/** * Loads all roles and associated permissions of a given user. Filters duplicate entries. * * @param UmgtUser $user The current user. * * @return UmgtPermission[] The list of permissions associated to the given user. * @throws GenericORMapperException In case of any issues with loading permission. * * @author Christian Merz * @version * Version 0.1, 16.10.2015<br /> */ private function getPermissions(UmgtUser $user) { $RoleList = $user->loadRelatedObjects('Role2User'); $permissionArray = array(); foreach ($RoleList as $Role) { $PermissionList = $Role->loadRelatedObjects('Role2Permission'); foreach ($PermissionList as $Permission) { if (!array_key_exists($Permission->getObjectId(), $permissionArray)) { $permissionArray[$Permission->getObjectId()] = $Permission; } } } return array_merge($permissionArray); }
/** * Returns all roles the user is either assigned directly (User <-> Role) or * indirectly (User <-> Group <-> Role). * * @param UmgtUser $user * * @return UmgtRole[] * * @author Christian Achatz * @version * Version 0.1, 19.06.2015<br /> */ protected function getRoles(UmgtUser $user) { $roles = []; // map roles int associative array to ensure unique result set foreach ($user->loadRelatedObjects('Role2User') as $role) { $roles[$role->getObjectId()] = $role; } // add roles assigned via group to allow easy role/permission assignment foreach ($user->loadRelatedObjects('Group2User') as $group) { foreach ($group->loadRelatedObjects('Role2Group') as $groupRole) { if (!isset($roles[$groupRole->getObjectId()])) { $roles[$groupRole->getObjectId()] = $groupRole; } } } return array_values($roles); }
public function transformContent() { // initialize the form $form = $this->getForm('User'); $userControl = $form->getFormElementByName('User'); /* @var $userControl MultiSelectBoxTag */ $groupId = $this->getRequest()->getParameter('groupid'); $uM = $this->getManager(); $group = $uM->loadGroupByID($groupId); $users = $uM->loadUsersWithGroup($group); $count = count($users); // display hint, if no user is assigned to this group if ($count == 0) { $template = $this->getTemplate('NoMoreUser'); $template->getLabel('message-1')->setPlaceHolder('display-name', $group->getDisplayName()); $template->getLabel('message-2')->setPlaceHolder('group-view-link', $this->generateLink(['mainview' => 'group', 'groupview' => null, 'groupid' => null])); $template->transformOnPlace(); return; } // fill the multiselect field for ($i = 0; $i < $count; $i++) { $userControl->addOption($users[$i]->getLastName() . ', ' . $users[$i]->getFirstName(), $users[$i]->getObjectId()); } // remove the desired users if ($form->isSent() && $form->isValid()) { $options = $userControl->getSelectedOptions(); $users = []; for ($i = 0; $i < count($options); $i++) { $user = new UmgtUser(); $user->setObjectId($options[$i]->getAttribute('value')); $users[] = $user; unset($user); } $group = new UmgtGroup(); $group->setObjectId($groupId); $uM->detachUsersFromGroup($users, $group); $this->getResponse()->forward($this->generateLink(['mainview' => 'group', 'groupview' => null, 'groupid' => null])); } else { $form->transformOnPlace(); } }
public function transformContent() { $userId = $this->getRequest()->getParameter('userid'); $uM = $this->getManager(); $user = $uM->loadUserByID($userId); $this->getLabel('DisplayName')->setPlaceHolder('display-name', $user->getDisplayName()); $formNo = $this->getForm('UserDelNo'); $formYes = $this->getForm('UserDelYes'); $response = $this->getResponse(); if ($formYes->isSent()) { $user = new UmgtUser(); $user->setObjectId($userId); $uM->deleteUser($user); $response->forward($this->generateLink(['mainview' => 'user', 'userview' => null, 'userid' => null])); } elseif ($formNo->isSent()) { $response->forward($this->generateLink(['mainview' => 'user', 'userview' => null, 'userid' => null])); } else { $formNo->transformOnPlace(); $formYes->transformOnPlace(); } }
