/lib/Lampcms/Controllers/Editapp.php
PHP | 317 lines | 132 code | 46 blank | 139 comment | 13 complexity | 4a5b5b7ea98035186eb2fee9d425930c MD5 | raw file
Possible License(s): LGPL-3.0
- <?php
- /**
- *
- * License, TERMS and CONDITIONS
- *
- * This software is licensed under the GNU LESSER GENERAL PUBLIC LICENSE (LGPL) version 3
- * Please read the license here : http://www.gnu.org/licenses/lgpl-3.0.txt
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions are met:
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- * 3. The name of the author may not be used to endorse or promote products
- * derived from this software without specific prior written permission.
- *
- * ATTRIBUTION REQUIRED
- * 4. All web pages generated by the use of this software, or at least
- * the page that lists the recent questions (usually home page) must include
- * a link to the http://www.lampcms.com and text of the link must indicate that
- * the website\'s Questions/Answers functionality is powered by lampcms.com
- * An example of acceptable link would be "Powered by <a href="http://www.lampcms.com">LampCMS</a>"
- * The location of the link is not important, it can be in the footer of the page
- * but it must not be hidden by style attributes
- *
- * THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS" AND ANY EXPRESS OR IMPLIED
- * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
- * IN NO EVENT SHALL THE FREEBSD PROJECT OR CONTRIBUTORS BE LIABLE FOR ANY
- * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
- * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
- * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
- * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
- * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- * This product includes GeoLite data created by MaxMind,
- * available from http://www.maxmind.com/
- *
- *
- * @author Dmitri Snytkine <cms@lampcms.com>
- * @copyright 2005-2012 (or current year) Dmitri Snytkine
- * @license http://www.gnu.org/licenses/lgpl-3.0.txt GNU LESSER GENERAL PUBLIC LICENSE (LGPL) version 3
- * @link http://www.lampcms.com Lampcms.com project
- * @version Release: @package_version@
- *
- *
- */
-
-
- namespace Lampcms\Controllers;
-
- use \Lampcms\WebPage;
- use \Lampcms\Mongo\Doc as MongoDoc;
- use \Lampcms\Captcha\Captcha;
- use \Lampcms\String;
- use \Lampcms\Api\Clientdata;
- use \Lampcms\Api\IconParser;
- use \Lampcms\Request;
- use \Lampcms\Responder;
-
- /**
- * Controller for Adding
- * or Editing the API Client App
- *
- * @author Dmitri Snytkine
- *
- */
- class Editapp extends WebPage
- {
-
- /**
- * Pre-check to deny non-logged in user
- * access to this page
- *
- * @var bool
- */
- protected $membersOnly = true;
-
-
- /**
- *
- * Viewer must have edit_profile
- * permission to access this page
- *
- * @var string
- */
- protected $permission = 'edit_profile';
-
-
- /**
- * $layoutID 1 means no side-column on page
- *
- * @var int
- */
- protected $layoutID = 1;
-
-
- /**
- * Form object
- *
- * @var object of type \Lampcms\Forms\Form
- */
- protected $Form;
-
-
- /**
- * Existing API data in case this is
- * an edit of client
- *
- * @var object of type \Lampcms\Mongo\Doc representing
- * the Api client
- */
- protected $oApi;
-
-
- protected function main()
- {
- $this->setApi();
- $email = $this->Registry->Viewer->email;
- $this->Form = new \Lampcms\Forms\Apiclient($this->Registry);
-
- if ($this->Form->isSubmitted() && $this->Form->validate()) {
- d('$this->oApi: ' . print_r($this->oApi->getArrayCopy(), 1));
- $this->save();
- $this->Registry->Dispatcher->post($this->Form, 'onApiClientSave');
- $url = '{_WEB_ROOT_}/{_viewapp_}/' . $this->oApi['_id'];
- $mapper = $this->Router->getCallback();
- $url = $mapper($url);
- Responder::redirectToPage($url);
- } else {
- $this->setForm();
- $this->aPageVars['body'] = $this->Form->getForm();
- }
- }
-
-
- /**
- * Instantiates $this->oApi object
- * it will either contain empty values
- * in case this is new registration
- * or will have values from previous
- * application
- *
- * @return object $this
- */
- protected function setApi()
- {
- $appid = $this->Router->getSegment(1, 'i', 0);
- $this->oApi = Clientdata::factory($this->Registry);
- if (!empty($appid)) {
-
- $a = $this->Registry->Mongo->API_CLIENTS->findOne(array('_id' => $appid,
