AVSDev/sprinkle-uf-tweaks
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: AVSDev:v1.0
Branches Tags
AVSDev:main AVSDev:devel
AVSDev:v1.1.1 AVSDev:v1.1.0 AVSDev:v1.0.9 AVSDev:v1.0.8 AVSDev:v1.0.7 AVSDev:v1.0.6 AVSDev:v1.0.5 AVSDev:v1.0.4a AVSDev:v1.0.4 AVSDev:v1.0.3 AVSDev:v1.0.2 AVSDev:v1.0.1 AVSDev:v1.0
..
compare: AVSDev:4f8c26fc666ae4c72b3e5dc75a7a69bbded92a21
Branches Tags
AVSDev:devel AVSDev:main
AVSDev:v1.1.1 AVSDev:v1.1.0 AVSDev:v1.0.9 AVSDev:v1.0.8 AVSDev:v1.0.7 AVSDev:v1.0.6 AVSDev:v1.0.5 AVSDev:v1.0.4a AVSDev:v1.0.4 AVSDev:v1.0.3 AVSDev:v1.0.2 AVSDev:v1.0.1 AVSDev:v1.0

15 Commits
v1.0 ... 4f8c26fc66

Author SHA1 Message Date
Craig Williams
4f8c26fc66 Fixed account password reset request 2025-11-19 09:08:54 +00:00
Craig Williams
81841a88a6 Fixed resetting password bypasses account verification 2025-11-06 11:43:18 +00:00
Craig Williams
149c5f560a Added a scheduled task for cleaning up database sessions 2025-05-12 11:52:09 +01:00
Craig Williams
505890e384 Added a retry email service provider 2025-03-05 12:13:53 +00:00
Craig Williams
1916b626bc Added a "generic" text column template 2025-01-22 14:43:17 +00:00
Craig Williams
d2558c5f55 Hide slug button for non-admins 2024-11-25 12:12:01 +00:00
Craig Williams
97ded0eb08 Added a new authorizer method for checking a user has a permission (for use in sprinkle level access checks) 2024-11-13 16:04:04 +00:00
Craig Williams
3afcc69531 Added utility to detect mobile/table user agents server side 2024-11-12 17:07:54 +00:00
Craig Williams
75c31f0506 Handle the case where a modal errors a lot better 2023-11-03 14:50:32 +00:00
Craig Williams
9738b133d2 Make user filtering case-insensitive 2023-11-02 16:13:12 +00:00
Craig Williams
cf5d107fd5 Redirect wasn't working properly 2023-10-09 16:35:03 +01:00
Craig Williams
148d85121a Users that are already logged in (i.e. through a password reset) should be forwarded to the dashboard ONLY if they have permission, otherwise, send them back to the index page 2023-10-09 13:28:27 +01:00
Craig Williams
dc93b5f881 Added view user roles permission 2023-10-06 10:10:01 +01:00
Craig Williams
275de8c6fe Added user admin role 2023-10-06 09:54:45 +01:00
Craig Williams
aa923dbe52 Created user admin role 2023-10-06 08:56:52 +01:00
17 changed files with 917 additions and 2 deletions
Expand all files Collapse all files

3
asset-bundles.json
View File

@@ -2,7 +2,8 @@
"bundle": { "bundle": {
"js/admin": { "js/admin": {
"scripts": [ "scripts": [
"uf-tweaks/js/handlebars-helpers.js" "uf-tweaks/js/handlebars-helpers.js",
"uf-tweaks/js/modal-error-handler.js"
], ],
"options": { "options": {
"sprinkle": { "sprinkle": {

16
assets/uf-tweaks/js/modal-error-handler.js Normal file
View File

@@ -0,0 +1,16 @@
/**
* Default handling of UF modal error
*
* This script depends on uf-modal.js
*
* Target page: *
*/
$(document).ready(function() {
const handleModalError = function() {
$(this).ufModal('destroy');
$('body').on('renderError.ufModal', handleModalError);
}
$('body').on('renderError.ufModal', handleModalError);
});

3
composer.json
View File

@@ -6,5 +6,8 @@
"psr-4": { "psr-4": {
"UserFrosting\\Sprinkle\\UFTweaks\\": "src/" "UserFrosting\\Sprinkle\\UFTweaks\\": "src/"
} }
},
"require": {
"mobiledetect/mobiledetectlib": "^3.74"
} }
} }

