public function checkPassword(ExecutionContextInterface $context)
{
if (!$this->user->checkPassword($this->encoderFactory, $this->password)) {
$context->buildViolation('The specified password is invalid.')->atPath('password')->addViolation();
return false;
}
}
public function getCredentialChangeRequest($id, User $currentUser)
{
$data = $this->conn->fetchAssoc('SELECT * FROM `' . CoreTables::CREDENTIAL_CHANGE_TBL . '` WHERE `id` = :id', [':id' => $id]);
if (empty($data) || $data['userId'] != $currentUser->getId()) {
throw new ModelException('The specified credential change request does not exist.');
}
return CredentialChangeRequest::fromArray($currentUser, $data);
}
public function findAvailableCourses(User $user)
{
$items = $this->conn->fetchAll('SELECT c.`id`, c.`name`, c.`deadline`, r.`result` AS `user_result`, r.`passedQuestions` AS `user_passedQuestions`, ' . 'r.`totalQuestions` AS `user_totalQuestions`, r.`completedAt` AS `user_completedAt`, arr.`result` AS `area_result`, arr.`passedQuestions` AS `area_passedQuestions`, ' . 'arr.`totalQuestions` AS `area_totalQuestions`, arr.`completedAt` AS `area_completedAt` ' . 'FROM `' . CourseTables::COURSE_TBL . '` c ' . 'LEFT JOIN `' . CourseTables::COURSE_AREA_RESULT_TBL . '` ar ON (ar.`courseId` = c.`id` AND ar.`areaId` = :areaId) ' . 'LEFT JOIN `' . CourseTables::COURSE_RESULT_TBL . '` arr ON (arr.`courseId` = ar.`courseId` AND arr.`userId` = ar.`userId`) ' . 'LEFT JOIN `' . CourseTables::COURSE_RESULT_TBL . '` r ON (r.`courseId` = c.`id` AND r.`userId` = :userId) ' . 'WHERE c.`isPublished` = 1 AND c.`projectId` = :projectId ORDER BY c.`displayOrder`', [':areaId' => $this->area->getId(), ':userId' => $user->getId(), ':projectId' => $this->area->getProject()->getId()]);
foreach ($items as &$item) {
TestResult::processResults($item, 'user_');
TestResult::processResults($item, 'area_');
}
return $items;
}
public static function create(User $user, $ip, $time)
{
$item = new PasswordRecoveryRequest();
$item->user = $user;
$item->requestIp = ip2long($ip);
$item->requestTime = $time;
$item->provisionKey = sha1('dsSDfdjd' . rand(-2000000000, 2000000000) . 'ZSdDkjqi23df' . $item->requestIp . $time . $user->getLogin());
return $item;
}
private function buildRepresentations(User $user)
{
$projects = $this->conn->fetchAll('SELECT g.`id`, g.`name`, g.`slug`, c.`role`, c.`note` FROM `' . CoreTables::GROUP_TBL . '` g ' . 'INNER JOIN `' . CoreTables::GROUP_MEMBER_TBL . '` c ON c.`groupId` = g.`id` ' . 'WHERE c.`userId` = :userId ORDER BY g.`name`', [':userId' => $user->getId()]);
$items = array();
foreach ($projects as $proj) {
$items[] = new ProjectRepresentation($proj['slug'], $proj['name'], 'group_dashboard', 'GroupNominative: 0', 'default', $this->resolver->getRole('Group', $proj['role']), $proj['note']);
}
return $items;
}
private function buildRepresentations(User $user)
{
$projects = $this->conn->fetchAll('SELECT a.`id`, a.`name`, a.`slug`, c.`role`, c.`note` FROM `' . CoreTables::AREA_TBL . '` a ' . 'INNER JOIN `' . CoreTables::AREA_MEMBER_TBL . '` c ON c.`areaId` = a.`id` ' . 'WHERE c.`userId` = :userId ORDER BY a.`name`', [':userId' => $user->getId()]);
$items = array();
foreach ($projects as $proj) {
$items[] = new ProjectRepresentation($proj['slug'], $proj['name'], 'area_dashboard', 'AreaNominative: 0', 'purple', $this->resolver->getRole('Area', $proj['role']), $proj['note']);
}
return $items;
}
public function checkPassword(ExecutionContextInterface $context)
{
if (!$this->user->checkPassword($this->encoderFactory, $this->oldPassword)) {
$context->buildViolation('The specified password is invalid.')->atPath('oldPassword')->addViolation();
return false;
}
if ($this->password != $this->repeatPassword) {
$context->buildViolation('The specified passwords are not identical!')->atPath('password')->addViolation();
return false;
}