- 'i_uid' => $this->Registry->Viewer->getUid()));
- if (!empty($a)) {
- $this->oApi->reload($a);
- } else {
- d('APP not found by id ' . $appid.' for viewer '.$this->Registry->Viewer->getUid());
- }
- }
-
- return $this;
- }
-
-
- /**
- * Populate form values with
- * existing data from oApi object
- * if this is a new registration then
- * $this->oApi has empty array as its data
- * and all values will be empty (just as we expect)
- *
- * @return object $this
- */
- protected function setForm()
- {
- $c = Captcha::factory($this->Registry->Ini)->getCaptchaBlock();
- $id = $this->Request->get('app_id', 'i', 0);
- $this->aPageVars['title'] = (empty($id)) ? '@@Register an Application@@' : '@@Edit Application details@@';
- $this->Form->formTitle = $this->aPageVars['title'];
-
- $this->Form->setVar('captcha', $c);
- $this->Form->app_id = (int)$this->oApi['_id'];
- $this->Form->app_name = $this->oApi['app_name'];
- $this->Form->appsite = $this->oApi['appsite'];
- $this->Form->company = $this->oApi['company'];
- $this->Form->company = $this->oApi['company'];
- $this->Form->app_type = $this->oApi['app_type'];
- $this->Form->about = $this->oApi['about'];
- $this->Form->icon_image = $this->oApi->getIcon(false);
-
- return $this;
- }
-
-
- /**
- * Save the submitted form values
- * by setting the $this->oApi object
- * and then calling insert() or save() on it
- *
- * @throws \OutOfBoundsException
- * @return object $this
- */
- protected function save()
- {
- $isUpdate = false;
- $vals = $this->Form->getSubmittedValues();
- d('vals: ' . print_r($vals, 1));
-
- $appid = (int)$vals['app_id'];
- if ($appid > 0) {
- $isUpdate = true;
- d('has appid, editing mode');
- $this->validateAppIdOwnership($appid);
- } else {
- /**
- * Auto-generate app_id
- * Use USERS auto-increment value
- * because we can then store the image in the same
- * way we store avatar - in the same directory
- * using hex based path.
- *
- */
- $appid = $this->Registry->Incrementor->nextValue('USERS');
- }
-
- d('$appid: ' . $appid);
- $this->oApi['_id'] = $appid;
- $this->oApi['i_uid'] = $this->Registry->Viewer->getUid();
- $this->oApi['app_name'] = (string)$this->Request->getUTF8('app_name')->trim()->stripTags();
- $this->oApi['appsite'] = (string)$this->Request->getUTF8('appsite')->trim()->stripTags();
- $this->oApi['company'] = (string)$this->Request->getUTF8('company')->trim()->stripTags();
- $this->oApi['app_type'] = (string)$this->Request->getUTF8('app_type')->trim()->stripTags();
- $this->oApi['about'] = (string)$this->Request->getUTF8('about')->trim()->stripTags();
- $this->oApi['api_key'] = $appid . '.' . String::makeRandomString(12);
-
- $this->parseIcon();
-
- /**
- * Ensure that app is a unique field
- * app is the name of application
- */
- $coll = $this->Registry->Mongo->API_CLIENTS;
- $coll->ensureIndex(array('app_name' => 1), array('unique' => true));
- $coll->ensureIndex(array('api_key' => 1), array('unique' => true));
- $coll->ensureIndex(array('i_uid' => 1));
-
- try {
- if ($isUpdate) {
- d('cp');
- $this->oApi['edited_time'] = date('F j, Y g:i a T');
- $this->oApi['edit_ip'] = Request::getIP();
- $res = $this->oApi->save();
- } else {
- d('cp');
- $this->oApi['created_time'] = date('F j, Y g:i a T');
- $this->oApi['ip'] = Request::getIP();
- $res = $this->oApi->insert();
- }
- } catch ( \Exception $e ) {
- throw new \OutOfBoundsException($e->getMessage());
- }
-
- d('$res: ' . $res);
-
- return $this;
- }
-
-
- /**
- * Verify that the appid is owned by
- * the same user as Viewer
- *
- * @param int $appid
- *
- * @throws \Lampcms\Exception
- * @return \Lampcms\Controllers\Editapp
- */
- protected function validateAppIdOwnership($appid)
- {
-
- $a = $this->Registry->Mongo->API_CLIENTS->findOne(array('_id' => $appid));
- if ($a['i_uid'] !== $this->Registry->Viewer->getUid()) {
- throw new \Lampcms\Exception('@@You do not have permission to edit this application@@');
- }
-
- return $this;
- }
-
-
- /**
- * If use has uploaded an Icon for the app
- * then parse it and add to oApi object
- *
- * @return object $this
- */
- protected function parseIcon()
- {
- d('cp');
-
- if (!$this->Form->hasUploads() || (null === $tempPath = $this->Form->getUploadedFile('icon'))) {
- d('Icon not uploaded');
-
- return $this;
- }
-
-
- d('$tempPath: ' . $tempPath);
-
- IconParser::addIcon($this->oApi, $tempPath);
-
- return $this;
- }
-
- }