Account merging functionality

shib71 · shib71 · commit d5dca8768c98 · 2012-09-10T04:24:53.000Z
diff --git a/packages/security/GoogleUserDirectory.cfc b/packages/security/GoogleUserDirectory.cfc
@@ -34,7 +34,9 @@
 				<cfif structisempty(stUser)>
 					<cfset stUser = oUser.getData(createuuid()) />
 					<cfset stUser.userid = stTokenInfo.user_id />
-					<cfset stUser.refreshToken = stTokens.refresh_token />
+					<cfif structkeyexists(stTokens,"refresh_token")>
+						<cfset stUser.refreshToken = stTokens.refresh_token />
+					</cfif>
 					<cfset stUser.providerDomain = listlast(session.security.ga[hash(stTokenInfo.user_id)].profile.email,"@") />
 					<cfset oUser.setData(stProperties=stUser) />
 				<cfelse>
diff --git a/packages/types/gudUser.cfc b/packages/types/gudUser.cfc
@@ -99,4 +99,168 @@
 		<cfreturn stResult />
 	</cffunction>
 	
+	
+	<cffunction name="queryUserPassword" access="public" output="false" returntype="query" hint="Return a query of farUser rows that match the provided credentials">
+		<cfargument name="username" type="string" required="true" />
+		<cfargument name="password" type="string" required="true" />
+		
+		<cfset var qUser = "" />
+		<cfset var authenticatedObjectId = "" />
+		<cfset var hashName = application.security.userdirectories.clientud.getOutputHashName() />
+		
+		<!--- Find the user --->
+		<cfquery datasource="#application.dsn#" name="qUser">
+			select	objectid,userid,password,userstatus
+			from	#application.dbowner#farUser
+			where	userid=<cfqueryparam cfsqltype="cf_sql_varchar" value="#trim(arguments.username)#" />
+		</cfquery>
+		
+		<!--- Try to match the entered password against the users in the DB --->
+		<cfloop query="qUser">
+			<cfif application.security.cryptlib.passwordMatchesHash(password=arguments.password,hashedPassword=qUser.password)>
+				<cfset authenticatedObjectId = qUser.objectid />
+				<cfbreak />
+			</cfif>
+		</cfloop>
+		
+		<cfif Len(authenticatedObjectId)>
+			<!--- Return the row with the password match --->
+			<cfquery dbtype="query" name="qUser">
+				select *
+				from qUser
+				where objectid = '#authenticatedObjectId#'
+			</cfquery>
+			<!--- Does the hashed password need to be updated? --->
+			<cfif application.security.cryptlib.hashedPasswordIsStale(hashedPassword=qUser.password,password=arguments.password,hashname=hashName)>
+				<cfquery datasource="#application.dsn#">
+					update	#application.dbowner#farUser
+					set		password=<cfqueryparam cfsqltype="cf_sql_varchar" value="#application.security.cryptlib.encodePassword(password=arguments.password,hashname=hashName)#" />
+					where	objectid=<cfqueryparam cfsqltype="cf_sql_varchar" value="#authenticatedObjectId#" />
+				</cfquery>
+			</cfif>
+		<cfelse>
+			<!--- Delete all rows from the query --->
+			<cfquery dbtype="query" name="qUser">
+				select *
+				from qUser
+				where 0 = 1
+			</cfquery>
+		</cfif>
+		
+		<cfreturn qUser />
+	</cffunction>
+	
+	
+	<cffunction name="migrateContentUserData" access="private" output="false" returntype="void">
+		<cfargument name="typename" type="string" required="true" />
+		<cfargument name="oldprofile" type="struct" required="true" />
+		<cfargument name="newprofile" type="struct" required="true" />
+		
+		<cfset var property = "" />
+		
+		<!--- Extended array component - skip --->
+		<cfif find("_",arguments.typename)>
+			<cfreturn />
+		</cfif>
+		
+		<!--- Undeployed - skip --->
+		<cfif isdefined("application.fc.lib.db")>
+			<cfif not application.fc.lib.db.isDeployed(arguments.typename)>
