public function connect(SilexApplication $app) { $app['controller.setup'] = $this; $controllers = $app['controllers_factory']; $controllers->get('/', function (Application $app) { return $app->redirectPath('install_root'); })->bind('setup'); $controllers->get('/installer/', 'controller.setup:rootInstaller')->bind('install_root'); $controllers->get('/upgrade-instructions/', 'controller.setup:displayUpgradeInstructions')->bind('setup_upgrade_instructions'); $controllers->get('/installer/step2/', 'controller.setup:getInstallForm')->bind('install_step2'); $controllers->post('/installer/install/', 'controller.setup:doInstall')->bind('install_do_install'); $controllers->get('/connection_test/mysql/', function (Application $app, Request $request) { $dbHelper = new DatabaseHelper($app, $request); return $app->json($dbHelper->checkConnection()); }); $controllers->get('/test/path/', function (Application $app, Request $request) { $pathHelper = new PathHelper($app, $request); return $app->json($pathHelper->checkPath()); }); $controllers->get('/test/url/', function (Application $app, Request $request) { $pathHelper = new PathHelper($app, $request); return $app->json($pathHelper->checkUrl()); }); return $controllers; }
public function connect(SilexApplication $app) { $app['controller.prod'] = $this; $controllers = $app['controllers_factory']; $controllers->before(function (Request $request) use($app) { if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) { return $app->redirectPath('login_authenticate_as_guest'); } if (null !== ($response = $app['firewall']->requireAuthentication())) { return $response; } }); $controllers->get('/', function (Application $app) { try { \Session_Logger::updateClientInfos($app, 1); } catch (SessionNotFound $e) { return $app->redirectPath('logout'); } $cssPath = $app['root.path'] . '/www/skins/prod/'; $css = []; $cssfile = false; $finder = new Finder(); $iterator = $finder->directories()->depth(0)->filter(function (\SplFileInfo $fileinfo) { return ctype_xdigit($fileinfo->getBasename()); })->in($cssPath); foreach ($iterator as $dir) { $baseName = $dir->getBaseName(); $css[$baseName] = $baseName; } $cssfile = $app['settings']->getUserSetting($app['authentication']->getUser(), 'css'); if (!$cssfile && isset($css['000000'])) { $cssfile = '000000'; } $feeds = $app['repo.feeds']->getAllForUser($app['acl']->get($app['authentication']->getUser())); $aggregate = Aggregate::createFromUser($app, $app['authentication']->getUser()); $thjslist = ""; $queries_topics = ''; if ($app['conf']->get(['registry', 'classic', 'render-topics']) == 'popups') { $queries_topics = \queries::dropdown_topics($app['translator'], $app['locale']); } elseif ($app['conf']->get(['registry', 'classic', 'render-topics']) == 'tree') { $queries_topics = \queries::tree_topics($app['locale']); } $sbas = $bas2sbas = []; foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) { $sbas_id = $databox->get_sbas_id(); $sbas['s' + $sbas_id] = ['sbid' => $sbas_id, 'seeker' => null]; foreach ($databox->get_collections() as $coll) { $bas2sbas['b' . $coll->get_base_id()] = ['sbid' => $sbas_id, 'ckobj' => ['checked' => false], 'waschecked' => false]; } } return $app['twig']->render('prod/index.html.twig', ['module_name' => 'Production', 'WorkZone' => new Helper\WorkZone($app, $app['request']), 'module_prod' => new Helper\Prod($app, $app['request']), 'cssfile' => $cssfile, 'module' => 'prod', 'events' => $app['events-manager'], 'GV_defaultQuery_type' => $app['conf']->get(['registry', 'searchengine', 'default-query-type']), 'GV_multiAndReport' => $app['conf']->get(['registry', 'modules', 'stories']), 'GV_thesaurus' => $app['conf']->get(['registry', 'modules', 'thesaurus']), 'cgus_agreement' => \databox_cgu::askAgreement($app), 'css' => $css, 'feeds' => $feeds, 'aggregate' => $aggregate, 'GV_google_api' => $app['conf']->get(['registry', 'webservices', 'google-charts-enabled']), 'queries_topics' => $queries_topics, 'search_status' => \databox_status::getSearchStatus($app), 'queries_history' => \queries::history($app, $app['authentication']->getUser()->getId()), 'thesau_js_list' => $thjslist, 'thesau_json_sbas' => json_encode($sbas), 'thesau_json_bas2sbas' => json_encode($bas2sbas), 'thesau_languages' => $app['locales.available']]); })->bind('prod'); return $controllers; }
public function connect(SilexApplication $app) { $app['controller.setup'] = $this; $controllers = $app['controllers_factory']; $controllers->get('/', function (Application $app) { return $app->redirectPath('install_root'); })->bind('setup'); $controllers->get('/installer/', 'controller.setup:rootInstaller')->bind('install_root'); $controllers->get('/upgrade-instructions/', 'controller.setup:displayUpgradeInstructions')->bind('setup_upgrade_instructions'); $controllers->get('/installer/step2/', 'controller.setup:getInstallForm')->bind('install_step2'); $controllers->post('/installer/install/', 'controller.setup:doInstall')->bind('install_do_install'); return $controllers; }
/** * Download a set of documents * * @param Application $app * @param Request $request * @return RedirectResponse */ public function checkDownload(Application $app, Request $request) { $lst = $request->request->get('lst'); $ssttid = $request->request->get('ssttid', ''); $subdefs = $request->request->get('obj', []); $download = new \set_export($app, $lst, $ssttid); if (0 === $download->get_total_download()) { $app->abort(403); } $list = $download->prepare_export($app['authentication']->getUser(), $app['filesystem'], $subdefs, $request->request->get('type') === 'title' ? true : false, $request->request->get('businessfields')); $list['export_name'] = sprintf('%s.zip', $download->getExportName()); $token = $app['manipulator.token']->createDownloadToken($app['authentication']->getUser(), serialize($list)); $app['dispatcher']->dispatch(PhraseaEvents::EXPORT_CREATE, new ExportEvent($app['authentication']->getUser(), $ssttid, $lst, $subdefs, $download->getExportName())); return $app->redirectPath('prepare_download', ['token' => $token->getValue()]); }
/** * Download a set of documents * * @param Application $app * @param Request $request * @return RedirectResponse */ public function checkDownload(Application $app, Request $request) { $lst = $request->request->get('lst'); $ssttid = $request->request->get('ssttid', ''); $subdefs = $request->request->get('obj', []); $download = new \set_export($app, $lst, $ssttid); if (0 === $download->get_total_download()) { $app->abort(403); } $list = $download->prepare_export($app['authentication']->getUser(), $app['filesystem'], $subdefs, $request->request->get('type') === 'title' ? true : false, $request->request->get('businessfields')); $list['export_name'] = sprintf('%s.zip', $download->getExportName()); $token = $app['tokens']->getUrlToken(\random::TYPE_DOWNLOAD, $app['authentication']->getUser()->getId(), new \DateTime('+3 hours'), serialize($list)); if (!$token) { throw new \RuntimeException('Download token could not be generated'); } $app['events-manager']->trigger('__DOWNLOAD__', ['lst' => $lst, 'downloader' => $app['authentication']->getUser()->getId(), 'subdefs' => $subdefs, 'from_basket' => $ssttid, 'export_file' => $download->getExportName()]); return $app->redirectPath('prepare_download', ['token' => $token]); }
public function connect(Application $app) { $app['controller.client'] = $this; $controllers = $app['controllers_factory']; $controllers->before(function (Request $request) use($app) { if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) { return $app->redirectPath('login_authenticate_as_guest', ['redirect' => 'client']); } if (null !== ($response = $app['firewall']->requireAuthentication())) { return $response; } }); $controllers->get('/', 'controller.client:getClient')->bind('get_client'); $controllers->get('/language/', 'controller.client:getClientLanguage')->bind('get_client_language'); $controllers->get('/publications/', 'controller.client:getClientPublications')->bind('client_publications_start_page'); $controllers->get('/help/', 'controller.client:getClientHelp')->bind('client_help_start_page'); $controllers->post('/query/', 'controller.client:query')->bind('client_query'); return $controllers; }
