ILIAS  trunk Revision v11.0_alpha-2638-g80c1d007f79
class.ilPasswordAssistanceGUI.php
Go to the documentation of this file.
1 <?php
2 
19 declare(strict_types=1);
20 
21 use ILIAS\Refinery\Factory as RefineryFactory;
22 use ILIAS\HTTP\Services as HTTPServices;
23 
24 class ilPasswordAssistanceGUI implements ilCtrlSecurityInterface
25 {
26  private const PERMANENT_LINK_TARGET_PW = 'pwassist';
27  private const PERMANENT_LINK_TARGET_NAME = 'nameassist';
28 
29  private const PROP_USERNAME = 'username';
30  private const PROP_EMAIL = 'email';
31  private const PROP_PASSWORD = 'password';
32  private const PROP_KEY = 'key';
33 
34  private ilCtrlInterface $ctrl;
35  private ilLanguage $lng;
36  private ilRbacReview $rbacreview;
37  private ilGlobalTemplateInterface $tpl;
38  private ilSetting $settings;
39  private ilErrorHandling $ilErr;
40  private RefineryFactory $refinery;
41  private HTTPServices $http;
42  private ilHelpGUI $help;
43  private ILIAS\UI\Factory $ui_factory;
44  private ILIAS\UI\Renderer $ui_renderer;
45  private ilObjUser $actor;
46  private ILIAS\Data\Clock\ClockInterface $clock;
47  private ILIAS\Init\PasswordAssitance\PasswordAssistanceRepository $pwa_repository;
48 
49  public function __construct()
50  {
51  global $DIC;
52 
53  $this->ctrl = $DIC->ctrl();
54  $this->lng = $DIC->language();
55  $this->rbacreview = $DIC->rbac()->review();
56  $this->tpl = $DIC->ui()->mainTemplate();
57  $this->settings = $DIC->settings();
58  $this->ilErr = $DIC['ilErr'];
59  $this->help = $DIC->help();
60  $this->http = $DIC->http();
61  $this->refinery = $DIC->refinery();
62  $this->ui_factory = $DIC->ui()->factory();
63  $this->ui_renderer = $DIC->ui()->renderer();
64  $this->actor = $DIC->user();
65  $this->clock = (new ILIAS\Data\Factory())->clock()->utc();
66  $this->pwa_repository = new \ILIAS\Init\PasswordAssitance\Repository\PasswordAssistanceDbRepository(
67  $DIC->database(),
68  $this->clock
69  );
70  $this->help->setScreenIdComponent('init');
71  }
72 
73  private function retrieveRequestedKey(): string
74  {
75  $key = $this->http->wrapper()->query()->retrieve(
76  'key',
77  $this->refinery->byTrying([
78  $this->refinery->kindlyTo()->string(),
79  $this->refinery->always(
80  $this->http->wrapper()->post()->retrieve(
81  'key',
82  $this->refinery->byTrying([$this->refinery->kindlyTo()->string(), $this->refinery->always('')])
83  )
84  )
85  ])
86  );
87 
88  return $key;
89  }
90 
91  private function getClientId(): string
92  {
93  return CLIENT_ID;
94  }
95 
96  public function executeCommand(): void
97  {
98  // check correct setup
99  if (!$this->settings->get('setup_ok')) {
100  $this->ilErr->raiseError('Setup is not completed. Please run setup routine again.', $this->ilErr->FATAL);
101  }
102 
103  // check hack attempts
104  if (!$this->settings->get('password_assistance')) {
105  $this->ilErr->raiseError($this->lng->txt('permission_denied'), $this->ilErr->MESSAGE);
106  }
107 
108  if ($this->actor->getId() > 0 && !$this->actor->isAnonymous()) {
109  $this->ilErr->raiseError($this->lng->txt('permission_denied'), $this->ilErr->MESSAGE);
110  }
111 
112  $this->lng->loadLanguageModule('pwassist');
113  $cmd = $this->ctrl->getCmd() ?? '';
114  $next_class = $this->ctrl->getNextClass($this);
115 
116  switch ($next_class) {
117  default:
118  if ($cmd !== '' && method_exists($this, $cmd)) {
119  $this->$cmd();
120  return;
121  }
122 
123  if ($this->retrieveRequestedKey() !== '') {
124  $this->showAssignPasswordForm(null, $this->retrieveRequestedKey());
125  } else {
126  $this->showAssistanceForm();
127  }
128  break;
129  }
130  }
131 
132  public function getUnsafeGetCommands(): array
133  {
134  return [];
135  }
136 
137  public function getSafePostCommands(): array
138  {
139  return ['submitAssignPasswordForm'];
