function testAllUsersCreateSiteByDefault() { $user = new UserAccountModel(); $user->setEmail("*****@*****.**"); $user->setUsername("test"); $user->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($user); $userRepo->verifyEmail($user); // reload user object so all flags set correctly $user = $userRepo->loadByUserName("test"); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); ## user can create sites, anon can't! $permissions = $userPerRepo->getPermissionsForUserInIndex(null, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex(null, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, false); $this->assertEquals(1, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, true); $this->assertEquals(0, count($permissions->getPermissions())); }
function testSpecificUsersCreateSite() { $user = new UserAccountModel(); $user->setEmail("*****@*****.**"); $user->setUsername("test"); $user->setPassword("password"); $userOther = new UserAccountModel(); $userOther->setEmail("*****@*****.**"); $userOther->setUsername("other"); $userOther->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($user); $userRepo->verifyEmail($user); $userRepo->create($userOther); $userRepo->verifyEmail($userOther); // reload user object so all flags set correctly $userOther = $userRepo->loadByUserName($userOther->getUsername()); $user = $userRepo->loadByUserName("test"); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); ## Noone can create sites $permissions = $userPerRepo->getPermissionsForUserInIndex(null); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther); $this->assertEquals(0, count($permissions->getPermissions())); ## Now create user group for all users $userGroupModel = new \models\UserGroupModel(); $userGroupModel->setTitle("TITLE"); $userGroupRepo = new \repositories\UserGroupRepository(); $userGroupRepo->createForIndex($userGroupModel); $userGroupRepo->addUserToGroup($user, $userGroupModel); $userGroupRepo->addPermissionToGroup(new \userpermissions\CreateSiteUserPermission(), $userGroupModel, null); ## Now user can create sites, anon can't! $permissions = $userPerRepo->getPermissionsForUserInIndex(null, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex(null, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, false); $this->assertEquals(1, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther, true); $this->assertEquals(0, count($permissions->getPermissions())); }
function show($id, Request $request, Application $app) { $this->build($id, $request, $app); $form = $app['form.factory']->create(new ActionForm()); if ('POST' == $request->getMethod()) { $form->bind($request); if ($form->isValid()) { $data = $form->getData(); $action = new ActionParser($data['action']); $uar = new UserAccountRepository(); if ($action->getCommand() == 'editor' && $action->getParam(0) == 'yes') { $this->parameters['user']->setIsEditor(true); $uar->edit($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'editor' && $action->getParam(0) == 'no') { $this->parameters['user']->setIsEditor(false); $uar->edit($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'sysadmin' && $action->getParam(0) == 'yes') { $this->parameters['user']->setIsSystemAdmin(true); $uar->edit($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'sysadmin' && $action->getParam(0) == 'no') { $this->parameters['user']->setIsSystemAdmin(false); $uar->edit($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'verifyemail') { $uar->verifyEmail($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'resendverificationemail' && !$this->parameters['user']->getIsEmailVerified()) { $repo = new UserAccountVerifyEmailRepository(); $verify = $repo->create($this->parameters['user']); $verify->sendEmail($app, $this->parameters['user']); $app['flashmessages']->addMessage('Sent'); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'close') { $uar->systemAdminShuts($this->parameters['user'], $app['currentUser'], $action->getParam(0)); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'open') { $uar->systemAdminOpens($this->parameters['user'], $app['currentUser']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } else { if ($action->getCommand() == 'email' && filter_var($action->getParam(0), FILTER_VALIDATE_EMAIL)) { $this->parameters['user']->setEmail($action->getParam(0)); $uar->editEmail($this->parameters['user']); return $app->redirect('/sysadmin/user/' . $this->parameters['user']->getId()); } } } } } } } } } } } $this->parameters['form'] = $form->createView(); return $app['twig']->render('sysadmin/user/show.html.twig', $this->parameters); }
function verify($id, $code, Application $app) { $userRepository = new UserAccountRepository(); if ($app['currentUser'] && $app['currentUser']->getId() == $id) { // we don't just do this to save a DB Query. We do this so when we mark user object // verified the user object available to twig is marked verified and so the user // doesn't see big notices on the page. $user = $app['currentUser']; } else { $user = $userRepository->loadByID($id); } if (!$user) { $app['monolog']->addError("Failed verifying account - no user"); return $app['twig']->render('index/user/verifyFail.html.twig', array()); } if ($user->getIsEmailVerified()) { $app['monolog']->addError("Failed verifying account - user " . $user->getId() . " - already verified"); return $app['twig']->render('index/user/verifyDone.html.twig', array()); } $repo = new UserAccountVerifyEmailRepository(); $userVerifyCode = $repo->loadByUserAccountIDAndAccessKey($id, $code); if ($userVerifyCode) { // new way of generating access codes $repo->markVerifiedByUserAccountIDAndAccessKey($id, $code); $user->setIsEmailVerified(true); return $app['twig']->render('index/user/verifyDone.html.twig', array()); } else { if ($user->getEmailVerifyCode() && $user->getEmailVerifyCode() == $code) { // old way of generating access codes $userRepository->verifyEmail($user); $user->setIsEmailVerified(true); return $app['twig']->render('index/user/verifyDone.html.twig', array()); } else { $app['monolog']->addError("Failed verifying account - user " . $user->getId()); return $app['twig']->render('index/user/verifyFail.html.twig', array()); } } }
function testSiteOwnerSpecificEdit() { global $CONFIG; $CONFIG->newUsersAreEditors = true; $this->addCountriesToTestDB(); $userOwner = new UserAccountModel(); $userOwner->setEmail("*****@*****.**"); $userOwner->setUsername("test"); $userOwner->setPassword("password"); $userVerified = new UserAccountModel(); $userVerified->setEmail("*****@*****.**"); $userVerified->setUsername("verified"); $userVerified->setPassword("password"); $userUnverified = new UserAccountModel(); $userUnverified->setEmail("*****@*****.**"); $userUnverified->setUsername("unverified"); $userUnverified->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($userOwner); $userRepo->verifyEmail($userOwner); $userRepo->create($userVerified); $userRepo->verifyEmail($userVerified); $userRepo->create($userUnverified); // reload user object so all flags set correctly $userOwner = $userRepo->loadByUserName($userOwner->getUsername()); $userVerified = $userRepo->loadByUserName($userVerified->getUsername()); $userUnverified = $userRepo->loadByUserName($userUnverified->getUsername()); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); $siteModel = new \models\SiteModel(); $siteModel->setTitle("Test"); $siteModel->setSlug("test"); $siteRepository = new \repositories\SiteRepository(); $countryRepository = new \repositories\CountryRepository(); $siteRepository->create($siteModel, $userOwner, array($countryRepository->loadByTwoCharCode("GB")), $this->getSiteQuotaUsedForTesting(), false); ## Check! $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); $permissions = $userPerRepo->getPermissionsForUserInSite($userOwner, $siteModel, false); $this->assertEquals(2, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userOwner, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userVerified, $siteModel, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userVerified, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userUnverified, $siteModel, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userUnverified, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnonymousInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnyUserInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnyVerifiedUserInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); }