public function setUp() { parent::setUp(); $this->enableSecurity(); $userRole = new Opus_UserRole(); $userRole->setName($this->roleName); $userRole->appendAccessModule('admin'); $userRole->appendAccessModule('resource_series'); $userRole->store(); $user = new Opus_Account(); $user->setLogin($this->userName); $user->setPassword('seriesadminpwd'); $user->addRole($userRole); $user->store(); $this->loginUser($this->userName, 'seriesadminpwd'); }
public function addAction() { $this->_helper->layout()->disableLayout(); $this->_helper->viewRenderer->setNoRender(true); $request = $this->getRequest(); $login = $request->getParam('login'); $password = $request->getParam('password'); $userRoles = $request->getParam('user-roles'); $testAccount = Opus_Account::fetchAccountByLogin($login); if (!is_null($testAccount)) { $this->getResponse()->setHttpResponseCode(400); $this->getResponse()->setBody("ERROR: Account '{$login}' already exists."); return; } $account = new Opus_Account(); $account->setLogin($login); $account->setPassword($password); foreach (explode(",", $userRoles) as $roleName) { $roleName = trim($roleName); $role = Opus_UserRole::fetchByName($roleName); if ($role instanceof Opus_UserRole) { $account->addRole($role); } else { $this->getResponse()->setHttpResponseCode(400); $this->getResponse()->setBody("ERROR: Role '{$roleName}' does not exist."); return; } } try { $account->store(); } catch (Opus_Security_Exception $e) { $this->getResponse()->setHttpResponseCode(400); $this->getResponse()->setBody("ERROR: " . $e->getMessage()); return; } $this->getResponse()->setBody('SUCCESS'); }
/** * Performs an authentication attempt * * @throws Zend_Auth_Adapter_Exception If authentication cannot be performed. * @return Zend_Auth_Result */ public function authenticate() { $config = new Zend_Config_Ini('../application/configs/config.ini', 'production'); $log_path = $config->ldap->log_path; $admins = explode(',', $config->ldap->admin_accounts); $options = $config->ldap->toArray(); unset($options['log_path']); unset($options['admin_accounts']); try { // first check local DB with parent class $result = parent::authenticate(); $user = new Zend_Session_Namespace('loggedin'); $user->usernumber = $this->_login; } catch (Exception $e) { throw $e; } if ($result->isValid() !== true) { try { $auth = Zend_Auth::getInstance(); $adapter = new Zend_Auth_Adapter_Ldap($options, $this->_login, $this->_password); $result = $auth->authenticate($adapter); // log the result if a log path has been defined in config.ini if ($log_path) { $messages = $result->getMessages(); $logger = new Zend_Log(); $logger->addWriter(new Zend_Log_Writer_Stream($log_path)); $filter = new Zend_Log_Filter_Priority(Zend_Log::DEBUG); $logger->addFilter($filter); foreach ($messages as $i => $message) { if ($i-- > 1) { // $messages[2] and up are log messages $message = str_replace("\n", "\n ", $message); $logger->log("Ldap: {$i}: {$message}", Zend_Log::DEBUG); } } } // if authentication was successfull and user is not already in OPUS DB // register user as publisher to OPUS database try { $account = new Opus_Account(null, null, $this->_login); } catch (Exception $ex) { if ($result->isValid() === true) { $user = new Zend_Session_Namespace('loggedin'); $user->usernumber = $this->_login; $account = new Opus_Account(); $account->setLogin($this->_login); $account->setPassword($this->_password); $account->store(); $roles = Opus_Role::getAll(); // look for the publisher role in OPUS DB foreach ($roles as $role) { if ($role->getDisplayName() === 'publisher') { $publisherId = $role->getId(); } if ($role->getDisplayName() === 'administrator') { $adminId = $role->getId(); } } if ($publisherId > 0) { $accessRole = new Opus_Role($publisherId); } else { // if there is no publisher role in DB, create it $accessRole = new Opus_Role(); $accessRole->setName('publisher'); // the publisher role needs publish access! $privilege = new Opus_Privilege(); $privilege->setPrivilege('publish'); $accessRole->addPrivilege($privilege); $accessRole->store(); } if ($adminId > 0) { $adminRole = new Opus_Role($adminId); } else { // if there is no publisher role in DB, create it $adminRole = new Opus_Role(); $adminRole->setName('administrator'); // the publisher role needs publish access! $adminprivilege = new Opus_Privilege(); $adminprivilege->setPrivilege('administrate'); $adminRole->addPrivilege($adminprivilege); $adminRole->store(); } if (in_array($this->_login, $admins) === true) { $account->addRole($adminRole); } else { $account->addRole($accessRole); } $account->store(); } } } catch (Zend_Auth_Adapter_Exception $e) { throw $e; } } return $result; }