public function connect(SilexApplication $app)
{
$app['controller.setup'] = $this;
$controllers = $app['controllers_factory'];
$controllers->get('/', function (Application $app) {
return $app->redirectPath('install_root');
})->bind('setup');
$controllers->get('/installer/', 'controller.setup:rootInstaller')->bind('install_root');
$controllers->get('/upgrade-instructions/', 'controller.setup:displayUpgradeInstructions')->bind('setup_upgrade_instructions');
$controllers->get('/installer/step2/', 'controller.setup:getInstallForm')->bind('install_step2');
$controllers->post('/installer/install/', 'controller.setup:doInstall')->bind('install_do_install');
$controllers->get('/connection_test/mysql/', function (Application $app, Request $request) {
$dbHelper = new DatabaseHelper($app, $request);
return $app->json($dbHelper->checkConnection());
});
$controllers->get('/test/path/', function (Application $app, Request $request) {
$pathHelper = new PathHelper($app, $request);
return $app->json($pathHelper->checkPath());
});
$controllers->get('/test/url/', function (Application $app, Request $request) {
$pathHelper = new PathHelper($app, $request);
return $app->json($pathHelper->checkUrl());
});
return $controllers;
}
public function connect(SilexApplication $app)
{
$app['controller.prod'] = $this;
$controllers = $app['controllers_factory'];
$controllers->before(function (Request $request) use($app) {
if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) {
return $app->redirectPath('login_authenticate_as_guest');
}
if (null !== ($response = $app['firewall']->requireAuthentication())) {
return $response;
}
});
$controllers->get('/', function (Application $app) {
try {
\Session_Logger::updateClientInfos($app, 1);
} catch (SessionNotFound $e) {
return $app->redirectPath('logout');
}
$cssPath = $app['root.path'] . '/www/skins/prod/';
$css = [];
$cssfile = false;
$finder = new Finder();
$iterator = $finder->directories()->depth(0)->filter(function (\SplFileInfo $fileinfo) {
return ctype_xdigit($fileinfo->getBasename());
})->in($cssPath);
foreach ($iterator as $dir) {
$baseName = $dir->getBaseName();
$css[$baseName] = $baseName;
}
$cssfile = $app['settings']->getUserSetting($app['authentication']->getUser(), 'css');
if (!$cssfile && isset($css['000000'])) {
$cssfile = '000000';
}
$feeds = $app['repo.feeds']->getAllForUser($app['acl']->get($app['authentication']->getUser()));
$aggregate = Aggregate::createFromUser($app, $app['authentication']->getUser());
$thjslist = "";
$queries_topics = '';
if ($app['conf']->get(['registry', 'classic', 'render-topics']) == 'popups') {
$queries_topics = \queries::dropdown_topics($app['translator'], $app['locale']);
} elseif ($app['conf']->get(['registry', 'classic', 'render-topics']) == 'tree') {
$queries_topics = \queries::tree_topics($app['locale']);
}
$sbas = $bas2sbas = [];
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
$sbas_id = $databox->get_sbas_id();
$sbas['s' + $sbas_id] = ['sbid' => $sbas_id, 'seeker' => null];
foreach ($databox->get_collections() as $coll) {
$bas2sbas['b' . $coll->get_base_id()] = ['sbid' => $sbas_id, 'ckobj' => ['checked' => false], 'waschecked' => false];
}
}
return $app['twig']->render('prod/index.html.twig', ['module_name' => 'Production', 'WorkZone' => new Helper\WorkZone($app, $app['request']), 'module_prod' => new Helper\Prod($app, $app['request']), 'cssfile' => $cssfile, 'module' => 'prod', 'events' => $app['events-manager'], 'GV_defaultQuery_type' => $app['conf']->get(['registry', 'searchengine', 'default-query-type']), 'GV_multiAndReport' => $app['conf']->get(['registry', 'modules', 'stories']), 'GV_thesaurus' => $app['conf']->get(['registry', 'modules', 'thesaurus']), 'cgus_agreement' => \databox_cgu::askAgreement($app), 'css' => $css, 'feeds' => $feeds, 'aggregate' => $aggregate, 'GV_google_api' => $app['conf']->get(['registry', 'webservices', 'google-charts-enabled']), 'queries_topics' => $queries_topics, 'search_status' => \databox_status::getSearchStatus($app), 'queries_history' => \queries::history($app, $app['authentication']->getUser()->getId()), 'thesau_js_list' => $thjslist, 'thesau_json_sbas' => json_encode($sbas), 'thesau_json_bas2sbas' => json_encode($bas2sbas), 'thesau_languages' => $app['locales.available']]);
})->bind('prod');
return $controllers;
}
public function connect(SilexApplication $app)
{
$app['controller.setup'] = $this;
$controllers = $app['controllers_factory'];
$controllers->get('/', function (Application $app) {
return $app->redirectPath('install_root');
})->bind('setup');
$controllers->get('/installer/', 'controller.setup:rootInstaller')->bind('install_root');
$controllers->get('/upgrade-instructions/', 'controller.setup:displayUpgradeInstructions')->bind('setup_upgrade_instructions');
$controllers->get('/installer/step2/', 'controller.setup:getInstallForm')->bind('install_step2');
$controllers->post('/installer/install/', 'controller.setup:doInstall')->bind('install_do_install');
return $controllers;
}
/**
* Download a set of documents
*
* @param Application $app
* @param Request $request
* @return RedirectResponse
*/
public function checkDownload(Application $app, Request $request)
{
$lst = $request->request->get('lst');
$ssttid = $request->request->get('ssttid', '');
$subdefs = $request->request->get('obj', []);
$download = new \set_export($app, $lst, $ssttid);
if (0 === $download->get_total_download()) {
$app->abort(403);
}
$list = $download->prepare_export($app['authentication']->getUser(), $app['filesystem'], $subdefs, $request->request->get('type') === 'title' ? true : false, $request->request->get('businessfields'));
$list['export_name'] = sprintf('%s.zip', $download->getExportName());
$token = $app['manipulator.token']->createDownloadToken($app['authentication']->getUser(), serialize($list));
$app['dispatcher']->dispatch(PhraseaEvents::EXPORT_CREATE, new ExportEvent($app['authentication']->getUser(), $ssttid, $lst, $subdefs, $download->getExportName()));
return $app->redirectPath('prepare_download', ['token' => $token->getValue()]);
}
/**
* Download a set of documents
*
* @param Application $app
* @param Request $request
* @return RedirectResponse
*/
public function checkDownload(Application $app, Request $request)
{
$lst = $request->request->get('lst');
$ssttid = $request->request->get('ssttid', '');
$subdefs = $request->request->get('obj', []);
$download = new \set_export($app, $lst, $ssttid);
if (0 === $download->get_total_download()) {
$app->abort(403);
}
$list = $download->prepare_export($app['authentication']->getUser(), $app['filesystem'], $subdefs, $request->request->get('type') === 'title' ? true : false, $request->request->get('businessfields'));
$list['export_name'] = sprintf('%s.zip', $download->getExportName());
$token = $app['tokens']->getUrlToken(\random::TYPE_DOWNLOAD, $app['authentication']->getUser()->getId(), new \DateTime('+3 hours'), serialize($list));
if (!$token) {
throw new \RuntimeException('Download token could not be generated');
}
$app['events-manager']->trigger('__DOWNLOAD__', ['lst' => $lst, 'downloader' => $app['authentication']->getUser()->getId(), 'subdefs' => $subdefs, 'from_basket' => $ssttid, 'export_file' => $download->getExportName()]);
return $app->redirectPath('prepare_download', ['token' => $token]);
}
public function connect(Application $app)
{
$app['controller.client'] = $this;
$controllers = $app['controllers_factory'];
$controllers->before(function (Request $request) use($app) {
if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) {
return $app->redirectPath('login_authenticate_as_guest', ['redirect' => 'client']);
}
if (null !== ($response = $app['firewall']->requireAuthentication())) {
return $response;
}
});