10
config/default.php
View File

@@ -61,4 +61,14 @@ return [
'php' => [ 'php' => [
'timezone' => 'Europe/London', 'timezone' => 'Europe/London',
], ],
/*
* ----------------------------------------------------------------------
* Retry Mailer settings
* ----------------------------------------------------------------------
*/
'retry_mailer' => [
'enabled' => true,
'max_retries' => 5,
],
]; ];

17
routes/roles.php Normal file
View File

@@ -0,0 +1,17 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
use UserFrosting\Sprinkle\Core\Util\NoCache;
/*
* Routes for administrative role management.
*/
$app->group('/api/roles', function () {
$this->get('/', 'UserFrosting\Sprinkle\UFTweaks\Controller\RoleController:getList');
})->add('authGuard')->add(new NoCache());

2
routes/routes.php
View File

@@ -16,4 +16,6 @@ $app->group('/account', function () {
$this->get('/register', 'UserFrosting\Sprinkle\UFTweaks\Controller\AccountController:pageRegister') $this->get('/register', 'UserFrosting\Sprinkle\UFTweaks\Controller\AccountController:pageRegister')
->add('checkEnvironment') ->add('checkEnvironment')
->setName('register'); ->setName('register');
$this->post('/forgot-password', 'UserFrosting\Sprinkle\UFTweaks\Controller\AccountController:forgotPassword');
})->add(new NoCache()); })->add(new NoCache());

109
src/Controller/AccountController.php
View File

@@ -9,6 +9,7 @@
namespace UserFrosting\Sprinkle\UFTweaks\Controller; namespace UserFrosting\Sprinkle\UFTweaks\Controller;
use Carbon\Carbon; use Carbon\Carbon;
use Illuminate\Database\Capsule\Manager as Capsule; use Illuminate\Database\Capsule\Manager as Capsule;
use Psr\Http\Message\ResponseInterface as Response; use Psr\Http\Message\ResponseInterface as Response;
@@ -18,6 +19,9 @@ use UserFrosting\Fortress\RequestDataTransformer;
use UserFrosting\Fortress\RequestSchema; use UserFrosting\Fortress\RequestSchema;
use UserFrosting\Fortress\ServerSideValidator; use UserFrosting\Fortress\ServerSideValidator;
use UserFrosting\Sprinkle\Account\Controller\AccountController as UFAccountController; use UserFrosting\Sprinkle\Account\Controller\AccountController as UFAccountController;
use UserFrosting\Sprinkle\Account\Facades\Password;
use UserFrosting\Sprinkle\Core\Mail\EmailRecipient;
use UserFrosting\Sprinkle\Core\Mail\TwigMailMessage;
use UserFrosting\Support\Exception\BadRequestException; use UserFrosting\Support\Exception\BadRequestException;
use UserFrosting\Support\Exception\ForbiddenException; use UserFrosting\Support\Exception\ForbiddenException;
use UserFrosting\Support\Exception\NotFoundException; use UserFrosting\Support\Exception\NotFoundException;
@@ -29,6 +33,111 @@ use UserFrosting\Support\Exception\NotFoundException;
*/ */
class AccountController extends UFAccountController class AccountController extends UFAccountController
{ {
/**
* Processes a request to email a forgotten password reset link to the user.
*
* Processes the request from the form on the "forgot password" page, checking that:
* 1. The rate limit for this type of request is being observed.
* 2. The provided email address belongs to a registered account;
* 3. The submitted data is valid.
* Note that we have removed the requirement that a password reset request not already be in progress.
* This is because we need to allow users to re-request a reset, even if they lose the first reset email.
* This route is "public access".
*
* @todo require additional user information
* @todo prevent password reset requests for root account?
*
* AuthGuard: false
* Route: /account/forgot-password
* Route Name: {none}
* Request type: POST
*
* @param Request $request
* @param Response $response
* @param array $args
*/
public function forgotPassword(Request $request, Response $response, $args)
{
/** @var \UserFrosting\Sprinkle\Core\Alert\AlertStream $ms */
$ms = $this->ci->alerts;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Support\Repository\Repository $config */
$config = $this->ci->config;
// Get POST parameters
$params = $request->getParsedBody();
// Load the request schema
$schema = new RequestSchema('schema://requests/forgot-password.yaml');
// Whitelist and set parameter defaults
$transformer = new RequestDataTransformer($schema);
$data = $transformer->transform($params);
// Validate, and halt on validation errors. Failed validation attempts do not count towards throttling limit.
$validator = new ServerSideValidator($schema, $this->ci->translator);
if (!$validator->validate($data)) {
$ms->addValidationErrors($validator);
return $response->withJson([], 400);
}
// Throttle requests
/** @var \UserFrosting\Sprinkle\Core\Throttle\Throttler $throttler */
$throttler = $this->ci->throttler;
$throttleData = [
'email' => $data['email'],
];
$delay = $throttler->getDelay('password_reset_request', $throttleData);
if ($delay > 0) {
$ms->addMessageTranslated('danger', 'RATE_LIMIT_EXCEEDED', ['delay' => $delay]);
return $response->withJson([], 429);
}
// Load the user, by email address
$user = $classMapper->getClassMapping('user')::where('email', $data['email'])->first();
if ($user) {
if (!$user->flag_verified) {
$ms->addMessageTranslated('danger', 'ACCOUNT.UNVERIFIED');
return $response->withJson([], 400);
}
}
// All checks passed! log events/activities, update user, and send email
// Begin transaction - DB will be rolled back if an exception occurs
Capsule::transaction(function () use ($classMapper, $data, $throttler, $throttleData, $config, $user) {
// Log throttleable event
$throttler->logEvent('password_reset_request', $throttleData);
// Check that the email exists.
// If there is no user with that email address, we should still pretend like we succeeded, to prevent account enumeration
if ($user) {
// Try to generate a new password reset request.
// Use timeout for "reset password"
$passwordReset = $this->ci->repoPasswordReset->create($user, $config['password_reset.timeouts.reset']);
// Create and send email
$message = new TwigMailMessage($this->ci->view, 'mail/password-reset.html.twig');
$message->from($config['address_book.admin'])
->addEmailRecipient(new EmailRecipient($user->email, $user->full_name))
->addParams([
'user' => $user,
'token' => $passwordReset->getToken(),
'request_date' => Carbon::now()->format('Y-m-d H:i:s'),
]);
$this->ci->mailer->send($message);
}
});
}
/** /**
* Account settings page. * Account settings page.
* *

