public function test_index_returns_all_users_by_get()
{
User::where('id', '>=', 1)->delete();
$users = factory(User::class, 3)->create();
$user = $users->first();
//$this->actingAs($user);
$this->get('api/v1/user');
$this->seeStatusCode(200);
$this->seeJson(['per_page' => 50]);
foreach ($users as $user) {
$this->seeJson(['username' => $user->username]);
}
}
public function authenticate()
{
$container = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer');
$session = \Innomatic\Desktop\Controller\DesktopFrontController::instance('\\Innomatic\\Desktop\\Controller\\DesktopFrontController')->session;
if (isset(\Innomatic\Wui\Wui::instance('\\Innomatic\\Wui\\Wui')->parameters['wui']['login'])) {
$loginDispatcher = new \Innomatic\Wui\Dispatch\WuiDispatcher('login');
$loginDispatcher->addEvent('logout', '\\Innomatic\\Desktop\\Auth\\tenant_login_logout');
$loginDispatcher->addEvent('login', '\\Innomatic\\Desktop\\Auth\\tenant_login_login');
$loginDispatcher->Dispatch();
}
if ($container->getConfig()->value('SecurityOnlyHttpsDomainAccessAllowed') == '1') {
if (!isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] != 'on') {
self::doAuth(true, 'only_https_allowed');
}
}
// Check if the session is valid
if (!\Innomatic\Desktop\Controller\DesktopFrontController::instance('\\Innomatic\\Desktop\\Controller\\DesktopFrontController')->session->isValid('INNOMATIC_AUTH_USER')) {
self::doAuth();
}
$domainsquery = $container->getDataAccess()->execute('SELECT id FROM domains WHERE domainid=' . $container->getDataAccess()->formatText(\Innomatic\Domain\User\User::extractDomainID($session->get('INNOMATIC_AUTH_USER'))));
if ($domainsquery->getNumberRows() == 0) {
self::doAuth();
} else {
$domainsquery->free();
$container->startDomain(\Innomatic\Domain\User\User::extractDomainID($session->get('INNOMATIC_AUTH_USER')), $session->get('INNOMATIC_AUTH_USER'));
}
// Check if the user still exists
$user = new \Domain\User\User($container->getCurrentDomain()->domaindata['id'], \Domain\User\User::getUserIdByUsername($session->get('INNOMATIC_AUTH_USER')));
if (!$user->exists()) {
// User no more exists; remove the session key and redo auth
\Innomatic\Desktop\Controller\DesktopFrontController::instance('\\Innomatic\\Desktop\\Controller\\DesktopFrontController')->session->remove('INNOMATIC_AUTH_USER');
$container->stopDomain();
self::doAuth();
}
// Check if the user is enabled
if (!$user->isEnabled()) {
$container->stopDomain();
self::doAuth(true, 'userdisabled');
}
if ($session->isValid('domain_login_attempts')) {
$session->remove('domain_login_attempts');
}
// Check if the domain is enabled
//
if ($container->getCurrentDomain()->domaindata['domainactive'] != $container->getDataAccess()->fmttrue) {
self::doAuth(true, 'domaindisabled');
}
return true;
}
public function removeList(User $oUser, $iListID)
{
$oRepository = new TaskListRepository();
return $oRepository->deleteListByUserID($oUser->getID(), $iListID);
}
public function viewDefault($eventData)
{
$usersQuery = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentDomain()->getDataAccess()->execute('SELECT id,username,fname,lname,email,groupid,disabled FROM domain_users ORDER BY username');
$profQuery = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentDomain()->getDataAccess()->execute('SELECT id,groupname FROM domain_users_groups ORDER BY groupname');
$profiles = array();
while (!$profQuery->eof) {
$profData = $profQuery->getFields();
$profiles[$profData['id']] = $profData['groupname'];
$profQuery->moveNext();
}
if ($usersQuery->getNumberRows()) {
$headers[0]['label'] = $this->localeCatalog->getStr('status_header');
$headers[1]['label'] = $this->localeCatalog->getStr('username_header');
$headers[2]['label'] = $this->localeCatalog->getStr('completename_header');
$headers[3]['label'] = $this->localeCatalog->getStr('email_header');
$headers[4]['label'] = $this->localeCatalog->getStr('userprofilename_header');
$row = 0;
$wuiUsersTable = new WuiTable('userstable', array('headers' => $headers));
while (!$usersQuery->eof) {
$userData = $usersQuery->getFields();
if ($userData['disabled'] == \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentDomain()->getDataAccess()->fmttrue) {
$enabled = false;
} else {
$enabled = true;
}
$chDataAction[$row] = new WuiEventsCall();