140  }
141 
142  private function getBaseUrl(): string
143  {
144  return rtrim(ilUtil::_getHttpPath(), '/');
145  }
146 
150  private function buildUrl(string $script, array $query_parameters): string
151  {
152  $url = implode('/', [
153  $this->getBaseUrl(),
154  ltrim($script, '/')
155  ]);
156 
157  $url = ilUtil::appendUrlParameterString(
158  $url,
159  http_build_query($query_parameters, '', '&')
160  );
161 
162  return $url;
163  }
164 
165  private function emailTrafo(): \ILIAS\Refinery\Transformation
166  {
167  return $this->refinery->custom()->constraint(
168  static function ($value): bool {
169  return is_string($value) && ilUtil::is_email($value);
170  },
171  $this->lng->txt('email_not_valid')
172  );
173  }
174 
175  private function mergeValuesTrafo(): \ILIAS\Refinery\Transformation
176  {
177  return $this->refinery->custom()->transformation(static function (array $values): array {
178  return array_merge(...$values);
179  });
180  }
181 
182  private function saniziteArrayElementsTrafo(): \ILIAS\Refinery\Transformation
183  {
184  return $this->refinery->custom()->transformation(static function (array $values): array {
185  return ilArrayUtil::stripSlashesRecursive($values);
186  });
187  }
188 
189  private function trimIfStringTrafo(): \ILIAS\Refinery\Transformation
190  {
191  return $this->refinery->custom()->transformation(static function ($value) {
192  if (is_string($value)) {
193  $value = trim($value);
194  }
195 
196  return $value;
197  });
198  }
199 
200  private function getAssistanceForm(): ILIAS\UI\Component\Input\Container\Form\Form
201  {
202  $field_factory = $this->ui_factory->input()->field();
203 
204  return $this->ui_factory
205  ->input()
206  ->container()
207  ->form()
208  ->standard(
209  $this->ctrl->getFormAction($this, 'submitAssistanceForm'),
210  [
211  $field_factory->section(
212  [
213  self::PROP_USERNAME => $field_factory
214  ->text($this->lng->txt('username'))
215  ->withAdditionalTransformation($this->trimIfStringTrafo())
216  ->withRequired(true),
217  self::PROP_EMAIL => $field_factory
218  ->text($this->lng->txt('email'))
219  ->withRequired(true)
220  ->withAdditionalTransformation($this->trimIfStringTrafo())
221  ->withAdditionalTransformation($this->emailTrafo()),
222  ],
223  $this->lng->txt('password_assistance'),
224  ''
225  ),
226  ]
227  )
228  ->withSubmitLabel($this->lng->txt('submit'))
229  ->withAdditionalTransformation($this->mergeValuesTrafo())
230  ->withAdditionalTransformation($this->saniziteArrayElementsTrafo());
231  }
232 
233  private function showAssistanceForm(?ILIAS\UI\Component\Input\Container\Form\Form $form = null): void
234  {
235  $this->help->setSubScreenId('password_assistance');
236 
237  $tpl = ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assistance.html', true);
238  $tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
239  $tpl->setVariable(
240  'IMG_PAGEHEADLINE',
241  $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
242  ilUtil::getImagePath('standard/icon_auth.svg'),
243  $this->lng->txt('password_assistance')
244  ))
245  );
246 
247  $tpl->setVariable(
248  'TXT_ENTER_USERNAME_AND_EMAIL',
249  $this->ui_renderer->render(
250  $this->ui_factory->messageBox()->info(
251  str_replace(
252  "\\n",
253  '<br />',
254  sprintf(
255  $this->lng->txt('pwassist_enter_username_and_email'),
256  '<a href="mailto:' . ilLegacyFormElementsUtil::prepareFormOutput(
257  $this->settings->get('admin_email')
258  ) . '">' . ilLegacyFormElementsUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
259  )
260  )
261  )
262  )
263  );
264 
265  $tpl->setVariable('FORM', $this->ui_renderer->render($form ?? $this->getAssistanceForm()));
266  $this->fillPermanentLink(self::PERMANENT_LINK_TARGET_PW);
267  ilStartUpGUI::printToGlobalTemplate($tpl);