public function connect(Application $app) { $app['controller.report'] = $this; $controllers = $app['controllers_factory']; $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before(function () use($app) { $app['firewall']->requireAccessToModule('report'); }); $controllers->get('/', function (Application $app) { return $app->redirectPath('report_dashboard'); })->bind('report'); $controllers->get('/dashboard', 'controller.report:getDashboard')->bind('report_dashboard'); $controllers->post('/init', 'controller.report:initReport')->bind('report_init'); $controllers->post('/connexions', 'controller.report:doReportConnexions')->bind('report_connexions'); $controllers->post('/questions', 'controller.report:doReportQuestions')->bind('report_questions'); $controllers->post('/downloads', 'controller.report:doReportDownloads')->bind('report_downloads'); $controllers->post('/documents', 'controller.report:doReportDocuments')->bind('report_documents'); $controllers->post('/clients', 'controller.report:doReportClients')->bind('report_clients'); return $controllers; }
/** * Display reset email form * * @param Application $app * @param Request $request * @return Response */ public function displayResetEmailForm(Application $app, Request $request) { if (null !== ($tokenValue = $request->query->get('token'))) { if (null === ($token = $app['repo.tokens']->findValidToken($tokenValue))) { $app->addFlash('error', $app->trans('admin::compte-utilisateur: erreur lors de la mise a jour')); return $app->redirectPath('account'); } $user = $token->getUser(); $user->setEmail($token->getData()); $app['manipulator.token']->delete($token); $app->addFlash('success', $app->trans('admin::compte-utilisateur: L\'email a correctement ete mis a jour')); return $app->redirectPath('account'); } return $app['twig']->render('account/reset-email.html.twig', Login::getDefaultTemplateVariables($app)); }
/** * Mount a databox * * @param Application $app The silex application * @param Request $request The current HTTP request * @return RedirectResponse */ public function databaseMount(Application $app, Request $request) { if ('' === ($dbName = trim($request->request->get('new_dbname', '')))) { return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'no-empty']); } if (\p4string::hasAccent($dbName)) { return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'special-chars']); } if (null === $request->request->get('new_settings')) { try { $connexion = $app['conf']->get(['main', 'database']); $hostname = $connexion['host']; $port = $connexion['port']; $user = $connexion['user']; $password = $connexion['password']; $app['phraseanet.appbox']->get_connection()->beginTransaction(); $base = \databox::mount($app, $hostname, $port, $user, $password, $dbName); $base->registerAdmin($app['authentication']->getUser()); $app['phraseanet.appbox']->get_connection()->commit(); return $app->redirectPath('admin_database', ['databox_id' => $base->get_sbas_id(), 'success' => 1, 'reload-tree' => 1]); } catch (\Exception $e) { $app['phraseanet.appbox']->get_connection()->rollBack(); return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'mount-failed']); } } if (null !== $request->request->get('new_settings') && null !== ($hostname = $request->request->get('new_hostname')) && null !== ($port = $request->request->get('new_port')) && null !== ($userDb = $request->request->get('new_user')) && null !== ($passwordDb = $request->request->get('new_password'))) { try { $app['phraseanet.appbox']->get_connection()->beginTransaction(); $base = \databox::mount($app, $hostname, $port, $userDb, $passwordDb, $dbName); $base->registerAdmin($app['authentication']->getUser()); $app['phraseanet.appbox']->get_connection()->commit(); return $app->redirectPath('admin_database', ['databox_id' => $base->get_sbas_id(), 'success' => 1, 'reload-tree' => 1]); } catch (\Exception $e) { $app['phraseanet.appbox']->get_connection()->rollBack(); return $app->redirectPath('admin_databases', ['success' => 0, 'error' => 'mount-failed']); } } }
public function connect(Application $app) { $app['controller.admin.subdefs'] = $this; $controllers = $app['controllers_factory']; $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before(function (Request $request) use($app) { $app['firewall']->requireAccessToModule('admin')->requireRightOnSbas($request->attributes->get('sbas_id'), 'bas_modify_struct'); }); $controllers->get('/{sbas_id}/', function (Application $app, $sbas_id) { $databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id); return $app['twig']->render('admin/subdefs.html.twig', ['databox' => $databox, 'subdefs' => $databox->get_subdef_structure()]); })->bind('admin_subdefs_subdef')->assert('sbas_id', '\\d+'); $controllers->post('/{sbas_id}/', function (Application $app, Request $request, $sbas_id) { $delete_subdef = $request->request->get('delete_subdef'); $toadd_subdef = $request->request->get('add_subdef'); $Parmsubdefs = $request->request->get('subdefs', []); $databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id); $add_subdef = ['class' => null, 'name' => null, 'group' => null]; foreach ($add_subdef as $k => $v) { if (!isset($toadd_subdef[$k]) || trim($toadd_subdef[$k]) === '') { unset($add_subdef[$k]); } else { $add_subdef[$k] = $toadd_subdef[$k]; } } if ($delete_subdef) { $delete_subef = explode('_', $delete_subdef, 2); $group = $delete_subef[0]; $name = $delete_subef[1]; $subdefs = $databox->get_subdef_structure(); $subdefs->delete_subdef($group, $name); } elseif (count($add_subdef) === 3) { $subdefs = $databox->get_subdef_structure(); $group = $add_subdef['group']; $name = $app['unicode']->remove_nonazAZ09($add_subdef['name'], false); $class = $add_subdef['class']; $subdefs->add_subdef($group, $name, $class); } else { $subdefs = $databox->get_subdef_structure(); foreach ($Parmsubdefs as $post_sub) { $options = []; $post_sub_ex = explode('_', $post_sub, 2); $group = $post_sub_ex[0]; $name = $post_sub_ex[1]; $class = $request->request->get($post_sub . '_class'); $downloadable = $request->request->get($post_sub . '_downloadable'); $defaults = ['path', 'meta', 'mediatype']; foreach ($defaults as $def) { $parm_loc = $request->request->get($post_sub . '_' . $def); if ($def == 'meta' && !$parm_loc) { $parm_loc = "no"; } $options[$def] = $parm_loc; } $mediatype = $request->request->get($post_sub . '_mediatype'); $media = $request->request->get($post_sub . '_' . $mediatype, []); foreach ($media as $option => $value) { if ($option == 'resolution' && $mediatype == 'image') { $option = 'dpi'; } $options[$option] = $value; } $labels = $request->request->get($post_sub . '_label', []); $subdefs->set_subdef($group, $name, $class, $downloadable, $options, $labels); } } return $app->redirectPath('admin_subdefs_subdef', ['sbas_id' => $databox->get_sbas_id()]); })->bind('admin_subdefs_subdef_update')->assert('sbas_id', '\\d+'); return $controllers; }
/** * Create a new collection * * @param Application $app The silex application * @param Request $request The current HTTP request * @param integer $databox_id The requested databox * @return Response */ public function createCollection(Application $app, Request $request, $databox_id) { if (($name = trim($request->request->get('name', ''))) === '') { return $app->redirectPath('admin_database_display_new_collection_form', ['databox_id' => $databox_id, 'error' => 'name']); } try { $databox = $app['phraseanet.appbox']->get_databox($databox_id); $collection = \collection::create($app, $databox, $app['phraseanet.appbox'], $name, $app['authentication']->getUser()); if ($request->request->get('ccusrothercoll') === "on" && null !== ($othcollsel = $request->request->get('othcollsel'))) { $query = $app['phraseanet.user-query']; $total = $query->on_base_ids([$othcollsel])->get_total(); $n = 0; while ($n < $total) { $results = $query->limit($n, 20)->execute()->get_results(); foreach ($results as $user) { $app['acl']->get($user)->duplicate_right_from_bas($othcollsel, $collection->get_base_id()); } $n += 20; } } $app['dispatcher']->dispatch(PhraseaEvents::COLLECTION_CREATE, new CollectionCreateEvent($collection)); return $app->redirectPath('admin_display_collection', ['bas_id' => $collection->get_base_id(), 'success' => 1, 'reload-tree' => 1]); } catch (\Exception $e) { return $app->redirectPath('admin_database_submit_collection', ['databox_id' => $databox_id, 'error' => 'error']); } }
