19 declare(strict_types=1);
51 $this->
ctrl = $DIC->ctrl();
52 $this->
lng = $DIC->language();
53 $this->rbacreview = $DIC->rbac()->review();
54 $this->tpl = $DIC->ui()->mainTemplate();
56 $this->ilErr = $DIC[
'ilErr'];
57 $this->
help = $DIC->help();
58 $this->
http = $DIC->http();
60 $this->ui_factory = $DIC->ui()->factory();
61 $this->ui_renderer = $DIC->ui()->renderer();
62 $this->actor = $DIC->user();
64 $this->
help->setScreenIdComponent(
'init');
69 $key = $this->
http->wrapper()->query()->retrieve(
72 $this->refinery->kindlyTo()->string(),
74 $this->
http->wrapper()->post()->retrieve(
76 $this->
refinery->byTrying([$this->refinery->kindlyTo()->string(), $this->
refinery->always(
'')])
93 if (!$this->
settings->get(
'setup_ok')) {
94 $this->ilErr->raiseError(
'Setup is not completed. Please run setup routine again.', $this->ilErr->FATAL);
98 if (!$this->
settings->get(
'password_assistance')) {
99 $this->ilErr->raiseError($this->
lng->txt(
'permission_denied'), $this->ilErr->MESSAGE);
102 if ($this->actor->getId() > 0 && !$this->actor->isAnonymous()) {
103 $this->ilErr->raiseError($this->
lng->txt(
'permission_denied'), $this->ilErr->MESSAGE);
106 $this->
lng->loadLanguageModule(
'pwassist');
107 $cmd = $this->
ctrl->getCmd() ??
'';
108 $next_class = $this->
ctrl->getNextClass($this);
110 switch ($next_class) {
112 if ($cmd !==
'' && method_exists($this, $cmd)) {
133 return [
'submitAssignPasswordForm'];
144 private function buildUrl(
string $script, array $query_parameters): string
146 $url = implode(
'/', [
153 http_build_query($query_parameters,
'',
'&')
161 return $this->
refinery->custom()->constraint(
162 static function ($value):
bool {
165 $this->
lng->txt(
'email_not_valid')
171 return $this->
refinery->custom()->transformation(
static function (array $values): array {
172 return array_merge(...$values);
178 return $this->
refinery->custom()->transformation(
static function (array $values): array {
185 return $this->
refinery->custom()->transformation(
static function ($value) {
186 if (is_string($value)) {
187 $value = trim($value);
196 $field_factory = $this->ui_factory->input()->field();
198 return $this->ui_factory
203 $this->
ctrl->getFormAction($this,
'submitAssistanceForm'),
205 $field_factory->section(
207 self::PROP_USERNAME => $field_factory
208 ->text($this->
lng->txt(
'username'))
210 ->withRequired(
true),
211 self::PROP_EMAIL => $field_factory
212 ->text($this->
lng->txt(
'email'))
215 ->withAdditionalTransformation($this->
emailTrafo()),
217 $this->
lng->txt(
'password_assistance'),
222 ->withSubmitLabel($this->
lng->txt(
'submit'))
229 $this->
help->setSubScreenId(
'password_assistance');
232 $tpl->
setVariable(
'TXT_PAGEHEADLINE', $this->
lng->txt(
'password_assistance'));
235 $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
237 $this->
lng->txt(
'password_assistance')
242 'TXT_ENTER_USERNAME_AND_EMAIL',
243 $this->ui_renderer->render(
244 $this->ui_factory->messageBox()->info(
249 $this->
lng->txt(
'pwassist_enter_username_and_email'),
259 $tpl->
setVariable(
'FORM', $this->ui_renderer->render($form ?? $this->getAssistanceForm()));
276 if ($this->
http->request()->getMethod() ===
'POST') {
277 $form = $form->withRequest($this->
http->request());
278 $form_data = $form->getData();
279 $form_valid = $form_data !== null;
283 $this->tpl->setOnScreenMessage(
'failure', $this->
lng->txt(
'form_input_not_valid'));
289 if (
$GLOBALS[
'DIC'][
'ilSetting']->
get(
'auth_mode')) {
290 $defaultAuth =
