Ejemplo n.º 1
0
 /**
  * Constructor.
  */
 function UserManagementForm($userId = null)
 {
     parent::Form('manager/people/userProfileForm.tpl');
     $journal =& Request::getJournal();
     if ($userId && !Validation::canAdminister($journal->getId(), $userId)) {
         $userId = null;
     }
     $this->userId = isset($userId) ? (int) $userId : null;
     $site =& Request::getSite();
     // Validation checks for this form
     if ($userId == null) {
         $this->addCheck(new FormValidator($this, 'username', 'required', 'user.profile.form.usernameRequired'));
         $this->addCheck(new FormValidatorCustom($this, 'username', 'required', 'user.register.form.usernameExists', array(DAORegistry::getDAO('UserDAO'), 'userExistsByUsername'), array($this->userId, true), true));
         $this->addCheck(new FormValidatorAlphaNum($this, 'username', 'required', 'user.register.form.usernameAlphaNumeric'));
         if (!Config::getVar('security', 'implicit_auth')) {
             $this->addCheck(new FormValidator($this, 'password', 'required', 'user.profile.form.passwordRequired'));
             $this->addCheck(new FormValidatorLength($this, 'password', 'required', 'user.register.form.passwordLengthTooShort', '>=', $site->getMinPasswordLength()));
             $this->addCheck(new FormValidatorCustom($this, 'password', 'required', 'user.register.form.passwordsDoNotMatch', create_function('$password,$form', 'return $password == $form->getData(\'password2\');'), array(&$this)));
         }
     } else {
         $this->addCheck(new FormValidatorLength($this, 'password', 'optional', 'user.register.form.passwordLengthTooShort', '>=', $site->getMinPasswordLength()));
         $this->addCheck(new FormValidatorCustom($this, 'password', 'optional', 'user.register.form.passwordsDoNotMatch', create_function('$password,$form', 'return $password == $form->getData(\'password2\');'), array(&$this)));
     }
     $this->addCheck(new FormValidator($this, 'firstName', 'required', 'user.profile.form.firstNameRequired'));
     $this->addCheck(new FormValidator($this, 'lastName', 'required', 'user.profile.form.lastNameRequired'));
     $this->addCheck(new FormValidatorUrl($this, 'userUrl', 'optional', 'user.profile.form.urlInvalid'));
     $this->addCheck(new FormValidatorEmail($this, 'email', 'required', 'user.profile.form.emailRequired'));
     $this->addCheck(new FormValidatorCustom($this, 'email', 'required', 'user.register.form.emailExists', array(DAORegistry::getDAO('UserDAO'), 'userExistsByEmail'), array($this->userId, true), true));
     $this->addCheck(new FormValidatorPost($this));
 }
Ejemplo n.º 2
0
 /**
  * Sign in as another user.
  * @param $args array ($userId)
  */
 function signInAsUser($args)
 {
     $this->addCheck(new HandlerValidatorConference($this));
     $this->addCheck(new HandlerValidatorRoles($this, true, null, null, array(ROLE_ID_SITE_ADMIN, ROLE_ID_CONFERENCE_MANAGER)));
     $this->validate();
     if (isset($args[0]) && !empty($args[0])) {
         $userId = (int) $args[0];
         $conference =& Request::getConference();
         if (!Validation::canAdminister($conference->getId(), $userId)) {
             $this->setupTemplate();
             // We don't have administrative rights
             // over this user. Display an error.
             $templateMgr =& TemplateManager::getManager();
             $templateMgr->assign('pageTitle', 'manager.people');
             $templateMgr->assign('errorMsg', 'manager.people.noAdministrativeRights');
             $templateMgr->assign('backLink', Request::url(null, null, null, 'people', 'all'));
             $templateMgr->assign('backLinkLabel', 'manager.people.allUsers');
             return $templateMgr->display('common/error.tpl');
         }
         $userDao =& DAORegistry::getDAO('UserDAO');
         $newUser =& $userDao->getUser($userId);
         $session =& Request::getSession();
         // FIXME Support "stack" of signed-in-as user IDs?
         if (isset($newUser) && $session->getUserId() != $newUser->getId()) {
             $session->setSessionVar('signedInAs', $session->getUserId());
             $session->setSessionVar('userId', $userId);
             $session->setUserId($userId);
             $session->setSessionVar('username', $newUser->getUsername());
             Request::redirect(null, null, 'user');
         }
     }
     Request::redirect(null, null, Request::getRequestedPage());
 }
Ejemplo n.º 3
0
 /**
  * @copydoc GridRow::initialize()
  */
 function initialize($request, $template = null)
 {
     // Do the default initialization
     parent::initialize($request, $template);
     // Is this a new row or an existing row?
