From 8aa029dad0a0b25af48d4c32aad0c1bb1efd2a73 Mon Sep 17 00:00:00 2001 From: Hugo Hamon Date: Thu, 3 May 2012 14:18:21 +0200 Subject: [PATCH] =?UTF-8?q?[plugins]=C2=A0added=20sfDoctrineGuardPlugin.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- plugins/sfDoctrineGuardPlugin/LICENSE | 7 + plugins/sfDoctrineGuardPlugin/README | 416 ++++++++++++++++++ plugins/sfDoctrineGuardPlugin/VERSION | 1 + .../config/doctrine/schema.yml | 182 ++++++++ ...DoctrineGuardPluginConfiguration.class.php | 44 ++ .../data/fixtures/fixtures.yml.sample | 20 + .../i18n/sf_guard.de.xml | 101 +++++ .../i18n/sf_guard.es.xml | 33 ++ .../i18n/sf_guard.fa.xml | 25 ++ .../i18n/sf_guard.fr.xml | 101 +++++ .../i18n/sf_guard.it.xml | 25 ++ .../i18n/sf_guard.pl.xml | 133 ++++++ .../i18n/sf_guard.ru.xml | 109 +++++ .../PluginsfGuardGroupFormFilter.class.php | 13 + ...luginsfGuardPermissionFormFilter.class.php | 13 + .../PluginsfGuardUserFormFilter.class.php | 13 + .../form/base/BasesfGuardFormSignin.class.php | 42 ++ ...sfGuardRequestForgotPasswordForm.class.php | 25 ++ .../doctrine/PluginsfGuardGroupForm.class.php | 28 ++ .../PluginsfGuardPermissionForm.class.php | 25 ++ .../doctrine/PluginsfGuardUserForm.class.php | 13 + ...asesfGuardChangeUserPasswordForm.class.php | 27 ++ .../base/BasesfGuardRegisterForm.class.php | 27 ++ .../base/BasesfGuardUserAdminForm.class.php | 40 ++ .../sfGuardChangeUserPasswordForm.class.php | 20 + .../doctrine/sfGuardRegisterForm.class.php | 20 + .../doctrine/sfGuardUserAdminForm.class.php | 20 + .../lib/form/sfGuardFormSignin.class.php | 20 + ...sfGuardRequestForgotPasswordForm.class.php | 20 + .../PluginsfGuardForgotPassword.class.php | 16 + ...PluginsfGuardForgotPasswordTable.class.php | 20 + .../doctrine/PluginsfGuardGroup.class.php | 13 + .../PluginsfGuardGroupPermission.class.php | 13 + ...luginsfGuardGroupPermissionTable.class.php | 13 + .../PluginsfGuardGroupTable.class.php | 13 + .../PluginsfGuardPermission.class.php | 13 + .../PluginsfGuardPermissionTable.class.php | 13 + .../PluginsfGuardRememberKey.class.php | 13 + .../PluginsfGuardRememberKeyTable.class.php | 13 + .../doctrine/PluginsfGuardUser.class.php | 292 ++++++++++++ .../doctrine/PluginsfGuardUserGroup.class.php | 18 + .../PluginsfGuardUserGroupTable.class.php | 13 + .../PluginsfGuardUserPermission.class.php | 18 + ...PluginsfGuardUserPermissionTable.class.php | 13 + .../doctrine/PluginsfGuardUserTable.class.php | 48 ++ .../lib/routing/sfGuardRouting.class.php | 118 +++++ .../lib/sfGuardBasicSecurityFilter.class.php | 56 +++ .../lib/sfGuardRememberMeFilter.class.php | 60 +++ .../lib/task/sfGuardAddGroupTask.class.php | 66 +++ .../task/sfGuardAddPermissionTask.class.php | 66 +++ .../task/sfGuardChangePasswordTask.class.php | 70 +++ .../lib/task/sfGuardCreateUserTask.class.php | 71 +++ .../sfGuardPromoteSuperAdminTask.class.php | 70 +++ .../lib/user/sfGuardSecurityUser.class.php | 396 +++++++++++++++++ .../validator/sfGuardValidatorUser.class.php | 69 +++ .../sfGuardValidatorUsernameOrEmail.class.php | 34 ++ .../sfGuardAuth/actions/actions.class.php | 22 + .../sfGuardAuth/actions/components.class.php | 22 + .../modules/sfGuardAuth/config/security.yml | 8 + .../lib/BasesfGuardAuthActions.class.php | 82 ++++ .../lib/BasesfGuardAuthComponents.class.php | 10 + .../sfGuardAuth/templates/_signin_form.php | 25 ++ .../sfGuardAuth/templates/secureSuccess.php | 9 + .../sfGuardAuth/templates/signinSuccess.php | 5 + .../actions/actions.class.php | 15 + ...BasesfGuardForgotPasswordActions.class.php | 119 +++++ .../templates/_new_password.php | 16 + .../templates/_send_request.php | 16 + .../templates/changeSuccess.php | 19 + .../templates/indexSuccess.php | 22 + .../sfGuardGroup/actions/actions.class.php | 16 + .../modules/sfGuardGroup/config/generator.yml | 25 ++ ...GuardGroupGeneratorConfiguration.class.php | 13 + .../lib/sfGuardGroupGeneratorHelper.class.php | 13 + .../actions/actions.class.php | 16 + .../sfGuardPermission/config/generator.yml | 25 ++ ...PermissionGeneratorConfiguration.class.php | 13 + ...sfGuardPermissionGeneratorHelper.class.php | 13 + .../sfGuardRegister/actions/actions.class.php | 15 + .../actions/components.class.php | 7 + .../lib/BasesfGuardRegisterActions.class.php | 33 ++ .../BasesfGuardRegisterComponents.class.php | 10 + .../sfGuardRegister/templates/_form.php | 14 + .../templates/indexSuccess.php | 4 + .../sfGuardUser/actions/actions.class.php | 16 + .../modules/sfGuardUser/config/generator.yml | 31 ++ .../lib/BasesfGuardUserActions.class.php | 20 + ...fGuardUserGeneratorConfiguration.class.php | 13 + .../lib/sfGuardUserGeneratorHelper.class.php | 13 + .../sfDoctrineGuardPlugin/package.xml.tmpl | 82 ++++ .../doctrine/PluginsfGuardGroupFormTest.php | 25 ++ .../PluginsfGuardPermissionFormTest.php | 25 ++ .../doctrine/PluginsfGuardUserFormTest.php | 22 + .../doctrine/PluginsfGuardUserTableTest.php | 53 +++ .../model/doctrine/PluginsfGuardUserTest.php | 115 +++++ .../validator/sfGuardValidatorUserTest.php | 132 ++++++ 96 files changed, 4335 insertions(+) create mode 100644 plugins/sfDoctrineGuardPlugin/LICENSE create mode 100644 plugins/sfDoctrineGuardPlugin/README create mode 100644 plugins/sfDoctrineGuardPlugin/VERSION create mode 100644 plugins/sfDoctrineGuardPlugin/config/doctrine/schema.yml create mode 100644 plugins/sfDoctrineGuardPlugin/config/sfDoctrineGuardPluginConfiguration.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/data/fixtures/fixtures.yml.sample create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.de.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.es.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fa.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fr.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.it.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.pl.xml create mode 100644 plugins/sfDoctrineGuardPlugin/i18n/sf_guard.ru.xml create mode 100644 plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardGroupFormFilter.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardPermissionFormFilter.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardUserFormFilter.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardFormSignin.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardRequestForgotPasswordForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardGroupForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardPermissionForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardUserForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardChangeUserPasswordForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardRegisterForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardUserAdminForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardChangeUserPasswordForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardRegisterForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardUserAdminForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/sfGuardFormSignin.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/form/sfGuardRequestForgotPasswordForm.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPassword.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPasswordTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroup.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermission.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermissionTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermission.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermissionTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKey.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKeyTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUser.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroup.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroupTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermission.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermissionTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserTable.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/routing/sfGuardRouting.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/sfGuardBasicSecurityFilter.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddGroupTask.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddPermissionTask.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/task/sfGuardChangePasswordTask.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/task/sfGuardCreateUserTask.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/task/sfGuardPromoteSuperAdminTask.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUser.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUsernameOrEmail.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/actions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/components.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/config/security.yml create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthComponents.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/_signin_form.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/secureSuccess.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php create mode 100755 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/actions/actions.class.php create mode 100755 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/lib/BasesfGuardForgotPasswordActions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_new_password.php create mode 100755 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_send_request.php create mode 100755 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/changeSuccess.php create mode 100755 plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/indexSuccess.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/actions/actions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/config/generator.yml create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/lib/sfGuardGroupGeneratorConfiguration.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/lib/sfGuardGroupGeneratorHelper.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardPermission/actions/actions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardPermission/config/generator.yml create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardPermission/lib/sfGuardPermissionGeneratorConfiguration.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardPermission/lib/sfGuardPermissionGeneratorHelper.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/actions/actions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/actions/components.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/lib/BasesfGuardRegisterActions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/lib/BasesfGuardRegisterComponents.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/_form.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/indexSuccess.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/actions/actions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/config/generator.yml create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/BasesfGuardUserActions.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/sfGuardUserGeneratorConfiguration.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/sfGuardUserGeneratorHelper.class.php create mode 100644 plugins/sfDoctrineGuardPlugin/package.xml.tmpl create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardGroupFormTest.php create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardPermissionFormTest.php create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardUserFormTest.php create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTableTest.php create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTest.php create mode 100644 plugins/sfDoctrineGuardPlugin/test/unit/validator/sfGuardValidatorUserTest.php diff --git a/plugins/sfDoctrineGuardPlugin/LICENSE b/plugins/sfDoctrineGuardPlugin/LICENSE new file mode 100644 index 0000000..28956ad --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/LICENSE @@ -0,0 +1,7 @@ +Copyright (c) 2004-2006 Fabien Potencier + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/plugins/sfDoctrineGuardPlugin/README b/plugins/sfDoctrineGuardPlugin/README new file mode 100644 index 0000000..10ffc6a --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/README @@ -0,0 +1,416 @@ +# sfGuardDoctrine plugin (for symfony 1.4) # + +The `sfDoctrineGuardPlugin` is a symfony plugin that provides authentication and +authorization features above and beyond the standard security features of symfony. + +It gives you the model (user, group and permission objects) and the modules +(backend and frontend) to secure your symfony application in a minute in +a configurable plugin. + +Beginning with version 5.0.0 (the 1.4 stable branch), `sfDoctrineGuardPlugin` also +provides the option of applying for an account through the site (this is disabled +by default), and the ability to reset your password if you have forgotten it. +For security, password reset requires that you know the email address associated with the +account and be able to receive mail there. However applying for an account does not yet require receiving +an email message in 5.0.0. + +The 5.x series can require significant migration effort when moving from earlier releases. See the Upgrade section for more information. + +## Installation ## + + * Install the plugin (via a package) + + symfony plugin:install sfDoctrineGuardPlugin + + * Install the plugin (via a Subversion checkout) + + svn co http://svn.symfony-project.com/plugins/sfDoctrineGuardPlugin/trunk plugins/sfDoctrineGuardPlugin + + * Activate the plugin in the `config/ProjectConfiguration.class.php` + + [php] + class ProjectConfiguration extends sfProjectConfiguration + { + public function setup() + { + $this->enablePlugins(array( + 'sfDoctrinePlugin', + 'sfDoctrineGuardPlugin', + '...' + )); + } + } + + * Rebuild your model + + symfony doctrine:build-model + symfony doctrine:build-sql + + * Update you database tables by starting from scratch (it will delete all + the existing tables, then re-create them): + + symfony doctrine:insert-sql + + or do everything with one command + + symfony doctrine-build-all-reload frontend + + or you can just create the new tables by using the generated SQL + statements in `data/sql/plugins.sfGuardAuth.lib.model.schema.sql` + + * Load default fixtures (optional - it creates a superadmin user) + + mkdir data/fixtures/ + cp plugins/sfDoctrineGuardPlugin/data/fixtures/fixtures.yml.sample data/fixtures/sfGuard.yml + + symfony doctrine:data-load frontend # replace frontend with the name of one of your application + + * Enable one or more modules in your `settings.yml` (optional) + * For your backend application: sfGuardUser, sfGuardGroup, sfGuardPermission + + all: + .settings: + enabled_modules: [default, sfGuardGroup, sfGuardUser, sfGuardPermission] + + PLEASE NOTE: these modules are NOT SECURED by default, because we can't guess what you want your policies to be. Please read the "Secure your application" section below. + + * For your frontend application: sfGuardAuth + + all: + .settings: + enabled_modules: [default, sfGuardAuth] + + Do not secure `sfGuardAuth`, it is the module that allows the user to log in. + + * Clear you cache + + symfony cc + + * Optionally add the "Remember Me" filter to `filters.yml` above the security filter: + + [yml] + remember_me: + class: sfGuardRememberMeFilter + + security: ~ + +### Upgrading ### + +The 5.0.x series adds several new tables, adds columns to existing tables and changes the names of all of the relations in the schema. + +This requires changes of two kinds: database schema changes and, in some cases, changes to your code. We'll look at each of these issues in turn. + +#### Updating your Schema #### + +There are three basic changes in the schema: + + * All primary key ID columns have been changed to 8-byte integers + * New columns in the `sfGuardUser` table, which now contains `first_name`, `last_name` and `email_address` information + * A new `sfGuardForgotPassword` table used to verify password reset requests and account creation requests + +##### Upgrading to 8 Byte Integers ##### + +It would be handy to use Doctrine's `generate-migrations-diff` task to update the schema, but unfortunately while it is a powerful tool it cannot figure out how to change the ID columns to 8 bytes without foreign key errors. You can write a migration yourself or just use SQL ALTER TABLE statements. If you choose to do so, you will need to drop the foreign key indexes first (never the columns of course, just the indexes), alter the ID column types, and then create the foreign key indexes again. We recommend locking the database while doing so. + +You can also leave the types of the IDs alone in your existing database. That is a great deal easier. If you choose this approach, make sure you create the new `sfGuardForgotPassword` table with 4-byte integers, just like your old tables, as explained below. + +##### Adding the New Columns ##### + +There are three new columns in the `sf_guard_user` table. You can add these with the following SQL statements: + + ALTER TABLE sf_guard_user ADD COLUMN first_name varchar(255) DEFAULT NULL; + ALTER TABLE sf_guard_user ADD COLUMN last_name varchar(255) DEFAULT NULL; + ALTER TABLE sf_guard_user ADD COLUMN email_address varchar(255) DEFAULT ''; + +Next you should specify that the email address must be unique. This poses a problem if your users do not currently have an email address field at all in your existing system (for instance, you have no profile table, or there is no email address in it). You can work around it this way as a temporary solution: + + UPDATE sf_guard_user SET email_address = username; + +This ensures a unique setting although it does not actually provide a useful email address. If you have a profile table with email addresses, a better idea is to import your email addresses from there: + + UPDATE sf_guard_user,sf_guard_profile SET sf_guard_user.email_address = sf_guard_profile.email_address WHERE sf_guard_user.id = sf_guard_profile.id; + +Now you are ready to index the column and make it unique: + + ALTER TABLE sf_guard_user ADD UNIQUE KEY `email_address` (`email_address`); + +##### Adding the sfGuardForgotPassword table ##### + +You can do this with the following SQL code. + +If you wish to stick with 4-byte IDs: + + CREATE TABLE sf_guard_forgot_password (id INT AUTO_INCREMENT, user_id INT NOT NULL, unique_key VARCHAR(255), expires_at DATETIME NOT NULL, created_at DATETIME NOT NULL, updated_at DATETIME NOT NULL, INDEX user_id_idx (user_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ENGINE = INNODB; + +If you have upgraded your IDs: + + CREATE TABLE sf_guard_forgot_password (id BIGINT AUTO_INCREMENT, user_id BIGINT NOT NULL, unique_key VARCHAR(255), expires_at DATETIME NOT NULL, created_at DATETIME NOT NULL, updated_at DATETIME NOT NULL, INDEX user_id_idx (user_id), PRIMARY KEY(id)) DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ENGINE = INNODB; + +#### Updating your Code #### + +*If you have not migrated your database schema yet, DO THAT FIRST (see above).