function action()
 {
     $auth =& owa_auth::get_instance();
     $status = $auth->authenticateUser();
     $go = $this->getParam('go');
     // if authentication is successfull
     if ($status['auth_status'] == true) {
         if (!empty($go)) {
             // redirect to url if present
             $url = urldecode($go);
             $this->e->debug("redirecting browser to...:" . $url);
             owa_lib::redirectBrowser($url);
         } else {
             //else redirect to home page
             // these need to be unset as they were set previously by the doAction method.
             // need to refactor this out.
             $this->set('auth_status', '');
             $this->set('params', '');
             $this->set('site_id', '');
             $this->setRedirectAction($this->config['start_page']);
         }
     } else {
         // return login form with error msg
         $this->setView('base.loginForm');
         $this->set('go', $go);
         $this->set('error_code', 2002);
         $this->set('user_id', $this->getParam('user_id'));
     }
 }
 function action()
 {
     $s = owa_coreAPI::serviceSingleton();
     // lookup method class
     $do = $s->getApiMethodClass($this->getParam('do'));
     if ($do) {
         // check credentials
         /* PERFORM AUTHENTICATION */
         if (array_key_exists('required_capability', $do)) {
             /* CHECK USER FOR CAPABILITIES */
             if (!owa_coreAPI::isCurrentUserCapable($do['required_capability'])) {
                 // doesn't look like the currentuser has the necessary priviledges
                 owa_coreAPI::debug('User does not have capability required by this controller.');
                 // auth user
                 $auth =& owa_auth::get_instance();
                 $status = $auth->authenticateUser();
                 // if auth was not successful then return login view.
                 if ($status['auth_status'] != true) {
                     return 'This method requires authentication.';
                 } else {
                     //check for needed capability again now that they are authenticated
                     if (!owa_coreAPI::isCurrentUserCapable($do['required_capability'])) {
                         return 'Your user does not have privileges to access this method.';
                     }
                 }
             }
         }
         //perform
         $map = owa_coreAPI::getRequest()->getAllOwaParams();
         echo owa_coreAPI::executeApiCommand($map);
     }
 }
 function action()
 {
     $event = $this->getParam('event');
     $auth =& owa_auth::get_instance();
     $u = owa_coreAPI::entityFactory('base.user');
     $u->getByColumn('email_address', $event->get('email_address'));
     $u->set('temp_passkey', $auth->generateTempPasskey($u->get('user_id')));
     $status = $u->update();
     $this->e->debug('status: ' . $status);
     if ($status === true) {
         $this->setView('base.usersResetPassword');
         $this->set('key', $u->get('temp_passkey'));
         $this->set('email_address', $u->get('email_address'));
     } else {
         $this->e->debug("could not update password in db.");
     }
     return;
 }
 function action()
 {
     $auth =& owa_auth::get_instance();
     $status = $auth->authenticateUserTempPasskey($this->params['k']);
     // log to event queue
     if ($status === true) {
         $ed = owa_coreAPI::getEventDispatch();
         $new_password = array('key' => $this->params['k'], 'password' => $auth->encryptPassword($this->params['password']), 'ip' => $_SERVER['REMOTE_ADDR']);
         $ed->log($new_password, 'base.set_password');
         $auth->deleteCredentials();
         $this->setRedirectAction('base.loginForm');
         $this->set('status_code', 3006);
     } else {
         $this->setRedirectAction('base.loginForm');
         $this->set('error_code', 2011);
         // can't find key in the db
     }
 }
示例#5
0
 function action()
 {
     $auth = owa_auth::get_instance();
     $auth->deleteCredentials();
     $this->setRedirectAction('base.loginForm');
 }
 /**
  * @depricated
  * @todo remove
  */
 function getAuthStatus()
 {
     if (!class_exists('owa_auth')) {
         require_once OWA_BASE_DIR . '/owa_auth.php';
     }
     $auth =& owa_auth::get_instance();
     return $auth->auth_status;
 }
 /**
  * Handles request from caller
  *
  */
 function doAction()
 {
     owa_coreAPI::debug('Performing Action: ' . get_class($this));
     // check if the schema needs to be updated and force the update
     // not sure this should go here...
