/**
* Form login user authentication
*
* @return Redirect
* @throws Exception
*/
public function authenticateAction()
{
$redirect = 'login';
$request = $this->getRequest();
$entityManager = $this->getServiceLocator()->get('doctrine.entitymanager.orm_default');
$appServiceLoader = $this->recoverAppServiceLoader();
$configurations = $appServiceLoader->recoverService('configurations');
$helper = new SetupAbstractControllerHelper();
$helper->setConfigurations($configurations);
$helper->setRequest($request);
$helper->setupZf2appDir();
$helper->setupAppDirRelativePath();
$formValidator = new UserFormAuthenticationInputFilter();
$form = new UserFormAuthentication();
$form->setInputFilter($formValidator->getInputFilter());
if ($request->isPost()) {
$form->setData($request->getPost());
if ($form->isValid()) {
// Check authentication...
$this->getAuthService()->getAdapter()->setIdentity($request->getPost('username'))->setCredential($request->getPost('password'));
$result = $this->getAuthService()->authenticate();
foreach ($result->getMessages() as $message) {
$this->flashmessenger()->addMessage($message);
}
if ($result->isValid()) {
$redirect = 'admin';
// set session timeout stored in MyAuthStorage class...
$this->getSessionStorage()->setRememberMe();
// set storage into the auth service
$this->getAuthService()->setStorage($this->getSessionStorage());
$this->getAuthService()->getStorage()->write($request->getPost('username'));
// Search user into db
$usersGetterWrapper = new UsersGetterWrapper(new UsersGetter($entityManager));
$usersGetterWrapper->setInput(array('username' => $request->getPost('username'), 'password' => $request->getPost('password'), 'adminAccess' => 1, 'limit' => 1));
$usersGetterWrapper->setupQueryBuilder();
$records = $usersGetterWrapper->getRecords();
if (isset($records) and count($records) == 1) {
$records = $records[0];
// Set ACL
$aclSetter = new AclSetter(new Acl());
$aclSetter->setUsersRolesGetterWrapper(new UsersRolesGetterWrapper(new UsersRolesGetter($entityManager)));
$aclSetter->addRoles($aclSetter->recoverRoles(array()));
if ($records['roleName'] === 'WebMaster') {
// Assign all permissions
$aclSetter->getAcl()->allow($records['roleName']);
$wrapper = new UsersRolesPermissionsGetterWrapper(new UsersRolesPermissionsGetter($entityManager));
$wrapper->setInput(array());
$wrapper->setupQueryBuilder();
$permissionsRecords = $wrapper->getRecords();
if (empty($permissionsRecords)) {
throw new NullException("Error: no permissions stored on database!");
}
foreach ($permissionsRecords as $permissionsRecord) {
$aclSetter->getAcl()->addResource($permissionsRecord['flag']);
$aclSetter->getAcl()->allow($records['roleName'], $permissionsRecord['flag']);
}
} else {
$wrapper = new UsersRolesPermissionsRelationsGetterWrapper(new UsersRolesPermissionsRelationsGetter($entityManager));
$wrapper->setInput(array('roleId' => $records['roleId']));
$wrapper->setupQueryBuilder();
$permissionsRecords = $wrapper->getRecords();
if (empty($permissionsRecords)) {
throw new NullException("Error: no permissions stored on database!");
}
foreach ($permissionsRecords as $permissionsRecord) {
$aclSetter->getAcl()->addResource($permissionsRecord['flag']);
$aclSetter->getAcl()->allow($records['roleName'], $permissionsRecord['flag']);
}
}
$sitename = $configurations['sitename'];
if (!$sitename) {
throw new NullException('Site name is not set. Cannot complete the login');
}
$ckFinderUploadDir = $helper->getAppDirRelativePath() . '/public/' . $configurations['media_dir'] . $configurations['media_project'] . 'ckfinder_files';
$userDetails = new \stdClass();
$userDetails->sitename = $sitename;
$userDetails->id = $records['id'];
$userDetails->name = $records['name'];
$userDetails->surname = $records['surname'];
$userDetails->email = $records['email'];
$userDetails->acl = $aclSetter->getAcl();
$userDetails->salt = $records['salt'];
$userDetails->passwordLastUpdate = $records['passwordLastUpdate'];
$userDetails->role = $records['roleName'];
/* Set user session values */
$sessionContainer = new SessionContainer();
$sessionContainer->offsetSet('userDetails', $userDetails);
$sessionContainer->offsetSet('ckFinderUploadDir', $ckFinderUploadDir);
/* Regenerate Session ID after login */
$manager = new \Zend\Session\SessionManager();
$manager->regenerateId();
/* Log entering admin area */
$logWriter = new LogWriter($entityManager->getConnection());
$logWriter->writeLog(array('user_id' => $userDetails->id, 'module_id' => ModulesContainer::contenuti_id, 'message' => "Ingresso nell'area riservata", 'description' => $records['name'] . ' ' . $records['surname'] . " ha effettuato un ingresso nell'area riservata", 'type' => 'info', 'reference_id' => 0, 'backend' => 1));
} else {
$this->flashmessenger()->addMessage(print_r("Nome utente e \\ o password non validi", 1));
}
}
} else {
$sessionContainer = new SessionContainer();
$loginFailures = $sessionContainer->offsetGet('loginFailures');
$sessionContainer->offsetSet('loginFailures', $loginFailures);
foreach ($form->getMessages() as $message) {
$this->flashmessenger()->addMessage(print_r($message, 1));
}
}
}
return $this->redirect()->toRoute($redirect, array("lang" => 'it'));
}
public function testAddRoles()
{
$this->setupRoles();
$this->assertTrue(is_array($this->aclSetter->getAcl()->getRoles()));
}