diff --git a/lib/Alchemy/Phrasea/Application/Lightbox.php b/lib/Alchemy/Phrasea/Application/Lightbox.php index b6acc14836..56daaac611 100644 --- a/lib/Alchemy/Phrasea/Application/Lightbox.php +++ b/lib/Alchemy/Phrasea/Application/Lightbox.php @@ -29,13 +29,13 @@ class Lightbox implements ControllerProviderInterface return; } - if ($app->isAuthenticated()) { - $app->closeAccount(); + if ($app['authentication']->isAuthenticated()) { + $app['authentication']->closeAccount(); } try { $auth = new \Session_Authentication_Token($app, $request->query->get('LOG')); - $app->openAccount($auth); + $app['authentication']->openAccount($auth); } catch (Exception $e) { return $app->redirect("/login/?error=" . urlencode($e->getMessage())); } @@ -72,8 +72,8 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketRepository */ $basket_collection = array_merge( - $repository->findActiveByUser($app['phraseanet.user']) - , $repository->findActiveValidationByUser($app['phraseanet.user']) + $repository->findActiveByUser($app['authentication']->getUser()) + , $repository->findActiveValidationByUser($app['authentication']->getUser()) ); $template = 'lightbox/index.html.twig'; @@ -97,7 +97,7 @@ class Lightbox implements ControllerProviderInterface $basketElement = $app['EM'] ->getRepository('\Entities\BasketElement') - ->findUserElement($sselcont_id, $app['phraseanet.user']); + ->findUserElement($sselcont_id, $app['authentication']->getUser()); $parameters = array( 'basket_element' => $basketElement, @@ -111,7 +111,7 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketElementRepository */ $repository = $app['EM']->getRepository('\Entities\BasketElement'); - $BasketElement = $repository->findUserElement($sselcont_id, $app['phraseanet.user']); + $BasketElement = $repository->findUserElement($sselcont_id, $app['authentication']->getUser()); if ($app['browser']->isMobile()) { $output = $app['twig']->render('lightbox/basket_element.html.twig', array( @@ -199,12 +199,12 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketRepository */ $basket_collection = $repository->findActiveValidationAndBasketByUser( - $app['phraseanet.user'] + $app['authentication']->getUser() ); $basket = $repository->findUserBasket( $app, $ssel_id - , $app['phraseanet.user'] + , $app['authentication']->getUser() , false ); @@ -214,9 +214,9 @@ class Lightbox implements ControllerProviderInterface $app['EM']->flush(); } - if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->getIsAware() === false) { + if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->getIsAware() === false) { $basket = $app['EM']->merge($basket); - $basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->setIsAware(true); + $basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->setIsAware(true); $app['EM']->flush(); } @@ -251,12 +251,12 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketRepository */ $basket_collection = $repository->findActiveValidationAndBasketByUser( - $app['phraseanet.user'] + $app['authentication']->getUser() ); $basket = $repository->findUserBasket( $app, $ssel_id - , $app['phraseanet.user'] + , $app['authentication']->getUser() , false ); @@ -266,9 +266,9 @@ class Lightbox implements ControllerProviderInterface $app['EM']->flush(); } - if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['phraseanet.user'])->getIsAware() === false) { + if ($basket->getValidation() && $basket->getValidation()->getParticipant($app['authentication']->getUser())->getIsAware() === false) { $basket = $app['EM']->merge($basket); - $basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->setIsAware(true); + $basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->setIsAware(true); $app['EM']->flush(); } @@ -334,7 +334,7 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketRepository */ $basket = $repository->findUserBasket( $app, $ssel_id - , $app['phraseanet.user'] + , $app['authentication']->getUser() , false ); @@ -357,9 +357,9 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketElementRepository */ $repository = $app['EM']->getRepository('\Entities\BasketElement'); - $basket_element = $repository->findUserElement($sselcont_id, $app['phraseanet.user']); + $basket_element = $repository->findUserElement($sselcont_id, $app['authentication']->getUser()); - $validationDatas = $basket_element->getUserValidationDatas($app['phraseanet.user'], $app); + $validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser(), $app); $validationDatas->setNote($note); @@ -405,14 +405,14 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketElementRepository */ $basket_element = $repository->findUserElement( $sselcont_id - , $app['phraseanet.user'] + , $app['authentication']->getUser() ); /* @var $basket_element \Entities\BasketElement */ - $validationDatas = $basket_element->getUserValidationDatas($app['phraseanet.user'], $app); + $validationDatas = $basket_element->getUserValidationDatas($app['authentication']->getUser(), $app); if (!$basket_element->getBasket() ->getValidation() - ->getParticipant($app['phraseanet.user'], $app)->getCanAgree()) { + ->getParticipant($app['authentication']->getUser(), $app)->getCanAgree()) { throw new ControllerException('You can not agree on this'); } @@ -420,7 +420,7 @@ class Lightbox implements ControllerProviderInterface $participant = $basket_element->getBasket() ->getValidation() - ->getParticipant($app['phraseanet.user'], $app); + ->getParticipant($app['authentication']->getUser(), $app); $app['EM']->merge($basket_element); @@ -453,7 +453,7 @@ class Lightbox implements ControllerProviderInterface /* @var $repository \Repositories\BasketRepository */ $basket = $repository->findUserBasket( $app, $ssel_id - , $app['phraseanet.user'] + , $app['authentication']->getUser() , false ); @@ -461,7 +461,7 @@ class Lightbox implements ControllerProviderInterface throw new ControllerException('There is no validation session attached to this basket'); } - if (!$basket->getValidation()->getParticipant($app['phraseanet.user'], $app)->getCanAgree()) { + if (!$basket->getValidation()->getParticipant($app['authentication']->getUser(), $app)->getCanAgree()) { throw new ControllerException('You have not right to agree'); } @@ -478,7 +478,7 @@ class Lightbox implements ControllerProviderInterface } /* @var $basket \Entities\Basket */ - $participant = $basket->getValidation()->getParticipant($app['phraseanet.user'], $app); + $participant = $basket->getValidation()->getParticipant($app['authentication']->getUser(), $app); $expires = new \DateTime('+10 days'); $url = $app['phraseanet.registry']->get('GV_ServerName') @@ -492,7 +492,7 @@ class Lightbox implements ControllerProviderInterface $to = $basket->getValidation()->getInitiator($app)->get_id(); $params = array( 'ssel_id' => $basket->getId(), - 'from' => $app['phraseanet.user']->get_id(), + 'from' => $app['authentication']->getUser()->get_id(), 'url' => $url, 'to' => $to ); diff --git a/lib/Alchemy/Phrasea/Application/Root.php b/lib/Alchemy/Phrasea/Application/Root.php index 1984c484ef..961340b8ce 100644 --- a/lib/Alchemy/Phrasea/Application/Root.php +++ b/lib/Alchemy/Phrasea/Application/Root.php @@ -32,10 +32,10 @@ return call_user_func(function($environment = null) { }); $app->before(function(Request $request) use ($app) { - if ($request->cookies->has('persistent') && !$app->isAuthenticated()) { + if ($request->cookies->has('persistent') && !