/**
* Display a list of quotes that can be retrieved after a user has identified themselves with an auth token via
* retrieveQuoteAction(). Having this separate action allows an end user to press "Back" for up to an hour if they
* have chosen to continue the wrong quote.
*
* @return void
*/
public function retrieveMultipleQuotesAction()
{
if ($this->getRequest()->getParam('auth') != '') {
$params = Zend_Registry::get('params');
$mac = $this->getRequest()->getParam('auth');
$securityManager = new Application_Core_Security($params->myhomelet->retrieveWithoutAccount->macSecret, $params->myhomelet->retrieveWithoutAccount->macTimestampVariance != 0, $params->myhomelet->retrieveWithoutAccount->macTimestampVariance);
$dataKeys = array('customerEmail');
$securityCheck = $securityManager->authenticate($mac, $dataKeys);
if (isset($securityCheck['result']) && $securityCheck['result']) {
// Customer has multiple quotes associated with their email address - look them up and generate a set of
// auth tokens, show user the selection
$email = $securityCheck['data']['customerEmail'];
$policyCoverDatasource = new Datasource_Insurance_LegacyPolicyCovers();
$customerManager = new Manager_Core_Customer();
// Get all legacy quote IDs by customer e-mail address
$legacyIDs = array();
// Try to look up a customer record's quotes' IDs by the e-mail provided
$newCustomer = $customerManager->getCustomerByEmailAddress($email);
if ($newCustomer) {
$legacyCustomerMap = new Datasource_Core_CustomerMaps();
$legacyIDs = $legacyCustomerMap->getLegacyIDs($newCustomer->getIdentifier(Model_Core_Customer::IDENTIFIER));
}
// Also check in the legacy DB only to ensure landlords quotes are found
$customer = $customerManager->getLegacyCustomerByEmailAddress($email);
if ($customer) {
$legacyCustomerId = $customer->getIdentifier(Model_Core_Customer::LEGACY_IDENTIFIER);
if (!in_array($legacyCustomerId, $legacyIDs)) {
$legacyIDs[] = $legacyCustomerId;
}
}
// Retrieve all quotes for the linked customer reference numbers
$quoteDatasource = new Datasource_Insurance_LegacyQuotes();
$quotes = $quoteDatasource->getActiveQuotes($legacyIDs, '', array('policynumber', 'startdate'));
// Build the list of policy covers and generate auth tokens for each policy
// Should be done in a manager, but the quote manager has been written with the row data gateway
// design pattern in mind.
$authTokens = array();
foreach ($quotes as $quote) {
// Create list of policy covers
$policyCoverList = array();
$policyOptionsplit = explode('|', $quote->policyOptions);
$sumInsuredSplit = explode('|', $quote->amountsCovered);
for ($i = 0; $i < count($policyOptionsplit); $i++) {
if ($sumInsuredSplit[$i] == 'yes' || floatval($sumInsuredSplit[$i]) > 0) {
// A sum insured value has been set so assume cover is in force
$policyCover = $policyCoverDatasource->getPolicyCoverByLabel($policyOptionsplit[$i]);
if ($policyCover) {
array_push($policyCoverList, array('cover' => $policyOptionsplit[$i], 'name' => $policyCover->getName()));
}
}
}
$quote->policyCovers = $policyCoverList;
// Generate a policy-specific authentication token
$securityManager = new Application_Core_Security($params->myhomelet->retrieveWithoutAccount->macSecret, $params->myhomelet->retrieveWithoutAccount->macTimestampVariance != 0, $params->myhomelet->retrieveWithoutAccount->macTimestampVariance);
$securityData = array('quoteNumber' => $quote->policyNumber);
$authTokens[$quote->policyNumber] = $securityManager->generate($securityData);
}
// Pass quotes and auth tokens into view and finish
$this->view->quotes = $quotes;
$this->view->authTokens = $authTokens;
return;
}
}
// Failover for non-auth or other issue - go to main retrieve quote form
$this->_helper->redirector->gotoUrl('/my-homelet/retrieve-quote');
}
/**
* Resume an existing quote for customers who either have a temporary auth token for a retrieval with no My HomeLet
* account, or who are My HomeLet authenticated. Customers with no form of valid authentication are redirected to
* the My HomeLet login page.
