public function authenticateUser($username, $password) { $user = $this->box->getCurrentUser(); if (empty($user)) { return ''; } $usr = new User(); $usr_id = $usr->retrieve_user_id($username); if (empty($usr_id)) { $usr_id = $this->createUser($user); } $usr->retrieve($usr_id); return $usr->id; }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported * @return Array - id - String id is the session_id of the session that was created. * - module_name - String - module name of user * - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name, * - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat * @exception 'SoapFault' -- The SOAP error, if any */ public function login($user_auth, $application, $name_value_list = array()) { $GLOBALS['log']->info("Begin: SugarWebServiceImpl->login({$user_auth['user_name']}, {$application}, " . print_r($name_value_list, true) . ")"); global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN' && $authController->authController->userAuthenticateClass != "LDAPAuthenticateUser") { $user_auth['password'] = md5($user_auth['password']); } $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } else { if (function_exists('mcrypt_cbc') && $authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] !== 'PLAIN')) { $password = self::$helperObject->decrypt_string($user_auth['password']); $authController->loggedIn = false; // reset login attempt to try again with decrypted password if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } } else { if ($authController->authController->userAuthenticateClass == "LDAPAuthenticateUser" && (empty($user_auth['encryption']) || $user_auth['encryption'] == 'PLAIN')) { $authController->loggedIn = false; // reset login attempt to try again with md5 password if ($authController->login($user_auth['user_name'], md5($user_auth['password']), array('passwordEncrypted' => true)) && isset($_SESSION['authenticated_user_id'])) { $success = true; } else { $error->set_error('ldap_error'); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } } } } } if ($success) { session_start(); global $current_user; //$current_user = $user; self::$helperObject->login_success($name_value_list); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $GLOBALS['log']->info('End: SugarWebServiceImpl->login - successful login'); $current_user->call_custom_logic('after_login'); $nameValueArray = array(); global $current_language; $nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id); $nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name); $nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language); $cur_id = $current_user->getPreference('currency'); $nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id); $nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user)); $nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team); $nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef')); $nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef')); $num_grp_sep = $current_user->getPreference('num_grp_sep'); $dec_sep = $current_user->getPreference('dec_sep'); $nameValueArray['user_number_seperator'] = self::$helperObject->get_name_value('user_number_seperator', empty($num_grp_sep) ? $sugar_config['default_number_grouping_seperator'] : $num_grp_sep); $nameValueArray['user_decimal_seperator'] = self::$helperObject->get_name_value('user_decimal_seperator', empty($dec_sep) ? $sugar_config['default_decimal_seperator'] : $dec_sep); $nameValueArray['mobile_max_list_entries'] = self::$helperObject->get_name_value('mobile_max_list_entries', $sugar_config['wl_list_max_entries_per_page']); $nameValueArray['mobile_max_subpanel_entries'] = self::$helperObject->get_name_value('mobile_max_subpanel_entries', $sugar_config['wl_list_max_entries_per_subpanel']); $currencyObject = new Currency(); $currencyObject->retrieve($cur_id); $nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name); $_SESSION['user_language'] = $current_language; return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray); } LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); $error->set_error('invalid_login'); self::$helperObject->setFaultObject($error); $GLOBALS['log']->error('End: SugarWebServiceImpl->login - failed login'); }