$app['authentication']->isAuthenticated()) { try { $auth = new \Session_Authentication_PersistentCookie($app, $request->cookies->get('persistent')); - $app->openAccount($auth, $auth->getSessionId()); + $app['authentication']->openAccount($auth, $auth->getSessionId()); } catch (\Exception $e) { } diff --git a/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php b/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php index d5e94e1aff..aaa901bf7f 100644 --- a/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php +++ b/lib/Alchemy/Phrasea/Controller/Api/Oauth2.php @@ -11,6 +11,12 @@ namespace Alchemy\Phrasea\Controller\Api; +use Alchemy\Phrasea\Authentication\Context; +use Alchemy\Phrasea\Application as PhraseaApplication; +use Alchemy\Phrasea\Authentication\Exception\AccountLockedException; +use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException; +use Alchemy\Phrasea\Core\Event\PreAuthenticate; +use Alchemy\Phrasea\Core\PhraseaEvents; use Silex\Application; use Silex\ControllerProviderInterface; use Symfony\Component\HttpFoundation\Response; @@ -37,6 +43,9 @@ class Oauth2 implements ControllerProviderInterface $request = $app['request']; $oauth2_adapter = $app['oauth']; + $context = new Context(Context::CONTEXT_OAUTH2_NATIVE); + $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context)); + //Check for auth params, send error or redirect if not valid $params = $oauth2_adapter->getAuthorizationRequestParameters($request); @@ -65,17 +74,23 @@ class Oauth2 implements ControllerProviderInterface ); } - if (!$app->isAuthenticated()) { + if (!$app['authentication']->isAuthenticated()) { if ($action_login !== null) { try { - $auth = new \Session_Authentication_Native( - $app, $request->get("login"), $request->get("password") - ); + $usr_id = $app['auth.native']->isValid($request->get("login"), $request->get("password"), $request); - $app->openAccount($auth); - } catch (\Exception $e) { - return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter))); + if (!$usr_id) { + $app['session']->getFlashBag()->set('error', _('login::erreur: Erreur d\'authentification')); + + return $app->redirect($app->path('oauth2_authorize')); + } + } catch (RequireCaptchaException $e) { + return $app->redirect($app->path('oauth2_authorize'), array('error' => 'captcha')); + } catch (AccountLockedException $e) { + return $app->redirect($app->path('oauth2_authorize'), array('error' => 'account-locked')); } + + $app['authentication']->openAccount(\User_Adapter::getInstance($usr_id, $app)); } else { return new Response($app['twig']->render($template, array("auth" => $oauth2_adapter))); } @@ -84,7 +99,7 @@ class Oauth2 implements ControllerProviderInterface //check if current client is already authorized by current user $user_auth_clients = \API_OAuth2_Application::load_authorized_app_by_user( $app - , $app['phraseanet.user'] + , $app['authentication']->getUser() ); foreach ($user_auth_clients as $auth_client) { @@ -93,7 +108,7 @@ class Oauth2 implements ControllerProviderInterface } } - $account = $oauth2_adapter->updateAccount($app['phraseanet.user']->get_id()); + $account = $oauth2_adapter->updateAccount($app['authentication']->getUser()->get_id()); $params['account_id'] = $account->get_id(); @@ -119,7 +134,9 @@ class Oauth2 implements ControllerProviderInterface } }; - $controllers->match('/authorize', $authorize_func)->method('GET|POST'); + $controllers->match('/authorize', $authorize_func) + ->method('GET|POST') + ->bind('oauth2_authorize'); /** * TOKEN ENDPOINT @@ -130,7 +147,7 @@ class Oauth2 implements ControllerProviderInterface throw new HttpException(400, 'This route requires the use of the https scheme', null, array('content-type' => 'application/json')); } - $app['oauth']->grantAccessToken(); + $app['oauth']->grantAccessToken($request); ob_flush(); flush(); diff --git a/lib/Alchemy/Phrasea/Controller/Api/V1.php b/lib/Alchemy/Phrasea/Controller/Api/V1.php index 8aad18e92e..1185650b0b 100644 --- a/lib/Alchemy/Phrasea/Controller/Api/V1.php +++ b/lib/Alchemy/Phrasea/Controller/Api/V1.php @@ -13,6 +13,8 @@ namespace Alchemy\Phrasea\Controller\Api; use Silex\ControllerProviderInterface; use Alchemy\Phrasea\Core\PhraseaEvents; +use Alchemy\Phrasea\Authentication\Context; +use Alchemy\Phrasea\Core\Event\PreAuthenticate; use Alchemy\Phrasea\Core\Event\ApiOAuth2StartEvent; use Alchemy\Phrasea\Core\Event\ApiOAuth2EndEvent; use Silex\Application as SilexApplication; @@ -49,6 +51,9 @@ class V1 implements ControllerProviderInterface * @ throws \API_V1_exception_forbidden */ $controllers->before(function($request) use ($app) { + $context = new Context(Context::CONTEXT_OAUTH2_TOKEN); + $app['dispatcher']->dispatch(PhraseaEvents::PRE_AUTHENTICATE, new PreAuthenticate($request, $context)); + $app['dispatcher']->dispatch(PhraseaEvents::API_OAUTH2_START, new ApiOAuth2StartEvent()); $oauth2_adapter = new \API_OAuth2_Adapter($app); $oauth2_adapter->verifyAccessToken(); @@ -63,16 +68,15 @@ class V1 implements ControllerProviderInterface throw new \API_V1_exception_forbidden(_('The use of phraseanet Navigator is not allowed')); } - if ($app->isAuthenticated()) { + if ($app['authentication']->isAuthenticated()) { $app['dispatcher']->dispatch(PhraseaEvents::API_OAUTH2_END, new ApiOAuth2EndEvent()); return; } $user = \User_Adapter::getInstance($oauth2_adapter->get_usr_id(), $app); - $auth = new \Session_Authentication_None($user); - $app->openAccount($auth, $oauth2_adapter->get_ses_id()); + $app['authentication']->openAccount($user); $oauth2_adapter->remember_this_ses_id($app['session']->get('session_id')); $app['dispatcher']->dispatch(PhraseaEvents::API_OAUTH2_END, new ApiOAuth2EndEvent()); @@ -646,19 +650,19 @@ class V1 implements ControllerProviderInterface */ $controllers->get('/feeds/list/', function(SilexApplication $app) { return $app['api'] - ->search_publications($app['request'], $app['phraseanet.user']) + ->search_publications($app['request'], $app['authentication']->getUser()) ->get_response(); }); $controllers->get('/feeds/content/', function(SilexApplication $app) { return $app['api'] - ->get_publications($app['request'], $app['phraseanet.user']) + ->get_publications($app['request'], $app['authentication']->getUser()) ->get_response(); }); $controllers->get('/feeds/entry/{entry_id}/', function(SilexApplication $app, $entry_id) { return $app['api'] - ->get_feed_entry($app['request'], $entry_id, $app['phraseanet.user']) + ->get_feed_entry($app['request'], $entry_id, $app['authentication']->getUser()) ->get_response(); })->assert('entry_id', '\d+'); @@ -675,7 +679,7 @@ class V1 implements ControllerProviderInterface */ $controllers->get('/feeds/{feed_id}/content/', function(SilexApplication $app, $feed_id) { return $app['api'] - ->get_publication($app['request'], $feed_id, $app['phraseanet.user']) + ->get_publication($app['request'], $feed_id, $app['authentication']->getUser()) ->get_response(); })->assert('feed_id', '\d+'); diff --git a/lib/Alchemy/Phrasea/Core/PhraseaEvents.php b/lib/Alchemy/Phrasea/Core/PhraseaEvents.php index 9a81e54106..46e2b8ac48 100644 --- a/lib/Alchemy/Phrasea/Core/PhraseaEvents.php +++ b/lib/Alchemy/Phrasea/Core/PhraseaEvents.php @@ -14,6 +14,10 @@ namespace Alchemy\Phrasea\Core; final class PhraseaEvents { const LOGOUT = 'phrasea.logout'; + + const PRE_AUTHENTICATE = 'phrasea.pre-authenticate'; + const POST_AUTHENTICATE = 'phrasea.post-authenticate'; + const API_OAUTH2_START = 'api.oauth2.start'; const API_OAUTH2_END = 'api.oauth2.end'; const API_LOAD_START = 'api.load.start'; diff --git a/lib/Alchemy/Phrasea/Helper/Prod.php b/lib/Alchemy/Phrasea/Helper/Prod.php index 6f29c3f336..c2af5cde9f 100644 --- a/lib/Alchemy/Phrasea/Helper/Prod.php +++ b/lib/Alchemy/Phrasea/Helper/Prod.php @@ -29,13 +29,13 @@ class Prod extends Helper $bases = $fields = $dates = array(); - if (! $this->app['phraseanet.user'] instanceof \User_Adapter) { + if (! $this->app['authentication']->getUser() instanceof \User_Adapter) { return $search_datas; } - $searchSet = json_decode($this->app['phraseanet.user']->getPrefs('search'), true); + $searchSet = json_decode($this->app['authentication']->getUser()->getPrefs('search'), true); - foreach ($this->app['phraseanet.user']->ACL()->get_granted_sbas() as $databox) { + foreach ($this->app['authentication']->getUser()->ACL()->get_granted_sbas() as $databox) { $sbas_id = $databox->get_sbas_id(); $bases[$sbas_id] = array( @@ -45,7 +45,7 @@ class Prod extends Helper 'sbas_id' => $sbas_id ); - foreach ($this->app['phraseanet.user']->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) { + foreach ($this->app['authentication']->getUser()->ACL()->get_granted_base(array(), array($databox->get_sbas_id())) as $coll) { $selected = (isset($searchSet['bases']) && isset($searchSet['bases'][$sbas_id])) ? (in_array($coll->get_base_id(), $searchSet['bases'][$sbas_id])) : true; $bases[$sbas_id]['collections'][] = @@ -83,7 +83,7 @@ class Prod extends Helper if (! $bases[$sbas_id]['thesaurus']) { continue; } - if ( ! $this->app['phraseanet.user']->ACL()->has_right_on_sbas($sbas_id, 'bas_modif_th')) { + if ( ! $this->app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, 'bas_modif_th')) { continue; } diff --git a/lib/Alchemy/Phrasea/Helper/Record/Helper.php b/lib/Alchemy/Phrasea/Helper/Record/Helper.php index 46e57d9801..4607f68700 100644 --- a/lib/Alchemy/Phrasea/Helper/Record/Helper.php +++ b/lib/Alchemy/Phrasea/Helper/Record/Helper.php @@ -116,7 +116,7 @@ class Helper extends \Alchemy\Phrasea\Helper\Helper $repository = $app['EM']->getRepository('\Entities\Basket'); /* @var $$repository \Repositories\BasketRepository */ - $Basket = $repository->findUserBasket($this->app, $Request->get('ssel'), $app['phraseanet.user'], false); + $Basket = $repository->findUserBasket($this->app, $Request->get('ssel'), $app['authentication']->getUser(), false); $this->selection->load_basket($Basket); @@ -125,7 +125,7 @@ class Helper extends \Alchemy\Phrasea\Helper\Helper } elseif (trim($Request->get('story')) !== '') { $repository = $app['EM']->getRepository('\Entities\StoryWZ'); - $storyWZ = $repository->findByUserAndId($app, $app['phraseanet.user'], $Request->get('story')); + $storyWZ = $repository->findByUserAndId($app, $app['authentication']->getUser(), $Request->get('story')); $this->selection->load_list(array($storyWZ->getRecord($this->app)->get_serialize_key()), $this->flatten_groupings); } else { diff --git a/lib/Alchemy/Phrasea/Helper/User/Edit.php b/lib/Alchemy/Phrasea/Helper/User/Edit.php index 6315d4adba..f6b3ac582b 100644 --- a/lib/Alchemy/Phrasea/Helper/User/Edit.php +++ b/lib/Alchemy/Phrasea/Helper/User/Edit.php @@ -73,7 +73,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper protected function delete_user(\User_Adapter $user) { - $list = array_keys($this->app['phraseanet.user']->ACL()->get_granted_base(array('canadmin'))); + $list = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin'))); $user->ACL()->revoke_access_from_bases($list); @@ -86,7 +86,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function get_users_rights() { - $list = array_keys($this->app['phraseanet.user']->ACL()->get_granted_base(array('canadmin'))); + $list = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin'))); $sql = "SELECT b.sbas_id, @@ -366,7 +366,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function apply_rights() { $request = \http_request::getInstance(); - $ACL = $this->app['phraseanet.user']->ACL(); + $ACL = $this->app['authentication']->getUser()->ACL(); $base_ids = array_keys($ACL->get_granted_base(array('canadmin'))); $update = $create = $delete = $create_sbas = $update_sbas = array(); @@ -570,11 +570,11 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper { $template = \User_adapter::getInstance($this->request->get('template'), $this->app); - if ($template->get_template_owner()->get_id() != $this->app['phraseanet.user']->get_id()) { + if ($template->get_template_owner()->get_id() != $this->app['authentication']->getUser()->get_id()) { throw new \Exception_Forbidden('You are not the owner of the template'); } - $base_ids = array_keys($this->app['phraseanet.user']->ACL()->get_granted_base(array('canadmin'))); + $base_ids = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin'))); foreach ($this->users as $usr_id) { $user = \User_adapter::getInstance($usr_id, $this->app); @@ -642,7 +642,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper public function resetRights() { - $base_ids = array_keys($this->app['phraseanet.user']->ACL()->get_granted_base(array('canadmin'))); + $base_ids = array_keys($this->app['authentication']->getUser()->ACL()->get_granted_base(array('canadmin'))); foreach ($this->users as $usr_id) { $user = \User_Adapter::getInstance($usr_id, $this->app); @@ -651,7 +651,7 @@ class Edit extends \Alchemy\Phrasea\Helper\Helper if ($user->is_template()) { $template = $user; - if ($template->get_template_owner()->get_id() !== $this->app['phraseanet.user']->get_id()) { + if ($template->get_template_owner()->get_id() !== $this->app['authentication']->getUser()->get_id()) { continue; } } diff --git a/lib/Alchemy/Phrasea/Helper/User/Manage.php b/lib/Alchemy/Phrasea/Helper/User/Manage.php index fb47e9a925..a87541d635 100644 --- a/lib/Alchemy/Phrasea/Helper/User/Manage.php +++ b/lib/Alchemy/Phrasea/Helper/User/Manage.php @@ -71,7 +71,7 @@ class Manage extends Helper ->like($this->query_parms['like_field'], $this->query_parms['like_value']) ->get_inactives($this->query_parms['inactives']) ->include_templates(false) - ->on_bases_where_i_am($this->app['phraseanet.user']->ACL(), array('canadmin')) + ->on_bases_where_i_am($this->app['authentication']->getUser()->ACL(), array('canadmin')) ->execute(); return $this->results->get_results(); @@ -109,7 +109,7 @@ class Manage extends Helper ->like($this->query_parms['like_field'], $this->query_parms['like_value']) ->get_inactives($this->query_parms['inactives']) ->include_templates(true) - ->on_bases_where_i_am($this->app['phraseanet.user']->ACL(), array('canadmin')) + ->on_bases_where_i_am($this->app['authentication']->getUser()->ACL(), array('canadmin')) ->limit($offset_start, $results_quantity) ->execute(); @@ -218,8 +218,8 @@ class Manage extends Helper } $created_user = \User_Adapter::create($this->app, $name, \random::generatePassword(16), null, false, false); - $created_user->set_template($this->app['phraseanet.user']); - $this->usr_id = $this->app['phraseanet.user']->get_id(); + $created_user->set_template($this->app['authentication']->getUser()); + $this->usr_id = $this->app['authentication']->getUser()->get_id(); return $created_user; } diff --git a/lib/Alchemy/Phrasea/Helper/WorkZone.php b/lib/Alchemy/Phrasea/Helper/WorkZone.php index 5bf44316a9..e1ae1ad985 100644 --- a/lib/Alchemy/Phrasea/Helper/WorkZone.php +++ b/lib/Alchemy/Phrasea/Helper/WorkZone.php @@ -45,13 +45,13 @@ class WorkZone extends Helper $ret = new \Doctrine\Common\Collections\ArrayCollection(); - $baskets = $repo_baskets->findActiveByUser($this->app['phraseanet.user'], $sort); - $validations = $repo_baskets->findActiveValidationByUser($this->app['phraseanet.user'], $sort); + $baskets = $repo_baskets->findActiveByUser($this->app['authentication']->getUser(), $sort); + $validations = $repo_baskets->findActiveValidationByUser($this->app['authentication']->getUser(), $sort); /* @var $repo_stories \Doctrine\Repositories\StoryWZRepository */ $repo_stories = $this->app['EM']->getRepository('Entities\StoryWZ'); - $stories = $repo_stories->findByUser($this->app, $this->app['phraseanet.user'], $sort); + $stories = $repo_stories->findByUser($this->app, $this->app['authentication']->getUser(), $sort); $ret->set(self::BASKETS, $baskets); $ret->set(self::VALIDATIONS, $validations); diff --git a/lib/Alchemy/Phrasea/Out/Module/PDF.php b/lib/Alchemy/Phrasea/Out/Module/PDF.php index 2f6be2c3e8..61820a9ebf 100644 --- a/lib/Alchemy/Phrasea/Out/Module/PDF.php +++ b/lib/Alchemy/Phrasea/Out/Module/PDF.php @@ -166,7 +166,7 @@ class PDF $fimg = $subdef->get_pathfile(); - if (!$this->app['phraseanet.user']->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark") + if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark") && $subdef->get_type() == \media_subdef::TYPE_IMAGE) { $fimg = \recordutils_image::watermark($this->app, $subdef); } @@ -430,7 +430,7 @@ class PDF $f = $subdef->get_pathfile(); - if (!$this->app['phraseanet.user']->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark") + if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($rec->get_base_id(), "nowatermark") && $subdef->get_type() == \media_subdef::TYPE_IMAGE) $f = \recordutils_image::watermark($this->app, $subdef); diff --git a/lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php b/lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php index d80598e083..18bd1bf492 100644 --- a/lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php +++ b/lib/Alchemy/Phrasea/SearchEngine/Phrasea/PhraseaEngine.php @@ -184,12 +184,12 @@ class PhraseaEngine implements SearchEngineInterface */ private function checkSession() { - if (!