2013-05-10 17:25:51 +02:00
|
|
|
<?php
|
2013-05-16 03:16:56 +02:00
|
|
|
/**
|
2014-05-12 18:26:17 +02:00
|
|
|
* PHPCI - Continuous Integration for PHP
|
|
|
|
*
|
|
|
|
* @copyright Copyright 2014, Block 8 Limited.
|
|
|
|
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
|
|
|
|
* @link https://www.phptesting.org/
|
|
|
|
*/
|
2013-05-10 17:25:51 +02:00
|
|
|
|
2016-07-19 20:28:11 +02:00
|
|
|
namespace PHPCensor\Controller;
|
2013-05-16 16:25:39 +02:00
|
|
|
|
|
|
|
use b8;
|
2014-05-09 13:19:48 +02:00
|
|
|
use b8\Exception\HttpException\NotFoundException;
|
2013-05-16 16:25:39 +02:00
|
|
|
use b8\Form;
|
2016-07-19 20:28:11 +02:00
|
|
|
use PHPCensor\Controller;
|
|
|
|
use PHPCensor\Helper\Lang;
|
|
|
|
use PHPCensor\Service\UserService;
|
2013-05-10 17:25:51 +02:00
|
|
|
|
2013-05-16 03:30:48 +02:00
|
|
|
/**
|
|
|
|
* User Controller - Allows an administrator to view, add, edit and delete users.
|
|
|
|
* @author Dan Cryer <dan@block8.co.uk>
|
|
|
|
* @package PHPCI
|
|
|
|
* @subpackage Web
|
|
|
|
*/
|
2013-10-10 02:01:06 +02:00
|
|
|
class UserController extends Controller
|
2013-05-10 17:25:51 +02:00
|
|
|
{
|
2013-10-08 19:24:20 +02:00
|
|
|
/**
|
2016-07-21 19:20:59 +02:00
|
|
|
* @var \PHPCensor\Store\UserStore
|
2013-10-08 19:24:20 +02:00
|
|
|
*/
|
|
|
|
protected $userStore;
|
|
|
|
|
2014-07-23 16:50:34 +02:00
|
|
|
/**
|
2016-07-21 19:20:59 +02:00
|
|
|
* @var \PHPCensor\Service\UserService
|
2014-07-23 16:50:34 +02:00
|
|
|
*/
|
|
|
|
protected $userService;
|
|
|
|
|
2014-12-08 12:25:33 +01:00
|
|
|
/**
|
|
|
|
* Initialise the controller, set up stores and services.
|
|
|
|
*/
|
2013-05-16 16:25:39 +02:00
|
|
|
public function init()
|
|
|
|
{
|
2014-05-08 19:59:08 +02:00
|
|
|
$this->userStore = b8\Store\Factory::getStore('User');
|
2014-07-23 16:50:34 +02:00
|
|
|
$this->userService = new UserService($this->userStore);
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
|
2013-05-16 18:17:29 +02:00
|
|
|
/**
|
|
|
|
* View user list.
|
|
|
|
*/
|
2013-05-16 16:25:39 +02:00
|
|
|
public function index()
|
|
|
|
{
|
2016-04-20 17:39:48 +02:00
|
|
|
$users = $this->userStore->getWhere([], 1000, 0, [], ['email' => 'ASC']);
|
|
|
|
$this->view->users = $users;
|
2014-12-04 15:30:43 +01:00
|
|
|
$this->layout->title = Lang::get('manage_users');
|
2014-04-24 17:25:24 +02:00
|
|
|
|
2013-05-22 17:36:55 +02:00
|
|
|
return $this->view->render();
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
|
2014-12-08 12:25:33 +01:00
|
|
|
/**
|
|
|
|
* Allows the user to edit their profile.