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @param array $name_value_list -- Array of name value pair of extra parameters. As of today only 'language' and 'notifyonsave' is supported * @return Array - id - String id is the session_id of the session that was created. * - module_name - String - module name of user * - name_value_list - Array - The name value pair of user_id, user_name, user_language, user_currency_id, user_currency_name, * - user_default_team_id, user_is_admin, user_default_dateformat, user_default_timeformat * @exception 'SoapFault' -- The SOAP error, if any */ public function login($user_auth, $application, $name_value_list) { $GLOBALS['log']->info('Begin: SugarWebServiceImpl->login'); global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; if (!empty($user_auth['encryption']) && $user_auth['encryption'] === 'PLAIN') { $user_auth['password'] = md5($user_auth['password']); } //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(); //rrs $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); self::$helperObject->setFaultObject($error); return; } else { if (function_exists('mcrypt_cbc')) { $password = self::$helperObject->decrypt_string($user_auth['password']); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } } } } if ($success) { session_start(); global $current_user; //$current_user = $user; self::$helperObject->login_success($name_value_list); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = self::$helperObject->get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - succesful login'); $nameValueArray = array(); global $current_language; $nameValueArray['user_id'] = self::$helperObject->get_name_value('user_id', $current_user->id); $nameValueArray['user_name'] = self::$helperObject->get_name_value('user_name', $current_user->user_name); $nameValueArray['user_language'] = self::$helperObject->get_name_value('user_language', $current_language); $cur_id = $current_user->getPreference('currency'); $nameValueArray['user_currency_id'] = self::$helperObject->get_name_value('user_currency_id', $cur_id); $nameValueArray['user_is_admin'] = self::$helperObject->get_name_value('user_is_admin', is_admin($current_user)); $nameValueArray['user_default_team_id'] = self::$helperObject->get_name_value('user_default_team_id', $current_user->default_team); $nameValueArray['user_default_dateformat'] = self::$helperObject->get_name_value('user_default_dateformat', $current_user->getPreference('datef')); $nameValueArray['user_default_timeformat'] = self::$helperObject->get_name_value('user_default_timeformat', $current_user->getPreference('timef')); $currencyObject = new Currency(); $currencyObject->retrieve($cur_id); $nameValueArray['user_currency_name'] = self::$helperObject->get_name_value('user_currency_name', $currencyObject->name); $_SESSION['user_language'] = $current_language; return array('id' => session_id(), 'module_name' => 'Users', 'name_value_list' => $nameValueArray); } LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); $error->set_error('invalid_login'); self::$helperObject->setFaultObject($error); $GLOBALS['log']->info('End: SugarWebServiceImpl->login - failed login'); }
function create_opportunity($user_name, $password, $name, $amount) { if (!validate_user($user_name, $password)) { return 0; } $seed_user = new User(); $user_id = $seed_user->retrieve_user_id($user_name); $opp = new Opportunity(); if (!$opp->ACLAccess('Save')) { return -1; } $opp->name = $name; $opp->amount = $amount; $opp->assigned_user_id = $user_id; $opp->assigned_user_name = $user_name; return $opp->save(); }
$number_companies = 15000; $number_leads = 100000; } $possible_duration_hours_arr = array(0, 1, 2, 3); $possible_duration_minutes_arr = array('00' => '00', '15' => '15', '30' => '30', '45' => '45'); $account_ids = array(); $accounts = array(); $opportunity_ids = array(); // Determine the assigned user for all demo data. This is the default user if set, or admin $assigned_user_name = "admin"; if (!empty($sugar_config['default_user_name']) && !empty($sugar_config['create_default_user']) && $sugar_config['create_default_user']) { $assigned_user_name = $sugar_config['default_user_name']; } // Look up the user id for the assigned user $seed_user = new User(); $assigned_user_id = $seed_user->retrieve_user_id($assigned_user_name); $casePriorityTemp = $app_list_strings['case_priority_dom']; $caseStatusTemp = $app_list_strings['case_status_dom']; foreach ($casePriorityTemp as $k => $p) { $casePriority[] = $k; } foreach ($caseStatusTemp as $s) { $caseStatus[] = $s; } $patterns[] = '/ /'; $patterns[] = '/\\./'; $patterns[] = '/&/'; $patterns[] = '/\\//'; $replacements[] = ''; $replacements[] = ''; $replacements[] = '';
