public static function registerModule()
{
Consumer::registerModule();
Token::registerModule();
Access::registerModule();
Account::registerModule();
}
public static function registerModule()
{
if (Account::useService()->getAccountBySession()) {
Main::getDisplay()->addServiceNavigation(new Link(new Link\Route(__NAMESPACE__), new Link\Name('Profil'), new Link\Icon(new Person())));
}
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__, 'Frontend::frontendMyAccount'));
}
/**
* @return Stage
*/
public function frontendMyAccount()
{
$Stage = new Stage('Profil', 'Mein Benutzerkonto');
$tblAccount = Account::useService()->getAccountBySession();
$Stage->setMessage('[' . $tblAccount->getServiceTblConsumer()->getAcronym() . '] ' . $tblAccount->getServiceTblConsumer()->getName());
$Stage->setContent($tblAccount->getUsername());
return $Stage;
}
/**
* @return bool|TblAccount
*/
public function getTblAccount()
{
if (null === $this->tblAccount) {
return false;
} else {
return Account::useService()->getAccountById($this->tblAccount);
}
}
/**
* @return bool|TblIdentification
*/
public function getTblIdentification()
{
if (null === $this->tblIdentification) {
return false;
} else {
return Account::useService()->getIdentificationById($this->tblIdentification);
}
}
public static function registerModule()
{
if (Account::useService()->getAccountBySession()) {
Main::getDisplay()->addApplicationNavigation(new Link(new Link\Route(__NAMESPACE__), new Link\Name('Mein Benutzerkonto'), new Link\Icon(new Person())));
}
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__, 'Frontend::frontendMyAccount'));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Password', __NAMESPACE__ . '\\Frontend::frontendChangePassword'));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Consumer', __NAMESPACE__ . '\\Frontend::frontendChangeConsumer'));
}
/**
* @return Stage
*/
public static function frontendAccount()
{
$Stage = new Stage('Benutzerkonnten');
$tblAccount = Account::useService()->getAccountBySession();
if ($tblAccount) {
$isSystem = Account::useService()->hasAuthorization($tblAccount, Access::useService()->getRoleByName('Administrator'));
} else {
$isSystem = false;
}
$tblConsumer = Consumer::useService()->getConsumerBySession();
// Token
$tblTokenAll = Token::useService()->getTokenAll();
array_walk($tblTokenAll, function (TblToken &$tblToken) {
if (Account::useService()->getAccountAllByToken($tblToken)) {
$tblToken = false;
} else {
$tblToken = new RadioBox('Account[Token]', implode(' ', str_split($tblToken->getSerial(), 4)), $tblToken->getId());
}
});
$tblTokenAll = array_filter($tblTokenAll);
array_unshift($tblTokenAll, new RadioBox('Account[Token]', new \SPHERE\Common\Frontend\Text\Repository\Danger('KEIN Hardware-Token'), null));
// Identification
$tblIdentificationAll = Account::useService()->getIdentificationAll();
/** @noinspection PhpUnusedParameterInspection */
array_walk($tblIdentificationAll, function (TblIdentification &$tblIdentification, $Index, $isSystem) {
if ($tblIdentification->getName() == 'System' && !$isSystem) {
$tblIdentification = false;
} else {
$tblIdentification = new RadioBox('Account[Identification]', $tblIdentification->getDescription(), $tblIdentification->getId());
}
}, $isSystem);
$tblIdentificationAll = array_filter($tblIdentificationAll);
// Role
$tblRoleAll = Access::useService()->getRoleAll();
/** @noinspection PhpUnusedParameterInspection */
array_walk($tblRoleAll, function (TblRole &$tblRole, $Index, $isSystem) {
if ($tblRole->getName() == 'Administrator' && !$isSystem) {
$tblRole = false;
} else {
$tblRole = new CheckBox('Account[Role][' . $tblRole->getId() . ']', $tblRole->getName(), $tblRole->getId());
}
}, $isSystem);
$tblRoleAll = array_filter($tblRoleAll);
// Account
$tblAccountAll = Account::useService()->getAccountAll();
array_walk($tblAccountAll, function (TblAccount &$tblAccount) {
/** @noinspection PhpUndefinedFieldInspection */
$tblAccount->Option = new Danger('Löschen', '/Platform/Gatekeeper/Authorization/Account/Destroy', new Remove(), array('Id' => $tblAccount->getId()), 'Löschen');
});
