['CFG_VALUE'], 'conditions' => ['CFG_UID' => 'authSourcesList', 'OBJ_UID' => 'pageSize', 'USR_UID' => $userUid] ); $configuration = new Configuration(); $configurationReturn = $configuration->show($filters); if ($configurationReturn['total'] > 0) { $configValue = unserialize($configurationReturn['data'][0]['CFG_VALUE']); $limit = $configValue['pageSize'] ?? $limit; } } $filters = array( 'fields' => ['*'], 'start' => $start, 'limit'=> $limit ); if ($orderBy != '') { if (!in_array($ascending, ['asc', 'desc'])) { $ascending = 'asc'; } $filters['orderBy'] = [$orderBy, $ascending]; } if ($filter != '') { $filters['conditions'] = ['text' => $filter]; } $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); global $RBAC; $auth = $RBAC->getAllUsersByAuthSource(); $sources = []; foreach ($authSourceReturn['data'] as $key => $authSourceRow) { $values = explode('_', $authSourceRow['AUTH_SOURCE_PASSWORD']); foreach ($values as $value) { if ($value == '2NnV3ujj3w') { $authSourceRow['AUTH_SOURCE_PASSWORD'] = G::decrypt($values[0], $authSourceRow['AUTH_SOURCE_SERVER_NAME']); } } $label = G::LoadTranslation('ID_DISABLE'); if ($authSourceRow['AUTH_SOURCE_ENABLED_TLS'] === '1') { $label = G::LoadTranslation('ID_ENABLE'); } $authSourceRow['AUTH_SOURCE_ENABLED_TLS_LABEL'] = $label; //additional information $authSourceData = json_decode($authSourceRow['AUTH_SOURCE_DATA'], true); if (is_array($authSourceData)) { $authSourceRow = array_merge($authSourceRow, $authSourceData); } $authSourceRow['AUTH_ANONYMOUS'] = (string)$authSourceRow['AUTH_ANONYMOUS']; $sources[] = $authSourceRow; $index = sizeof($sources) - 1; $sources[$index]['CURRENT_USERS'] = isset($auth[$sources[$index]['AUTH_SOURCE_UID']]) ? $auth[$sources[$index]['AUTH_SOURCE_UID']] : 0; } $response = [ 'success' => true, 'sources' => $sources, 'total_sources' => $authSourceReturn['total'] ]; return $response; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function removeAuthSource($authSourceUid) { try { $conditions = ['AUTH_SOURCE_UID'=> $authSourceUid]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $removeResponse = $rbacAuthenticationSource->remove($conditions); return ['success' => true, 'deleteRows' => $removeResponse['deleteRows'] ]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function verifyAuthSourceName($authSourceName) { try { $row = false; $suggestName = ''; $filters = [ 'fields' => ['AUTH_SOURCE_UID', 'AUTH_SOURCE_NAME'], 'conditions' => ['AUTH_SOURCE_NAME' => $authSourceName] ]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); if ($authSourceReturn['total'] > 0) { $row = $authSourceReturn['data'][0]; $filters['fields'] = ['AUTH_SOURCE_NAME']; $filters['conditions'] = ['text' => $authSourceName]; $filters['orderBy'] = ['AUTH_SOURCE_NAME', 'desc']; $lastAuthSource = $rbacAuthenticationSource->show($filters); if ($lastAuthSource['total'] > 0) { $name = $lastAuthSource['data'][0]['AUTH_SOURCE_NAME']; //get suggest name $pieces = explode( ' ', $name); $last = array_pop($pieces); $number = trim($last, "()"); if ("({$number})" === $last) { $number = intval($number) + 1; $suggestName = implode('', $pieces) . " ({$number})"; } else { $suggestName = $name . " (1)"; } } } return ['success' => true, 'row' => $row, 'suggestName' => $suggestName]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function testConnection($authSourceData) { try { $ldapSource = new LdapSource(); $authSourceConnectionData = $ldapSource->ldapConnection($authSourceData); $response = ['success' => true, 'status' => 'OK']; if ($authSourceConnectionData['startTLS'] === false) { $response["message"] = G::LoadTranslation("ID_TLS_CERTIFICATE_IS_NOT_INSTALLED_IN_THE_SERVER"); } return $response; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function saveAuthSource($authSourceData) { try { $authSourceData['AUTH_SOURCE_VERSION'] = 3; $ldapSource = new LdapSource(); $ldapConnection = $ldapSource->ldapConnection($authSourceData); $authSourceData['AUTH_SOURCE_DATA']['LDAP_PAGE_SIZE_LIMIT'] = $ldapSource->getPageSizeLimit( $ldapConnection['connection'], $authSourceData['AUTH_SOURCE_BASE_DN'] ); $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceData['AUTH_SOURCE_ID'] = $authSourceData['AUTH_SOURCE_ID'] ?? 