/**
* Parse the LDAP search results into a nice array
*
* @param resource $searchResult
* @return array
*/
protected function parseSearchResult($searchResult)
{
$result = array();
ldap_sort($this->_directoryServer, $searchResult, $this->_controller->getConfig()->getLdapFirstNameAttribute());
ldap_sort($this->_directoryServer, $searchResult, $this->_controller->getConfig()->getLdapLastNameAttribute());
if (ldap_count_entries($this->_directoryServer, $searchResult)) {
$entries = ldap_get_entries($this->_directoryServer, $searchResult);
for ($i = 0; $i < $entries["count"]; $i++) {
$arr = array('userName' => '', 'firstName' => '', 'lastName' => '', 'emailAddress' => '');
if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapUsernameAttribute())][0])) {
$arr['userName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapUsernameAttribute())][0];
}
if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapFirstNameAttribute())][0])) {
$arr['firstName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapFirstNameAttribute())][0];
}
if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapLastNameAttribute())][0])) {
$arr['lastName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapLastNameAttribute())][0];
}
if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapEmailAddressAttribute())][0])) {
$arr['emailAddress'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapEmailAddressAttribute())][0];
}
$result[] = $arr;
}
}
return $result;
}
/**
* Only for non-authenticated
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if ($action == 'index') {
return !(bool) $user;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* If there is no application then create a new one to work with
* @SuppressWarnings(PHPMD.ExitExpression)
*/
protected function setUp()
{
parent::setUp();
$this->setLayout('xml');
$this->setLayoutVar('filename', 'api.xml');
$this->dom = new DOMDocument('1.0', 'UTF-8');
$this->setVar('xml', $this->dom);
$versions = array(1, 2);
if (empty($this->post['version']) or !in_array($this->post['version'], $versions)) {
$this->setLayoutVar('status', 'error');
$this->addMessage('error', 'Invalid API Version');
$this->loadView('admin_api/index');
exit(0);
}
$this->version = $this->post['version'];
if (empty($this->post['apiKey']) or !($this->_user = $this->_em->getRepository('\\Jazzee\\Entity\\User')->findOneBy(array('apiKey' => $this->post['apiKey'])))) {
sleep(5);
$this->setLayoutVar('status', 'error');
$this->addMessage('error', 'Invalid API Key');
$this->loadView('admin_api/index');
exit(0);
}
if (!empty($this->post['applicationId'])) {
$userPrograms = $this->_user->getPrograms();
if (!($this->_application = $this->_em->getRepository('\\Jazzee\\Entity\\Application')->find($this->post['applicationId'])) or !$this->checkIsAllowed('admin_changeprogram', 'anyProgram') and !in_array($this->_application->getProgram()->getId(), $userPrograms)) {
$this->setLayoutVar('status', 'error');
$this->addMessage('error', 'Invalid Application ID or you do not have access to that application');
$this->loadView('admin_api/index');
exit(0);
}
}
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addScript($this->path('resource/scripts/classes/Status.class.js'));
$this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
$this->addScript($this->path('resource/scripts/controllers/payments_pending.controller.js'));
}
/**
* Only allow access for users with API keys
* These keys are generated in the Manage Users menu
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (in_array($action, array('index', 'updateKey')) and $user and $user->getApiKey()) {
return true;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* If there is no application then create a new one to work with
*/
protected function setUp()
{
parent::setUp();
if (!$this->_application) {
$this->addMessage('notice', 'There is no data to export in this application.');
$this->redirectPath('welcome');
}
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addCss('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/jquery.dataTables.css');
$this->addCss('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/jquery.dataTables_themeroller.css');
$this->addScript('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/jquery.dataTables.min.js');
$this->addCss('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/css/TableTools.min.css');
$this->addCss('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/css/TableTools_JUI.min.css');
$this->addScript('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/js/TableTools.min.js');
$this->addScript($this->path('resource/scripts/classes/Status.class.js'));
$this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
$this->addScript($this->path('resource/scripts/controllers/payments_report.controller.js'));
}
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
//all action authorizations are controlled by the index action
$action = 'index';
return parent::isAllowed($controller, $action, $user, $program, $application);
}
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
//several views are controller by the complete action
if (in_array($action, array('refreshTags', 'refreshPage', 'refreshSirPage'))) {
$action = 'index';
}
if (in_array($action, array('do', 'doAction', 'pageDo', 'doPageAction'))) {
$action = 'editAnswer';