require_once 'modules/Leads/LeadFormBase.php'; global $app_strings, $app_list_strings; $mod_strings = return_module_language($sugar_config['default_language'], 'Leads'); $app_list_strings['record_type_module'] = array('Contact' => 'Contacts', 'Account' => 'Accounts', 'Opportunity' => 'Opportunities', 'Case' => 'Cases', 'Note' => 'Notes', 'Call' => 'Calls', 'Email' => 'Emails', 'Meeting' => 'Meetings', 'Task' => 'Tasks', 'Lead' => 'Leads', 'Bug' => 'Bugs'); /** * To make your changes upgrade safe create a file called leadCapture_override.php and place the changes there */ $users = array('PUT A RANDOM KEY FROM THE WEBSITE HERE' => array('name' => 'PUT THE USER_NAME HERE', 'pass' => 'PUT THE USER_HASH FOR THE RESPECTIVE USER HERE')); if (file_exists('leadCapture_override.php')) { include 'leadCapture_override.php'; } if (!empty($_POST['user']) && !empty($users[$_POST['user']])) { $current_user = new User(); $current_user->user_name = $users[$_POST['user']]['name']; if ($current_user->authenticate_user($users[$_POST['user']]['pass'])) { $userid = $current_user->retrieve_user_id($users[$_REQUEST['user']]['name']); $current_user->retrieve($userid); $leadForm = new LeadFormBase(); $prefix = ''; if (!empty($_POST['prefix'])) { $prefix = $_POST['prefix']; } if (!isset($_POST['assigned_user_id']) || !empty($_POST['assigned_user_id'])) { $_POST['prefix'] = $userid; } $_POST['record'] = ''; if (isset($_POST['_splitName'])) { $name = explode(' ', $_POST['name']); if (sizeof($name) == 1) { $_POST['first_name'] = ''; $_POST['last_name'] = $name[0];
/** * Log the user into the application * * @param UserAuth array $user_auth -- Set user_name and password (password needs to be * in the right encoding for the type of authentication the user is setup for. For Base * sugar validation, password is the MD5 sum of the plain text password. * @param String $application -- The name of the application you are logging in from. (Currently unused). * @return Array(session_id, error) -- session_id is the id of the session that was * created. Error is set if there was any error during creation. */ function login($user_auth, $application) { global $sugar_config, $system_config; $error = new SoapError(); $user = new User(); $success = false; //rrs $system_config = new Administration(); $system_config->retrieveSettings('system'); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); //rrs $isLoginSuccess = $authController->login($user_auth['user_name'], $user_auth['password'], array('passwordEncrypted' => true)); $usr_id = $user->retrieve_user_id($user_auth['user_name']); if ($usr_id) { $user->retrieve($usr_id); } if ($isLoginSuccess) { if ($_SESSION['hasExpiredPassword'] == '1') { $error->set_error('password_expired'); $GLOBALS['log']->fatal('password expired for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); } // if if (!empty($user) && !empty($user->id) && !$user->is_group) { $success = true; global $current_user; $current_user = $user; } // if } else { if ($usr_id && isset($user->user_name) && $user->getPreference('lockout') == '1') { $error->set_error('lockout_reached'); $GLOBALS['log']->fatal('Lockout reached for user ' . $user_auth['user_name']); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); } else { if (function_exists('mcrypt_cbc')) { $password = decrypt_string($user_auth['password']); $authController = new AuthenticationController(!empty($sugar_config['authenticationClass']) ? $sugar_config['authenticationClass'] : 'SugarAuthenticate'); if ($authController->login($user_auth['user_name'], $password) && isset($_SESSION['authenticated_user_id'])) { $success = true; } // if } } } // else if if ($success) { session_start(); global $current_user; //$current_user = $user; login_success(); $current_user->loadPreferences(); $_SESSION['is_valid_session'] = true; $_SESSION['ip_address'] = query_client_ip(); $_SESSION['user_id'] = $current_user->id; $_SESSION['type'] = 'user'; $_SESSION['avail_modules'] = get_user_module_list($current_user); $_SESSION['authenticated_user_id'] = $current_user->id; $_SESSION['unique_key'] = $sugar_config['unique_key']; $current_user->call_custom_logic('after_login'); return array('id' => session_id(), 'error' => $error); } $error->set_error('invalid_login'); $GLOBALS['log']->fatal('SECURITY: User authentication for ' . $user_auth['user_name'] . ' failed'); LogicHook::initialize(); $GLOBALS['logic_hook']->call_custom_logic('Users', 'login_failed'); return array('id' => -1, 'error' => $error); }
