protected function addField($name)
{
switch ($name) {
case 'username':
$this->form->setDefault('username', $this->resource->username);
$this->form->setValidator('username', new sfValidatorString(array('required' => true)));
$this->form->setWidget('username', new sfWidgetFormInput());
break;
case 'email':
$this->form->setDefault('email', $this->resource->email);
$this->form->setValidator('email', new sfValidatorEmail(array('required' => true)));
$this->form->setWidget('email', new sfWidgetFormInput());
break;
case 'password':
case 'confirmPassword':
$this->form->setDefault($name, null);
// Required field only if a new user is being created
$this->form->setValidator($name, new sfValidatorString(array('required' => !isset($this->getRoute()->resource))));
$this->form->setWidget($name, new sfWidgetFormInputPassword());
break;
case 'groups':
$values = array();
$criteria = new Criteria();
$criteria->add(QubitAclUserGroup::USER_ID, $this->resource->id);
foreach (QubitAclUserGroup::get($criteria) as $item) {
$values[] = $item->groupId;
}
$choices = array();
$criteria = new Criteria();
$criteria->add(QubitAclGroup::ID, 99, Criteria::GREATER_THAN);
foreach (QubitAclGroup::get($criteria) as $item) {
$choices[$item->id] = $item->getName(array('cultureFallback' => true));
}
$this->form->setDefault('groups', $values);
$this->form->setValidator('groups', new sfValidatorPass());
$this->form->setWidget('groups', new sfWidgetFormSelect(array('choices' => $choices, 'multiple' => true)));
break;
case 'translate':
$c = sfCultureInfo::getInstance($this->context->user->getCulture());
$languages = $c->getLanguages();
$choices = array();
if (0 < count($langSettings = QubitSetting::getByScope('i18n_languages'))) {
foreach ($langSettings as $item) {
$choices[$item->name] = $languages[$item->name];
}
}
// Find existing translate permissions
$criteria = new Criteria();
$criteria->add(QubitAclPermission::USER_ID, $this->resource->id);
$criteria->add(QubitAclPermission::ACTION, 'translate');
$defaults = null;
if (null !== ($permission = QubitAclPermission::getOne($criteria))) {
$defaults = $permission->getConstants(array('name' => 'languages'));
}
$this->form->setDefault('translate', $defaults);
$this->form->setValidator('translate', new sfValidatorPass());
$this->form->setWidget('translate', new sfWidgetFormSelect(array('choices' => $choices, 'multiple' => true)));
break;
}
}
public function execute($request)
{
$this->form = new sfForm();
$this->form->setValidator('confirmPassword', new sfValidatorString(array('required' => true)));
$this->form->setWidget('confirmPassword', new sfWidgetFormInputPassword());
$this->form->setValidator('email', new sfValidatorEmail(array('required' => true)));
$this->form->setWidget('email', new sfWidgetFormInput());
$this->form->setValidator('password', new sfValidatorString(array('required' => true)));
$this->form->setWidget('password', new sfWidgetFormInputPassword());
$this->form->setValidator('siteDescription', new sfValidatorString());
$this->form->setWidget('siteDescription', new sfWidgetFormInput());
$this->form->setValidator('siteTitle', new sfValidatorString(array('required' => true)));
$this->form->setWidget('siteTitle', new sfWidgetFormInput());
$this->form->setValidator('username', new sfValidatorString(array('required' => true)));
$this->form->setWidget('username', new sfWidgetFormInput());
$this->form->getValidatorSchema()->setPostValidator(new sfValidatorSchemaCompare('password', '==', 'confirmPassword'));
if ($request->isMethod('post')) {
$this->form->bind($request->getPostParameters());
if ($this->form->isValid()) {
$setting = new QubitSetting();
$setting->name = 'siteTitle';
$setting->value = $this->form->getValue('siteTitle');
$setting->save();
$setting = new QubitSetting();
$setting->name = 'siteDescription';
$setting->value = $this->form->getValue('siteDescription');
$setting->save();
$user = new QubitUser();
$user->username = $this->form->getValue('username');
$user->email = $this->form->getValue('email');
$user->setPassword($this->form->getValue('password'));
$user->save();
$aclUserGroup = new QubitAclUserGroup();
$aclUserGroup->userId = $user->id;
$aclUserGroup->groupId = QubitAclGroup::ADMINISTRATOR_ID;
$aclUserGroup->save();
$this->redirect(array('module' => 'sfInstallPlugin', 'action' => 'clearCache'));
}
}
}
public static function getaclUserGroupsById($id, array $options = array())
{
$criteria = new Criteria();
self::addaclUserGroupsCriteriaById($criteria, $id);
return QubitAclUserGroup::get($criteria, $options);
}
/**
* Check if user belongs to *any* of the checkGroup(s) listed
*
* @param mixed $groups - integer value for group id, or array of group ids
* @return boolean
*/
public function hasGroup($checkGroups)
{
$hasGroup = false;
// Cast $checkGroups as an array
if (!is_array($checkGroups)) {
$checkGroups = array($checkGroups);
}
// A user is always part of the authenticated group
if (in_array(QubitAclGroup::AUTHENTICATED_ID, $checkGroups)) {
return true;
}
$criteria = new Criteria();
$criteria->add(QubitAclUserGroup::USER_ID, $this->id);
if (0 < count($userGroups = QubitAclUserGroup::get($criteria))) {
foreach ($userGroups as $userGroup) {
if (in_array(intval($userGroup->groupId), $checkGroups)) {
$hasGroup = true;
break;
}
}
}
return $hasGroup;
}
/**
* Updates user's access privileges from Shibboleth data
*
* @param QubitUser $user the current user
* @param sfWebRequest $request the current web request
*
*/
protected function updateUserFromShibInfo($request, $user)
{
$params = $request->getPathInfoArray();
$isMemberOf = explode(";", $params['isMemberOf']);
// read group mapping from config file
$mapings = array('ADMINISTRATOR_ID' => explode(';', sfConfig::get('app_shibboleth_administrator_groups')), 'EDITOR_ID' => explode(';', sfConfig::get('app_shibboleth_editor_groups')), 'CONTRIBUTOR_ID' => explode(';', sfConfig::get('app_shibboleth_contributor_groups')), 'TRANSLATOR_ID' => explode(';', sfConfig::get('app_shibboleth_translator_groups')));
// for each privilege class, check whether the current user should have it and assign it if not yet assigned
foreach ($mapings as $key => $array) {
if (0 < count(array_intersect($array, $isMemberOf))) {
if (!$user->hasGroup(constant("QubitAclGroup::{$key}"))) {
$aclUserGroup = new QubitAclUserGroup();
$aclUserGroup->userId = $user->id;
$aclUserGroup->groupId = constant("QubitAclGroup::{$key}");
$aclUserGroup->save();
}
} else {
// remove the user from groups he should not be in
if ($user->hasGroup(constant("QubitAclGroup::{$key}"))) {
foreach ($user->aclUserGroups as $membership) {
if ($membership->groupId == constant("QubitAclGroup::{$key}")) {
$membership->delete();
}
}
}
}
}
return true;
}
