/**
* Create or update user information
* @param array() $userInfoArr the user related information
* @return array() create result. return detail information
*/
public static function editUser($userInfoArr, $pageActionType)
{
$resultInfo = array();
$actionType = BugfreeModel::ACTION_OPEN;
$oldRecordAttributs = array();
if (!empty($userInfoArr['id'])) {
$user = self::loadModel($userInfoArr['id']);
if (isset($userInfoArr['realname']) && self::isRealnameExisted($userInfoArr['id'], $userInfoArr['realname'])) {
$userInfoArr['realname'] = $userInfoArr['realname'] . '[' . $userInfoArr['username'] . ']';
}
$oldRecordAttributs = $user->attributes;
$actionType = BugfreeModel::ACTION_EDIT;
$user->attributes = $userInfoArr;
if (!empty($userInfoArr['change_password']) && CommonService::$TrueFalseStatus['TRUE'] == $userInfoArr['change_password']) {
$user->scenario = 'password';
}
} else {
$user = new TestUser();
$user->attributes = $userInfoArr;
if (TestUser::$Authmode['ldap'] == $_POST['TestUser']['authmode']) {
$ldap = new LdapService(Yii::app()->params->ldap['user'], Yii::app()->params->ldap['pass']);
if (empty($userInfoArr['username'])) {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail']['id'] = Yii::t('TestUser', 'username can not be blank');
return $resultInfo;
}
$ldapUserInfo = $ldap->search($userInfoArr['username']);
if (empty($ldapUserInfo)) {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail']['id'] = Yii::t('TestUser', 'Domain Account not found');
return $resultInfo;
}
if (self::isRealnameExisted(0, $ldapUserInfo['realname'])) {
$ldapUserInfo['realname'] = $ldapUserInfo['realname'] . '[' . $ldapUserInfo['username'] . ']';
}
$user->attributes = $ldapUserInfo;
$user->password = time();
}
$user->is_dropped = CommonService::$TrueFalseStatus['FALSE'];
$user->email_flag = CommonService::$TrueFalseStatus['TRUE'];
$user->wangwang_flag = CommonService::$TrueFalseStatus['FALSE'];
}
if (!self::isUserEditable($user->id, $pageActionType)) {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail']['id'] = Yii::t('Common', 'Required URL not found or permission denied.');
return $resultInfo;
}
if ($user->save()) {
$newRecord = self::loadModel($user->id);
$addActionResult = AdminActionService::addActionNotes('test_user', $actionType, $newRecord, $oldRecordAttributs);
$resultInfo['status'] = CommonService::$ApiResult['SUCCESS'];
$resultInfo['detail'] = array('id' => $user->id);
return $resultInfo;
} else {
$resultInfo['status'] = CommonService::$ApiResult['FAIL'];
$resultInfo['detail'] = $user->getErrors();
}
return $resultInfo;
}
/**
* authenticate
* if user account is not existed, register it automatically
* if ladp connect failed, use the database data to validate
* after each ldap validation, update the user information to database
*
*/
public function authenticate()
{
$user = TestUser::model()->findByAttributes(array('username' => $this->username));
if ($user == null) {
$this->errorCode = self::ERROR_USER_NOT_FOUND;
} else {
if (CommonService::$TrueFalseStatus['TRUE'] == $user->is_dropped) {
$this->errorCode = self::ERROR_USER_DISABLED;
return !$this->errorCode;
}
if (TestUser::$Authmode['ldap'] == $user->authmode) {
$ldap = new LdapService($this->username, $this->password);
$userInfoArr = $ldap->search();
if (LdapService::ERROR_LDAP_MISS == $ldap->errorCode) {
$this->errorCode = self::ERROR_LDAP_MISS;
} else {
if (LdapService::ERROR_CONNECT == $ldap->errorCode || LdapService::ERROR_BIND == $ldap->errorCode) {
if (md5($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->setState('realname', $user->realname);
$this->setState('username', $user->username);
$this->errorCode = self::ERROR_NONE;
}
} else {
if (LdapService::ERROR_NONE == $ldap->errorCode) {
if (empty($userInfoArr)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$userInfo = $userInfoArr;
$userInfo['id'] = $user->id;
$userInfo['password'] = $this->password;
$result = TestUserService::editUser($userInfo, TestUserService::LDAP_UPDATE_USER);
if (CommonService::$ApiResult['SUCCESS'] == $result['status']) {
$userNew = TestUser::model()->findByPk($user->id);
$newRealName = $userNew['realname'];
$this->_id = $user->id;
$this->errorCode = self::ERROR_NONE;
$this->setState('realname', $newRealName);
$this->setState('username', $user->username);
} else {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
}
}
}
}
}
} else {
if (md5($this->password) !== $user->password) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->_id = $user->id;
$this->username = $user->username;
$this->setState('realname', $user->realname);
$this->setState('username', $user->username);
$this->errorCode = self::ERROR_NONE;
}
}
}
return !$this->errorCode;
}