*
* @return void
*/
public function retrieveAction()
{
// Authorisation using no-account My HomeLet retrieval auth token
if ($this->getRequest()->getParam('auth') != '') {
$mac = $this->getRequest()->getParam('auth');
$securityManager = new Application_Core_Security($this->_params->myhomelet->retrieveWithoutAccount->macSecret, $this->_params->myhomelet->retrieveWithoutAccount->macTimestampVariance != 0, $this->_params->myhomelet->retrieveWithoutAccount->macTimestampVariance);
$dataKeys = array('quoteNumber');
$securityCheck = $securityManager->authenticate($mac, $dataKeys);
if (isset($securityCheck['result']) && $securityCheck['result']) {
$quoteNumber = $securityCheck['data']['quoteNumber'];
$quoteManager = new Manager_Insurance_LegacyQuote();
$customerManager = new Manager_Core_Customer();
$quote = $quoteManager->getQuoteByPolicyNumber($quoteNumber);
$quoteRefNo = $quote->refNo;
$customer = $customerManager->getCustomer(Model_Core_Customer::LEGACY_IDENTIFIER, $quoteRefNo);
$customerID = $referenceNumber = $customer->getIdentifier(Model_Core_Customer::LEGACY_IDENTIFIER, $quoteRefNo);
$quoteManager = new Manager_Insurance_LandlordsPlus_Quote(null, $quoteNumber, null, $customerID);
$quote = $quoteManager->getModel();
$pageSession = new Zend_Session_Namespace('landlords_insurance_quote');
$pageSession->quoteID = $quote->ID;
$pageSession->customerRefNo = $referenceNumber;
//Retrieve the WebLead summary ID so that the WebLead can continue to be updated and important
//details captured, such as the campaign code.
$webLeadManager = new Manager_Core_WebLead();
$pageSession->webLeadSummaryId = $webLeadManager->getSummaryId($quoteNumber);
$this->_helper->redirector->gotoUrl('/landlords/insurance-quote/step1');
return;
}
}
// Authorisation using My HomeLet logged in details
$auth = Zend_Auth::getInstance();
$auth->setStorage(new Zend_Auth_Storage_Session('homelet_customer'));
if ($auth->hasIdentity()) {
// Check to see if we have a reference number to load up
if ($this->getRequest()->getParam('quote') != '') {
$quoteNumber = $this->getRequest()->getParam('quote');
// Customer is logged in and is trying to retrieve a specific quote
// We need to check to make sure they own it
$customerID = $auth->getStorage()->read()->id;
// Now we need to get their legacy ID
$customerManager = new Manager_Core_Customer();
$customer = $customerManager->getCustomer(Model_Core_Customer::IDENTIFIER, $customerID);
$referenceNumber = $customer->getIdentifier(Model_Core_Customer::LEGACY_IDENTIFIER);
// Need to find the quote ID by the policy number
$quotes = new Manager_Insurance_LandlordsPlus_Quote(null, $quoteNumber, null, $customerID);
$quote = $quotes->getModel();
$legacyCustomerMap = new Datasource_Core_CustomerMaps();
$legacyIDs = $legacyCustomerMap->getLegacyIDs($customerID);
if (in_array($quote->legacyCustomerID, $legacyIDs)) {
// This customer does own this reference - so set the page session stuff up and redirect
$pageSession = new Zend_Session_Namespace('landlords_insurance_quote');
$pageSession->quoteID = $quote->ID;
$pageSession->customerRefNo = $referenceNumber;
//Retrieve the WebLead summary ID so that the WebLead can continue to be updated and important
//details captured, such as the campaign code.
$webLeadManager = new Manager_Core_WebLead();
$pageSession->webLeadSummaryId = $webLeadManager->getSummaryId($quoteNumber);
$this->_helper->redirector->gotoUrl('/landlords/insurance-quote/step1');
}
}
}
$this->_helper->redirector->gotoUrl('/login?referrerUrl=/my-homelet/quotes');
}
/**
* Executes checks when the user is a PLL finalizing an email-link-to-tenant.
*
* @param Zend_Controller_Request_Abstract $request
* @param string $customerToken
* @param string $refNo
*
* @return boolean
*/
protected function _privateLandlordLinkPreDespatch(Zend_Controller_Request_Abstract $request, $customerToken, $refNo)
{
$session = new Zend_Session_Namespace('referencing_global');
$referenceManager = new Manager_Referencing_Reference();
$reference = $referenceManager->getReference($refNo);
//Check the validity of the access.
$params = Zend_Registry::get('params');
$hashingString = $params->pll->emailLink->security->securityString;
$leeWay = $params->pll->emailLink->security->securityTokenTimeLeewayUser;
$securityManager = new Application_Core_Security($hashingString, true, $leeWay);
$securityCheck = $securityManager->authenticate($customerToken, array('refNo', 'customerId'));
if ($securityCheck['result']) {
//Ensure the customer identifier extracted from the $customerToken matches the identifier
//stored in the reference.
$customerId = $securityCheck['data']['customerId'];
if ($customerId != $reference->customer->customerId) {
$session->security->error = 'Customer identifier does not match';
return false;
}
} else {
// Something went wrong, eg, hash didn't match or time was out of bounds
$session->security->error = $securityCheck['error'];
return false;
}
//Log the customer in.
