Esempio n. 1
0
 /**
  * {@inheritdoc}
  */
 public function boot(Application $app)
 {
     if (!(isset($this['config']) ? $this['config']['app.debug'] : true)) {
         $app['events']->addSubscriber(new ExceptionListener('Pagekit\\System\\Exception\\ExceptionController::showAction'));
     }
     $app['events']->addSubscriber(new AccessListener());
     $app['events']->addSubscriber(new AdminMenuListener());
     $app['events']->addSubscriber(new AliasListener());
     $app['events']->addSubscriber(new AuthorizationListener());
     $app['events']->addSubscriber(new CanonicalListener());
     $app['events']->addSubscriber(new FrontpageListener());
     $app['events']->addSubscriber(new LocaleListener());
     $app['events']->addSubscriber(new LoginAttemptListener());
     $app['events']->addSubscriber(new MaintenanceListener());
     $app['events']->addSubscriber(new MenuListener());
     $app['events']->addSubscriber(new MigrationListener());
     $app['events']->addSubscriber(new ResponseListener());
     $app['events']->addSubscriber(new SystemListener());
     $app['events']->addSubscriber(new UserListener());
     $app['events']->addSubscriber(new WidgetListener());
     $app['events']->addSubscriber(new ThemeListener());
     $app['events']->addSubscriber(new ThemeWidgetListener());
     parent::boot($app);
     $this->mergeOptions();
     $app['system'] = $this;
     $app['menus'] = function () {
         return new MenuProvider();
     };
     $app['user'] = function ($app) {
         if (!($user = $app['auth']->getUser())) {
             $user = new UserEntity();
             $roles = $app['users']->getRoleRepository()->where(['id' => RoleInterface::ROLE_ANONYMOUS])->get();
             $user->setRoles($roles);
         }
         return $user;
     };
     $app['users'] = function () {
         return new UserProvider();
     };
     $app['permissions'] = function ($app) {
         return $app['events']->dispatch('system.permission', new PermissionEvent())->getPermissions();
     };
     $app['content'] = function () {
         return new ContentHelper();
     };
     $app['languages'] = function () {
         return new LanguageHelper();
     };
     $app['countries'] = function () {
         return new CountryHelper();
     };
     $app['system.info'] = function () {
         return new SystemInfoHelper();
     };
     $app['oauth'] = function () {
         return new OAuthHelper();
     };
     $app['dates'] = function ($app) {
         $manager = new DateHelper();
         $manager->setTimezone($app['option']->get('system:app.timezone', 'UTC'));
         $manager->setFormats([DateHelper::NONE => '', DateHelper::FULL => __('DATE_FULL'), DateHelper::LONG => __('DATE_LONG'), DateHelper::MEDIUM => __('DATE_MEDIUM'), DateHelper::SHORT => __('DATE_SHORT'), DateHelper::INTERVAL => __('DATE_INTERVAL')]);
         return $manager;
     };
     $app->extend('mailer', function ($mailer, $app) {
         $address = $app['config']->get('mail.from.address');
         $name = $app['config']->get('mail.from.name');
         $mailer->registerPlugin(new ImpersonatePlugin($address, $name));
         return $mailer;
     });
     if (isset($app['profiler'])) {
         $app->on('system.init', function () use($app) {
             $app['profiler']->add(new SystemDataCollector($app['system.info']), 'extension://system/views/profiler/toolbar/system.php', 'extension://system/views/profiler/panel/system.php', 50);
             $app['profiler']->add(new UserDataCollector($app['auth']), 'extension://system/views/profiler/toolbar/user.php', null, -20);
         });
     }
 }
Esempio n. 2
0
 /**
  * @Request({"id": "int", "user": "******", "password", "roles": "array"}, csrf=true)
  * @Response("json")
  */
 public function saveAction($id, $data, $password, $roles = null)
 {
     try {
         // is new ?
