/**
* Authorizes the user with his username and password. Initializes
* the user session if the user data are valid.
*
* @access protected
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @return string|boolean
*/
protected function generateNewPassword(Framework $framework, RequestAbstract $request, Response $response)
{
$uuid = $request->getRouteParam('uuid');
$token = $request->getRouteParam('token');
if ($uuid === false || !$this->userManager->hasUserForUuid($uuid) || $token === false) {
$response->redirectTo('/');
return;
}
// Load the user
$user = $this->userManager->getUserForUuid($uuid);
if ($user->getMetaData('passwordRequestToken') == '') {
return array('result' => false, 'message' => $this->translate('You haven\'t requested a new password.', '\\Zepi\\Web\\AccessControl'));
}
// If the validate function returned a string there was an error in the validation.
if ($user->getMetaData('passwordRequestToken') !== $token || $user->getMetaData('passwordRequestTokenLifetime') < time()) {
return array('result' => false, 'message' => $this->translate('The given token is invalid or expired. Please request a new password.', '\\Zepi\\Web\\AccessControl'));
}
// Generate a new password
$password = $this->generateRandomPassword();
// Save the new password
$user->setNewPassword($password);
// Reset the token
$user->setMetaData('passwordRequestToken', '');
$user->setMetaData('passwordRequestTokenLifetime', 0);
// Update the user
$this->userManager->updateUser($user);
// Send the request mail
$this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('New password generated', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\GenerateNewPassword', array('user' => $user, 'password' => $password)));
return array('result' => true, 'message' => $this->translate('Your new password is generated and saved. You will receive an email with the new password.', '\\Zepi\\Web\\AccessControl'));
}
/**
* Sets the html form value of the field
*
* @access public
* @param mixed $value
* @param \Zepi\Turbo\Request\RequestAbstract $request
*/
public function setValue($value, RequestAbstract $request)
{
if (!$request->hasParam($this->getHtmlName() . '_change')) {
$this->value = false;
} else {
if ($request->hasParam($this->getHtmlName() . '_change')) {
$this->value = true;
}
}
}
/**
* Replaces the event name with a redirect event if the url
* hasn't a slash at the end of the url.
*
* @access public
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @param mixed $value
* @return mixed
*/
public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null)
{
if (!$request instanceof WebRequest) {
return $value;
}
$fullUrl = $request->getRequestedUrl();
$urlParts = parse_url($fullUrl);
if ($urlParts == false) {
return $value;
}
$urlParts = $this->verifyPath($urlParts);
$completeUrl = $response->buildUrl($urlParts);
if ($completeUrl !== $request->getRequestedUrl()) {
$response->redirectTo($completeUrl);
return null;
}
return $value;
}
/**
* Revokes all permissions for the given access level key
*
* @access public
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @param mixed $value
* @return mixed
*/
public function execute(Framework $framework, RequestAbstract $request, Response $response, $value = null)
{
if (!$request instanceof WebRequest) {
return $value;
}
$items = $this->eventAccessManager->getAccessLevelsForEvent($value);
// If there are no access levels for the given event name the access
// to the event is not restricted.
if ($items === false) {
return $value;
}
if (!$request->hasSession()) {
return '\\Zepi\\Core\\AccessControl\\Event\\RedirectRequestWithoutSession';
}
foreach ($items as $accessLevel) {
if ($request->getSession()->hasAccess($accessLevel)) {
return $value;
}
}
return '\\Zepi\\Core\\AccessControl\\Event\\DisplayNoAccessMessage';
}
/**
* Adds the origin and returns the given target url
* with the origin query parameter.
*
* @param string $target
* @return void|string
*/
protected function addOriginToTargetUrl($target)
{
$origin = $this->request->getFullRoute();
$additionalQuery = '_origin=' . base64_encode($origin);
$parts = parse_url($target);
if ($parts === false) {
return $target;
}
if (!isset($parts['query'])) {
$parts['query'] = '';
} else {
if ($parts['query'] !== '') {
$parts['query'] .= '&';
}
}
$parts['query'] .= $additionalQuery;
return $this->buildUrl($parts);
}
/**
* Searches all language files which should be loaded for the
* requested locale.
*
* @access protected
* @param string $namespace
*/
protected function loadLanguageFileForNamespace($namespace)
{
$loadedLocale = $this->request->getLocale();
$content = $this->languageFileManager->loadTranslationFileContent($namespace, $loadedLocale);
// If the received content is empty return false
if ($content === false) {
return false;
}
$lines = explode(PHP_EOL, $content);
foreach ($lines as $line) {
$delimiter = strpos($line, ' = ');
if ($delimiter === false) {
continue;
}
$pattern = substr($line, 0, $delimiter);
$replacement = substr($line, $delimiter + 3);
if (!isset($this->translatedStrings[$namespace]) || !is_array($this->translatedStrings[$namespace])) {
$this->translatedStrings[$namespace] = array();
}
$this->translatedStrings[$namespace][$pattern] = $replacement;
}
}
/**
* Constructs the object
*
* @access public
* @param string $method
* @param string $requestedUrl
* @param string $route
* @param array params
* @param string $base
* @param string $locale
* @param string $operatingSystem
* @param boolean $isSsl
* @param array $headers
* @param string $protocol
* @param array $data
*/
public function __construct($method, $requestedUrl, $route, $params, $base, $locale, $operatingSystem, $isSsl, $headers, $protocol, $data = array())
{
parent::__construct($route, $params, $base, $locale, $operatingSystem, $data);
$this->method = $method;
$this->requestedUrl = $requestedUrl;
$this->isSsl = $isSsl;
$this->headers = $headers;
$this->protocol = $protocol;
}
/**
* The DefaultRouteNotFound event handler will generate a
* route not found error message.