public function transformContent() { // get role id $roleId = $this->getRequest()->getParameter('roleid'); // initialize the form $form = $this->getForm('User'); $user = $form->getFormElementByName('User'); /* @var $user MultiSelectBoxTag */ $uM = $this->getManager(); $role = $uM->loadRoleByID($roleId); $users = $uM->loadUsersNotWithRole($role); $count = count($users); // display a hint, if a role already assigned to all users if ($count == 0) { $template = $this->getTemplate('NoMoreUser'); $template->getLabel('message-1')->setPlaceHolder('display-name', $role->getDisplayName()); $template->getLabel('message-2')->setPlaceHolder('role-view-link', $this->generateLink(['mainview' => 'role', 'roleview' => null, 'roleid' => null])); $template->transformOnPlace(); return; } // fill multi-select field for ($i = 0; $i < $count; $i++) { $user->addOption($users[$i]->getLastName() . ', ' . $users[$i]->getFirstName(), $users[$i]->getObjectId()); } // assign role to the desired users if ($form->isSent() && $form->isValid()) { $options = $user->getSelectedOptions(); $newUsers = []; for ($i = 0; $i < count($options); $i++) { $newUser = new UmgtUser(); $newUser->setObjectId($options[$i]->getAttribute('value')); $newUsers[] = $newUser; unset($newUser); } $uM->attachUsersToRole($newUsers, $role); $this->getResponse()->forward($this->generateLink(['mainview' => 'role', 'roleview' => '', 'roleid' => ''])); } else { $form->transformOnPlace(); } }
/** * Decrypts all properties of the given user which have encryption enabled * * @param UmgtUser $user */ public static function decryptProperties(UmgtUser $user) { if (self::$encryptedFieldNames === null) { return; } $encryptionHandler = self::getEncryptionHandler(); $properties = $user->getProperties(); foreach ($properties as $key => $value) { if (self::propertyHasEncryptionEnabled($key)) { $user->setProperty($key, self::decrypt($value, $encryptionHandler)); } } self::closeEncryptionhandler($encryptionHandler); }
/** * Returns a list of Permission domain objects for the given user. * * @param UmgtUser $user the user object * * @return UmgtPermission[] $permissions the user's permissions * * @author Christian Achatz * @version * Version 0.1, 29.12.2008<br /> * Version 0.2, 02.01.2009 (Implemented the method)<br /> */ public function loadUserPermissions(UmgtUser $user) { $orm = $this->getORMapper(); // load all roles by the user itself and it's groups $select = 'SELECT DISTINCT `ent_role`.`RoleID` FROM `ent_role` INNER JOIN `ass_role2user` ON `ent_role`.`RoleID` = `ass_role2user`.`Source_RoleID` INNER JOIN `ent_user` ON `ass_role2user`.`Target_UserID` = `ent_user`.`UserID` WHERE `ent_user`.`UserID` = \'' . $user->getObjectId() . '\';'; /* @var $roles UmgtRole[] */ $roles = $orm->loadObjectListByTextStatement('Role', $select); $groups = $this->loadGroupsWithUser($user); foreach ($groups as $group) { $select = 'SELECT DISTINCT `ent_role`.`RoleID` FROM `ent_role` INNER JOIN `ass_role2group` ON `ent_role`.`RoleID` = `ass_role2group`.`Source_RoleID` INNER JOIN `ent_group` ON `ass_role2group`.`Target_GroupID` = `ent_group`.`GroupID` WHERE `ent_group`.`GroupID` = \'' . $group->getObjectId() . '\';'; $roles = array_merge($roles, $orm->loadObjectListByTextStatement('Role', $select)); } // we can use array_unique() here, because GenericORMapperDataObject implements __toString() method $roles = array_unique($roles); $permissions = []; foreach ($roles as $role) { $select = 'SELECT DISTINCT `ent_permission`.* FROM `ent_permission` INNER JOIN `ass_role2permission` ON `ent_permission`.`PermissionID` = `ass_role2permission`.`Target_PermissionID` INNER JOIN `ent_role` ON `ass_role2permission`.`Source_RoleID` = `ent_role`.`RoleID` WHERE `ent_role`.`RoleID` = \'' . $role->getObjectId() . '\';'; $permissions = array_merge($permissions, $orm->loadObjectListByTextStatement('Permission', $select)); } // due to the fact, that unique'ing the array is a cost-intensive operation, we agreed to return a // duplicate set of permissions. return $permissions; }
