示例#1
0
 /**
  * @depends testCreate
  */
 public function testsetAsLoged()
 {
     $id = DM\Users::create(array('name' => $this->testName, 'password' => 'qq'));
     $this->assertTrue(is_numeric($id), 'Cant create User');
     \CB\User::setAsLoged($id, 'tests_key');
     $this->assertTrue(\CB\User::isLoged(), ' Error: user is not logged');
     $this->assertEquals($id, $_SESSION['user']['id'], 'Sessions user is not equal with setted users');
     $this->assertEquals('tests_key', $_SESSION['key'], 'Sessions key is not equal with setted keys');
 }
示例#2
0
 public function testSearchUser()
 {
     //add a user for search testing
     $class = new \CB\UsersGroups();
     $data = $class->addUser(['name' => 'searchtest', 'first_name' => 'Search', 'last_name' => 'Test', 'email' => '*****@*****.**']);
     $id = $data['data']['id'];
     $_SESSION['user']['id'] = $id;
     $datas = Data\Providers::searchQueriesData();
     $search = new \CB\Api\Search();
     foreach ($datas as $data) {
         $result = $search->query($data[0]['query']);
         $this->assertArraySubset($data[0]['result'], $result);
     }
     DM\Users::delete($id);
     $_SESSION['user']['id'] = 1;
 }
示例#3
0
 /**
  *
  * @return array
  */
 public static function checkLogined()
 {
     $result = array('success' => false);
     if (static::isOauth2Login()) {
         $state = self::decodeState($_GET['state']);
         $session_state = self::decodeState($_SESSION['oauth2state']);
         if (isset($session_state['state']) && isset($state['state']) && $session_state['state'] == $state['state'] && isset($state['email'])) {
             $userId = DM\Users::getIdByEmail($state['email']);
             if (empty($userId)) {
                 $result['message'] = 'Email ' . $state['email'] . ' not authorized for this core. ' . L\get('Specify_username') . ' ';
             } else {
                 $result = array('success' => true, 'user_id' => $userId, 'session_id' => $session_state['state']);
             }
         } else {
             $result['message'] = 'WRONG STATE!!!';
         }
     } else {
         $result['message'] = 'Is not Oauth login';
     }
     return $result;
 }
示例#4
0
 /**
  * Check if current loged user is owner for given user id
  *
  * @param  int     $userId
  * @return boolean
  */
 public static function isUsersOwner($userId)
 {
     return User::getId() == DM\Users::getOwnerId($userId);
 }
示例#5
0
文件: User.php 项目: sebbie42/casebox
 /**
  * set the user enabled or disabled
  * @param int     $userId
  * @param boolean $enabled
  */
 public static function setEnabled($userId, $enabled)
 {
     return DM\Users::update(array('id' => $userId, 'enabled' => intval($enabled)));
 }
示例#6
0
 /**
  * Add a new user
  * params: name, group_id
  */
 public function addUser($p)
 {
     if (!User::isVerified()) {
         return array('success' => false, 'verify' => true);
     }
     if (!Security::canManage()) {
         throw new \Exception(L\get('Access_denied'));
     }
     $rez = array('success' => false, 'msg' => L\get('Missing_required_fields'));
     $p['name'] = strip_tags($p['name']);
     $p['name'] = trim($p['name']);
     $p1 = empty($p['password']) ? '' : $p['password'];
     $p2 = empty($p['confirm_password']) ? '' : $p['confirm_password'];
     if (empty($p['name']) || $p1 != $p2) {
         return $rez;
     }
     // validate input params
     if (!preg_match('/^[a-z\\.0-9_]+$/i', $p['name'])) {
         return array('success' => false, 'msg' => 'Invalid username. Use only letters, digits, "dot" and/or "underscore".');
     }
     $p['first_name'] = Purify::humanName($p['first_name']);
     $p['last_name'] = Purify::humanName($p['last_name']);
     if (!empty($p['email'])) {
         if (!filter_var($p['email'], FILTER_VALIDATE_EMAIL)) {
             return array('success' => false, 'msg' => L\get('InvalidEmail'));
         }
     }
     //check if user with such email doesn exist
     $user_id = DM\Users::getIdByEmail($p['email']);
     if (!empty($user_id)) {
         throw new \Exception(L\get('UserEmailExists'));
