361ab5fd2e979ac7342a35021ba22e24fc6ab15b
[cacert-mgr.git] / manager / application / controllers / ManageAccountController.php
1 <?php
2 /**
3 * @author Michael Tänzer
4 */
5
6 class ManageAccountController extends Zend_Controller_Action
7 {
8 const MAX_POINTS_PER_ASSURANCE = 35;
9 const MAX_ASSURANCE_POINTS = 100;
10
11 protected $db;
12
13 public function init()
14 {
15 $config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/application.ini',
16 APPLICATION_ENV);
17
18 $this->db = Zend_Db::factory($config->ca_mgr->db->auth->pdo,
19 $config->ca_mgr->db->auth);
20 }
21
22 public function indexAction()
23 {
24 // Just render the view
25 return;
26 }
27
28 public function assuranceAction()
29 {
30 // Validate form
31 $form = $this->getAssuranceForm();
32 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
33 $this->view->assurance_form = $form;
34 return $this->render('assuranceform');
35 }
36
37 // Form is valid -> get values for processing
38 $values = $form->getValues();
39
40
41 // Check identity of the user
42 $session = Zend_Registry::get('session');
43 if ($session->authdata['authed'] !== true) {
44 throw new Exception(__METHOD__ . ': you need to log in to use this feature');
45 }
46 $query = 'select `id` from `users` where `id` = :user';
47 $query_params['user'] = $session->authdata['authed_id'];
48 $result = $this->db->query($query, $query_params);
49 if ($result->rowCount() !== 1) {
50 throw new Exception(__METHOD__ . ': user ID not found in the data base');
51 }
52 $row = $result->fetch();
53 $user['id'] = $row['id'];
54
55
56 // Get current points of the user
57 $query = 'select sum(`points`) as `total` from `notary` where `to` = :user';
58 $query_params['user'] = $user['id'];
59 $row = $this->db->query($query, $query_params)->fetch();
60 if ($row['total'] === NULL) $row['total'] = 0;
61 $user['points'] = $row['total'];
62
63
64 // Do the actual assurances
65 $assurance = array(); // Make sure the array is empty
66 $assurance['to'] = $user['id'];
67 $assurance['location'] = $values['location'];
68 $assurance['date'] = $values['date'];
69 $assurance['when'] = new Zend_Db_Expr('now()');
70 $this->view->assurancesDone = array();
71
72 $quantity = $values['quantity'];
73 do {
74 // split up into multiple assurances
75 if ($quantity > self::MAX_POINTS_PER_ASSURANCE) {
76 $assurance['awarded'] = self::MAX_POINTS_PER_ASSURANCE;
77 $quantity -= self::MAX_POINTS_PER_ASSURANCE;
78 } else {
79 $assurance['awarded'] = $quantity;
80 $quantity = 0;
81 }
82
83 // Get the assurer for this assurance
84 $assurance['from'] = $this->getNewAssurer($user['id']);
85
86 // only assign points whithin the limit
87 if ($user['points'] + $assurance['awarded'] > self::MAX_ASSURANCE_POINTS){
88 $assurance['points'] = self::MAX_ASSURANCE_POINTS - $user['points'];
89 } else {
90 $assurance['points'] = $assurance['awarded'];
91 }
92
93 $this->db->insert('notary', $assurance);
94
95 $user['points'] += $assurance['points'];
96 $this->view->assurancesDone[] = $assurance['points'];
97 } while ($quantity > 0);
98
99
100 // Fix the assurer flag
101 $query = 'UPDATE `users` SET `assurer` = 1 WHERE `users`.`id` = :user AND '.
102
103 'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
104 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
105 '`cp`.`user_id` = :user) AND '.
106
107 '(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '.
108 '`expire` < now()) >= 100';
109 $query_params['user'] = $user['id'];
110 $this->db->query($query, $query_params);
111
112 return;
113 }
114
115 /**
116 * Get the first assurer who didn't already assure the user
117 *
118 * @param int $user_id The ID of the user who should get assured
119 * @return int The ID of the selected assurer
120 */
121 protected function getNewAssurer($user_id)
122 {
123 $query = 'select min(`id`) as `assurer` from `users` ' .
124 'where `email` like \'john.doe-___@example.com\' and ' .
125 '`id` not in (select `from` from `notary` where `to` = :user)';
126 $query_params['user'] = $user_id;
127 $row = $this->db->query($query, $query_params)->fetch();
128
129 if ($row['assurer'] === NULL) {
130 throw new Exception(__METHOD__ . ': no more assurers that haven\'t '.
131 'already assured this account');
132 }
133
134 return $row['assurer'];
135 }
136
137 protected function getAssuranceForm()
138 {
139 $form = new Zend_Form();
140 $form->setAction('/manage-account/assurance')->setMethod('post');
141
142 $quantity = new Zend_Form_Element_Text('quantity');
143 $quantity->setRequired(true)
144 ->setLabel(I18n::_('Number of Points'))
145 ->addFilter(new Zend_Filter_Int())
146 ->addValidator(new Zend_Validate_Between(0, 100));
147 $form->addElement($quantity);
148
149 $location = new Zend_Form_Element_Text('location');
150 $location->setRequired(true)
151 ->setLabel(I18n::_('Location'))
152 ->setValue(I18n::_('CAcert Test Manager'))
153 ->addValidator(new Zend_Validate_StringLength(1,255));
154 $form->addElement($location);
155
156 $date = new Zend_Form_Element_Text('date');
157 $date->setRequired(true)
158 ->setLabel(I18n::_('Date of Assurance'))
159 ->setValue(date('Y-m-d H:i:s'))
160 ->addValidator(new Zend_Validate_StringLength(1,255));
161 $form->addElement($date);
162
163 $submit = new Zend_Form_Element_Submit('submit');
164 $submit->setLabel(I18n::_('Assure Me'));
165 $form->addElement($submit);
166
167 return $form;
168 }
169 }