73
src/Controller/RoleController.php Normal file
View File

@@ -0,0 +1,73 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Controller;
use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request;
use UserFrosting\Sprinkle\Account\Database\Models\Role;
use UserFrosting\Sprinkle\Core\Controller\SimpleController;
use UserFrosting\Support\Exception\ForbiddenException;
/**
* Override role controller class to tweak the list of available user roles
*
* @author Craig Williams (craig@avsdev.uk)
*/
class RoleController extends SimpleController
{
/**
* Returns a list of Roles.
*
* Generates a list of roles, optionally paginated, sorted and/or filtered.
* This page requires authentication.
*
* Request type: GET
*
* @param Request $request
* @param Response $response
* @param array $args
*
* @throws ForbiddenException If user is not authorized to access page
*/
public function getList(Request $request, Response $response, $args)
{
// GET parameters
$params = $request->getQueryParams();
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager $authorizer */
$authorizer = $this->ci->authorizer;
/** @var \UserFrosting\Sprinkle\Core\Util\ClassMapper $classMapper */
$classMapper = $this->ci->classMapper;
/** @var \UserFrosting\Sprinkle\Account\Database\Models\Interfaces\UserInterface $currentUser */
$currentUser = $this->ci->currentUser;
// Access-controlled page
$adminRole = $authorizer->checkAccess($currentUser, 'uri_roles');
$userRole = $authorizer->checkAccess($currentUser, 'role_list');
if (!$adminRole && !$userRole) {
throw new ForbiddenException();
}
$sprunje = $classMapper->createInstance('role_sprunje', $classMapper, $params);
if ($userRole) {
$siteAdminId = Role::where('slug', 'site-admin')->first()->id;
$sprunje->extendQuery(function($query) {
$query->where('role_id', '!=', $siteAdminId);
});
}
// Be careful how you consume this data - it has not been escaped and contains untrusted user-supplied content.
// For example, if you plan to insert it into an HTML DOM, you must escape it on the client side (or use client-side templating).
return $sprunje->toResponse($response);
}
}

