/** * Get all entries which are notified by the event. */ public function getNotifiedListeners() { $session = SessionManager::getCurrentSession(); $query = PartKeepr::getEM()->createQuery("SELECT l FROM PartKeepr\\EventNotification\\LastNotification l JOIN l.session s JOIN l.event e WHERE s.id = ?1 AND e.lastOccured > l.lastNotify"); $query->setParameter(1, $session->getId()); return $query->getResult(); }
/** * (non-PHPdoc) * @see PartKeepr\Service.RestfulService::update() */ public function update() { $this->requireParameter("id"); $stockEntry = StockEntry::loadById($this->getParameter("id")); if (!SessionManager::getCurrentSession()->getUser()->isAdmin() && !(SessionManager::getCurrentSession()->getUser() && $stockEntry->getUser() && SessionManager::getCurrentSession()->getUser()->getId() == $stockEntry->getUser()->getId())) { throw new \Exception("Permission denied"); } /* It's not allowed to edit a price for a removal */ if (!$stockEntry->isRemoval()) { $stockEntry->setPrice(abs($this->getParameter("price"))); } /** * Only an admin user may correct the in&out stock levels */ if (SessionManager::getCurrentSession()->getUser()->isAdmin()) { if ($this->getParameter("direction") == "out") { $stockEntry->setStockLevel(-abs($this->getParameter("stockLevel"))); } else { $stockEntry->setStockLevel($this->getParameter("stockLevel")); } } if (SessionManager::getCurrentSession()->getUser()->isAdmin()) { try { $stockEntry->setUser(User::loadById($this->getParameter("user_id"))); } catch (\Exception $e) { $stockEntry->setUser(null); } } $stockEntry->setComment($this->getParameter("comment")); PartKeepr::getEM()->flush(); return array("data" => $stockEntry->serialize()); }
/** * Deletes a key-value combination from the database. * * (non-PHPdoc) * @see PartKeepr\Service.RestfulService::destroy() */ public function destroy() { if ($this->hasParameter("user_id") && SessionManager::getCurrentSession()->getUser()->isAdmin()) { UserPreference::deletePreference(User::loadById($this->getParameter("user_id")), $this->getParameter("key")); } else { UserPreference::deletePreference($this->getUser(), $this->getParameter("key")); } }
public function mayCall($call) { if (SessionManager::getCurrentSession()->getUser()->isAdmin()) { return true; } else { return false; } }
/** * Deletes the user from the database. * @see PartKeepr\Service.RestfulService::destroy() */ public function destroy() { if (!SessionManager::getCurrentSession()->getUser()->isAdmin()) { throw new \Exception("Permission denied"); } $this->requireParameter("id"); UserManager::getInstance()->deleteUser($this->getParameter("id")); return array("data" => null); }
/** * * @param unknown $queryBuilder */ public function filterCallback($queryBuilder) { $filter = new FilterExtractor($this); // Apply access restriction filters here $user = SessionManager::getInstance()->getCurrentSession()->getUser(); $queryBuilder->andWhere("(q.target = :sessionuser OR q.owner = :sessionuser)"); $queryBuilder->setParameter("sessionuser", $user->getId()); // Apply User filters here if ($filter->has("done") && $filter->get("done") != "") { $queryBuilder->andWhere("q.done = :done"); $queryBuilder->setParameter("done", $filter->get("done")); } }
/** * Returns all tips along with the information wether they are read or not. * (non-PHPdoc) * @see PartKeepr\Service.RestfulService::get() */ public function get() { $aTips = array(); $url = Configuration::getOption("partkeepr.tipoftheday.wiki", "http://partkeepr.org/wiki/index.php/"); /* Extract all tips which aren't read */ $dql = "SELECT d FROM PartKeepr\\TipOfTheDay\\TipOfTheDay d WHERE d.name NOT IN "; $dql .= "(SELECT dh.name FROM PartKeepr\\TipOfTheDay\\TipOfTheDayHistory dh WHERE dh.user = :user)"; $query = PartKeepr::getEM()->createQuery($dql); $query->setParameter("user", SessionManager::getCurrentSession()->getUser()); foreach ($query->getResult() as $result) { $aTips[] = array("name" => $result->getName(), "read" => false, "url" => $url . $result->getName() . "?useskin=monobookplain"); } /* Extract all tips which are read */ $dql = "SELECT d FROM PartKeepr\\TipOfTheDay\\TipOfTheDay d WHERE d.name IN "; $dql .= "(SELECT dh.name FROM PartKeepr\\TipOfTheDay\\TipOfTheDayHistory dh WHERE dh.user = :user)"; $query = PartKeepr::getEM()->createQuery($dql); $query->setParameter("user", SessionManager::getCurrentSession()->getUser()); foreach ($query->getResult() as $result) { $aTips[] = array("name" => $result->getName(), "read" => true, "url" => $url . $result->getName() . "?useskin=monobookplain"); } return array("data" => $aTips); }