/** * Display reset email form * * @param Application $app * @param Request $request * @return Response */ public function displayResetEmailForm(Application $app, Request $request) { if (null !== ($token = $request->query->get('token'))) { try { $datas = $app['tokens']->helloToken($token); $user = $app['manipulator.user']->getRepository()->find((int) $datas['usr_id']); $user->setEmail($datas['datas']); $app['tokens']->removeToken($token); $app->addFlash('success', $app->trans('admin::compte-utilisateur: L\'email a correctement ete mis a jour')); return $app->redirectPath('account'); } catch (\Exception $e) { $app->addFlash('error', $app->trans('admin::compte-utilisateur: erreur lors de la mise a jour')); return $app->redirectPath('account'); } } return $app['twig']->render('account/reset-email.html.twig', Login::getDefaultTemplateVariables($app)); }
public function stealElements(Application $app, Request $request, BasketEntity $basket) { $n = 0; foreach ($request->request->get('elements') as $bask_element_id) { try { $basket_element = $app['repo.basket-elements']->findUserElement($bask_element_id, $app['authentication']->getUser()); } catch (\Exception $e) { continue; } $basket_element->getBasket()->removeElement($basket_element); $basket_element->setBasket($basket); $basket->addElement($basket_element); $n++; } $app['EM']->flush(); $data = ['success' => true, 'message' => $app->trans('%quantity% records moved', ['%quantity%' => $n])]; if ($request->getRequestFormat() === 'json') { return $app->json($data); } else { return $app->redirectPath('prod_workzone_show'); } }
/** * Set collection minilogo * * @param Application $app The silex application * @param Request $request The current request * @param integer $bas_id The collection base_id * @return RedirectResponse */ public function setMiniLogo(Application $app, Request $request, $bas_id) { if (null === ($file = $request->files->get('newLogo'))) { $app->abort(400); } if ($file->getClientSize() > 65535) { return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-too-big']); } if (!$file->isValid()) { return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-invalid']); } $collection = \collection::get_from_base_id($app, $bas_id); try { $app['phraseanet.appbox']->write_collection_pic($app['media-alchemyst'], $app['filesystem'], $collection, $file, \collection::PIC_LOGO); $app['filesystem']->remove($file->getPathname()); } catch (\Exception $e) { return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 0, 'error' => 'file-error']); } return $app->redirectPath('admin_display_collection', ['bas_id' => $bas_id, 'success' => 1]); }
public function connect(Application $app) { $app['controller.oauth2'] = $this; $controllers = $app['controllers_factory']; /** * AUTHORIZE ENDPOINT * * Authorization endpoint - used to obtain authorization from the * resource owner via user-agent redirection. */ $authorize_func = function () use($app) { $request = $app['request']; $oauth2Adapter = $app['oauth2-server']; $context = new Context(Context::CONTEXT_OAUTH2_NATIVE); $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context)); //Check for auth params, send error or redirect if not valid $params = $oauth2Adapter->getAuthorizationRequestParameters($request); $appAuthorized = false; $error = $request->get('error', ''); if (null === ($client = $app['repo.api-applications']->findByClientId($params['client_id']))) { throw new NotFoundHttpException(sprintf('Application with client id %s could not be found', $params['client_id'])); } $oauth2Adapter->setClient($client); $actionAccept = $request->get("action_accept"); $actionLogin = $request->get("action_login"); $template = "api/auth/end_user_authorization.html.twig"; $custom_template = sprintf("%s/config/templates/web/api/auth/end_user_authorization/%s.html.twig", $app['root.path'], $client->getId()); if (file_exists($custom_template)) { $template = sprintf('api/auth/end_user_authorization/%s.html.twig', $client->getId()); } if (!$app['authentication']->isAuthenticated()) { if ($actionLogin !== null) { try { if (null === ($usrId = $app['auth.native']->getUsrId($request->get("login"), $request->get("password"), $request))) { $app['session']->getFlashBag()->set('error', $app->trans('login::erreur: Erreur d\'authentification')); return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'login'), $params)); } } catch (RequireCaptchaException $e) { return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'captcha'), $params)); } catch (AccountLockedException $e) { return $app->redirectPath('oauth2_authorize', array_merge(array('error' => 'account-locked'), $params)); } $user = $app['repo.users']->find($usrId); $app['authentication']->openAccount($user); $event = new PostAuthenticate($request, new Response(), $user, $context); $app['dispatcher']->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event); } else { $r = new Response($app['twig']->render($template, array('error' => $error, "auth" => $oauth2Adapter))); $r->headers->set('Content-Type', 'text/html'); return $r; } } //check if current client is already authorized by current user $clients = $app['repo.api-applications']->findAuthorizedAppsByUser($app['authentication']->getUser()); foreach ($clients as $authClient) { if ($client->getClientId() == $authClient->getClientId()) { $appAuthorized = true; break; } } $account = $oauth2Adapter->updateAccount($app['authentication']->getUser()); $params['account_id'] = $account->getId(); if (!$appAuthorized && $actionAccept === null) { $params = ["auth" => $oauth2Adapter, "error" => $error]; $r = new Response($app['twig']->render($template, $params)); $r->headers->set('Content-Type', 'text/html'); return $r; } elseif (!$appAuthorized && $actionAccept !== null) { $appAuthorized = (bool) $actionAccept; if ($appAuthorized) { $app['manipulator.api-account']->authorizeAccess($account); } else { $app['manipulator.api-account']->revokeAccess($account); } } //if native app show template if ($oauth2Adapter->isNativeApp($params['redirect_uri'])) { $params = $oauth2Adapter->finishNativeClientAuthorization($appAuthorized, $params); $r = new Response($app['twig']->render("api/auth/native_app_access_token.html.twig", $params)); $r->headers->set('Content-Type', 'text/html'); return $r; } $oauth2Adapter->finishClientAuthorization($appAuthorized, $params); // As OAuth2 library already outputs response content, we need to send an empty // response to avoid breaking silex controller return ''; }; $controllers->match('/authorize', $authorize_func)->method('GET|POST')->bind('oauth2_authorize'); /** * TOKEN ENDPOINT * Token endpoint - used to exchange an authorization grant for an access token. */ $controllers->post('/token', function (\Silex\Application $app, Request $request) { if (!$request->isSecure()) { throw new HttpException(400, 'This route requires the use of the https scheme', null, ['content-type' => 'application/json']); } $app['oauth2-server']->grantAccessToken($request); ob_flush(); flush(); // As OAuth2 library already outputs response content, we need to send an empty // response to avoid breaking silex controller return ''; }); return $controllers; }
