From 52c662a14dfdf4cbc3cb3cae6ec5e1b030ea79f7 Mon Sep 17 00:00:00 2001
From: "florian.azizian" <florian.azizian@maarch.org>
Date: Thu, 14 Nov 2019 16:34:23 +0100
Subject: [PATCH] FEAT #12162 TIME 1:45 send email after account creation
---
core/class/class_security.php | 5 +++++
rest/index.php | 2 +-
src/app/user/controllers/UserController.php | 21 ++++++++++++++++++-
.../controllers/AuthenticationController.php | 14 ++++++++++---
src/core/lang/lang-en.php | 4 ++++
src/core/lang/lang-fr.php | 6 +++++-
src/core/lang/lang-nl.php | 8 +++++++
7 files changed, 54 insertions(+), 6 deletions(-)
diff --git a/core/class/class_security.php b/core/class/class_security.php
index 2fdcbbf8f8c..6e998737e78 100755
--- a/core/class/class_security.php
+++ b/core/class/class_security.php
@@ -131,6 +131,11 @@ class security extends Database
if (isset($user)) {
if ($user->__get('status') != 'SPD') {
+ \User\models\UserModel::update([
+ 'set' => ['reset_token' => null],
+ 'where' => ['user_id = ?'],
+ 'data' => [$s_login]
+ ]);
$ugc = new usergroups_controler();
$sec_controler = new SecurityControler();
$serv_controler = new ServiceControler();
diff --git a/rest/index.php b/rest/index.php
index 8a29f8f62b9..23ece3109ec 100755
--- a/rest/index.php
+++ b/rest/index.php
@@ -30,7 +30,7 @@ $app = new \Slim\App(['settings' => ['displayErrorDetails' => true, 'determineRo
//Authentication
$app->add(function (\Slim\Http\Request $request, \Slim\Http\Response $response, callable $next) {
- $routesWithoutAuthentication = ['GET/jnlp/{jnlpUniqueId}'];
+ $routesWithoutAuthentication = ['GET/jnlp/{jnlpUniqueId}', 'POST/password', 'PUT/password'];
$route = $request->getAttribute('route');
$currentMethod = empty($route) ? '' : $route->getMethods()[0];
$currentRoute = empty($route) ? '' : $route->getPattern();
diff --git a/src/app/user/controllers/UserController.php b/src/app/user/controllers/UserController.php
index 60e1e874b06..50b104d5372 100755
--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -203,6 +203,25 @@ class UserController
}
}
+ $loggingMethod = \SrcCore\models\CoreConfigModel::getLoggingMethod();
+ if (!in_array($loggingMethod['id'], ['sso', 'cas', 'ldap', 'ozwillo', 'shibboleth'])) {
+ $resetToken = AuthenticationController::getResetJWT(['id' => $newUser['id'], 'expirationTime' => 1209600]); // 14 days
+ UserModel::update(['set' => ['reset_token' => $resetToken], 'where' => ['id = ?'], 'data' => [$newUser['id']]]);
+
+ $url = UrlController::getCoreUrl() . '#/update-password?token=' . $resetToken . '&creation=true';
+ EmailController::createEmail([
+ 'userId' => $newUser['id'],
+ 'data' => [
+ 'sender' => ['email' => 'Notification'],
+ 'recipients' => [$newUser['mail']],
+ 'subject' => _NOTIFICATIONS_USER_CREATION_SUBJECT,
+ 'body' => _NOTIFICATIONS_USER_CREATION_BODY . $url . _NOTIFICATIONS_USER_CREATION_FOOTER,
+ 'isHtml' => true,
+ 'status' => 'WAITING'
+ ]
+ ]);
+ }
+
HistoryController::add([
'tableName' => 'users',
'recordId' => $GLOBALS['userId'],
@@ -1541,7 +1560,7 @@ class UserController
$GLOBALS['id'] = $user['id'];
- $resetToken = AuthenticationController::getResetJWT();
+ $resetToken = AuthenticationController::getResetJWT(['id' => $user['id'], 'expirationTime' => 3600]); // 1 hour
UserModel::update(['set' => ['reset_token' => $resetToken], 'where' => ['id = ?'], 'data' => [$user['id']]]);
$url = UrlController::getCoreUrl() . '#/update-password?token=' . $resetToken;
diff --git a/src/core/controllers/AuthenticationController.php b/src/core/controllers/AuthenticationController.php
index e5d82328528..80d4c9ddf20 100755
--- a/src/core/controllers/AuthenticationController.php
+++ b/src/core/controllers/AuthenticationController.php
@@ -46,6 +46,14 @@ class AuthenticationController
}
}
+ if (!empty($userId)) {
+ UserModel::update([
+ 'set' => ['reset_token' => null],
+ 'where' => ['user_id = ?'],
+ 'data' => [$userId]
+ ]);
+ }
+
return $userId;
}
@@ -120,12 +128,12 @@ class AuthenticationController
return _BAD_LOGIN_OR_PSW;
}
- public static function getResetJWT()
+ public static function getResetJWT($args = [])
{
$token = [
- 'exp' => time() + 3600,
+ 'exp' => time() + $args['expirationTime'],
'user' => [
- 'id' => $GLOBALS['id']
+ 'id' => $args['id']
]
];
diff --git a/src/core/lang/lang-en.php b/src/core/lang/lang-en.php
index 4f08be851a6..06ebd8309a3 100755
--- a/src/core/lang/lang-en.php
