342 lines
14 KiB
PHP
342 lines
14 KiB
PHP
<?php
|
|
/* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/*
|
|
# ***** BEGIN LICENSE BLOCK *****
|
|
# This file is part of InDefero, an open source project management application.
|
|
# Copyright (C) 2008 Céondo Ltd and contributors.
|
|
#
|
|
# InDefero is free software; you can redistribute it and/or modify
|
|
# it under the terms of the GNU General Public License as published by
|
|
# the Free Software Foundation; either version 2 of the License, or
|
|
# (at your option) any later version.
|
|
#
|
|
# InDefero is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
# GNU General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
|
|
#
|
|
# ***** END LICENSE BLOCK ***** */
|
|
|
|
Pluf::loadFunction('Pluf_HTTP_URL_urlForView');
|
|
Pluf::loadFunction('Pluf_Shortcuts_RenderToResponse');
|
|
Pluf::loadFunction('Pluf_Shortcuts_GetObjectOr404');
|
|
Pluf::loadFunction('Pluf_Shortcuts_GetFormForModel');
|
|
|
|
/**
|
|
* Base views of InDefero.
|
|
*/
|
|
class IDF_Views
|
|
{
|
|
/**
|
|
* List all the projects managed by InDefero.
|
|
*
|
|
* Only the public projects are listed or the private with correct
|
|
* rights.
|
|
*/
|
|
public function index($request, $match)
|
|
{
|
|
$projects = self::getProjects($request->user);
|
|
return Pluf_Shortcuts_RenderToResponse('idf/index.html',
|
|
array('page_title' => __('Projects'),
|
|
'projects' => $projects),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* Login view.
|
|
*/
|
|
public function login($request, $match)
|
|
{
|
|
if (isset($request->POST['action'])
|
|
and $request->POST['action'] == 'new-user') {
|
|
$login = (isset($request->POST['login'])) ? $request->POST['login'] : '';
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::register', array(),
|
|
array('login' => $login));
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
$v = new Pluf_Views();
|
|
$request->POST['login'] = (isset($request->POST['login'])) ? mb_strtolower($request->POST['login']) : '';
|
|
return $v->login($request, $match, Pluf::f('login_success_url'),
|
|
array(), 'idf/login_form.html');
|
|
}
|
|
|
|
/**
|
|
* Logout view.
|
|
*/
|
|
function logout($request, $match)
|
|
{
|
|
$views = new Pluf_Views();
|
|
return $views->logout($request, $match, Pluf::f('after_logout_page'));
|
|
}
|
|
|
|
/**
|
|
* Registration.
|
|
*
|
|
* We just ask for login, email and to agree with the terms. Then,
|
|
* we go ahead and send a confirmation email. The confirmation
|
|
* email will allow to set the password, first name and last name
|
|
* of the user.
|
|
*/
|
|
function register($request, $match)
|
|
{
|
|
$title = __('Create Your Account');
|
|
$params = array('request'=>$request);
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_Register($request->POST, $params);
|
|
if ($form->isValid()) {
|
|
$user = $form->save(); // It is sending the confirmation email
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::registerInputKey');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
if (isset($request->GET['login'])) {
|
|
$params['initial'] = array('login' => $request->GET['login']);
|
|
}
|
|
$form = new IDF_Form_Register(null, $params);
|
|
}
|
|
$context = new Pluf_Template_Context(array());
|
|
$tmpl = new Pluf_Template('idf/terms.html');
|
|
$terms = Pluf_Template::markSafe($tmpl->render($context));
|
|
return Pluf_Shortcuts_RenderToResponse('idf/register/index.html',
|
|
array('page_title' => $title,
|
|
'form' => $form,
|
|
'terms' => $terms),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* Input the registration confirmation key.
|
|
*
|
|
* Very simple view just to redirect to the register confirmation
|
|
* views to input the password.
