/**
* Authorizes the user with his username and password. Initializes
* the user session if the user data are valid.
*
* @access protected
* @param \Zepi\Web\UserInterface\Form\Form $registrationForm
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @return string|boolean
*/
protected function createUser(Form $registrationForm, Framework $framework, RequestAbstract $request, Response $response)
{
$group = $registrationForm->searchPartByKeyAndType('user-data');
$username = trim($group->getPart('username')->getValue());
$email = trim($group->getPart('email')->getValue());
$password = trim($group->getPart('password')->getValue());
$tos = $group->getPart('tos-accepted')->getValue();
$result = $this->validateData($framework, $username, $email, $password, $tos);
// If the validate function returned a string there was an error in the validation.
if ($result !== true) {
return $result;
}
// Create the new user
$user = new User('', '', $username, '', array('email' => $email));
$user->setNewPassword($password);
// Generate an activation code
$activationToken = uniqid(md5($email), true);
$user->setMetaData('activationToken', $activationToken);
$user = $this->userManager->addUser($user);
// Add the disabled access level
$this->accessControlManager->grantPermission($user->getUuid(), '\\Zepi\\Web\\AccessControl\\Entity\\User', '\\Global\\Disabled', 'Registration');
// Send the registration mail
$activationLink = $request->getFullRoute('/activate/' . $user->getUuid() . '/' . $activationToken . '/');
$this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('Your registration', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\Registration', array('user' => $user, 'activationLink' => $activationLink)));
return true;
}
/**
* Changes the password for the logged in user.
*
* @access protected
* @param \Zepi\Turbo\Request\WebRequest $request
* @param \Zepi\Web\AccessControl\Entity\User $user
*/
protected function saveUser(WebRequest $request, User $user)
{
$formValues = $this->layout->getFormValues();
// Set the username
$user->setName($formValues['required-data.username']);
// Set the password to a new user or if the user has changed the password
if ($user->isNew() || $formValues['required-data.password'] != '') {
$user->setNewPassword($formValues['required-data.password']);
}
// Set the optional data
$user->setMetaData('email', $formValues['optional-data.email']);
$user->setMetaData('location', $formValues['optional-data.location']);
$user->setMetaData('website', $formValues['optional-data.website']);
$user->setMetaData('twitter', $formValues['optional-data.twitter']);
$user->setMetaData('biography', $formValues['optional-data.biography']);
// Save the user
if ($user->isNew()) {
$user = $this->userManager->addUser($user);
} else {
$this->userManager->updateUser($user);
}
if ($user === false) {
return false;
}
// Save the access levels
$this->accessControlManager->updatePermissions($user, $formValues['access-levels'], $request->getSession()->getUser());
return true;
}
/**
* Execute the installation the access control module
*
* @access public
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\CliRequest $request
* @param \Zepi\Turbo\Response\Response $response
*/
public function execute(Framework $framework, CliRequest $request, Response $response)
{
// Execute the installer only if there are no users
$dataRequest = new \Zepi\DataSource\Core\Entity\DataRequest(1, 0, 'name', 'ASC');
if ($this->userManager->count($dataRequest) > 0) {
return;
}
$username = '';
while ($username === '') {
$username = trim($this->cliHelper->inputText('Please enter the username for the super-admin user:'******'';
while ($password === '') {
$password = trim($this->cliHelper->inputText('Please enter the password for the super-admin user:'******'', '', $username, '', array());
$user->setNewPassword($password);
// Save the super-admin user
$user = $this->userManager->addUser($user);
// Add the super-admin access level
$this->accessControlManager->grantPermission($user->getUuid(), '\\Zepi\\Web\\AccessControl\\Entity\\User', '\\Global\\*', 'CLI');
}