diff --git a/lib/Alchemy/Phrasea/Application.php b/lib/Alchemy/Phrasea/Application.php
index 7d60fdfc57..42194f6474 100644
--- a/lib/Alchemy/Phrasea/Application.php
+++ b/lib/Alchemy/Phrasea/Application.php
@@ -74,6 +74,7 @@ use Alchemy\Phrasea\Controller\User\Notifications;
use Alchemy\Phrasea\Controller\User\Preferences;
use Alchemy\Phrasea\Core\Event\Subscriber\Logout;
use Alchemy\Phrasea\Core\Event\Subscriber\PhraseaLocaleSubscriber;
+use Alchemy\Phrasea\Core\Provider\AuthenticationManagerServiceProvider;
use Alchemy\Phrasea\Core\Provider\BrowserServiceProvider;
use Alchemy\Phrasea\Core\Provider\BorderManagerServiceProvider;
use Alchemy\Phrasea\Core\Provider\CacheServiceProvider;
@@ -101,6 +102,7 @@ use Monolog\Handler\NullHandler;
use MP4Box\MP4BoxServiceProvider;
use Neutron\Silex\Provider\BadFaithServiceProvider;
use Neutron\Silex\Provider\FilesystemServiceProvider;
+use Neutron\ReCaptcha\ReCaptchaServiceProvider;
use PHPExiftool\PHPExiftoolServiceProvider;
use Silex\Application as SilexApplication;
use Silex\Provider\MonologServiceProvider;
@@ -188,6 +190,7 @@ class Application extends SilexApplication
ini_set('display_errors', 'off');
}
+ $this->register(new AuthenticationManagerServiceProvider());
$this->register(new BadFaithServiceProvider());
$this->register(new BorderManagerServiceProvider());
$this->register(new BrowserServiceProvider());
@@ -227,6 +230,19 @@ class Application extends SilexApplication
$this->register(new PhraseanetServiceProvider());
$this->register(new PhraseaVersionServiceProvider());
$this->register(new PHPExiftoolServiceProvider());
+ $this->register(new ReCaptchaServiceProvider());
+
+ $this['recaptcha.public-key'] = $this->share(function (Application $app) {
+ if($app['phraseanet.registry']->get('GV_captchas')) {
+ return $app['phraseanet.registry']->get('GV_captcha_public_key');
+ }
+ });
+ $this['recaptcha.private-key'] = $this->share(function (Application $app) {
+ if($app['phraseanet.registry']->get('GV_captchas')) {
+ return $app['phraseanet.registry']->get('GV_captcha_private_key');
+ }
+ });
+
$this->register(new SearchEngineServiceProvider());
$this->register(new SessionServiceProvider(), array(
'session.test' => $this->getEnvironment() == 'test'
@@ -332,8 +348,6 @@ class Application extends SilexApplication
}
});
- $this->reinitUser();
-
$this['date-formatter'] = $this->share(function(Application $app) {
return new \phraseadate($app);
});
@@ -524,16 +538,6 @@ class Application extends SilexApplication
return $this['session']->getFlashBag()->get($type, $default);
}
- /**
- * Tell if current a session is open
- *
- * @return boolean
- */
- public function isAuthenticated()
- {
- return $this['session']->has('usr_id');
- }
-
/**
* Returns an an array of available collection for offline queries
*
@@ -544,38 +548,6 @@ class Application extends SilexApplication
return array();
}
- /**
- * Open user session
- *
- * @param \Session_Authentication_Interface $auth
- * @param integer $ses_id use previous phrasea session id
- * @throws \Exception_InternalServerError
- */
- public function openAccount(\Session_Authentication_Interface $auth, $ses_id = null)
- {
- $user = $auth->get_user();
-
- $this['session']->clear();
- $this['session']->set('usr_id', $user->get_id());
-
- $session = new \Entities\Session();
- $session->setBrowserName($this['browser']->getBrowser())
- ->setBrowserVersion($this['browser']->getVersion())
- ->setPlatform($this['browser']->getPlatform())
- ->setUserAgent($this['browser']->getUserAgent())
- ->setUsrId($user->get_id());
-
- $this['EM']->persist($session);
- $this['EM']->flush();
-
- $this['session']->set('session_id', $session->getId());
-
- foreach ($user->ACL()->get_granted_sbas() as $databox) {
- \cache_databox::insertClient($this, $databox);
- }
- $this->reinitUser();
- }
-
public function bindRoutes()
{
$this->get('/', function(Application $app) {
@@ -674,28 +646,6 @@ class Application extends SilexApplication
$this->mount('/xmlhttp', new ThesaurusXMLHttp());
}
- private function reinitUser()
- {
- $this['phraseanet.user'] = $this->share(function(Application $app) {
- if ($app->isAuthenticated()) {
- return \User_Adapter::getInstance($app['session']->get('usr_id'), $app);
- }
-
- return null;
- });
- }
-
- /**
- * Closes user session
- */
- public function closeAccount()
- {
- $this['session']->clear();
- $this->reinitUser();
-
- return $this;
- }
-
/**
* Return available language for phraseanet
*
diff --git a/lib/Alchemy/Phrasea/Application/Lightbox.php b/lib/Alchemy/Phrasea/Application/Lightbox.php
index 56daaac611..0fbacc780d 100644
--- a/lib/Alchemy/Phrasea/Application/Lightbox.php
+++ b/lib/Alchemy/Phrasea/Application/Lightbox.php
@@ -33,13 +33,12 @@ class Lightbox implements ControllerProviderInterface
$app['authentication']->closeAccount();
}
- try {
- $auth = new \Session_Authentication_Token($app, $request->query->get('LOG'));
- $app['authentication']->openAccount($auth);
- } catch (Exception $e) {
+ if (false === $usr_id = $app['authentication.token-validator']->isValid($request->query->get('LOG'))) {
return $app->redirect("/login/?error=" . urlencode($e->getMessage()));
}
+ $app['authentication']->openAccount(\User_Adapter::getInstance($usr_id, $app));
+
try {
$datas = $app['tokens']->helloToken($request->query->get('LOG'));
} catch (\Exception_NotFound $e) {
@@ -468,7 +467,7 @@ class Lightbox implements ControllerProviderInterface
$agreed = false;
/* @var $basket \Entities\Basket */
foreach ($basket->getElements() as $element) {
- if (null !== $element->getUserValidationDatas($app['phraseanet.user'], $app)->getAgreement()) {
+ if (null !== $element->getUserValidationDatas($app['authentication']->getUser(), $app)->getAgreement()) {
$agreed = true;
}
}
diff --git a/lib/Alchemy/Phrasea/Application/Root.php b/lib/Alchemy/Phrasea/Application/Root.php
index 961340b8ce..68bad612cf 100644
--- a/lib/Alchemy/Phrasea/Application/Root.php
+++ b/lib/Alchemy/Phrasea/Application/Root.php
@@ -33,11 +33,8 @@ return call_user_func(function($environment = null) {
$app->before(function(Request $request) use ($app) {
if ($request->cookies->has('persistent') && !$app['authentication']->isAuthenticated()) {
- try {
- $auth = new \Session_Authentication_PersistentCookie($app, $request->cookies->get('persistent'));
- $app['authentication']->openAccount($auth, $auth->getSessionId());
- } catch (\Exception $e) {
-
+ if (false !== $session = $app['authentication.persistent-manager']->getSession($request->cookies->get('persistent'))) {
+ $app['authentication']->refreshAccount($session);
}
}
});
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Collection.php b/lib/Alchemy/Phrasea/Controller/Admin/Collection.php
index 9aa14487fc..1e1fc3dcde 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Collection.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Collection.php
@@ -387,7 +387,7 @@ class Collection implements ControllerProviderInterface
$admins = array();
- if ($app['phraseanet.user']->ACL()->has_right_on_base($bas_id, 'manage')) {
+ if ($app['authentication']->getUser()->ACL()->has_right_on_base($bas_id, 'manage')) {
$query = new \User_Query($app);
$admins = $query->on_base_ids(array($bas_id))
->who_have_right(array('order_master'))
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Dashboard.php b/lib/Alchemy/Phrasea/Controller/Admin/Dashboard.php
index 18b7e633af..64409fec4f 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Dashboard.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Dashboard.php
@@ -217,8 +217,8 @@ class Dashboard implements ControllerProviderInterface
{
if (count($admins = $request->request->get('admins', array())) > 0) {
- if (!in_array($app['phraseanet.user']->get_id(), $admins)) {
- $admins[] = $app['phraseanet.user']->get_id();
+ if (!in_array($app['authentication']->getUser()->get_id(), $admins)) {
+ $admins[] = $app['authentication']->getUser()->get_id();
}
if ($admins > 0) {
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Databox.php b/lib/Alchemy/Phrasea/Controller/Admin/Databox.php
index b8c4a00d99..9c37ab1d9b 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Databox.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Databox.php
@@ -580,7 +580,7 @@ class Databox implements ControllerProviderInterface
{
$app['phraseanet.appbox']->get_connection()->beginTransaction();
try {
- $baseId = \collection::mount_collection($app, $app['phraseanet.appbox']->get_databox($databox_id), $collection_id, $app['phraseanet.user']);
+ $baseId = \collection::mount_collection($app, $app['phraseanet.appbox']->get_databox($databox_id), $collection_id, $app['authentication']->getUser());
if (null == $othCollSel = $request->request->get("othcollsel")) {
$app->abort(400);
@@ -939,7 +939,7 @@ class Databox implements ControllerProviderInterface
try {
$databox = $app['phraseanet.appbox']->get_databox($databox_id);
- $collection = \collection::create($app, $databox, $app['phraseanet.appbox'], $name, $app['phraseanet.user']);
+ $collection = \collection::create($app, $databox, $app['phraseanet.appbox'], $name, $app['authentication']->getUser());
if (($request->request->get('ccusrothercoll') === "on")
&& ($othcollsel = $request->request->get('othcollsel') !== null)) {
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php b/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php
index 35f4f549d0..fd57f71a28 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Databoxes.php
@@ -121,8 +121,8 @@ class Databoxes implements ControllerProviderInterface
$createBase = $mountBase = false;
$sbasIds = array_merge(
- array_keys($app['phraseanet.user']->ACL()->get_granted_sbas(array('bas_manage')))
- , array_keys($app['phraseanet.user']->ACL()->get_granted_sbas(array('bas_modify_struct')))
+ array_keys($app['authentication']->getUser()->ACL()->get_granted_sbas(array('bas_manage')))
+ , array_keys($app['authentication']->getUser()->ACL()->get_granted_sbas(array('bas_modify_struct')))
);
$sbas = array();
@@ -228,8 +228,8 @@ class Databoxes implements ControllerProviderInterface
try {
$base = \databox::create($app, $connbas, $dataTemplate, $app['phraseanet.registry']);
- $base->registerAdmin($app['phraseanet.user']);
- $app['phraseanet.user']->ACL()->delete_data_from_cache();
+ $base->registerAdmin($app['authentication']->getUser());
+ $app['authentication']->getUser()->ACL()->delete_data_from_cache();
return $app->redirect('/admin/databox/' . $base->get_sbas_id() . '/?success=1&reload-tree=1');
} catch (\Exception $e) {
@@ -250,7 +250,7 @@ class Databoxes implements ControllerProviderInterface
$connbas = new \connection_pdo('databox_creation', $hostname, $port, $userDb, $passwordDb, $dbName, array(), $app['debug']);
try {
$base = \databox::create($app, $connbas, $data_template, $app['phraseanet.registry']);
- $base->registerAdmin($app['phraseanet.user']);
+ $base->registerAdmin($app['authentication']->getUser());
