Congegni
/
sintonia
7
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'whmcs-login' into cc-5709-airtime-analyzer-buy-now

This commit is contained in:
drigato 2014-06-20 16:54:41 -04:00
parent f6a4a9d0d0 4179123ce0
commit 497841225b
12 changed files with 336 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
airtime_mvc/application/configs/ACL.php
View File

@ -7,13 +7,15 @@ $ccAcl = new Zend_Acl();
$ccAcl->addRole(new Zend_Acl_Role('G')) $ccAcl->addRole(new Zend_Acl_Role('G'))
->addRole(new Zend_Acl_Role('H'), 'G') ->addRole(new Zend_Acl_Role('H'), 'G')
->addRole(new Zend_Acl_Role('P'), 'H') ->addRole(new Zend_Acl_Role('P'), 'H')
->addRole(new Zend_Acl_Role('A'), 'P'); ->addRole(new Zend_Acl_Role('A'), 'P')
->addRole(new Zend_Acl_Role('S'), 'A');
$ccAcl->add(new Zend_Acl_Resource('library')) $ccAcl->add(new Zend_Acl_Resource('library'))
->add(new Zend_Acl_Resource('index')) ->add(new Zend_Acl_Resource('index'))
->add(new Zend_Acl_Resource('user')) ->add(new Zend_Acl_Resource('user'))
->add(new Zend_Acl_Resource('error')) ->add(new Zend_Acl_Resource('error'))
->add(new Zend_Acl_Resource('login')) ->add(new Zend_Acl_Resource('login'))
->add(new Zend_Acl_Resource('whmcs-login'))
->add(new Zend_Acl_Resource('playlist')) ->add(new Zend_Acl_Resource('playlist'))
->add(new Zend_Acl_Resource('plupload')) ->add(new Zend_Acl_Resource('plupload'))
->add(new Zend_Acl_Resource('schedule')) ->add(new Zend_Acl_Resource('schedule'))
@ -35,6 +37,7 @@ $ccAcl->add(new Zend_Acl_Resource('library'))
/** Creating permissions */ /** Creating permissions */
$ccAcl->allow('G', 'index') $ccAcl->allow('G', 'index')
->allow('G', 'login') ->allow('G', 'login')
->allow('G', 'whmcs-login')
->allow('G', 'error') ->allow('G', 'error')
->allow('G', 'user', 'edit-user') ->allow('G', 'user', 'edit-user')
->allow('G', 'showbuilder') ->allow('G', 'showbuilder')

1
airtime_mvc/application/configs/constants.php
View File

@ -41,6 +41,7 @@ define('UI_MDATA_VALUE_FORMAT_STREAM' , 'live stream');
//User types //User types
define('UTYPE_HOST' , 'H'); define('UTYPE_HOST' , 'H');
define('UTYPE_ADMIN' , 'A'); define('UTYPE_ADMIN' , 'A');
define('UTYPE_SUPERADMIN' , 'S');
define('UTYPE_GUEST' , 'G'); define('UTYPE_GUEST' , 'G');
define('UTYPE_PROGRAM_MANAGER' , 'P'); define('UTYPE_PROGRAM_MANAGER' , 'P');

35
airtime_mvc/application/controllers/LoginController.php
View File

@ -1,5 +1,7 @@
<?php <?php
require_once('WhmcsLoginController.php');
class LoginController extends Zend_Controller_Action class LoginController extends Zend_Controller_Action
{ {
@ -13,10 +15,19 @@ class LoginController extends Zend_Controller_Action
$request = $this->getRequest(); $request = $this->getRequest();
//Allow AJAX requests from www.airtime.pro. We use this to automatically login users
//after they sign up from the microsite.
$response = $this->getResponse()->setHeader('Access-Control-Allow-Origin', '*');
$origin = $request->getHeader('Origin');
if (($origin != "") && (!in_array($origin, array("http://www.airtime.pro", "https://www.airtime.pro"))))
{
//Don't allow CORS from other domains to prevent XSS.
throw new Zend_Controller_Action_Exception('Forbidden', 403);
}
Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA')); Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA'));
if (Zend_Auth::getInstance()->hasIdentity()) if (Zend_Auth::getInstance()->hasIdentity())
{ {
$this->_redirect('Showbuilder'); $this->_redirect('Showbuilder');
} }
@ -74,11 +85,23 @@ class LoginController extends Zend_Controller_Action
$this->_redirect('Showbuilder'); $this->_redirect('Showbuilder');
} else { } else {
$message = _("Wrong username or password provided. Please try again."); $email = $form->getValue('username');
Application_Model_Subjects::increaseLoginAttempts($username); $authAdapter = new WHMCS_Auth_Adapter("admin", $email, $password);
Application_Model_LoginAttempts::increaseAttempts($_SERVER['REMOTE_ADDR']); $auth = Zend_Auth::getInstance();
$form = new Application_Form_Login(); $result = $auth->authenticate($authAdapter);
$error = true; if ($result->isValid()) {
//set the user locale in case user changed it in when logging in
Application_Model_Preference::SetUserLocale($locale);
$this->_redirect('Showbuilder');
}
else {
$message = _("Wrong username or password provided. Please try again.");
Application_Model_Subjects::increaseLoginAttempts($username);
Application_Model_LoginAttempts::increaseAttempts($_SERVER['REMOTE_ADDR']);
$form = new Application_Form_Login();
$error = true;
}
} }
} }
} }