}
if (in_array($action, array('pdf', 'pdftemplate'))) {
$action = 'pdf';
}
//require a working ApplicantPDF class
if (in_array($action, array('pdf'))) {
if (!\Jazzee\ApplicantPDF::isAvailable()) {
return false;
}
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Any user can access
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (in_array($action, array('saveDisplay', 'new', 'deleteDisplay')) and $user) {
return true;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Any user can access
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (in_array($action, array('index', 'savePreferences', 'getPreferences')) and $user) {
return true;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Only allow change program if the user is in at least one program
* At this top level always return false so nothing is allowed by default
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
//Several actions are allowed as long as the user is in at least one program
$specialActions = array('index', 'getAllowedPrograms', 'changeTo');
if ($user and in_array($action, $specialActions)) {
$userPrograms = $user->getPrograms();
return parent::isAllowed($controller, 'anyprogram', $user) or !empty($userPrograms);
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addScript($this->path('resource/scripts/controllers/manage_cycles.controller.js'));
}
public function findByUniqueName($uniqueName)
{
$users = $this->_controller->getEntityManager()->getRepository('\\Jazzee\\Entity\\User')->findBy(array('uniqueName' => $uniqueName));
return $this->parseSearchResult($users);
}
/**
* Use the index action to controll acccess
* require a published application
* @param type $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @param \Jazzee\Entity\Application $application
* @return type
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (!$application || !$application->isPublished()) {
return false;
}
//several views are controller by the index action
if (in_array($action, array('bulk', 'sampleFile'))) {
$action = 'index';
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Controll actions with the index action
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @return bool
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (in_array($action, array('getApplicants', 'listApplicants', 'describeDisplay'))) {
$action = 'index';
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
//several views are controller by the complete action
if (in_array($action, array('saveDisplay', 'deleteDisplay'))) {
$action = 'getRoleDisplay';
}
if ($action == 'getRoleDisplay' and !$application) {
return false;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addScript($this->path('resource/jquery.tagcloud.js'));
$this->addScript($this->path('resource/scripts/controllers/applicants_list.controller.js'));
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
$this->addScript($this->path('resource/scripts/controllers/applicants_search.controller.js'));
}
/**
* Add the required JS
*/
protected function setUp()
{
parent::setUp();
$this->addScript($this->path('resource/scripts/controllers/applicants_decisions.controller.js'));
}
/**
* Don't allow users who don't have a program and a cycle
* @param string $controller
* @param string $action
* @param \Jazzee\Entity\User $user
* @param \Jazzee\Entity\Program $program
* @param \Jazzee\Entity\Application $application
* @return boolean
*/
public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
{
if (!$program) {
return false;
}
return parent::isAllowed($controller, $action, $user, $program, $application);
}
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/apply/');
//Load admin controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/admin/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/admin/');
//Load manage controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/manage/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/manage/');
//Load payments controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/payments/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/payments/');
//Load setup controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/setup/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/setup/');
//Load applicants controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/applicants/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/applicants/');
//Load scores controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/scores/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/scores/');
\Foundation\VC\Config::setViewClassName('\\Jazzee\\View');
\Foundation\VC\Config::setDefaultControllerName('error');
\Foundation\VC\Config::setDefaultControllerActionName('index');
\Foundation\VC\Config::setDefaultControllerActionParams(array('error' => 404, 'message' => 'Sorry the page you are looking for could not be found.'));
//add the builtin admin controller directories
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/manage');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/payments');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/setup');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/scores');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/applicants');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/admin');