PageRenderTime 27ms CodeModel.GetById 23ms RepoModel.GetById 0ms app.codeStats 1ms

/tine20/Tinebase/Controller.php

https://github.com/testruby/Tine-2.0-Open-Source-Groupware-and-CRM
PHP | 353 lines | 170 code | 47 blank | 136 comment | 42 complexity | 0bf308e19244ba4e075dead1e5bae909 MD5 | raw file
    

  1. <?php
    2. 

  2. /**
    3. 

  3.  * Tine 2.0
    4. 

  4.  * 
    5. 

  5.  * @package     Tinebase
    6. 

  6.  * @subpackage  Server
    7. 

  7.  * @license     http://www.gnu.org/licenses/agpl.html AGPL Version 3
    8. 

  8.  * @copyright   Copyright (c) 2007-2011 Metaways Infosystems GmbH (http://www.metaways.de)
    9. 

  9.  * @author      Lars Kneschke <l.kneschke@metaways.de>
    10. 

  10.  * 
    11. 

  11.  */
    12. 

  12. 

  13. /**
    14. 

  14.  * the class provides functions to handle applications
    15. 

  15.  * 
    16. 

  16.  * @package     Tinebase
    17. 

  17.  * @subpackage  Server
    18. 

  18.  */
    19. 

  19. class Tinebase_Controller extends Tinebase_Controller_Abstract
    20. 

  20. {
    21. 

  21.     /**
    22. 

  22.      * holds the instance of the singleton
    23. 

  23.      *
    24. 

  24.      * @var Tinebase_Controller
    25. 

  25.      */
    26. 

  26.     private static $_instance = NULL;
    27. 

  27.     
    28. 

  28.     /**
    29. 

  29.      * application name
    30. 

  30.      *
    31. 

  31.      * @var string
    32. 

  32.      */
    33. 

  33.     protected $_applicationName = 'Tinebase';
    34. 

  34.         
    35. 

  35.     /**
    36. 

  36.      * the constructor
    37. 

  37.      *
    38. 

  38.      */
    39. 

  39.     private function __construct() 
    40. 

  40.     {    
    41. 

  41.     }
    42. 

  42. 

  43.     /**
    44. 

  44.      * don't clone. Use the singleton.
    45. 

  45.      *
    46. 

  46.      */
    47. 

  47.     private function __clone() {}
    48. 

  48. 

  49.     /**
    50. 

  50.      * the singleton pattern
    51. 

  51.      *
    52. 

  52.      * @return Tinebase_Controller
    53. 

  53.      */
    54. 

  54.     public static function getInstance() 
    55. 

  55.     {
    56. 

  56.         if (self::$_instance === NULL) {
    57. 

  57.             self::$_instance = new Tinebase_Controller;
    58. 

  58.         }
    59. 

  59.         
    60. 

  60.         return self::$_instance;
    61. 

  61.     }
    62. 

  62.     
    63. 

  63.     /**
    64. 

  64.      * create new user session
    65. 

  65.      *
    66. 

  66.      * @param   string $_loginname
    67. 

  67.      * @param   string $_password
    68. 

  68.      * @param   string $_ipAddress
    69. 

  69.      * @param   string $_clientIdString
    70. 

  70.      * @return  bool
    71. 

  71.      */
    72. 

  72.     public function login($_loginname, $_password, $_ipAddress, $_clientIdString = NULL)
    73. 

  73.     {
    74. 

  74.         $authResult = Tinebase_Auth::getInstance()->authenticate($_loginname, $_password);
    75. 

  75.         
    76. 

  76.         $accessLog = new Tinebase_Model_AccessLog(array(
    77. 

  77.             'sessionid'     => session_id(),
    78. 

  78.             'ip'            => $_ipAddress,
    79. 

  79.             'li'            => Tinebase_DateTime::now()->get(Tinebase_Record_Abstract::ISO8601LONG),
    80. 

  80.             'result'        => $authResult->getCode(),
    81. 

  81.             'clienttype'    => $_clientIdString,   
    82. 

