Add left navigation for the ManageAccountController
[cacert-mgr.git] / manager / application / controllers / ManageAccountController.php
1 <?php
2 /**
3 * @author Michael Tänzer
4 */
5
6 class ManageAccountController extends Zend_Controller_Action
7 {
8 const MAX_POINTS_PER_ASSURANCE = 35;
9 const MAX_ASSURANCE_POINTS = 100;
10 const MAX_POINTS_TOTAL = 150;
11 const ADMIN_INCREASE_FRAGMENT_SIZE = 2;
12
13 // Value used in the database to identify a admin increase
14 const ADMIN_INCREASE_METHOD = 'Administrative Increase';
15
16 protected $db;
17
18 public function init()
19 {
20 $config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/application.ini',
21 APPLICATION_ENV);
22
23 $this->db = Zend_Db::factory($config->ca_mgr->db->auth->pdo,
24 $config->ca_mgr->db->auth);
25
26 // Build the left navigation
27 $actions = array();
28 $actions['assurance'] = I18n::_('Automated Assurance');
29 $actions['admin-increase'] = I18n::_('Administrative Increase');
30 $actions['assurer-challenge'] = I18n::_('Assurer Challenge');
31 $url = array('controller' => 'manage-account');
32 foreach ($actions as $action => $label) {
33 $url['action'] = $action;
34 $link = '<a href="'.$this->view->url($url, 'default', true).'">'.
35 $label . '</a>';
36 $this->view->leftNav($link);
37 }
38
39 }
40
41 public function indexAction()
42 {
43 // Just render the view
44 return;
45 }
46
47 public function assuranceAction()
48 {
49 // Validate form
50 $form = $this->getAssuranceForm();
51 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
52 $this->view->assurance_form = $form;
53 return $this->render('assuranceform');
54 }
55
56 // Form is valid -> get values for processing
57 $values = $form->getValues();
58
59 // Get user data
60 $user['id'] = $this->getUserId();
61 $user['points'] = $this->getPoints($user['id']);
62
63
64 // Do the actual assurances
65 $assurance = array(); // Make sure the array is empty
66 $assurance['to'] = $user['id'];
67 $assurance['location'] = $values['location'];
68 $assurance['date'] = $values['date'];
69 $assurance['when'] = new Zend_Db_Expr('now()');
70 $this->view->assurancesDone = array();
71
72 $quantity = $values['quantity'];
73 do {
74 // split up into multiple assurances
75 if ($quantity > self::MAX_POINTS_PER_ASSURANCE) {
76 $assurance['awarded'] = self::MAX_POINTS_PER_ASSURANCE;
77 $quantity -= self::MAX_POINTS_PER_ASSURANCE;
78 } else {
79 $assurance['awarded'] = $quantity;
80 $quantity = 0;
81 }
82
83 // Get the assurer for this assurance
84 $assurance['from'] = $this->getNewAssurer($user['id']);
85
86 // only assign points whithin the limit
87 if ($user['points'] + $assurance['awarded'] > self::MAX_ASSURANCE_POINTS){
88 $assurance['points'] = self::MAX_ASSURANCE_POINTS - $user['points'];
89 } else {
90 $assurance['points'] = $assurance['awarded'];
91 }
92
93 $this->db->insert('notary', $assurance);
94
95 $user['points'] += $assurance['points'];
96 $this->view->assurancesDone[] = $assurance['points'];
97 } while ($quantity > 0);
98
99
100 // Maybe user is now assurer
101 $this->fixAssurerFlag($user['id']);
102
103 return;
104 }
105
106 public function adminIncreaseAction()
107 {
108 // Validate form
109 $form = $this->getAdminIncreaseForm();
110 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
111 $this->view->admin_increase_form = $form;
112 return $this->render('admin-increase-form');
113 }
114
115 // Form is valid -> get values for processing
116 $values = $form->getValues();
117
118 // Get user data
119 $user['id'] = $this->getUserId();
120 $user['points'] = $this->getPoints($user['id']);
121
122
123 // Do the actual increase
124 $increase = array(); // Make sure the array is empty
125 $increase['from'] = $user['id'];
126 $increase['to'] = $user['id'];
127 $increase['location'] = $values['location'];
128 $increase['date'] = $values['date'];
129 $increase['method'] = self::ADMIN_INCREASE_METHOD;
130 $increase['when'] = new Zend_Db_Expr('now()');
131 $this->view->adminIncreasesDone = array();
132
133 $quantity = $values['quantity'];
134 do {
135 // Split up into multiple increases if fragment flag is set
136 if ($values['fragment'] == '1' &&
