Beispiel #1
0
 /**
  * Bootstrap the module
  *
  * @param  Application $application
  * @return void
  */
 public static function bootstrap(Application $application)
 {
     $path = BASE_PATH . APP_URI;
     if ($path == '') {
         $path = '/';
     }
     $cookie = Cookie::getInstance(['path' => $path]);
     if (isset($cookie->phire)) {
         $phire = (array) $cookie->phire;
         if (!isset($phire['fields_media_library'])) {
             $phire['fields_media_library'] = $application->module('phire-fields')->config()['media_library'];
         }
         $cookie->set('phire', $phire);
     }
     $modules = $application->modules();
     $roles = \Phire\Table\Roles::findAll();
     foreach ($roles->rows() as $role) {
         if (isset($modules['phire-fields']) && isset($modules['phire-fields']->config()['models']) && isset($modules['phire-fields']->config()['models']['Phire\\Model\\User']) && isset($modules['phire-fields']->config()['models']['Phire\\Model\\Role'])) {
             $models = $modules['phire-fields']->config()['models'];
             $models['Phire\\Model\\User'][] = ['type_field' => 'role_id', 'type_value' => $role->id, 'type_name' => $role->name];
             $models['Phire\\Model\\Role'][] = ['type_field' => 'id', 'type_value' => $role->id, 'type_name' => $role->name];
             $application->module('phire-fields')->mergeConfig(['models' => $models]);
         }
     }
     foreach ($modules as $module => $config) {
         if ($module != 'phire-fields' && isset($config['models'])) {
             $application->module('phire-fields')->mergeConfig(['models' => $config['models']]);
         }
     }
 }
Beispiel #2
0
 /**
  * Set the field values
  *
  * @param  array $values
  * @return Unsubscribe
  */
 public function setFieldValues(array $values = null)
 {
     parent::setFieldValues($values);
     if ($_POST && null !== $this->email) {
         $member = Table\Users::findBy(['email' => $this->email]);
         if (!isset($member->id)) {
             $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'That email does not exist.'));
         } else {
             if (null !== $member->role_id) {
                 $sess = \Pop\Web\Session::getInstance();
                 $requireLogin = true;
                 $role = Table\Roles::findById($member->role_id);
                 if (isset($role->id) && null !== $role->permissions) {
                     $permissions = unserialize($role->permissions);
                     if (isset($permissions['deny'])) {
                         foreach ($permissions['deny'] as $deny) {
                             if ($deny['resource'] == 'member-login') {
                                 $requireLogin = false;
                             }
                         }
                     }
                 }
                 if ($requireLogin) {
                     if (!isset($sess->member) || isset($sess->member) && $sess->member->id != $member->id) {
                         $memberAdmin = new \Phire\Members\Model\MembersAdmin();
                         $memberAdmin->getByRoleId($member->role_id);
                         $memberUri = isset($memberAdmin->uri) ? $memberAdmin->uri : APP_URI;
                         $this->getElement('email')->addValidator(new Validator\NotEqual($this->email, 'You must <a href="' . BASE_PATH . $memberUri . '/login">log in</a> to unsubscribe.'));
                     }
                 }
             }
         }
     }
     return $this;
 }
Beispiel #3
0
 /**
  * Set the field values
  *
  * @param  array  $values
  * @param  Auth   $auth
  * @return Login
  */
 public function setFieldValues(array $values = null, Auth $auth = null)
 {
     parent::setFieldValues($values);
     if ($_POST && null !== $this->username && null !== $this->password && null !== $auth) {
         $auth->authenticate(html_entity_decode($this->username, ENT_QUOTES, 'UTF-8'), html_entity_decode($this->password, ENT_QUOTES, 'UTF-8'));
         if (!$auth->isValid()) {
             $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'The login was not correct.'));
         } else {
             if (!$auth->adapter()->getUser()->verified) {
                 $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not verified.'));
             } else {
                 if (!$auth->adapter()->getUser()->active) {
                     $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is blocked.'));
                 } else {
