/**
* Loads all roles and associated permissions of a given user. Filters duplicate entries.
*
* @param UmgtUser $user The current user.
*
* @return UmgtPermission[] The list of permissions associated to the given user.
* @throws GenericORMapperException In case of any issues with loading permission.
*
* @author Christian Merz
* @version
* Version 0.1, 16.10.2015<br />
*/
private function getPermissions(UmgtUser $user)
{
$RoleList = $user->loadRelatedObjects('Role2User');
$permissionArray = array();
foreach ($RoleList as $Role) {
$PermissionList = $Role->loadRelatedObjects('Role2Permission');
foreach ($PermissionList as $Permission) {
if (!array_key_exists($Permission->getObjectId(), $permissionArray)) {
$permissionArray[$Permission->getObjectId()] = $Permission;
}
}
}
return array_merge($permissionArray);
}
/**
* Returns all roles the user is either assigned directly (User <-> Role) or
* indirectly (User <-> Group <-> Role).
*
* @param UmgtUser $user
*
* @return UmgtRole[]
*
* @author Christian Achatz
* @version
* Version 0.1, 19.06.2015<br />
*/
protected function getRoles(UmgtUser $user)
{
$roles = [];
// map roles int associative array to ensure unique result set
foreach ($user->loadRelatedObjects('Role2User') as $role) {
$roles[$role->getObjectId()] = $role;
}
// add roles assigned via group to allow easy role/permission assignment
foreach ($user->loadRelatedObjects('Group2User') as $group) {
foreach ($group->loadRelatedObjects('Role2Group') as $groupRole) {
if (!isset($roles[$groupRole->getObjectId()])) {
$roles[$groupRole->getObjectId()] = $groupRole;
}
}
}
return array_values($roles);
}
public function transformContent()
{
// initialize the form
$form = $this->getForm('User');
$userControl = $form->getFormElementByName('User');
/* @var $userControl MultiSelectBoxTag */
$groupId = $this->getRequest()->getParameter('groupid');
$uM = $this->getManager();
$group = $uM->loadGroupByID($groupId);
$users = $uM->loadUsersWithGroup($group);
$count = count($users);
// display hint, if no user is assigned to this group
if ($count == 0) {
$template = $this->getTemplate('NoMoreUser');
$template->getLabel('message-1')->setPlaceHolder('display-name', $group->getDisplayName());
$template->getLabel('message-2')->setPlaceHolder('group-view-link', $this->generateLink(['mainview' => 'group', 'groupview' => null, 'groupid' => null]));
$template->transformOnPlace();
return;
}
// fill the multiselect field
for ($i = 0; $i < $count; $i++) {
$userControl->addOption($users[$i]->getLastName() . ', ' . $users[$i]->getFirstName(), $users[$i]->getObjectId());
}
// remove the desired users
if ($form->isSent() && $form->isValid()) {
$options = $userControl->getSelectedOptions();
$users = [];
for ($i = 0; $i < count($options); $i++) {
$user = new UmgtUser();
$user->setObjectId($options[$i]->getAttribute('value'));
$users[] = $user;
unset($user);
}
$group = new UmgtGroup();
$group->setObjectId($groupId);
$uM->detachUsersFromGroup($users, $group);
$this->getResponse()->forward($this->generateLink(['mainview' => 'group', 'groupview' => null, 'groupid' => null]));
} else {
$form->transformOnPlace();
}
}
public function transformContent()
{
$userId = $this->getRequest()->getParameter('userid');
$uM = $this->getManager();
$user = $uM->loadUserByID($userId);
$this->getLabel('DisplayName')->setPlaceHolder('display-name', $user->getDisplayName());
$formNo = $this->getForm('UserDelNo');
$formYes = $this->getForm('UserDelYes');
$response = $this->getResponse();
if ($formYes->isSent()) {
$user = new UmgtUser();
$user->setObjectId($userId);
$uM->deleteUser($user);
$response->forward($this->generateLink(['mainview' => 'user', 'userview' => null, 'userid' => null]));
} elseif ($formNo->isSent()) {
$response->forward($this->generateLink(['mainview' => 'user', 'userview' => null, 'userid' => null]));
} else {
$formNo->transformOnPlace();
$formYes->transformOnPlace();
}
}
public function transformContent()
{
// get role id