137 $quantity > self::ADMIN_INCREASE_FRAGMENT_SIZE) {
138 $increase['awarded'] = self::ADMIN_INCREASE_FRAGMENT_SIZE;
139 $quantity -= self::ADMIN_INCREASE_FRAGMENT_SIZE;
140 } else {
141 $increase['awarded'] = $quantity;
142 $quantity = 0;
143 }
144
145 // Only assign points within the limit if unlimited flag is not set
146 if ($values['unlimited'] != '1') {
147 if ($user['points'] >= self::MAX_POINTS_TOTAL) {
148 // No more administrative increases should be done
149 break;
150 } elseif ($user['points'] + $increase['awarded'] > self::MAX_POINTS_TOTAL) {
151 $increase['awarded'] = self::MAX_POINTS_TOTAL - $user['points'];
152 }
153 }
154
155 // Admin increases always have `points` == `awarded`
156 $increase['points'] = $increase['awarded'];
157
158 $this->db->insert('notary', $increase);
159
160 $user['points'] += $increase['points'];
161 $this->view->adminIncreasesDone[] = $increase['points'];
162 } while ($quantity > 0);
163
164 // Maybe user is now assurer
165 $this->fixAssurerFlag($user['id']);
166
167 return;
168 }
169
170
171 public function assurerChallengeAction()
172 {
173 // Validate form
174 $form = $this->getAssurerChallengeForm();
175 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
176 $this->view->assurer_challenge_form = $form;
177 return $this->render('assurer-challenge-form');
178 }
179
180 // Form is valid -> get values for processing
181 $values = $form->getValues();
182
183 // Get user data
184 $user['id'] = $this->getUserId();
185
186 // Assign the assurer challenge
187 $challenge = array(); // Make sure the array is empty
188 $challenge['user_id'] = $user['id'];
189 $challenge['variant_id'] = $values['variant'];
190 $challenge['pass_date'] = date('Y-m-d H:i:s');
191 $this->db->insert('cats_passed', $challenge);
192
193 // Maybe user is now assurer
194 $this->fixAssurerFlag($user['id']);
195
196 return;
197 }
198
199 /**
200 * Get and check the user ID of the current user
201 *
202 * @return int The ID of the current user
203 */
204 protected function getUserId()
205 {
206 $session = Zend_Registry::get('session');
207 if ($session->authdata['authed'] !== true) {
208 throw new Exception(__METHOD__ . ': you need to log in to use this feature');
209 }
210
211 // Check if the ID is present on the test server
212 $query = 'select `id` from `users` where `id` = :user';
213 $query_params['user'] = $session->authdata['authed_id'];
214 $result = $this->db->query($query, $query_params);
215 if ($result->rowCount() !== 1) {
216 throw new Exception(__METHOD__ . ': user ID not found in the data base');
217 }
218 $row = $result->fetch();
219
220 return $row['id'];
221 }
222
223 /**
224 * Get current points of the user
225 *
226 * @param int $user_id ID of the user
227 * @return int the amount of points the user currently has
228 */
229 protected function getPoints($user_id)
230 {
231 $query = 'select sum(`points`) as `total` from `notary` where `to` = :user';
232 $query_params['user'] = $user_id;
233 $row = $this->db->query($query, $query_params)->fetch();
234 if ($row['total'] === NULL) $row['total'] = 0;
235
236 return $row['total'];
237 }
238
239 /**
240 * Get the first assurer who didn't already assure the user
241 *
242 * @param int $user_id The ID of the user who should get assured
243 * @return int The ID of the selected assurer
244 */
245 protected function getNewAssurer($user_id)
246 {
247 $query = 'select min(`id`) as `assurer` from `users` ' .
248 'where `email` like \'john.doe-___@example.com\' and ' .
249 '`id` not in (select `from` from `notary` where `to` = :user)';
250 $query_params['user'] = $user_id;
251 $row = $this->db->query($query, $query_params)->fetch();
252
253 if ($row['assurer'] === NULL) {
254 throw new Exception(__METHOD__ . ': no more assurers that haven\'t '.
255 'already assured this account');
256 }
257
258 return $row['assurer'];
259 }
260
261 /**
262 * Fix the assurer flag for the given user
263 *
264 * @param $user_id ID of the user
265 */
266 protected function fixAssurerFlag($user_id)
267 {
268 // TODO: unset flag if requirements are not met
269
270 $query = 'UPDATE `users` SET `assurer` = 1 WHERE `users`.`id` = :user AND '.