if (!PasswordBuilder::isPasswordStrongEnough($this->password)) {
$context->buildViolation('The password must contain lowercase, uppercase letters and numbers.')->atPath('password')->addViolation();
return false;
}
}
private function buildRepresentations(User $user)
{
$projects = $this->conn->fetchAll('SELECT p.`id`, p.`name`, p.`slug`, c.`role`, c.`note` FROM `' . CoreTables::PROJECT_TBL . '` p ' . 'INNER JOIN `' . CoreTables::PROJECT_MEMBER_TBL . '` c ON c.`projectId` = p.`id` ' . 'WHERE p.`archived` = 0 AND c.`userId` = :userId ORDER BY p.`name`', [':userId' => $user->getId()]);
$items = array();
foreach ($projects as $proj) {
$items[] = new ProjectRepresentation($proj['slug'], $proj['name'], 'project_dashboard', 'ProjectNominative: 0', 'primary', $this->resolver->getRole('Project', $proj['role']), $proj['note']);
}
return $items;
}
public function getUserByEmail($email)
{
if (filter_var($email, FILTER_VALIDATE_EMAIL) === false) {
throw new ModelException('Invalid e-mail address');
}
$this->transaction->requestTransaction();
$user = User::fetchByCriteria($this->conn, QueryClause::clause('u.`email` = :email', ':email', $email));
if (empty($user)) {
throw new ItemNotFoundException('The specified user has not been found.');
}
return $user;
}
public static function fetchByProject(Connection $conn, $id, Project $project)
{
$data = $conn->fetchAssoc('SELECT r.*, v.id AS `verifier_id`, v.`name` AS `verifier_name`, ' . 't.`id` AS `territory_id`, t.`name` AS `territory_name`, t.`areaNum` AS `territory_areaNum`, t.`requestNum` as `territory_requestNum` ' . 'FROM `' . CoreTables::AREA_REQUEST_TBL . '` r ' . 'INNER JOIN `' . CoreTables::TERRITORY_TBL . '` t ON t.`id` = r.`territoryId` ' . 'LEFT JOIN `' . CoreTables::USER_TBL . '` v ON v.`id` = r.`verifierId` ' . 'WHERE r.`id` = :id AND r.`projectId` = :projectId', [':id' => $id, ':projectId' => $project->getId()]);
if (null === $data) {
return false;
}
$user = User::fetchByCriteria($conn, QueryClause::clause('u.`id` = :id', ':id', $data['requestorId']));
$item = self::fromArray($data);
$item->setProject($project);
$item->setRequestor($user);
if (!empty($data['verifier_id'])) {
$item->verifier = new Verifier($data['verifier_id'], $data['verifier_name']);
}
$item->setTerritory($item->oldTerritory = Territory::fromArray($data, 'territory'));
return $item;
}
protected function tryRecordingAreaResult(Connection $conn, Area $area, TestTrial $trial)
{
$areaResult = AreaCourseResult::fetchResult($conn, $area, $this->course);
if ($areaResult->result == Question::RESULT_UNKNOWN) {
$conn->insert(CourseTables::COURSE_AREA_RESULT_TBL, ['areaId' => $area->getId(), 'userId' => $this->user->getId(), 'courseId' => $this->course->getId()]);
$progress = CourseProgress::fetchByArea($conn, $area);
$progress->updateResults($conn, $areaResult, $trial);
return $progress;
} elseif ($areaResult->result == Question::RESULT_INVALID) {
$conn->update(CourseTables::COURSE_AREA_RESULT_TBL, ['areaId' => $area->getId(), 'userId' => $this->user->getId(), 'courseId' => $this->course->getId()], ['areaId' => $area->getId(), 'courseId' => $this->course->getId()]);
$progress = CourseProgress::fetchByArea($conn, $area);
$progress->updateResults($conn, $areaResult, $trial);
return $progress;
}
return true;
}
public function execute()
{
if ($this->photo->isValid()) {
$name = sha1($this->user->getId() . $this->user->getLogin() . $this->user->getRegisteredAt() . time() . uniqid('ffdf'));
$photoUploader = new PhotoFormatter($this->photo->getRealPath(), self::MINIMUM_SIZE, self::MAXIMUM_SIZE, $this->output);
$old = $this->user->getAvatar();
$photoUploader->setNewName($name);
$photoUploader->loadAndScale(self::START_SIZE);
$this->user->setAvatar($name);
$this->repository->update($this->user);
if (!empty($old)) {
$photoUploader->removeOld($old, self::START_SIZE);
}
}
}
/**
* Retrieves an existing password recovery request.
