/** * Generates the layout * * @return \Zepi\Web\UserInterface\Layout\AbstractContainer * * @throws \Zepi\Web\AccessControl\Exception User is not set. */ protected function generateLayout() { if ($this->user === null) { throw new Exception('User is not set.'); } $request = $this->framework->getRequest(); $accessLevelSelectorItems = $this->accessLevelHelper->transformAccessLevels($this->accessLevelManager->getAccessLevels(), $request->getSession()->getUser()); $rawPermissionsForUuid = $this->accessControlManager->getPermissionsRawForUuid($this->user->getUuid()); if ($rawPermissionsForUuid === false) { $rawPermissionsForUuid = array(); } $page = new Page(array(new Form('edit-user', $request->getFullRoute(), 'post', array(new ErrorBox('edit-user-errors'), new Tabs(array(new Tab(array(new Row(array(new Column(array(new Group('required-data', $this->translate('Required data', '\\Zepi\\Web\\AccessControl'), array(new Text('username', $this->translate('Username', '\\Zepi\\Web\\AccessControl'), true, $this->user->getName(), $this->translate('The username must be unique. Only one user can use an username.', '\\Zepi\\Web\\AccessControl')), new Password('password', $this->translate('Password', '\\Zepi\\Web\\AccessControl'), $this->user->isNew()), new Password('password-confirmed', $this->translate('Confirm password', '\\Zepi\\Web\\AccessControl'), $this->user->isNew())), 1)), array('col-md-6')), new Column(array(new Group('optional-data', $this->translate('Optional data', '\\Zepi\\Web\\AccessControl'), array(new Text('email', $this->translate('Email address', '\\Zepi\\Web\\AccessControl'), false, $this->user->getMetaData('email')), new Text('location', $this->translate('Location', '\\Zepi\\Web\\AccessControl'), false, $this->user->getMetaData('location')), new Text('website', $this->translate('Website', '\\Zepi\\Web\\AccessControl'), false, $this->user->getMetaData('website')), new Text('twitter', $this->translate('Twitter', '\\Zepi\\Web\\AccessControl'), false, $this->user->getMetaData('twitter')), new Textarea('biography', $this->translate('Biography', '\\Zepi\\Web\\AccessControl'), false, $this->user->getMetaData('biography'))), 2)), array('col-md-6'))))), array(), 'user-tab', $this->translate('User informations', '\\Zepi\\Web\\AccessControl')), new Tab(array(new Selector('access-levels', $this->translate('Access Level Selector', '\\Zepi\\Web\\AccessControl'), false, $rawPermissionsForUuid, $accessLevelSelectorItems, $this->translate('Available Access Levels', '\\Zepi\\Web\\AccessControl'), $this->translate('Granted Access Levels', '\\Zepi\\Web\\AccessControl'), '\\Zepi\\Web\\AccessControl\\Templates\\Form\\Snippet\\AccessLevel')), array(), 'access-tab', $this->translate('Permissions', '\\Zepi\\Web\\AccessControl')))), new Row(array(new Column(array(new ButtonGroup('buttons-left', array(new Button('back', $this->translate('Back', '\\Zepi\\Web\\AccessControl'), array('btn-default'), '', 'a', $request->getFullRoute('/administration/users/'))), 1000, array('text-left'))), array('col-md-4')), new Column(array(new ButtonGroup('buttons', array(new Submit('submit', $this->translate('Save', '\\Zepi\\Web\\AccessControl'), array('btn-large', 'btn-primary'), 'mdi mdi-save')), 1000)), array('col-md-4')))))))); return $page; }
/** * Initializes the user session * * @access public * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Turbo\Response\Response $response * @param \Zepi\Web\AccessControl\Entity\User $user */ public function initializeUserSession(WebRequest $request, Response $response, User $user) { // If the session already has user data ... if ($request->getSessionData('userUuid') !== false) { $sessionToken = $request->getSessionData('userSessionToken'); $sessionTokenLifetime = $request->getSessionData('userSessionTokenLifetime'); // Cleanup the session $this->cleanupSession($request); // Save the old session token for some requests in the next 60 seconds if ($sessionToken !== false) { $request->setSessionData('oldUserSessionToken', $sessionToken); $request->setSessionData('oldUserSessionTokenLifetime', $sessionTokenLifetime); } } // Regenerate the session $this->regenerateSession($request); $sessionToken = md5($user->getUuid()) . '-' . md5(uniqid()); $sessionTokenLifeTime = time() + 300; $request->setSessionData('userUuid', $user->getUuid()); $request->setSessionData('userSessionToken', $sessionToken); $request->setSessionData('userSessionTokenLifetime', $sessionTokenLifeTime); setcookie($sessionToken, $sessionTokenLifeTime, 0, '/', '', $request->isSsl()); }
/** * Returns true if the username is in use and not is the edited user. * * @param string $username * @param \Zepi\Web\AccessControl\Entity\User $user * @return boolean */ protected function isUsernameInUse($username, User $user) { return $this->userManager->hasUserForUsername($username) && $this->userManager->getUserForUsername($username)->getUuid() != $user->getUuid(); }
/** * Deletes the user with the given uuid * * @param \Zepi\Web\AccessControl\Entity\User $user * @return boolean * * @throws \Zepi\Core\AccessControl\Exception Cannot delete the user. User does not exist. */ public function deleteUser($user) { // If the uuid does not exists we cannot delete the user if (!$this->accessControlManager->hasAccessEntityForUuid(self::ACCESS_ENTITY_TYPE, $user->getUuid())) { throw new Exception('Cannot delete the user. User does not exist.'); } // Delete the access entity return $this->accessControlManager->deleteAccessEntity($user); }