#49 invite new users feature

Also, adding a way to render HTML templates to make HTML emails sane

Author: mattheworres

.htaccess

@@ -6,13 +6,14 @@
 <IfModule mod_rewrite.c>
     Options -MultiViews
 
-    RewriteEngine On
-    RewriteBase /
+    # Enable the next two lines if your install lives in a subfolder from the domain base directory
+    #RewriteEngine On
+    #RewriteBase /
 
     # Comment next line to disable forcing of HTTPS for all pages:
     # (it is strongly recommended you *keep* this setting enabled!)
-    RewriteCond %{HTTPS} off
-    RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+    #RewriteCond %{HTTPS} off
+    #RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
 
     #H/T to anubhava http://stackoverflow.com/a/29874382/324527
     DirectoryIndex bootstrap.php index.html

api/Controllers/Commish/UserProfileController.php

@@ -6,6 +6,7 @@
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
 use PhpDraft\Domain\Models\UserProfile;
+use PhpDraft\Domain\Entities\LoginUser;
 use PhpDraft\Domain\Models\PhpDraftResponse;
 
 class UserProfileController {
@@ -30,4 +31,24 @@ public function Put(Application $app, Request $request) {
 
     return $app->json($response, $response->responseType());
   }
-}
+
+  public function InviteNewCommissioner(Application $app, Request $request) {
+    $user = new LoginUser();
+
+    $user->enabled = 0;
+    $user->email = $request->get('email');
+    $user->name = $request->get('name');
+
+    $message = $request->get('message');
+
+    $validity = $app['phpdraft.LoginUserValidator']->isInviteNewUserValid($user, $message);
+
+    if (!$validity->success) {
+      return $app->json($validity, $validity->responseType());
+    }
+
+    $response = $app['phpdraft.UsersService']->InviteNewUser($user, $message);
+
+    return $app->json($response, $response->responseType());
+  }
+}

api/Domain/Models/MailMessage.php

@@ -7,14 +7,15 @@
 class MailMessage {
   public function __construct() {
     $this->to_addresses = array();
-    //$this->to_addresses = array (
-    //  "user@example.com"ß
-    //)
+    $this->cc_addresses = array();
+    $this->bcc_addresses = array();
     $this->is_html = false;
   }
 
   public $to_addresses;
+  public $cc_addresses;
+  public $bcc_addresses;
   public $subject;
   public $body;
   public $is_html;
-}
+}

api/Domain/Services/EmailService.php

@@ -35,14 +35,26 @@ public function __construct(Application $app) {
     }
 
     $this->mailer->From = MAIL_USER;
-    $this->mailer->FromName = 'PHPDraft System';
+    $this->mailer->FromName = 'Hoot Draft';
   }
 
   public function SendMail(MailMessage $message) {
     foreach ($message->to_addresses as $address => $name) {
       $this->mailer->addAddress($address, $name);
     }
 
+    if (count($message->cc_addresses) > 0) {
+      foreach($message->cc_addresses as $address => $name) {
+        $this->mailer->addCC($address, $name);
+      }
+    }
+
+    if (count($message->bcc_addresses) > 0) {
+      foreach($message->bcc_addresses as $address => $name) {
+        $this->mailer->addBCC($address, $name);
+      }
+    }
+
     $this->mailer->isHTML($message->is_html);
 
     $this->mailer->Subject = $message->subject;

api/Domain/Services/TemplateRenderService.php

@@ -0,0 +1,15 @@
+<?php
+namespace PhpDraft\Domain\Services;
+
+class TemplateRenderService {
+  private $twig;
+
+  public function __construct() {
+    $loader = new \Twig_Loader_Filesystem(__DIR__ . '/../../EmailTemplates');
+    $this->twig = new \Twig_Environment($loader);
+  }
+
+  public function RenderTemplate($emailTemplateFilename, $parameters) {
+    return $this->twig->render($emailTemplateFilename, $parameters);
+  }
+}

api/Domain/Services/UsersService.php

@@ -0,0 +1,65 @@
+<?php
+namespace PhpDraft\Domain\Services;
+
+use Silex\Application;
+use Symfony\Component\HttpFoundation\Request;
+use PhpDraft\Domain\Entities\LoginUser;
+use PhpDraft\Domain\Models\PhpDraftResponse;
+use PhpDraft\Domain\Models\MailMessage;
+
+class UsersService {
+  private $app;
+
+  public function __construct(Application $app) {
+    $this->app = $app;
+  }
+
+  public function InviteNewUser(LoginUser $user, $message) {
+    $response = new PhpDraftResponse();
+
+    $user->password = $this->app['phpdraft.SaltService']->GenerateSalt();
+    $user->salt = $this->app['phpdraft.SaltService']->GenerateSalt();
+    $user->roles = array('ROLE_COMMISH');
+    $user->verificationKey = $this->app['phpdraft.SaltService']->GenerateSaltForUrl();
+
+    try {
+      $user = $this->app['phpdraft.LoginUserRepository']->Create($user);
+      $inviter = $this->app['phpdraft.LoginUserService']->GetCurrentUser();
+
+      $emailParameters = array(
+        'imageBaseUrl' => sprintf("%s/images/email", APP_BASE_URL),
+        'invitee' => $user->name,
+        'inviter' => $inviter->name,
+        'message' => $message,
+        'setupLink' => $this->GenerateNewInviteLink($user),
+      );
+
+      $mailMessage = new MailMessage();
+
+      $mailMessage->to_addresses = array(
+        $user->email => $user->name,
+      );
+
+      $mailMessage->subject = "$inviter->name invited you to use Hoot Draft!";
+      $mailMessage->body = $this->app['phpdraft.TemplateRenderService']->RenderTemplate('UserInvite.html', $emailParameters);;
+      $mailMessage->is_html = true;
+
+      $this->app['phpdraft.EmailService']->SendMail($mailMessage);
+
+      $response->success = true;
+    } catch (\Exception $ex) {
+      $exceptionMessage = $ex->getMessage();
+      $response->success = false;
+      $response->errors[] = $exceptionMessage;
+    }
+
+    return $response;
+  }
+
+  private function GenerateNewInviteLink(LoginUser $user) {
+    $encodedEmail = urlencode($user->email);
+    $encodedToken = urlencode($user->verificationKey);
+
+    return sprintf("%s/inviteSetup/%s/%s", APP_BASE_URL, $encodedEmail, $encodedToken);
+  }
+}

