PageRenderTime 48ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/lib/functions/users.inc.php

https://bitbucket.org/pfernandez/testlink1.9.6
PHP | 459 lines | 249 code | 48 blank | 162 comment | 34 complexity | 062e18b56301f8df026e1b78c49380d8 MD5 | raw file
Possible License(s): GPL-2.0, LGPL-2.1, GPL-3.0
  1. <?php
  2. /**
  3. * TestLink Open Source Project - http://testlink.sourceforge.net/
  4. * This script is distributed under the GNU General Public License 2 or later.
  5. *
  6. * Functions for usermanagement
  7. *
  8. * @package TestLink
  9. * @author Martin Havlat
  10. * @copyright 2006-2009, TestLink community
  11. * @version CVS: $Id: users.inc.php,v 1.107 2010/05/02 16:56:36 franciscom Exp $
  12. * @link http://www.teamst.org/index.php
  13. *
  14. * @internal Revision:
  15. *
  16. * 20100502 - franciscom - resetPassword() - fixed bad comparison to set $errorMsg
  17. * 20100427 - franciscom - BUGID 3396
  18. * 20091215 - eloff - read active testplan from cookie into session
  19. * 20090817 - franciscom - getUsersForHtmlOptions() - implementation changes
  20. * 20090517 - franciscom - getTestersForHtmlOptions() interface changes
  21. * buildUserMap() added prefix to tag inactive users
  22. * 20081221 - franciscom - buildUserMap() interface changes
  23. * 20081213 - franciscom - refactoring removing old config options
  24. * 20080822 - franciscom - resetPassword() - added generatePassword()
  25. * 20080405 - franciscom - getGrantsForUserMgmt()
  26. * 20080315 - franciscom - added initalize_tabsmenu()
  27. * 20080210 - franciscom - fixed message for error tlUser::E_PWDDONTMATCH
  28. *
  29. */
  30. /** core functions */
  31. require_once("common.php");
  32. $authCfg = config_get('authentication');
  33. if( 'LDAP' == $authCfg['method'] )
  34. {
  35. /** support for LDAP authentication */
  36. require_once("ldap_api.php");
  37. }
  38. /**
  39. * set session data after modification or authorization
  40. *
  41. * @param resource &$db reference to DB identifier
  42. * @param string $user
  43. * @param integer $id
  44. * @param integer $roleID
  45. * @param string $email
  46. * @param string $locale [default = null]
  47. * @param boolean $active [default = null] documentation
  48. *
  49. * @return integer status code
  50. *
  51. * @TODO havlatm: move to tlSession class
  52. * @TODO fix return functionality
  53. **/
  54. function setUserSession(&$db,$user, $id, $roleID, $email, $locale = null, $active = null)
  55. {
  56. tLog('setUserSession: $user=' . $user . ' $id='.$id.' $roleID='.$roleID.' $email='.$email.' $locale='.$locale);
  57. $_SESSION['userID'] = $id;
  58. $_SESSION['testprojectID'] = null;
  59. $_SESSION['s_lastAttachmentList'] = null;
  60. if (!is_null($locale))
  61. {
  62. $_SESSION['locale'] = $locale;
  63. set_dt_formats();
  64. }
  65. $tproject_mgr = new testproject($db);
  66. $gui_cfg = config_get('gui');
  67. $order_by = $gui_cfg->tprojects_combo_order_by;
  68. $arrProducts = $tproject_mgr->get_accessible_for_user($id,'map',$order_by);
  69. // 20051208 - JBA - added to set the lastProduct the user has selected before logging off.