|
|
*/
|
|
function registerInputKey($request, $match)
|
|
{
|
|
$title = __('Confirm Your Account Creation');
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_RegisterInputKey($request->POST);
|
|
if ($form->isValid()) {
|
|
$url = $form->save();
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
$form = new IDF_Form_RegisterInputKey();
|
|
}
|
|
return Pluf_Shortcuts_RenderToResponse('idf/register/inputkey.html',
|
|
array('page_title' => $title,
|
|
'form' => $form),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* Registration confirmation.
|
|
*
|
|
* Input first/last name, password and sign in the user.
|
|
*
|
|
* Maybe in the future send the user to its personal page for
|
|
* customization.
|
|
*/
|
|
function registerConfirmation($request, $match)
|
|
{
|
|
$title = __('Confirm Your Account Creation');
|
|
$key = $match[1];
|
|
// first "check", full check is done in the form.
|
|
$email_id = IDF_Form_RegisterInputKey::checkKeyHash($key);
|
|
if (false == $email_id) {
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::registerInputKey');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
$user = new Pluf_User($email_id[1]);
|
|
$extra = array('key' => $key,
|
|
'user' => $user);
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_RegisterConfirmation($request->POST, $extra);
|
|
if ($form->isValid()) {
|
|
$user = $form->save();
|
|
$request->user = $user;
|
|
$request->session->clear();
|
|
$request->session->setData('login_time', gmdate('Y-m-d H:i:s'));
|
|
$user->last_login = gmdate('Y-m-d H:i:s');
|
|
$user->update();
|
|
$request->user->setMessage(__('Welcome! You can now participate in the life of your project of choice.'));
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::index');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
$form = new IDF_Form_RegisterConfirmation(null, $extra);
|
|
}
|
|
return Pluf_Shortcuts_RenderToResponse('idf/register/confirmation.html',
|
|
array('page_title' => $title,
|
|
'new_user' => $user,
|
|
'form' => $form),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* Password recovery.
|
|
*
|
|
* Request the login or the email of the user and if the login or
|
|
* email is available in the database, send an email with a key to
|
|
* reset the password.
|
|
*
|
|
*/
|
|
function passwordRecoveryAsk($request, $match)
|
|
{
|
|
$title = __('Password Recovery');
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_Password($request->POST);
|
|
if ($form->isValid()) {
|
|
$form->save();
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputCode');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
$form = new IDF_Form_Password();
|
|
}
|
|
return Pluf_Shortcuts_RenderToResponse('idf/user/passrecovery-ask.html',
|
|
array('page_title' => $title,
|
|
'form' => $form),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* If the key is valid, provide a nice form to reset the password
|
|
* and automatically login the user.
|
|
*
|
|
* This is also firing the password change event for the plugins.
|
|
*/
|
|
public function passwordRecovery($request, $match)
|
|
{
|
|
$title = __('Password Recovery');
|
|
$key = $match[1];
|
|
// first "check", full check is done in the form.
