/**
* @method POST
*/
function login()
{
// parse request
parse_str($this->request->data, $request);
$email = $request['email'];
$password = $request['password'];
// get the user from the credentials
$user = User::GetByEmailPassword($email, $password);
if ($user != null) {
try {
// if $site is null, login to the app, else login to the site
$site = Site::GetBySiteUniqId(SITE_UNIQ_ID);
// default canView
$canView = '';
// try to get a role by its name
$role = Role::GetByName($user['Role'], $user['SiteId']);
// set canView permission
if ($role != null) {
$canView = trim($role['CanView']);
}
if ($site['SiteId'] == $user['SiteId']) {
SiteAuthUser::Create(SITE_FRIENDLY_ID, $user, $canView);
$params = array();
} else {
// invalid login
$response = new Tonic\Response(Tonic\Response::BADREQUEST);
$response->body = 'Site mismatch';
return $response;
}
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'text/html';
$response->body = 'success!';
} catch (Exception $e) {
$response = new Tonic\Response(Tonic\Response::BADREQUEST);
$response->body = $e->getMessage();
return $response;
}
return $response;
} else {
// return an unauthorized exception (401)
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = 'Access denied';
return $response;
}
}
public static function SetAccess($user)
{
if ($user['Role'] == 'Admin') {
$is_auth = true;
$canEdit = 'All';
$canPublish = 'All';
$canRemove = 'All';
$canCreate = 'All';
} else {
if ($user['Role'] == 'Contributor') {
$is_auth = true;
$canEdit = 'All';
$canPublish = '';
$canRemove = '';
$canCreate = '';
} else {
if ($user['Role'] == 'Member') {
$is_auth = false;
} else {
// try to get a role by its name
$role = Role::GetByName($user['Role'], $user['SiteId']);
if ($role != null) {
$canEdit = trim($role['CanEdit']);
$canPublish = trim($role['CanPublish']);
$canRemove = trim($role['CanRemove']);
$canCreate = trim($role['CanCreate']);
if ($canEdit != '' && $canPublish != '' && $canRemove != '') {
$is_auth = true;
}
} else {
$is_auth = false;
}
}
}
}
// set can access
if ($canEdit == 'All' || $canPublish == 'All' || $canRemove == 'All' || $canCreate == 'All') {
$canAccess = 'All';
} else {
$canAccess = $canEdit . ',' . $canPublish . ',' . $canRemove . ',' . $canCreate;
}
return array('CanEdit' => $canEdit, 'CanPublish' => $canPublish, 'CanRemove' => $canRemove, 'CanCreate' => $canCreate, 'CanAccess' => $canAccess);
}
/**
* @method POST
*/
function login()
{
// parse request
parse_str($this->request->data, $request);
$email = $request['email'];
$password = $request['password'];
// get site
$site = null;
$first_login = false;
if (isset($request['friendlyId'])) {
$friendlyId = $request['friendlyId'];
// get site by its friendly id
$site = Site::GetByFriendlyId($friendlyId);
} else {
if (isset($request['siteId'])) {
$siteId = $request['siteId'];
// get site by its friendly id
$site = Site::GetBySiteId($siteId);
} else {
// return an unauthorized exception (401)
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = 'Access denied';
return $response;
}
}
// set first_login if the last login is null
if ($site['LastLogin'] == NULL) {
$first_login = true;
}
// get the user from the credentials
$user = User::GetByEmailPassword($email, $site['SiteId'], $password);
// determine if the user is authorized
$is_auth = false;
// permissions
$canEdit = '';
$canPublish = '';
$canRemove = '';
$canCreate = '';
$canView = '';
if ($user != null) {
if ($user['Role'] == 'Admin') {
$is_auth = true;
$canEdit = 'All';
$canPublish = 'All';
$canRemove = 'All';
$canCreate = 'All';
$canView = 'All';
} else {
if ($user['Role'] == 'Contributor') {
$is_auth = true;
$canEdit = 'All';
$canPublish = '';
$canRemove = '';
$canCreate = '';
$canView = 'All';
} else {
if ($user['Role'] == 'Member') {
$is_auth = true;
$canEdit = '';
$canPublish = '';
$canRemove = '';
$canCreate = '';
$canView = 'All';
} else {
// try to get a role by its name