public function transformContent() { $uM = $this->getManager(); $form = $this->getForm('visibilitydef'); // pre-fill mode if "proxytypeid" and "appobjectid" are given $request = $this->getRequest(); $proxyTypeId = $request->getParameter('proxytypeid'); $appObjectId = $request->getParameter('appobjectid'); $proxyId = $request->getParameter('proxyid'); $selectedUsers = []; $selectedGroups = []; if ($proxyTypeId != null && $appObjectId != null) { $proxy = new UmgtVisibilityDefinition(); $proxy->setObjectId($proxyId); $selectedUsers = $uM->loadUsersWithVisibilityDefinition($proxy); $selectedGroups = $uM->loadGroupsWithVisibilityDefinition($proxy); } // load the defined visibility types $proxyTypes = $uM->loadVisibilityDefinitionTypes(); /* @var $typeElement SelectBoxTag */ $typeElement = $form->getFormElementByName('proxytypeid'); foreach ($proxyTypes as $proxyType) { $typeElement->addOption($proxyType->getAppObjectName(), $proxyType->getObjectId()); } // load users $userList = $uM->getPagedUserList(); /* @var $usersElement MultiSelectBoxTag */ $usersElement = $form->getFormElementByName('users'); foreach ($userList as $user) { $usersElement->addOption($user->getDisplayName(), $user->getObjectId()); } foreach ($selectedUsers as $selectedUser) { $usersElement->setOption2Selected($selectedUser->getObjectId()); } // load groups $groups = $uM->getPagedGroupList(); /* @var $groupsElement MultiSelectBoxTag */ $groupsElement = $form->getFormElementByName('groups'); foreach ($groups as $group) { $groupsElement->addOption($group->getDisplayName(), $group->getObjectId()); } foreach ($selectedGroups as $selectedGroup) { $groupsElement->setOption2Selected($selectedGroup->getObjectId()); } // store visibility definition if ($form->isSent() && $form->isValid()) { // setup type $type = new UmgtVisibilityDefinitionType(); $type->setObjectId($typeElement->getSelectedOption()->getAttribute('value')); // setup proxy $definition = new UmgtVisibilityDefinition(); $definition->setAppObjectId($form->getFormElementByName('appobjectid')->getAttribute('value')); // setup users $users = []; foreach ($usersElement->getSelectedOptions() as $option) { $user = new UmgtUser(); $user->setObjectId($option->getAttribute('value')); $users[] = $user; unset($user); } // setup groups $groups = []; foreach ($groupsElement->getSelectedOptions() as $option) { $group = new UmgtGroup(); $group->setObjectId($option->getAttribute('value')); $groups[] = $group; unset($group); } // setup access permissions $definition->setReadPermission($form->getFormElementByID('read-perm')->isChecked() ? 1 : 0); $definition->setWritePermission($form->getFormElementByID('write-perm')->isChecked() ? 1 : 0); $definition->setLinkPermission($form->getFormElementByID('link-perm')->isChecked() ? 1 : 0); $definition->setDeletePermission($form->getFormElementByID('delete-perm')->isChecked() ? 1 : 0); $uM->createVisibilityDefinition($type, $definition, $users, $groups); $this->getResponse()->forward($this->generateLink(['mainview' => 'proxy', 'proxyview' => null, 'proxytypeid' => null])); } else { $form->transformOnPlace(); } }