     $rowId = $this->getId();
     if (!empty($rowId) && is_numeric($rowId)) {
         // Only add row actions if this is an existing row.
         $router = $request->getRouter();
         import('lib.pkp.classes.linkAction.request.RemoteActionConfirmationModal');
         if ($this->_canAdminister) {
             $this->addAction(new LinkAction('delete', new RemoteActionConfirmationModal(__('editor.submission.removeStageParticipant.description'), __('editor.submission.removeStageParticipant'), $router->url($request, null, null, 'deleteParticipant', null, $this->getRequestArgs()), 'modal_delete'), __('grid.action.remove'), 'delete'));
         }
         import('lib.pkp.controllers.grid.users.stageParticipant.linkAction.NotifyLinkAction');
         $submission = $this->getSubmission();
         $stageId = $this->getStageId();
         $stageAssignment = $this->getData();
         $userId = $stageAssignment->getUserId();
         $this->addAction(new NotifyLinkAction($request, $submission, $stageId, $userId));
         $user = $request->getUser();
         if (!Validation::isLoggedInAs() && $user->getId() != $rowId && Validation::canAdminister($rowId, $user->getId())) {
             $dispatcher = $router->getDispatcher();
             import('lib.pkp.classes.linkAction.request.RedirectConfirmationModal');
             $this->addAction(new LinkAction('logInAs', new RedirectConfirmationModal(__('grid.user.confirmLogInAs'), __('grid.action.logInAs'), $dispatcher->url($request, ROUTE_PAGE, null, 'login', 'signInAsUser', $userId)), __('grid.action.logInAs'), 'enroll_user'));
         }
     }
 }
Ejemplo n.º 4
0
 /**
  * @copydoc GridRow::initialize()
  */
 function initialize($request, $template = null)
 {
     parent::initialize($request, $template);
     // Is this a new row or an existing row?
     $element =& $this->getData();
     assert(is_a($element, 'User'));
     $rowId = $this->getId();
     if (!empty($rowId) && is_numeric($rowId)) {
         // Only add row actions if this is an existing row
         $router = $request->getRouter();
         $actionArgs = array('gridId' => $this->getGridId(), 'rowId' => $rowId);
         $actionArgs = array_merge($actionArgs, $this->getRequestArgs());
         $this->addAction(new LinkAction('email', new AjaxModal($router->url($request, null, null, 'editEmail', null, $actionArgs), __('grid.user.email'), 'modal_email', true), __('grid.user.email'), 'notify'));
         $this->addAction(new LinkAction('edit', new AjaxModal($router->url($request, null, null, 'editUser', null, $actionArgs), __('grid.user.edit'), 'modal_edit', true), __('grid.user.edit'), 'edit'));
         if ($element->getDisabled()) {
             $actionArgs['enable'] = true;
             $this->addAction(new LinkAction('enable', new AjaxModal($router->url($request, null, null, 'editDisableUser', null, $actionArgs), __('common.enable'), 'enable', true), __('common.enable'), 'enable'));
         } else {
             $actionArgs['enable'] = false;
             $this->addAction(new LinkAction('disable', new AjaxModal($router->url($request, null, null, 'editDisableUser', null, $actionArgs), __('grid.user.disable'), 'disable', true), __('grid.user.disable'), 'disable'));
         }
         $this->addAction(new LinkAction('remove', new RemoteActionConfirmationModal(__('manager.people.confirmRemove'), __('common.remove'), $router->url($request, null, null, 'removeUser', null, $actionArgs), 'modal_delete'), __('grid.action.remove'), 'delete'));
         $sessionManager = SessionManager::getManager();
         $session = $sessionManager->getUserSession();
         $canAdminister = Validation::canAdminister($this->getId(), $session->user->getId());
         if (!Validation::isLoggedInAs() and $session->user->getId() != $this->getId() and $canAdminister) {
             $dispatcher = $router->getDispatcher();
             $this->addAction(new LinkAction('logInAs', new RedirectConfirmationModal(__('grid.user.confirmLogInAs'), __('grid.action.logInAs'), $dispatcher->url($request, ROUTE_PAGE, null, 'login', 'signInAsUser', $this->getId())), __('grid.action.logInAs'), 'enroll_user'));