$controllers->get('/', 'controller.client:getClient')->bind('get_client');
$controllers->get('/language/', 'controller.client:getClientLanguage')->bind('get_client_language');
$controllers->get('/publications/', 'controller.client:getClientPublications')->bind('client_publications_start_page');
$controllers->get('/help/', 'controller.client:getClientHelp')->bind('client_help_start_page');
$controllers->post('/query/', 'controller.client:query')->bind('client_query');
return $controllers;
}
public function connect(Application $app)
{
$app['controller.report'] = $this;
$controllers = $app['controllers_factory'];
$app['firewall']->addMandatoryAuthentication($controllers);
$controllers->before(function () use($app) {
$app['firewall']->requireAccessToModule('report');
});
$controllers->get('/', function (Application $app) {
return $app->redirectPath('report_dashboard');
})->bind('report');
$controllers->get('/dashboard', 'controller.report:getDashboard')->bind('report_dashboard');
$controllers->post('/init', 'controller.report:initReport')->bind('report_init');
$controllers->post('/connexions', 'controller.report:doReportConnexions')->bind('report_connexions');
$controllers->post('/questions', 'controller.report:doReportQuestions')->bind('report_questions');
$controllers->post('/downloads', 'controller.report:doReportDownloads')->bind('report_downloads');
$controllers->post('/documents', 'controller.report:doReportDocuments')->bind('report_documents');
$controllers->post('/clients', 'controller.report:doReportClients')->bind('report_clients');
return $controllers;
}
/**
* Display reset email form
*
* @param Application $app
* @param Request $request
* @return Response
*/
public function displayResetEmailForm(Application $app, Request $request)
{
if (null !== ($tokenValue = $request->query->get('token'))) {
if (null === ($token = $app['repo.tokens']->findValidToken($tokenValue))) {
$app->addFlash('error', $app->trans('admin::compte-utilisateur: erreur lors de la mise a jour'));
return $app->redirectPath('account');
}
$user = $token->getUser();
$user->setEmail($token->getData());
$app['manipulator.token']->delete($token);
$app->addFlash('success', $app->trans('admin::compte-utilisateur: L\'email a correctement ete mis a jour'));
return $app->redirectPath('account');
}
return $app['twig']->render('account/reset-email.html.twig', Login::getDefaultTemplateVariables($app));
}
/**
* Mount a databox
*
* @param Application $app The silex application
* @param Request $request The current HTTP request
* @return RedirectResponse
*/
public function databaseMount(Application $app, Request $request)
{
if ('' === ($dbName = trim($request->request->get('new_dbname', '')))) {
return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'no-empty']);
}
if (\p4string::hasAccent($dbName)) {
return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'special-chars']);
}
if (null === $request->request->get('new_settings')) {
try {
$connexion = $app['conf']->get(['main', 'database']);
$hostname = $connexion['host'];
$port = $connexion['port'];
$user = $connexion['user'];
$password = $connexion['password'];
$app['phraseanet.appbox']->get_connection()->beginTransaction();
$base = \databox::mount($app, $hostname, $port, $user, $password, $dbName);
$base->registerAdmin($app['authentication']->getUser());
$app['phraseanet.appbox']->get_connection()->commit();
return $app->redirectPath('admin_database', ['databox_id' => $base->get_sbas_id(), 'success' => 1, 'reload-tree' => 1]);
} catch (\Exception $e) {
$app['phraseanet.appbox']->get_connection()->rollBack();
return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'mount-failed']);
}
}
if (null !== $request->request->get('new_settings') && null !== ($hostname = $request->request->get('new_hostname')) && null !== ($port = $request->request->get('new_port')) && null !== ($userDb = $request->request->get('new_user')) && null !== ($passwordDb = $request->request->get('new_password'))) {
try {
$app['phraseanet.appbox']->get_connection()->beginTransaction();
$base = \databox::mount($app, $hostname, $port, $userDb, $passwordDb, $dbName);
$base->registerAdmin($app['authentication']->getUser());
$app['phraseanet.appbox']->get_connection()->commit();
return $app->redirectPath('admin_database', ['databox_id' => $base->get_sbas_id(), 'success' => 1, 'reload-tree' => 1]);
} catch (\Exception $e) {
$app['phraseanet.appbox']->get_connection()->rollBack();
return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'mount-failed']);
}
}
}
public function connect(Application $app)
{
$app['controller.admin.subdefs'] = $this;
$controllers = $app['controllers_factory'];
$app['firewall']->addMandatoryAuthentication($controllers);
$controllers->before(function (Request $request) use($app) {
$app['firewall']->requireAccessToModule('admin')->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct');
});
$controllers->get('/{sbas_id}/', function (Application $app, $sbas_id) {
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
return $app['twig']->render('admin/subdefs.html.twig', ['databox' => $databox, 'subdefs' => $databox->get_subdef_structure()]);
})->bind('admin_subdefs_subdef')->assert('sbas_id', '\\d+');
$controllers->post('/{sbas_id}/', function (Application $app, Request $request, $sbas_id) {
$delete_subdef = $request->request->get('delete_subdef');
$toadd_subdef = $request->request->get('add_subdef');
$Parmsubdefs = $request->request->get('subdefs', []);
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
$add_subdef = ['class' => null, 'name' => null, 'group' => null];
foreach ($add_subdef as $k => $v) {
if (!isset($toadd_subdef[$k]) || trim($toadd_subdef[$k]) === '') {
unset($add_subdef[$k]);
} else {
$add_subdef[$k] = $toadd_subdef[$k];
}
}
if ($delete_subdef) {
$delete_subef = explode('_', $delete_subdef, 2);
$group = $delete_subef[0];
$name = $delete_subef[1];
$subdefs = $databox->get_subdef_structure();
$subdefs->delete_subdef($group, $name);
} elseif (count($add_subdef) === 3) {
$subdefs = $databox->get_subdef_structure();
$group = $add_subdef['group'];
$name = $app['unicode']->remove_nonazAZ09($add_subdef['name'], false);
$class = $add_subdef['class'];
$subdefs->add_subdef($group, $name, $class);
} else {
$subdefs = $databox->get_subdef_structure();
foreach ($Parmsubdefs as $post_sub) {
$options = [];
$post_sub_ex = explode('_', $post_sub, 2);
$group = $post_sub_ex[0];
$name = $post_sub_ex[1];
$class = $request->request->get($post_sub . '_class');
$downloadable = $request->request->get($post_sub . '_downloadable');
$defaults = ['path', 'meta', 'mediatype'];
foreach ($defaults as $def) {
$parm_loc = $request->request->get($post_sub . '_' . $def);
if ($def == 'meta' && !$parm_loc) {
$parm_loc = "no";
}
$options[$def] = $parm_loc;
}
$mediatype = $request->request->get($post_sub . '_mediatype');
$media = $request->request->get($post_sub . '_' . $mediatype, []);
foreach ($media as $option => $value) {
if ($option == 'resolution' && $mediatype == 'image') {
$option = 'dpi';
}
$options[$option] = $value;
}
$labels = $request->request->get($post_sub . '_label', []);
$subdefs->set_subdef($group, $name, $class, $downloadable, $options, $labels);
}
}
return $app->redirectPath('admin_subdefs_subdef', ['sbas_id' => $databox->get_sbas_id()]);
})->bind('admin_subdefs_subdef_update')->assert('sbas_id', '\\d+');
return $controllers;
}
/**
* Create a new collection
*
* @param Application $app The silex application
* @param Request $request The current HTTP request
* @param integer $databox_id The requested databox
* @return Response
*/
public function createCollection(Application $app, Request $request, $databox_id)
{
if (($name = trim($request->request->get('name', ''))) === '') {