$Stage->setContent(($tblAccountAll ? new TableData($tblAccountAll, new Title('Bestehende Benutzerkonnten'), array('Username' => 'Benutzername')) : new Warning('Keine Benutzerkonnten vorhanden')) . new Form(array(new FormGroup(array(new FormRow(array(new FormColumn((new TextField('Account[Name]', 'Benutzername', 'Benutzername', new Person()))->setPrefixValue($tblConsumer->getAcronym()), 4), new FormColumn(new PasswordField('Account[Password]', 'Passwort', 'Passwort', new Lock()), 4), new FormColumn(new PasswordField('Account[PasswordSafety]', 'Passwort wiederholen', 'Passwort wiederholen', new Repeat()), 4)))), new \SPHERE\Common\Frontend\Form\Repository\Title('Benutzerkonnto anlegen')), new FormGroup(array(new FormRow(array(new FormColumn(array(new Panel('Authentifizierungstyp', $tblIdentificationAll)), 4), new FormColumn(array(new Panel('Berechtigungsstufe', $tblRoleAll)), 4), new FormColumn(array(new Panel('Hardware-Token', $tblTokenAll)), 4)))), new \SPHERE\Common\Frontend\Form\Repository\Title('Berechtigungen zuweisen'))), new Primary('Hinzufügen')));
return $Stage;
}
public static function registerModule()
{
if (Account::useService()->getAccountBySession()) {
Main::getDisplay()->addServiceNavigation(new Link(new Link\Route(__NAMESPACE__ . '/Offline'), new Link\Name('Abmelden'), new Link\Icon(new Off())));
} else {
Main::getDisplay()->addServiceNavigation(new Link(new Link\Route(__NAMESPACE__), new Link\Name('Anmelden'), new Link\Icon(new Lock())));
}
Main::getDisplay()->addModuleNavigation(new Link(new Link\Route(__NAMESPACE__ . '/Student'), new Link\Name('Schüler'), new Link\Icon(new Lock())), new Link\Route('/Platform/Gatekeeper/Authentication'));
Main::getDisplay()->addModuleNavigation(new Link(new Link\Route(__NAMESPACE__ . '/Teacher'), new Link\Name('Lehrer'), new Link\Icon(new Lock())), new Link\Route('/Platform/Gatekeeper/Authentication'));
Main::getDisplay()->addModuleNavigation(new Link(new Link\Route(__NAMESPACE__ . '/Management'), new Link\Name('Verwaltung'), new Link\Icon(new Lock())), new Link\Route('/Platform/Gatekeeper/Authentication'));
Main::getDisplay()->addModuleNavigation(new Link(new Link\Route(__NAMESPACE__ . '/System'), new Link\Name('System'), new Link\Icon(new Lock())), new Link\Route('/Platform/Gatekeeper/Authentication'));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__, 'Frontend::frontendIdentification')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null)->setParameterDefault('CredentialKey', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Offline', __NAMESPACE__ . '\\Frontend::frontendDestroySession')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null)->setParameterDefault('CredentialKey', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Student', __NAMESPACE__ . '\\Frontend::frontendCreateSessionStudent')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Teacher', __NAMESPACE__ . '\\Frontend::frontendCreateSessionTeacher')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null)->setParameterDefault('CredentialKey', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/Management', __NAMESPACE__ . '\\Frontend::frontendCreateSessionManagement')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null)->setParameterDefault('CredentialKey', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute(__NAMESPACE__ . '/System', __NAMESPACE__ . '\\Frontend::frontendCreateSessionSystem')->setParameterDefault('CredentialName', null)->setParameterDefault('CredentialLock', null)->setParameterDefault('CredentialKey', null));
Main::getDispatcher()->registerRoute(Main::getDispatcher()->createRoute('', __NAMESPACE__ . '\\Frontend::frontendWelcome'));
}
/**
* @return Stage
*/
public function frontendMyAccount()
{
$Stage = new Stage('Mein Benutzerkonto', 'Profil');
$tblAccount = Account::useService()->getAccountBySession();
$tblPersonAll = Account::useService()->getPersonAllByAccount($tblAccount);
if ($tblPersonAll) {
array_walk($tblPersonAll, function (TblPerson &$tblPerson) {
$tblPerson = $tblPerson->getFullName();
});
}
$tblAuthorizationAll = Account::useService()->getAuthorizationAllByAccount($tblAccount);
if ($tblAuthorizationAll) {
array_walk($tblAuthorizationAll, function (TblAuthorization &$tblAuthorization) {
$tblAuthorization = $tblAuthorization->getServiceTblRole()->getName();
});
}
$Person = new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel('Informationen zur Person', !empty($tblPersonAll) ? new Listing($tblPersonAll) : new Danger(new Exclamation() . new Small(' Keine Person angeben'))))));
