/**
* @param string $setting
* @param UserInterface $user
* @return mixed
*/
public function getUserSetting($setting, UserInterface $user = null)
{
if (!$user) {
$user = $this->authenticationService->getIdentity();
}
return $this->userSettingsService->getValue($setting, $user);
}
public function __invoke(Request $req, Response $res)
{
$school = $req->getAttribute('school');
if ($req->isPost()) {
$this->appFormInputFilter->setData(array_merge($req->getParams(), ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail]));
$isValid = $this->appFormInputFilter->isValid();
if ($isValid) {
$data = $this->appFormInputFilter->getValues();
$appForm = $this->appFormService->submit($data);
$_SESSION['applicationForm']['appForm'] = $appForm;
$res = $res->withRedirect($this->successUrl);
return $res;
}
$this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()];
}
$loadForm = (bool) $req->getParam('load', false);
$this->view['choose'] = !$loadForm && !$req->isPost();
if (!$req->isPost() && $loadForm) {
if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) {
$this->view['form'] = ['values' => $appForm];
}
}
$labs = $this->labService->getLabsBySchoolId($school->id);
$res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) {
return ['value' => $lab['id'], 'label' => $lab['name']];
}, $labs), 'type_choices' => array_map(function ($category) {
return ['value' => $category['id'], 'label' => $category['name']];
}, $this->assetsService->getAllItemCategories())]);
return $res;
}
/**
* Main method to check authorization
*
* @param MvcEvent $e
*
* @return ResponseInterface
*/
public function checkAccess(MvcEvent $e)
{
/** @var Response $response */
$response = $e->getResponse();
/** @var UserEntity $identity */
$identity = $this->authService->getIdentity();
$role = $identity ? $identity->getRole() : UserEntity::ROLE_GUEST;
list($moduleName, $controllerName, $actionName) = $this->namesResolver->resolve($e);
if ($this->acl->isAllowed($role, $moduleName, $controllerName . ':' . $actionName)) {
$e->getViewModel()->setVariable('acl', $this->acl);
return $response;
}
$this->getEventManager()->trigger(self::EVENT_IS_NOT_ALLOWED, $e->getTarget());
$router = $e->getRouter();
if ($role !== UserEntity::ROLE_GUEST) {
$url = $router->assemble(['controller' => 'no-access'], ['name' => 'auth/default']);
} else {
$url = $router->assemble(['controller' => 'login'], ['name' => 'access/default']);
}
$response->setStatusCode(302);
$response->getHeaders()->clearHeaders();
$response->getHeaders()->addHeaderLine('Location', $url);
$e->stopPropagation();
return $response;
}
/**
* @todo Remove the AnonymousIdentity instantiation. This belongs in an Authentication Adapter
* @return Identity
*/
public function getIdentity()
{
$identity = $this->authenticationService->getIdentity();
if (is_null($identity)) {
$identity = new AnonymousIdentity();
}
return $identity;
}
/**
* @return Context
*/
public function createContext()
{
$context = new Context();
$token = $this->tokenStorage->getIdentity();
if (null !== $token) {
$context->set('username', $this->tokenStorage->getIdentity());
}
return $context;
}
/**
* Retrieve the current identity, if any.
*
* If none is present, returns null.
*
* @return mixed|null
* @throws Exception\RuntimeException
*/
public function __invoke()
{
if (!$this->authenticationService instanceof AuthenticationServiceInterface) {
throw new Exception\RuntimeException('No AuthenticationServiceInterface instance provided; cannot lookup identity');
}
if (!$this->authenticationService->hasIdentity()) {
return;
}
return $this->authenticationService->getIdentity();
}
public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null)
{
$identity = $this->authService->getIdentity();
$user = R::load('user', $identity->id);
if (!($school = $user->school)) {
return false;
}
$appForm = $this->appFormService->findSchoolApplicationForm($school->id);
return null === $appForm;
}
public function __invoke(ServerRequestInterface $req, Response $res)
{
if ($this->authService->hasIdentity()) {
$identity = $this->authService->getIdentity();
$events = $this->events;
$this->authService->clearIdentity();
$events('trigger', 'logout', $identity, $this->redirectUrl);
}
return $res->withRedirect($this->redirectUrl);
}
public function __invoke(Request $req, Response $res)
{
$identity = $this->authService->getIdentity();
if (null === $identity) {
return $res;
}
$user = R::load('user', $identity->id);
if (!$user->school_id) {
return $res;
}
$school_id = $user->school_id;
$sync = $this->syncFromInventory;
$result = $sync($school_id);
if (false === $result) {
return $res->withStatus(500);
}
return $res->withJson($result);
}
public function __invoke(Request $req, Response $res, callable $next)
{
$res = $next($req, $res);
$identity = $this->authService->getIdentity();
if (null === $identity) {
return $res;
}
$user = R::load('user', $identity->id);
if (!$user->school_id) {
return $res;
}
$school_id = $user->school_id;
if (0 < count($this->labService->getLabsBySchoolId($school_id))) {
return $res;
}
$sync = $this->syncFromInventory;
$sync($school_id);
return $res;
}
/**
* Determines whether or not user has access to requested resource.
