Ejemplo n.º 1
0
 /**
  * Parse the LDAP search results into a nice array
  *
  * @param resource $searchResult
  * @return array
  */
 protected function parseSearchResult($searchResult)
 {
     $result = array();
     ldap_sort($this->_directoryServer, $searchResult, $this->_controller->getConfig()->getLdapFirstNameAttribute());
     ldap_sort($this->_directoryServer, $searchResult, $this->_controller->getConfig()->getLdapLastNameAttribute());
     if (ldap_count_entries($this->_directoryServer, $searchResult)) {
         $entries = ldap_get_entries($this->_directoryServer, $searchResult);
         for ($i = 0; $i < $entries["count"]; $i++) {
             $arr = array('userName' => '', 'firstName' => '', 'lastName' => '', 'emailAddress' => '');
             if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapUsernameAttribute())][0])) {
                 $arr['userName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapUsernameAttribute())][0];
             }
             if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapFirstNameAttribute())][0])) {
                 $arr['firstName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapFirstNameAttribute())][0];
             }
             if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapLastNameAttribute())][0])) {
                 $arr['lastName'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapLastNameAttribute())][0];
             }
             if (!empty($entries[$i][strtolower($this->_controller->getConfig()->getLdapEmailAddressAttribute())][0])) {
                 $arr['emailAddress'] = $entries[$i][strtolower($this->_controller->getConfig()->getLdapEmailAddressAttribute())][0];
             }
             $result[] = $arr;
         }
     }
     return $result;
 }
Ejemplo n.º 2
0
 /**
  * Only for non-authenticated
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if ($action == 'index') {
         return !(bool) $user;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 3
0
 /**
  * If there is no application then create a new one to work with
  * @SuppressWarnings(PHPMD.ExitExpression)
  */
 protected function setUp()
 {
     parent::setUp();
     $this->setLayout('xml');
     $this->setLayoutVar('filename', 'api.xml');
     $this->dom = new DOMDocument('1.0', 'UTF-8');
     $this->setVar('xml', $this->dom);
     $versions = array(1, 2);
     if (empty($this->post['version']) or !in_array($this->post['version'], $versions)) {
         $this->setLayoutVar('status', 'error');
         $this->addMessage('error', 'Invalid API Version');
         $this->loadView('admin_api/index');
         exit(0);
     }
     $this->version = $this->post['version'];
     if (empty($this->post['apiKey']) or !($this->_user = $this->_em->getRepository('\\Jazzee\\Entity\\User')->findOneBy(array('apiKey' => $this->post['apiKey'])))) {
         sleep(5);
         $this->setLayoutVar('status', 'error');
         $this->addMessage('error', 'Invalid API Key');
         $this->loadView('admin_api/index');
         exit(0);
     }
     if (!empty($this->post['applicationId'])) {
         $userPrograms = $this->_user->getPrograms();
         if (!($this->_application = $this->_em->getRepository('\\Jazzee\\Entity\\Application')->find($this->post['applicationId'])) or !$this->checkIsAllowed('admin_changeprogram', 'anyProgram') and !in_array($this->_application->getProgram()->getId(), $userPrograms)) {
             $this->setLayoutVar('status', 'error');
             $this->addMessage('error', 'Invalid Application ID or you do not have access to that application');
             $this->loadView('admin_api/index');
             exit(0);
         }
     }
 }
Ejemplo n.º 4
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addScript($this->path('resource/scripts/classes/Status.class.js'));
     $this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
     $this->addScript($this->path('resource/scripts/controllers/payments_pending.controller.js'));
 }
Ejemplo n.º 5
0
 /**
  * Only allow access for users with API keys
  * These keys are generated in the Manage Users menu
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (in_array($action, array('index', 'updateKey')) and $user and $user->getApiKey()) {
         return true;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 6
0
 /**
  * If there is no application then create a new one to work with
  */
 protected function setUp()
 {
     parent::setUp();
     if (!$this->_application) {
         $this->addMessage('notice', 'There is no data to export in this application.');
         $this->redirectPath('welcome');
     }
 }
Ejemplo n.º 7
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addCss('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/jquery.dataTables.css');
     $this->addCss('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/css/jquery.dataTables_themeroller.css');
     $this->addScript('https://ajax.aspnetcdn.com/ajax/jquery.dataTables/1.9.4/jquery.dataTables.min.js');
     $this->addCss('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/css/TableTools.min.css');
     $this->addCss('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/css/TableTools_JUI.min.css');
     $this->addScript('//cdnjs.cloudflare.com/ajax/libs/datatables-tabletools/2.1.4/js/TableTools.min.js');
     $this->addScript($this->path('resource/scripts/classes/Status.class.js'));
     $this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
     $this->addScript($this->path('resource/scripts/controllers/payments_report.controller.js'));
 }
Ejemplo n.º 8
0
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     //all action authorizations are controlled by the index action
     $action = 'index';
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 9
0
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     //several views are controller by the complete action
     if (in_array($action, array('refreshTags', 'refreshPage', 'refreshSirPage'))) {
         $action = 'index';
     }
     if (in_array($action, array('do', 'doAction', 'pageDo', 'doPageAction'))) {
         $action = 'editAnswer';
     }