  82.         ), TRUE);
    83. 

  83. 

  84.         $user = NULL;
    85. 

  85.         if ($accessLog->result == Tinebase_Auth::SUCCESS) {
    86. 

  86.             $user = $this->_getLoginUser($authResult->getIdentity(), $accessLog);
    87. 

  87.             if ($user !== NULL) {
    88. 

  88.                 $this->_checkUserStatus($user, $accessLog);
    89. 

  89.             }
    90. 

  90.         }
    91. 

  91.         
    92. 

  92.         if ($accessLog->result === Tinebase_Auth::SUCCESS && $user !== NULL && $user->accountStatus === Tinebase_User::STATUS_ENABLED) {
    93. 

  93.             $this->_initUser($user, $accessLog, $_password);
    94. 

  94.             $result = true;
    95. 

  95.         } else {
    96. 

  96.             $this->_loginFailed($_loginname, $accessLog);
    97. 

  97.             $result = false;
    98. 

  98.         } 
    99. 

  99.         
    100. 

  100.         Tinebase_AccessLog::getInstance()->create($accessLog);
    101. 

  101.         
    102. 

  102.         return $result;
    103. 

  103.     }
    104. 

  104.     
    105. 

  105.     /**
    106. 

  106.      * get login user
    107. 

  107.      * 
    108. 

  108.      * @param string $_username
    109. 

  109.      * @param Tinebase_Model_AccessLog $_accessLog
    110. 

  110.      * @return Tinebase_Model_FullUser|NULL
    111. 

  111.      */
    112. 

  112.     protected function _getLoginUser($_username, Tinebase_Model_AccessLog $_accessLog)
    113. 

  113.     {
    114. 

  114.         $accountsController = Tinebase_User::getInstance();
    115. 

  115.         $user = NULL;
    116. 

  116.                 
    117. 

  117.         try {
    118. 

  118.             // does the user exist in the user database?
    119. 

  119.             if ($accountsController instanceof Tinebase_User_Interface_SyncAble) {
    120. 

  120.                 /**
    121. 

  121.                  * catch all exceptions during user data sync
    122. 

  122.                  * either it's the first sync and no user data get synchronized or
    123. 

  123.                  * we can work with the data synced during previous login
    124. 

  124.                  */ 
    125. 

  125.                 try {
    126. 

  126.                     Tinebase_User::syncUser($_username);
    127. 

  127.                 } catch (Exception $e) {
    128. 

  128.                     Tinebase_Core::getLogger()->crit(__METHOD__ . '::' . __LINE__ . ' Failed to sync user data for: ' . $_username . ' reason: ' . $e->getMessage());
    129. 

  129.                     if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . $e->getTraceAsString());
    130. 

  130.                 }
    131. 

  131.             }
    132. 

  132.             
    133. 

  133.             $user = $accountsController->getFullUserByLoginName($_username);
    134. 

  134.         } catch (Tinebase_Exception_NotFound $e) {
    135. 

  135.             if (Tinebase_Core::isLogLevel(Zend_Log::CRIT)) Tinebase_Core::getLogger()->crit(__METHOD__ . '::' . __LINE__ . ' Account ' . $_username . ' not found in account storage.');
    136. 

  136.             $_accessLog->result = Tinebase_Auth::FAILURE_IDENTITY_NOT_FOUND;
    137. 

  137.         } catch (Zend_Db_Adapter_Exception $zdae) {
    138. 

  138.             if (Tinebase_Core::isLogLevel(Zend_Log::CRIT)) Tinebase_Core::getLogger()->crit(__METHOD__ . '::' . __LINE__ . ' Some database connection failed: ' . $zdae->getMessage());
    139. 

  139.             $_accessLog->result = Tinebase_Auth::FAILURE_DATABASE_CONNECTION;
    140. 

  140.         }
    141. 

  141.         
    142. 

  142.         return $user;
    143. 

  143.     }
    144. 

  144.     
    145. 

  145.     /**
    146. 

  146.      * check user status
    147. 

  147.      * 
    148. 