268  }
269 
277  private function submitAssistanceForm(): void
278  {
279  $form = $this->getAssistanceForm();
280  $form_valid = false;
281  $form_data = null;
282  if ($this->http->request()->getMethod() === 'POST') {
283  $form = $form->withRequest($this->http->request());
284  $form_data = $form->getData();
285  $form_valid = $form_data !== null;
286  }
287 
288  if (!$form_valid) {
289  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('form_input_not_valid'));
290  $this->showAssistanceForm($form);
291  return;
292  }
293 
294  $defaultAuth = ilAuthUtils::AUTH_LOCAL;
295  if ($GLOBALS['DIC']['ilSetting']->get('auth_mode')) {
296  $defaultAuth = $GLOBALS['DIC']['ilSetting']->get('auth_mode');
297  }
298 
299  $username = $form_data[self::PROP_USERNAME];
300  $email = $form_data[self::PROP_EMAIL];
301 
302  $assistance_callback = function () use ($defaultAuth, $username, $email): void {
303  $usr_id = ilObjUser::getUserIdByLogin($username);
304  if (!is_numeric($usr_id) || !($usr_id > 0)) {
305  ilLoggerFactory::getLogger('usr')->info(
306  sprintf(
307  'Could not process password assistance form (reason: no user found) %s / %s',
308  $username,
309  $email
310  )
311  );
312  return;
313  }
314 
315  $user = new ilObjUser($usr_id);
316  $email_addresses = array_map('strtolower', [$user->getEmail(), $user->getSecondEmail()]);
317 
318  if (!in_array(strtolower($email), $email_addresses, true)) {
319  if (implode('', $email_addresses) === '') {
320  ilLoggerFactory::getLogger('usr')->info(
321  sprintf(
322  'Could not process password assistance form (reason: account without email addresses): %s / %s',
323  $username,
324  $email
325  )
326  );
327  } else {
328  ilLoggerFactory::getLogger('usr')->info(
329  sprintf(
330  'Could not process password assistance form (reason: account email addresses differ from input): %s / %s',
331  $username,
332  $email
333  )
334  );
335  }
336  } elseif (
337  (
338  $user->getAuthMode(true) != ilAuthUtils::AUTH_LOCAL ||
339  ($user->getAuthMode(true) == $defaultAuth && $defaultAuth != ilAuthUtils::AUTH_LOCAL)
340  ) && !(
341  (int) $user->getAuthMode(true) === ilAuthUtils::AUTH_SAML &&
342  \ilAuthUtils::isLocalPasswordEnabledForAuthMode($user->getAuthMode(true))
343  )
344  ) {
345  ilLoggerFactory::getLogger('usr')->info(
346  sprintf(
347  'Could not process password assistance form (reason: not permitted for accounts using external authentication sources): %s / %s',
348  $username,
349  $email
350  )
351  );
352  } elseif ($this->rbacreview->isAssigned($user->getId(), ANONYMOUS_ROLE_ID) ||
353  $this->rbacreview->isAssigned($user->getId(), SYSTEM_ROLE_ID)) {
354  ilLoggerFactory::getLogger('usr')->info(
355  sprintf(
356  'Could not process password assistance form (reason: not permitted for system user or anonymous): %s / %s',
357  $username,
358  $email
359  )
360  );
361  } else {
362  $this->sendPasswordAssistanceMail($user);
363  }
364  };
365 
366  if (($assistance_duration = $this->settings->get('account_assistance_duration')) !== null) {
367  $duration = $this->http->durations()->callbackDuration((int) $assistance_duration);
368  $status = $duration->stretch($assistance_callback);
369  } else {
370  $status = $assistance_callback();
371  }
372 
373  $this->showMessageForm(sprintf($this->lng->txt('pwassist_mail_sent'), $email), self::PERMANENT_LINK_TARGET_PW);
374  }
375 
386  private function sendPasswordAssistanceMail(ilObjUser $userObj): void
387  {
388  global $DIC;
389 
390  $session = $this->pwa_repository->createSession(
391  $this->pwa_repository->generateHash(),
392  new \ILIAS\Data\ObjectId($userObj->getId())
393  );
394 
395  $pwassist_url = $this->buildUrl(
396  'pwassist.php',
397  [
398  'client_id' => $this->getClientId(),
