function saveWorkerPeekAction()
{
$translate = DevblocksPlatform::getTranslationService();
$active_worker = CerberusApplication::getActiveWorker();
if (!$active_worker || !$active_worker->is_superuser || DEMO_MODE) {
return;
}
@($id = DevblocksPlatform::importGPC($_POST['id'], 'integer'));
@($view_id = DevblocksPlatform::importGPC($_POST['view_id'], 'string'));
@($first_name = DevblocksPlatform::importGPC($_POST['first_name'], 'string'));
@($last_name = DevblocksPlatform::importGPC($_POST['last_name'], 'string'));
@($title = DevblocksPlatform::importGPC($_POST['title'], 'string'));
@($email = DevblocksPlatform::importGPC($_POST['email'], 'string'));
@($password = DevblocksPlatform::importGPC($_POST['password'], 'string'));
@($is_superuser = DevblocksPlatform::importGPC($_POST['is_superuser'], 'integer', 0));
@($disabled = DevblocksPlatform::importGPC($_POST['is_disabled'], 'integer', 0));
@($group_ids = DevblocksPlatform::importGPC($_POST['group_ids'], 'array'));
@($group_roles = DevblocksPlatform::importGPC($_POST['group_roles'], 'array'));
@($delete = DevblocksPlatform::importGPC($_POST['do_delete'], 'integer', 0));
// [TODO] The superuser set bit here needs to be protected by ACL
if (empty($first_name)) {
$first_name = "Anonymous";
}
if (!empty($id) && !empty($delete)) {
// Can't delete or disable self
if ($active_worker->id != $id) {
DAO_Worker::deleteAgent($id);
}
} else {
if (empty($id) && null == DAO_Worker::lookupAgentEmail($email)) {
$workers = DAO_Worker::getAll();
$license = CerberusLicense::getInstance();
if (!empty($license) && !empty($license['serial']) || count($workers) < 3) {
// Creating new worker. If password is empty, email it to them
if (empty($password)) {
$settings = DevblocksPlatform::getPluginSettingsService();
$replyFrom = $settings->get('cerberusweb.core', CerberusSettings::DEFAULT_REPLY_FROM);
$replyPersonal = $settings->get('cerberusweb.core', CerberusSettings::DEFAULT_REPLY_PERSONAL, '');
$url = DevblocksPlatform::getUrlService();
$password = CerberusApplication::generatePassword(8);
try {
$mail_service = DevblocksPlatform::getMailService();
$mailer = $mail_service->getMailer(CerberusMail::getMailerDefaults());
$mail = $mail_service->createMessage();
$mail->setTo(array($email => $first_name . ' ' . $last_name));
$mail->setFrom(array($replyFrom => $replyPersonal));
$mail->setSubject('Your new helpdesk login information!');
$mail->generateId();
$headers = $mail->getHeaders();
$headers->addTextHeader('X-Mailer', 'Cerberus Helpdesk (Build ' . APP_BUILD . ')');
$body = sprintf("Your new helpdesk login information is below:\r\n" . "\r\n" . "URL: %s\r\n" . "Login: %s\r\n" . "Password: %s\r\n" . "\r\n" . "You should change your password from Preferences after logging in for the first time.\r\n" . "\r\n", $url->write('', true), $email, $password);
$mail->setBody($body);
if (!$mailer->send($mail)) {
throw new Exception('Password notification email failed to send.');
}
} catch (Exception $e) {
// [TODO] need to report to the admin when the password email doesn't send. The try->catch
// will keep it from killing php, but the password will be empty and the user will never get an email.
