2010-12-02 23:34:41 +00:00
|
|
|
<?php
|
2012-10-08 14:54:58 -04:00
|
|
|
|
2010-12-02 23:34:41 +00:00
|
|
|
/**
|
|
|
|
|
* RbacUsers.php
|
2011-01-27 15:31:33 +00:00
|
|
|
* @package rbac-classes-model
|
2010-12-02 23:34:41 +00:00
|
|
|
*
|
|
|
|
|
* ProcessMaker Open Source Edition
|
2011-01-27 15:31:33 +00:00
|
|
|
* Copyright (C) 2004 - 2011 Colosa Inc.
|
2010-12-02 23:34:41 +00:00
|
|
|
*
|
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*
|
|
|
|
|
* For more information, contact Colosa Inc, 2566 Le Jeune Rd.,
|
|
|
|
|
* Coral Gables, FL, 33134, USA, or email info@colosa.com.
|
|
|
|
|
*
|
|
|
|
|
*/
|
2012-10-08 14:54:58 -04:00
|
|
|
/**
|
|
|
|
|
* @access public
|
|
|
|
|
*/
|
2014-11-24 17:19:24 -04:00
|
|
|
|
2017-08-01 12:16:06 -04:00
|
|
|
use ProcessMaker\Plugins\PluginRegistry;
|
|
|
|
|
|
2010-12-02 23:34:41 +00:00
|
|
|
/**
|
|
|
|
|
* Skeleton subclass for representing a row from the 'USERS' table.
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
*
|
|
|
|
|
* You should add additional methods to this class to meet the
|
|
|
|
|
* application requirements. This class will only be generated as
|
|
|
|
|
* long as it does not already exist in the output directory.
|
|
|
|
|
*
|
2011-01-18 09:10:20 +00:00
|
|
|
* @package rbac-classes-model
|
2010-12-02 23:34:41 +00:00
|
|
|
*/
|
2012-10-08 14:54:58 -04:00
|
|
|
class RbacUsers extends BaseRbacUsers
|
|
|
|
|
{
|
2010-12-02 23:34:41 +00:00
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
/**
|
|
|
|
|
* Autentificacion de un usuario a traves de la clase RBAC_user
|
|
|
|
|
*
|
|
|
|
|
* verifica que un usuario tiene derechos de iniciar una aplicacion
|
|
|
|
|
*
|
|
|
|
|
* @author Fernando Ontiveros Lira <fernando@colosa.com>
|
|
|
|
|
* access public
|
|
|
|
|
* Function verifyLogin
|
|
|
|
|
*
|
|
|
|
|
* @param string $strUser UserId (login) de usuario
|
|
|
|
|
* @param string $strPass Password
|
|
|
|
|
* @return
|
|
|
|
|
* -1: no existe usuario
|
|
|
|
|
* -2: password errado
|
|
|
|
|
* -3: usuario inactivo
|
|
|
|
|
* -4: usuario vencido
|
2013-12-09 14:58:41 -04:00
|
|
|
* -6: role inactivo
|
2012-10-08 14:54:58 -04:00
|
|
|
* n : uid de usuario
|
|
|
|
|
*/
|
|
|
|
|
public function verifyLogin($sUsername, $sPassword)
|
|
|
|
|
{
|
|
|
|
|
//invalid user
|
|
|
|
|
if ($sUsername == '') {
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
//invalid password
|
|
|
|
|
if ($sPassword == '') {
|
|
|
|
|
return -2;
|
|
|
|
|
}
|
|
|
|
|
$con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria('rbac');
|
|
|
|
|
$c->add(RbacUsersPeer::USR_USERNAME, $sUsername);
|
2017-08-09 14:40:02 -04:00
|
|
|
/* @var $rs RbacUsers[] */
|
2014-10-07 14:39:40 -04:00
|
|
|
$rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
|
2012-10-08 14:54:58 -04:00
|
|
|
if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
|
|
|
|
|
$aFields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME);
|
|
|
|
|
//verify password with md5, and md5 format
|
|
|
|
|
if (mb_strtoupper($sUsername, 'utf-8') === mb_strtoupper($aFields['USR_USERNAME'], 'utf-8')) {
|
2017-08-09 14:40:02 -04:00
|
|
|
if( Bootstrap::verifyHashPassword($sPassword, $rs[0]->getUsrPassword()) ) {
|
2012-10-08 14:54:58 -04:00
|
|
|
if ($aFields['USR_DUE_DATE'] < date('Y-m-d')) {
|
|
|
|
|
return -4;
|
|
|
|
|
}
|
|
|
|
|
if ($aFields['USR_STATUS'] != 1) {