return $app->redirectPath('admin_database_display_new_collection_form', ['databox_id' => $databox_id, 'error' => 'name']);
}
try {
$databox = $app['phraseanet.appbox']->get_databox($databox_id);
$collection = \collection::create($app, $databox, $app['phraseanet.appbox'], $name, $app['authentication']->getUser());
if ($request->request->get('ccusrothercoll') === "on" && null !== ($othcollsel = $request->request->get('othcollsel'))) {
$query = $app['phraseanet.user-query'];
$total = $query->on_base_ids([$othcollsel])->get_total();
$n = 0;
while ($n < $total) {
$results = $query->limit($n, 20)->execute()->get_results();
foreach ($results as $user) {
$app['acl']->get($user)->duplicate_right_from_bas($othcollsel, $collection->get_base_id());
}
$n += 20;
}
}
$app['dispatcher']->dispatch(PhraseaEvents::COLLECTION_CREATE, new CollectionCreateEvent($collection));
return $app->redirectPath('admin_display_collection', ['bas_id' => $collection->get_base_id(), 'success' => 1, 'reload-tree' => 1]);
} catch (\Exception $e) {
return $app->redirectPath('admin_database_submit_collection', ['databox_id' => $databox_id, 'error' => 'error']);
}
}
/**
* Display reset email form
*
* @param Application $app
* @param Request $request
* @return Response
*/
public function displayResetEmailForm(Application $app, Request $request)
{
if (null !== ($token = $request->query->get('token'))) {
try {
$datas = $app['tokens']->helloToken($token);
$user = $app['manipulator.user']->getRepository()->find((int) $datas['usr_id']);
$user->setEmail($datas['datas']);
$app['tokens']->removeToken($token);
$app->addFlash('success', $app->trans('admin::compte-utilisateur: L\'email a correctement ete mis a jour'));
return $app->redirectPath('account');
} catch (\Exception $e) {
$app->addFlash('error', $app->trans('admin::compte-utilisateur: erreur lors de la mise a jour'));
return $app->redirectPath('account');
}
}
return $app['twig']->render('account/reset-email.html.twig', Login::getDefaultTemplateVariables($app));
}
public function stealElements(Application $app, Request $request, BasketEntity $basket)
{
$n = 0;
foreach ($request->request->get('elements') as $bask_element_id) {
try {
$basket_element = $app['repo.basket-elements']->findUserElement($bask_element_id, $app['authentication']->getUser());
} catch (\Exception $e) {
continue;
}
$basket_element->getBasket()->removeElement($basket_element);
$basket_element->setBasket($basket);
$basket->addElement($basket_element);
$n++;
}
$app['EM']->flush();
$data = ['success' => true, 'message' => $app->trans('%quantity% records moved', ['%quantity%' => $n])];
if ($request->getRequestFormat() === 'json') {
return $app->json($data);
} else {
return $app->redirectPath('prod_workzone_show');
}
}
/**
* Set collection minilogo
*
* @param Application $app The silex application
* @param Request $request The current request
* @param integer $bas_id The collection base_id
* @return RedirectResponse
*/
public function setMiniLogo(Application $app, Request $request, $bas_id)
{
if (null === ($file = $request->files->get('newLogo'))) {
$app->abort(400);
}
if ($file->getClientSize() > 65535) {
return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-too-big']);
}
if (!$file->isValid()) {
return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-invalid']);
}
$collection = \collection::get_from_base_id($app, $bas_id);
try {
$app['phraseanet.appbox']->write_collection_pic($app['media-alchemyst'], $app['filesystem'], $collection, $file, \collection::PIC_LOGO);
$app['filesystem']->remove($file->getPathname());
} catch (\Exception $e) {
return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-error']);
}
return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 1]);
}
public function connect(Application $app)
{
$app['controller.oauth2'] = $this;
$controllers = $app['controllers_factory'];
/**
* AUTHORIZE ENDPOINT
*
* Authorization endpoint - used to obtain authorization from the
* resource owner via user-agent redirection.
*/
$authorize_func = function () use($app) {
$request = $app['request'];
$oauth2Adapter = $app['oauth2-server'];
$context = new Context(Context::CONTEXT_OAUTH2_NATIVE);
$app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context));
//Check for auth params, send error or redirect if not valid
$params = $oauth2Adapter->getAuthorizationRequestParameters($request);
$appAuthorized = false;
$error = $request->get('error', '');
if (null === ($client = $app['repo.api-applications']->findByClientId($params['client_id']))) {
throw new NotFoundHttpException(sprintf('Application with client id %s could not be found', $params['client_id']));
}
$oauth2Adapter->setClient($client);
$actionAccept = $request->get("action_accept");
$actionLogin = $request->get("action_login");
$template = "api/auth/end_user_authorization.html.twig";
$custom_template = sprintf("%s/config/templates/web/api/auth/end_user_authorization/%s.html.twig", $app['root.path'], $client->getId());
if (file_exists($custom_template)) {
$template = sprintf('api/auth/end_user_authorization/%s.html.twig', $client->getId());
}
if (!$app['authentication']->isAuthenticated()) {
if ($actionLogin !== null) {
try {
if (null === ($usrId = $app['auth.native']->getUsrId($request->get("login"), $request->get("password"), $request))) {
$app['session']->getFlashBag()->set('error', $app->trans('login::erreur: Erreur d\'authentification'));
return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'login'), $params));
}
} catch (RequireCaptchaException $e) {
return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'captcha'), $params));
} catch (AccountLockedException $e) {
return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'account-locked'), $params));
}
$user = $app['repo.users']->find($usrId);
$app['authentication']->openAccount($user);
$event = new PostAuthenticate($request, new Response(), $user, $context);
$app['dispatcher']->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event);
} else {
$r = new Response($app['twig']->render($template, array('error' => $error, "auth" => $oauth2Adapter)));
$r->headers->set('Content-Type', 'text/html');
return $r;
}
}
//check if current client is already authorized by current user
$clients = $app['repo.api-applications']->findAuthorizedAppsByUser($app['authentication']->getUser());
foreach ($clients as $authClient) {
if ($client->getClientId() == $authClient->getClientId()) {
$appAuthorized = true;
break;
}
}
$account = $oauth2Adapter->updateAccount($app['authentication']->getUser());
$params['account_id'] = $account->getId();
if (!$appAuthorized && $actionAccept === null) {
$params = ["auth" => $oauth2Adapter, "error" => $error];
$r = new Response($app['twig']->render($template, $params));
$r->headers->set('Content-Type', 'text/html');
return $r;
} elseif (!$appAuthorized && $actionAccept !== null) {
$appAuthorized = (bool) $actionAccept;
if ($appAuthorized) {
$app['manipulator.api-account']->authorizeAccess($account);
} else {
$app['manipulator.api-account']->revokeAccess($account);
}
}
//if native app show template
if ($oauth2Adapter->isNativeApp($params['redirect_uri'])) {
$params = $oauth2Adapter->finishNativeClientAuthorization($appAuthorized, $params);
$r = new Response($app['twig']->render("api/auth/native_app_access_token.html.twig", $params));
$r->headers->set('Content-Type', 'text/html');
return $r;
}
$oauth2Adapter->finishClientAuthorization($appAuthorized, $params);
// As OAuth2 library already outputs response content, we need to send an empty
// response to avoid breaking silex controller
return '';
};
$controllers->match('/authorize', $authorize_func)->method('GET|POST')->bind('oauth2_authorize');
/**
* TOKEN ENDPOINT
* Token endpoint - used to exchange an authorization grant for an access token.
