f0701b48714ee856fe8305e479a5550f54bd7801
[cacert-mgr.git] / manager / application / controllers / ManageAccountController.php
1 <?php
2 /**
3 * @author Michael Tänzer
4 */
5
6 class ManageAccountController extends Zend_Controller_Action
7 {
8 const MAX_POINTS_PER_ASSURANCE = 35;
9 const MAX_POINTS_TOTAL = 150;
10 const ADMIN_INCREASE_FRAGMENT_SIZE = 2;
11
12 // Value used in the database to identify a admin increase
13 const ADMIN_INCREASE_METHOD = 'Administrative Increase';
14
15 protected $db;
16
17 public function init()
18 {
19 $config = new Zend_Config_Ini(APPLICATION_PATH . '/configs/application.ini',
20 APPLICATION_ENV);
21
22 $this->db = Zend_Db::factory($config->ca_mgr->db->auth->pdo,
23 $config->ca_mgr->db->auth);
24
25 // Build the left navigation
26 $actions = array();
27 $actions['assurance'] = I18n::_('Automated Assurance');
28 $actions['admin-increase'] = I18n::_('Administrative Increase');
29 $actions['assurer-challenge'] = I18n::_('Assurer Challenge');
30 $actions['flags'] = I18n::_('Set Flags');
31 $url = array('controller' => 'manage-account');
32 foreach ($actions as $action => $label) {
33 $url['action'] = $action;
34 $link = '<a href="'.$this->view->url($url, 'default', true).'">'.
35 $label . '</a>';
36 $this->view->leftNav($link);
37 }
38
39 }
40
41 public function indexAction()
42 {
43 // Just render the view
44 return;
45 }
46
47 public function assuranceAction()
48 {
49 // Validate form
50 $form = $this->getAssuranceForm();
51 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
52 $this->view->assurance_form = $form;
53 return $this->render('assuranceform');
54 }
55
56 // Form is valid -> get values for processing
57 $values = $form->getValues();
58
59 // Get the current user
60 $user = Application_Model_User::findCurrentUser();
61
62 $this->view->assurancesDone = array();
63 $quantity = $values['quantity'];
64 do {
65 // split up into multiple assurances
66 if ($quantity > self::MAX_POINTS_PER_ASSURANCE) {
67 $points = self::MAX_POINTS_PER_ASSURANCE;
68 $quantity -= self::MAX_POINTS_PER_ASSURANCE;
69 } else {
70 $points = $quantity;
71 $quantity = 0;
72 }
73
74 // Get the assurer for this assurance
75 $issued = $user->findNewAssurer()
76 ->assure($user, $points, $values['location'], $values['date']);
77
78 $this->view->assurancesDone[] = $issued;
79 } while ($quantity > 0);
80
81 return;
82 }
83
84 public function adminIncreaseAction()
85 {
86 // Validate form
87 $form = $this->getAdminIncreaseForm();
88 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
89 $this->view->admin_increase_form = $form;
90 return $this->render('admin-increase-form');
91 }
92
93 // Form is valid -> get values for processing
94 $values = $form->getValues();
95
96 // Get user data
97 $user['id'] = $this->getUserId();
98 $user['points'] = $this->getPoints($user['id']);
99
100
101 // Do the actual increase
102 $increase = array(); // Make sure the array is empty
103 $increase['from'] = $user['id'];
104 $increase['to'] = $user['id'];
105 $increase['location'] = $values['location'];
106 $increase['date'] = $values['date'];
107 $increase['method'] = self::ADMIN_INCREASE_METHOD;
108 $increase['when'] = new Zend_Db_Expr('now()');
109 $this->view->adminIncreasesDone = array();
110
111 $quantity = $values['quantity'];
112 do {
113 // Split up into multiple increases if fragment flag is set
114 if ($values['fragment'] == '1' &&
115 $quantity > self::ADMIN_INCREASE_FRAGMENT_SIZE) {
116 $increase['awarded'] = self::ADMIN_INCREASE_FRAGMENT_SIZE;
117 $quantity -= self::ADMIN_INCREASE_FRAGMENT_SIZE;
118 } else {
119 $increase['awarded'] = $quantity;
120 $quantity = 0;
121 }
122
123 // Only assign points within the limit if unlimited flag is not set
124 if ($values['unlimited'] != '1') {
125 if ($user['points'] >= self::MAX_POINTS_TOTAL) {
126 // No more administrative increases should be done
127 break;
128 } elseif ($user['points'] + $increase['awarded'] > self::MAX_POINTS_TOTAL) {