                     $role = Table\Roles::findById($auth->adapter()->getUser()->role_id);
                     if (isset($role->id) && null !== $role->permissions) {
                         $permissions = unserialize($role->permissions);
                         if (isset($permissions['deny'])) {
                             foreach ($permissions['deny'] as $deny) {
                                 if ($deny['resource'] == 'login') {
                                     $this->getElement('password')->addValidator(new Validator\NotEqual($this->password, 'That user is not allowed to login.'));
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     return $this;
 }
Beispiel #4
0
 /**
  * Set the field values
  *
  * @param  array $values
  * @return User
  */
 public function setFieldValues(array $values = null)
 {
     parent::setFieldValues($values);
     if ($_POST && null !== $this->name) {
         $role = Table\Roles::findBy(['name' => $this->name]);
         if (isset($role->id) && $this->id != $role->id) {
             $this->getElement('name')->addValidator(new Validator\NotEqual($this->name, 'That role already exists.'));
         }
     }
     return $this;
 }
Beispiel #5
0
 /**
  * Constructor
  *
  * Instantiate the form object
  *
  * @param  int    $id
  * @param  array  $fields
  * @param  string $action
  * @param  string $method
  * @return SessionConfig
  */
 public function __construct($id = null, array $fields, $action = null, $method = 'post')
 {
     $configs = \Phire\Sessions\Table\UserSessionConfig::findAll();
     $configsAry = [];
     foreach ($configs->rows() as $config) {
         $configsAry[] = $config->role_id;
     }
     $roles = Table\Roles::findAll();
     $roleValues = ['----' => '----'];
     foreach ($roles->rows() as $role) {
         if (!in_array($role->id, $configsAry) || $id == $role->id) {
             $roleValues[$role->id] = $role->name;
         }
     }
     $fields[0]['role_id']['value'] = $roleValues;
     parent::__construct($fields, $action, $method);
     $this->setAttribute('id', 'session-form');
     $this->setIndent('    ');
 }
Beispiel #6
0
 /**
  * Login action method
  *
  * @return void
  */
 public function login()
 {
     $this->prepareView('phire/login.phtml');
     $this->view->title = 'Login';
     $this->view->form = new Form\Login($this->application->config()['forms']['Phire\\Form\\Login']);
     if ($this->request->isPost()) {
         $auth = new Auth\Auth(new Auth\Adapter\Table('Phire\\Table\\Users', Auth\Auth::ENCRYPT_BCRYPT));
         $this->view->form->addFilter('strip_tags')->addFilter('htmlentities', [ENT_QUOTES, 'UTF-8'])->setFieldValues($this->request->getPost(), $auth);
         if ($this->view->form->isValid()) {
             $this->sess->user = new \ArrayObject(['id' => $auth->adapter()->getUser()->id, 'role_id' => $auth->adapter()->getUser()->role_id, 'role' => Table\Roles::findById($auth->adapter()->getUser()->role_id)->name, 'username' => $auth->adapter()->getUser()->username, 'email' => $auth->adapter()->getUser()->email], \ArrayObject::ARRAY_AS_PROPS);
             if (php_sapi_name() != 'cli') {
                 $path = BASE_PATH . APP_URI;
                 if ($path == '') {
                     $path = '/';
                 }
                 $cookie = Cookie::getInstance(['path' => $path]);
                 $cookie->set('phire', ['base_path' => BASE_PATH, 'app_path' => APP_PATH, 'content_path' => CONTENT_PATH, 'modules_path' => MODULES_PATH, 'app_uri' => APP_URI]);
             }
             $this->redirect(BASE_PATH . (APP_URI != '' ? APP_URI : '/'));
         }
     }
     $this->send();
 }
Beispiel #7
0
 /**
  * Login action method
  *
  * @return void
  */
 public function login()
 {
     $this->prepareView('members/login.phtml');
     $this->view->title = $this->memberName . ' : Login';
     $fields = $this->application->config()['forms']['Phire\\Members\\Form\\Login'];
     $fields['role_id']['value'] = $this->memberRoleId;
     $this->view->form = new Login($fields);
     if ($this->request->isPost()) {
         $auth = new Auth\Auth(new Auth\Adapter\Table('Phire\\Table\\Users', Auth\Auth::ENCRYPT_BCRYPT));
         $this->view->form->addFilter('strip_tags')->addFilter('htmlentities', [ENT_QUOTES, 'UTF-8'])->setFieldValues($this->request->getPost(), $auth);
         if ($this->view->form->isValid()) {
