/** * Authorizes the user with his username and password. Initializes * the user session if the user data are valid. * * @access protected * @param \Zepi\Web\UserInterface\Form\Form $registrationForm * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\RequestAbstract $request * @param \Zepi\Turbo\Response\Response $response * @return string|boolean */ protected function createUser(Form $registrationForm, Framework $framework, RequestAbstract $request, Response $response) { $group = $registrationForm->searchPartByKeyAndType('user-data'); $username = trim($group->getPart('username')->getValue()); $email = trim($group->getPart('email')->getValue()); $password = trim($group->getPart('password')->getValue()); $tos = $group->getPart('tos-accepted')->getValue(); $result = $this->validateData($framework, $username, $email, $password, $tos); // If the validate function returned a string there was an error in the validation. if ($result !== true) { return $result; } // Create the new user $user = new User('', '', $username, '', array('email' => $email)); $user->setNewPassword($password); // Generate an activation code $activationToken = uniqid(md5($email), true); $user->setMetaData('activationToken', $activationToken); $user = $this->userManager->addUser($user); // Add the disabled access level $this->accessControlManager->grantPermission($user->getUuid(), '\\Zepi\\Web\\AccessControl\\Entity\\User', '\\Global\\Disabled', 'Registration'); // Send the registration mail $activationLink = $request->getFullRoute('/activate/' . $user->getUuid() . '/' . $activationToken . '/'); $this->mailHelper->sendMail($user->getMetaData('email'), $this->translate('Your registration', '\\Zepi\\Web\\AccessControl'), $this->render('\\Zepi\\Web\\AccessControl\\Mail\\Registration', array('user' => $user, 'activationLink' => $activationLink))); return true; }
/** * Changes the password for the logged in user. * * @access protected * @param \Zepi\Turbo\Request\WebRequest $request * @param \Zepi\Web\AccessControl\Entity\User $user */ protected function saveUser(WebRequest $request, User $user) { $formValues = $this->layout->getFormValues(); // Set the username $user->setName($formValues['required-data.username']); // Set the password to a new user or if the user has changed the password if ($user->isNew() || $formValues['required-data.password'] != '') { $user->setNewPassword($formValues['required-data.password']); } // Set the optional data $user->setMetaData('email', $formValues['optional-data.email']); $user->setMetaData('location', $formValues['optional-data.location']); $user->setMetaData('website', $formValues['optional-data.website']); $user->setMetaData('twitter', $formValues['optional-data.twitter']); $user->setMetaData('biography', $formValues['optional-data.biography']); // Save the user if ($user->isNew()) { $user = $this->userManager->addUser($user); } else { $this->userManager->updateUser($user); } if ($user === false) { return false; } // Save the access levels $this->accessControlManager->updatePermissions($user, $formValues['access-levels'], $request->getSession()->getUser()); return true; }
/** * Execute the installation the access control module * * @access public * @param \Zepi\Turbo\Framework $framework * @param \Zepi\Turbo\Request\CliRequest $request * @param \Zepi\Turbo\Response\Response $response */ public function execute(Framework $framework, CliRequest $request, Response $response) { // Execute the installer only if there are no users $dataRequest = new \Zepi\DataSource\Core\Entity\DataRequest(1, 0, 'name', 'ASC'); if ($this->userManager->count($dataRequest) > 0) { return; } $username = ''; while ($username === '') { $username = trim($this->cliHelper->inputText('Please enter the username for the super-admin user:'******''; while ($password === '') { $password = trim($this->cliHelper->inputText('Please enter the password for the super-admin user:'******'', '', $username, '', array()); $user->setNewPassword($password); // Save the super-admin user $user = $this->userManager->addUser($user); // Add the super-admin access level $this->accessControlManager->grantPermission($user->getUuid(), '\\Zepi\\Web\\AccessControl\\Entity\\User', '\\Global\\*', 'CLI'); }