     if ($this->is_admin === true) {
         // do not intercept if its the updatesApply action or a re-install else updates will never apply
         $do = $this->getParam('do');
         if ($do != 'base.updatesApply' && !defined('OWA_INSTALLING') && !defined('OWA_UPDATING')) {
             if (owa_coreAPI::isUpdateRequired()) {
                 $this->e->debug('Updates Required. Redirecting action.');
                 $data = array();
                 $data['view_method'] = 'redirect';
                 $data['action'] = 'base.updates';
                 return $data;
             }
         }
     }
     /* Check validity of nonce */
     if ($this->is_nonce_required == true) {
         $nonce = $this->getParam('nonce');
         if ($nonce) {
             $is_nonce_valid = $this->verifyNonce($nonce);
         }
         if (!$nonce || !$is_nonce_valid) {
             $this->e->debug('Nonce is not valid.');
             $ret = $this->notAuthenticatedAction();
             if (!empty($ret)) {
                 $this->post();
                 return $ret;
             } else {
                 $this->post();
                 return $this->data;
             }
         }
     }
     /* CHECK USER FOR CAPABILITIES */
     if (!owa_coreAPI::isCurrentUserCapable($this->getRequiredCapability())) {
         owa_coreAPI::debug('User does not have capability required by this controller.');
         // check to see if the user has already been authenticated
         if (owa_coreAPI::isCurrentUserAuthenticated()) {
             $this->authenticatedButNotCapableAction();
             return $this->data;
         }
         /* PERFORM AUTHENTICATION */
         $auth =& owa_auth::get_instance();
         $status = $auth->authenticateUser();
         // if auth was not successful then return login view.
         if ($status['auth_status'] != true) {
             $this->notAuthenticatedAction();
             return $this->data;
         } else {
             //check for needed capability again now that they are authenticated
             if (!owa_coreAPI::isCurrentUserCapable($this->getRequiredCapability())) {
                 $this->authenticatedButNotCapableAction();
                 //needed?
                 $this->set('go', urlencode(owa_lib::get_current_url()));
                 // needed? -- set auth status for downstream views
                 $this->set('auth_status', true);
                 return $this->data;
             }
         }
     }
     // TODO: These sets need to be removed and added to pre(), action() or post() methods
     // in various concrete controller classes as they screw up things when
     // redirecting from one controller to another.
     // set auth status for downstream views
     //$this->set('auth_status', true);
     //set request params
     $this->set('params', $this->params);
     // set site_id
     $this->set('site_id', $this->get('site_id'));
     // set status msg - NEEDED HERE? doesnt owa_ view handle this?
     if (array_key_exists('status_code', $this->params)) {
         $this->set('status_code', $this->getParam('status_code'));
     }
     // get error msg from error code passed on the query string from a redirect.
     if (array_key_exists('error_code', $this->params)) {
         $this->set('error_code', $this->getParam('error_code'));
     }
     // check to see if the controller has created a validator
     if (!empty($this->v)) {
         // if so do the validations required
         $this->v->doValidations();
         //check for errors
         if ($this->v->hasErrors === true) {
             //print_r($this->v);
             // if errors, do the errorAction instead of the normal action
             $this->set('validation_errors', $this->getValidationErrorMsgs());
             $ret = $this->errorAction();
             if (!empty($ret)) {
                 $this->post();
                 return $ret;
             } else {
                 $this->post();
                 return $this->data;
             }
         }
     }
     /* PERFORM PRE ACTION */
     // often used by abstract descendant controllers to set various things
     $this->pre();
     /* PERFORM MAIN ACTION */
     // need to check ret for backwards compatability with older
     // controllers that donot use $this->data
     $ret = $this->action();
     if (!empty($ret)) {
         $this->post();
         return $ret;
     } else {
         $this->post();
         return $this->data;
     }
 }
 /**
  * Checks if the current controller requires privileges and authenticates the user and checks for capabilities
  * If the user is not allowed the correct error view is also initialized and the calling method should return
  * @uses ->getRequiredCapability and ->getCurrentSiteId
  * @param string $capability
  * @return boolean
  */
 protected function checkCapabilityAndAuthenticateUser($capability)
 {
     if (!empty($capability) && !owa_coreAPI::isEveryoneCapable($capability)) {
         /* PERFORM AUTHENTICATION */
         $auth = owa_auth::get_instance();
         if (!owa_coreAPI::isCurrentUserAuthenticated()) {
             $status = $auth->authenticateUser();
             if ($status['auth_status'] != true) {
                 $this->notAuthenticatedAction();
                 return false;
             }
         }
         $currentUser = owa_coreAPI::getCurrentUser();
         if (!$currentUser->isCapable($this->getRequiredCapability(), $this->getCurrentSiteId())) {
             owa_coreAPI::debug('User does not have capability required by this controller.');
             $this->authenticatedButNotCapableAction();
             //needed?
             //$this->set('go', urlencode(owa_lib::get_current_url()));
             // needed? -- set auth status for downstream views
             //$this->set('auth_status', true);
             return false;
         }
     }
     return true;
 }