(_('Actualización'));
$log->addDescription(_('Actualización de versión realizada.'));
$log->addDescription(_('Versión') . ': ' . $appVersion);
$log->writeLog();
Email::sendEmail($log);
self::$UPDATED = true;
}
}
SP\Language::setLanguage(true);
SP\Themes::setTheme(true);
// Actualizar las preferencias en la sesión y recargar la página
SP\Session::setUserPreferences($UserPrefs);
SP\Util::reload();
SP\Response::printJSON(_('Preferencias actualizadas'), 0, $doActionOnClose);
} else {
if ($actionId === SP\Controller\ActionsInterface::ACTION_USR_PREFERENCES_SECURITY) {
if (SP\Util::demoIsEnabled() && \SP\Session::getUserLogin() === 'demo') {
SP\Response::printJSON(_('Ey, esto es una DEMO!!'));
}
// Variables POST del formulario
$twoFaEnabled = SP\Request::analyze('security_2faenabled', 0, false, 1);
$pin = SP\Request::analyze('security_pin', 0);
$userLogin = UserUtil::getUserLoginById($itemId);
$twoFa = new \SP\Auth\Auth2FA($itemId, $userLogin);
if (!$twoFa->verifyKey($pin)) {
SP\Response::printJSON(_('Código incorrecto'));
}
// No se instancia la clase ya que es necesario guardar los atributos ya guardados
$UserPrefs = \SP\UserPreferences::getPreferences($itemId);
$UserPrefs->setId($itemId);
$UserPrefs->setUse2Fa(\SP\Util::boolval($twoFaEnabled));
if (!$UserPrefs->updatePreferences()) {
SP\Response::printJSON(_('Error al actualizar preferencias'));
}
SP\Response::printJSON(_('Preferencias actualizadas'), 0, $doActionOnClose);
} else {
SP\Response::printJSON(_('Acción Inválida'));
}
}
SP\Response::printJSON(_('La sesión no se ha iniciado o ha caducado'), 10);
}
$accountId = SP\Request::analyze('accountid', false);
$isHistory = SP\Request::analyze('isHistory', false);
if (!$accountId) {
return;
}
$account = !$isHistory ? new SP\Account() : new SP\AccountHistory();
$account->setAccountParentId(\SP\Session::getAccountParentId());
$account->setAccountId($accountId);
$accountData = $account->getAccountPassData();
if ($isHistory && !$account->checkAccountMPass()) {
SP\Response::printJSON(_('La clave maestra no coincide'));
}
if (!SP\Acl::checkAccountAccess(SP\Acl::ACTION_ACC_VIEW_PASS, $account->getAccountDataForACL()) || !SP\Acl::checkUserAccess(SP\Acl::ACTION_ACC_VIEW_PASS)) {
SP\Response::printJSON(_('No tiene permisos para acceder a esta cuenta'));
} elseif (!UserPass::checkUserUpdateMPass()) {
SP\Response::printJSON(_('Clave maestra actualizada') . '<br>' . _('Reinicie la sesión para cambiarla'));
}
$accountClearPass = SP\Crypt::getDecrypt($accountData->pass, $accountData->iv);
if (!$isHistory) {
$account->incrementDecryptCounter();
$log = new \SP\Log(_('Ver Clave'));
$log->addDescription(_('ID') . ': ' . $accountId);
$log->addDescription(_('Cuenta') . ': ' . $accountData->customer_name . " / " . $accountData->name);
$log->writeLog();
}
//$accountPass = htmlspecialchars(trim($accountClearPass));
$useImage = intval(\SP\Util::accountPassToImageIsEnabled());
$data = array('title' => _('Clave de Cuenta'), 'acclogin' => $accountData->login, 'accpass' => !$useImage ? trim($accountClearPass) : \SP\ImageUtil::convertText($accountClearPass), 'useimage' => $useImage);
SP\Response::printJSON($data, 0);