From 7f6fc7770ac568ee926aa7bc86d3b86f6be76ed1 Mon Sep 17 00:00:00 2001 From: Albert Santoni Date: Tue, 17 Jun 2014 17:40:55 -0400 Subject: [PATCH] Added Super Admin role and WHMCS login --- airtime_mvc/application/configs/ACL.php | 5 +- .../controllers/LoginController.php | 1 - .../controllers/UserController.php | 4 +- .../controllers/WhmcsLoginController.php | 176 ++++++++++++++++++ .../controllers/plugins/Acl_plugin.php | 3 +- airtime_mvc/application/forms/AddUser.php | 4 +- airtime_mvc/application/models/Preference.php | 2 +- airtime_mvc/public/js/airtime/user/user.js | 11 +- 8 files changed, 197 insertions(+), 9 deletions(-) create mode 100644 airtime_mvc/application/controllers/WhmcsLoginController.php diff --git a/airtime_mvc/application/configs/ACL.php b/airtime_mvc/application/configs/ACL.php index 842778065..e4b884e6e 100644 --- a/airtime_mvc/application/configs/ACL.php +++ b/airtime_mvc/application/configs/ACL.php @@ -7,13 +7,15 @@ $ccAcl = new Zend_Acl(); $ccAcl->addRole(new Zend_Acl_Role('G')) ->addRole(new Zend_Acl_Role('H'), 'G') ->addRole(new Zend_Acl_Role('P'), 'H') - ->addRole(new Zend_Acl_Role('A'), 'P'); + ->addRole(new Zend_Acl_Role('A'), 'P') + ->addRole(new Zend_Acl_Role('S'), 'A'); $ccAcl->add(new Zend_Acl_Resource('library')) ->add(new Zend_Acl_Resource('index')) ->add(new Zend_Acl_Resource('user')) ->add(new Zend_Acl_Resource('error')) ->add(new Zend_Acl_Resource('login')) + ->add(new Zend_Acl_Resource('whmcs-login')) ->add(new Zend_Acl_Resource('playlist')) ->add(new Zend_Acl_Resource('plupload')) ->add(new Zend_Acl_Resource('schedule')) @@ -34,6 +36,7 @@ $ccAcl->add(new Zend_Acl_Resource('library')) /** Creating permissions */ $ccAcl->allow('G', 'index') ->allow('G', 'login') + ->allow('G', 'whmcs-login') ->allow('G', 'error') ->allow('G', 'user', 'edit-user') ->allow('G', 'showbuilder') diff --git a/airtime_mvc/application/controllers/LoginController.php b/airtime_mvc/application/controllers/LoginController.php index ee4ced5e4..311b000eb 100644 --- a/airtime_mvc/application/controllers/LoginController.php +++ b/airtime_mvc/application/controllers/LoginController.php @@ -16,7 +16,6 @@ class LoginController extends Zend_Controller_Action Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA')); if (Zend_Auth::getInstance()->hasIdentity()) { - $this->_redirect('Showbuilder'); } diff --git a/airtime_mvc/application/controllers/UserController.php b/airtime_mvc/application/controllers/UserController.php index fad0277db..30963ae98 100644 --- a/airtime_mvc/application/controllers/UserController.php +++ b/airtime_mvc/application/controllers/UserController.php @@ -62,7 +62,9 @@ class UserController extends Zend_Controller_Action if ($formData['password'] != "xxxxxx") { $user->setPassword($formData['password']); } - $user->setType($formData['type']); + if (array_key_exists('type', $formData)) { + $user->setType($formData['type']); + } $user->setEmail($formData['email']); $user->setCellPhone($formData['cell_phone']); $user->setSkype($formData['skype']); diff --git a/airtime_mvc/application/controllers/WhmcsLoginController.php b/airtime_mvc/application/controllers/WhmcsLoginController.php new file mode 100644 index 000000000..5b05d40c6 --- /dev/null +++ b/airtime_mvc/application/controllers/WhmcsLoginController.php @@ -0,0 +1,176 @@ +getRequest(); + $this->view->layout()->disableLayout(); + $this->_helper->viewRenderer->setNoRender(true); + + $username = "admin"; + $email = $_POST["email"]; + $password = $_POST["password"]; + + Application_Model_Locale::configureLocalization($request->getcookie('airtime_locale', 'en_CA')); + if (Zend_Auth::getInstance()->hasIdentity()) + { + $this->_redirect('Showbuilder'); + } + + $authAdapter = new WHMCS_Auth_Adapter($username, $email, $password); + + $auth = Zend_Auth::getInstance(); + $result = $auth->authenticate($authAdapter); + if ($result->isValid()) { + //all info about this user from the login table omit only the password + //$userInfo = $authAdapter->getResultRowObject(null, 'password'); + + //the default storage is a session with namespace Zend_Auth + /* + [id] => 1 + [login] => admin + [pass] => hashed password + [type] => A + [first_name] => + [last_name] => + [lastlogin] => + [lastfail] => + [skype_contact] => + [jabber_contact] => + [email] => asdfasdf@asdasdf.com + [cell_phone] => + [login_attempts] => 0 + */ + + //Zend_Auth already does this for us, it's not needed: + //$authStorage = $auth->getStorage(); + //$authStorage->write($result->getIdentity()); //$userInfo); + + //set the user locale in case user changed it in when logging in + //$locale = $form->getValue('locale'); + //Application_Model_Preference::SetUserLocale($locale); + + $this->_redirect('Showbuilder'); + } + else { + echo("Sorry, that username or password was incorrect."); + } + + return; + } +} + +class WHMCS_Auth_Adapter implements Zend_Auth_Adapter_Interface { + private $username; + private $password; + private $email; + + function __construct($username, $email, $password) { + $this->username = $username; + $this->password = $password; + $this->email = $email; + $this->identity = null; + } + + function authenticate() { + if (!$this->validateCredentialsWithWHMCS($this->email, $this->password)) + { + return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null); + } + + $identity = array(); + + //TODO: Get identity of the first admin user! + + /* + $identity["id"] = 1; + $identity["type"] = "S"; + $identity["login"] = $this->username; //admin"; + $identity["email"] = $this->email;*/ + $identity = $this->getSuperAdminIdentity(); + if (is_null($identity)) { + Logging::error("No super admin user found"); + return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null); + } + $identity = (object)$identity; //Convert the array into an stdClass object + + try { + return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $identity); + } catch (Exception $e) { + // exception occured + return new Zend_Auth_Result(Zend_Auth_Result::FAILURE, null); + } + } + + private function getSuperAdminIdentity() + { + $firstSuperAdminUser = CcSubjsQuery::create() + ->filterByDbType('S') + ->orderByDbId() + ->findOne(); + if (!$firstSuperAdminUser) { + //If there's no super admin users, get the first regular admin user! + $firstSuperAdminUser = CcSubjsQuery::create() + ->filterByDbType('A') + ->orderByDbId() + ->findOne(); + if (!$firstSuperAdminUser) { + return null; + } + } + $identity["id"] = $firstSuperAdminUser->getDbId(); + $identity["type"] = "S"; //Super Admin + $identity["login"] = $firstSuperAdminUser->getDbLogin(); + $identity["email"] = $this->email; + return $identity; + } + + private function validateCredentialsWithWHMCS($email, $password) + { + $client_postfields = array(); + $client_postfields["username"] = $_SERVER['WHMCS_USERNAME']; //WHMCS API username + $client_postfields["password"] = md5($_SERVER['WHMCS_PASSWORD']); //WHMCS API password + $client_postfields["action"] ="validatelogin"; + $client_postfields["responsetype"] = "json"; + + $client_postfields["email"] = $email; + $client_postfields["password2"] = $password; + + $query_string = ""; + foreach ($client_postfields as $k => $v) $query_string .= "$k=".urlencode($v)."