* Otherwise you lose the option of using Doctrine migrations. + +After updating your schema you will also need to update your code to account for the changes. + +First rebuild your model, form and filter base classes. This will not damage any custom code in your own model classes, as long as you followed standard practice and left the `Base` classes alone: + + ./symfony doctrine:build --all-classes + +Second, check your Doctrine code for places where you use the relations that are defined for `sfGuardUser`, `sfGuardGroup`, etc. The names of these relations have been changed for convenience and to follow Symfony best practices. + +The most frequently used relations that have changed are: + +$group->users is now $group->Users (uppercase) +$group->permissions is now $group->Permissions (uppercase) +$user->groups is now $user->Groups (uppercase) +$user->permissions is now $user->Permissions (uppercase) + +The less commonly used relations on `sfGuardUserPermission` and `sfGuardGroupPermission` have changed as well. They are capitalized and they do not have an `sfGuard` prefix. Those who sometimes write custom queries to locate users with particular privileges need to be aware of this. + +### Secure your application ### + +To secure a symfony application: + + * Enable the module `sfGuardAuth` in `settings.yml` + + all: + .settings: + enabled_modules: [..., sfGuardAuth] + + * Change the default login and secure modules in `settings.yml` + + login_module: sfGuardAuth + login_action: signin + + secure_module: sfGuardAuth + secure_action: secure + + * Change the parent class in `myUser.class.php` + + class myUser extends sfGuardSecurityUser + { + } + + * Optionally add the following routing rules to `routing.yml` + + sf_guard_signin: + url: /login + param: { module: sfGuardAuth, action: signin } + + sf_guard_signout: + url: /logout + param: { module: sfGuardAuth, action: signout } + + sf_guard_register: + url: /register + param: { module: sfGuardRegister, action: index } + + sf_guard_forgot_password: + url: /forgot_password + param: { module: sfGuardForgotPassword, action: index } + + sf_guard_forgot_password_change: + url: /forgot_password/:unique_key + class: sfDoctrineRoute + options: { model: sfGuardForgotPassword, type: object } + param: { module: sfGuardForgotPassword, action: change } + requirements: + sf_method: [get, post] + + You can customize the `url` parameter of each route. + N.B.: You must have a `@homepage` routing rule (used when a user sign out) + + These routes are automatically registered by the plugin if the module `sfGuardAuth` + is enabled unless you defined `sf_guard_plugin_routes_register` to false + in the `app.yml` configuration file: + + all: + sf_guard_plugin: + routes_register: false + + * Secure some modules or your entire application in `security.yml` + + default: + is_secure: true + + * You're done. Now, if you try to access a secure page, you will be redirected + to the login page. + If you have loaded the default fixture file, try to login with `admin` as + username and `admin` as password. + + * If you do NOT secure your entire site by default, then make sure you DO secure the `sfGuardUser`, `sfGuardGroup` and `sfGuardPermission` modules in particular! Otherwise anonymous users can create users, groups and permissions at any time. This is a common oversight on `sfDoctrineGuardPlugin` sites. + +## Manage your users, permissions and groups ## + +To be able to manage your users, permissions and groups, `sfDoctrineGuardPlugin` comes +with 3 modules that can be integrated in your backend application. +These modules are auto-generated thanks to the symfony admin generator. + + * Enable the modules in `settings.yml` + + all: + .settings: + enabled_modules: [..., sfGuardGroup, sfGuardPermission, sfGuardUser] + + * Remember to secure these modules via `security.yml` if you are not securing your entire site. Otherwise anonymous users can create and delete users + + * Access the modules with the default route `sf_guard_user`: + + http://www.example.com/backend.php/guard/users + +## Applying for Accounts ## + +Some site administrators will wish to allow members of the public to apply for accounts. Beginning in 5.0.0 this feature is available in `sfDoctrineGuardPlugin`. + +To enable the feature you must enable the `sfGuardRegister` module, then provide users with a link to the `sfGuardRegister/index` action. + +[TODO: flesh this out further] +[TODO: document the forgot password feature] + +## Customize sfGuardAuth module templates ## + +By default, `sfGuardAuth` module comes with 2 very simple templates: + + * `signinSuccess.php` + * `secureSuccess.php` + +If you want to customize one of these templates: + + * Create a `sfGuardAuth` module in your application (don't use the + `init-module` task, just create a `sfGuardAuth` directory) + + * Create a template with the name of the template you want to customize in + the `sfGuardAuth/templates` directory + + * symfony now renders your template instead of the default one + +## Customize `sfGuardAuth` module actions ## + +If you want to customize or add methods to the sfGuardAuth: + + * Create a `sfGuardAuth` module in your application + + * Create an `actions.class.php` file in your `actions` directory that inherit + from `BasesfGuardAuthActions` (don't forget to include the `BasesfGuardAuthActions` + as it can't be autoloaded by symfony) + + renderText('This is a new sfGuardAuth action.'); + } + } + +## `sfGuardSecurityUser` class ## + +This class inherits from Symfony's `sfBasicSecurityUser` class and is +used for the `user` object in your symfony application. +(Remember that you changed the `myUser` base class earlier.) + +To access it, you can use the standard `$this->getUser()` in your actions +or `$sf_user` in your templates. + +`sfGuardSecurityUser` adds some useful methods: + + * `signIn()` and `signOut()` methods + * `getGuardUser()`, which returns the `sfGuardUser` object + * a bunch of proxy methods to access directly the `sfGuardUser` object + +For example, to get the current username: + + $this->getUser()->getGuardUser()->getUsername() + + // or via the proxy method + $this->getUser()->getUsername() + +## Superadmin ("super administrator") flag ## + +To prevent chicken and egg problems, `sfDoctrineGuardPlugin` has the concept of a "superadmin." A user that is a superadmin + bypasses all credential checks. + +The superadmin flag cannot be set via the `sfGuardUser` admin module, you must set the flag +directly in the database or use the provided Symfony task: + + symfony guard:promote admin + +## Validators ## + +`sfDoctrineGuardPlugin` comes with a validator that you can use in your modules: +`sfGuardUserValidator`. + +This validator is used by the `sfGuardAuth` module to validate the username and +password before signing the user in. + +## Check the user password with an external method ## + +If you don't want to store the password in the database because you already +have a LDAP server, a .htaccess file or if you store your passwords in another +table, you can provide your own `checkPassword` callable (static method or +function) in `app.yml`: + + all: + sf_guard_plugin: + check_password_callable: [MyLDAPClass, checkPassword] + +When symfony will call the `$this->getUser()->checkPassword()` method, it will +call your method or function. Your function must takes 2 parameters, the first +one is the username and the second one is the password. It must return true +or false. Here is a template for such a function: + + function checkLDAPPassword($username, $password) + { + $user = LDAP::getUser($username); + if ($user->checkPassword($password)) + { + return true; + } + else + { + return false; + } + } + +## Change the algorithm used to store passwords ## + +By default, passwords are stored as a `sha1()` hash. But you can change this +with any callable in `app.yml`: + + all: + sf_guard_plugin: + algorithm_callable: [MyCryptoClass, MyCryptoMethod] + +or: + + all: + sf_guard_plugin: + algorithm_callable: md5 + +As the algorithm is stored for each user, you can change your mind later +without the need to regenerate all passwords for the current users. + +## Change the name or expiration period of the "Remember Me" cookie ## + +By default, the "Remember Me" feature creates a cookie named `sfRemember` +that will last 15 days. You can change this behavior in `app.yml`: + + all: + sf_guard_plugin: + remember_key_expiration_age: 2592000 # 30 days in seconds + remember_cookie_name: myAppRememberMe + +## Customize `sfGuardAuth` redirect handling ## + +It is possible to redirect the user to his profile after a successful login, or +to a particular page on logout. + +You can change the redirect settings in `app.yml`: + + all: + sf_guard_plugin: + success_signin_url: @my_route?param=value # the plugin uses the referer as default + success_signout_url: module/action # the plugin uses the referer as default diff --git a/plugins/sfDoctrineGuardPlugin/VERSION b/plugins/sfDoctrineGuardPlugin/VERSION new file mode 100644 index 0000000..ee90284 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/VERSION @@ -0,0 +1 @@ +1.0.4 diff --git a/plugins/sfDoctrineGuardPlugin/config/doctrine/schema.yml b/plugins/sfDoctrineGuardPlugin/config/doctrine/schema.yml new file mode 100644 index 0000000..eff91b9 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/config/doctrine/schema.yml @@ -0,0 +1,182 @@ +sfGuardGroup: + actAs: [Timestampable] + columns: + name: + type: string(255) + unique: true + description: string(1000) + relations: + Users: + class: sfGuardUser + refClass: sfGuardUserGroup + local: group_id + foreign: user_id + foreignAlias: Groups + Permissions: + class: sfGuardPermission + local: group_id + foreign: permission_id + refClass: sfGuardGroupPermission + foreignAlias: Groups + +sfGuardPermission: + actAs: [Timestampable] + columns: + name: + type: string(255) + unique: true + description: string(1000) + +sfGuardGroupPermission: + options: + symfony: + form: false + filter: false + actAs: [Timestampable] + columns: + group_id: + type: integer + primary: true + permission_id: + type: integer + primary: true + relations: + Group: + class: sfGuardGroup + local: group_id + onDelete: CASCADE + Permission: + class: sfGuardPermission + local: permission_id + onDelete: CASCADE + +sfGuardUser: + actAs: [Timestampable] + columns: + first_name: string(255) + last_name: string(255) + email_address: + type: string(255) + notnull: true + unique: true + username: + type: string(128) + notnull: true + unique: true + algorithm: + type: string(128) + default: sha1 + notnull: true + salt: string(128) + password: string(128) + is_active: + type: boolean + default: 1 + is_super_admin: + type: boolean + default: false + last_login: + type: timestamp + indexes: + is_active_idx: + fields: [is_active] + relations: + Groups: + class: sfGuardGroup + local: user_id + foreign: group_id + refClass: sfGuardUserGroup + foreignAlias: Users + Permissions: + class: sfGuardPermission + local: user_id + foreign: permission_id + refClass: sfGuardUserPermission + foreignAlias: Users + +sfGuardUserPermission: + options: + symfony: + form: false + filter: false + actAs: [Timestampable] + columns: + user_id: + type: integer + primary: true + permission_id: + type: integer + primary: true + relations: + User: + class: sfGuardUser + local: user_id + onDelete: CASCADE + Permission: + class: sfGuardPermission + local: permission_id + onDelete: CASCADE + +sfGuardUserGroup: + options: + symfony: + form: false + filter: false + actAs: [Timestampable] + columns: + user_id: + type: integer + primary: true + group_id: + type: integer + primary: true + relations: + User: + class: sfGuardUser + local: user_id + onDelete: CASCADE + Group: + class: sfGuardGroup + local: group_id + onDelete: CASCADE + +sfGuardRememberKey: + options: + symfony: + form: false + filter: false + actAs: [Timestampable] + columns: + user_id: integer + remember_key: string(32) + ip_address: string(50) + relations: + User: + class: sfGuardUser + local: user_id + foreignAlias: RememberKeys + foreignType: one + onDelete: CASCADE + +sfGuardForgotPassword: + options: + symfony: + form: false + filter: false + actAs: [Timestampable] + columns: + user_id: + type: integer + notnull: true + unique_key: string(255) + expires_at: + type: timestamp + notnull: true + relations: + User: + class: sfGuardUser + local: user_id + type: one + foreignType: one + foreignAlias: ForgotPassword + onDelete: CASCADE \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/config/sfDoctrineGuardPluginConfiguration.class.php b/plugins/sfDoctrineGuardPlugin/config/sfDoctrineGuardPluginConfiguration.class.php new file mode 100644 index 0000000..8533db5 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/config/sfDoctrineGuardPluginConfiguration.class.php @@ -0,0 +1,44 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * sfDoctrineGuardPlugin configuration. + * + * @package sfDoctrineGuardPlugin + * @subpackage config + * @author Fabien Potencier + * @author Jonathan H. Wage + * @version SVN: $Id: sfDoctrineGuardPluginConfiguration.class.php 30723 2010-08-22 09:51:02Z gimler $ + */ +class sfDoctrineGuardPluginConfiguration extends sfPluginConfiguration +{ + /** + * @see sfPluginConfiguration + */ + public function initialize() + { + if (sfConfig::get('app_sf_guard_plugin_routes_register', true)) + { + $enabledModules = sfConfig::get('sf_enabled_modules', array()); + if (in_array('sfGuardAuth', $enabledModules)) + { + $this->dispatcher->connect('routing.load_configuration', array('sfGuardRouting', 'listenToRoutingLoadConfigurationEvent')); + } + + foreach (array('sfGuardUser', 'sfGuardGroup', 'sfGuardPermission', 'sfGuardRegister', 'sfGuardForgotPassword') as $module) + { + if (in_array($module, $enabledModules)) + { + $this->dispatcher->connect('routing.load_configuration', array('sfGuardRouting', 'addRouteFor'.str_replace('sfGuard', '', $module))); + } + } + } + } +} diff --git a/plugins/sfDoctrineGuardPlugin/data/fixtures/fixtures.yml.sample b/plugins/sfDoctrineGuardPlugin/data/fixtures/fixtures.yml.sample new file mode 100644 index 0000000..e6ca49b --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/data/fixtures/fixtures.yml.sample @@ -0,0 +1,20 @@ +sfGuardUser: + User_admin: + first_name: John + last_name: Doe + email_address: john.doe@gmail.com + username: admin + password: admin + is_super_admin: true + Groups: [Group_admin] + +sfGuardGroup: + Group_admin: + name: admin + description: Administrator group + Permissions: [Permission_admin] + +sfGuardPermission: + Permission_admin: + name: admin + description: Administrator permission \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.de.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.de.xml new file mode 100644 index 0000000..2830e6c --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.de.xml @@ -0,0 +1,101 @@ + + + + +