195
src/Database/Seeds/CreateUserAdmin.php Normal file
View File

@@ -0,0 +1,195 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Database\Seeds;
use UserFrosting\Sprinkle\Account\Database\Seeds\DefaultPermissions as UFDefaultPermissions;
use UserFrosting\Sprinkle\Account\Database\Models\Permission;
use UserFrosting\Sprinkle\Account\Database\Models\Role;
use UserFrosting\Sprinkle\Core\Database\Seeder\BaseSeed;
use UserFrosting\Sprinkle\Core\Facades\Seeder;
/**
* Seeder to create the user admin
*/
class CreateUserAdmin extends BaseSeed
{
/**
* {@inheritdoc}
*/
public function run()
{
Seeder::execute('DefaultPermissions');
$roles = $this->getRoles();
$this->saveRoles($roles);
$newPermissions = $this->getNewPermissions();
$this->savePermissions($newPermissions);
$permissions = $this->getPermissions();
$this->syncPermissionsRole($roles, array_merge($newPermissions, $permissions));
}
/**
* @return array Roles to seed
*/
protected function getRoles()
{
return [
'user-admin' => new Role([
'slug' => 'user-admin',
'name' => 'User Administrator',
'description' => 'This role is meant for "user administrators", who can basically do anything related to users.',
]),
];
}
/**
* Save roles.
*
* @param array $roles
*/
protected function saveRoles(array &$roles)
{
foreach ($roles as $slug => $role) {
// Trying to find if the role already exist
$existingRole = Role::where(['slug' => $role->slug])->first();
// Don't save if already exist, use existing role reference
// otherwise to re-sync permissions and roles
if ($existingRole == null) {
$role->save();
} else {
$roles[$slug] = $existingRole;
}
}
}
/**
* Save permissions.
*
* @param array $permissions
*/
protected function savePermissions(array &$permissions)
{
foreach ($permissions as $slug => $permission) {
// Trying to find if the permission already exist
$existingPermission = Permission::where(['slug' => $permission->slug, 'conditions' => $permission->conditions])->first();
// Don't save if already exist, use existing permission reference
// otherwise to re-sync permissions and roles
if ($existingPermission == null) {
$permission->save();
} else {
$permissions[$slug] = $existingPermission;
}
}
}
/**
* @return array Permissions to seed
*/
protected function getNewPermissions()
{
$defaultRoleIds = [
'user' => Role::where('slug', 'user')->first()->id,
'group-admin' => Role::where('slug', 'group-admin')->first()->id,
'site-admin' => Role::where('slug', 'site-admin')->first()->id,
'user-admin' => Role::where('slug', 'user-admin')->first()->id,
];
return [
'update_user_roles' => new Permission([
'slug' => 'update_user_field',
'name' => 'Edit user',
'conditions' => "!has_role(user.id,{$defaultRoleIds['site-admin']}) && subset(fields,['roles'])",
'description' => 'Edit role for users who are not Site Administrators.',
]),
'view_user_roles' => new Permission([
'slug' => 'view_user_field',
'name' => 'View user',
'conditions' => "in(property,['roles'])",
'description' => 'View roles of any user.',
]),
'role_list' => new Permission([
'slug' => 'role_list',
'name' => 'List of roles',
'conditions' => "has_role(self.id,{$defaultRoleIds['user-admin']})",
'description' => 'Retrieve the list of roles.',
]),
];
}
/**
* @return array Permissions to seed
*/
protected function getPermissions()
{
$defaultRoleIds = [
'user' => Role::where('slug', 'user')->first()->id,
'group-admin' => Role::where('slug', 'group-admin')->first()->id,
'site-admin' => Role::where('slug', 'site-admin')->first()->id,
];
return [
'uri_dashboard' => Permission::where([
['slug', 'uri_dashboard'],
['conditions', 'always()']
])->first(),
'uri_user' => Permission::where([
['slug', 'uri_user'],
['conditions', 'always()']
])->first(),
'uri_users' => Permission::where([
['slug', 'uri_users'],
['conditions', 'always()']
])->first(),
'create_user' => Permission::where([
['slug', 'create_user']
])->first(),
'view_user_field' => Permission::where([
['slug', 'view_user_field']
])->first(),
'update_user_field' => Permission::where([
['slug', 'update_user_field']
])->first(),
'delete_user' => Permission::where([
['slug', 'delete_user']
])->first(),
];
}
/**
* Sync permissions with default roles.
*
* @param array $permissions
*/
protected function syncPermissionsRole(array $roles, array $permissions)
{
$roles['user-admin']->permissions()->syncWithoutDetaching([
$permissions['uri_dashboard']->id,
$permissions['uri_user']->id,
$permissions['uri_users']->id,
$permissions['role_list']->id,
$permissions['view_user_roles']->id,
$permissions['update_user_roles']->id,
$permissions['create_user']->id,
$permissions['view_user_field']->id,
$permissions['update_user_field']->id,
$permissions['delete_user']->id,
]);
}
}