399  'lang' => $this->lng->getLangKey(),
400  'key' => $session->hash()->value()
401  ]
402  );
403 
404  $alternative_pwassist_url = $this->buildUrl(
405  'pwassist.php',
406  [
407  'client_id' => $this->getClientId(),
408  'lang' => $this->lng->getLangKey(),
409  'key' => $session->hash()->value()
410  ]
411  );
412 
414  $senderFactory = $DIC->mail()->mime()->senderFactory();
415  $sender = $senderFactory->system();
416 
417  $mm = new ilMimeMail();
418  $mm->Subject($this->lng->txt('pwassist_mail_subject'), true);
419  $mm->From($sender);
420  $mm->To($userObj->getEmail());
421  $mm->Body(
422  str_replace(
423  ["\\n", "\\t"],
424  ["\n", "\t"],
425  sprintf(
426  $this->lng->txt('pwassist_mail_body'),
427  $pwassist_url,
428  $this->getBaseUrl() . '/',
429  $_SERVER['REMOTE_ADDR'],
430  $userObj->getLogin(),
431  'mailto:' . $DIC->settings()->get('admin_email'),
432  $alternative_pwassist_url
433  )
434  )
435  );
436  $mm->Send();
437  }
438 
439  private function getAssignPasswordForm(?string $pwassist_id = null): ILIAS\UI\Component\Input\Container\Form\Form
440  {
441  $field_factory = $this->ui_factory->input()->field();
442 
443  $key = $field_factory
444  ->hidden()
445  ->withRequired(true)
446  ->withDedicatedName(self::PROP_KEY);
447  if ($pwassist_id !== null) {
448  $key = $key->withValue($pwassist_id);
449  }
450 
451  return $this->ui_factory
452  ->input()
453  ->container()
454  ->form()
455  ->standard(
456  $this->ctrl->getFormAction($this, 'submitAssignPasswordForm'),
457  [
458  $field_factory->section(
459  [
460  self::PROP_KEY => $key,
461  self::PROP_USERNAME => $field_factory
462  ->text($this->lng->txt('username'))
463  ->withAdditionalTransformation($this->trimIfStringTrafo())
464  ->withRequired(true),
465  self::PROP_PASSWORD => $field_factory
466  ->password(
467  $this->lng->txt('password'),
468  ilSecuritySettingsChecker::getPasswordRequirementsInfo()
469  )
470  ->withRequired(true)
471  ->withRevelation(true)
472  ->withAdditionalTransformation(
473  $this->refinery->custom()->constraint(
474  static function (ILIAS\Data\Password $value): bool {
475  return ilSecuritySettingsChecker::isPassword(
476  trim($value->toString())
477  );
478  },
479  static function (Closure $lng, ILIAS\Data\Password $value): string {
480  $problem = $lng('passwd_invalid');
481  $custom_problem = null;
482  if (!ilSecuritySettingsChecker::isPassword(
483  trim($value->toString()),
484  $custom_problem
485  )) {
486  $problem = $custom_problem;
487  }
488 
489  return $problem;
490  }
491  )
492  )
493  ->withAdditionalTransformation(
494  $this->refinery->custom()->transformation(
495  static function (ILIAS\Data\Password $value): string {
496  return trim($value->toString());
497  }
498  )
499  ),
500  ],
501  $this->lng->txt('password_assistance'),
502  ''
503  ),
504  ]
505  )
506  ->withSubmitLabel($this->lng->txt('submit'))
507  ->withAdditionalTransformation($this->mergeValuesTrafo())
508  ->withAdditionalTransformation($this->saniziteArrayElementsTrafo());
509  }
510 
521  private function showAssignPasswordForm(
522  ?ILIAS\UI\Component\Input\Container\Form\Form $form = null,
523  string $pwassist_id = ''
524  ): void {
525  $this->help->setSubScreenId('password_input');
526 
527  if ($pwassist_id === '') {
528  $pwassist_id = $this->retrieveRequestedKey();
529  }
530 
531  $result = $this->pwa_repository->getSessionByHash(
532  new \ILIAS\Init\PasswordAssitance\ValueObject\PasswordAssistanceHash($pwassist_id)
533  );
534  if ($result->isError()) {
535  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('pwassist_session_expired'));
536  $this->showAssistanceForm(null);
537  return;
538  }
539 
541  $session = $result->value();
542  if ($session->isExpired($this->clock)) {
543  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('pwassist_session_expired'));
