|
|
@@ -0,0 +1,255 @@
|
|
|
+<?php
|
|
|
+
|
|
|
+Lib::loadClass('RouteBase');
|
|
|
+Lib::loadClass('ProcesHelper');
|
|
|
+Lib::loadClass('Config');
|
|
|
+
|
|
|
+class Route_Auth extends RouteBase {
|
|
|
+
|
|
|
+ public function handleAuth() {
|
|
|
+ if (!User::logged()) {
|
|
|
+ // throw new HttpException('Unauthorized', 401);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ public function defaultAction() {
|
|
|
+ SE_Layout::gora();
|
|
|
+ if (!User::logged()) {
|
|
|
+?>
|
|
|
+ <div class="container">
|
|
|
+ <h1>Unauthorized</h1>
|
|
|
+ <ul>
|
|
|
+ <li><a href="index.php?_route=Auth&_task=register">Register</a></li>
|
|
|
+ </ul>
|
|
|
+ </div>
|
|
|
+<?php
|
|
|
+ } else {
|
|
|
+?>
|
|
|
+ <div class="container">
|
|
|
+ <h1>Auth</h1>
|
|
|
+ ...
|
|
|
+ </div>
|
|
|
+<?php
|
|
|
+ }
|
|
|
+ SE_Layout::dol();
|
|
|
+ }
|
|
|
+
|
|
|
+ public function registerAction() {
|
|
|
+ SE_Layout::gora();
|
|
|
+
|
|
|
+ $formFields = array();
|
|
|
+ $overrideLabels = array();
|
|
|
+ $formFields[] = 'ADM_NAME';// Imię i nazwisko
|
|
|
+ $formFields[] = 'EMAIL';// Adres e-mail
|
|
|
+ $formFields[] = 'ADM_PASSWD';// Hasło
|
|
|
+ // Potwierdź hasło
|
|
|
+ // TODO: stanowisko - if allowed (TODO: in config? '.cnf--auth-{host}.ini.php')
|
|
|
+ $overrideLabels['ADM_NAME'] = 'Imię i nazwisko';
|
|
|
+ $overrideLabels['EMAIL'] = "Email";
|
|
|
+ $overrideLabels['ADM_PASSWD'] = "Hasło";
|
|
|
+
|
|
|
+ $tblAcl = $this->_getUsersTableAcl($formFields, $overrideLabels);
|
|
|
+ //$dataSource = $tblAcl->getDataSource();
|
|
|
+
|
|
|
+ $cols = array();
|
|
|
+
|
|
|
+ $fieldsList = array();
|
|
|
+ $fieldsListAll = $tblAcl->getFields();
|
|
|
+ foreach ($formFields as $vColName) {
|
|
|
+ $vColID = $tblAcl->getFieldIdByName($vColName);
|
|
|
+ if (isset($fieldsListAll[$vColID])) {
|
|
|
+ $fieldsList[$vColID] = $fieldsListAll[$vColID];
|
|
|
+ $cols[$vColID] = '';
|
|
|
+ //$cols[$kID] = V::get($vCol['name'], '', $row);
|
|
|
+ $cols[$vColID] = V::get("f{$vColID}", $cols[$vColID], $_POST);
|
|
|
+ }
|
|
|
+ else {
|
|
|
+ ?>
|
|
|
+ <div class="alert alert-danger">
|
|
|
+ <h4>Error!</h4>
|
|
|
+ Brak uprawnień do pola <?php echo $vColName; ?>
|
|
|
+ </div>
|
|
|
+ <?php
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ DBG::_(true, true, "cols", $cols, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ $tableHash = 'routeAuthRegister';
|
|
|
+?>
|
|
|
+<div class="container AjaxFrmHorizontalEdit">
|
|
|
+ <div id="CREATE_FRM_<?php echo $tableHash; ?>_MSGS"></div>
|
|
|
+ <form class="form-horizontal" action="" method="post" id="CREATE_FRM_<?php echo $tableHash; ?>">
|
|
|
+ <fieldset>
|
|
|
+ <legend>Zarejestruj</legend>
|
|
|
+
|
|
|
+
|
|
|
+ <?php $tabindex = 0; foreach ($fieldsList as $kID => $vCol) : ?>
|
|
|
+ <?php if ($tblAcl->isAllowed($kID, 'C')) : ?>
|
|
|
+ <div class="form-group">
|
|
|
+ <label class="col-xs-12 col-sm-3 col-md-2 control-label" for="<?php echo "f{$kID}"; ?>"><?php echo $vCol['label']; ?>
|
|
|
+ <i class="glyphicon glyphicon-info-sign frm-help" data-toggle="popover" data-trigger="hover" title="" data-content="<?php echo htmlspecialchars($vCol['opis']); ?>" data-original-title="<?php echo "[{$kID}] {$vCol['name']}"; ?>"></i>
|
|
|
+ <?php $perms = $tblAcl->getFieldPerms($kID); SE_Layout::hotKeyDBG($perms); ?>
|
|
|
+ </label>
|
|
|
+ <div class="col-xs-12 col-sm-9 col-md-10">
