public function init()
{
//set timeout
$this->_sessionAdmin = new Zend_Session_Namespace(Zend_Auth_Storage_Session::NAMESPACE_DEFAULT);
$this->_sessionAdmin->setExpirationSeconds(30 * 60);
//load acl
$aclLoader = HCMS_Acl_Loader::getInstance();
$aclLoader->load();
if (!Zend_Auth::getInstance()->hasIdentity()) {
$this->_admin = null;
} else {
$this->_admin = Zend_Auth::getInstance()->getIdentity();
$aclLoader->setCurrentRoleCode($aclLoader->getRoleCode($this->_admin->get_role_id()));
}
$this->view->admin = $this->_admin;
if ($this->_checkAuth) {
$this->_checkAuthorization();
}
$this->_redirect_to_ssl();
$this->_checkIP();
//set ACL object for Zend_Navigation
Zend_View_Helper_Navigation_HelperAbstract::setDefaultAcl($aclLoader->getAcl());
Zend_View_Helper_Navigation_HelperAbstract::setDefaultRole($aclLoader->getCurrentRoleCode());
$this->_initVersionInfo();
$this->_module = new Application_Model_Module();
if (Application_Model_ModuleMapper::getInstance()->findByCode($this->getRequest()->getModuleName(), $this->_module)) {
$this->view->moduleSettings = $this->_module->get_settings();
}
parent::init();
}
protected function _updateAttemp(Auth_Model_User $user, $count)
{
$date = new Zend_Date();
$user->set_attempt_login_dt($date->toString('yyyy-MM-dd HH:mm:ss'));
$user->set_attempt_login($count);
//update user but not set new password
$user->set_password("");
Auth_Model_UserMapper::getInstance()->getInstance()->save($user);
}
/**
* Get array of notification messages
*
* @param array $admin
* @return array
*/
public function adminNotifications(Auth_Model_User $admin)
{
$result = array();
$bootstrap = Zend_Controller_Front::getInstance()->getParam('bootstrap');
$this->config = $bootstrap->getOptions();
$daySeconds = 3600 * 24;
$expire_password = strtotime($admin->get_changed_password_dt()) + $daySeconds * $this->_getBootstrapOption('expire_password_day', 'default', 90);
if ($expire_password < time() + 30 * $daySeconds) {
if ($expire_password < time()) {
$result['expire_password'] = $this->view->translate('Your password expired. Please update.');
} else {
$result['expire_password'] = strtr($this->view->translate('Your password expires in {days} days. Please update.'), array('{days}' => floor(($expire_password - time()) / $daySeconds)));
}
}
return $result;
}
/**
* @throws Zend_Auth_Adapter_Exception If authentication can not be establish
* @return Zend_Auth_Result
*/
public function authenticate()
{
$this->_admin = new Auth_Model_User();
//invalid username
if (!Auth_Model_UserMapper::getInstance()->findByCredentials($this->_auth, $this->_admin)) {
return $this->createResult(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, self::NOT_FOUND_MESSAGE);
}
//invalid pass
if ($this->_admin->get_password() != md5($this->_password)) {
return $this->createResult(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, self::BAD_PW_MSG);
}
//not active
if ($this->_admin->get_status() != 'active') {
return $this->createResult(Zend_Auth_Result::FAILURE_UNCATEGORIZED, self::STATUS_NOT_ACTIVE);
}
return $this->createResult(Zend_Auth_Result::SUCCESS);
}
/**
* Submits a contact message.
* @param array $formParams
* @return array $response
*/
public function contact(array $formParams = array())
{
// get categories
$categoriesModel = new Contact_Model_Categories();
$categories = $categoriesModel->getResource()->fetchValues('category');
// get user if one is logged in
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
if ($userId > 0) {
// get the user model for getting user details
$userModel = new Auth_Model_User();
$user = $userModel->getResource()->fetchRow($userId);
} else {
$user = array();
}
// create the form object
$form = new Contact_Form_Submit(array('categories' => $categories, 'user' => $user));
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// form is valid, get values
$values = $form->getValues();
unset($values['submit']);
// set the user_id
$values['user_id'] = $userId;
// set timestamp
$values['datetime'] = date("Y-m-d H:i:s");
// set status of new message to active
$statusModel = new Contact_Model_Status();
$values['status_id'] = $statusModel->getResource()->fetchId(array('where' => array('`status` = "active"')));
// store in database (if enabled)
$this->getResource()->insertRow($values);
// get the category
$row = $categoriesModel->getResource()->fetchRow($values['category_id']);
$values['category'] = $row['category'];
// send mail to user who used the contact form
$this->getModelHelper('mail')->send('contact.submit_user', array('to' => $values['email'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname']));
// send mail to support
$userResource = new Auth_Model_Resource_User();
$this->getModelHelper('mail')->send('contact.submit_support', array('to' => array_merge($userResource->fetchEmailByRole('manager'), $userResource->fetchEmailByRole('admin')), 'reply_to' => $values['email'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'email' => $values['email'], 'category' => $values['category'], 'subject' => $values['subject'], 'message' => $values['message'], 'link' => Daiquiri_Config::getInstance()->getSiteUrl() . '/contact/messages'));
return array('status' => 'ok');
} else {
return array('status' => 'error', 'errors' => $form->getMessages(), 'form' => $form);
}
}
return array('form' => $form, 'status' => 'form');
}
/**
* Registers a participant.