return $app->redirect('/admin/databox/' . $base->get_sbas_id() . '/?success=1&reload-tree=1');
} catch (\Exception $e) {
@@ -291,7 +291,7 @@ class Databoxes implements ControllerProviderInterface
$app['phraseanet.appbox']->get_connection()->beginTransaction();
$base = \databox::mount($app, $hostname, $port, $user, $password, $dbName, $app['phraseanet.registry']);
- $base->registerAdmin($app['phraseanet.user']);
+ $base->registerAdmin($app['authentication']->getUser());
$app['phraseanet.appbox']->get_connection()->commit();
return $app->redirect('/admin/databox/' . $base->get_sbas_id() . '/?success=1&reload-tree=1');
@@ -312,7 +312,7 @@ class Databoxes implements ControllerProviderInterface
try {
$app['phraseanet.appbox']->get_connection()->beginTransaction();
$base = \databox::mount($app, $hostname, $port, $userDb, $passwordDb, $dbName, $app['phraseanet.registry']);
- $base->registerAdmin($app['phraseanet.user']);
+ $base->registerAdmin($app['authentication']->getUser());
$app['phraseanet.appbox']->get_connection()->commit();
return $app->redirect('/admin/databox/' . $base->get_sbas_id() . '/?success=1&reload-tree=1');
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php
index 890c4c386a..0df6fc6207 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Publications.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Publications.php
@@ -36,7 +36,7 @@ class Publications implements ControllerProviderInterface
$controllers->get('/list/', function(PhraseaApplication $app) {
$feeds = \Feed_Collection::load_all(
- $app, $app['phraseanet.user']
+ $app, $app['authentication']->getUser()
);
return $app['twig']
@@ -46,7 +46,7 @@ class Publications implements ControllerProviderInterface
$controllers->post('/create/', function(PhraseaApplication $app, Request $request) {
$feed = \Feed_Adapter::create(
- $app, $app['phraseanet.user'], $request->request->get('title'), $request->request->get('subtitle')
+ $app, $app['authentication']->getUser(), $request->request->get('title'), $request->request->get('subtitle')
);
if ($request->request->get('public') == '1') {
@@ -84,7 +84,7 @@ class Publications implements ControllerProviderInterface
})->before(function(Request $request) use ($app) {
$feed = new \Feed_Adapter($app, $request->attributes->get('id'));
- if (!$feed->is_owner($app['phraseanet.user'])) {
+ if (!$feed->is_owner($app['authentication']->getUser())) {
return $app->redirect('/admin/publications/feed/' . $request->attributes->get('id') . '/?error=' . _('You are not the owner of this feed, you can not edit it'));
}
})->assert('id', '\d+');
@@ -99,7 +99,7 @@ class Publications implements ControllerProviderInterface
$request = $app["request"];
- if (!$feed->is_owner($app['phraseanet.user'])) {
+ if (!$feed->is_owner($app['authentication']->getUser())) {
$datas['message'] = 'You are not allowed to do that';
return $app->json($datas);
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Root.php b/lib/Alchemy/Phrasea/Controller/Admin/Root.php
index 529ae9ddaf..4563c201f3 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Root.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Root.php
@@ -68,7 +68,7 @@ class Root implements ControllerProviderInterface
$databoxes = $off_databoxes = array();
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
try {
- if (!$app['phraseanet.user']->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
continue;
}
$databox->get_connection();
@@ -137,7 +137,7 @@ class Root implements ControllerProviderInterface
$databoxes = $off_databoxes = array();
foreach ($app['phraseanet.appbox']->get_databoxes() as $databox) {
try {
- if (!$app['phraseanet.user']->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_sbas($databox->get_sbas_id())) {
continue;
}
@@ -194,7 +194,7 @@ class Root implements ControllerProviderInterface
});
$controllers->get('/structure/{databox_id}/', function(Application $app, Request $request, $databox_id) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -221,7 +221,7 @@ class Root implements ControllerProviderInterface
->bind('database_display_stucture');
$controllers->post('/structure/{databox_id}/', function(Application $app, Request $request, $databox_id) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -247,7 +247,7 @@ class Root implements ControllerProviderInterface
->bind('database_submit_stucture');
$controllers->get('/statusbit/{databox_id}/', function(Application $app, Request $request, $databox_id) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -258,7 +258,7 @@ class Root implements ControllerProviderInterface
->bind('database_display_statusbit');
$controllers->get('/statusbit/{databox_id}/status/{bit}/', function(Application $app, Request $request, $databox_id, $bit) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -297,7 +297,7 @@ class Root implements ControllerProviderInterface
$app->abort(400, _('Bad request format, only JSON is allowed'));
}
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
@@ -313,7 +313,7 @@ class Root implements ControllerProviderInterface
})->assert('databox_id', '\d+')->assert('bit', '\d+');
$controllers->post('/statusbit/{databox_id}/status/{bit}/', function(Application $app, Request $request, $databox_id, $bit) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($databox_id, 'bas_modify_struct')) {
$app->abort(403);
}
diff --git a/lib/Alchemy/Phrasea/Controller/Admin/Users.php b/lib/Alchemy/Phrasea/Controller/Admin/Users.php
index 3612365273..7c41ebb5b3 100644
--- a/lib/Alchemy/Phrasea/Controller/Admin/Users.php
+++ b/lib/Alchemy/Phrasea/Controller/Admin/Users.php
@@ -209,7 +209,7 @@ class Users implements ControllerProviderInterface
$on_base = $request->query->get('on_base') ? : array();
$elligible_users = $user_query
- ->on_sbas_where_i_am($app['phraseanet.user']->ACL(), $rights)
+ ->on_sbas_where_i_am($app['authentication']->getUser()->ACL(), $rights)
->like(\User_Query::LIKE_EMAIL, $like_value)
->like(\User_Query::LIKE_FIRSTNAME, $like_value)
->like(\User_Query::LIKE_LASTNAME, $like_value)
@@ -267,7 +267,7 @@ class Users implements ControllerProviderInterface
$on_base = $request->request->get('base_id') ? : null;
$on_sbas = $request->request->get('sbas_id') ? : null;
- $elligible_users = $user_query->on_bases_where_i_am($app['phraseanet.user']->ACL(), array('canadmin'))
+ $elligible_users = $user_query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canadmin'))
->like($like_field, $like_value)
->on_base_ids($on_base)
->on_sbas_ids($on_sbas);
@@ -341,12 +341,12 @@ class Users implements ControllerProviderInterface
$stmt->execute(array(':date' => date('Y-m-d', $lastMonth)));
$stmt->closeCursor();
- $baslist = array_keys($app['phraseanet.user']->ACL()->get_granted_base(array('canadmin')));
+ $baslist = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin')));
$sql = 'SELECT usr_id, usr_login FROM usr WHERE model_of = :usr_id';
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
- $stmt->execute(array(':usr_id' => $app['phraseanet.user']->get_id()));
+ $stmt->execute(array(':usr_id' => $app['authentication']->getUser()->get_id()));
$models = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt->closeCursor();
@@ -681,12 +681,12 @@ class Users implements ControllerProviderInterface
INNER JOIN basusr
ON (basusr.usr_id=usr.usr_id)
WHERE usr.model_of = :usr_id
- AND base_id in(" . implode(', ', array_keys($app['phraseanet.user']->ACL()->get_granted_base(array('manage')))) . ")
+ AND base_id in(" . implode(', ', array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('manage')))) . ")
AND usr_login not like '(#deleted_%)'
GROUP BY usr_id";
$stmt = $app['phraseanet.appbox']->get_connection()->prepare($sql);
- $stmt->execute(array(':usr_id' => $app['phraseanet.user']->get_id()));
+ $stmt->execute(array(':usr_id' => $app['authentication']->getUser()->get_id()));
$models = $stmt->fetchAll(\PDO::FETCH_ASSOC);
$stmt->closeCursor();
@@ -814,7 +814,7 @@ class Users implements ControllerProviderInterface
}
$NewUser->ACL()->apply_model(
- \User_Adapter::getInstance($model, $app), array_keys($app['phraseanet.user']->ACL()->get_granted_base(array('manage')))
+ \User_Adapter::getInstance($model, $app), array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('manage')))
);
$nbCreation++;
diff --git a/lib/Alchemy/Phrasea/Controller/Client/Baskets.php b/lib/Alchemy/Phrasea/Controller/Client/Baskets.php
index b7e99eeaa9..aab2efdf1d 100644
--- a/lib/Alchemy/Phrasea/Controller/Client/Baskets.php
+++ b/lib/Alchemy/Phrasea/Controller/Client/Baskets.php
@@ -140,7 +140,7 @@ class Baskets implements ControllerProviderInterface
{
try {
$repository = $app['EM']->getRepository('\Entities\BasketElement');
- $basketElement = $repository->findUserElement($request->request->get('p0'), $app['phraseanet.user']);
+ $basketElement = $repository->findUserElement($request->request->get('p0'), $app['authentication']->getUser());
$app['EM']->remove($basketElement);
$app['EM']->flush();
} catch (\Exception $e) {
@@ -164,7 +164,7 @@ class Baskets implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\Basket');
/* @var $repository \Repositories\BasketRepository */
- $basket = $repository->findUserBasket($app, $request->request->get('courChuId'), $app['phraseanet.user'], true);
+ $basket = $repository->findUserBasket($app, $request->request->get('courChuId'), $app['authentication']->getUser(), true);
$app['EM']->remove($basket);
$app['EM']->flush();
@@ -190,7 +190,7 @@ class Baskets implements ControllerProviderInterface
try {
$basket = new Basket();
$basket->setName($request->request->get('p0'));
- $basket->setOwner($app['phraseanet.user']);
+ $basket->setOwner($app['authentication']->getUser());
$app['EM']->persist($basket);
$app['EM']->flush();
@@ -215,7 +215,7 @@ class Baskets implements ControllerProviderInterface
{
$repository = $app['EM']->getRepository('\Entities\Basket');
/* @var $repository \Repositories\BasketRepository */
- $basket = $repository->findUserBasket($app, $request->request->get('courChuId'), $app['phraseanet.user'], true);
+ $basket = $repository->findUserBasket($app, $request->request->get('courChuId'), $app['authentication']->getUser(), true);
if ($basket) {
try {
@@ -249,7 +249,7 @@ class Baskets implements ControllerProviderInterface
public function getBaskets(Application $app, Request $request)
{
$selectedBasketId = trim($request->get('courChuId', ''));
- $baskets = new ArrayCollection($app['EM']->getRepository('\Entities\Basket')->findActiveByUser($app['phraseanet.user']));
+ $baskets = new ArrayCollection($app['EM']->getRepository('\Entities\Basket')->findActiveByUser($app['authentication']->getUser()));
$selectedBasket = null;
if ('' === $selectedBasketId && $baskets->count() > 0) {
@@ -257,7 +257,7 @@ class Baskets implements ControllerProviderInterface
}
if ('' !== $selectedBasketId) {
- $selectedBasket = $app['EM']->getRepository('\Entities\Basket')->findUserBasket($app, $selectedBasketId, $app['phraseanet.user'], true);
