FEAT #11645 TIME 0:45 Send account activation notification on demand

e1ab1a5d · Damien · aa63d173 · e1ab1a5d · e1ab1a5d · e1ab1a5d
Verified Commit e1ab1a5d authored 5 years ago by Damien
--- a/rest/index.php
+++ b/rest/index.php
@@ -431,6 +431,7 @@ $app->delete('/users/{id}/signatures/{signatureId}', \User\controllers\UserContr
 $app->post('/users/{id}/redirectedBaskets', \User\controllers\UserController::class . ':setRedirectedBaskets');
 $app->delete('/users/{id}/redirectedBaskets', \User\controllers\UserController::class . ':deleteRedirectedBasket');
 $app->put('/users/{id}/baskets', \User\controllers\UserController::class . ':updateBasketsDisplay');
+$app->put('/users/{id}/accountCreationNotification', \User\controllers\UserController::class . ':sendAccountActivationNotification');
 $app->post('/password', \User\controllers\UserController::class . ':forgotPassword');
 $app->put('/password', \User\controllers\UserController::class . ':passwordInitialization');


--- a/src/app/user/controllers/UserController.php
+++ b/src/app/user/controllers/UserController.php
@@ -170,7 +170,7 @@ class UserController
            ]);

            if ($loggingMethod['id'] == 'standard') {
-                AuthenticationController::sendUserCreationNotification(['userId' => $existingUser['id'], 'userEmail' => $existingUser['mail']]);
+                AuthenticationController::sendAccountActivationNotification(['userId' => $existingUser['id'], 'userEmail' => $existingUser['mail']]);
            }

            return $response->withJson(['id' => $existingUser['id']]);
@@ -198,7 +198,7 @@ class UserController
        }

        if ($loggingMethod['id'] == 'standard') {
-            AuthenticationController::sendUserCreationNotification(['userId' => $id, 'userEmail' => $data['mail']]);
+            AuthenticationController::sendAccountActivationNotification(['userId' => $id, 'userEmail' => $data['mail']]);
        }

        HistoryController::add([
@@ -1443,56 +1443,64 @@ class UserController
        ]);
    }

-    public function hasUsersRights(array $aArgs)
+    public function sendAccountActivationNotification(Request $request, Response $response, array $args)
    {
-        $error = [
-            'status'    => 200,
-            'error'     => ''
-        ];
+        $control = $this->hasUsersRights(['id' => $args['id']]);
+        if (!empty($control['error'])) {
+            return $response->withStatus($control['status'])->withJson(['errors' => $control['error']]);
+        }

-        if (!is_numeric($aArgs['id'])) {
-            $error['status'] = 400;
-            $error['error'] = 'id must be an integer';
-        } else {
-            $user = UserModel::getById(['id' => $aArgs['id'], 'select' => ['user_id']]);
-            if (empty($user['user_id'])) {
-                $error['status'] = 400;
-                $error['error'] = 'User not found';
-            } else {
-                if (empty($aArgs['himself']) || $GLOBALS['userId'] != $user['user_id']) {
-                    if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_users', 'userId' => $GLOBALS['id']])) {
-                        $error['status'] = 403;
-                        $error['error'] = 'Service forbidden';
-                    }
-                    if ($GLOBALS['userId'] != 'superadmin') {
-                        $entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['userId']]);
-                        $users = UserEntityModel::getWithUsers([
-                            'select'    => ['users.id'],
-                            'where'     => ['users_entities.entity_id in (?)', 'status != ?'],
-                            'data'      => [$entities, 'DEL']
-                        ]);
-                        $usersNoEntities = UserEntityModel::getUsersWithoutEntities(['select' => ['id']]);
-                        $users = array_merge($users, $usersNoEntities);
-                        $allowed = false;
-                        foreach ($users as $value) {
-                            if ($value['id'] == $aArgs['id']) {
-                                $allowed = true;
-                            }
-                        }
-                        if (!$allowed) {
-                            $error['status'] = 403;
-                            $error['error'] = 'UserId out of perimeter';
-                        }
+        $loggingMethod = CoreConfigModel::getLoggingMethod();
+        if ($loggingMethod['id'] != 'standard') {
+            return $response->withStatus($control['status'])->withJson(['errors' => $control['error']]);
+        }
+
+        $user = UserModel::getById(['id' => $args['id'], 'select' => ['mail']]);
+
+        AuthenticationController::sendAccountActivationNotification(['userId' => $args['id'], 'userEmail' => $user['mail']]);
+
+        return $response->withStatus(204);
+    }
+
+    public function hasUsersRights(array $args)
+    {
+        if (!is_numeric($args['id'])) {
+            return ['status' => 400, 'error' => 'id must be an integer'];
+        }
+
+        $user = UserModel::getById(['id' => $args['id'], 'select' => ['user_id']]);
+        if (empty($user['user_id'])) {
+            return ['status' => 400, 'error' => 'User not found'];
+        }
+
+        if (empty($args['himself']) || $GLOBALS['userId'] != $user['user_id']) {
+            if (!PrivilegeController::hasPrivilege(['privilegeId' => 'admin_users', 'userId' => $GLOBALS['id']])) {
+                return ['status' => 403, 'error' => 'Service forbidden'];
+            }
+            if ($GLOBALS['userId'] != 'superadmin') {
+                $entities = EntityModel::getAllEntitiesByUserId(['userId' => $GLOBALS['userId']]);
+                $users = UserEntityModel::getWithUsers([
+                    'select'    => ['users.id'],
+                    'where'     => ['users_entities.entity_id in (?)', 'status != ?'],
+                    'data'      => [$entities, 'DEL']
+                ]);
+                $usersNoEntities = UserEntityModel::getUsersWithoutEntities(['select' => ['id']]);
+                $users = array_merge($users, $usersNoEntities);
+                $allowed = false;
+                foreach ($users as $value) {
+                    if ($value['id'] == $args['id']) {
+                        $allowed = true;
                    }
-                } elseif ($aArgs['delete'] && $GLOBALS['userId'] == $user['user_id']) {
-                    $error['status'] = 403;
-                    $error['error'] = 'Can not delete yourself';
+                }
+                if (!$allowed) {
+                    return ['status' => 403, 'error' => 'UserId out of perimeter'];
                }
            }
+        } elseif ($args['delete'] && $GLOBALS['userId'] == $user['user_id']) {
+            return ['status' => 403, 'error' => 'Can not delete yourself'];
        }

-
-        return $error;
+        return true;
    }

    private function checkNeededParameters(array $aArgs)

--- a/src/core/controllers/AuthenticationController.php
+++ b/src/core/controllers/AuthenticationController.php
@@ -141,7 +141,7 @@ class AuthenticationController
        return $jwt;
    }

-    public static function sendUserCreationNotification(array $args)
+    public static function sendAccountActivationNotification(array $args)
    {
        $resetToken = AuthenticationController::getResetJWT(['id' => $args['userId'], 'expirationTime' => 1209600]); // 14 days
        UserModel::update(['set' => ['reset_token' => $resetToken], 'where' => ['id = ?'], 'data' => [$args['userId']]]);