12
airtime_mvc/application/controllers/UserController.php
View File

@ -62,7 +62,11 @@ class UserController extends Zend_Controller_Action
if ($formData['password'] != "xxxxxx") { if ($formData['password'] != "xxxxxx") {
$user->setPassword($formData['password']); $user->setPassword($formData['password']);
} }
$user->setType($formData['type']); if (array_key_exists('type', $formData)) {
if ($formData['type'] != UTYPE_SUPERADMIN) { //Don't allow any other user to be promoted to Super Admin
$user->setType($formData['type']);
}
}
$user->setEmail($formData['email']); $user->setEmail($formData['email']);
$user->setCellPhone($formData['cell_phone']); $user->setCellPhone($formData['cell_phone']);
$user->setSkype($formData['skype']); $user->setSkype($formData['skype']);
@ -187,6 +191,12 @@ class UserController extends Zend_Controller_Action
} }
$user = new Application_Model_User($delId); $user = new Application_Model_User($delId);
// Don't allow super admins to be deleted.
if ($user->isSuperAdmin())
{
return;
}
# Take care of the user's files by either assigning them to somebody # Take care of the user's files by either assigning them to somebody
# or deleting them all # or deleting them all

261
airtime_mvc/application/controllers/WhmcsLoginController.php Normal file
View File