+				<cfreturn />
+			</cfif>
+		<cfelse>
+			<cfif not createObject("component", "farcry.core.packages.farcry.alterType").isCFCDeployed(arguments.typename)>
+				<cfreturn />
+			</cfif>
+		</cfif>
+		
+		<!--- Update user properties --->
+		<cfloop list="createdby,lastupdatedby,lockedby" index="property">
+			<cfif structkeyexists(application.stCOAPI[arguments.typename].stProps,property)>
+				<cfquery datasource="#application.dsn#">
+					update	#application.dbowner##arguments.typename#
+					set		#property# = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.newprofile.username#" />
+					where	#property# = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.oldprofile.username#" />
+				</cfquery>
+			</cfif>
+		</cfloop>
+		
+		<!--- Update profile properties --->
+		<cfloop list="ownedby" index="property">
+			<cfif structkeyexists(application.stCOAPI[arguments.typename].stProps,property)>
+				<cfquery datasource="#application.dsn#">
+					update	#application.dbowner##arguments.typename#
+					set		#property# = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.newprofile.objectid#" />
+					where	#property# = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.oldprofile.objectid#" />
+				</cfquery>
+			</cfif>
+		</cfloop>
+		
+	</cffunction>
+	
+	<cffunction name="migrateLogs" access="private" output="false" returntype="void">
+		<cfargument name="oldusername" type="string" required="true" />
+		<cfargument name="newusername" type="string" required="true" />
+		
+		<cfquery datasource="#application.dsn#">
+			update	farLog
+			set		userid = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.newusername#" />
+			where	userid = <cfqueryparam cfsqltype="cf_sql_varchar" value="#arguments.oldusername#" />
+					and type in ('types','rules')
+		</cfquery>
+	</cffunction>
+	
+	<cffunction name="migrateProfile" access="private" output="false" returntype="void">
+		<cfargument name="oldprofile" type="struct" required="true" />
+		<cfargument name="newprofile" type="struct" required="true" />
+		
+		<cfset var property = "" />
+		
+		<cfloop collection="#oldprofile#" item="property">
+			<cfif listfindnocase("bReceiveEmail,phone,fax,position,department,locale,overviewhome,notes",property)>
+				<cfset arguments.newprofile[property] = arguments.oldprofile[property] />
+			</cfif>
+		</cfloop>
+		
+		<cfset application.fapi.setData(stProperties=arguments.newprofile) />
+		<cfset session.dmProfile = arguments.newprofile />
+	</cffunction>
+	
+	<cffunction name="disableOldUser" access="private" output="false" returntype="void">
+		<cfargument name="userid" type="string" required="true" />
+		
+		<cfset var oUser = application.fapi.getContentType("farUser") />
+		<cfset var stUser = oUser.getByUserID(arguments.userid) />
+		
+		<cfset stUser.userstatus = "inactive" />
+		
+		<cfset oUser.setData(stProperties=stUser) />
+	</cffunction>
+	
+	<cffunction name="mergeFarcryUDAccount" access="public" output="false" returntype="void">
+		<cfargument name="userid" type="string" required="true" />
+		<cfargument name="profileid" type="uuid" required="true" />
+		
+		<cfset var typename = "" />
+		<cfset var oProfile = application.fapi.getContentType("dmProfile") />
+		<cfset var stOldProfile = oProfile.getProfile(arguments.userid,"CLIENTUD") />
+		<cfset var stNewProfile = oProfile.getData(arguments.profileid) />
+		
+		<!--- Update createdby,lastupdatedby,lockedby,ownedby --->
+		<cfloop collection="#application.stCOAPI#" item="typename">
