/**
* @description Set the an user as administrator.
* @param mail Mail of the user.
*/
public function setAdmin($mail)
{
$this->output->writeln(sprintf('Set user <info>%s</info> as Administrator', $mail));
$admin_role = Role::get(1);
if (empty($admin_role)) {
$this->output->writeln('No Administrator role is in the database!');
return FALSE;
}
$user = new User();
$user->mail = $mail;
$user->fetch('mail');
if (empty($user->getId())) {
$this->output->writeln(sprintf('User with the mail address <info>%s</info> not found in in the database!', $mail));
return FALSE;
}
$ur = new UserRole();
$ur->user = $user;
$ur->role = $admin_role;
if (!$ur->save()) {
$this->output->writeln('Unable to associate the administrator role!');
$this->output->writeln(print_r($ur->getErrors(), TRUE));
return FALSE;
}
$this->output->writeln('User associated!');
return TRUE;
}
/**
* @param int $id
* @param string $roleName
* @return UserRole
*/
public static function createUserRole($id, $roleName)
{
$useRole = new UserRole();
$useRole->setId($id);
$useRole->setName($roleName);
return $useRole;
}
public function mapDtoToUserRole(RoleDto $roleDto)
{
$userRole = new UserRole();
$userRole->setId($roleDto->getId());
$userRole->setName($roleDto->getName());
return $userRole;
}
public function testCreate()
{
$userRole = new UserRole();
$userRole->setName('Administrator');
$userRole->setDescription('Admin account with access to everything.');
$this->assertSame('Administrator', $userRole->getName());
$this->assertSame('Admin account with access to everything.', $userRole->getDescription());
}
/**
* @param $oRole
*/
public function setRoles($oRole)
{
$oUserRoles = new UserRole();
$oUserRoles->setRole($oRole);
$oUserRoles->setUser($this);
$aCollection = new \PropelCollection();
$aCollection->append($oUserRoles);
$this->setUserRoles($aCollection);
}
public function testHasRoles()
{
$adminRole = new UserRole();
$adminRole->setName('admin');
$user = new User();
$user->addRole($adminRole);
$this->assertTrue($user->hasRoles(['admin']));
$this->assertFalse($user->hasRoles(['developer']));
}
public function createOrFind(User $oUser, Role $oRole)
{
$oUserRole = $this->filterByUser($oUser)->filterByRole($oRole)->findOne();
if (!$oUserRole) {
$oUserRole = new UserRole();
$oUserRole->setRole($oRole);
$oUserRole->setUser($oUser);
$oUserRole->save();
}
return $oUserRole;
}
public function selectAllByUserId($id)
{
$criteria = new CDbCriteria();
$criteria->condition = 'user_id=:id';
$criteria->params = array(':id' => $id);
return UserRole::model()->findAll($criteria);
}
public static function select_html($selected = 0, $name = "userrole_id", $class = "select", $template = '%name%')
{
$roles = new UserRole();
$roles->get_iterated();
echo "<select name='{$name}' class='{$class}'>";
foreach ($roles as $role) {
if ($selected == $role->id) {
$selstr = " selected='selected'";
} else {
$selstr = "";
}
$format = parse_template($template, $role->stored);
echo "<option value='{$role->id}' class='user_select'{$selstr}>" . $format . "</option>\n";
}
echo "</select>";
}
public function edit($cid, $title)
{
$cid = (int) $cid;
$content = Content::factory($cid);
if (!$this->user->can_edit_content($content)) {
$this->templatemanager->notify_next("You don't have enough permissions to edit this content!", 'failure');
redirect('administration/dashboard');
}
$page = $content->page->limit(1)->get();
$roles = UserRole::factory()->get();
$ctypes = ContentType::factory()->get();
if (!$page->exists()) {
show_error("No page exists!");
}
/*if (!$content->exists())
{
$html = $page->body()->find('div[id='.trim($title).']', 0)->innertext;
//var_dump($html); die;
$content->div = $title;
$content->contents = $html;
$content->editor_id = $this->user->id;
$content->save(array($page));
}//*/
$divs = $page->get_div_ids();
//$this->templatemanager->assign("css_file", $css_file);
$this->templatemanager->assign("content", $content);
$this->templatemanager->assign("divs", $divs);
$this->templatemanager->assign("page", $page);
$this->templatemanager->assign("roles", $roles);
$this->templatemanager->assign("types", $ctypes);
$suffix = strtolower($content->contenttype->get()->classname);
$this->templatemanager->set_title("Edit Content");
$this->templatemanager->show_template("contents_edit_" . $suffix);
}
/**
* Copy current role to the given partner.
