Rev 1293 | Go to most recent revision | Show entire file | Regard whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 1293 | Rev 1410 | ||
---|---|---|---|
Line 30... | Line 30... | ||
30 | * @return array |
30 | * @return array |
31 | * @throws OIDplusException |
31 | * @throws OIDplusException |
32 | * @throws OIDplusMailException |
32 | * @throws OIDplusMailException |
33 | */ |
33 | */ |
34 | private function action_Request(array $params): array { |
34 | private function action_Request(array $params): array { |
35 | $email = $params['email']; |
35 | $email = $params['email'] ?? ""; |
36 | - | ||
37 | if (!OIDplus::mailUtils()->validMailAddress($email)) { |
- | |
38 | throw new OIDplusException(_L('Invalid email address')); |
- | |
39 | } |
- | |
40 | 36 | ||
41 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
37 | OIDplus::getActiveCaptchaPlugin()->captchaVerify($params, 'captcha'); |
42 | 38 | ||
43 | $this->inviteSecurityCheck($email); |
39 | $this->inviteSecurityCheck($email); |
- | 40 | ||
44 | // TODO: should we also log who has invited? |
41 | $by = OIDplus::authUtils()->isAdminLoggedIn() ? 'the system administrator' : 'a superior Registration Authority'; |
45 | OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has been invited", $email); |
42 | OIDplus::logger()->log("V2:[INFO]RA(%1)", "RA '%1' has been invited by %2", $email, $by); |
46 | 43 | ||
47 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_ra$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email])); |
44 | $activate_url = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL) . '?goto='.urlencode('oidplus:activate_ra$'.$email.'$'.OIDplus::authUtils()->makeAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email])); |
48 | 45 | ||
49 | $message = $this->getInvitationText($email); |
46 | $message = $this->getInvitationText($email); |
50 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
47 | $message = str_replace('{{ACTIVATE_URL}}', $activate_url, $message); |
Line 73... | Line 70... | ||
73 | 70 | ||
74 | if (!OIDplus::authUtils()->validateAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time',-1))) { |
71 | if (!OIDplus::authUtils()->validateAuthKey(['ed840c3e-f4fa-11ed-b67e-3c4a92df8582',$email], $auth, OIDplus::config()->getValue('max_ra_invite_time',-1))) { |
75 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
72 | throw new OIDplusException(_L('Invalid or expired authentication key')); |
76 | } |
73 | } |
77 | 74 | ||
- | 75 | if (!$email || !OIDplus::mailUtils()->validMailAddress($email)) { |
|
- | 76 | throw new OIDplusException(_L('Invalid email address')); |
|
- | 77 | } |
|
- | 78 | ||
78 | if ($password1 !== $password2) { |
79 | if ($password1 !== $password2) { |
79 | throw new OIDplusException(_L('Passwords do not match')); |
80 | throw new OIDplusException(_L('Passwords do not match')); |
80 | } |
81 | } |
81 | 82 | ||
82 | if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
83 | if (strlen($password1) < OIDplus::config()->getValue('ra_min_password_length')) { |
Line 136... | Line 137... | ||
136 | */ |
137 | */ |
137 | public function gui(string $id, array &$out, bool &$handled) { |
138 | public function gui(string $id, array &$out, bool &$handled) { |
138 | if (explode('$',$id)[0] == 'oidplus:invite_ra') { |
139 | if (explode('$',$id)[0] == 'oidplus:invite_ra') { |
139 | $handled = true; |
140 | $handled = true; |
140 | 141 | ||
141 | $email = explode('$',$id)[1]; |
142 | $email = explode('$',$id)[1] ?? null; |
142 | $origin = explode('$',$id)[2]; |
143 | $origin = explode('$',$id)[2] ?? "oidplus:system"; |
143 | 144 | ||
144 | $out['title'] = _L('Invite a Registration Authority'); |
145 | $out['title'] = _L('Invite a Registration Authority'); |
145 | 146 | ||
146 | if (!OIDplus::config()->getValue('ra_invitation_enabled')) { |
147 | if (!OIDplus::config()->getValue('ra_invitation_enabled')) { |
147 | throw new OIDplusException(_L('Invitations are disabled by the administrator.'), $out['title']); |
148 | throw new OIDplusException(_L('Invitations are disabled by the administrator.'), $out['title']); |
Line 151... | Line 152... | ||
151 | 152 | ||
152 | try { |
153 | try { |
153 | $this->inviteSecurityCheck($email); |
154 | $this->inviteSecurityCheck($email); |
154 | $cont = $this->getInvitationText($email); |
155 | $cont = $this->getInvitationText($email); |
155 | 156 | ||