+ + + Username + Benutzername + + + Username or E-Mail + Benutzername oder E-Mail-Adresse + + + Password + Passwort + + + Password again + Passwort wiederholen + + + Register + Registrieren + + + Signin + Anmelden + + + Forgot your password? + Passwort vergessen? + + + Want to register? + Wollen Sie sich registrieren? + + + Login below to gain access + Anmelden um die entsprechenden Rechte zu erhalten + + + Oops! The page you asked for is secure and you do not have proper credentials. + Hoppla! Die angeforderte Seite ist gesichert und die entsprechenden Rechte fehlen. + + + Hi %first_name% + Hi, %first_name% + + + This e-mail is being sent because you requested information on how to reset your password. + Diese E-Mail wurde versendet, da Sie Anweisungen zum reseten des Passwortes angefordert haben. + + + You can change your password by clicking the below link which is only valid for 24 hours: + Sie können Ihr Passwort ändern in dem Sie den unten stehenden Link, innerhalb der nächsten 24h, anklicken: + + + Click to change password + Klicken Sie hier, um Ihr Passwort zu ändern + + + Below you will find your username and new password: + Folgend finden Sie Ihren Benutzernamen und Ihr Passwort: + + + Do not worry, we can help you get back in to your account safely! + Keine Sorge, wir können Ihnen helfen sicher an Ihre Accountdaten zugelangen. + + + Fill out the form below to request an e-mail with information on how to reset your password. + Füllen Sie das unten stehende Formular aus, um eine E-Mail mit Anweisungen zum reseten des Passwortes zu erhalten. + + + Request + Erinnern + + + Hello %name% + Hallo, %name% + + + Enter your new password in the form below. + Geben Sie Ihr neues Passwort in das unten stehende Formularfeld ein. + + + Change + Ändern + + + Forgot Password Request for %name% + Passwort vergessen für %name% + + + New Password for %name% + Neues Passwort für %name% + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.es.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.es.xml new file mode 100644 index 0000000..123beae --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.es.xml @@ -0,0 +1,33 @@ + + + + +
+ + + Username + Usuario + + + Password + Contraseña + + + Remember + Recordar + + + Signin + Conectar + + + Forgot your password? + ¿Olvidó su contraseña? + + + You don't have the required permission to access this page. + No tiene los permisos requeridos para acceder a esta página. + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fa.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fa.xml new file mode 100644 index 0000000..614b136 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fa.xml @@ -0,0 +1,25 @@ + + + + +
+ + + Username + نام کاربری + + + Password + کلمه عبور + + + Signin + ورود + + + Forgot your password? + کلمه عبور خود را فراموش کرده اید؟ + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fr.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fr.xml new file mode 100644 index 0000000..2eacac6 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.fr.xml @@ -0,0 +1,101 @@ + + + + +
+ + + Username + Nom d'utilisateur + + + Username or E-Mail + Identifiant ou email + + + Password + Mot de passe + + + Password again + Répétez votre mot de passe + + + Register + Créer un compte + + + Signin + Se connecter + + + Forgot your password? + Mot de passe oublié ? + + + Want to register? + Créer un compte? + + + Login below to gain access + Enregistrez vous ci dessous pour accéder a cette page + + + Oops! The page you asked for is secure and you do not have proper credentials. + Oups! La page que vous avez demandé est sécurisée et vous n'avez pas les autorisations nécessaires + + + Hi %first_name% + Bonjour %first_name% + + + This e-mail is being sent because you requested information on how to reset your password. + Cet email vous est envoyé parce que vous avez demandé des informations pour réinitialiser votre mot de passe. + + + You can change your password by clicking the below link which is only valid for 24 hours: + Vous pouvez modifier votre mot de passe en cliquant sur le lien ci dessous qui n'est valide que pendant 24 heures: + + + Click to change password + Cliquez pour modifier votre mot de passe + + + Below you will find your username and new password: + Veuillez trouver ci dessous votre identifiant ainsi que votre nouveau mot de passe: + + + Do not worry, we can help you get back in to your account safely! + Ne vous inquiétez pas, nous allons vous aider a retrouver votre compte en toute sécurité! + + + Fill out the form below to request an e-mail with information on how to reset your password. + Remplissez le formulaire ci dessous pour recevoir un email avec la procédure pour renouveller votre mot de passe. + + + Request + Envoyer + + + Hello %name% + Bonjour %name% + + + Enter your new password in the form below. + Entrez votre nouveau mot de passe dans le formulaire ci dessous. + + + Change + Modifier + + + Forgot Password Request for %name% + Demande de nouveau mot de passe pour %name% + + + New Password for %name% + Nouveau mot de passe pour %name% + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.it.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.it.xml new file mode 100644 index 0000000..18438b9 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.it.xml @@ -0,0 +1,25 @@ + + + + +
+ + + Username + Nome utente + + + Password + Password + + + Signin + Entra + + + Forgot your password? + Hai dimenticato la password? + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.pl.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.pl.xml new file mode 100644 index 0000000..b258084 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.pl.xml @@ -0,0 +1,133 @@ + + + + +
+ + + Signin + Zaloguj + + + Forgot your password? + Nie pamiętasz hasła? + + + Want to register? + Chcesz się zarejestrować? + + + Oops! The page you asked for is secure and you do not have proper credentials. + Ups! Strona na którą chcesz się dostać jest zabezpieczona a Ty nie masz odpowiednich uprawnień. + + + Login below to gain access + Zaloguj się aby uzyskać dostęp + + + Register + Rejestracja + + + Group list + Lista grup + + + Editing Group "%%name%%" + Edycja grupy "%%name%%" + + + New Group + Nowa grupa + + + User list + Lista użytkowników + + + Editing User "%%username%%" + Edycja użytkownika "%%username%%" + + + New User + Nowy użytkownik + + + Password (again) + Hasło (ponownie) + + + Forgot Password Request for %name% + Odzyskiwanie hasła dla %name% + + + New Password for %name% + Nowe hasło dla %name% + + + Hi %first_name% + Witaj %first_name% + + + This e-mail is being sent because you requested information on how to reset your password. + Ten e-mail został do Ciebie wysłany ponieważ poproszono o możliwość zresetowania hasła. + + + You can change your password by clicking the below link which is only valid for 24 hours: + Możesz zmienić swoje hasło klikając na link poniżej, który będzie poprawny przez następne 24 godziny: + + + Click to change password + Kliknij aby zmienić hasło + + + Below you will find your username and new password: + Poniżej znajdziesz swoją nazwę użytkownika i nowe hasło: + + + Username + Nazwa użytkownika + + + Password + Hasło + + + Hello %name% + Witaj %name% + + + Enter your new password in the form below. + Wpisz nowe hasło w poniższej formie. + + + Change + Zmień + + + Do not worry, we can help you get back in to your account safely! + Nie obawiaj się, pomożemy Ci bezpiecznie odzyskać dostęp do Twojego konta! + + + Fill out the form below to request an e-mail with information on how to reset your password. + Wypełnij poniższą formę aby otrzymać e-mail z informacją o sposobie zresetowania hasła. + + + Request + Podanie + + + Permission list + Lista uprawnień + + + Editing Permission "%%name%%" + Edycja uprawnienia "%%name%%" + + + New Permission + Nowe uprawnienie + + + + diff --git a/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.ru.xml b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.ru.xml new file mode 100644 index 0000000..df5ad4e --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/i18n/sf_guard.ru.xml @@ -0,0 +1,109 @@ + + + + +
+ + + Username + Имя + + + Username or E-Mail + Имя или E-mail + + + Password + Пароль + + + Password again + Повторите пароль + + + Register + Зарегистрироваться + + + Signin + Авторизоваться + + + Forgot your password? + Я забыл пароль + + + Want to register? + Хотите зарегистрироваться? + + + Login below to gain access + Авторизуйтесь, чтобы получить доступ к этой странице + + + Oops! The page you asked for is secure and you do not have proper credentials. + Упс! Запрашиваемая вами страница требует привилегий доступа, которых у вас нет. + + + Hi %first_name% + Здравствуйте, %first_name% + + + This e-mail is being sent because you requested information on how to reset your password. + Это письмо отправлено вам потому, что вы запрашивали информацию о восстановлении пароля. + + + You can change your password by clicking the below link which is only valid for 24 hours: + Вы можете изменить пароль, перейдя по ссылке ниже. Ссылка действительна в течение 24 часов: + + + Click to change password + Нажмите здесь, чтобы сменить пароль. + + + Below you will find your username and new password: + Ниже вы найдете ваше имя пользователя и новый пароль: + + + Do not worry, we can help you get back in to your account safely! + Не волнуйтесь, мы поможем вам вернуть доступ к своей учетной записи! + + + Fill out the form below to request an e-mail with information on how to reset your password. + Заполните форму ниже, чтобы получить письмо с информацией о восстановлении пароля. + + + Request + Запросить + + + Hello %name% + Здравствуйте, %name% + + + Enter your new password in the form below. + Введите ваш новый пароль в форме ниже. + + + Change + Изменить + + + Forgot Password Request for %name% + Запрос на восстановление пароля для пользователя %name% + + + New Password for %name% + Новый пароль для пользователя %name% + + + The username and/or password is invalid. + Имя и/или пароль указаны неверно + + + Remember + Запомнить + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardGroupFormFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardGroupFormFilter.class.php new file mode 100644 index 0000000..915f694 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardGroupFormFilter.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardGroupFormFilter.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroupFormFilter extends BasesfGuardGroupFormFilter +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardPermissionFormFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardPermissionFormFilter.class.php new file mode 100644 index 0000000..88b9eb0 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardPermissionFormFilter.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardPermissionFormFilter.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardPermissionFormFilter extends BasesfGuardPermissionFormFilter +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardUserFormFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardUserFormFilter.class.php new file mode 100644 index 0000000..92de204 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/filter/doctrine/PluginsfGuardUserFormFilter.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardUserFormFilter.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardUserFormFilter extends BasesfGuardUserFormFilter +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardFormSignin.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardFormSignin.class.php new file mode 100644 index 0000000..2319021 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardFormSignin.class.php @@ -0,0 +1,42 @@ + + * @author Jonathan H. Wage + * @version SVN: $Id: BasesfGuardFormSignin.class.php 32864 2011-08-02 09:16:45Z gimler $ + */ +class BasesfGuardFormSignin extends BaseForm +{ + /** + * @see sfForm + */ + public function setup() + { + $this->setWidgets(array( + 'username' => new sfWidgetFormInputText(), + 'password' => new sfWidgetFormInputPassword(array('type' => 'password')), + 'remember' => new sfWidgetFormInputCheckbox(), + )); + + $this->setValidators(array( + 'username' => new sfValidatorString(), + 'password' => new sfValidatorString(), + 'remember' => new sfValidatorBoolean(), + )); + + if (sfConfig::get('app_sf_guard_plugin_allow_login_with_email', true)) + { + $this->widgetSchema['username']->setLabel('Username or E-Mail'); + } + + $this->validatorSchema->setPostValidator(new sfGuardValidatorUser()); + + $this->widgetSchema->setNameFormat('signin[%s]'); + + parent::setup(); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardRequestForgotPasswordForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardRequestForgotPasswordForm.class.php new file mode 100644 index 0000000..62293e4 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/base/BasesfGuardRequestForgotPasswordForm.class.php @@ -0,0 +1,25 @@ + + * @version SVN: $Id: BasesfGuardRequestForgotPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class BasesfGuardRequestForgotPasswordForm extends BaseForm +{ + public function setup() + { + $this->widgetSchema['email_address'] = new sfWidgetFormInputText(); + $this->validatorSchema['email_address'] = new sfGuardValidatorUsernameOrEmail( + array('trim' => true), + array('required' => 'Your username or e-mail address is required.', 'invalid' => 'Username or e-mail address not found please try again.') + ); + + $this->widgetSchema->setNameFormat('forgot_password[%s]'); + + parent::setup(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardGroupForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardGroupForm.class.php new file mode 100644 index 0000000..50caa19 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardGroupForm.class.php @@ -0,0 +1,28 @@ + + * @version SVN: $Id: PluginsfGuardGroupForm.class.php 31270 2010-10-28 14:54:48Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroupForm extends BasesfGuardGroupForm +{ + /** + * @see sfForm + */ + protected function setupInheritance() + { + parent::setupInheritance(); + + unset( + $this['created_at'], + $this['updated_at'] + ); + + $this->widgetSchema['users_list']->setLabel('Users'); + $this->widgetSchema['permissions_list']->setLabel('Permissions'); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardPermissionForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardPermissionForm.class.php new file mode 100644 index 0000000..0344437 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardPermissionForm.class.php @@ -0,0 +1,25 @@ + + * @version SVN: $Id: PluginsfGuardPermissionForm.class.php 31270 2010-10-28 14:54:48Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardPermissionForm extends BasesfGuardPermissionForm +{ + /** + * @see sfForm + */ + protected function setupInheritance() + { + parent::setupInheritance(); + + unset($this['created_at'], $this['updated_at']); + + $this->widgetSchema['groups_list']->setLabel('Groups'); + $this->widgetSchema['users_list']->setLabel('Users'); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardUserForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardUserForm.class.php new file mode 100644 index 0000000..29a03de --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/PluginsfGuardUserForm.