tyler.durden
/
opensupports
mirror of https://github.com/opensupports/opensupports.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Guillermo - disable-user-system [skip ci]

This commit is contained in:
AntonyAntonio 2017-01-16 16:07:53 -03:00
parent ae27ee390e
commit fdd35ed2c1
28 changed files with 293 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/controllers/article/get-all.php
View File

@ -7,7 +7,7 @@ class GetAllArticlesController extends Controller {
public function validations() {
return [
'permission' => 'user',
'permission' => (Controller::isUserSystemEnabled()) ? 'user' : 'any',
'requestData' => []
];
}

4
server/controllers/system.php
View File

@ -11,6 +11,8 @@ require_once 'system/edit-mail-template.php';
require_once 'system/recover-mail-template.php';
require_once 'system/disable-registration.php';
require_once 'system/enable-registration.php';
require_once 'system/disable-user-system.php';
require_once 'system/enabled-user-system.php';
$systemControllerGroup = new ControllerGroup();
$systemControllerGroup->setGroupPath('/system');
@ -27,5 +29,7 @@ $systemControllerGroup->addController(new EditMailTemplateController);
$systemControllerGroup->addController(new RecoverMailTemplateController);
$systemControllerGroup->addController(new DisableRegistrationController);
$systemControllerGroup->addController(new EnableRegistrationController);
$systemControllerGroup->addController(new DisableUserSystemController);
$systemControllerGroup->addController(new EnabledUserSystemController);
$systemControllerGroup->finalize();

57
server/controllers/system/disable-user-system.php Normal file
View File

@ -0,0 +1,57 @@
<?php
class DisableUserSystemController extends Controller {
const PATH = '/disable-user-system';
public function validations() {
return [
'permission' => 'staff_3',
'requestData' => []
];
}
public function handler() {
$password = Controller::request('password');
if(!Hashing::verifyPassword($password, Controller::getLoggedUser()->password)) {
throw new Exception(ERRORS::INVALID_PASSWORD);
}
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::SYSTEM_USER_IS_ALREADY_DISABLED);
}
$userSystemEnabled = Setting::getSetting('user-system-enabled');
$userSystemEnabled->value = 0 ;
$userSystemEnabled->store();
$userList = User::getAll();
foreach($userList as $user) {
$ticketNumberList = [];
foreach($user->sharedTicketList as $ticket) {
$ticket->authorEmail = $user->email;
$ticket->authorName = $user->name;
$ticket->author = null;
$ticketNumberList[] = $ticket->ticketNumber;
$ticket->store();
}
$mailSender = new MailSender();
$mailSender->setTemplate(MailTemplate::USER_SYSTEM_DISABLED, [
'to' => $user->email,
'name' => $user->name,
'tickets' => json_encode($ticketNumberList)
]);
$mailSender->send();
$user->delete();
}
Response::respondSuccess();
}
}

74
server/controllers/system/enabled-user-system.php Normal file
View File

@ -0,0 +1,74 @@
<?php
class EnabledUserSystemController extends Controller {
const PATH = '/enabled-user-system';
public function validations() {
return [
'permission' => 'staff_3',
'requestData' => []
];
}
public function handler() {
$password = Controller::request('password');
if(!Hashing::verifyPassword($password, Controller::getLoggedUser()->password)) {
throw new Exception(ERRORS::INVALID_PASSWORD);
}
if(Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::SYSTEM_USER_IS_ALREADY_ENABLED);
}
$userSystemEnabled = Setting::getSetting('user-system-enabled');
$userSystemEnabled->value = 1 ;
$userSystemEnabled->store();
$ticketList = Ticket::getAll();
foreach($ticketList as $ticket) {
$userRow = User::getDataStore($ticket->authorEmail, 'email');
if($userRow->isNull()) {
$userInstance = new User();
$password = Hashing::generateRandomToken();
$userInstance->setProperties([
'name' => $ticket->authorName,
'signupDate' => Date::getCurrentDate(),
'tickets' => 1,
'email' => $ticket->authorEmail,
'password' => Hashing::hashPassword($password),
'verificationToken' => null
]);
$userInstance->store();
$mailSender = new MailSender();
$mailSender->setTemplate(MailTemplate::USER_SYSTEM_ENABLED, [
'to' => $ticket->authorEmail,
'name' => $ticket->authorName,
'password' => $password
]);
$mailSender->send();
} else {
$userRow->tickets = $userRow->tickets + 1;
$userRow->sharedTicketList->add($ticket);
$userRow->store();
}
$actualUserRow = User::getDataStore($ticket->authorEmail,'email');
$ticket->author = $actualUserRow;
$ticket->authorName = null;
$ticket->authorEmail = null;
$ticket->store();
}
Response::respondSuccess();
}
}

