/** * @param string $setting * @param UserInterface $user * @return mixed */ public function getUserSetting($setting, UserInterface $user = null) { if (!$user) { $user = $this->authenticationService->getIdentity(); } return $this->userSettingsService->getValue($setting, $user); }
public function __invoke(Request $req, Response $res) { $school = $req->getAttribute('school'); if ($req->isPost()) { $this->appFormInputFilter->setData(array_merge($req->getParams(), ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail])); $isValid = $this->appFormInputFilter->isValid(); if ($isValid) { $data = $this->appFormInputFilter->getValues(); $appForm = $this->appFormService->submit($data); $_SESSION['applicationForm']['appForm'] = $appForm; $res = $res->withRedirect($this->successUrl); return $res; } $this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()]; } $loadForm = (bool) $req->getParam('load', false); $this->view['choose'] = !$loadForm && !$req->isPost(); if (!$req->isPost() && $loadForm) { if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) { $this->view['form'] = ['values' => $appForm]; } } $labs = $this->labService->getLabsBySchoolId($school->id); $res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) { return ['value' => $lab['id'], 'label' => $lab['name']]; }, $labs), 'type_choices' => array_map(function ($category) { return ['value' => $category['id'], 'label' => $category['name']]; }, $this->assetsService->getAllItemCategories())]); return $res; }
/** * Main method to check authorization * * @param MvcEvent $e * * @return ResponseInterface */ public function checkAccess(MvcEvent $e) { /** @var Response $response */ $response = $e->getResponse(); /** @var UserEntity $identity */ $identity = $this->authService->getIdentity(); $role = $identity ? $identity->getRole() : UserEntity::ROLE_GUEST; list($moduleName, $controllerName, $actionName) = $this->namesResolver->resolve($e); if ($this->acl->isAllowed($role, $moduleName, $controllerName . ':' . $actionName)) { $e->getViewModel()->setVariable('acl', $this->acl); return $response; } $this->getEventManager()->trigger(self::EVENT_IS_NOT_ALLOWED, $e->getTarget()); $router = $e->getRouter(); if ($role !== UserEntity::ROLE_GUEST) { $url = $router->assemble(['controller' => 'no-access'], ['name' => 'auth/default']); } else { $url = $router->assemble(['controller' => 'login'], ['name' => 'access/default']); } $response->setStatusCode(302); $response->getHeaders()->clearHeaders(); $response->getHeaders()->addHeaderLine('Location', $url); $e->stopPropagation(); return $response; }
/** * @todo Remove the AnonymousIdentity instantiation. This belongs in an Authentication Adapter * @return Identity */ public function getIdentity() { $identity = $this->authenticationService->getIdentity(); if (is_null($identity)) { $identity = new AnonymousIdentity(); } return $identity; }
/** * @return Context */ public function createContext() { $context = new Context(); $token = $this->tokenStorage->getIdentity(); if (null !== $token) { $context->set('username', $this->tokenStorage->getIdentity()); } return $context; }
/** * Retrieve the current identity, if any. * * If none is present, returns null. * * @return mixed|null * @throws Exception\RuntimeException */ public function __invoke() { if (!$this->authenticationService instanceof AuthenticationServiceInterface) { throw new Exception\RuntimeException('No AuthenticationServiceInterface instance provided; cannot lookup identity'); } if (!$this->authenticationService->hasIdentity()) { return; } return $this->authenticationService->getIdentity(); }
public function assert(Acl $acl, RoleInterface $role = null, ResourceInterface $resource = null, $privilege = null) { $identity = $this->authService->getIdentity(); $user = R::load('user', $identity->id); if (!($school = $user->school)) { return false; } $appForm = $this->appFormService->findSchoolApplicationForm($school->id); return null === $appForm; }
public function __invoke(ServerRequestInterface $req, Response $res) { if ($this->authService->hasIdentity()) { $identity = $this->authService->getIdentity(); $events = $this->events; $this->authService->clearIdentity(); $events('trigger', 'logout', $identity, $this->redirectUrl); } return $res->withRedirect($this->redirectUrl); }
public function __invoke(Request $req, Response $res) { $identity = $this->authService->getIdentity(); if (null === $identity) { return $res; } $user = R::load('user', $identity->id); if (!$user->school_id) { return $res; } $school_id = $user->school_id; $sync = $this->syncFromInventory; $result = $sync($school_id); if (false === $result) { return $res->withStatus(500); } return $res->withJson($result); }
