public function completeRegistrationAction($token) { $em = $this->app->entityManager; $registrationRepository = $em->getRepository(EntityNames::REGISTRATION); $origRegistration = $registrationRepository->findOneBy(array('token' => $token)); $submittedPass = $this->app->request->post('password'); if (!$origRegistration instanceof Registration) { $this->app->flashNow('registration.error', 'Token not found'); $this->app->render('registration-form.html.twig', array('token' => $token, 'user' => null)); return; } try { PasswordValidator::validatePassword($submittedPass); } catch (PasswordInvalidException $pie) { $this->app->flashNow('registration.error', 'Password must be at least 8 characters long'); $this->app->render('registration-form.html.twig', array('token' => $token, 'user' => $origRegistration->getUser())); return; } $passwordHash = PasswordHandler::hash($submittedPass); $user = $origRegistration->getUser(); $user->setIsLocked(false); $user->setHasEmailValidated(true); $user->setPasswordHash($passwordHash); $em->remove($origRegistration); // force update try { $em->flush(); } catch (DBALException $dbalex) { $now = new DateTime(); $this->app->log->error(sprintf('[%s]: %s', $now->format('d-m-Y H:i:s'), $dbalex->getMessage())); ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::CONFLICT, $dbalex->getMessage()); return; } $this->app->redirect('/login'); }
public function authenticateAction() { /** @var \rmatil\cms\Login\LoginHandler $loginHandler */ $loginHandler = $this->app->loginHandler; if (PHP_SESSION_NONE === session_status()) { session_start(); } else { $loginHandler->logout(); } // requires SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // in htaccess for forwarding Basic-Auth headers $auth = $this->app->request->params('username'); $pw = $this->app->request->params('password'); if (null === $auth || null === $pw) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::BAD_REQUEST, 'Username and password must be specified'); } try { $loginHandler->login($auth, $pw, $this->app->request->getPath()); } catch (UserNotFoundException $unfe) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::NOT_FOUND, $unfe->getMessage()); return; } catch (WrongCredentialsException $wce) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::FORBIDDEN, $wce->getMessage()); return; } catch (UserLockedException $ule) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::FORBIDDEN, $ule->getMessage()); return; } catch (AccessDeniedException $ade) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::FORBIDDEN, $ade->getMessage()); return; } }
public function deleteFileByIdAction($id) { try { $this->app->dataAccessorFactory->getDataAccessor(EntityNames::FILE)->delete($id); } catch (EntityNotDeletedException $ende) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::CONFLICT, $ende->getMessage()); return; } $this->app->response->setStatus(HttpStatusCodes::NO_CONTENT); }
public function deleteArticleCategoryByIdAction($id) { try { $this->app->dataAccessorFactory->getDataAccessor(EntityNames::ARTICLE_CATEGORY)->delete($id); } catch (EntityNotFoundException $enfe) { ResponseFactory::createNotFoundResponse($this->app, 'Could not find article category'); return; } $this->app->response->setStatus(HttpStatusCodes::NO_CONTENT); }
public function deletePageCategoryByIdAction($id) { try { $this->app->dataAccessorFactory->getDataAccessor(EntityNames::PAGE_CATEGORY)->delete($id); } catch (EntityNotFoundException $enfe) { ResponseFactory::createNotFoundResponse($this->app, $enfe->getMessage()); return; } $this->app->response->setStatus(HttpStatusCodes::NO_CONTENT); }
public function deleteLanguageByIdAction($id) { try { $this->app->dataAccessorFactory->getDataAccessor(EntityNames::LANGUAGE)->delete($id); } catch (EntityNotFoundException $enfe) { ResponseFactory::createNotFoundResponse($this->app, 'Could not find language'); return; } $this->app->response->setStatus(HttpStatusCodes::NO_CONTENT); }
/** * Call * * Perform actions specific to this middleware and optionally * call the next downstream middleware. */ public function call() { /** @var \rmatil\cms\Login\LoginHandler $loginHandler */ $loginHandler = $this->app->loginHandler; if (!$loginHandler->isRouteProtected($this->app->request->getPath())) { // if route is not protected, just forward request to next middleware $this->next->call(); return; } // requires SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // in htaccess for forwarding Basic-Auth headers $auth = isset($_SERVER['PHP_AUTH_USER']) ? $_SERVER['PHP_AUTH_USER'] : null; $pw = isset($_SERVER['PHP_AUTH_PW']) ? $_SERVER['PHP_AUTH_PW'] : null; if (null === $auth || null === $pw) { // Send 401 along with authenticate field if header is absent and route is protected // @link http://tools.ietf.org/html/rfc1945#section-11 ResponseFactory::createUnauthorizedResponse($this->app, $this->realm); return; } try { $user = $loginHandler->authenticateUser($auth, $pw); $loginHandler->isGranted($this->app->request->getPath(), $user->getUserGroup()->getRole()); } catch (UserNotFoundException $unfe) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::NOT_FOUND, $unfe->getMessage()); return; } catch (WrongCredentialsException $wce) { // resend basic auth login form, if credentials are wrong ResponseFactory::createUnauthorizedResponse($this->app, $this->realm); return; } catch (UserLockedException $ule) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::FORBIDDEN, $ule->getMessage()); return; } catch (AccessDeniedException $ade) { ResponseFactory::createErrorJsonResponse($this->app, HttpStatusCodes::FORBIDDEN, $ade->getMessage()); return; } $this->next->call(); }
public function getEmptyArticleAction() { $article = new Article(); $article->setAuthor($this->app->entityManager->getRepository(EntityNames::USER)->find($_SESSION['user_id'])); $now = new DateTime('now', new DateTimeZone('UTC')); $article->setCreationDate($now); $article->setLastEditDate($now); ResponseFactory::createJsonResponse($this->app, $article); }
public function getEmptyUserAction() { $userGroup = $this->app->entityManager->getRepository(EntityNames::USER_GROUP)->findOneBy(array('name' => 'ROLE_USER')); $user = new User(); $user->setUserGroup($userGroup); ResponseFactory::createJsonResponse($this->app, $user); }
public function getEmptyPageAction() { $page = new Page(); $userRepository = $this->app->entityManager->getRepository(EntityNames::USER); $origUser = $userRepository->findOneBy(array('id' => $_SESSION['user_id'])); $page->setAuthor($origUser); $now = new DateTime(); $page->setCreationDate($now); $page->setLastEditDate($now); ResponseFactory::createJsonResponse($this->app, $page); }