PageRenderTime 27ms CodeModel.GetById 22ms RepoModel.GetById 0ms app.codeStats 0ms

/app/Plugin/Usermgmt/Model/User.php

https://gitlab.com/manuperazafa/elsartenbackend
PHP | 393 lines | 262 code | 8 blank | 123 comment | 5 complexity | 20f9bc032724d74fd7a4dca2ffc7889c MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. /*
    4. 

  4. 	This file is part of UserMgmt.
    5. 

    6. 

  6. 	Author: Chetan Varshney (http://ektasoftwares.com)
    7. 

    8. 

  8. 	UserMgmt is free software: you can redistribute it and/or modify
    9. 

  9. 	it under the terms of the GNU General Public License as published by
    10. 

  10. 	the Free Software Foundation, either version 3 of the License, or
    11. 

  11. 	(at your option) any later version.
    12. 

    13. 

  13. 	UserMgmt is distributed in the hope that it will be useful,
    14. 

  14. 	but WITHOUT ANY WARRANTY; without even the implied warranty of
    15. 

  15. 	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    16. 

  16. 	GNU General Public License for more details.
    17. 

    18. 

  18. 	You should have received a copy of the GNU General Public License
    19. 

  19. 	along with Foobar.  If not, see <http://www.gnu.org/licenses/>.
    20. 

  20. */
    21. 

  21. App::uses('UserMgmtAppModel', 'Usermgmt.Model');
    22. 

  22. App::uses('CakeEmail', 'Network/Email');
    23. 

  23. 

  24. class User extends UserMgmtAppModel {
    25. 

  25. 

  26. 	/**
    27. 

  27. 	 * This model belongs to following models
    28. 

  28. 	 *
    29. 

  29. 	 * @var array
    30. 

  30. 	 */
    31. 

  31. 	var $belongsTo = array('Usermgmt.UserGroup');
    32. 

  32. 

  33. 		
    34. 

  34. 	/**
    35. 

  35. 	 * This model has following models
    36. 

  36. 	 *
    37. 

  37. 	 * @var array
    38. 

  38. 	 */
    39. 

  39. 	var $hasMany = array('LoginToken'=>array('className'=>'Usermgmt.LoginToken','limit' =>1));
    40. 

  40. 

  41. 	//var $hasOne =  'Vendedore' => array('className' => 'Vendedore','foreignKey' => 'vendedor_id');
    42. 

  42. 	/**
    43. 

  43. 	 * model validation array
    44. 

  44. 	 *
    45. 

  45. 	 * @var array
    46. 

  46. 	 */
    47. 

  47. 	var $validate = array();
    48. 

  48. 	/**
    49. 

  49. 	 * UsetAuth component object
    50. 

  50. 	 *
    51. 

  51. 	 * @var object
    52. 

  52. 	 */
    53. 

  53. 	var $userAuth;
    54. 

  54. 	/**
    55. 

  55. 	 * model validation array
    56. 

  56. 	 *
    57. 

  57. 	 * @var array
    58. 

  58. 	 */
    59. 

  59. 	function LoginValidate() {
    60. 

  60. 		$validate1 = array(
    61. 

  61. 				'email'=> array(
    62. 

  62. 					'mustNotEmpty'=>array(
    63. 

  63. 						'rule' => 'notEmpty',
    64. 

  64. 						'message'=> 'Please enter email or username')
    65. 

  65. 					),
    66. 

  66. 				'password'=>array(
    67. 

  67. 					'mustNotEmpty'=>array(
    68. 

  68. 						'rule' => 'notEmpty',
    69. 

  69. 						'message'=> 'Please enter password')
    70. 

  70. 					)
    71. 

  71. 			);
    72. 

  72. 		$this->validate=$validate1;
    73. 

  73. 		return $this->validates();
    74. 

  74. 	}
    75. 

  75. 	/**
    76. 

  76. 	 * model validation array
    77. 

  77. 	 *
    78. 

  78. 	 * @var array
    79. 

  79. 	 */
    80. 

  80. 	function RegisterValidate() {
    81. 

  81. 		$validate1 = array(
    82. 

  82. 				"user_group_id" => array(
    83. 

  83. 					'rule' => array('comparison', '!=', 0),
    84. 