$roleId = $this->getRequest()->getParameter('roleid');
// initialize the form
$form = $this->getForm('User');
$user = $form->getFormElementByName('User');
/* @var $user MultiSelectBoxTag */
$uM = $this->getManager();
$role = $uM->loadRoleByID($roleId);
$users = $uM->loadUsersNotWithRole($role);
$count = count($users);
// display a hint, if a role already assigned to all users
if ($count == 0) {
$template = $this->getTemplate('NoMoreUser');
$template->getLabel('message-1')->setPlaceHolder('display-name', $role->getDisplayName());
$template->getLabel('message-2')->setPlaceHolder('role-view-link', $this->generateLink(['mainview' => 'role', 'roleview' => null, 'roleid' => null]));
$template->transformOnPlace();
return;
}
// fill multi-select field
for ($i = 0; $i < $count; $i++) {
$user->addOption($users[$i]->getLastName() . ', ' . $users[$i]->getFirstName(), $users[$i]->getObjectId());
}
// assign role to the desired users
if ($form->isSent() && $form->isValid()) {
$options = $user->getSelectedOptions();
$newUsers = [];
for ($i = 0; $i < count($options); $i++) {
$newUser = new UmgtUser();
$newUser->setObjectId($options[$i]->getAttribute('value'));
$newUsers[] = $newUser;
unset($newUser);
}
$uM->attachUsersToRole($newUsers, $role);
$this->getResponse()->forward($this->generateLink(['mainview' => 'role', 'roleview' => '', 'roleid' => '']));
} else {
$form->transformOnPlace();
}
}
/**
* Decrypts all properties of the given user which have encryption enabled
*
* @param UmgtUser $user
*/
public static function decryptProperties(UmgtUser $user)
{
if (self::$encryptedFieldNames === null) {
return;
}
$encryptionHandler = self::getEncryptionHandler();
$properties = $user->getProperties();
foreach ($properties as $key => $value) {
if (self::propertyHasEncryptionEnabled($key)) {
$user->setProperty($key, self::decrypt($value, $encryptionHandler));
}
}
self::closeEncryptionhandler($encryptionHandler);
}
/**
* Returns a list of Permission domain objects for the given user.
*
* @param UmgtUser $user the user object
*
* @return UmgtPermission[] $permissions the user's permissions
*
* @author Christian Achatz
* @version
* Version 0.1, 29.12.2008<br />
* Version 0.2, 02.01.2009 (Implemented the method)<br />
*/
public function loadUserPermissions(UmgtUser $user)
{
$orm = $this->getORMapper();
// load all roles by the user itself and it's groups
$select = 'SELECT DISTINCT `ent_role`.`RoleID`
FROM `ent_role`
INNER JOIN `ass_role2user` ON `ent_role`.`RoleID` = `ass_role2user`.`Source_RoleID`
INNER JOIN `ent_user` ON `ass_role2user`.`Target_UserID` = `ent_user`.`UserID`
WHERE `ent_user`.`UserID` = \'' . $user->getObjectId() . '\';';
/* @var $roles UmgtRole[] */
$roles = $orm->loadObjectListByTextStatement('Role', $select);
$groups = $this->loadGroupsWithUser($user);
foreach ($groups as $group) {
$select = 'SELECT DISTINCT `ent_role`.`RoleID`
FROM `ent_role`
INNER JOIN `ass_role2group` ON `ent_role`.`RoleID` = `ass_role2group`.`Source_RoleID`
INNER JOIN `ent_group` ON `ass_role2group`.`Target_GroupID` = `ent_group`.`GroupID`
WHERE `ent_group`.`GroupID` = \'' . $group->getObjectId() . '\';';
$roles = array_merge($roles, $orm->loadObjectListByTextStatement('Role', $select));
}
// we can use array_unique() here, because GenericORMapperDataObject implements __toString() method
$roles = array_unique($roles);
$permissions = [];
foreach ($roles as $role) {
$select = 'SELECT DISTINCT `ent_permission`.*
FROM `ent_permission`
INNER JOIN `ass_role2permission` ON `ent_permission`.`PermissionID` = `ass_role2permission`.`Target_PermissionID`
INNER JOIN `ent_role` ON `ass_role2permission`.`Source_RoleID` = `ent_role`.`RoleID`
WHERE `ent_role`.`RoleID` = \'' . $role->getObjectId() . '\';';
$permissions = array_merge($permissions, $orm->loadObjectListByTextStatement('Permission', $select));
}
// due to the fact, that unique'ing the array is a cost-intensive operation, we agreed to return a
// duplicate set of permissions.
