public function testFindByUsername()
{
$user = DbUserModel::findByUsername('sample1');
$this->assertTrue($user instanceof DbUserModel);
$user = DbUserModel::findByUsername('nonExistentUser');
$this->assertNull($user);
}
/**
* Change the current user's password
*/
public function passwdAction()
{
$auth = Zend_Auth::getInstance();
if (!$auth->hasIdentity()) {
$this->flash('error', 'You must be logged in to change your password');
$this->_redirector->gotoRouteAndExit(array('action' => 'login'));
}
$request = $this->getRequest();
if ($request->isPost()) {
$auth_adapter = new QFrame_Auth_Adapter($auth->getIdentity(), $this->_getParam('old'));
if (!$auth->authenticate($auth_adapter)->isValid()) {
$this->flashNow('error', 'Current password is invalid');
} elseif ($this->_getParam('new1') !== $this->_getParam('new2')) {
$this->flashNow('error', 'New passwords do not match');
} elseif ($this->_getParam('old') === $this->_getParam('new1')) {
$this->flashNow('error', 'New password is the same as current password');
} else {
$user = DbUserModel::findByUsername($auth->getIdentity());
$user->dbUserPW = $this->_getParam('new1');
$user->dbUserPWChange = 'N';
$user->save();
$this->logout('Password successfully changed');
}
}
}
public function up()
{
$this->createTable('role', array('primary' => 'roleID'), array(array('roleID', 'integer'), array('roleDescription', 'string', array('limit' => 128, 'null' => true)), array('ACLstring', 'text', array('null' => true, 'limit' => '1M'))));
$this->createTable('assignment', array('primary' => 'assignmentID'), array(array('dbUserID', 'integer'), array('roleID', 'integer'), array('assignmentID', 'integer'), array('comments', 'text', array('null' => true))));
$this->createIndex('assignment', array('dbUserID', 'roleID'));
// reset db metadata cache
QFrame_Db_Table::scanDb();
// give the admin user full global rights
$adminRole = RoleModel::create(array('roleDescription' => 'Administrators'));
$adminRole->grant('view');
$adminRole->grant('edit');
$adminRole->grant('approve');
$adminRole->grant('administer');
$adminRole->save();
DbUserModel::findByUsername('admin')->addRole($adminRole)->save();
}
/**
* Authenticates the user specified in the constructor
*
* @return Zend_Auth_Result
*/
public function authenticate()
{
// if we are set up to auto-admin, go ahead and do that
if ($this->admin) {
$user = new DbUserModel(array('autoAdmin' => true));
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $user);
}
$user = DbUserModel::findByUsername($this->username);
if (is_null($user)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_IDENTITY_NOT_FOUND, null);
}
if (!$user->authenticate($this->password)) {
return new Zend_Auth_Result(Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID, null);
}
return new Zend_Auth_Result(Zend_Auth_Result::SUCCESS, $this->username);
}
/**
* Initialized helpers needed by all controllers
*/
public function init()
{
$this->_redirector = $this->_helper->getHelper('Redirector');
$session = new Zend_Session_Namespace();
$this->_flash = $session->flash;
$session->flash = array();
$this->initView();
$this->view->flash = $this->_flash;
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$this->_user = DbUserModel::findByUsername($auth->getIdentity());
$this->view->loggedInUser = $this->_user;
foreach (LockModel::getLocks($this->_user) as $lock) {
$lock->release();
}
if ($this->_user->mustChangePassword() && ($this->getRequest()->getControllerName() !== 'auth' || $this->getRequest()->getActionName() !== 'passwd')) {
$this->_redirector->gotoRouteAndExit(array('controller' => 'auth', 'action' => 'passwd'), null, true);
}
} elseif ($this->getRequest()->getControllerName() !== 'auth') {
$this->_redirector->gotoRouteAndExit(array('controller' => 'auth', 'action' => 'login'), null, true);
}
$this->view->headerPages = $this->buildPages();
}
$core_path = _path(dirname(__FILE__), '..', 'core');
/*
* Set up a bunch of path constants that the application will use to refer
* to various application directories
*/
include _path(dirname(__FILE__), '..', 'core', 'paths.php');
/*
* Deal with environment stuff including determining the current environment
* and loading the configuration stuff for that environment
*/
include _path(CORE_PATH, 'env.php');
/*
* Include file that contains pure configuration (used for testing)
* as well as routing. Also include the file that sets up database
* "stuff".
