phpci/PHPCI/Controller/UserController.php

266 lines
7.3 KiB
PHP

<?php
/**
* PHPCI - Continuous Integration for PHP
*
* @copyright Copyright 2014, Block 8 Limited.
* @license https://github.com/Block8/PHPCI/blob/master/LICENSE.md
* @link https://www.phptesting.org/
*/
namespace PHPCI\Controller;
use b8;
use b8\Exception\HttpException\ForbiddenException;
use b8\Exception\HttpException\NotFoundException;
use b8\Form;
use PHPCI\Controller;
use PHPCI\Model\User;
use PHPCI\Service\UserService;
/**
* User Controller - Allows an administrator to view, add, edit and delete users.
* @author Dan Cryer <dan@block8.co.uk>
* @package PHPCI
* @subpackage Web
*/
class UserController extends Controller
{
/**
* @var \PHPCI\Store\UserStore
*/
protected $userStore;
/**
* @var \PHPCI\Service\UserService
*/
protected $userService;
public function init()
{
$this->userStore = b8\Store\Factory::getStore('User');
$this->userService = new UserService($this->userStore);
}
/**
* View user list.
*/
public function index()
{
$users = $this->userStore->getWhere(array(), 1000, 0, array(), array('email' => 'ASC'));
$this->view->users = $users;
$this->layout->title = 'Users';
return $this->view->render();
}
public function profile()
{
$user = $_SESSION['phpci_user'];
$this->layout->title = 'Edit Profile';
if ($this->request->getMethod() == 'POST') {
$name = $this->getParam('name', null);
$email = $this->getParam('email', null);
$password = $this->getParam('password', null);
$_SESSION['phpci_user'] = $this->userService->updateUser($user, $name, $email, $password);
$user = $_SESSION['phpci_user'];
$this->view->updated = 1;
}
$values = $user->getDataArray();
$form = new Form();
$form->setAction(PHPCI_URL.'user/profile');
$form->setMethod('POST');
$name = new Form\Element\Text('name');
$name->setClass('form-control');
$name->setContainerClass('form-group');
$name->setLabel('Name');
$name->setRequired(true);
$form->addField($name);
$email = new Form\Element\Email('email');
$email->setClass('form-control');
$email->setContainerClass('form-group');
$email->setLabel('Email Address');
$email->setRequired(true);
$form->addField($email);
$password = new Form\Element\Password('password');
$password->setClass('form-control');
$password->setContainerClass('form-group');
$password->setLabel('Password (leave blank if you don\'t want to change it)');
$password->setRequired(false);
$form->addField($password);
$submit = new Form\Element\Submit();
$submit->setClass('btn btn-success');
$submit->setValue('Save &raquo;');
$form->addField($submit);
$form->setValues($values);
$this->view->form = $form;
return $this->view->render();
}
/**
* Add a user - handles both form and processing.
*/
public function add()
{
$this->requireAdmin();
$this->layout->title = 'Add User';
$method = $this->request->getMethod();
if ($method == 'POST') {
$values = $this->getParams();
} else {
$values = array();
}
$form = $this->userForm($values);
if ($method != 'POST' || ($method == 'POST' && !$form->validate())) {
$view = new b8\View('UserForm');
$view->type = 'add';
$view->user = null;
$view->form = $form;
return $view->render();
}
$name = $this->getParam('name', null);
$email = $this->getParam('email', null);
$password = $this->getParam('password', null);
$isAdmin = (int)$this->getParam('is_admin', 0);
$this->userService->createUser($name, $email, $password, $isAdmin);
header('Location: '.PHPCI_URL.'user');
die;
}
/**
* Edit a user - handles both form and processing.
*/
public function edit($userId)
{
$this->requireAdmin();
$method = $this->request->getMethod();
$user = $this->userStore->getById($userId);
if (empty($user)) {
throw new NotFoundException('User with ID: ' . $userId . ' does not exist.');
}
$this->layout->title = $user->getName();
$this->layout->subtitle = 'Edit User';
$values = array_merge($user->getDataArray(), $this->getParams());
$form = $this->userForm($values, 'edit/' . $userId);
if ($method != 'POST' || ($method == 'POST' && !$form->validate())) {
$view = new b8\View('UserForm');
$view->type = 'edit';
$view->user = $user;
$view->form = $form;
return $view->render();
}
$name = $this->getParam('name', null);
$email = $this->getParam('email', null);
$password = $this->getParam('password', null);
$isAdmin = (int)$this->getParam('is_admin', 0);
$this->userService->updateUser($user, $name, $email, $password, $isAdmin);
header('Location: '.PHPCI_URL.'user');
die;
}
/**
* Create user add / edit form.
*/
protected function userForm($values, $type = 'add')
{
$form = new Form();
$form->setMethod('POST');
$form->setAction(PHPCI_URL.'user/' . $type);
$form->addField(new Form\Element\Csrf('csrf'));
$field = new Form\Element\Email('email');
$field->setRequired(true);
$field->setLabel('Email Address');
$field->setClass('form-control');
$field->setContainerClass('form-group');
$form->addField($field);
$field = new Form\Element\Text('name');
$field->setRequired(true);
$field->setLabel('Name');
$field->setClass('form-control');
$field->setContainerClass('form-group');
$form->addField($field);
$field = new Form\Element\Password('password');
if ($type == 'add') {
$field->setRequired(true);
$field->setLabel('Password');
} else {
$field->setRequired(false);
$field->setLabel('Password (leave blank to keep current password)');
}
$field->setClass('form-control');
$field->setContainerClass('form-group');
$form->addField($field);
$field = new Form\Element\Checkbox('is_admin');
$field->setRequired(false);
$field->setCheckedValue(1);
$field->setLabel('Is this user an administrator?');
$field->setContainerClass('form-group');
$form->addField($field);
$field = new Form\Element\Submit();
$field->setValue('Save User');
$field->setClass('btn-success');
$form->addField($field);
$form->setValues($values);
return $form;
}
/**
* Delete a user.
*/
public function delete($userId)
{
$this->requireAdmin();
$user = $this->userStore->getById($userId);
if (empty($user)) {
throw new NotFoundException('User with ID: ' . $userId . ' does not exist.');
}
$this->userService->deleteUser($user);
header('Location: '.PHPCI_URL.'user');
die;
}
}