|
1
|
|
|
<?php |
|
2
|
|
|
require('class.UIDForgotEmail.php'); |
|
3
|
|
|
require('class.PasswordResetEmail.php'); |
|
4
|
|
|
require('class.PasswordHasBeenResetEmail.php'); |
|
5
|
|
|
|
|
6
|
|
|
function users() |
|
7
|
|
|
{ |
|
8
|
|
|
global $app; |
|
9
|
|
|
$app->get('', 'list_users'); |
|
10
|
|
|
$app->post('', 'create_user'); |
|
11
|
|
|
$app->get('/me', 'show_user'); |
|
12
|
|
|
$app->get('/:uid', 'show_user'); |
|
13
|
|
|
$app->patch('/:uid', 'edit_user'); |
|
14
|
|
|
$app->delete('/:uid', 'deleteUser'); |
|
15
|
|
|
$app->get('/me/groups', 'list_groups_for_user'); |
|
16
|
|
|
$app->get('/:uid/groups', 'list_groups_for_user'); |
|
17
|
|
|
$app->post('/me/Actions/link', 'link_user'); |
|
18
|
|
|
$app->post('/:uid/Actions/link', 'link_user'); |
|
19
|
|
|
$app->post('/:uid/Actions/reset_pass', 'reset_pass'); |
|
20
|
|
|
$app->post('/Actions/check_email_available', 'check_email_available'); |
|
21
|
|
|
$app->post('/Actions/check_uid_available', 'check_uid_available'); |
|
22
|
|
|
$app->post('/Actions/remind_uid', 'remind_uid'); |
|
23
|
|
|
} |
|
24
|
|
|
|
|
25
|
|
|
function list_users() |
|
26
|
|
|
{ |
|
27
|
|
|
global $app; |
|
28
|
|
|
if(!$app->user) |
|
29
|
|
|
{ |
|
30
|
|
|
$app->response->setStatus(401); |
|
31
|
|
|
return; |
|
32
|
|
|
} |
|
33
|
|
|
if($app->user && !$app->user->isInGroupNamed("LDAPAdmins")) |
|
34
|
|
|
{ |
|
35
|
|
|
//Only return this user. This user doesn't have access to other accounts |
|
36
|
|
|
echo json_encode(array($app->user)); |
|
37
|
|
|
} |
|
38
|
|
|
else |
|
39
|
|
|
{ |
|
40
|
|
|
$auth = AuthProvider::getInstance(); |
|
41
|
|
|
$users = $auth->getUsersByFilter($app->odata->filter, $app->odata->select, $app->odata->top, $app->odata->skip, $app->odata->orderby); |
|
42
|
|
|
echo json_encode($users); |
|
43
|
|
|
} |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
function validateCanCreateUser($proposedUser, $auth, &$message) |
|
47
|
|
|
{ |
|
48
|
|
|
$user = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$proposedUser->mail)); |
|
49
|
|
View Code Duplication |
if($user !== false && isset($user[0])) |
|
|
|
|
|
|
50
|
|
|
{ |
|
51
|
|
|
$message = 'Email already exists!'; |
|
52
|
|
|
return false; |
|
53
|
|
|
} |
|
54
|
|
|
$user = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$proposedUser->uid)); |
|
55
|
|
View Code Duplication |
if($user !== false && isset($user[0])) |
|
|
|
|
|
|
56
|
|
|
{ |
|
57
|
|
|
$message = 'Username already exists!'; |
|
58
|
|
|
return false; |
|
59
|
|
|
} |
|
60
|
|
|
return true; |
|
61
|
|
|
} |
|
62
|
|
|
|
|
63
|
|
|
function create_user() |
|
64
|
|
|
{ |
|
65
|
|
|
global $app; |
|
66
|
|
|
//This one is different. If they are logged in fail... |
|
67
|
|
|
if($app->user) |
|
68
|
|
|
{ |
|
69
|
|
|
$app->response->setStatus(404); |
|
70
|
|
|
return; |
|
71
|
|
|
} |
|
72
|
|
|
$body = $app->request->getBody(); |
|
73
|
|
|
$obj = json_decode($body); |
|
74
|
|
|
if(!isset($obj->captcha)) |
|
75
|
|
|
{ |
|
76
|
|
|