* @param int $partnerId
*/
public function copyToPartner($partnerId)
{
$newRole = new UserRole();
$newRole->setName($this->getName());
$newRole->setDescription($this->getDescription());
$newRole->setStatus($this->getStatus());
$newRole->setPermissionNames(parent::getPermissionNames());
$newRole->setCustomData($this->getCustomData());
$newRole->setPartnerId($partnerId);
// set new partner id
$newRole->setTags($this->getTags());
return $newRole;
}
public static function itemAlias($type, $code = NULL)
{
$_items = array('UserStatus' => array(self::STATUS_NOACTIVE => UserModule::t('Not active'), self::STATUS_ACTIVE => UserModule::t('Active'), self::STATUS_BANNED => UserModule::t('Banned')), 'AdminStatus' => array('0' => UserModule::t('No'), '1' => UserModule::t('Yes')), 'UserRoleStatus' => [CHtml::listData(UserRole::model()->findAll(array('select' => 'id, user_role', 'order' => 'user_role')), 'id', 'user_role')]);
if (isset($code)) {
return isset($_items[$type][$code]) ? $_items[$type][$code] : false;
} else {
return isset($_items[$type]) ? $_items[$type] : false;
}
}
public function getRemoveRole($user_id, $role_id)
{
$userroles = UserRole::find(array('user_id', '=', $user_id), array('role_id', '=', $role_id));
foreach ($userroles as $ur) {
if ($ur->delete()) {
$this->flash()->success('@string/user_role_remove_success');
}
}
return $this->response()->redirect();
}
public function testUserSavesRolesOnSave()
{
$model = $this->getModel();
$model->use_username = self::USERNAME;
$model->roles = $roles = UserRole::model()->findAll();
$model->save(false);
/** @var $model User */
$model = User::model()->findByPk($model->use_id);
$this->assertTrue(is_array($model->roles));
$this->assertEquals(count($roles), count($model->roles));
}
public static function findByUserId($id)
{
$userroles = UserRole::find(array('where' => 'user_id = :user_id', 'values' => array(':user_id' => (int) $id)));
if (count($userroles) <= 0) {
return false;
}
$roles = array();
foreach ($userroles as $role) {
$roles[] = Role::findById($role->role_id);
}
return $roles;
}
public static function getRole($role)
{
if (self::$roles == null) {
self::$roles = array();
self::$roles[self::ROLE_READ] = self::PERM_READ;
self::$roles[self::ROLE_WRITE] = self::PERM_READ + self::PERM_WRITE;
self::$roles[self::ROLE_POWER] = self::$roles[self::ROLE_WRITE] + self::PERM_POWER;
self::$roles[self::ROLE_MANAGER] = self::$roles[self::ROLE_POWER] + self::PERM_MANAGER;
self::$roles[self::ROLE_ADMIN] = self::$roles[self::ROLE_MANAGER] + self::PERM_ADMIN;
}
return ifset(self::$roles, $role, 0);
}
public function loggedIn($record)
{
## set id and role
$this->id = $record->id;
## set role
$role = UserRole::model()->findByAttributes(['user_id' => $this->id, 'is_default_role' => 'Yes']);
$this->setState('fullRole', $role->role['role_name']);
$rootRole = Helper::explodeFirst(".", $role->role['role_name']);
$this->setState('role', $rootRole);
$this->setState('roleId', $role->id);
## reset error code
$this->errorCode = self::ERROR_NONE;
}
/**
* Правила доступа к backend
*/
public function accessRules()
{
$rolesAdm = array('admin');
//по умолчанию
//Получаем админов
$model_adm = UserRole::model()->findAll('access_level=10');
if ($model_adm) {
foreach ($model_adm as $adm_key) {
$rolesAdm[] = $adm_key->name;
}
}
return array(array('allow', 'roles' => $rolesAdm), array('allow', 'actions' => array('login', 'logout', 'access', 'error', 'recover'), 'users' => array('*')), array('deny', 'users' => array('*')));
}
/**
* Authenticates a user.
