protected function getUser()
{
if ($this->user === null) {
$identity = Zend_Auth::getInstance()->getIdentity();
$table = new USVN_Db_Table_Users();
$this->user = $table->fetchRow(array('users_login = ?' => $identity['username']));
}
return $this->user;
}
/**
* Default action for every controller.
*
*/
public function indexAction()
{
$projects = new USVN_Db_Table_Projects();
$this->view->projects = $projects->fetchAllAssignedTo($this->getRequest()->getParam('user'));
$identity = Zend_Auth::getInstance()->getIdentity();
$user_table = new USVN_Db_Table_Users();
$user = $user_table->fetchRow(array('users_login = ?' => $identity['username']));
$this->view->groups = $user->listGroups();
$this->view->maxlen = 12;
}
/**
* Create a project
*
* @param array Fields data
* @param string The creating user
* @param bool Create a group for the project
* @param bool Add user into group
* @param bool Add user as admin for the project
* @param bool Create SVN standard directories
* @return USVN_Db_Table_Row_Project
*/
public static function createProject(array $data, $login, $create_group, $add_user_to_group, $create_admin, $create_svn_directories)
{
//We need check if admin exist before create project because we can't go back
$user_table = new USVN_Db_Table_Users();
$user = $user_table->fetchRow(array('users_login = ?' => $login));
if ($user === null) {
throw new USVN_Exception(T_('Login %s not found'), $login);
}
$groups = new USVN_Db_Table_Groups();
if ($create_group) {
$group = $groups->fetchRow(array('groups_name = ?' => $data['projects_name']));
if ($group !== null) {
throw new USVN_Exception(T_("Group %s already exists."), $data['projects_name']);
}
}
try {
$table = new USVN_Db_Table_Projects();
$table->getAdapter()->beginTransaction();
$project = $table->createRow($data);
$project->save();
USVN_Project::createProjectSVN($data['projects_name'], $create_svn_directories);
if ($create_group) {
$group = $groups->createRow();
$group->description = sprintf(T_("Autocreated group for project %s"), $data['projects_name']);
$group->name = $data['projects_name'];
$group->save();
$project->addGroup($group);
USVN_Project::ApplyFileRights($project, $group, $create_svn_directories);
}
if ($create_group && $add_user_to_group) {
$group->addUser($user);
$group->promoteUser($user);
}
if ($create_admin) {
$project->addUser($user);
}
} catch (Exception $e) {
$table->getAdapter()->rollBack();
throw $e;
}
$table->getAdapter()->commit();
return $project;
}
/**
* Performs an authentication attempt
*
* @throws Zend_Auth_Adapter_Exception If authentication cannot be performed
* @return Zend_Auth_Result
*/
public function authenticate()
{
$result = array();
$result['isValid'] = false;
$result['identity'] = array();
$result['identity']['username'] = $this->_login;
$result['messages'] = array();
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array('users_login = ?' => $this->_login));
if ($user === NULL) {
$result['messages'][] = sprintf(T_('Login %s not found'), $this->_login);
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
if (!USVN_Crypt::checkPassword($this->_password, $user->password)) {
$result['messages'][] = T_('Incorrect password');
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
$result['isValid'] = true;
return new Zend_Auth_Result($result['isValid'], $result['identity'], $result['messages']);
}
private function loadIntoDb()
{
$users = new USVN_Db_Table_Users();
$users->getAdapter()->beginTransaction();
foreach (array_keys($this->_users_password) as $user) {
$data['users_login'] = $user;
$data['users_password'] = $this->_users_password[$user];
$where = $users->getAdapter()->quoteInto('users_login = ?', $user);
$user_row = $users->fetchRow($where);
try {
if ($user_row === null) {
$users->insert($data);
} else {
$users->update($data, $where);
}
} catch (Exception $e) {
$users->getAdapter()->rollBack();
throw new USVN_Exception(T_("Can't add users %s. Import cancel."), $user);
}
}
$users->getAdapter()->commit();
}
/**
* Realiza a autenticação
*
* @todo Create an abstract authenticated method to use around all project
*/
private function _auth()
{
// Get auth informations
$username = (string) $this->_xml->auth->username;
$password = (string) $this->_xml->auth->password;
$auth = Zend_Auth::getInstance();
// Find the authentication adapter from the config file
$config = new USVN_Config_Ini(USVN_CONFIG_FILE, 'general');
$authAdapterMethod = "database";
if (empty($config->alwaysUseDatabaseForLogin)) {
$config->alwaysUseDatabaseForLogin = '******';
}
if ($config->alwaysUseDatabaseForLogin != $username && $config->authAdapterMethod) {
$authAdapterMethod = strtolower($config->authAdapterMethod);
}
$authAdapterClass = 'USVN_Auth_Adapter_' . ucfirst($authAdapterMethod);
if (!class_exists($authAdapterClass)) {