  70. $tproject_cookie = 'TL_lastTestProjectForUserID_'. $id;
  71. if (isset($_COOKIE[$tproject_cookie]))
  72. {
  73. if (isset($arrProducts[$_COOKIE[$tproject_cookie]]) && $arrProducts[$_COOKIE[$tproject_cookie]])
  74. {
  75. $_SESSION['testprojectID'] = $_COOKIE[$tproject_cookie];
  76. tLog('Cookie: {$tproject_cookie}='.$_SESSION['testprojectID']);
  77. }
  78. }
  79. if (!$_SESSION['testprojectID'])
  80. {
  81. $tpID = null;
  82. if (sizeof($arrProducts))
  83. {
  84. $tpID = key($arrProducts);
  85. }
  86. $_SESSION['testprojectID'] = $tpID;
  87. }
  88. // Validation is done in navBar.php
  89. $tplan_cookie = 'TL_lastTestPlanForUserID_' . $id;
  90. if (isset($_COOKIE[$tplan_cookie]))
  91. {
  92. $_SESSION['testplanID'] = $_COOKIE[$tplan_cookie];
  93. tLog("Cookie: {$tplan_cookie}=".$_SESSION['testplanID']);
  94. }
  95. return 1;
  96. }
  97. /*
  98. function: getUsersForHtmlOptions
  99. args: db: reference to db object
  100. [whereClause]:
  101. [add_blank_option]:
  102. [active_filter]:
  103. returns: map
  104. rev :
  105. 20071228 - franciscom - added active_filter
  106. */
  107. function getUsersForHtmlOptions(&$db,$whereClause = null,$additional_users = null, $active_filter = null,$users = null)
  108. {
  109. $users_map = null;
  110. if (!$users)
  111. {
  112. $sqlWhere = $whereClause;
  113. if(!is_null($active_filter))
  114. {
  115. $whereClause .= ' AND active =' . ($active_filter > 0 ? 1 : 0) . ' ';
  116. }
  117. $users = tlUser::getAll($db,$sqlWhere,"id",null,tlUser::TLOBJ_O_GET_DETAIL_MINIMUM);
  118. }
  119. //$the_users = $users;
  120. // if ($users)
  121. // {
  122. // if(!is_null($active_filter))
  123. // {
  124. // $the_users = array();
  125. // foreach($users as $id => $user)
  126. // {
  127. // if($user->isActive == $active_filter)
  128. // {
  129. // $the_users[$id] = $users[$id];
  130. // }
  131. // }
  132. // }
  133. // }
  134. return buildUserMap($users,!is_null($additional_users),$additional_users);
  135. }
  136. /*
  137. function: buildUserMap
  138. args:
  139. $users: map of user objects
  140. [add_options]: default false.
  141. true, elements present on additional_options arguments
  142. will be will added to result map.
  143. [additional_options]: default null
  144. map with key=user id, value=verbose description
  145. returns: map ready to be used on a HTML select input.
  146. */
  147. function buildUserMap($users,$add_options = false, $additional_options=null)
  148. {
  149. $usersMap = null;
  150. $inactivePrefix = lang_get('tag_for_inactive_users');
  151. if ($users)
  152. {
  153. if($add_options)
  154. {
  155. $my_options = is_null($additional_options) ? array( 0 => '') : $additional_options;
  156. foreach($my_options as $code => $verbose_code)
  157. {
  158. $usersMap[$code] = $verbose_code;
  159. }
  160. }
  161. $userSet = array_keys($users);
  162. $loops2do = count($userSet);
  163. // foreach($users as $id => $user)
  164. // {
  165. // $usersMap[$id] = $user->getDisplayName();
  166. // if($user->isActive == 0)
  167. // {
  168. // $usersMap[$id] = $inactivePrefix . ' ' . $usersMap[$id];
  169. // }
  170. // }
  171. for( $idx=0; $idx < $loops2do ; $idx++)
  172. {
  173. $userID = $userSet[$idx];
  174. $usersMap[$userID] = $users[$userID]->getDisplayName();
  175. if($users[$userID]->isActive == 0)
  176. {
  177. $usersMap[$userID] = $inactivePrefix . ' ' . $usersMap[$userID];
  178. }
  179. }
  180. }
  181. return $usersMap;