$chDataAction[$row]->addEvent(new WuiEvent('view', 'edituser', array('userid' => $userData['id'])));
if ($enabled) {
$wuiUsersTable->addChild(new WuiImage('status' . $row, array('imageurl' => $this->wuiMainframe->mThemeHandler->mStyle['greenball'])), $row, 0, 'center');
} else {
$wuiUsersTable->addChild(new WuiImage('status' . $row, array('imageurl' => $this->wuiMainframe->mThemeHandler->mStyle['redball'])), $row, 0, 'center');
}
$wuiUsersTable->addChild(new WuiLink('usernamelabel' . $row, array('label' => $userData['username'], 'link' => $chDataAction[$row]->getEventsCallString())), $row, 1);
$wuiUsersTable->addChild(new WuiLabel('completenamelabel' . $row, array('label' => strcmp($userData['username'], \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentDomain()->getDomainId()) != 0 ? $userData['lname'] . ' ' . $userData['fname'] : $this->localeCatalog->getStr('superuser_label'))), $row, 2);
$wuiUsersTable->addChild(new WuiLabel('emaillabel' . $row, array('label' => $userData['email'])), $row, 3);
$wuiUsersTable->addChild(new WuiLabel('userprofilelabel' . $row, array('label' => ($userData['groupid'] != '0' and strlen($userData['groupid'])) ? $profiles[$userData['groupid']] : $this->localeCatalog->getStr('noprofileid_label'))), $row, 4);
if (\Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentUser()->hasPermission('edit_password_all')) {
$wuiUserToolbar[$row] = new WuiHorizgroup('usertoolbar' . $row);
$chPasswdAction[$row] = new WuiEventsCall();
$chPasswdAction[$row]->addEvent(new WuiEvent('view', 'chpassword', array('userid' => $userData['id'])));
$wuiChPasswdButton[$row] = new WuiButton('chpasswdbutton' . $row, array('label' => $this->localeCatalog->getStr('chpasswd_label'), 'themeimage' => 'documenttext', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $chPasswdAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiChPasswdButton[$row]);
$wuiChDataButton[$row] = new WuiButton('chdatabutton' . $row, array('label' => $this->localeCatalog->getStr('chdata_label'), 'themeimage' => 'documenttext', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $chDataAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiChDataButton[$row]);
if (!\Domain\User\User::isAdminUser($userData['username'], \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer')->getCurrentDomain()->domainid)) {
$removeAction[$row] = new WuiEventsCall();
$removeAction[$row]->addEvent(new WuiEvent('view', 'deleteuser', array('userid' => $userData['id'])));
$enableAction = new WuiEventsCall();
$enableAction->addEvent(new WuiEvent('action', $enabled ? 'disableuser' : 'enableuser', array('userid' => $userData['id'])));
$wuiEnableButton = new WuiButton('enablebutton' . $row, array('label' => $this->localeCatalog->getStr($enabled ? 'disableuser_label' : 'enableuser_label'), 'themeimage' => $enabled ? 'lock' : 'unlock', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $enableAction->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiEnableButton);
$wuiRemoveButton[$row] = new WuiButton('removebutton' . $row, array('label' => $this->localeCatalog->getStr('removeuser_label'), 'themeimage' => 'trash', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $removeAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiRemoveButton[$row]);
}
$wuiUsersTable->addChild($wuiUserToolbar[$row], $row, 5);
}
$usersQuery->moveNext();
$row++;
}
$this->wuiMainframe->addChild($wuiUsersTable);
}
$this->wuiTitlebar->mTitle .= ' - ' . $this->localeCatalog->getStr('users_title');
}
public function viewDefault($eventData)
{
// Filtering
if (isset($eventData['filter'])) {
// if ($eventData['filter_projectid'] != 0)
$search_keys['username'] = $eventData['username'];
// Username
$username_filter_sk = new WuiSessionKey('username_filter', array('value' => $eventData['username']));
$search_keys['completename'] = $eventData['completename'];
// completename
$completename_filter_sk = new WuiSessionKey('completename_filter', array('value' => $eventData['completename']));
$search_keys['email'] = $eventData['email'];
// email
$email_filter_sk = new WuiSessionKey('email_filter', array('value' => $eventData['email']));
} else {
$username_filter_sk = new WuiSessionKey('username_filter');
if (strlen($username_filter_sk->mValue) and $username_filter_sk->mValue != 0) {