+ $selectedBasket = $app['EM']->getRepository('\Entities\Basket')->findUserBasket($app, $selectedBasketId, $app['authentication']->getUser(), true);
}
$basketCollections = $baskets->partition(function($key, $basket) {
@@ -286,7 +286,7 @@ class Baskets implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\Basket');
/* @var $repository \Repositories\BasketRepository */
- $baskets = $repository->findActiveByUser($app['phraseanet.user']);
+ $baskets = $repository->findActiveByUser($app['authentication']->getUser());
foreach ($baskets as $basket) {
if (!$basket->getIsRead()) {
diff --git a/lib/Alchemy/Phrasea/Controller/Client/Root.php b/lib/Alchemy/Phrasea/Controller/Client/Root.php
index fa534eb312..010c157eaf 100644
--- a/lib/Alchemy/Phrasea/Controller/Client/Root.php
+++ b/lib/Alchemy/Phrasea/Controller/Client/Root.php
@@ -27,7 +27,12 @@ class Root implements ControllerProviderInterface
{
$controllers = $app['controllers_factory'];
- $controllers->before(function() use ($app) {
+ $controllers->before(function(Request $request) use ($app) {
+ if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) {
+ return $app->redirect(
+ $app->path('login_authenticate_as_guest', array('redirect' => '/prod/'))
+ );
+ }
$app['firewall']->requireAuthentication();
});
@@ -186,9 +191,9 @@ class Root implements ControllerProviderInterface
$isImage = true;
}
- $canDownload = $app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'candwnldpreview') ||
- $app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'candwnldhd') ||
- $app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'cancmd');
+ $canDownload = $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'candwnldpreview') ||
+ $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'candwnldhd') ||
+ $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'cancmd');
try {
$previewExists = $record->get_preview()->is_physically_present();
@@ -207,7 +212,7 @@ class Root implements ControllerProviderInterface
'is_image' => $isImage,
'is_document' => $isDocument,
'can_download' => $canDownload,
- 'can_add_to_basket' => $app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'canputinalbum')
+ 'can_add_to_basket' => $app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'canputinalbum')
);
}
@@ -218,7 +223,7 @@ class Root implements ControllerProviderInterface
'per_page' => $perPage,
'search_engine' => $app['phraseanet.SE'],
'search_engine_option' => $options->serialize(),
- 'history' => \queries::history($app['phraseanet.appbox'], $app['phraseanet.user']->get_id()),
+ 'history' => \queries::history($app['phraseanet.appbox'], $app['authentication']->getUser()->get_id()),
'result' => $result,
'proposals' => $currentPage === 1 ? $result->getProposals() : null,
'help' => count($resultData) === 0 ? $this->getHelpStartPage($app) : '',
@@ -300,7 +305,7 @@ class Root implements ControllerProviderInterface
}
return new Response($app['twig']->render('client/index.html.twig', array(
- 'last_action' => !$app['phraseanet.user']->is_guest() && false !== $request->cookies->has('last_act') ? $request->cookies->has('last_act') : null,
+ 'last_action' => !$app['authentication']->getUser()->is_guest() && false !== $request->cookies->has('last_act') ? $request->cookies->has('last_act') : null,
'phrasea_home' => $this->getDefaultClientStartPage($app),
'render_topics' => $renderTopics,
'grid_properties' => $this->getGridProperty(),
@@ -309,10 +314,10 @@ class Root implements ControllerProviderInterface
'tabs_setup' => $this->getTabSetup($app),
'menubar' => $app['twig']->render('common/menubar.html.twig', array('module' => 'client')),
'css_file' => $this->getCssFile($app),
- 'basket_status' => null !== $app['phraseanet.user']->getPrefs('client_basket_status') ? $app['phraseanet.user']->getPrefs('client_basket_status') : "1",
- 'mod_pres' => null !== $app['phraseanet.user']->getPrefs('client_view') ? $app['phraseanet.user']->getPrefs('client_view') : '',
- 'start_page' => $app['phraseanet.user']->getPrefs('start_page'),
- 'start_page_query' => null !== $app['phraseanet.user']->getPrefs('start_page_query') ? $app['phraseanet.user']->getPrefs('start_page_query') : ''
+ 'basket_status' => null !== $app['authentication']->getUser()->getPrefs('client_basket_status') ? $app['authentication']->getUser()->getPrefs('client_basket_status') : "1",
+ 'mod_pres' => null !== $app['authentication']->getUser()->getPrefs('client_view') ? $app['authentication']->getUser()->getPrefs('client_view') : '',
+ 'start_page' => $app['authentication']->getUser()->getPrefs('start_page'),
+ 'start_page_query' => null !== $app['authentication']->getUser()->getPrefs('start_page_query') ? $app['authentication']->getUser()->getPrefs('start_page_query') : ''
)));
}
@@ -344,13 +349,13 @@ class Root implements ControllerProviderInterface
{
$allDataboxes = $allCollections = array();
- foreach ($app['phraseanet.user']->ACL()->get_granted_sbas() as $databox) {
+ foreach ($app['authentication']->getUser()->ACL()->get_granted_sbas() as $databox) {
if (count($app['phraseanet.appbox']->get_databoxes()) > 0) {
$allDataboxes[$databox->get_sbas_id()] = array('databox' => $databox, 'collections' => array());
}
if (count($databox->get_collections()) > 0) {
- foreach ($app['phraseanet.user']->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
+ foreach ($app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) {
$allDataboxes[$databox->get_sbas_id()]['collections'][$coll->get_base_id()] = $coll;
$allCollections[$coll->get_base_id()] = $coll;
}
@@ -396,7 +401,7 @@ class Root implements ControllerProviderInterface
$cssPath = __DIR__ . '/../../../../../www/skins/client/';
$css = array();
- $cssFile = $app['phraseanet.user']->getPrefs('client_css');
+ $cssFile = $app['authentication']->getUser()->getPrefs('client_css');
$finder = new Finder();
@@ -464,7 +469,7 @@ class Root implements ControllerProviderInterface
*/
private function getDefaultClientStartPage(Application $app)
{
- $startPage = strtoupper($app['phraseanet.user']->getPrefs('start_page'));
+ $startPage = strtoupper($app['authentication']->getUser()->getPrefs('start_page'));
if ($startPage === 'PUBLI') {
return $this->getPublicationStartPage($app);
@@ -487,19 +492,19 @@ class Root implements ControllerProviderInterface
{
$collections = $queryParameters = array();
- $searchSet = json_decode($app['phraseanet.user']->getPrefs('search'));
+ $searchSet = json_decode($app['authentication']->getUser()->getPrefs('search'));
if ($searchSet && isset($searchSet->bases)) {
foreach ($searchSet->bases as $bases) {
$collections = array_merge($collections, $bases);
}
} else {
- $collections = array_keys($app['phraseanet.user']->ACL()->get_granted_base());
+ $collections = array_keys($app['authentication']->getUser()->ACL()->get_granted_base());
}
- $queryParameters["mod"] = $app['phraseanet.user']->getPrefs('client_view') ?: '3X6';
+ $queryParameters["mod"] = $app['authentication']->getUser()->getPrefs('client_view') ?: '3X6';
$queryParameters["bas"] = $collections;
- $queryParameters["qry"] = $app['phraseanet.user']->getPrefs('start_page_query') ?: 'all';
+ $queryParameters["qry"] = $app['authentication']->getUser()->getPrefs('start_page_query') ?: 'all';
$queryParameters["pag"] = 0;
$queryParameters["search_type"] = SearchEngineOptions::RECORD_RECORD;
$queryParameters["qryAdv"] = '';
@@ -524,8 +529,8 @@ class Root implements ControllerProviderInterface
private function getPublicationStartPage(Application $app)
{
return $app['twig']->render('client/home_inter_pub_basket.html.twig', array(
- 'feeds' => \Feed_Collection::load_all($app, $app['phraseanet.user']),
- 'image_size' => (int) $app['phraseanet.user']->getPrefs('images_size')
+ 'feeds' => \Feed_Collection::load_all($app, $app['authentication']->getUser()),
+ 'image_size' => (int) $app['authentication']->getUser()->getPrefs('images_size')
));
}
diff --git a/lib/Alchemy/Phrasea/Controller/Datafiles.php b/lib/Alchemy/Phrasea/Controller/Datafiles.php
index 066d0136c2..b965cce502 100644
--- a/lib/Alchemy/Phrasea/Controller/Datafiles.php
+++ b/lib/Alchemy/Phrasea/Controller/Datafiles.php
@@ -31,7 +31,7 @@ class Datafiles extends AbstractDelivery
$that = $this;
$controllers->before(function(Request $request) use ($app) {
- if (!$app->isAuthenticated()) {
+ if (!$app['authentication']->isAuthenticated()) {
$app->abort(403, 'You are not autorized to see this');
}
});
@@ -62,12 +62,12 @@ class Datafiles extends AbstractDelivery
throw new NotFoundHttpException;
}
- if (!$app['phraseanet.user']->ACL()->has_access_to_subdef($record, $subdef)) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_subdef($record, $subdef)) {
throw new \Exception_UnauthorizedAction(sprintf('User has not access to subdef %s', $subdef));
}
$stamp = false;
- $watermark = !$app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'nowatermark');
+ $watermark = !$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'nowatermark');
if ($watermark && !$all_access) {
$subdef_class = $databox
@@ -75,9 +75,9 @@ class Datafiles extends AbstractDelivery
->get_subdef($record->get_type(), $subdef)
->get_class();
- if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['phraseanet.user']->ACL()->has_preview_grant($record)) {
+ if ($subdef_class == \databox_subdef::CLASS_PREVIEW && $app['authentication']->getUser()->ACL()->has_preview_grant($record)) {
$watermark = false;
- } elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $app['phraseanet.user']->ACL()->has_hd_grant($record)) {
+ } elseif ($subdef_class == \databox_subdef::CLASS_DOCUMENT && $app['authentication']->getUser()->ACL()->has_hd_grant($record)) {
$watermark = false;
}
}
@@ -88,8 +88,8 @@ class Datafiles extends AbstractDelivery
/* @var $repository \Repositories\BasketElementRepository */
- $ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $app['phraseanet.user']);
- $ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $app['phraseanet.user']);
+ $ValidationByRecord = $repository->findReceivedValidationElementsByRecord($record, $app['authentication']->getUser());
+ $ReceptionByRecord = $repository->findReceivedElementsByRecord($record, $app['authentication']->getUser());
if ($ValidationByRecord && count($ValidationByRecord) > 0) {
$watermark = false;
diff --git a/lib/Alchemy/Phrasea/Controller/Permalink.php b/lib/Alchemy/Phrasea/Controller/Permalink.php
index 7e11456007..e37a0806ba 100644
--- a/lib/Alchemy/Phrasea/Controller/Permalink.php
+++ b/lib/Alchemy/Phrasea/Controller/Permalink.php
@@ -61,8 +61,8 @@ class Permalink extends AbstractDelivery
$watermark = $stamp = false;
- if ($app->isAuthenticated()) {
- $user = \User_Adapter::getInstance($app['phraseanet.user']->get_id(), $app);
+ if ($app['authentication']->isAuthenticated()) {
+ $user = \User_Adapter::getInstance($app['authentication']->getUser()->get_id(), $app);
$watermark = !$user->ACL()->has_right_on_base($record->get_base_id(), 'nowatermark');