|
|
|
+ <?php
|
|
|
+ $fieldParams = array('appendBack'=>true, 'tabindex'=>(++$tabindex), 'maxGrid'=>8);
|
|
|
+ echo $tblAcl->showFormItem('C', $kID, "f{$kID}", $cols[$kID], $fieldParams);
|
|
|
+ ?>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+ <?php endif; ?>
|
|
|
+ <?php endforeach; ?>
|
|
|
+
|
|
|
+ <div class="form-group">
|
|
|
+ <div class="col-xs-offset-0 col-xs-12 col-sm-offset-3 col-sm-9 col-md-offset-2 col-md-10">
|
|
|
+ <button type="submit" class="btn btn-primary" tabindex="<?php echo (++$tabindex); ?>">Zarejestruj</button>
|
|
|
+ </div>
|
|
|
+ </div>
|
|
|
+
|
|
|
+ </fieldset>
|
|
|
+ </form>
|
|
|
+</div>
|
|
|
+
|
|
|
+<script>
|
|
|
+jQuery(document).ready(function(){
|
|
|
+ jQuery('textarea').autosize();
|
|
|
+
|
|
|
+ jQuery('.frm-help').popover({trigger:'hover'});
|
|
|
+
|
|
|
+ jQuery('#CREATE_FRM_<?php echo $tableHash; ?>').on('submit', function(e) {
|
|
|
+ var data = $(this).serialize(),
|
|
|
+ formNode = $('#CREATE_FRM_<?php echo $tableHash; ?>'),
|
|
|
+ msgsNode = $('#CREATE_FRM_<?php echo $tableHash; ?>_MSGS')
|
|
|
+ ;
|
|
|
+
|
|
|
+ $.ajax({
|
|
|
+ data: data,
|
|
|
+ dataType: 'json',
|
|
|
+ type: "POST",
|
|
|
+ async: true,
|
|
|
+ url: 'index.php?_route=Auth&_task=createSave'
|
|
|
+ })
|
|
|
+ .always(function(dataOrJqXHR){
|
|
|
+ var data;
|
|
|
+ if (dataOrJqXHR && 'readyState' in dataOrJqXHR && 'status' in dataOrJqXHR) {
|
|
|
+ if ('responseJSON' in dataOrJqXHR) {
|
|
|
+ data = dataOrJqXHR.responseJSON;
|
|
|
+ } else {
|
|
|
+ data = {};
|
|
|
+ data.msg = dataOrJqXHR.responseText || 'Nieznany błąd';
|
|
|
+ if (dataOrJqXHR.status == 404) {
|
|
|
+ data.type = 'error';
|
|
|
+ } else {
|
|
|
+ data.type = 'warning';
|
|
|
+ }
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ data = dataOrJqXHR;
|
|
|
+ }
|
|
|
+console.log('L.<?php echo __LINE__; ?> data', data);
|
|
|
+
|
|
|
+ if (data.type == 'error' || data.type == 'warning') {
|
|
|
+ var out = '<div class="container">';
|
|
|
+ out += '<div class="alert alert-danger">' +
|
|
|
+ '<h4>Wystąpiły błędy!</h4>' + data.msg +
|
|
|
+ (('errors' in data)? '<p>' + data.errors + '</p>' : '') +
|
|
|
+ '</div>';
|
|
|
+ out += '</div>';
|
|
|
+ // TODO: show all fields errors
|
|
|
+ $(out).appendTo(msgsNode);
|
|
|
+ }
|
|
|
+ else if (data.type == 'success') {
|
|
|
+ var msg = '';
|
|
|
+ if (data.id && data.id > 0) {
|
|
|
+ msg = 'Utworzono pomyślnie konto w systemie';
|
|
|
+ } else if (data.msg) {
|
|
|
+ msg = data.msg;
|
|
|
+ } else {
|
|
|
+ msg = 'OK';
|
|
|
+ }
|
|
|
+ var out = '<div class="container">';
|
|
|
+ out += '<div class="alert alert-success">' + msg + '</div>';
|
|
|
+ out += '</div>';
|
|
|
+ $(out).appendTo(msgsNode);
|
|
|
+ formNode.hide();
|
|
|
+ }
|
|
|
+ });
|
|
|
+ console.log('L.<?php echo __LINE__; ?>');return false;
|
|
|
+
|
|
|
+ return false;
|
|
|
+ });
|
|
|
+});
|
|
|
+</script>
|
|
|
+ <?php
|
|
|
+ SE_Layout::dol();
|
|
|
+ }
|
|
|
+
|
|
|
+ public function _getUsersTableAcl($formFields, $overrideLabels = array()) {
|
|
|
+ $idTable = ProcesHelper::getZasobTableID('ADMIN_USERS');
|
|
|
+ if (!$idTable) throw new Exception("Brak id tabeli");
|
|
|
+ //DBG::_(true, true, "idTable", $idTable, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+
|
|
|
+ $userAcl = User::getAcl();
|
|
|
+ //DBG::_(true, true, "userAcl", $userAcl, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+