* @param string $slug slug of the meeting
* @param array $formParams
* @return array $response
*/
public function register($slug, array $formParams = array())
{
// get models
$meetingsModel = new Meetings_Model_Meetings();
$meeting = $meetingsModel->getResource()->fetchRow(array('where' => array('slug = ?' => $slug)));
if (empty($meeting)) {
throw new Daiquiri_Exception_NotFound();
}
if (!Daiquiri_Auth::getInstance()->checkPublicationRoleId($meeting['registration_publication_role_id'])) {
return array('status' => 'forbidden', 'message' => $meeting['registration_message']);
}
// get user if one is logged in
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
if ($userId > 0) {
// get the user model for getting user details
$userModel = new Auth_Model_User();
$user = $userModel->getResource()->fetchRow($userId);
} else {
$user = array();
}
// create the form object
$form = new Meetings_Form_Registration(array('submit' => 'Register for this meeting', 'meeting' => $meeting, 'user' => $user));
// valiadate the form if POST
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// get the form values
$values = $form->getValues();
$values['meeting_id'] = $meeting['id'];
$values['details'] = array();
foreach ($meeting['participant_detail_keys'] as $keyId => $detailKey) {
if (is_array($values[$detailKey['key']])) {
$values['details'][$keyId] = Zend_Json::encode($values[$detailKey['key']]);
} else {
if ($values[$detailKey['key']] === null) {
$values['details'][$keyId] = Zend_Json::encode(array());
} else {
$values['details'][$keyId] = $values[$detailKey['key']];
}
}
unset($values[$detailKey['key']]);
}
$values['contributions'] = array();
foreach ($meeting['contribution_types'] as $contributionTypeId => $contributionType) {
if ($values[$contributionType . '_bool'] === '1') {
$values['contributions'][$contributionTypeId] = array('title' => $values[$contributionType . '_title'], 'abstract' => $values[$contributionType . '_abstract']);
} else {
$values['contributions'][$contributionTypeId] = false;
}
unset($values[$contributionType . '_bool']);
unset($values[$contributionType . '_title']);
unset($values[$contributionType . '_abstract']);
}
// get the right status
$participantStatusModel = new Meetings_Model_ParticipantStatus();
if (empty(Daiquiri_Config::getInstance()->meetings->autoAccept)) {
$values['status_id'] = $participantStatusModel->getResource()->fetchId(array('where' => array('`status` = "registered"')));
} else {
$values['status_id'] = $participantStatusModel->getResource()->fetchId(array('where' => array('`status` = "accepted"')));
}
if (Daiquiri_Config::getInstance()->meetings->validation) {
$code = $this->createRandomString(32);
// store the values in the database
$id = $this->getResource()->insertRow(array('email' => $values['email'], 'code' => $code, 'values' => Zend_Json::encode($values), 'meeting_id' => $meeting['id']));
// prepare and send mail
$link = Daiquiri_Config::getInstance()->getSiteUrl() . '/meetings/registration/validate/id/' . $id . '/code/' . $code;
$this->getModelHelper('mail')->send('meetings.validate', array('to' => $values['email'], 'meeting' => $meeting['title'], 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'link' => $link));
return array('status' => 'validate');
} else {
$participantModel = new Meetings_Model_Participants();
$id = $participantModel->getResource()->insertRow($values);
$participant = $participantModel->getResource()->fetchRow($id);
$mailValues = array('to' => $participant['email'], 'meeting' => $meeting['title'], 'firstname' => $participant['firstname'], 'lastname' => $participant['lastname'], 'affiliation' => $participant['affiliation'], 'email' => $participant['email'], 'arrival' => $participant['arrival'], 'departure' => $participant['departure']);