*
* @param int $id
* @return PasswordRecoveryRequest
* @throws PasswordRecoveryException
*/
public function getPasswordRecoveryRequest($id)
{
$data = $this->conn->fetchAssoc('SELECT u.*, r.`id` AS `req_id`, r.`userId` AS `req_userId`, r.`status` AS `req_status`, r.`provisionKey` AS `req_provisionKey`, r.`requestIp` AS `req_requestIp`, r.`requestTime` AS `req_requestTime` ' . 'FROM `' . CoreTables::PASSWORD_RECOVERY_TBL . '` r ' . 'INNER JOIN `' . CoreTables::USER_TBL . '` u ON u.`id` = r.`userId` ' . 'WHERE r.`id` = :requestId', [':requestId' => $id]);
if (empty($data)) {
throw new PasswordRecoveryException('Unknown registration request.');
}
return PasswordRecoveryRequest::fromArray(User::fromArray($data), $data);
}
public function activate($provisionKey)
{
if ($this->provisionKey == $provisionKey) {
$user = User::freshActive($this->getPassword(), $this->getSalt());
$user->setLogin($this->getLogin());
$user->setName($this->getName());
$user->setEmail($this->getEmail());
$user->setSettingsLanguage($this->getLanguage());
return $user;
} else {
throw new UserRegistrationException('Invalid provision key.');
}
}
/**
* Shows all invitations for the given user.
*
* @param \Cantiga\CoreBundle\Repository\User $user
*/
public function findInvitations(User $user)
{
return $this->conn->fetchAll('SELECT i.`id`, i.`createdAt`, i.`note`, u.`name` AS `inviterName`, i.`resourceType`, i.`resourceName` ' . 'FROM `' . CoreTables::INVITATION_TBL . '` i ' . 'INNER JOIN `' . CoreTables::USER_TBL . '` u ON u.`id` = i.`inviterId` ' . 'WHERE i.`userId` = :userId ' . 'ORDER BY i.`id` DESC', [':userId' => $user->getId()]);
}
public function findMembers(Area $area)
{
$items = $this->conn->fetchAll('SELECT u.name, u.avatar, p.location, p.telephone, p.publicMail, p.privShowTelephone, p.privShowPublicMail, m.note ' . 'FROM `' . CoreTables::USER_TBL . '` u ' . 'INNER JOIN `' . CoreTables::USER_PROFILE_TBL . '` p ON p.`userId` = u.`id` ' . 'INNER JOIN `' . CoreTables::AREA_MEMBER_TBL . '` m ON m.`userId` = u.`id` ' . 'WHERE m.`areaId` = :areaId ORDER BY m.`role` DESC, u.`name`', [':areaId' => $area->getId()]);
foreach ($items as &$item) {
$item['publicMail'] = User::evaluateUserPrivacy($item['privShowPublicMail'], $this->project) ? $item['publicMail'] : '';
$item['telephone'] = User::evaluateUserPrivacy($item['privShowTelephone'], $this->project) ? $item['telephone'] : '';
}
return $items;
}
/**
* @param $membershipEntity Entity whose members we want to view
* @param $id User ID
* @return User
*/
public function getItem(MembershipEntityInterface $membershipEntity, $id)
{
$this->transaction->requestTransaction();
try {
$user = User::fetchLinkedProfile($this->conn, $this->roleResolver, $membershipEntity, Join::create($this->membershipTable(), 'm', QueryClause::clause('m.userId = u.id')), QueryOperator::op('AND')->expr(QueryClause::clause('m.' . $this->entityColumn() . ' = :entityId', ':entityId', $membershipEntity->getId()))->expr(QueryClause::clause('u.`id` = :userId', ':userId', $id)));
if (false === $user) {
throw new ItemNotFoundException('The specified user has not been found.');
}
return $user;
} catch (Exception $exception) {
$this->transaction->requestRollback();
throw $exception;
}
}
public function remove(User $item)
{
$this->transaction->requestTransaction();
try {
$item->remove($this->conn);
$this->eventDispatcher->dispatch(CantigaEvents::USER_REMOVED, new UserEvent($item));
} catch (Exception $exception) {
$this->transaction->requestRollback();
throw $exception;
}
}
/**
* Certain courses do not have a test. In this situation the user may click a button where he
* simply confirms in good-faith that he/she has completed the given course.