$this->app['phraseanet.user']) { + if (!$this->app['authentication']->getUser()) { throw new \RuntimeException('Phrasea currently support only authenticated queries'); } - if (!phrasea_open_session($this->app['session']->get('phrasea_session_id'), $this->app['phraseanet.user']->get_id())) { - if (!$ses_id = phrasea_create_session((string) $this->app['phraseanet.user']->get_id())) { + if (!phrasea_open_session($this->app['session']->get('phrasea_session_id'), $this->app['authentication']->getUser()->get_id())) { + if (!$ses_id = phrasea_create_session((string) $this->app['authentication']->getUser()->get_id())) { throw new \Exception_InternalServerError('Unable to create phrasea session'); } $this->app['session']->set('phrasea_session_id', $ses_id); @@ -557,7 +557,7 @@ class PhraseaEngine implements SearchEngineInterface $stmt->execute($params); $stmt->closeCursor(); - if ($this->app['phraseanet.user']) { + if ($this->app['authentication']->getUser()) { \User_Adapter::saveQuery($this->app, $query); } diff --git a/lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php b/lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php index 73b333a9c7..0ac2069976 100644 --- a/lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php +++ b/lib/Alchemy/Phrasea/SearchEngine/SearchEngineOptions.php @@ -623,15 +623,15 @@ class SearchEngineOptions $bas = array_map(function($base_id) use ($app) { return \collection::get_from_base_id($app, $base_id); }, $request->get('bases')); - } elseif (!$app->isAuthenticated()) { + } elseif (!$app['authentication']->isAuthenticated()) { $bas = $app->getOpenCollections(); } else { - $bas = $app['phraseanet.user']->ACL()->get_granted_base(); + $bas = $app['authentication']->getUser()->ACL()->get_granted_base(); } $bas = array_filter($bas, function($collection) use ($app) { - if ($app->isAuthenticated()) { - return $app['phraseanet.user']->ACL()->has_right_on_base($collection->get_base_id(), 'canmodifrecord'); + if ($app['authentication']->isAuthenticated()) { + return $app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'canmodifrecord'); } else { return in_array($collection, $app->getOpenCollections()); } @@ -645,9 +645,9 @@ class SearchEngineOptions } } - if ($app->isAuthenticated() && $app['phraseanet.user']->ACL()->has_right('modifyrecord')) { + if ($app['authentication']->isAuthenticated() && $app['authentication']->getUser()->ACL()->has_right('modifyrecord')) { $BF = array_filter($bas, function($collection) use ($app) { - return $app['phraseanet.user']->ACL()->has_right_on_base($collection->get_base_id(), 'canmodifrecord'); + return $app['authentication']->getUser()->ACL()->has_right_on_base($collection->get_base_id(), 'canmodifrecord'); }); $options->allowBusinessFieldsOn($BF); diff --git a/lib/Alchemy/Phrasea/Security/Firewall.php b/lib/Alchemy/Phrasea/Security/Firewall.php index 0c124c29d0..a054d74f7a 100644 --- a/lib/Alchemy/Phrasea/Security/Firewall.php +++ b/lib/Alchemy/Phrasea/Security/Firewall.php @@ -26,7 +26,7 @@ class Firewall { $this->requireNotGuest(); - if (!$this->app['phraseanet.user']->ACL()->is_admin()) { + if (!$this->app['authentication']->getUser()->ACL()->is_admin()) { $this->app->abort(403, 'Admin role is required'); } @@ -37,7 +37,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_access_to_module($module)) { + if (!$this->app['authentication']->getUser()->ACL()->has_access_to_module($module)) { $this->app->abort(403, 'You do not have required rights'); } @@ -48,7 +48,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_access_to_sbas($sbas_id)) { + if (!$this->app['authentication']->getUser()->ACL()->has_access_to_sbas($sbas_id)) { $this->app->abort(403, 'You do not have required rights'); } @@ -59,7 +59,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_access_to_base($base_id)) { + if (!$this->app['authentication']->getUser()->ACL()->has_access_to_base($base_id)) { $this->app->abort(403, 'You do not have required rights'); } @@ -70,7 +70,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_right($right)) { + if (!$this->app['authentication']->getUser()->ACL()->has_right($right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -81,7 +81,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_right_on_base($base_id, $right)) { + if (!$this->app['authentication']->getUser()->ACL()->has_right_on_base($base_id, $right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -92,7 +92,7 @@ class Firewall { $this->requireAuthentication(); - if (!$this->app['phraseanet.user']->ACL()->has_right_on_sbas($sbas_id, $right)) { + if (!$this->app['authentication']->getUser()->ACL()->has_right_on_sbas($sbas_id, $right)) { $this->app->abort(403, 'You do not have required rights'); } @@ -103,7 +103,7 @@ class Firewall { $this->requireAuthentication(); - if ($this->app['phraseanet.user']->is_guest()) { + if ($this->app['authentication']->getUser()->is_guest()) { $this->app->abort(403, 'Guests do not have admin role'); } @@ -112,7 +112,7 @@ class Firewall public function requireAuthentication() { - if (!$this->app->isAuthenticated()) { + if (!$this->app['authentication']->isAuthenticated()) { $this->app->abort(302, 'You are not authenticated', array('X-Phraseanet-Redirect' => '/login/')); } @@ -121,7 +121,7 @@ class Firewall public function requireNotAuthenticated() { - if ($this->app->isAuthenticated()) { + if ($this->app['authentication']->isAuthenticated()) { $this->app->abort(302, 'You are authenticated', array('X-Phraseanet-Redirect' => '/prod/')); } @@ -130,7 +130,7 @@ class Firewall public function requireOrdersAdmin() { - if (false === !!count($this->app['phraseanet.user']->ACL()->get_granted_base(array('order_master')))) { + if (false === !!count($this->app['authentication']->getUser()->ACL()->get_granted_base(array('order_master')))) { $this->app->abort(403, 'You are not an order admin'); } diff --git a/lib/Alchemy/Phrasea/Setup/Installer.php b/lib/Alchemy/Phrasea/Setup/Installer.php index ffcb2972e8..d469bc8982 100644 --- a/lib/Alchemy/Phrasea/Setup/Installer.php +++ b/lib/Alchemy/Phrasea/Setup/Installer.php @@ -76,7 +76,7 @@ class Installer { $template = new \SplFileInfo(__DIR__ . '/../../../conf.d/data_templates/' . $template . '-simple.xml'); $databox = \databox::create($this->app, $dbConn, $template, $this->app['phraseanet.registry']); - $this->app['phraseanet.user']->ACL() + $this->app['authentication']->getUser()->ACL() ->give_access_to_sbas(array($databox->get_sbas_id())) ->update_rights_to_sbas( $databox->get_sbas_id(), array( @@ -85,10 +85,10 @@ class Installer ) ); - $collection = \collection::create($this->app, $databox, $this->app['phraseanet.appbox'], 'test', $this->app['phraseanet.user']); + $collection = \collection::create($this->app, $databox, $this->app['phraseanet.appbox'], 'test', $this->app['authentication']->getUser()); - $this->app['phraseanet.user']->ACL()->give_access_to_base(array($collection->get_base_id())); - $this->app['phraseanet.user']->ACL()->update_rights_to_base($collection->get_base_id(), array( + $this->app['authentication']->getUser()->ACL()->give_access_to_base(array($collection->get_base_id())); + $this->app['authentication']->getUser()->ACL()->update_rights_to_base($collection->get_base_id(), array( 'canpush' => 1, 'cancmd' => 1 , 'canputinalbum' => 1, 'candwnldhd' => 1, 'candwnldpreview' => 1, 'canadmin' => 1 , 'actif' => 1, 'canreport' => 1, 'canaddrecord' => 1, 'canmodifrecord' => 1 diff --git a/templates/mobile/api/auth/end_user_authorization.html.twig b/templates/mobile/api/auth/end_user_authorization.html.twig index 5bf12682ea..ac49973ff9 100644 --- a/templates/mobile/api/auth/end_user_authorization.html.twig +++ b/templates/mobile/api/auth/end_user_authorization.html.twig @@ -33,7 +33,7 @@