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Basket.php b/lib/Alchemy/Phrasea/Controller/Prod/Basket.php
index 33882a0e91..160002b992 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Basket.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Basket.php
@@ -131,7 +131,7 @@ class Basket implements ControllerProviderInterface
public function displayBasket(Application $app, Request $request, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], false);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), false);
if ($basket->getIsRead() === false) {
$basket->setIsRead(true);
@@ -139,8 +139,8 @@ class Basket implements ControllerProviderInterface
}
if ($basket->getValidation()) {
- if ($basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->getIsAware() === false) {
- $basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->setIsAware(true);
+ if ($basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->getIsAware() === false) {
+ $basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->setIsAware(true);
$app['EM']->flush();
}
}
@@ -161,7 +161,7 @@ class Basket implements ControllerProviderInterface
$Basket = new BasketEntity();
$Basket->setName($request->request->get('name', ''));
- $Basket->setOwner($app['phraseanet.user']);
+ $Basket->setOwner($app['authentication']->getUser());
$Basket->setDescription($request->request->get('desc'));
$app['EM']->persist($Basket);
@@ -206,7 +206,7 @@ class Basket implements ControllerProviderInterface
public function deleteBasket(Application $app, Request $request, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$app['EM']->remove($basket);
$app['EM']->flush();
@@ -226,7 +226,7 @@ class Basket implements ControllerProviderInterface
public function removeBasketElement(Application $app, Request $request, $basket_id, $basket_element_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
foreach ($basket->getElements() as $basket_element) {
/* @var $basket_element \Entities\BasketElement */
@@ -255,7 +255,7 @@ class Basket implements ControllerProviderInterface
try {
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$basket->setName($request->request->get('name', ''));
$basket->setDescription($request->request->get('description'));
@@ -290,7 +290,7 @@ class Basket implements ControllerProviderInterface
{
$basket = $app['EM']
->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
return $app['twig']->render('prod/Baskets/Update.html.twig', array('basket' => $basket));
}
@@ -299,7 +299,7 @@ class Basket implements ControllerProviderInterface
{
$basket = $app['EM']
->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
return $app['twig']->render('prod/Baskets/Reorder.html.twig', array('basket' => $basket));
}
@@ -309,7 +309,7 @@ class Basket implements ControllerProviderInterface
$ret = array('success' => false, 'message' => _('An error occured'));
try {
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$order = $app['request']->request->get('element');
@@ -334,7 +334,7 @@ class Basket implements ControllerProviderInterface
public function archiveBasket(Application $app, Request $request, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$archive_status = !!$request->request->get('archive');
@@ -365,7 +365,7 @@ class Basket implements ControllerProviderInterface
public function addElements(Application $app, Request $request, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$n = 0;
@@ -416,14 +416,14 @@ class Basket implements ControllerProviderInterface
public function stealElements(Application $app, Request $request, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], true);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), true);
$n = 0;
foreach ($request->request->get('elements') as $bask_element_id) {
try {
$basket_element = $app['EM']->getRepository('\Entities\BasketElement')
- ->findUserElement($bask_element_id, $app['phraseanet.user']);
+ ->findUserElement($bask_element_id, $app['authentication']->getUser());
} catch (\Exception $e) {
continue;
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php b/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php
index a6b8a24fc7..23db120943 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Bridge.php
@@ -52,7 +52,7 @@ class Bridge implements ControllerProviderInterface
$route = new RecordHelper\Bridge($app, $app['request']);
$params = array(
- 'user_accounts' => \Bridge_Account::get_accounts_by_user($app, $app['phraseanet.user'])
+ 'user_accounts' => \Bridge_Account::get_accounts_by_user($app, $app['authentication']->getUser())
, 'available_apis' => \Bridge_Api::get_availables($app)
, 'route' => $route
, 'current_account_id' => ''
@@ -78,9 +78,9 @@ class Bridge implements ControllerProviderInterface
$user_id = $connector->get_user_id();
try {
- $account = \Bridge_Account::load_account_from_distant_id($app, $api, $app['phraseanet.user'], $user_id);
+ $account = \Bridge_Account::load_account_from_distant_id($app, $api, $app['authentication']->getUser(), $user_id);
} catch (\Bridge_Exception_AccountNotFound $e) {
- $account = \Bridge_Account::create($app, $api, $app['phraseanet.user'], $user_id, $connector->get_user_name());
+ $account = \Bridge_Account::create($app, $api, $app['authentication']->getUser(), $user_id, $connector->get_user_name());
}
$settings = $account->get_settings();
@@ -116,7 +116,7 @@ class Bridge implements ControllerProviderInterface
try {
$account = \Bridge_Account::load_account($app, $account_id);
- if ($account->get_user()->get_id() !== $app['phraseanet.user']->get_id()) {
+ if ($account->get_user()->get_id() !== $app['authentication']->getUser()->get_id()) {
throw new HttpException(403, 'Access forbiden');
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Download.php b/lib/Alchemy/Phrasea/Controller/Prod/Download.php
index 7dce3d6e42..71dc1a1ae4 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Download.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Download.php
@@ -69,7 +69,7 @@ class Download implements ControllerProviderInterface
}
$list = $download->prepare_export(
- $app['phraseanet.user'],
+ $app['authentication']->getUser(),
$app['filesystem'],
$subdefs,
$request->request->get('title') === 'title' ? true : false,
@@ -80,7 +80,7 @@ class Download implements ControllerProviderInterface
$token = $app['tokens']->getUrlToken(
\random::TYPE_DOWNLOAD,
- $app['phraseanet.user']->get_id(),
+ $app['authentication']->getUser()->get_id(),
new \DateTime('+3 hours'), // Token lifetime
serialize($list)
);
@@ -91,7 +91,7 @@ class Download implements ControllerProviderInterface
$app['events-manager']->trigger('__DOWNLOAD__', array(
'lst' => $lst,
- 'downloader' => $app['phraseanet.user']->get_id(),
+ 'downloader' => $app['authentication']->getUser()->get_id(),
'subdefs' => $subdefs,
'from_basket' => $ssttid,
'export_file' => $download->getExportName()
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Edit.php b/lib/Alchemy/Phrasea/Controller/Prod/Edit.php
index d091385fc8..1de7ee7a49 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Edit.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Edit.php
@@ -119,7 +119,7 @@ class Edit implements ControllerProviderInterface
/**
* generate javascript status
*/
- if ($app['phraseanet.user']->ACL()->has_right('changestatus')) {
+ if ($app['authentication']->getUser()->ACL()->has_right('changestatus')) {
$dbstatus = \databox_status::getDisplayStatus($app);
if (isset($dbstatus[$databox->get_sbas_id()])) {
foreach ($dbstatus[$databox->get_sbas_id()] as $n => $statbit) {
@@ -155,7 +155,7 @@ class Edit implements ControllerProviderInterface
);
$elements[$indice]['statbits'] = array();
- if ($app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), 'chgstatus')) {
+ if ($app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), 'chgstatus')) {
foreach ($status as $n => $s) {
$tmp_val = substr(strrev($record->get_status()), $n, 1);
$elements[$indice]['statbits'][$n]['value'] = ($tmp_val == '1') ? '1' : '0';
@@ -248,7 +248,7 @@ class Edit implements ControllerProviderInterface
$query = $request->query->get('query');
- $results = $VC->find($query, $app['phraseanet.user'], $databox);
+ $results = $VC->find($query, $app['authentication']->getUser(), $databox);
$list = array();
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Export.php b/lib/Alchemy/Phrasea/Controller/Prod/Export.php
index b2b3672eed..e599da3a8a 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Export.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Export.php
@@ -185,7 +185,7 @@ class Export implements ControllerProviderInterface
try {
$download->prepare_export(
- $app['phraseanet.user'],
+ $app['authentication']->getUser(),
$app['filesystem'],
$request->request->get('obj'),
false,
@@ -236,7 +236,7 @@ class Export implements ControllerProviderInterface
//prepare export
$download = new \set_export($app, $lst, $ssttid);
$list = $download->prepare_export(
- $app['phraseanet.user'],
+ $app['authentication']->getUser(),
$app['filesystem'],
(array) $request->request->get('obj'),
$request->request->get("type") == "title" ? : false,
@@ -256,7 +256,7 @@ class Export implements ControllerProviderInterface
$destMails[] = $mail;
} else {
$app['events-manager']->trigger('__EXPORT_MAIL_FAIL__', array(
- 'usr_id' => $app['phraseanet.user']->get_id(),
+ 'usr_id' => $app['authentication']->getUser()->get_id(),
'lst' => $lst,
'ssttid' => $ssttid,
'dest' => $mail,
@@ -282,7 +282,7 @@ class Export implements ControllerProviderInterface
$url = $app['phraseanet.registry']->get('GV_ServerName') . 'download/' . $token . '/prepare/?anonymous';
- $emitter = new Emitter($app['phraseanet.user']->get_display_name(), $app['phraseanet.user']->get_email());
+ $emitter = new Emitter($app['authentication']->getUser()->get_display_name(), $app['authentication']->getUser()->get_email());
foreach ($destMails as $key => $mail) {
try {
@@ -303,7 +303,7 @@ class Export implements ControllerProviderInterface
if (count($remaingEmails) > 0) {
foreach ($remaingEmails as $mail) {
$app['events-manager']->trigger('__EXPORT_MAIL_FAIL__', array(
- 'usr_id' => $app['phraseanet.user']->get_id(),
+ 'usr_id' => $app['authentication']->getUser()->get_id(),
'lst' => $lst,
'ssttid' => $ssttid,
'dest' => $mail,
@@ -314,7 +314,7 @@ class Export implements ControllerProviderInterface
} elseif (!$token && count($destMails) > 0) { //couldn't generate token
foreach ($destMails as $mail) {
$app['events-manager']->trigger('__EXPORT_MAIL_FAIL__', array(
- 'usr_id' => $app['phraseanet.user']->get_id(),
+ 'usr_id' => $app['authentication']->getUser()->get_id(),
'lst' => $lst,
'ssttid' => $ssttid,
'dest' => $mail,
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php
index f8f7c168b6..0ba93ab10e 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Feed.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Feed.php
@@ -37,7 +37,7 @@ class Feed implements ControllerProviderInterface
* I got a selection of docs, which publications are available forthese docs ?