*
* @param Connection $conn Database connection
* @param Area $area The area which finishes the course.
* @param User $user The user who completes the course.
* @return CourseProgress|boolean
*/
public function confirmGoodFaithCompletion(Connection $conn, Area $area, User $user)
{
if ($this->hasTest()) {
throw new ModelException('Cannot confirm good-faith completion for a course that has a test assigned.');
}
try {
$stmt = $conn->prepare('INSERT INTO `' . CourseTables::COURSE_RESULT_TBL . '` ' . '(`userId`, `courseId`, `trialNumber`, `startedAt`, `completedAt`, `result`, `totalQuestions`, `passedQuestions`) ' . 'VALUES(:userId, :courseId, 1, :startedAt, :completedAt, :result, :totalQuestions, :passedQuestions)');
$stmt->bindValue(':userId', $user->getId());
$stmt->bindValue(':courseId', $this->getId());
$stmt->bindValue(':result', Question::RESULT_CORRECT);
$stmt->bindValue(':startedAt', time());
$stmt->bindValue(':completedAt', time());
$stmt->bindValue(':totalQuestions', 1);
$stmt->bindValue(':passedQuestions', 1);
$stmt->execute();
$areaResult = AreaCourseResult::fetchResult($conn, $area, $this);
if ($areaResult->getResult() == Question::RESULT_UNKNOWN) {
$conn->insert(CourseTables::COURSE_AREA_RESULT_TBL, ['userId' => $user->getId(), 'areaId' => $area->getId(), 'courseId' => $this->id]);
$progress = CourseProgress::fetchByArea($conn, $area);
$progress->updateGoodFaithCompletion($conn);
return $progress;
}
return true;
} catch (UniqueConstraintViolationException $exception) {
throw new ModelException('Cannot complete a completed test!');
}
}
public function removeMember(Connection $conn, User $user)
{
if (1 == $conn->delete(CoreTables::GROUP_MEMBER_TBL, ['groupId' => $this->getId(), 'userId' => $user->getId()])) {
$conn->executeQuery('UPDATE `' . CoreTables::GROUP_TBL . '` SET `memberNum` = (`memberNum` - 1) WHERE `id` = :id', [':id' => $this->id]);
$conn->executeQuery('UPDATE `' . CoreTables::USER_TBL . '` SET `groupNum` = (`groupNum` - 1) WHERE `id` = :id', [':id' => $user->getId()]);
return true;
}
return false;
}
public function performTransition(User $currentUser, $additionalPermissionsGranted, $newStatus)
{
if ($this->status == self::STATUS_NEW) {
if ($newStatus == self::STATUS_ANSWERING) {
$this->responder = $currentUser;
$this->answeredAt = time();
$this->completedAt = null;
$this->status = $newStatus;
return;
} elseif ($newStatus == self::STATUS_CLOSED && $additionalPermissionsGranted) {
$this->responder = $currentUser;
$this->completedAt = time();
$this->status = $newStatus;
return;
}
} elseif ($this->status == self::STATUS_ANSWERING) {
if ($newStatus == self::STATUS_COMPLETED && $currentUser->getId() == $this->responder->getId()) {
$this->completedAt = time();
$this->status = $newStatus;
return;
} elseif ($newStatus == self::STATUS_NEW && $additionalPermissionsGranted) {
$this->responder = null;
$this->answeredAt = null;
$this->completedAt = null;
$this->status = $newStatus;
return;
}
} elseif ($this->status == self::STATUS_COMPLETED) {
if ($newStatus == self::STATUS_ANSWERING && ($currentUser->getId() == $this->responder->getId() || $additionalPermissionsGranted)) {
$this->completedAt = null;
$this->status = $newStatus;
return;
} elseif ($newStatus == self::STATUS_NEW && $additionalPermissionsGranted) {
