/**
  * Authorizes the user with his username and password. Initializes
  * the user session if the user data are valid.
  * 
  * @access protected
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @return string|boolean
  */
 protected function generateNewPassword(Framework $framework, RequestAbstract $request, Response $response)
 {
     $uuid = $request->getRouteParam('uuid');
     $token = $request->getRouteParam('token');
     if ($uuid === false || !$this->userManager->hasUserForUuid($uuid) || $token === false) {
         $response->redirectTo('/');
         return;
     }
     // Load the user
     $user = $this->userManager->getUserForUuid($uuid);
     if ($user->getMetaData('passwordRequestToken') == '') {
         return array('result' => false, 'message' => $this->translate('You haven\'t requested a new password.', '\\Zepi\\Web\\AccessControl'));
     }
     // If the validate function returned a string there was an error in the validation.
     if ($user->getMetaData('passwordRequestToken') !== $token || $user->getMetaData('passwordRequestTokenLifetime') < time()) {
         return array('result' => false, 'message' => $this->translate('The given token is invalid or expired. Please request a new password.', '\\Zepi\\Web\\AccessControl'));
     }
     // Generate a new password
     $password = $this->generateRandomPassword();
     // Save the new password
     $user->setNewPassword($password);
     // Reset the token
     $user->setMetaData('passwordRequestToken', '');
     $user->setMetaData('passwordRequestTokenLifetime', 0);
     // Update the user
     $this->userManager->updateUser($user);
     // Send the request mail
     $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password generated', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\GenerateNewPassword', array('user' => $user, 'password' => $password)));
     return array('result' => true, 'message' => $this->translate('Your new password is generated and saved. You will receive an email with the new password.', '\\Zepi\\Web\\AccessControl'));
 }
Exemple #2
0
 /**
  * Sets the html form value of the field
  *
  * @access public
  * @param mixed $value
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  */
 public function setValue($value, RequestAbstract $request)
 {
     if (!$request->hasParam($this->getHtmlName() . '_change')) {
         $this->value = false;
     } else {
         if ($request->hasParam($this->getHtmlName() . '_change')) {
             $this->value = true;
         }
     }
 }
Exemple #3
0
 /**
  * Replaces the event name with a redirect event if the url 
  * hasn't a slash at the end of the url.
  * 
  * @access public
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @param mixed $value
  * @return mixed
  */
 public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null)
 {
     if (!$request instanceof WebRequest) {
         return $value;
     }
     $fullUrl = $request->getRequestedUrl();
     $urlParts = parse_url($fullUrl);
     if ($urlParts == false) {
         return $value;
     }
     $urlParts = $this->verifyPath($urlParts);
     $completeUrl = $response->buildUrl($urlParts);
     if ($completeUrl !== $request->getRequestedUrl()) {
         $response->redirectTo($completeUrl);
         return null;
     }
     return $value;
 }
 /**
  * Revokes all permissions for the given access level key
  * 
  * @access public
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @param mixed $value
  * @return mixed
  */
 public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null)
 {
     if (!$request instanceof WebRequest) {
         return $value;
     }
     $items = $this->eventAccessManager->getAccessLevelsForEvent($value);
     // If there are no access levels for the given event name the access
     // to the event is not restricted.
     if ($items === false) {
         return $value;
     }
     if (!$request->hasSession()) {
         return '\\Zepi\\Core\\AccessControl\\Event\\RedirectRequestWithoutSession';
     }
     foreach ($items as $accessLevel) {
         if ($request->getSession()->hasAccess($accessLevel)) {
             return $value;
         }
     }
     return '\\Zepi\\Core\\AccessControl\\Event\\DisplayNoAccessMessage';
 }
Exemple #5
0
 /**
  * Adds the origin and returns the given target url
  * with the origin query parameter.
  * 
  * @param string $target
  * @return void|string
  */
 protected function addOriginToTargetUrl($target)
 {
     $origin = $this->request->getFullRoute();
     $additionalQuery = '_origin=' . base64_encode($origin);
     $parts = parse_url($target);
     if ($parts === false) {
         return $target;
     }
     if (!isset($parts['query'])) {
         $parts['query'] = '';
     } else {
         if ($parts['query'] !== '') {
             $parts['query'] .= '&';
         }
     }
     $parts['query'] .= $additionalQuery;
     return $this->buildUrl($parts);
 }
 /**
  * Searches all language files which should be loaded for the 
  * requested locale.
  * 
  * @access protected
  * @param string $namespace
  */
 protected function loadLanguageFileForNamespace($namespace)
 {
     $loadedLocale = $this->request->getLocale();
     $content = $this->languageFileManager->loadTranslationFileContent($namespace, $loadedLocale);
     // If the received content is empty return false
     if ($content === false) {
         return false;
     }
     $lines = explode(PHP_EOL, $content);
     foreach ($lines as $line) {
         $delimiter = strpos($line, ' = ');
         if ($delimiter === false) {
             continue;
         }
         $pattern = substr($line, 0, $delimiter);
         $replacement = substr($line, $delimiter + 3);
         if (!isset($this->translatedStrings[$namespace]) || !is_array($this->translatedStrings[$namespace])) {
             $this->translatedStrings[$namespace] = array();
         }
         $this->translatedStrings[$namespace][$pattern] = $replacement;
     }
 }
Exemple #7
0
 /**
  * Constructs the object
  * 
  * @access public
  * @param string $method
  * @param string $requestedUrl
  * @param string $route
  * @param array params
  * @param string $base
  * @param string $locale
  * @param string $operatingSystem
  * @param boolean $isSsl
  * @param array $headers
  * @param string $protocol
  * @param array $data
  */
 public function __construct($method, $requestedUrl, $route, $params, $base, $locale, $operatingSystem, $isSsl, $headers, $protocol, $data = array())
 {
     parent::__construct($route, $params, $base, $locale, $operatingSystem, $data);
     $this->method = $method;
     $this->requestedUrl = $requestedUrl;
     $this->isSsl = $isSsl;
     $this->headers = $headers;
     $this->protocol = $protocol;
 }
 /**
  * The DefaultRouteNotFound event handler will generate a 
  * route not found error message.