$search_keys['username'] = $username_filter_sk->mValue;
}
$eventData['username'] = $username_filter_sk->mValue;
$completename_filter_sk = new WuiSessionKey('completename_filter');
if (strlen($completename_filter_sk->mValue) and $completename_filter_sk->mValue != 0) {
$search_keys['completename'] = $completename_filter_sk->mValue;
}
$eventData['completename'] = $completename_filter_sk->mValue;
$email_filter_sk = new WuiSessionKey('email_filter');
if (strlen($email_filter_sk->mValue) and $email_filter_sk->mValue != 0) {
$search_keys['email'] = $email_filter_sk->mValue;
}
$eventData['email'] = $email_filter_sk->mValue;
}
$where = array();
if (isset($eventData['username']) and !empty($eventData['username'])) {
$where[] = "username LIKE '%" . $eventData['username'] . "%' ";
}
if (isset($eventData['completename']) and !empty($eventData['completename'])) {
$where[] = "fname LIKE '%" . $eventData['completename'] . "%' OR lname LIKE '%" . $eventData['completename'] . "%' ";
}
if (isset($eventData['email']) and !empty($eventData['email'])) {
$where[] = "email LIKE '%" . $eventData['email'] . "%' ";
}
$usersQuery = $this->innomaticContainer->getCurrentDomain()->getDataAccess()->execute('SELECT id, username, fname, lname, email, groupid, disabled
FROM domain_users ' . (!empty($where) ? "WHERE " . implode("OR ", $where) : '') . ' ORDER BY username');
$profQuery = $this->innomaticContainer->getCurrentDomain()->getDataAccess()->execute('SELECT id,groupname FROM domain_users_groups ORDER BY groupname');
$profiles = array();
while (!$profQuery->eof) {
$profData = $profQuery->getFields();
$profiles[$profData['id']] = $profData['groupname'];
$profQuery->moveNext();
}
$wuiVGroup = new WuiVertgroup('vgroup');
$wuiVGroup->addChild(new WuiLabel('filter', array('bold' => true, 'label' => $this->localeCatalog->getStr('filter_label'))));
$formEventsCall = new WuiEventsCall();
$formEventsCall->addEvent(new WuiEvent('view', 'default', array()));
$wuiForm = new WuiForm('usersform', array('action' => $formEventsCall->getEventsCallString()));
$wuiHGroup = new WuiHorizgroup('hgroup', array('width' => '0%'));
$wuiHGroup->addChild(new WuiLabel('username', array('label' => $this->localeCatalog->getStr('username_header') . ':')));
$wuiHGroup->addChild(new WuiString('username', array('disp' => 'view', 'value' => isset($eventData['username']) ? $eventData['username'] : '')));
$wuiHGroup->addChild(new WuiLabel('completename', array('label' => $this->localeCatalog->getStr('completename_header') . ':')));
$wuiHGroup->addChild(new WuiString('completename', array('disp' => 'view', 'value' => isset($eventData['completename']) ? $eventData['completename'] : '')));
$wuiHGroup->addChild(new WuiLabel('email', array('label' => $this->localeCatalog->getStr('email_header') . ':')));
$wuiHGroup->addChild(new WuiString('email', array('disp' => 'view', 'value' => isset($eventData['email']) ? $eventData['email'] : '')));
$wuiSearchButton = new WuiButton('searchbutton', array('label' => $this->localeCatalog->getStr('filter_button'), 'themeimage' => 'zoom', 'themeimagetype' => 'mini', 'horiz' => 'true', 'formsubmit' => 'usersform', 'action' => \Innomatic\Wui\Dispatch\WuiEventsCall::buildEventsCallString('', array(array('view', 'default', array('filter' => 'true'))))));
$wuiHGroup->addChild($wuiSearchButton);
$wuiEraseFilter = new WuiButton('searchbutton', array('label' => $this->localeCatalog->getStr('erasefilter_button'), 'themeimage' => 'buttoncancel', 'themeimagetype' => 'mini', 'horiz' => 'true', 'frame' => 'false', 'formsubmit' => 'usersform', 'action' => \Innomatic\Wui\Dispatch\WuiEventsCall::buildEventsCallString('', array(array('view', 'default', array()), array('action', 'erasefilter', array())))));
$wuiHGroup->addChild($wuiEraseFilter);
$wuiForm->addChild($wuiHGroup);
$wuiVGroup->addChild($wuiForm);
$wuiVGroup->addChild(new WuiHorizBar('horizbar1'));
$wuiVGroup->addChild(new WuiLabel('filter', array('bold' => true, 'label' => $this->localeCatalog->getStr('users_title'))));
if ($usersQuery->getNumberRows()) {
$headers[0]['label'] = $this->localeCatalog->getStr('status_header');
$headers[1]['label'] = $this->localeCatalog->getStr('username_header');
$headers[2]['label'] = $this->localeCatalog->getStr('completename_header');
$headers[3]['label'] = $this->localeCatalog->getStr('email_header');