  84. 					'message'=> 'Please select group'),
    85. 

  85. 				'username'=> array(
    86. 

  86. 					'mustNotEmpty'=>array(
    87. 

  87. 						'rule' => 'notEmpty',
    88. 

  88. 						'message'=> 'Please enter username',
    89. 

  89. 						'last'=>true),
    90. 

  90. 					'mustUnique'=>array(
    91. 

  91. 						'rule' =>'isUnique',
    92. 

  92. 						'message' =>'This username already taken',
    93. 

  93. 					'last'=>true),
    94. 

  94. 					'mustBeLonger'=>array(
    95. 

  95. 						'rule' => array('minLength', 4),
    96. 

  96. 						'message'=> 'Username must be greater than 3 characters',
    97. 

  97. 						'last'=>true),
    98. 

  98. 					),
    99. 

  99. 				'first_name'=> array(
    100. 

  100. 					'mustNotEmpty'=>array(
    101. 

  101. 						'rule' => 'notEmpty',
    102. 

  102. 						'message'=> 'Please enter first name')
    103. 

  103. 					),
    104. 

  104. 				'last_name'=> array(
    105. 

  105. 					'mustNotEmpty'=>array(
    106. 

  106. 						'rule' => 'notEmpty',
    107. 

  107. 						'on' => 'create',
    108. 

  108. 						'message'=> 'Please enter last name')
    109. 

  109. 					),
    110. 

  110. 				'email'=> array(
    111. 

  111. 					'mustNotEmpty'=>array(
    112. 

  112. 						'rule' => 'notEmpty',
    113. 

  113. 						'message'=> 'Please enter email',
    114. 

  114. 						'last'=>true),
    115. 

  115. 					'mustBeEmail'=> array(
    116. 

  116. 						'rule' => array('email'),
    117. 

  117. 						'message' => 'Please enter valid email',
    118. 

  118. 						'last'=>true),
    119. 

  119. 					'mustUnique'=>array(
    120. 

  120. 						'rule' =>'isUnique',
    121. 

  121. 						'message' =>'This email is already registered',
    122. 

  122. 						)
    123. 

  123. 					),
    124. 

  124. 				'oldpassword'=>array(
    125. 

  125. 					'mustNotEmpty'=>array(
    126. 

  126. 						'rule' => 'notEmpty',
    127. 

  127. 						'message'=> 'Please enter old password',
    128. 

  128. 						'last'=>true),
    129. 

  129. 					'mustMatch'=>array(
    130. 

  130. 						'rule' => array('verifyOldPass'),
    131. 

  131. 						'message' => 'Please enter correct old password'),
    132. 

  132. 					),
    133. 

  133. 				'password'=>array(
    134. 

  134. 					'mustNotEmpty'=>array(
    135. 

  135. 						'rule' => 'notEmpty',
    136. 

  136. 						'message'=> 'Please enter password',
    137. 

  137. 						'on' => 'create',
    138. 

  138. 						'last'=>true),
    139. 

  139. 					'mustBeLonger'=>array(
    140. 

  140. 						'rule' => array('minLength', 6),
    141. 

  141. 						'message'=> 'Password must be greater than 5 characters',
    142. 

  142. 						'on' => 'create',
    143. 

  143. 						'last'=>true),
    144. 

  144. 					'mustMatch'=>array(
    145. 

  145. 						'rule' => array('verifies'),
    146. 

  146. 						'message' => 'Both passwords must match'),
    147. 

  147. 						//'on' => 'create'
    148. 

  148. 					),
    149. 

  149. 				'captcha'=>array(
    150. 

  150. 					'mustMatch'=>array(
    151. 

  151. 						'rule' => array('recaptchaValidate'),
    152. 

  152. 						'message' => ''),
    153. 

  153. 					)
    154. 

  154. 			);
    155. 

  155. 		$this->validate=$validate1;
    156. 

  156. 		return $this->validates();
    157. 

  157. 	}
    158. 

  158. 	/**
    159. 

  159. 	 * Used to validate captcha
    160. 

  160. 	 *
    161. 

  161. 	 * @access public
    162. 

  162. 	 * @return boolean
    163. 

  163. 	 */
    164. 