'vacio'; $authSourceData['AUTH_SOURCE_DATA'] = json_encode($authSourceData['AUTH_SOURCE_DATA']); $saveDataResponse = $rbacAuthenticationSource->saveData($authSourceData); return ['success' => true, 'saveData' => $saveDataResponse]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function searchUsers($authSourceUid, $filters) { try { $rbacUsers = new RbacUsers(); $usersAuthSources = $rbacUsers->listUsersAuthSources(); foreach ($usersAuthSources['data'] as $row) { $listUsers[strtolower($row["USR_USERNAME"])] = $row['UID_AUTH_SOURCE']; } $ldapSource = new LdapSource(); $ldapSource->authSourceUid = $authSourceUid; $result = $ldapSource->searchUsersLdap($filters['text'], $filters['start'], $filters['limit']); $arrayData = array(); foreach ($result['data'] as $value) { $listUsersData = $value; if (!isset($listUsers[strtolower($listUsersData['sUsername'])])) { $listUsersData['STATUS'] = G::LoadTranslation('ID_NOT_IMPORTED'); $listUsersData['IMPORT'] = 1; } elseif ($authSourceUid === $listUsers[strtolower($listUsersData['sUsername'])]) { $listUsersData['STATUS'] = G::LoadTranslation('ID_IMPORTED'); $listUsersData['IMPORT'] = 0; } else { $listUsersData['STATUS'] = G::LoadTranslation('ID_CANNOT_IMPORT'); $listUsersData['IMPORT'] = 0; } $arrayData[] = $listUsersData; } return ['success' => true, 'status' => 'OK', 'resultTotal' => $result['numRecTotal'], 'resultRoot' => $arrayData]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } public function importUsers($authSourceUid, $usersImport) { try { $filters = ['conditions' => ['AUTH_SOURCE_UID'=> $authSourceUid]]; $rbacAuthenticationSource = new RbacAuthenticationSource(); $authSourceReturn = $rbacAuthenticationSource->show($filters); $authSourceReturn = $authSourceReturn['data'][0]; $aAttributes = array(); if (isset($authSourceReturn['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE'])) { $aAttributes = $authSourceReturn['AUTH_SOURCE_DATA']['AUTH_SOURCE_GRID_ATTRIBUTE']; } $usersCreated = ''; $countUsers = 0; global $RBAC; foreach ($usersImport as $sUser) { $aUser = (array) $sUser; $matches = array(); $aData = array(); $aData['USR_USERNAME'] = str_replace("*", "'", $aUser['sUsername']); $aData["USR_PASSWORD"] = "00000000000000000000000000000000"; // note added by gustavo gustavo-at-colosa.com // asign the FirstName and LastName variables // add replace to change D*Souza to D'Souza by krlos $aData['USR_FIRSTNAME'] = str_replace("*", "'", $aUser['sFirstname']); $aData['USR_FIRSTNAME'] = ($aData['USR_FIRSTNAME'] == '') ? $aData['USR_USERNAME'] : $aData['USR_FIRSTNAME']; $aData['USR_LASTNAME'] = str_replace("*", "'", $aUser['sLastname']); $aData['USR_EMAIL'] = $aUser['sEmail']; $aData['USR_DUE_DATE'] = date('Y-m-d', mktime(0, 0, 0, date('m'), date('d'), date('Y') + 2)); $aData['USR_CREATE_DATE'] = date('Y-m-d H:i:s'); $aData['USR_UPDATE_DATE'] = date('Y-m-d H:i:s'); $aData['USR_BIRTHDAY'] = date('Y-m-d'); $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? (($aUser['USR_STATUS'] == 'ACTIVE') ? 1 : 0) : 1; $aData['USR_AUTH_TYPE'] = strtolower($authSourceReturn['AUTH_SOURCE_PROVIDER']); $aData['UID_AUTH_SOURCE'] = $authSourceReturn['AUTH_SOURCE_UID']; // validating with regexp if there are some missing * inside the DN string // if it's so the is changed to the ' character preg_match('/[a-zA-Z]\*[a-zA-Z]/', $aUser['sDN'], $matches); foreach ($matches as $key => $match) { $newMatch = str_replace('*', '\'', $match); $aUser['sDN'] = str_replace($match, $newMatch, $aUser['sDN']); } $aData['USR_AUTH_USER_DN'] = $aUser['sDN']; $usrRole = 'LURANA_OPERATOR'; if (!empty($authSourceReturn['AUTH_SOURCE_DATA']['USR_ROLE'])) { //$usrRole = $authSourceReturn['AUTH_SOURCE_DATA']['USR_ROLE']; } $sUserUID = $RBAC->createUser($aData, $usrRole, $authSourceReturn['AUTH_SOURCE_NAME']); $usersCreated .= $aData['USR_USERNAME'] . ' '; $countUsers++; $aData['USR_STATUS'] = (isset($aUser['USR_STATUS'])) ? $aUser['USR_STATUS'] : 'ACTIVE'; $aData['USR_UID'] = $sUserUID; $aData['USR_ROLE'] = $usrRole; $calendarObj = new Calendar(); $calendarObj->assignCalendarTo($sUserUID, '00000000000000000000000000000001', 'USER'); if (count($aAttributes)) { foreach ($aAttributes as $value) { if (isset($aUser[$value['attributeUser']])) { $aData[$value['attributeUser']] = str_replace("*", "'", $aUser[$value['attributeUser']]); if ($value['attributeUser'] == 'USR_STATUS') { $evalValue = $aData[$value['attributeUser']]; $statusValue = $aData['USR_STATUS']; $aData[$value['attributeUser']] = $statusValue; } } } } $oUser = new Users(); $oUser->create($aData); } return ['success' => true]; } catch (Exception $exception) { return ['success' => false, 'message' => $exception->getMessage()]; } } private static function encrypt($plaintext, $key) { $cipher = 'AES-256-CBC'; $ivlen = openssl_cipher_iv_length($cipher); $iv = openssl_random_pseudo_bytes($ivlen); $ciphertext_raw = openssl_encrypt($plaintext, $cipher, $key, OPENSSL_RAW_DATA, $iv); $ciphertext = base64_encode($iv . $ciphertext_raw); return $ciphertext; } private static function decrypt($ciphertext_b64, $key) { $cipher = "AES-256-CBC"; $ivlen = openssl_cipher_iv_length($cipher); $ciphertext = base64_decode($ciphertext_b64); $iv = substr($ciphertext, 0, $ivlen); $ciphertext_raw = substr($ciphertext, $ivlen); $plaintext = openssl_decrypt($ciphertext_raw, $cipher, $key, OPENSSL_RAW_DATA, $iv); return $plaintext; } }