/**
* Check authorization
*/
protected function _checkAuthorization()
{
$routeName = Zend_Controller_Front::getInstance()->getRouter()->hasRoute('admin') ? 'admin' : 'default';
$lang = $this->_request->getParam('lang');
if (!Zend_Auth::getInstance()->hasIdentity()) {
//if ajax request
if ($this->getRequest()->isXmlHttpRequest()) {
/*return $this->getHelper('json')->direct(array(
'success' => false,
'message' => $this->view->translate("Please login first")
));*/
throw new Zend_Controller_Action_Exception("Please login first", 403);
}
//store to return
$this->returnHere();
//redirect to login page
$this->_redirect($this->view->url(array('controller' => 'index', 'action' => 'login', 'module' => 'admin', 'lang' => $lang), $routeName, true));
}
$aclLoader = HCMS_Acl_Loader::getInstance();
//check permission
if (!$aclLoader->getAcl()->isAllowed($aclLoader->getCurrentRoleCode(), $this->_authResourse, $this->_authPrivilege)) {
//redirect to login page
$this->_redirect($this->view->url(array('module' => 'admin', 'controller' => 'index', 'action' => 'login', 'lang' => $lang), $routeName, true));
throw new Zend_Controller_Action_Exception("You are not allowed to access this page", 403);
}
}
/**
* Singleton implementation
*
* @return HCMS_Acl_Loader
*/
public static function getInstance()
{
if (self::$_instance === null) {
self::$_instance = new HCMS_Acl_Loader();
}
return self::$_instance;
}
/**
* Login action
*/
public function loginAction()
{
$this->view->layout()->setLayout('login');
$total_number_attempt = $this->_getBootstrapOption('total_number_attempt', 'default', 3);
$lock_login_time = $this->_getBootstrapOption('lock_login_time', 'default', 180);
$expire_password = 3600 * 24 * $this->_getBootstrapOption('expire_password_day', 'default', 90);
$user = new Auth_Model_User();
//login
if ($this->getRequest()->isPost()) {
//username found
//$isExistUser = Auth_Model_UserMapper::getInstance()->getInstance()->findByUsername($this->_getParam('username', ""), $user);
$isExistUser = Auth_Model_UserMapper::getInstance()->getInstance()->findByCredentials($this->_getParam('auth', ""), $user);
if ($isExistUser) {
$aclLoader = HCMS_Acl_Loader::getInstance();
//check permission
$isMaster = $aclLoader->getAcl()->isAllowed($aclLoader->getRoleCode($user->get_role_id()), "admin", "master");
//password expired for non master
//echo $user->get_changed_password_dt();die('<br>here');
if (!$isMaster && strtotime($user->get_changed_password_dt()) + $expire_password < time()) {
$this->sendNotificationEmail($this->_application->get_name() . " - " . $this->translate("your password expired. Please check with your system admin how to re-activate your account."), array("subject" => $this->_application->get_name() . " - Your password is expired", "to_emails" => array($user->get_email())), CURR_LANG);
return $this->_setLoginError();
}
//unlock attempts
if ($user->get_attempt_login() >= $total_number_attempt) {
if (strtotime($user->get_attempt_login_dt()) + $lock_login_time < time()) {
$this->_updateAttemp($user, 0);
} else {
return $this->_setLoginError();
}
}
}
$adapter = new Admin_Model_Auth_Adapter($this->_applicationId, $this->_getParam('auth'), $this->_getParam('password'));
$result = Zend_Auth::getInstance()->authenticate($adapter);
if ($result->isValid()) {
//updated logged time
Auth_Model_UserMapper::getInstance()->getInstance()->updateUserLogged($result->getIdentity());
$this->_updateAttemp($user, 0);
Zend_Session::regenerateId();
$defaultUrl = $this->view->url(array('module' => 'admin', 'controller' => 'index', 'action' => 'index'), 'default', true);
return $this->returnThere($defaultUrl);
} else {
if ($isExistUser) {
$this->_updateAttemp($user, $user->get_attempt_login() + 1);
//send notification
if ($user->get_attempt_login() >= $total_number_attempt) {
$this->sendNotificationEmail($this->_application->get_name() . " - " . $this->translate("your account is temporarily blocked due to too many invalid login attempts"), array("subject" => $this->_application->get_name() . " - Your account is temporarily blocked", "to_emails" => array($user->get_email())), CURR_LANG);
}
}
return $this->_setLoginError(implode(' ', $result->getMessages()));
}
}
}
public function userEditAction()
{
$data = $this->getRequest()->getPost('data');
$id = $this->_getParam('id');
$aclLoader = HCMS_Acl_Loader::getInstance();
//check permission
if ($aclLoader->getAcl()->isAllowed($aclLoader->getCurrentRoleCode(), "admin", "master")) {
$this->view->isAdminLogged = true;
$data["isAdminLogged"] = true;
} else {
$this->view->isAdminLogged = false;
$data["isAdminLogged"] = false;
}
//check if cancel button is pressed
if ($this->_formHelper->isCancel()) {
//cancel form
return $this->_formHelper->returnCancel($this->view->url(array('action' => 'user-edit')), $this->translate('Action canceled'));
}
//create form object
$form = new Auth_Form_User($data);
//postback - save?
if ($this->_formHelper->isSave()) {
//check if valid
if ($form->isValid()) {
$values = $form->getValues();
//create entity object from submitted values, and save
$user = new Auth_Model_User($values);
$date = new Zend_Date();
$user->set_changed_password_dt($date->toString('yyyy-MM-dd HH:mm:ss'));
if (isset($id) && $id > 0) {
if (isset($values['new_password']) && $values['new_password'] != '') {
$user->set_password($values['new_password']);
}
$this->savePassHistory($id);
}
Auth_Model_UserMapper::getInstance()->save($user);
//save done, return success
return $this->_formHelper->returnSuccess($this->view->url(array('action' => 'user-edit')), $this->translate('User saved.'));
} else {
//we have errors - return json or continue
$this->_formHelper->returnError($form->getMessages());
}
} elseif (!$this->_formHelper->getRequest()->isPost()) {
//edit action
if (isset($id) && $id > 0) {
$user = new Auth_Model_User();
if (!Auth_Model_UserMapper::getInstance()->find($id, $user)) {
throw new Exception("User not found");
}
//fetch data
$data = $user->toArray();
}
}
$criteria = array();
$roles = Auth_Model_RoleMapper::getInstance()->fetchAll($criteria);
$languages = Application_Model_TranslateMapper::getInstance()->getLanguages();
$this->view->roles = $roles;
$this->view->languages = $languages;
$this->view->data = $data;
//die(print_R($data));
}