$group->save(); $t->is($activeUser->hasGroup('test-group'), false, '->hasGroup() return false if user hasn\'t this group'); try { $activeUser->addGroupByName('test-group'); $t->pass('->addGroupByName() does not throw an exception if group exist'); } catch (Exception $e) { $t->diag($e->getMessage()); $t->fail('->addGroupByName() does not throw an exception if group exist'); } $t->is($activeUser->getGroupNames(), array('test-group'), '->getGroupNames() return array with group names'); $t->is($activeUser->hasGroup('test-group'), true, '->hasGroup() return true if user has this group'); // permission managment $t->diag('permission managment'); $t->is($activeUser->getPermissionNames(), array(), '->getPermissionNames() return empty array if no permission is set'); try { $activeUser->addPermissionByName('test-permission'); $t->fail('->addPermissionByName() does throw an exception if group not exist'); } catch (Exception $e) { $t->pass('->addPermissionByName() does throw an exception if group not exist'); } $permission = new sfGuardPermission(); $permission->name = 'test-permission'; $permission->save(); $t->is($activeUser->hasPermission('test-permission'), false, '->hasPermission() return false if user hasn\'t this group'); try { $activeUser->addPermissionByName('test-permission'); $t->pass('->addPermissionByName() does not throw an exception if permission exist'); } catch (Exception $e) { $t->diag($e->getMessage()); $t->fail('->addPermissionByName() does not throw an exception if permission exist'); }
/** * * @param sfGuardUser $sf_guard_user * @return sfGuardUser * @author fabriceb * @since May 22, 2009 fabriceb */ public function setDefaultPermissions(sfGuardUser $sf_guard_user) { if (!$sf_guard_user->getId()) { throw new sfException('To add permissions, user must already be in database'); } $permissions = sfConfig::get('app_facebook_connect_user_permissions', array()); foreach ($permissions as $permission) { $sf_guard_user->addPermissionByName($permission); } return $sf_guard_user; }
public function executeJoin($request) { $userParams = $request->getParameter('user'); $this->is_invited = false; $this->group = $request->getParameter('group'); if ($this->group && $this->getUser()->isAuthenticated()) { $this->redirect('@groupView?name=' . $this->group); } //if there's an invitation code supplied, it should match an invitation generated by an invite if ($code = $request->getParameter('code')) { $profile = Doctrine_Query::create()->from('sfGuardUserProfile p')->where('p.invitation_code = ?', $code)->fetchOne(); if ($profile) { $this->is_invited = true; } } if (!$this->is_invited) { $profile = new sfGuardUserProfile(); } //if a network name is supplied if ($network_name = $request->getParameter('network')) { if ($network = LsListTable::getNetworkByDisplayName($network_name)) { $profile->home_network_id = $network["id"]; } } $this->user_form = new UserJoinForm($profile); $this->profile = $profile; //if form is posted, validate if ($request->isMethod('post')) { //bind request params to form $captcha = array('recaptcha_challenge_field' => $request->getParameter('recaptcha_challenge_field'), 'recaptcha_response_field' => $request->getParameter('recaptcha_response_field')); $userParams = array_merge($userParams, array('captcha' => $captcha)); $this->user_form->bind($userParams); //if public_name is valid, check that it's unique $errors = $this->user_form->getErrorSchema()->getErrors(); if (!isset($errors['public_name'])) { $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('p.public_name LIKE ?', $userParams['public_name']); if (in_array($userParams['public_name'], sfGuardUserProfileTable::$prohibitedPublicNames) || $q->count()) { $validatorSchema = $this->user_form->getValidatorSchema(); $validatorSchema['public_name']->setMessage('invalid', 'Sorry, the public name you chose is already taken!'); $this->user_form->getErrorSchema()->addError(new sfValidatorError($validatorSchema['public_name'], 'invalid'), 'public_name'); } } //look for user with duplicate email $q = LsDoctrineQuery::create()->from('sfGuardUserProfile p')->where('REPLACE(p.email, \'.\', \'\') = REPLACE(?, \'.