$app->response->setStatus(401); |
|
77
|
|
|
return; |
|
78
|
|
|
} |
|
79
|
|
|
$captcha = FlipSession::getVar('captcha'); |
|
80
|
|
|
if($captcha === false) |
|
81
|
|
|
{ |
|
82
|
|
|
$app->response->setStatus(401); |
|
83
|
|
|
return; |
|
84
|
|
|
} |
|
85
|
|
|
if(!$captcha->is_answer_right($obj->captcha)) |
|
86
|
|
|
{ |
|
87
|
|
|
echo json_encode(array('res'=>false, 'message'=>'Incorrect answer to CAPTCHA!')); |
|
88
|
|
|
return; |
|
89
|
|
|
} |
|
90
|
|
|
$auth = AuthProvider::getInstance(); |
|
91
|
|
|
$message = false; |
|
92
|
|
|
if(validateCanCreateUser($obj, $auth, $message) === false) |
|
93
|
|
|
{ |
|
94
|
|
|
echo json_encode(array('res'=>false, 'message'=>$message)); |
|
95
|
|
|
return; |
|
96
|
|
|
} |
|
97
|
|
|
$ret = $auth->createPendingUser($obj); |
|
98
|
|
|
echo json_encode($ret); |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
function getUserByUID($app, $uid) |
|
102
|
|
|
{ |
|
103
|
|
|
if($uid === 'me' || $uid === $app->user->getUid()) |
|
104
|
|
|
{ |
|
105
|
|
|
return $app->user; |
|
106
|
|
|
} |
|
107
|
|
|
if($app->user->isInGroupNamed('LDAPAdmins') || $app->user->isInGroupNamed('Leads') || $app->user->isInGroupNamed('CC')) |
|
108
|
|
|
{ |
|
109
|
|
|
$auth = \AuthProvider::getInstance(); |
|
110
|
|
|
$filter = new \Data\Filter("uid eq $uid"); |
|
111
|
|
|
return $auth->getUsersByFilter($filter); |
|
112
|
|
|
} |
|
113
|
|
|
return false; |
|
114
|
|
|
} |
|
115
|
|
|
|
|
116
|
|
|
function show_user($uid = 'me') |
|
117
|
|
|
{ |
|
118
|
|
|
global $app; |
|
119
|
|
|
if(!$app->user) |
|
120
|
|
|
{ |
|
121
|
|
|
$app->response->setStatus(401); |
|
122
|
|
|
return; |
|
123
|
|
|
} |
|
124
|
|
|
$user = getUserByUID($app, $uid); |
|
125
|
|
|
if($user === false) |
|
126
|
|
|
{ |
|
127
|
|
|
$app->halt(404); |
|
128
|
|
|
} |
|
129
|
|
|
if(!is_object($user) && isset($user[0])) |
|
130
|
|
|
{ |
|
131
|
|
|
$user = $user[0]; |
|
132
|
|
|
} |
|
133
|
|
|
if($app->fmt === 'vcard') |
|
134
|
|
|
{ |
|
135
|
|
|
$app->response->headers->set('Content-Type', 'text/x-vCard'); |
|
136
|
|
|
echo $user->getVcard(); |
|
137
|
|
|
$app->fmt = 'passthru'; |
|
138
|
|
|
} |
|
139
|
|
|
else |
|
140
|
|
|
{ |
|
141
|
|
|
echo $user->serializeObject(); |
|
142
|
|
|
} |
|
143
|
|
|
} |
|
144
|
|
|
|
|
145
|
|
|
function edit_user($uid = 'me') |
|
146
|
|
|
{ |
|
147
|
|
|
global $app; |
|
148
|
|
|
$body = $app->request->getBody(); |
|
149
|
|
|
$obj = json_decode($body); |
|
150
|
|
|
$auth = AuthProvider::getInstance(); |
|
151
|
|
|
if(!$app->user) |
|
152
|
|
|
{ |
|
153
|
|
|
if(isset($obj->hash)) |
|
154
|
|
|
{ |
|
155
|
|
|
$app->user = $auth->getUserByResetHash($obj->hash); |
|
156
|
|
|
} |
|
157
|
|
|
if(!$app->user) |
|
158
|
|
|
{ |
|
159
|
|
|
$app->response->setStatus(401); |
|
160
|
|
|
return; |
|
161
|
|
|
} |
|
162
|
|
|
} |
|
163
|
|
|
$user = false; |
|
|
|
|
|
|
164
|
|
|
if($uid === 'me' || $uid === $app->user->getUid()) |
|
165
|
|
|
{ |
|
166
|
|
|
try |
|
167
|
|
|
{ |
|
168
|
|
|
$app->user->editUser($obj); |