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardUserForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardUserForm extends BasesfGuardUserForm +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardChangeUserPasswordForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardChangeUserPasswordForm.class.php new file mode 100644 index 0000000..d82c056 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardChangeUserPasswordForm.class.php @@ -0,0 +1,27 @@ + + * @version SVN: $Id: BasesfGuardChangeUserPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class BasesfGuardChangeUserPasswordForm extends BasesfGuardUserForm +{ + public function setup() + { + parent::setup(); + + $this->useFields(array('password')); + + $this->widgetSchema['password'] = new sfWidgetFormInputPassword(); + $this->validatorSchema['password']->setOption('required', true); + $this->widgetSchema['password_again'] = new sfWidgetFormInputPassword(); + $this->validatorSchema['password_again'] = clone $this->validatorSchema['password']; + $this->validatorSchema['password_again']->setOption('required', true); + + $this->mergePostValidator(new sfValidatorSchemaCompare('password', sfValidatorSchemaCompare::EQUAL, 'password_again', array(), array('invalid' => 'The two passwords must be the same.'))); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardRegisterForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardRegisterForm.class.php new file mode 100644 index 0000000..7e8e39c --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardRegisterForm.class.php @@ -0,0 +1,27 @@ + + * @version SVN: $Id: BasesfGuardChangeUserPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class BasesfGuardRegisterForm extends sfGuardUserAdminForm +{ + public function setup() + { + parent::setup(); + + unset( + $this['is_active'], + $this['is_super_admin'], + $this['updated_at'], + $this['groups_list'], + $this['permissions_list'] + ); + + $this->validatorSchema['password']->setOption('required', true); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardUserAdminForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardUserAdminForm.class.php new file mode 100644 index 0000000..b385e1f --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/base/BasesfGuardUserAdminForm.class.php @@ -0,0 +1,40 @@ + + * @version SVN: $Id: BasesfGuardUserAdminForm.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +class BasesfGuardUserAdminForm extends BasesfGuardUserForm +{ + /** + * @see sfForm + */ + public function setup() + { + parent::setup(); + + unset( + $this['last_login'], + $this['created_at'], + $this['updated_at'], + $this['salt'], + $this['algorithm'] + ); + + $this->widgetSchema['groups_list']->setLabel('Groups'); + $this->widgetSchema['permissions_list']->setLabel('Permissions'); + + $this->widgetSchema['password'] = new sfWidgetFormInputPassword(); + $this->validatorSchema['password']->setOption('required', false); + $this->widgetSchema['password_again'] = new sfWidgetFormInputPassword(); + $this->validatorSchema['password_again'] = clone $this->validatorSchema['password']; + + $this->widgetSchema->moveField('password_again', 'after', 'password'); + + $this->mergePostValidator(new sfValidatorSchemaCompare('password', sfValidatorSchemaCompare::EQUAL, 'password_again', array(), array('invalid' => 'The two passwords must be the same.'))); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardChangeUserPasswordForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardChangeUserPasswordForm.class.php new file mode 100644 index 0000000..ef7ae0c --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardChangeUserPasswordForm.class.php @@ -0,0 +1,20 @@ + + * @version SVN: $Id: sfGuardChangeUserPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class sfGuardChangeUserPasswordForm extends BasesfGuardChangeUserPasswordForm +{ + /** + * @see sfForm + */ + public function configure() + { + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('sf_guard'); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardRegisterForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardRegisterForm.class.php new file mode 100644 index 0000000..d0cd3fa --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardRegisterForm.class.php @@ -0,0 +1,20 @@ + + * @version SVN: $Id: BasesfGuardChangeUserPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class sfGuardRegisterForm extends BasesfGuardRegisterForm +{ + /** + * @see sfForm + */ + public function configure() + { + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('sf_guard'); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardUserAdminForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardUserAdminForm.class.php new file mode 100644 index 0000000..c8520a1 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/doctrine/sfGuardUserAdminForm.class.php @@ -0,0 +1,20 @@ + + * @version SVN: $Id: sfGuardUserAdminForm.class.php 32943 2011-08-23 11:33:53Z gimler $ + */ +class sfGuardUserAdminForm extends BasesfGuardUserAdminForm +{ + /** + * @see sfForm + */ + public function configure() + { + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('sf_guard'); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardFormSignin.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardFormSignin.class.php new file mode 100644 index 0000000..bb6676e --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardFormSignin.class.php @@ -0,0 +1,20 @@ + + * @version SVN: $Id: sfGuardFormSignin.class.php 32943 2011-08-23 11:33:53Z gimler $ + */ +class sfGuardFormSignin extends BasesfGuardFormSignin +{ + /** + * @see sfForm + */ + public function configure() + { + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('sf_guard'); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardRequestForgotPasswordForm.class.php b/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardRequestForgotPasswordForm.class.php new file mode 100644 index 0000000..b4e55dd --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/form/sfGuardRequestForgotPasswordForm.class.php @@ -0,0 +1,20 @@ + + * @version SVN: $Id: BasesfGuardRequestForgotPasswordForm.class.php 23536 2009-11-02 21:41:21Z Kris.Wallsmith $ + */ +class sfGuardRequestForgotPasswordForm extends BasesfGuardRequestForgotPasswordForm +{ + /** + * @see sfForm + */ + public function configure() + { + $this->widgetSchema->getFormFormatter()->setTranslationCatalogue('sf_guard'); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPassword.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPassword.class.php new file mode 100644 index 0000000..408798f --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPassword.class.php @@ -0,0 +1,16 @@ + + * @version SVN: $Id: Builder.php 6820 2009-11-30 17:27:49Z jwage $ + */ +abstract class PluginsfGuardForgotPassword extends BasesfGuardForgotPassword +{ + +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPasswordTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPasswordTable.class.php new file mode 100644 index 0000000..208e7bc --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardForgotPasswordTable.class.php @@ -0,0 +1,20 @@ +createQuery('p') + ->delete() + ->where('p.user_id = ?', $user->id) + ->execute(); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroup.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroup.class.php new file mode 100644 index 0000000..56c5ea0 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroup.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardGroup.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroup extends BasesfGuardGroup +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermission.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermission.class.php new file mode 100644 index 0000000..ccd4555 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermission.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardGroupPermission.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroupPermission extends BasesfGuardGroupPermission +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermissionTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermissionTable.class.php new file mode 100644 index 0000000..23ae1f6 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupPermissionTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardGroupPermissionTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroupPermissionTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupTable.class.php new file mode 100644 index 0000000..02faf42 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardGroupTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardGroupTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardGroupTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermission.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermission.class.php new file mode 100644 index 0000000..5a1a314 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermission.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardPermission.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardPermission extends BasesfGuardPermission +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermissionTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermissionTable.class.php new file mode 100644 index 0000000..ff0815b --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardPermissionTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardPermissionTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardPermissionTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKey.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKey.class.php new file mode 100644 index 0000000..c57a17d --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKey.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardRememberKey.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardRememberKey extends BasesfGuardRememberKey +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKeyTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKeyTable.class.php new file mode 100644 index 0000000..e1418e0 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardRememberKeyTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardRememberKeyTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardRememberKeyTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUser.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUser.class.php new file mode 100644 index 0000000..c6497d4 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUser.class.php @@ -0,0 +1,292 @@ + + * @version SVN: $Id: PluginsfGuardUser.class.php 30726 2010-08-22 13:22:59Z gimler $ + */ +abstract class PluginsfGuardUser extends BasesfGuardUser +{ + protected + $_groups = null, + $_allPermissions = null; + + /** + * Returns the string representation of the object: "Full Name (username)" + * + * @return string + */ + public function __toString() + { + return (string) $this->getName().' ('.$this->getUsername().')'; + } + + /** + * Returns the first and last name of the user concatenated together + * + * @return string $name + */ + public function getName() + { + return trim($this->getFirstName().' '.$this->getLastName()); + } + + /** + * Sets the user password. + * + * @param string $password + */ + public function setPassword($password) + { + if (!$password && 0 == strlen($password)) + { + return; + } + + if (!$salt = $this->getSalt()) + { + $salt = md5(rand(100000, 999999).$this->getUsername()); + $this->setSalt($salt); + } + $modified = $this->getModified(); + if ((!$algorithm = $this->getAlgorithm()) || (isset($modified['algorithm']) && $modified['algorithm'] == $this->getTable()->getDefaultValueOf('algorithm'))) + { + $algorithm = sfConfig::get('app_sf_guard_plugin_algorithm_callable', 'sha1'); + } + $algorithmAsStr = is_array($algorithm) ? $algorithm[0].'::'.$algorithm[1] : $algorithm; + if (!is_callable($algorithm)) + { + throw new sfException(sprintf('The algorithm callable "%s" is not callable.', $algorithmAsStr)); + } + $this->setAlgorithm($algorithmAsStr); + + $this->_set('password', call_user_func_array($algorithm, array($salt.$password))); + } + + /** + * Returns whether or not the given password is valid. + * + * @param string $password + * @return boolean + */ + public function checkPassword($password) + { + if ($callable = sfConfig::get('app_sf_guard_plugin_check_password_callable')) + { + return call_user_func_array($callable, array($this->getUsername(), $password, $this)); + } + else + { + return $this->checkPasswordByGuard($password); + } + } + + /** + * Returns whether or not the given password is valid. + * + * @param string $password + * @return boolean + * @throws sfException + */ + public function checkPasswordByGuard($password) + { + $algorithm = $this->getAlgorithm(); + if (false !== $pos = strpos($algorithm, '::')) + { + $algorithm = array(substr($algorithm, 0, $pos), substr($algorithm, $pos + 2)); + } + if (!is_callable($algorithm)) + { + throw new sfException(sprintf('The algorithm callable "%s" is not callable.', $algorithm)); + } + + return $this->getPassword() == call_user_func_array($algorithm, array($this->getSalt().$password)); + } + + /** + * Adds the user a new group from its name. + * + * @param string $name The group name + * @param Doctrine_Connection $con A Doctrine_Connection object + * @throws sfException + */ + public function addGroupByName($name, $con = null) + { + $group = Doctrine_Core::getTable('sfGuardGroup')->findOneByName($name); + if (!$group) + { + throw new sfException(sprintf('The group "%s" does not exist.', $name)); + } + + $ug = new sfGuardUserGroup(); + $ug->setUser($this); + $ug->setGroup($group); + + $ug->save($con); + + // add group and permissions to local vars + $this->_groups[$group->getName()] = $group; + foreach ($group->getPermissions() as $permission) + { + $this->_allPermissions[$permission->getName()] = $permission; + } + } + + /** + * Adds the user a permission from its name. + * + * @param string $name The permission name + * @param Doctrine_Connection $con A Doctrine_Connection object + * @throws sfException + */ + public function addPermissionByName($name, $con = null) + { + $permission = Doctrine_Core::getTable('sfGuardPermission')->findOneByName($name); + if (!$permission) + { + throw new sfException(sprintf('The permission "%s" does not exist.', $name)); + } + + $up = new sfGuardUserPermission(); + $up->setUser($this); + $up->setPermission($permission); + + $up->save($con); + + // add permission to local vars + $this->_allPermissions[$permission->getName()] = $permission; + } + + /** + * Checks whether or not the user belongs to the given group. + * + * @param string $name The group name + * @return boolean + */ + public function hasGroup($name) + { + $this->loadGroupsAndPermissions(); + return isset($this->_groups[$name]); + } + + /** + * Returns all related groups names. + * + * @return array + */ + public function getGroupNames() + { + $this->loadGroupsAndPermissions(); + return array_keys($this->_groups); + } + + /** + * Returns whether or not the user has the given permission. + * + * @return boolean + */ + public function hasPermission($name) + { + $this->loadGroupsAndPermissions(); + return isset($this->_allPermissions[$name]); + } + + /** + * Returns an array of all user's permissions names. + * + * @deprecated use getAllPermissionNames instate + * @return array + */ + public function getPermissionNames() + { + return $this->getAllPermissionNames(); + } + + /** + * Returns an array containing all permissions, including groups permissions + * and single permissions. + * + * @return array + */ + public function getAllPermissions() + { + if (!$this->_allPermissions) + { + $this->_allPermissions = array(); + $permissions = $this->getPermissions(); + foreach ($permissions as $permission) + { + $this->_allPermissions[$permission->getName()] = $permission; + } + + foreach ($this->getGroups() as $group) + { + foreach ($group->getPermissions() as $permission) + { + $this->_allPermissions[$permission->getName()] = $permission; + } + } + } + + return $this->_allPermissions; + } + + /** + * Returns an array of all permission names. + * + * @return array + */ + public function getAllPermissionNames() + { + return array_keys($this->getAllPermissions()); + } + + /** + * Loads the user's groups and permissions. + * + */ + public function loadGroupsAndPermissions() + { + $this->getAllPermissions(); + + if (!$this->_groups) + { + $this->_groups = array(); + $groups = $this->getGroups(); + foreach ($groups as $group) + { + $this->_groups[$group->getName()] = $group; + } + } + } + + /** + * Reloads the user's groups and permissions. + */ + public function reloadGroupsAndPermissions() + { + $this->_groups = null; + $this->_allPermissions = null; + } + + /** + * Sets the password hash. + * + * @param string $v + */ + public function setPasswordHash($v) + { + if (!is_null($v) && !is_string($v)) + { + $v = (string) $v; + } + + if ($this->password !== $v) + { + $this->_set('password', $v); + } + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroup.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroup.class.php new file mode 100644 index 0000000..85fa0ed --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroup.class.php @@ -0,0 +1,18 @@ + + * @version SVN: $Id: PluginsfGuardUserGroup.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +abstract class PluginsfGuardUserGroup extends BasesfGuardUserGroup +{ + public function postSave($event) + { + parent::postSave($event); + $this->getUser()->reloadGroupsAndPermissions(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroupTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroupTable.class.php new file mode 100644 index 0000000..d986584 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserGroupTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardUserGroupTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardUserGroupTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermission.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermission.class.php new file mode 100644 index 0000000..d983d71 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermission.class.php @@ -0,0 +1,18 @@ + + * @version SVN: $Id: PluginsfGuardUserPermission.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +abstract class PluginsfGuardUserPermission extends BasesfGuardUserPermission +{ + public function postSave($event) + { + parent::postSave($event); + $this->getUser()->reloadGroupsAndPermissions(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermissionTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermissionTable.class.php new file mode 100644 index 0000000..fbfec18 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserPermissionTable.class.php @@ -0,0 +1,13 @@ + + * @version SVN: $Id: PluginsfGuardUserPermissionTable.class.php 23793 2009-11-11 17:42:50Z Kris.Wallsmith $ + */ +abstract class PluginsfGuardUserPermissionTable extends Doctrine_Table +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserTable.class.php b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserTable.class.php new file mode 100644 index 0000000..7ff4767 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/model/doctrine/PluginsfGuardUserTable.class.php @@ -0,0 +1,48 @@ + + * @version SVN: $Id: PluginsfGuardUserTable.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +abstract class PluginsfGuardUserTable extends Doctrine_Table +{ + /** + * Retrieves a sfGuardUser object by username and is_active flag. + * + * @param string $username The username + * @param boolean $isActive The user's status + * + * @return sfGuardUser + */ + public function retrieveByUsername($username, $isActive = true) + { + $query = Doctrine_Core::getTable('sfGuardUser')->createQuery('u') + ->where('u.username = ?', $username) + ->addWhere('u.is_active = ?', $isActive) + ; + + return $query->fetchOne(); + } + + /** + * Retrieves a sfGuardUser object by username or email_address and is_active flag. + * + * @param string $username The username + * @param boolean $isActive The user's status + * + * @return sfGuardUser + */ + public function retrieveByUsernameOrEmailAddress($username, $isActive = true) + { + $query = Doctrine_Core::getTable('sfGuardUser')->createQuery('u') + ->where('u.username = ? OR u.email_address = ?', array($username, $username)) + ->addWhere('u.is_active = ?', $isActive) + ; + + return $query->fetchOne(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/routing/sfGuardRouting.class.php b/plugins/sfDoctrineGuardPlugin/lib/routing/sfGuardRouting.class.php new file mode 100644 index 0000000..9b8a512 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/routing/sfGuardRouting.class.php @@ -0,0 +1,118 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: sfGuardRouting.class.php 30723 2010-08-22 09:51:02Z gimler $ + */ +class sfGuardRouting +{ + /** + * Listens to the routing.load_configuration event. + * + * @param sfEvent An sfEvent instance + * @static + */ + static public function listenToRoutingLoadConfigurationEvent(sfEvent $event) + { + $r = $event->getSubject(); + + // preprend our routes + $r->prependRoute('sf_guard_signin', new sfRoute('/guard/login', array('module' => 'sfGuardAuth', 'action' => 'signin'))); + $r->prependRoute('sf_guard_signout', new sfRoute('/guard/logout', array('module' => 'sfGuardAuth', 'action' => 'signout'))); + } + + static public function addRouteForForgotPassword(sfEvent $event) + { + $r = $event->getSubject(); + + $r->prependRoute('sf_guard_forgot_password', new sfRoute('/guard/forgot_password', array('module' => 'sfGuardForgotPassword', 'action' => 'index'))); + $r->prependRoute('sf_guard_forgot_password_change', new sfDoctrineRoute('/guard/forgot_password/:unique_key', array( + 'module' => 'sfGuardForgotPassword', + 'action' => 'change' + ), array( + 'sf_method' => array('get', 'post') + ), array( + 'model' => 'sfGuardForgotPassword', + 'type' => 'object' + ))); + } + + /** + * Adds an sfDoctrineRouteCollection collection to manage users. + * + * @param sfEvent $event + * @static + */ + static public function addRouteForUser(sfEvent $event) + { + $event->getSubject()->prependRoute('sf_guard_user', new sfDoctrineRouteCollection(array( + 'name' => 'sf_guard_user', + 'model' => 'sfGuardUser', + 'module' => 'sfGuardUser', + 'prefix_path' => 'guard/users', + 'with_wildcard_routes' => true, + 'collection_actions' => array('filter' => 'post', 'batch' => 'post'), + 'requirements' => array(), + ))); + } + + /** + * Adds an sfDoctrineRouteCollection collection to manage groups. + * + * @param sfEvent $event + * @static + */ + static public function addRouteForGroup(sfEvent $event) + { + $event->getSubject()->prependRoute('sf_guard_group', new sfDoctrineRouteCollection(array( + 'name' => 'sf_guard_group', + 'model' => 'sfGuardGroup', + 'module' => 'sfGuardGroup', + 'prefix_path' => 'guard/groups', + 'with_wildcard_routes' => true, + 'collection_actions' => array('filter' => 'post', 'batch' => 'post'), + 'requirements' => array(), + ))); + } + + /** + * Adds an sfDoctrineRouteCollection collection to manage permissions. + * + * @param sfEvent $event + * @static + */ + static public function addRouteForPermission(sfEvent $event) + { + $event->getSubject()->prependRoute('sf_guard_permission', new sfDoctrineRouteCollection(array( + 'name' => 'sf_guard_permission', + 'model' => 'sfGuardPermission', + 'module' => 'sfGuardPermission', + 'prefix_path' => 'guard/permissions', + 'with_wildcard_routes' => true, + 'collection_actions' => array('filter' => 'post', 'batch' => 'post'), + 'requirements' => array(), + ))); + } + + /** + * Adds an sfRoute for registration. + * + * @param sfEvent $event + * @static + */ + static public function addRouteForRegister(sfEvent $event) + { + $event->getSubject()->prependRoute('sf_guard_register', new sfRoute('/guard/register', array('module' => 'sfGuardRegister', 'action' => 'index'))); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/sfGuardBasicSecurityFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/sfGuardBasicSecurityFilter.class.php new file mode 100644 index 0000000..2720726 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/sfGuardBasicSecurityFilter.class.php @@ -0,0 +1,56 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Processes the "remember me" cookie. + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: sfGuardBasicSecurityFilter.class.php 27166 2010-01-25 21:04:41Z Kris.Wallsmith $ + * + * @deprecated Use {@link sfGuardRememberMeFilter} instead + */ +class sfGuardBasicSecurityFilter extends sfBasicSecurityFilter +{ + /** + * Executes the filter chain. + * + * @param sfFilterChain $filterChain + */ + public function execute($filterChain) + { + $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); + + if ($this->isFirstCall()) + { + // deprecated notice + $this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE))); + + if ( + $this->context->getUser()->isAnonymous() + && + $cookie = $this->context->getRequest()->getCookie($cookieName) + ) + { + $q = Doctrine_Core::getTable('sfGuardRememberKey')->createQuery('r') + ->innerJoin('r.User u') + ->where('r.remember_key = ?', $cookie); + + if ($q->count()) + { + $this->context->getUser()->signIn($q->fetchOne()->User); + } + } + } + + parent::execute($filterChain); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php b/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php new file mode 100644 index 0000000..e0fbe43 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/sfGuardRememberMeFilter.class.php @@ -0,0 +1,60 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Processes the "remember me" cookie. + * + * This filter should be added to the application filters.yml file **above** + * the security filter: + * + * remember_me: + * class: sfGuardRememberMeFilter + * + * security: ~ + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: sfGuardRememberMeFilter.class.php 32872 2011-08-02 15:15:56Z gimler $ + */ +class sfGuardRememberMeFilter extends sfFilter +{ + /** + * Executes the filter chain. + * + * @param sfFilterChain $filterChain + */ + public function execute($filterChain) + { + $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); + + if ( + $this->isFirstCall() + && + $this->context->getUser()->isAnonymous() + && + $cookie = $this->context->getRequest()->getCookie($cookieName) + ) + { + $q = Doctrine_Core::getTable('sfGuardUser')->createQuery('u') + ->select('u.*') + ->innerJoin('u.RememberKeys r') + ->where('u.is_active = ?', true) + ->addWhere('r.remember_key = ?', $cookie); + + if ($q->count()) + { + $this->context->getUser()->signIn($q->fetchOne()); + } + } + + $filterChain->execute(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddGroupTask.class.php b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddGroupTask.class.php new file mode 100644 index 0000000..ad9eb80 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddGroupTask.class.php @@ -0,0 +1,66 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Add a group to a user. + * + * @package symfony + * @subpackage task + * @author Fabien Potencier + * @version SVN: $Id: sfGuardAddGroupTask.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +class sfGuardAddGroupTask extends sfBaseTask +{ + /** + * @see sfTask + */ + protected function configure() + { + $this->addArguments(array( + new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'), + new sfCommandArgument('group', sfCommandArgument::REQUIRED, 'The group name'), + )); + + $this->addOptions(array( + new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null), + new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'), + )); + + $this->namespace = 'guard'; + $this->name = 'add-group'; + $this->briefDescription = 'Adds a group to a user'; + + $this->detailedDescription = <<configuration); + + $user = Doctrine_Core::getTable('sfGuardUser')->findOneByUsername($arguments['username']); + if (!$user) + { + throw new sfCommandException(sprintf('User "%s" does not exist.', $arguments['username'])); + } + + $user->addGroupByName($arguments['group']); + + $this->logSection('guard', sprintf('Add group %s to user %s', $arguments['group'], $arguments['username'])); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddPermissionTask.class.php b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddPermissionTask.class.php new file mode 100644 index 0000000..9e31ec9 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardAddPermissionTask.class.php @@ -0,0 +1,66 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Add a permission to a user. + * + * @package symfony + * @subpackage task + * @author Fabien Potencier + * @version SVN: $Id: sfGuardAddPermissionTask.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +class sfGuardAddPermissionTask extends sfBaseTask +{ + /** + * @see sfTask + */ + protected function configure() + { + $this->addArguments(array( + new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'), + new sfCommandArgument('permission', sfCommandArgument::REQUIRED, 'The permission name'), + )); + + $this->addOptions(array( + new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null), + new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'), + )); + + $this->namespace = 'guard'; + $this->name = 'add-permission'; + $this->briefDescription = 'Adds a permission to a user'; + + $this->detailedDescription = <<configuration); + + $user = Doctrine_Core::getTable('sfGuardUser')->findOneByUsername($arguments['username']); + if (!$user) + { + throw new sfCommandException(sprintf('User "%s" does not exist.', $arguments['username'])); + } + + $user->addPermissionByName($arguments['permission']); + + $this->logSection('guard', sprintf('Add permission %s to user %s', $arguments['permission'], $arguments['username'])); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardChangePasswordTask.class.php b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardChangePasswordTask.class.php new file mode 100644 index 0000000..4bd1db7 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardChangePasswordTask.class.php @@ -0,0 +1,70 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Promotes a user as a super administrator. + * + * @package symfony + * @subpackage task + * @author Hugo Hamon + * @version SVN: $Id: sfGuardChangePasswordTask.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +class sfGuardChangePasswordTask extends sfBaseTask +{ + /** + * @see sfTask + */ + protected function configure() + { + $this->addArguments(array( + new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'), + new sfCommandArgument('password', sfCommandArgument::REQUIRED, 'The new password'), + )); + + $this->addOptions(array( + new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null), + new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'), + )); + + $this->namespace = 'guard'; + $this->name = 'change-password'; + $this->briefDescription = 'Changes the password of the user'; + + $this->detailedDescription = <<configuration); + + $user = Doctrine_Core::getTable('sfGuardUser')->findOneByUsername($arguments['username']); + + if (!$user) + { + throw new sfException(sprintf('User identified by "%s" username does not exist or is not active.', $arguments['username'])); + } + + $user->setPassword($arguments['password']); + $user->save(); + + $this->logSection('guard', sprintf('Password of user identified by "%s" has been changed', $arguments['username'])); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardCreateUserTask.class.php b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardCreateUserTask.class.php new file mode 100644 index 0000000..57cf8f3 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardCreateUserTask.class.php @@ -0,0 +1,71 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Create a new user. + * + * @package symfony + * @subpackage task + * @author Fabien Potencier + * @author Jonathan H. Wage + * @version SVN: $Id: sfGuardCreateUserTask.class.php 28922 2010-03-31 13:53:45Z noel $ + */ +class sfGuardCreateUserTask extends sfBaseTask +{ + /** + * @see sfTask + */ + protected function configure() + { + $this->addArguments(array( + new sfCommandArgument('email_address', sfCommandArgument::REQUIRED, 'The email address'), + new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The username'), + new sfCommandArgument('password', sfCommandArgument::REQUIRED, 'The password'), + new sfCommandArgument('first_name', sfCommandArgument::OPTIONAL, 'The first name'), + new sfCommandArgument('last_name', sfCommandArgument::OPTIONAL, 'The last name'), + )); + + $this->addOptions(array( + new sfCommandOption('is-super-admin', null, sfCommandOption::PARAMETER_NONE, 'Whether the user is a super admin', null), + new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null), + new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'), + )); + + $this->namespace = 'guard'; + $this->name = 'create-user'; + $this->briefDescription = 'Creates a user'; + + $this->detailedDescription = <<configuration); + + $user = new sfGuardUser(); + $user->setEmailAddress($arguments['email_address']); + $user->setUsername($arguments['username']); + $user->setPassword($arguments['password']); + $user->setFirstName($arguments['first_name']); + $user->setLastName($arguments['last_name']); + $user->setIsActive(true); + $user->setIsSuperAdmin($options['is-super-admin']); + $user->save(); + + $this->logSection('guard', sprintf('Create user "%s"', $arguments['username'])); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardPromoteSuperAdminTask.class.php b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardPromoteSuperAdminTask.class.php new file mode 100644 index 0000000..35ce5eb --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/task/sfGuardPromoteSuperAdminTask.class.php @@ -0,0 +1,70 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * Promotes a user as a super administrator. + * + * @package symfony + * @subpackage task + * @author Fabien Potencier + * @author Hugo Hamon + * @version SVN: $Id: sfGuardPromoteSuperAdminTask.class.php 25546 2009-12-17 23:27:55Z Jonathan.Wage $ + */ +class sfGuardPromoteSuperAdminTask extends sfBaseTask +{ + /** + * @see sfTask + */ + protected function configure() + { + $this->addArguments(array( + new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'), + )); + + $this->addOptions(array( + new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null), + new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'), + )); + + $this->namespace = 'guard'; + $this->name = 'promote'; + $this->briefDescription = 'Promotes a user as a super administrator'; + + $this->detailedDescription = <<configuration); + + $user = Doctrine_Core::getTable('sfGuardUser')->retrieveByUsername($arguments['username']); + + if (!