public function testAuthenticate()
{
$user = new Person();
$user->setUsername($this->testUsername);
$user->setPassword($this->testPassword);
$this->assertTrue($user->authenticate($this->testPassword));
}
/**
* Deletes a Person's user account information
*/
public function delete()
{
$person = new Person($_GET['person_id']);
$person->deleteUserAccount();
try {
$person->save();
} catch (\Exception $e) {
$_SESSION['errorMessages'][] = $e;
}
header('Location: ' . BASE_URL . '/users');
}
public function testSave()
{
$person = new Person();
$person->setFirstname('First');
$person->setLastname('Last');
$person->setEmail('test@localhost');
$person->save();
$person = new Person('test@localhost');
$this->assertEquals('First', $person->getFirstname());
$this->assertEquals('Last', $person->getLastname());
$this->assertEquals('test@localhost', $person->getEmail());
}
public function delete(array $params)
{
try {
$person = new Person($_REQUEST['id']);
$person->deleteUserAccount();
$person->save();
} catch (\Exception $e) {
$_SESSION['errorMessages'][] = $e;
}
header('Location: ' . self::generateUrl('users.index'));
exit;
}
public function testPermissions()
{
$table = new CategoryTable();
$list = $table->find();
$this->assertEquals(1, count($list));
$person = new Person();
$person->setRole('Staff');
$list = $table->find(['displayableTo' => $person]);
$this->assertEquals(3, count($list));
$_SESSION['USER'] = $person;
$list = $table->find();
$this->assertEquals(3, count($list));
}
public function testSaveAndLoad()
{
$person = new Person($this->testPersonId);
$this->assertEquals($this->testPersonId, $person->getId());
$address = new Address();
$address->setAddress('test');
$address->setPerson($person);
$address->save();
$id = $address->getId();
$this->assertNotEmpty($id);
$address = new Address($id);
$this->assertEquals('test', $address->getAddress());
$this->assertEquals(1, $address->getPerson_id());
}
/**
* @param string $fieldname The name of the person field
* @param Person $person The currently selected Person object
* @return string
*/
public function personChooser($fieldname, Person $person = null)
{
$this->template->addToAsset('scripts', JQUERY . '/jquery.min.js');
$this->template->addToAsset('scripts', BASE_URI . '/js/people/personChooser.js');
$id = '';
$name = '';
if ($person) {
$id = $person->getId();
$name = View::escape($person->getFullname());
}
$return_url = new Url($_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI']);
$personChooser = BASE_URI . '/people?return_url=' . $return_url;
$html = "\n\t\t<input type=\"hidden\" name=\"{$fieldname}_id\" id=\"{$fieldname}_id\" value=\"{$id}\" />\n\t\t<span id=\"{$fieldname}-name\">{$name}</span>\n\t\t<a class=\"btn\"\n\t\t\thref=\"{$personChooser}\"\n\t\t\tonclick=\"PERSON_CHOOSER.open('{$fieldname}');return false;\">\n\t\t\t<span class=\"fa fa-user\"></span>\n\t\t\tChange Person\n\t\t</a>\n\t\t";
return $html;
}
/**
* Attempts to authenticate users based on AuthenticationMethod
*/
public function login()
{
if (isset($_POST['username'])) {
try {
$person = new Person($_POST['username']);
if ($person->authenticate($_POST['password'])) {
$_SESSION['USER'] = $person;
header('Location: ' . $this->return_url);
exit;
} else {
throw new \Exception('invalidLogin');
}
} catch (\Exception $e) {
$_SESSION['errorMessages'][] = $e;
}
}
$this->template->blocks[] = new Block('loginForm.inc', array('return_url' => $this->return_url));
}
/**
* Attempts to authenticate users based on AuthenticationMethod
*/
public function login(array $params)
{
if (isset($_POST['username'])) {
try {
$person = new Person($_POST['username']);
if ($person->authenticate($_POST['password'])) {
$_SESSION['USER'] = $person;
header('Location: ' . $this->return_url);
exit;
} else {
throw new \Exception('invalidLogin');
}
} catch (\Exception $e) {
$_SESSION['errorMessages'][] = $e;
}
}
return new \Application\Views\Login\LoginView(['return_url' => $this->return_url]);
}
public function testAuthenticationMethodDefaultsToLocal()
{
$person = new Person();
$person->setFirstname('First');
$person->setLastname('Last');
$person->setEmail('test@localhost');
$person->setUsername('test');
$person->validate();
$this->assertEquals('local', $person->getAuthenticationMethod());
}
/**