return $permissions;
}
public function transformContent()
{
$uM = $this->getManager();
$form = $this->getForm('visibilitydef');
// pre-fill mode if "proxytypeid" and "appobjectid" are given
$request = $this->getRequest();
$proxyTypeId = $request->getParameter('proxytypeid');
$appObjectId = $request->getParameter('appobjectid');
$proxyId = $request->getParameter('proxyid');
$selectedUsers = [];
$selectedGroups = [];
if ($proxyTypeId != null && $appObjectId != null) {
$proxy = new UmgtVisibilityDefinition();
$proxy->setObjectId($proxyId);
$selectedUsers = $uM->loadUsersWithVisibilityDefinition($proxy);
$selectedGroups = $uM->loadGroupsWithVisibilityDefinition($proxy);
}
// load the defined visibility types
$proxyTypes = $uM->loadVisibilityDefinitionTypes();
/* @var $typeElement SelectBoxTag */
$typeElement = $form->getFormElementByName('proxytypeid');
foreach ($proxyTypes as $proxyType) {
$typeElement->addOption($proxyType->getAppObjectName(), $proxyType->getObjectId());
}
// load users
$userList = $uM->getPagedUserList();
/* @var $usersElement MultiSelectBoxTag */
$usersElement = $form->getFormElementByName('users');
foreach ($userList as $user) {
$usersElement->addOption($user->getDisplayName(), $user->getObjectId());
}
foreach ($selectedUsers as $selectedUser) {
$usersElement->setOption2Selected($selectedUser->getObjectId());
}
// load groups
$groups = $uM->getPagedGroupList();
/* @var $groupsElement MultiSelectBoxTag */
$groupsElement = $form->getFormElementByName('groups');
foreach ($groups as $group) {
$groupsElement->addOption($group->getDisplayName(), $group->getObjectId());
}
foreach ($selectedGroups as $selectedGroup) {
$groupsElement->setOption2Selected($selectedGroup->getObjectId());
}
// store visibility definition
if ($form->isSent() && $form->isValid()) {
// setup type
$type = new UmgtVisibilityDefinitionType();
$type->setObjectId($typeElement->getSelectedOption()->getAttribute('value'));
// setup proxy
$definition = new UmgtVisibilityDefinition();
$definition->setAppObjectId($form->getFormElementByName('appobjectid')->getAttribute('value'));
// setup users
$users = [];
foreach ($usersElement->getSelectedOptions() as $option) {
$user = new UmgtUser();
$user->setObjectId($option->getAttribute('value'));
$users[] = $user;
unset($user);
}
// setup groups
$groups = [];
foreach ($groupsElement->getSelectedOptions() as $option) {
$group = new UmgtGroup();
$group->setObjectId($option->getAttribute('value'));
$groups[] = $group;
unset($group);
}
// setup access permissions
$definition->setReadPermission($form->getFormElementByID('read-perm')->isChecked() ? 1 : 0);
$definition->setWritePermission($form->getFormElementByID('write-perm')->isChecked() ? 1 : 0);
$definition->setLinkPermission($form->getFormElementByID('link-perm')->isChecked() ? 1 : 0);
$definition->setDeletePermission($form->getFormElementByID('delete-perm')->isChecked() ? 1 : 0);
$uM->createVisibilityDefinition($type, $definition, $users, $groups);
$this->getResponse()->forward($this->generateLink(['mainview' => 'proxy', 'proxyview' => null, 'proxytypeid' => null]));
} else {
$form->transformOnPlace();
}
}
public function transformContent()
{
$form = $this->getForm('UserForm');
if ($form->isSent() && $form->isValid()) {
$firstName = $form->getFormElementByName('FirstName');
$lastName = $form->getFormElementByName('LastName');
/* @var $birthday DateSelectorTag */
$birthday = $form->getFormElementByName('Birthday');
$streetName = $form->getFormElementByName('StreetName');
$streetNumber = $form->getFormElementByName('StreetNumber');
$zipCode = $form->getFormElementByName('ZIPCode');