{{home_title}}

- {% if not app.isAuthenticated() %} + {% if not app['authentication'].isAuthenticated() %}
{% for key,value in auth.getParams %} @@ -56,8 +56,8 @@

{% else %} - {% if app['phraseanet.user'] is not none %} - {% set username = '' ~ app['phraseanet.user'].get_display_name() ~ '' %} + {% if app['authentication'].getUser() is not none %} + {% set username = '' ~ app['authentication'].getUser().get_display_name() ~ '' %}

{% trans %} diff --git a/templates/mobile/api/auth/native_app_access_token.html.twig b/templates/mobile/api/auth/native_app_access_token.html.twig index 419a5ff6b6..a78256bc70 100644 --- a/templates/mobile/api/auth/native_app_access_token.html.twig +++ b/templates/mobile/api/auth/native_app_access_token.html.twig @@ -37,8 +37,8 @@

{{ app['phraseanet.registry'].get('GV_homeTitle') }}

- {% if app['phraseanet.user'] is not none %} - {% set username = '' ~ app['phraseanet.user'].get_display_name() ~ '' %} + {% if app['authentication'].getUser() is not none %} + {% set username = '' ~ app['authentication'].getUser().get_display_name() ~ '' %}

{% trans %} diff --git a/templates/mobile/lightbox/basket_element.html.twig b/templates/mobile/lightbox/basket_element.html.twig index 974da3a8cb..d2c10e210f 100644 --- a/templates/mobile/lightbox/basket_element.html.twig +++ b/templates/mobile/lightbox/basket_element.html.twig @@ -21,12 +21,12 @@

{{ thumbnail.format100percent(record.get_preview(),'', record.get_thumbnail()) }} {% if basket_element.getBasket().getValidation() %} - {% if basket_element.getBasket().getValidation().getParticipant(app['phraseanet.user'], app).getCanAgree() %} + {% if basket_element.getBasket().getValidation().getParticipant(app['authentication'].getUser(), app).getCanAgree() %}
- + - +
{% endif %} diff --git a/templates/mobile/lightbox/note_form.html.twig b/templates/mobile/lightbox/note_form.html.twig index 511f35cdd9..9578539c54 100644 --- a/templates/mobile/lightbox/note_form.html.twig +++ b/templates/mobile/lightbox/note_form.html.twig @@ -19,7 +19,7 @@ + {% if basket_element.getUserValidationDatas(app['authentication'].getUser(), app).getNote() == '' %}placeholder="Note"{% endif %}>{{basket_element.getUserValidationDatas(app['authentication'].getUser(), app).getNote()}} diff --git a/templates/mobile/lightbox/sc_note.html.twig b/templates/mobile/lightbox/sc_note.html.twig index 4e7c11c62c..82571dda65 100644 --- a/templates/mobile/lightbox/sc_note.html.twig +++ b/templates/mobile/lightbox/sc_note.html.twig @@ -1,5 +1,5 @@ {% for validationDatas in basket_element.getValidationDatas() %} - {% set is_mine = validationDatas.getParticipant().getUser(app).get_id() == app['phraseanet.user'].get_id() %} + {% set is_mine = validationDatas.getParticipant().getUser(app).get_id() == app['authentication'].getUser().get_id() %} {% if validationDatas.getNote() != '' or (validationDatas.getAgreement() is not null and is_mine) %}

  • diff --git a/templates/mobile/lightbox/validate.html.twig b/templates/mobile/lightbox/validate.html.twig index 2a4ad785dc..650b25bafe 100644 --- a/templates/mobile/lightbox/validate.html.twig +++ b/templates/mobile/lightbox/validate.html.twig @@ -24,8 +24,8 @@ -{% if app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} +{% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
    {% trans 'admin::collection:: Gestionnaires des commandes' %}
    @@ -120,7 +120,7 @@
    {% trans 'admin::base:collection: minilogo actuel' %}
    {% if collection.getLogo(bas_id, app) is not empty %}
    {{ collection.getLogo(bas_id, app) | raw }}
    - {% if app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
    {% endif%} - {% elseif app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %} {% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}
    @@ -141,7 +141,7 @@
    {% trans "Watermark" %}
    {% if collection.getWatermark(bas_id) is not empty %}
    {{ collection.getWatermark(bas_id)| raw }}
    - {% if app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
    {% endif%} - {% elseif app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %} {% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}
    @@ -162,7 +162,7 @@
    {% trans "Stamp logo" %}
    {% if collection.getStamp(bas_id) is not empty %}
    {{ collection.getStamp(bas_id)| raw }}
    - {% if app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
    {% endif%} - {% elseif app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %} {% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}
    @@ -183,7 +183,7 @@
    {% trans 'admin::base:collection: image de presentation : ' %}
    {% if collection.getPresentation(bas_id) is not empty %}
    {{ collection.getPresentation(bas_id)| raw }}
    - {% if app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% if app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %}
    {% endif%} - {% elseif app['phraseanet.user'].ACL.has_right_on_base(bas_id, 'manage') %} + {% elseif app['authentication'].getUser().ACL.has_right_on_base(bas_id, 'manage') %} {% trans 'admin::base:collection: aucun fichier (minilogo, watermark ...)' %}
    diff --git a/templates/web/admin/collection/create.html.twig b/templates/web/admin/collection/create.html.twig index 936ee90302..3991302b67 100644 --- a/templates/web/admin/collection/create.html.twig +++ b/templates/web/admin/collection/create.html.twig @@ -32,10 +32,10 @@
    - {% if app['phraseanet.user'].ACL().get_granted_base(["canadmin"]) | length > 0 %} + {% if app['authentication'].getUser().ACL().get_granted_base(["canadmin"]) | length > 0 %} diff --git a/templates/web/admin/databases.html.twig b/templates/web/admin/databases.html.twig index 1d028442f4..a00dbde5b6 100644 --- a/templates/web/admin/databases.html.twig +++ b/templates/web/admin/databases.html.twig @@ -37,7 +37,7 @@
    -{% if app['phraseanet.user'].ACL().is_admin() %} +{% if app['authentication'].getUser().ACL().is_admin() %}

