* Copyright 1999-2001, VA Linux Systems, Inc.
* Copyright 2009-2010, Roland Mas
* Copyright 2011, Franck Villaume - Capgemini
+ * Copyright 2012, Franck Villaume - TrivialDev
+ * Copyright (C) 2012 Alain Peyrat - Alcatel-Lucent
* http://fusionforge.org
*
* This file is part of FusionForge. FusionForge is free software;
* @param int The user_id
* @param int The database result set OR array of data
*/
- function GFUser($id = false, $res = false) {
+ function __construct($id = false, $res = false) {
$this->Error();
if (!$id) {
//setting up an empty object
} else {
//set up an associative array for use by other functions
$this->data_array = db_fetch_array_by_row($res, 0);
+ if (($this->getUnixStatus() == 'A') && (forge_get_config('use_shell'))) {
+ $this->data_array['authorized_keys'] = array();
+ $res = db_query_params('select * from sshkeys where userid = $1 and deleted = 0', array($this->getID()));
+ while ($arr = db_fetch_array($res)) {
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['upload'] = $arr['upload'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['name'] = $arr['name'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['fingerprint'] = $arr['fingerprint'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['algorithm'] = $arr['algorithm'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['deploy'] = $arr['deploy'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['key'] = $arr['sshkey'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['keyid'] = $arr['id_sshkeys'];
+ }
+ }
}
}
- $this->is_super_user=false;
- $this->is_logged_in=false;
+ $this->is_super_user = false;
+ $this->is_logged_in = false;
return true;
}
$this->setError(_('Invalid Unix Name.'));
return false;
}
+ $shell = account_get_user_default_shell();
// if we got this far, it must be good
$confirm_hash = substr(md5($password1 . util_randbytes() . microtime()),0,16);
db_begin();
- $result = db_query_params('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id,tooltips)
- VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25)',
+ $result = db_query_params('INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,status,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,unix_box,address,address2,phone,fax,title,ccode,theme_id,tooltips,shell)
+ VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14,$15,$16,$17,$18,$19,$20,$21,$22,$23,$24,$25,$26)',
array($unix_name,
md5($password1),
account_genunixpw($password1),
htmlspecialchars($title),
$ccode,
$theme_id,
- $tooltips));
+ $tooltips,
+ $shell));
if (!$result) {
$this->setError(_('Insert Failed: ') . db_error());
db_rollback();
// as it opens possibility to abuse rate system)
if (!$use_ratings && $this->usesRatings()) {
db_query_params('DELETE FROM user_ratings WHERE rated_by=$1',
- array($user_id));
+ array($this->getID()));
}
if (!$this->fetchData($this->getID())) {
db_rollback();
*
* If an update occurred and you need to access the updated info.
*
- * @param int the User ID data to be fecthed
+ * @param int $user_id the User ID data to be fetched
* @return boolean success;
*/
function fetchData($user_id) {
return false;
}
$this->data_array = db_fetch_array($res);
+ if (($this->getUnixStatus() == 'A') && (forge_get_config('use_shell'))) {
+ $this->data_array['authorized_keys'] = array();
+ $res = db_query_params('select * from sshkeys where userid = $1 and deleted = 0', array($this->getID()));
+ while ($arr = db_fetch_array($res)) {
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['upload'] = $arr['upload'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['name'] = $arr['name'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['fingerprint'] = $arr['fingerprint'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['algorithm'] = $arr['algorithm'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['deploy'] = $arr['deploy'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['key'] = $arr['sshkey'];
+ $this->data_array['authorized_keys'][$arr['id_sshkeys']]['keyid'] = $arr['id_sshkeys'];
+ }
+ }
return true;
}
/**
* setStatus - set this user's status.
*
- * @param string Status - P, A, S, or D.
+ * @param string $status Status - P, A, S, or D.
* @return boolean success.
*/
function setStatus($status) {
* @return string This user's real name.
*/
function getRealName() {
- $last_name = $this->getLastName();
- return $this->getFirstName(). ($last_name ? ' ' .$last_name:'');
+ return $this->data_array['realname'];
+ }
+
+ /**
+ * setRealName - set the user's real name.
+ *
+ * @return string boolean.
+ */
+ function setRealName($realname) {
+ $res=db_query_params('UPDATE users SET realname=$1 WHERE user_id=$2',
+ array($realname, $this->getID()));
+ if (!$res || db_affected_rows($res) < 1) {
+ $this->setError('ERROR - Could Not Update real name of user : '.db_error());
+ return false;
+ }
+ $this->data_array['realname'] = $realname;
+ return true;
}
/**
*/
function setShell($shell) {
global $SYS;
- $shells = file('/etc/shells');
- $shells[count($shells)] = "/bin/cvssh";
- $out_shells = array();
- foreach ($shells as $s) {
- if (substr($s, 0, 1) == '#') {
- continue;
- }
- $out_shells[] = chop($s);
- }
- if (!in_array($shell, $out_shells)) {
- $this->setError(_('ERROR: Invalid Shell'));
+
+ $shells = account_getavailableshells();
+
+ if (!in_array($shell, $shells)) {
+ $this->setError( sprintf(_('ERROR: Invalid Shell %s'), $shell) );
return false;
}
* @return string This user's SSH authorized (public) keys.
*/
function getAuthorizedKeys() {
- return preg_replace("/###/", "\n", $this->data_array['authorized_keys']);
+ return $this->data_array['authorized_keys'];
}
/**
- * setAuthorizedKeys - set the SSH authorized keys for the user.