public function connect(Application $app) { $app['controller.admin.users'] = $this; $controllers = $app['controllers_factory']; $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before(function (Request $request) use($app) { $app['firewall']->requireAccessToModule('admin')->requireRight('manageusers'); }); $controllers->post('/rights/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights()); }); $controllers->get('/rights/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers.html.twig', $rights->get_users_rights()); }); $controllers->post('/rights/reset/', function (Application $app, Request $request) { try { $datas = ['error' => false]; $helper = new UserHelper\Edit($app, $request); $helper->resetRights(); } catch (\Exception $e) { $datas['error'] = true; $datas['message'] = $e->getMessage(); } return $app->json($datas); })->bind('admin_users_rights_reset'); $controllers->post('/delete/', function (Application $app) { $module = new UserHelper\Edit($app, $app['request']); $module->delete_users(); return $app->redirectPath('admin_users_search'); }); $controllers->post('/rights/apply/', function (Application $app) { $datas = ['error' => true]; try { $rights = new UserHelper\Edit($app, $app['request']); if (!$app['request']->request->get('reset_before_apply')) { $rights->apply_rights(); } if ($app['request']->request->get('template')) { if ($app['request']->request->get('reset_before_apply')) { $rights->resetRights(); } $rights->apply_template(); } $rights->apply_infos(); $datas = ['error' => false]; } catch (\Exception $e) { $datas['message'] = $e->getMessage(); } return $app->json($datas); })->bind('admin_users_rights_apply'); $controllers->post('/rights/quotas/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_quotas.html.twig', $rights->get_quotas()); }); $controllers->post('/rights/quotas/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_quotas(); return $app->json(['message' => '', 'error' => false]); }); $controllers->post('/rights/time/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_timelimit.html.twig', $rights->get_time()); }); $controllers->post('/rights/time/sbas/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_timelimit_sbas.html.twig', $rights->get_time_sbas()); }); $controllers->post('/rights/time/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_time(); return $app->json(['message' => '', 'error' => false]); }); $controllers->post('/rights/masks/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); return $app['twig']->render('admin/editusers_masks.html.twig', $rights->get_masks()); }); $controllers->post('/rights/masks/apply/', function (Application $app) { $rights = new UserHelper\Edit($app, $app['request']); $rights->apply_masks(); return $app->json(['message' => '', 'error' => false]); }); $controllers->match('/search/', function (Application $app) { $users = new UserHelper\Manage($app, $app['request']); return $app['twig']->render('admin/users.html.twig', $users->search()); })->bind('admin_users_search'); $controllers->post('/search/export/', function () use($app) { $request = $app['request']; $users = new UserHelper\Manage($app, $app['request']); $userTable = [['ID', 'Login', 'Last Name', 'First Name', 'E-Mail', 'Created', 'Updated', 'Address', 'City', 'Zip', 'Country', 'Phone', 'Fax', 'Job', 'Company', 'Position']]; foreach ($users->export() as $user) { $userTable[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $user->getCreated()->format(DATE_ATOM), $user->getUpdated()->format(DATE_ATOM), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()]; } $CSVDatas = \format::arr_to_csv($userTable); $response = new Response($CSVDatas, 200, ['Content-Type' => 'text/csv']); $response->headers->set('Content-Disposition', 'attachment; filename=export.csv'); return $response; })->bind('admin_users_search_export'); $controllers->post('/apply_template/', function () use($app) { $users = new UserHelper\Edit($app, $app['request']); if ($app['request']->request->get('reset_before_apply')) { $users->resetRights(); } $users->apply_template(); return $app->redirectPath('admin_users_search'); })->bind('admin_users_apply_template'); $controllers->get('/typeahead/search/', function (Application $app) { $request = $app['request']; $user_query = new \User_Query($app); $like_value = $request->query->get('term'); $rights = $request->query->get('filter_rights') ?: []; $have_right = $request->query->get('have_right') ?: []; $have_not_right = $request->query->get('have_not_right') ?: []; $on_base = $request->query->get('on_base') ?: []; $elligible_users = $user_query->on_sbas_where_i_am($app['acl']->get($app['authentication']->getUser()), $rights)->like(\User_Query::LIKE_EMAIL, $like_value)->like(\User_Query::LIKE_FIRSTNAME, $like_value)->like(\User_Query::LIKE_LASTNAME, $like_value)->like(\User_Query::LIKE_LOGIN, $like_value)->like_match(\User_Query::LIKE_MATCH_OR)->who_have_right($have_right)->who_have_not_right($have_not_right)->on_base_ids($on_base)->execute()->get_results(); $datas = []; foreach ($elligible_users as $user) { $datas[] = ['email' => $user->getEmail() ?: '', 'login' => $user->getLogin() ?: '', 'name' => $user->getDisplayName(), 'id' => $user->getId()]; } return $app->json($datas); }); $controllers->post('/create/', function (Application $app) { $datas = ['error' => false, 'message' => '', 'data' => null]; try { $request = $app['request']; $module = new UserHelper\Manage($app, $app['request']); if ($request->request->get('template') == '1') { $user = $module->create_template(); } else { $user = $module->create_newuser(); } if (!$user instanceof User) { throw new \Exception('Unknown error'); } $datas['data'] = $user->getId(); } catch (\Exception $e) { $datas['error'] = true; if ($request->request->get('template') == '1') { $datas['message'] = $app->trans('Unable to create template, the name is already used.'); } else { $datas['message'] = $app->trans('Unable to create the user.'); } } return $app->json($datas); }); $controllers->post('/export/csv/', function (Application $app) { $request = $app['request']; $user_query = new \User_Query($app); $like_value = $request->request->get('like_value'); $like_field = $request->request->get('like_field'); $on_base = $request->request->get('base_id') ?: null; $on_sbas = $request->request->get('sbas_id') ?: null; $elligible_users = $user_query->on_bases_where_i_am($app['acl']->get($app['authentication']->getUser()), ['canadmin'])->like($like_field, $like_value)->on_base_ids($on_base)->on_sbas_ids($on_sbas); $offset = 0; $buffer = []; $buffer[] = ['ID', 'Login', $app->trans('admin::compte-utilisateur nom'), $app->trans('admin::compte-utilisateur prenom'), $app->trans('admin::compte-utilisateur email'), 'CreationDate', 'ModificationDate', $app->trans('admin::compte-utilisateur adresse'), $app->trans('admin::compte-utilisateur ville'), $app->trans('admin::compte-utilisateur code postal'), $app->trans('admin::compte-utilisateur pays'), $app->trans('admin::compte-utilisateur telephone'), $app->trans('admin::compte-utilisateur fax'), $app->trans('admin::compte-utilisateur poste'), $app->trans('admin::compte-utilisateur societe'), $app->trans('admin::compte-utilisateur activite')]; do { $elligible_users->limit($offset, 20); $offset += 20; $results = $elligible_users->execute()->get_results(); foreach ($results as $user) { $buffer[] = [$user->getId(), $user->getLogin(), $user->getLastName(), $user->getFirstName(), $user->getEmail(), $app['date-formatter']->format_mysql($user->getCreated()), $app['date-formatter']->format_mysql($user->getUpdated()), $user->getAddress(), $user->getCity(), $user->getZipCode(), $user->getCountry(), $user->getPhone(), $user->getFax(), $user->getJob(), $user->getCompany(), $user->getActivity()]; } } while (count($results) > 0); $out = \format::arr_to_csv($buffer); $response = new Response($out, 200, ['Content-type' => 'text/csv', 'Content-Disposition' => 'attachment; filename=export.csv']); $response->setCharset('UTF-8'); return $response; })->bind('admin_users_export_csv'); $controllers->get('/registrations/', function (Application $app) { $app['manipulator.registration']->deleteOldRegistrations(); $models = $app['manipulator.user']->getRepository()->findModelOf($app['authentication']->getUser()); $userRegistrations = []; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($app['authentication']->getUser(), $app['acl']->get($app['authentication']->getUser())->get_granted_base(['canadmin'])) as $registration) { $user = $registration->getUser(); $userRegistrations[$user->getId()]['user'] = $user; $userRegistrations[$user->getId()]['registrations'][$registration->getBaseid()] = $registration; } return $app['twig']->render('admin/user/registrations.html.twig', ['user_registrations' => $userRegistrations, 'models' => $models]); })->bind('users_display_registrations'); $controllers->post('/registrations/', function (Application $app, Request $request) { $templates = $deny = $accept = $options = []; foreach ($request->request->get('template', []) as $tmp) { if ('' === trim($tmp)) { continue; } $tmp = explode('_', $tmp); if (count($tmp) == 2) { $templates[$tmp[0]] = $tmp[1]; } } foreach ($request->request->get('deny', []) as $den) { $den = explode('_', $den); if (count($den) == 2 && !isset($templates[$den[0]])) { $deny[$den[0]][$den[1]] = $den[1]; } } foreach ($request->request->get('accept', []) as $acc) { $acc = explode('_', $acc); if (count($acc) == 2 && !isset($templates[$acc[0]])) { $accept[$acc[0]][$acc[1]] = $acc[1]; $options[$acc[0]][$acc[1]] = ['HD' => false, 'WM' => false]; } } foreach ($request->request->get('accept_hd', []) as $accHD) { $accHD = explode('_', $accHD); if (count($accHD) == 2 && isset($accept[$accHD[0]]) && isset($options[$accHD[0]][$accHD[1]])) { $options[$accHD[0]][$accHD[1]]['HD'] = true; } } foreach ($request->request->get('watermark', []) as $wm) { $wm = explode('_', $wm); if (count($wm) == 2 && isset($accept[$wm[0]]) && isset($options[$wm[0]][$wm[1]])) { $options[$wm[0]][$wm[1]]['WM'] = true; } } if (count($templates) > 0 || count($deny) > 0 || count($accept) > 0) { $cacheToUpdate = $done = []; foreach ($templates as $usr => $template_id) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'template' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; $user_template = $app['manipulator.user']->getRepository()->find($template_id); $collections = $app['acl']->get($user_template)->get_granted_base(); $baseIds = array_keys($collections); $app['acl']->get($user)->apply_model($user_template, $baseIds); foreach ($collections as $collection) { $done[$usr][$collection->get_base_id()] = true; } $app['manipulator.registration']->deleteUserRegistrations($user, $collections); } foreach ($deny as $usr => $bases) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'deny' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) { return \collection::get_from_base_id($app, $baseId); }, $bases)) as $registration) { $app['manipulator.registration']->rejectRegistration($registration); $done[$usr][$registration->getBaseId()] = false; } } foreach ($accept as $usr => $bases) { if (null === ($user = $app['manipulator.user']->getRepository()->find($usr))) { $app->abort(400, srpintf("User with id % in provided in 'accept' request variable could not be found", $usr)); } $cacheToUpdate[$usr] = $user; foreach ($app['manipulator.registration']->getRepository()->getUserRegistrations($user, array_map(function ($baseId) use($app) { return \collection::get_from_base_id($app, $baseId); }, $bases)) as $registration) { $done[$usr][$registration->getBaseId()] = true; $app['manipulator.registration']->acceptRegistration($registration, $options[$usr][$registration->getBaseId()]['HD'], $options[$usr][$registration->getBaseId()]['WM']); } } array_walk($cacheToUpdate, function (User $user) use($app) { $app['acl']->get($user)->delete_data_from_cache(); }); unset($cacheToUpdate); foreach ($done as $usr => $bases) { $user = $app['manipulator.user']->getRepository()->find($usr); $acceptColl = $denyColl = []; foreach ($bases as $bas => $isok) { $collection = \collection::get_from_base_id($app, $bas); if ($isok) { $acceptColl[] = $collection->get_label($app['locale']); continue; } $denyColl[] = $collection->get_label($app['locale']); } if (0 !== count($acceptColl) || 0 !== count($denyColl)) { $message = ''; if (0 !== count($acceptColl)) { $message .= "\n" . $app->trans('login::register:email: Vous avez ete accepte sur les collections suivantes : ') . implode(', ', $acceptColl) . "\n"; } if (0 !== count($denyColl)) { $message .= "\n" . $app->trans('login::register:email: Vous avez ete refuse sur les collections suivantes : ') . implode(', ', $denyColl) . "\n"; } $receiver = new Receiver(null, $user->getEmail()); $mail = MailSuccessEmailUpdate::create($app, $receiver, null, $message); $app['notification.deliverer']->deliver($mail); } } } return $app->redirectPath('users_display_registrations', ['success' => 1]); })->bind('users_submit_registrations'); $controllers->get('/import/file/', function (Application $app, Request $request) { return $app['twig']->render('admin/user/import/file.html.twig'); })->bind('users_display_import_file'); $controllers->post('/import/file/', function (Application $app, Request $request) { if (null === ($file = $request->files->get('files')) || !$file->isValid()) { return $app->redirectPath('users_display_import_file', ['error' => 'file-invalid']); } $equivalenceToMysqlField = self::getEquivalenceToMysqlField(); $loginDefined = $pwdDefined = $mailDefined = false; $loginNew = []; $out = ['ignored_row' => [], 'errors' => []]; $nbUsrToAdd = 0; $lines = \format::csv_to_arr($file->getPathname()); $roughColumns = array_shift($lines); $columnsSanitized = array_map(function ($columnName) { return trim(mb_strtolower($columnName)); }, $roughColumns); $columns = array_filter($columnsSanitized, function ($columnName) use(&$out, $equivalenceToMysqlField) { if (!isset($equivalenceToMysqlField[$columnName])) { $out['ignored_row'][] = $columnName; return false; } return true; }); foreach ($columns as $columnName) { if ($equivalenceToMysqlField[$columnName] === 'usr_login') { $loginDefined = true; } if ($equivalenceToMysqlField[$columnName] === 'usr_password') { $pwdDefined = true; } if ($equivalenceToMysqlField[$columnName] === 'usr_mail') { $mailDefined = true; } } if (!$loginDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-login']); } if (!$pwdDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-pwd']); } if (!$mailDefined) { return $app->redirectPath('users_display_import_file', ['error' => 'row-mail']); } foreach ($lines as $nbLine => $line) { $loginValid = false; $pwdValid = false; $mailValid = false; foreach ($columns as $nbCol => $colName) { if (!isset($equivalenceToMysqlField[$colName])) { unset($lines[$nbCol]); continue; } $sqlField = $equivalenceToMysqlField[$colName]; $value = $line[$nbCol]; if ($sqlField === 'usr_login') { $loginToAdd = $value; if ($loginToAdd === "") { $out['errors'][] = $app->trans("Login line %line% is empty", ['%line%' => $nbLine + 1]); } elseif (in_array($loginToAdd, $loginNew)) { $out['errors'][] = $app->trans("Login %login% is already defined in the file at line %line%", ['%login%' => $loginToAdd, '%line%' => $nbLine]); } else { if (null !== $app['manipulator.user']->getRepository()->findByLogin($loginToAdd)) { $out['errors'][] = $app->trans("Login %login% already exists in database", ['%login%' => $loginToAdd]); } else { $loginValid = true; } } } if ($loginValid && $sqlField === 'usr_mail') { $mailToAdd = $value; if ($mailToAdd === "") { $out['errors'][] = $app->trans("Mail line %line% is empty", ['%line%' => $nbLine + 1]); } elseif (null !