*
* @access public
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
*/
public function execute(Framework $framework, RequestAbstract $request, Response $response)
{
$response->setOutputPart('404', 'The requested route is not available. We can\'t execute the request. Route: "' . $request->getRoute() . '"');
}
/**
* Returns the Form object for the login form
*
* @access protected
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @return \Zepi\Web\UserInterface\Form\Form
*/
protected function createForm(Framework $framework, RequestAbstract $request, Response $response)
{
// Create the form
$form = new Form('request-new-password', $request->getFullRoute(), 'post');
// Add the user data group
$errorBox = new ErrorBox('request-errors', 1);
$form->addPart($errorBox);
// Add the user data group
$group = new Group('user-data', $this->translate('Please insert your username and submit the form.', '\\Zepi\\Web\\AccessControl'), array(new Text('username', $this->translate('Username', '\\Zepi\\Web\\AccessControl'), true)), 10);
$form->addPart($group);
// Add the submit button
$buttonGroup = new ButtonGroup('buttons', array(new Submit('submit', $this->translate('Request new password', '\\Zepi\\Web\\AccessControl'))), 100);
$form->addPart($buttonGroup);
return $form;
}
/**
* Returns the Form object for the login form
*
* @access protected
* @param \Zepi\Turbo\Framework $framework
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @param \Zepi\Turbo\Response\Response $response
* @return \Zepi\Web\UserInterface\Form\Form
*/
protected function createForm(Framework $framework, RequestAbstract $request, Response $response)
{
// Create the form
$form = new Form('register', $request->getFullRoute(), 'post');
// Add the user data group
$errorBox = new ErrorBox('register-errors', 1);
$form->addPart($errorBox);
// Add the user data group
$group = new Group('user-data', $this->translate('Please fill out the fields below and accept our terms of service.', '\\Zepi\\Web\\AccessControl'), array(new Text('username', $this->translate('Username', '\\Zepi\\Web\\AccessControl'), true), new Text('email', $this->translate('Email address', '\\Zepi\\Web\\AccessControl'), true), new Password('password', $this->translate('Password', '\\Zepi\\Web\\AccessControl'), true), new Checkbox('tos-accepted', $this->translate('Do you accept our <a href="%link%" target="_blank">terms of service</a>?', '\\Zepi\\Web\\AccessControl', array('link' => $request->getFullRoute('tos'))), true)), 10);
$form->addPart($group);
// Add the submit button
$buttonGroup = new ButtonGroup('buttons', array(new Submit('submit', $this->translate('Register', '\\Zepi\\Web\\AccessControl'))), 100);
$form->addPart($buttonGroup);
return $form;
}
/**
* Compares the target route with the found route in the routing table.
*
* @access protected
* @param string $route
* @param \Zepi\Turbo\Request\RequestAbstract $request
* @return boolean
*/
protected function compareRoute($route, RequestAbstract $request)
{
// Replace the normal route delimiter with the request route delimiter
$route = str_replace('|', $request->getRouteDelimiter(), $route);
// Split the two routes into parts
$routeParts = explode($request->getRouteDelimiter(), $route);
$targetRouteParts = explode($request->getRouteDelimiter(), trim($request->getRoute(), $request->getRouteDelimiter()));
$numberOfTargetRouteParts = count($targetRouteParts);
// If we have different number of parts between the two routes
// there are not equal so we have no equal route.
if (count($routeParts) != $numberOfTargetRouteParts) {
return false;
}
// Define the data types
$routeParams = array();
$routeIndex = 0;
// Loop through the route parts and compare each part
for ($pos = 0; $pos < $numberOfTargetRouteParts; $pos++) {
$part = $routeParts[$pos];
$targetPart = $targetRouteParts[$pos];
if ($targetPart != '' && preg_match('/\\[(d|s)(?:\\:([0-9a-zA-Z]*))?\\]/', $part)) {
list($key, $value) = $this->parseRouteParam($part, $targetPart);
$routeParams[$routeIndex] = $value;
$routeIndex++;
if ($key !== '') {
$routeParams[$key] = $value;
}
} else {
if ($part !== $targetPart) {
// The part isn't equal == the route can't be equal
return false;
}
}
}
// Save the route parameters in the request
$request->setRouteParams($routeParams);
return true;
}