From 5331c3363e40fed1aca87ded1dabd737b48d95cc Mon Sep 17 00:00:00 2001 From: Maxi Redigonda Date: Mon, 28 Oct 2019 15:27:25 -0300 Subject: [PATCH] First working version of invite users feature --- server/controllers/user.php | 1 + server/controllers/user/invite.php | 148 ++++++++ server/controllers/user/signup.php | 2 +- server/data/ERRORS.php | 5 + server/data/MailTexts.php | 6 + server/data/mail-templates/user-invite.html | 384 ++++++++++++++++++++ server/models/MailTemplate.php | 2 + 7 files changed, 547 insertions(+), 1 deletion(-) create mode 100755 server/controllers/user/invite.php create mode 100755 server/data/mail-templates/user-invite.html diff --git a/server/controllers/user.php b/server/controllers/user.php index d5d08020..feb48483 100755 --- a/server/controllers/user.php +++ b/server/controllers/user.php @@ -4,6 +4,7 @@ $userControllers->setGroupPath('/user'); $userControllers->addController(new LoginController); $userControllers->addController(new SignUpController); +$userControllers->addController(new InviteUserController); $userControllers->addController(new LogoutController); $userControllers->addController(new CheckSessionController); $userControllers->addController(new SendRecoverPasswordController); diff --git a/server/controllers/user/invite.php b/server/controllers/user/invite.php new file mode 100755 index 00000000..f5924907 --- /dev/null +++ b/server/controllers/user/invite.php @@ -0,0 +1,148 @@ + 'staff_1', + 'requestData' => [ + 'name' => [ + 'validation' => DataValidator::length(2, 55), + 'error' => ERRORS::INVALID_NAME + ], + 'email' => [ + 'validation' => DataValidator::email(), + 'error' => ERRORS::INVALID_EMAIL + ] + ] + ]; + + $validations['requestData']['captcha'] = [ + 'validation' => DataValidator::captcha(), + 'error' => ERRORS::INVALID_CAPTCHA + ]; + + return $validations; + } + + public function handler() { + if (!Controller::isUserSystemEnabled()) { + throw new RequestException(ERRORS::USER_SYSTEM_DISABLED); + } + + if (!Setting::getSetting('registration')->value) { + throw new RequestException(ERRORS::NO_PERMISSION); + } + + $this->storeRequestData(); + + $existentUser = User::getUser($this->userEmail, 'email'); + + if (!$existentUser->isNull()) { + throw new RequestException(ERRORS::USER_EXISTS); + } + + $banRow = Ban::getDataStore($this->userEmail, 'email'); + + if (!$banRow->isNull()) { + throw new RequestException(ERRORS::ALREADY_BANNED); + } + + if(MailSender::getInstance()->isConnected()) { + $userId = $this->createNewUserAndRetrieveId(); + + $this->token = Hashing::generateRandomToken(); + + $recoverPassword = new RecoverPassword(); + $recoverPassword->setProperties(array( + 'email' => $this->userEmail, + 'token' => $this->token, + 'staff' => false + )); + $recoverPassword->store(); + + $this->sendInvitationMail(); + + Response::respondSuccess([ + 'userId' => $userId, + 'userEmail' => $this->userEmail + ]); + // TODO: Log::createLog('SIGN_UP', null, User::getDataStore($userId)); + } else { + throw new RequestException(ERRORS::MAIL_SENDER_NOT_CONNECTED); + } + } + + public function storeRequestData() { + $this->userName = Controller::request('name'); + $this->userEmail = Controller::request('email'); + } + + public function createNewUserAndRetrieveId() { + $userInstance = new User(); + + $userInstance->setProperties([ + 'name' => $this->userName, + 'signupDate' => Date::getCurrentDate(), + 'tickets' => 0, + 'email' => $this->userEmail, + 'password' => Hashing::hashPassword(Hashing::generateRandomToken()), + 'verificationToken' => null, + 'xownCustomfieldvalueList' => $this->getCustomFieldValues() + ]); + + return $userInstance->store(); + } + + public function sendInvitationMail() { + $mailSender = MailSender::getInstance(); + + $mailSender->setTemplate(MailTemplate::USER_INVITE, [ + 'to' => $this->userEmail, + 'name' => $this->userName, + 'url' => Setting::getSetting('url')->getValue(), + 