/** * Action dedicated to fake roles */ public function roles() { $currentSession = \common_session_SessionManager::getSession(); if ($currentSession instanceof \common_session_RestrictedSession) { $this->setData('roles', $currentSession->getUserRoles()); $this->setView('userdebug/restore.tpl'); } else { $myFormContainer = new UserDebugRoles(); $myForm = $myFormContainer->getForm(); if ($myForm->isSubmited() && $myForm->isValid()) { $user = $this->userService->getCurrentUser(); $filter = $myForm->getValue('rolefilter'); $userUri = $myForm->getValue('user'); if ($userUri != \common_session_SessionManager::getSession()->getUserUri()) { throw new \common_exception_Error('Security exception, user to be changed is not the current user'); } $session = new \common_session_RestrictedSession(\common_session_SessionManager::getSession(), $myForm->getValue('rolefilter')); \common_session_SessionManager::startSession($session); $this->setData('roles', $currentSession->getUserRoles()); $this->setView('userdebug/restore.tpl'); } else { $this->setData('formTitle', __("Restrict Roles")); $this->setData('myForm', $myForm->render()); $this->setView('form.tpl', 'tao'); } } }
/** * test the user authentication to TAO and to the API */ public function testAuth() { //is the user in the db $this->assertFalse($this->userService->loginAvailable($this->testUserData[PROPERTY_USER_LOGIN])); if (tao_models_classes_UserService::singleton()->isASessionOpened()) { tao_models_classes_UserService::singleton()->logout(); } //no other user session $this->assertFalse(tao_models_classes_UserService::singleton()->isASessionOpened()); //check user login $this->assertTrue($this->userService->loginUser($this->testUserData[PROPERTY_USER_LOGIN], $this->clearPassword)); //check session $this->assertTrue(tao_models_classes_UserService::singleton()->isASessionOpened()); $currentUser = $this->userService->getCurrentUser(); $this->assertIsA($currentUser, 'core_kernel_classes_Resource'); foreach ($this->testUserData as $prop => $value) { try { $property = new core_kernel_classes_Property($prop); $v = $currentUser->getUniquePropertyValue(new core_kernel_classes_Property($prop)); $v = $v instanceof core_kernel_classes_Resource ? $v->getUri() : $v->literal; $this->assertEquals($value, $v); } catch (common_Exception $ce) { $this->fail($ce); } } }
/** * Get the settings of the current user. This method returns an associative array with the following keys: * * - 'ui_lang': The value associated to this key is a core_kernel_classes_Resource object which represents the language * selected for the Graphical User Interface. * - 'data_lang': The value associated to this key is a core_kernel_classes_Resource object which respresents the language * selected to access the data in persistent memory. * - 'timezone': The value associated to this key is a core_kernel_classes_Resource object which respresents the timezone * selected to display times and dates. * * @return array The URIs of the languages. */ private function getUserSettings() { $currentUser = $this->userService->getCurrentUser(); $props = $currentUser->getPropertiesValues(array(new core_kernel_classes_Property(PROPERTY_USER_UILG), new core_kernel_classes_Property(PROPERTY_USER_DEFLG), new core_kernel_classes_Property(PROPERTY_USER_TIMEZONE))); $langs = array(); if (!empty($props[PROPERTY_USER_UILG])) { $langs['ui_lang'] = current($props[PROPERTY_USER_UILG])->getUri(); } if (!empty($props[PROPERTY_USER_DEFLG])) { $langs['data_lang'] = current($props[PROPERTY_USER_DEFLG])->getUri(); } $langs['timezone'] = !empty($props[PROPERTY_USER_TIMEZONE]) ? current($props[PROPERTY_USER_TIMEZONE]) : TIME_ZONE; return $langs; }
/** * The main action, load the layout * * @return void */ public function index() { $user = $this->userService->getCurrentUser(); $extension = $this->getRequestParameter('ext'); $structure = $this->getRequestParameter('structure'); if ($this->hasRequestParameter('structure')) { // structured mode // @todo stop using session to manage uri/classUri $this->removeSessionAttribute('uri'); $this->removeSessionAttribute('classUri'); $this->removeSessionAttribute('showNodeUri'); TaoCe::setLastVisitedUrl(_url('index', 'Main', 'tao', array('structure' => $structure, 'ext' => $extension))); $sections = $this->getSections($extension, $structure); if (count($sections) > 0) { $this->setData('sections', $sections); } else { common_Logger::w('no sections'); } } else { //check if the user is a noob, otherwise redirect him to his last visited extension. $firstTime = TaoCe::isFirstTimeInTao(); if ($firstTime == false) { $lastVisited = TaoCe::getLastVisitedUrl(); if (!is_null($lastVisited)) { $this->redirect($lastVisited); } } } $perspectiveTypes = array(Perspective::GROUP_DEFAULT, 'settings'); foreach ($perspectiveTypes as $perspectiveType) { $this->setData($perspectiveType . '-menu', $this->getNavigationElementsByGroup($perspectiveType)); } $this->setData('user_lang', \common_session_SessionManager::getSession()->getDataLanguage()); $this->setData('userLabel', \common_session_SessionManager::getSession()->getUserLabel()); // re-added to highlight selected extension in menu $this->setData('shownExtension', $extension); $this->setData('shownStructure', $structure); $this->setData('current-section', $this->getRequestParameter('section')); //creates the URL of the action used to configure the client side $clientConfigParams = array('shownExtension' => $extension, 'shownStructure' => $structure); $this->setData('client_config_url', $this->getClientConfigUrl($clientConfigParams)); $this->setData('content-template', array('blocks/sections.tpl', 'tao')); $this->setView('layout.tpl', 'tao'); }
/** * Enbales you to authenticate a communication based on the token * @param string $token * @return boolean */ protected function authenticate($token) { if (!empty($token)) { $session = PHPSession::singleton(); $currentUser = $this->userService->getCurrentUser(); if (!is_null($currentUser)) { $sessionKey = self::ENV_VAR_NAME . '_' . tao_helpers_Uri::encode($currentUser->getUri()); if ($session->hasAttribute($sessionKey)) { $executionData = $session->getAttribute($sessionKey); if (isset($executionData['token'])) { if ($executionData['token'] == $token) { return true; } } } } } return false; }