$GLOBALS[
'DIC'][
'ilSetting']->get(
'auth_mode');
293 $username = $form_data[self::PROP_USERNAME];
294 $email = $form_data[self::PROP_EMAIL];
296 $assistance_callback =
function () use ($defaultAuth, $username, $email):
void {
298 if (!is_numeric($usr_id) || !($usr_id > 0)) {
301 'Could not process password assistance form (reason: no user found) %s / %s',
310 $email_addresses =
array_map(
'strtolower', [$user->getEmail(), $user->getSecondEmail()]);
312 if (!in_array(strtolower($email), $email_addresses,
true)) {
313 if (implode(
'', $email_addresses) ===
'') {
316 'Could not process password assistance form (reason: account without email addresses): %s / %s',
324 'Could not process password assistance form (reason: account email addresses differ from input): %s / %s',
341 'Could not process password assistance form (reason: not permitted for accounts using external authentication sources): %s / %s',
350 'Could not process password assistance form (reason: not permitted for system user or anonymous): %s / %s',
356 $this->sendPasswordAssistanceMail($user);
360 if (($assistance_duration = $this->
settings->get(
'account_assistance_duration')) !== null) {
361 $duration = $this->
http->durations()->callbackDuration((
int) $assistance_duration);
362 $status =
$duration->stretch($assistance_callback);
364 $status = $assistance_callback();
367 $this->
showMessageForm(sprintf($this->
lng->txt(
'pwassist_mail_sent'), $email), self::PERMANENT_LINK_TARGET_PW);
380 private function sendPasswordAssistanceMail(
ilObjUser $userObj):
void 384 require_once __DIR__ .
'/../../../../cli/inc.pwassist_session_handler.php';
387 $pwassist_session[
'pwassist_id'],
396 'lang' => $this->
lng->getLangKey(),
397 'key' => $pwassist_session[
'pwassist_id']
401 $alternative_pwassist_url = $this->
buildUrl(
405 'lang' => $this->
lng->getLangKey(),
406 'key' => $pwassist_session[
'pwassist_id']
411 $senderFactory = $DIC->mail()->mime()->senderFactory();
412 $sender = $senderFactory->system();
415 $mm->Subject($this->
lng->txt(
'pwassist_mail_subject'),
true);
423 $this->
lng->txt(
'pwassist_mail_body'),
428 'mailto:' . $DIC->settings()->get(
'admin_email'),
429 $alternative_pwassist_url
438 $field_factory = $this->ui_factory->input()->field();
440 $key = $field_factory
443 ->withDedicatedName(self::PROP_KEY);
444 if ($pwassist_id !== null) {
445 $key = $key->withValue($pwassist_id);
448 return $this->ui_factory
453 $this->
ctrl->getFormAction($this,
'submitAssignPasswordForm'),
455 $field_factory->section(
457 self::PROP_KEY => $key,
458 self::PROP_USERNAME => $field_factory
459 ->text($this->
lng->txt(
'username'))
461 ->withRequired(
true),
462 self::PROP_PASSWORD => $field_factory
464 $this->
lng->txt(
'password'),
468 ->withRevelation(
true)
469 ->withAdditionalTransformation(
470 $this->
refinery->custom()->constraint(
471 static function (
ILIAS\
Data\Password $value):
bool {
473 trim($value->toString())
477 $problem =
$lng(
'passwd_invalid');
478 $custom_problem = null;
480 trim($value->toString()),
483 $problem = $custom_problem;
490 ->withAdditionalTransformation(
491 $this->
refinery->custom()->transformation(
492 static function (
ILIAS\
Data\Password $value):
string {
493 return trim($value->toString());
498 $this->
lng->txt(
'password_assistance'),
503 ->withSubmitLabel($this->
lng->txt(
'submit'))
520 string $pwassist_id =
'' 522 $this->
help->setSubScreenId(
'password_input');
524 if ($pwassist_id ===
'') {
528 require_once __DIR__ .
