Skip to content

Commit

Permalink
Invitation link for new user (#4935)
Browse files Browse the repository at this point in the history 
* [Improvement] Send Invitation link for new user - Add action & UI

* [Improvement] Send Invitation link for new user - Add translations

* [Improvement] Send Invitation link for new user - change temporary link time to 24hrs

* [Improvement] Send Invitation link for new user - move action to User controller
  • Loading branch information
@dvesh3 @brusch
dvesh3 authored and brusch committed Sep 4, 2019
1 parent eb56eae commit 5a182cd
Show file tree
Hide file tree
Showing 5 changed files with 117 additions and 4 deletions.
2 changes: 1 addition & 1 deletion bundles/AdminBundle/Controller/Admin/LoginController.php
View file
Expand Up @@ -155,7 +155,7 @@ public function lostpasswordAction(Request $request, BruteforceProtectionHandler
if ($event->getSendMail()) {
$mail = Tool::getMail([$user->getEmail()], 'Pimcore lost password service');
$mail->setIgnoreDebugMode(true);
$mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 30 minutes: \r\n\r\n" . $loginUrl);
$mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 24 hours: \r\n\r\n" . $loginUrl);
$mail->send();
}

Expand Down
63 changes: 63 additions & 0 deletions bundles/AdminBundle/Controller/Admin/UserController.php
View file
Expand Up @@ -29,6 +29,7 @@
use Symfony\Component\HttpKernel\Event\FilterControllerEvent;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;

class UserController extends AdminController implements EventedControllerInterface
{
Expand Down Expand Up @@ -1097,4 +1098,66 @@ public function getDefaultKeyBindingsAction(Request $request)

return $this->adminJson(['success' => true, 'data' => $data]);
}

/**
* @Route("/user/invitationlink", methods={"POST"})
*
* @param Request $request
*
* @return \Pimcore\Bundle\AdminBundle\HttpFoundation\JsonResponse
* @throws \Exception
*/
public function invitationLinkAction(Request $request)
{
$success = false;
$message = "";

if ($username = $request->get('username')) {
$user = User::getByName($username);
if ($user instanceof User) {
if (!$user->isActive()) {
$message .= 'User inactive <br />';
}

if (!$user->getEmail()) {
$message .= 'User has no email address <br />';
}
} else {
$message .= 'User unknown <br />';
}

if (empty($message)) {
//generate random password if user has no password
if (!$user->getPassword()) {
$user->setPassword(md5(uniqid()));
$user->save();
}

$token = Tool\Authentication::generateToken($username, $user->getPassword());

$loginUrl = $this->generateUrl('pimcore_admin_login_check', [
'username' => $username,
'token' => $token,
'reset' => 'true'
], UrlGeneratorInterface::ABSOLUTE_URL);

try {
$mail = Tool::getMail([$user->getEmail()], 'Pimcore login invitation for ' . Tool::getHostname());
$mail->setIgnoreDebugMode(true);
$mail->setBodyText("Login to pimcore and change your password using the following link. This temporary login link will expire in 24 hours: \r\n\r\n" . $loginUrl);
$res = $mail->send();

$success = true;
$message = sprintf($this->trans("invitation_link_sent"),$user->getEmail());
} catch (\Exception $e) {
$message .= 'could not send email';
}
}
}

return $this->adminJson([
'success' => $success,
'message' => $message
]);
}
}
49 changes: 48 additions & 1 deletion bundles/AdminBundle/Resources/public/js/pimcore/settings/user/user/settings.js
View file
Expand Up @@ -184,14 +184,61 @@ pimcore.settings.user.user.settings = Class.create({
value: this.currentUser.lastname,
width: 400
});
generalItems.push({

var emailField = new Ext.form.field.Text({
xtype: "textfield",
fieldLabel: t("email"),
name: "email",
value: this.currentUser.email,
width: 400
});

generalItems.push({
xtype: "fieldcontainer",
layout: 'hbox',

items: [emailField,
{
text: t("send_invitation_link"),
xtype: "button",
style: "margin-left: 8px",
iconCls: "pimcore_nav_icon_email",
hidden: (this.currentUser.lastLogin > 0) || (user.id == this.currentUser.id),
handler: function () {
Ext.Ajax.request({
url: "/admin/user/invitationlink",
method: 'POST',
ignoreErrors: true,
params: {
username: this.currentUser.name
},
success: function (response) {
var res = Ext.decode(response.responseText);
if (res.success) {
Ext.MessageBox.alert(t('invitation_sent'), res.message);
} else {
Ext.MessageBox.alert(t('error'), res.message);
}
}.bind(this),
failure: function (response) {
var message = t("error_general");

try {
var json = Ext.decode(response.responseText);
if (json.message) {

message = json.message;
}
} catch (e) {}

pimcore.helpers.showNotification(t("error"), message, "error");
}
});
}.bind(this)
}
]
});

generalItems.push({
xtype: 'combo',
fieldLabel: t('language'),
Expand Down
5 changes: 4 additions & 1 deletion bundles/CoreBundle/Resources/translations/en.extended.json
View file
Expand Up @@ -709,5 +709,8 @@
"enable_admin_async_load": "Enable Async Load in Admin",
"async_loading_warning_block": "WARNING: Async Loading is NOT possible within Localized Fields and Blocks",
"activate_column_configuration": "Activate Column Configuration",
"table_column_configuration": "Column Configuration"
"table_column_configuration": "Column Configuration",
"send_invitation_link": "Send Invitation Link",
"invitation_sent": "Login Invitation sent",
"invitation_link_sent": "A temporary login link has been sent to email address: \"%s\" "
}
2 changes: 1 addition & 1 deletion lib/Tool/Authentication.php
View file
Expand Up @@ -141,7 +141,7 @@ public static function authenticateToken($username, $token, $adminRequired = fal
$timeZone = date_default_timezone_get();
date_default_timezone_set('UTC');

if ($timestamp > time() or $timestamp < (time() - (60 * 30))) {
if ($timestamp > time() or $timestamp < (time() - (60 * 60 * 24))) {
return null;
}
date_default_timezone_set($timeZone);
Expand Down

0 comments on commit 5a182cd

Please sign in to comment.