+++ b/src/core/lang/lang-en.php
@@ -414,3 +414,7 @@ define("_NOTIFICATIONS_FORGOT_PASSWORD_BODY", "Hello,<br/>You requested to reset
define("_NOTIFICATIONS_FORGOT_PASSWORD_FOOTER", "<br/><br/>If you did not perform this request, you can safely ignore this email.<br/>Please contact your administrator if you have any questions.");
define("_PASSWORD_REINIT_SENT", "Password reset sent");
define("_PASSWORD_REINIT", "Password rest");
+
+define("_NOTIFICATIONS_USER_CREATION_SUBJECT", "[Maarch Courrier] Account creation");
+define("_NOTIFICATIONS_USER_CREATION_BODY", "Hello,<br/>an administrator created your account in Maarch Courrier software.<br/>To log in and set your password, please click on the link below :<br/>");
+define("_NOTIFICATIONS_USER_CREATION_FOOTER", "<br/>Pour toutes questions, merci de contacter l'administrateur technique de la solution.");
diff --git a/src/core/lang/lang-fr.php b/src/core/lang/lang-fr.php
index b834bfa76b3..8377b9f7e43 100755
--- a/src/core/lang/lang-fr.php
+++ b/src/core/lang/lang-fr.php
@@ -409,7 +409,11 @@ define("_INDEXINGMODEL_SUPPRESSION", "Modèle d'enregistrement supprimé");
define("_PRIORITY_DELAY_ALREADY_SET", "Ce délai de traitement est déjà défini pour une autre priorité");
define("_NOTIFICATIONS_FORGOT_PASSWORD_SUBJECT", "[Maarch Courrier] Demande de réinitialisation de mot de passe");
-define("_NOTIFICATIONS_FORGOT_PASSWORD_BODY", "Bonjour,<br/>Vous avez demandé à retrouver le mot de passe d'accès à votre compte Maarch Courrier.<br/>Pour modifier votre mot de passe, merci de bien vouloir cliquer sur le lien ci-dessous :<br/>");
+define("_NOTIFICATIONS_FORGOT_PASSWORD_BODY", "Bonjour,<br/>Vous avez demandé à retrouver le mot de passe d'accès à votre compte Maarch Courrier.<br/>Pour modifier votre mot de passe, merci de bien vouloir cliquer sur le lien ci-dessous :<br/><br/>");
define("_NOTIFICATIONS_FORGOT_PASSWORD_FOOTER", "<br/><br/>Si vous n'êtes pas à l'origine de cette demande, merci d'ignorer ce courriel.<br/>Pour toutes questions, merci de contacter l'administrateur technique de la solution.");
define("_PASSWORD_REINIT_SENT", "Réinitialisation du mot de passe envoyé");
define("_PASSWORD_REINIT", "Mot de passe réinitialisé");
+
+define("_NOTIFICATIONS_USER_CREATION_SUBJECT", "[Maarch Courrier] Création de votre compte");
+define("_NOTIFICATIONS_USER_CREATION_BODY", "Bonjour,<br/>Un administrateur a créé votre compte dans l'application Maarch Courrier.<br/>Pour vous connecter et définir votre mot de passe, merci de bien vouloir cliquer sur le lien ci-dessous :<br/><br/>");
+define("_NOTIFICATIONS_USER_CREATION_FOOTER", "<br/><br/>Ce message est envoyé automatiquement. Merci de ne pas y répondre.<br/>Pour toutes questions, merci de contacter l'administrateur technique de la solution.");
diff --git a/src/core/lang/lang-nl.php b/src/core/lang/lang-nl.php
index ed4e724c4ef..747efabf63d 100755
--- a/src/core/lang/lang-nl.php
+++ b/src/core/lang/lang-nl.php
@@ -419,3 +419,11 @@ define("_NOTIFICATIONS_FORGOT_PASSWORD_BODY", "Hello,<br/>You requested to reset
define("_NOTIFICATIONS_FORGOT_PASSWORD_FOOTER", "<br/><br/>If you did not perform this request, you can safely ignore this email.<br/>Please contact your administrator if you have any questions._TO_TRANSLATE");
define("_PASSWORD_REINIT_SENT", "Password reset sent_TO_TRANSLATE");
define("_PASSWORD_REINIT", "Password rest_TO_TRANSLATE");
+
+define("_NOTIFICATIONS_USER_CREATION_SUBJECT", "[Maarch Courrier] Création de compte_TO_TRANSLATE");
+define("_NOTIFICATIONS_USER_CREATION_BODY", "Bonjour,<br/>un administrateur a créé votre compte dans l'application Maarch Courrier.<br/>Pour vous connecter et définir votre mot de passe, cliquer sur le lien ci-dessous :<br/>_TO_TRANSLATE");
+define("_NOTIFICATIONS_USER_CREATION_FOOTER", "<br/>Pour toutes questions, merci de contacter l'administrateur technique de la solution._TO_TRANSLATE");
+
+define("_NOTIFICATIONS_USER_CREATION_SUBJECT", "[Maarch Courrier] Account creation_TO_TRANSLATE");
+define("_NOTIFICATIONS_USER_CREATION_BODY", "Hello,<br/>an administrator created your account in Maarch Courrier software.<br/>To log in and set your password, please click on the link below :<br/>_TO_TRANSLATE");
+define("_NOTIFICATIONS_USER_CREATION_FOOTER", "<br/>Pour toutes questions, merci de contacter l'administrateur technique de la solution._TO_TRANSLATE");
--
GitLab