'/../../../../cli/inc.pwassist_session_handler.php';
530 if (!is_array($pwassist_session) || $pwassist_session[
'expires'] < time()) {
531 $this->tpl->setOnScreenMessage(
'failure', $this->
lng->txt(
'pwassist_session_expired'));
537 $tpl->
setVariable(
'TXT_PAGEHEADLINE', $this->
lng->txt(
'password_assistance'));
540 $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
542 $this->
lng->txt(
'password_assistance')
547 'TXT_ENTER_USERNAME_AND_NEW_PASSWORD',
548 $this->ui_renderer->render(
549 $this->ui_factory->messageBox()->info($this->
lng->txt(
'pwassist_enter_username_and_new_password'))
553 $tpl->
setVariable(
'FORM', $this->ui_renderer->render($form ?? $this->getAssignPasswordForm($pwassist_id)));
573 if ($this->
http->request()->getMethod() ===
'POST') {
574 $form = $form->withRequest($this->
http->request());
575 $form_data = $form->getData();
576 $form_valid = $form_data !== null;
580 $this->tpl->setOnScreenMessage(
'failure', $this->
lng->txt(
'form_input_not_valid'));
585 $username = $form_data[self::PROP_USERNAME];
586 $password = $form_data[self::PROP_PASSWORD];
587 $pwassist_id = $form_data[self::PROP_KEY];
589 require_once __DIR__ .
'/../../../../cli/inc.pwassist_session_handler.php';
591 if (!is_array($pwassist_session) || $pwassist_session[
'expires'] < time()) {
592 $this->tpl->setOnScreenMessage(
594 str_replace(
"\\n",
'', $this->
lng->txt(
'pwassist_session_expired'))
598 $is_successful =
true;
603 $message = $this->
lng->txt(
'user_does_not_exist');
604 $is_successful =
false;
609 if ($is_successful && strcasecmp($userObj->
getLogin(), $username) !== 0) {
610 $message = $this->
lng->txt(
'pwassist_login_not_match');
611 $is_successful =
false;
615 if ($is_successful &&
617 $message = $this->
lng->txt($error_lng_var);
618 $is_successful =
false;
625 if ($is_successful) {
626 $is_successful = $userObj->
resetPassword($password, $password);
627 if (!$is_successful) {
628 $message = $this->
lng->txt(
'passwd_invalid');
634 if ($is_successful) {
643 if ($is_successful) {
646 $this->ui_renderer->render(
647 $this->ui_factory->messageBox()->info(
648 sprintf($this->
lng->txt(
'pwassist_password_assigned'), $username)
651 self::PERMANENT_LINK_TARGET_PW
654 $this->tpl->setOnScreenMessage(
'failure', str_replace(
"\\n",
'', $message));
662 $field_factory = $this->ui_factory->input()->field();
664 return $this->ui_factory
669 $this->
ctrl->getFormAction($this,
'submitUsernameAssistanceForm'),
671 $field_factory->section(
673 self::PROP_EMAIL => $field_factory
674 ->text($this->
lng->txt(
'email'))
677 ->withAdditionalTransformation($this->
emailTrafo()),
679 $this->
lng->txt(
'username_assistance'),
684 ->withSubmitLabel($this->
lng->txt(
'submit'))
691 $this->
help->setSubScreenId(
'username_assistance');
694 $tpl->
setVariable(
'TXT_PAGEHEADLINE', $this->
lng->txt(
'password_assistance'));
697 $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
699 $this->
lng->txt(
'password_assistance')
704 'TXT_ENTER_USERNAME_AND_EMAIL',
705 $this->ui_renderer->render(
706 $this->ui_factory->messageBox()->info(
711 $this->
lng->txt(
'pwassist_enter_email'),
721 $tpl->
setVariable(
'FORM', $this->ui_renderer->render($form ?? $this->getUsernameAssistanceForm()));
731 if ($this->
http->request()->getMethod() ===
'POST') {
732 $form = $form->withRequest($this->
http->request());
733 $form_data = $form->getData();
734 $form_valid = $form_data !== null;
738 $this->tpl->setOnScreenMessage(
'failure', $this->
lng->txt(
'form_input_not_valid'));
743 $email = trim($form_data[self::PROP_EMAIL]);
745 $assistance_callback =
function () use ($email):
void {
748 if (is_array($logins) && count($logins) > 0) {
753 'Could not sent username assistance emails to (reason: no user found): %s',
760 if (($assistance_duration = $this->
settings->get(
'account_assistance_duration')) !== null) {
761 $duration = $this->
http->durations()->callbackDuration((