$city = $form->getFormElementByName('City');
$email = $form->getFormElementByName('EMail');
$mobile = $form->getFormElementByName('Mobile');
$username = $form->getFormElementByName('Username');
$password = $form->getFormElementByName('Password');
$uM = $this->getManager();
$user = new UmgtUser();
$user->setFirstName($firstName->getValue());
$user->setLastName($lastName->getValue());
$user->setBirthday($birthday->getValue());
$user->setStreetName($streetName->getValue());
$user->setStreetNumber($streetNumber->getValue());
$user->setZIPCode($zipCode->getValue());
$user->setCity($city->getValue());
$user->setEMail($email->getValue());
$user->setMobile($mobile->getValue());
$user->setUsername($username->getValue());
$user->setPassword($password->getValue());
$uM->saveUser($user);
$this->getResponse()->forward($this->generateLink(['mainview' => 'user', 'userview' => null]));
}
$form->transformOnPlace();
}
/**
* Displays and handles the user edit form.
*
* @author Christian Achatz
* @version
* Version 0.1, 26.12.2008<br />
* Version 0.2, 02.01.2009 (Added the password fields handling)<br />
*/
public function transformContent()
{
// get the userid from the request
$userId = $this->getRequest()->getParameter('userid');
// setup the form
$form = $this->getForm('UserForm');
$fieldUserId = $form->getFormElementByName('userid');
$fieldUserId->setAttribute('value', $userId);
$firstName = $form->getFormElementByName('FirstName');
$lastName = $form->getFormElementByName('LastName');
/* @var $birthday DateSelectorTag */
$birthday = $form->getFormElementByName('Birthday');
$streetName = $form->getFormElementByName('StreetName');
$streetNumber = $form->getFormElementByName('StreetNumber');
$zipCode = $form->getFormElementByName('ZIPCode');
$city = $form->getFormElementByName('City');
$email = $form->getFormElementByName('EMail');
$mobile = $form->getFormElementByName('Mobile');
$username = $form->getFormElementByName('Username');
// get the manager
$uM = $this->getManager();
if ($form->isSent()) {
if ($form->isValid()) {
// setup the domain object
$user = new UmgtUser();
$user->setObjectId($userId);
// read the "normal" fields
$user->setFirstName($firstName->getValue());
$user->setLastName($lastName->getValue());
$user->setBirthday($birthday->getValue());
$user->setStreetName($streetName->getValue());
$user->setStreetNumber($streetNumber->getValue());
$user->setZIPCode($zipCode->getValue());
$user->setCity($city->getValue());
$user->setEMail($email->getValue());
$user->setMobile($mobile->getValue());
$user->setUsername($username->getValue());
// read the password field
$passField1 = $form->getFormElementByName('Password');
$passField2 = $form->getFormElementByName('Password2');
$pass1 = $passField1->getAttribute('value');
$pass2 = $passField2->getAttribute('value');
$response = $this->getResponse();
if (!empty($pass1)) {
if ($pass1 !== $pass2) {
$passField1->markAsInvalid();
$passField2->markAsInvalid();
$passField1->appendCssClass($this->getMarkerClass($passField1));
$passField2->appendCssClass($this->getMarkerClass($passField2));
$this->setPlaceHolder('UserEdit', $form->transformForm());
} else {
// add the password to the object
$user->setPassword($pass2);
// save the user
$uM->saveUser($user);
$response->forward($this->generateLink(['mainview' => 'user', 'userview' => '', 'userid' => '']));
}
} else {
$uM->saveUser($user);
$response->forward($this->generateLink(['mainview' => 'user', 'userview' => '', 'userid' => '']));
}
} else {
$form->transformOnPlace();
}
} else {
$user = $uM->loadUserByID($userId);
// pre-fill form
$firstName->setValue($user->getFirstName());
$lastName->setValue($user->getLastName());