  182. }
  183. /**
  184. * reset user password in DB
  185. *
  186. * @param resource &$db reference to database handler
  187. * @param integer $userID
  188. * @param string &$errorMsg reference to error message
  189. *
  190. * @return integer result status code
  191. */
  192. function resetPassword(&$db,$userID,&$errorMsg)
  193. {
  194. $errorMsg = '';
  195. $user = new tlUser($userID);
  196. $result = $user->readFromDB($db);
  197. if ($result >= tl::OK)
  198. {
  199. $result = tlUser::E_EMAILLENGTH;
  200. if ($user->emailAddress != "")
  201. {
  202. $newPassword = tlUser::generatePassword(8,4);
  203. $result = $user->setPassword($newPassword);
  204. if ($result >= tl::OK)
  205. {
  206. // BUGID 3396
  207. $msgBody = lang_get('your_password_is') . "\n\n" . $newPassword . "\n\n" . lang_get('contact_admin');
  208. $mail_op = @email_send(config_get('from_email'), $user->emailAddress,lang_get('mail_passwd_subject'),
  209. $msgBody);
  210. if ($mail_op->status_ok)
  211. {
  212. $result = $user->writePasswordToDB($db); // BUGID 3396
  213. }
  214. else
  215. {
  216. $result = tl::ERROR;
  217. $errorMsg = $mail_op->msg;
  218. }
  219. }
  220. }
  221. }
  222. $errorMsg = ($errorMsg != "") ? $errorMsg : getUserErrorMessage($result) ;
  223. return $result;
  224. }
  225. /*
  226. function: getUserErrorMessage
  227. args :
  228. returns:
  229. */
  230. function getUserErrorMessage($code)
  231. {
  232. $msg = 'ok';
  233. switch($code)
  234. {
  235. case tl::OK:
  236. break;
  237. case tlUser::E_LOGINLENGTH:
  238. $msg = lang_get('error_user_login_length_error');
  239. break;
  240. case tlUser::E_EMAILLENGTH:
  241. $msg = lang_get('empty_email_address');
  242. break;
  243. case tlUser::E_EMAILFORMAT:
  244. $msg = lang_get('no_good_email_address');
  245. break;
  246. case tlUser::E_NOTALLOWED:
  247. $msg = lang_get('user_login_valid_regex');
  248. break;
  249. case tlUser::E_FIRSTNAMELENGTH:
  250. $msg = lang_get('empty_first_name');
  251. break;
  252. case tlUser::E_LOGINALREADYEXISTS:
  253. $msg = lang_get('user_name_exists');
  254. break;
  255. case tlUser::E_LASTNAMELENGTH:
  256. $msg = lang_get('empty_last_name');
  257. break;
  258. case tlUser::E_PWDEMPTY:
  259. $msg = lang_get('warning_empty_pwd');
  260. break;
  261. case tlUser::E_PWDDONTMATCH:
  262. $msg = lang_get('wrong_old_password');
  263. break;
  264. case tlUser::S_PWDMGTEXTERNAL :
  265. $msg = lang_get('password_mgmt_is_external');
  266. break;
  267. case ERROR:
  268. case tlUser::E_DBERROR:
  269. default:
  270. $msg = lang_get('error_user_not_updated');
  271. break;
  272. }
  273. return $msg;
  274. }
  275. /*
  276. function: getAllUsersRoles
  277. args:
  278. returns:
  279. */
  280. function getAllUsersRoles(&$db,$order_by = null)
  281. {
  282. $tables = tlObject::getDBTables(array('users','roles'));
  283. $sql = "SELECT users.id FROM {$tables['users']} users " .
  284. " LEFT OUTER JOIN {$tables['roles']} roles ON users.role_id = roles.id ";
  285. $sql .= is_null($order_by) ? " ORDER BY login " : $order_by;
  286. $users = tlDBObject::createObjectsFromDBbySQL($db,$sql,"id","tlUser",false,tlUser::TLOBJ_O_GET_DETAIL_MINIMUM);
  287. return $users;
  288. }
  289. /*
  290. function: getTestersForHtmlOptions
  291. args:
  292. returns:
  293. */
  294. /**
  295. * getTestersForHtmlOptions
  296. * returns users that have role on ($tplanID,$tprojectID) with right
  297. * to execute a test case.