$role = Role::GetByName($user['Role'], $user['SiteId']);
if ($role != null) {
$canEdit = trim($role['CanEdit']);
$canPublish = trim($role['CanPublish']);
$canRemove = trim($role['CanRemove']);
$canCreate = trim($role['CanCreate']);
$canView = trim($role['CanView']);
} else {
$is_auth = false;
}
}
}
}
} else {
// return an unauthorized exception (401)
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = 'Access denied';
return $response;
}
// login if authorized
if ($is_auth = true) {
try {
$fullPhotoUrl = '';
// set photo url
if ($user['PhotoUrl'] != '' && $user['PhotoUrl'] != NULL) {
// build the full URL for the photo
$site = Site::GetBySiteId($user['SiteId']);
// set images URL
if (FILES_ON_S3 == true) {
$bucket = $site['Bucket'];
$imagesURL = str_replace('{{bucket}}', $bucket, S3_URL);
$imagesURL = str_replace('{{site}}', $site['FriendlyId'], $imagesURL);
} else {
$imagesURL = $site['Domain'];
}
$fullPhotoUrl = $imagesURL . '/files/thumbs/' . $user['PhotoUrl'];
}
// set last login
Site::SetLastLogin($user['SiteId']);
// return a subset of the user array
$returned_user = array('Email' => $user['Email'], 'FirstName' => $user['FirstName'], 'LastName' => $user['LastName'], 'PhotoUrl' => $user['PhotoUrl'], 'FullPhotoUrl' => $fullPhotoUrl, 'Language' => $user['Language'], 'Role' => $user['Role'], 'SiteAdmin' => $user['SiteAdmin'], 'SiteId' => $user['SiteId'], 'UserId' => $user['UserId'], 'CanEdit' => $canEdit, 'CanPublish' => $canPublish, 'CanRemove' => $canRemove, 'CanCreate' => $canCreate, 'CanView' => $canView);
// send token
$params = array('start' => START_PAGE, 'user' => $returned_user, 'firstLogin' => $first_login, 'token' => Utilities::CreateJWTToken($user['UserId'], $user['SiteId']));
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'application/json';
$response->body = json_encode($params);
} catch (Exception $e) {
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = $e->getMessage();
return $response;
}
return $response;
} else {
// return an unauthorized exception (401)
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = 'Access denied';
return $response;
}
}
/**
* @method POST
*/
function login()
{
// parse request
parse_str($this->request->data, $request);
$email = $request['email'];
$password = $request['password'];
// get the user from the credentials
$user = User::GetByEmailPassword($email, $password);
// determine if the user is authorized
$is_auth = false;
// permissions
$canEdit = '';
$canPublish = '';
$canRemove = '';
$canCreate = '';
if ($user != null) {
if ($user['Role'] == 'Admin') {
$is_auth = true;
$canEdit = 'All';
$canPublish = 'All';
$canRemove = 'All';
$canCreate = 'All';
} else {
if ($user['Role'] == 'Contributor') {
$is_auth = true;
$canEdit = 'All';
$canPublish = '';
$canRemove = '';
$canCreate = '';
} else {
if ($user['Role'] == 'Member') {
$is_auth = false;
} else {
// try to get a role by its name
$role = Role::GetByName($user['Role'], $user['SiteId']);
if ($role != null) {
$canEdit = trim($role['CanEdit']);
$canPublish = trim($role['CanPublish']);
$canRemove = trim($role['CanRemove']);
$canCreate = trim($role['CanCreate']);
if ($canEdit != '' && $canPublish != '' && $canRemove != '') {
$is_auth = true;
}
} else {
$is_auth = false;
}
}
}
}
}
// login if authorized
if ($is_auth = true) {
try {
AuthUser::Create($user, $canEdit, $canPublish, $canRemove, $canCreate);
$params = array('start' => START_PAGE);
// return a json response
$response = new Tonic\Response(Tonic\Response::OK);
$response->contentType = 'application/json';
$response->body = json_encode($params);
} catch (Exception $e) {
$response = new Tonic\Response(Tonic\Response::BADREQUEST);
$response->body = $e->getMessage();
return $response;
}
return $response;
} else {
// return an unauthorized exception (401)
$response = new Tonic\Response(Tonic\Response::UNAUTHORIZED);
$response->body = 'Access denied';
return $response;
}
}