  * 
  * @access public
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  */
 public function execute(Framework $framework, RequestAbstract $request, Response $response)
 {
     $response->setOutputPart('404', 'The requested route is not available. We can\'t execute the request. Route: "' . $request->getRoute() . '"');
 }
 /**
  * Returns the Form object for the login form
  * 
  * @access protected
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @return \Zepi\Web\UserInterface\Form\Form
  */
 protected function createForm(Framework $framework, RequestAbstract $request, Response $response)
 {
     // Create the form
     $form = new Form('request-new-password', $request->getFullRoute(), 'post');
     // Add the user data group
     $errorBox = new ErrorBox('request-errors', 1);
     $form->addPart($errorBox);
     // Add the user data group
     $group = new Group('user-data', $this->translate('Please insert your username and submit the form.', '\\Zepi\\Web\\AccessControl'), array(new Text('username', $this->translate('Username', '\\Zepi\\Web\\AccessControl'), true)), 10);
     $form->addPart($group);
     // Add the submit button
     $buttonGroup = new ButtonGroup('buttons', array(new Submit('submit', $this->translate('Request new password', '\\Zepi\\Web\\AccessControl'))), 100);
     $form->addPart($buttonGroup);
     return $form;
 }
Exemple #10
0
 /**
  * Returns the Form object for the login form
  * 
  * @access protected
  * @param \Zepi\Turbo\Framework $framework
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @param \Zepi\Turbo\Response\Response $response
  * @return \Zepi\Web\UserInterface\Form\Form
  */
 protected function createForm(Framework $framework, RequestAbstract $request, Response $response)
 {
     // Create the form
     $form = new Form('register', $request->getFullRoute(), 'post');
     // Add the user data group
     $errorBox = new ErrorBox('register-errors', 1);
     $form->addPart($errorBox);
     // Add the user data group
     $group = new Group('user-data', $this->translate('Please fill out the fields below and accept our terms of service.', '\\Zepi\\Web\\AccessControl'), array(new Text('username', $this->translate('Username', '\\Zepi\\Web\\AccessControl'), true), new Text('email', $this->translate('Email address', '\\Zepi\\Web\\AccessControl'), true), new Password('password', $this->translate('Password', '\\Zepi\\Web\\AccessControl'), true), new Checkbox('tos-accepted', $this->translate('Do you accept our <a href="%link%" target="_blank">terms of service</a>?', '\\Zepi\\Web\\AccessControl', array('link' => $request->getFullRoute('tos'))), true)), 10);
     $form->addPart($group);
     // Add the submit button
     $buttonGroup = new ButtonGroup('buttons', array(new Submit('submit', $this->translate('Register', '\\Zepi\\Web\\AccessControl'))), 100);
     $form->addPart($buttonGroup);
     return $form;
 }
Exemple #11
0
 /**
  * Compares the target route with the found route in the routing table.
  * 
  * @access protected
  * @param string $route
  * @param \Zepi\Turbo\Request\RequestAbstract $request
  * @return boolean
  */
 protected function compareRoute($route, RequestAbstract $request)
 {
     // Replace the normal route delimiter with the request route delimiter
     $route = str_replace('|', $request->getRouteDelimiter(), $route);
     // Split the two routes into parts
     $routeParts = explode($request->getRouteDelimiter(), $route);
     $targetRouteParts = explode($request->getRouteDelimiter(), trim($request->getRoute(), $request->getRouteDelimiter()));
     $numberOfTargetRouteParts = count($targetRouteParts);
     // If we have different number of parts between the two routes
     // there are not equal so we have no equal route.
     if (count($routeParts) != $numberOfTargetRouteParts) {
         return false;
     }
     // Define the data types
     $routeParams = array();
     $routeIndex = 0;
     // Loop through the route parts and compare each part
     for ($pos = 0; $pos < $numberOfTargetRouteParts; $pos++) {
         $part = $routeParts[$pos];
         $targetPart = $targetRouteParts[$pos];
         if ($targetPart != '' && preg_match('/\\[(d|s)(?:\\:([0-9a-zA-Z]*))?\\]/', $part)) {
             list($key, $value) = $this->parseRouteParam($part, $targetPart);
             $routeParams[$routeIndex] = $value;
             $routeIndex++;
             if ($key !== '') {
                 $routeParams[$key] = $value;
             }
         } else {
             if ($part !== $targetPart) {
                 // The part isn't equal == the route can't be equal
                 return false;
             }
         }
     }
     // Save the route parameters in the request
     $request->setRouteParams($routeParams);
     return true;
 }