     if (in_array($action, array('pdf', 'pdftemplate'))) {
         $action = 'pdf';
     }
     //require a working ApplicantPDF class
     if (in_array($action, array('pdf'))) {
         if (!\Jazzee\ApplicantPDF::isAvailable()) {
             return false;
         }
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 10
0
 /**
  * Any user can access
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (in_array($action, array('saveDisplay', 'new', 'deleteDisplay')) and $user) {
         return true;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 11
0
 /**
  * Any user can access
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (in_array($action, array('index', 'savePreferences', 'getPreferences')) and $user) {
         return true;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 12
0
 /**
  * Only allow change program if the user is in at least one program
  * At this top level always return false so nothing is allowed by default
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     //Several actions are allowed as long as the user is in at least one program
     $specialActions = array('index', 'getAllowedPrograms', 'changeTo');
     if ($user and in_array($action, $specialActions)) {
         $userPrograms = $user->getPrograms();
         return parent::isAllowed($controller, 'anyprogram', $user) or !empty($userPrograms);
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 13
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addScript($this->path('resource/scripts/controllers/manage_cycles.controller.js'));
 }
Ejemplo n.º 14
0
 public function findByUniqueName($uniqueName)
 {
     $users = $this->_controller->getEntityManager()->getRepository('\\Jazzee\\Entity\\User')->findBy(array('uniqueName' => $uniqueName));
     return $this->parseSearchResult($users);
 }
Ejemplo n.º 15
0
 /**
  * Use the index action to controll acccess
  * require a published application
  * @param type $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @param \Jazzee\Entity\Application $application
  * @return type
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (!$application || !$application->isPublished()) {
         return false;
     }
     //several views are controller by the index action
     if (in_array($action, array('bulk', 'sampleFile'))) {
         $action = 'index';
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 16
0
 /**
  * Controll actions with the index action
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @return bool
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (in_array($action, array('getApplicants', 'listApplicants', 'describeDisplay'))) {
         $action = 'index';
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 17
0
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     //several views are controller by the complete action
     if (in_array($action, array('saveDisplay', 'deleteDisplay'))) {
         $action = 'getRoleDisplay';
     }
     if ($action == 'getRoleDisplay' and !$application) {
         return false;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 18
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addScript($this->path('resource/jquery.tagcloud.js'));
     $this->addScript($this->path('resource/scripts/controllers/applicants_list.controller.js'));
 }
Ejemplo n.º 19
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addScript($this->path('resource/scripts/classes/ChangeProgram.class.js'));
     $this->addScript($this->path('resource/scripts/controllers/applicants_search.controller.js'));
 }
Ejemplo n.º 20
0
 /**
  * Add the required JS
  */
 protected function setUp()
 {
     parent::setUp();
     $this->addScript($this->path('resource/scripts/controllers/applicants_decisions.controller.js'));
 }
Ejemplo n.º 21
0
 /**
  * Don't allow users who don't have a program and a cycle
  * @param string $controller
  * @param string $action
  * @param \Jazzee\Entity\User $user
  * @param \Jazzee\Entity\Program $program
  * @param \Jazzee\Entity\Application $application
  * @return boolean
  */
 public static function isAllowed($controller, $action, \Jazzee\Entity\User $user = null, \Jazzee\Entity\Program $program = null, \Jazzee\Entity\Application $application = null)
 {
     if (!$program) {
         return false;
     }
     return parent::isAllowed($controller, $action, $user, $program, $application);
 }
Ejemplo n.º 22
0
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/apply/');
//Load admin controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/admin/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/admin/');
//Load manage controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/manage/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/manage/');
//Load payments controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/payments/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/payments/');
//Load setup controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/setup/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/setup/');
//Load applicants controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/applicants/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/applicants/');
//Load scores controllers and views
\Foundation\VC\Config::addControllerPath(__DIR__ . '/controllers/scores/');
\Foundation\VC\Config::addControllerViewPath(__DIR__ . '/views/scores/');
\Foundation\VC\Config::setViewClassName('\\Jazzee\\View');
\Foundation\VC\Config::setDefaultControllerName('error');
\Foundation\VC\Config::setDefaultControllerActionName('index');
\Foundation\VC\Config::setDefaultControllerActionParams(array('error' => 404, 'message' => 'Sorry the page you are looking for could not be found.'));
//add the builtin admin controller directories
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/manage');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/payments');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/setup');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/scores');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/applicants');
\Jazzee\AdminController::addControllerPath(__DIR__ . '/controllers/admin');