133
src/Jobs/RetryEmail.php Normal file
View File

@@ -0,0 +1,133 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Jobs;
use Psr\Container\ContainerInterface;
use UserFrosting\Sprinkle\Worker\Jobs\JobBase;
use UserFrosting\Sprinkle\Core\Mail\StaticMailMessage;
use UserFrosting\Sprinkle\Core\Mail\EmailRecipient;
/**
* Retry email job class
*
* @author Craig Williams (https://avsdev.uk)
*/
class RetryEmail extends JobBase
{
protected $message = null;
protected $retries = 0;
/**
* Constructor.
*
* @param StaticMailMessage $mailMessage
*/
public function __construct(StaticMailMessage $mailMessage = null)
{
if ($mailMessage) {
$this->message = $mailMessage;
}
}
/**
* {@inheritdoc}
*/
public function setParams(array $params)
{
$mailMessage = new StaticMailMessage();
$mailMessage->setFromEmail($params['from_email']);
$mailMessage->setFromName($params['from_name']);
$mailMessage->setReplyEmail($params['reply_email']);
$mailMessage->setReplyName($params['reply_name']);
foreach ($params['recipients'] as $recipient) {
$mailRecipient = new EmailRecipient(
$recipient['email'],
$recipient['name'],
$recipient['params']
);
foreach ($recipient['ccs'] as $cc) {
$mailRecipient->cc($cc['email'], $cc['name']);
}
foreach ($recipient['bccs'] as $bcc) {
$mailRecipient->bcc($bcc['email'], $bcc['name']);
}
$mailMessage->addEmailRecipient($mailRecipient);
}
$mailMessage->setSubject($params['subject']);
$mailMessage->setBody($params['body']);
$this->message = $mailMessage;
$this->retries = $params['retries'];
}
/**
* {@inheritdoc}
*/
public function getParams()
{
$recipients = [];
foreach ($this->message->getRecipients() as $recipient) {
$recipients[] = [
'email' => $recipient->getEmail(),
'name' => $recipient->getName(),
'params' => $recipient->getParams(),
'ccs' => $recipient->getCCs(),
'bccs' => $recipient->getBCCs(),
];
}
return [
'from_email' => $this->message->getFromEmail(),
'from_name' => $this->message->getFromName(),
'reply_email' => $this->message->getReplyEmail(),
'reply_name' => $this->message->getReplyName(),
'recipients' => $recipients,
'subject' => $this->message->renderSubject(),
'body' => $this->message->renderBody(),
'retries' => $this->retries,
];
}
/**
* Attempt to re-send the email up to a maximum number of times specified in the config
*/
public function run() {
try {
static::$ci->mailer->send($this->message, false, true);
} catch (\PHPMailer\PHPMailer\Exception $e) {
$this->retries = $this->retries + 1;
if ($this->retries < static::$ci->config['retry_mailer.max_retries']) {
$this->queue();
} else {
$allParams = $this->getParams();
$allParams['body'] = null;
static::$ci->errorLogger->error(
"Maximum retries exceeded when attempting to send email:",
$allParams
);
}
}
return true;
}
/**
* Terminate the current job
*/
public function terminate() {
// Nothing to do
}
}