    {% trans 'admin::base: Version' %}

    diff --git a/templates/web/admin/databox/databox.html.twig b/templates/web/admin/databox/databox.html.twig index d6416c927c..70b9003cfa 100644 --- a/templates/web/admin/databox/databox.html.twig +++ b/templates/web/admin/databox/databox.html.twig @@ -30,7 +30,7 @@
  • {% trans 'admin::base: Alias' %} : {{ databox.get_viewname() }} - {% if app['phraseanet.user'].ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %} + {% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
    • -{% if app['phraseanet.user'].ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %} +{% if app['authentication'].getUser().ACL().has_right_on_sbas(databox.get_sbas_id(), "bas_manage") %}
    - {{_self.format_checkbox(app['phraseanet.user'], rights, 'bas_chupub', users, 'sbas')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'bas_chupub', users, 'sbas')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'bas_modif_th', users, 'sbas')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'bas_modif_th', users, 'sbas')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'bas_manage', users, 'sbas')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'bas_manage', users, 'sbas')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'bas_modify_struct', users, 'sbas')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'bas_modify_struct', users, 'sbas')}} @@ -356,25 +356,25 @@ {{rights['base_id']|bas_names(app)}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'access', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'access', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'actif', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'actif', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canputinalbum', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canputinalbum', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'candwnldpreview', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'candwnldpreview', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'nowatermark', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'nowatermark', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'candwnldhd', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'candwnldhd', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'cancmd', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'cancmd', users, 'base')}}
    @@ -410,34 +410,34 @@ - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canaddrecord', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canaddrecord', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canmodifrecord', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canmodifrecord', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'chgstatus', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'chgstatus', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'candeleterecord', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'candeleterecord', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'imgtools', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'imgtools', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canadmin', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canadmin', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canreport', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canreport', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'canpush', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'canpush', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'manage', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'manage', users, 'base')}} - {{_self.format_checkbox(app['phraseanet.user'], rights, 'modify_struct', users, 'base')}} + {{_self.format_checkbox(app['authentication'].getUser(), rights, 'modify_struct', users, 'base')}} diff --git a/templates/web/admin/index.html.twig b/templates/web/admin/index.html.twig index 52e0b48924..3bcf25d988 100644 --- a/templates/web/admin/index.html.twig +++ b/templates/web/admin/index.html.twig @@ -54,7 +54,7 @@ dataType: 'json', data: { module : 3, - usr : {{ app['phraseanet.user'].get_id() }} + usr : {{ app['authentication'].getUser().get_id() }} }, error: function(){ window.setTimeout("sessionactive();", 10000); diff --git a/templates/web/admin/publications/fiche.html.twig b/templates/web/admin/publications/fiche.html.twig index 0867a04e52..d8d0c759ae 100644 --- a/templates/web/admin/publications/fiche.html.twig +++ b/templates/web/admin/publications/fiche.html.twig @@ -6,7 +6,7 @@ {% if error %}
    {{ error }}
    {% endif %} - {% if feed.is_owner(app['phraseanet.user']) %} + {% if feed.is_owner(app['authentication'].getUser()) %}

    {% trans 'Edition' %}

    @@ -97,7 +97,7 @@
    - {% for databox in app['phraseanet.user'].ACL().get_granted_sbas('bas_chupub') %} + {% for databox in app['authentication'].getUser().ACL().get_granted_sbas('bas_chupub') %} {% for collection in databox.get_collections() %} @@ -81,7 +81,7 @@ {% endif %} - {% if feed.is_owner(app['phraseanet.user']) %} + {% if feed.is_owner(app['authentication'].getUser()) %} diff --git a/templates/web/admin/tree.html.twig b/templates/web/admin/tree.html.twig index 59a05dae79..bcdd735232 100644 --- a/templates/web/admin/tree.html.twig +++ b/templates/web/admin/tree.html.twig @@ -2,7 +2,7 @@
    - {% if not app.isAuthenticated() %} + {% if not app['authentication'].isAuthenticated() %}
    {% for key,value in auth.getParams %} @@ -57,7 +57,7 @@
    {% else %} {% if user is not none %} - {% set username = '' ~ app['phraseanet.user'].get_display_name() ~ '' %} + {% set username = '' ~ app['authentication'].getUser().get_display_name() ~ '' %}
    {% if user is not none %} - {% set username = '' ~ app['phraseanet.user'].get_display_name() ~ '' %} + {% set username = '' ~ app['authentication'].getUser().get_display_name() ~ '' %}
    - {% if total_baskets > 0 and (app['phraseanet.user'].ACL().has_right("candwnldhd") or app['phraseanet.user'].ACL().has_right("candwnldpreview") or app['phraseanet.user'].ACL().has_right("cancmd") > 0) %} + {% if total_baskets > 0 and (app['authentication'].getUser().ACL().has_right("candwnldhd") or app['authentication'].getUser().ACL().has_right("candwnldpreview") or app['authentication'].getUser().ACL().has_right("cancmd") > 0) %}
    {% endif %} @@ -117,10 +117,10 @@ onclick="evt_del_in_chutier({{ element.getId() }});" title="{% trans 'action : supprimer' %}">
    - {% if app['phraseanet.user'].ACL().has_right_on_base(record.get_base_id(), 'candwnldhd') - or app['phraseanet.user'].ACL().has_right_on_base(record.get_base_id(), 'candwnldpreview') - or app['phraseanet.user'].ACL().has_right_on_base(record.get_base_id(), 'cancmd') - or app['phraseanet.user'].ACL().has_preview_grant(record) %} + {% if app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldhd') + or app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'candwnldpreview') + or app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'cancmd') + or app['authentication'].getUser().ACL().has_preview_grant(record) %}
    {% endif %}
    diff --git a/templates/web/client/index.html.twig b/templates/web/client/index.html.twig index 0c5197e17d..0bbec14c21 100644 --- a/templates/web/client/index.html.twig +++ b/templates/web/client/index.html.twig @@ -446,7 +446,7 @@ dataType: 'json', data: { app : 2, - usr : {{ app['phraseanet.user'].get_id() }} + usr : {{ app['authentication'].getUser().get_id() }} }, error: function(){ window.setTimeout("sessionactive();", 10000); diff --git a/templates/web/common/HTML5Video.html.twig b/templates/web/common/HTML5Video.html.twig index 89ec55fe74..2ac4377d14 100644 --- a/templates/web/common/HTML5Video.html.twig +++ b/templates/web/common/HTML5Video.html.twig @@ -20,7 +20,7 @@ {% set s_width = subdef.get_width() %} {% set s_height = subdef.get_height() %} {% endif %} - {% if app.isAuthenticated() == true %} + {% if app['authentication'].isAuthenticated() == true %} {% set url = subdef.get_url() %} {% else %} {% set url = subdef.get_permalink().get_url() %} diff --git a/templates/web/common/caption.html.twig b/templates/web/common/caption.html.twig index b33c42a892..929230543a 100644 --- a/templates/web/common/caption.html.twig +++ b/templates/web/common/caption.html.twig @@ -5,8 +5,8 @@ {% import 'common/caption_templates/overview.html.twig' as cap_ovr %} {% import 'common/caption_templates/preview.html.twig' as cap_prev %} -{% if app['phraseanet.user'] %} - {% set business = app['phraseanet.user'].ACL().has_right_on_base(record.get_base_id(), 'canmodifrecord') %} +{% if app['authentication'].getUser() %} + {% set business = app['authentication'].getUser().ACL().has_right_on_base(record.get_base_id(), 'canmodifrecord') %} {% else %} {% set business = false %} {% endif %} diff --git a/templates/web/common/dialog_export.html.twig b/templates/web/common/dialog_export.html.twig index 577716dcf2..b7a773afc3 100644 --- a/templates/web/common/dialog_export.html.twig +++ b/templates/web/common/dialog_export.html.twig @@ -76,7 +76,7 @@
    {% endmacro %} -{% if app['phraseanet.registry'].get('GV_needAuth2DL') and app['phraseanet.user'].is_guest() %} +{% if app['phraseanet.registry'].get('GV_needAuth2DL') and app['authentication'].getUser().is_guest() %} {% endblock %} diff --git a/templates/web/login/index.html.twig b/templates/web/login/index.html.twig index bbf036a7cd..c051e3c679 100644 --- a/templates/web/login/index.html.twig +++ b/templates/web/login/index.html.twig @@ -132,6 +132,9 @@
    + {% for provider in app['authentication.providers'] %} + {{ provider.getId() }} + {% endfor %} {% if display_layout == 'DISPLAYx1' %} {% include 'login/index_layout_displayx1.html.twig' %} {% elseif display_layout == 'DISPLAYx4' %} diff --git a/templates/web/prod/Story/Create.html.twig b/templates/web/prod/Story/Create.html.twig index 428472adf0..a7eb7a4a45 100644 --- a/templates/web/prod/Story/Create.html.twig +++ b/templates/web/prod/Story/Create.html.twig @@ -2,7 +2,7 @@ diff --git a/templates/web/prod/Tooltip/User.html.twig b/templates/web/prod/Tooltip/User.html.twig index b33675ab1e..8e1c94e6f0 100644 --- a/templates/web/prod/Tooltip/User.html.twig +++ b/templates/web/prod/Tooltip/User.html.twig @@ -1,7 +1,7 @@ {% extends 'prod/Tooltip/Tooltip.html.twig'%} {% set title %} - app['phraseanet.user'].get_display_name() + app['authentication'].getUser().get_display_name() {% endset %} {% set width = 300 %} {% set maxwidth = null %} @@ -12,12 +12,12 @@
    -

