public static function getCurrentUser()
{
if (!UsersLogin::isLogined()) {
return;
}
return array('currentUser' => UsersLogin::getCurrentSession()->getParseData());
}
public function testLogin()
{
$api = new Login();
$api->exec();
$this->assertTrue(\UsersLogin::isLogined());
$this->assertEquals(\UsersLogin::getCurrentSession()->login->getValue(), self::Login);
}
public function testIsVisible()
{
\UsersLogin::login(self::GuestUser, Helper::DefaultPassword);
$item = new MenuItem();
$this->assertFalse($item->isVisible());
\UsersLogin::login(self::AdminUser, Helper::DefaultPassword);
$this->assertTrue($item->isVisible());
}
/**
* Get device token user id
*
* @param mixed(integer|array) $userId
* @return \UsersLogin
*/
public static function getUserLoginDetailsById($userIds, $multiple = false)
{
$query = UsersLogin::select(array('device_type as deviceType', 'device_push_token as devicePushToken', 'users.name as name'))->join('users', 'users.id', '=', 'users_login.user_id')->where('users_login.status', '=', \DB::raw(1))->whereNotNull('users_login.device_push_token');
if ($multiple && is_array($userIds)) {
return $query->whereIn('users_login.user_id', $userIds)->get();
}
return $query->where('users_login.user_id', '=', $userIds)->get();
}
public static function getCurrentUserGrants()
{
$result = self::loadGuestUserRights();
//
if (UsersLogin::isLogined()) {
$result = array_merge($result, self::extractUserGrants(UsersLogin::getCurrentSession()));
}
return $result;
}
public function testLogout()
{
\UsersLogin::login(self::Login, self::Password);
$this->AssertTrue(\UsersLogin::isLogined());
$api = new Logout();
$api->exec();
$this->AssertFalse(\UsersLogin::isLogined());
//
}
/**
* @expectedException \ForbiddenException
*/
public function testPermissionRequired()
{
TestsHelper::dbFixture(USERS_TABLE, array(array('login' => 'login', 'password' => passwordColumn::hash('testtest'))));
TestsHelper::dbFixture(\ACL_GRANT_TABLE, array());
//
\UsersLogin::login('login', 'testtest');
$operation = new ApiOperation();
$operation->exec();
}
public function testCallApiOperationWithGrants()
{
TestsHelper::dbFixture(\UserAccount::getTableName(), array(array('login' => 'test', 'password' => passwordColumn::hash('testtest'))));
$user = \UserAccount::getById(1);
\ACL::create(TestApiWithACLOperation::RightName);
\ACL::grant(TestApiWithACLOperation::RightName, $user->obj_rights->getEntity());
\UsersLogin::login('test', 'testtest');
$method = new TestApiWithACLOperation();
$this->assertTrue($method->exec());
}
public function testWithoutPermissions()
{
\UsersLogin::logout();
//
$route = new HtmlRoute($this->getConfigFixture());
$route->test($this->getRequestFixture());
$route->prepareRequest();
$route->dispatch();
$this->expectOutputRegex('#cms_auth#');
}
public function testForInjections()
{
if (\UsersLogin::isLogined()) {
if (\CMSAuth::getInstance()->isAdmin(\UsersLogin::getCurrentSession())) {
return;
}
}
foreach ($this->data as $key => $value) {
self::validateParameter($key, $value);
}
$this->validateParameter('Current page url', $this->uri());
}
public function testAddCustomListener()
{
\UsersLogin::login('root', self::PASSWORD);
\EventController::addRuntimeEventListener(Search::EventName, function ($request) {
$result = new SearchResultModel();
$result->title = 'world!';
$results = [$result];
return $results;
});
$api = new Search(['request' => 'hello?']);
$response = $api->exec();
$this->assertEquals('world!', $response['items'][0]->title->getValue());
}
public function setUp()
{
parent::setUp();
Helper::dbFixture(Job::TableName, array());
$this->setRunnerTimeout(0);
Restorator::restore();
Helper::setupUsers([['login' => self::Login, 'password' => self::Password], ['login' => 'guest', 'password' => self::Password]]);
$user = \UserAccount::getByLogin(self::Login);
\ACL::create(\CMSAuth::SystemAdministratorRoleName);
\ACL::grant(\CMSAuth::SystemAdministratorRoleName, $user->rights->getEntity());
\UsersLogin::forceLogin($user);
TestAction::setUp();
}
protected static function validateLoginAttempts($email)
{
try {
UsersLogin::testLoginAttempts();