3
server/controllers/system/get-settings.php
View File

@ -46,7 +46,8 @@ class GetSettingsController extends Controller {
'registration' => Setting::getSetting('registration')->getValue(),
'departments' => Department::getDepartmentNames(),
'supportedLanguages' => Language::getSupportedLanguages(),
'allowedLanguages' => Language::getAllowedLanguages()
'allowedLanguages' => Language::getAllowedLanguages(),
'user-system-enabled' => Setting::getSetting('user-system-enabled')->getValue()
];
}

3
server/controllers/system/init-settings.php
View File

@ -41,7 +41,8 @@ class InitSettingsController extends Controller {
'max-size' => 0,
'title' => 'Support Center',
'url' => 'http://www.opensupports.com/support',
'registration' => true
'registration' => true,
'user-system-enabled' => true
]);
}

22
server/controllers/ticket/comment.php
View File

@ -9,7 +9,7 @@ class CommentController extends Controller {
private $content;
public function validations() {
return [
$validations = [
'permission' => 'user',
'requestData' => [
'content' => [
@ -22,13 +22,23 @@ class CommentController extends Controller {
]
]
];
if(!Controller::isUserSystemEnabled()) {
$validations['permission'] = 'any';
$validations['requestData']['email'] = [
'validation' => DataValidator::email(),
'error' => ERRORS::INVALID_EMAIL
];
}
return $validations;
}
public function handler() {
$session = Session::getInstance();
$this->requestData();
if ($session->isLoggedWithId($this->ticket->author->id) || Controller::isStaffLogged()) {
if (!Controller::isUserSystemEnabled() || $session->isLoggedWithId($this->ticket->author->id) || Controller::isStaffLogged()) {
$this->storeComment();
Log::createLog('COMMENT', $this->ticket->ticketNumber);
@ -41,9 +51,13 @@ class CommentController extends Controller {
private function requestData() {
$ticketNumber = Controller::request('ticketNumber');
$email = Controller::request('email');
$this->ticket = Ticket::getByTicketNumber($ticketNumber);
$this->content = Controller::request('content');
if(!Controller::isUserSystemEnabled() && $this->ticket->authorEmail !== $email && !Controller::isStaffLogged()) {
throw new Exception(ERRORS::NO_PERMISSION);
}
}
private function storeComment() {
@ -56,7 +70,7 @@ class CommentController extends Controller {
if(Controller::isStaffLogged()) {
$this->ticket->unread = true;
$comment->authorStaff = Controller::getLoggedUser();
} else {
} else if(Controller::isUserSystemEnabled()) {
$this->ticket->unreadStaff = true;
$comment->authorUser = Controller::getLoggedUser();
}

27
server/controllers/ticket/create.php
View File

@ -10,9 +10,11 @@ class CreateController extends Controller {
private $departmentId;
private $language;
private $ticketNumber;
private $email;
private $name;
public function validations() {
return [
$validations = [
'permission' => 'user',
'requestData' => [
'title' => [
@ -33,6 +35,16 @@ class CreateController extends Controller {
]
]
];
if(!Controller::isUserSystemEnabled()) {
$validations['permission'] = 'any';
$validations['requestData']['captcha'] = [
'validation' => DataValidator::captcha(),
'error' => ERRORS::INVALID_CAPTCHA
];
}
return $validations;
}
public function handler() {
@ -40,6 +52,8 @@ class CreateController extends Controller {
$this->content = Controller::request('content');
$this->departmentId = Controller::request('departmentId');
$this->language = Controller::request('language');
$this->email = Controller::request('email');
$this->name = Controller::request('name');
$this->storeTicket();
@ -65,12 +79,17 @@ class CreateController extends Controller {
'unread' => false,
'unreadStaff' => true,
'closed' => false,
'authorName' => $this->name,
'authorEmail' => $this->email
));
$author->sharedTicketList->add($ticket);
$author->tickets++;
if(Controller::isUserSystemEnabled()) {
$author->sharedTicketList->add($ticket);
$author->tickets++;
$author->store();
}
$author->store();
$ticket->store();
$this->ticketNumber = $ticket->ticketNumber;