122
src/Mail/RetryMailer.php Normal file
View File

@@ -0,0 +1,122 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Mail;
use UserFrosting\Sprinkle\Core\Mail\EmailRecipient;
use UserFrosting\Sprinkle\Core\Mail\Mailer;
use UserFrosting\Sprinkle\Core\Mail\MailMessage;
use UserFrosting\Sprinkle\Core\Mail\StaticMailMessage;
use UserFrosting\Sprinkle\UFTweaks\Jobs\RetryEmail;
/**
* Extends UF Mailer class to add retry function to sending mail via scheduler.
*
* This class should *only* be used in production once it is confirmed that email configuration works.
*
* @author Craig Williams (craig@avsdev.uk)
*/
class RetryMailer extends Mailer
{
protected function queueRetry(MailMessage $message, EmailRecipient $recipient = null) {
// Queue for resending
$retryMailMessage = new StaticMailMessage();
$retryMailMessage->setFromEmail($message->getFromEmail());
$retryMailMessage->setFromName($message->getFromName());
$retryMailMessage->setReplyEmail($message->getReplyEmail());
$retryMailMessage->setReplyName($message->getReplyName());
if ($recipient) {
$retryMailMessage->addEmailRecipient($recipient);
$retryMailMessage->setSubject($message->renderSubject($recipient->getParams()));
$retryMailMessage->setBody($message->renderBody($recipient->getParams()));
} else {
foreach ($message->getRecipients() as $recipientLoop) {
$retryMailMessage->addEmailRecipient($recipientLoop);
}
$retryMailMessage->setSubject($message->renderSubject());
$retryMailMessage->setBody($message->renderBody());
}
$retry = new RetryEmail($retryMailMessage);
$retry->queue();
}
/**
* Send a MailMessage message.
*
* Sends a single email to all recipients, as well as their CCs and BCCs.
* Since it is a single-header message, recipient-specific template data will not be included.
*
* @param MailMessage $message
* @param bool $clearRecipients Set to true to clear the list of recipients in the message after calling send(). This helps avoid accidentally sending a message multiple times.
*
* @throws phpmailerException The message could not be sent.
*/
public function send(MailMessage $message, $clearRecipients = true, $disableRetry = false)
{
try {
return parent::send($message, $clearRecipients);
} catch(\PHPMailer\PHPMailer\Exception $e) {
if (!$disableRetry) {
$this->queueRetry($message);
} else {
throw $e;
}
} finally {
// Clear recipients from the PHPMailer object for this iteration,
// so that we can send a separate email to the next recipient.
$this->phpMailer->clearAllRecipients();
}
// Clear out the MailMessage's internal recipient list if requested
if ($clearRecipients) {
$message->clearRecipients();
}
}
/**
* Send a MailMessage message, sending a separate email to each recipient.
*
* If the message object supports message templates, this will render the template with the corresponding placeholder values for each recipient.
*
* @param MailMessage $message
* @param bool $clearRecipients Set to true to clear the list of recipients in the message after calling send(). This helps avoid accidentally sending a message multiple times.
*
* @throws phpmailerException The message could not be sent.
*/
public function sendDistinct(MailMessage $message, $clearRecipients = true, $disableRetry = false)
{
$allRecipients = $message->getRecipients();
$message->clearRecipients();
foreach ($allRecipients as $recipient) {
$message->addEmailRecipient($recipient);
try {
return parent::sendDistinct($message, $clearRecipients);
} catch (\PHPMailer\PHPMailer\Exception $e) {
if (!$disableRetry) {
$this->queueRetry($message, $recipient);
} else {
throw $e;
}
} finally {
// Clear recipients from the PHPMailer object for this iteration,
// so that we can send a separate email to the next recipient.
$this->phpMailer->clearAllRecipients();
}
$message->clearRecipients();
}
if (!$clearRecipients) {
foreach ($allRecipients as $recipient) {
$message->addEmailRecipient($recipient);
}
}
}
}

43
src/Scheduler/Tasks/CleanupSessions.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Scheduler\Tasks;
use Carbon\Carbon;
use Illuminate\Database\Capsule\Manager as Capsule;
use UserFrosting\Sprinkle\Scheduler\Scheduler\BaseTask;
use UserFrosting\Sprinkle\Core\Database\Models\Session;
/**
* Daily task to clean expired sessions from the database
*
* @author Craig Williams (https://avsdev.uk)
*/
class CleanupSessions extends BaseTask
{
/**
* Function used to specify the schedule for the task.
*/
public function schedule()
{
$this->daily()->at("23:00");
}
/**
* Function used to specify what the task does.
*/
public function run()
{
// Remove sessions over 2 days old
Session::where('last_activity', '<', time()-(60*60*48))->delete();
return true;
}
}