throw new USVN_Exception(T_('The authentication adapter method set in the config file is not valid.'));
}
// Retrieve auth-options, if any, from the config file
$authOptions = null;
if ($config->{$authAdapterMethod} && $config->{$authAdapterMethod}->options) {
$authOptions = $config->{$authAdapterMethod}->options->toArray();
}
// Set up the authentication adapter
$authAdapter = new $authAdapterClass($username, $password, $authOptions);
// Attempt authentication, saving the result
$result = $auth->authenticate($authAdapter);
if (!$result->isValid()) {
return FALSE;
} else {
$identity = $auth->getStorage()->read();
$table = new USVN_Db_Table_Users();
$this->_userRow = $table->fetchRow(array("users_login = ?" => $username));
/**
* Workaround for LDAP.
* We need the identity to match the database,
* but LDAP identities can be in the following form:
* uid=username,ou=people,dc=foo,dc=com
* We need to simply keep username, as passed to the constructor method.
*
* Using in_array(..., get_class_methods()) instead of method_exists() or is_callable(),
* because none of them really check if the method is actually callable (ie. not protected/private).
* See comments @ http://us.php.net/manual/en/function.method-exists.php
*/
if (in_array("getIdentityUserName", get_class_methods($authAdapter))) {
// Because USVN uses an array (...) when Zend uses a string
if (!is_array($identity)) {
$identity = array();
}
$username = $authAdapter->getIdentityUserName();
$auth->getStorage()->write($identity);
}
/**
* Another workaround for LDAP.
* As long as we don't provide real
* and full LDAP support (add, remove, etc.), if a user managed to
* log in with LDAP, or any other non-DB support, we need to add
* the user in the database :)
*/
if ($config->{$authAdapterMethod}->createUserInDBOnLogin) {
$table = new USVN_Db_Table_Users();
$this->_userRow = $table->fetchRow(array("users_login = ?" => $username));
}
return TRUE;
}
}
public function addleadergroupAction()
{
if ($this->_group->isLeaderOrAdmin($this->view->user) == 1) {
$request = $this->getRequest();
/* @var $request USVN_Controller_Request_Http */
$table = new USVN_Db_Table_Groups();
$group = $table->fetchRow(array("groups_name = ?" => str_replace(USVN_URL_SEP, '/', $request->getParam('group'))));
/* @var $group USVN_Db_Table_Row_Group */
try {
$table = new USVN_Db_Table_Users();
if ($request->getParam('ap', "") != "") {
$user = $table->fetchRow(array("users_login = ?" => $request->getParam('ap')));
if ($user === null) {
throw new USVN_Exception(sprintf(T_("Unknown user %s"), $request->getParam('ap')));
}
if (!$group->hasUser($user)) {
$group->addUser($user, true);
} else {
$group->updateLeaderUser($user, 1);
}
}
if ($request->getParam('deleteid', 0) != 0) {
$user = $table->fetchRow(array("users_id = ?" => $request->getParam('deleteid')));
if ($user === null) {
throw new USVN_Exception(sprintf(T_("Unknown user %s"), $request->getParam('deleteid')));
}
if ($group->hasUser($user)) {
$group->deleteUser($user);
}
}
} catch (Exception $e) {
$this->view->message = $e->getMessage();
}
$this->view->group = $group;
} else {
throw new USVN_Exception(sprintf(T_("Access denied.")));
}
}
public function updateAction()
{
$data = $this->getProjectData($_POST);
if (empty($data)) {
$this->_redirect("/admin/project/new");
}
$table = new USVN_Db_Table_Projects();
$project = $table->fetchRow(array("projects_name = ?" => str_replace(USVN_URL_SEP, '/', $this->getRequest()->getParam('name'))));
if ($project === null) {
$this->_redirect("/admin/project/");
}
$identity = Zend_Auth::getInstance()->getIdentity();
$user_table = new USVN_Db_Table_Users();
$users = $user_table->fetchRow(array('users_login = ?' => $identity['username']));
if (isset($_POST['admin'])) {
$table->AddUserToProject($users, $project);
} else {
$table->DeleteUserToProject($users, $project);
}
$project->setFromArray($data);
try {
$project->save();
$this->_redirect("/admin/project/");
} catch (Exception $e) {
$this->view->project = $project;
$this->view->message = nl2br($e->getMessage());
$this->render('edit');
}
}
public function deleteAction()
{
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array('users_login = ?' => $this->getRequest()->getParam('login')));
if ($user === null) {
throw new USVN_Exception(T_("Invalid user %s."), $this->getRequest()->getParam('login'));
}
if ($user->login == $this->getRequest()->getParam('user')->login) {
throw new USVN_Exception(T_("You can't delete yourself."));
}
$user->delete();
$this->_redirect("/admin/user/");
}
/**
* Pre-dispatch routines
*
* Called before action method. If using class with
* {@link Zend_Controller_Front}, it may modify the
* {@link $_request Request object} and reset its dispatched flag in order
* to skip processing the current action.