public function transformContent() { $form = $this->getForm('UserForm'); if ($form->isSent() && $form->isValid()) { $firstName = $form->getFormElementByName('FirstName'); $lastName = $form->getFormElementByName('LastName'); /* @var $birthday DateSelectorTag */ $birthday = $form->getFormElementByName('Birthday'); $streetName = $form->getFormElementByName('StreetName'); $streetNumber = $form->getFormElementByName('StreetNumber'); $zipCode = $form->getFormElementByName('ZIPCode'); $city = $form->getFormElementByName('City'); $email = $form->getFormElementByName('EMail'); $mobile = $form->getFormElementByName('Mobile'); $username = $form->getFormElementByName('Username'); $password = $form->getFormElementByName('Password'); $uM = $this->getManager(); $user = new UmgtUser(); $user->setFirstName($firstName->getValue()); $user->setLastName($lastName->getValue()); $user->setBirthday($birthday->getValue()); $user->setStreetName($streetName->getValue()); $user->setStreetNumber($streetNumber->getValue()); $user->setZIPCode($zipCode->getValue()); $user->setCity($city->getValue()); $user->setEMail($email->getValue()); $user->setMobile($mobile->getValue()); $user->setUsername($username->getValue()); $user->setPassword($password->getValue()); $uM->saveUser($user); $this->getResponse()->forward($this->generateLink(['mainview' => 'user', 'userview' => null])); } $form->transformOnPlace(); }
/** * Displays and handles the user edit form. * * @author Christian Achatz * @version * Version 0.1, 26.12.2008<br /> * Version 0.2, 02.01.2009 (Added the password fields handling)<br /> */ public function transformContent() { // get the userid from the request $userId = $this->getRequest()->getParameter('userid'); // setup the form $form = $this->getForm('UserForm'); $fieldUserId = $form->getFormElementByName('userid'); $fieldUserId->setAttribute('value', $userId); $firstName = $form->getFormElementByName('FirstName'); $lastName = $form->getFormElementByName('LastName'); /* @var $birthday DateSelectorTag */ $birthday = $form->getFormElementByName('Birthday'); $streetName = $form->getFormElementByName('StreetName'); $streetNumber = $form->getFormElementByName('StreetNumber'); $zipCode = $form->getFormElementByName('ZIPCode'); $city = $form->getFormElementByName('City'); $email = $form->getFormElementByName('EMail'); $mobile = $form->getFormElementByName('Mobile'); $username = $form->getFormElementByName('Username'); // get the manager $uM = $this->getManager(); if ($form->isSent()) { if ($form->isValid()) { // setup the domain object $user = new UmgtUser(); $user->setObjectId($userId); // read the "normal" fields $user->setFirstName($firstName->getValue()); $user->setLastName($lastName->getValue()); $user->setBirthday($birthday->getValue()); $user->setStreetName($streetName->getValue()); $user->setStreetNumber($streetNumber->getValue()); $user->setZIPCode($zipCode->getValue()); $user->setCity($city->getValue()); $user->setEMail($email->getValue()); $user->setMobile($mobile->getValue()); $user->setUsername($username->getValue()); // read the password field $passField1 = $form->getFormElementByName('Password'); $passField2 = $form->getFormElementByName('Password2'); $pass1 = $passField1->getAttribute('value'); $pass2 = $passField2->getAttribute('value'); $response = $this->getResponse(); if (!empty($pass1)) { if ($pass1 !== $pass2) { $passField1->markAsInvalid(); $passField2->markAsInvalid(); $passField1->appendCssClass($this->getMarkerClass($passField1)); $passField2->appendCssClass($this->getMarkerClass($passField2)); $this->setPlaceHolder('UserEdit', $form->transformForm()); } else { // add the password to the object $user->setPassword($pass2); // save the user $uM->saveUser($user); $response->forward($this->generateLink(['mainview' => 'user', 'userview' => '', 'userid' => ''])); } } else { $uM->saveUser($user); $response->forward($this->generateLink(['mainview' => 'user', 'userview' => '', 'userid' => ''])); } } else { $form->transformOnPlace(); } } else { $user = $uM->loadUserByID($userId); // pre-fill form $firstName->setValue($user->getFirstName()); $lastName->setValue($user->getLastName()); $birthday->setValue($user->getBirthday()); $streetName->setValue($user->getStreetName()); $streetNumber->setValue($user->getStreetNumber()); $zipCode->setValue($user->getZIPCode()); $city->setValue($user->getCity()); $email->setValue($user->getEMail()); $mobile->setValue($user->getMobile()); $username->setValue($user->getUsername()); $form->transformOnPlace(); } }