+ * addAuthorizedKey - add the SSH authorized key for the user.
*
- * @param string The users public keys.
+ * @param string The user public key.
* @return boolean success.
*/
- function setAuthorizedKeys($keys) {
- $keys = trim($keys);
- $keys = preg_replace("/\r\n/", "\n", $keys); // Convert to Unix EOL
- $keys = preg_replace("/\n+/", "\n", $keys); // Remove empty lines
- $keys = preg_replace("/\n/", "###", $keys); // Convert EOL to marker
+ function addAuthorizedKey($key) {
+ $key = trim($key);
+ $key = preg_replace("/\r\n/", "\n", $key); // Convert to Unix EOL
+ $key = preg_replace("/\n+/", "\n", $key); // Remove empty lines
+ $tempfile = tempnam("/tmp", "authkey");
+ $ft = fopen($tempfile, 'w');
+ fwrite($ft, $key);
+ fclose($ft);
+ $returnExec = array();
+ exec("/usr/bin/ssh-keygen -lf ".$tempfile, $returnExec);
+ unlink($tempfile);
+ $returnExecExploded = explode(' ', $returnExec[0]);
+ $fingerprint = $returnExecExploded[1];
+ $now = time();
+ $explodedKey = explode(' ', $key);
+ $existingKeys = $this->getAuthorizedKeys();
+ foreach ($existingKeys as $existingKey) {
+ if ($existingKey['fingerprint'] == $fingerprint) {
+ $this->setError(_('SSH Key already in use'));
+ return false;
+ }
+ }
+ $res = db_query_params('insert into sshkeys (userid, fingerprint, upload, sshkey, name, algorithm)
+ values ($1, $2, $3, $4, $5, $6)',
+ array($this->getID(), $fingerprint, $now, $key, $explodedKey[2], $explodedKey[0]));
+ if (!$res) {
+ $this->setError(_('ERROR - Could Not Add User SSH Key:').db_error());
+ return false;
+ } else {
+ $keyid = db_insertid($res, 'sshkeys', 'id_sshkeys');
+ $this->data_array['authorized_keys'][$keyid]['fingerprint'] = $fingerprint;
+ $this->data_array['authorized_keys'][$keyid]['upload'] = $now;
+ $this->data_array['authorized_keys'][$keyid]['sshkey'] = $key;
+ $this->data_array['authorized_keys'][$keyid]['deploy'] = 0;
+ $this->data_array['authorized_keys'][$keyid]['keyid'] = $keyid;
+ return true;
+ }
+ }
- $res = db_query_params('UPDATE users SET authorized_keys=$1 WHERE user_id=$2',
- array($keys,
- $this->getID()));
+ function deleteAuthorizedKey($keyid) {
+ $res = db_query_params('update sshkeys set deleted = 1 where id_sshkeys =$1 and userid = $2',
+ array($keyid, $this->getID()));
if (!$res) {
- $this->setError(_('ERROR - Could Not Update User SSH Keys'));
+ $this->setError(_('ERROR - Could Not Delete User SSH Key:').db_error());
return false;
} else {
- $this->data_array['authorized_keys'] = $keys;
+ unset($this->data_array['authorized_keys'][$keyid]);
return true;
}
}
/**
* setMD5Passwd - Changes user's MD5 password.
*
- * @param string The MD5-hashed password.
+ * @param string $md5 The MD5-hashed password.
* @return boolean success.
*/
function setMD5Passwd($md5) {
- global $SYS;
-
db_begin();
-
if ($md5) {
$res = db_query_params('UPDATE users SET user_pw=$1 WHERE user_id=$2',
- array($md5_pw,
- $this->getID()));
+ array($md5, $this->getID()));
if (!$res || db_affected_rows($res) < 1) {
$this->setError(_('ERROR - Could Not Change User Password:') . ' ' .db_error());
/**
* setUnixPasswd - Changes user's Unix-hashed password.
*
- * @param string The Unix-hashed password.
+ * @param string $unix The Unix-hashed password.
* @return boolean success.
*/
function setUnixPasswd($unix) {
global $SYS;
db_begin();
-
if ($unix) {
$res = db_query_params('UPDATE users SET unix_pw=$1 WHERE user_id=$1',
- array ($unix_pw,
+ array ($unix,
$this->getID()));
if (!$res || db_affected_rows($res) < 1) {
function getMailingsPrefs($mailing_id) {
if ($mailing_id == 'va') {
return $this->data_array['mail_va'];
- } else if ($mailing_id == 'site') {
+ } elseif ($mailing_id == 'site') {
return $this->data_array['mail_siteupdates'];
} else {
return 0;
break;
}
}
+
+ /**
+ * setAdminNotification - send an email to all admins (used in verify.php)
+ *
+ * @return boolean True
+ */
+ function setAdminNotification() {
+ $admins = RBACEngine::getInstance()->getUsersByAllowedAction('forge_admin', -1);
+ foreach ($admins as $admin) {
+ $admin_email = $admin->getEmail();
+ setup_gettext_for_user($admin);
+ $message = sprintf(_('New User %1$s registered and validated
+Full Name: %2$s
+Email: %3$s
+'),
+ $this->getUnixName() , $this->getRealName(), $this->getEmail());
+ util_send_message($admin_email, sprintf(_('New %1$s User'), forge_get_config ('forge_name')), $message);
+ setup_gettext_from_context();
+ }
+ return true;
+ }
}
/*
// mode: php
// c-file-style: "bsd"
// End:
-
-?>