*/
$controllers->post('/token', function (\Silex\Application $app, Request $request) {
if (!$request->isSecure()) {
throw new HttpException(400, 'This route requires the use of the https scheme', null, ['content-type' => 'application/json']);
}
$app['oauth2-server']->grantAccessToken($request);
ob_flush();
flush();
// As OAuth2 library already outputs response content, we need to send an empty
// response to avoid breaking silex controller
return '';
});
return $controllers;
}
public function connect(Application $app)
{
$app['controller.admin.users'] = $this;
$controllers = $app['controllers_factory'];
$app['firewall']->addMandatoryAuthentication($controllers);
$controllers->before(function (Request $request) use($app) {
$app['firewall']->requireAccessToModule('admin')->requireRight('manageusers');
});
$controllers->post('/rights/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights());
});
$controllers->get('/rights/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights());
});
$controllers->post('/rights/reset/', function (Application $app, Request $request) {
try {
$datas = ['error' => false];
$helper = new UserHelper\Edit($app, $request);
$helper->resetRights();
} catch (\Exception $e) {
$datas['error'] = true;
$datas['message'] = $e->getMessage();
}
return $app->json($datas);
})->bind('admin_users_rights_reset');
$controllers->post('/delete/', function (Application $app) {
$module = new UserHelper\Edit($app, $app['request']);
$module->delete_users();
return $app->redirectPath('admin_users_search');
});
$controllers->post('/rights/apply/', function (Application $app) {
$datas = ['error' => true];
try {
$rights = new UserHelper\Edit($app, $app['request']);
if (!$app['request']->request->get('reset_before_apply')) {
$rights->apply_rights();
}
if ($app['request']->request->get('template')) {
if ($app['request']->request->get('reset_before_apply')) {
$rights->resetRights();
}
$rights->apply_template();
}
$rights->apply_infos();
$datas = ['error' => false];
} catch (\Exception $e) {
$datas['message'] = $e->getMessage();
}
return $app->json($datas);
})->bind('admin_users_rights_apply');
$controllers->post('/rights/quotas/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers_quotas.html.twig', $rights->get_quotas());
});
$controllers->post('/rights/quotas/apply/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
$rights->apply_quotas();
return $app->json(['message' => '', 'error' => false]);
});
$controllers->post('/rights/time/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers_timelimit.html.twig', $rights->get_time());
});
$controllers->post('/rights/time/sbas/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers_timelimit_sbas.html.twig', $rights->get_time_sbas());
});
$controllers->post('/rights/time/apply/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
$rights->apply_time();
return $app->json(['message' => '', 'error' => false]);
});
$controllers->post('/rights/masks/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
return $app['twig']->render('admin/editusers_masks.html.twig', $rights->get_masks());
});
$controllers->post('/rights/masks/apply/', function (Application $app) {
$rights = new UserHelper\Edit($app, $app['request']);
$rights->apply_masks();
return $app->json(['message' => '', 'error' => false]);
});
$controllers->match('/search/', function (Application $app) {
$users = new UserHelper\Manage($app, $app['request']);
return $app['twig']->render('admin/users.html.twig', $users->search());
})->bind('admin_users_search');
$controllers->post('/search/export/', function () use($app) {
$request = $app['request'];
$users = new UserHelper\Manage($app, $app['request']);
$userTable = [['ID', 'Login', 'Last Name', 'First Name', 'E-Mail', 'Created', 'Updated', 'Address', 'City', 'Zip', 'Country', 'Phone', 'Fax', 'Job', 'Company', 'Position']];
foreach ($users->export() as $user) {
$userTable[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $user->getCreated()->format(DATE_ATOM), $user->getUpdated()->format(DATE_ATOM), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()];
}
$CSVDatas = \format::arr_to_csv($userTable);
$response = new Response($CSVDatas, 200, ['Content-Type' => 'text/csv']);
$response->headers->set('Content-Disposition', 'attachment; filename=export.csv');
return $response;
})->bind('admin_users_search_export');
$controllers->post('/apply_template/', function () use($app) {
$users = new UserHelper\Edit($app, $app['request']);
if ($app['request']->request->get('reset_before_apply')) {
$users->resetRights();
}
$users->apply_template();
return $app->redirectPath('admin_users_search');
})->bind('admin_users_apply_template');
$controllers->get('/typeahead/search/', function (Application $app) {
$request = $app['request'];
$user_query = new \User_Query($app);
$like_value = $request->query->get('term');
$rights = $request->query->get('filter_rights') ?: [];
$have_right = $request->query->get('have_right') ?: [];
$have_not_right = $request->query->get('have_not_right') ?: [];
$on_base = $request->query->get('on_base') ?: [];
$elligible_users = $user_query->on_sbas_where_i_am($app['acl']->get($app['authentication']->getUser()), $rights)->like(\User_Query::LIKE_EMAIL, $like_value)->like(\User_Query::LIKE_FIRSTNAME, $like_value)->like(\User_Query::LIKE_LASTNAME, $like_value)->like(\User_Query::LIKE_LOGIN, $like_value)->like_match(\User_Query::LIKE_MATCH_OR)->who_have_right($have_right)->who_have_not_right($have_not_right)->on_base_ids($on_base)->execute()->get_results();
$datas = [];
foreach ($elligible_users as $user) {
$datas[] = ['email' => $user->getEmail() ?: '', 'login' => $user->getLogin() ?: '', 'name' => $user->getDisplayName(), 'id' => $user->getId()];
}
return $app->json($datas);
});
$controllers->post('/create/', function (Application $app) {
$datas = ['error' => false, 'message' => '', 'data' => null];
try {
$request = $app['request'];
$module = new UserHelper\Manage($app, $app['request']);
if ($request->request->get('template') == '1') {
$user = $module->create_template();
} else {
$user = $module->create_newuser();
}
if (!$user instanceof User) {
throw new \Exception('Unknown error');
}
$datas['data'] = $user->getId();
} catch (\Exception $e) {
$datas['error'] = true;
if ($request->request->get('template') == '1') {
$datas['message'] = $app->trans('Unable to create template, the name is already used.');
} else {
$datas['message'] = $app->trans('Unable to create the user.');
}
}
return $app->json($datas);
});
$controllers->post('/export/csv/', function (Application $app) {
$request = $app['request'];
$user_query = new \User_Query($app);
$like_value = $request->request->get('like_value');
$like_field = $request->request->get('like_field');
$on_base = $request->request->get('base_id') ?: null;
$on_sbas = $request->request->get('sbas_id') ?: null;
$elligible_users = $user_query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canadmin'])->like($like_field, $like_value)->on_base_ids($on_base)->on_sbas_ids($on_sbas);
$offset = 0;
$buffer = [];
$buffer[] = ['ID', 'Login', $app->trans('admin::compte-utilisateur nom'), $app->trans('admin::compte-utilisateur prenom'), $app->trans('admin::compte-utilisateur email'), 'CreationDate', 'ModificationDate', $app->trans('admin::compte-utilisateur adresse'), $app->trans('admin::compte-utilisateur ville'), $app->trans('admin::compte-utilisateur code postal'), $app->trans('admin::compte-utilisateur pays'), $app->trans('admin::compte-utilisateur telephone'), $app->trans('admin::compte-utilisateur fax'), $app->trans('admin::compte-utilisateur poste'), $app->trans('admin::compte-utilisateur societe'), $app->trans('admin::compte-utilisateur activite')];
do {
$elligible_users->limit($offset, 20);
$offset += 20;
$results = $elligible_users->execute()->get_results();
foreach ($results as $user) {
$buffer[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $app['date-formatter']->format_mysql($user->getCreated()), $app['date-formatter']->format_mysql($user->getUpdated()), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()];
}
} while (count($results) > 0);
$out = \format::arr_to_csv($buffer);
$response = new Response($out, 200, ['Content-type' => 'text/csv', 'Content-Disposition' => 'attachment; filename=export.csv']);