|
|
|
|
|
return -3;
|
|
|
|
|
}
|
2013-12-09 16:43:24 -04:00
|
|
|
$role = $this->getUserRole($aFields['USR_UID']);
|
2013-12-09 14:58:41 -04:00
|
|
|
if ($role['ROL_STATUS'] == 0) {
|
|
|
|
|
return -6;
|
|
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
return $aFields['USR_UID'];
|
|
|
|
|
} else {
|
|
|
|
|
return -2;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
return -1;
|
2012-10-08 14:42:12 -04:00
|
|
|
}
|
|
|
|
|
} else {
|
2012-10-08 14:54:58 -04:00
|
|
|
return -1;
|
2012-10-08 14:42:12 -04:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
|
|
|
|
return -1;
|
|
|
|
|
}
|
|
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
public function verifyUser($sUsername)
|
|
|
|
|
{
|
|
|
|
|
//invalid user
|
|
|
|
|
if ($sUsername == '') {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
$con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria('rbac');
|
|
|
|
|
$c->add(RbacUsersPeer::USR_USERNAME, $sUsername);
|
2014-10-07 14:39:40 -04:00
|
|
|
$rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
|
2012-10-08 14:54:58 -04:00
|
|
|
if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
|
|
|
|
|
//return the row for futher check of which Autentificacion method belongs this user
|
|
|
|
|
$this->fields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME);
|
|
|
|
|
;
|
|
|
|
|
return 1;
|
|
|
|
|
} else {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
2011-06-03 18:32:48 -04:00
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
public function getByUsername($sUsername)
|
|
|
|
|
{
|
|
|
|
|
//invalid user
|
|
|
|
|
if ($sUsername == '') {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
$con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria('rbac');
|
|
|
|
|
$c->add(RbacUsersPeer::USR_USERNAME, $sUsername);
|
2014-10-07 14:39:40 -04:00
|
|
|
$rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
|
2010-12-02 23:34:41 +00:00
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
|
|
|
|
|
$aFields = $rs[0]->toArray(BasePeer::TYPE_FIELDNAME);
|
|
|
|
|
return $aFields;
|
|
|
|
|
} else {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
|
|
|
|
|
public function verifyUserId($sUserId)
|
|
|
|
|
{
|
|
|
|
|
//invalid user
|
|
|
|
|
if ($sUserId == '') {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
$con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria('rbac');
|
|
|
|
|
$c->add(RbacUsersPeer::USR_UID, $sUserId);
|
2014-10-07 14:39:40 -04:00
|
|
|
$rs = RbacUsersPeer::doSelect($c, Propel::getDbConnection('rbac_ro'));
|
2012-10-08 14:54:58 -04:00
|
|
|
if (is_array($rs) && isset($rs[0]) && is_object($rs[0]) && get_class($rs[0]) == 'RbacUsers') {
|
|
|
|
|
return 1;
|
|
|
|
|
} else {
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
public function load($sUsrUid)
|
|
|
|
|
{
|
|
|
|
|
$con = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria('rbac');
|
|
|
|
|
$c->add(RbacUsersPeer::USR_UID, $sUsrUid);
|
2017-08-11 12:14:43 -04:00
|
|
|
$resultSet = RbacUsersPeer::doSelectRS($c, Propel::getDbConnection('rbac_ro'));
|
|
|
|
|
if ($resultSet->next()) {
|
|
|
|
|
$this->hydrate($resultSet);
|
|
|
|
|
$aFields = $this->toArray(BasePeer::TYPE_FIELDNAME);
|
2012-10-08 14:54:58 -04:00
|
|
|
return $aFields;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
return $res;
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