@ -0,0 +1,261 @@
<?php
define("WHMCS_API_URL", "https://account.sourcefabric.com/includes/api.php");
define("SUBDOMAIN_WHMCS_CUSTOM_FIELD_NAME", "Choose your domain");
class WhmcsLoginController extends Zend_Controller_Action
{
public function init()
{
}
public function indexAction()
{
$CC_CONFIG = Config::getConfig();
$request = $this->getRequest();
$this->view->layout()->disableLayout();
$this->_helper->viewRenderer->setNoRender(true);
$username = "admin"; //This is just for appearance in your session. It shows up in the corner of the Airtime UI.
$email = $_POST["email"];
$password = $_POST["password"];
Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA'));
if (Zend_Auth::getInstance()->hasIdentity())
{
$this->_redirect('Showbuilder');
}
$authAdapter = new WHMCS_Auth_Adapter($username, $email, $password);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
if ($result->isValid()) {
//all info about this user from the login table omit only the password
//$userInfo = $authAdapter->getResultRowObject(null, 'password');
//the default storage is a session with namespace Zend_Auth
/*
[id] => 1
[login] => admin
[pass] => hashed password
[type] => A
[first_name] =>
[last_name] =>
[lastlogin] =>
[lastfail] =>
[skype_contact] =>
[jabber_contact] =>
[email] => asdfasdf@asdasdf.com
[cell_phone] =>
[login_attempts] => 0
*/
//Zend_Auth already does this for us, it's not needed:
//$authStorage = $auth->getStorage();
//$authStorage->write($result->getIdentity()); //$userInfo);
//set the user locale in case user changed it in when logging in
//$locale = $form->getValue('locale');
//Application_Model_Preference::SetUserLocale($locale);
$this->_redirect('Showbuilder');
}
else {
echo("Sorry, that username or password was incorrect.");
}
return;
}
}
class WHMCS_Auth_Adapter implements Zend_Auth_Adapter_Interface {
private $username;
private $password;
private $email;
function __construct($username, $email, $password) {
$this->username = $username;
$this->password = $password;
$this->email = $email;
$this->identity = null;
}
function authenticate() {
list($credentialsValid, $clientId) = $this->validateCredentialsWithWHMCS($this->email, $this->password);
if (!$credentialsValid)
{
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
if (!$this->verifyClientSubdomainOwnership($clientId))
{
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
$identity = array();
//TODO: Get identity of the first admin user!
/*
$identity["id"] = 1;
$identity["type"] = "S";
$identity["login"] = $this->username; //admin";
$identity["email"] = $this->email;*/
$identity = $this->getSuperAdminIdentity();
if (is_null($identity)) {
Logging::error("No super admin user found");
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null);
}
$identity = (object)$identity; //Convert the array into an stdClass object
try {
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity);
} catch (Exception $e) {
// exception occured
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null);
}
}
private function getSuperAdminIdentity()
{
$firstSuperAdminUser = CcSubjsQuery::create()
->filterByDbType('S')
->orderByDbId()
->findOne();
if (!$firstSuperAdminUser) {
//If there's no super admin users, get the first regular admin user!
$firstSuperAdminUser = CcSubjsQuery::create()
->filterByDbType('A')
->orderByDbId()
->findOne();
if (!$firstSuperAdminUser) {
return null;
}
}
$identity["id"] = $firstSuperAdminUser->getDbId();
$identity["type"] = "S"; //Super Admin
$identity["login"] = $firstSuperAdminUser->getDbLogin();
$identity["email"] = $this->email;
return $identity;
}
//Returns an array! Read the code carefully:
private function validateCredentialsWithWHMCS($email, $password)
{
$client_postfields = array();
$client_postfields["username"] = $_SERVER['WHMCS_USERNAME']; //WHMCS API username
$client_postfields["password"] = md5($_SERVER['WHMCS_PASSWORD']); //WHMCS API password
$client_postfields["action"] ="validatelogin";
$client_postfields["responsetype"] = "json";
$client_postfields["email"] = $email;
$client_postfields["password2"] = $password;
$query_string = "";
foreach ($client_postfields as $k => $v) $query_string .= "$k=".urlencode($v)."&";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, WHMCS_API_URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$jsondata = curl_exec($ch);
if (curl_error($ch)) {
die(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL));
//die("Connection Error: ".curl_errno($ch).' - '.curl_error($ch));
}
curl_close($ch);
$arr = json_decode($jsondata, true); # Decode JSON String
if ($arr["result"] != "success") {
return array(false, -1);
}
$clientId = $arr["userid"];
return array(true, $clientId);
}
function verifyClientSubdomainOwnership($clientId)
{
//Do a quick safety check to ensure the client ID we're authenticating
//matches up to the owner of this instance.
if ($clientId != Application_Model_Preference::GetClientId())
{
return false;
}
$client_postfields = array();
$client_postfields["username"] = $_SERVER['WHMCS_USERNAME'];
$client_postfields["password"] = md5($_SERVER['WHMCS_PASSWORD']);
$client_postfields["action"] ="getclientsproducts";
$client_postfields["responsetype"] = "json";
$client_postfields["clientid"] = $clientId;
//$client_postfields["stats"] = "true";
$query_string = "";
foreach ($client_postfields as $k => $v) $query_string .= "$k=".urlencode($v)."&";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, WHMCS_API_URL);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
curl_setopt($ch, CURLOPT_FAILONERROR, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
$jsondata = curl_exec($ch);
if (curl_error($ch)) {
die(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL));
//die("Connection Error: ".curl_errno($ch).' - '.curl_error($ch));
}
curl_close($ch);
$arr = json_decode($jsondata, true); # Decode JSON String
//$client_id = $arr["clientid"];
//print_r($arr);
if ($arr["result"] != "success") {
die("Sorry, that email address or password was incorrect.");
}
$doesAirtimeProductExist = false;
$isAirtimeAccountSuspended = true;
$airtimeProduct = null;
foreach ($arr["products"] as $product)
{
if (strpos($product[0]["groupname"], "Airtime") === FALSE)
{
//Ignore non-Airtime products
continue;
}
else
{
if ($product[0]["status"] === "Active") {
$airtimeProduct = $product[0];
$subdomain = '';
foreach ($airtimeProduct['customfields']['customfield'] as $customField)
{
if ($customField['name'] === SUBDOMAIN_WHMCS_CUSTOM_FIELD_NAME)
{
$subdomain = $customField['value'];
if (($subdomain . ".airtime.pro") === $_SERVER['SERVER_NAME'])
{
return true;
}
}
}
}
}
}
return false;
}
}

3
airtime_mvc/application/controllers/plugins/Acl_plugin.php
View File

@ -117,8 +117,7 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract
return; return;
} }
if (in_array($controller, array("api", "auth", "locale", "upgrade"))) { if (in_array($controller, array("api", "auth", "locale", "upgrade", 'whmcs-login'))) {
$this->setRoleName("G"); $this->setRoleName("G");
} elseif (!Zend_Auth::getInstance()->hasIdentity()) { } elseif (!Zend_Auth::getInstance()->hasIdentity()) {