|
169
|
|
|
} |
|
170
|
|
|
catch(\Exception $e) |
|
171
|
|
|
{ |
|
172
|
|
|
if($e->getCode() === 3) |
|
173
|
|
|
{ |
|
174
|
|
|
$app->response->setStatus(401); |
|
175
|
|
|
echo json_encode($e); |
|
176
|
|
|
} |
|
177
|
|
|
else |
|
178
|
|
|
{ |
|
179
|
|
|
$app->response->setStatus(500); |
|
180
|
|
|
echo json_encode($e); |
|
181
|
|
|
} |
|
182
|
|
|
} |
|
183
|
|
|
$user = $app->user; |
|
184
|
|
|
\FlipSession::setUser($user); |
|
185
|
|
|
} |
|
186
|
|
|
else if($app->user->isInGroupNamed("LDAPAdmins")) |
|
187
|
|
|
{ |
|
188
|
|
|
$user = $auth->getUsersByFilter(new \Data\Filter("uid eq $uid")); |
|
189
|
|
|
if($user === false || !isset($user[0])) |
|
190
|
|
|
{ |
|
191
|
|
|
$app->response->setStatus(404); |
|
192
|
|
|
return; |
|
193
|
|
|
} |
|
194
|
|
|
$user[0]->editUser($obj); |
|
195
|
|
|
} |
|
196
|
|
|
else |
|
197
|
|
|
{ |
|
198
|
|
|
$app->response->setStatus(404); |
|
199
|
|
|
return; |
|
200
|
|
|
} |
|
201
|
|
|
if(isset($obj->password)) |
|
202
|
|
|
{ |
|
203
|
|
|
$forwarded_for = false; |
|
204
|
|
|
if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) |
|
205
|
|
|
{ |
|
206
|
|
|
$forwarded_for = $_SERVER['HTTP_X_FORWARDED_FOR']; |
|
207
|
|
|
} |
|
208
|
|
|
$email_msg = new PasswordHasBeenResetEmail($user, $_SERVER['REMOTE_ADDR'], $forwarded_for); |
|
209
|
|
|
$email_provider = EmailProvider::getInstance(); |
|
210
|
|
|
if($email_provider->sendEmail($email_msg) === false) |
|
211
|
|
|
{ |
|
212
|
|
|
throw new \Exception('Unable to send password reset email!'); |
|
213
|
|
|
} |
|
214
|
|
|
} |
|
215
|
|
|
echo json_encode(array('success'=>true)); |
|
216
|
|
|
} |
|
217
|
|
|
|
|
218
|
|
|
function deleteUser($uid = 'me') |
|
219
|
|
|
{ |
|
220
|
|
|
global $app; |
|
221
|
|
|
if(!$app->user) |
|
222
|
|
|
{ |
|
223
|
|
|
$app->response->setStatus(401); |
|
224
|
|
|
return; |
|
225
|
|
|
} |
|
226
|
|
|
$user = false; |
|
227
|
|
|
if($uid === 'me' || $uid === $app->user->getUid()) |
|
228
|
|
|
{ |
|
229
|
|
|
$user = $app->user; |
|
230
|
|
|
} |
|
231
|
|
|
else if($app->user->isInGroupNamed("LDAPAdmins")) |
|
232
|
|
|
{ |
|
233
|
|
|
$auth = AuthProvider::getInstance(); |
|
234
|
|
|
$filter = new \Data\Filter("uid eq $uid"); |
|
235
|
|
|
$user = $auth->getUsersByFilter($filter); |
|
236
|
|
|
if(isset($user[0])) |
|
237
|
|
|
{ |
|
238
|
|
|
$user = $user[0]; |
|
239
|
|
|
} |
|
240
|
|
|
} |
|
241
|
|
|
return $user->delete(); |
|
242
|
|
|
} |
|
243
|
|
|
|
|
244
|
|
|
function list_groups_for_user($uid = 'me') |
|
245
|
|
|
{ |
|
246
|
|
|
global $app; |
|
247
|
|
|
if(!$app->user) |
|
248
|
|
|
{ |
|
249
|
|
|
$app->response->setStatus(401); |
|
250
|
|
|
return; |
|
251
|
|
|
} |
|
252
|
|
|
$groups = false; |
|
|
|
|
|
|
253
|
|
|
if($uid === 'me' || $uid === $app->user->getUid()) |
|
254
|
|
|
{ |
|
255
|
|
|
$groups = $app->user->getGroups(); |
|
256
|
|
|
} |
|
257
|
|
View Code Duplication |
else if($app->user->isInGroupNamed("LDAPAdmins")) |
|
|
|
|
|
|
258
|
|
|
{ |
|
259
|
|
|