$this->responder = null;
$this->answeredAt = null;
$this->completedAt = null;
$this->status = $newStatus;
return;
}
} elseif ($this->status == self::STATUS_CLOSED) {
if ($newStatus == self::STATUS_NEW && $additionalPermissionsGranted) {
$this->responder = null;
$this->answeredAt = null;
$this->completedAt = null;
$this->status = $newStatus;
return;
}
}
throw new ModelException('This status transition is not allowed.');
}
public function clearMembership(User $user)
{
$this->conn->executeUpdate('UPDATE `' . CoreTables::GROUP_TBL . '` g INNER JOIN `' . CoreTables::GROUP_MEMBER_TBL . '` m ON m.`groupId` = g.`id` ' . 'SET g.`memberNum` = (g.`memberNum` - 1) WHERE m.`userId` = :userId', [':userId' => $user->getId()]);
$this->conn->executeQuery('DELETE FROM `' . CoreTables::GROUP_MEMBER_TBL . '` WHERE `userId` = :userId', [':userId' => $user->getId()]);
return 'groupNum';
}
public function removeMember(Connection $conn, User $user)
{
if (1 == $conn->delete(CoreTables::AREA_MEMBER_TBL, ['areaId' => $this->getId(), 'userId' => $user->getId()])) {
$conn->executeQuery('UPDATE `' . CoreTables::USER_TBL . '` SET `areaNum` = (`areaNum` - 1) WHERE `id` = :id', [':id' => $user->getId()]);
$conn->executeQuery('UPDATE `' . CoreTables::AREA_TBL . '` SET `memberNum` = (SELECT COUNT(`userId`) FROM `' . CoreTables::AREA_MEMBER_TBL . '` WHERE `areaId` = :id) WHERE `id` = :id2', [':id' => $this->getId(), ':id2' => $this->getId()]);
return true;
}
return false;
}
public static function fetchLinkedProfile(Connection $conn, MembershipRoleResolver $roleResolver, IdentifiableInterface $item, Join $join, QueryElement $element)
{
$qb = QueryBuilder::select()->field('u.*')->field('p.*')->field('m.role AS `membership_role`')->field('m.note AS `membership_note`')->field('l.`id`', 'language_id')->field('l.`name`', 'language_name')->field('l.`locale`', 'language_locale')->from(CoreTables::USER_TBL, 'u')->join(CoreTables::USER_PROFILE_TBL, 'p', QueryClause::clause('p.`userId` = u.`id`'))->join(CoreTables::LANGUAGE_TBL, 'l', QueryClause::clause('l.`id` = p.`settingsLanguageId`'))->join($join)->where(QueryOperator::op('AND')->expr(QueryClause::clause('u.`active` = 1 AND u.`removed` = 0'))->expr($element));
$data = $qb->fetchAssoc($conn);
if (false === $data) {
return false;
}
$user = User::fromArray($data);
$membership = new Membership($item, $roleResolver->getRole(get_class($item), $data['membership_role']), $data['membership_note']);
User::installMembershipInformation($user, $membership);
return $user;
}
private function createResultForUserAndArea(User $user, Area $area, $result, $questionNum, $passedQuestions)
{
self::$conn->insert(CourseTables::COURSE_RESULT_TBL, ['userId' => $user->getId(), 'courseId' => $this->course->getId(), 'trialNumber' => '1', 'result' => $result, 'startedAt' => time() - 100, 'completedAt' => time() - 50, 'totalQuestions' => $questionNum, 'passedQuestions' => $passedQuestions]);
self::$conn->insert(CourseTables::COURSE_AREA_RESULT_TBL, ['areaId' => $area->getId(), 'userId' => $user->getId(), 'courseId' => $this->course->getId()]);