*
* @return void
*/
public function preDispatch()
{
$request = $this->getRequest();
$controller = $request->getControllerName();
$dir = realpath(USVN_VIEWS_DIR . '/' . $controller);
if ($dir === false || !is_dir($dir)) {
throw new Zend_Controller_Exception('Controller\'s views directory not found. Controller is $controller.');
}
$this->view->setScriptPath($dir);
$this->view->assign('project', str_replace(USVN_URL_SEP, '/', $request->getParam('project')));
$this->view->assign('controller', $request->getParam('controller'));
$area = $request->getParam('area');
if ($area == '__NONE__') {
$area = $request->getParam('controller');
} elseif (in_array($area, array('project', 'group'))) {
$area = 'index';
}
$this->view->assign('area', $area);
$this->view->assign('action', $request->getParam('action'));
$identity = Zend_Auth::getInstance()->getIdentity();
if ($identity === null) {
// TODO:
// It is ugly to have "magic strings" instead of an array saying
// which controllers do not need to be logged in...
if ($controller != "login" && $controller != "rss") {
$currentUrl = $request->getRequestUri();
$baseUrl = rtrim($this->getFrontController()->getBaseUrl(), '/');
if (strncmp($baseUrl, $currentUrl, strlen($baseUrl)) == 0) {
$currentUrl = substr($currentUrl, strlen($baseUrl));
}
$this->_redirect('/login/' . ltrim($currentUrl, '/'));
}
return;
}
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array("users_login = ?" => $identity['username']));
$this->view->isLogged = true;
if ($user === null && $controller != "login" && $controller != "rss") {
$this->_redirect("/logout/");
$this->view->isLogged = false;
}
if (isset($user)) {
$this->view->isAdmin = $user->is_admin;
$this->view->login = $user->login;
}
$request->setParam('user', $user);
}
public function testImportHtpasswd()
{
file_put_contents('../tests/htpasswd', "noplay:BD3ZmTBhHmWJs\nstem:1YApoa5EK/WFs");
$message = USVN_ConsoleUtils::runCmdCaptureMessage("php tools/usvn-import-htpasswd.php ../tests/test.ini ../tests/htpasswd", $return);
$this->assertEquals(0, $return, $message);
echo $message;
chdir($this->_path);
//Else SQLite doesn't work
$userTable = new USVN_Db_Table_Users();
$user = $userTable->fetchRow(array('users_login = ?' => "noplay"));
$this->assertNotNull($user);
$this->assertEquals("BD3ZmTBhHmWJs", $user->password);
}
protected function _doLogin()
{
// Get a reference to the Singleton instance of Zend_Auth
$auth = Zend_Auth::getInstance();
// Find the authentication adapter from the config file
$config = new USVN_Config_Ini(USVN_CONFIG_FILE, 'general');
$authAdapterMethod = "database";
// Default method is databse
if (empty($config->alwaysUseDatabaseForLogin)) {
$config->alwaysUseDatabaseForLogin = '******';
}
if ($config->alwaysUseDatabaseForLogin != $_POST['login'] && $config->authAdapterMethod) {
$authAdapterMethod = strtolower($config->authAdapterMethod);
}
$authAdapterClass = 'USVN_Auth_Adapter_' . ucfirst($authAdapterMethod);
if (!class_exists($authAdapterClass)) {
throw new USVN_Exception(T_('The authentication adapter method set in the config file is not valid.'));
}
// Retrieve auth-options, if any, from the config file
$authOptions = null;
if ($config->{$authAdapterMethod} && $config->{$authAdapterMethod}->options) {
$authOptions = $config->{$authAdapterMethod}->options->toArray();
}
// Set up the authentication adapter
$authAdapter = new $authAdapterClass($_POST['login'], $_POST['password'], $authOptions);
// Attempt authentication, saving the result
$result = $auth->authenticate($authAdapter);
if (!$result->isValid()) {
$this->view->login = $_POST['login'];
$this->view->messages = $result->getMessages();
$this->render('errors');
$this->render('login');
} else {
$identity = $auth->getStorage()->read();
/**
* Workaround for LDAP. We need the identity to match the database,
* but LDAP identities can be in the following form:
* uid=username,ou=people,dc=foo,dc=com
* We need to simply keep username, as passed to the constructor method.