} catch (\Extasy\Users\login\LoginAttemptsException $e) {
try {
$user = self::lookForEmail($email);
$e->blockUser(new UserAccount($user));
throw $e;
} catch (\NotFoundException $e) {
}
}
}
public function __construct($urlInfo = array())
{
parent::__construct($urlInfo);
if (!UsersLogin::isLogined()) {
/**
* @todo Избавиться от этой зависимости
*/
$this->addAlert(\plugins\MessageDictionary\Plugin::getMessage('need_auth'));
$this->jump('/');
throw new Exception('User not logined');
}
$this->aProfile = UsersLogin::getCurrentSession();
}
public function exec($source, $initData = null)
{
$auth = CMSDesign::getInstance();
$initData = json_decode($initData, true);
if (!empty($initData)) {
$source = $initData . $source;
}
if (!$auth->isSuperAdmin(UsersLogin::getCurrentUser())) {
print 'Only system administrator can use this feature';
die;
} else {
print UParser::parsePHPCode($source, array());
}
die;
}
public function __construct()
{
//
$auth = CMSAuth::getInstance();
if (!$auth->isSuperAdmin(UsersLogin::getCurrentSession())) {
$this->addError('Access denied');
$this->jump(\Extasy\CMS::getDashboardWWWRoot());
}
parent::__construct();
// Вызов формы редактирования
$this->addGet('id', 'showEdit');
// Вызов формы добавления
$this->addGet('add', 'showAdd');
// Вызов функции редактирования
$this->addPost('id,login,password,rights', 'postEdit');
$this->addPost('id,login,password', 'postEdit');
// Вызов функции добавления
$this->addPost('login,password,rights', 'postAdd');
$this->addPost('login,password', 'postAdd');
// Удаление
$this->addPost('id', 'delete');
}
public static function signup($login, $password, $email, $aData)
{
self::validateLogin($login);
self::validateEmail($email);
// Проверка данных
EventController::callEvent('users_registration_check_data', $login, $password, $email, $aData);
// Проверка существования логина и почты
self::checkLoginOrEmailExists($login, $email);
$register = new SystemRegister('Applications/users/front-end/');
// Если требуется подтвержденте
if ($register->account_confirmation->value) {
// Код подтверждения
$aData['confirmation_code'] = self::getConfirmationCode();
}
//
$aData['login'] = $login;
$aData['email'] = $email;
$user = new UserAccount($aData);
$user->obj_password->setValue($password);
$user->insert();
// Добавлени в базу
$aData['id'] = $user->id->getValue();
$aData['password'] = $password;
// Вызов события
EventController::callEvent('users_registration_after_signup', $aData, $user);
//
// Если требуется подтверждение
if ($register->account_confirmation->value) {
// Высылка письма
self::sendEmailConfirmation($aData);
} else {
UsersLogin::login($login, $password);
}
if ($register->account_registration_success_email->value) {
// Высылка письма
self::sendEmailRegistration($aData);
}
return $aData['id'];
}
protected static function reloadAttemptsConfig()
{
$register = new SystemRegister(self::SystemRegisterPath);
self::$perHost = intval($register->PerHost->value);
self::$perSession = intval($register->PerSession->value);
}
<?php
ob_start();
session_start();
require_once "administrator/includes/UserLoginManager.php";
require_once "administrator/includes/ADAO.php";
$redirectTo = "index.php?error_code=1002233986";
$login = $_POST['username'];
$pass = $_POST['password'];
$loginInfo = UsersLogin::Authenticate($login, $pass);
if ($loginInfo->getID() != 0) {
$cart = @$_SESSION['cart'];
if ($cart) {
ADAO::insertCartItemsOnLogin($loginInfo->getID(), $cart);
}
$_SESSION['id'] = $loginInfo->getID();
$redirectTo = HOME_USERS;
}
header("location:" . $redirectTo);
public function tearDown()
{
if (\UsersLogin::isLogined()) {
\UsersLogin::logout();
}
}
use Extasy\Columns\Password as passwordColumn;
$register = new \SystemRegister('/System/');
try {
$register->delete('Audit');
} catch (\Exception $e) {
}
Restorator::restore();
\SystemRegisterSample::createCache();
TestsHelper::dbFixture(ACL_TABLE, array());
ACL::create(ApiOperation::RightName);
// user record
TestsHelper::dbFixture(USERS_TABLE, array(array('login' => 'login', 'password' => passwordColumn::hash('testtest')), array('login' => 'guest', 'password' => passwordColumn::hash('testtest'))));