  164. 	public function recaptchaValidate() {
    165. 

  165. 		App::import("Vendor", "Usermgmt.recaptcha/recaptchalib");
    166. 

  166. 		$recaptcha_challenge_field = (isset($_POST['recaptcha_challenge_field'])) ? $_POST['recaptcha_challenge_field'] : "";
    167. 

  167. 		$recaptcha_response_field = (isset($_POST['recaptcha_response_field'])) ? $_POST['recaptcha_response_field'] : "";
    168. 

  168. 		$resp = recaptcha_check_answer(PRIVATE_KEY_FROM_RECAPTCHA, $_SERVER['REMOTE_ADDR'], $recaptcha_challenge_field, $recaptcha_response_field);
    169. 

  169. 		$error = $resp->error;
    170. 

  170. 		if(!$resp->is_valid) {
    171. 

  171. 			$this->validationErrors['captcha'][0]=$error;
    172. 

  172. 		}
    173. 

  173. 		return true;
    174. 

  174. 	}
    175. 

  175. 	/**
    176. 

  176. 	 * Used to match passwords
    177. 

  177. 	 *
    178. 

  178. 	 * @access public
    179. 

  179. 	 * @return boolean
    180. 

  180. 	 */
    181. 

  181. 	public function verifies() {
    182. 

  182. 		return ($this->data['User']['password']===$this->data['User']['cpassword']);
    183. 

  183. 	}
    184. 

  184. 	/**
    185. 

  185. 	 * Used to match old password
    186. 

  186. 	 *
    187. 

  187. 	 * @access public
    188. 

  188. 	 * @return boolean
    189. 

  189. 	 */
    190. 

  190. 	public function verifyOldPass() {
    191. 

  191. 		$userId = $this->userAuth->getUserId();
    192. 

  192. 		$user = $this->findById($userId);
    193. 

  193. 		$oldpass=$this->userAuth->makePassword($this->data['User']['oldpassword'], $user['User']['salt']);
    194. 

  194. 		return ($user['User']['password']===$oldpass);
    195. 

  195. 	}
    196. 

  196. 	/**
    197. 

  197. 	 * Used to send registration mail to user
    198. 

  198. 	 *
    199. 

  199. 	 * @access public
    200. 

  200. 	 * @param array $user user detail array
    201. 

  201. 	 * @return void
    202. 

  202. 	 */
    203. 

  203. 	public function sendRegistrationMail($user) {
    204. 

  204. 		// send email to newly created user
    205. 

  205. 		$userId=$user['User']['id'];
    206. 

  206. 		$email = new CakeEmail();
    207. 

  207. 		$fromConfig = EMAIL_FROM_ADDRESS;
    208. 

  208. 		$fromNameConfig = EMAIL_FROM_NAME;
    209. 

  209. 		$email->from(array( $fromConfig => $fromNameConfig));
    210. 

  210. 		$email->sender(array( $fromConfig => $fromNameConfig));
    211. 

  211. 		$email->to($user['User']['email']);
    212. 

  212. 		$email->subject('Your registration is complete');
    213. 

  213. 		//$email->transport('Debug');
    214. 

  214. 		$body="Welcome ".$user['User']['first_name'].", Thank you for your registration on ".SITE_URL." \n\n Thanks,\n".EMAIL_FROM_NAME;
    215. 

  215. 		try{
    216. 

  216. 			$result = $email->send($body);
    217. 

  217. 		} catch (Exception $ex) {
    218. 

  218. 			// we could not send the email, ignore it
    219. 

  219. 			$result="Could not send registration email to userid-".$userId;
    220. 

  220. 		}
    221. 

  221. 		$this->log($result, LOG_DEBUG);
    222. 

  222. 	}
    223. 

  223. 	/**
    224. 

  224. 	 * Used to send email verification mail to user
    225. 

  225. 	 *
    226. 

  226. 	 * @access public
    227. 

  227. 	 * @param array $user user detail array
    228. 

  228. 	 * @return void
    229. 

  229. 	 */
    230. 

  230. 	public function sendVerificationMail($user) {
    231. 

  231. 		$userId=$user['User']['id'];
    232. 

  232. 		$email = new CakeEmail();
    233. 

  233. 		$fromConfig = EMAIL_FROM_ADDRESS;
    234. 