*/
$controllers->post('/requestavailable/', function(Application $app, Request $request) {
- $feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$publishing = RecordsRequest::fromRequest($app, $request, true, array(), array('bas_chupub'));
return $app['twig']->render('prod/actions/publish/publish.html.twig', array('publishing' => $publishing, 'feeds' => $feeds));
@@ -49,7 +49,7 @@ class Feed implements ControllerProviderInterface
$controllers->post('/entry/create/', function(Application $app, Request $request) {
try {
$feed = new \Feed_Adapter($app, $request->request->get('feed_id'));
- $publisher = \Feed_Publisher_Adapter::getPublisher($app['phraseanet.appbox'], $feed, $app['phraseanet.user']);
+ $publisher = \Feed_Publisher_Adapter::getPublisher($app['phraseanet.appbox'], $feed, $app['authentication']->getUser());
$title = $request->request->get('title');
$subtitle = $request->request->get('subtitle');
@@ -76,11 +76,11 @@ class Feed implements ControllerProviderInterface
$controllers->get('/entry/{id}/edit/', function(Application $app, Request $request, $id) {
$entry = \Feed_Entry_Adapter::load_from_id($app, $id);
- if (!$entry->is_publisher($app['phraseanet.user'])) {
+ if (!$entry->is_publisher($app['authentication']->getUser())) {
throw new \Exception_UnauthorizedAction();
}
- $feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$datas = $app['twig']->render('prod/actions/publish/publish_edit.html.twig', array('entry' => $entry, 'feeds' => $feeds));
@@ -97,7 +97,7 @@ class Feed implements ControllerProviderInterface
$entry = \Feed_Entry_Adapter::load_from_id($app, $id);
- if (!$entry->is_publisher($app['phraseanet.user'])) {
+ if (!$entry->is_publisher($app['authentication']->getUser())) {
throw new \Exception_UnauthorizedAction();
}
@@ -115,12 +115,12 @@ class Feed implements ControllerProviderInterface
$new_feed_id = $request->request->get('feed_id', $current_feed_id);
if ($current_feed_id != $new_feed_id) {
try {
- $new_feed = \Feed_Adapter::load_with_user($app, $app['phraseanet.user'], $new_feed_id);
+ $new_feed = \Feed_Adapter::load_with_user($app, $app['authentication']->getUser(), $new_feed_id);
} catch (\Exception_NotFound $e) {
throw new \Exception_Forbidden('You have no access to this feed');
}
- if (!$new_feed->is_publisher($app['phraseanet.user'])) {
+ if (!$new_feed->is_publisher($app['authentication']->getUser())) {
throw new \Exception_Forbidden('You are not publisher of this feed');
}
@@ -170,8 +170,8 @@ class Feed implements ControllerProviderInterface
$entry = \Feed_Entry_Adapter::load_from_id($app, $id);
- if (!$entry->is_publisher($app['phraseanet.user'])
- && $entry->get_feed()->is_owner($app['phraseanet.user']) === false) {
+ if (!$entry->is_publisher($app['authentication']->getUser())
+ && $entry->get_feed()->is_owner($app['authentication']->getUser()) === false) {
throw new \Exception_UnauthorizedAction(_('Action Forbidden : You are not the publisher'));
}
@@ -197,7 +197,7 @@ class Feed implements ControllerProviderInterface
$page = (int) $request->query->get('page');
$page = $page > 0 ? $page : 1;
- $feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$datas = $app['twig']->render('prod/feeds/feeds.html.twig'
, array(
@@ -214,8 +214,8 @@ class Feed implements ControllerProviderInterface
$page = (int) $request->query->get('page');
$page = $page > 0 ? $page : 1;
- $feed = \Feed_Adapter::load_with_user($app, $app['phraseanet.user'], $id);
- $feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $feed = \Feed_Adapter::load_with_user($app, $app['authentication']->getUser(), $id);
+ $feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$datas = $app['twig']->render('prod/feeds/feeds.html.twig', array('feed' => $feed, 'feeds' => $feeds, 'page' => $page));
@@ -225,12 +225,12 @@ class Feed implements ControllerProviderInterface
$controllers->get('/subscribe/aggregated/', function(Application $app, Request $request) {
$renew = ($request->query->get('renew') === 'true');
- $feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$output = array(
'texte' => '' . _('publication::Voici votre fil RSS personnel. Il vous permettra d\'etre tenu au courrant des publications.')
. '
' . _('publications::Ne le partagez pas, il est strictement confidentiel') . '
- ',
+ ',
'titre' => _('publications::votre rss personnel')
);
@@ -239,12 +239,12 @@ class Feed implements ControllerProviderInterface
$controllers->get('/subscribe/{id}/', function(Application $app, Request $request, $id) {
$renew = ($request->query->get('renew') === 'true');
- $feed = \Feed_Adapter::load_with_user($app, $app['phraseanet.user'], $id);
+ $feed = \Feed_Adapter::load_with_user($app, $app['authentication']->getUser(), $id);
$output = array(
'texte' => '' . _('publication::Voici votre fil RSS personnel. Il vous permettra d\'etre tenu au courrant des publications.')
. '
' . _('publications::Ne le partagez pas, il est strictement confidentiel') . '
- ',
+ ',
'titre' => _('publications::votre rss personnel')
);
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php b/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php
index a4fe0dd12f..cd3772d6b3 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Lazaret.php
@@ -174,7 +174,7 @@ class Lazaret implements ControllerProviderInterface
*/
public function listElement(Application $app, Request $request)
{
- $baseIds = array_keys($app['phraseanet.user']->ACL()->get_granted_base(array('canaddrecord')));
+ $baseIds = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('canaddrecord')));
$lazaretFiles = null;
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php
index 6bf550e449..0025abe261 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/MoveCollection.php
@@ -48,7 +48,7 @@ class MoveCollection implements ControllerProviderInterface
return $databox->get_sbas_id();
}, $records->databoxes());
- $collections = $app['phraseanet.user']->ACL()
+ $collections = $app['authentication']->getUser()->ACL()
->get_granted_base(array('canaddrecord'), $sbas_ids);
$parameters = array(
@@ -76,7 +76,7 @@ class MoveCollection implements ControllerProviderInterface
return $app->json($datas);
}
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($request->request->get('base_id'), 'canaddrecord')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($request->request->get('base_id'), 'canaddrecord')) {
$datas['message'] = sprintf(_("You do not have the permission to move records to %s"), \phrasea::bas_names($move->getBaseIdDestination(), $app));
return $app->json($datas);
@@ -95,7 +95,7 @@ class MoveCollection implements ControllerProviderInterface
if ($request->request->get("chg_coll_son") == "1") {
foreach ($record->get_children() as $child) {
- if ($app['phraseanet.user']->ACL()->has_right_on_base($child->get_base_id(), 'candeleterecord')) {
+ if ($app['authentication']->getUser()->ACL()->has_right_on_base($child->get_base_id(), 'candeleterecord')) {
$child->move_to_collection($collection, $app['phraseanet.appbox']);
}
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Order.php b/lib/Alchemy/Phrasea/Controller/Prod/Order.php
index 01600a1f62..78bbe7072a 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Order.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Order.php
@@ -190,7 +190,7 @@ class Order implements ControllerProviderInterface
if (count($records) > 0) {
\set_order::create(
- $app, $records, $app['phraseanet.user'], $request->request->get('use', ''), ( (null !== $deadLine = $request->request->get('deadline')) ? new \DateTime($deadLine) : $deadLine)
+ $app, $records, $app['authentication']->getUser(), $request->request->get('use', ''), ( (null !== $deadLine = $request->request->get('deadline')) ? new \DateTime($deadLine) : $deadLine)
);
$success = true;
@@ -230,7 +230,7 @@ class Order implements ControllerProviderInterface
$perPage = (int) $request->query->get('per-page', 10);
$sort = $request->query->get('sort');
- $baseIds = array_keys($app['phraseanet.user']->ACL()->get_granted_base(array('order_master')));
+ $baseIds = array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array('order_master')));
$ordersList = \set_order::listOrders($app, $baseIds, $offsetStart, $perPage, $sort);
$total = \set_order::countTotalOrder($app['phraseanet.appbox'], $baseIds);
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Push.php b/lib/Alchemy/Phrasea/Controller/Prod/Push.php
index 42cec3e3ab..9e17e40de9 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Push.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Push.php
@@ -119,7 +119,7 @@ class Push implements ControllerProviderInterface
$params = array(
'push' => $push,
'message' => '',
- 'lists' => $repository->findUserLists($app['phraseanet.user']),
+ 'lists' => $repository->findUserLists($app['authentication']->getUser()),
'context' => 'Push',
'RecommendedUsers' => $RecommendedUsers
);
@@ -137,7 +137,7 @@ class Push implements ControllerProviderInterface
$params = array(
'push' => $push,
'message' => '',
- 'lists' => $repository->findUserLists($app['phraseanet.user']),
+ 'lists' => $repository->findUserLists($app['authentication']->getUser()),
'context' => 'Feedback',
'RecommendedUsers' => $RecommendedUsers
);
@@ -159,7 +159,7 @@ class Push implements ControllerProviderInterface
$push_name = $request->request->get('name');
if (trim($push_name) === '') {
- $push_name = sprintf(_('Push from %s'), $app['phraseanet.user']->get_display_name());
+ $push_name = sprintf(_('Push from %s'), $app['authentication']->getUser()->get_display_name());
}
$push_description = $request->request->get('push_description');
@@ -185,7 +185,7 @@ class Push implements ControllerProviderInterface
$Basket->setName($push_name);
$Basket->setDescription($push_description);
$Basket->setOwner($user_receiver);
- $Basket->setPusher($app['phraseanet.user']);
+ $Basket->setPusher($app['authentication']->getUser());
$Basket->setIsRead(false);
$app['EM']->persist($Basket);
@@ -202,13 +202,13 @@ class Push implements ControllerProviderInterface
if ($receiver['HD']) {
$user_receiver->ACL()->grant_hd_on(
$BasketElement->getRecord($app)
- , $app['phraseanet.user']
+ , $app['authentication']->getUser()