$response->setCharset('UTF-8');
return $response;
})->bind('admin_users_export_csv');
$controllers->get('/registrations/', function (Application $app) {
$app['manipulator.registration']->deleteOldRegistrations();
$models = $app['manipulator.user']->getRepository()->findModelOf($app['authentication']->getUser());
$userRegistrations = [];
foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($app['authentication']->getUser(), $app['acl']->get($app['authentication']->getUser())->get_granted_base(['canadmin'])) as $registration) {
$user = $registration->getUser();
$userRegistrations[$user->getId()]['user'] = $user;
$userRegistrations[$user->getId()]['registrations'][$registration->getBaseid()] = $registration;
}
return $app['twig']->render('admin/user/registrations.html.twig', ['user_registrations' => $userRegistrations, 'models' => $models]);
})->bind('users_display_registrations');
$controllers->post('/registrations/', function (Application $app, Request $request) {
$templates = $deny = $accept = $options = [];
foreach ($request->request->get('template', []) as $tmp) {
if ('' === trim($tmp)) {
continue;
}
$tmp = explode('_', $tmp);
if (count($tmp) == 2) {
$templates[$tmp[0]] = $tmp[1];
}
}
foreach ($request->request->get('deny', []) as $den) {
$den = explode('_', $den);
if (count($den) == 2 && !isset($templates[$den[0]])) {
$deny[$den[0]][$den[1]] = $den[1];
}
}
foreach ($request->request->get('accept', []) as $acc) {
$acc = explode('_', $acc);
if (count($acc) == 2 && !isset($templates[$acc[0]])) {
$accept[$acc[0]][$acc[1]] = $acc[1];
$options[$acc[0]][$acc[1]] = ['HD' => false, 'WM' => false];
}
}
foreach ($request->request->get('accept_hd', []) as $accHD) {
$accHD = explode('_', $accHD);
if (count($accHD) == 2 && isset($accept[$accHD[0]]) && isset($options[$accHD[0]][$accHD[1]])) {
$options[$accHD[0]][$accHD[1]]['HD'] = true;
}
}
foreach ($request->request->get('watermark', []) as $wm) {
$wm = explode('_', $wm);
if (count($wm) == 2 && isset($accept[$wm[0]]) && isset($options[$wm[0]][$wm[1]])) {
$options[$wm[0]][$wm[1]]['WM'] = true;
}
}
if (count($templates) > 0 || count($deny) > 0 || count($accept) > 0) {
$cacheToUpdate = $done = [];
foreach ($templates as $usr => $template_id) {
if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) {
$app->abort(400, srpintf("User with id % in provided in 'template' request variable could not be found", $usr));
}
$cacheToUpdate[$usr] = $user;
$user_template = $app['manipulator.user']->getRepository()->find($template_id);
$collections = $app['acl']->get($user_template)->get_granted_base();
$baseIds = array_keys($collections);
$app['acl']->get($user)->apply_model($user_template, $baseIds);
foreach ($collections as $collection) {
$done[$usr][$collection->get_base_id()] = true;
}
$app['manipulator.registration']->deleteUserRegistrations($user, $collections);
}
foreach ($deny as $usr => $bases) {
if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) {
$app->abort(400, srpintf("User with id % in provided in 'deny' request variable could not be found", $usr));
}
$cacheToUpdate[$usr] = $user;
foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) {
return \collection::get_from_base_id($app, $baseId);
}, $bases)) as $registration) {
$app['manipulator.registration']->rejectRegistration($registration);
$done[$usr][$registration->getBaseId()] = false;
}
}
foreach ($accept as $usr => $bases) {
if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) {
$app->abort(400, srpintf("User with id % in provided in 'accept' request variable could not be found", $usr));
}
$cacheToUpdate[$usr] = $user;
foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) {
return \collection::get_from_base_id($app, $baseId);
}, $bases)) as $registration) {
$done[$usr][$registration->getBaseId()] = true;
$app['manipulator.registration']->acceptRegistration($registration, $options[$usr][$registration->getBaseId()]['HD'], $options[$usr][$registration->getBaseId()]['WM']);
}
}
array_walk($cacheToUpdate, function (User $user) use($app) {
$app['acl']->get($user)->delete_data_from_cache();
});
unset($cacheToUpdate);
foreach ($done as $usr => $bases) {
$user = $app['manipulator.user']->getRepository()->find($usr);
$acceptColl = $denyColl = [];
foreach ($bases as $bas => $isok) {
$collection = \collection::get_from_base_id($app, $bas);
if ($isok) {
$acceptColl[] = $collection->get_label($app['locale']);
continue;
}
$denyColl[] = $collection->get_label($app['locale']);
}
if (0 !== count($acceptColl) || 0 !== count($denyColl)) {
$message = '';
if (0 !== count($acceptColl)) {
$message .= "\n" . $app->trans('login::register:email: Vous avez ete accepte sur les collections suivantes : ') . implode(', ', $acceptColl) . "\n";
}
if (0 !== count($denyColl)) {
$message .= "\n" . $app->trans('login::register:email: Vous avez ete refuse sur les collections suivantes : ') . implode(', ', $denyColl) . "\n";
}
$receiver = new Receiver(null, $user->getEmail());
$mail = MailSuccessEmailUpdate::create($app, $receiver, null, $message);
$app['notification.deliverer']->deliver($mail);
}
}
}
return $app->redirectPath('users_display_registrations', ['success' => 1]);
})->bind('users_submit_registrations');
$controllers->get('/import/file/', function (Application $app, Request $request) {
return $app['twig']->render('admin/user/import/file.html.twig');
})->bind('users_display_import_file');
$controllers->post('/import/file/', function (Application $app, Request $request) {
if (null === ($file = $request->files->get('files')) || !$file->isValid()) {
return $app->redirectPath('users_display_import_file', ['error' => 'file-invalid']);
}
$equivalenceToMysqlField = self::getEquivalenceToMysqlField();
$loginDefined = $pwdDefined = $mailDefined = false;
$loginNew = [];
$out = ['ignored_row' => [], 'errors' => []];
$nbUsrToAdd = 0;
$lines = \format::csv_to_arr($file->getPathname());
$roughColumns = array_shift($lines);
$columnsSanitized = array_map(function ($columnName) {
return trim(mb_strtolower($columnName));
}, $roughColumns);
$columns = array_filter($columnsSanitized, function ($columnName) use(&$out, $equivalenceToMysqlField) {
if (!isset($equivalenceToMysqlField[$columnName])) {
$out['ignored_row'][] = $columnName;
return false;
}
return true;
});
foreach ($columns as $columnName) {
if ($equivalenceToMysqlField[$columnName] === 'usr_login') {
$loginDefined = true;
}
if ($equivalenceToMysqlField[$columnName] === 'usr_password') {
$pwdDefined = true;
}
if ($equivalenceToMysqlField[$columnName] === 'usr_mail') {
$mailDefined = true;
}
}
if (!$loginDefined) {
return $app->redirectPath('users_display_import_file', ['error' => 'row-login']);
}
if (!$pwdDefined) {
return $app->redirectPath('users_display_import_file', ['error' => 'row-pwd']);
}
if (!$mailDefined) {
return $app->redirectPath('users_display_import_file', ['error' => 'row-mail']);
}
foreach ($lines as $nbLine => $line) {
$loginValid = false;
$pwdValid = false;
$mailValid = false;
foreach ($columns as $nbCol => $colName) {
if (!isset($equivalenceToMysqlField[$colName])) {
unset($lines[$nbCol]);
continue;
}
$sqlField = $equivalenceToMysqlField[$colName];
$value = $line[$nbCol];
if ($sqlField === 'usr_login') {
$loginToAdd = $value;
if ($loginToAdd === "") {
$out['errors'][] = $app->trans("Login line %line% is empty", ['%line%' => $nbLine + 1]);
} elseif (in_array($loginToAdd, $loginNew)) {
$out['errors'][] = $app->trans("Login %login% is already defined in the file at line %line%", ['%login%' => $loginToAdd, '%line%' => $nbLine]);
} else {
if (null !== $app['manipulator.user']->getRepository()->findByLogin($loginToAdd)) {
$out['errors'][] = $app->trans("Login %login% already exists in database", ['%login%' => $loginToAdd]);
} else {
$loginValid = true;
}
}
}
if ($loginValid && $sqlField === 'usr_mail') {
$mailToAdd = $value;
if ($mailToAdd === "") {
$out['errors'][] = $app->trans("Mail line %line% is empty", ['%line%' => $nbLine + 1]);
} elseif (null !== $app['manipulator.user']->getRepository()->findByEmail($mailToAdd)) {
$out['errors'][] = $app->trans("Email '%email%' for login '%login%' already exists in database", ['%email%' => $mailToAdd, '%login%' => $loginToAdd]);
} else {
$mailValid = true;
}
}
if ($sqlField === 'usr_password') {
$passwordToVerif = $value;
if ($passwordToVerif === "") {