public function __invoke(Request $req, Response $res, callable $next) { $res = $next($req, $res); $identity = $this->authService->getIdentity(); if (null === $identity) { return $res; } $user = R::load('user', $identity->id); if (!$user->school_id) { return $res; } $school_id = $user->school_id; if (0 < count($this->labService->getLabsBySchoolId($school_id))) { return $res; } $sync = $this->syncFromInventory; $sync($school_id); return $res; }
/** * Determines whether or not user has access to requested resource. * * @param ServerRequestInterface $request * @param ResponseInterface $response * @param callable $next * * @return ResponseInterface */ public function __invoke(ServerRequestInterface $request, ResponseInterface $response, callable $next) { $route = $request->getAttribute('route', null); if ($route === null) { // User likely accessing a nonexistent route. Calling next middleware. return $next($request, $response); } $role = $this->getRole($this->auth->getIdentity()); $resource = $route->getPattern(); /* * THIS BUG HAPPENED WHEN ROUTE DID NOT SET ->allow([roles]) * Hope fix problems when an optional / maybe followed by arguments * Route::group('/venues', function (){ Route::get('/', ... Route::get('[/{id:[0-9]+}]', ... dont work for groups that do not have a sub route like '/' */ // $resource = preg_replace("|\[\/[^\[].*\]|", "/", $route->getPattern()); // $resource = $route->getIdentifier(); $privilege = $request->getMethod(); // $isAllowed = false; // if(!$this->acl && $route instanceof AuthorizableRoute){ // $route->getAcl()->isAllowed($role, $resource, $privilege); // } else { // $this->acl->isAllowed($role, $resource, $privilege); // } // var_dump($this->acl); $isAllowed = $this->acl->isAllowed($role, $resource, $privilege); $isAuthenticated = $this->auth->hasIdentity(); if ($isAllowed) { return $next($request, $response); } if ($isAuthenticated) { // Authenticated but unauthorized for this resource return $this->handler->notAuthorized($response); } // Not authenticated and must be authenticated to access this resource return $this->handler->notAuthenticated($response); }
public function __construct(AuthenticationServiceInterface $authService, AclInterface $acl, $config = null) { $this->authService = $authService; if (is_array($config)) { if (isset($config['acl']) && !empty($config['acl']['defaultRole'])) { $defaultRole = $config['acl']['defaultRole']; if (!$defaultRole instanceof RoleInterface) { $defaultRole = new GenericRole($defaultRole); } $this->setDefaultRole($defaultRole); } } $this->setAcl($acl); $this->setDefaultAcl($acl); $identity = $this->authService->getIdentity(); if ($identity) { $role = $identity->getRole(); if (!$role instanceof RoleInterface) { $role = new GenericRole($role); } $this->setRole($role); } }
public function __invoke(Request $req, Response $res, callable $next) { $res = $next($req, $res); $identity = $this->authService->getIdentity(); if (!$identity) { return $res; } $registryNo = $this->findUnitRegitryNo($identity); if (null === $registryNo) { $this->logger->error(sprintf('Unit for user %s not found in LDAP', $identity->mail), $identity->toArray()); return $this->logoutAndRediret($res, sprintf('Το σχολείο με email %s δεν βρέθηκε στο Κατάλογο του ΠΣΔ. <a href="%s" title="SSO logout">SSO Logout</a>', $identity->mail, $this->ssoLogoutUrl)); } $school = R::findOne('school', 'registry_no = ?', [$registryNo]); try { if (!$school) { $unit = call_user_func($this->fetchUnit, $registryNo); if (null === $unit) { $mmId = $this->findUnitMmId($identity); $unit = call_user_func($this->fetchUnitFromMMById, $mmId); } if (null === $unit) { $this->logger->error(sprintf('Unit with %s for user %s not found in MM', $identity->mail, $registryNo)); $this->logger->debug('Trace', ['registryNo' => $registryNo, 'mmId' => $mmId, 'identity' => $identity->toArray()]); return $this->logoutAndRediret($res, sprintf('Το σχολείο με κωδικό %s δεν βρέθηκε στο Μητρώο Μονάδων του ΠΣΔ. <a href="%s" title="SSO logout">SSO Logout</a>', $registryNo, $this->ssoLogoutUrl)); } $data = ['id' => '', 'registry_no' => $registryNo, 'name' => $unit['name'], 'street_address' => $unit['street_address'], 'postal_code' => $unit['postal_code'], 'phone_number' => $unit['phone_number'], 'fax_number' => $unit['fax_number'], 'email' => $identity->mail, 'municipality' => $unit['municipality'], 'schooltype_id' => $unit['unit_type_id'], 'prefecture_id' => $unit['prefecture_id'], 'educationlevel_id' => $unit['education_level_id'], 'eduadmin_id' => $unit['edu_admin_id'], 'creator' => $identity->mail]; $filtered = call_user_func($this->schoolInputFilter, $data); if (!$filtered['is_valid']) { $this->logger->error('Invalid data', $filtered); throw new Exception('Invalid data'); } $school = $this->schoolService->createSchool($filtered['values']); $this->logger->info(sprintf('School %s imported from MM to database', $registryNo), $filtered['values']); } $user = R::load('user', $identity->id); $user->school_id = $school['id']; R::store($user); $this->logger->info(sprintf('Set school %s to user %s', $registryNo, $identity->mail)); } catch (Exception $e) { $this->logger->error(sprintf('Problem inserting school %s form MM in database', $registryNo)); $this->logger->debug('Exception', [$e->getMessage(), $e->getTraceAsString()]); return $this->logoutAndRediret($res, sprintf('A problem occured fetching school data. <a href="%s" title="SSO logout">SSO Logout</a>', $this->ssoLogoutUrl)); } return $res; }