*/
include _path(CORE_PATH, 'database.php');
/*
* Set up any dynamic properties (properties that rely on current environment configuration)
*/
include _path($core_path, 'dynamic.php');
/*
* Change the password
*/
$user = DbUserModel::findByUsername($username);
if ($user === NULL) {
die("Username {$username} not found.\n\n");
}
$user->dbUserPW = $password;
$user->save();
print "Password changed.\n\n";
/**
* Saves the page currently being edited
*/
public function saveAction()
{
try {
$page = new PageModel(array('pageID' => $this->_getParam('id'), 'depth' => 'page'));
$lock = $this->lockPage($page, 'edit');
$attachments = array();
$auth = Zend_Auth::getInstance();
$user = DbUserModel::findByUsername($auth->getIdentity());
$responses = array();
foreach ($this->_getAllParams() as $key => $value) {
// if the element's name begins 'qXXX' where X is a digit
if (preg_match('/^q(\\d+)(.*)$/', $key, $matches)) {
$questionID = intval($matches[1]);
$remainder = $matches[2];
// if the element name consists of *only* 'qXXX' or qXXX_mXXX for multiple select question types
if ($remainder == '' || preg_match('/^_m(\\d+)$/', $remainder)) {
$q = new QuestionModel(array('questionID' => $questionID));
$response = $q->getResponse();
if ($response->state == 2) {
$this->flash('error', 'You cannot modify a response that has been approved');
$this->_redirector->gotoRouteAndExit(array('action' => 'view', 'id' => $page->pageID));
}
if (strlen($value) > 0) {
$responses[$questionID]['value'][] = $value;
}
} elseif ($remainder == "_addl_mod" && intval($this->_getParam("q{$questionID}_addl_mod"))) {
$responses[$questionID]['addl'] = $this->_getParam("q{$questionID}_addl");
} elseif ($remainder == "_privateNote_mod" && intval($this->_getParam("q{$questionID}_privateNote_mod"))) {
$responses[$questionID]['pNote'] = $this->_getParam("q{$questionID}_privateNote");
} elseif ($remainder == '_attachments') {
$question = new QuestionModel(array('questionID' => $questionID));
foreach ($value as $file) {
$fileModel = new FileModel($question);
$properties = Spyc::YAMLLoad(PROJECT_PATH . '/tmp/.' . $file);
$fileModel->storeFilename(PROJECT_PATH . '/tmp/' . $file, $properties);
}
} elseif (preg_match('/^_file(\\d+)_delete$/', $remainder, $matches) && $value === 'true') {
$question = new QuestionModel(array('questionID' => $questionID));
$fileModel = new FileModel($question);
$fileModel->delete(intval($matches[1]));
}
}
}
foreach ($responses as $questionID => $data) {
$q = new QuestionModel(array('questionID' => $questionID));
$response = $q->getResponse();
if (isset($data['value'])) {
$response->responseText = join(',', $data['value']);
}
if (isset($data['addl'])) {
$response->additionalInfo = $data['addl'];
}
if (isset($data['pNote'])) {
$response->privateNote = $data['pNote'];
}
$response->save($user);
}
/* If there are any file uploads that didn't auto-upload before the user saved */
foreach ($_FILES as $name => $file) {
if ($file['size'] > 0) {
$question = new QuestionModel(array('questionID' => intVal($name)));
$fileModel = new FileModel($question);
$properties = array('filename' => $file['name'], 'mime' => $file['type']);
$fileModel->storeFilename($file['tmp_name'], $properties);
}
}
$page = new PageModel(array('pageID' => $this->_getParam('id'), 'depth' => 'response'));
$page->save();
$instance = new InstanceModel(array('instanceID' => $page->instanceID, 'depth' => 'page'));
$instance->save();
} catch (Exception $e) {
$this->view->error = $e->getMessage();
}
$this->view->setRenderLayout(false);
}
/**
* Load instances associated with this questionnaire instance
*/
private function _loadInstances()
{
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$user = DbUserModel::findByUsername($auth->getIdentity());
} else {
throw new Exception("Hey, no loading instances without being logged in");
}
$where = self::$questionnaireTable->getAdapter()->quoteInto('questionnaireID = ?', intVal($this->questionnaireID));
$instanceRowset = self::$instanceTable->fetchAll($where, 'instanceName ASC');
$this->instances = array();
foreach ($instanceRowset as $iRow) {
$this->instances[] = new InstanceModel(array('instanceID' => $iRow->instanceID, 'depth' => $this->depth));
}
$this->instancesIndex = 0;
}
/**
* Loads Model Pages
*/
private function _loadModelPages()
{
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$user = DbUserModel::findByUsername($auth->getIdentity());
} else {
throw new Exception("Hey, no loading pages without being logged in");
}
$rows = self::$pageTable->fetchRows('instanceID', $this->instance->instanceID, 'seqNumber', $this->instance->instanceID);
$this->modelPages = array();
foreach ($rows as $row) {
$page = new PageModel(array('pageID' => $row->pageID, 'depth' => 'page'));
$modelPage = new ModelPageModel(array('modelID' => $this->modelRow->modelID, 'pageID' => $row->pageID, 'depth' => $this->depth, 'instance' => $this->compareInstance));
if ($user->hasAnyAccess($page)) {
$this->modelPages[] = $modelPage;
}
}
}
/**
* Load pages associated with this InstanceModel
*/
private function _loadPages()
{
$auth = Zend_Auth::getInstance();
if ($auth->hasIdentity()) {
$user = DbUserModel::findByUsername($auth->getIdentity());
} else {
throw new Exception("Hey, no loading pages without being logged in");
}
$where = self::$pageTable->getAdapter()->quoteInto('questionnaireID = ?', $this->questionnaireID) . self::$pageTable->getAdapter()->quoteInto(' AND instanceID = ?', $this->instanceID);
$pageRowset = self::$pageTable->fetchAll($where, 'seqNumber ASC');
$this->pages = array();
foreach ($pageRowset as $tRow) {
$page = new PageModel(array('pageID' => $tRow->pageID, 'depth' => $this->depth));
if ($user->hasAnyAccess($page)) {
$this->pages[] = $page;
}
}
$this->pagesIndex = 0;
}