     }
     /*check user existance, if user already exists but is deleted
       then its record will be used for new user */
     $user_id = DM\Users::getIdByName($p['name']);
     if (!empty($user_id)) {
         throw new \Exception(L\get('User_exists'));
     }
     $params = array('name' => $p['name'], 'first_name' => $p['first_name'], 'last_name' => $p['last_name'], 'cid' => User::getId(), 'language_id' => Config::get('language_index'), 'email' => $p['email']);
     if (!empty($p['password']) && !empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 2) {
         $params['password'] = $p['password'];
     }
     $user_id = DM\Users::getIdByName($p['name'], false);
     if (!empty($user_id)) {
         //update
         $params['id'] = $user_id;
         DM\Users::update($params);
         /* in case it was a deleted user we delete all old acceses */
         DB\dbQuery('DELETE FROM users_groups_association WHERE user_id = $1', $user_id);
         DB\dbQuery('DELETE FROM tree_acl WHERE user_group_id = $1', $rez['data']['id']);
         /* end of in case it was a deleted user we delete all old acceses */
     } else {
         //create
         $user_id = DM\Users::create($params);
     }
     $rez = array('success' => true, 'data' => array('id' => $user_id));
     $p['id'] = $user_id;
     // associating user to group if group was specified
     if (isset($p['group_id']) && is_numeric($p['group_id'])) {
         DB\dbQuery('INSERT INTO users_groups_association (user_id, group_id, cid)
             VALUES($1, $2, $3)
             ON duplicate KEY
             UPDATE cid = $3', array($user_id, $p['group_id'], User::getId()));
         $rez['data']['group_id'] = $p['group_id'];
     } else {
         $rez['data']['group_id'] = 0;
     }
     //check if send invite is set and create notification
     if (!empty($p['psw_setup']['ps']) && $p['psw_setup']['ps'] == 1) {
         $this->sendResetPasswordMail($user_id, 'invite');
     }
     Security::calculateUpdatedSecuritySets();
     Solr\Client::runBackgroundCron();
     return $rez;
 }
     if (empty($templateIds)) {
         \CB\debug('receive comments cron: no comment template defined');
         continue;
     }
     $templateId = array_shift($templateIds);
     $commentsObj = Objects::getCustomClassByType('comment');
     foreach ($core['mails'] as $mail) {
         if (!Objects::idExists($mail['pid'])) {
             \CB\debug('receive comments cron: target id not found for mail "' . $mail['subject'] . '"');
             continue;
         }
         $emailFrom = extractEmailFromText($mail['from']);
         // user email
         $emailTo = extractEmailFromText($mail['to']);
         // <*****@*****.**>
         $userId = DM\Users::getIdByEmail($emailFrom);
         $_SESSION['user'] = array('id' => $userId);
         $data = array('id' => null, 'pid' => $mail['pid'], 'oid' => $userId, 'cid' => $userId, 'template_id' => $templateId, 'data' => array('_title' => removeContentExtraBlock($mail['content'], $emailFrom, $emailTo)), 'sys_data' => array('mailId' => $mail['id']));
         try {
             $commentId = $commentsObj->create($data);
             //add attachments
             if (!empty($mail['attachments'])) {
                 saveObjectAttachments($commentId, $mail['attachments']);
             }
         } catch (Exception $e) {
             \CB\debug('Cannot create comment from ' . $mail['from'], $data);
         }
         $deleteMailIds[] = $mail['id'];
     }
 }
 if (!empty($mailConf['mailbox'])) {
示例#8
0
 protected function tearDown()
 {
     //remove users and objects
     DM\Users::delete($this->userIds);
     \CB\Config::setFlag('disableSolrIndexing', $this->oldValues['solrIndexing']);
     if (empty($this->oldValues['userVerified'])) {
         unset($_SESSION['verified']);
     }
 }
示例#9
0
 /**
  * process a message:
  *     - replace urls with links
  *     - replace object references with links
  * @param varchar $message
  */
 public static function processAndFormatMessage($message, $replacements = 'user,object,url')
 {