|
|
|
|
|
public function create($aData)
|
|
|
|
|
{
|
2017-08-10 12:10:42 -04:00
|
|
|
if (class_exists('ProcessMaker\Plugins\PluginRegistry')) {
|
2017-08-01 12:16:06 -04:00
|
|
|
$pluginRegistry = PluginRegistry::loadSingleton();
|
2013-03-20 13:31:32 -04:00
|
|
|
if ($pluginRegistry->existsTrigger(PM_BEFORE_CREATE_USER)) {
|
|
|
|
|
try {
|
2013-03-21 16:29:58 -04:00
|
|
|
$pluginRegistry->executeTriggers(PM_BEFORE_CREATE_USER, null);
|
2017-08-10 12:10:42 -04:00
|
|
|
} catch (Exception $error) {
|
2013-03-20 13:31:32 -04:00
|
|
|
throw new Exception($error->getMessage());
|
|
|
|
|
}
|
2013-03-20 10:58:19 -04:00
|
|
|
}
|
|
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
$oConnection = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$oRBACUsers = new RbacUsers();
|
|
|
|
|
do {
|
|
|
|
|
$aData['USR_UID'] = G::generateUniqueID();
|
|
|
|
|
} while ($oRBACUsers->load($aData['USR_UID']));
|
|
|
|
|
$oRBACUsers->fromArray($aData, BasePeer::TYPE_FIELDNAME);
|
|
|
|
|
//if ($oRBACUsers->validate()) {
|
|
|
|
|
//$oConnection->begin();
|
|
|
|
|
$iResult = $oRBACUsers->save();
|
|
|
|
|
//$oConnection->commit();
|
|
|
|
|
return $aData['USR_UID'];
|
|
|
|
|
/* }
|
|
|
|
|
else {
|
|
|
|
|
$sMessage = '';
|
|
|
|
|
$aValidationFailures = $oRBACUsers->getValidationFailures();
|
|
|
|
|
foreach($aValidationFailures as $oValidationFailure) {
|
|
|
|
|
$sMessage .= $oValidationFailure->getMessage() . '<br />';
|
|
|
|
|
}
|
|
|
|
|
throw(new Exception('The registry cannot be created!<br />' . $sMessage));
|
|
|
|
|
} */
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
$oConnection->rollback();
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
public function update($aData)
|
|
|
|
|
{
|
|
|
|
|
$oConnection = Propel::getConnection(RbacUsersPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$this->fromArray($aData, BasePeer::TYPE_FIELDNAME);
|
|
|
|
|
$this->setNew(false);
|
|
|
|
|
$iResult = $this->save();
|
|
|
|
|
} catch (Exception $oError) {
|
|
|
|
|
$oConnection->rollback();
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
|
|
|
|
|
public function remove($sUserUID = '')
|
|
|
|
|
{
|
|
|
|
|
$this->setUsrUid($sUserUID);
|
|
|
|
|
$this->delete();
|
2010-12-02 23:34:41 +00:00
|
|
|
}
|
|
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
//Added by Qennix at Feb 14th, 2011
|
|
|
|
|
//Gets an associative array with total users by authentication sources
|
|
|
|
|
public function getAllUsersByAuthSource()
|
|
|
|
|
{
|
|
|
|
|
$oCriteria = new Criteria('rbac');
|
|
|
|
|
$oCriteria->addSelectColumn(RbacUsersPeer::UID_AUTH_SOURCE);
|
|
|
|
|
$oCriteria->addSelectColumn('COUNT(*) AS CNT');
|
|
|
|
|
$oCriteria->add(RbacUsersPeer::USR_STATUS, 'CLOSED', Criteria::NOT_EQUAL);
|
|
|
|
|
$oCriteria->addGroupByColumn(RbacUsersPeer::UID_AUTH_SOURCE);
|
2014-10-14 09:20:52 -04:00
|
|
|
$oDataset = RbacUsersPeer::doSelectRS($oCriteria, Propel::getDbConnection('rbac_ro'));
|
2012-10-08 14:54:58 -04:00
|
|
|
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
|
|
|
|
|
|
|
|
|
$aAuth = Array();
|
|
|
|
|
while ($oDataset->next()) {
|
|
|
|
|
$row = $oDataset->getRow();
|
|
|
|
|
$aAuth[$row['UID_AUTH_SOURCE']] = $row['CNT'];
|
|
|
|
|
}
|
|
|
|
|
return $aAuth;
|
2011-04-08 17:42:56 -04:00
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