544  $this->showAssistanceForm(null);
545  return;
546  }
547 
548  $tpl = ilStartUpGUI::initStartUpTemplate('tpl.pwassist_assignpassword.html', true);
549  $tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
550  $tpl->setVariable(
551  'IMG_PAGEHEADLINE',
552  $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
553  ilUtil::getImagePath('standard/icon_auth.svg'),
554  $this->lng->txt('password_assistance')
555  ))
556  );
557 
558  $tpl->setVariable(
559  'TXT_ENTER_USERNAME_AND_NEW_PASSWORD',
560  $this->ui_renderer->render(
561  $this->ui_factory->messageBox()->info($this->lng->txt('pwassist_enter_username_and_new_password'))
562  )
563  );
564 
565  $tpl->setVariable('FORM', $this->ui_renderer->render($form ?? $this->getAssignPasswordForm($pwassist_id)));
566  $this->fillPermanentLink(self::PERMANENT_LINK_TARGET_PW);
567  ilStartUpGUI::printToGlobalTemplate($tpl);
568  }
569 
580  private function submitAssignPasswordForm(): void
581  {
582  $form = $this->getAssignPasswordForm();
583  $form_valid = false;
584  $form_data = null;
585  if ($this->http->request()->getMethod() === 'POST') {
586  $form = $form->withRequest($this->http->request());
587  $form_data = $form->getData();
588  $form_valid = $form_data !== null;
589  }
590 
591  if (!$form_valid) {
592  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('form_input_not_valid'));
593  $this->showAssistanceForm($form);
594  return;
595  }
596 
597  $username = $form_data[self::PROP_USERNAME];
598  $password = $form_data[self::PROP_PASSWORD];
599  $pwassist_id = $form_data[self::PROP_KEY];
600 
601  $result = $this->pwa_repository->getSessionByHash(
602  new \ILIAS\Init\PasswordAssitance\ValueObject\PasswordAssistanceHash($pwassist_id)
603  );
604  if ($result->isError()) {
605  $this->tpl->setOnScreenMessage(
606  'failure',
607  str_replace("\\n", '', $this->lng->txt('pwassist_session_expired'))
608  );
609  $this->showAssistanceForm($form);
610  return;
611  }
612 
614  $session = $result->value();
615  if ($session->isExpired($this->clock)) {
616  $this->tpl->setOnScreenMessage(
617  'failure',
618  str_replace("\\n", '', $this->lng->txt('pwassist_session_expired'))
619  );
620  $this->showAssistanceForm($form);
621  return;
622  }
623 
624  $is_successful = true;
625  $message = '';
626 
628  $userObj = ilObjectFactory::getInstanceByObjId($session->usrId()->toInt(), false);
629  if (!($userObj instanceof ilObjUser)) {
630  $message = $this->lng->txt('user_does_not_exist');
631  $is_successful = false;
632  }
633 
634  // check if the username entered by the user matches the
635  // one of the user object.
636  if ($is_successful && strcasecmp($userObj->getLogin(), $username) !== 0) {
637  $message = $this->lng->txt('pwassist_login_not_match');
638  $is_successful = false;
639  }
640 
641  $error_lng_var = '';
642  if ($is_successful &&
643  !ilSecuritySettingsChecker::isPasswordValidForUserContext($password, $userObj, $error_lng_var)) {
644  $message = $this->lng->txt($error_lng_var);
645  $is_successful = false;
646  }
647 
648  // End of validation
649  // If the validation was successful, we change the password of the
650  // user.
651  // ------------------
652  if ($is_successful) {
653  $is_successful = $userObj->resetPassword($password, $password);
654  if (!$is_successful) {
655  $message = $this->lng->txt('passwd_invalid');
656  }
657  }
658 
659  // If we are successful so far, we update the user object.
660  // ------------------
661  if ($is_successful) {
662  $userObj->setLastPasswordChangeToNow();
663  $userObj->update();
664  }
665 
666  // If we are successful, we destroy the password assistance
667  // session and redirect to the login page.
668  // Else we display the form again along with an error message.