|
|
$email_id = IDF_Form_PasswordInputKey::checkKeyHash($key);
|
|
if (false == $email_id) {
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::passwordRecoveryInputKey');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
$user = new Pluf_User($email_id[1]);
|
|
$extra = array('key' => $key,
|
|
'user' => $user);
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_PasswordReset($request->POST, $extra);
|
|
if ($form->isValid()) {
|
|
$user = $form->save();
|
|
$request->user = $user;
|
|
$request->session->clear();
|
|
$request->session->setData('login_time', gmdate('Y-m-d H:i:s'));
|
|
$user->last_login = gmdate('Y-m-d H:i:s');
|
|
$user->update();
|
|
$request->user->setMessage(__('Welcome back! Next time, you can use your broswer options to remember the password.'));
|
|
$url = Pluf_HTTP_URL_urlForView('IDF_Views::index');
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
$form = new IDF_Form_PasswordReset(null, $extra);
|
|
}
|
|
return Pluf_Shortcuts_RenderToResponse('idf/user/passrecovery.html',
|
|
array('page_title' => $title,
|
|
'new_user' => $user,
|
|
'form' => $form),
|
|
$request);
|
|
|
|
}
|
|
|
|
/**
|
|
* Just a simple input box to provide the code and redirect to
|
|
* passwordRecovery
|
|
*/
|
|
public function passwordRecoveryInputCode($request, $match)
|
|
{
|
|
$title = __('Password Recovery');
|
|
if ($request->method == 'POST') {
|
|
$form = new IDF_Form_PasswordInputKey($request->POST);
|
|
if ($form->isValid()) {
|
|
$url = $form->save();
|
|
return new Pluf_HTTP_Response_Redirect($url);
|
|
}
|
|
} else {
|
|
$form = new IDF_Form_PasswordInputKey();
|
|
}
|
|
return Pluf_Shortcuts_RenderToResponse('idf/user/passrecovery-inputkey.html',
|
|
array('page_title' => $title,
|
|
'form' => $form),
|
|
$request);
|
|
}
|
|
|
|
/**
|
|
* FAQ.
|
|
*/
|
|
public function faq($request, $match)
|
|
{
|
|
$title = __('Here to Help You!');
|
|
$projects = self::getProjects($request->user);
|
|
return Pluf_Shortcuts_RenderToResponse('idf/faq.html',
|
|
array(
|
|
'page_title' => $title,
|
|
'projects' => $projects,
|
|
),
|
|
$request);
|
|
|
|
}
|
|
|
|
/**
|
|
* API FAQ.
|
|
*/
|
|
public function faqApi($request, $match)
|
|
{
|
|
$title = __('InDefero API (Application Programming Interface)');
|
|
$projects = self::getProjects($request->user);
|
|
return Pluf_Shortcuts_RenderToResponse('idf/faq-api.html',
|
|
array(
|
|
'page_title' => $title,
|
|
'projects' => $projects,
|
|
),
|
|
$request);
|
|
|
|
}
|
|
|
|
/**
|
|
* Returns a list of projects accessible for the user.
|
|
*
|
|
* @param Pluf_User
|
|
* @return ArrayObject IDF_Project
|
|
*/
|
|
public static function getProjects($user)
|
|
{
|
|
$db =& Pluf::db();
|
|
$false = Pluf_DB_BooleanToDb(false, $db);
|
|
if ($user->isAnonymous()) {
|
|
$sql = sprintf('%s=%s', $db->qn('private'), $false);
|
|
return Pluf::factory('IDF_Project')->getList(array('filter'=> $sql,
|
|
'order' => 'shortname ASC'));
|
|
}
|
|
if ($user->administrator) {
|
|
return Pluf::factory('IDF_Project')->getList(array('order' => 'shortname ASC'));
|
|
}
|
|
// grab the list of projects where the user is admin, member
|
|
// or authorized
|
|
$perms = array(
|
|
Pluf_Permission::getFromString('IDF.project-member'),
|
|
Pluf_Permission::getFromString('IDF.project-owner'),
|
|
Pluf_Permission::getFromString('IDF.project-authorized-user')
|
|
);
|
|
$sql = new Pluf_SQL("model_class='IDF_Project' AND owner_class='Pluf_User' AND owner_id=%s AND negative=".$false, $user->id);
|
|
$rows = Pluf::factory('Pluf_RowPermission')->getList(array('filter' => $sql->gen()));
|
|
|
|
$sql = sprintf('%s=%s', $db->qn('private'), $false);
|
|
if ($rows->count() > 0) {
|
|
$ids = array();
|
|
foreach ($rows as $row) {
|
|
$ids[] = $row->model_id;
|
|
}
|
|
$sql .= sprintf(' OR id IN (%s)', implode(', ', $ids));
|
|
}
|
|
return Pluf::factory('IDF_Project')->getList(array('filter' => $sql,
|
|
'order' => 'shortname ASC'));
|
|
}
|
|
} |