/** * used by import to add a list of users * * Parameter can be one of the following: * - string 'all': add this contact for all users * - comma deliminated lists of teams and/or users * * @param string $list_of_user */ function process_sync_to_outlook($list_of_users) { static $focus_user; // cache this object since we'll be reusing it a bunch if (!$focus_user instanceof User) { $focus_user = new User(); } if (empty($list_of_users)) { return; } if (!isset($this->users)) { $this->load_relationship('user_sync'); } if (strtolower($list_of_users) == 'all') { // add all non-deleted users $sql = "SELECT id FROM users WHERE deleted=0 AND is_group=0 AND portal_only=0"; $result = $this->db->query($sql); while ($hash = $this->db->fetchByAssoc($result)) { $this->user_sync->add($hash['id']); } } else { $theList = explode(",", $list_of_users); foreach ($theList as $eachItem) { if ($focus_user->retrieve_user_id($eachItem) || $focus_user->retrieve($eachItem)) { // it is a user, add user $this->user_sync->add($this->id); return; } } } }
public function testretrieve_user_id() { $user = new User(); $result = $user->retrieve_user_id("admin"); $this->assertEquals(1, $result); }
/** * Get user used for SNIP imports * @return User */ public function getSnipUser() { if ($this->user) { return $this->user; } $id = User::retrieve_user_id(self::SNIP_USER); if (!$id) { return $this->createSnipUser(); } $u = BeanFactory::getBean('Users', $id); if (!empty($u->id)) { $this->user = $u; } return $u; }
/** * Validate sync_to_outlook field * * @param $value string * @param $vardef array * @param $bad_names array used to return list of bad users/teams in $value * @return string sanitized and validated value on success, bool false on failure */ public function synctooutlook($value, $vardef, &$bad_names) { static $focus_user; // cache this object since we'll be reusing it a bunch if (!$focus_user instanceof User) { $focus_user = new User(); } if (!empty($value) && strtolower($value) != "all") { $theList = explode(",", $value); $isValid = true; $bad_names = array(); foreach ($theList as $eachItem) { if ($focus_user->retrieve_user_id($eachItem) || $focus_user->retrieve($eachItem)) { // all good } else { $isValid = false; $bad_names[] = $eachItem; continue; } } if (!$isValid) { return false; } } return $value; }
function delete_calendar($user_name, $id) { global $current_user; require_once 'modules/Users/User.php'; $seed_user = new User(); $user_id = $seed_user->retrieve_user_id($user_name); $current_user = $seed_user; $current_user->retrieve($user_id); require_once 'modules/Activities/Activity.php'; $task = new Activity(); //$task->id = $id; $task->mark_deleted($id); return "Suceeded in deleting Calendar"; }
/** * Check if password has expired. * @param {User|string} $user * @return Boolean indicating if password is expired or not */ function hasPasswordExpired($user, $updateNumberLogins = false) { if (!$user instanceof User) { $usr_id = User::retrieve_user_id($user); $user = BeanFactory::getBean('Users', $usr_id); } $type = ''; if ($user->system_generated_password == '1') { $type = 'syst'; } else { $type = 'user'; } if ($user->portal_only == '0') { $res = $GLOBALS['sugar_config']['passwordsetting']; if ($type != '') { switch ($res[$type . 'expiration']) { case '1': global $timedate; if ($user->pwd_last_changed == '') { $user->pwd_last_changed = $timedate->nowDb(); //Suppress date_modified so a new _hash isn't generated $user->update_date_modified = false; $user->save(); $pass_changed_timestamp = $timedate->fromDb($user->pwd_last_changed); } else { $pass_changed_timestamp = $timedate->fromUser($user->pwd_last_changed, $user); } // SP-1790: Creating user with default password expiration settings results in password expired page on first login // Below, we calc $expireday essentially doing type*time; that requires that expirationtype factor is 1 or // greater, however, expirationtype defaults to following values: 0/day, 7/week, 30/month // (See and {debug} PasswordManager.tpl for more info) $expiretype = $res[$type . 'expirationtype']; $expiretype = !isset($expiretype) || $expiretype == '0' ? '1' : $expiretype; $expireday = $expiretype * $res[$type . 'expirationtime']; $expiretime = $pass_changed_timestamp->get("+{$expireday} days")->ts; if ($timedate->getNow()->ts < $expiretime) { return false; } else { $_SESSION['expiration_label'] = 'LBL_PASSWORD_EXPIRATION_TIME'; return true; } break; case '2': $login = $user->getPreference('loginexpiration'); //Only increment number of logins if we're actually doing an update if ($updateNumberLogins) { $login = $login + 1; $user->setPreference('loginexpiration', $login); //Suppress date_modified so a new _hash isn't generated $user->update_date_modified = false; $user->save(); } if ($login >= $res[$type . 'expirationlogin']) { $_SESSION['expiration_label'] = 'LBL_PASSWORD_EXPIRATION_LOGIN'; return true; } else { return false; } break; case '0': return false; break; } } } }