$user) + { + throw new sfException(sprintf('User identified by "%s" username does not exist or is not active.', $arguments['username'])); + } + + $user->setIsSuperAdmin(true); + $user->save(); + + $this->logSection('guard', sprintf('User identified by "%s" username has been promoted as super administrator', $arguments['username'])); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php b/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php new file mode 100644 index 0000000..39a34a8 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/user/sfGuardSecurityUser.class.php @@ -0,0 +1,396 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: sfGuardSecurityUser.class.php 32975 2011-09-01 15:56:35Z gimler $ + */ +class sfGuardSecurityUser extends sfBasicSecurityUser +{ + protected $user = null; + + /** + * Initializes the sfGuardSecurityUser object. + * + * @param sfEventDispatcher $dispatcher The event dispatcher object + * @param sfStorage $storage The session storage object + * @param array $options An array of options + */ + public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array()) + { + parent::initialize($dispatcher, $storage, $options); + + if (!$this->isAuthenticated()) + { + // remove user if timeout + $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser'); + $this->user = null; + } + } + + /** + * Returns the referer uri. + * + * @param string $default The default uri to return + * + * @return string $referer The referer + */ + public function getReferer($default) + { + $referer = $this->getAttribute('referer', $default); + $this->getAttributeHolder()->remove('referer'); + + return $referer; + } + + /** + * Sets the referer. + * + * @param string $referer + */ + public function setReferer($referer) + { + if (!$this->hasAttribute('referer')) + { + $this->setAttribute('referer', $referer); + } + } + + /** + * Returns whether or not the user has the given credential. + * + * @param string $credential The credential name + * @param boolean $useAnd Whether or not to use an AND condition + * + * @return boolean + */ + public function hasCredential($credential, $useAnd = true) + { + if (empty($credential)) + { + return true; + } + + if (!$this->getGuardUser()) + { + return false; + } + + if ($this->getGuardUser()->getIsSuperAdmin()) + { + return true; + } + + return parent::hasCredential($credential, $useAnd); + } + + /** + * Returns whether or not the user is a super admin. + * + * @return boolean + */ + public function isSuperAdmin() + { + return $this->getGuardUser() ? $this->getGuardUser()->getIsSuperAdmin() : false; + } + + /** + * Returns whether or not the user is anonymous. + * + * @return boolean + */ + public function isAnonymous() + { + return !$this->isAuthenticated(); + } + + /** + * Signs in the user on the application. + * + * @param sfGuardUser $user The sfGuardUser id + * @param boolean $remember Whether or not to remember the user + * @param Doctrine_Connection $con A Doctrine_Connection object + */ + public function signIn($user, $remember = false, $con = null) + { + // save last login + $user->setLastLogin(date('Y-m-d H:i:s')); + $user->save($con); + + // signin + $this->setAttribute('user_id', $user->getId(), 'sfGuardSecurityUser'); + $this->setAuthenticated(true); + $this->clearCredentials(); + $this->addCredentials($user->getAllPermissionNames()); + + // remember? + if ($remember) + { + $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600); + + // remove old keys + Doctrine_Core::getTable('sfGuardRememberKey')->createQuery() + ->delete() + ->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age)) + ->execute(); + + // remove other keys from this user + Doctrine_Core::getTable('sfGuardRememberKey')->createQuery() + ->delete() + ->where('user_id = ?', $user->getId()) + ->execute(); + + // generate new keys + $key = $this->generateRandomKey(); + + // save key + $rk = new sfGuardRememberKey(); + $rk->setRememberKey($key); + $rk->setUser($user); + $rk->setIpAddress($_SERVER['REMOTE_ADDR']); + $rk->save($con); + + // make key as a cookie + $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); + sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age); + } + } + + /** + * Returns a random generated key. + * + * @param int $len The key length + * + * @return string + */ + protected function generateRandomKey($len = 20) + { + return base_convert(sha1(uniqid(mt_rand(), true)), 16, 36); + } + + /** + * Signs out the user. + * + */ + public function signOut() + { + $this->getAttributeHolder()->removeNamespace('sfGuardSecurityUser'); + $this->user = null; + $this->clearCredentials(); + $this->setAuthenticated(false); + $expiration_age = sfConfig::get('app_sf_guard_plugin_remember_key_expiration_age', 15 * 24 * 3600); + $remember_cookie = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember'); + sfContext::getInstance()->getResponse()->setCookie($remember_cookie, '', time() - $expiration_age); + } + + /** + * Returns the related sfGuardUser. + * + * @return sfGuardUser + */ + public function getGuardUser() + { + if (!$this->user && $id = $this->getAttribute('user_id', null, 'sfGuardSecurityUser')) + { + $this->user = Doctrine_Core::getTable('sfGuardUser')->find($id); + + if (!$this->user) + { + // the user does not exist anymore in the database + $this->signOut(); + + throw new sfException('The user does not exist anymore in the database.'); + } + } + + return $this->user; + } + + /** + * Returns the string representation of the object. + * + * @return string + */ + public function __toString() + { + return $this->getGuardUser()->__toString(); + } + + /** + * Returns the sfGuardUser object's username. + * + * @return string + */ + public function getUsername() + { + return $this->getGuardUser()->getUsername(); + } + + /** + * Returns the name(first and last) of the user + * + * @return string + */ + public function getName() + { + return $this->getGuardUser()->getName(); + } + + /** + * Returns the sfGuardUser object's email. + * + * @return string + */ + public function getEmail() + { + return $this->getGuardUser()->getEmailAddress(); + } + + /** + * Sets the user's password. + * + * @param string $password The password + * @param Doctrine_Collection $con A Doctrine_Connection object + */ + public function setPassword($password, $con = null) + { + $this->getGuardUser()->setPassword($password); + $this->getGuardUser()->save($con); + } + + /** + * Returns whether or not the given password is valid. + * + * @return boolean + */ + public function checkPassword($password) + { + return $this->getGuardUser()->checkPassword($password); + } + + /** + * Returns whether or not the user belongs to the given group. + * + * @param string $name The group name + * + * @return boolean + */ + public function hasGroup($name) + { + return $this->getGuardUser() ? $this->getGuardUser()->hasGroup($name) : false; + } + + /** + * Returns the user's groups. + * + * @return array|Doctrine_Collection + */ + public function getGroups() + { + return $this->getGuardUser() ? $this->getGuardUser()->getGroups() : array(); + } + + /** + * Returns the user's group names. + * + * @return array + */ + public function getGroupNames() + { + return $this->getGuardUser() ? $this->getGuardUser()->getGroupNames() : array(); + } + + /** + * Returns whether or not the user has the given permission. + * + * @param string $name The permission name + * + * @return string + */ + public function hasPermission($name) + { + return $this->getGuardUser() ? $this->getGuardUser()->hasPermission($name) : false; + } + + /** + * Returns the Doctrine_Collection of single sfGuardPermission objects. + * + * @return Doctrine_Collection + */ + public function getPermissions() + { + return $this->getGuardUser()->getPermissions(); + } + + /** + * Returns the array of permissions names. + * + * @return array + */ + public function getPermissionNames() + { + return $this->getGuardUser() ? $this->getGuardUser()->getPermissionNames() : array(); + } + + /** + * Returns the array of all permissions. + * + * @return array + */ + public function getAllPermissions() + { + return $this->getGuardUser() ? $this->getGuardUser()->getAllPermissions() : array(); + } + + /** + * Returns the array of all permissions names. + * + * @return array + */ + public function getAllPermissionNames() + { + return $this->getGuardUser() ? $this->getGuardUser()->getAllPermissionNames() : array(); + } + + /** + * Returns the related profile object. + * + * @return Doctrine_Record + */ + public function getProfile() + { + return $this->getGuardUser() ? $this->getGuardUser()->getProfile() : null; + } + + /** + * Adds a group from its name to the current user. + * + * @param string $name The group name + * @param Doctrine_Connection $con A Doctrine_Connection object + */ + public function addGroupByName($name, $con = null) + { + return $this->getGuardUser()->addGroupByName($name, $con); + } + + /** + * Adds a permission from its name to the current user. + * + * @param string $name The permission name + * @param Doctrine_Connection $con A Doctrine_Connection object + */ + public function addPermissionByName($name, $con = null) + { + return $this->getGuardUser()->addPermissionByName($name, $con); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUser.class.php b/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUser.class.php new file mode 100644 index 0000000..b27d82e --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUser.class.php @@ -0,0 +1,69 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: sfGuardValidatorUser.class.php 31850 2011-01-18 17:22:08Z gimler $ + */ +class sfGuardValidatorUser extends sfValidatorBase +{ + public function configure($options = array(), $messages = array()) + { + $this->addOption('username_field', 'username'); + $this->addOption('password_field', 'password'); + $this->addOption('throw_global_error', false); + + $this->setMessage('invalid', 'The username and/or password is invalid.'); + } + + protected function doClean($values) + { + $username = isset($values[$this->getOption('username_field')]) ? $values[$this->getOption('username_field')] : ''; + $password = isset($values[$this->getOption('password_field')]) ? $values[$this->getOption('password_field')] : ''; + + $allowEmail = sfConfig::get('app_sf_guard_plugin_allow_login_with_email', true); + $method = $allowEmail ? 'retrieveByUsernameOrEmailAddress' : 'retrieveByUsername'; + + // don't allow to sign in with an empty username + if ($username) + { + if ($callable = sfConfig::get('app_sf_guard_plugin_retrieve_by_username_callable')) + { + $user = call_user_func_array($callable, array($username)); + } else { + $user = $this->getTable()->$method($username); + } + // user exists? + if($user) + { + // password is ok? + if ($user->getIsActive() && $user->checkPassword($password)) + { + return array_merge($values, array('user' => $user)); + } + } + } + + if ($this->getOption('throw_global_error')) + { + throw new sfValidatorError($this, 'invalid'); + } + + throw new sfValidatorErrorSchema($this, array($this->getOption('username_field') => new sfValidatorError($this, 'invalid'))); + } + + protected function getTable() + { + return Doctrine_Core::getTable('sfGuardUser'); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUsernameOrEmail.class.php b/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUsernameOrEmail.class.php new file mode 100644 index 0000000..7d2a191 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/lib/validator/sfGuardValidatorUsernameOrEmail.class.php @@ -0,0 +1,34 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Gordon Franke + * @version SVN: $Id: sfGuardValidatorUsernameOrEmail.class.php 25015 2009-12-07 12:55:13Z gimler $ + */ +class sfGuardValidatorUsernameOrEmail extends sfValidatorBase +{ + protected function doClean($value) + { + $clean = (string) $value; + + // user exists? + $user = Doctrine_Core::getTable('sfGuardUser') + ->retrieveByUsernameOrEmailAddress($clean); + if ($user) + { + return $value; + } + + throw new sfValidatorError($this, 'invalid', array('value' => $value)); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/actions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/actions.class.php new file mode 100644 index 0000000..74af6c0 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/actions.class.php @@ -0,0 +1,22 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +require_once(dirname(__FILE__).'/../lib/BasesfGuardAuthActions.class.php'); + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: actions.class.php 23319 2009-10-25 12:22:23Z Kris.Wallsmith $ + */ +class sfGuardAuthActions extends BasesfGuardAuthActions +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/components.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/components.class.php new file mode 100644 index 0000000..fc7dc33 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/actions/components.class.php @@ -0,0 +1,22 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +require_once(dirname(__FILE__).'/../lib/BasesfGuardAuthComponents.class.php'); + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: components.class.php 23319 2009-10-25 12:22:23Z Kris.Wallsmith $ + */ +class sfGuardAuthComponents extends BasesfGuardAuthComponents +{ +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/config/security.yml b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/config/security.yml new file mode 100644 index 0000000..9e9163c --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/config/security.yml @@ -0,0 +1,8 @@ +secure: + is_secure: false + +signin: + is_secure: false + +signout: + is_secure: false diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php new file mode 100644 index 0000000..1ca10f3 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php @@ -0,0 +1,82 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: BasesfGuardAuthActions.class.php 32963 2011-08-28 07:56:54Z fabien $ + */ +class BasesfGuardAuthActions extends sfActions +{ + public function executeSignin($request) + { + $user = $this->getUser(); + if ($user->isAuthenticated()) + { + return $this->redirect('@homepage'); + } + + $class = sfConfig::get('app_sf_guard_plugin_signin_form', 'sfGuardFormSignin'); + $this->form = new $class(); + + if ($request->isMethod('post')) + { + $this->form->bind($request->getParameter($this->form->getName())); + if ($this->form->isValid()) + { + $values = $this->form->getValues(); + $this->getUser()->signin($values['user'], array_key_exists('remember', $values) ? $values['remember'] : false); + + // always redirect to a URL set in app.yml + // or to the referer + // or to the homepage + $signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', $user->getReferer($request->getReferer())); + + return $this->redirect('' != $signinUrl ? $signinUrl : '@homepage'); + } + } + else + { + if ($request->isXmlHttpRequest()) + { + $this->getResponse()->setHeaderOnly(true); + $this->getResponse()->setStatusCode(401); + + return sfView::NONE; + } + + // if we have been forwarded, then the referer is the current URL + // if not, this is the referer of the current request + $user->setReferer($this->getContext()->getActionStack()->getSize() > 1 ? $request->getUri() : $request->getReferer()); + + $module = sfConfig::get('sf_login_module'); + if ($this->getModuleName() != $module) + { + return $this->redirect($module.'/'.sfConfig::get('sf_login_action')); + } + } + } + + public function executeSignout($request) + { + $this->getUser()->signOut(); + + $signoutUrl = sfConfig::get('app_sf_guard_plugin_success_signout_url', $request->getReferer()); + + $this->redirect('' != $signoutUrl ? $signoutUrl : '@homepage'); + } + + public function executeSecure($request) + { + $this->getResponse()->setStatusCode(403); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthComponents.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthComponents.class.php new file mode 100644 index 0000000..7f1a8c7 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthComponents.class.php @@ -0,0 +1,10 @@ +form = new $class(); + } +} \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/_signin_form.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/_signin_form.php new file mode 100644 index 0000000..51ab057 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/_signin_form.php @@ -0,0 +1,25 @@ + + +
+ + + + + + + + + +
+ + + getRouting()->getRoutes() ?> + + + + + +   + +
+
\ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/secureSuccess.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/secureSuccess.php new file mode 100644 index 0000000..e1e6330 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/secureSuccess.php @@ -0,0 +1,9 @@ + + +