*
* @param ServerRequestInterface $request
* @param ResponseInterface $response
* @param callable $next
*
* @return ResponseInterface
*/
public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next)
{
$route = $request->getAttribute('route', null);
if ($route === null) {
// User likely accessing a nonexistent route. Calling next middleware.
return $next($request, $response);
}
$role = $this->getRole($this->auth->getIdentity());
$resource = $route->getPattern();
/*
* THIS BUG HAPPENED WHEN ROUTE DID NOT SET ->allow([roles])
* Hope fix problems when an optional / maybe followed by arguments
* Route::group('/venues', function (){
Route::get('/', ...
Route::get('[/{id:[0-9]+}]', ...
dont work for groups that do not have a sub route like '/'
*/
// $resource = preg_replace("|\[\/[^\[].*\]|", "/", $route->getPattern());
// $resource = $route->getIdentifier();
$privilege = $request->getMethod();
// $isAllowed = false;
// if(!$this->acl && $route instanceof AuthorizableRoute){
// $route->getAcl()->isAllowed($role, $resource, $privilege);
// } else {
// $this->acl->isAllowed($role, $resource, $privilege);
// }
// var_dump($this->acl);
$isAllowed = $this->acl->isAllowed($role, $resource, $privilege);
$isAuthenticated = $this->auth->hasIdentity();
if ($isAllowed) {
return $next($request, $response);
}
if ($isAuthenticated) {
// Authenticated but unauthorized for this resource
return $this->handler->notAuthorized($response);
}
// Not authenticated and must be authenticated to access this resource
return $this->handler->notAuthenticated($response);
}
public function __construct(AuthenticationServiceInterface $authService, AclInterface $acl, $config = null)
{
$this->authService = $authService;
if (is_array($config)) {
if (isset($config['acl']) && !empty($config['acl']['defaultRole'])) {
$defaultRole = $config['acl']['defaultRole'];
if (!$defaultRole instanceof RoleInterface) {
$defaultRole = new GenericRole($defaultRole);
}
$this->setDefaultRole($defaultRole);
}
}
$this->setAcl($acl);
$this->setDefaultAcl($acl);
$identity = $this->authService->getIdentity();
if ($identity) {
$role = $identity->getRole();
if (!$role instanceof RoleInterface) {
$role = new GenericRole($role);
}
$this->setRole($role);
}
}
public function __invoke(Request $req, Response $res, callable $next)
{
$res = $next($req, $res);
$identity = $this->authService->getIdentity();
if (!$identity) {
return $res;
}
$registryNo = $this->findUnitRegitryNo($identity);
if (null === $registryNo) {
$this->logger->error(sprintf('Unit for user %s not found in LDAP', $identity->mail), $identity->toArray());
return $this->logoutAndRediret($res, sprintf('Το σχολείο με email %s δεν βρέθηκε στο Κατάλογο του ΠΣΔ. <a href="%s" title="SSO logout">SSO Logout</a>', $identity->mail, $this->ssoLogoutUrl));
}
$school = R::findOne('school', 'registry_no = ?', [$registryNo]);
try {
if (!$school) {
$unit = call_user_func($this->fetchUnit, $registryNo);
if (null === $unit) {
$mmId = $this->findUnitMmId($identity);
$unit = call_user_func($this->fetchUnitFromMMById, $mmId);
}
if (null === $unit) {
$this->logger->error(sprintf('Unit with %s for user %s not found in MM', $identity->mail, $registryNo));
$this->logger->debug('Trace', ['registryNo' => $registryNo, 'mmId' => $mmId, 'identity' => $identity->toArray()]);
return $this->logoutAndRediret($res, sprintf('Το σχολείο με κωδικό %s δεν βρέθηκε στο Μητρώο Μονάδων του ΠΣΔ. <a href="%s" title="SSO logout">SSO Logout</a>', $registryNo, $this->ssoLogoutUrl));
}
$data = ['id' => '', 'registry_no' => $registryNo, 'name' => $unit['name'], 'street_address' => $unit['street_address'], 'postal_code' => $unit['postal_code'], 'phone_number' => $unit['phone_number'], 'fax_number' => $unit['fax_number'], 'email' => $identity->mail, 'municipality' => $unit['municipality'], 'schooltype_id' => $unit['unit_type_id'], 'prefecture_id' => $unit['prefecture_id'], 'educationlevel_id' => $unit['education_level_id'], 'eduadmin_id' => $unit['edu_admin_id'], 'creator' => $identity->mail];
$filtered = call_user_func($this->schoolInputFilter, $data);
if (!$filtered['is_valid']) {
$this->logger->error('Invalid data', $filtered);
throw new Exception('Invalid data');
}
$school = $this->schoolService->createSchool($filtered['values']);
$this->logger->info(sprintf('School %s imported from MM to database', $registryNo), $filtered['values']);
}
$user = R::load('user', $identity->id);