/** * @param UmgtUser $user * * @return UmgtGroup[] */ private function getGroups(UmgtUser $user) { return $user->loadRelatedObjects('Group2User'); }
public function transformContent() { $form = $this->getForm('register'); if ($form->isSent() && $form->isValid()) { $uM = $this->getManager(); $user = new UmgtUser(); $firstName = $form->getFormElementByName('firstname'); $firstNameValue = $firstName->getValue(); $user->setFirstName($firstNameValue); $lastName = $form->getFormElementByName('lastname'); $lastNameValue = $lastName->getValue(); $user->setLastName($lastNameValue); $street = $form->getFormElementByName('street'); $user->setStreetName($street->getValue()); $number = $form->getFormElementByName('number'); $user->setStreetNumber($number->getValue()); $zip = $form->getFormElementByName('zip'); $user->setZIPCode($zip->getValue()); $city = $form->getFormElementByName('city'); $user->setCity($city->getValue()); $email = $form->getFormElementByName('email'); $user->setEMail($email->getValue()); $userName = $form->getFormElementByName('username'); $userNameValue = $userName->getValue(); $user->setUsername($userNameValue); $password = $form->getFormElementByName('password'); $user->setPassword($password->getValue()); // assemble display name to have a more readable user within the umgt mgmt UI if (empty($firstNameValue) && empty($lastNameValue)) { $user->setDisplayName($userNameValue); } else { $user->setDisplayName($lastNameValue . ', ' . $firstNameValue); } // add initial groups and roles if applicable try { foreach ($this->getInitialGroups() as $initialGroup) { $user->addGroup($initialGroup); } foreach ($this->getInitialRoles() as $initialRole) { $user->addRole($initialRole); } } catch (ConfigurationException $e) { $l = Singleton::getInstance(Logger::class); /* @var $l Logger */ $l->logEntry('registration', 'Registration cannot add initial groups or roles due to the following ' . 'exception: ' . $e . ' This may be ok, in case you have no initial groups and/or roles specified.', LogEntry::SEVERITY_INFO); } try { // Lets have a look if the username/email is always in use and show an error message try { $config = $this->getConfiguration('APF\\modules\\usermanagement\\pres', 'login.ini'); $loginType = $config->getSection('Default')->getValue('login.type', 'username'); } catch (ConfigurationException $e) { $loginType = 'username'; } if ($loginType === 'username') { $regUser = $uM->loadUserByUserName($userNameValue); } else { $regUser = $uM->loadUserByEMail($email->getValue()); } if ($regUser === null) { $uM->saveUser($user); $this->getTemplate('register-ok')->transformOnPlace(); } else { $form->setPlaceHolder('register-error', $this->getTemplate('register-error-user-already-exists')->transformTemplate()); $form->transformOnPlace(); } } catch (Exception $e) { $this->getTemplate('system-error')->transformOnPlace(); $l = Singleton::getInstance(Logger::class); /* @var $l Logger */ $l->logEntry('registration', 'Registration is not possible due to ' . $e, LogEntry::SEVERITY_ERROR); } } elseif ($form->isSent() && !$form->isValid()) { $form->setPlaceHolder('register-error', $this->getTemplate('register-error')->transformTemplate()); $form->transformOnPlace(); } else { $form->transformOnPlace(); } }