129 $increase['awarded'] = self::MAX_POINTS_TOTAL - $user['points'];
130 }
131 }
132
133 // Admin increases always have `points` == `awarded`
134 $increase['points'] = $increase['awarded'];
135
136 $this->db->insert('notary', $increase);
137
138 $user['points'] += $increase['points'];
139 $this->view->adminIncreasesDone[] = $increase['points'];
140 } while ($quantity > 0);
141
142 // Maybe user is now assurer
143 $this->fixAssurerFlag($user['id']);
144
145 return;
146 }
147
148
149 public function assurerChallengeAction()
150 {
151 // Validate form
152 $form = $this->getAssurerChallengeForm();
153 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
154 $this->view->assurer_challenge_form = $form;
155 return $this->render('assurer-challenge-form');
156 }
157
158 // Form is valid -> get values for processing
159 $values = $form->getValues();
160
161 // Get user data
162 $user['id'] = $this->getUserId();
163
164 // Assign the assurer challenge
165 $challenge = array(); // Make sure the array is empty
166 $challenge['user_id'] = $user['id'];
167 $challenge['variant_id'] = $values['variant'];
168 $challenge['pass_date'] = date('Y-m-d H:i:s');
169 $this->db->insert('cats_passed', $challenge);
170
171 // Maybe user is now assurer
172 $this->fixAssurerFlag($user['id']);
173
174 return;
175 }
176
177 public function flagsAction()
178 {
179 // Get user data
180 $user['id'] = $this->getUserId();
181
182 // Validate form
183 $form = $this->getFlagsForm($user['id']);
184 $this->view->flags_form = $form;
185 if (!$this->getRequest()->isPost() || !$form->isValid($_POST)) {
186 return;
187 }
188
189 $flags = array('admin', 'codesign', 'orgadmin', 'ttpadmin', 'board',
190 'locadmin', 'locked', 'assurer_blocked');
191 $update = array(); // Make sure array is empty
192 foreach ($flags as $flag) {
193 if ($form->getElement($flag)->isChecked()) {
194 $update[$flag] = 1;
195 } else {
196 $update[$flag] = 0;
197 }
198 }
199 $this->db->update('users', $update, '`id` = '.$user['id']);
200
201 return;
202 }
203
204 protected function getAssuranceForm()
205 {
206 $form = new Zend_Form();
207 $form->setAction('/manage-account/assurance')->setMethod('post');
208
209 $quantity = new Zend_Form_Element_Text('quantity');
210 $quantity->setRequired(true)
211 ->setLabel(I18n::_('Number of Points'))
212 ->addFilter(new Zend_Filter_Int())
213 ->addValidator(new Zend_Validate_Between(0, 100));
214 $form->addElement($quantity);
215
216 $location = new Zend_Form_Element_Text('location');
217 $location->setRequired(true)
218 ->setLabel(I18n::_('Location'))
219 ->setValue(I18n::_('CAcert Test Manager'))
220 ->addValidator(new Zend_Validate_StringLength(1,255));
221 $form->addElement($location);
222
223 $date = new Zend_Form_Element_Text('date');
224 $date->setRequired(true)
225 ->setLabel(I18n::_('Date of Assurance'))
226 ->setValue(date('Y-m-d H:i:s'))
227 ->addValidator(new Zend_Validate_StringLength(1,255));
228 $form->addElement($date);
229
230 $submit = new Zend_Form_Element_Submit('submit');
231 $submit->setLabel(I18n::_('Assure Me'));
232 $form->addElement($submit);
233
234 return $form;
235 }
236
237 protected function getAdminIncreaseForm()
238 {
239 $form = new Zend_Form();
240 $form->setAction('/manage-account/admin-increase')->setMethod('post');
241
242 $quantity = new Zend_Form_Element_Text('quantity');
243 $quantity->setRequired(true)
244 ->setLabel(I18n::_('Number of Points'))
245 ->addFilter(new Zend_Filter_Int())
246 ->addValidator(new Zend_Validate_GreaterThan(0));
247 $form->addElement($quantity);
248
249 $fragment = new Zend_Form_Element_Checkbox('fragment');
250 $fragment->setLabel(I18n::_('Split into 2-Point Fragments'))
251 ->setChecked(true);
252 $form->addElement($fragment);
253
254 $unlimited = new Zend_Form_Element_Checkbox('unlimited');
255 $unlimited->setLabel(I18n::_('Assign Points even if the Limit of 150 '.
