示例#1
0
 /**
  * Change the password
  */
 public function passwordAction()
 {
     $userId = (string) Authentication::getInstance()->getIdentity()->getId();
     /** @var \Zend\Http\PhpEnvironment\Request $request */
     $request = $this->getRequest();
     if ($request->isPost()) {
         // Check if the current password is correct
         /** @var \User\Service\User $userService */
         $userService = $this->getServiceLocator()->get('User\\Service\\User');
         $currentPassword = $request->getPost('password');
         $newPassword = $request->getPost('new_password');
         $retypePassword = $request->getPost('retype_password');
         if (null == $newPassword || '' == $newPassword || null == $retypePassword || '' == $retypePassword || $newPassword != $retypePassword) {
             $this->flashMessenger()->addErrorMessage($this->_('The new password and confirmation one are not match together'));
             $this->redirect()->toRoute('user\\profile\\password');
             return;
         }
         $user = $userService->findById($userId);
         if ('' == $currentPassword || $userService->verifyPassword($currentPassword, $user->password) == false) {
             $this->flashMessenger()->addErrorMessage($this->_('The current password you have typed is not correct'));
             $this->redirect()->toRoute('user\\profile\\password');
             return;
         }
         // Update the password
         $user->password = $newPassword;
         $userService->savePassword($user);
         // Sign out
         Authentication::getInstance()->clearIdentity();
         $this->flashMessenger()->addSuccessMessage($this->_('The password is updated successfully. You have to sign in again to continue'));
         $this->redirect()->toRoute('user\\auth\\signin');
     }
     return new ViewModel();
 }
示例#2
0
 public function checkPermission(MvcEvent $e)
 {
     $params = $e->getRouteMatch()->getParams();
     if (!isset($params['backend']) || !$params['backend']) {
         return;
     }
     $serviceLocator = $e->getApplication()->getServiceManager();
     $config = $serviceLocator->get('config');
     if (Authentication::getInstance()->hasIdentity()) {
         // Check if user has permission to access the current page
         $user = Authentication::getInstance()->getIdentity();
         /** @var \Acl\Service\Acl $acl */
         $acl = $serviceLocator->get('Acl\\Service\\Acl');
         if (!$acl->isAllowed($user->role, $params['controller'], $params['action'])) {
             $e->setError(self::ERROR_FORBIDDEN);
             $e->getApplication()->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $e);
         }
     } else {
         $request = $e->getRequest();
         /** @var \Zend\Http\Response $response */
         $response = $e->getResponse();
         $router = $e->getRouter();
         $url = $router->assemble([], ['name' => $config['acl']['signin_route']]) . '?continue=' . $request->getUri()->toString();
         $response->getHeaders()->addHeaderLine('Location', $url);
         $response->setStatusCode(302);
         return $response;
     }
 }
示例#3
0
 public function __invoke($resource, $privilege)
 {
     if (!Authentication::getInstance()->hasIdentity()) {
         return false;
     }
     /** @var \Zend\Mvc\InjectApplicationEventInterface $controller */
     $controller = $this->getController();
     /** @var \Zend\Mvc\MvcEvent $event */
     $event = $controller->getEvent();
     $locator = $event->getApplication()->getServiceManager();
     /** @var \Acl\Service\Acl $acl */
     $acl = $locator->get('Acl\\Service\\Acl');
     return $acl->isAllowed(Authentication::getInstance()->getIdentity()->role, $resource, $privilege);
 }
示例#4
0
 /**
  * Switch layout based on user's role
  *
  * @param MvcEvent $e
  */
 public function updateLayout(MvcEvent $e)
 {
     $params = $e->getRouteMatch()->getParams();
     if (isset($params['backend']) && $params['backend'] && Authentication::getInstance()->hasIdentity()) {
         $config = $e->getApplication()->getServiceManager()->get('config');
         $role = Authentication::getInstance()->getIdentity()->role;
         $layouts = $config['acl']['backend_layout'];
         if ($role && isset($layouts['roles'][$role])) {
             $e->getViewModel()->setTemplate($layouts['roles'][$role]);