             $this->sess->member = new \ArrayObject(['id' => $auth->adapter()->getUser()->id, 'role_id' => $auth->adapter()->getUser()->role_id, 'role' => Table\Roles::findById($auth->adapter()->getUser()->role_id)->name, 'username' => $auth->adapter()->getUser()->username, 'email' => $auth->adapter()->getUser()->email], \ArrayObject::ARRAY_AS_PROPS);
             if (!empty($this->memberRedirect)) {
                 $path = BASE_PATH . $this->memberRedirect;
             } else {
                 if (php_sapi_name() != 'cli') {
                     $path = BASE_PATH . $this->memberUri;
                     if ($path == '') {
                         $path = '/';
                     }
                 }
             }
             $this->redirect($path);
         }
     }
     $this->send();
 }
Beispiel #8
0
 /**
  * Determine if roles are available to create configs for
  *
  * @return int
  */
 public function rolesAvailable()
 {
     return Table\UserSessionConfig::findAll()->count() < \Phire\Table\Roles::findAll()->count();
 }
Beispiel #9
0
 /**
  * Update an existing user
  *
  * @param  array            $fields
  * @param  \Pop\Web\Session $sess
  * @return void
  */
 public function update(array $fields, \Pop\Web\Session $sess = null)
 {
     $user = Table\Users::findById((int) $fields['id']);
     if (isset($user->id)) {
         $oldRoleId = $user->role_id;
         $oldActive = $user->active;
         $username = $user->username;
         $oldRole = Table\Roles::findById($oldRoleId);
         $role = Table\Roles::findById($fields['role_id']);
         // Going from username to email
         if (!$oldRole->email_as_username && $role->email_as_username) {
             if ((new \Pop\Validator\Email())->evaluate($fields['username'])) {
                 $username = $fields['username'];
                 $fields['email'] = $username;
             } else {
                 $username = isset($fields['email']) ? $fields['email'] : $user->email;
             }
             // Going from email to username
         } else {
             if ($oldRole->email_as_username && !$role->email_as_username) {
                 if (!(new \Pop\Validator\Email())->evaluate($fields['username'])) {
                     $username = $fields['email'];
                     unset($fields['email']);
                 }
                 // Staying the same
             } else {
                 if ($oldRole->email_as_username == $role->email_as_username) {
                     if ($role->email_as_username && isset($fields['email']) && !empty($fields['email'])) {
                         $username = $fields['email'];
                     } else {
                         if (isset($fields['username']) && !empty($fields['username'])) {
                             $username = $fields['username'];
                         }
                     }
                 }
             }
         }
         $user->role_id = $fields['role_id'];
         $user->username = $username;
         $user->password = !empty($fields['password1']) ? (new Bcrypt())->create($fields['password1']) : $user->password;
         $user->first_name = isset($fields['first_name']) ? $fields['first_name'] : $user->first_name;
         $user->last_name = isset($fields['last_name']) ? $fields['last_name'] : $user->last_name;
         $user->company = isset($fields['company']) ? $fields['company'] : $user->company;
         $user->title = isset($fields['title']) ? $fields['title'] : $user->title;
         $user->email = isset($fields['email']) ? $fields['email'] : $user->email;
         $user->phone = isset($fields['phone']) ? $fields['phone'] : $user->phone;
         $user->active = isset($fields['active']) ? (int) $fields['active'] : $user->active;
         $user->verified = isset($fields['verified']) ? (int) $fields['verified'] : $user->verified;
         $user->save();
         if (null !== $sess && $sess->user->id == $user->id) {
             $sess->user->username = $user->username;
             $sess->user->email = $user->email;
         }
         $this->data = array_merge($this->data, $user->getColumns());
         if ((null === $oldRoleId && null !== $user->role_id || !$oldActive && $user->active) && !empty($user->email)) {
             $this->sendApproval($user);
         }
     }
 }
Beispiel #10
0
 /**
  * Determine if user role has permission to send a password reminder
  * and reset the password
  *
  * @param  int $id
  * @return boolean
  */
 public function canSendReminder($id)
 {
     $result = true;
     $role = Table\Roles::findById((int) $id);
     if (isset($role->id) && null !== $role->permissions) {
         $permissions = unserialize($role->permissions);
