- Модуль: socialservices
- Путь к файлу: ~/bitrix/modules/socialservices/classes/general/authmanager.php
- Класс: for
- Вызов: for::AuthorizeUser
public function AuthorizeUser($socservUserFields, $bSave = false)
{
global $USER, $APPLICATION;
foreach(GetModuleEvents("socialservices", "OnBeforeSocServUserAuthorize", true) as $arEvent)
{
$errorCode = SOCSERV_AUTHORISATION_ERROR;
if(ExecuteModuleEventEx($arEvent, array($this, &$socservUserFields, &$errorCode)) === false)
{
return $errorCode;
}
}
if(!isset($socservUserFields['XML_ID']) || $socservUserFields['XML_ID'] == '')
{
return false;
}
if(!isset($socservUserFields['EXTERNAL_AUTH_ID']) || $socservUserFields['EXTERNAL_AUTH_ID'] == '')
{
return false;
}
$oauthKeys = array();
if(isset($socservUserFields["OATOKEN"]))
{
$oauthKeys["OATOKEN"] = $socservUserFields["OATOKEN"];
}
if(isset($socservUserFields["REFRESH_TOKEN"]) && $socservUserFields["REFRESH_TOKEN"] !== '')
{
$oauthKeys["REFRESH_TOKEN"] = $socservUserFields["REFRESH_TOKEN"];
}
if(isset($socservUserFields["OATOKEN_EXPIRES"]))
{
$oauthKeys["OATOKEN_EXPIRES"] = $socservUserFields["OATOKEN_EXPIRES"];
}
$errorCode = SOCSERV_AUTHORISATION_ERROR;
$dbSocUser = UserTable::getList(array(
'filter' => array(
'=XML_ID'=>$socservUserFields['XML_ID'],
'=EXTERNAL_AUTH_ID'=>$socservUserFields['EXTERNAL_AUTH_ID']
),
'select' => array("ID", "USER_ID", "ACTIVE" => "USER.ACTIVE", "PERSONAL_PHOTO"),
));
$socservUser = $dbSocUser->fetch();
if($USER->IsAuthorized())
{
if(!$this->checkRestrictions || !self::isSplitDenied())
{
if(!$socservUser)
{
$socservUserFields["USER_ID"] = $USER->GetID();
$result = UserTable::add(UserTable::filterFields($socservUserFields));
$id = $result->getId();
}
else
{
$id = $socservUser['ID'];
// socservice link split
if($socservUser['USER_ID'] != $USER->GetID())
{
if($this->allowChangeOwner)
{
$dbSocUser = UserTable::getList(array(
'filter' => array(
'=USER_ID' => $USER->GetID(),
'=EXTERNAL_AUTH_ID' => $socservUserFields['EXTERNAL_AUTH_ID']
),
'select' => array("ID")
));
if($dbSocUser->fetch())
{
return SOCSERV_AUTHORISATION_ERROR;
}
else
{
$oauthKeys['USER_ID'] = $USER->GetID();
$oauthKeys['CAN_DELETE'] = 'Y';
}
}
else
{
return SOCSERV_AUTHORISATION_ERROR;
}
}
}
if($_SESSION["OAUTH_DATA"] && is_array($_SESSION["OAUTH_DATA"]))
{
$oauthKeys = array_merge($oauthKeys, $_SESSION['OAUTH_DATA']);
unset($_SESSION["OAUTH_DATA"]);
}
UserTable::update($id, $oauthKeys);
}
else
{
return SOCSERV_REGISTRATION_DENY;
}
}
else
{
$entryId = 0;
$USER_ID = 0;
if($socservUser)
{
$entryId = $socservUser['ID'];
if($socservUser["ACTIVE"] === 'Y')
{
$USER_ID = $socservUser["USER_ID"];
}
}
else
{
foreach(GetModuleEvents('socialservices', 'OnFindSocialservicesUser', true) as $event)
{
$eventResult = ExecuteModuleEventEx($event, array(&$socservUserFields));
if($eventResult > 0)
{
$USER_ID = $eventResult;
break;
}
}
if(!$USER_ID)
{
if ($this->isAllowedRegisterNewUser())
{
$socservUserFields['PASSWORD'] = randString(30); //not necessary but...
$socservUserFields['LID'] = SITE_ID;
$def_group = Option::get('main', 'new_user_registration_def_group', '');
if($def_group <> '')
{
$socservUserFields['GROUP_ID'] = explode(',', $def_group);
}
if(
$this->checkRestrictions
&& !empty($socservUserFields['GROUP_ID'])
&& self::isAuthDenied($socservUserFields['GROUP_ID'])
)
{
$errorCode = SOCSERV_REGISTRATION_DENY;
}
else
{
$userFields = $socservUserFields;
$userFields["EXTERNAL_AUTH_ID"] = "socservices";
if(isset($userFields['PERSONAL_PHOTO']) && is_array($userFields['PERSONAL_PHOTO']))
{
$res = CFile::CheckImageFile($userFields["PERSONAL_PHOTO"]);
if($res <> '')
{
unset($userFields['PERSONAL_PHOTO']);
}
}
$USER_ID = $USER->Add($userFields);
if($USER_ID <= 0)
{
$errorCode = SOCSERV_AUTHORISATION_ERROR;
}
}
}
elseif(Option::get("main", "new_user_registration", "N") == "N")
{
$errorCode = SOCSERV_REGISTRATION_DENY;
}
$socservUserFields['CAN_DELETE'] = 'N';
}
}
if(isset($_SESSION["OAUTH_DATA"]) && is_array($_SESSION["OAUTH_DATA"]))
{
foreach ($_SESSION['OAUTH_DATA'] as $key => $value)
{
$socservUserFields[$key] = $value;
}
unset($_SESSION["OAUTH_DATA"]);
}
if($USER_ID > 0)
{
$arGroups = $USER->GetUserGroup($USER_ID);
if($this->checkRestrictions && self::isAuthDenied($arGroups))
{
return SOCSERV_AUTHORISATION_ERROR;
}
if($entryId > 0)
{
UserTable::update($entryId, UserTable::filterFields($socservUserFields, $socservUser));
}
else
{
$socservUserFields['USER_ID'] = $USER_ID;
UserTable::add(UserTable::filterFields($socservUserFields));
}
if(isset($socservUserFields["TIME_ZONE_OFFSET"]) && $socservUserFields["TIME_ZONE_OFFSET"] !== null)
{
CTimeZone::SetCookieValue($socservUserFields["TIME_ZONE_OFFSET"]);
}
$USER->AuthorizeWithOtp($USER_ID, $bSave);
if($USER->IsJustAuthorized())
{
foreach(GetModuleEvents("socialservices", "OnUserLoginSocserv", true) as $arEvent)
{
ExecuteModuleEventEx($arEvent, array($socservUserFields));
}
}
}
else
{
return $errorCode;
}
// possible redirect after authorization, so no spreading. Store cookies in the session for next hit
$APPLICATION->StoreCookies();
}
return true;
}