|
|
|
+ if (!$userAcl->hasTableAcl($idTable)) {
|
|
|
+ // .cnf--auth-{host}.ini.php
|
|
|
+ $conf = Config::getConfFile('auth');
|
|
|
+ if (!$conf) throw new Exception("Config file for 'auth' not found!");
|
|
|
+ $isRegisterAllowed = V::get('allow_register', false, $conf);
|
|
|
+ //DBG::_(true, true, "conf (isRegisterAllowed={$isRegisterAllowed})", $conf, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ if (!$isRegisterAllowed) throw new Exception("Brak uprawnień do rejestracji");
|
|
|
+
|
|
|
+ $zasobTblInfo = ProcesHelper::getZasobTableInfoByUri($tblUri = "default_db/ADMIN_USERS");
|
|
|
+ if (!$zasobTblInfo) throw new HttpException("Brak zasobu dla tabeli użytkowników", 404);
|
|
|
+ //DBG::_(true, true, "zasobTblInfo", $zasobTblInfo, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+
|
|
|
+ {
|
|
|
+ $tableConfig = array();
|
|
|
+ $tableConfig['ID_TABLE'] = $idTable;
|
|
|
+ $tableConfig['db'] = $zasobTblInfo->P__ID;
|
|
|
+ $tableConfig['name'] = $zasobTblInfo->DESC;
|
|
|
+ $tableConfig['label'] = $zasobTblInfo->DESC_PL;
|
|
|
+ $tableConfig['opis'] = $zasobTblInfo->OPIS;
|
|
|
+ //DBG::_(true, true, "formFields", $formFields, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ //DBG::_(true, true, "tableConfig", $tableConfig, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ }
|
|
|
+
|
|
|
+ {
|
|
|
+ $fieldsConfig = array();
|
|
|
+ $fldsInfo = ProcesHelper::getZasobTableFieldsInfo($idTable);
|
|
|
+ //DBG::_(true, true, "fldsInfo", $fldsInfo, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ foreach ($fldsInfo as $fldInfo) {
|
|
|
+ if (!in_array($fldInfo->DESC, $formFields)) continue;
|
|
|
+ $fldConf = array();
|
|
|
+ $fldConf['ID_CELL'] = $fldInfo->ID;
|
|
|
+ $fldConf['CELL_NAME'] = $fldInfo->DESC;
|
|
|
+ $fldConf['CELL_DESC'] = (array_key_exists($fldInfo->DESC, $overrideLabels))? $overrideLabels[$fldInfo->DESC] : $fldInfo->OPIS;
|
|
|
+ $fldConf['CELL_LABEL'] = (array_key_exists($fldInfo->DESC, $overrideLabels))? $overrideLabels[$fldInfo->DESC] : $fldInfo->DESC_PL;
|
|
|
+ $fldConf['SORT_PRIO'] = $fldInfo->SORT_PRIO;
|
|
|
+ $fldConf['FORM_TREAT'] = 'RWXC';
|
|
|
+ $fieldsConfig[$fldInfo->ID] = $fldConf;
|
|
|
+ }
|
|
|
+ //DBG::_(true, true, "fieldsConfig", $fieldsConfig, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ }
|
|
|
+
|
|
|
+ {// TODO: init and save in session default perms
|
|
|
+ DBG::_(true, true, "ses tbl cache[{$idTable}]", $_SESSION['TableAcl_cache'][$idTable], __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ $tblAcl = TableAcl::buildInstance($idTable, $tableConfig);
|
|
|
+ $tblAcl->initFieldsFromConfig($fieldsConfig);
|
|
|
+ $tblAcl->save();
|
|
|
+ DBG::_(true, true, "ses tbl cache[{$idTable}]", $_SESSION['TableAcl_cache'][$idTable], __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ }
|
|
|
+
|
|
|
+ //throw new Exception("Brak uprawnień do tabeli ID={$idTable}");
|
|
|
+ }
|
|
|
+ //DBG::_(true, true, "_SESSION['UserAcl_cache']['foundTables']", $_SESSION['UserAcl_cache']['foundTables'], __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+
|
|
|
+ //$tblAcl = $userAcl->getTableAcl($idTable);
|
|
|
+ if (!$tblAcl) throw new Exception("Brak tabeli");
|
|
|
+ $tblAcl->init();
|
|
|
+ DBG::_(true, true, "tblAcl", $tblAcl, __CLASS__, __FUNCTION__, __LINE__);
|
|
|
+ return $tblAcl;
|
|
|
+ }
|
|
|
+
|
|
|
+}
|