|
|
|
|
* @return string
|
|
|
|
*/
|
2014-05-08 19:59:08 +02:00
|
|
|
public function profile()
|
|
|
|
{
|
2016-07-21 19:02:11 +02:00
|
|
|
$user = $_SESSION['php-censor-user'];
|
2014-05-08 19:59:08 +02:00
|
|
|
|
|
|
|
if ($this->request->getMethod() == 'POST') {
|
2014-07-23 16:50:34 +02:00
|
|
|
$name = $this->getParam('name', null);
|
|
|
|
$email = $this->getParam('email', null);
|
|
|
|
$password = $this->getParam('password', null);
|
2014-05-08 19:59:08 +02:00
|
|
|
|
2014-12-11 17:26:09 +01:00
|
|
|
$currentLang = Lang::getLanguage();
|
|
|
|
$chosenLang = $this->getParam('language', $currentLang);
|
|
|
|
|
|
|
|
if ($chosenLang !== $currentLang) {
|
2016-07-21 19:02:11 +02:00
|
|
|
setcookie('php-censor-language', $chosenLang, time() + (10 * 365 * 24 * 60 * 60), '/');
|
2014-12-11 17:26:09 +01:00
|
|
|
Lang::setLanguage($chosenLang);
|
|
|
|
}
|
|
|
|
|
2016-07-21 19:02:11 +02:00
|
|
|
$_SESSION['php-censor-user'] = $this->userService->updateUser($user, $name, $email, $password);
|
|
|
|
$user = $_SESSION['php-censor-user'];
|
2014-12-02 17:26:55 +01:00
|
|
|
|
|
|
|
$this->view->updated = 1;
|
2014-05-08 19:59:08 +02:00
|
|
|
}
|
|
|
|
|
2014-12-11 17:26:09 +01:00
|
|
|
$this->layout->title = $user->getName();
|
|
|
|
$this->layout->subtitle = Lang::get('edit_profile');
|
|
|
|
|
2014-12-01 17:03:35 +01:00
|
|
|
$values = $user->getDataArray();
|
|
|
|
|
2016-07-21 19:02:11 +02:00
|
|
|
if (array_key_exists('php-censor-language', $_COOKIE)) {
|
|
|
|
$values['language'] = $_COOKIE['php-censor-language'];
|
2014-12-11 17:26:09 +01:00
|
|
|
}
|
|
|
|
|
2014-05-08 19:59:08 +02:00
|
|
|
$form = new Form();
|
2016-07-21 17:20:34 +02:00
|
|
|
$form->setAction(APP_URL.'user/profile');
|
2014-05-08 19:59:08 +02:00
|
|
|
$form->setMethod('POST');
|
|
|
|
|
|
|
|
$name = new Form\Element\Text('name');
|
|
|
|
$name->setClass('form-control');
|
|
|
|
$name->setContainerClass('form-group');
|
2014-12-04 15:30:43 +01:00
|
|
|
$name->setLabel(Lang::get('name'));
|
2014-05-08 19:59:08 +02:00
|
|
|
$name->setRequired(true);
|
|
|
|
$form->addField($name);
|
|
|
|
|
|
|
|
$email = new Form\Element\Email('email');
|
|
|
|
$email->setClass('form-control');
|
|
|
|
$email->setContainerClass('form-group');
|
2014-12-04 15:30:43 +01:00
|
|
|
$email->setLabel(Lang::get('email_address'));
|
2014-05-08 19:59:08 +02:00
|
|
|
$email->setRequired(true);
|
|
|
|
$form->addField($email);
|
|
|
|
|
|
|
|
$password = new Form\Element\Password('password');
|
|
|
|
$password->setClass('form-control');
|
|
|
|
$password->setContainerClass('form-group');
|
2014-12-04 15:30:43 +01:00
|
|
|
$password->setLabel(Lang::get('password_change'));
|
2014-05-08 19:59:08 +02:00
|
|
|
$password->setRequired(false);
|
|
|
|
$form->addField($password);
|
|
|
|
|
2014-12-11 17:26:09 +01:00
|
|
|
$lang = new Form\Element\Select('language');
|
|
|
|
$lang->setClass('form-control');
|
|
|
|
$lang->setContainerClass('form-group');
|
|
|
|
$lang->setLabel(Lang::get('language'));
|
|
|
|
$lang->setRequired(true);
|
|
|
|
$lang->setOptions(Lang::getLanguageOptions());
|
2015-02-27 10:56:05 +01:00
|
|
|
$lang->setValue(Lang::getLanguage());
|
2014-12-11 17:26:09 +01:00
|
|
|
$form->addField($lang);
|
|
|
|
|
2014-05-08 19:59:08 +02:00
|
|
|
$submit = new Form\Element\Submit();
|
|
|
|
$submit->setClass('btn btn-success');
|
2014-12-04 15:30:43 +01:00
|
|
|
$submit->setValue(Lang::get('save'));
|
2014-05-08 19:59:08 +02:00
|
|
|
$form->addField($submit);
|
|
|
|
|
|
|
|
$form->setValues($values);
|
|
|
|
|
|
|
|
$this->view->form = $form;
|
|
|
|
|
|
|
|
return $this->view->render();
|
|
|
|
}
|
|
|
|
|
2013-05-16 18:17:29 +02:00
|
|
|
/**
|
|
|
|
* Add a user - handles both form and processing.