/** * Logs in the given user. If the login was successful, a session is automatically started. * * @return array The data * @throws InvalidLoginDataException * * @ServiceCall(description="Authenticates a user against the system", * documentation="Authenticates a user and starts a new session upon success.", * returnValues={ * @ServiceReturnValue( * name="username", * type="string:50", * description="The logged in username" * ), * @ServiceReturnValue( * name="sessionid", * type="string:50", * description="The session ID" * ), * @ServiceReturnValue( * name="admin", * type="boolean", * description="True if the logged in user has admin rights" * ), * @ServiceReturnValue( * name="userPreferences", * type="UserPreference[]", * description="An array of UserPreferences" * ) * }, * parameters={ * @ServiceParameter( name="username", * type="string:50", * required=true, * description="The username to authenticate" * ), * @ServiceParameter( name="password", * type="string:32", * required=true, * description="The password, hashed in MD5" * ) * }) * */ public function login() { $this->requireParameter("username"); $this->requireParameter("password"); /* Build a temporary user */ $user = new User(); $user->setRawUsername($this->getParameter("username")); $user->setHashedPassword($this->getParameter("password")); $authenticatedUser = UserManager::getInstance()->authenticate($user); if ($authenticatedUser !== false) { /* Start Session */ $session = SessionManager::getInstance()->startSession($authenticatedUser); $session->getUser()->updateSeen(); $aPreferences = array(); foreach ($session->getUser()->getPreferences() as $result) { $aPreferences[] = $result->serialize(); } return array("sessionid" => $session->getSessionID(), "username" => $this->getParameter("username"), "admin" => $session->getUser()->isAdmin(), "userPreferences" => array("response" => array("data" => $aPreferences))); } else { throw new InvalidLoginDataException(); } }
public function massDeleteStock() { $data = $this->getParameter("removals"); $updateStockLevels = array(); foreach ($data as $item) { $part = PartManager::getInstance()->getPart($item["part"]); $user = SessionManager::getCurrentSession()->getUser(); $stock = new StockEntry($part, 0 - intval($item["amount"]), $user); $stock->setComment($item["comment"]); PartKeepr::getEM()->persist($stock); $updateStockLevels[$item["part"]] = $part; } PartKeepr::getEM()->flush(); foreach ($updateStockLevels as $part) { $part->updateStockLevel(); } PartKeepr::getEM()->flush(); return array(); }
/* HTTP auth */ if (Configuration::getOption("partkeepr.auth.http", false) === true) { if (!isset($_SERVER["PHP_AUTH_USER"])) { // @todo Redirect to permission denied page die("Permission denied"); } try { $user = User::loadByName($_SERVER['PHP_AUTH_USER']); } catch (\Doctrine\ORM\NoResultException $e) { $user = new User(); $user->setUsername($_SERVER['PHP_AUTH_USER']); $user->setPassword("invalid"); PartKeepr::getEM()->persist($user); PartKeepr::getEM()->flush(); } $session = SessionManager::getInstance()->startSession($user); $aParameters["autoLoginUsername"] = $user->getUsername(); $aParameters["auto_start_session"] = $session->getSessionID(); $aPreferences = array(); foreach ($user->getPreferences() as $result) { $aPreferences[] = $result->serialize(); } $aParameters["userPreferences"] = array("response" => array("data" => $aPreferences)); } \Twig_Autoloader::register(); $loader = new \Twig_Loader_Filesystem(dirname(__FILE__) . '/templates/'); $twig = new \Twig_Environment($loader); /* Information about maximum upload sizes */ $maxPostSize = PartKeepr::getBytesFromHumanReadable(ini_get("post_max_size")); $maxFileSize = PartKeepr::getBytesFromHumanReadable(ini_get("upload_max_filesize")); $aParameters["maxUploadSize"] = min($maxPostSize, $maxFileSize);