156 | $out['text'] .= '<p>'._L('You have chosen to invite %1 as a Registration Authority. If you click "Send", the following email will be sent to %2:','<b>'.$email.'</b>',$email).'</p><p><i>'.nl2br(htmlentities($cont)).'</i></p> |
157 | $out['text'] .= '<p>'._L('You have chosen to invite %1 as a Registration Authority. If you click "Send invitation", the following email will be sent to %2:','<b>'.$email.'</b>',$email).'</p><p><i>'.nl2br(htmlentities($cont)).'</i></p> |
157 | <form id="inviteForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaInvite.inviteFormOnSubmit();"> |
158 | <form id="inviteForm" action="javascript:void(0);" onsubmit="return OIDplusPageRaInvite.inviteFormOnSubmit();"> |
158 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
159 | <input type="hidden" id="email" value="'.htmlentities($email).'"/> |
159 | <input type="hidden" id="origin" value="'.htmlentities($origin).'"/> |
160 | <input type="hidden" id="origin" value="'.htmlentities($origin).'"/> |
160 | '.OIDplus::getActiveCaptchaPlugin()->captchaGenerate().' |
161 | '.OIDplus::getActiveCaptchaPlugin()->captchaGenerate().' |
161 | <br> |
162 | <br> |
- | 163 | <input type="button" value="'._L('Cancel').'" onclick="history.back()"><!-- TODO: redirect to $origin instead? --> |
|
162 | <input type="submit" value="'._L('Send invitation').'"> |
164 | <input type="submit" value="'._L('Send invitation').'"> |
163 | </form>'; |
165 | </form>'; |
164 | 166 | ||
165 | } catch (\Exception $e) { |
167 | } catch (\Exception $e) { |
166 | 168 | ||
Line 222... | Line 224... | ||
222 | * @param string $email |
224 | * @param string $email |
223 | * @return void |
225 | * @return void |
224 | * @throws OIDplusException |
226 | * @throws OIDplusException |
225 | */ |
227 | */ |
226 | private function inviteSecurityCheck(string $email) { |
228 | private function inviteSecurityCheck(string $email) { |
- | 229 | if (!$email || !OIDplus::mailUtils()->validMailAddress($email)) { |
|
- | 230 | throw new OIDplusException(_L('Invalid email address')); |
|
- | 231 | } |
|
- | 232 | ||
227 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
233 | $res = OIDplus::db()->query("select * from ###ra where email = ?", array($email)); |
228 | if ($res->any()) { |
234 | if ($res->any()) { |
229 | throw new OIDplusException(_L('This RA is already registered and does not need to be invited.')); |
235 | throw new OIDplusException(_L('This RA is already registered and does not need to be invited.')); |
230 | } |
236 | } |
231 | 237 | ||
Line 256... | Line 262... | ||
256 | $list_of_oids = array(); |
262 | $list_of_oids = array(); |
257 | $res = OIDplus::db()->query("select id from ###objects where ra_email = ?", array($email)); |
263 | $res = OIDplus::db()->query("select id from ###objects where ra_email = ?", array($email)); |
258 | while ($row = $res->fetch_array()) { |
264 | while ($row = $res->fetch_array()) { |
259 | $list_of_oids[] = $row['id']; |
265 | $list_of_oids[] = $row['id']; |
260 | } |
266 | } |
- | 267 | if (count($list_of_oids) == 0) { |
|
- | 268 | $list_of_oids[] = '(' . _L('None') . ')'; |
|
- | 269 | } |
|
261 | 270 | ||
262 | $message = file_get_contents(__DIR__ . '/invite_msg.tpl'); |
271 | $message = file_get_contents(__DIR__ . '/invite_msg.tpl'); |
263 | 272 | ||
264 | // Resolve stuff |
273 | // Resolve stuff |
265 | // Note: {{ACTIVATE_URL}} will be resolved in ajax.php |
- | |
- | 274 | ||
266 | 275 | ||
267 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
276 | $message = str_replace('{{SYSTEM_URL}}', OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL), $message); |
268 | $message = str_replace('{{OID_LIST}}', implode("\n", $list_of_oids), $message); |
277 | $message = str_replace('{{OID_LIST}}', implode("\n", $list_of_oids), $message); |
269 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
278 | $message = str_replace('{{ADMIN_EMAIL}}', OIDplus::config()->getValue('admin_email'), $message); |
- | 279 | $message = str_replace('{{ACTIVATE_URL}}', '[...]', $message); // Note: {{ACTIVATE_URL}} will be resolved in ajax.php, not here! |
|
270 | 280 | ||
271 | return str_replace('{{PARTY}}', OIDplus::authUtils()->isAdminLoggedIn() ? 'the system administrator' : 'a superior Registration Authority', $message); |
281 | return str_replace('{{PARTY}}', OIDplus::authUtils()->isAdminLoggedIn() ? 'the system administrator' : 'a superior Registration Authority', $message); |
272 | } |
282 | } |
273 | 283 | ||
274 | /** |
284 | /** |