int) $assistance_duration);
762 $status =
$duration->stretch($assistance_callback);
764 $status = $assistance_callback();
767 $this->
showMessageForm($this->
lng->txt(
'pwassist_mail_sent_generic'), self::PERMANENT_LINK_TARGET_NAME);
781 'lang' => $this->
lng->getLangKey()
785 $senderFactory = $DIC->mail()->mime()->senderFactory();
786 $sender = $senderFactory->system();
789 $mm->Subject($this->
lng->txt(
'pwassist_mail_subject'),
true);
797 $this->
lng->txt(
'pwassist_username_mail_body'),
798 implode(
",\n", $logins),
802 'mailto:' . $this->
settings->get(
'admin_email'),
813 $tpl->
setVariable(
'TXT_PAGEHEADLINE', $this->
lng->txt(
'password_assistance'));
816 $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
818 $this->
lng->txt(
'password_assistance')
822 $tpl->
setVariable(
'TXT_TEXT', str_replace(
"\\n",
'<br />', $text));
829 $this->tpl->setPermanentLink(
'usr', null, $context);
buildUrl(string $script, array $query_parameters)
static initStartUpTemplate( $a_tmpl, bool $a_show_back=false, bool $a_show_logout=false)
This method enriches the global template with some user interface elements (language selection...
resetPassword(string $raw, string $raw_retype)
Resets the user password.
static appendUrlParameterString(string $a_url, string $a_par, bool $xml_style=false)
static stripSlashesRecursive($a_data, bool $a_strip_html=true, string $a_allow="")
static getLogger(string $a_component_id)
Get component logger.
static is_email(string $a_email, ilMailRfc822AddressParserFactory $mailAddressParserFactory=null)
This preg-based function checks whether an e-mail address is formally valid.
db_pwassist_session_destroy(string $pwassist_id)
db_pwassist_create_id()
Creates a new secure id.
showUsernameAssistanceForm(ILIAS\UI\Component\Input\Container\Form\Form $form=null)
Interface Observer Contains several chained tasks and infos about them.
showAssignPasswordForm(ILIAS\UI\Component\Input\Container\Form\Form $form=null, string $pwassist_id='')
Assign password form.
getUnsafeGetCommands()
This method must return a list of unsafe GET commands.
showAssistanceForm(ILIAS\UI\Component\Input\Container\Form\Form $form=null)
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
saniziteArrayElementsTrafo()
RefineryFactory $refinery
static isPassword(string $a_passwd, ?string &$customError=null)
setVariable(string $variable, $value='')
Sets the given variable to the given value.
static printToGlobalTemplate($tpl)
const PERMANENT_LINK_TARGET_PW
static getUserIdByLogin(string $a_login)
ILIAS UI Factory $ui_factory
static http()
Fetches the global http state from ILIAS.
db_pwassist_session_read(string $pwassist_id)
static getUserLoginsByEmail(string $a_email)
db_pwassist_session_write(string $pwassist_id, int $maxlifetime, int $user_id)
submitUsernameAssistanceForm()
showMessageForm(string $text, string $permanent_link_context)
static isPasswordValidForUserContext(string $clear_text_password, $user, ?string &$error_language_variable=null)
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
static getPasswordRequirementsInfo()
infotext for ilPasswordInputGUI setInfo()
getUsernameAssistanceForm()
fillPermanentLink(string $context)
const PERMANENT_LINK_TARGET_NAME
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
ilGlobalTemplateInterface $tpl
sendUsernameAssistanceMail(string $email, array $logins)
static isLocalPasswordEnabledForAuthMode($a_authmode)
Check if local password validation is enabled for a specific auth_mode.
submitAssignPasswordForm()
The key is used to retrieve the password assistance session.
submitAssistanceForm()
If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address.
getSafePostCommands()
This method must return a list of safe POST commands.
setLastPasswordChangeToNow()
ILIAS UI Renderer $ui_renderer
Interface ilCtrlSecurityInterface provides ilCtrl security information.
getAssignPasswordForm(string $pwassist_id=null)
1.8.13 (using Doxyfile)