, \ACL::GRANT_ACTION_PUSH
);
} else {
$user_receiver->ACL()->grant_preview_on(
$BasketElement->getRecord($app)
- , $app['phraseanet.user']
+ , $app['authentication']->getUser()
, \ACL::GRANT_ACTION_PUSH
);
}
@@ -223,8 +223,8 @@ class Push implements ControllerProviderInterface
$receipt = $request->get('recept') ? $app['phraseanet.user']->get_email() : '';
$params = array(
- 'from' => $app['phraseanet.user']->get_id()
- , 'from_email' => $app['phraseanet.user']->get_email()
+ 'from' => $app['authentication']->getUser()->get_id()
+ , 'from_email' => $app['authentication']->getUser()->get_email()
, 'to' => $user_receiver->get_id()
, 'to_email' => $user_receiver->get_email()
, 'to_name' => $user_receiver->get_display_name()
@@ -277,7 +277,7 @@ class Push implements ControllerProviderInterface
$validation_name = $request->request->get('name');
if (trim($validation_name) === '') {
- $validation_name = sprintf(_('Validation from %s'), $app['phraseanet.user']->get_display_name());
+ $validation_name = sprintf(_('Validation from %s'), $app['authentication']->getUser()->get_display_name());
}
$validation_description = $request->request->get('validation_description');
@@ -298,7 +298,7 @@ class Push implements ControllerProviderInterface
$Basket = new \Entities\Basket();
$Basket->setName($validation_name);
$Basket->setDescription($validation_description);
- $Basket->setOwner($app['phraseanet.user']);
+ $Basket->setOwner($app['authentication']->getUser());
$Basket->setIsRead(false);
$app['EM']->persist($Basket);
@@ -319,7 +319,7 @@ class Push implements ControllerProviderInterface
if (!$Basket->getValidation()) {
$Validation = new \Entities\ValidationSession();
- $Validation->setInitiator($app['phraseanet.user']);
+ $Validation->setInitiator($app['authentication']->getUser());
$Validation->setBasket($Basket);
$duration = (int) $request->request->get('duration');
@@ -337,16 +337,16 @@ class Push implements ControllerProviderInterface
$found = false;
foreach ($participants as $key => $participant) {
- if ($participant['usr_id'] == $app['phraseanet.user']->get_id()) {
+ if ($participant['usr_id'] == $app['authentication']->getUser()->get_id()) {
$found = true;
break;
}
}
if (!$found) {
- $participants[$app['phraseanet.user']->get_id()] = array(
+ $participants[$app['authentication']->getUser()->get_id()] = array(
'see_others' => 1,
- 'usr_id' => $app['phraseanet.user']->get_id(),
+ 'usr_id' => $app['authentication']->getUser()->get_id(),
'agree' => 0,
'HD' => 0
);
@@ -389,13 +389,13 @@ class Push implements ControllerProviderInterface
if ($participant['HD']) {
$participant_user->ACL()->grant_hd_on(
$BasketElement->getRecord($app)
- , $app['phraseanet.user']
+ , $app['authentication']->getUser()
, \ACL::GRANT_ACTION_VALIDATE
);
} else {
$participant_user->ACL()->grant_preview_on(
$BasketElement->getRecord($app)
- , $app['phraseanet.user']
+ , $app['authentication']->getUser()
, \ACL::GRANT_ACTION_VALIDATE
);
}
@@ -420,8 +420,8 @@ class Push implements ControllerProviderInterface
$receipt = $request->get('recept') ? $app['phraseanet.user']->get_email() : '';
$params = array(
- 'from' => $app['phraseanet.user']->get_id()
- , 'from_email' => $app['phraseanet.user']->get_email()
+ 'from' => $app['authentication']->getUser()->get_id()
+ , 'from_email' => $app['authentication']->getUser()->get_email()
, 'to' => $participant_user->get_id()
, 'to_email' => $participant_user->get_email()
, 'to_name' => $participant_user->get_display_name()
@@ -466,7 +466,7 @@ class Push implements ControllerProviderInterface
$query = new \User_Query($app);
- $query->on_bases_where_i_am($app['phraseanet.user']->ACL(), array('canpush'));
+ $query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
$query->in(array($usr_id));
@@ -488,7 +488,7 @@ class Push implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
if ($list) {
$datas = $listFormatter($list);
@@ -501,7 +501,7 @@ class Push implements ControllerProviderInterface
$result = array('success' => false, 'message' => '', 'user' => null);
try {
- if (!$app['phraseanet.user']->ACL()->has_right('manageusers'))
+ if (!$app['authentication']->getUser()->ACL()->has_right('manageusers'))
throw new ControllerException(_('You are not allowed to add users'));
if (!$request->request->get('firstname'))
@@ -573,7 +573,7 @@ class Push implements ControllerProviderInterface
$query = new \User_Query($app);
- $query->on_bases_where_i_am($app['phraseanet.user']->ACL(), array('canpush'));
+ $query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
$query->like(\User_Query::LIKE_FIRSTNAME, $request->query->get('query'))
->like(\User_Query::LIKE_LASTNAME, $request->query->get('query'))
@@ -586,7 +586,7 @@ class Push implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $lists = $repository->findUserListLike($app['phraseanet.user'], $request->query->get('query'));
+ $lists = $repository->findUserListLike($app['authentication']->getUser(), $request->query->get('query'));
$datas = array();
@@ -609,11 +609,11 @@ class Push implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
$query = new \User_Query($app);
- $query->on_bases_where_i_am($app['phraseanet.user']->ACL(), array('canpush'));
+ $query->on_bases_where_i_am($app['authentication']->getUser()->ACL(), array('canpush'));
if ($request->get('query')) {
$query->like($request->get('like_field'), $request->get('query'))
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Query.php b/lib/Alchemy/Phrasea/Controller/Prod/Query.php
index 3457a9a726..9c83f71af0 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Query.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Query.php
@@ -96,7 +96,7 @@ class Query implements ControllerProviderInterface
{
$query = (string) $request->request->get('qry');
- $mod = $app['phraseanet.user']->getPrefs('view');
+ $mod = $app['authentication']->getUser()->getPrefs('view');
$json = array();
@@ -104,7 +104,7 @@ class Query implements ControllerProviderInterface
$form = $options->serialize();
- $perPage = (int) $app['phraseanet.user']->getPrefs('images_per_page');
+ $perPage = (int) $app['authentication']->getUser()->getPrefs('images_per_page');
$app['phraseanet.SE']->setOptions($options);
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Records.php b/lib/Alchemy/Phrasea/Controller/Prod/Records.php
index 50bebab900..1012aa0b05 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Records.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Records.php
@@ -174,7 +174,7 @@ class Records implements ControllerProviderInterface
)),
"others" => $app['twig']->render('prod/preview/appears_in.html.twig', array(
'parents' => $record->get_grouping_parents(),
- 'baskets' => $record->get_container_baskets($app['EM'], $app['phraseanet.user'])
+ 'baskets' => $record->get_container_baskets($app['EM'], $app['authentication']->getUser())
)),
"current" => $train,
"history" => $app['twig']->render('prod/preview/short_history.html.twig', array(
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Root.php b/lib/Alchemy/Phrasea/Controller/Prod/Root.php
index e56eacada0..3cea296ca4 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Root.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Root.php
@@ -33,11 +33,10 @@ class Root implements ControllerProviderInterface
$controllers->before(function(Request $request) use ($app) {
- if (!$app->isAuthenticated() && null !== $request->query->get('nolog') && \phrasea::guest_allowed($app)) {
- $auth = new Session_Authentication_Guest($app);
- $app->openAccount($auth);
-
- return $app->redirect('/prod/');
+ if (!$app['authentication']->isAuthenticated() && null !== $request->query->get('nolog')) {
+ return $app->redirect(
+ $app->path('login_authenticate_as_guest', array('redirect' => '/prod/'))
+ );
}
$app['firewall']->requireAuthentication();
@@ -70,13 +69,13 @@ class Root implements ControllerProviderInterface
$css[$baseName] = $baseName;
}
- $cssfile = $app['phraseanet.user']->getPrefs('css');
+ $cssfile = $app['authentication']->getUser()->getPrefs('css');
if (!$cssfile && isset($css['000000'])) {
$cssfile = '000000';
}
- $user_feeds = \Feed_Collection::load_all($app, $app['phraseanet.user']);
+ $user_feeds = \Feed_Collection::load_all($app, $app['authentication']->getUser());
$feeds = array_merge(array($user_feeds->get_aggregate()), $user_feeds->get_feeds());
$thjslist = "";
@@ -123,7 +122,7 @@ class Root implements ControllerProviderInterface
'GV_google_api' => $app['phraseanet.registry']->get('GV_google_api'),
'queries_topics' => $queries_topics,
'search_status' => \databox_status::getSearchStatus($app),
- 'queries_history' => \queries::history($app['phraseanet.appbox'], $app['phraseanet.user']->get_id()),
+ 'queries_history' => \queries::history($app['phraseanet.appbox'], $app['authentication']->getUser()->get_id()),
'thesau_js_list' => $thjslist,
'thesau_json_sbas' => json_encode($sbas),
'thesau_json_bas2sbas' => json_encode($bas2sbas),
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Share.php b/lib/Alchemy/Phrasea/Controller/Prod/Share.php
index 5b4aa1668b..785b0524f9 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Share.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Share.php
@@ -65,7 +65,7 @@ class Share implements ControllerProviderInterface
{
$record = new \record_adapter($app, \phrasea::sbasFromBas($app, $base_id), $record_id);
- if (!$app['phraseanet.user']->ACL()->has_access_to_subdef($record, 'preview')) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_subdef($record, 'preview')) {
$app->abort(403);
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Story.php b/lib/Alchemy/Phrasea/Controller/Prod/Story.php
index bbe70cf710..0995908b4e 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Story.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Story.php
@@ -42,7 +42,7 @@ class Story implements ControllerProviderInterface
/* @var $request \Symfony\Component\HttpFoundation\Request */
$collection = \collection::get_from_base_id($app, $request->request->get('base_id'));
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'canaddrecord')) {
throw new \Exception_Forbidden('You can not create a story on this collection');