256 'is exceeded'))
257 ->setChecked(false);
258 $form->addElement($unlimited);
259
260 $location = new Zend_Form_Element_Text('location');
261 $location->setRequired(true)
262 ->setLabel(I18n::_('Location'))
263 ->setValue(I18n::_('CAcert Test Manager'))
264 ->addValidator(new Zend_Validate_StringLength(1,255));
265 $form->addElement($location);
266
267 $date = new Zend_Form_Element_Text('date');
268 $date->setRequired(true)
269 ->setLabel(I18n::_('Date of Increase'))
270 ->setValue(date('Y-m-d H:i:s'))
271 ->addValidator(new Zend_Validate_StringLength(1,255));
272 $form->addElement($date);
273
274 $submit = new Zend_Form_Element_Submit('submit');
275 $submit->setLabel(I18n::_('Give Me Points'));
276 $form->addElement($submit);
277
278 return $form;
279 }
280
281 protected function getAssurerChallengeForm()
282 {
283 $form = new Zend_Form();
284 $form->setAction('/manage-account/assurer-challenge')
285 ->setMethod('post');
286
287 $variant = new Zend_Form_Element_Select('variant');
288 $variant->setLabel(I18n::_('Variant'));
289 // Get the available variants from the database
290 $query = 'select `id`, `test_text` from `cats_variant`
291 where `type_id` = 1';
292 $options = $this->db->fetchPairs($query);
293 $variant->setMultiOptions($options)
294 ->setRequired(true);
295 $form->addElement($variant);
296
297 $submit = new Zend_Form_Element_Submit('submit');
298 $submit->setLabel(I18n::_('Challenge Me'));
299 $form->addElement($submit);
300
301 return $form;
302 }
303
304 protected function getFlagsForm($user_id)
305 {
306 $form = new Zend_Form();
307 $form->setAction('/manage-account/flags')
308 ->setMethod('post');
309
310 // Get the current setting of the flags
311 $query = 'select `admin`, `codesign`, `orgadmin`, `ttpadmin`, `board`,
312 `tverify`, `locadmin`, `locked`, `assurer_blocked` from `users`
313 where `id` = :user';
314 $query_params['user'] = $user_id;
315 $result = $this->db->query($query, $query_params);
316 if ($result->rowCount() !== 1) {
317 throw new Exception(__METHOD__ . ': user ID not found in the data base');
318 }
319 $row = $result->fetch();
320
321 // Add a checkbox for each flag
322 $labels = array();
323 $labels['admin'] = I18n::_('Support Engineer');
324 $labels['codesign'] = I18n::_('Code Signing');
325 $labels['orgadmin'] = I18n::_('Organisation Admin');
326 $labels['ttpadmin'] = I18n::_('TTP Admin');
327 $labels['board'] = I18n::_('Board Member');
328 $labels['locadmin'] = I18n::_('Location Admin');
329 $labels['locked'] = I18n::_('Lock Account');
330 $labels['assurer_blocked'] = I18n::_('Block Assurer');
331
332 foreach ($labels as $flag => $label) {
333 $checkbox = new Zend_Form_Element_Checkbox($flag);
334 $checkbox->setLabel($label)
335 ->setChecked($row[$flag] === '1');
336 $form->addElement($checkbox);
337 }
338
339 $submit = new Zend_Form_Element_Submit('submit');
340 $submit->setLabel(I18n::_('Save Flags'));
341 $form->addElement($submit);
342
343 return $form;
344 }
345 }