669  // ------------------
670  if ($is_successful) {
671  $this->pwa_repository->deleteSession($session);
672  $this->showMessageForm(
673  $this->ui_renderer->render(
674  $this->ui_factory->messageBox()->info(
675  sprintf($this->lng->txt('pwassist_password_assigned'), $username)
676  )
677  ),
678  self::PERMANENT_LINK_TARGET_PW
679  );
680  } else {
681  $this->tpl->setOnScreenMessage('failure', str_replace("\\n", '', $message));
682  $this->showAssignPasswordForm($form, $pwassist_id);
683  }
684  }
685 
686  private function getUsernameAssistanceForm(): ILIAS\UI\Component\Input\Container\Form\Form
687  {
688  $field_factory = $this->ui_factory->input()->field();
689 
690  return $this->ui_factory
691  ->input()
692  ->container()
693  ->form()
694  ->standard(
695  $this->ctrl->getFormAction($this, 'submitUsernameAssistanceForm'),
696  [
697  $field_factory->section(
698  [
699  self::PROP_EMAIL => $field_factory
700  ->text($this->lng->txt('email'))
701  ->withRequired(true)
702  ->withAdditionalTransformation($this->trimIfStringTrafo())
703  ->withAdditionalTransformation($this->emailTrafo()),
704  ],
705  $this->lng->txt('username_assistance'),
706  ''
707  ),
708  ]
709  )
710  ->withSubmitLabel($this->lng->txt('submit'))
711  ->withAdditionalTransformation($this->mergeValuesTrafo())
712  ->withAdditionalTransformation($this->saniziteArrayElementsTrafo());
713  }
714 
715  private function showUsernameAssistanceForm(?ILIAS\UI\Component\Input\Container\Form\Form $form = null): void
716  {
717  $this->help->setSubScreenId('username_assistance');
718 
719  $tpl = ilStartUpGUI::initStartUpTemplate('tpl.pwassist_username_assistance.html', true);
720  $tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
721  $tpl->setVariable(
722  'IMG_PAGEHEADLINE',
723  $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
724  ilUtil::getImagePath('standard/icon_auth.svg'),
725  $this->lng->txt('password_assistance')
726  ))
727  );
728 
729  $tpl->setVariable(
730  'TXT_ENTER_USERNAME_AND_EMAIL',
731  $this->ui_renderer->render(
732  $this->ui_factory->messageBox()->info(
733  str_replace(
734  "\\n",
735  '<br />',
736  sprintf(
737  $this->lng->txt('pwassist_enter_email'),
738  '<a href="mailto:' . ilLegacyFormElementsUtil::prepareFormOutput(
739  $this->settings->get('admin_email')
740  ) . '">' . ilLegacyFormElementsUtil::prepareFormOutput($this->settings->get('admin_email')) . '</a>'
741  )
742  )
743  )
744  )
745  );
746 
747  $tpl->setVariable('FORM', $this->ui_renderer->render($form ?? $this->getUsernameAssistanceForm()));
748  $this->fillPermanentLink(self::PERMANENT_LINK_TARGET_NAME);
749  ilStartUpGUI::printToGlobalTemplate($tpl);
750  }
751 
752  private function submitUsernameAssistanceForm(): void
753  {
754  $form = $this->getUsernameAssistanceForm();
755  $form_valid = false;
756  $form_data = null;
757  if ($this->http->request()->getMethod() === 'POST') {
758  $form = $form->withRequest($this->http->request());
759  $form_data = $form->getData();
760  $form_valid = $form_data !== null;
761  }
762 
763  if (!$form_valid) {
764  $this->tpl->setOnScreenMessage('failure', $this->lng->txt('form_input_not_valid'));
765  $this->showUsernameAssistanceForm($form);
766  return;
767  }
768 
769  $email = trim($form_data[self::PROP_EMAIL]);
770 
771  $assistance_callback = function () use ($email): void {
772  $logins = ilObjUser::getUserLoginsByEmail($email);
773 
774  if (is_array($logins) && count($logins) > 0) {
775  $this->sendUsernameAssistanceMail($email, $logins);
776  } else {
777  ilLoggerFactory::getLogger('usr')->info(
778  sprintf(
779  'Could not sent username assistance emails to (reason: no user found): %s',
780  $email
781  )
782  );
783  }
784  };
785 
786  if (($assistance_duration = $this->settings->get('account_assistance_duration')) !== null) {
787  $duration = $this->http->durations()->callbackDuration((int) $assistance_duration);
788  $status = $duration->stretch($assistance_callback);
789  } else {
790  $status = $assistance_callback();
791  }
792 
793  $this->showMessageForm($this->lng->txt('pwassist_mail_sent_generic'), self::PERMANENT_LINK_TARGET_NAME);
794  }
795 
799  private function sendUsernameAssistanceMail(string $email, array $logins): void