}
}
$id = DAO_Worker::create($email, $password, '', '', '');
}
}
// end create worker
// Update
$fields = array(DAO_Worker::FIRST_NAME => $first_name, DAO_Worker::LAST_NAME => $last_name, DAO_Worker::TITLE => $title, DAO_Worker::EMAIL => $email, DAO_Worker::IS_SUPERUSER => $is_superuser, DAO_Worker::IS_DISABLED => $disabled);
// if we're resetting the password
if (!empty($password)) {
$fields[DAO_Worker::PASSWORD] = md5($password);
}
// Update worker
DAO_Worker::updateAgent($id, $fields);
// Update group memberships
if (is_array($group_ids) && is_array($group_roles)) {
foreach ($group_ids as $idx => $group_id) {
if (empty($group_roles[$idx])) {
DAO_Group::unsetTeamMember($group_id, $id);
} else {
DAO_Group::setTeamMember($group_id, $id, 2 == $group_roles[$idx]);
}
}
}
// Add the worker e-mail to the addresses table
if (!empty($email)) {
DAO_Address::lookupAddress($email, true);
}
// Addresses
if (null == DAO_AddressToWorker::getByAddress($email)) {
DAO_AddressToWorker::assign($email, $id);
DAO_AddressToWorker::update($email, array(DAO_AddressToWorker::IS_CONFIRMED => 1));
}
// Custom field saves
@($field_ids = DevblocksPlatform::importGPC($_POST['field_ids'], 'array', array()));
DAO_CustomFieldValue::handleFormPost(ChCustomFieldSource_Worker::ID, $id, $field_ids);
}
if (!empty($view_id)) {
$view = C4_AbstractViewLoader::getView($view_id);
$view->render();
}
//DevblocksPlatform::setHttpResponse(new DevblocksHttpResponse(array('config','workers')));
}
// Default catchall
DAO_Group::updateTeam($dispatch_gid, array(DAO_Group::IS_DEFAULT => 1));
}
// If this worker doesn't exist, create them
if (null === ($lookup = DAO_Worker::lookupAgentEmail($worker_email))) {
$worker_id = DAO_Worker::create($worker_email, $worker_pass, 'Super', 'User', 'Administrator');
// Superuser bit
$fields = array(DAO_Worker::IS_SUPERUSER => 1);
DAO_Worker::updateAgent($worker_id, $fields);
// Add the worker e-mail to the addresses table
if (!empty($worker_email)) {
DAO_Address::lookupAddress($worker_email, true);
}
// Authorize this e-mail address (watchers, etc.)
DAO_AddressToWorker::assign($worker_email, $worker_id);
DAO_AddressToWorker::update($worker_email, array(DAO_AddressToWorker::IS_CONFIRMED => 1));
// Default group memberships
if (!empty($dispatch_gid)) {
DAO_Group::setTeamMember($dispatch_gid, $worker_id, true);
}
if (!empty($support_gid)) {
DAO_Group::setTeamMember($support_gid, $worker_id, true);
}
if (!empty($sales_gid)) {
DAO_Group::setTeamMember($sales_gid, $worker_id, true);
}
}
// Send a first ticket which allows people to reply for support
if (null !== ($default_from = $settings->get(CerberusSettings::DEFAULT_REPLY_FROM, ''))) {
$message = new CerberusParserMessage();
$message->headers['from'] = '"WebGroup Media, LLC." <*****@*****.**>';
private function _handleImportWorker($xml)
{
$settings = CerberusSettings::getInstance();
$logger = DevblocksPlatform::getConsoleLog();
$sFirstName = (string) $xml->first_name;
$sLastName = (string) $xml->last_name;
$sEmail = (string) $xml->email;
$sPassword = (string) $xml->password;
$isSuperuser = (int) $xml->is_superuser;
// Dupe check worker email
if (null != ($worker_id = DAO_Worker::lookupAgentEmail($sEmail))) {
$logger->info('[Importer] Avoiding creating duplicate worker #' . $worker_id . ' (' . $sEmail . ')');
return true;
}
$worker_id = DAO_Worker::create($sEmail, CerberusApplication::generatePassword(8), $sFirstName, $sLastName, '');
DAO_Worker::updateAgent($worker_id, array(DAO_Worker::PASSWORD => $sPassword, DAO_Worker::IS_SUPERUSER => intval($isSuperuser)));
// Address to Worker
DAO_AddressToWorker::assign($sEmail, $worker_id);
DAO_AddressToWorker::update($sEmail, array(DAO_AddressToWorker::IS_CONFIRMED => 1));
$logger->info('[Importer] Imported worker #' . $worker_id . ' (' . $sEmail . ')');
DAO_Worker::clearCache();
return true;
}
private function _sendConfirmationEmail($to, $worker)
{
$translate = DevblocksPlatform::getTranslationService();
$settings = DevblocksPlatform::getPluginSettingsService();
$url_writer = DevblocksPlatform::getUrlService();
$tpl = DevblocksPlatform::getTemplateService();
// Tentatively assign the e-mail address to this worker
DAO_AddressToWorker::assign($to, $worker->id);
// Create a confirmation code and save it
$code = CerberusApplication::generatePassword(20);
DAO_AddressToWorker::update($to, array(DAO_AddressToWorker::CODE => $code, DAO_AddressToWorker::CODE_EXPIRE => time() + 24 * 60 * 60));
// Email the confirmation code to the address
// [TODO] This function can return false, and we need to do something different if it does.
CerberusMail::quickSend($to, vsprintf($translate->_('prefs.address.confirm.mail.subject'), $settings->get('cerberusweb.core', CerberusSettings::HELPDESK_TITLE)), vsprintf($translate->_('prefs.address.confirm.mail.body'), array($worker->getName(), $url_writer->write('c=preferences&a=confirm_email&code=' . $code, true))));
$output = array(vsprintf($translate->_('prefs.address.confirm.mail.subject'), $to));
$tpl->assign('pref_success', $output);
}