// grant user permission
$user = UserAccount::getByLogin('login');
ACL::grant(ApiOperation::RightName, $user->obj_rights->getEntity());
\UsersLogin::login('login', 'testtest');
// base logs
TestsHelper::dbFixture(Log::getTableName(), array(array('name' => 'Log1', 'critical' => 0, 'enable_logging' => 1), array('name' => 'Log2', 'critical' => 1, 'enable_logging' => 1)));
// base records
// - [different by user_id]
// - [different by date]
// - [different by content]
TestsHelper::dbFixture(Record::getTableName(), array(array('log_id' => 1, 'date' => '2001-01-01 00:00:00', 'short' => 'short log', 'full' => 'full_log', 'user_id' => 1, 'user_login' => 'login'), array('log_id' => 2, 'date' => '2001-01-02 00:00:00', 'short' => 'short log', 'full' => 'full_log', 'user_id' => 1, 'user_login' => 'login'), array('log_id' => 1, 'date' => '2001-01-03 00:00:00', 'short' => 'short log', 'full' => 'full_log')));
// Create custom config if it exists
$schemaName = 'Audit.CriticalEventName';
try {
$config = \CConfig::getSchema($schemaName);
$config->delete();
} catch (\Exception $e) {
} finally {
$config = \CConfig::createSchema($schemaName);
protected function initUserParseData()
{
$user = \UsersLogin::getCurrentSession();
if (is_object($user)) {
$userData = $user->getData();
$this->view->set('currentUser', $userData);
}
}
protected function action()
{
if (\UsersLogin::isLogined()) {
\UsersLogin::logout();
}
}
/**
* Отображает форму редактирования
*/
protected function outputEditingForm($sheets, $controls)
{
$sheetsEmpty = false;
if (empty($sheets)) {
$sheetsEmpty = true;
$sheets = array(array('id' => 'mainTab', 'title' => 'Ошибка'));
}
if ($this->schema->getSitemapLink()) {
$sitemapInfo = Sitemap_Sample::get($this->schema->getSitemapLink());
array_push($sheets, array('id' => 'sitemapTab', 'title' => 'Свойства'));
}
//
$design = CMSDesign::getInstance();
$design->forms->begin();
// Вывод вкладок
$design->tabs->sheetsBegin($sheets);
// По вкладкам вывод
$i = 0;
if (!empty($controls)) {
foreach ($controls as $list) {
$design->tabs->contentBegin($sheets[$i]['id']);
$design->table->begin();
foreach ($list as $control) {
$design->table->row2cell($control->getTitle(), $control->outputInForm());
}
$design->table->end();
$design->tabs->contentEnd();
$i++;
}
} else {
$design->tabs->contentBegin($sheets[0]['id']);
$design->decor->contentBegin();
printf('У данной схемы пока нету вкладок для редактирования<br/>');
$auth = CMSAuth::getInstance();
if ($auth->isSuperAdmin(UsersLogin::getCurrentUser())) {
printf('Перейти к <a href="%scconfig/manage.php?schema=%s&edit=1">управлению</a> конфигом', \Extasy\CMS::getDashboardWWWRoot(), $this->schema->getName());
}
$design->decor->contentEnd();
$design->tabs->contentEnd();
}
if (!empty($sitemapInfo)) {
$auth = CMSAuth::getInstance();
if ($auth->isSuperAdmin(UsersLogin::getCurrentUser())) {
$link = sprintf('<a href="%scconfig/manage.php?schema=%s" target="_blank">Управление конфигом</a>', \Extasy\CMS::getDashboardWWWRoot(), $this->schema->getName());
$property = array('' => $link);
} else {
$property = array();
}
SitemapCMSForms::outputSitemapTabSheet($sitemapInfo, $sheets[sizeof($sheets) - 1]['id'], $property);
}
$design->tabs->sheetsEnd();
$design->forms->hidden('schema', $this->schema->getName());
// Вывод конца
$design->forms->submit('submit', 'Сохранить');
$design->forms->end();
$this->outputFooter();
}
/**
*
* @param unknown $code
*/
public function confirmEmail($code)
{
try {
$acc = UserAccount::activateEmail($code);
UsersLogin::logout();
UsersLogin::forceLogin($acc);
$this->set('success', '1');
} catch (Exception $e) {
$this->set('error', $e->getMessage());
}
$this->output('users/registration/confirmEmail');
}
public function unAuthorize($szUrl = '/')
{
$_SESSION[SESSION_AUTH] = array();
if (!headers_sent()) {
header('HTTP/1.0 401 Unauthorized');
header('Content-Type: text/html; charset= utf-8');
header('Location: ' . $szUrl);
}
UsersLogin::logout();
}
protected function action()
{
\UsersLogin::login($this->getParam('login'), $this->getParam('password'));
return true;
}
