<?php
namespace TLF;
/**
*
* Functions at a sudo level, thus can manage permissions for any user, manage roles, and probably other stuff???
*
* @export(Class.UserSystem)
*/
class UserSystem extends \Lia\Compo {
public function onSelf_PackageSetup($event,$url){
$user = $this->activeUser();
/**
* Get user by `$lia->get('User')`
*
* @export(User.Key.Object)
*/
$lia->set('User', $user);
/**
* Get user system by `$lia->get('User.System')`
*
* @export(User.Key.System)
*/
$lia->set('User.System', $this);
}
protected function activeUser(){
return
$this->activeUser
??
( $this->activeUser = new \TLF\User( \Sentinel::check() ) )
;
}
public function addRole($user, $role){
}
public function addRolePermission($role, $permission, $with=null){
// should $role be an object? YES
}
public function addUserPermission($user, $permission, $with=null){
//How to differentiate between global permissions & item-specific permissions??
//Should addUserPermissions() and addRolePermissions() be condensed into one?
// Will the implement the same interface?
}
public function role($name){
// $role = Sentinel::findRoleBySlug($roleName);
// if ($role==null){
// $roleRepo = Sentinel::getRoleRepository();
// $role = $roleRepo->create([
// 'name'=>$roleName,
// 'slug'=>$roleName
// ]);
// }
// return $role;
}
public function getUser($byKey='email||id', $withValue){
//Should there be multiple getUser functions?
// What about getting a list of users?
// $user = Sentinel::findUserByCredentials(['email'=>$email]);
// return new static($user);
}
public function setDBCredentials($dbName,$userName,$password,$extra=[]){
return;
$capsule = new Capsule();
$capsule->addConnection([
'driver' => $extra['driver'] ?? 'mysql',
'host' => ($host=$extra['host'] ?? 'localhost'),
'database' => $dbName,
'username' => $userName,
'password' => $password,
'charset' => $extra['charset'] ?? 'utf8',
'collation' => $extra['collation'] ?? 'utf8_unicode_ci',
]);
$capsule->bootEloquent();
$pdo = new \PDO('mysql:host='.$host.';dbname='.$dbName,$userName,$password);
$this->set('db-pdo-sentinel',$pdo);
}
function sendActivationEmail($user,$activation){
$message = "Click the link below to register your account.\n<br>\n"
."<a href=\"".$this->absoluteUrl($this->urlWithBase('/activate/'.$activation->getCode().'/'))."\">Complete Registration</a>";
$sent = $this->sendMail($user->email,"Registration", $message,$user->first_name);
if ($this->devMode===true){
echo "This should only be shown for development purposes.\n<br>";
echo $message;
} else {
echo "An email has been sent to ".$user->email.". Please click the link in your email.";
}
}
protected function passwordFailsRequirements($password){
$passes = (bool)preg_match('/((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[\!\@\#\$\%\^\&\*\(\)\\\|\{\[\}\]\/\?\.\,\-\:\;\'\"\`\~\=\+\_\<\>]).{8,200})/',$password);
if (!$passes){
return TRUE;
}
return FALSE;
}
protected function sendMail($email,$subject,$message,$name = 'User'){
$site_name = $this->site_name;
$contact_name = $this->contact_name;
$contact_email = $this->contact_email;
$mailSent = mail($email,$subject.' - '.$site_name,
$message,
"MIME-Version: 1.0\n"
."Content-type: text/html; charset=iso-8859-1\n"
."To: {$name} <".$email.">\n"
."From: {$contact_name} <{$contact_email}>\n"
."Reply-to: {$contact_name} <{$contact_email}>"
);
// var_dump($mailSent);
// echo '<h1>Email message:</h1>';
// var_dump($message);
return $mailSent;
}
public function links(...$files){
$links = [];
foreach ($files as $file){
$parts = explode('.',$file);
// print_r($parts);
// exit;
$parts[0] = $parts[0] ?? '';
$parts[1] = $parts[1] ?? '';
$parts[2] = $parts[2] ?? '';
$url = $this->url($parts[0],$parts[1],$parts[2]);
$name = ucfirst($parts[1]).' '.ucfirst(pathinfo($parts[0],PATHINFO_FILENAME));
if ($name[0]==' ')$name = substr($name,1);
$link = '<a href="'.$url.'">'.$name.'</a>';
$links[] = $link;
}
$html = "\n<hr>\n<p>".implode("\n<br>",$links)."\n</p>\n";
return $html;
}
public function tryPasswordReset($data){
$user = Sentinel::findByCredentials(['email'=>$data['email']]);
$this->logout();
if (!$user){
return false;
}
$activator = Sentinel::getActivationRepository();
$pdo = $this->get('User.PDO');
$statement = $pdo->prepare("DELETE FROM activations WHERE `user_id` = :user_id AND (completed <> 1 OR completed_at IS NULL)");
$statement->execute([':user_id'=>$user->id]);
$activation = $activator->create($user);
return $activation;
}
public function tryActivation($data){
$activator = Sentinel::getActivationRepository();
// $email = $data['email'];
// need to get email via the activation code
$password = $data['password'];
$confirm = $data['confirm'];
$code = $data['activation'];
$user = Sentinel::findUserByCredentials(['email'=>$email]);
if (!$user){
throw new \Exception("There was a problem.");
//This should probably NOT ever be told to anyone. ever
return 'An account does not exists for the given email address. '.$this->link('register', 'Register an account');
} else if ($password!==$confirm){
$this->showAtUrl('/activate/'.$code);
$ret = 'The confirmation did not match the password you entered. Please try again.';
$ret .= $this->view('User.Activate',['code'=>$code]);
return $ret;
} else if ($this->passwordFailsRequirements($password)){
$ret = 'The password you entered is not strong enough.';
$ret .= $this->view('User.Activate',['code'=>$code]);
return $ret;
return;
} else if (!$activator->exists($user,$code)){
$ret = 'There is something wrong with the activation code. Try resetting your password (again)';
$ret .= $this->view('User.Password.Reset');
return;
}
Sentinel::logout();
/**
* You must set a PDO object to `User.PDO` like `$lia->set('User.PDO', $yourPDOObject);`
*
* @export(Config.PDO)
*/
$pdo = $this->get('User.PDO');
$statement = $pdo->prepare("DELETE FROM activations WHERE `user_id` = :user_id");
$statement->execute([':user_id'=>$user->id]);
$activation = $activator->create($user);
$activator->complete($user,$activation->code);
Sentinel::update($user,['password'=>$data['password']]);
return 'Password updated! '.$this->link('login','Log in').' with your new password.';
}
}