foreach ($meeting['participant_detail_keys'] as $d) {
if (in_array(Meetings_Model_ParticipantDetailKeys::$types[$d['type_id']], array('radio', 'select'))) {
$options = Zend_Json::decode($d['options']);
$mailValues[$d['key']] = $options[$participant['details'][$d['key']]];
} else {
if (in_array(Meetings_Model_ParticipantDetailKeys::$types[$d['type_id']], array('checkbox', 'multiselect'))) {
$options = Zend_Json::decode($d['options']);
$values = array();
foreach (Zend_Json::decode($participant['details'][$d['key']]) as $value_id) {
$values[] = $options[$value_id];
}
$mailValues[$d['key']] = implode(', ', $values);
} else {
$mailValues[$d['key']] = $participant['details'][$d['key']];
}
}
}
foreach ($meeting['contribution_types'] as $contribution_type) {
if (!empty($participant['contributions'][$contribution_type])) {
$mailValues[$contribution_type . '_title'] = $participant['contributions'][$contribution_type]['title'];
$mailValues[$contribution_type . '_abstract'] = $participant['contributions'][$contribution_type]['abstract'];
} else {
$mailValues[$contribution_type . '_title'] = '---';
}
}
$this->getModelHelper('mail')->send('meetings.register', $mailValues);
return array('status' => 'ok');
}
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
}
}
return array('form' => $form, 'status' => 'form', 'message' => $meeting['registration_message']);
}
/**
* Delete data
*
* @param int $id
* @return int|bool
*/
public function delete(Auth_Model_User $user)
{
$result = $this->_dbTable->getAdapter()->delete('auth_user', array('id = ?' => $user->get_id()));
return $result > 0;
}
public function userEditAction()
{
$data = $this->getRequest()->getPost('data');
$id = $this->_getParam('id');
$aclLoader = HCMS_Acl_Loader::getInstance();
//check permission
if ($aclLoader->getAcl()->isAllowed($aclLoader->getCurrentRoleCode(), "admin", "master")) {
$this->view->isAdminLogged = true;
$data["isAdminLogged"] = true;
} else {
$this->view->isAdminLogged = false;
$data["isAdminLogged"] = false;
}
//check if cancel button is pressed
if ($this->_formHelper->isCancel()) {
//cancel form
return $this->_formHelper->returnCancel($this->view->url(array('action' => 'user-edit')), $this->translate('Action canceled'));
}
//create form object
$form = new Auth_Form_User($data);
//postback - save?
if ($this->_formHelper->isSave()) {
//check if valid
if ($form->isValid()) {
$values = $form->getValues();
//create entity object from submitted values, and save
$user = new Auth_Model_User($values);
$date = new Zend_Date();
$user->set_changed_password_dt($date->toString('yyyy-MM-dd HH:mm:ss'));
if (isset($id) && $id > 0) {
if (isset($values['new_password']) && $values['new_password'] != '') {
$user->set_password($values['new_password']);
}
$this->savePassHistory($id);
}
Auth_Model_UserMapper::getInstance()->save($user);
//save done, return success
return $this->_formHelper->returnSuccess($this->view->url(array('action' => 'user-edit')), $this->translate('User saved.'));
} else {
//we have errors - return json or continue
$this->_formHelper->returnError($form->getMessages());
}
} elseif (!$this->_formHelper->getRequest()->isPost()) {
//edit action
if (isset($id) && $id > 0) {
$user = new Auth_Model_User();
if (!Auth_Model_UserMapper::getInstance()->find($id, $user)) {
throw new Exception("User not found");
}
//fetch data
$data = $user->toArray();
}
}
$criteria = array();
$roles = Auth_Model_RoleMapper::getInstance()->fetchAll($criteria);
$languages = Application_Model_TranslateMapper::getInstance()->getLanguages();
$this->view->roles = $roles;
$this->view->languages = $languages;
$this->view->data = $data;
//die(print_R($data));
}
/**
* Initializes the database with the init data for the meetings module.
