getSetting() public method

Get a setting
public getSetting ( string $key, mixed $defaultValue = null ) : mixed
$key string The key for the setting to get.
$defaultValue mixed Default value, will be stored if the setting isn't set.
return mixed
Ejemplo n.º 1
0
 /**
  * Load the form
  */
 private function loadForm()
 {
     // create user objects
     $this->user = new BackendUser($this->id);
     $this->allowUserRights = BackendAuthentication::isAllowedAction('Add') || $this->authenticatedUser->getUserId() != $this->id || $this->authenticatedUser->isGod();
     // redirect to error page when not allowed to edit other profiles
     if (!$this->authenticatedUser->isGod() && ($this->authenticatedUser->getUserId() != $this->id && !BackendAuthentication::isAllowedAction('Add'))) {
         $this->redirect(BackendModel::createURLForAction('Error') . '&type=not-allowed');
     }
     // create form
     $this->frm = new BackendForm('edit');
     // get active groups
     $groups = BackendGroupsModel::getGroupsByUser($this->id);
     // loop through groups and set checked
     foreach ($groups as $group) {
         $checkedGroups[] = $group['id'];
     }
     // create elements
     // profile
     $this->frm->addText('email', $this->record['email'], 255)->setAttribute('type', 'email');
     if ($this->user->isGod()) {
         $this->frm->getField('email')->setAttributes(array('disabled' => 'disabled'));
     }
     $this->frm->addText('name', $this->record['settings']['name'], 255);
     $this->frm->addText('surname', $this->record['settings']['surname'], 255);
     $this->frm->addText('nickname', $this->record['settings']['nickname'], 24);
     $this->frm->addImage('avatar');
     // password
     // check if we're god or same user
     if ($this->authenticatedUser->getUserId() == $this->id || $this->authenticatedUser->isGod()) {
         // allow to set new password
         $this->frm->addPassword('new_password', null, 75);
         $this->frm->addPassword('confirm_password', null, 75);
         // disable autocomplete
         $this->frm->getField('new_password')->setAttributes(array('autocomplete' => 'off'));
         $this->frm->getField('confirm_password')->setAttributes(array('autocomplete' => 'off'));
     }
     // settings
     $this->frm->addDropdown('interface_language', BL::getInterfaceLanguages(), $this->record['settings']['interface_language']);
     $this->frm->addDropdown('date_format', BackendUsersModel::getDateFormats(), $this->user->getSetting('date_format'));
     $this->frm->addDropdown('time_format', BackendUsersModel::getTimeFormats(), $this->user->getSetting('time_format'));
     $this->frm->addDropdown('number_format', BackendUsersModel::getNumberFormats(), $this->user->getSetting('number_format', 'dot_nothing'));
     $this->frm->addDropdown('csv_split_character', BackendUsersModel::getCSVSplitCharacters(), $this->user->getSetting('csv_split_character'));
     $this->frm->addDropdown('csv_line_ending', BackendUsersModel::getCSVLineEndings(), $this->user->getSetting('csv_line_ending'));
     // permissions
     $this->frm->addCheckbox('active', $this->record['active'] == 'Y');
     // only when GOD or when you can edit other users
     if ($this->allowUserRights) {
         // disable active field for current users
         if ($this->authenticatedUser->getUserId() == $this->record['id']) {
             $this->frm->getField('active')->setAttribute('disabled', 'disabled');
         }
         // @TODO remove this when the api is kicked out
         $this->frm->addCheckbox('api_access', isset($this->record['settings']['api_access']) && $this->record['settings']['api_access'] == 'Y');
         $this->frm->addMultiCheckbox('groups', BackendGroupsModel::getAll(), $checkedGroups);
     }
 }
Ejemplo n.º 2
0
 /**
  * Execute the action
  */
 public function execute()
 {
     // get parameters
     $this->id = $this->getParameter('id', 'int');
     // does the user exist
     if ($this->id !== null && BackendUsersModel::exists($this->id) && BackendAuthentication::getUser()->getUserId() != $this->id) {
         parent::execute();
         // get data
         $user = new BackendUser($this->id);
         // God-users can't be deleted
         if ($user->isGod()) {
             $this->redirect(BackendModel::createURLForAction('Index') . '&error=cant-delete-god');
         }
         // delete item
         BackendUsersModel::delete($this->id);
         // trigger event
         BackendModel::triggerEvent($this->getModule(), 'after_delete', array('id' => $this->id));
         // item was deleted, so redirect
         $this->redirect(BackendModel::createURLForAction('Index') . '&report=deleted&var=' . $user->getSetting('nickname'));
     } else {
         $this->redirect(BackendModel::createURLForAction('Index') . '&error=non-existing');
     }
 }
Ejemplo n.º 3
0
 /**
  * Execute the action
  */
 public function execute()
 {
     $email = $this->getParameter('email', 'string');
     // does the user exist
     if ($email !== null) {
         parent::execute();
         // delete item
         if (BackendUsersModel::undoDelete($email)) {
             // get user
             $user = new BackendUser(null, $email);
             // trigger event
             $item = array('id' => $user->getUserId(), 'email' => $email);
             BackendModel::triggerEvent($this->getModule(), 'after_undelete', array('item' => $item));
             // item was deleted, so redirect
             $this->redirect(BackendModel::createURLForAction('edit') . '&id=' . $user->getUserId() . '&report=restored&var=' . $user->getSetting('nickname') . '&highlight=row-' . $user->getUserId());
         } else {
             // invalid user
             $this->redirect(BackendModel::createURLForAction('index') . '&error=non-existing');
         }
     } else {
         $this->redirect(BackendModel::createURLForAction('index') . '&error=non-existing');
     }
 }
Ejemplo n.º 4
0
 /**
  * Remove a device from a user.