         }
         $oldUserId = $this->getOldUserId();
         $userDao = DAORegistry::getDAO('UserDAO');
         $oldUser = $userDao->getById($this->getOldUserId());
         if ($oldUser) {
             $actionArgs['oldUserId'] = $this->getOldUserId();
             $actionArgs['newUserId'] = $rowId;
             // Don't merge a user in itself
             if ($actionArgs['oldUserId'] != $actionArgs['newUserId']) {
                 $userDao = DAORegistry::getDAO('UserDAO');
                 $oldUser = $userDao->getById($this->getOldUserId());
                 $this->addAction(new LinkAction('mergeUser', new RemoteActionConfirmationModal(__('grid.user.mergeUsers.confirm', array('oldUsername' => $oldUser->getUsername(), 'newUsername' => $element->getUsername())), null, $router->url($request, null, null, 'mergeUsers', null, $actionArgs), 'modal_merge_users'), __('grid.user.mergeUsers.mergeIntoUser'), 'merge_users'));
             }
         } else {
             // do not allow the deletion of the admin account.
             if ($rowId > 1 && $canAdminister) {
                 $this->addAction(new LinkAction('mergeUser', new JsEventConfirmationModal(__('grid.user.mergeUsers.mergeUserSelect.confirm'), 'confirmationModalConfirmed', array('oldUserId' => $rowId), null, 'modal_merge_users'), __('grid.user.mergeUsers.mergeUser'), 'merge_users'));
             }
         }
     }
 }
Ejemplo n.º 5
0
 /**
  * Save changes to a user profile.
  */
 function updateUser()
 {
     $this->validate();
     $this->setupTemplate(true);
     $conference =& Request::getConference();
     $userId = Request::getUserVar('userId');
     if (!empty($userId) && !Validation::canAdminister($conference->getId(), $userId)) {
         // We don't have administrative rights
         // over this user. Display an error.
         $templateMgr =& TemplateManager::getManager();
         $templateMgr->assign('pageTitle', 'manager.people');
         $templateMgr->assign('errorMsg', 'manager.people.noAdministrativeRights');
         $templateMgr->assign('backLink', Request::url(null, null, null, 'people', 'all'));
         $templateMgr->assign('backLinkLabel', 'manager.people.allUsers');
         return $templateMgr->display('common/error.tpl');
     }
     import('classes.manager.form.UserManagementForm');
     if (checkPhpVersion('5.0.0')) {
         // WARNING: This form needs $this in constructor
         $userForm = new UserManagementForm($userId);
     } else {
         $userForm =& new UserManagementForm($userId);
     }
     $userForm->readInputData();
     if ($userForm->validate()) {
         $userForm->execute();
         if (Request::getUserVar('createAnother')) {
             $templateMgr =& TemplateManager::getManager();
             $templateMgr->assign('currentUrl', Request::url(null, null, null, 'people', 'all'));
             $templateMgr->assign('userCreated', true);
             unset($userForm);
             if (checkPhpVersion('5.0.0')) {
                 // WARNING: This form needs $this in constructor
                 $userForm = new UserManagementForm();
             } else {
                 $userForm =& new UserManagementForm();
             }
             $userForm->initData();
             $userForm->display();
         } else {
             if ($source = Request::getUserVar('source')) {
                 Request::redirectUrl($source);
             } else {
                 Request::redirect(null, null, null, 'people', 'all');
             }
         }
     } else {
         $userForm->display();
     }
 }
Ejemplo n.º 6
0
 /**
  * Sign in as another user.
  * @param $args array ($userId)
  * @param $request PKPRequest
  */
 function signInAsUser($args, $request)
 {
     if (isset($args[0]) && !empty($args[0])) {
         $userId = (int) $args[0];
         $session = $request->getSession();
         if (!Validation::canAdminister($userId, $session->getUserId())) {
             $this->setupTemplate($request);
             // We don't have administrative rights
             // over this user. Display an error.
