Beispiel #1
0
 /**
  * Form login user authentication
  *
  * @return Redirect
  * @throws Exception
  */
 public function authenticateAction()
 {
     $redirect = 'login';
     $request = $this->getRequest();
     $entityManager = $this->getServiceLocator()->get('doctrine.entitymanager.orm_default');
     $appServiceLoader = $this->recoverAppServiceLoader();
     $configurations = $appServiceLoader->recoverService('configurations');
     $helper = new SetupAbstractControllerHelper();
     $helper->setConfigurations($configurations);
     $helper->setRequest($request);
     $helper->setupZf2appDir();
     $helper->setupAppDirRelativePath();
     $formValidator = new UserFormAuthenticationInputFilter();
     $form = new UserFormAuthentication();
     $form->setInputFilter($formValidator->getInputFilter());
     if ($request->isPost()) {
         $form->setData($request->getPost());
         if ($form->isValid()) {
             // Check authentication...
             $this->getAuthService()->getAdapter()->setIdentity($request->getPost('username'))->setCredential($request->getPost('password'));
             $result = $this->getAuthService()->authenticate();
             foreach ($result->getMessages() as $message) {
                 $this->flashmessenger()->addMessage($message);
             }
             if ($result->isValid()) {
                 $redirect = 'admin';
                 // set session timeout stored in MyAuthStorage class...
                 $this->getSessionStorage()->setRememberMe();
                 // set storage into the auth service
                 $this->getAuthService()->setStorage($this->getSessionStorage());
                 $this->getAuthService()->getStorage()->write($request->getPost('username'));
                 // Search user into db
                 $usersGetterWrapper = new UsersGetterWrapper(new UsersGetter($entityManager));
                 $usersGetterWrapper->setInput(array('username' => $request->getPost('username'), 'password' => $request->getPost('password'), 'adminAccess' => 1, 'limit' => 1));
                 $usersGetterWrapper->setupQueryBuilder();
                 $records = $usersGetterWrapper->getRecords();
                 if (isset($records) and count($records) == 1) {
                     $records = $records[0];
                     // Set ACL
                     $aclSetter = new AclSetter(new Acl());
                     $aclSetter->setUsersRolesGetterWrapper(new UsersRolesGetterWrapper(new UsersRolesGetter($entityManager)));
                     $aclSetter->addRoles($aclSetter->recoverRoles(array()));
                     if ($records['roleName'] === 'WebMaster') {
                         // Assign all permissions
                         $aclSetter->getAcl()->allow($records['roleName']);
                         $wrapper = new UsersRolesPermissionsGetterWrapper(new UsersRolesPermissionsGetter($entityManager));
                         $wrapper->setInput(array());
                         $wrapper->setupQueryBuilder();
                         $permissionsRecords = $wrapper->getRecords();
                         if (empty($permissionsRecords)) {
                             throw new NullException("Error: no permissions stored on database!");
                         }
                         foreach ($permissionsRecords as $permissionsRecord) {
                             $aclSetter->getAcl()->addResource($permissionsRecord['flag']);
                             $aclSetter->getAcl()->allow($records['roleName'], $permissionsRecord['flag']);
                         }
                     } else {
                         $wrapper = new UsersRolesPermissionsRelationsGetterWrapper(new UsersRolesPermissionsRelationsGetter($entityManager));
                         $wrapper->setInput(array('roleId' => $records['roleId']));
                         $wrapper->setupQueryBuilder();
                         $permissionsRecords = $wrapper->getRecords();
                         if (empty($permissionsRecords)) {
                             throw new NullException("Error: no permissions stored on database!");
                         }
                         foreach ($permissionsRecords as $permissionsRecord) {
                             $aclSetter->getAcl()->addResource($permissionsRecord['flag']);
                             $aclSetter->getAcl()->allow($records['roleName'], $permissionsRecord['flag']);
                         }
                     }
                     $sitename = $configurations['sitename'];
                     if (!$sitename) {
                         throw new NullException('Site name is not set. Cannot complete the login');
                     }
                     $ckFinderUploadDir = $helper->getAppDirRelativePath() . '/public/' . $configurations['media_dir'] . $configurations['media_project'] . 'ckfinder_files';
                     $userDetails = new \stdClass();
                     $userDetails->sitename = $sitename;
                     $userDetails->id = $records['id'];
                     $userDetails->name = $records['name'];
                     $userDetails->surname = $records['surname'];
                     $userDetails->email = $records['email'];
                     $userDetails->acl = $aclSetter->getAcl();
                     $userDetails->salt = $records['salt'];
                     $userDetails->passwordLastUpdate = $records['passwordLastUpdate'];
                     $userDetails->role = $records['roleName'];
                     /* Set user session values */
                     $sessionContainer = new SessionContainer();
                     $sessionContainer->offsetSet('userDetails', $userDetails);
                     $sessionContainer->offsetSet('ckFinderUploadDir', $ckFinderUploadDir);
                     /* Regenerate Session ID after login */
                     $manager = new \Zend\Session\SessionManager();
                     $manager->regenerateId();
                     /* Log entering admin area */
                     $logWriter = new LogWriter($entityManager->getConnection());
                     $logWriter->writeLog(array('user_id' => $userDetails->id, 'module_id' => ModulesContainer::contenuti_id, 'message' => "Ingresso nell'area riservata", 'description' => $records['name'] . ' ' . $records['surname'] . " ha effettuato un ingresso nell'area riservata", 'type' => 'info', 'reference_id' => 0, 'backend' => 1));
                 } else {
                     $this->flashmessenger()->addMessage(print_r("Nome utente e \\ o password non validi", 1));
                 }
             }
         } else {
             $sessionContainer = new SessionContainer();
             $loginFailures = $sessionContainer->offsetGet('loginFailures');
             $sessionContainer->offsetSet('loginFailures', $loginFailures);
             foreach ($form->getMessages() as $message) {
                 $this->flashmessenger()->addMessage(print_r($message, 1));
             }
         }
     }
     return $this->redirect()->toRoute($redirect, array("lang" => 'it'));
 }
 public function testSetupQueryBuilder()
 {
     $this->assertNull($this->objectWrapper->setupQueryBuilder());
 }