*
* Using in_array(..., get_class_methods()) instead of method_exists() or is_callable(),
* because none of them really check if the method is actually callable (ie. not protected/private).
* See comments @ http://us.php.net/manual/en/function.method-exists.php
*/
if (in_array("getIdentityUserName", get_class_methods($authAdapter))) {
// Because USVN uses an array (...) when Zend uses a string
if (!is_array($identity)) {
$identity = array();
}
$identity['username'] = $authAdapter->getIdentityUserName();
$auth->getStorage()->write($identity);
}
/**
* Another workaround for LDAP. As long as we don't provide real
* and full LDAP support (add, remove, etc.), if a user managed to
* log in with LDAP, or any other non-DB support, we need to add
* the user in the database :)
*/
if ($config->{$authAdapterMethod}->createUserInDBOnLogin) {
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array("users_login = ?" => $identity['username']));
// Not very sure if we need to ask the authAdapter if we need to
// create user in DB, as it is redundant with the config...
if (!$user && in_array("createUserInDB", get_class_methods($authAdapter)) && $authAdapter->createUserInDB()) {
$data = array('users_login' => $identity['username'], 'users_is_admin' => 0, 'users_password' => $_POST['password']);
/* Request firstname, lastname, and username if possible (e.g., can be read from LDAP) */
$authAdapterClassMethods = get_class_methods($authAdapter);
if (in_array('getFirstName', $authAdapterClassMethods)) {
$data['users_firstname'] = $authAdapter->getFirstName();
}
if (in_array('getLastName', $authAdapterClassMethods)) {
$data['users_lastname'] = $authAdapter->getLastName();
}
if (in_array('getEmail', $authAdapterClassMethods)) {
$data['users_email'] = $authAdapter->getEmail();
}
$user = USVN_User::create($data, $config->{$authAdapterMethod}->createGroupForUserInDB, null);
$user->save();
}
}
$this->_redirect('/' . $this->getRequest()->getParam('path'));
exit(0);
}
}
/**
* Pre-dispatch routines
*
* Called before action method. If using class with
* {@link Zend_Controller_Front}, it may modify the
* {@link $_request Request object} and reset its dispatched flag in order
* to skip processing the current action.