+ +

getRequest()->getUri() ?>

+ +

+ + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php new file mode 100644 index 0000000..e119fee --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardAuth/templates/signinSuccess.php @@ -0,0 +1,5 @@ + + +

+ + $form)) ?> \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/actions/actions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/actions/actions.class.php new file mode 100755 index 0000000..550fa5a --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/actions/actions.class.php @@ -0,0 +1,15 @@ +getUser()->isAuthenticated()) + { + $this->redirect('@homepage'); + } + } + + public function executeIndex($request) + { + $class = sfConfig::get('app_sf_guard_plugin_request_forgot_password_form', 'sfGuardRequestForgotPasswordForm'); + $this->form = new $class(); + + if ($request->isMethod('post')) + { + $this->form->bind($request->getParameter($this->form->getName())); + if ($this->form->isValid()) + { + $this->user = Doctrine_Core::getTable('sfGuardUser') + ->retrieveByUsernameOrEmailAddress($this->form->getValue('email_address')); + + Doctrine_Core::getTable('sfGuardForgotPassword') + ->deleteByUser($this->user); + + $forgotPassword = new sfGuardForgotPassword(); + $forgotPassword->user_id = $this->user->id; + $forgotPassword->unique_key = md5(rand() + time()); + $forgotPassword->expires_at = new Doctrine_Expression('NOW()'); + $forgotPassword->save(); + + $this->sendRequestMail($this->user, $forgotPassword); + + $this->getUser()->setFlash('notice', 'Check your e-mail! You should receive something shortly!'); + + $this->redirect(sfConfig::get('app_sf_guard_plugin_password_request_url', '@sf_guard_signin')); + } + } + } + + /** + * Send the request password email to the user + * + * @param object $user the user object + * @param sfGuardForgotPassword $forgotPassword the forgot password record + * + * @return void + */ + protected function sendRequestMail($user, $forgotPassword) + { + $i18n = $this->getContext()->getI18N(); + + $message = $this->getMailer()->compose( + sfConfig::get('app_sf_guard_plugin_default_from_email', 'from@noreply.com'), + $user->email_address, + $i18n->__('Forgot Password Request for %name%', array('%name%' => $user->username), 'sf_guard'), + $this->getPartial('sfGuardForgotPassword/send_request', array('user' => $user, 'forgot_password' => $forgotPassword)) + )->setContentType('text/html'); + + $this->getMailer()->send($message); + } + + public function executeChange($request) + { + $this->forgotPassword = $this->getRoute()->getObject(); + $this->user = $this->forgotPassword->User; + $this->form = new sfGuardChangeUserPasswordForm($this->user); + + if ($request->isMethod('post')) + { + $this->form->bind($request->getParameter($this->form->getName())); + if ($this->form->isValid()) + { + $this->form->save(); + + $this->forgotPassword->delete(); + + $this->sendChangeMail($this->user, $request['sf_guard_user']['password']); + + $this->getUser()->setFlash('notice', 'Password updated successfully!'); + + $this->redirect(sfConfig::get('app_sf_guard_plugin_password_change_url', '@sf_guard_signin')); + } + } + } + + /** + * Send email to the user with new password + * + * @param object $user user object + * @param string $password user password + * + * @return void + */ + protected function sendChangeMail($user, $password) + { + $i18n = $this->getContext()->getI18N(); + + $message = $this->getMailer()->compose( + sfConfig::get('app_sf_guard_plugin_default_from_email', 'from@noreply.com'), + $user->email_address, + $i18n->__('New Password for %name%', array('%name%' => $user->username) , 'sf_guard'), + $this->getPartial('sfGuardForgotPassword/new_password', array('user' => $user, 'password' => $password)) + )->setContentType('text/html'); + + $this->getMailer()->send($message); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_new_password.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_new_password.php new file mode 100644 index 0000000..b28f28b --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_new_password.php @@ -0,0 +1,16 @@ + + + $user->getFirstName()), 'sf_guard') ?>, + + + +: getUsername() ?> + +: \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_send_request.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_send_request.php new file mode 100755 index 0000000..79fa332 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/_send_request.php @@ -0,0 +1,16 @@ + + + $user->getFirstName()), 'sf_guard') ?>,

+ +

+ +

+ +unique_key, 'absolute=true') ?> \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/changeSuccess.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/changeSuccess.php new file mode 100755 index 0000000..32a6f05 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/changeSuccess.php @@ -0,0 +1,19 @@ + +

$user->getName()), 'sf_guard') ?>

+ +

+ +
+ + + + + + + + + +
+ +
+
\ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/indexSuccess.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/indexSuccess.php new file mode 100755 index 0000000..bad48c5 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardForgotPassword/templates/indexSuccess.php @@ -0,0 +1,22 @@ + +