  148.      * @param Tinebase_Model_FullUser $_user
    149. 

  149.      * @param Tinebase_Model_AccessLog $_accessLog
    150. 

  150.      */
    151. 

  151.     protected function _checkUserStatus(Tinebase_Model_FullUser $_user, Tinebase_Model_AccessLog $_accessLog)
    152. 

  152.     {
    153. 

  153.         // is the user enabled?
    154. 

  154.         if ($_accessLog->result == Tinebase_Auth::SUCCESS && $_user->accountStatus !== Tinebase_User::STATUS_ENABLED) {
    155. 

  155.             // is the account enabled?
    156. 

  156.             if ($_user->accountStatus == Tinebase_User::STATUS_DISABLED) {
    157. 

  157.                 if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Account: '. $_user->accountLoginName . ' is disabled');
    158. 

  158.                 $_accessLog->result = Tinebase_Auth::FAILURE_DISABLED;
    159. 

  159.             }
    160. 

  160.                 
    161. 

  161.             // is the account expired?
    162. 

  162.             else if ($_user->accountStatus == Tinebase_User::STATUS_EXPIRED) {
    163. 

  163.                 if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Account: '. $_user->accountLoginName . ' password is expired');
    164. 

  164.                 $_accessLog->result = Tinebase_Auth::FAILURE_PASSWORD_EXPIRED;
    165. 

  165.             }
    166. 

  166.         
    167. 

  167.             // too many login failures?
    168. 

  168.             else if ($_user->accountStatus == Tinebase_User::STATUS_BLOCKED) {
    169. 

  169.                 if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Account: '. $_user->accountLoginName . ' is blocked');
    170. 

  170.                 $_accessLog->result = Tinebase_Auth::FAILURE_BLOCKED;
    171. 

  171.             } 
    172. 

  172.         }
    173. 

  173.     }
    174. 

  174.     
    175. 

  175.     /**
    176. 

  176.      * init user session
    177. 

  177.      * 
    178. 

  178.      * @param Tinebase_Model_FullUser $_user
    179. 

  179.      * @param Tinebase_Model_AccessLog $_accessLog
    180. 

  180.      * @param string $_password
    181. 

  181.      */
    182. 

  182.     protected function _initUser(Tinebase_Model_FullUser $_user, Tinebase_Model_AccessLog $_accessLog, $_password)
    183. 

  183.     {
    184. 

  184.         if ($_accessLog->result === Tinebase_Auth::SUCCESS && $_user->accountStatus === Tinebase_User::STATUS_ENABLED) {
    185. 

  185.             $this->_initUserSession($_user);
    186. 

  186.             
    187. 

  187.             Tinebase_Core::set(Tinebase_Core::USER, $_user);
    188. 

  188.             
    189. 

  189.             $credentialCache = Tinebase_Auth_CredentialCache::getInstance()->cacheCredentials($_user->accountLoginName, $_password);
    190. 

  190.             Tinebase_Core::set(Tinebase_Core::USERCREDENTIALCACHE, $credentialCache);
    191. 

  191.             
    192. 

  192.             // need to set locale again if user preference is available because locale might not be set correctly during loginFromPost
    193. 

  193.             $userPrefLocaleString = Tinebase_Core::getPreference()->{Tinebase_Preference::LOCALE};
    194. 

  194.             if ($userPrefLocaleString !== 'auto') {
    195. 

  195.                 Tinebase_Core::setupUserLocale($userPrefLocaleString);
    196. 

  196.             }
    197. 

  197.             
    198. 

  198.             $_user->setLoginTime($_accessLog->ip);
    199. 

  199.             
    200. 

  200.             $_accessLog->sessionid = session_id();
    201. 

  201.             $_accessLog->login_name = $_user->accountLoginName;
    202. 

  202.             $_accessLog->account_id = $_user->getId();
    203. 

  203.         }
    204. 

  204.     }
    205. 

  205.     
    206. 

  206.     /**
    207. 

  207.      * init session after successful login
    208. 

  208.      * 
    209. 

