public function getPermissionsArray(User $user) { $pdo = Database::getConnection('read'); $stmt = $pdo->prepare('SELECT uri, can_access FROM permission WHERE user_id = :userId'); $stmt->bindValue(':userId', $user->getId()); if ($stmt->execute()) { $perms = $stmt->fetchAll(Database::FETCH_ASSOC); $rtn = []; foreach ($perms as $perm) { $rtn[$perm['uri']] = (bool) $perm['can_access']; } return $rtn; } return []; }
public function isHidden() { if (!$this->user->canAccess($this->link)) { return true; } return $this->hidden; }
public function add() { $this->setTitle('Add User'); $this->addBreadcrumb('Add User', '/user/add'); if ($this->request->getMethod() == 'POST') { $form = $this->userForm($this->getParams()); if ($form->validate()) { if ($this->userStore->getByEmail($this->getParam('email'))) { $error = 'This email address already belongs to a registered user.'; $form->getChild('fieldset')->getChild('email')->setError($error); $this->view->form = $form->render(); return; } try { $user = new User(); $params = $this->getParams(); $params['hash'] = password_hash($params['password'], PASSWORD_DEFAULT); $user->setValues($params); $user->setDateAdded(new \DateTime()); $user = $this->userStore->save($user); $data = [$user, $params]; Event::trigger('userSaved', $data); list($user, $params) = $data; $permission = new Permission(); $permission->setUserId($user->getId()); $permission->setCanAccess(true); $permission->setUri('/'); $this->permissionStore->save($permission); $this->successMessage($params['name'] . ' was added successfully.', true); $this->redirect('/user'); } catch (Exception $e) { $this->errorMessage('There was an error adding the user. Please try again.'); } } else { $this->errorMessage('There was an error adding the user. Please try again.'); } $this->view->form = $form->render(); } else { $this->view->form = $this->userForm(array())->render(); } }
public function auth() { $email = $this->getParam('email', ''); $token = $this->getParam('token', ''); $client = new \Google_Client(); $client->setClientId(Setting::get('google-identity', 'client_id')); $client->setClientSecret(Setting::get('google-identity', 'client_secret')); $client->setRedirectUri($this->config->get('site.full_admin_url') . '/google-identity/auth'); $client->setScopes('email'); $data = $client->verifyIdToken($token)->getAttributes(); if (empty($data['payload']['email']) || $data['payload']['email'] != $email) { return $this->redirect('/session/login?logout=1')->error('There was a problem signing you in, please try again.'); } $userStore = Store::get('User'); $user = $userStore->getByEmail($email); if (is_null($user)) { $authDomains = Setting::get('google-identity', 'login_auto_create'); $authDomains = explode(',', $authDomains); $parts = explode('@', $email, 2); if (!in_array($parts[1], $authDomains)) { return $this->redirect('/session/login?logout=1')->error('You do not have permission to sign in.'); } $user = new User(); $user->setActive(1); $user->setIsAdmin(1); $user->setDateAdded(new \DateTime()); $user->setEmail($email); $user->setName($data['payload']['name']); $user = $userStore->save($user); } $_SESSION['user_id'] = $user->getId(); if (isset($_SESSION['previous_url'])) { return $this->redirect($_SESSION['previous_url']); } return $this->redirect('/'); }
/** * Set User - Accepts a User model. * * @param $value \Octo\System\Model\User */ public function setUserObject(\Octo\System\Model\User $value) { return $this->setUserId($value->getId()); }