         if (!($user = $this->users->find($id))) {
             if ($id) {
                 throw new Exception(__('User not found.'));
             }
             if (empty($password)) {
                 throw new Exception(__('Password required.'));
             }
             $user = new User();
             $user->setRegistered(new \DateTime());
         }
         $self = $this->user->getId() == $user->getId();
         if ($self && $user->isBlocked()) {
             throw new Exception(__('Unable to block yourself.'));
         }
         $name = trim(@$data['username']);
         $email = trim(@$data['email']);
         if (strlen($name) < 3 || !preg_match('/^[a-zA-Z0-9_\\-]+$/', $name)) {
             throw new Exception(__('Username is invalid.'));
         }
         if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
             throw new Exception(__('Email is invalid.'));
         }
         if ($this->users->where(['id <> :id'], compact('id'))->where(function ($query) use($name) {
             $query->orWhere(['username = :username', 'email = :username'], ['username' => $name]);
         })->first()) {
             throw new Exception(__('Username not available.'));
         }
         if ($this->users->where(['id <> :id'], compact('id'))->where(function ($query) use($email) {
             $query->orWhere(['username = :email', 'email = :email'], ['email' => $email]);
         })->first()) {
             throw new Exception(__('Email not available.'));
         }
         $data['username'] = $name;
         $data['email'] = $email;
         if ($email != $user->getEmail()) {
             $user->set('verified', false);
         }
         if (!empty($password)) {
             $user->setPassword($this['auth.password']->hash($password));
         }
         if ($this->user->hasAccess('system: manage user permissions')) {
             if ($self && $user->hasRole(RoleInterface::ROLE_ADMINISTRATOR) && (!$roles || !in_array(RoleInterface::ROLE_ADMINISTRATOR, $roles))) {
                 $roles[] = RoleInterface::ROLE_ADMINISTRATOR;
             }
             $user->setRoles($roles ? $this->roles->query()->whereIn('id', $roles)->get() : []);
         }
         $this->users->save($user, $data);
         return ['message' => $id ? __('User saved.') : __('User created.'), 'user' => $this->getInfo($user)];
     } catch (Exception $e) {
         return ['error' => $e->getMessage()];
     }
 }
 /**
  * @Request({"user": "******"})
  * @Response("json")
  */
 public function registerAction($data)
 {
     $response = ['success' => false];
     $errors = [];
     try {
         if ($this['user']->isAuthenticated() || $this['option']->get('system:user.registration', 'admin') == 'admin') {
             return $this->redirect('/');
         }
         if (!$this['csrf']->validate($this['request']->request->get('_csrf'))) {
             throw new Exception(__('Invalid token. Please try again.'));
         }
         $name = trim(@$data['name']);
         $username = trim(@$data['username']);
         $email = trim(@$data['email']);
         $password = @$data['password'];
         if (empty($name)) {
             $errors[] = ['field' => 'name', 'message' => __('Name required.')];
         }
         if (empty($password)) {
             $errors[] = ['field' => 'password', 'message' => __('Password required.')];
         }
         if (strlen($username) < 3 || !preg_match('/^[a-zA-Z0-9_\\-]+$/', $username)) {
             $errors[] = ['field' => 'username', 'message' => __('Username is invalid.')];
         }
         if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
             $errors[] = ['field' => 'email', 'message' => __('Email is invalid.')];
         }
         if ($this->users->query()->orWhere(['username = :username', 'email = :username'], ['username' => $username])->first()) {
             $errors[] = ['field' => 'username', 'message' => __('Username not available.'), 'dynamic' => true];
         }
         if ($this->users->query()->orWhere(['username = :email', 'email = :email'], ['email' => $email])->first()) {
             $errors[] = ['field' => 'email', 'message' => __('Email not available.'), 'dynamic' => true];
         }
         if (count($errors)) {
             throw new Exception(__('Signup failed'));
         }
         $user = new User();
         $user->setRegistered(new \DateTime());
         $user->setName($name);
         $user->setUsername($username);
         $user->setEmail($email);
         $user->setPassword($this['auth.password']->hash($password));
         $user->setStatus(UserInterface::STATUS_BLOCKED);
         $user->setRoles($this->roles->where(['id' => RoleInterface::ROLE_AUTHENTICATED])->get());
         $token = $this['auth.random']->generateString(32);
         $admin = $this['option']->get('system:user.registration') == 'approval';
         if ($verify = $this['option']->get('system:user.require_verification')) {
             $user->setActivation($token);
         } elseif ($admin) {
             $user->setActivation($token);
             $user->set('verified', true);
         } else {
             $user->setStatus(UserInterface::STATUS_ACTIVE);
         }
         $this->users->save($user);
         if ($verify) {
             $this->sendVerificationMail($user);
             $response['success'] = __('Your user account has been created. Complete your registration, by clicking the link provided in the mail that has been sent to you.');
         } elseif ($admin) {
             $this->sendApproveMail($user);
             $response['success'] = __('Your user account has been created and is pending approval by the site administrator.');
         } else {
             $this->sendWelcomeEmail($user);
             $response['success'] = __('Your user account has been created.');
         }
         if (!$response['success']) {
             $response['success'] = true;
         }
         if (!$this['request']->isXmlHttpRequest()) {
             $this['message']->success($response['success']);
             return $this->redirect('@system/auth/login');
         }
     } catch (Exception $e) {
         if (!$this['request']->isXmlHttpRequest()) {
             foreach ($errors as $error) {
                 $this['message']->error($error['message']);
             }
         } else {
             $response['errors'] = $errors;
         }
     }
     return $this['request']->isXmlHttpRequest() ? $response : $this->redirect(count($errors) ? '@system/registration' : '@system/auth/login');
 }