+ +

+ + +

+ +
+ + + + + + + + + +
+ +
+
\ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/actions/actions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/actions/actions.class.php new file mode 100644 index 0000000..55f10c1 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardGroup/actions/actions.class.php @@ -0,0 +1,16 @@ +getUser()->isAuthenticated()) + { + $this->getUser()->setFlash('notice', 'You are already registered and signed in!'); + $this->redirect('@homepage'); + } + + $class = sfConfig::get('app_sf_guard_plugin_register_form', 'sfGuardRegisterForm'); + $this->form = new $class(); + + if ($request->isMethod('post')) + { + $this->form->bind($request->getParameter($this->form->getName())); + if ($this->form->isValid()) + { + $event = new sfEvent($this, 'user.filter_register'); + $this->form = $this->dispatcher + ->filter($event, $this->form) + ->getReturnValue(); + + $user = $this->form->save(); + $this->getUser()->signIn($user); + + $this->redirect('@homepage'); + } + } + } +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/lib/BasesfGuardRegisterComponents.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/lib/BasesfGuardRegisterComponents.class.php new file mode 100644 index 0000000..97bd22e --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/lib/BasesfGuardRegisterComponents.class.php @@ -0,0 +1,10 @@ +form = new $class(); + } +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/_form.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/_form.php new file mode 100644 index 0000000..ab60fb7 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/_form.php @@ -0,0 +1,14 @@ + + +
+ + + + + + + +
+ +
+
\ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/indexSuccess.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/indexSuccess.php new file mode 100644 index 0000000..8c4ce00 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardRegister/templates/indexSuccess.php @@ -0,0 +1,4 @@ + +

+ + $form)) ?> \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/actions/actions.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/actions/actions.class.php new file mode 100644 index 0000000..3322e8a --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/actions/actions.class.php @@ -0,0 +1,16 @@ + + * + * For the full copyright and license information, please view the LICENSE + * file that was distributed with this source code. + */ + +/** + * + * @package symfony + * @subpackage plugin + * @author Fabien Potencier + * @version SVN: $Id: BasesfGuardUserActions.class.php 24574 2009-11-30 12:00:04Z fabien $ + */ +class BasesfGuardUserActions extends autosfGuardUserActions +{ +} diff --git a/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/sfGuardUserGeneratorConfiguration.class.php b/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/sfGuardUserGeneratorConfiguration.class.php new file mode 100644 index 0000000..47377d5 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/modules/sfGuardUser/lib/sfGuardUserGeneratorConfiguration.class.php @@ -0,0 +1,13 @@ + + + sfDoctrineGuardPlugin + plugins.symfony-project.org + Identity management plugin. + Identity management plugin. + + Jonathan H. Wage + jwage + jonwage@gmail.com + yes + + ##CURRENT_DATE## + + ##PLUGIN_VERSION## + ##API_VERSION## + + + ##STABILITY## + ##STABILITY## + + MIT license + - + + ##CONTENTS## + + + + + 5.0.0 + + + 1.4.1 + + + symfony + pear.symfony-project.com + 1.3.0 + 1.5.0 + 1.5.0 + + + + + + + + + + + 4.0.2 + 4.0.0 + + + stable + stable + + MIT license + 2010-07-16 + MIT + + * jwage: fixed random generator for RememberMe keys (thanks laurentb) + + + + + 4.0.1 + 4.0.0 + + + stable + stable + + MIT license + 2009-12-01 + MIT + + Fixing issue with previous package + + + + \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardGroupFormTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardGroupFormTest.php new file mode 100644 index 0000000..06a332f --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardGroupFormTest.php @@ -0,0 +1,25 @@ +__construct() +$t->diag('->__construct()'); + +$form = new TestsfGuardGroupForm(); +$t->ok(!isset($form['sf_guard_user_group_list']), '->__construct() removes fields'); +$t->ok(!isset($form['created_at']), '->__construct() removes fields'); +$t->ok(!isset($form['updated_at']), '->__construct() removes fields'); \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardPermissionFormTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardPermissionFormTest.php new file mode 100644 index 0000000..76cd3dc --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardPermissionFormTest.php @@ -0,0 +1,25 @@ +__construct() +$t->diag('->__construct()'); + +$form = new TestsfGuardPermissionForm(); +$t->ok(isset($form['users_list']), '->__construct() does not remove users_list'); +$t->ok(!isset($form['created_at']), '->__construct() removes created_at'); +$t->ok(!isset($form['updated_at']), '->__construct() removes updated_at'); \ No newline at end of file diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardUserFormTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardUserFormTest.php new file mode 100644 index 0000000..c2a54a9 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/form/doctrine/PluginsfGuardUserFormTest.php @@ -0,0 +1,22 @@ +__construct() +$t->diag('->__construct()'); + +$form = new TestsfGuardUserForm(); diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTableTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTableTest.php new file mode 100644 index 0000000..0ecf499 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTableTest.php @@ -0,0 +1,53 @@ +createQuery() + ->delete() + ->whereIn('username', array('inactive_user', 'active_user')) + ->execute(); + +$inactiveUser = new sfGuardUser(); +$inactiveUser->email_address = 'email@test.com'; +$inactiveUser->username = 'inactive_user'; +$inactiveUser->password = 'password'; +$inactiveUser->is_active = false; +$inactiveUser->save(); + +$activeUser = new sfGuardUser(); +$activeUser->email_address = 'email2@test.com'; +$activeUser->username = 'active_user'; +$activeUser->password = 'password'; +$activeUser->is_active = true; +$activeUser->save(); + +// ->retrieveByUsername() +$t->diag('->retrieveByUsername()'); + +$t->is($table->retrieveByUsername('invalid'), null, '->retrieveByUsername() returns "null" if username is invalid'); +$t->is($table->retrieveByUsername('inactive_user'), null, '->retrieveByUsername() returns "null" if user is inactive'); +$t->isa_ok($table->retrieveByUsername('inactive_user', false), 'sfGuardUser', '->retrieveByUsername() returns an inactive user when second parameter is false'); +$t->isa_ok($table->retrieveByUsername('active_user'), 'sfGuardUser', '->retrieveByUsername() returns an active user'); +$t->is($table->retrieveByUsername('active_user', false), null, '->retrieveByUsername() returns "null" if user is active and second parameter is false'); +$t->isa_ok($table->retrieveByUsername('active_user'), 'sfGuardUser', '->retrieveByUsername() can be called non-statically'); + +try +{ + $table->retrieveByUsername(null); + $t->pass('->retrieveByUsername() does not throw an exception if username is null'); +} +catch (Exception $e) +{ + $t->diag($e->getMessage()); + $t->fail('->retrieveByUsername() does not throw an exception if username is null'); +} + +$t->isa_ok(@PluginsfGuardUserTable::retrieveByUsername('active_user'), 'sfGuardUser', '->retrieveByUsername() can be called statically (BC)'); diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTest.php new file mode 100644 index 0000000..d5890a0 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/model/doctrine/PluginsfGuardUserTest.php @@ -0,0 +1,115 @@ +createQuery() + ->delete() + ->where('username = ?', 'active_user') + ->execute(); + +$tableGroup = Doctrine_Core::getTable('sfGuardGroup'); +$tableGroup->createQuery() + ->delete() + ->where('name = ?', 'test-group') + ->execute(); + +$tablePermission = Doctrine_Core::getTable('sfGuardPermission'); +$tablePermission->createQuery() + ->delete() + ->where('name = ?', 'test-permission') + ->execute(); + +$activeUser = new sfGuardUser(); +$activeUser->first_name = 'John'; +$activeUser->last_name = 'Doe'; +$activeUser->email_address = 'email2@test.com'; +$activeUser->username = 'active_user'; +$activeUser->password = 'password'; +$activeUser->is_active = true; +$activeUser->save(); + +// ->__toString() +$t->diag('output functions'); + +$t->is((string) $activeUser, 'John Doe (active_user)', '->__toString() returns the full name and the username'); +$t->is($activeUser->getName(), 'John Doe', '->getName() returns the full name of the user'); + + +// group managment +$t->diag('group managment'); + +$t->is($activeUser->getGroupNames(), array(), '->getGroupNames() return empty array if no group is set'); + +try +{ + $activeUser->addGroupByName('test-group'); + $t->fail('->addGroupByName() does throw an exception if group not exist'); +} +catch (Exception $e) +{ + $t->pass('->addGroupByName() does throw an exception if group not exist'); +} + +$group = new sfGuardGroup(); +$group->name = 'test-group'; +$group->save(); + +$t->is($activeUser->hasGroup('test-group'), false, '->hasGroup() return false if user hasn\'t this group'); + +try +{ + $activeUser->addGroupByName('test-group'); + $t->pass('->addGroupByName() does not throw an exception if group exist'); +} +catch (Exception $e) +{ + $t->diag($e->getMessage()); + $t->fail('->addGroupByName() does not throw an exception if group exist'); +} + +$t->is($activeUser->getGroupNames(), array('test-group'), '->getGroupNames() return array with group names'); +$t->is($activeUser->hasGroup('test-group'), true, '->hasGroup() return true if user has this group'); + + +// permission managment +$t->diag('permission managment'); + +$t->is($activeUser->getPermissionNames(), array(), '->getPermissionNames() return empty array if no permission is set'); + +try +{ + $activeUser->addPermissionByName('test-permission'); + $t->fail('->addPermissionByName() does throw an exception if group not exist'); +} +catch (Exception $e) +{ + $t->pass('->addPermissionByName() does throw an exception if group not exist'); +} + +$permission = new sfGuardPermission(); +$permission->name = 'test-permission'; +$permission->save(); + +$t->is($activeUser->hasPermission('test-permission'), false, '->hasPermission() return false if user hasn\'t this group'); + +try +{ + $activeUser->addPermissionByName('test-permission'); + $t->pass('->addPermissionByName() does not throw an exception if permission exist'); +} +catch (Exception $e) +{ + $t->diag($e->getMessage()); + $t->fail('->addPermissionByName() does not throw an exception if permission exist'); +} + +$t->is($activeUser->getPermissionNames(), array('test-permission'), '->getPermissionNames() return array with permission names'); +$t->is($activeUser->hasPermission('test-permission'), true, '->hasPermission() return true if user has this group'); diff --git a/plugins/sfDoctrineGuardPlugin/test/unit/validator/sfGuardValidatorUserTest.php b/plugins/sfDoctrineGuardPlugin/test/unit/validator/sfGuardValidatorUserTest.php new file mode 100644 index 0000000..69dfb08 --- /dev/null +++ b/plugins/sfDoctrineGuardPlugin/test/unit/validator/sfGuardValidatorUserTest.php @@ -0,0 +1,132 @@ +active; + } + + public function checkPassword($password) + { + return $password == $this->password; + } +} + +class MockTable +{ + static public $user = null; + + public function retrieveByUsername() + { + return self::$user->username == $username ? self::$user : null; + } + + public function retrieveByUsernameOrEmailAddress($username) + { + return $this->retrieveByUsername($username) || self::$user->emailAddress == $username ? self::$user : null; + } +} + +class TestValidator extends sfGuardValidatorUser +{ + protected function getTable() + { + return new MockTable(); + } +} + +// ->clean() +$t->diag('->clean()'); + +$validator = new TestValidator(); + +$activeUser = new MockUser(); +$activeUser->active = true; + +$inactiveUser = new MockUser(); +$inactiveUser->active = false; + +MockTable::$user = $activeUser; + +try +{ + $values = $validator->clean(array('username' => 'mock', 'password' => 'correct')); + + $t->pass('->clean() does not throw an error if an active user is found'); + $t->isa_ok($values['user'], 'MockUser', '->clean() adds the user object to the cleaned values'); +} +catch (sfValidatorErrorSchema $error) +{ + $t->fail('->clean() does not throw an error if an active user is found'); + $t->skip(); +} + +try +{ + $values = $validator->clean(array('username' => 'mock@example.com', 'password' => 'correct')); + + $t->pass('->clean() does not throw an error if an active user is found'); + $t->isa_ok($values['user'], 'MockUser', '->clean() adds the user object to the cleaned values'); +} +catch (sfValidatorErrorSchema $error) +{ + $t->fail('->clean() does not throw an error if an active user is found'); + $t->skip(); +} + +try +{ + $validator->clean(array('username' => 'mock', 'password' => 'incorrect')); + $t->fail('->clean() throws an error if password is incorrect'); +} +catch (sfValidatorErrorSchema $error) +{ + $t->pass('->clean() throws an error if password is incorrect'); +} + +try +{ + $validator->clean(array('username' => null, 'password' => null)); + + $t->fail('->clean() throws an error if no username is provided'); + $t->skip('', 2); +} +catch (sfValidatorErrorSchema $error) +{ + $t->pass('->clean() throws an error if no username is provided'); + + $t->ok(isset($error['username']), '->clean() throws a "username" error if no username is provided'); + $t->is($error['username']->getCode(), 'invalid', '->clean() throws an "invalid" error if no username is provided'); +} + +$validator->setOption('throw_global_error', true); + +try +{ + $validator->clean(array('username' => null, 'password' => null)); + $t->fail('->clean() throws a global error if the "throw_global_error" option is true'); +} +catch (sfValidatorErrorSchema $error) +{ + $t->fail('->clean() throws a global error if the "throw_global_error" option is true'); +} +catch (sfValidatorError $error) +{ + $t->pass('->clean() throws a global error if the "throw_global_error" option is true'); +} + +