/** * Opens a PDF from local storage, populates it with agent details (if * needed) and outputs it to either browser or by e-mail. * * @param string $formName The name of the PDF form, or 'all' for all by e-mail. * @param mixed $asn Agent scheme number of agent whose details are to be inserted. * @param int $agentUserId Optional user ID - needed for e-mailing forms. * @param string $destination Optional output mechanism, if set should be 'browser' or not 'browser'. * @param mixed $refno Optional reference number, for a special case PDF that requires applicant data injection. */ public function populateAndOuput($formName, $asn, $agentUserId = null, $destination = 'browser', $refno = null) { $attachmentList = array(); switch ($formName) { // Forms that require agent details to be injected case 'Agent-Company': case 'Agent-Guarantor': case 'Agent-Individual': case 'Agent-Student-guarantor': case 'Agent-Unemployed-guarantor': // Instantiate agent manager and fetch agent details $agentManager = new Manager_Core_Agent(); $agent = $agentManager->getAgent($asn); // Shove agent details through form $this->setForm($formName); $this->agentPopulate($agent); // For "Print Guarantor Form" from ref summary screen: if (!is_null($refno)) { // Fetch reference by refno using the Referencing MUNT Manager class $refMuntManager = new Manager_ReferencingLegacy_Munt(); $reference = $refMuntManager->getReference($refno); // For safety, ensure reference belongs to this ASN before injecting applicant details if ($reference->customer->customerId == $asn) { $this->applicantPopulate($reference); } } if ($destination == 'browser') { $this->output('browser'); } else { $attachmentList[$formName] = $this->output('file'); } break; // Forms that are a pass-through // Forms that are a pass-through case 'Tenant-Declaration': case 'Guarantor-Declaration': $this->setForm($formName); if ($destination == 'browser') { $this->output('browser'); } else { $attachmentList[$formName] = $this->output('file'); } break; // Send all forms - by e-mail only // Send all forms - by e-mail only case 'all': // Instantiate agent manager and fetch agent details $agentManager = new Manager_Core_Agent(); $agent = $agentManager->getAgent($asn); // Generate those needing agent data merged in foreach (array('Agent-Company', 'Agent-Guarantor', 'Agent-Individual', 'Agent-Student-guarantor', 'Agent-Unemployed-guarantor') as $thisFormName) { $this->setForm($thisFormName); $this->agentPopulate($agent); $attachmentList[$thisFormName] = $this->output('file'); } // Generate straight throughs foreach (array('Tenant-Declaration', 'Guarantor-Declaration') as $thisFormName) { $this->setForm($thisFormName); $attachmentList[$thisFormName] = $this->output('file'); } break; } // If there are attachments, this is/these are to be sent by e-mail if (count($attachmentList) > 0) { // Instantiate agent user manager to get name and e-mail address $agentUserManager = new Manager_Core_Agent_User(); $agentUser = $agentUserManager->getUser($agentUserId); // Generate e-mail $mailer = new Application_Core_Mail(); $mailer->setTo($agentUser->email->emailAddress, $agentUser->name); // TODO: Parameterise: $mailer->setFrom('*****@*****.**', 'HomeLet Referencing'); $mailer->setSubject('HomeLet Referencing Application Form'); $mailer->setBodyText('Please find your HomeLet referencing application forms attached.'); foreach ($attachmentList as $name => $location) { $mailer->addAttachment($location, "{$name}.pdf"); } $mailer->send(); // Garbage collection $this->garbageCollect($attachmentList); } }
/** * Password retrieval - reset password after following reset password link. * * @return void */ public function resetPasswordAction() { $this->_helper->layout->setLayout('login'); $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_connect')); if ($auth->hasIdentity()) { // User is already logged in so just push them into the system $this->_redirect('/'); } // Instantiate form definition $pageForm = new Connect_Form_ResetPassword(); // Instantiate an agent user object for querying and updating $agentUserManager = new Manager_Core_Agent_User(); // Check if a valid reset code is present if (!is_null($this->getRequest()->getParam('code')) && $agentUserManager->checkPasswordResetCodeValid($this->getRequest()->getParam('code')) === true) { $agentUser = $agentUserManager->getUser(); // Set variables for display $this->view->realname = $agentUser->name; $this->view->agentschemeno = $agentUser->agentSchemeNumber; $this->view->username = $agentUser->username; // Validate