public function testVerifyEmailActionWithValidToken()
{
$user = UserService::findOneByUsername('testuser');
$user->setActive(false);
UserService::update();
$this->assertFalse($user->getActive());
$verificationToken = sha1(mt_rand() . $user->getEmail() . mt_rand());
$emailVerification = UserEmailVerificationService::create(array('user' => $user, 'token' => $verificationToken, 'requestDate' => new DateTime()));
$this->dispatch('/user/verifyemail?token=' . $verificationToken);
$this->assertRedirect('/login', 'Failed to redirect after verifying email.');
$this->assertTrue($user->getActive());
}
/**
* Atempts to authenticate
*
* @throws Zend_Auth_Adapter_Exception if answering the authentication query is impossible
* @return Zend_Auth_Result
*/
public function authenticate()
{
if (null !== ($user = UserService::findOneByUsername($this->identity))) {
if (!UserService::verifyPassword($user, $this->credential)) {
$this->authResultInfo['code'] = AuthResult::FAILURE_CREDENTIAL_INVALID;
$this->authResultInfo['messages'][] = 'Supplied credential is invalid.';
} elseif (!$user->getActive()) {
$this->authResultInfo['code'] = AuthResult::FAILURE_REQUIRES_EMAIL_VERIFICATION;
$this->authResultInfo['messages'][] = 'User account requires email address verification.';
} elseif ($user->getLocked()) {
$this->authResultInfo['code'] = AuthResult::FAILURE_ACCOUNT_LOCKED;
$this->authResultInfo['messages'][] = 'User account is locked.';
} else {
$this->user = $user;
$user->setLastConnect(new \DateTime());
UserService::update();
$this->authResultInfo['code'] = AuthResult::SUCCESS;
$this->authResultInfo['messages'][] = 'Authentication successful.';
}
} else {
$this->authResultInfo['code'] = AuthResult::FAILURE_IDENTITY_NOT_FOUND;
$this->authResultInfo['messages'][] = 'Identity not found.';
}
return $this->authenticateCreateAuthResult();
}
/**
* Update user
*
* @param User $user User to be updated
* @param array $data User data to be updated
* @throws Exception
* @return bool True if changes were made
*/
private function _updateUser(User $user, array $data)
{
Logger::debug(__METHOD__ . '::' . var_export($data, true));
#if(isset($data['email']) && '' != $data['email'] && $data['email'] != $user->getEmail()) {
# $user->setEmail($data['email']);
#}
$profile = $user->getProfile();
$social = $profile->getSocialNetworkIdentities();
// Track changes
$changes = array(PROFILE_EDIT => array(), SOCIAL_EDIT => array(), USER_EDIT => array());
foreach ($data as $key => $newValue) {
Logger::debug(__METHOD__ . ":: {$key}");
if (in_array($key, array('firstName', 'lastName', 'phone'))) {
Logger::debug(__METHOD__ . ':: Profile key');
$type = PROFILE_EDIT;
$oldValue = $profile->{'get' . ucfirst($key)}();
} elseif (preg_match('/^social(\\d+)$/', $key, $matches)) {
Logger::debug(__METHOD__ . ':: Social key: social' . $matches[1]);
$type = SOCIAL_EDIT;
$oldValue = $social[$matches[1] - 1];
} else {
Logger::debug(__METHOD__ . ':: User key');
$type = USER_EDIT;
$oldValue = $user->{'get' . ucfirst($key)}();
}
Logger::debug(__METHOD__ . ":: OLD => " . (is_object($oldValue) ? get_class($oldValue) : var_export($oldValue, true)));
Logger::debug(__METHOD__ . ":: NEW => " . (is_object($newValue) ? get_class($newValue) : var_export($newValue, true)));
// Only update changed properties, and keep track of the changes as well
if ($this->_valueChanged($oldValue, $newValue)) {
Logger::debug(__METHOD__ . ":: {$key} has changed");
Logger::debug(__METHOD__ . ":: OLD => " . (is_object($oldValue) ? get_class($oldValue) : var_export($oldValue, true)));
Logger::debug(__METHOD__ . ":: NEW => " . (is_object($newValue) ? get_class($newValue) : var_export($newValue, true)));
$oldVal = $oldValue;
$newVal = $newValue;
if ($newValue instanceof Rexmac\Zyndax\Form\Element\SocialNetworkIdentity && $oldValue instanceof Rexmac\Zyndax\Entity\UserSocialNetworkIdentity) {
$newVal = $newValue->getIdentityName() . '@' . SocialNetworkService::findOneById($newValue->getNetwork())->getName();
$oldVal = $oldValue->getName() . '@' . $oldValue->getSocialNetwork()->getName();
