/** * Reload the data of the user in the session * * @return void */ public static function reloadSession() { $auth = Zend_Auth::getInstance(); switch (CURRENT_MODULE) { case 'frontend': $userModel = new User(); $user = $userModel->findById(self::getSession()->id); $user->get('group'); break; case 'backoffice': $userModel = new BackofficeUser(); $user = $userModel->findById(self::getSession()->id); $user->groups = $user->findManyToManyRowset('Group', 'BackofficeUserGroup'); $user->group = $user->groups[0]; break; } $session = new stdClass(); foreach ($user as $k => $v) { $session->{$k} = $v; } $session->group->name = $user->get('group')->name; $auth->getStorage()->write($session); }
/** * Allows users to log into the application * * @access public * @return void */ public function loginAction() { $this->title = 'Login'; // use the login layout $this->_helper->layout()->setLayout('login'); $form = new LoginForm(); if ($this->getRequest()->isPost()) { if ($form->isValid($this->getRequest()->getPost())) { $userModel = new BackofficeUser(); if ($userModel->login($form->getValue('username'), $form->getValue('password'))) { $session = new Zend_Session_Namespace('App.Backoffice.Controller'); $request = unserialize($session->request); if (!empty($request)) { $previousUri = $request->getRequestUri(); $this->_redirect($previousUri); } else { $this->_redirect('/profile/'); } } } $this->view->error = TRUE; } $this->view->form = $form; }
/** * Allows users to logically delete other users * (should be reserved for administrators) * * @access public * @return void */ public function deleteAction() { $this->title = 'Delete this user'; $form = new DeleteForm(); $userModel = new BackofficeUser(); if ($this->getRequest()->isPost()) { if ($form->isValid($this->getRequest()->getPost())) { $userModel->deleteById($form->getValue('id')); $this->_helper->FlashMessenger(array('msg-success' => 'The item was successfully deleted.')); App_FlagFlippers_Manager::save(); $this->_redirect('/users/'); } } else { $id = $this->_getParam('id'); if (!is_numeric($id)) { $this->_helper->FlashMessenger(array('msg-error' => 'The id you provided is invalid.')); $this->_redirect('/users/'); } if ($id == 1) { $this->_helper->FlashMessenger(array('msg-error' => 'It is forbidden to mess with the admin account in this release.')); $this->_redirect('/users/'); } $row = $userModel->findById($id); if (empty($row)) { $this->_helper->FlashMessenger(array('msg-error' => 'The requested item cannot be found.')); $this->_redirect('/users/'); } $this->view->item = $row; $form->populate($row->toArray()); } $this->view->form = $form; }
/** * Generate the Acl object from the permission file * * @return Zend_Acl */ private static function _generateFromDb() { $aclObject = new Zend_Acl(); $aclObject->deny(); //Get all the models $backofficeUserModel = new BackofficeUser(); $groupModel = new Group(); $flagModel = new Flag(); $flipperModel = new Flipper(); $privilegeModel = new Privilege(); //Add all groups $groups = $groupModel->fetchAllThreaded(); foreach ($groups as $group) { if ($group->parent_name) { $aclObject->addRole(new Zend_Acl_Role($group->name), $group->parent_name); } else { $aclObject->addRole(new Zend_Acl_Role($group->name)); } } //Add all users $users = $backofficeUserModel->findAll(); foreach ($users as $user) { $aclObject->addRole(new Zend_Acl_Role($user->username), $user->groupNames); } //Add all resources $flags = $flagModel->fetchAll(); foreach ($flags as $flag) { $aclObject->addResource(new Zend_Acl_Resource($flag->name)); } //Add hardcoded resources $aclObject->addResource('frontend-error'); $aclObject->addResource('backoffice-error'); //Populate the ACLs $flippers = $flipperModel->fetchAll(); foreach ($flippers as $flipper) { switch (APPLICATION_ENV) { case APP_STATE_PRODUCTION: $flag = $flag->active_on_prod; break; default: $flag = $flag->active_on_dev; } $privilege = $flipper->findParentRow('Privilege'); $flipper->privilegeName = $privilege->name; $group = $flipper->findParentRow('Group'); $flipper->groupName = $group->name; $flag = $flipper->findParentRow('Flag'); $flipper->flagName = $flag->name; if (Zend_Registry::get('IS_PRODUCTION')) { $envAllowed = $flag->active_on_prod; } else { $envAllowed = $flag->active_on_dev; } if ($flipper->allow && $envAllowed) { $aclObject->allow($flipper->groupName, $flipper->flagName, $flipper->privilegeName); } else { $aclObject->deny($flipper->groupName, $flipper->flagName, $flipper->privilegeName); } } //Hardcode basic paths for members foreach (App_FlagFlippers_Manager::$_membersAllowedResources as $resource) { $aclObject->allow('members', $resource); } //Hardcode basic paths for guests foreach (App_FlagFlippers_Manager::$_guestsAllowedResources as $resource => $roles) { if (!is_array($roles)) { $aclObject->allow('guests', $resource); } else { foreach ($roles as $r) { $aclObject->allow('guests', $resource, $r); } } } //Everbody can see the errors $aclObject->allow(null, 'frontend-error'); $aclObject->allow(null, 'backoffice-error'); //Admins are allowed everywhere $aclObject->allow('administrators'); return $aclObject; }
public function updatePassword($userId, $password) { $data = array('password' => BackofficeUser::hashPassword($password)); $this->update($data, $this->getPrimaryKey() . ' = ' . (int) $userId); }
public function __construct() { parent::__construct(); }
/** * add member * @author EL GUENNUNI Sohaib s.elguennuni@gmail.com * @param [array] * @return */ public function addMember($userId, $parentId = 1) { $userModel = new BackofficeUser(); $user = $userModel->fetchRow("id='" . $userId . "'"); $data = array('backoffice_users_id' => $user->id, 'first_name' => $user->firstname, 'last_name' => $user->lastname, 'email' => $user->email, 'sponsor_parent_id' => $parentId, 'id_member_type' => 1); return $this->insert($data); }
/** * Changes the current user's password * * @param string $password * @access public * @return void */ public function changePassword($password) { if (!Zend_Auth::getInstance()->hasIdentity()) { throw new Zend_Exception('You must have one authenticated user in the application in order to be able to call this method'); } $user = Zend_Auth::getInstance()->getIdentity(); $password = BackofficeUser::hashPassword($password); $this->update(array('password' => $password, 'last_password_update' => new Zend_Db_Expr('NOW()'), 'password_valid' => 1), $this->_db->quoteInto('id = ?', $user->id)); }