}
@@ -79,7 +79,7 @@ class Story implements ControllerProviderInterface
$Story->set_metadatas($metadatas)->rebuild_subdefs();
$StoryWZ = new \Entities\StoryWZ();
- $StoryWZ->setUser($app['phraseanet.user']);
+ $StoryWZ->setUser($app['authentication']->getUser());
$StoryWZ->setRecord($Story);
$app['EM']->persist($StoryWZ);
@@ -114,7 +114,7 @@ class Story implements ControllerProviderInterface
$controllers->post('/{sbas_id}/{record_id}/addElements/', function(Application $app, Request $request, $sbas_id, $record_id) {
$Story = new \record_adapter($app, $sbas_id, $record_id);
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
throw new \Exception_Forbidden('You can not add document to this Story');
$n = 0;
@@ -147,7 +147,7 @@ class Story implements ControllerProviderInterface
$record = new \record_adapter($app, $child_sbas_id, $child_record_id);
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($Story->get_base_id(), 'canmodifrecord'))
throw new \Exception_Forbidden('You can not add document to this Story');
$Story->removeChild($record);
@@ -198,7 +198,7 @@ class Story implements ControllerProviderInterface
throw new \Exception('This is not a story');
}
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($story->get_base_id(), 'canmodifrecord')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($story->get_base_id(), 'canmodifrecord')) {
throw new ControllerException(_('You can not edit this story'));
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/TOU.php b/lib/Alchemy/Phrasea/Controller/Prod/TOU.php
index 980483f4c1..71bba843ef 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/TOU.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/TOU.php
@@ -82,12 +82,12 @@ class TOU implements ControllerProviderInterface
try {
$databox = $app['phraseanet.appbox']->get_databox((int) $sbas_id);
- $app['phraseanet.user']->ACL()->revoke_access_from_bases(
- array_keys($app['phraseanet.user']->ACL()->get_granted_base(array(), array($databox->get_sbas_id())))
+ $app['authentication']->getUser()->ACL()->revoke_access_from_bases(
+ array_keys($app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())))
);
- $app['phraseanet.user']->ACL()->revoke_unused_sbas_rights();
+ $app['authentication']->getUser()->ACL()->revoke_unused_sbas_rights();
- $app->closeAccount();
+ $app['authentication']->closeAccount();
$ret['success'] = true;
} catch (\Exception $e) {
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php b/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php
index 955b11889f..b551434f55 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Tooltip.php
@@ -72,7 +72,7 @@ class Tooltip implements ControllerProviderInterface
public function displayBasket(Application $app, $basket_id)
{
$basket = $app['EM']->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], false);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), false);
return $app['twig']->render('prod/Tooltip/Basket.html.twig', array('basket' => $basket));
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/Upload.php b/lib/Alchemy/Phrasea/Controller/Prod/Upload.php
index d1a52b34d8..a5bb086979 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/Upload.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/Upload.php
@@ -113,7 +113,7 @@ class Upload implements ControllerProviderInterface
return $app['twig']->render(
'prod/upload/upload-flash.html.twig', array(
'sessionId' => session_id(),
- 'collections' => $this->getGrantedCollections($app['phraseanet.user']),
+ 'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
'maxFileSize' => $maxFileSize,
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
));
@@ -133,7 +133,7 @@ class Upload implements ControllerProviderInterface
return $app['twig']->render(
'prod/upload/upload.html.twig', array(
- 'collections' => $this->getGrantedCollections($app['phraseanet.user']),
+ 'collections' => $this->getGrantedCollections($app['authentication']->getUser()),
'maxFileSize' => $maxFileSize,
'maxFileSizeReadable' => \p4string::format_octets($maxFileSize)
));
@@ -172,7 +172,7 @@ class Upload implements ControllerProviderInterface
throw new \Exception_BadRequest('Missing base_id parameter');
}
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($base_id, 'canaddrecord')) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($base_id, 'canaddrecord')) {
throw new \Exception_Forbidden('User is not allowed to add record on this collection');
}
@@ -193,7 +193,7 @@ class Upload implements ControllerProviderInterface
$collection = \collection::get_from_base_id($app, $base_id);
$lazaretSession = new LazaretSession();
- $lazaretSession->setUsrId($app['phraseanet.user']->get_id());
+ $lazaretSession->setUsrId($app['authentication']->getUser()->get_id());
$app['EM']->persist($lazaretSession);
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php
index f315d636b8..71a01ab33c 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/UsrLists.php
@@ -109,7 +109,7 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $lists = $repository->findUserLists($app['phraseanet.user']);
+ $lists = $repository->findUserLists($app['authentication']->getUser());
$result = array();
@@ -191,7 +191,7 @@ class UsrLists implements ControllerProviderInterface
$Owner = new UsrListOwner();
$Owner->setRole(UsrListOwner::ROLE_ADMIN);
- $Owner->setUser($app['phraseanet.user']);
+ $Owner->setUser($app['authentication']->getUser());
$Owner->setList($List);
$List->setName($list_name);
@@ -222,7 +222,7 @@ class UsrLists implements ControllerProviderInterface
{
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
$entries = new ArrayCollection();
$owners = new ArrayCollection();
@@ -280,9 +280,9 @@ class UsrLists implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
throw new ControllerException(_('You are not authorized to do this'));
}
@@ -311,9 +311,9 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
throw new ControllerException(_('You are not authorized to do this'));
}
@@ -345,10 +345,10 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
/* @var $list \Entities\UsrList */
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
throw new ControllerException(_('You are not authorized to do this'));
}
@@ -388,10 +388,10 @@ class UsrLists implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
/* @var $list \Entities\UsrList */
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
throw new ControllerException(_('You are not authorized to do this'));
}
@@ -452,10 +452,10 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
/* @var $list \Entities\UsrList */
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
$list = null;
throw new \Exception(_('You are not authorized to do this'));
}
@@ -482,17 +482,17 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
/* @var $list \Entities\UsrList */
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_EDITOR) {
throw new ControllerException(_('You are not authorized to do this'));
}
$new_owner = \User_Adapter::getInstance($usr_id, $app);
if ($list->hasAccess($new_owner, $app)) {
- if ($new_owner->get_id() == $app['phraseanet.user']->get_id()) {
+ if ($new_owner->get_id() == $app['authentication']->getUser()->get_id()) {
throw new ControllerException('You can not downgrade your Admin right');
}
@@ -538,10 +538,10 @@ class UsrLists implements ControllerProviderInterface
try {
$repository = $app['EM']->getRepository('\Entities\UsrList');
- $list = $repository->findUserListByUserAndId($app, $app['phraseanet.user'], $list_id);
+ $list = $repository->findUserListByUserAndId($app, $app['authentication']->getUser(), $list_id);
/* @var $list \Entities\UsrList */
- if ($list->getOwner($app['phraseanet.user'], $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
+ if ($list->getOwner($app['authentication']->getUser(), $app)->getRole() < UsrListOwner::ROLE_ADMIN) {
throw new \Exception(_('You are not authorized to do this'));
}
diff --git a/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php b/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php
index 22aeebe324..7f38e5cc65 100644
--- a/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php
+++ b/lib/Alchemy/Phrasea/Controller/Prod/WorkZone.php
@@ -80,7 +80,7 @@ class WorkZone implements ControllerProviderInterface
$offsetStart = max(($Page - 1) * $PerPage, 0);
$Baskets = $BasketRepo->findWorkzoneBasket(
- $app['phraseanet.user']
+ $app['authentication']->getUser()
, $request->query->get('Query')
, $request->query->get('Year')
, $request->query->get('Type')
@@ -108,7 +108,7 @@ class WorkZone implements ControllerProviderInterface
{
$basket = $app['EM']
->getRepository('\Entities\Basket')
- ->findUserBasket($app, $basket_id, $app['phraseanet.user'], false);
+ ->findUserBasket($app, $basket_id, $app['authentication']->getUser(), false);
return $app['twig']->render('prod/WorkZone/Browser/Basket.html.twig', array('Basket' => $basket));
}
@@ -133,17 +133,17 @@ class WorkZone implements ControllerProviderInterface
throw new \Exception('You can only attach stories');
}
- if (!$app['phraseanet.user']->ACL()->has_access_to_base($Story->get_base_id())) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_base($Story->get_base_id())) {
throw new \Exception_Forbidden('You do not have access to this Story');
}
- if ($StoryWZRepo->findUserStory($app, $app['phraseanet.user'], $Story)) {
+ if ($StoryWZRepo->findUserStory($app, $app['authentication']->getUser(), $Story)) {
$alreadyFixed++;
continue;
}
$StoryWZ = new StoryWZ();
- $StoryWZ->setUser($app['phraseanet.user']);
+ $StoryWZ->setUser($app['authentication']->getUser());
$StoryWZ->setRecord($Story);
$app['EM']->persist($StoryWZ);
@@ -197,7 +197,7 @@ class WorkZone implements ControllerProviderInterface
$repository = $app['EM']->getRepository('\Entities\StoryWZ');
/* @var $repository \Repositories\StoryWZRepository */
- $StoryWZ = $repository->findUserStory($app, $app['phraseanet.user'], $Story);
+ $StoryWZ = $repository->findUserStory($app, $app['authentication']->getUser(), $Story);
if (!$StoryWZ) {
throw new \Exception_NotFound('Story not found');
diff --git a/lib/Alchemy/Phrasea/Controller/RecordsRequest.php b/lib/Alchemy/Phrasea/Controller/RecordsRequest.php