31
server/controllers/ticket/get.php
View File

@ -8,7 +8,7 @@ class TicketGetController extends Controller {
private $ticket;
public function validations() {
return [
$validations = [
'permission' => 'user',
'requestData' => [
'ticketNumber' => [
@ -17,13 +17,38 @@ class TicketGetController extends Controller {
]
]
];
if(!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) {
$validations['permission'] = 'any';
$validations['requestData']['email'] = [
'validation' => DataValidator::email(),
'error' => ERRORS::INVALID_EMAIL
];
$validations['requestData']['captcha'] = [
'validation' => DataValidator::captcha(),
'error' => ERRORS::INVALID_CAPTCHA
];
}
return $validations;
}
public function handler() {
$email = Controller::request('email');
$this->ticket = Ticket::getByTicketNumber(Controller::request('ticketNumber'));
if(!Controller::isUserSystemEnabled() && !Controller::isStaffLogged()) {
if($this->ticket->authorEmail === $email) {
Response::respondSuccess($this->ticket->toArray());
return;
} else {
throw new Exception(ERRORS::NO_PERMISSION);
}
}
if ($this->shouldDenyPermission()) {
Response::respondError(ERRORS::NO_PERMISSION);
throw new Exception(ERRORS::NO_PERMISSION);
} else {
Response::respondSuccess($this->ticket->toArray());
}
@ -32,7 +57,7 @@ class TicketGetController extends Controller {
private function shouldDenyPermission() {
$user = Controller::getLoggedUser();
return (!Controller::isStaffLogged() && $this->ticket->author->id !== $user->id) ||
return (!Controller::isStaffLogged() && (Controller::isUserSystemEnabled() && $this->ticket->author->id !== $user->id)) ||
(Controller::isStaffLogged() && $this->ticket->owner && $this->ticket->owner->id !== $user->id);
}
}

4
server/controllers/user/delete.php
View File

@ -20,6 +20,10 @@ class DeleteUserController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$userId = Controller::request('userId');
$user = User::getDataStore($userId);

5
server/controllers/user/get-user.php
View File

@ -18,6 +18,11 @@ class GetUserByIdController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$userId = Controller::request('userId');
$user = User::getDataStore($userId);
$staff = Controller::getLoggedUser();

4
server/controllers/user/get-users.php
View File

@ -21,6 +21,10 @@ class GetUsersController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$userList = $this->getUserList();
$userListArray = [];

7
server/controllers/user/login.php
View File

@ -14,9 +14,12 @@ class LoginController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled() && !Controller::request('staff')) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
if ($this->isAlreadyLoggedIn()) {
Response::respondError(ERRORS::SESSION_EXISTS);
return;
throw new Exception(ERRORS::SESSION_EXISTS);
}
if ($this->checkInputCredentials() || $this->checkRememberToken()) {

4
server/controllers/user/recover-password.php
View File

@ -27,6 +27,10 @@ class RecoverPasswordController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$this->requestData();
$this->changePassword();
}

4
server/controllers/user/send-recover-password.php
View File

@ -21,6 +21,10 @@ class SendRecoverPasswordController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$email = Controller::request('email');
$this->user = User::getUser($email,'email');

4
server/controllers/user/signup.php
View File

@ -36,6 +36,10 @@ class SignUpController extends Controller {
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$this->storeRequestData();
$existentUser = User::getUser($this->userEmail, 'email');

4
server/controllers/user/verify.php
View File

@ -17,6 +17,10 @@ class VerifyController extends Controller{
}
public function handler() {
if(!Controller::isUserSystemEnabled()) {
throw new Exception(ERRORS::USER_SYSTEM_DISABLED);
}
$email = Controller::request('email');
$token = Controller::request('token');