$out['errors'][] = $app->trans("Password is empty at line %line%", ['%line%' => $nbLine]);
} else {
$pwdValid = true;
}
}
}
if ($loginValid && $pwdValid && $mailValid) {
$loginNew[] = $loginToAdd;
$nbUsrToAdd++;
}
}
if (count($out['errors']) > 0 && $nbUsrToAdd === 0) {
return $app['twig']->render('admin/user/import/file.html.twig', ['errors' => $out['errors']]);
}
if ($nbUsrToAdd === 0) {
return $app->redirectPath('users_display_import_file', ['error' => 'no-user']);
}
$basList = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage']));
$models = $app['EM.native-query']->getModelForUser($app['authentication']->getUser(), $basList);
return $app['twig']->render('/admin/user/import/view.html.twig', ['nb_user_to_add' => $nbUsrToAdd, 'models' => $models, 'lines_serialized' => serialize($lines), 'columns_serialized' => serialize($columns), 'errors' => $out['errors']]);
})->bind('users_submit_import_file');
$controllers->post('/import/', function (Application $app, Request $request) {
$nbCreation = 0;
if (null === ($serializedColumns = $request->request->get('sr_columns')) || '' === $serializedColumns) {
$app->abort(400);
}
if (null === ($serializedLines = $request->request->get('sr_lines')) || '' === $serializedLines) {
$app->abort(400);
}
if (null === ($model = $request->request->get("modelToApply"))) {
$app->abort(400);
}
$lines = unserialize($serializedLines);
$columns = unserialize($serializedColumns);
$equivalenceToMysqlField = Users::getEquivalenceToMysqlField();
foreach ($lines as $nbLine => $line) {
$curUser = [];
foreach ($columns as $nbCol => $colName) {
if (!isset($equivalenceToMysqlField[$colName]) || !isset($line[$nbCol])) {
continue;
}
$sqlField = $equivalenceToMysqlField[$colName];
$value = trim($line[$nbCol]);
if ($sqlField === "usr_sexe") {
switch ($value) {
case "Mlle":
case "Mlle.":
case "mlle":
case "Miss":
case "miss":
case "0":
$curUser[$sqlField] = 0;
break;
case "Mme":
case "Madame":
case "Ms":
case "Ms.":
case "1":
$curUser[$sqlField] = 1;
break;
case "M":
case "M.":
case "Mr":
case "Mr.":
case "Monsieur":
case "Mister":
case "2":
$curUser[$sqlField] = 2;
break;
}
} else {
$curUser[$sqlField] = $value;
}
}
if (isset($curUser['usr_login']) && trim($curUser['usr_login']) !== '' && isset($curUser['usr_password']) && trim($curUser['usr_password']) !== '' && isset($curUser['usr_mail']) && trim($curUser['usr_mail']) !== '') {
if (null === $app['manipulator.user']->getRepository()->findByLogin($curUser['usr_login']) && false === $app['manipulator.user']->getRepository()->findByEmail($curUser['usr_mail'])) {
$newUser = $app['manipulator.user']->createUser($curUser['usr_login'], $curUser['usr_password'], $curUser['usr_mail']);
$ftpCredential = new FtpCredential();
$ftpCredential->setUser($newUser);
if (isset($curUser['activeFTP'])) {
$ftpCredential->setActive((int) $curUser['activeFTP']);
}
if (isset($curUser['addrFTP'])) {
$ftpCredential->setAddress((string) $curUser['addrFTP']);
}
if (isset($curUser['passifFTP'])) {
$ftpCredential->setPassive((int) $curUser['passifFTP']);
}
if (isset($curUser['destFTP'])) {
$ftpCredential->setReceptionFolder($curUser['destFTP']);
}
if (isset($curUser['prefixFTPfolder'])) {
$ftpCredential->setRepositoryPrefixName($curUser['prefixFTPfolder']);
}
if (isset($curUser['usr_prenom'])) {
$newUser->setFirstName($curUser['usr_prenom']);
}
if (isset($curUser['usr_nom'])) {
$newUser->setLastName($curUser['usr_nom']);
}
if (isset($curUser['adresse'])) {
$newUser->setAdress($curUser['adresse']);
}
if (isset($curUser['cpostal'])) {
$newUser->setZipCode($curUser['cpostal']);
}
if (isset($curUser['usr_sexe'])) {
$newUser->setGender((int) $curUser['usr_sexe']);
}
if (isset($curUser['tel'])) {
$newUser->setPhone($curUser['tel']);
}
if (isset($curUser['fax'])) {
$newUser->setFax($curUser['fax']);
}
if (isset($curUser['activite'])) {
$newUser->setJob($curUser['activite']);
}
if (isset($curUser['fonction'])) {
$newUser->setPosition($curUser['fonction']);
}
if (isset($curUser['societe'])) {
$newUser->setCompany($curUser['societe']);
}
$app['acl']->get($newUser)->apply_model($app['manipulator.user']->getRepository()->find($model), array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage'])));
$nbCreation++;
}
}
}
return $app->redirectPath('admin_users_search', ['user-updated' => $nbCreation]);
})->bind('users_submit_import');
$controllers->get('/import/example/csv/', function (Application $app) {
$file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/exampleImportUsers.csv');
if (!$file->isFile()) {
$app->abort(400);
}
$response = new Response();
$response->setStatusCode(200);
$response->headers->set('Pragma', 'public');
$response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename());
$response->headers->set('Content-Length', $file->getSize());
$response->headers->set('Content-Type', 'text/csv');
$response->setContent(file_get_contents($file->getPathname()));
return $response;
})->bind('users_import_csv');
$controllers->get('/import/example/rtf/', function (Application $app) {
$file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/Fields.rtf');
if (!$file->isFile()) {
$app->abort(400);
}
$response = new Response();
$response->setStatusCode(200);
$response->headers->set('Pragma', 'public');
$response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename());
$response->headers->set('Content-Length', $file->getSize());
$response->headers->set('Content-Type', 'text/rtf');
$response->setContent(file_get_contents($file->getPathname()));
return $response;
})->bind('users_import_rtf');
return $controllers;
}
public function postStopTask(Application $app, Request $request, Task $task)
{
if (false === $app['phraseanet.configuration']['main']['task-manager']['enabled']) {
throw new RuntimeException('The use of the task manager is disabled on this instance.');
}
$app['manipulator.task']->stop($task);
return $app->redirectPath('admin_tasks_list');
}
/**
* Deny an order
*
* @param Application $app
* @param Request $request
* @param integer $order_id
* @return RedirectResponse|JsonResponse
*/
public function denyOrder(Application $app, Request $request, $order_id)
{
$success = false;
$order = $app['EM']->getRepository('Phraseanet:Order')->find($order_id);
if (null === $order) {
throw new NotFoundHttpException('Order not found');
}
$n = 0;
$elements = $request->request->get('elements', []);
foreach ($order->getElements() as $orderElement) {
if (in_array($orderElement->getId(), $elements)) {
$orderElement->setOrderMaster($app['authentication']->getUser());
$orderElement->setDeny(true);
$app['EM']->persist($orderElement);
$n++;
}
}
try {
if ($n > 0) {
$order->setTodo($order->getTodo() - $n);
$app['events-manager']->trigger('__ORDER_NOT_DELIVERED__', ['from' => $app['authentication']->getUser()->getId(), 'to' => $order->getUser()->getId(), 'n' => $n]);
}
$success = true;
$app['EM']->persist($order);
$app['EM']->flush();
} catch (\Exception $e) {
}
if ('json' === $app['request']->getRequestFormat()) {
return $app->json(['success' => $success, 'msg' => $success ? $app->trans('Order has been denied') : $app->trans('An error occured while denying, please retry or contact an admin if problem persists'), 'order_id' => $order_id]);
}
return $app->redirectPath('prod_orders', ['success' => (int) $success, 'action' => 'send']);
}
/**
* Create a new developer applications
*
* @param Application $app A Silex application where the controller is mounted on
* @param Request $request The current request
* @return Response
*/
public function newApp(Application $app, Request $request)
{
if ($request->request->get('type') === ApiApplication::DESKTOP_TYPE) {
$form = new \API_OAuth2_Form_DevAppDesktop($app['request']);
} else {
$form = new \API_OAuth2_Form_DevAppInternet($app['request']);
}
$violations = $app['validator']->validate($form);
if ($violations->count() === 0) {
$application = $app['manipulator.api-application']->create($form->getName(), $form->getType(), $form->getDescription(), sprintf('%s%s', $form->getSchemeWebsite(), $form->getWebsite()), $app['authentication']->getUser(), sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback()));
// create an account as well
$app['manipulator.api-account']->create($application, $app['authentication']->getUser());