         if (isset($permissions['deny'])) {
             foreach ($permissions['deny'] as $deny) {
                 if ($deny['resource'] == 'forgot') {
                     $result = false;
                 }
             }
         }
     } else {
         if (!isset($role->id)) {
             $result = false;
         }
     }
     return $result;
 }
Beispiel #11
0
 /**
  * Initialize the ACL service
  *
  * @return Module
  */
 public function initAcl()
 {
     $roles = Table\Roles::findAll()->rows();
     $resources = $this->application->config()['resources'];
     foreach ($roles as $role) {
         $roleName = str_replace(' ', '-', strtolower($role->name));
         $resources['role-' . $role->id . '|role-' . $roleName] = ['edit', 'remove'];
         $resources['users-of-role-' . $role->id . '|users-of-role-' . $roleName] = ['index', 'add', 'edit', 'remove'];
     }
     $this->application->mergeConfig(['resources' => $resources]);
     foreach ($this->application->config()['resources'] as $resource => $permissions) {
         if (strpos($resource, '|') !== false) {
             $resource = substr($resource, 0, strpos($resource, '|'));
         }
         $this->application->getService('acl')->addResource(new Resource($resource));
     }
     $allRoles = [];
     foreach ($roles as $role) {
         $r = new Role($role->name);
         $allRoles[$role->id] = $r;
         $this->application->getService('acl')->addRole($r);
         if (null !== $role->permissions) {
             $role->permissions = unserialize($role->permissions);
         }
         if (null === $role->permissions || is_array($role->permissions) && count($role->permissions) == 0) {
             $this->application->getService('acl')->allow($role->name);
         } else {
             if (count($role->permissions['allow']) > 0) {
                 foreach ($role->permissions['allow'] as $allow) {
                     $this->application->getService('acl')->allow($role->name, $allow['resource'], $allow['permission']);
                 }
             } else {
                 $this->application->getService('acl')->allow($role->name);
             }
             if (count($role->permissions['deny']) > 0) {
                 foreach ($role->permissions['deny'] as $deny) {
                     $this->application->getService('acl')->deny($role->name, $deny['resource'], $deny['permission']);
                 }
             }
         }
     }
     // Set up parent/child roles
     foreach ($allRoles as $id => $child) {
         $r = \Phire\Table\Roles::findById($id);
         if (isset($r->id) && null !== $r->parent_id && isset($allRoles[$r->parent_id])) {
             $child->setParent($allRoles[$r->parent_id]);
         }
     }
     // Set the acl in the main nav object
     $this->application->getService('nav.phire')->setAcl($this->application->getService('acl'));
     return $this;
 }
Beispiel #12
0
 /**
  * Edit action method
  *
  * @param  int $id
  * @return void
  */
 public function edit($id)
 {
     $member = new Model\MembersAdmin();
     $member->getById($id);
     if (!isset($member->id)) {
         $this->redirect(BASE_PATH . APP_URI . '/members');
     }
     $this->prepareView('members/admin/edit.phtml');
     $this->view->title = 'Members Admin';
     $this->view->member_name = $member->name;
     $fields = $this->application->config()['forms']['Phire\\Members\\Form\\MembersAdmin'];
     $role = \Phire\Table\Roles::findById($member->role_id);
     if (isset($role->id)) {
         $fields[0]['role_id']['value'][$role->id] = $role->name;
     }
     $fields[1]['name']['attributes']['onkeyup'] = 'phire.changeTitle(this.value);';
     $this->view->form = new Form\MembersAdmin($fields);
     $this->view->form->addFilter('htmlentities', [ENT_QUOTES, 'UTF-8'])->setFieldValues($member->toArray());
     if ($this->request->isPost()) {
         $this->view->form->setFieldValues($this->request->getPost());
         if ($this->view->form->isValid()) {
             $this->view->form->clearFilters()->addFilter('html_entity_decode', [ENT_QUOTES, 'UTF-8'])->filter();
             $member = new Model\MembersAdmin();
             $member->update($this->view->form->getFields(), $this->application->module('phire-members')->config()['history']);
             $this->view->id = $member->id;
             $this->sess->setRequestValue('saved', true);
             $this->redirect(BASE_PATH . APP_URI . '/members/edit/' . $member->id);
         }
     }
     $this->send();
 }