\', \'\')', $userParams['email']); //if user was invited, the duplicate user shouldn't have the same code //if ($code) //{ // $q->addWhere('p.invitation_code <> ?', $code); //} if ($q->count()) { $request->setError('email', 'There is already a user with that email'); } //proceed if there are no errors if ($this->user_form->isValid() && !$request->hasErrors()) { //if user is invited, consider user confirmed if ($this->is_invited) { $user = $profile->User; $user->is_active = true; $profile->invitation_code = null; $profile->is_visible = true; $profile->is_confirmed = true; } else { $user = new sfGuardUser(); //auto-approve? $user->is_active = sfConfig::get('app_accounts_auto_approve') ? true : false; } $db = Doctrine_Manager::connection(); try { $db->beginTransaction(); //save submitted email as password $user->username = $userParams['email']; $user->algorithm = 'sha1'; $user->setPassword($userParams['password1']); if (!$user->hasPermission('contributor')) { $user->addPermissionByName('contributor'); } if (!$user->hasPermission('editor')) { $user->addPermissionByName('editor'); } $user->save(); //save submitted profile fields $profile->user_id = $user->id; $profile->name_first = $userParams['name_first']; $profile->name_last = $userParams['name_last']; $profile->email = $userParams['email']; $profile->reason = $userParams['reason']; $profile->analyst_reason = $userParams['analyst_reason']; $profile->public_name = $userParams['public_name']; $profile->home_network_id = $userParams['home_network_id']; //if not invited, generate code for email confirmation if (!$this->is_invited) { $code = substr(sha1($profile->email . time()), 0, 20); $profile->confirmation_code = $code; } $profile->save(); //add user to group, if requested if ($this->group) { $db = Doctrine_Manager::connection(); $sql = 'SELECT id FROM sf_guard_group WHERE name = ?'; $stmt = $db->execute($sql, array($this->group)); if ($groupId = $stmt->fetch(PDO::FETCH_COLUMN)) { $ug = new sfGuardUserGroup(); $ug->user_id = $user->id; $ug->group_id = $groupId; $ug->is_owner = 0; $ug->save(); } } //send email to notify administrator of new account creation $mailBody = $this->getPartial('accountcreatenotify', array('user' => $user, 'analyst' => $userParams['analyst_reason'], 'group' => $this->group)); if ($this->is_invited) { $subject = 'LittleSis account invitation accepted by ' . $userParams['name_first'] . ' ' . $userParams['name_last']; } else { $subject = 'LittleSis account ' . ($user->is_active ? 'created' : 'requested') . ' by ' . $userParams['name_first'] . ' ' . $userParams['name_last']; } $mailer = new Swift(new Swift_Connection_NativeMail()); $message = new Swift_Message($subject, $mailBody, 'text/plain'); $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name')); $mailer->send($message, sfConfig::get('app_mail_join_sender_address'), $address); $mailer->disconnect(); //notify user that the account has been created/requested $subject = $user->is_active ? 'Welcome to LittleSis!' : 'Your request to become a LittleSis analyst'; $mailBody = $this->getPartial($user->is_active ? 'accountcreatereceipt' : 'accountrequestreceipt', array('user' => $user, 'password' => $userParams['password1'], 'is_invited' => $this->is_invited)); $mailer = new Swift(new Swift_Connection_NativeMail()); $message = new Swift_Message('Welcome to LittleSis!', $mailBody, 'text/plain'); $address = new Swift_Address(sfConfig::get('app_mail_join_sender_address'), sfConfig::get('app_mail_join_sender_name')); $mailer->send($message, $profile->email, $address); $mailer->disconnect(); //if invited, sign in user and record login time if ($this->is_invited) { // signin user $this->getUser()->setAttribute('user_id', $user->id, 'sfGuardSecurityUser'); $this->getUser()->setAuthenticated(true); $this->getUser()->clearCredentials(); $this->getUser()->addCredentials($user->getAllPermissionNames()); // save last login $user->last_login = date('Y-m-d H:i:s'); $user->save(); } //commit changes $db->commit(); } catch (Exception $e) { $db->rollback(); throw $e; } //redirect to requested or joined page if ($user->is_active) { $this->redirect('home/joined' . ($this->is_invited ? '?conf=1' : '')); } else { $this->redirect('home/requested'); } } } }