public function __construct() { $this->created = new \DateTime(); $this->done = false; $this->owner = SessionManager::getInstance()->getCurrentSession()->getUser(); }
public function addOrUpdatePart($aParameters) { if (!array_key_exists("quantity", $aParameters)) { $aParameters["quantity"] = 0; } if ($aParameters["part"] !== null) { try { $part = $this->getPart($aParameters["part"]); } catch (\Exception $e) { $part = new Part(); $user = SessionManager::getCurrentSession()->getUser(); $stock = new StockEntry($part, $aParameters["quantity"], $user); PartKeepr::getEM()->persist($stock); } } else { $part = new Part(); $user = SessionManager::getCurrentSession()->getUser(); $stock = new StockEntry($part, $aParameters["quantity"], $user); PartKeepr::getEM()->persist($stock); } if (array_key_exists("name", $aParameters)) { $part->setName($aParameters["name"]); } if (array_key_exists("description", $aParameters)) { $part->setDescription($aParameters["description"]); } if (array_key_exists("minstock", $aParameters)) { $part->setMinStockLevel($aParameters["minstock"]); } if (array_key_exists("comment", $aParameters)) { $part->setComment($aParameters["comment"]); } if (array_key_exists("footprint", $aParameters)) { if ($aParameters["footprint"] === null) { $part->setFootprint(null); } else { $footprint = FootprintManager::getInstance()->getOrCreateFootprint($aParameters["footprint"]); $part->setFootprint($footprint); } } if (array_key_exists("storagelocation", $aParameters)) { $storageLocation = StorageLocationManager::getInstance()->getOrCreateStorageLocation($aParameters["storagelocation"]); $part->setStorageLocation($storageLocation); } if (array_key_exists("category", $aParameters)) { $category = PartCategoryManager::getInstance()->getCategory($aParameters["category"]); $part->setCategory($category->getNode()); } /* Process linked changes */ if (array_key_exists("distributorChanges", $aParameters)) { if (is_array($aParameters["distributorChanges"])) { $this->processDistributorChanges($part, $aParameters["distributorChanges"]); } } if (array_key_exists("manufacturerChanges", $aParameters)) { if (is_array($aParameters["manufacturerChanges"])) { $this->processManufacturerChanges($part, $aParameters["manufacturerChanges"]); } } if (array_key_exists("parameterChanges", $aParameters)) { if (is_array($aParameters["parameterChanges"])) { $this->processParameterChanges($part, $aParameters["parameterChanges"]); } } if (array_key_exists("attachmentChanges", $aParameters)) { if (is_array($aParameters["attachmentChanges"])) { $this->processAttachmentChanges($part, $aParameters["attachmentChanges"]); } } if (array_key_exists("partUnit", $aParameters)) { if ($aParameters["partUnit"] === null || $aParameters["partUnit"] === 0) { $part->setPartUnit(null); } else { $part->setPartUnit(PartUnitManager::getInstance()->getPartUnit($aParameters["partUnit"])); } } PartKeepr::getEM()->persist($part); PartKeepr::getEM()->flush(); }
private function authenticateByUsername($username, $password) { /* Build a temporary user */ $user = new User(); $user->setRawUsername($username); $user->setHashedPassword($password); $authenticatedUser = UserManager::getInstance()->authenticate($user); if ($authenticatedUser !== false) { /* Start Session */ $session = SessionManager::getInstance()->startSession($authenticatedUser); return $session->getSessionID(); } else { throw new InvalidLoginDataException(); } }
/** * Checks if there is an active session. * * @param none * @return boolean true if an active session exists, false otherwise */ public function hasSession() { return SessionManager::hasSession(); }