== $app['manipulator.user']->getRepository()->findByEmail($mailToAdd)) { $out['errors'][] = $app->trans("Email '%email%' for login '%login%' already exists in database", ['%email%' => $mailToAdd, '%login%' => $loginToAdd]); } else { $mailValid = true; } } if ($sqlField === 'usr_password') { $passwordToVerif = $value; if ($passwordToVerif === "") { $out['errors'][] = $app->trans("Password is empty at line %line%", ['%line%' => $nbLine]); } else { $pwdValid = true; } } } if ($loginValid && $pwdValid && $mailValid) { $loginNew[] = $loginToAdd; $nbUsrToAdd++; } } if (count($out['errors']) > 0 && $nbUsrToAdd === 0) { return $app['twig']->render('admin/user/import/file.html.twig', ['errors' => $out['errors']]); } if ($nbUsrToAdd === 0) { return $app->redirectPath('users_display_import_file', ['error' => 'no-user']); } $basList = array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage'])); $models = $app['EM.native-query']->getModelForUser($app['authentication']->getUser(), $basList); return $app['twig']->render('/admin/user/import/view.html.twig', ['nb_user_to_add' => $nbUsrToAdd, 'models' => $models, 'lines_serialized' => serialize($lines), 'columns_serialized' => serialize($columns), 'errors' => $out['errors']]); })->bind('users_submit_import_file'); $controllers->post('/import/', function (Application $app, Request $request) { $nbCreation = 0; if (null === ($serializedColumns = $request->request->get('sr_columns')) || '' === $serializedColumns) { $app->abort(400); } if (null === ($serializedLines = $request->request->get('sr_lines')) || '' === $serializedLines) { $app->abort(400); } if (null === ($model = $request->request->get("modelToApply"))) { $app->abort(400); } $lines = unserialize($serializedLines); $columns = unserialize($serializedColumns); $equivalenceToMysqlField = Users::getEquivalenceToMysqlField(); foreach ($lines as $nbLine => $line) { $curUser = []; foreach ($columns as $nbCol => $colName) { if (!isset($equivalenceToMysqlField[$colName]) || !isset($line[$nbCol])) { continue; } $sqlField = $equivalenceToMysqlField[$colName]; $value = trim($line[$nbCol]); if ($sqlField === "usr_sexe") { switch ($value) { case "Mlle": case "Mlle.": case "mlle": case "Miss": case "miss": case "0": $curUser[$sqlField] = 0; break; case "Mme": case "Madame": case "Ms": case "Ms.": case "1": $curUser[$sqlField] = 1; break; case "M": case "M.": case "Mr": case "Mr.": case "Monsieur": case "Mister": case "2": $curUser[$sqlField] = 2; break; } } else { $curUser[$sqlField] = $value; } } if (isset($curUser['usr_login']) && trim($curUser['usr_login']) !== '' && isset($curUser['usr_password']) && trim($curUser['usr_password']) !== '' && isset($curUser['usr_mail']) && trim($curUser['usr_mail']) !== '') { if (null === $app['manipulator.user']->getRepository()->findByLogin($curUser['usr_login']) && false === $app['manipulator.user']->getRepository()->findByEmail($curUser['usr_mail'])) { $newUser = $app['manipulator.user']->createUser($curUser['usr_login'], $curUser['usr_password'], $curUser['usr_mail']); $ftpCredential = new FtpCredential(); $ftpCredential->setUser($newUser); if (isset($curUser['activeFTP'])) { $ftpCredential->setActive((int) $curUser['activeFTP']); } if (isset($curUser['addrFTP'])) { $ftpCredential->setAddress((string) $curUser['addrFTP']); } if (isset($curUser['passifFTP'])) { $ftpCredential->setPassive((int) $curUser['passifFTP']); } if (isset($curUser['destFTP'])) { $ftpCredential->setReceptionFolder($curUser['destFTP']); } if (isset($curUser['prefixFTPfolder'])) { $ftpCredential->setRepositoryPrefixName($curUser['prefixFTPfolder']); } if (isset($curUser['usr_prenom'])) { $newUser->setFirstName($curUser['usr_prenom']); } if (isset($curUser['usr_nom'])) { $newUser->setLastName($curUser['usr_nom']); } if (isset($curUser['adresse'])) { $newUser->setAdress($curUser['adresse']); } if (isset($curUser['cpostal'])) { $newUser->setZipCode($curUser['cpostal']); } if (isset($curUser['usr_sexe'])) { $newUser->setGender((int) $curUser['usr_sexe']); } if (isset($curUser['tel'])) { $newUser->setPhone($curUser['tel']); } if (isset($curUser['fax'])) { $newUser->setFax($curUser['fax']); } if (isset($curUser['activite'])) { $newUser->setJob($curUser['activite']); } if (isset($curUser['fonction'])) { $newUser->setPosition($curUser['fonction']); } if (isset($curUser['societe'])) { $newUser->setCompany($curUser['societe']); } $app['acl']->get($newUser)->apply_model($app['manipulator.user']->getRepository()->find($model), array_keys($app['acl']->get($app['authentication']->getUser())->get_granted_base(['manage']))); $nbCreation++; } } } return $app->redirectPath('admin_users_search', ['user-updated' => $nbCreation]); })->bind('users_submit_import'); $controllers->get('/import/example/csv/', function (Application $app) { $file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/exampleImportUsers.csv'); if (!$file->isFile()) { $app->abort(400); } $response = new Response(); $response->setStatusCode(200); $response->headers->set('Pragma', 'public'); $response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename()); $response->headers->set('Content-Length', $file->getSize()); $response->headers->set('Content-Type', 'text/csv'); $response->setContent(file_get_contents($file->getPathname())); return $response; })->bind('users_import_csv'); $controllers->get('/import/example/rtf/', function (Application $app) { $file = new \SplFileInfo($app['root.path'] . '/lib/Fixtures/Fields.rtf'); if (!$file->isFile()) { $app->abort(400); } $response = new Response(); $response->setStatusCode(200); $response->headers->set('Pragma', 'public'); $response->headers->set('Content-Disposition', 'attachment; filename=' . $file->getFilename()); $response->headers->set('Content-Length', $file->getSize()); $response->headers->set('Content-Type', 'text/rtf'); $response->setContent(file_get_contents($file->getPathname())); return $response; })->bind('users_import_rtf'); return $controllers; }
public function postStopTask(Application $app, Request $request, Task $task) { if (false === $app['phraseanet.configuration']['main']['task-manager']['enabled']) { throw new RuntimeException('The use of the task manager is disabled on this instance.'); } $app['manipulator.task']->stop($task); return $app->redirectPath('admin_tasks_list'); }
/** * Deny an order * * @param Application $app * @param Request $request * @param integer $order_id * @return RedirectResponse|JsonResponse */ public function denyOrder(Application $app, Request $request, $order_id) { $success = false; $order = $app['EM']->getRepository('Phraseanet:Order')->find($order_id); if (null === $order) { throw new NotFoundHttpException('Order not found'); } $n = 0; $elements = $request->request->get('elements', []); foreach ($order->getElements() as $orderElement) { if (in_array($orderElement->getId(), $elements)) { $orderElement->setOrderMaster($app['authentication']->getUser()); $orderElement->setDeny(true); $app['EM']->persist($orderElement); $n++; } } try { if ($n > 0) { $order->setTodo($order->getTodo() - $n); $app['events-manager']->trigger('__ORDER_NOT_DELIVERED__', ['from' => $app['authentication']->getUser()->getId(), 'to' => $order->getUser()->getId(), 'n' => $n]); } $success = true; $app['EM']->persist($order); $app['EM']->flush(); } catch (\Exception $e) { } if ('json' === $app['request']->getRequestFormat()) { return $app->json(['success' => $success, 'msg' => $success ? $app->trans('Order has been denied') : $app->trans('An error occured while denying, please retry or contact an admin if problem persists'), 'order_id' => $order_id]); } return $app->redirectPath('prod_orders', ['success' => (int) $success, 'action' => 'send']); }
/** * Create a new developer applications * * @param Application $app A Silex application where the controller is mounted on * @param Request $request The current request * @return Response */ public function newApp(Application $app, Request $request) { if ($request->request->get('type') === ApiApplication::DESKTOP_TYPE) { $form = new \API_OAuth2_Form_DevAppDesktop($app['request']); } else { $form = new \API_OAuth2_Form_DevAppInternet($app['request']); } $violations = $app['validator']->validate($form); if ($violations->count() === 0) { $application = $app['manipulator.api-application']->create($form->getName(), $form->getType(), $form->getDescription(), sprintf('%s%s', $form->getSchemeWebsite(), $form->getWebsite()), $app['authentication']->getUser(), sprintf('%s%s', $form->getSchemeCallback(), $form->getCallback())); // create an account as well $app['manipulator.api-account']->create($application, $app['authentication']->getUser()); return $app->redirectPath('developers_application', ['application' => $application->getId()]); } return $app['twig']->render('/developers/application_form.html.twig', ["violations" => $violations, "form" => $form]); }