&"; + + $ch = curl_init(); + curl_setopt($ch, CURLOPT_URL, WHMCS_API_URL); + curl_setopt($ch, CURLOPT_POST, 1); + curl_setopt($ch, CURLOPT_TIMEOUT, 30); + curl_setopt($ch, CURLOPT_FAILONERROR, 1); + curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); + curl_setopt($ch, CURLOPT_POSTFIELDS, $query_string); + curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); + curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); + $jsondata = curl_exec($ch); + if (curl_error($ch)) { + die(curl_getinfo($ch, CURLINFO_EFFECTIVE_URL)); + //die("Connection Error: ".curl_errno($ch).' - '.curl_error($ch)); + } + curl_close($ch); + + $arr = json_decode($jsondata, true); # Decode JSON String + + if ($arr["result"] != "success") { + return false; + } + + return true; + } +} \ No newline at end of file diff --git a/airtime_mvc/application/controllers/plugins/Acl_plugin.php b/airtime_mvc/application/controllers/plugins/Acl_plugin.php index c5dc4b9f4..bfacdeb09 100644 --- a/airtime_mvc/application/controllers/plugins/Acl_plugin.php +++ b/airtime_mvc/application/controllers/plugins/Acl_plugin.php @@ -117,8 +117,7 @@ class Zend_Controller_Plugin_Acl extends Zend_Controller_Plugin_Abstract return; } - if (in_array($controller, array("api", "auth", "locale", "upgrade"))) { - + if (in_array($controller, array("api", "auth", "locale", "upgrade", 'whmcs-login'))) { $this->setRoleName("G"); } elseif (!Zend_Auth::getInstance()->hasIdentity()) { diff --git a/airtime_mvc/application/forms/AddUser.php b/airtime_mvc/application/forms/AddUser.php index 1d3835ae7..09d5216c1 100644 --- a/airtime_mvc/application/forms/AddUser.php +++ b/airtime_mvc/application/forms/AddUser.php @@ -95,9 +95,9 @@ class Application_Form_AddUser extends Zend_Form "G" => _("Guest"), "H" => _("DJ"), "P" => _("Program Manager"), - "A" => _("Admin") + "A" => _("Admin"), )); - $select->setRequired(true); + $select->setRequired(false); $this->addElement($select); $saveBtn = new Zend_Form_Element_Button('save_user'); diff --git a/airtime_mvc/application/models/Preference.php b/airtime_mvc/application/models/Preference.php index cfed23b1c..24d61e066 100644 --- a/airtime_mvc/application/models/Preference.php +++ b/airtime_mvc/application/models/Preference.php @@ -6,7 +6,7 @@ class Application_Model_Preference { private static function getUserId() - { + { //pass in true so the check is made with the autoloader //we need this check because saas calls this function from outside Zend if (!class_exists("Zend_Auth", true) || !Zend_Auth::getInstance()->hasIdentity()) { diff --git a/airtime_mvc/public/js/airtime/user/user.js b/airtime_mvc/public/js/airtime/user/user.js index 71f9eed6e..3473e1acf 100644 --- a/airtime_mvc/public/js/airtime/user/user.js +++ b/airtime_mvc/public/js/airtime/user/user.js @@ -23,6 +23,12 @@ function populateForm(entries){ $('#password').val(""); $('#passwordVerify').val(""); } + if (entries.login === 'admin') + { + $('#type').attr('disabled', '1'); + } else { + $('#type').removeAttr('disabled'); + } } function rowClickCallback(row_id){ @@ -57,6 +63,9 @@ function rowCallback( nRow, aData, iDisplayIndex ){ } else if ( aData['type'] == "P" ) { $('td:eq(3)', nRow).html( $.i18n._('Program Manager') ); + } else if ( aData['type'] == "S" ) + { + $('td:eq(3)', nRow).html( $.i18n._('Super Admin') ); } return nRow; @@ -183,7 +192,7 @@ $(document).ready(function() { var newUser = {login:"", first_name:"", last_name:"", type:"G", id:""}; - $('#add_user_button').live('click', function(){populateForm(newUser)}); + $('#add_user_button').live('click', function(){populateForm(newUser);}); $('#save_user').live('click', function(){ var data = $('#user_form').serialize();