|
|
|
|
*/
|
2013-05-16 16:25:39 +02:00
|
|
|
public function add()
|
|
|
|
{
|
2014-12-02 17:26:55 +01:00
|
|
|
$this->requireAdmin();
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2014-12-04 15:30:43 +01:00
|
|
|
$this->layout->title = Lang::get('add_user');
|
2014-04-24 17:25:24 +02:00
|
|
|
|
2013-05-22 17:36:55 +02:00
|
|
|
$method = $this->request->getMethod();
|
2013-05-16 16:25:39 +02:00
|
|
|
|
|
|
|
if ($method == 'POST') {
|
|
|
|
$values = $this->getParams();
|
|
|
|
} else {
|
2016-04-20 17:39:48 +02:00
|
|
|
$values = [];
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
$form = $this->userForm($values);
|
|
|
|
|
|
|
|
if ($method != 'POST' || ($method == 'POST' && !$form->validate())) {
|
2016-04-20 17:39:48 +02:00
|
|
|
$view = new b8\View('UserForm');
|
|
|
|
$view->type = 'add';
|
|
|
|
$view->user = null;
|
|
|
|
$view->form = $form;
|
2013-05-16 16:25:39 +02:00
|
|
|
|
|
|
|
return $view->render();
|
|
|
|
}
|
|
|
|
|
|
|
|
|
2014-07-23 16:50:34 +02:00
|
|
|
$name = $this->getParam('name', null);
|
|
|
|
$email = $this->getParam('email', null);
|
|
|
|
$password = $this->getParam('password', null);
|
|
|
|
$isAdmin = (int)$this->getParam('is_admin', 0);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2014-07-23 16:50:34 +02:00
|
|
|
$this->userService->createUser($name, $email, $password, $isAdmin);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2015-02-12 13:37:56 +01:00
|
|
|
$response = new b8\Http\Response\RedirectResponse();
|
2016-07-21 17:20:34 +02:00
|
|
|
$response->setHeader('Location', APP_URL . 'user');
|
2015-02-12 13:37:56 +01:00
|
|
|
return $response;
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
|
2013-05-16 18:17:29 +02:00
|
|
|
/**
|
|
|
|
* Edit a user - handles both form and processing.
|
|
|
|
*/
|
2013-05-16 17:46:30 +02:00
|
|
|
public function edit($userId)
|
2013-05-16 16:25:39 +02:00
|
|
|
{
|
2014-12-02 17:26:55 +01:00
|
|
|
$this->requireAdmin();
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2014-05-09 16:51:13 +02:00
|
|
|
$method = $this->request->getMethod();
|
|
|
|
$user = $this->userStore->getById($userId);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2014-05-09 13:19:48 +02:00
|
|
|
if (empty($user)) {
|
2014-12-04 15:30:43 +01:00
|
|
|
throw new NotFoundException(Lang::get('user_n_not_found', $userId));
|
2014-05-09 13:19:48 +02:00
|
|
|
}
|
2014-04-24 17:25:24 +02:00
|
|
|
|
2014-12-02 17:26:55 +01:00
|
|
|
$this->layout->title = $user->getName();
|
2014-12-04 15:30:43 +01:00
|
|
|
$this->layout->subtitle = Lang::get('edit_user');
|
2014-12-02 17:26:55 +01:00
|
|
|
|
2014-05-09 16:51:13 +02:00
|
|
|
$values = array_merge($user->getDataArray(), $this->getParams());
|
|
|
|
$form = $this->userForm($values, 'edit/' . $userId);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
|
|
|
if ($method != 'POST' || ($method == 'POST' && !$form->validate())) {
|
2014-05-09 16:51:13 +02:00
|
|
|
$view = new b8\View('UserForm');
|
|
|
|
$view->type = 'edit';
|
|
|
|
$view->user = $user;
|
|
|
|
$view->form = $form;
|
2013-05-16 16:25:39 +02:00
|
|
|
|
|
|
|
return $view->render();
|
|
|
|
}
|
|
|
|
|
2014-07-23 16:50:34 +02:00
|
|
|
$name = $this->getParam('name', null);
|
|
|
|
$email = $this->getParam('email', null);
|
|
|
|
$password = $this->getParam('password', null);
|
|
|
|
$isAdmin = (int)$this->getParam('is_admin', 0);
|
2014-05-09 16:56:34 +02:00
|
|
|
|
2014-07-23 16:50:34 +02:00
|
|
|
$this->userService->updateUser($user, $name, $email, $password, $isAdmin);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2015-02-12 13:37:56 +01:00
|
|
|
$response = new b8\Http\Response\RedirectResponse();
|
2016-07-21 17:20:34 +02:00
|
|
|
$response->setHeader('Location', APP_URL . 'user');
|
2015-02-12 13:37:56 +01:00
|
|
|
return $response;
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
|
2013-05-16 18:17:29 +02:00
|
|
|
/**
|
|
|
|
* Create user add / edit form.