'token' => $this->token + ]); + + $mailSender->send(); + } +} diff --git a/server/controllers/user/signup.php b/server/controllers/user/signup.php index 8ae934ab..ec6736cb 100755 --- a/server/controllers/user/signup.php +++ b/server/controllers/user/signup.php @@ -18,7 +18,7 @@ DataValidator::with('CustomValidations', true); * @apiParam {String} name The name of the new user. * @apiParam {String} email The email of the new user. * @apiParam {String} password The password of the new user. - * @apiParam {String} apiKey APIKey to sign up an user if the user system is disabled. + * @apiParam {String} apiKey APIKey to sign up an user if the registration system is disabled. * @apiParam {String} customfield_ Custom field values for this user. * * @apiUse INVALID_NAME diff --git a/server/data/ERRORS.php b/server/data/ERRORS.php index 831086a9..da679009 100755 --- a/server/data/ERRORS.php +++ b/server/data/ERRORS.php @@ -251,6 +251,10 @@ * @apiDefine INVALID_COLOR * @apiError {String} INVALID_COLOR The color should be in hexadecimal, preceded by a '#' */ +/** + * @apiDefine MAIL_SENDER_NOT_CONNECTED + * @apiError {String} MAIL_SENDER_NOT_CONNECTED The mail sender is not connected. + */ class ERRORS { const INVALID_CREDENTIALS = 'INVALID_CREDENTIALS'; @@ -317,4 +321,5 @@ class ERRORS { const INVALID_CUSTOM_FIELD_OPTION = 'INVALID_CUSTOM_FIELD_OPTION'; const UNAVAILABLE_STATS = 'UNAVAILABLE_STATS'; const INVALID_COLOR = 'INVALID_COLOR'; + const MAIL_SENDER_NOT_CONNECTED = 'MAIL_SENDER_NOT_CONNECTED'; } diff --git a/server/data/MailTexts.php b/server/data/MailTexts.php index c30e4d8d..2ea73203 100644 --- a/server/data/MailTexts.php +++ b/server/data/MailTexts.php @@ -25,6 +25,12 @@ class MailTexts { 'Hi, {{name}}. You have requested to recover your password.', 'Use this code in {{url}}/recover-password?email={{to}}&token={{token}} or click the button below.', ], + 'USER_INVITE' => [ + 'User invited - OpenSupports', + 'User invited', + 'Hi, {{name}}. You have been invited to join our support center.', + 'Use this code in {{url}}/recover-password?email={{to}}&token={{token}}&invited=true or click the button below to set up your password.' + ], 'USER_SYSTEM_DISABLED' => [ 'Access system changed - OpenSupports', 'Access system changed', diff --git a/server/data/mail-templates/user-invite.html b/server/data/mail-templates/user-invite.html new file mode 100755 index 00000000..acc07035 --- /dev/null +++ b/server/data/mail-templates/user-invite.html @@ -0,0 +1,384 @@ + + + + + + Support Center + + + + + + + + + + + + + + + + + + + + + +
+
+ + + + +
+
+ + + + +
+ logo +
+
+ +
+
+
+
+ + + + + + + + + + +
+ {{USER_INVITE_MATCH_1}} +
+ {{USER_INVITE_MATCH_2}} +
+ + + + +
+ + + + + + + + + + +
+ {{USER_INVITE_MATCH_3}} +
+ {{token}} +
+ +
+
+
+
+
+
+ + + + +
+ OpenSupports
+ Open source ticket system
+ www.opensupports.com

+
+
+
+ + diff --git a/server/models/MailTemplate.php b/server/models/MailTemplate.php index 9d21196d..4482167b 100755 --- a/server/models/MailTemplate.php +++ b/server/models/MailTemplate.php @@ -19,6 +19,7 @@ class MailTemplate extends DataStore { const USER_SIGNUP = 'USER_SIGNUP'; const USER_PASSWORD = 'USER_PASSWORD'; const PASSWORD_FORGOT = 'PASSWORD_FORGOT'; + const USER_INVITE = 'USER_INVITE'; const USER_SYSTEM_DISABLED = 'USER_SYSTEM_DISABLED'; const USER_SYSTEM_ENABLED = 'USER_SYSTEM_ENABLED'; const TICKET_CREATED = 'TICKET_CREATED'; @@ -32,6 +33,7 @@ class MailTemplate extends DataStore { 'USER_PASSWORD' => 'data/mail-templates/user-edit-password.html', 'USER_EMAIL' => 'data/mail-templates/user-edit-email.html', 'PASSWORD_FORGOT' => 'data/mail-templates/user-password-forgot.html', + 'USER_INVITE' => 'data/mail-templates/user-invite.html', 'USER_SYSTEM_DISABLED' => 'data/mail-templates/user-system-disabled.html', 'USER_SYSTEM_ENABLED' => 'data/mail-templates/user-system-enabled.html', 'TICKET_CREATED' => 'data/mail-templates/ticket-created.html',