|
|
|
|
|
//Returns all users with auth_source
|
|
|
|
|
public function getListUsersByAuthSource($auth_source)
|
|
|
|
|
{
|
|
|
|
|
$oCriteria = new Criteria('rbac');
|
|
|
|
|
$oCriteria->addSelectColumn(RbacUsersPeer::USR_UID);
|
|
|
|
|
|
|
|
|
|
if ($auth_source == '00000000000000000000000000000000') {
|
|
|
|
|
$oCriteria->add(
|
|
|
|
|
$oCriteria->getNewCriterion(RbacUsersPeer::UID_AUTH_SOURCE, $auth_source, Criteria::EQUAL)->addOr(
|
|
|
|
|
$oCriteria->getNewCriterion(RbacUsersPeer::UID_AUTH_SOURCE, '', Criteria::EQUAL)
|
|
|
|
|
));
|
|
|
|
|
} else {
|
|
|
|
|
$oCriteria->add(RbacUsersPeer::UID_AUTH_SOURCE, $auth_source, Criteria::EQUAL);
|
|
|
|
|
}
|
|
|
|
|
$oCriteria->add(RbacUsersPeer::USR_STATUS, 0, Criteria::NOT_EQUAL);
|
2014-10-14 09:20:52 -04:00
|
|
|
$oDataset = RbacUsersPeer::doSelectRS($oCriteria, Propel::getDbConnection('rbac_ro'));
|
2012-10-08 14:54:58 -04:00
|
|
|
$oDataset->setFetchmode(ResultSet::FETCHMODE_ASSOC);
|
|
|
|
|
$aUsers = array();
|
|
|
|
|
while ($oDataset->next()) {
|
|
|
|
|
$row = $oDataset->getRow();
|
|
|
|
|
$aUsers[] = $row['USR_UID'];
|
|
|
|
|
}
|
|
|
|
|
return $aUsers;
|
2011-04-08 17:42:56 -04:00
|
|
|
}
|
2013-12-09 14:58:41 -04:00
|
|
|
|
2013-12-09 16:43:24 -04:00
|
|
|
public function getUserRole($UsrUid)
|
2013-12-09 14:58:41 -04:00
|
|
|
{
|
|
|
|
|
$con = Propel::getConnection(UsersRolesPeer::DATABASE_NAME);
|
|
|
|
|
try {
|
|
|
|
|
$c = new Criteria( 'rbac' );
|
|
|
|
|
$c->clearSelectColumns();
|
|
|
|
|
$c->addSelectColumn ( RolesPeer::ROL_UID );
|
|
|
|
|
$c->addSelectColumn ( RolesPeer::ROL_CODE );
|
|
|
|
|
$c->addSelectColumn ( RolesPeer::ROL_STATUS );
|
|
|
|
|
$c->addJoin ( UsersRolesPeer::ROL_UID, RolesPeer::ROL_UID );
|
|
|
|
|
$c->add ( UsersRolesPeer::USR_UID, $UsrUid );
|
2014-10-07 14:39:40 -04:00
|
|
|
$rs = UsersRolesPeer::doSelectRs( $c , Propel::getDbConnection('rbac_ro'));
|
2013-12-09 14:58:41 -04:00
|
|
|
$rs->setFetchmode (ResultSet::FETCHMODE_ASSOC);
|
|
|
|
|
$rs->next();
|
|
|
|
|
$row = $rs->getRow();
|
|
|
|
|
return $row;
|
|
|
|
|
}
|
|
|
|
|
catch (Exception $oError) {
|
|
|
|
|
throw($oError);
|
|
|
|
|
}
|
|
|
|
|
}
|
2017-08-09 14:40:02 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* {@inheritdoc} except USR_PASSWORD, for security reasons.
|
|
|
|
|
*
|
|
|
|
|
* @param string $keyType One of the class type constants TYPE_PHPNAME,
|
|
|
|
|
* TYPE_COLNAME, TYPE_FIELDNAME, TYPE_NUM
|
2017-08-11 12:14:43 -04:00
|
|
|
* @param boolean $original If true return de original verion of fields.
|
2017-08-09 14:40:02 -04:00
|
|
|
* @return an associative array containing the field names (as keys) and field values
|
|
|
|
|
*/
|
2017-08-11 12:14:43 -04:00
|
|
|
public function toArray($keyType = BasePeer::TYPE_PHPNAME, $original = false)
|
2017-08-09 14:40:02 -04:00
|
|
|
{
|
2017-08-11 12:14:43 -04:00
|
|
|
if ($original) {
|
|
|
|
|
return parent::toArray($keyType);
|
|
|
|
|
}
|
2017-08-09 14:40:02 -04:00
|
|
|
$key = RbacUsersPeer::translateFieldName(
|
|
|
|
|
RbacUsersPeer::USR_PASSWORD,
|
|
|
|
|
BasePeer::TYPE_COLNAME,
|
|
|
|
|
$keyType
|
|
|
|
|
);
|
|
|
|
|
$array = parent::toArray($keyType);
|
|
|
|
|
unset($array[$key]);
|
|
|
|
|
return $array;
|
|
|
|
|
}
|
2012-10-08 14:54:58 -04:00
|
|
|
}
|
2010-12-02 23:34:41 +00:00
|
|
|
|
2012-10-08 14:54:58 -04:00
|
|
|
// Users
|
