private function create_account(fi_openkeidas_registration_user $user, $password)
{
if (!$this->check_email($user->email)) {
midgardmvc_core::get_instance()->uimessages->add(array('title' => 'Käyttäjätunnus olemassa', 'message' => 'Antamallasi sähköpostiosoitteella on jo käyttäjätunnus. Ole hyvä ja kirjaudu sisään.', 'type' => 'ok'));
midgardmvc_core::get_instance()->head->relocate('/mgd:login');
}
midgardmvc_core::get_instance()->authorization->enter_sudo('fi_openkeidas_registration');
$transaction = new midgard_transaction();
$transaction->begin();
$method = 'create';
if ($user->guid) {
$method = 'update';
}
if (!$user->{$method}()) {
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
throw new midgardmvc_exception_httperror('Failed to create user');
}
// Typecast to midgard_person
$person = new midgard_person($user->guid);
$account = new midgard_user();
$account->login = $user->email;
$account->password = sha1($password);
$account->usertype = 1;
$account->authtype = 'SHA1';
$account->active = true;
$account->set_person($person);
if (!$account->create()) {
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
throw new midgardmvc_exception_httperror('Failed to create user');
}
if (!$transaction->commit()) {
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
throw new midgardmvc_exception_httperror('Failed to create user');
}
midgardmvc_core::get_instance()->authorization->leave_sudo();
return $account;
}
function _migrate_account($person)
{
$user = new midgard_user();
$db_password = $person->password;
if (substr($person->password, 0, 2) == '**') {
$db_password = substr($db_password, 2);
} else {
echo ' Legacy password detected for user ' . $person->username . ". Resetting to 'password', please change ASAP\n";
$db_password = '******';
}
$user->authtype = $GLOBALS['midcom_config']['auth_type'];
$user->password = midcom_connection::prepare_password($db_password);
$user->login = $person->username;
if ($GLOBALS['midcom_config']['person_class'] != 'midgard_person') {
$mgd_person = new midgard_person($person->guid);
} else {
$mgd_person = $person;
}
$user->set_person($mgd_person);
$user->active = true;
try {
$user->create();
} catch (midgard_error_exception $e) {
return false;
}
return true;
}
/**
* Creates an account
*/
private function create_account(array $ldapuser, array $tokens)
{
$user = null;
$person = null;
midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core');
$transaction = new midgard_transaction();
$transaction->begin();
$persons = $this->get_persons($ldapuser);
if (count($persons) == 0) {
$person = $this->create_person($ldapuser, $tokens);
} else {
// we have multiple persons with the same firstname and lastname
// let's see the corresponding midgard_user object and its login field
foreach ($persons as $person) {
$user = com_meego_packages_utils::get_user_by_person_guid($person->guid);
if ($user->login == $tokens['login']) {
break;
} else {
$user = null;
$person = null;
}
}
}
if (!$user) {
if (!$person) {
$person = $this->create_person($ldapuser, $tokens);
}
if ($person) {
$user = new midgard_user();
$user->login = $tokens['login'];
$user->password = '';
$user->usertype = 1;
$user->authtype = 'LDAP';
$user->active = true;
$user->set_person($person);
if (!$user->create()) {
midgardmvc_core::get_instance()->log(__CLASS__, "Creating midgard_user for LDAP user failed: " . midgard_connection::get_instance()->get_error_string(), 'warning');
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
return false;
}
}
}
midgardmvc_core::get_instance()->authorization->leave_sudo();
if (!$transaction->commit()) {
return false;
}
return true;
}
private function create_account(array $ldapuser, array $tokens)
{
midgardmvc_core::get_instance()->authorization->enter_sudo('midgardmvc_core');
$transaction = new midgard_transaction();
$transaction->begin();
$qb = new midgard_query_builder('midgard_person');
$qb->add_constraint('firstname', '=', $ldapuser['firstname']);
$qb->add_constraint('lastname', '=', $ldapuser['lastname']);
$persons = $qb->execute();
if (count($persons) == 0) {
$person = new midgard_person();
$person->firstname = $ldapuser['firstname'];
$person->lastname = $ldapuser['lastname'];
if (!$person->create()) {
midgardmvc_core::get_instance()->log(__CLASS__, "Creating midgard_person for LDAP user failed: " . midgard_connection::get_instance()->get_error_string(), 'warning');
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
return false;
}
} else {
$person = $persons[0];
}
$person->set_parameter('midgardmvc_core_services_authentication_ldap', 'employeenumber', $ldapuser['employeenumber']);
$user = new midgard_user();
$user->login = $tokens['login'];
$user->password = '';
$user->usertype = 1;
$user->authtype = 'LDAP';
$user->active = true;
$user->set_person($person);
if (!$user->create()) {
midgardmvc_core::get_instance()->log(__CLASS__, "Creating midgard_user for LDAP user failed: " . midgard_connection::get_instance()->get_error_string(), 'warning');
$transaction->rollback();
midgardmvc_core::get_instance()->authorization->leave_sudo();
return false;
}
if (!$transaction->commit()) {
midgardmvc_core::get_instance()->authorization->leave_sudo();
return false;
}
midgardmvc_core::get_instance()->authorization->leave_sudo();
return true;
}
/**
* Creates and returns a midgard_person object
*
*/
private function createUser($login)
{
# create the person object
$person = new midgard_person();
$person->firstname = $login;
$person->lastname = $login;
if (!$person->create()) {
$error = midgard_connection::get_instance()->get_error_string();
midgard_error::error(__CLASS__ . " Failed to create midgard person: " . $error);
return false;
} else {
midgard_error::info(__CLASS__ . " Created midgard person: " . $person->guid);
$user = new midgard_user();
$user->login = $login;
$user->password = '';
$user->usertype = 1;
$user->authtype = $this->config['default_auth_type'] ? $this->config['default_auth_type'] : 'SHA1';
$user->active = true;
$user->set_person($person);
if (!$user->create()) {
$error = midgard_connection::get_instance()->get_error_string();
midgard_error::error(__CLASS__ . "Failed to create midgard user: "******" Created midgard user: " . $user->login);
}
// @todo: not sure if this is the best solution;
// but it is simple to create midgardmvc_account objects
// this does not work, as we are not an MVC app
/*
$dummy_session = new midgardmvc_core_login_session();
$dummy_session->userid = '';
$dummy_session->username = $user->login;
$dummy_session->authtype = $user->authtype;
midgardmvc_account_injector::create_account_from_session($dummy_session);
unset($dummy_session);
*/
return $user;
}