4
airtime_mvc/application/forms/AddUser.php
View File

@ -95,9 +95,9 @@ class Application_Form_AddUser extends Zend_Form
"G" => _("Guest"), "G" => _("Guest"),
"H" => _("DJ"), "H" => _("DJ"),
"P" => _("Program Manager"), "P" => _("Program Manager"),
"A" => _("Admin") "A" => _("Admin"),
)); ));
$select->setRequired(true); $select->setRequired(false);
$this->addElement($select); $this->addElement($select);
$saveBtn = new Zend_Form_Element_Button('save_user'); $saveBtn = new Zend_Form_Element_Button('save_user');

2
airtime_mvc/application/models/Preference.php
View File

@ -6,7 +6,7 @@ class Application_Model_Preference
{ {
private static function getUserId() private static function getUserId()
{ {
//pass in true so the check is made with the autoloader //pass in true so the check is made with the autoloader
//we need this check because saas calls this function from outside Zend //we need this check because saas calls this function from outside Zend
if (!class_exists("Zend_Auth", true) || !Zend_Auth::getInstance()->hasIdentity()) { if (!class_exists("Zend_Auth", true) || !Zend_Auth::getInstance()->hasIdentity()) {

7
airtime_mvc/application/models/User.php
View File

@ -49,7 +49,12 @@ class Application_Model_User
{ {
return $this->isUserType(UTYPE_ADMIN); return $this->isUserType(UTYPE_ADMIN);
} }
public function isSuperAdmin()
{
return $this->isUserType(UTYPE_SUPERADMIN);
}
public function canSchedule($p_showId) public function canSchedule($p_showId)
{ {
$type = $this->getType(); $type = $this->getType();

2
airtime_mvc/application/views/scripts/form/edit-user.phtml
View File

@ -157,7 +157,7 @@
</ul> </ul>
<?php endif; ?> <?php endif; ?>
</dd> </dd>
<button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
</dl> </dl>
<button type="submit" id="cu_save_user" class="btn btn-small right-floated"><?php echo _("Save")?></button>
</form> </form>
</div> </div>

3
airtime_mvc/application/views/scripts/user/add-user.phtml
View File

@ -26,6 +26,9 @@
</table> </table>
</div> </div>
</div> </div>
<div class="user-data" id="user_details_superadmin_message" style="display: none; margin-top: 105px; text-align: center;">
<?=sprintf(_("Super Admin details can be changed in your <a href=\"%s\">Billing Settings</a>."), "/billing/client");?>
</div>
<div class="user-data simple-formblock" id="user_details"> <div class="user-data simple-formblock" id="user_details">
<?php echo $this->successMessage ?> <?php echo $this->successMessage ?>
<fieldset class="padded"> <fieldset class="padded">

17
airtime_mvc/public/js/airtime/user/user.js
View File

@ -4,6 +4,17 @@ function populateForm(entries){
$('.errors').remove(); $('.errors').remove();
$('.success').remove(); $('.success').remove();
if (entries.type === 'S')
{
$("#user_details").hide();
$("#user_details_superadmin_message").show();
$('#type').attr('disabled', '1');
} else {
$("#user_details").show();
$("#user_details_superadmin_message").hide();
$('#type').removeAttr('disabled');
}
$('#user_id').val(entries.id); $('#user_id').val(entries.id);
$('#login').val(entries.login); $('#login').val(entries.login);
$('#first_name').val(entries.first_name); $('#first_name').val(entries.first_name);
@ -57,6 +68,10 @@ function rowCallback( nRow, aData, iDisplayIndex ){
} else if ( aData['type'] == "P" ) } else if ( aData['type'] == "P" )
{ {
$('td:eq(3)', nRow).html( $.i18n._('Program Manager') ); $('td:eq(3)', nRow).html( $.i18n._('Program Manager') );
} else if ( aData['type'] == "S" )
{
$('td:eq(3)', nRow).html( $.i18n._('Super Admin') );
$('td:eq(4)', nRow).html(""); //Disable deleting the super admin
} }
return nRow; return nRow;
@ -183,7 +198,7 @@ $(document).ready(function() {
var newUser = {login:"", first_name:"", last_name:"", type:"G", id:""}; var newUser = {login:"", first_name:"", last_name:"", type:"G", id:""};
$('#add_user_button').live('click', function(){populateForm(newUser)}); $('#add_user_button').live('click', function(){populateForm(newUser);});
$('#save_user').live('click', function(){ $('#save_user').live('click', function(){
var data = $('#user_form').serialize(); var data = $('#user_form').serialize();