public function AuthorizeUser($socservUserFields) { global $USER, $APPLICATION; if (!isset($socservUserFields['XML_ID']) || $socservUserFields['XML_ID'] == '') { return false; } if (!isset($socservUserFields['EXTERNAL_AUTH_ID']) || $socservUserFields['EXTERNAL_AUTH_ID'] == '') { return false; } $oauthKeys = array(); if (isset($socservUserFields["OATOKEN"])) { $oauthKeys["OATOKEN"] = $socservUserFields["OATOKEN"]; } if (isset($socservUserFields["REFRESH_TOKEN"]) && $socservUserFields["REFRESH_TOKEN"] !== '') { $oauthKeys["REFRESH_TOKEN"] = $socservUserFields["REFRESH_TOKEN"]; } if (isset($socservUserFields["OATOKEN_EXPIRES"])) { $oauthKeys["OATOKEN_EXPIRES"] = $socservUserFields["OATOKEN_EXPIRES"]; } $errorCode = SOCSERV_AUTHORISATION_ERROR; $dbSocUser = UserTable::getList(array('filter' => array('=XML_ID' => $socservUserFields['XML_ID'], '=EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID']), 'select' => array("ID", "USER_ID", "ACTIVE" => "USER.ACTIVE"))); $socservUser = $dbSocUser->fetch(); if ($USER->IsAuthorized()) { if (!$this->checkRestrictions || !self::isSplitDenied()) { if (!$socservUser) { $socservUserFields["USER_ID"] = $USER->GetID(); $result = UserTable::add(UserTable::filterFields($socservUserFields)); $id = $result->getId(); } else { $id = $socservUser['ID']; // socservice link split if ($socservUser['USER_ID'] != $USER->GetID()) { if ($this->allowChangeOwner) { $dbSocUser = UserTable::getList(array('filter' => array('=USER_ID' => $USER->GetID(), '=EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID']), 'select' => array("ID"))); if ($dbSocUser->fetch()) { return SOCSERV_AUTHORISATION_ERROR; } else { $oauthKeys['USER_ID'] = $USER->GetID(); $oauthKeys['CAN_DELETE'] = 'Y'; } } else { return SOCSERV_AUTHORISATION_ERROR; } } } if ($_SESSION["OAUTH_DATA"] && is_array($_SESSION["OAUTH_DATA"])) { $oauthKeys = array_merge($oauthKeys, $_SESSION['OAUTH_DATA']); unset($_SESSION["OAUTH_DATA"]); } UserTable::update($id, $oauthKeys); } else { return SOCSERV_REGISTRATION_DENY; } } else { $entryId = 0; $USER_ID = 0; if ($socservUser) { $entryId = $socservUser['ID']; if ($socservUser["ACTIVE"] === 'Y') { $USER_ID = $socservUser["USER_ID"]; } } else { // check for user with old socialservices linking system (socservice ID in user's EXTERNAL_AUTH_ID) $dbUsersOld = CUser::GetList($by = 'ID', $ord = 'ASC', array('XML_ID' => $socservUserFields['XML_ID'], 'EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID'], 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1"))); $socservUser = $dbUsersOld->Fetch(); if ($socservUser) { $USER_ID = $socservUser["ID"]; } else { // theoretically possible situation with abandoned external user w/o b_socialservices_user entry $dbUsersNew = CUser::GetList($by = 'ID', $ord = 'ASC', array('XML_ID' => $socservUserFields['XML_ID'], 'EXTERNAL_AUTH_ID' => 'socservices', 'ACTIVE' => 'Y'), array('NAV_PARAMS' => array("nTopCount" => "1"))); $socservUser = $dbUsersNew->Fetch(); if ($socservUser) { $USER_ID = $socservUser["ID"]; } elseif (COption::GetOptionString("main", "new_user_registration", "N") == "Y" && COption::GetOptionString("socialservices", "allow_registration", "Y") == "Y") { $socservUserFields['PASSWORD'] = randString(30); //not necessary but... $socservUserFields['LID'] = SITE_ID; $def_group = Option::get('main', 'new_user_registration_def_group', ''); if ($def_group != '') { $socservUserFields['GROUP_ID'] = explode(',', $def_group); } if ($this->checkRestrictions && !empty($socservUserFields['GROUP_ID']) && self::isAuthDenied($socservUserFields['GROUP_ID'])) { $errorCode = SOCSERV_REGISTRATION_DENY; } else { $userFields = $socservUserFields; $userFields["EXTERNAL_AUTH_ID"] = "socservices"; if (isset($userFields['PERSONAL_PHOTO']) && is_array($userFields['PERSONAL_PHOTO'])) { $res = CFile::CheckImageFile($userFields["PERSONAL_PHOTO"]); if ($res != '') { unset($userFields['PERSONAL_PHOTO']); } } $USER_ID = $USER->Add($userFields); if ($USER_ID <= 0) { $errorCode = SOCSERV_AUTHORISATION_ERROR; } } } elseif (Option::get("main", "new_user_registration", "N") == "N") { $errorCode = SOCSERV_REGISTRATION_DENY; } $socservUserFields['CAN_DELETE'] = 'N'; } } if (isset($_SESSION["OAUTH_DATA"]) && is_array($_SESSION["OAUTH_DATA"])) { foreach ($_SESSION['OAUTH_DATA'] as $key => $value) { $socservUserFields[$key] = $value; } unset($_SESSION["OAUTH_DATA"]); } if ($USER_ID > 0) { $arGroups = $USER->GetUserGroup($USER_ID); if ($this->checkRestrictions && self::isAuthDenied($arGroups)) { return SOCSERV_AUTHORISATION_ERROR; } if ($entryId > 0) { UserTable::update($entryId, UserTable::filterFields($socservUserFields)); } else { $socservUserFields['USER_ID'] = $USER_ID; UserTable::add(UserTable::filterFields($socservUserFields)); } if (isset($socservUserFields["TIME_ZONE_OFFSET"]) && $socservUserFields["TIME_ZONE_OFFSET"] !== null) { CTimeZone::SetCookieValue($socservUserFields["TIME_ZONE_OFFSET"]); } $USER->AuthorizeWithOtp($USER_ID); if ($USER->IsJustAuthorized()) { ContactTable::onUserLoginSocserv($socservUserFields); foreach (GetModuleEvents("socialservices", "OnUserLoginSocserv", true) as $arEvent) { ExecuteModuleEventEx($arEvent, array($socservUserFields)); } } } else { return $errorCode; } // possible redirect after authorization, so no spreading. Store cookies in the session for next hit $APPLICATION->StoreCookies(); } return true; }
public static function processBroadcastData($data) { ContactTable::onNetworkBroadcast($data); foreach (GetModuleEvents("socialservices", "OnNetworkBroadcast", true) as $eventHandler) { ExecuteModuleEventEx($eventHandler, array($data)); } static::setLastBroadcastCheck(); }
protected static function processContacts($owner, array $contactsList) { $existedContacts = array(); $dbRes = ContactTable::getList(array('filter' => array('=USER_ID' => $owner["USER_ID"]), 'select' => array('ID', 'CONTACT_XML_ID'))); while ($existedContact = $dbRes->fetch()) { $existedContacts[$existedContact['CONTACT_XML_ID']] = $existedContact['ID']; } foreach ($contactsList as $contact) { $contactFields = array("USER_ID" => $owner["USER_ID"], "CONTACT_XML_ID" => $contact["CONTACT_ID"], "CONTACT_NAME" => $contact["NAME"], "CONTACT_LAST_NAME" => $contact["LAST_NAME"], "CONTACT_PHOTO" => $contact["PHOTO"], "NOTIFY" => $contact["NOTIFY"]); $contactId = false; if (isset($existedContacts[$contactFields["CONTACT_XML_ID"]])) { $contactId = $existedContacts[$contactFields["CONTACT_XML_ID"]]; $result = static::update($contactId, $contactFields); if (!$result->isSuccess()) { AddMessage2Log($result->getErrorMessages()); } } else { $result = static::add($contactFields); if ($result->isSuccess()) { $contactId = $result->getId(); } } if ($contactId > 0 && isset($contact["profile"]) && count($contact["profile"]) > 0) { if (isset($existedContacts[$contactFields["CONTACT_XML_ID"]])) { ContactConnectTable::deleteByContact($contactId); } foreach ($contact["profile"] as $profile) { $connectFields = array('CONTACT_ID' => $contactId, 'CONTACT_PROFILE_ID' => $profile['PROFILE_ID'], 'CONTACT_PORTAL' => $profile['PORTAL'], 'CONNECT_TYPE' => $profile['TYPE']); $r = ContactConnectTable::add($connectFields); if ($r->isSuccess()) { if (!isset($contactFields["CONNECT"])) { $contactFields["CONNECT"] = array($connectFields); } else { $contactFields["CONNECT"][] = $connectFields; } } } if (!isset($existedContacts[$contactFields["CONTACT_XML_ID"]])) { static::notifyJoin($contactId, $contactFields); } } } static::notifyJoinFinish($owner["USER_ID"]); }