/** * Grant to an user admin rights * * @param Application $app * @param Request $request * @return RedirectResponse */ public function addAdmins(Application $app, Request $request) { $admins = $request->request->get('admins', []); if (count($admins) === 0 || !is_array($admins)) { $app->abort(400, '"admins" parameter must contains at least one value.'); } if (!in_array($app['authentication']->getUser()->getId(), $admins)) { $admins[] = $app['authentication']->getUser()->getId(); } $admins = array_map(function ($usrId) use($app) { if (null === ($user = $app['repo.users']->find($usrId))) { throw new RuntimeException(sprintf('Invalid usrId %s provided.', $usrId)); } return $user; }, $admins); $app['manipulator.user']->promote($admins); $app['manipulator.acl']->resetAdminRights($admins); return $app->redirectPath('admin_dashbord'); }
public function connect(SilexApplication $app) { $app['controller.lightbox'] = $this; $controllers = $app['controllers_factory']; $controllers->before(function (Request $request) use($app) { if (!$request->query->has('LOG')) { return; } if ($app['authentication']->isAuthenticated()) { $app['authentication']->closeAccount(); } if (null === ($token = $app['repo.tokens']->findValidToken($request->query->get('LOG')))) { $app->addFlash('error', $app->trans('The URL you used is out of date, please login')); return $app->redirectPath('homepage'); } $app['authentication']->openAccount($token->getUser()); switch ($token->getType()) { case TokenManipulator::TYPE_FEED_ENTRY: return $app->redirectPath('lightbox_feed_entry', ['entry_id' => $token->getData()]); break; case TokenManipulator::TYPE_VALIDATE: case TokenManipulator::TYPE_VIEW: return $app->redirectPath('lightbox_validation', ['basket' => $token->getData()]); break; } }); $app['firewall']->addMandatoryAuthentication($controllers); $controllers->before($app['middleware.basket.converter'])->before($app['middleware.basket.user-access']); $controllers->get('/', function (SilexApplication $app) { try { \Session_Logger::updateClientInfos($app, 6); } catch (SessionNotFound $e) { return $app->redirectPath('logout'); } $repository = $app['repo.baskets']; $basket_collection = array_merge($repository->findActiveByUser($app['authentication']->getUser()), $repository->findActiveValidationByUser($app['authentication']->getUser())); $template = 'lightbox/index.html.twig'; if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) { $template = 'lightbox/IE6/index.html.twig'; } return new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'module_name' => 'Lightbox', 'module' => 'lightbox'])); })->bind('lightbox'); $controllers->get('/ajax/NOTE_FORM/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) { if (!$app['browser']->isMobile()) { return new Response(''); } $basketElement = $app['repo.basket-elements']->findUserElement($sselcont_id, $app['authentication']->getUser()); $parameters = ['basket_element' => $basketElement, 'module_name' => '']; return $app['twig']->render('lightbox/note_form.html.twig', $parameters); })->bind('lightbox_ajax_note_form')->assert('sselcont_id', '\\d+'); $controllers->get('/ajax/LOAD_BASKET_ELEMENT/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) { $repository = $app['repo.basket-elements']; $BasketElement = $repository->findUserElement($sselcont_id, $app['authentication']->getUser()); if ($app['browser']->isMobile()) { $output = $app['twig']->render('lightbox/basket_element.html.twig', ['basket_element' => $BasketElement, 'module_name' => $BasketElement->getRecord($app)->get_title()]); return new Response($output); } else { $template_options = 'lightbox/sc_options_box.html.twig'; $template_agreement = 'lightbox/agreement_box.html.twig'; $template_selector = 'lightbox/selector_box.html.twig'; $template_note = 'lightbox/sc_note.html.twig'; $template_preview = 'common/preview.html.twig'; $template_caption = 'common/caption.html.twig'; if (!$app['browser']->isNewGeneration()) { $template_options = 'lightbox/IE6/sc_options_box.html.twig'; $template_agreement = 'lightbox/IE6/agreement_box.html.twig'; } $Basket = $BasketElement->getBasket(); $ret = []; $ret['number'] = $BasketElement->getRecord($app)->get_number(); $ret['title'] = $BasketElement->getRecord($app)->get_title(); $ret['preview'] = $app['twig']->render($template_preview, ['record' => $BasketElement->getRecord($app), 'not_wrapped' => true]); $ret['options_html'] = $app['twig']->render($template_options, ['basket_element' => $BasketElement]); $ret['agreement_html'] = $app['twig']->render($template_agreement, ['basket' => $Basket, 'basket_element' => $BasketElement]); $ret['selector_html'] = $app['twig']->render($template_selector, ['basket_element' => $BasketElement]); $ret['note_html'] = $app['twig']->render($template_note, ['basket_element' => $BasketElement]); $ret['caption'] = $app['twig']->render($template_caption, ['view' => 'preview', 'record' => $BasketElement->getRecord($app)]); return $app->json($ret); } })->bind('lightbox_ajax_load_basketelement')->assert('sselcont_id', '\\d+'); $controllers->get('/ajax/LOAD_FEED_ITEM/{entry_id}/{item_id}/', function (SilexApplication $app, $entry_id, $item_id) { $entry = $app['repo.feed-entries']->find($entry_id); $item = $entry->getItem($item_id); if ($app['browser']->isMobile()) { $output = $app['twig']->render('lightbox/feed_element.html.twig', ['feed_element' => $item, 'module_name' => $item->getRecord($app)->get_title()]); return new Response($output); } else { $template_options = 'lightbox/feed_options_box.html.twig'; $template_preview = 'common/preview.html.twig'; $template_caption = 'common/caption.html.twig'; if (!$app['browser']->isNewGeneration()) { $template_options = 'lightbox/IE6/feed_options_box.html.twig'; } $ret = []; $ret['number'] = $item->getRecord($app)->get_number(); $ret['title'] = $item->getRecord($app)->get_title(); $ret['preview'] = $app['twig']->render($template_preview, ['record' => $item->getRecord($app), 'not_wrapped' => true]); $ret['options_html'] = $app['twig']->render($template_options, ['feed_element' => $item]); $ret['caption'] = $app['twig']->render($template_caption, ['view' => 'preview', 'record' => $item->getRecord($app)]); $ret['agreement_html'] = $ret['selector_html'] = $ret['note_html'] = ''; return $app->json($ret); } })->bind('lightbox_ajax_load_feeditem')->assert('entry_id', '\\d+')->assert('item_id', '\\d+'); $controllers->get('/validate/{basket}/', function (SilexApplication $app, $basket) { try { \Session_Logger::updateClientInfos($app, 6); } catch (SessionNotFound $e) { return $app->redirectPath('logout'); } $repository = $app['repo.baskets']; $basket_collection = $repository->findActiveValidationAndBasketByUser($app['authentication']->getUser()); if ($basket->getIsRead() === false) { $basket = $app['EM']->merge($basket); $basket->setIsRead(true); $app['EM']->flush(); } if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser())->getIsAware() === false) { $basket = $app['EM']->merge($basket); $basket->getValidation()->getParticipant($app['authentication']->getUser())->setIsAware(true); $app['EM']->flush(); } $template = 'lightbox/validate.html.twig'; if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) { $template = 'lightbox/IE6/validate.html.twig'; } $response = new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'basket' => $basket, 'local_title' => strip_tags($basket->getName()), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')])); $response->setCharset('UTF-8'); return $response; })->bind('lightbox_validation')->assert('basket', '\\d+'); $controllers->get('/compare/{basket}/', function (SilexApplication $app, Basket $basket) { try { \Session_Logger::updateClientInfos($app, 6); } catch (SessionNotFound $e) { return $app->redirectPath('logout'); } $repository = $app['repo.baskets']; $basket_collection = $repository->findActiveValidationAndBasketByUser($app['authentication']->getUser()); if ($basket->getIsRead() === false) { $basket = $app['EM']->merge($basket); $basket->setIsRead(true); $app['EM']->flush(); } if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser())->getIsAware() === false) { $basket = $app['EM']->merge($basket); $basket->getValidation()->getParticipant($app['authentication']->getUser())->setIsAware(true); $app['EM']->flush(); } $template = 'lightbox/validate.html.twig'; if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) { $template = 'lightbox/IE6/validate.html.twig'; } $response = new Response($app['twig']->render($template, ['baskets_collection' => $basket_collection, 'basket' => $basket, 'local_title' => strip_tags($basket->getName()), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')])); $response->setCharset('UTF-8'); return $response; })->bind('lightbox_compare')->assert('basket', '\\d+'); $controllers->get('/feeds/entry/{entry_id}/', function (SilexApplication $app, $entry_id) { try { \Session_Logger::updateClientInfos($app, 6); } catch (SessionNotFound $e) { return $app->redirectPath('logout'); } $feed_entry = $app['repo.feed-entries']->find($entry_id); $template = 'lightbox/feed.html.twig'; if (!