271
272 'EXISTS(SELECT * FROM `cats_passed` AS `cp`, `cats_variant` AS `cv` '.
273 'WHERE `cp`.`variant_id` = `cv`.`id` AND `cv`.`type_id` = 1 AND '.
274 '`cp`.`user_id` = :user) AND '.
275
276 '(SELECT SUM(`points`) FROM `notary` WHERE `to` = :user AND '.
277 '`expire` < now()) >= 100';
278 $query_params['user'] = $user_id;
279 $this->db->query($query, $query_params);
280 }
281
282 protected function getAssuranceForm()
283 {
284 $form = new Zend_Form();
285 $form->setAction('/manage-account/assurance')->setMethod('post');
286
287 $quantity = new Zend_Form_Element_Text('quantity');
288 $quantity->setRequired(true)
289 ->setLabel(I18n::_('Number of Points'))
290 ->addFilter(new Zend_Filter_Int())
291 ->addValidator(new Zend_Validate_Between(0, 100));
292 $form->addElement($quantity);
293
294 $location = new Zend_Form_Element_Text('location');
295 $location->setRequired(true)
296 ->setLabel(I18n::_('Location'))
297 ->setValue(I18n::_('CAcert Test Manager'))
298 ->addValidator(new Zend_Validate_StringLength(1,255));
299 $form->addElement($location);
300
301 $date = new Zend_Form_Element_Text('date');
302 $date->setRequired(true)
303 ->setLabel(I18n::_('Date of Assurance'))
304 ->setValue(date('Y-m-d H:i:s'))
305 ->addValidator(new Zend_Validate_StringLength(1,255));
306 $form->addElement($date);
307
308 $submit = new Zend_Form_Element_Submit('submit');
309 $submit->setLabel(I18n::_('Assure Me'));
310 $form->addElement($submit);
311
312 return $form;
313 }
314
315 protected function getAdminIncreaseForm()
316 {
317 $form = new Zend_Form();
318 $form->setAction('/manage-account/admin-increase')->setMethod('post');
319
320 $quantity = new Zend_Form_Element_Text('quantity');
321 $quantity->setRequired(true)
322 ->setLabel(I18n::_('Number of Points'))
323 ->addFilter(new Zend_Filter_Int())
324 ->addValidator(new Zend_Validate_GreaterThan(0));
325 $form->addElement($quantity);
326
327 $fragment = new Zend_Form_Element_Checkbox('fragment');
328 $fragment->setLabel(I18n::_('Split into 2-Point Fragments'))
329 ->setChecked(true);
330 $form->addElement($fragment);
331
332 $unlimited = new Zend_Form_Element_Checkbox('unlimited');
333 $unlimited->setLabel(I18n::_('Assign Points even if the Limit of 150 '.
334 'is exceeded'))
335 ->setChecked(false);
336 $form->addElement($unlimited);
337
338 $location = new Zend_Form_Element_Text('location');
339 $location->setRequired(true)
340 ->setLabel(I18n::_('Location'))
341 ->setValue(I18n::_('CAcert Test Manager'))
342 ->addValidator(new Zend_Validate_StringLength(1,255));
343 $form->addElement($location);
344
345 $date = new Zend_Form_Element_Text('date');
346 $date->setRequired(true)
347 ->setLabel(I18n::_('Date of Increase'))
348 ->setValue(date('Y-m-d H:i:s'))
349 ->addValidator(new Zend_Validate_StringLength(1,255));
350 $form->addElement($date);
351
352 $submit = new Zend_Form_Element_Submit('submit');
353 $submit->setLabel(I18n::_('Give Me Points'));
354 $form->addElement($submit);
355
356 return $form;
357 }
358
359 protected function getAssurerChallengeForm()
360 {
361 $form = new Zend_Form();
362 $form->setAction('/manage-account/assurer-challenge')
363 ->setMethod('post');
364
365 $variant = new Zend_Form_Element_Select('variant');
366 $variant->setLabel(I18n::_('Variant'));
367 // Get the available variants from the database
368 $query = 'select `id`, `test_text` from `cats_variant`
369 where `type_id` = 1';
370 $options = $this->db->fetchPairs($query);
371 $variant->setOptions($options)
372 ->setRequired(true);
373 $form->addElement($variant);
374
375 $submit = new Zend_Form_Element_Submit('submit');
376 $submit->setLabel(I18n::_('Challenge Me'));
377 $form->addElement($submit);
378
379 return $form;
380 }
381 }