    {{ app['phraseanet.user'].get_display_name() }}

    +

    {{ app['authentication'].getUser().get_display_name() }}

      -
    • {{ app['phraseanet.user'].get_email() }}
      • -
    • {{ app['phraseanet.user'].get_company() }}
      • -
    • {{ app['phraseanet.user'].get_job() }}
      • -
    • {{ app['phraseanet.user'].get_position() }}
      • +
    • {{ app['authentication'].getUser().get_email() }}
      • +
    • {{ app['authentication'].getUser().get_company() }}
      • +
    • {{ app['authentication'].getUser().get_job() }}
      • +
    • {{ app['authentication'].getUser().get_position() }}
    diff --git a/templates/web/prod/WorkZone/Basket.html.twig b/templates/web/prod/WorkZone/Basket.html.twig index 29c2427cd0..98a3099927 100644 --- a/templates/web/prod/WorkZone/Basket.html.twig +++ b/templates/web/prod/WorkZone/Basket.html.twig @@ -10,36 +10,36 @@ - {% if app['phraseanet.user'].ACL().has_right('modifyrecord') %} + {% if app['authentication'].getUser().ACL().has_right('modifyrecord') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('changestatus') %} + {% if app['authentication'].getUser().ACL().has_right('changestatus') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('deleterecord') and app['phraseanet.user'].ACL().has_right('addrecord') %} + {% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('push') %} + {% if app['authentication'].getUser().ACL().has_right('push') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('push') %} + {% if app['authentication'].getUser().ACL().has_right('push') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('bas_chupub') %} + {% if app['authentication'].getUser().ACL().has_right('bas_chupub') %} @@ -48,7 +48,7 @@ {% endif %} - {% if app['phraseanet.user'].ACL().has_right('doctools') %} + {% if app['authentication'].getUser().ACL().has_right('doctools') %} diff --git a/templates/web/prod/WorkZone/Browser/Basket.html.twig b/templates/web/prod/WorkZone/Browser/Basket.html.twig index fbdb499166..1b6f4284b4 100644 --- a/templates/web/prod/WorkZone/Browser/Basket.html.twig +++ b/templates/web/prod/WorkZone/Browser/Basket.html.twig @@ -11,7 +11,7 @@

    - {% if Basket.getValidation() is empty or Basket.getValidation().isInitiator(app['phraseanet.user']) %} + {% if Basket.getValidation() is empty or Basket.getValidation().isInitiator(app['authentication'].getUser()) %} diff --git a/templates/web/prod/WorkZone/Browser/Results.html.twig b/templates/web/prod/WorkZone/Browser/Results.html.twig index 1d029b0d7f..a168c87bf5 100644 --- a/templates/web/prod/WorkZone/Browser/Results.html.twig +++ b/templates/web/prod/WorkZone/Browser/Results.html.twig @@ -49,7 +49,7 @@

    - {% if Basket.getValidation() is empty or Basket.getValidation().isInitiator(app['phraseanet.user']) %} + {% if Basket.getValidation() is empty or Basket.getValidation().isInitiator(app['authentication'].getUser()) %} diff --git a/templates/web/prod/WorkZone/Macros.html.twig b/templates/web/prod/WorkZone/Macros.html.twig index 76c19f00b5..3a182bca54 100644 --- a/templates/web/prod/WorkZone/Macros.html.twig +++ b/templates/web/prod/WorkZone/Macros.html.twig @@ -276,10 +276,10 @@ {% macro element(wz_scope, container, contained, record, ord) %} {% set box_height = 110 %} - {% if app['phraseanet.user'].getPrefs('basket_title_display') == '1' %} + {% if app['authentication'].getUser().getPrefs('basket_title_display') == '1' %} {% set box_height = (box_height + 20) %} {% endif %} - {% if app['phraseanet.user'].getPrefs('basket_status_display') == '1' %} + {% if app['authentication'].getUser().getPrefs('basket_status_display') == '1' %} {% set box_height = (box_height + 20) %} {% endif %} @@ -289,12 +289,12 @@ class="CHIM diapo CHIM_{{record.get_serialize_key()}}" style="height:{{box_height}}px;" id="CHIM_{% if wz_scope == 'groupings' %}{{record.get_serialize_key()}}{% else %}{{ contained.getId() }}{% endif %}"> - {% if app['phraseanet.user'].getPrefs('basket_title_display') == '1' %} + {% if app['authentication'].getUser().getPrefs('basket_title_display') == '1' %}
    {{record.get_title()}}
    {% endif %} - {% if app['phraseanet.user'].getPrefs('basket_status_display') == '1' %} + {% if app['authentication'].getUser().getPrefs('basket_status_display') == '1' %}
    {{record.get_status_icons|raw}}
    @@ -317,7 +317,7 @@ class="WorkZoneElementRemover {{ wz_scope }}" title="{% trans 'delete'%}" > X     - {% if app['phraseanet.user'].getPrefs('basket_caption_display') == '1' %} + {% if app['authentication'].getUser().getPrefs('basket_caption_display') == '1' %}
    {% endif %}