     if (empty($message)) {
         return $message;
     }
     $replacements = Util\toTrimmedArray($replacements);
     // replace urls with links
     if (in_array('url', $replacements)) {
         $message = \Kwi\UrlLinker::getInstance()->linkUrlsAndEscapeHtml($message);
     }
     //replace object references with links
     if (in_array('object', $replacements) && preg_match_all('/(.?)#(\\d+)(.?)/', $message, $matches, PREG_SET_ORDER)) {
         foreach ($matches as $match) {
             // check if not a html code
             if ($match[1] == '&' && $match[3] == ';') {
                 continue;
             }
             $templateId = Objects::getTemplateId($match[2]);
             $name = Objects::getName($match[2]);
             $name = strlen($name) > 30 ? mb_substr($name, 0, 30) . '&hellip;' : $name;
             $message = str_replace($match[0], $match[1] . '<a class="click obj-ref" itemid="' . $match[2] . '" templateid= "' . $templateId . '" title="' . $name . '"' . '>#' . $match[2] . '</a>' . $match[3], $message);
         }
     }
     //replace users with their names
     if (in_array('user', $replacements) && preg_match_all('/@([\\w\\.\\-]+[\\w])/', $message, $matches, PREG_SET_ORDER)) {
         foreach ($matches as $match) {
             $userId = DM\Users::getIdByName($match[1]);
             if (is_numeric($userId)) {
                 $userName = $match[1];
                 $message = str_replace($match[0], '<span class="cDB user-ref" title="' . User::getDisplayName($userId) . '">@' . $userName . '</span>', $message);
             }
         }
     }
     return $message;
 }
示例#10
0
    showMessage();
}
$cbDb = $cfg['prefix'] . '__casebox';
echo 'Registering core .. ';
\CB\DB\dbQuery('REPLACE INTO ' . $cbDb . ' .cores (name, cfg) VALUES ($1, $2)', array($coreName, '{}'));
showMessage();
//ask to provide root email & password
$email = '';
$pass = '';
do {
    $email = readParam('core_root_email');
} while (\CB\Cache::get('RUN_SETUP_INTERACTIVE_MODE') && empty($email));
do {
    $pass = readParam('core_root_pass');
} while (\CB\Cache::get('RUN_SETUP_INTERACTIVE_MODE') && empty($pass));
DB\dbQuery("use `{$dbName}`");
if (!empty($email) || !empty($pass)) {
    DM\Users::updateByName(array('name' => 'root', 'password' => $pass, 'email' => $email, 'data' => '{"email": "' . $email . '"}'));
}
//set core languages
$sql = 'REPLACE INTO `config` (id, param, `value`)
    VALUES ($1, $2, $3);';
$language = readParam('core_default_language', 'en');
DB\dbQuery($sql, array(DM\Config::toId('default_language', 'param'), 'default_language', $language));
$languages = readParam('core_languages', $language);
DB\dbQuery($sql, array(DM\Config::toId('languages', 'param'), 'languages', $languages));
createSolrCore($cfg, $coreName);
echo 'Creating language files .. ';
exec('php "' . $binDirectorty . 'languages_update_js_files.php"');
showMessage();
echo "Done.\n";
示例#11
0
文件: Util.php 项目: sebbie42/casebox
/**
 * get referenced user ids inside a given text
 * @param  varchar $text
 * @return array()
 */
function getReferencedUsers($text)
{
    $rez = array();
    if (!empty($text) && preg_match_all('/@([^@\\s,!\\?]+)/', $text, $matches, PREG_SET_ORDER)) {
        $names = array();
        foreach ($matches as $match) {
            if (!isset($names[$match[1]])) {
                $names[$match[1]] = DM\Users::getIdByName($match[1]);
                if (is_numeric($names[$match[1]])) {
                    $rez[] = intval($names[$match[1]]);
                }
            }
        }
    }
    return $rez;
}
示例#12
0
 protected function setUp()
 {
     $this->provider = new GoogleProvider(['clientId' => 'mock_client_id', 'clientSecret' => 'mock_secret', 'redirectUri' => 'none', 'hostedDomain' => 'mock_domain', 'accessType' => 'mock_access_type']);
     DM\Users::updateByName(array('name' => 'root', 'email' => $this->email, 'data' => '{"email": "' . $this->email . '"}'));
 }
示例#13
0
 /* try to get target folder from subject*/
 $path = false;
 //case_nr
 /* try to find user from database that corresponds to this mail.