3
server/data/ERRORS.php
View File

@ -35,4 +35,7 @@ class ERRORS {
const INVALID_TEMPLATE = 'INVALID_TEMPLATE';
const INVALID_SUBJECT = 'INVALID_SUBJECT';
const INVALID_BODY = 'INVALID_BODY';
const USER_SYSTEM_DISABLED= 'USER_SYSTEM_DISABLED';
const SYSTEM_USER_IS_ALREADY_DISABLED= 'SYSTEM_USER_IS_ALREADY_DISABLED';
const SYSTEM_USER_IS_ALREADY_ENABLED= 'SYSTEM_USER_IS_ALREADY_ENABLED';
}

20
server/data/InitialMails.php
View File

@ -53,6 +53,26 @@ class InitialMails {
'body' => file_get_contents('data/mail-templates/user-recovered-password-es.html')
]
],
'USER_SYSTEM_DISABLED' => [
'en' => [
'subject' => 'Account has been deleted - OpenSupports',
'body' => file_get_contents('data/mail-templates/user-system-disabled-en.html')
],
'es' => [
'subject' => 'cuanta borrada - OpenSupports',
'body' => file_get_contents('data/mail-templates/user-system-disabled-es.html')
]
],
'USER_SYSTEM_ENABLED' => [
'en' => [
'subject' => 'account has been created - OpenSupports',
'body' => file_get_contents('data/mail-templates/user-system-enabled-en.html')
],
'es' => [
'subject' => 'se te ha creado una cuenta - OpenSupports',
'body' => file_get_contents('data/mail-templates/user-system-enabled-es.html')
]
]
];
}
}

3
server/data/mail-templates/user-system-disabled-en.html Normal file
View File

@ -0,0 +1,3 @@
<div>
Hi {{name}} the system user has been deleted this is the list of your tickets {{tickets}}
</div>

3
server/data/mail-templates/user-system-disabled-es.html Normal file
View File

@ -0,0 +1,3 @@
<div>
hoola {{name}} the system user has been deleted this is the list of your tickets {{tickets}}
</div>

4
server/data/mail-templates/user-system-enabled-en.html Normal file
View File

@ -0,0 +1,4 @@
<div>
hi {{name}} the system user has been Created this is your new password {{password}} , you can change it if you want
maxi puto
</div>

3
server/data/mail-templates/user-system-enabled-es.html Normal file
View File

@ -0,0 +1,3 @@
<div>
hoola {{name}} el sistema de usuarios se ha creado este es tu contra {{password}} , puedes cambairla si quieres
</div>

4
server/libs/Controller.php
View File

@ -60,4 +60,8 @@ abstract class Controller {
public static function getAppInstance() {
return \Slim\Slim::getInstance();
}
public static function isUserSystemEnabled() {
return Setting::getSetting('user-system-enabled')->getValue();
}
}

2
server/models/MailTemplate.php
View File

@ -8,6 +8,8 @@ class MailTemplate extends DataStore {
const USER_PASSWORD = 'USER_PASSWORD';
const PASSWORD_FORGOT = 'PASSWORD_FORGOT';
const PASSWORD_RECOVERED = 'PASSWORD_RECOVERED';
const USER_SYSTEM_DISABLED = 'USER_SYSTEM_DISABLED';
const USER_SYSTEM_ENABLED = 'USER_SYSTEM_ENABLED';
public static function getTemplate($type) {
$globalLanguage = Setting::getSetting('language')->value;

8
server/models/Ticket.php
View File

@ -20,7 +20,9 @@ class Ticket extends DataStore {
'owner',
'ownTicketeventList',
'unreadStaff',
'language'
'language',
'authorEmail',
'authorName'
);
}
@ -80,7 +82,9 @@ class Ticket extends DataStore {
'priority' => $this->priority,
'author' => $this->authorToArray(),
'owner' => $this->ownerToArray(),
'events' => $this->eventsToArray()
'events' => $this->eventsToArray(),
'authorEmail' => $this->authorEmail,
'authorName' => $this->authorName
];
}

1
tests/init.rb
View File

@ -53,3 +53,4 @@ require './system/edit-mail-template.rb'
require './system/recover-mail-template.rb'
require './system/disable-registration.rb'
require './system/enable-registration.rb'
require './system/disable-user-system.rb'

2
tests/system/get-mail-templates.rb
View File

@ -10,6 +10,6 @@ describe'system/get-mail-templates' do
(result['status']).should.equal('success')
(result['data'].size).should.equal(10)
(result['data'].size).should.equal(14)
end
end