+			<cfif listfindnocase("type,rule",application.stCOAPI[typename].class)>
+				<cfset migratecontentuserdata(typename,stOldProfile,stNewProfile) />
+			</cfif>
+		</cfloop>
+		
+		<!--- Update logs --->
+		<cfset migrateLogs(stOldProfile.username,stNewProfile.username) />
+		
+		<!--- Copy profile data --->
+		<cfset migrateProfile(stOldProfile,stNewProfile) />
+		
+		<!--- Disable old account --->
+		<cfset disableOldUser(arguments.userid) />
+	</cffunction>
+	
 </cfcomponent>
diff --git a/webskin/dmProfile/displaySummaryOptionsGUD.cfm b/webskin/dmProfile/displaySummaryOptionsGUD.cfm
@@ -12,6 +12,11 @@
 			<a href="https://www.google.com/settings/account">Google Account Settings</a>
 		</small>
 	</li>
+	<li>
+		<small>
+			<a href="#application.fapi.getLink(type='gudLogin',view='displayPageAdmin',bodyView='displayTypeBodyMerge')#" target="content">Merge Existing Account</a>
+		</small>
+	</li>
 </cfoutput>
 
 <cfsetting enablecfoutputonly="false" />
diff --git a/webskin/gudLogin/displayPageAdmin.cfm b/webskin/gudLogin/displayPageAdmin.cfm
@@ -0,0 +1,13 @@
+<cfsetting enablecfoutputonly="true" />
+<!--- @@fualias: admin --->
+
+<cfimport taglib="/farcry/core/tags/admin" prefix="admin" />
+<cfimport taglib="/farcry/core/tags/webskin" prefix="skin" />
+
+<admin:header>
+
+<skin:view stObject="#stObj#" webskin="#url.bodyView#" />
+
+<admin:footer>
+
+<cfsetting enablecfoutputonly="false" />
diff --git a/webskin/gudLogin/displayTypeBodyMerge.cfm b/webskin/gudLogin/displayTypeBodyMerge.cfm
@@ -0,0 +1,50 @@
+<cfsetting enablecfoutputonly="true" />
+<!--- @@displayname: Merge existing profile --->
+<!--- @@fuAlias: merge --->
+
+<cfimport taglib="/farcry/core/tags/formtools" prefix="ft" />
+<cfimport taglib="/farcry/core/tags/webskin" prefix="skin" />
+
+<ft:processform action="Merge">
+	<ft:processformObjects typename="farLogin">
+		<cfset oUser = application.fapi.getContentType("gudUser") />
+		<cfset qUsers = oUser.queryUserPassword(stProperties.username,stProperties.password) />
+		<cfif qUsers.recordcount>
+			<cfset oUser.mergeFarcryUDAccount(qUsers.userid,session.dmProfile.objectid) />
+			<skin:bubble message="The '#qUsers.userid#' FarCry account has been merged into this Google profile. You will no longer be able to log in with that username / password." />
+		<cfelse>
+			<skin:bubble message="No users match those credentials" tags="error" />
+		</cfif>
+	</ft:processformObjects>
+</ft:processform>
+
+
+<cfoutput>
+	<h1>Merge Existing Account</h1>
+</cfoutput>
+
+<cfif application.security.isLoggedIn() and refindnocase("_GUD$",session.dmProfile.username)>
+	<cfoutput>
+		<p>This utility merges an existing account into this one. Specifically it will:</p>
+		<ul>
+			<li>copy profile information (where it hasn't already been set)</li>
+			<li>disable the username / password login</li>
+			<li>update audit logs and history to the new account</li>
+		</ul>
+	</cfoutput>
+	
+	<skin:pop tags="error" start="<ul class='error'>" end="</ul>"><cfoutput><li>#message.message#</li></cfoutput></skin:pop>
+	<skin:pop start="<ul class='success'>" end="</ul>"><cfoutput><li>#message.message#</li></cfoutput></skin:pop>
+	
+	<ft:form>
+		<ft:object typename="farLogin" lFields="username,password" prefix="login" legend="" focusField="username" />
+		
+		<ft:buttonPanel>
+			<ft:button value="Merge" />
+		</ft:buttonPanel>
+	</ft:form>
+<cfelse>
+	<cfoutput><ul id='errorMsg'><li>You must be logged in via Google to use this functionality</li></ul></cfoutput>
+</cfif>
+
+<cfsetting enablecfoutputonly="false" />