* The example implementation makes sure if the username and password
* are both 'demo'.
* In practical applications, this should be changed to authenticate
* against some persistent user identity storage (e.g. database).
* @return boolean whether authentication succeeds.
*/
public function authenticate()
{
// find user record by email address (username)
$UserLogin = UserLogin::model()->findByAttributes(array('LoginEmail' => $this->username, 'IsActive' => 1));
if ($UserLogin === null) {
$this->errorCode = self::ERROR_USERNAME_INVALID;
} else {
if ($UserLogin->UserPassword !== md5($this->password)) {
$this->errorCode = self::ERROR_PASSWORD_INVALID;
} else {
$this->errorCode = self::ERROR_NONE;
// set user login ID
$this->userLoginID = $UserLogin->UserLoginID;
// assign user role in auth manager
$userRole = UserRole::model()->findByPk($UserLogin->UserRoleID)->RoleType;
$currentRoles = Yii::app()->authManager->getRoles($this->userLoginID);
if (!array_key_exists($userRole, $currentRoles)) {
// remove old role if role changes
if (!empty($currentRoles)) {
AuthAssignment::model()->deleteAll('userid = :userid', array('userid' => $this->userLoginID));
}
Yii::app()->authManager->assign($userRole, $this->userLoginID);
Yii::app()->authManager->save();
}
// UserProfile
//$UserProfile = UserProfile::model()->findByAttributes(array('UserLoginID'=>$UserLogin->UserLoginID));
$UserProfile = UserProfile::model()->with('companies')->findByAttributes(array('UserLoginID' => $UserLogin->UserLoginID));
// echo '<pre>';
// print_r($UserProfile);
// die();
// create session variables
$this->setState('fullName', sprintf('%s %s', $UserProfile->FirstName, $UserProfile->LastName));
// full user name
$this->setState('companyID', $UserProfile->CompanyID);
// user email
$this->setState('userProfileID', $UserProfile->UserProfileID);
// user email
$this->setState('email', $UserLogin->LoginEmail);
// user email
$this->setState('companyName', $UserProfile->companies->CompanyName);
// user email
$this->setState('agreeToTerms', $UserProfile->AgreeToTerms);
// user email
$this->setState('isFacilitator', $UserProfile->IsFacilitator);
// user email
$this->setState('UserRoleID', $UserLogin->UserRoleID);
// user email
}
}
return !$this->errorCode;
}
public function permissions_for($id)
{
//require login
if (!$this->loginmanager->is_logged_in()) {
redirect($this->loginmanager->login_url);
}
$role = UserRole::factory((int) $id);
$arr = array();
$perms = $role->permission->get();
foreach ($perms as $p) {
$arr[] = $p->key;
}
echo json_encode($arr);
}
public function init()
{
if (Yii::app()->user->isGuest) {
$this->redirect('/');
}
$modleRole = UserRole::model()->find('name LIKE "' . Yii::app()->user->role . '"')->id;
$modelSiteModel = SiteModule::model()->find('templates LIKE "' . $this->module_template_name . '"');
if ($modleRole && $modelSiteModel) {
$modelRule = UserGroupRule::model()->find('user_role_id = ' . $modleRole . ' AND module_id=' . $modelSiteModel->id);
if ($modelRule) {
$this->rule = $modelRule->access_type;
}
}
}
public function __construct($FacilityID, $ElementID = 0, $DeputyID = "", $ModuleID = "")
{
$db = parent::getPdoObject(config::$db_servers['master']["host"], config::$db_servers['master']["framework_user"], config::$db_servers['master']["framework_pass"], "framework");
if ($DeputyID != "" && $ModuleID != "") {
$this->DeputyID = $DeputyID;
$this->ModuleID = $ModuleID;
$this->ElementID = $ElementID;
} else {