$user->school_id = $school['id'];
R::store($user);
$this->logger->info(sprintf('Set school %s to user %s', $registryNo, $identity->mail));
} catch (Exception $e) {
$this->logger->error(sprintf('Problem inserting school %s form MM in database', $registryNo));
$this->logger->debug('Exception', [$e->getMessage(), $e->getTraceAsString()]);
return $this->logoutAndRediret($res, sprintf('A problem occured fetching school data. <a href="%s" title="SSO logout">SSO Logout</a>', $this->ssoLogoutUrl));
}
return $res;
}
/**
* @return \Zend\Http\Response
*/
public function addEmailAction()
{
$this->addEmailService->addEmail($this->params()->fromPost(), $this->authService->getIdentity());
return $this->redirect()->toRoute('PServerCore/user', ['action' => 'index']);
}
/**
* {@inheritDoc}
*/
public function getIdentity()
{
return $this->authenticationService->getIdentity();
}
public function __invoke(Request $req, Response $res)
{
$school = $req->getAttribute('school');
if ($req->isPost()) {
$reqParams = $req->getParams();
array_splice($reqParams['items'], 0, 0);
$this->appFormInputFilter->setData(array_merge($reqParams, ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail]));
$isValid = $this->appFormInputFilter->isValid();
if ($isValid) {
$data = $this->appFormInputFilter->getValues();
$appForm = $this->appFormService->submit($data);
$_SESSION['applicationForm']['appForm'] = $appForm;
$res = $res->withRedirect($this->successUrl);
return $res;
}
$this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()];
}
$loadForm = (bool) $req->getParam('load', false);
$this->view['choose'] = !$loadForm && !$req->isPost();
if (!$req->isPost() && $loadForm) {
// take care of new options in applications and migrate existing ones
if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) {
/**
* Do mapping of old items to new only if items do exist (old form)
* and the map is available at the app settings.
* TODO: Only one version migrations are supported. If the old items are
* two or more versions older, they will not be handled.
*/
// get the existing (db) application form version
$items_version = $this->version;
if (isset($appForm['items']) && \count($appForm['items']) > 0) {
$items_version = array_values($appForm['items'])[0]['version'];
}
if ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && $this->container['settings']['application_form']['itemcategory']['map']['fromversion'] == $items_version && $this->container['settings']['application_form']['itemcategory']['map']['toversion'] == $this->version && isset($this->container['settings']['application_form']['itemcategory']['map']['items'])) {
// if map exists for this version, use it
$items_map = $this->container['settings']['application_form']['itemcategory']['map']['items'];
$appForm['items'] = array_map(function ($item) use($items_map) {
$migrate_values = [];
if (isset($items_map[$item['itemcategory_id']]) && intval($items_map[$item['itemcategory_id']]) > 0) {
$migrate_values = ['itemcategory_prev' => $item['itemcategory_id'], 'itemcategory_id_prev' => $item['itemcategory_id'], 'itemcategory_id' => intval($items_map[$item['itemcategory_id']])];
} else {
$migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -1];
}
$migrate_values['prev_form_load'] = true;
return array_merge($item, $migrate_values);
}, $appForm['items']);
} elseif ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && ($this->container['settings']['application_form']['itemcategory']['map']['fromversion'] != $items_version || $this->container['settings']['application_form']['itemcategory']['map']['toversion'] != $this->version)) {
// if map does not exist for this version, notify user
$items_map = $this->container['settings']['application_form']['itemcategory']['map']['items'];
$appForm['items'] = array_map(function ($item) use($items_map) {
$migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -2, 'prev_form_load' => true];
return array_merge($item, $migrate_values);
}, $appForm['items']);
}
$this->view['form'] = ['values' => $appForm];
}
}
$labs = $this->labService->getLabsBySchoolId($school->id);
$res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) {
return ['value' => $lab['id'], 'label' => $lab['name']];
}, $labs), 'type_choices' => array_map(function ($category) {
return ['value' => $category['id'], 'label' => $category['name']];
}, $this->assetsService->getAllItemCategories($this->version))]);
return $res;
}
