/**
* Returns the logged user.
*
* @param boolean $reset
* If TREU fetches the userdata from the database. (default FALSE)
* To increase performance once the user is fetched it is stored in a
* static variable.
*
* @return mixed
* User entity if there's a logged user, FALSE otherwise
*/
function current_user($reset = FALSE)
{
static $current_user;
if (!isset($current_user) || $reset) {
$CI = get_instance();
$uid = $CI->session->userdata('user_uid');
if ($uid !== FALSE) {
// There is a logged user.
$current_user = $CI->user_model->get($uid);
if ($current_user && $current_user->is_active()) {
// Logged user found. Set logged and return.
$current_user->set_logged();
return $current_user;
} elseif ($current_user && !$current_user->is_active()) {
// The user is no longer active.
// Kill session and redirect to login.
$CI->session->sess_destroy();
redirect('login');
}
}
$current_user = User_entity::build(array());
$current_user->set_logged(FALSE);
}
return $current_user;
}
public function test_api_survey_with_status_restrictions()
{
// Here we are testing all the API but only for status restrictions.
// Every other test case should be tested elsewhere.
// Cleanup
self::$CI->mongo_db->dropCollection('aw_datacollection_test', 'surveys');
self::$CI->mongo_db->dropCollection('aw_datacollection_test', 'call_tasks');
$this->_reset_status_restrictions();
// Shorter statuses.
$draft = Survey_entity::STATUS_DRAFT;
$open = Survey_entity::STATUS_OPEN;
$closed = Survey_entity::STATUS_CLOSED;
$canceled = Survey_entity::STATUS_CANCELED;
// Login user
$this->_change_user(9903);
/////////////////////////////////////////////////////////////////
// Set actions to be allowed only in Draft status.
$mock_config = self::$status_resctriction_config;
$mock_config['enketo collect data'] = array(Survey_entity::STATUS_DRAFT);
$mock_config['enketo testrun'] = array(Survey_entity::STATUS_DRAFT);
$this->_set_status_restrictions($mock_config);
// Logged user is 9903
// User is agent.
// Create survey.
// Status open.
// Valid xml file.
// User is assigned to survey.
$survey = Survey_entity::build(array('sid' => 1, 'status' => Survey_entity::STATUS_OPEN, 'files' => array('xml' => 'valid_survey.xml'), 'agents' => array(9903)));
self::$CI->survey_model->save($survey);
// Create call task
self::$CI->mongo_db->insert('call_tasks', array('ctid' => 1001, 'number' => "1100500000000", 'created' => Mongo_db::date(), 'updated' => Mongo_db::date(), 'assigned' => Mongo_db::date(), 'author' => 1, 'assignee_uid' => 9903, 'survey_sid' => 1, 'activity' => array()));
self::$CI->api_survey_xslt_transform(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 403, 'message' => 'Not allowed.'), $result['status']);
$this->assertArrayHasKey('xml_form', $result);
self::$CI->api_survey_request_respondents(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 403, 'message' => 'Not allowed.'), $result['status']);
// User assigned to call task.
// Call task is assigned to survey.
// User is assigned to survey.
// Survey is the one data is being submitted for.
$_POST = array('csrf_aw_datacollection' => self::$CI->security->get_csrf_hash(), 'respondent' => array('ctid' => 1001, 'form_data' => '<valid><tag/></valid>'));
self::$CI->api_survey_enketo_form_submit(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 403, 'message' => 'Not allowed.'), $result['status']);
/////////////////////////////////////////////////////////////////
// Test again with correct status restrictions.
$mock_config = self::$status_resctriction_config;
$mock_config['enketo collect data'] = array(Survey_entity::STATUS_OPEN);
$mock_config['enketo testrun'] = array(Survey_entity::STATUS_OPEN);
$this->_set_status_restrictions($mock_config);
self::$CI->api_survey_xslt_transform(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 200, 'message' => 'Ok!'), $result['status']);
$this->assertArrayHasKey('xml_form', $result);
self::$CI->api_survey_request_respondents(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 200, 'message' => 'Ok!'), $result['status']);
// User assigned to call task.
// Call task is assigned to survey.
// User is assigned to survey.
// Survey is the one data is being submitted for.
$_POST = array('csrf_aw_datacollection' => self::$CI->security->get_csrf_hash(), 'respondent' => array('ctid' => 1001, 'form_data' => '<valid><tag/></valid>'));
self::$CI->api_survey_enketo_form_submit(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 200, 'message' => 'Ok!'), $result['status']);
/////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////
// To test the manage agents api we need an admin.
$this->_change_user(9901);
// Logged user 9901.
// User is administrator.
// Create survey.
// Status open.
// Valid xml file.
$survey = Survey_entity::build(array('sid' => 2, 'status' => Survey_entity::STATUS_OPEN, 'files' => array('xml' => 'valid_survey.xml'), 'agents' => array()));
self::$CI->survey_model->save($survey);
// Create new agent.
// Absolute minimum properties for the test.