return $app->redirectPath('developers_application', ['application' => $application->getId()]);
}
return $app['twig']->render('/developers/application_form.html.twig', ["violations" => $violations, "form" => $form]);
}
/**
* Grant to an user admin rights
*
* @param Application $app
* @param Request $request
* @return RedirectResponse
*/
public function addAdmins(Application $app, Request $request)
{
$admins = $request->request->get('admins', []);
if (count($admins) === 0 || !is_array($admins)) {
$app->abort(400, '"admins" parameter must contains at least one value.');
}
if (!in_array($app['authentication']->getUser()->getId(), $admins)) {
$admins[] = $app['authentication']->getUser()->getId();
}
$admins = array_map(function ($usrId) use($app) {
if (null === ($user = $app['repo.users']->find($usrId))) {
throw new RuntimeException(sprintf('Invalid usrId %s provided.', $usrId));
}
return $user;
}, $admins);
$app['manipulator.user']->promote($admins);
$app['manipulator.acl']->resetAdminRights($admins);
return $app->redirectPath('admin_dashbord');
}
public function connect(SilexApplication $app)
{
$app['controller.lightbox'] = $this;
$controllers = $app['controllers_factory'];
$controllers->before(function (Request $request) use($app) {
if (!$request->query->has('LOG')) {
return;
}
if ($app['authentication']->isAuthenticated()) {
$app['authentication']->closeAccount();
}
if (null === ($token = $app['repo.tokens']->findValidToken($request->query->get('LOG')))) {
$app->addFlash('error', $app->trans('The URL you used is out of date, please login'));
return $app->redirectPath('homepage');
}
$app['authentication']->openAccount($token->getUser());
switch ($token->getType()) {
case TokenManipulator::TYPE_FEED_ENTRY:
return $app->redirectPath('lightbox_feed_entry', ['entry_id' => $token->getData()]);
break;
case TokenManipulator::TYPE_VALIDATE:
case TokenManipulator::TYPE_VIEW:
return $app->redirectPath('lightbox_validation', ['basket' => $token->getData()]);
break;
}
});
$app['firewall']->addMandatoryAuthentication($controllers);
$controllers->before($app['middleware.basket.converter'])->before($app['middleware.basket.user-access']);
$controllers->get('/', function (SilexApplication $app) {
try {
\Session_Logger::updateClientInfos($app, 6);
} catch (SessionNotFound $e) {
return $app->redirectPath('logout');
}
$repository = $app['repo.baskets'];
$basket_collection = array_merge($repository->findActiveByUser($app['authentication']->getUser()), $repository->findActiveValidationByUser($app['authentication']->getUser()));
$template = 'lightbox/index.html.twig';
if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) {
$template = 'lightbox/IE6/index.html.twig';
}
return new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'module_name' => 'Lightbox', 'module' => 'lightbox']));
})->bind('lightbox');
$controllers->get('/ajax/NOTE_FORM/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) {
if (!$app['browser']->isMobile()) {
return new Response('');
}
$basketElement = $app['repo.basket-elements']->findUserElement($sselcont_id, $app['authentication']->getUser());
$parameters = ['basket_element' => $basketElement, 'module_name' => ''];
return $app['twig']->render('lightbox/note_form.html.twig', $parameters);
})->bind('lightbox_ajax_note_form')->assert('sselcont_id', '\\d+');
$controllers->get('/ajax/LOAD_BASKET_ELEMENT/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) {
$repository = $app['repo.basket-elements'];
$BasketElement = $repository->findUserElement($sselcont_id, $app['authentication']->getUser());
if ($app['browser']->isMobile()) {
$output = $app['twig']->render('lightbox/basket_element.html.twig', ['basket_element' => $BasketElement, 'module_name' => $BasketElement->getRecord($app)->get_title()]);
return new Response($output);
} else {
$template_options = 'lightbox/sc_options_box.html.twig';
$template_agreement = 'lightbox/agreement_box.html.twig';
$template_selector = 'lightbox/selector_box.html.twig';
$template_note = 'lightbox/sc_note.html.twig';
$template_preview = 'common/preview.html.twig';
$template_caption = 'common/caption.html.twig';
if (!$app['browser']->isNewGeneration()) {
$template_options = 'lightbox/IE6/sc_options_box.html.twig';
$template_agreement = 'lightbox/IE6/agreement_box.html.twig';
}
$Basket = $BasketElement->getBasket();
$ret = [];
$ret['number'] = $BasketElement->getRecord($app)->get_number();
$ret['title'] = $BasketElement->getRecord($app)->get_title();
$ret['preview'] = $app['twig']->render($template_preview, ['record' => $BasketElement->getRecord($app), 'not_wrapped' => true]);
$ret['options_html'] = $app['twig']->render($template_options, ['basket_element' => $BasketElement]);
$ret['agreement_html'] = $app['twig']->render($template_agreement, ['basket' => $Basket, 'basket_element' => $BasketElement]);
$ret['selector_html'] = $app['twig']->render($template_selector, ['basket_element' => $BasketElement]);
$ret['note_html'] = $app['twig']->render($template_note, ['basket_element' => $BasketElement]);
$ret['caption'] = $app['twig']->render($template_caption, ['view' => 'preview', 'record' => $BasketElement->getRecord($app)]);
return $app->json($ret);
}
})->bind('lightbox_ajax_load_basketelement')->assert('sselcont_id', '\\d+');
$controllers->get('/ajax/LOAD_FEED_ITEM/{entry_id}/{item_id}/', function (SilexApplication $app, $entry_id, $item_id) {
$entry = $app['repo.feed-entries']->find($entry_id);
$item = $entry->getItem($item_id);
if ($app['browser']->isMobile()) {
$output = $app['twig']->render('lightbox/feed_element.html.twig', ['feed_element' => $item, 'module_name' => $item->getRecord($app)->get_title()]);
return new Response($output);
} else {
$template_options = 'lightbox/feed_options_box.html.twig';
$template_preview = 'common/preview.html.twig';
$template_caption = 'common/caption.html.twig';
if (!$app['browser']->isNewGeneration()) {
$template_options = 'lightbox/IE6/feed_options_box.html.twig';
}
$ret = [];
$ret['number'] = $item->getRecord($app)->get_number();
$ret['title'] = $item->getRecord($app)->get_title();
$ret['preview'] = $app['twig']->render($template_preview, ['record' => $item->getRecord($app), 'not_wrapped' => true]);
$ret['options_html'] = $app['twig']->render($template_options, ['feed_element' => $item]);
$ret['caption'] = $app['twig']->render($template_caption, ['view' => 'preview', 'record' => $item->getRecord($app)]);
$ret['agreement_html'] = $ret['selector_html'] = $ret['note_html'] = '';
return $app->json($ret);
}
})->bind('lightbox_ajax_load_feeditem')->assert('entry_id', '\\d+')->assert('item_id', '\\d+');
$controllers->get('/validate/{basket}/', function (SilexApplication $app, $basket) {
try {
\Session_Logger::updateClientInfos($app, 6);
} catch (SessionNotFound $e) {
return $app->redirectPath('logout');
}
$repository = $app['repo.baskets'];
$basket_collection = $repository->findActiveValidationAndBasketByUser($app['authentication']->getUser());
if ($basket->getIsRead() === false) {
$basket = $app['EM']->merge($basket);
$basket->setIsRead(true);
$app['EM']->flush();
}
if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser())->getIsAware() === false) {
$basket = $app['EM']->merge($basket);
$basket->getValidation()->getParticipant($app['authentication']->getUser())->setIsAware(true);
$app['EM']->flush();
}
$template = 'lightbox/validate.html.twig';
if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) {
$template = 'lightbox/IE6/validate.html.twig';
}
$response = new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'basket' => $basket, 'local_title' => strip_tags($basket->getName()), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')]));
$response->setCharset('UTF-8');
return $response;
})->bind('lightbox_validation')->assert('basket', '\\d+');
$controllers->get('/compare/{basket}/', function (SilexApplication $app, Basket $basket) {
try {
\Session_Logger::updateClientInfos($app, 6);
} catch (SessionNotFound $e) {
return $app->redirectPath('logout');
}
$repository = $app['repo.baskets'];
$basket_collection = $repository->findActiveValidationAndBasketByUser($app['authentication']->getUser());
if ($basket->getIsRead() === false) {
$basket = $app['EM']->merge($basket);
$basket->setIsRead(true);
$app['EM']->flush();
}
if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser())->getIsAware() === false) {