index 02c1e38bcf..970c929190 100644
--- a/lib/Alchemy/Phrasea/Controller/RecordsRequest.php
+++ b/lib/Alchemy/Phrasea/Controller/RecordsRequest.php
@@ -199,7 +199,7 @@ class RecordsRequest extends ArrayCollection
if ($request->get('ssel')) {
$repository = $app['EM']->getRepository('\Entities\Basket');
- $basket = $repository->findUserBasket($app, $request->get('ssel'), $app['phraseanet.user'], false);
+ $basket = $repository->findUserBasket($app, $request->get('ssel'), $app['authentication']->getUser(), false);
foreach ($basket->getElements() as $basket_element) {
$received[$basket_element->getRecord($app)->get_serialize_key()] = $basket_element->getRecord($app);
@@ -208,7 +208,7 @@ class RecordsRequest extends ArrayCollection
$repository = $app['EM']->getRepository('\Entities\StoryWZ');
$storyWZ = $repository->findByUserAndId(
- $app, $app['phraseanet.user']
+ $app, $app['authentication']->getUser()
, $request->get('story')
);
@@ -235,20 +235,20 @@ class RecordsRequest extends ArrayCollection
foreach ($elements as $id => $record) {
- if (!$app['phraseanet.user']->ACL()->has_access_to_record($record)) {
+ if (!$app['authentication']->getUser()->ACL()->has_access_to_record($record)) {
$to_remove[] = $id;
continue;
}
foreach ($rightsColl as $right) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_base($record->get_base_id(), $right)) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_base($record->get_base_id(), $right)) {
$to_remove[] = $id;
continue;
}
}
foreach ($rightsDatabox as $right) {
- if (!$app['phraseanet.user']->ACL()->has_right_on_sbas($record->get_sbas_id(), $right)) {
+ if (!$app['authentication']->getUser()->ACL()->has_right_on_sbas($record->get_sbas_id(), $right)) {
$to_remove[] = $id;
continue;
}
diff --git a/lib/Alchemy/Phrasea/Controller/User/Notifications.php b/lib/Alchemy/Phrasea/Controller/User/Notifications.php
index 6cb4e83778..e958cf3db5 100644
--- a/lib/Alchemy/Phrasea/Controller/User/Notifications.php
+++ b/lib/Alchemy/Phrasea/Controller/User/Notifications.php
@@ -81,7 +81,7 @@ class Notifications implements ControllerProviderInterface
try {
$app['events-manager']->read(
explode('_', (string) $request->request->get('notifications')),
- $app['phraseanet.user']->get_id()
+ $app['authentication']->getUser()->get_id()
);
return $app->json(array('success' => true, 'message' => ''));
diff --git a/lib/Alchemy/Phrasea/Controller/User/Preferences.php b/lib/Alchemy/Phrasea/Controller/User/Preferences.php
index 78b3993243..8862c871b0 100644
--- a/lib/Alchemy/Phrasea/Controller/User/Preferences.php
+++ b/lib/Alchemy/Phrasea/Controller/User/Preferences.php
@@ -111,7 +111,7 @@ class Preferences implements ControllerProviderInterface
$success = false;
if ($prop && $value) {
- $success = !!$app['phraseanet.user']->setPrefs($prop, $value);
+ $success = !!$app['authentication']->getUser()->setPrefs($prop, $value);
$msg = _('Preference saved !');
}
diff --git a/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php b/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
index a28c3953e0..394eb42be9 100644
--- a/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
+++ b/lib/Alchemy/Phrasea/Core/Provider/AuthenticationManagerServiceProvider.php
@@ -16,6 +16,7 @@ use Alchemy\Phrasea\Authentication\Manager;
use Alchemy\Phrasea\Authentication\ProvidersCollection;
use Alchemy\Phrasea\Authentication\Provider\Facebook;
use Alchemy\Phrasea\Authentication\Phrasea\FailureManager;
+use Alchemy\Phrasea\Authentication\PersistentCookie\Manager as CookieManager;
use Alchemy\Phrasea\Authentication\Phrasea\NativeAuthentication;
use Alchemy\Phrasea\Authentication\Phrasea\OldPasswordEncoder;
use Alchemy\Phrasea\Authentication\Phrasea\PasswordEncoder;
@@ -36,6 +37,10 @@ class AuthenticationManagerServiceProvider implements ServiceProviderInterface
return new TokenValidator($app);
});
+ $app['authentication.persistent-manager'] = $app->share(function (Application $app){
+ return new CookieManager($app['auth.password-encoder'], $app['EM'], $app['browser']);
+ });
+
// $app['authentication.suggestion-finder'] = $app->share(function (Application $app) {
// return new SuggestionFinder($app);
@@ -43,14 +48,14 @@ class AuthenticationManagerServiceProvider implements ServiceProviderInterface
$app['authentication.providers'] = $app->share(function (Application $app) {
- $config = array();
- $config['appId'] = '252378391562465';
- $config['secret'] = 'd9df4bb1ad34aab4f6728b4076e1f9c4';
-
- $facebook = new \Facebook($config);
+// $config = array();
+// $config['appId'] = '252378391562465';
+// $config['secret'] = 'd9df4bb1ad34aab4f6728b4076e1f9c4';
+//
+// $facebook = new \Facebook($config);
$providers = new ProvidersCollection();
- $providers->register(new Facebook($facebook, $app['url_generator']));
+// $providers->register(new Facebook($facebook, $app['url_generator']));
return $providers;
});
diff --git a/lib/classes/API/OAuth2/Adapter.php b/lib/classes/API/OAuth2/Adapter.php
index a31aa35edb..5755da2ff1 100644
--- a/lib/classes/API/OAuth2/Adapter.php
+++ b/lib/classes/API/OAuth2/Adapter.php
@@ -11,6 +11,10 @@
use Alchemy\Phrasea\Application;
+use Alchemy\Phrasea\Authentication\Exception\AccountLockedException;
+use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException;
+use Symfony\Component\HttpFoundation\Request;
+
/**
*
*
@@ -373,10 +377,10 @@ class API_OAuth2_Adapter extends OAuth2
/**
*
- * @param Symfony\Component\HttpFoundation\Request $request
+ * @param Request $request
* @return array
*/
- public function getAuthorizationRequestParameters(Symfony\Component\HttpFoundation\Request $request)
+ public function getAuthorizationRequestParameters(Request $request)
{
$datas = array(
@@ -715,9 +719,9 @@ class API_OAuth2_Adapter extends OAuth2
$stored = $this->checkUserCredentials($client[0], $input["username"], $input["password"]);
- if ($stored === FALSE)
- $this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT, 'Unknow user');
-
+ if ($stored === false) {
+ $this->errorJsonResponse(OAUTH2_HTTP_BAD_REQUEST, OAUTH2_ERROR_INVALID_GRANT, 'Username/password mismatch or account locked, please try to log in via Web Application');
+ }
break;
case OAUTH2_GRANT_TYPE_ASSERTION:
if ( ! $input["assertion_type"] || ! $input["assertion"])
@@ -796,17 +800,25 @@ class API_OAuth2_Adapter extends OAuth2
try {
$application = API_OAuth2_Application::load_from_client_id($this->app, $client_id);
- $auth = new \Session_Authentication_Native($this->app, $username, $password);
+ $usr_id = $this->app['auth']->isValid($username, $password, Request::createFromGlobals());
- $auth->challenge_password();
+ if (!$usr_id) {
+ return false;
+ }
- $account = API_OAuth2_Account::load_with_user($this->app, $application, $auth->get_user());
+ $user = \User_Adapter::getInstance($usr_id, $this->app);
+
+ $account = API_OAuth2_Account::load_with_user($this->app, $application, $user);
return array(
'redirect_uri' => $application->get_redirect_uri()
, 'client_id' => $application->get_client_id()
, 'account_id' => $account->get_id()
);
+ } catch (AccountLockedException $e) {
+ return false;
+ } catch (RequireCaptchaException $e) {
+ return false;
} catch (\Exception $e) {
return false;
}
diff --git a/lib/classes/Session/Logger.php b/lib/classes/Session/Logger.php
index 94842ee0b3..59fd863a09 100644
--- a/lib/classes/Session/Logger.php
+++ b/lib/classes/Session/Logger.php
@@ -126,7 +126,7 @@ class Session_Logger
':ses_id' => $app['session']->get('session_id'),
':usr_login' => $app['authentication']->getUser() ? $app['authentication']->getUser()->get_login() : null,
':site_id' => $app['phraseanet.registry']->get('GV_sit'),
- ':usr_id' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_id() : null,
+ ':usr_id' => $app['authentication']->isAuthenticated() ? $app['authentication']->getUser()->get_id() : null,
':browser' => $browser->getBrowser(),
':browser_version' => $browser->getExtendedVersion(),
':platform' => $browser->getPlatform(),
diff --git a/lib/classes/User/Adapter.php b/lib/classes/User/Adapter.php
index 4495d0c9be..c1f8591467 100644
--- a/lib/classes/User/Adapter.php
+++ b/lib/classes/User/Adapter.php
@@ -315,6 +315,8 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
*/
protected $template_owner;
+ protected $password;
+
/**
*
* @param Integer $id
@@ -1045,7 +1047,7 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
*/
public function load($id)
{
- $sql = 'SELECT usr_id, ldap_created, create_db, usr_login, usr_nom, activite,
+ $sql = 'SELECT usr_id, ldap_created, create_db, usr_login, usr_password, usr_nom, activite,
usr_prenom, usr_sexe as gender, usr_mail, adresse, usr_creationdate, usr_modificationdate,
ville, cpostal, tel, fax, fonction, societe, geonameid, lastModel, invite,
defaultftpdatasent, mail_notifications, activeftp, addrftp, loginftp,
@@ -1065,6 +1067,7 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
$this->id = (int) $row['usr_id'];
$this->email = $row['usr_mail'];
$this->login = $row['usr_login'];
+ $this->password = $row['usr_password'];
$this->ldap_created = $row['ldap_created'];
@@ -1166,6 +1169,11 @@ class User_Adapter implements User_Interface, cache_cacheableInterface
return $this->login;
}
+ public function get_password()
+ {
+ return $this->password;
+ }
+
public function get_email()
{
return $this->email;
diff --git a/lib/classes/User/Query.php b/lib/classes/User/Query.php
index 5cb86b0c22..fb5c01cdae 100644
--- a/lib/classes/User/Query.php
+++ b/lib/classes/User/Query.php
@@ -233,11 +233,16 @@ class User_Query implements User_QueryInterface
}
if ($this->only_templates === true) {
+ if (!$this->app['authentication']->getUser()) {
+ throw new InvalidArgumentException('Unable to load templates while disconnected');
+ }
$sql .= ' AND model_of = ' . $this->app['authentication']->getUser()->get_id();
} elseif ($this->include_templates === false) {
$sql .= ' AND model_of=0';
- } else {
+ } elseif ($this->app['authentication']->getUser()) {
$sql .= ' AND (model_of=0 OR model_of = ' . $this->app['authentication']->getUser()->get_id() . ' ) ';
+ } else {
+ $sql .= ' AND model_of=0';
}
if ($this->activities) {