fernando/luos
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PM-3709 No permitir loguearse con SSO si existen 2 cuentas de usuario con el mismo mail

Browse Source 
fix in SSO
This commit is contained in:
Ronald Quenta
2015-10-02 11:30:16 -04:00
parent 63fb0de668
commit a892125433
3 changed files with 27 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
workflow/engine/classes/model/Users.php
View File

@@ -123,9 +123,11 @@ class Users extends BaseUsers
$c = $this->loadByEmail( $sUsrEmail ); $c = $this->loadByEmail( $sUsrEmail );
$rs = UsersPeer::doSelectRS( $c, Propel::getDbConnection('workflow_ro') ); $rs = UsersPeer::doSelectRS( $c, Propel::getDbConnection('workflow_ro') );
$rs->setFetchmode( ResultSet::FETCHMODE_ASSOC ); $rs->setFetchmode( ResultSet::FETCHMODE_ASSOC );
$rs->next(); $rows = Array ();
$row = $rs->getRow(); while ($rs->next()) {
return $row; $rows[] = $rs->getRow();
}
return $rows;
} }
public function loadDetails ($UsrUid) public function loadDetails ($UsrUid)

3
workflow/engine/src/ProcessMaker/Services/Api/Google/Authentication.php
View File

@@ -19,7 +19,8 @@ class Authentication extends Api
* *
* *
*/ */
public function doAuthenticationAccountGmail ($request_data) { public function doAuthenticationAccountGmail ($request_data)
{
try{ try{
$oGoogle = new \ProcessMaker\Services\Google\Authentication(); $oGoogle = new \ProcessMaker\Services\Google\Authentication();
$response = $oGoogle->postTokenAccountGmail($request_data); $response = $oGoogle->postTokenAccountGmail($request_data);

34
workflow/engine/src/ProcessMaker/Services/Google/Authentication.php
View File

@@ -45,22 +45,28 @@ class Authentication
$oUsers = new \Users(); $oUsers = new \Users();
$userExist = $oUsers->loadByUserEmailInArray($request_data['mail']); $userExist = $oUsers->loadByUserEmailInArray($request_data['mail']);
if($userExist['USR_STATUS'] == "ACTIVE"){ if(!$userExist){
//User Active! lets create the token and register it in the DB for this user throw (new \Exception(\G::LoadTranslation( 'ID_USER_NOT_FOUND')));
$oauthServer = new \ProcessMaker\Services\OAuth2\Server;
$server = $oauthServer->getServer();
$config = array(
'allow_implicit' => $server->getConfig('allow_implicit'),
'access_lifetime' => $server->getConfig('access_lifetime')
);
$storage = $server->getStorages();
$accessToken = new \OAuth2\ResponseType\AccessToken($storage['access_token'],$storage['refresh_token'],$config);
$responseToken = $accessToken->createAccessToken($request_data['clientid'], $userExist['USR_UID'],$request_data['scope']);
}else {
throw (new \Exception(\G::LoadTranslation( 'ID_ACTIVE_USERS' )));
} }
if(count($userExist) > 1){
throw (new \Exception(\G::LoadTranslation( 'ID_EMAIL_MORE_USER')));
}
if($userExist['0']['USR_STATUS'] != "ACTIVE"){
throw (new \Exception(\G::LoadTranslation('ID_USER_NOT_ACTIVE')));
}
$userExist = $userExist['0'];
$oauthServer = new \ProcessMaker\Services\OAuth2\Server;
$server = $oauthServer->getServer();
$config = array(
'allow_implicit' => $server->getConfig('allow_implicit'),
'access_lifetime' => $server->getConfig('access_lifetime')
);
$storage = $server->getStorages();
$accessToken = new \OAuth2\ResponseType\AccessToken($storage['access_token'],$storage['refresh_token'],$config);
$responseToken = $accessToken->createAccessToken($request_data['clientid'], $userExist['USR_UID'],$request_data['scope']);
} else { } else {
throw (new \Exception(\G::LoadTranslation( 'ID_EMAIL_ENTER_VALID' ))); throw (new \Exception(\G::LoadTranslation( 'ID_EMAIL_NOT_CORRESPONDS_TOKEN' )));
} }
}else { }else {
throw (new \Exception(\G::LoadTranslation( 'ID_PMGMAIL_VALID' ))); throw (new \Exception(\G::LoadTranslation( 'ID_PMGMAIL_VALID' )));