$basket = $app['EM']->merge($basket);
$basket->getValidation()->getParticipant($app['authentication']->getUser())->setIsAware(true);
$app['EM']->flush();
}
$template = 'lightbox/validate.html.twig';
if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) {
$template = 'lightbox/IE6/validate.html.twig';
}
$response = new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'basket' => $basket, 'local_title' => strip_tags($basket->getName()), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')]));
$response->setCharset('UTF-8');
return $response;
})->bind('lightbox_compare')->assert('basket', '\\d+');
$controllers->get('/feeds/entry/{entry_id}/', function (SilexApplication $app, $entry_id) {
try {
\Session_Logger::updateClientInfos($app, 6);
} catch (SessionNotFound $e) {
return $app->redirectPath('logout');
}
$feed_entry = $app['repo.feed-entries']->find($entry_id);
$template = 'lightbox/feed.html.twig';
if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) {
$template = 'lightbox/IE6/feed.html.twig';
}
$content = $feed_entry->getItems();
$first = $content->first();
$output = $app['twig']->render($template, ['feed_entry' => $feed_entry, 'first_item' => $first, 'local_title' => $feed_entry->getTitle(), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')]);
$response = new Response($output, 200);
$response->setCharset('UTF-8');
return $response;
})->bind('lightbox_feed_entry')->assert('entry_id', '\\d+');
$controllers->get('/ajax/LOAD_REPORT/{basket}/', function (SilexApplication $app, Basket $basket) {
return new Response($app['twig']->render('lightbox/basket_content_report.html.twig', ['basket' => $basket]));
})->bind('lightbox_ajax_report')->assert('basket', '\\d+');
$controllers->post('/ajax/SET_NOTE/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) {
$output = ['error' => true, 'datas' => $app->trans('Erreur lors de l\'enregistrement des donnees')];
$request = $app['request'];
$note = $request->request->get('note');
if (is_null($note)) {
return new Response('You must provide a note value', 400);
}
$repository = $app['repo.basket-elements'];
$basket_element = $repository->findUserElement($sselcont_id, $app['authentication']->getUser());
$validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser());
$validationDatas->setNote($note);
$app['EM']->merge($validationDatas);
$app['EM']->flush();
if ($app['browser']->isMobile()) {
$datas = $app['twig']->render('lightbox/sc_note.html.twig', ['basket_element' => $basket_element]);
$output = ['error' => false, 'datas' => $datas];
} else {
$template = 'lightbox/sc_note.html.twig';
$datas = $app['twig']->render($template, ['basket_element' => $basket_element]);
$output = ['error' => false, 'datas' => $datas];
}
return $app->json($output);
})->bind('lightbox_ajax_set_note')->assert('sselcont_id', '\\d+');
$controllers->post('/ajax/SET_ELEMENT_AGREEMENT/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) {
$request = $app['request'];
$agreement = $request->request->get('agreement');
if (is_null($agreement)) {
return new Response('You must provide an agreement value', 400);
}
$agreement = $agreement > 0;
$releasable = false;
try {
$ret = ['error' => true, 'releasable' => false, 'datas' => $app->trans('Erreur lors de la mise a jour des donnes')];
$repository = $app['repo.basket-elements'];
$basket_element = $repository->findUserElement($sselcont_id, $app['authentication']->getUser());
/* @var $basket_element BasketElement */
$validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser());
if (!$basket_element->getBasket()->getValidation()->getParticipant($app['authentication']->getUser())->getCanAgree()) {
throw new ControllerException('You can not agree on this');
}
$validationDatas->setAgreement($agreement);
$participant = $basket_element->getBasket()->getValidation()->getParticipant($app['authentication']->getUser());
$app['EM']->merge($basket_element);
$app['EM']->flush();
$releasable = false;
if ($participant->isReleasable() === true) {
$releasable = $app->trans('Do you want to send your report ?');
}
$ret = ['error' => false, 'datas' => '', 'releasable' => $releasable];
} catch (ControllerException $e) {
$ret['datas'] = $e->getMessage();
}
return $app->json($ret);
})->bind('lightbox_ajax_set_element_agreement')->assert('sselcont_id', '\\d+');
$controllers->post('/ajax/SET_RELEASE/{basket}/', function (SilexApplication $app, Basket $basket) {
$datas = ['error' => true, 'datas' => ''];
try {
if (!$basket->getValidation()) {
throw new ControllerException('There is no validation session attached to this basket');
}
if (!$basket->getValidation()->getParticipant($app['authentication']->getUser())->getCanAgree()) {
throw new ControllerException('You have not right to agree');
}
$agreed = false;
/* @var $basket Basket */
foreach ($basket->getElements() as $element) {
if (null !== $element->getUserValidationDatas($app['authentication']->getUser())->getAgreement()) {
$agreed = true;
}
}
if (!$agreed) {
throw new ControllerException($app->trans('You have to give your feedback at least on one document to send a report'));
}
/* @var $basket Basket */
$participant = $basket->getValidation()->getParticipant($app['authentication']->getUser());
$token = $app['manipulator.token']->createBasketValidationToken($basket);
$url = $app->url('lightbox', ['LOG' => $token->getValue()]);
$to = $basket->getValidation()->getInitiator($app)->getId();
$app['dispatcher']->dispatch(PhraseaEvents::VALIDATION_DONE, new ValidationEvent($participant, $basket, $url));
$participant->setIsConfirmed(true);
$app['EM']->merge($participant);
$app['EM']->flush();
$datas = ['error' => false, 'datas' => $app->trans('Envoie avec succes')];
} catch (ControllerException $e) {
$datas = ['error' => true, 'datas' => $e->getMessage()];
}
return $app->json($datas);
})->bind('lightbox_ajax_set_release')->assert('basket', '\\d+');
return $controllers;
}
public function generateAuthResponse(Application $app, \Browser $browser, $redirect)
{
if ($browser->isMobile()) {
$response = $app->redirectPath('lightbox');
} elseif ($redirect) {
$response = new RedirectResponse('../' . ltrim($redirect, '/'));
} elseif (true !== $browser->isNewGeneration()) {
$response = $app->redirectPath('get_client');
} else {
$response = $app->redirectPath('prod');
}
$response->headers->clearCookie('postlog');
$response->headers->clearCookie('last_act');
return $response;
}
/**
* Adds an element to a basket
*
* @param Application $app
* @param Request $request
* @return RedirectResponse
*/
public function addElementToBasket(Application $app, Request $request)
{
$basket = $app['converter.basket']->convert($request->request->get('courChuId'));
$app['acl.basket']->isOwner($basket, $app['authentication']->getUser());
try {
$record = new \record_adapter($app, $request->request->get('sbas'), $request->request->get('p0'));
$basketElement = new BasketElement();
$basketElement->setRecord($record);
$basketElement->setBasket($basket);
$basket->addElement($basketElement);
$app['EM']->persist($basket);
$app['EM']->flush();
} catch (\Exception $e) {
}
return $app->redirectPath('get_client_baskets', ['courChuId' => $basket ? $basket->getId() : '']);
}
public function postStopTask(Application $app, Request $request, Task $task)
{
$app['manipulator.task']->stop($task);
return $app->redirectPath('admin_tasks_list');
}
public function setLocale(Application $app, Request $request, $locale)
{
$response = $app->redirectPath('root');
$response->headers->setCookie(new Cookie('locale', $locale));
return $response;
}
/**
* Deletes identified session
*
* @param Application $app
* @param Request $request
* @param integer $id
*
* @return RedirectResponse|JsonResponse
*/
public function deleteSession(Application $app, Request $request, $id)
{
$session = $app['EM']->find('Phraseanet:Session', $id);
if (null === $session) {
$app->abort(404, 'Unknown session');
}
if (null === $session->getUser()) {
$app->abort(403, 'Unauthorized');
}
if ($session->getUser()->getId() !== $app['authentication']->getUser()->getId()) {
$app->abort(403, 'Unauthorized');
}
$app['EM']->remove($session);
$app['EM']->flush();
if ($app['request']->isXmlHttpRequest()) {
return $app->json(['success' => true, 'session_id' => $id]);
}
return $app->redirectPath('account_sessions');
}