$user = AuthProvider::getInstance()->getUser($uid); |
|
260
|
|
|
if($user === false) |
|
261
|
|
|
{ |
|
262
|
|
|
$app->response->setStatus(404); |
|
263
|
|
|
return; |
|
264
|
|
|
} |
|
265
|
|
|
$groups = $user->getGroups(); |
|
266
|
|
|
} |
|
267
|
|
|
else |
|
268
|
|
|
{ |
|
269
|
|
|
$app->response->setStatus(404); |
|
270
|
|
|
return; |
|
271
|
|
|
} |
|
272
|
|
|
if($groups === false) |
|
273
|
|
|
{ |
|
274
|
|
|
echo json_encode(array()); |
|
275
|
|
|
} |
|
276
|
|
|
else |
|
277
|
|
|
{ |
|
278
|
|
|
echo json_encode($groups); |
|
279
|
|
|
} |
|
280
|
|
|
} |
|
281
|
|
|
|
|
282
|
|
|
function link_user($uid = 'me') |
|
283
|
|
|
{ |
|
284
|
|
|
global $app; |
|
285
|
|
|
if(!$app->user) |
|
286
|
|
|
{ |
|
287
|
|
|
$app->response->setStatus(401); |
|
288
|
|
|
return; |
|
289
|
|
|
} |
|
290
|
|
|
$body = $app->request->getBody(); |
|
291
|
|
|
$obj = json_decode($body); |
|
292
|
|
|
if($uid === 'me' || $uid === $app->user->getUid()) |
|
293
|
|
|
{ |
|
294
|
|
|
$app->user->addLoginProvider($obj->provider); |
|
295
|
|
|
AuthProvider::getInstance()->impersonateUser($app->user); |
|
296
|
|
|
} |
|
297
|
|
View Code Duplication |
else if($app->user->isInGroupNamed("LDAPAdmins")) |
|
|
|
|
|
|
298
|
|
|
{ |
|
299
|
|
|
$user = AuthProvider::getInstance()->getUser($uid); |
|
300
|
|
|
if($user === false) |
|
301
|
|
|
{ |
|
302
|
|
|
$app->response->setStatus(404); |
|
303
|
|
|
return; |
|
304
|
|
|
} |
|
305
|
|
|
$user->addLoginProvider($obj->provider); |
|
306
|
|
|
} |
|
307
|
|
|
else |
|
308
|
|
|
{ |
|
309
|
|
|
$app->response->setStatus(404); |
|
310
|
|
|
return; |
|
311
|
|
|
} |
|
312
|
|
|
echo json_encode(array('success'=>true)); |
|
313
|
|
|
} |
|
314
|
|
|
|
|
315
|
|
|
function check_email_available() |
|
316
|
|
|
{ |
|
317
|
|
|
global $app; |
|
318
|
|
|
$email = $app->request->params('email'); |
|
319
|
|
|
if(strpos($email, '@') === false) |
|
320
|
|
|
{ |
|
321
|
|
|
//Not a valid email |
|
322
|
|
|
echo 'false'; |
|
323
|
|
|
} |
|
324
|
|
|
if(strstr($email, '+') !== false) |
|
325
|
|
|
{ |
|
326
|
|
|
//Remove everything between the + and the @ |
|
327
|
|
|
$begining = strpos($email, '+'); |
|
328
|
|
|
$end = strpos($email, '@'); |
|
329
|
|
|
$to_delete = substr($email, $begining, $end - $begining); |
|
330
|
|
|
$email = str_replace($to_delete, '', $email); |
|
331
|
|
|
} |
|
332
|
|
|
$auth = AuthProvider::getInstance(); |
|
333
|
|
|
$filter = new \Data\Filter('mail eq '.$email); |
|
334
|
|
|
$user = $auth->getUsersByFilter($filter); |
|
335
|
|
View Code Duplication |
if($user === false || !isset($user[0])) |
|
|
|
|
|
|
336
|
|
|
{ |
|
337
|
|
|
$user = $auth->getPendingUsersByFilter($filter); |
|
338
|
|
|
if($user === false || !isset($user[0])) |
|
339
|
|
|
{ |
|
340
|
|
|
echo 'true'; |
|
341
|
|
|
} |
|
342
|
|
|
else |
|
343
|
|
|
{ |
|
344
|
|
|
echo json_encode(array('res'=>false, 'email'=>$user[0]->getEmail(), 'pending'=>true)); |
|
345
|
|
|
} |
|
346
|
|
|
} |
|
347
|
|
|
else |
|
348
|
|
|
{ |
|
349
|
|
|