$app['browser']->isNewGeneration() && !$app['browser']->isMobile()) { $template = 'lightbox/IE6/feed.html.twig'; } $content = $feed_entry->getItems(); $first = $content->first(); $output = $app['twig']->render($template, ['feed_entry' => $feed_entry, 'first_item' => $first, 'local_title' => $feed_entry->getTitle(), 'module' => 'lightbox', 'module_name' => $app->trans('admin::monitor: module validation')]); $response = new Response($output, 200); $response->setCharset('UTF-8'); return $response; })->bind('lightbox_feed_entry')->assert('entry_id', '\\d+'); $controllers->get('/ajax/LOAD_REPORT/{basket}/', function (SilexApplication $app, Basket $basket) { return new Response($app['twig']->render('lightbox/basket_content_report.html.twig', ['basket' => $basket])); })->bind('lightbox_ajax_report')->assert('basket', '\\d+'); $controllers->post('/ajax/SET_NOTE/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) { $output = ['error' => true, 'datas' => $app->trans('Erreur lors de l\'enregistrement des donnees')]; $request = $app['request']; $note = $request->request->get('note'); if (is_null($note)) { return new Response('You must provide a note value', 400); } $repository = $app['repo.basket-elements']; $basket_element = $repository->findUserElement($sselcont_id, $app['authentication']->getUser()); $validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser()); $validationDatas->setNote($note); $app['EM']->merge($validationDatas); $app['EM']->flush(); if ($app['browser']->isMobile()) { $datas = $app['twig']->render('lightbox/sc_note.html.twig', ['basket_element' => $basket_element]); $output = ['error' => false, 'datas' => $datas]; } else { $template = 'lightbox/sc_note.html.twig'; $datas = $app['twig']->render($template, ['basket_element' => $basket_element]); $output = ['error' => false, 'datas' => $datas]; } return $app->json($output); })->bind('lightbox_ajax_set_note')->assert('sselcont_id', '\\d+'); $controllers->post('/ajax/SET_ELEMENT_AGREEMENT/{sselcont_id}/', function (SilexApplication $app, $sselcont_id) { $request = $app['request']; $agreement = $request->request->get('agreement'); if (is_null($agreement)) { return new Response('You must provide an agreement value', 400); } $agreement = $agreement > 0; $releasable = false; try { $ret = ['error' => true, 'releasable' => false, 'datas' => $app->trans('Erreur lors de la mise a jour des donnes')]; $repository = $app['repo.basket-elements']; $basket_element = $repository->findUserElement($sselcont_id, $app['authentication']->getUser()); /* @var $basket_element BasketElement */ $validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser()); if (!$basket_element->getBasket()->getValidation()->getParticipant($app['authentication']->getUser())->getCanAgree()) { throw new ControllerException('You can not agree on this'); } $validationDatas->setAgreement($agreement); $participant = $basket_element->getBasket()->getValidation()->getParticipant($app['authentication']->getUser()); $app['EM']->merge($basket_element); $app['EM']->flush(); $releasable = false; if ($participant->isReleasable() === true) { $releasable = $app->trans('Do you want to send your report ?'); } $ret = ['error' => false, 'datas' => '', 'releasable' => $releasable]; } catch (ControllerException $e) { $ret['datas'] = $e->getMessage(); } return $app->json($ret); })->bind('lightbox_ajax_set_element_agreement')->assert('sselcont_id', '\\d+'); $controllers->post('/ajax/SET_RELEASE/{basket}/', function (SilexApplication $app, Basket $basket) { $datas = ['error' => true, 'datas' => '']; try { if (!$basket->getValidation()) { throw new ControllerException('There is no validation session attached to this basket'); } if (!$basket->getValidation()->getParticipant($app['authentication']->getUser())->getCanAgree()) { throw new ControllerException('You have not right to agree'); } $agreed = false; /* @var $basket Basket */ foreach ($basket->getElements() as $element) { if (null !== $element->getUserValidationDatas($app['authentication']->getUser())->getAgreement()) { $agreed = true; } } if (!$agreed) { throw new ControllerException($app->trans('You have to give your feedback at least on one document to send a report')); } /* @var $basket Basket */ $participant = $basket->getValidation()->getParticipant($app['authentication']->getUser()); $token = $app['manipulator.token']->createBasketValidationToken($basket); $url = $app->url('lightbox', ['LOG' => $token->getValue()]); $to = $basket->getValidation()->getInitiator($app)->getId(); $app['dispatcher']->dispatch(PhraseaEvents::VALIDATION_DONE, new ValidationEvent($participant, $basket, $url)); $participant->setIsConfirmed(true); $app['EM']->merge($participant); $app['EM']->flush(); $datas = ['error' => false, 'datas' => $app->trans('Envoie avec succes')]; } catch (ControllerException $e) { $datas = ['error' => true, 'datas' => $e->getMessage()]; } return $app->json($datas); })->bind('lightbox_ajax_set_release')->assert('basket', '\\d+'); return $controllers; }
public function generateAuthResponse(Application $app, \Browser $browser, $redirect) { if ($browser->isMobile()) { $response = $app->redirectPath('lightbox'); } elseif ($redirect) { $response = new RedirectResponse('../' . ltrim($redirect, '/')); } elseif (true !== $browser->isNewGeneration()) { $response = $app->redirectPath('get_client'); } else { $response = $app->redirectPath('prod'); } $response->headers->clearCookie('postlog'); $response->headers->clearCookie('last_act'); return $response; }
/** * Adds an element to a basket * * @param Application $app * @param Request $request * @return RedirectResponse */ public function addElementToBasket(Application $app, Request $request) { $basket = $app['converter.basket']->convert($request->request->get('courChuId')); $app['acl.basket']->isOwner($basket, $app['authentication']->getUser()); try { $record = new \record_adapter($app, $request->request->get('sbas'), $request->request->get('p0')); $basketElement = new BasketElement(); $basketElement->setRecord($record); $basketElement->setBasket($basket); $basket->addElement($basketElement); $app['EM']->persist($basket); $app['EM']->flush(); } catch (\Exception $e) { } return $app->redirectPath('get_client_baskets', ['courChuId' => $basket ? $basket->getId() : '']); }
public function postStopTask(Application $app, Request $request, Task $task) { $app['manipulator.task']->stop($task); return $app->redirectPath('admin_tasks_list'); }
public function setLocale(Application $app, Request $request, $locale) { $response = $app->redirectPath('root'); $response->headers->setCookie(new Cookie('locale', $locale)); return $response; }
/** * Deletes identified session * * @param Application $app * @param Request $request * @param integer $id * * @return RedirectResponse|JsonResponse */ public function deleteSession(Application $app, Request $request, $id) { $session = $app['EM']->find('Phraseanet:Session', $id); if (null === $session) { $app->abort(404, 'Unknown session'); } if (null === $session->getUser()) { $app->abort(403, 'Unauthorized'); } if ($session->getUser()->getId() !== $app['authentication']->getUser()->getId()) { $app->abort(403, 'Unauthorized'); } $app['EM']->remove($session); $app['EM']->flush(); if ($app['request']->isXmlHttpRequest()) { return $app->json(['success' => true, 'session_id' => $id]); } return $app->redirectPath('account_sessions'); }