* @param GET ticket_id
*/
public function view()
{
$ticket = $this->loadTicket($_GET['ticket_id']);
if ($ticket->allowsDisplay(isset($_SESSION['USER']) ? $_SESSION['USER'] : null)) {
$this->template->setFilename('tickets');
$this->template->blocks['ticket-panel'][] = new Block('tickets/ticketInfo.inc', array('ticket' => $ticket));
$this->template->blocks['ticket-panel'][] = new Block('tickets/slaStatus.inc', array('ticket' => $ticket));
if (Person::isAllowed('tickets', 'update') && $ticket->getStatus() != 'closed') {
$this->template->blocks['history-panel'][] = new Block('tickets/actionForm.inc', array('ticket' => $ticket));
}
$this->addStandardInfoBlocks($ticket);
} else {
$_SESSION['errorMessages'][] = new \Exception('noAccessAllowed');
}
}
/**
* Displays a single issue from a ticket
*/
public function index()
{
try {
$issue = new Issue($_GET['issue_id']);
$ticket = $issue->getTicket();
} catch (\Exception $e) {
$_SESSION['errorMessages'][] = $e;
header('Location: ' . BASE_URL . '/tickets');
exit;
}
$this->template->setFilename('issues');
$this->template->blocks['ticket-panel'][] = new Block('tickets/ticketInfo.inc', array('ticket' => $ticket));
if (Person::isAllowed('people', 'view')) {
$person = $issue->getReportedByPerson();
if ($person) {
$this->template->blocks['person-panel'][] = new Block('people/personInfo.inc', array('person' => $person, 'disableButtons' => true));
}
}
$this->template->blocks['issue-panel'][] = new Block('tickets/issueInfo.inc', array('issue' => $issue));
}
/**
* View a single location
*/
public function view()
{
// Make sure we have the location in the system
$location = trim($_GET['location']);
if (!$location) {
header('Location: ' . BASE_URL . '/locations');
exit;
}
$table = new TicketTable();
$ticketList = $table->find(array('location' => $location));
$this->template->setFilename('locations');
$blocks = array('locationInfo', 'masterAddressData', 'locationPeople');
foreach ($blocks as $b) {
$this->template->blocks['left'][] = new Block("locations/{$b}.inc", array('location' => $location, 'disableButtons' => isset($_GET['disableButtons'])));
}
$this->template->blocks['right'][] = new Block('tickets/ticketList.inc', array('ticketList' => $ticketList, 'title' => 'Cases Associated with this Location', 'disableLinks' => isset($_GET['disableLinks']), 'disableButtons' => isset($_GET['disableButtons'])));
if (Person::isAllowed('tickets', 'merge') && !isset($_GET['disableLinks']) && count($ticketList) > 1) {
$this->template->blocks['right'][] = new Block('tickets/ticketSelectForMergeForm.inc');
}
}
/**
* @param Person $person
* @return bool
*/
public function allowsPosting(Person $person = null)
{
if (!$person) {
return $this->getPostingPermissionLevel() === 'anonymous';
} elseif ($person->getRole() !== 'Staff' && $person->getRole() !== 'Administrator') {
return in_array($this->getPostingPermissionLevel(), ['public', 'anonymous']);
}
return true;
}
<?php
/**
* @copyright 2012-2013 City of Bloomington, Indiana
* @license http://www.gnu.org/licenses/agpl.txt GNU/AGPL, see LICENSE.txt
* @author Cliff Ingham <*****@*****.**>
*/
use Application\Models\Person;
include '../configuration.inc';
$person = new Person();
$person->setFirstname('Administrator');
$person->setLastname('Person');
$person->setEmail('*****@*****.**');
$person->setUsername('admin');
//$person->setPassword();
$person->setAuthenticationMethod('Employee');
$person->setRole('Administrator');
$person->save();
/**
* Displays the list of distinct values for a given field and term
*
* Used primarily to support autocomplete on the person search form
*
* @param GET field
* @param GET term
*/
public function distinct()
{
$this->template->blocks[] = new Block('people/distinctFieldValues.inc', array('results' => Person::getDistinct($_GET['field'], $_GET['term'])));
}
/**
* @param Person $person
* @return bool
*/
public function allowsDisplay($person)
{
if (!$person instanceof Person) {
return $this->getDisplayPermissionLevel() == 'anonymous';
} elseif ($person->getRole() != 'Staff' && $person->getRole() != 'Administrator') {
return in_array($this->getDisplayPermissionLevel(), array('public', 'anonymous'));
}
return true;
}
*
* This script should only be used by people with root access
* on the web server.