} elseif (is_object($newValue)) {
if (isset($oldValue)) {
$oldVal = $oldValue->getName();
} else {
$oldVal = '';
}
$newVal = $newValue->getName();
} elseif (is_object($oldValue)) {
$oldVal = $oldValue->getName();
}
$changes[$type][] = array('item' => $key, 'oldValue' => $oldVal, 'newValue' => $newVal);
// Set new value
if ($type === SOCIAL_EDIT) {
if ('' === $newValue->getIdentityName()) {
$removed = $profile->removeSocialNetworkIdentity($oldValue);
Logger::debug(__METHOD__ . ':: Removed? ' . var_export($removed, true));
UserSocialNetworkIdentityService::delete($oldValue);
#$profile->setSocialNetworkIdentities(UserSocialNetworkIdentityService::findBy(array('userProfile', $profile->getId())));
} else {
$oldValue->setSocialNetwork(SocialNetworkService::findOneById($newValue->getNetwork()));
$oldValue->setName($newValue->getIdentityName());
}
} elseif ($type === PROFILE_EDIT) {
$profile->{'set' . ucfirst($key)}($newValue);
} else {
$user->{'set' . ucfirst($key)}($newValue);
}
}
}
UserService::update();
UserProfileService::update();
UserSocialNetworkIdentityService::update();
// Any changes to record?
$changed = false;
foreach (array(PROFILE_EDIT, SOCIAL_EDIT, USER_EDIT) as $type) {
Logger::debug(__METHOD__ . ':: Examining ' . $type . ' changes...');
if (count($changes[$type]) > 0) {
Logger::debug(__METHOD__ . ':: changes[\'' . $type . '\'] = ' . var_export($changes[$type], true));
$description = '';
foreach ($changes[$type] as $change) {
Logger::debug(__METHOD__ . ':: change = ' . var_export($change, true));
$description .= sprintf('%s changed from "%s" to "%s".', $change['item'], $change['oldValue'] === 0 ? '0' : $change['oldValue'], $change['newValue']) . PHP_EOL;
Logger::debug(__METHOD__ . ':: description = ' . $description);
}
UserEditEventService::create(array('user' => $user, 'editor' => $this->_user, 'ip' => $this->getRequest()->getServer('REMOTE_ADDR'), 'date' => new DateTime(), 'description' => rtrim($description)));
$changed = true;
}
}
return $changed;
}
/**
* Update User entity
*
* @param User $user
* @param array $data
* @return void
*/
private function _updateUser(User $user, array $data)
{
if (isset($data['newPassword']) && '' != $data['newPassword']) {
// Verify old password
#if(!UserService::verifyPassword($this->_user, $data['password'])) {
# throw new Exception('Current password is invalid');
#}
$data['password'] = UserService::encryptPassword($data['newPassword']);
} else {
$data['password'] = $user->getPassword();
}
unset($data['newPassword']);
unset($data['newPasswordConfirm']);
if (isset($data['role'])) {
$data['role'] = AclRoleService::findOneById($data['role']);
}
if (isset($data['timeZone'])) {
$data['timeZone'] = TimeZoneService::findOneById($data['timeZone']);
}
// Track changes
$changes = array();
foreach ($data as $key => $newValue) {
if ($key === 'userId') {
continue;
}
$oldValue = $user->{'get' . ucfirst($key)}();
Logger::debug(__METHOD__ . ":: {$key}");
Logger::debug(__METHOD__ . ":: OLD => " . (is_object($oldValue) ? get_class($oldValue) : var_export($oldValue, true)));
Logger::debug(__METHOD__ . ":: NEW => " . (is_object($newValue) ? get_class($newValue) : var_export($newValue, true)));
// Only update changed properties, and keep track of the changes as well
if ($this->_valueChanged($oldValue, $newValue)) {
Logger::debug(__METHOD__ . ":: {$key} has changed");
Logger::debug(__METHOD__ . ":: OLD => " . (is_object($oldValue) ? get_class($oldValue) : var_export($oldValue, true)));
Logger::debug(__METHOD__ . ":: NEW => " . (is_object($newValue) ? get_class($newValue) : var_export($newValue, true)));
$oldVal = $oldValue;
$newVal = $newValue;
if (is_object($newValue)) {
if (isset($oldValue)) {
$oldVal = $oldValue->getName();
} else {
$oldVal = '';
}
$newVal = $newValue->getName();
} elseif (is_object($oldValue)) {
$oldVal = $oldValue->getName();
}
$changes[] = array('item' => $key, 'oldValue' => $oldVal, 'newValue' => $newVal);
// Set new value
$user->{'set' . ucfirst($key)}($newValue);
}
}
UserService::update();
// Any changes to record?