74
src/ServicesProvider/ServicesProvider.php
View File

@@ -9,6 +9,7 @@
namespace UserFrosting\Sprinkle\UFTweaks\ServicesProvider; namespace UserFrosting\Sprinkle\UFTweaks\ServicesProvider;
use Illuminate\Database\Capsule\Manager as Capsule;
use Monolog\Formatter\LineFormatter; use Monolog\Formatter\LineFormatter;
use Monolog\Handler\StreamHandler; use Monolog\Handler\StreamHandler;
use Monolog\Logger; use Monolog\Logger;
@@ -17,6 +18,8 @@ use Psr\Http\Message\ResponseInterface as Response;
use Psr\Http\Message\ServerRequestInterface as Request; use Psr\Http\Message\ServerRequestInterface as Request;
use UserFrosting\Sprinkle\Core\Log\MixedFormatter; use UserFrosting\Sprinkle\Core\Log\MixedFormatter;
use UserFrosting\Sprinkle\UFTweaks\Twig\HasRoleExtension; use UserFrosting\Sprinkle\UFTweaks\Twig\HasRoleExtension;
use UserFrosting\Sprinkle\UFTweaks\Twig\MobileDetectExtension;
use UserFrosting\Sprinkle\UFTweaks\Mail\RetryMailer;
/** /**
@@ -43,10 +46,40 @@ class ServicesProvider
$container->extend('classMapper', function ($classMapper, $c) { $container->extend('classMapper', function ($classMapper, $c) {
$classMapper->setClassMapping('activity_sprunje', 'UserFrosting\Sprinkle\UFTweaks\Sprunje\ActivitySprunje'); $classMapper->setClassMapping('activity_sprunje', 'UserFrosting\Sprinkle\UFTweaks\Sprunje\ActivitySprunje');
$classMapper->setClassMapping('user', 'UserFrosting\Sprinkle\UFTweaks\Database\Models\User'); $classMapper->setClassMapping('user', 'UserFrosting\Sprinkle\UFTweaks\Database\Models\User');
$classMapper->setClassMapping('user_sprunje', 'UserFrosting\Sprinkle\Organisations\Sprunje\UserSprunje');
return $classMapper; return $classMapper;
}); });
/*
* Returns a callback that forwards to dashboard if user is already logged in.
*
* @return callable
*/
$container['redirect.onAlreadyLoggedIn'] = function ($c) {
/*
* This method is invoked when a user attempts to perform certain public actions when they are already logged in.
*
* @todo Forward to user's landing page or last visited page
* @param \Psr\Http\Message\ServerRequestInterface $request
* @param \Psr\Http\Message\ResponseInterface $response
* @param array $args
* @return \Psr\Http\Message\ResponseInterface
*/
return function (Request $request, Response $response, array $args) use ($c) {
/** @var \UserFrosting\Sprinkle\Account\Authorize\AuthorizationManager */
$authorizer = $c->authorizer;
$currentUser = $c->authenticator->user();
if ($authorizer->checkAccess($currentUser, 'uri_dashboard')) {
return $response->withRedirect($c->router->pathFor('dashboard'));
} else {
return $response->withRedirect($c->router->pathFor('index'));
}
};
};
/* /*
* Returns a callback that handles setting the `UF-Redirect` header after a successful login. * Returns a callback that handles setting the `UF-Redirect` header after a successful login.
* *
@@ -120,6 +153,25 @@ class ServicesProvider
} }
); );
/*
* Check if the specified user (by user_id) has a particular permission.
*
* @param int $user_id the id of the user.
* @param int $permission_slug slug of the permission to check.
* @return bool true if the user has the permission, false otherwise.
*/
$authorizer->addCallback(
'has_permission',
function ($user_id, $permission_slug) {
return Capsule::table('role_users')
->join('permission_roles', 'role_users.role_id', '=', 'permission_roles.role_id')
->join('permissions', 'permission_roles.permission_id', '=', 'permissions.id')
->where('user_id', $user_id)
->where('slug', $permission_slug)
->count() > 0;
}
);
return $authorizer; return $authorizer;
}); });
@@ -132,6 +184,7 @@ class ServicesProvider
$twig = $view->getEnvironment(); $twig = $view->getEnvironment();
$twig->addExtension(new HasRoleExtension($c)); $twig->addExtension(new HasRoleExtension($c));
$twig->addExtension(new MobileDetectExtension($c));
return $view; return $view;
}); });
@@ -157,5 +210,26 @@ class ServicesProvider
return $logger; return $logger;
}; };
/*
* Mail service.
*
* @return \UserFrosting\Sprinkle\Core\Mail\Mailer
* @return \UserFrosting\Sprinkle\UFTweaks\Mail\RetryMailer
*/
$container->extend('mailer', function ($mailer, $c) {
if (!$c->config['retry_mailer.enabled']) {
return $mailer;
}
$retryMailer = new RetryMailer($c->mailLogger, $c->config['mail']);
// Use UF debug settings to override any service-specific log settings.
if (!$c->config['debug.smtp']) {
$retryMailer->getPhpMailer()->SMTPDebug = 0;
}
return $retryMailer;
});
} }
} }