*/
public function init()
{
// create status entries
$authStatusModel = new Auth_Model_Status();
if ($authStatusModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['status'] as $status) {
$a = array('status' => $status);
$r = $authStatusModel->create($a);
$this->_check($r, $a);
}
}
// create roles entries
$authRoleModel = new Auth_Model_Roles();
if ($authRoleModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['roles'] as $role) {
$a = array('role' => $role);
$r = $authRoleModel->create($a);
$this->_check($r, $a);
}
}
// create detail keys entries
$authDetailKeysModel = new Auth_Model_DetailKeys();
if ($authDetailKeysModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['detailKeys'] as &$a) {
if (!isset($a['type'])) {
$a['type_id'] = 0;
} else {
$a['type_id'] = array_search($a['type'], Auth_Model_DetailKeys::$types);
unset($a['type']);
}
$r = $authDetailKeysModel->create($a);
$this->_check($r, $a);
}
}
// create users
$authUserModel = new Auth_Model_User();
if ($authUserModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['user'] as $credentials) {
// get the corresponding role_id and status_id
$credentials['role_id'] = Daiquiri_Auth::getInstance()->getRoleId($credentials['role']);
unset($credentials['role']);
$credentials['status_id'] = Daiquiri_Auth::getInstance()->getStatusId($credentials['status']);
unset($credentials['status']);
// pre-process password first
$credentials['new_password'] = $credentials['password'];
$credentials['confirm_password'] = $credentials['password'];
unset($credentials['password']);
// process detail keys
foreach ($this->_init->options['init']['auth']['detailKeys'] as $detailKey) {
if (in_array(Auth_Model_DetailKeys::$types[$detailKey['type_id']], array('radio', 'select'))) {
$options = Zend_Json::decode($detailKey['options']);
$option_id = array_search($credentials[$detailKey['key']], $options);
$credentials[$detailKey['key']] = $option_id;
} else {
if (in_array(Auth_Model_DetailKeys::$types[$detailKey['type_id']], array('checkbox', 'multiselect'))) {
$options = Zend_Json::decode($detailKey['options']);
$values = array();
foreach ($credentials[$detailKey['key']] as $value) {
$values[] = array_search($value, $options);
}
$credentials[$detailKey['key']] = $values;
}
}
}
// fake request parametes to make
Zend_Controller_Front::getInstance()->getRequest()->setParams($credentials);
// create user
$r = $authUserModel->create($credentials);
// clean up request
Zend_Controller_Front::getInstance()->getRequest()->setParams(array());
$this->_check($r, $credentials);
}
}
// create apps
$authAppsModel = new Auth_Model_Apps();
if ($authAppsModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['apps'] as $credentials) {
// pre-process password first
$credentials['new_password'] = $credentials['password'];
$credentials['confirm_password'] = $credentials['password'];
unset($credentials['password']);
// fake request parametes to make
Zend_Controller_Front::getInstance()->getRequest()->setParams($credentials);
// create user
$r = $authAppsModel->create($credentials);
// clean up request
Zend_Controller_Front::getInstance()->getRequest()->setParams(array());
$this->_check($r, $credentials);
}
}
// create acl ressources
$authResourcesModel = new Auth_Model_Resources();
if ($authResourcesModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['resources'] as $resource) {
$a = array('resource' => $resource);
$r = $authResourcesModel->create($a);
$this->_check($r, $a);
}
}
// create acl rules, needs to be after create apps
$authRulesModel = new Auth_Model_Rules();
if ($authRulesModel->getResource()->countRows() === 0) {
foreach ($this->_init->options['init']['auth']['rules'] as $role => $rule) {
foreach ($rule as $resource => $permissions) {
$a = array('role' => $role, 'resource' => $resource, 'permissions' => implode(',', $permissions));
$r = $authRulesModel->create($a);
$this->_check($r, $a);
}
}
}
}
/**
* Submits a new query query plan to the database.
* @param array $formParams
* @return array $response
*/
public function mail(array $formParams = array())
{
if (Daiquiri_Config::getInstance()->query->processor->mail->enabled != true) {
throw new Exception('Processor mail is disabled in config.');
}
// get query, plan, tablename and queue from session
$ns = new Zend_Session_Namespace('query_plan');
// get the current user
$userModel = new Auth_Model_User();
$userId = Daiquiri_Auth::getInstance()->getCurrentId();
if ($userId > 0) {
// get the user model for getting user details
$user = $userModel->getResource()->fetchRow($userId);
} else {
$user = array();
}
// get the form for the plan
$form = new Query_Form_Mail(array('user' => $user, 'sql' => $ns->sql, 'plan' => $ns->planString));
// validate form
if (!empty($formParams)) {
if ($form->isValid($formParams)) {
// form is valid, get values
$values = $form->getValues();
// take the values from the session, NOT from the form
// DANGER values are not validated in the form and should not be editable
$sql = $ns->sql;
$planString = $ns->planString;
if (empty(Daiquiri_Config::getInstance()->query->processor->mail->admin)) {
throw new Exception('No admin email addresses configured');
} else {
$this->getModelHelper('mail')->send('query.plan', array('to' => Daiquiri_Config::getInstance()->query->processor->mail->admin->toArray(), 'sql' => $sql, 'plan' => $planString, 'firstname' => $values['firstname'], 'lastname' => $values['lastname'], 'email' => $values['email'], 'message' => $values['message']));
}
return array('status' => 'ok');
} else {
return $this->getModelHelper('CRUD')->validationErrorResponse($form);
}
}
return array('form' => $form, 'status' => 'form');
}