/**
* Show User Account Form
*
* Controller for the User Account module.
*
* @author Goran Halusa <*****@*****.**>
* @since 0.1.0
* @param int $user_account_id The user account id
*/
function show_user_account_form($user_account_id = false)
{
$app = \Slim\Slim::getInstance();
$env = $app->environment();
$final_global_template_vars = $app->config('final_global_template_vars');
require_once $final_global_template_vars["absolute_path_to_this_module"] . "/models/user_account.class.php";
require_once $final_global_template_vars["default_module_list"]["group"]["absolute_path_to_this_module"] . "/models/group.class.php";
$db_conn = new \PHPSkeleton\models\db($final_global_template_vars["db_connection"]);
$db_resource = $db_conn->get_resource();
$useraccount = new \PHPSkeleton\UserAccount($db_resource, $final_global_template_vars["session_key"]);
$group = new \PHPSkeleton\Group($db_resource, $final_global_template_vars["session_key"]);
$post = $app->request()->post();
$address_data = array();
// Check to see if user has permissions to access all accounts.
$has_permission = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_manage_all_accounts_access"]);
$role_perm_manage_all_accounts_access = empty($has_permission) ? false : true;
// Redirect if user does not have permissions to access all accounts.
if (!$role_perm_manage_all_accounts_access && (int) $user_account_id != $_SESSION[$final_global_template_vars["session_key"]]["user_account_id"]) {
$app->flash('message', 'Access denied.');
$app->redirect("/authenticate/access_denied");
}
$current_group_values = $useraccount->get_user_group_roles_map((int) $user_account_id, $final_global_template_vars["proxy_id"]);
$roles = $useraccount->get_roles($final_global_template_vars["exclude_ids_from_selector"]);
$group_hierarchy = $group->get_group_hierarchy("--");
$flat_group_hierarchy = $group->flatten_group_hierarchy($group_hierarchy);
foreach ($flat_group_hierarchy as $array_key => &$single_group_info) {
$single_group_info["admin"] = false;
$show_all = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_assign_user_account_to_any_group"]);
if (!empty($show_all)) {
$single_group_info["admin"] = true;
} else {
$group_roles = $useraccount->has_role($_SESSION[$final_global_template_vars["session_key"]]["user_account_id"], $final_global_template_vars["administrator_id"], $single_group_info["group_id"]);
if (!empty($group_roles)) {
$single_group_info["admin"] = true;
}
}
}
$has_permission = array_intersect($_SESSION[$final_global_template_vars["session_key"]]["user_role_list"], $final_global_template_vars["role_perm_modify_own_groups"]);
$role_perm_modify_own_groups = empty($has_permission) ? false : true;
$current_user_account_info = $useraccount->get_user_account_info((int) $user_account_id);
$user_account_info = $post ? $post : $useraccount->get_user_account_info((int) $user_account_id);
$address_fields = array("label", "address_1", "address_2", "city", "state", "zip");
if (isset($post["address_count"]) && !empty($post["address_count"])) {
for ($i = 1; $i <= count($post["address_count"]); $i++) {
foreach ($address_fields as $field) {
$address_data[$i - 1][$field] = $post[$field][$i];
}
}
} else {
$address_data = $useraccount->get_addresses((int) $user_account_id);
}
$app->render('user_account_form.php', array("page_title" => "Manage User Account", "address_data" => $address_data, "role_perm_modify_own_groups" => $role_perm_modify_own_groups, "roles" => $roles, "groups" => $flat_group_hierarchy, "current_user_account_info" => $current_user_account_info, "account_info" => $user_account_info, "user_account_groups" => $current_group_values, "errors" => isset($env["default_validation_errors"]) ? $env["default_validation_errors"] : false));
}
/**
* Submit Registration
*
* Controller for the Authenticate module.
*
* @author Goran Halusa <*****@*****.**>
* @since 0.1.0
* @param array $route The route data array
*/
function submit_registration(\Slim\Route $route)
{
$app = \Slim\Slim::getInstance();
$final_global_template_vars = $app->config('final_global_template_vars');
require_once $final_global_template_vars["default_module_list"]["user_account"]["absolute_path_to_this_module"] . "/models/user_account.class.php";
require_once $final_global_template_vars["default_module_list"]["group"]["absolute_path_to_this_module"] . "/models/group.class.php";
require_once $_SERVER["PATH_TO_VENDOR"] . "wixel/gump/gump.class.php";
$env = $app->environment();
$db_conn = new \PHPSkeleton\models\db($final_global_template_vars["db_connection"]);
$db_resource = $db_conn->get_resource();
$user_account = new \PHPSkeleton\UserAccount($db_resource, $final_global_template_vars["session_key"]);
$gump = new GUMP();
$errors = array();
$user_account_id = $_SESSION[$final_global_template_vars["session_key"]]["user_account_id"];
// Check to see if this user is already assigned to a group - they may have been added by another administrator.
$current_groups = $user_account->get_user_account_groups($user_account_id);
if (!$current_groups) {
// Validate the group that they submitted.
$rules = array("group" => "required|integer");
$validated = $gump->validate($app->request()->post(), $rules);
if ($validated !== true) {
$errors = \phpskeleton\models\utility::gump_parse_errors($validated);
}
}
// Validate the acceptable use policy.
$rules = array("acceptable_use_policy" => "required|integer");
$validated = $gump->validate($app->request()->post(), $rules);
if ($validated !== true) {
$errors = array_merge($errors, \phpskeleton\models\utility::gump_parse_errors($validated));
}
if (!$errors) {
// Create the actual user account.
$user_data = array("group_data" => '{"0":{"group_id":"' . $app->request()->post("group") . '","roles":["' . $final_global_template_vars["default_role_id"] . '"]}}');
$update_groups = !empty($current_groups) ? false : true;
// Get the existing user account info.
$existing_user_data = $user_account->get_user_account_info($user_account_id);
// Merge the data.
$user_data = array_merge($user_data, $existing_user_data);
// Insert/update
$user_account->insert_update_user_account($user_data, $user_account_id, $update_groups);
// Update acceptable use policy.
$user_account->update_acceptable_use_policy($user_account_id, 1);
$landing_page = $final_global_template_vars['landing_page'];
if (isset($_COOKIE[$final_global_template_vars["redirect_cookie_key"]]) && $_COOKIE[$final_global_template_vars["redirect_cookie_key"]]) {
$landing_page = $_COOKIE[$final_global_template_vars["redirect_cookie_key"]];
setcookie($final_global_template_vars["redirect_cookie_key"], "", time() - 3600, "/");
unset($_COOKIE[$final_global_template_vars["redirect_cookie_key"]]);
}
// Add role list to session.
$_SESSION[$final_global_template_vars["session_key"]][$final_global_template_vars["current_user_roles_session_key"]] = \phpskeleton\models\utility::array_flatten($user_account->get_user_roles_list($user_account_id));
// Add group to session.
$_SESSION[$final_global_template_vars["session_key"]]["associated_groups"] = array((int) $app->request()->post("group"));
$app->redirect($landing_page);
} else {
$env["default_validation_errors"] = $errors;
}
}