    @@ -353,7 +353,7 @@ {% for choice in basket_element.getValidationDatas() %} - {% if basket.getValidation().getParticipant(app['phraseanet.user'], app).getCanSeeOthers() or choice.getParticipant().getUser(app) == app['phraseanet.user'] %} + {% if basket.getValidation().getParticipant(app['authentication'].getUser(), app).getCanSeeOthers() or choice.getParticipant().getUser(app) == app['authentication'].getUser() %}
    {{ choice.getParticipant().getUser(app).get_display_name() }} diff --git a/templates/web/prod/WorkZone/Story.html.twig b/templates/web/prod/WorkZone/Story.html.twig index 3dcfb966f2..70ec09fd51 100644 --- a/templates/web/prod/WorkZone/Story.html.twig +++ b/templates/web/prod/WorkZone/Story.html.twig @@ -9,36 +9,36 @@ - {% if app['phraseanet.user'].ACL().has_right('modifyrecord') %} + {% if app['authentication'].getUser().ACL().has_right('modifyrecord') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('changestatus') %} + {% if app['authentication'].getUser().ACL().has_right('changestatus') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('deleterecord') and app['phraseanet.user'].ACL().has_right('addrecord') %} + {% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('push') %} + {% if app['authentication'].getUser().ACL().has_right('push') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('push') %} + {% if app['authentication'].getUser().ACL().has_right('push') %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('bas_chupub') %} + {% if app['authentication'].getUser().ACL().has_right('bas_chupub') %} @@ -47,7 +47,7 @@ {% endif %} - {% if app['phraseanet.user'].ACL().has_right('doctools') %} + {% if app['authentication'].getUser().ACL().has_right('doctools') %} diff --git a/templates/web/prod/actions/Feedback/List-Share.html.twig b/templates/web/prod/actions/Feedback/List-Share.html.twig index ed66b1d2f6..4782794941 100644 --- a/templates/web/prod/actions/Feedback/List-Share.html.twig +++ b/templates/web/prod/actions/Feedback/List-Share.html.twig @@ -33,7 +33,7 @@ - {% if app['phraseanet.user'].get_id() == owner.getUser(app).get_id() %} + {% if app['authentication'].getUser().get_id() == owner.getUser(app).get_id() %} {% if owner.getRole() == constant('\\Entities\\UsrListOwner::ROLE_ADMIN') %} {% trans 'You are Admin' %} {% endif %} @@ -53,7 +53,7 @@ {% endif %} - {% if app['phraseanet.user'].get_id() != owner.getUser(app).get_id() %} + {% if app['authentication'].getUser().get_id() != owner.getUser(app).get_id() %} diff --git a/templates/web/prod/actions/Feedback/list.html.twig b/templates/web/prod/actions/Feedback/list.html.twig index ad3db125a9..191c02fc4b 100644 --- a/templates/web/prod/actions/Feedback/list.html.twig +++ b/templates/web/prod/actions/Feedback/list.html.twig @@ -5,7 +5,7 @@ - {% if list.getOwner(app['phraseanet.user'], app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_ADMIN') %} + {% if list.getOwner(app['authentication'].getUser(), app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_ADMIN') %}
    - {% if list.getOwner(app['phraseanet.user'], app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_EDITOR') %} + {% if list.getOwner(app['authentication'].getUser(), app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_EDITOR') %} @@ -16,14 +16,14 @@ {% endif %} - {% if list.getOwner(app['phraseanet.user'], app).getRole() == constant('\\Entities\\UsrListOwner::ROLE_ADMIN') %} + {% if list.getOwner(app['authentication'].getUser(), app).getRole() == constant('\\Entities\\UsrListOwner::ROLE_ADMIN') %} {% trans "Set sharing permission" %} {% endif %} {% endif %}

    - {% set role = list.getOwner(app['phraseanet.user'], app).getRole() %} + {% set role = list.getOwner(app['authentication'].getUser(), app).getRole() %} {% for entry in list.getEntries() %} {{ ListsMacros.badgeReadonly(entry, role) }} {% endfor %}
    - {% if list.getOwner(app['phraseanet.user'], app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_EDITOR') %} + {% if list.getOwner(app['authentication'].getUser(), app).getRole() >= constant('\\Entities\\UsrListOwner::ROLE_EDITOR') %} -
    +
    @@ -150,7 +150,7 @@
    -
    +
    {{_self.HTML_fieldlist(recordsRequest, fields)}}
    @@ -230,7 +230,7 @@
    -
    +
      {% if thesaurus %} diff --git a/templates/web/prod/actions/publish/publish.html.twig b/templates/web/prod/actions/publish/publish.html.twig index 8ed48ea86c..dbee138c5f 100644 --- a/templates/web/prod/actions/publish/publish.html.twig +++ b/templates/web/prod/actions/publish/publish.html.twig @@ -44,9 +44,9 @@ - + - +
    @@ -54,7 +54,7 @@

    {% trans 'Fils disponibles' %}

    {% for feed in feeds.get_feeds() %} - {% if feed.is_publisher(app['phraseanet.user']) %} + {% if feed.is_publisher(app['authentication'].getUser()) %}
    {{ feed.get_title() }} {% if feed.is_public() %} diff --git a/templates/web/prod/actions/publish/publish_edit.html.twig b/templates/web/prod/actions/publish/publish_edit.html.twig index af8a2c2793..8e2af31ccc 100644 --- a/templates/web/prod/actions/publish/publish_edit.html.twig +++ b/templates/web/prod/actions/publish/publish_edit.html.twig @@ -47,7 +47,7 @@
    {% set feed_id = entry.get_feed().get_id() %} {% for feed in feeds.get_feeds() %} - {% if feed.is_publisher(app['phraseanet.user']) %} + {% if feed.is_publisher(app['authentication'].getUser()) %}
    {{ feed.get_title() }} diff --git a/templates/web/prod/feeds/entry_macro.html.twig b/templates/web/prod/feeds/entry_macro.html.twig index 79dc46dbe9..b32d52feba 100644 --- a/templates/web/prod/feeds/entry_macro.html.twig +++ b/templates/web/prod/feeds/entry_macro.html.twig @@ -15,7 +15,7 @@
    		- {% if entry.get_feed().is_owner(app['phraseanet.user']) or entry.is_publisher(app['phraseanet.user']) %} + {% if entry.get_feed().is_owner(app['authentication'].getUser()) or entry.is_publisher(app['authentication'].getUser()) %} diff --git a/templates/web/prod/index.html.twig b/templates/web/prod/index.html.twig index 5befd22032..7745e0dcd2 100644 --- a/templates/web/prod/index.html.twig +++ b/templates/web/prod/index.html.twig @@ -54,9 +54,9 @@ {% block rss %} {% for feed in feeds %} - {% set link = feed.get_user_link(app['phraseanet.registry'], app['phraseanet.user'], 'rss') %} + {% set link = feed.get_user_link(app['phraseanet.registry'], app['authentication'].getUser(), 'rss') %} - {% set link = feed.get_user_link(app['phraseanet.registry'], app['phraseanet.user'], 'atom') %} + {% set link = feed.get_user_link(app['phraseanet.registry'], app['authentication'].getUser(), 'atom') %} {% endfor %} {% endblock %} @@ -110,12 +110,12 @@ {% endblock %} @@ -140,7 +140,7 @@
    - {% set ratio = app['phraseanet.user'].getPrefs('search_window') %} + {% set ratio = app['authentication'].getUser().getPrefs('search_window') %} {% if ratio == 0 %} {% set ratio = '0.333' %} {% endif %} @@ -186,7 +186,7 @@
    @@ -224,7 +224,7 @@
    - {% if app['phraseanet.user'].ACL().has_access_to_module('thesaurus') %} + {% if app['authentication'].getUser().ACL().has_access_to_module('thesaurus') %}
    @@ -297,7 +297,7 @@
    - + @@ -536,19 +536,19 @@ {% set actions = {} %} - {% if app['phraseanet.user'].ACL().has_right('modifyrecord') %} + {% if app['authentication'].getUser().ACL().has_right('modifyrecord') %} {% set label %} {% trans 'action : editer' %} {% endset %} {% set actions = actions|merge( { 'edit' : {'icon': "/skins/prod/000000/images/ppen_history.gif", 'class':'TOOL_ppen_btn', 'label' : label} }) %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('changestatus') %} + {% if app['authentication'].getUser().ACL().has_right('changestatus') %} {% set label %} {% trans 'action : status' %} {% endset %} {% set actions = actions|merge( { 'status' : {'icon': "/skins/prod/000000/images/chgstatus_history.gif", 'class':'TOOL_chgstatus_btn', 'label' : label} }) %} {% endif %} - {% if app['phraseanet.user'].ACL().has_right('deleterecord') and app['phraseanet.user'].ACL().has_right('addrecord') %} + {% if app['authentication'].getUser().ACL().has_right('deleterecord') and app['authentication'].getUser().ACL().has_right('addrecord') %} {% set label %} {% trans 'action : collection' %} {% endset %} @@ -596,7 +596,7 @@ {% endif %} - {% if app['phraseanet.user'].ACL().has_right('push') and app['phraseanet.user'].ACL().has_right('bas_chupub') %} + {% if app['authentication'].getUser().ACL().has_right('push') and app['authentication'].getUser().ACL().has_right('bas_chupub') %}
    - {% elseif app['phraseanet.user'].ACL().has_right('push') %} + {% elseif app['authentication'].getUser().ACL().has_right('push') %}
    - {% elseif app['phraseanet.user'].ACL().has_right('bas_chupub') %} + {% elseif app['authentication'].getUser().ACL().has_right('bas_chupub') %}
    {% endif %} - {% if app['phraseanet.user'].ACL().has_right('deleterecord') %} + {% if app['authentication'].getUser().ACL().has_right('deleterecord') %}