  234. 		$fromNameConfig = EMAIL_FROM_NAME;
    235. 

  235. 		$email->from(array( $fromConfig => $fromNameConfig));
    236. 

  236. 		$email->sender(array( $fromConfig => $fromNameConfig));
    237. 

  237. 		$email->to($user['User']['email']);
    238. 

  238. 		$email->subject('Email Verification Mail');
    239. 

  239. 		$activate_key = $this->getActivationKey($user['User']['password']);
    240. 

  240. 		$link = Router::url("/userVerification?ident=$userId&activate=$activate_key",true);
    241. 

  241. 		$body="Hi ".$user['User']['first_name'].", Click the link below to complete your registration \n\n ".$link;
    242. 

  242. 		try{
    243. 

  243. 			$result = $email->send($body);
    244. 

  244. 		} catch (Exception $ex){
    245. 

  245. 			// we could not send the email, ignore it
    246. 

  246. 			$result="Could not send verification email to userid-".$userId;
    247. 

  247. 		}
    248. 

  248. 		$this->log($result, LOG_DEBUG);
    249. 

  249. 	}
    250. 

  250. 	/**
    251. 

  251. 	 * Used to generate activation key
    252. 

  252. 	 *
    253. 

  253. 	 * @access public
    254. 

  254. 	 * @param string $password user password
    255. 

  255. 	 * @return hash
    256. 

  256. 	 */
    257. 

  257. 	public function getActivationKey($password) {
    258. 

  258. 		$salt = Configure::read ( "Security.salt" );
    259. 

  259. 		return md5(md5($password).$salt);
    260. 

  260. 	}
    261. 

  261. 	/**
    262. 

  262. 	 * Used to send forgot password mail to user
    263. 

  263. 	 *
    264. 

  264. 	 * @access public
    265. 

  265. 	 * @param array $user user detail
    266. 

  266. 	 * @return void
    267. 

  267. 	 */
    268. 

  268. 	public function forgotPassword($user) {
    269. 

  269. 		$userId=$user['User']['id'];
    270. 

  270. 		$email = new CakeEmail();
    271. 

  271. 		$email->config('default');
    272. 

  272. 		$fromConfig = EMAIL_FROM_ADDRESS;
    273. 

  273. 		$fromNameConfig = EMAIL_FROM_NAME;
    274. 

  274. 		$email->from(array( $fromConfig => $fromNameConfig));
    275. 

  275. 		$email->sender(array( $fromConfig => $fromNameConfig));
    276. 

  276. 		$email->to($user['User']['email']);
    277. 

  277. 		$email->subject(EMAIL_FROM_NAME.': Request to Reset Your Password');
    278. 

  278. 		$activate_key = $this->getActivationKey($user['User']['password']);
    279. 

  279. 		$link = Router::url("/activatePassword?ident=$userId&activate=$activate_key",true);
    280. 

  280. 		$body= "Welcome ".$user['User']['first_name'].", let's help you get signed in
    281. 

    282. 

  282. You have requested to have your password reset on ".EMAIL_FROM_NAME.". Please click the link below to reset your password now :
    283. 

  283. 

  284. ".$link."
    285. 

  285. 

  286. 

  287. If above link does not work please copy and paste the URL link (above) into your browser address bar to get to the Page to reset password
    288. 

  288. 

  289. Choose a password you can remember and please keep it secure.
    290. 

  290. 

  291. Thanks,\n".
    292. 

    293. 

  293. EMAIL_FROM_NAME;
    294. 

  294. 		try{
    295. 

  295. 			$result = $email->send($body);
    296. 

  296. 		} catch (Exception $ex){
    297. 

  297. 			// we could not send the email, ignore it
    298. 

  298. 			$result="Could not send forgot password email to userid-".$userId;
    299. 

  299. 		}
    300. 

  300. 		$this->log($result, LOG_DEBUG);
    301. 

  301. 	}
    302. 

  302. 	/**
    303. 

  303. 	 * Used to mark cookie used
    304. 

  304. 	 *
    305. 

  305. 	 * @access public
    306. 

  306. 	 * @param string $type
    307. 

  307. 	 * @param string $credentials
    308. 

  308. 	 * @return array
    309. 