|
|
|
|
*/
|
2013-05-16 16:25:39 +02:00
|
|
|
protected function userForm($values, $type = 'add')
|
|
|
|
{
|
|
|
|
$form = new Form();
|
|
|
|
$form->setMethod('POST');
|
2016-07-21 17:20:34 +02:00
|
|
|
$form->setAction(APP_URL.'user/' . $type);
|
2013-05-16 16:25:39 +02:00
|
|
|
$form->addField(new Form\Element\Csrf('csrf'));
|
|
|
|
|
|
|
|
$field = new Form\Element\Email('email');
|
|
|
|
$field->setRequired(true);
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setLabel(Lang::get('email_address'));
|
2013-07-31 22:04:34 +02:00
|
|
|
$field->setClass('form-control');
|
|
|
|
$field->setContainerClass('form-group');
|
2013-05-16 16:25:39 +02:00
|
|
|
$form->addField($field);
|
|
|
|
|
|
|
|
$field = new Form\Element\Text('name');
|
|
|
|
$field->setRequired(true);
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setLabel(Lang::get('name'));
|
2013-07-31 22:04:34 +02:00
|
|
|
$field->setClass('form-control');
|
|
|
|
$field->setContainerClass('form-group');
|
2013-05-16 16:25:39 +02:00
|
|
|
$form->addField($field);
|
|
|
|
|
|
|
|
$field = new Form\Element\Password('password');
|
2014-05-09 16:56:34 +02:00
|
|
|
|
|
|
|
if ($type == 'add') {
|
|
|
|
$field->setRequired(true);
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setLabel(Lang::get('password'));
|
2014-05-09 16:56:34 +02:00
|
|
|
} else {
|
|
|
|
$field->setRequired(false);
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setLabel(Lang::get('password_change'));
|
2014-05-09 16:56:34 +02:00
|
|
|
}
|
|
|
|
|
2013-07-31 22:04:34 +02:00
|
|
|
$field->setClass('form-control');
|
|
|
|
$field->setContainerClass('form-group');
|
2013-05-16 16:25:39 +02:00
|
|
|
$form->addField($field);
|
|
|
|
|
2014-05-09 16:51:13 +02:00
|
|
|
$field = new Form\Element\Checkbox('is_admin');
|
2013-05-16 16:25:39 +02:00
|
|
|
$field->setRequired(false);
|
|
|
|
$field->setCheckedValue(1);
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setLabel(Lang::get('is_user_admin'));
|
2013-07-31 22:04:34 +02:00
|
|
|
$field->setContainerClass('form-group');
|
2013-05-16 16:25:39 +02:00
|
|
|
$form->addField($field);
|
|
|
|
|
|
|
|
$field = new Form\Element\Submit();
|
2014-12-04 15:30:43 +01:00
|
|
|
$field->setValue(Lang::get('save_user'));
|
2013-05-16 16:25:39 +02:00
|
|
|
$field->setClass('btn-success');
|
|
|
|
$form->addField($field);
|
|
|
|
|
|
|
|
$form->setValues($values);
|
|
|
|
return $form;
|
|
|
|
}
|
|
|
|
|
2013-05-16 18:17:29 +02:00
|
|
|
/**
|
|
|
|
* Delete a user.
|
|
|
|
*/
|
2013-05-16 17:46:30 +02:00
|
|
|
public function delete($userId)
|
2013-05-16 16:25:39 +02:00
|
|
|
{
|
2014-12-02 17:26:55 +01:00
|
|
|
$this->requireAdmin();
|
|
|
|
|
2013-10-08 19:24:20 +02:00
|
|
|
$user = $this->userStore->getById($userId);
|
2014-05-09 13:19:48 +02:00
|
|
|
|
|
|
|
if (empty($user)) {
|
2014-12-04 15:30:43 +01:00
|
|
|
throw new NotFoundException(Lang::get('user_n_not_found', $userId));
|
2014-05-09 13:19:48 +02:00
|
|
|
}
|
|
|
|
|
2014-07-31 13:10:34 +02:00
|
|
|
$this->userService->deleteUser($user);
|
2013-05-16 16:25:39 +02:00
|
|
|
|
2015-02-12 13:37:56 +01:00
|
|
|
$response = new b8\Http\Response\RedirectResponse();
|
2016-07-21 17:20:34 +02:00
|
|
|
$response->setHeader('Location', APP_URL . 'user');
|
2015-02-12 13:37:56 +01:00
|
|
|
return $response;
|
2013-05-16 16:25:39 +02:00
|
|
|
}
|
|
|
|
}
|