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('location', TextType::class, ['label' => 'Location', 'required' => false])->add('telephone', TextType::class, ['label' => 'Telephone', 'required' => false])->add('publicMail', TextType::class, ['label' => 'Public e-mail', 'required' => false])->add('notes', TextType::class, ['label' => 'Notes', 'required' => false])->add('privShowTelephone', ChoiceType::class, ['label' => 'Who can see my phone number?', 'choices' => User::getPrivacySettings()])->add('privShowPublicMail', ChoiceType::class, ['label' => 'Who can see my public e-mail?', 'choices' => User::getPrivacySettings()])->add('privShowNotes', ChoiceType::class, ['label' => 'Who can see my notes?', 'choices' => User::getPrivacySettings()])->add('save', SubmitType::class, ['label' => 'Save']);
}
public function clearMembership(User $user)
{
$this->conn->executeUpdate('UPDATE `' . CoreTables::AREA_TBL . '` a INNER JOIN `' . CoreTables::AREA_MEMBER_TBL . '` m ON m.`areaId` = a.`id` ' . 'SET a.`memberNum` = (a.`memberNum` - 1) WHERE m.`userId` = :userId', [':userId' => $user->getId()]);
$this->conn->executeQuery('DELETE FROM `' . CoreTables::AREA_MEMBER_TBL . '` WHERE `userId` = :userId', [':userId' => $user->getId()]);
return 'areaNum';
}
private function insertResult(Course $course, Area $area, User $user, $result)
{
self::$conn->insert(CourseTables::COURSE_RESULT_TBL, array('userId' => $user->getId(), 'courseId' => $course->getId(), 'trialNumber' => 1, 'startedAt' => time(), 'completedAt' => time(), 'result' => $result, 'totalQuestions' => 0, 'passedQuestions' => 0));
self::$conn->insert(CourseTables::COURSE_AREA_RESULT_TBL, ['areaId' => $area->getId(), 'userId' => $user->getId(), 'courseId' => $course->getId()]);
}
public function onControllerSelected(FilterControllerEvent $event)
{
if (null !== $this->workspace) {
return;
}
$ctrl = $event->getController();
if (is_array($ctrl)) {
$ctrl = $ctrl[0];
}
if ($ctrl instanceof WorkspaceAwareInterface) {
$this->workspaceController = $ctrl;
$this->workspace = $ctrl->createWorkspace();
$membershipLoader = $this->workspace->getMembershipLoader();
$membership = null;
if (null !== $membershipLoader) {
try {
$user = $this->tokenStorage->getToken()->getUser();
$membership = $membershipLoader->findMembership($event->getRequest()->get('slug'), $user);
if (!$membership instanceof Membership) {
throw new LogicException('The membership loader did not return \'Membership\' instance.');
}
$project = $membershipLoader->findProjectForEntity($membership->getItem());
$user->addRole($membership->getRole()->getAuthRole());
User::installMembershipInformation($user, $membership);
$this->projectSettings->setProject($project);
$this->tokenStorage->setToken(new MembershipToken($this->tokenStorage->getToken(), $membership, $project));
} catch (ItemNotFoundException $exception) {
throw new AccessDeniedHttpException($exception->getMessage(), $exception);
}
} else {
$oldToken = $this->tokenStorage->getToken();
$this->tokenStorage->setToken(new UsernamePasswordToken($oldToken->getUser(), $oldToken->getCredentials(), $oldToken->getProviderKey(), $oldToken->getUser()->getRoles()));
User::installMembershipInformation($this->tokenStorage->getToken()->getUser(), $membership = new Membership());
}
$this->workspace->onWorkspaceLoaded($membership);
}
}
public function join(Connection $conn, User $user)
{
$this->user = $user;
$conn->update(CoreTables::INVITATION_TBL, ['userId' => $user->getId()], ['id' => $this->id]);
}