$birthday->setValue($user->getBirthday());
$streetName->setValue($user->getStreetName());
$streetNumber->setValue($user->getStreetNumber());
$zipCode->setValue($user->getZIPCode());
$city->setValue($user->getCity());
$email->setValue($user->getEMail());
$mobile->setValue($user->getMobile());
$username->setValue($user->getUsername());
$form->transformOnPlace();
}
}
/**
* @param UmgtUser $user
*
* @return UmgtGroup[]
*/
private function getGroups(UmgtUser $user)
{
return $user->loadRelatedObjects('Group2User');
}
public function transformContent()
{
$form = $this->getForm('register');
if ($form->isSent() && $form->isValid()) {
$uM = $this->getManager();
$user = new UmgtUser();
$firstName = $form->getFormElementByName('firstname');
$firstNameValue = $firstName->getValue();
$user->setFirstName($firstNameValue);
$lastName = $form->getFormElementByName('lastname');
$lastNameValue = $lastName->getValue();
$user->setLastName($lastNameValue);
$street = $form->getFormElementByName('street');
$user->setStreetName($street->getValue());
$number = $form->getFormElementByName('number');
$user->setStreetNumber($number->getValue());
$zip = $form->getFormElementByName('zip');
$user->setZIPCode($zip->getValue());
$city = $form->getFormElementByName('city');
$user->setCity($city->getValue());
$email = $form->getFormElementByName('email');
$user->setEMail($email->getValue());
$userName = $form->getFormElementByName('username');
$userNameValue = $userName->getValue();
$user->setUsername($userNameValue);
$password = $form->getFormElementByName('password');
$user->setPassword($password->getValue());
// assemble display name to have a more readable user within the umgt mgmt UI
if (empty($firstNameValue) && empty($lastNameValue)) {
$user->setDisplayName($userNameValue);
} else {
$user->setDisplayName($lastNameValue . ', ' . $firstNameValue);
}
// add initial groups and roles if applicable
try {
foreach ($this->getInitialGroups() as $initialGroup) {
$user->addGroup($initialGroup);
}
foreach ($this->getInitialRoles() as $initialRole) {
$user->addRole($initialRole);
}
} catch (ConfigurationException $e) {
$l = Singleton::getInstance(Logger::class);
/* @var $l Logger */
$l->logEntry('registration', 'Registration cannot add initial groups or roles due to the following ' . 'exception: ' . $e . ' This may be ok, in case you have no initial groups and/or roles specified.', LogEntry::SEVERITY_INFO);
}
try {
// Lets have a look if the username/email is always in use and show an error message
try {
$config = $this->getConfiguration('APF\\modules\\usermanagement\\pres', 'login.ini');
$loginType = $config->getSection('Default')->getValue('login.type', 'username');
} catch (ConfigurationException $e) {
$loginType = 'username';
}
if ($loginType === 'username') {
$regUser = $uM->loadUserByUserName($userNameValue);
} else {
$regUser = $uM->loadUserByEMail($email->getValue());
}
if ($regUser === null) {
$uM->saveUser($user);
$this->getTemplate('register-ok')->transformOnPlace();
} else {
$form->setPlaceHolder('register-error', $this->getTemplate('register-error-user-already-exists')->transformTemplate());
$form->transformOnPlace();
}
} catch (Exception $e) {
$this->getTemplate('system-error')->transformOnPlace();
$l = Singleton::getInstance(Logger::class);
/* @var $l Logger */
$l->logEntry('registration', 'Registration is not possible due to ' . $e, LogEntry::SEVERITY_ERROR);
}
} elseif ($form->isSent() && !$form->isValid()) {
$form->setPlaceHolder('register-error', $this->getTemplate('register-error')->transformTemplate());
$form->transformOnPlace();
} else {
$form->transformOnPlace();
}
}