echo json_encode(array('res'=>false, 'email'=>$user[0]->getEmail())); |
|
350
|
|
|
} |
|
351
|
|
|
} |
|
352
|
|
|
|
|
353
|
|
|
function check_uid_available() |
|
354
|
|
|
{ |
|
355
|
|
|
global $app; |
|
356
|
|
|
$uid = $app->request->params('uid'); |
|
357
|
|
|
if(strpos($uid, '=') !== false || strpos($uid, ',') !== false) |
|
358
|
|
|
{ |
|
359
|
|
|
return false; |
|
360
|
|
|
} |
|
361
|
|
|
$auth = AuthProvider::getInstance(); |
|
362
|
|
|
$filter = new \Data\Filter('uid eq '.$uid); |
|
363
|
|
|
$user = $auth->getUsersByFilter($filter); |
|
364
|
|
View Code Duplication |
if($user === false || !isset($user[0])) |
|
|
|
|
|
|
365
|
|
|
{ |
|
366
|
|
|
$user = $auth->getPendingUsersByFilter($filter); |
|
367
|
|
|
if($user === false || !isset($user[0])) |
|
368
|
|
|
{ |
|
369
|
|
|
echo 'true'; |
|
370
|
|
|
} |
|
371
|
|
|
else |
|
372
|
|
|
{ |
|
373
|
|
|
echo json_encode(array('res'=>false, 'uid'=>$user[0]->getUid(), 'pending'=>true)); |
|
374
|
|
|
} |
|
375
|
|
|
} |
|
376
|
|
|
else |
|
377
|
|
|
{ |
|
378
|
|
|
echo json_encode(array('res'=>false, 'uid'=>$user[0]->getUid())); |
|
379
|
|
|
} |
|
380
|
|
|
} |
|
381
|
|
|
|
|
382
|
|
View Code Duplication |
function reset_pass($uid) |
|
|
|
|
|
|
383
|
|
|
{ |
|
384
|
|
|
global $app; |
|
385
|
|
|
$auth = AuthProvider::getInstance(); |
|
386
|
|
|
$users = $auth->getUsersByFilter(new \Data\Filter('uid eq '.$uid)); |
|
387
|
|
|
if($users === false || !isset($users[0])) |
|
388
|
|
|
{ |
|
389
|
|
|
$app->response->setStatus(404); |
|
390
|
|
|
return; |
|
391
|
|
|
} |
|
392
|
|
|
else |
|
393
|
|
|
{ |
|
394
|
|
|
$email_msg = new PasswordResetEmail($users[0]); |
|
395
|
|
|
$email_provider = EmailProvider::getInstance(); |
|
396
|
|
|
if($email_provider->sendEmail($email_msg) === false) |
|
397
|
|
|
{ |
|
398
|
|
|
throw new \Exception('Unable to send email!'); |
|
399
|
|
|
} |
|
400
|
|
|
} |
|
401
|
|
|
} |
|
402
|
|
|
|
|
403
|
|
View Code Duplication |
function remind_uid() |
|
|
|
|
|
|
404
|
|
|
{ |
|
405
|
|
|
global $app; |
|
406
|
|
|
$email = $app->request->params('email'); |
|
407
|
|
|
$auth = AuthProvider::getInstance(); |
|
408
|
|
|
$users = $auth->getUsersByFilter(new \Data\Filter('mail eq '.$email)); |
|
409
|
|
|
if($users === false || !isset($users[0])) |
|
410
|
|
|
{ |
|
411
|
|
|
$app->response->setStatus(404); |
|
412
|
|
|
return; |
|
413
|
|
|
} |
|
414
|
|
|
else |
|
415
|
|
|
{ |
|
416
|
|
|
$email_msg = new UIDForgotEmail($users[0]); |
|
417
|
|
|
$email_provider = EmailProvider::getInstance(); |
|
418
|
|
|
if($email_provider->sendEmail($email_msg) === false) |
|
419
|
|
|
{ |
|
420
|
|
|
throw new \Exception('Unable to send email!'); |
|
421
|
|
|
} |
|
422
|
|
|
} |
|
423
|
|
|
} |
|
424
|
|
|
/* vim: set tabstop=4 shiftwidth=4 expandtab: */ |
|
425
|
|
|
?> |
|
|
|
|
|
|
426
|
|
|
|
BurningFlipside /
Profiles
Loading history...
Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.
You can also find more detailed suggestions in the “Code” section of your repository.