if (!empty($FacilityID)) {
$query = "select * from SystemFacilities where FacilityID=?";
$dt = parent::runquery($query, array($FacilityID), $db);
if (parent::GetExceptionCount() != 0) {
return;
}
if (count($dt) == 0) {
return;
}
$this->DeputyID = $dt[0]["DeputyID"];
$this->ModuleID = $dt[0]["ModuleID"];
$this->ElementID = $ElementID;
} else {
return;
}
}
$this->UserID = $_SESSION["User"]->UserID;
$this->Roles = UserRole::GetUserRole($this->DeputyID, $this->UserID);
if (parent::GetExceptionCount() != 0) {
return;
}
$rolesStr = "-1";
if (count($this->Roles) != 0) {
for ($i = 0; $i < count($this->Roles); $i++) {
$rolesStr .= "," . $this->Roles[$i]->UserRole;
}
}
$query = "select DeputyID,ModuleID,ElementID,\r\n\t\t\t\t\t\tmax(AcInsert) as AcInsert,\r\n\t\t\t\t\t\tmax(AcFullUpdate) as AcFullUpdate,\r\n\t\t\t\t\t\tmax(AcUpdate) as AcUpdate,\r\n\t\t\t\t\t\tmax(AcFullDelete) as AcFullDelete,\r\n\t\t\t\t\t\tmax(AcDelete) as AcDelete\r\n\t\t\t\tfrom ModuleAccess\r\n\t\t\t\twhere (RoleID in({$rolesStr}) OR UserID=:uid)\r\n\t\t\t\t\tAND DeputyID=:did AND ModuleID=:mid AND ElementID=:eid\r\n\t\t\t\tgroup by DeputyID,ModuleID,ElementID";
$dt = parent::runquery($query, array(":uid" => $this->UserID, ":did" => $this->DeputyID, ":mid" => $this->ModuleID, ":eid" => $this->ElementID), $db);
if (parent::GetExceptionCount() != 0 || count($dt) == 0) {
return;
}
$this->AcInsert = $dt[0]["AcInsert"] == 0 ? false : true;
$this->AcFullUpdate = $dt[0]["AcFullUpdate"] == 0 ? false : true;
$this->AcUpdate = $dt[0]["AcUpdate"] == 0 ? false : true;
$this->AcFullDelete = $dt[0]["AcFullDelete"] == 0 ? false : true;
$this->AcDelete = $dt[0]["AcDelete"] == 0 ? false : true;
}
public function remove($id)
{
$id = (int) $id;
$role = UserRole::factory($id);
if ($role->name == 'Administrator') {
$this->templatemanager->notify_next(__("You can't remove \"Administrator\" role."), "failure");
redirect('administration/userroles');
} else {
if ($this->user->is_related_to($role)) {
$this->templatemanager->notify_next(__("You can't remove the role you're in."), "failure");
redirect('administration/userroles');
} else {
$role->delete();
$this->templatemanager->notify_next(__("User role is removed successfully."), "success");
redirect('administration/userroles');
}
}
}
/** 患友会首页 **/
public function index($request, $response)
{
/*{{{*/
if ($this->isSpaceLogin()) {
//space 查看
$this->index4Space($request, $response);
$response->module = Space::MODULE_PATIENT4DOCTOR;
} else {
if (false == $this->user->isNull() && UserRole::getGroupMemberRole($this->user->id, $this->space->id)) {
//患友查看
$this->index4Patient($request, $response);
} else {
//浏览者查看
$this->index4Browser($request, $response);
}
}
$response->title = $this->space->host->hospitalfaculty->hospital->commonName . $this->space->name . '大夫患友会';
}
public function mail()
{
if (!(($id = OAInput::post('id')) && ($contact = Contact::find_by_id($id, array('select' => 'name, email, message'))))) {
return false;
}
if (!(($admin_ids = array_unique(column_array(UserRole::find('all', array('select' => 'user_id', 'conditions' => array('name IN (?)', array('root', 'contact_manager')))), 'user_id'))) && ($admins = User::find('all', array('select' => 'name, email', 'conditions' => array('id IN (?)', $admin_ids)))))) {
return false;
}
$this->load->library('OAMail');
$email = $contact->email;
$name = $contact->name;
$message = $contact->message;