$Authentication = new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel('Authentication', $tblAccount->getServiceTblIdentification() ? $tblAccount->getServiceTblIdentification()->getDescription() : ''))));
$Authorization = new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel('Berechtigungen', !empty($tblAuthorizationAll) ? $tblAuthorizationAll : array(new Danger(new Exclamation() . new Small(' Keine Berechtigungen vergeben')))))));
$Token = new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel('Hardware-Schlüssel', array($tblAccount->getServiceTblToken() ? substr($tblAccount->getServiceTblToken()->getSerial(), 0, 4) . ' ' . substr($tblAccount->getServiceTblToken()->getSerial(), 4, 4) : new Muted(new Small('Kein Hardware-Schlüssel vergeben')))))));
$Account = new Layout(array($Person, $Authentication, $Authorization, $Token));
$Stage->setContent(new Layout(array(new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel('Benutzerkonto: ' . $tblAccount->getUsername(), $Account, Panel::PANEL_TYPE_DEFAULT, new Standard('Passwort ändern', new Route(__NAMESPACE__ . '/Password'))))), new Title('Benutzerkonto', 'Informationen')), new LayoutGroup(new LayoutRow(new LayoutColumn(new Panel($tblAccount->getServiceTblConsumer()->getName() . ' [' . $tblAccount->getServiceTblConsumer()->getAcronym() . ']', array('TODO: Anzeigen von Schulen, Schulträger, Vörderverein', 'TODO: Anzeigen von zugehörigen Adressen, Telefonnummern, Personen'), Panel::PANEL_TYPE_DEFAULT, new Standard('Mandant ändern', new Route(__NAMESPACE__ . '/Consumer'))))), new Title('Mandant', 'Informationen')))));
return $Stage;
}
/**
* @param IFormInterface $Form
* @param TblAccount $tblAccount
* @param int $Consumer
*
* @return IFormInterface|Redirect
*/
public function updateConsumer(IFormInterface &$Form, TblAccount $tblAccount, $Consumer)
{
if (null === $Consumer) {
return $Form;
}
$Error = false;
if (empty($Consumer)) {
$Form->setError('Consumer', 'Bitte wählen Sie einen Mandanten aus');
$Error = true;
}
if ($Error) {
return $Form;
} else {
$tblConsumer = Consumer::useService()->getConsumerById($Consumer);
if (Account::useService()->changeConsumer($tblConsumer, $tblAccount)) {
return new Success('Der Mandant wurde erfolgreich geändert') . new Redirect('/Setting/MyAccount', 1);
} else {
return new Danger('Der Mandant konnte nicht geändert werden') . new Redirect('/Setting/MyAccount', 10);
}
}
}
/**
* @param null|string $Session
*
* @return bool|TblConsumer
*/
public function getConsumerBySession($Session = null)
{
if (false !== ($tblAccount = Account::useService()->getAccountBySession($Session))) {
return $tblAccount->getServiceTblConsumer();
} else {
return false;
}
}
/**
* @param IFormInterface $Form
* @param array $Account
*
* @return IFormInterface
*/
public function createAccount(IFormInterface $Form, $Account)
{
if (null === $Account) {
return $Form;
}
$Error = false;
$Username = trim($Account['Name']);
$Password = trim($Account['Password']);
$PasswordSafety = trim($Account['PasswordSafety']);
$tblConsumer = GatekeeperConsumer::useService()->getConsumerBySession();
if (!($tblToken = GatekeeperToken::useService()->getTokenById((int) $Account['Token']))) {
$tblToken = null;
}
if (empty($Username)) {
$Form->setError('Account[Name]', 'Bitte geben Sie einen Benutzernamen an');
$Error = true;
} else {
if (preg_match('!^[a-z0-9]{5,}$!is', $Username)) {
$Username = $tblConsumer->getAcronym() . '-' . $Username;
if (!GatekeeperAccount::useService()->getAccountByUsername($Username)) {
$Form->setSuccess('Account[Name]', '');
} else {
$Form->setError('Account[Name]', 'Der angegebene Benutzername ist bereits vergeben');
$Error = true;
}
} else {
$Form->setError('Account[Name]', 'Der Benutzername darf nur Buchstaben und Zahlen enthalten und muss mindestens 5 Zeichen lang sein');
$Error = true;
}
}
if (empty($Password)) {
$Form->setError('Account[Password]', 'Bitte geben Sie ein Passwort an');
$Error = true;
} else {
if (strlen($Password) >= 8) {
$Form->setSuccess('Account[Password]', '');
} else {
$Form->setError('Account[Password]', 'Das Passwort muss mindestens 8 Zeichen lang sein');
$Error = true;
}
}
if (empty($PasswordSafety)) {
$Form->setError('Account[PasswordSafety]', 'Bitte geben Sie das Passwort erneut an');
$Error = true;
}
if ($Password != $PasswordSafety) {