*
* @return void
*/
public function preDispatch()
{
$request = $this->getRequest();
$controller = $request->getControllerName();
$dir = realpath(USVN_VIEWS_DIR . '/' . $controller);
if ($dir === false || !is_dir($dir)) {
throw new Zend_Controller_Exception('Controller\'s views directory not found. Controller is $controller.');
}
$this->view->setScriptPath($dir);
$this->view->assign('project', str_replace(USVN_URL_SEP, '/', $request->getParam('project')));
$this->view->assign('controller', $request->getParam('controller'));
$area = $request->getParam('area');
if ($area == '__NONE__') {
$area = $request->getParam('controller');
} elseif (in_array($area, array('project', 'group'))) {
$area = 'index';
}
$this->view->assign('area', $area);
$this->view->assign('action', $request->getParam('action'));
$identity = Zend_Auth::getInstance()->getIdentity();
if ($identity === null) {
/*
* That should be better than magic strings. All controller that
* needs to work without login like "login" or "rss" just need to
* define a constant and set it to 'true'
*/
if (defined(get_class($this) . '::IgnoreLogin') !== true || constant(get_class($this) . '::IgnoreLogin') !== true) {
$currentUrl = $request->getRequestUri();
$baseUrl = rtrim($this->getFrontController()->getBaseUrl(), '/');
if (strncmp($baseUrl, $currentUrl, strlen($baseUrl)) == 0) {
$currentUrl = substr($currentUrl, strlen($baseUrl));
}
$this->_redirect('/login/' . ltrim($currentUrl, '/'));
}
return;
}
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array("users_login = ?" => $identity['username']));
$this->view->isLogged = true;
if ($user === null && (defined(get_class($this) . '::IgnoreLogin') !== true || constant(get_class($this) . '::IgnoreLogin') !== true)) {
$this->_redirect("/logout/");
$this->view->isLogged = false;
}
if (isset($user)) {
$this->view->isAdmin = $user->is_admin;
$this->view->login = $user->login;
}
$request->setParam('user', $user);
}
public function adduserAction()
{
$this->requireAdmin();
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array("users_login = ?" => $this->getRequest()->getParam('users_login')));
if ($user !== null) {
try {
$this->_project->addUser($user);
} catch (Exception $e) {
}
}
$this->_redirect("/project/" . str_replace('/', USVN_URL_SEP, $this->_project->name) . "/");
}
/**
* Check if an user is in the project
*
* @param USVN_Db_Table_Row_User or string User
* @return boolean
*/
public function userIsAdmin($user)
{
if (!is_object($user)) {
$table = new USVN_Db_Table_Users();
$user = $table->fetchRow(array('users_login = ?' => $user));
}
$table = new USVN_Db_Table_UsersToProjects();
$res = $table->fetchRow(array("users_id = ?" => $user->id, "projects_id = ?" => $this->id));
if ($res === null) {
return false;
}
return true;
}
public function test_delete()
{
$users = new USVN_Db_Table_Users();
$this->assertNotNull($users->fetchRow(array('users_login = ?' => 'Indochine')));
$this->request->setParam('login', 'Indochine');
try {
$this->runAction('delete');
} catch (USVN_Test_Exception_Redirect $e) {
$this->assertEquals('/admin/user/', $e->url);
}
$this->assertNull($users->fetchRow(array('users_login = ?' => 'Indochine')));
}
public function test_updateUser()
{
file_put_contents("tests/htpasswd", "noplay:lQeKGl9L6sH3M\nbibi:9bhJwNgJ00I6E");
$import = new USVN_ImportHtpasswd("tests/htpasswd");
file_put_contents("tests/htpasswd", "noplay:BD3ZmTBhHmWJs\nbibi:9bhJwNgJ00I6E\njames:hkjfhdjk");
$import = new USVN_ImportHtpasswd("tests/htpasswd");
$userTable = new USVN_Db_Table_Users();
$user = $userTable->fetchRow(array('users_login = ?' => "james"));
$this->assertNotNull($user);
$user = $userTable->fetchRow(array('users_login = ?' => "bibi"));
$this->assertNotNull($user);
$this->assertEquals("9bhJwNgJ00I6E", $user->password);
$user = $userTable->fetchRow(array('users_login = ?' => "noplay"));
$this->assertNotNull($user);
$this->assertEquals("BD3ZmTBhHmWJs", $user->password);
}
public function testUserUpdateInvalidPassword()
{
$table = new USVN_Db_Table_Users();
$obj = $table->fetchNew();
$obj->setFromArray(array('users_login' => 'UpdateInvalidPassword', 'users_password' => 'password', 'users_firstname' => 'firstname', 'users_lastname' => 'lastname', 'users_email' => '*****@*****.**'));
$id = $obj->save();
$obj = $table->find($id)->current();
$obj->setFromArray(array('users_login' => 'UpdateInvalidPassword', 'users_password' => 'badPass', 'users_firstname' => 'firstname', 'users_lastname' => 'lastname', 'users_email' => '*****@*****.**'));
try {
$obj->save();
} catch (USVN_Exception $e) {
$this->assertContains('Password incorrect', $e->getMessage());
return;
}
$user = $table->fetchRow(array('users_login = ?' => 'UpdateInvalidPassword'));
$this->assertTrue(USVN_Crypt::checkPassword('password', $user->password));
}