800  {
801  global $DIC;
802 
803  $login_url = $this->buildUrl(
804  'pwassist.php',
805  [
806  'client_id' => $this->getClientId(),
807  'lang' => $this->lng->getLangKey()
808  ]
809  );
810 
811  $senderFactory = $DIC->mail()->mime()->senderFactory();
812  $sender = $senderFactory->system();
813 
814  $mm = new ilMimeMail();
815  $mm->Subject($this->lng->txt('pwassist_mail_subject'), true);
816  $mm->From($sender);
817  $mm->To($email);
818  $mm->Body(
819  str_replace(
820  ["\\n", "\\t"],
821  ["\n", "\t"],
822  sprintf(
823  $this->lng->txt('pwassist_username_mail_body'),
824  implode(",\n", $logins),
825  $this->getBaseUrl() . '/',
826  $_SERVER['REMOTE_ADDR'],
827  $email,
828  'mailto:' . $this->settings->get('admin_email'),
829  $login_url
830  )
831  )
832  );
833  $mm->Send();
834  }
835 
836  private function showMessageForm(string $text, string $permanent_link_context): void
837  {
838  $tpl = ilStartUpGUI::initStartUpTemplate('tpl.pwassist_message.html', true);
839  $tpl->setVariable('TXT_PAGEHEADLINE', $this->lng->txt('password_assistance'));
840  $tpl->setVariable(
841  'IMG_PAGEHEADLINE',
842  $this->ui_renderer->render($this->ui_factory->symbol()->icon()->custom(
843  ilUtil::getImagePath('standard/icon_auth.svg'),
844  $this->lng->txt('password_assistance')
845  ))
846  );
847 
848  $tpl->setVariable('TXT_TEXT', str_replace("\\n", '<br />', $text));
849  $this->fillPermanentLink($permanent_link_context);
850  ilStartUpGUI::printToGlobalTemplate($tpl);
851  }
852 
853  private function fillPermanentLink(string $context): void
854  {
855  $this->tpl->setPermanentLink('usr', null, $context);
856  }
857 }
ilPasswordAssistanceGUI\buildUrl
buildUrl(string $script, array $query_parameters)
Definition: class.ilPasswordAssistanceGUI.php:150
ilStartUpGUI\initStartUpTemplate
static initStartUpTemplate( $a_tmpl, bool $a_show_back=false, bool $a_show_logout=false)
This method enriches the global template with some user interface elements (language selection...
Definition: class.ilStartUpGUI.php:1578
ilObjUser\resetPassword
resetPassword(string $raw, string $raw_retype)
Resets the user password.
Definition: class.ilObjUser.php:780
ilUtil\appendUrlParameterString
static appendUrlParameterString(string $a_url, string $a_par, bool $xml_style=false)
Definition: class.ilUtil.php:376
ilArrayUtil\stripSlashesRecursive
static stripSlashesRecursive($a_data, bool $a_strip_html=true, string $a_allow="")
Definition: class.ilArrayUtil.php:60
$context
$context
Definition: webdav.php:31
ilLoggerFactory\getLogger
static getLogger(string $a_component_id)
Get component logger.
Definition: class.ilLoggerFactory.php:89
ILIAS
Interface Observer Contains several chained tasks and infos about them.
Definition: AccessControl.php:21
array_map
SYSTEM_ROLE_ID
const SYSTEM_ROLE_ID
Definition: constants.php:29
ilPasswordAssistanceGUI\getUnsafeGetCommands
getUnsafeGetCommands()
This method must return a list of unsafe GET commands.
Definition: class.ilPasswordAssistanceGUI.php:132
ilHelpGUI
Help GUI class.
Definition: class.ilHelpGUI.php:28
ilPasswordAssistanceGUI\$clock
ILIAS Data Clock ClockInterface $clock
Definition: class.ilPasswordAssistanceGUI.php:46
ilSecuritySettingsChecker\isPassword
static isPassword(string $a_passwd, ?string &$customError=null)
Definition: class.ilSecuritySettingsChecker.php:26
ilPasswordAssistanceGUI\$pwa_repository
ILIAS Init PasswordAssitance PasswordAssistanceRepository $pwa_repository
Definition: class.ilPasswordAssistanceGUI.php:47
$url
$url
Definition: shib_logout.php:68
ilLegacyFormElementsUtil\prepareFormOutput
static prepareFormOutput($a_str, bool $a_strip=false)
Definition: class.ilLegacyFormElementsUtil.php:37
ILIAS\UICore\GlobalTemplate\setVariable
setVariable(string $variable, $value='')
Sets the given variable to the given value.
$duration
$duration
Definition: LOMStructure.php:54
ilStartUpGUI\printToGlobalTemplate
static printToGlobalTemplate($tpl)
Definition: class.ilStartUpGUI.php:356
ilUtil\is_email
static is_email(string $a_email, ?ilMailRfc822AddressParserFactory $mailAddressParserFactory=null)
This preg-based function checks whether an e-mail address is formally valid.