* If you are planning on using local authentication, you must
* provide a password here. The password will be encrypted when
* the new person's account is saved
*
* If you are doing Employee or CAS authentication you do
* not need to save a password into the database.
*
* @copyright 2011-2014 City of Bloomington, Indiana
* @license http://www.gnu.org/licenses/agpl.txt GNU/AGPL, see LICENSE.txt
* @author Cliff Ingham <*****@*****.**>
*/
use Application\Models\Person;
include '../configuration.inc';
$person = new Person();
// Fill these out as needed
$person->setFirstname('Admin');
$person->setLastname('Person');
$person->setUsername('administrator');
$person->setAuthenticationMethod('local');
#$person->setPassword('');
// You most likely want Administrator
$person->setRole('Administrator');
$person->save();
// Don't forget to create an email address
$email = new Email();
$email->setPerson($person);
$email->setEmail('admin@localhost');
$email->save();
/**
* Transfers all data from a person, then deletes that person
*
* This person will end up containing all information from both people
* I took care to make sure to update the search index as well
* as the database.
*
* @param Person $person
*/
public function mergeFrom(Person $person)
{
if ($this->getId() && $person->getId()) {
if ($this->getId() == $person->getId()) {
// can not merge same person throw exception
throw new \Exception('mergerNotAllowed');
}
$zend_db = Database::getConnection();
// Look up all the tickets we're about to modify
// We need to remember them so we can update the search
// index after we've updated the database
$id = (int) $person->getId();
$sql = "select distinct t.id from tickets t\n\t\t\t\t\tleft join ticketHistory th on t.id=th.ticket_id\n\t\t\t\t\tleft join issues i on t.id= i.ticket_id\n\t\t\t\t\tleft join issueHistory ih on i.id=ih.issue_id\n\t\t\t\t\tleft join media m on i.id= m.issue_id\n\t\t\t\t\tleft join responses r on i.id= r.issue_id\n\t\t\t\t\twhere ( t.enteredByPerson_id={$id} or t.assignedPerson_id={$id} or t.referredPerson_id={$id})\n\t\t\t\t\t or (th.enteredByPerson_id={$id} or th.actionPerson_id={$id})\n\t\t\t\t\t or ( i.enteredByPerson_id={$id} or i.reportedByPerson_id={$id})\n\t\t\t\t\t or (ih.enteredByPerson_id={$id} or ih.actionPerson_id={$id})\n\t\t\t\t\t or m.person_id={$id} or r.person_id={$id}";
$result = $zend_db->query($sql)->execute();
$ticketIds = [];
foreach ($result as $row) {
$ticketIds[] = $row['id'];
}
$zend_db->getDriver()->getConnection()->beginTransaction();
try {
// These are all the database fields that hit the Solr index
$zend_db->query('update responses set person_id=? where person_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update media set person_id=? where person_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update issueHistory set enteredByPerson_id=? where enteredByPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update issueHistory set actionPerson_id=? where actionPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update issues set enteredByPerson_id=? where enteredByPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update issues set reportedByPerson_id=? where reportedByPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update ticketHistory set enteredByPerson_id=? where enteredByPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update ticketHistory set actionPerson_id=? where actionPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update tickets set enteredByPerson_id=? where enteredByPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update tickets set assignedPerson_id=? where assignedPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update tickets set referredPerson_id=? where referredPerson_id=?')->execute([$this->getId(), $person->getId()]);
// Fields that don't hit the Solr index
$zend_db->query('update clients set contactPerson_id=? where contactPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update departments set defaultPerson_id=? where defaultPerson_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update peopleAddresses set person_id=? where person_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update peoplePhones set person_id=? where person_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('update peopleEmails set person_id=? where person_id=?')->execute([$this->getId(), $person->getId()]);
$zend_db->query('delete from people where id=?')->execute([$person->getId()]);
} catch (Exception $e) {
$zend_db->getDriver()->getConnection()->rollback();
throw $e;
}
$zend_db->getDriver()->getConnection()->commit();
foreach ($ticketIds as $id) {
$search = new Search();
$ticket = new Ticket($id);
$search->add($ticket);
}
}
}