$customerManager = new Manager_Referencing_Customer();
$customer = $customerManager->getCustomer($customerId);
$loginManager = new Manager_Referencing_Login();
$loginManager->logUserIn($customer->getEmailAddress(), $customer->getPassword());
//Set the relevant session variables so that the PLL can proceed the reference.
$session->referenceId = $reference->internalId;
$session->productName = $reference->productSelection->product->key;
$session->userType = Model_Referencing_ReferenceUserTypes::PRIVATE_LANDLORD;
$session->customerToken = $customerToken;
$session->refNo = $refNo;
return true;
}
/**
* Resume an existing quote for customers who either have a temporary auth token for a retrieval with no My HomeLet
* account, or who are My HomeLet authenticated. Customers with no form of valid authentication are redirected to
* the My HomeLet login page.
*
* @return void
*/
public function retrieveAction()
{
// Authorisation using no-account My HomeLet retrieval auth token
if ($this->getRequest()->getParam('auth') != '') {
$mac = $this->getRequest()->getParam('auth');
$securityManager = new Application_Core_Security($this->_params->myhomelet->retrieveWithoutAccount->macSecret, $this->_params->myhomelet->retrieveWithoutAccount->macTimestampVariance != 0, $this->_params->myhomelet->retrieveWithoutAccount->macTimestampVariance);
$dataKeys = array('quoteNumber');
$securityCheck = $securityManager->authenticate($mac, $dataKeys);
if (isset($securityCheck['result']) && $securityCheck['result']) {
$quoteNumber = $securityCheck['data']['quoteNumber'];
$quoteManager = new Manager_Insurance_TenantsContentsPlus_Quote(null, null, $quoteNumber);
$quote = $quoteManager->getQuoteObject();
if ($quote->policyType == 'T') {
// Make sure this is a tenants quote
$pageSession = new Zend_Session_Namespace('tenants_insurance_quote');
$pageSession->CustomerRefNo = $quote->refNo;
$pageSession->PolicyNumber = $quote->policyNumber;
// Note that this user retrieved a quote, so that if they login in using the login action their
// details don't get nulled out.
$pageSession->RetrievedQuote = true;
//Retrieve the WebLead summary ID so that the WebLead can continue to be updated and important
//details captured, such as the campaign code.
$webLeadManager = new Manager_Core_WebLead();
$pageSession->webLeadSummaryId = $webLeadManager->getSummaryId($pageSession->PolicyNumber);
$this->_helper->redirector->gotoUrl('/tenants/insurance-quote/step1');
return;
} else {
// This isn't a tenants quote! OOPS
$this->render('retrieve-failed');
return;
}
}
}
// Authorisation using My HomeLet logged in details
$auth = Zend_Auth::getInstance();
$auth->setStorage(new Zend_Auth_Storage_Session('homelet_customer'));
if ($auth->hasIdentity()) {
// Check to see if we have a reference number to load up
if ($this->getRequest()->getParam('quote') != '') {
$quoteNumber = $this->getRequest()->getParam('quote');
// Customer is logged in and is trying to retrieve a specific quote
// We need to check to make sure they own it
$customerID = $auth->getStorage()->read()->id;
// Get customers legacy IDs and confirm the refno of the quote
// can be accessed by the customer.
$legacyCustomerMap = new Datasource_Core_CustomerMaps();
$legacyIDs = $legacyCustomerMap->getLegacyIDs($customerID);
$quoteManager = new Manager_Insurance_TenantsContentsPlus_Quote(null, null, $quoteNumber);
$quote = $quoteManager->getQuoteObject();
if (in_array($quote->refNo, $legacyIDs)) {
// This customer does own this reference - so set the page session stuff up and redirect
if ($quote->policyType == 'T') {
// Make sure this is a tenants quote
$pageSession = new Zend_Session_Namespace('tenants_insurance_quote');
$pageSession->CustomerRefNo = $quote->refNo;
$pageSession->PolicyNumber = $quote->policyNumber;
//Retrieve the WebLead summary ID so that the WebLead can continue to be updated and important
//details captured, such as the campaign code.
$webLeadManager = new Manager_Core_WebLead();
$pageSession->webLeadSummaryId = $webLeadManager->getSummaryId($pageSession->PolicyNumber);
$this->_helper->redirector->gotoUrl('/tenants/insurance-quote/step1');
} else {
// This isn't a tenants quote! OOPS
$this->render('retrieve-failed');
return;
}
}
}
}
$this->_helper->redirector->gotoUrl('/login?referrerUrl=/my-homelet/quotes');
}