  209.      * @param Tinebase_Model_FullUser $_user
    210. 

  210.      */
    211. 

  211.     protected function _initUserSession(Tinebase_Model_FullUser $_user)
    212. 

  212.     {
    213. 

  213.         if (Tinebase_Config::getInstance()->getConfig(Tinebase_Config::SESSIONUSERAGENTVALIDATION, NULL, TRUE)->value) {
    214. 

  214.             Zend_Session::registerValidator(new Zend_Session_Validator_HttpUserAgent());
    215. 

  215.         } else {
    216. 

  216.             Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' User agent validation disabled.');
    217. 

  217.         }
    218. 

  218.         
    219. 

  219.         if (Tinebase_Config::getInstance()->getConfig(Tinebase_Config::SESSIONIPVALIDATION, NULL, TRUE)->value) {
    220. 

  220.             Zend_Session::registerValidator(new Zend_Session_Validator_IpAddress());
    221. 

  221.         } else {
    222. 

  222.             Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Session ip validation disabled.');
    223. 

  223.         }
    224. 

  224.         
    225. 

  225.         Zend_Session::regenerateId();
    226. 

  226.         
    227. 

  227.         Tinebase_Core::getSession()->currentAccount = $_user;
    228. 

  228.     }
    229. 

  229.     
    230. 

  230.     /**
    231. 

  231.      * login failed
    232. 

  232.      * 
    233. 

  233.      * @param unknown_type $_loginname
    234. 

  234.      * @param Tinebase_Model_AccessLog $_accessLog
    235. 

  235.      */
    236. 

  236.     protected function _loginFailed($_loginname, Tinebase_Model_AccessLog $_accessLog)
    237. 

  237.     {
    238. 

  238.         Tinebase_User::getInstance()->setLastLoginFailure($_loginname);
    239. 

  239.         
    240. 

  240.         $_accessLog->login_name = $_loginname;
    241. 

  241.         $_accessLog->lo = Tinebase_DateTime::now()->get(Tinebase_Record_Abstract::ISO8601LONG);
    242. 

  242.         
    243. 

  243.         Zend_Session::destroy();
    244. 

  244.         
    245. 

  245.         sleep(mt_rand(2,5));
    246. 

  246.     }
    247. 

  247.     
    248. 

  248.     /**
    249. 

  249.      * authenticate user but don't log in
    250. 

  250.      *
    251. 

  251.      * @param   string $_loginname
    252. 

  252.      * @param   string $_password
    253. 

  253.      * @param   string $_ipAddress
    254. 

  254.      * @param   string $_clientIdString
    255. 

  255.      * @return  bool
    256. 

  256.      */
    257. 

  257.     public function authenticate($_loginname, $_password, $_ipAddress, $_clientIdString = NULL)
    258. 

  258.     {
    259. 

  259.         $result = $this->login($_loginname, $_password, $_ipAddress, $_clientIdString);
    260. 

  260.         
    261. 

  261.         /**
    262. 

  262.          * we unset the Zend_Auth session variable. This way we keep the session,
    263. 

  263.          * but the user is not logged into Tine 2.0
    264. 

  264.          * we use this to validate passwords for OpenId for example
    265. 

  265.          */ 
    266. 

  266.         unset($_SESSION['Zend_Auth']);
    267. 

  267.         unset(Tinebase_Core::getSession()->currentAccount);
    268. 

  268.         
    269. 

  269.         return $result;
    270. 

  270.     }
    271. 

  271.     /**
    272. 

  272.      * change user password
    273. 

  273.      *
    274. 

  274.      * @param string $_oldPassword
    275. 

  275.      * @param string $_newPassword
    276. 

  276.      * @throws  Tinebase_Exception_AccessDenied
    277. 

  277.      * @throws  Tinebase_Exception_InvalidArgument
    278. 

  278.      */
    279. 

  279.     public function changePassword($_oldPassword, $_newPassword)
    280. 

  280.     {
    281. 

  281.         //error_log(print_r(Tinebase_Core::getUser()->toArray(), true));
    282. 