    Ex: Kell <*****@*****.**> */
 $email = false;
 if (preg_match_all('/^[^<]*<?([^>]+)>?/i', $mail->from, $results)) {
     $email = $results[1][0];
 }
 if ($email == false) {
     $delete_ids[] = $mailbox->getUniqueId($k);
     echo "\rcannot find senders email for: {$subject} ... skipping";
     mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find ' . 'your email in received message. ' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r");
     continue;
 }
 $user_id = DM\Users::getIdByEmail($email);
 if (!empty($user_id)) {
     if (empty($test_user_id)) {
         $delete_ids[] = $mailbox->getUniqueId($k);
         mail($mail->from, 'Error processing your email: ' . $subject, '. We didn\'t find your' . ' email address in our users database, please update your email ' . 'address in your user profile of casebox and resend your mail. ' . 'Wrong messages are deleted automatically.' . $mail_requirements, 'From: ' . $core['mail_user'] . "\n\r");
         echo "\rcannot find corresponding user in our database '.\n                'for email {$email} from message: {$subject} ... skipping";
         continue;
     } else {
         $user_id = $test_user_id;
     }
 }
 /* end of try to find user from database that corresponds to this mail */
 if (preg_match('/(\\([\\s]*(.+)[\\s]*\\))\\s*$/i', $subject, $matches)) {
     $subject = str_replace($matches[0], '', $subject);
     $path = $matches[2];
 } else {
示例#14
0
 }
 $user_id = null;
 $user_mail = null;
 if (!empty($e)) {
     if ($e = filter_var($e, FILTER_VALIDATE_EMAIL)) {
         $user_id = DM\Users::getIdByEmail($e);
         if (empty($user_id)) {
             $_SESSION['e_msg'] = L\get('EmailNotFound');
             header('location: ' . $coreUrl . 'recover/forgot-password/');
             exit(0);
         }
     } else {
         $_SESSION['e_msg'] = L\get('InvalidEmail');
     }
 } elseif (!empty($u)) {
     $user_id = DM\Users::getIdByName($u);
     if (empty($user_id)) {
         $_SESSION['u_msg'] = L\get('UsernameNotFound');
         header('location: ' . $coreUrl . 'recover/forgot-password/');
         exit(0);
     } else {
         $user = User::getPreferences($user_id);
         $user_mail = empty($user['cfg']['security']['recovery_email']) ? $user['email'] : $user['cfg']['security']['recovery_email'];
         if (empty($user_mail)) {
             $_SESSION['u_msg'] = L\get('UserHasNoMail');
             header('location: ' . $coreUrl . 'recover/forgot-password/');
             exit(0);
         }
     }
 }
 if (!UsersGroups::sendResetPasswordMail($user_id)) {
示例#15
0
 /**
  * validate input params for create method
  * @param  array        $p object properties
  * @return varchar|true Return error message or boolean true
  */
 private function validateInputParamsForCreate(&$p)
 {
     if (empty($p['template_id']) && !empty($p['tmplId'])) {
         $p['template_id'] = $p['tmplId'];
     }
     if (!isset($p['template_id'])) {
         return 'template_id not specified';
     }
     if (!is_numeric($p['template_id'])) {
         return 'template_id not valid';
     }
     if (!isset($p['pid'])) {
         return 'pid not specified';
     }
     if (!is_numeric($p['pid'])) {
         return 'pid not valid';
     }
     if (!isset($p['oid'])) {
         if (!isset($p['owner'])) {
             return 'owner not specified';
         }
         $p['oid'] = is_numeric($p['owner']) ? $p['owner'] : DM\Users::getIdByName($p['owner']);
     }
     if (!is_numeric($p['oid'])) {
         return 'invalid owner specified';
     }
     return true;
 }
示例#16
0
 private function validateInputParamsForUpload(&$p)
 {
     if (!isset($p['pid'])) {
         return 'pid not specified';
     }
     if (!is_numeric($p['pid'])) {
         return 'pid not valid';
     }
     if (empty($p['template_id']) && !empty($p['tmplId'])) {
         $p['template_id'] = $p['tmplId'];
     }
     if (empty($p['template_id'])) {
         $p['template_id'] = \CB\Config::get('default_file_template');
         if (empty($p['template_id'])) {
             return 'template not specified';
         }
     }
     if (!empty($p['fileExistAction'])) {
         if (!in_array($p['fileExistAction'], array('newversion', 'replace', 'autorename'))) {
             return 'Invalid value for fileExistAction';
         }
         $p['response'] = $p['fileExistAction'];
         unset($p['fileExistAction']);
     }
     if (!is_numeric($p['template_id'])) {
         return 'template id not valid';
     }
     if (!empty($p['localFile'])) {
         if (!file_exists($p['localFile'])) {
             return 'File not found: ' . $p['localFile'];
         }
     } else {
         if (empty($_FILES)) {
             return 'No file found for upload';
         }
     }
     if (empty($p['title'])) {
         if (!empty($p['filename'])) {
             $p['title'] = $p['filename'];
             unset($p['filename']);
         } else {
             if (!empty($p['localFile'])) {
                 $p['title'] = basename($p['localFile']);
             } elseif (!empty($_FILES['file'])) {
                 $p['title'] = $_FILES['file']['name'];
             }
         }
     }
     if (empty($p['title'])) {
         return 'Cannot detect file title';
     }
     if (!isset($p['oid'])) {
         if (!isset($p['owner'])) {
             return 'owner not specified';
         }
         if (is_numeric($p['owner'])) {
             if (DM\Users::idExists($p['owner'])) {
                 $p['oid'] = $p['owner'];
             }
         } else {
             $p['oid'] = DM\Users::getIdByName($p['owner']);
         }
     }
     if (!is_numeric($p['oid'])) {
         return 'invalid owner specified';
     } elseif (empty($p['cid'])) {
         $p['cid'] = $p['oid'];
     }
     return true;
 }