/** * @return \Zend\Http\Response */ public function addEmailAction() { $this->addEmailService->addEmail($this->params()->fromPost(), $this->authService->getIdentity()); return $this->redirect()->toRoute('PServerCore/user', ['action' => 'index']); }
/** * {@inheritDoc} */ public function getIdentity() { return $this->authenticationService->getIdentity(); }
public function __invoke(Request $req, Response $res) { $school = $req->getAttribute('school'); if ($req->isPost()) { $reqParams = $req->getParams(); array_splice($reqParams['items'], 0, 0); $this->appFormInputFilter->setData(array_merge($reqParams, ['school_id' => $school->id, 'submitted_by' => $this->authService->getIdentity()->mail])); $isValid = $this->appFormInputFilter->isValid(); if ($isValid) { $data = $this->appFormInputFilter->getValues(); $appForm = $this->appFormService->submit($data); $_SESSION['applicationForm']['appForm'] = $appForm; $res = $res->withRedirect($this->successUrl); return $res; } $this->view['form'] = ['is_valid' => $isValid, 'values' => $this->appFormInputFilter->getValues(), 'raw_values' => $this->appFormInputFilter->getRawValues(), 'messages' => $this->appFormInputFilter->getMessages()]; } $loadForm = (bool) $req->getParam('load', false); $this->view['choose'] = !$loadForm && !$req->isPost(); if (!$req->isPost() && $loadForm) { // take care of new options in applications and migrate existing ones if (null !== ($appForm = $this->appFormService->findSchoolApplicationForm($school->id))) { /** * Do mapping of old items to new only if items do exist (old form) * and the map is available at the app settings. * TODO: Only one version migrations are supported. If the old items are * two or more versions older, they will not be handled. */ // get the existing (db) application form version $items_version = $this->version; if (isset($appForm['items']) && \count($appForm['items']) > 0) { $items_version = array_values($appForm['items'])[0]['version']; } if ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && $this->container['settings']['application_form']['itemcategory']['map']['fromversion'] == $items_version && $this->container['settings']['application_form']['itemcategory']['map']['toversion'] == $this->version && isset($this->container['settings']['application_form']['itemcategory']['map']['items'])) { // if map exists for this version, use it $items_map = $this->container['settings']['application_form']['itemcategory']['map']['items']; $appForm['items'] = array_map(function ($item) use($items_map) { $migrate_values = []; if (isset($items_map[$item['itemcategory_id']]) && intval($items_map[$item['itemcategory_id']]) > 0) { $migrate_values = ['itemcategory_prev' => $item['itemcategory_id'], 'itemcategory_id_prev' => $item['itemcategory_id'], 'itemcategory_id' => intval($items_map[$item['itemcategory_id']])]; } else { $migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -1]; } $migrate_values['prev_form_load'] = true; return array_merge($item, $migrate_values); }, $appForm['items']); } elseif ($this->version != $items_version && isset($appForm['items']) && isset($this->container['settings']['application_form']['itemcategory']['map']) && ($this->container['settings']['application_form']['itemcategory']['map']['fromversion'] != $items_version || $this->container['settings']['application_form']['itemcategory']['map']['toversion'] != $this->version)) { // if map does not exist for this version, notify user $items_map = $this->container['settings']['application_form']['itemcategory']['map']['items']; $appForm['items'] = array_map(function ($item) use($items_map) { $migrate_values = ['itemcategory_prev' => '', 'itemcategory_id_prev' => -2, 'prev_form_load' => true]; return array_merge($item, $migrate_values); }, $appForm['items']); } $this->view['form'] = ['values' => $appForm]; } } $labs = $this->labService->getLabsBySchoolId($school->id); $res = $this->view->render($res, 'application_form/form.twig', ['lab_choices' => array_map(function ($lab) { return ['value' => $lab['id'], 'label' => $lab['name']]; }, $labs), 'type_choices' => array_map(function ($category) { return ['value' => $category['id'], 'label' => $category['name']]; }, $this->assetsService->getAllItemCategories($this->version))]); return $res; }