Definition: class.ilUtil.php:274
null
while($session_entry=$r->fetchRow(ilDBConstants::FETCHMODE_ASSOC)) return null
Definition: shib_logout.php:144
ilPasswordAssistanceGUI\getAssignPasswordForm
getAssignPasswordForm(?string $pwassist_id=null)
Definition: class.ilPasswordAssistanceGUI.php:439
ilObjUser\getUserIdByLogin
static getUserIdByLogin(string $a_login)
Definition: class.ilObjUser.php:2078
ilAuthUtils\AUTH_LOCAL
const int AUTH_LOCAL
Definition: class.ilAuthUtils.php:27
ILIAS\FileDelivery\http
static http()
Fetches the global http state from ILIAS.
Definition: HttpServiceAware.php:55
$GLOBALS
$GLOBALS["DIC"]
Definition: wac.php:53
ilObjUser\getUserLoginsByEmail
static getUserLoginsByEmail(string $a_email)
Definition: class.ilObjUser.php:2110
Factory
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
$_SERVER
$_SERVER['HTTP_HOST']
Definition: raiseError.php:26
ilPasswordAssistanceGUI\showMessageForm
showMessageForm(string $text, string $permanent_link_context)
Definition: class.ilPasswordAssistanceGUI.php:836
ilSecuritySettingsChecker\isPasswordValidForUserContext
static isPasswordValidForUserContext(string $clear_text_password, $user, ?string &$error_language_variable=null)
Definition: class.ilSecuritySettingsChecker.php:152
CLIENT_ID
const CLIENT_ID
Definition: constants.php:41
$DIC
global $DIC
Definition: shib_login.php:26
ilUtil\getImagePath
static getImagePath(string $image_name, string $module_path="", string $mode="output", bool $offline=false)
get image path (for images located in a template directory)
Definition: class.ilUtil.php:68
ilPasswordAssistanceGUI\showAssistanceForm
showAssistanceForm(?ILIAS\UI\Component\Input\Container\Form\Form $form=null)
Definition: class.ilPasswordAssistanceGUI.php:233
ilSecuritySettingsChecker\getPasswordRequirementsInfo
static getPasswordRequirementsInfo()
infotext for ilPasswordInputGUI setInfo()
Definition: class.ilSecuritySettingsChecker.php:190
ilPasswordAssistanceGUI\showUsernameAssistanceForm
showUsernameAssistanceForm(?ILIAS\UI\Component\Input\Container\Form\Form $form=null)
Definition: class.ilPasswordAssistanceGUI.php:715
ilObjectFactory\getInstanceByObjId
static getInstanceByObjId(?int $obj_id, bool $stop_on_error=true)
get an instance of an Ilias object by object id
Definition: class.ilObjectFactory.php:84
ilPasswordAssistanceGUI\sendUsernameAssistanceMail
sendUsernameAssistanceMail(string $email, array $logins)
Definition: class.ilPasswordAssistanceGUI.php:799
ANONYMOUS_ROLE_ID
const ANONYMOUS_ROLE_ID
Definition: constants.php:28
ilAuthUtils\isLocalPasswordEnabledForAuthMode
static isLocalPasswordEnabledForAuthMode($a_authmode)
Check if local password validation is enabled for a specific auth_mode.
Definition: class.ilAuthUtils.php:538
ilUtil\_getHttpPath
static _getHttpPath()
Definition: class.ilUtil.php:1323
ilPasswordAssistanceGUI\submitAssistanceForm
submitAssistanceForm()
If the submitted username and email address matches an entry in the user data table, then ILIAS creates a password assistance session for the user, and sends a password assistance mail to the email address.
Definition: class.ilPasswordAssistanceGUI.php:277
ilPasswordAssistanceGUI\getSafePostCommands
getSafePostCommands()
This method must return a list of safe POST commands.
Definition: class.ilPasswordAssistanceGUI.php:137
$message
$message
Definition: xapiexit.php:31
ilObjUser\setLastPasswordChangeToNow
setLastPasswordChangeToNow()
Definition: class.ilObjUser.php:1908
ilCtrlSecurityInterface
This file is part of ILIAS, a powerful learning management system published by ILIAS open source e-Le...
Definition: interface.ilCtrlSecurityInterface.php:29
ilAuthUtils\AUTH_SAML
const int AUTH_SAML
Definition: class.ilAuthUtils.php:35