  298. *
  299. * @param resource &$db reference to database handler
  300. * @param integer $tplanID test plan id
  301. * @param integer $tprojectID test project id
  302. * @param $users UNUSED - remove
  303. * @param $additional_testers TBD
  304. * @param string $activeStatus. values: 'active','inactive','any'
  305. *
  306. * @return array TBD
  307. */
  308. function getTestersForHtmlOptions(&$db,$tplanID,$tprojectID,$users = null,
  309. $additional_testers = null,$activeStatus = 'active')
  310. {
  311. $orOperand = false;
  312. $activeTarget = 1;
  313. switch ($activeStatus)
  314. {
  315. case 'any':
  316. $orOperand = true;
  317. break;
  318. case 'inactive':
  319. $activeTarget = 0;
  320. break;
  321. case 'active':
  322. default:
  323. break;
  324. }
  325. $users_roles = get_tplan_effective_role($db,$tplanID,$tprojectID,null,$users);
  326. $userFilter = array();
  327. foreach($users_roles as $keyUserID => $roleInfo)
  328. {
  329. if($roleInfo['effective_role']->hasRight('testplan_execute') &&
  330. ($orOperand || $roleInfo['user']->isActive == $activeTarget) )
  331. {
  332. $userFilter[$keyUserID] = $roleInfo['user'];
  333. }
  334. }
  335. return buildUserMap($userFilter,true,$additional_testers);
  336. }
  337. function initialize_tabsmenu()
  338. {
  339. $hl = new stdClass();
  340. $hl->view_roles = 0;
  341. $hl->create_role = 0;
  342. $hl->edit_role = 0;
  343. $hl->view_users = 0;
  344. $hl->create_user = 0;
  345. $hl->edit_user = 0;
  346. $hl->assign_users_tproject = 0;
  347. $hl->assign_users_tplan = 0;
  348. return $hl;
  349. }
  350. /*
  351. function: getGrantsForUserMgmt
  352. utility function used on all user and role pages
  353. to pass grants to smarty templates.
  354. Logic is:
  355. if user has Global user management right => no control
  356. on specific test project or test plan is done
  357. args:
  358. returns:
  359. */
  360. function getGrantsForUserMgmt(&$dbHandler,&$userObj,$tprojectID=null,$tplanID=null)
  361. {
  362. $answers = new stdClass();
  363. $grants = new stdClass();
  364. $grants->user_mgmt = $userObj->hasRight($dbHandler,"mgt_users");
  365. $grants->role_mgmt = $userObj->hasRight($dbHandler,"role_management");
  366. $grants->tproject_user_role_assignment = "no";
  367. $grants->tplan_user_role_assignment = "no";
  368. if($grants->user_mgmt == 'yes')
  369. {
  370. $grants->tplan_user_role_assignment = 'yes';
  371. $grants->tproject_user_role_assignment = 'yes';
  372. }
  373. else
  374. {
  375. $grants->tplan_user_role_assignment = $userObj->hasRight($dbHandler,"testplan_user_role_assignment",
  376. $tprojectID,$tplanID);
  377. $answers->user_role_assignment = $userObj->hasRight($dbHandler,"user_role_assignment",null,-1);
  378. $answers->testproject_user_role_assignment=$userObj->hasRight($dbHandler,"testproject_user_role_assignment",$tprojectID,-1);
  379. if($answers->user_role_assignment == "yes" || $answers->testproject_user_role_assignment == "yes")
  380. {
  381. $grants->tproject_user_role_assignment = "yes";
  382. }
  383. }
  384. foreach($grants as $key => $value)
  385. {
  386. $grants->$key = $value == "yes" ? "yes" : "no";
  387. }
  388. return $grants;
  389. }
  390. ?>