  309. 	 */
    310. 

  310. 	public function authsomeLogin($type, $credentials = array()) {
    311. 

  311. 		switch ($type) {
    312. 

  312. 			case 'guest':
    313. 

  313. 				// You can return any non-null value here, if you don't
    314. 

  314. 				// have a guest account, just return an empty array
    315. 

  315. 				return array();
    316. 

  316. 			case 'cookie':
    317. 

  317. 				$loginToken=false;
    318. 

  318. 				if(strpos($credentials['token'], ":") !==false) {
    319. 

  319. 					list($token, $userId) = split(':', $credentials['token']);
    320. 

  320. 					$duration = $credentials['duration'];
    321. 

  321. 

  322. 					$loginToken = $this->LoginToken->find('first', array(
    323. 

  323. 						'conditions' => array(
    324. 

  324. 							'user_id' => $userId,
    325. 

  325. 							'token' => $token,
    326. 

  326. 							'duration' => $duration,
    327. 

  327. 							'used' => false,
    328. 

  328. 							'expires <=' => date('Y-m-d H:i:s', strtotime($duration)),
    329. 

  329. 						),
    330. 

  330. 						'contain' => false
    331. 

  331. 					));
    332. 

  332. 				}
    333. 

  333. 				if (!$loginToken) {
    334. 

  334. 					return false;
    335. 

  335. 				}
    336. 

  336. 				$loginToken['LoginToken']['used'] = true;
    337. 

  337. 				$this->LoginToken->save($loginToken);
    338. 

  338. 

  339. 				$conditions = array(
    340. 

  340. 					'User.id' => $loginToken['LoginToken']['user_id']
    341. 

  341. 				);
    342. 

  342. 			break;
    343. 

  343. 			default:
    344. 

  344. 				return array();
    345. 

  345. 		}
    346. 

  346. 		return $this->find('first', compact('conditions'));
    347. 

  347. 	}
    348. 

  348. 	/**
    349. 

  349. 	 * Used to generate cookie token
    350. 

  350. 	 *
    351. 

  351. 	 * @access public
    352. 

  352. 	 * @param integer $userId user id
    353. 

  353. 	 * @param string $duration cookie persist life time
    354. 

  354. 	 * @return string
    355. 

  355. 	 */
    356. 

  356. 	public function authsomePersist($userId, $duration) {
    357. 

  357. 		$token = md5(uniqid(mt_rand(), true));
    358. 

  358. 		$this->LoginToken->create(array(
    359. 

  359. 			'user_id' => $userId,
    360. 

  360. 			'token' => $token,
    361. 

  361. 			'duration' => $duration,
    362. 

  362. 			'expires' => date('Y-m-d H:i:s', strtotime($duration)),
    363. 

  363. 		));
    364. 

  364. 		$this->LoginToken->save();
    365. 

  365. 		return "${token}:${userId}";
    366. 

  366. 	}
    367. 

  367. 	/**
    368. 

  368. 	 * Used to get name by user id
    369. 

  369. 	 *
    370. 

  370. 	 * @access public
    371. 

  371. 	 * @param integer $userId user id
    372. 

  372. 	 * @return string
    373. 

  373. 	 */
    374. 

  374. 	public function getNameById($userId) {
    375. 

  375. 		$res = $this->findById($userId);
    376. 

  376. 		$name=(!empty($res)) ? ($res['User']['first_name'].' '.$res['User']['last_name']) : '';
    377. 

  377. 		return $name;
    378. 

  378. 	}
    379. 

  379. 	/**
    380. 

  380. 	 * Used to check users by group id
    381. 

  381. 	 *
    382. 

  382. 	 * @access public
    383. 

  383. 	 * @param integer $groupId user id
    384. 

  384. 	 * @return boolean
    385. 

  385. 	 */
    386. 

  386. 	public function isUserAssociatedWithGroup($groupId) {
    387. 

  387. 		$res = $this->find('count', array('conditions'=>array('User.user_group_id'=>$groupId)));
    388. 

  388. 		if(!empty($res)) {
    389. 

  389. 			return true;
    390. 

  390. 		}
    391. 

  391. 		return false;
    392. 

  392. 	}
    393. 

  393. }
    394.