$mail = OAMail::create()->setSubject('[系統通知] 官網有新的留言!')->setBody("<article style='font-size:15px;line-height:22px;color:rgb(85,85,85)'><p style='margin-bottom:0'>Hi 管理員,</p><section style='padding:5px 20px'><p>剛剛有一個訪客在您的「聯絡我們」留言囉,以下他所留下的聯絡資料:</p><table style='width:100%;border-collapse:collapse'><tbody><tr><th style='width:100px;text-align:right;padding:11px 5px 10px 0;border-bottom:1px dashed rgba(200,200,200,1)'>E-Mail:</th><td style='text-align:left;text-align:left;padding:11px 0 10px 5px;border-bottom:1px dashed rgba(200,200,200,1)'>" . $email . "</td></tr><tr><th style='width:100px;text-align:right;padding:11px 5px 10px 0;border-bottom:1px dashed rgba(200,200,200,1)'>稱 呼:</th><td style='text-align:left;text-align:left;padding:11px 0 10px 5px;border-bottom:1px dashed rgba(200,200,200,1)'>" . $name . "</td></tr><tr><th style='width:100px;text-align:right;padding:11px 5px 10px 0;border-bottom:1px dashed rgba(200,200,200,1)'>內容:</th><td style='text-align:left;text-align:left;padding:11px 0 10px 5px;border-bottom:1px dashed rgba(200,200,200,1)'>" . $message . "</td></tr></tbody></table><br/><p style='text-align:right'>如果需要詳細列表,可以置<a href='" . base_url('admin', 'contacts') . "' style='color:rgba(96,156,255,1);margin:0 2px'>管理後台</a>檢閱。</p></section></article>");
foreach ($admins as $admin) {
$mail->addTo($admin->email, $admin->name);
}
$mail->send();
$mail = OAMail::create()->setSubject('[宙思設計] 留言成功通知!')->setBody("<article style='font-size:15px;line-height:22px;color:rgb(85, 85, 85)'><p style='margin-bottom:0'>Hi " . $name . ",</p><section style='padding:5px 20px'><p>您好,我們是<a href='http://www.zeusdesign.com.tw/' style='color:rgba(96, 156, 255, 1);margin:0 2px'>宙思設計</a>團隊,我們已經收到您的留言囉。</p><p>我們稍後會有專人主動與您聯絡或回信給您!</p><p>若是尚未得到回覆,您可以至<a href='https://www.facebook.com/ZeusDesignStudio/' style='color:rgba(96, 156, 255, 1);margin:0 2px'>宙思設計臉書粉絲專頁</a>留言,或來電(02-2941-6737)聯絡我們。</p><p style='text-align:right'>- <a href='http://www.zeusdesign.com.tw/' style='color:rgba(96, 156, 255, 1);margin:0 2px'>宙思設計</a>團隊感謝您。</p></section></article>")->addTo($email, $name);
$mail->send();
}
public function afterLogin($fromCookie)
{
if ($fromCookie) {
Yii::app()->user =& $this;
}
$oUser = User::model()->findByPk($this->id);
$this->roleid = $oUser->roleid;
$this->rolename = $oUser->Role->name;
$this->roletype = $oUser->Role->type;
$this->realname = $oUser->realname;
$this->status = $oUser->status;
$this->lang = $oUser->lang;
$this->view_all = $oUser->view_all;
$model = UserRole::model()->findByPk($this->roleid);
if ($oUser->Role->purview == 'admin') {
$this->perm = Module::getUserPerm('admin');
} else {
$this->perm = Module::getUserPerm(json_decode($model->purview, true));
}
$this->publishers = UserResource::getUserPublisher();
}
public function testUserCreate()
{
$this->deleteUser();
$this->login();
$this->url('admin4/user/create');
$this->assertRegExp('/admin v4 - create user/i', $this->title());
$this->byId('User_use_username')->value(self::USERNAME);
$this->byId('User_use_password')->value(self::PASSWORD);
$this->byId('User_use_fname')->value(self::SURNAME);
$this->byId('User_use_sname')->value(self::EMAIL);
$this->byId('User_use_email')->value(self::EMAIL);
/** @var $roles UserRole[] */
$roles = UserRole::model()->findAll();
foreach ($roles as $role) {
$this->byId('User_role_' . $role->rol_id)->click();
}
$this->byId('user-form')->submit();
$this->assertRegExp('/admin4\\/user\\/update/i', $this->url());
$this->getBrowser();