         } else {
             $e->getViewModel()->setTemplate($layouts['default']);
         }
     }
 }
示例#5
0
 public function __invoke($resource, $privilege)
 {
     if (!Authentication::getInstance()->hasIdentity()) {
         return false;
     }
     if (isset($this->cacheAllowed[$resource][$privilege])) {
         return $this->cacheAllowed[$resource][$privilege];
     }
     /** @var \Zend\View\HelperPluginManager $helperManager */
     $helperManager = $this->serviceLocator;
     /** @var \Zend\ServiceManager\ServiceManager $serviceLocator */
     $serviceLocator = $helperManager->getServiceLocator();
     /** @var \Acl\Service\Acl $acl */
     $acl = $serviceLocator->get('Acl\\Service\\Acl');
     $isAllowed = $acl->isAllowed(Authentication::getInstance()->getIdentity()->role, $resource, $privilege);
     // Cache user's privilege
     // So if the view helper is called many times on same page, it can return the value taken from cache
     $this->cacheAllowed[$resource][$privilege] = $isAllowed;
     return $isAllowed;
 }
示例#6
0
 /**
  * List users
  */
 public function listAction()
 {
     /** @var \User\Entity\User $user */
     $user = Authentication::getInstance()->getIdentity();
     $serviceLocator = $this->getServiceLocator();
     /** @var \User\Service\User $userService */
     $userService = $serviceLocator->get('User\\Service\\User');
     $perPage = 15;
     $page = $this->params()->fromQuery('page', 1);
     $status = $this->params()->fromQuery('status', null);
     $keyword = $this->params()->fromQuery('q', null);
     $criteria = [];
     if ($status != null) {
         $criteria['status'] = $status;
     }
     if ($keyword) {
         $criteria['keyword'] = $keyword;
     }
     $users = $userService->find($criteria, ($page - 1) * $perPage, $perPage);
     $total = $userService->count($criteria);
     $paginator = new Paginator(new Null($total));
     $paginator->setCurrentPageNumber($page)->setItemCountPerPage($perPage)->setPageRange(5);
     return new ViewModel(['keyword' => $keyword ?: '', 'paginator' => $paginator, 'total' => $total, 'status' => $status, 'user' => $user, 'users' => $users]);
 }
示例#7
0
 /**
  * Sign up
  */
 public function signupAction()
 {
     /** @var \Zend\Http\Request $request */
     $request = $this->getRequest();
     $queryString = $request->getQuery()->toString();
     $continue = $request->getQuery('continue');
     if ($request->isPost()) {
         $userName = $request->getPost('username', '');
         $email = $request->getPost('email', '');
         $password = $request->getPost('password', '');
         if (trim($userName) == '' || trim($email) == '' || trim($password) == '') {
             $this->flashMessenger()->addErrorMessage($this->_('Username, email and password are required'));
             $queryString ? $this->redirect()->toUrl($this->url()->fromRoute('user\\auth\\signup') . ($queryString ? '?' . $queryString : '')) : $this->redirect()->toRoute('user\\auth\\signup');
             return;
         }
         $serviceLocator = $this->getServiceLocator();
         /** @var \User\Service\User $userService */
         $userService = $serviceLocator->get('User\\Service\\User');
         $user = new User(['user_name' => $userName, 'email' => $email, 'password' => $password, 'role' => 'member']);
         $result = $userService->create($user);
         if ($result != null) {
             // Mark user as authenticated
             Authentication::getInstance()->getStorage()->write($result);
             $this->getEventManager()->trigger('signup.success', $this, ['user' => $result]);
             if ($continue) {
                 $this->redirect()->toUrl(urldecode($continue));
             } else {
                 $this->redirect()->toUrl('/');
             }
         } else {
             $this->flashMessenger()->addErrorMessage($this->_('The registration is not successful'));
             $queryString ? $this->redirect()->toUrl($this->url()->fromRoute('user\\auth\\signup') . ($queryString ? '?' . $queryString : '')) : $this->redirect()->toRoute('user\\auth\\signup');
         }
     }
     return new ViewModel(['continue' => $continue, 'queryString' => $queryString]);
 }
示例#8
0
 public function __invoke()
 {
     return Authentication::getInstance()->hasIdentity() ? Authentication::getInstance()->getIdentity() : null;
 }