$headers[4]['label'] = $this->localeCatalog->getStr('userprofilename_header');
$row = 0;
$wuiUsersTable = new WuiTable('userstable', array('headers' => $headers, 'rowsperpage' => '25', 'pagesactionfunction' => 'users_list_action_builder', 'pagenumber' => (is_array($eventData) and isset($eventData['userspage'])) ? $eventData['userspage'] : 1));
while (!$usersQuery->eof) {
$userData = $usersQuery->getFields();
if ($userData['disabled'] == $this->innomaticContainer->getCurrentDomain()->getDataAccess()->fmttrue) {
$enabled = false;
} else {
$enabled = true;
}
$chDataAction[$row] = new WuiEventsCall();
$chDataAction[$row]->addEvent(new WuiEvent('view', 'edituser', array('userid' => $userData['id'])));
if ($enabled) {
$wuiUsersTable->addChild(new WuiImage('status' . $row, array('imageurl' => $this->wuiMainframe->mThemeHandler->mStyle['greenball'])), $row, 0, 'center');
} else {
$wuiUsersTable->addChild(new WuiImage('status' . $row, array('imageurl' => $this->wuiMainframe->mThemeHandler->mStyle['redball'])), $row, 0, 'center');
}
$wuiUsersTable->addChild(new WuiLink('usernamelabel' . $row, array('label' => $userData['username'], 'link' => $chDataAction[$row]->getEventsCallString())), $row, 1);
$wuiUsersTable->addChild(new WuiLabel('completenamelabel' . $row, array('label' => strcmp($userData['username'], $this->innomaticContainer->getCurrentDomain()->getDomainId()) != 0 ? $userData['lname'] . ' ' . $userData['fname'] : $this->localeCatalog->getStr('superuser_label'))), $row, 2);
$wuiUsersTable->addChild(new WuiLabel('emaillabel' . $row, array('label' => $userData['email'])), $row, 3);
$wuiUsersTable->addChild(new WuiLabel('userprofilelabel' . $row, array('label' => ($userData['groupid'] != '0' and strlen($userData['groupid'])) ? $profiles[$userData['groupid']] : $this->localeCatalog->getStr('noprofileid_label'))), $row, 4);
if ($this->innomaticContainer->getCurrentUser()->hasPermission('edit_password_all')) {
$wuiUserToolbar[$row] = new WuiHorizgroup('usertoolbar' . $row);
$chPasswdAction[$row] = new WuiEventsCall();
$chPasswdAction[$row]->addEvent(new WuiEvent('view', 'chpassword', array('userid' => $userData['id'])));
$wuiChPasswdButton[$row] = new WuiButton('chpasswdbutton' . $row, array('label' => $this->localeCatalog->getStr('chpasswd_label'), 'themeimage' => 'documenttext', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $chPasswdAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiChPasswdButton[$row]);
$wuiChDataButton[$row] = new WuiButton('chdatabutton' . $row, array('label' => $this->localeCatalog->getStr('chdata_label'), 'themeimage' => 'documenttext', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $chDataAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiChDataButton[$row]);
if (!\Domain\User\User::isAdminUser($userData['username'], $this->innomaticContainer->getCurrentDomain()->domainid)) {
$removeAction[$row] = new WuiEventsCall();
$removeAction[$row]->addEvent(new WuiEvent('view', 'deleteuser', array('userid' => $userData['id'])));
$enableAction = new WuiEventsCall();
$enableAction->addEvent(new WuiEvent('action', $enabled ? 'disableuser' : 'enableuser', array('userid' => $userData['id'])));
$wuiEnableButton = new WuiButton('enablebutton' . $row, array('label' => $this->localeCatalog->getStr($enabled ? 'disableuser_label' : 'enableuser_label'), 'themeimage' => $enabled ? 'lock' : 'unlock', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $enableAction->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiEnableButton);
$wuiRemoveButton[$row] = new WuiButton('removebutton' . $row, array('label' => $this->localeCatalog->getStr('removeuser_label'), 'themeimage' => 'trash', 'themeimagetype' => 'mini', 'horiz' => 'true', 'action' => $removeAction[$row]->getEventsCallString()));
$wuiUserToolbar[$row]->addChild($wuiRemoveButton[$row]);
}
$wuiUsersTable->addChild($wuiUserToolbar[$row], $row, 5);
}
$usersQuery->moveNext();
$row++;
}
$wuiVGroup->addChild($wuiUsersTable);
}
$this->wuiMainframe->addChild($wuiVGroup);
$this->wuiTitlebar->mArgs['title'] .= ' - ' . $this->localeCatalog->getStr('users_title');
}
/**
* Determine if the user is authorized to make this request.
*
* @return bool
*/
public function authorize()
{
$id = $this->route('user');
return User::where('id', $id)->exists();
}