  *
  * @param string $uri   The uri of the channel opened for the device.
  * @param string $email The emailaddress for the user to link the device to.
  */
 public static function microsoftRemoveDevice($uri, $email)
 {
     if (BaseAPI::isAuthorized()) {
         // redefine
         $uri = (string) $uri;
         // validate
         if ($uri == '') {
             BaseAPI::output(BaseAPI::BAD_REQUEST, array('message' => 'No uri-parameter provided.'));
         }
         if ($email == '') {
             BaseAPI::output(BaseAPI::BAD_REQUEST, array('message' => 'No email-parameter provided.'));
         }
         try {
             // load user
             $user = new User(null, $email);
             // get current uris
             $uris = (array) $user->getSetting('microsoft_channel_uri');
             // not already in array?
             $index = array_search($uri, $uris);
             if ($index !== false) {
                 // remove from array
                 unset($uris[$index]);
                 // save it
                 $user->setSetting('microsoft_channel_uri', $uris);
             }
         } catch (Exception $e) {
             BaseAPI::output(BaseAPI::FORBIDDEN, array('message' => 'Can\'t authenticate you.'));
         }
     }
 }
Ejemplo n.º 5
0
 /**
  * Returns the encrypted password for a user by giving a email/password
  * Returns false if no user was found for this user/pass combination
  *
  * @param string $email    The email.
  * @param string $password The password.
  *
  * @return string
  */
 public static function getEncryptedPassword($email, $password)
 {
     $email = (string) $email;
     $password = (string) $password;
     // fetch user ID by email
     $userId = BackendUsersModel::getIdByEmail($email);
     // check if a user ID was found, return false if no user exists
     if ($userId === false) {
         return false;
     }
     // fetch user record
     $user = new User($userId);
     $key = $user->getSetting('password_key');
     // return the encrypted string
     return (string) self::getEncryptedString($password, $key);
 }
Ejemplo n.º 6
0
 /**
  * Default authentication
  *
  * @return bool
  */
 public static function isAuthorized()
 {
     // grab data
     $email = \SpoonFilter::getGetValue('email', null, '');
     $nonce = \SpoonFilter::getGetValue('nonce', null, '');
     $secret = \SpoonFilter::getGetValue('secret', null, '');
     // data can be available in the POST, so check it
     if ($email == '') {
         $email = \SpoonFilter::getPostValue('email', null, '');
     }
     if ($nonce == '') {
         $nonce = \SpoonFilter::getPostValue('nonce', null, '');
     }
     if ($secret == '') {
         $secret = \SpoonFilter::getPostValue('secret', null, '');
     }
     // check if needed elements are available
     if ($email === '' || $nonce === '' || $secret === '') {
         return self::output(self::NOT_AUTHORIZED, array('message' => 'Not authorized.'));
     }
     // get the user
     try {
         $user = new BackendUser(null, $email);
     } catch (\Exception $e) {
         return self::output(self::FORBIDDEN, array('message' => 'This account does not exist.'));
     }
     // get settings
     $apiAccess = $user->getSetting('api_access', false);
     $apiKey = $user->getSetting('api_key');
     // no API-access
     if (!$apiAccess) {
         return self::output(self::FORBIDDEN, array('message' => 'Your account isn\'t allowed to use the API. Contact an administrator.'));
     }
     // create hash
     $hash = BackendAuthentication::getEncryptedString($email . $apiKey, $nonce);
     // output
     if ($secret != $hash) {
         return self::output(self::FORBIDDEN, array('message' => 'Invalid secret.'));
     }
     // return
     return true;
 }
Ejemplo n.º 7
0
 /**
  * Get the HTML for a user to use in a datagrid
  *
  * @param int $id The Id of the user.
  * @return string
  */
 public static function getUser($id)
 {
     $id = (int) $id;
     // nothing in cache
     if (!isset(self::$dataGridUsers[$id])) {
         // create user instance
         $user = new User($id);
         // get settings
         $avatar = $user->getSetting('avatar', 'no-avatar.gif');
         $nickname = $user->getSetting('nickname');
         $allowed = Authentication::isAllowedAction('Edit', 'Users');
         // build html
         $html = '<div class="dataGridAvatar">' . "\n";
         $html .= '  <div class="avatar av24">' . "\n";
         if ($allowed) {
             $html .= '     <a href="' . BackendModel::createURLForAction('Edit', 'Users') . '&amp;id=' . $id . '">' . "\n";
         }
         $html .= '          <img src="' . FRONTEND_FILES_URL . '/backend_users/avatars/32x32/' . $avatar . '" width="24" height="24" alt="' . $nickname . '" />' . "\n";
         if ($allowed) {
             $html .= '     </a>' . "\n";
         }
         $html .= '  </div>';
         $html .= '  <p><a href="' . BackendModel::createURLForAction('edit', 'users') . '&amp;id=' . $id . '">' . $nickname . '</a></p>' . "\n";
         $html .= '</div>';
         self::$dataGridUsers[$id] = $html;
     }
     return self::$dataGridUsers[$id];
 }
Ejemplo n.º 8
0
 /**
  * Update the user password
  *
  * @param BackendUser $user     An instance of BackendUser.
  * @param string      $password The new password for the user.
  */
 public static function updatePassword(BackendUser $user, $password)
 {
     // fetch user info
     $userId = $user->getUserId();
     $key = $user->getSetting('password_key');
     // update user
     BackendModel::getContainer()->get('database')->update('users', array('password' => BackendAuthentication::getEncryptedString((string) $password, $key)), 'id = ?', $userId);
     // remove the user settings linked to the resetting of passwords
     self::deleteResetPasswordSettings($userId);
 }