if (count($changes) > 0) {
$description = '';
foreach ($changes as $change) {
$description .= sprintf('%s changed from "%s" to "%s".', $change['item'], $change['oldValue'] === 0 ? '0' : $change['oldValue'], $change['newValue']) . PHP_EOL;
}
UserEditEventService::create(array('user' => $user, 'editor' => $this->_user, 'ip' => $this->getRequest()->getServer('REMOTE_ADDR'), 'date' => new DateTime(), 'description' => rtrim($description)));
return true;
}
return false;
}
/**
* Called before an action is dispatched by Zend_Controller_Dispatcher.
* Does nothing if current request matches a whitelisted route, or if
* request is authenticated. Otherwise, redirects to login page.
*
* @param AbstractRequest $request
* @throws Zend_Controller_Dispatcher_Exception
* @throws Zend_Controller_Action_Exception
* @return void
*/
public function preDispatch(AbstractRequest $request)
{
$route = strtolower(sprintf('%s/%s/%s', $request->getModuleName(), $request->getControllerName(), $request->getActionName()));
Logger::debug(__METHOD__ . ':: route = ' . $route);
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
Logger::debug(__METHOD__ . ":: Auth has identity...");
$user = UserService::find($auth->getIdentity());
$user->setLastConnect(new DateTime());
UserService::update();
Zend_Registry::set('user', $user);
Logger::debug(__METHOD__ . ':: logged in as user: '******' - ' . $user->getUsername());
if (!Zend_Session::$_unitTestEnabled) {
// @codeCoverageIgnoreStart
// If accessing non-admin UI and currently using LoginAs feature, then overwrite 'user' in registry
$authCookieName = Zend_Registry::get('config')->session->auth->name;
$ssa = new Zend_Session_Namespace($authCookieName);
if (isset($ssa->loginAsUser) && 'admin' !== strtolower($request->getModuleName())) {
$user = UserService::find($ssa->loginAsUser);
#Logger::debug(__METHOD__.':: admin using login-as user: '******' - ' . $user->getUsername());
Zend_Registry::set('loginAs', true);
Zend_Registry::set('user', $user);
}
}
// @codeCoverageIgnoreEnd
}
$this->_isDispatchable($request);
if (null === $this->_whitelist) {
$this->_whitelist = Zend_Registry::get('config')->auth->whitelist->toArray();
}
foreach ($this->_whitelist as $whitelistedRoute) {
if (preg_match('|^' . $whitelistedRoute . '$|', $route)) {
return;
}
}
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
Logger::debug(__METHOD__ . ":: Auth has identity...");
#if(isset($_SERVER["REMOTE_ADDR"])) { $ip = $_SERVER["REMOTE_ADDR"]; }
#elseif(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) { $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; }
#elseif(isset($_SERVER["HTTP_CLIENT_IP"])) { $ip = $_SERVER["HTTP_CLIENT_IP"]; }
#else { $ip = null; }
return;
}
#$request->setDispatched(false); // Cancel the current action
// Handle unauthorized request...
Logger::debug(__METHOD__ . ":: Unauthorized request. Redirecting...");
if (!Zend_Session::$_unitTestEnabled) {
// @codeCoverageIgnoreStart
$session = new Zend_Session_Namespace('referrer');
$session->uri = $request->getRequestUri();
}
// @codeCoverageIgnoreEnd
if ($request->isXmlHttpRequest()) {
return $this->getResponse()->setHttpResponseCode(500)->setBody(json_encode(array('redirect' => '/user/login')))->sendResponse();
}
$helper = HelperBroker::getStaticHelper('redirector');
$helper->gotoUrl('/user/login');
}
public function testUpdate()
{
$testEntity = UserTest::createTestUser();
self::$entityManager->persist($testEntity);
self::$entityManager->flush();
$this->assertNotEquals('fubar', $testEntity->getName());
$testEntity->setName('fubar');
UserService::update();
$entities = self::$entityManager->createQuery('SELECT e FROM Rexmac\\Zyndax\\Entity\\User e')->execute();
$this->assertEquals('fubar', $entities[0]->getName());
}