form if POSTed $request = $this->getRequest(); if ($request->isPost()) { $postData = $request->getPost(); if ($pageForm->isValid($postData)) { // Set password $agentUserManager->resetPassword($postData['password1'], $agentUser->id); // Output for quick login "continue" button $this->view->password = $postData['password1']; // Show user confirmation that password has been reset $this->_helper->viewRenderer('reset-password-success'); } } } else { // Code invalid, show error message $this->view->error = 'The password reset link you followed is either invalid, been used or has expired.'; // Show user the error page $this->_helper->viewRenderer('reset-password-invalid'); } $this->view->form = $pageForm; }
/** * Re-routes traffic appropriately. * * @param Zend_Controller_Request_Abstract $request */ public function preDispatch(Zend_Controller_Request_Abstract $request) { parent::preDispatch($request); $controller = $request->getControllerName(); $action = $request->getActionName(); $module = $request->getModuleName(); // Perform authentication switch ($module) { case 'cms-admin': $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_admin')); if (!$auth->hasIdentity()) { $request->setControllerName('index'); $request->setActionName('login'); } break; case 'connect': $params = Zend_Registry::get('params'); $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_connect')); // Set the session expiry timeout time $sessionTimeOutSeconds = $params->connect->loginexpiry->sessionTimeOutSeconds; $session = new Zend_Session_Namespace('hl_connect'); $session->setExpirationSeconds($sessionTimeOutSeconds); if (!$auth->hasIdentity() && $action != 'lost-login' && $action != 'reset-password') { $request->setControllerName('index'); $request->setActionName('login'); } else { if ($auth->hasIdentity()) { // Ignore logout - for when redirecting back to login, and own account expiration/deactivated actions. if (!in_array($action, array('logout', 'account-deactivated', 'account-expired'))) { // Perform account validation checks and display an error message in // the event of... // - the account is deactivated // - the account expiry time from the last login has passed $user_status = $auth->getStorage()->read()->status; $user_lastlogindate = $auth->getStorage()->read()->lastlogindate; $userlevel = $auth->getStorage()->read()->level; $agentschemenumber = $auth->getStorage()->read()->agentschemeno; $fsastatusabbr = $auth->getStorage()->read()->fsastatusabbr; $agentAccountStatus = $auth->getStorage()->read()->agentAccountStatus; if ($agentAccountStatus == Model_Core_Agent_Status::ON_HOLD) { $request->setControllerName('index'); $request->setActionName('agent-fsa-nostatus'); } else { if ($user_status == 'deactivated') { // Deactivated, forward to new action to deal with deactivated users $request->setControllerName('index'); $request->setActionName('account-deactivated'); // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } else { if ($fsastatusabbr == null || $fsastatusabbr == '') { // Check FSA status. If the user is of level 3, display a message about their status // Otherwise display a generic error if ($userlevel == Model_Core_Agent_UserRole::MASTER) { $request->setControllerName('index'); $request->setActionName('agent-fsa-nostatus'); } else { $request->setControllerName('index'); $request->setActionName('account-deactivated'); } // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } else { if ($user_lastlogindate != '0000-00-00') { // Check account expiry $expiry = 0; if (@isset($params->connect->loginexpiry->time)) { $expiry = $params->connect->loginexpiry->time; } // Add x worth days as per configuration and convert the unix // timestamp to mysql date format for easy comparison below. $unixTimeStamp = strtotime("+{$expiry} day", strtotime($user_lastlogindate)); $permissableDate = date("Y-m-d", $unixTimeStamp); // If the current date is greater than the last login period // + x days, the account has not been used for x days and so // has expired if (date("Y-m-d") > $permissableDate) { //The user account is expired. Update the User entity to //reflect this. $userManager = new Manager_Core_Agent_User(); $user = $userManager->getUser($auth->getStorage()->read()->agentid); $user->status = Model_Core_Agent_UserStatus::DEACTIVATED; $userManager->setUser($user); // forward to new action to deal with expired user accounts $request->setControllerName('index'); $request->setActionName('account-expired'); // Important! Clears the successful authentication token // given now that