             $templateMgr = TemplateManager::getManager($request);
             $templateMgr->assign(array('pageTitle' => 'manager.people', 'errorMsg' => 'manager.people.noAdministrativeRights', 'backLink' => $request->url(null, null, 'people', 'all'), 'backLinkLabel' => 'manager.people.allUsers'));
             return $templateMgr->display('frontend/pages/error.tpl');
         }
         $userDao = DAORegistry::getDAO('UserDAO');
         $newUser = $userDao->getById($userId);
         if (isset($newUser) && $session->getUserId() != $newUser->getId()) {
             $session->setSessionVar('signedInAs', $session->getUserId());
             $session->setSessionVar('userId', $userId);
             $session->setUserId($userId);
             $session->setSessionVar('username', $newUser->getUsername());
             $this->sendHome($request);
         }
     }
     $request->redirect(null, $request->getRequestedPage());
 }
Ejemplo n.º 7
0
 /**
  * Sign in as another user.
  * @param $args array ($userId)
  */
 function signInAsUser($args, &$request)
 {
     $this->validate();
     if (isset($args[0]) && !empty($args[0])) {
         $userId = (int) $args[0];
         if (!Validation::canAdminister($userId)) {
             // We don't have administrative rights
             // over this user. Display an error.
             $templateMgr =& TemplateManager::getManager($request);
             $templateMgr->assign('pageTitle', 'admin.people');
             $templateMgr->assign('errorMsg', 'admin.people.noAdministrativeRights');
             $templateMgr->assign('backLink', $request->url(null, null, 'people', 'all'));
             $templateMgr->assign('backLinkLabel', 'admin.people.allUsers');
             return $templateMgr->display('common/error.tpl');
         }
         $userDao = DAORegistry::getDAO('UserDAO');
         $newUser =& $userDao->getById($userId);
         $session =& $request->getSession();
         // FIXME Support "stack" of signed-in-as user IDs?
         if (isset($newUser) && $session->getUserId() != $newUser->getId()) {
             $session->setSessionVar('signedInAs', $session->getUserId());
             $session->setSessionVar('userId', $userId);
             $session->setUserId($userId);
             $session->setSessionVar('username', $newUser->getUsername());
             $request->redirect('user');
         }
     }
     $request->redirect($request->getRequestedPage());
 }
Ejemplo n.º 8
0
 /**
  * Send the user email and close the modal
  * @param $args array
  * @param $request PKPRequest
  * @return string Serialized JSON object
  */
 function sendEmail($args, &$request)
 {
     // Identify the press
     $press =& $request->getPress();
     // Identify the user Id
     $userId = $request->getUserVar('userId');
     if ($userId !== null && !Validation::canAdminister($press->getId(), $userId)) {
         // We don't have administrative rights over this user.
         $json = new JSON('false', Locale::translate('grid.user.cannotAdminister'));
     } else {
         // Form handling
         import('controllers.grid.users.user.form.UserEmailForm');
         $userEmailForm = new UserEmailForm($userId);
         $userEmailForm->readInputData();
         if ($userEmailForm->validate()) {
             $userEmailForm->execute($args, $request);
             $json = new JSON('true');
         } else {
             $json = new JSON('false', $userEmailForm->display($args, $request));
         }
     }
     return $json->getString();
 }
Ejemplo n.º 9
0
 /**
  * Remove all user group assignments for a press for a given user
  * @param $args array
  * @param $request PKPRequest
  * @return string Serialized JSON object
  */
 function removeUser($args, &$request)
 {
     // Identify the press
     $press =& $request->getPress();
     $pressId = $press->getId();
     // Identify the user Id
     $userId = $request->getUserVar('rowId');
     if ($userId !== null && !Validation::canAdminister($press->getId(), $userId)) {
         // We don't have administrative rights over this user.