$Form->setError('Account[Password]', '');
$Form->setError('Account[PasswordSafety]', 'Die beiden Passworte stimmen nicht überein');
$Error = true;
} else {
if (!empty($Password) && !empty($PasswordSafety)) {
$Form->setSuccess('Account[PasswordSafety]', '');
} else {
$Form->setError('Account[PasswordSafety]', '');
}
}
if (!$Error) {
$tblAccount = GatekeeperAccount::useService()->insertAccount($Username, $Password, $tblToken, $tblConsumer);
if ($tblAccount) {
$tblIdentification = GatekeeperAccount::useService()->getIdentificationById($Account['Identification']);
GatekeeperAccount::useService()->addAccountAuthentication($tblAccount, $tblIdentification);
if (isset($Account['Role'])) {
foreach ((array) $Account['Role'] as $Role) {
$tblRole = GatekeeperAccess::useService()->getRoleById($Role);
GatekeeperAccount::useService()->addAccountAuthorization($tblAccount, $tblRole);
}
}
if (isset($Account['User'])) {
$tblPerson = Person::useService()->getPersonById($Account['User']);
GatekeeperAccount::useService()->addAccountPerson($tblAccount, $tblPerson);
}
return new Success('Das Benutzerkonnto wurde erstellt') . new Redirect('/Setting/Authorization/Account', 3);
} else {
return new Danger('Das Benutzerkonnto konnte nicht erstellt werden') . new Redirect('/Setting/Authorization/Account', 3);
}
}
return $Form;
}
/**
* @param string $DatabaseName
* @param Element $Entity
*
* @return false|TblProtocol
*/
public function createDeleteEntry($DatabaseName, Element $Entity = null)
{
$tblAccount = Account::useService()->getAccountBySession();
if ($tblAccount) {
$tblConsumer = $tblAccount->getServiceTblConsumer();
} else {
$tblConsumer = null;
}
return (new Data($this->Binding))->createProtocolEntry($DatabaseName, $tblAccount ? $tblAccount : null, $tblConsumer ? $tblConsumer : null, $Entity, null);
}
/**
* @return bool|TblIdentification
*/
public function getServiceTblIdentification()
{
$Authentication = Account::useService()->getAuthenticationByAccount($this);
if ($Authentication) {
return $Authentication->getTblIdentification();
} else {
return false;
}
}
/**
* @return bool|TblAccount[]
*/
public function getAccountAllByToken()
{
return Account::useService()->getAccountAllByToken($this);
}
/**
* @param $Path
*
* @return string
* @throws \Exception
*/
public static function fetchRoute($Path)
{
$Path = trim($Path, '/');
if (in_array($Path, self::$Router->getRouteList())) {
return self::$Router->getRoute($Path);
} else {
if (Account::useService()->getAccountBySession()) {
return self::$Router->getRoute('Platform/Assistance/Error/Authorization');
} else {
return self::$Router->getRoute('Platform/Gatekeeper/Authentication');
}
}
}
private function hydrateAuthorization()
{
if (empty(self::$AuthorizationCache)) {
if (false !== ($tblAccount = Account::useService()->getAccountBySession())) {
/** @var IApiInterface $Cache */
$Cache = (new Cache(new Memcached()))->getCache();
if (!($AuthorizationCache = $Cache->getValue(__METHOD__ . '::' . $tblAccount->getId()))) {
if (false !== ($tblAuthorizationAll = Account::useService()->getAuthorizationAllByAccount($tblAccount))) {
/** @var \SPHERE\Application\Platform\Gatekeeper\Authorization\Account\Service\Entity\TblAuthorization $tblAuthorization */
foreach ($tblAuthorizationAll as $tblAuthorization) {
$tblRole = $tblAuthorization->getServiceTblRole();
$tblLevelAll = $tblRole->getTblLevelAll();
/** @var \SPHERE\Application\Platform\Gatekeeper\Authorization\Access\Service\Entity\TblLevel $tblLevel */
foreach ($tblLevelAll as $tblLevel) {
$tblPrivilegeAll = $tblLevel->getTblPrivilegeAll();
/** @var TblPrivilege $tblPrivilege */
foreach ($tblPrivilegeAll as $tblPrivilege) {
$tblRightAll = $tblPrivilege->getTblRightAll();
/** @var TblRight $tblRight */
foreach ($tblRightAll as $tblRight) {
if (!in_array($tblRight->getRoute(), self::$AuthorizationCache)) {
array_push(self::$AuthorizationCache, $tblRight->getRoute());
}
}
}
}
}
}
$Cache->setValue(__METHOD__ . '::' . $tblAccount->getId(), self::$AuthorizationCache, 300);
} else {
self::$AuthorizationCache = $AuthorizationCache;
}
}
}
}
/**
* @return Stage
*/
public function frontendDestroySession()
{
$View = new Stage('Abmelden', 'Bitte warten...');
$View->setContent(Account::useService()->destroySession(new Redirect('/Platform/Gatekeeper/Authentication', 0)));
return $View;
}