// $this->assertRegExp('/succesfully created/i', $this->source());
}
public function testPermissionApplication()
{
$dbService = za()->getService('DbService');
$this->setupDefaultObjects();
$plainitems = $dbService->getObjects('Issue');
$authService = za()->getService('AuthService');
foreach ($plainitems as $item) {
$authService->grantAccess($item, za()->getUser(), UserRole::getRole(UserRole::ROLE_ADMIN));
}
// $where=array(), $order='id asc', $page=null, $number=null, $auth='')
$items = $dbService->getObjects('Issue', array(), null, null, null, UserRole::PERM_READ);
$this->assertEqual(count($items), count($plainitems));
// $where=array(), $order='id asc', $page=null, $number=null, $auth='')
$items = $dbService->getObjects('Issue', array(), null, null, null, UserRole::PERM_WRITE);
$this->assertEqual(count($items), count($plainitems));
$items = $dbService->getObjects('Issue', array(), null, null, null, UserRole::PERM_ADMIN);
$this->assertEqual(count($items), count($plainitems));
$item = current($items);
$authService->removeAccess($item, za()->getUser());
$items = $dbService->getObjects('Issue', array(), null, null, null, UserRole::PERM_ADMIN);
$this->assertEqual(count($items), count($plainitems) - 1);
}
/**
* @covers SystemUserService::getNonPredefinedUserRoles
*/
public function testGetNonPredefinedUserRoles()
{
$userRoles = new Doctrine_Collection('UserRole');
for ($i = 0; $i < 2; $i++) {
$userRole = new UserRole();
$userRole->setId($i + 1);
$userRole->setName("test name" . $i + 1);
$userRole->setIsAssignable(1);
$userRole->setIsPredefined(0);
$userRoles->add($userRole);
}
$dao = $this->getMock('SystemUserDao');
$dao->expects($this->once())->method('getNonPredefinedUserRoles')->will($this->returnValue($userRoles));
$this->systemUserService->setSystemUserDao($dao);
$result = $this->systemUserService->getNonPredefinedUserRoles();
$this->assertEquals($userRoles, $result);
}
public function update()
{
if (!$this->has_post()) {
return redirect_message(array('admin', $this->get_class(), $this->user->id, 'edit'), array('_flash_message' => '非 POST 方法,錯誤的頁面請求。'));
}
$posts = OAInput::post();
if ($msg = $this->_validation_posts($posts)) {
return redirect_message(array('admin', $this->get_class(), $this->user->id, 'edit'), array('_flash_message' => $msg, 'posts' => $posts));
}
if ($columns = array_intersect_key($posts, $this->user->table()->columns)) {
foreach ($columns as $column => $value) {
$this->user->{$column} = $value;
}
}
$user = $this->user;
$update = user::transaction(function () use($user) {
return $user->save();
});
if (!$update) {
return redirect_message(array('admin', $this->get_class(), $this->user->id, 'edit'), array('_flash_message' => '更新失敗!', 'posts' => $posts));
}
$ori_keys = column_array($user->roles, 'name');
if (($del_keys = array_diff($ori_keys, $posts['roles'])) && ($roles = UserRole::find('all', array('select' => 'id', 'conditions' => array('user_id = ? AND name IN (?)', $user->id, $del_keys))))) {
foreach ($roles as $role) {
UserRole::transaction(function () use($role) {
return $role->destroy();
});
}
}
if ($add_keys = array_diff($posts['roles'], $ori_keys)) {
foreach ($add_keys as $add_key) {
UserRole::transaction(function () use($add_key, $user) {
return verifyCreateOrm(UserRole::create(Array_intersect_key(array('name' => $add_key, 'user_id' => $user->id), UserRole::table()->columns)));
});
}
}
return redirect_message(array('admin', $this->get_class()), array('_flash_message' => '更新成功!'));
}