48
src/Sprunje/UserSprunje.php Normal file
View File

@@ -0,0 +1,48 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Sprunje;
use Illuminate\Database\Schema\Builder;
use UserFrosting\Sprinkle\Admin\Sprunje\UserSprunje as UFUserSprunje;
/**
* UserSprunje.
*
* Extends User sprunje to make name filtering case-insensitive and include username
*
* @author Craig Williams (https://avsdev.uk)
*/
class UserSprunje extends UFUserSprunje
{
/**
* Filter LIKE the first name, last name, or email.
*
* @param Builder $query
* @param mixed $value
*
* @return self
*/
protected function filterName($query, $value)
{
// Split value on separator for OR queries
$values = explode($this->orSeparator, $value);
$query->where(function ($query) use ($values) {
foreach ($values as $value) {
$likeValue = '%' . mb_strtolower($value) . '%';
$query->orWhereRaw('LOWER(first_name) LIKE ?', $likeValue)
->orWhereRaw('LOWER(last_name) LIKE ?', $likeValue)
->orWhereRaw('LOWER(email) LIKE ?', $likeValue)
->orWhereRaw('LOWER(user_name) LIKE ?', $likeValue);
}
});
return $this;
}
}

60
src/Twig/MobileDetectExtension.php Normal file
View File

@@ -0,0 +1,60 @@
<?php
/*
* AVSDev UF Tweaks (https://avsdev.uk)
*
* @link https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks
* @license https://git.avsdev.uk/avsdev/sprinkle-uf-tweaks/blob/master/LICENSE.md (LGPL-3.0 License)
*/
namespace UserFrosting\Sprinkle\UFTweaks\Twig;
use Detection\MobileDetect;
use Psr\Container\ContainerInterface;
use Twig\Extension\AbstractExtension;
use Twig\Extension\GlobalsInterface;
use Twig\TwigFunction;
/**
* Extends Twig functionality for mobile detection.
*
* @author Craig Williams (https://avsdev.uk)
*/
class MobileDetectExtension extends AbstractExtension implements GlobalsInterface
{
/**
* @param ContainerInterface $services
*/
public function __construct(ContainerInterface $services)
{
}
public function getName()
{
return 'avsdev/uf-tweaks-mobileDetect';
}
public function getFunctions()
{
return [
// Add Twig function for checking permissions during dynamic menu rendering
new TwigFunction('isMobile', function () {
$detect = new MobileDetect();
return $detect->isMobile();
}),
new TwigFunction('isTablet', function () {
$detect = new MobileDetect();
return $detect->isTablet();
}),
new TwigFunction('isDesktop', function () {
$detect = new MobileDetect();
return !$detect->isTablet() && !$detect->isMobile();
}),
];
}
public function getGlobals()
{
return [];
}
}

4
templates/forms/inputs/abstract/slug.html.twig
View File

@@ -1,4 +1,4 @@
{% if 'description' not in form.fields.hidden %} {% if 'slug' not in form.fields.hidden %}
{% if col_width %}<div class="{{col_width}}">{% endif %} {% if col_width %}<div class="{{col_width}}">{% endif %}
<div class="form-group"> <div class="form-group">
<label for="input-{{type}}-slug" class="control-label">{{field_name | default(translate('SLUG'))}}</label> <label for="input-{{type}}-slug" class="control-label">{{field_name | default(translate('SLUG'))}}</label>
@@ -15,4 +15,6 @@
</div> </div>
</div> </div>
{% if col_width %}</div>{% endif %} {% if col_width %}</div>{% endif %}
{% else %}
<input type="hidden" id="input-{{type}}-slug" name="slug" value="{{current_value}}">
{% endif %} {% endif %}

7
templates/tables/columns/abstract/generic-text.html.twig Normal file
View File

@@ -0,0 +1,7 @@
<script id="{{table.id}}-column-{{column.name}}" type="text/x-handlebars-template">
{% verbatim %}
<td data-text="{{row.{% endverbatim %}{{column.field}}{% verbatim %}}}">
{{row.{% endverbatim %}{{column.field}}{% verbatim %}}}
</td>
{% endverbatim %}
</script>