         $json = new JSON('false', Locale::translate('grid.user.cannotAdminister'));
     } else {
         // Remove user from all user group assignments for this press
         $userGroupDao =& DAORegistry::getDAO('UserGroupDAO');
         // Check if this user has any user group assignments for this press
         if (!$userGroupDao->userInAnyGroup($userId, $pressId)) {
             $json = new JSON('false', Locale::translate('grid.user.userNoRoles'));
         } else {
             $userGroupDao->deleteAssignmentsByContextId($pressId, $userId);
             // Successfully removed user's user group assignments
             // Refresh the grid row data to indicate this
             $userDao =& DAORegistry::getDAO('UserDAO');
             $user =& $userDao->getUser($userId);
             $row =& $this->getRowInstance();
             $row->setGridId($this->getId());
             $row->setId($user->getId());
             $row->setData($user);
             $row->initialize($request);
             $json = new JSON('true', $this->_renderRowInternally($request, $row));
         }
     }
     return $json->getString();
 }
Ejemplo n.º 10
0
 /**
  * Send the user email and close the modal.
  * @param $args array
  * @param $request PKPRequest
  * @return string Serialized JSON object
  */
 function sendEmail($args, $request)
 {
     $user = $request->getUser();
     // Identify the user Id.
     $userId = $request->getUserVar('userId');
     if ($userId !== null && !Validation::canAdminister($userId, $user->getId())) {
         // We don't have administrative rights over this user.
         $json = new JSONMessage(false, __('grid.user.cannotAdminister'));
     } else {
         // Form handling.
         import('lib.pkp.controllers.grid.settings.user.form.UserEmailForm');
         $userEmailForm = new UserEmailForm($userId);
         $userEmailForm->readInputData();
         if ($userEmailForm->validate()) {
             $userEmailForm->execute($args, $request);
             $json = new JSONMessage(true);
         } else {
             $json = new JSONMessage(false, $userEmailForm->display($args, $request));
         }
     }
     return $json->getString();
 }
Ejemplo n.º 11
0
 /**
  * Allow user account merging, including attributed submissions etc.
  * @param $args array
  * @param $request PKPRequest
  * @return JSONMessage JSON object
  */
 function mergeUsers($args, $request)
 {
     // if there is a $newUserId, this is the second time through, so merge the users.
     $newUserId = (int) $request->getUserVar('newUserId');
     $oldUserId = (int) $request->getUserVar('oldUserId');
     $user = $request->getUser();
     if ($newUserId > 0 && $oldUserId > 0 && Validation::canAdminister($oldUserId, $user->getId())) {
         import('classes.user.UserAction');
         $userAction = new UserAction();
         $userAction->mergeUsers($oldUserId, $newUserId);
         return DAO::getDataChangedEvent();
     } else {
         // The grid shouldn't have presented an action in this
         // case.
         return new JSONMessage(false, __('grid.user.cannotAdminister'));
     }
 }
Ejemplo n.º 12
0
 /**
  * Sign in as another user.
  * @param $args array ($userId)
  * @param $request PKPRequest
  */
 function signInAsUser($args, $request)
 {
     $this->addCheck(new HandlerValidatorRoles($this, true, null, null, array(ROLE_ID_SITE_ADMIN, ROLE_ID_MANAGER)));
     $this->validate();
     if (isset($args[0]) && !empty($args[0])) {
         $userId = (int) $args[0];
         $session = $request->getSession();
         if (!Validation::canAdminister($userId, $session->getUserId())) {
             $this->setupTemplate($request);
             // We don't have administrative rights
             // over this user. Display an error.
             $templateMgr = TemplateManager::getManager($request);
             $templateMgr->assign('pageTitle', 'manager.people');
             $templateMgr->assign('errorMsg', 'manager.people.noAdministrativeRights');
             $templateMgr->assign('backLink', $request->url(null, null, 'people', 'all'));
             $templateMgr->assign('backLinkLabel', 'manager.people.allUsers');
             return $templateMgr->display('common/error.tpl');
         }
         $userDao = DAORegistry::getDAO('UserDAO');
         $newUser = $userDao->getById($userId);
         if (isset($newUser) && $session->getUserId() != $newUser->getId()) {
             $session->setSessionVar('signedInAs', $session->getUserId());
             $session->setSessionVar('userId', $userId);
             $session->setUserId($userId);
             $session->setSessionVar('username', $newUser->getUsername());
             $request->redirect(null, 'dashboard');
         }
     }
     $request->redirect(null, $request->getRequestedPage());
 }