  282.         
    283. 

  283.         // check config setting 
    284. 

  284.         if (!Tinebase_User::getBackendConfiguration('changepw', true)) {
    285. 

  285.             throw new Tinebase_Exception_AccessDenied('Password change not allowed.');                
    286. 

  286.         }
    287. 

  287.         
    288. 

  288.         $loginName = Tinebase_Core::getUser()->accountLoginName;
    289. 

  289.         if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . " change password for $loginName");
    290. 

  290.         
    291. 

  291.         if (!Tinebase_Auth::getInstance()->isValidPassword($loginName, $_oldPassword)) {
    292. 

  292.             throw new Tinebase_Exception_InvalidArgument('Old password is wrong.');
    293. 

  293.         }
    294. 

  294.         
    295. 

  295.         Tinebase_User::getInstance()->setPassword(Tinebase_Core::getUser(), $_newPassword, true, false);
    296. 

  296.     }
    297. 

  297.     
    298. 

  298.     /**
    299. 

  299.      * destroy session
    300. 

  300.      *
    301. 

  301.      * @return void
    302. 

  302.      */
    303. 

  303.     public function logout($_ipAddress)
    304. 

  304.     {
    305. 

  305.         if (Tinebase_Core::isRegistered(Tinebase_Core::USER)) {
    306. 

  306.             $currentAccount = Tinebase_Core::getUser();
    307. 

  307.     
    308. 

  308.             if (is_object($currentAccount)) {
    309. 

  309.                 Tinebase_AccessLog::getInstance()->setLogout(session_id(), $_ipAddress);                
    310. 

  310.             }
    311. 

  311.         }
    312. 

  312.         
    313. 

  313.         Zend_Session::destroy();
    314. 

  314.     }   
    315. 

  315.     
    316. 

  316.     /**
    317. 

  317.      * gets image info and data
    318. 

  318.      * 
    319. 

  319.      * @param   string $_application application which manages the image
    320. 

  320.      * @param   string $_identifier identifier of image/record
    321. 

  321.      * @param   string $_location optional additional identifier
    322. 

  322.      * @return  Tinebase_Model_Image
    323. 

  323.      * @throws  Tinebase_Exception_NotFound
    324. 

  324.      * @throws  Tinebase_Exception_UnexpectedValue
    325. 

  325.      */
    326. 

  326.     public function getImage($_application, $_identifier, $_location = '')
    327. 

  327.     {
    328. 

  328.         $appController = Tinebase_Core::getApplicationInstance($_application);
    329. 

  329.         if (!method_exists($appController, 'getImage')) {
    330. 

  330.             throw new Tinebase_Exception_NotFound("$_application has no getImage function.");
    331. 

  331.         }
    332. 

  332.         $image = $appController->getImage($_identifier, $_location);
    333. 

  333.         
    334. 

  334.         if (!$image instanceof Tinebase_Model_Image) {
    335. 

  335.             throw new Tinebase_Exception_UnexpectedValue("$_application returned invalid image.");
    336. 

  336.         }
    337. 

  337.         return $image;
    338. 

  338.     }
    339. 

  339.     
    340. 

  340.     /**
    341. 

  341.      * remove obsolete/outdated stuff from cache
    342. 

  342.      * notes: CLEANING_MODE_OLD -> removes obsolete cache entries (files for file cache)
    343. 

  343.      *        CLEANING_MODE_ALL -> removes complete cache structure (directories for file cache) + cache entries
    344. 

  344.      * 
    345. 

  345.      * @param string $_mode
    346. 

  346.      */
    347. 

  347.     public function cleanupCache($_mode = Zend_Cache::CLEANING_MODE_OLD)
    348. 

  348.     {
    349. 

  349.         if (Tinebase_Core::isLogLevel(Zend_Log::INFO)) Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Cleaning up the cache (mode: ' . $_mode . ')');
    350. 

  350.         
    351. 

  351.         Tinebase_Core::getCache()->clean($_mode);
    352. 

  352.     }
    353. 

  353. }
    354. 

  354.