we know that the users session has expired // and should not be permitted access. $storage = $auth->getStorage(); $storage->clear(); break; } } } } } // Update the existing last login time in the database and the session data to the current date $agentid = $auth->getStorage()->read()->agentid; $currentdate = new Zend_Date(); $agentuser = new Datasource_Core_Agent_UserAccounts(); $agentuser->setLastLoginDate($currentdate, $agentid); $storage = $auth->getStorage(); $data = $storage->read(); $data->lastlogindate = $currentdate->get(Zend_Date::YEAR . '-' . Zend_Date::MONTH . '-' . Zend_Date::DAY); $storage->write($data); } } } break; case 'agent-admin-suite': $auth = Zend_Auth::getInstance(); $auth->setStorage(new Zend_Auth_Storage_Session('hl_admin')); if (!$auth->hasIdentity()) { $request->setControllerName('index'); $request->setActionName('login'); } break; case 'landlords-referencing': // TODO: This is fairly dirty - it's excluding pages that we want to use in the CMS. // Could do with restructuring referencing at some point so the application process // isn't in the way for CMS pages if ($action != 'products' && $action != 'rent-guarantee-products') { $this->_referencingPreDespatch($request); } break; default: // Set default expiration seconds for homelet customer portal access $params = Zend_Registry::get('params'); $sessionTimeOutSeconds = $params->myhomelet->loginexpiry->sessionTimeOutSeconds; $session = new Zend_Session_Namespace('homelet_customer'); $session->setExpirationSeconds($sessionTimeOutSeconds); } $front = Zend_Controller_Front::getInstance(); // Check to see if this request is actually dispatchable if (!$this->_actionExists($request)) { // Is this a connect request? $module = $request->getModuleName(); if ($module == 'connect') { $request->setControllerName('index'); $request->setActionName('view-static-page'); } else { // Not a Connect request, into the CMS we go! $request->setModuleName('cms'); $request->setControllerName('index'); $request->setActionName('view-page'); } } // Set a custom layout route $layoutPath = APPLICATION_PATH . '/modules/' . $request->getModuleName() . '/layouts/scripts/'; Zend_Layout::getMvcInstance()->setLayoutPath($layoutPath); }
/** * Displays the customer and policy summary + dynamic options for a policy * plucked from the legacy DB by its policyno taken from a GET parameter. * * @return void */ public function showPolicyAction() { // Agents with wrong FSA status cannot access insurance functionality. $this->view->pageTitle = 'Policy Details'; $baseInsuranceUrl = $this->_params->connect->baseUrl->insurance; // Non SSL URL must be used for document production. :-/ $baseInsuranceUrlNoSsl = preg_replace('/^https?(.*)/i', 'http$1', $baseInsuranceUrl); $request = $this->getRequest(); // See if there's a GET-based policyno if ($request->isGet() && !is_null($request->getParam('policyno'))) { $usermanager = new Manager_Core_Agent_User(); $user = $usermanager->getUser($this->_agentId); // Fetch policy by policyno using the Insurance MUNT Manager class $insMuntManager = new Manager_Insurance_Munt(); $policyResults = $insMuntManager->getPolicy($request->getParam('policyno')); if ($policyResults['companyschemenumber'] == $this->_agentSchemeNumber) { if (in_array($this->_fsastatusabbr, $this->_blockFsaStatus)) { return; } $coverResults = $insMuntManager->getCover($request->getParam('policyno')); $customerResults = $insMuntManager->getCustomer($policyResults['refno']); // Update start/end dates for Zend Dates if ($policyResults['startdate'] == '0000-00-00') { $policyResults['startdate'] = null; } else { $policyResults['startdate'] = new Zend_Date($policyResults['startdate']); } if ($policyResults['enddate'] == '0000-00-00') { $policyResults['enddate'] = null; } else { $policyResults['enddate'] = new Zend_Date($policyResults['enddate']); } $documentManager = new Manager_Insurance_Document(); $docHistoryResults = $documentManager->getDocuments($request->getParam('policyno'), null, array('holder', 'agent')); // Show user search results $this->view->policy = $policyResults; $this->view->cover = $coverResults; $this->view->customer = $customerResults; $this->view->baseUrl = $baseInsuranceUrl; $this->view->baseUrlNoSsl = $baseInsuranceUrlNoSsl; $this->view->agentsEmail = $user->email->emailAddress; $this->view->docHistoryResults = $docHistoryResults; } else { // Not the agents policy, protect the display of data, report an error $this->view->policynumber = $policyResults['policynumber']; $this->render('show-policy-denied'); } } }