$user_agent = User_entity::build(array('uid' => 8801, 'status' => User_entity::STATUS_ACTIVE, 'roles' => array(ROLE_CC_AGENT)));
self::$CI->user_model->save($user_agent);
// Set conditions.
$mock_config = self::$status_resctriction_config;
$mock_config['manage agents'] = array(Survey_entity::STATUS_DRAFT);
$this->_set_status_restrictions($mock_config);
// User is an agent.
// Action assign
$_POST = array('uid' => 8801, 'action' => 'assign', 'csrf_aw_datacollection' => self::$CI->security->get_csrf_hash());
self::$CI->api_survey_manage_agents(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 403, 'message' => 'Not allowed.'), $result['status']);
/////////////////////////////////////////////////////////////////
// Set conditions.
$mock_config = self::$status_resctriction_config;
$mock_config['manage agents'] = array(Survey_entity::STATUS_OPEN);
$this->_set_status_restrictions($mock_config);
// User is an agent.
// Action assign
$_POST = array('uid' => 8801, 'action' => 'assign', 'csrf_aw_datacollection' => self::$CI->security->get_csrf_hash());
self::$CI->api_survey_manage_agents(1);
$result = json_decode(self::$CI->output->get_output(), TRUE);
$this->assertEquals(array('code' => 200, 'message' => 'Ok!'), $result['status']);
}
/**
* Returns the users with the given roles.
* @param mixed roles
* Single role or array of roles the user has to have.
* If an empty array is provided it will return users without roles.
* If ROLE_REGISTERED is provided, all users will be returned.
* @param mixed $statuses
* Status or array of statuses to query for. Providing NULL is the same as
* providing all the statuses.
* By default only returns all users.
*
* Note: Users with deleted status will never be returned. They are left
* in the database for consistency reasons but they are deleted.
*
* @return User_entity
*/
public function get_with_role($roles, $statuses = User_entity::STATUS_ACTIVE)
{
if (!is_array($roles)) {
$roles = array($roles);
}
if ($statuses != NULL) {
$statuses = !is_array($statuses) ? array($statuses) : $statuses;
$this->mongo_db->whereIn('status', $statuses);
}
if (!in_array(ROLE_REGISTERED, $roles)) {
if (empty($roles)) {
$this->mongo_db->where('roles', array());
} else {
$this->mongo_db->whereInAll('roles', $roles);
}
}
$result = $this->mongo_db->whereNe('status', User_entity::STATUS_DELETED)->get(self::COLLECTION);
$users = array();
foreach ($result as $value) {
$users[] = User_entity::build($value);
}
return $users;
}
/**
* Used by user_add
* When adding an account.
*/
protected function _add_account()
{
$this->form_validation->set_rules('user_name', 'Name', 'trim|required|xss_clean');
$this->form_validation->set_rules('user_username', 'Username', 'trim|required|xss_clean|alpha_dash|callback__cb_check_unique[username]');
$this->form_validation->set_rules('user_email', 'Email', 'trim|required|xss_clean|valid_email|callback__cb_check_unique[email]');
$this->form_validation->set_rules('user_new_password', 'Password', 'trim|required|min_length[8]');
$this->form_validation->set_rules('user_roles', 'Roles', 'callback__cb_check_roles');
$this->form_validation->set_rules('user_status', 'Status', 'callback__cb_check_status');
// To be picked up by the validation object needs a rule, even if empty.
$this->form_validation->set_rules('user_notify', 'Notify');
$this->form_validation->set_error_delimiters('<small class="error">', '</small>');
if ($this->form_validation->run() == FALSE) {
$this->load->view('base/html_start');
$this->load->view('components/navigation', array('active_menu' => 'users'));
$this->load->view('users/user_form', array('user' => NULL, 'action' => 'add'));
$this->load->view('base/html_end');
} else {
// Some values can be set in the constructor.
$userdata = array('name' => $this->input->post('user_name'), 'username' => $this->input->post('user_username'), 'email' => $this->input->post('user_email'), 'author' => current_user()->uid);
$user = User_entity::build($userdata);
$user->set_password(hash_password($this->input->post('user_new_password')))->set_status($this->input->post('user_status'))->set_roles($this->input->post('user_roles'));
// Save
$this->user_model->save($user);
// Notify user?
if ($this->input->post('user_notify') == 'notify') {
$this->load->library('email');
$this->email->from($this->config->item('aw_admin_email'), $this->config->item('aw_admin_name'));
$this->email->to($user->email);
// Load message data from config.
$this->config->load('email_messages');
$message_account_created = $this->config->item('message_account_created');
// Replace placeholders.
$placeholders = array('{{username}}' => $user->username, '{{name}}' => $user->name, '{{password}}' => $this->input->post('user_new_password'));
$message_account_created['subject'] = strtr($message_account_created['subject'], $placeholders);
$message_account_created['message'] = strtr($message_account_created['message'], $placeholders);
$this->email->subject($message_account_created['subject']);
$this->email->message($message_account_created['message']);
$this->email->send();
}
if ($this->user_model->save($user)) {
Status_msg::success('User successfully created.');
} else {
Status_msg::error('Error creating user. Try again.');
}
redirect('users');
}
}