api/Domain/Validators/LoginUserValidator.php

@@ -52,6 +52,38 @@ public function isRegistrationUserValid(Request $request) {
     return $this->app['phpdraft.ResponseFactory']($valid, $errors);
   }
 
+  public function isInviteNewUserValid(LoginUser $user, $message) {
+    $valid = true;
+    $errors = array();
+
+    $emailAddress = $user->email;
+    $name = $user->name;
+
+    if (empty($emailAddress)
+      || empty($name)) {
+      $errors[] = "One or more missing fields.";
+      $valid = false;
+    }
+
+    $this->validateNameLength($name, $errors, $valid);
+
+    $this->validateEmailAddress($emailAddress, $errors, $valid);
+
+    if (strlen($message) > 255) {
+      $errors[] = "Message too long";
+      $valid = false;
+    }
+
+    if (!$this->app['phpdraft.LoginUserRepository']->NameIsUnique($name)) {
+      $errors[] = "Name already taken.";
+      $valid = false;
+    }
+
+    $this->validateUniqueEmail($emailAddress, $errors, $valid);
+
+    return $this->app['phpdraft.ResponseFactory']($valid, $errors);
+  }
+
   public function IsVerificationValid(Request $request) {
     $valid = true;
     $errors = array();

api/EmailTemplates/UserInvite.html

@@ -54,4 +54,12 @@
 
 $app['phpdraft.DatabaseCacheService'] = function() use ($app) {
   return new \PhpDraft\Domain\Services\DatabaseCacheService($app);
-};
+};
+
+$app['phpdraft.UsersService'] = function() use ($app) {
+  return new \PhpDraft\Domain\Services\UsersService($app);
+};
+
+$app['phpdraft.TemplateRenderService'] = function() {
+  return new \PhpDraft\Domain\Services\TemplateRenderService();
+};

api/config/_registerServices.php

@@ -130,6 +130,7 @@
 $app->delete('/admin/user/{user_id}', "admin.users.controller:Delete");
 
 $app->get('/commish', "commish.index.controller:Index");
+$app->post('/commish/user/invite', "commish.profile.controller:InviteNewCommissioner");
 $app->get('/commish/profile', "commish.profile.controller:Get");
 $app->put('/commish/profile', "commish.profile.controller:Put");
 

api/config/_router.php

@@ -1,6 +1,5 @@
 angular.module('phpdraft.authentication', [
   'ngRoute',
-  'ngCapsLock',
   'toggle-switch',
   'ui.bootstrap',
   'validation.match',

app/features/authentication/authentication.module.js

@@ -26,4 +26,8 @@ angular.module('phpdraft.authentication').config(($routeProvider, $locationProvi
   $routeProvider.when('/profile', {
     template: '<phpd-edit-profile></phpd-edit-profile>',
   });
+
+  $routeProvider.when('/inviteSetup/:email?/:token?', {
+    template: '<phpd-invite-setup></phpd-invite-setup>',
+  });
 });

app/features/authentication/authentication.routes.js

@@ -1,5 +1,8 @@
 <div data-ng-cloak>
-  <div class="container-fluid">
+  <div class="container-fluid" ng-show="$ctrl.loading">
+    <phpd-section-loading show-loading="$ctrl.loading" />
+  </div>
+  <div class="container-fluid ng-hide" ng-show="!$ctrl.loading">
     <div class="row">
       <div class="hidden-xs hidden-sm col-md-1">&nbsp;</div>
       <div class="col-xs-12 col-sm-12 col-md-10">
@@ -75,22 +78,19 @@ <h2 class="text-center">Update User Profile</h2>
                 <div class="form-group" show-errors>
                   <div class="col-xs-3 text-right">
                     <label class="control-label" for="password">
-                      <span class="text-danger">*</span>&nbsp;Password
+                      <span class="text-danger">*</span>&nbsp;Current Password
                     </label>
                   </div>
                   <div class="col-xs-6">
                     <input name="password"
                       ng-model="$ctrl.userProfile.password"
                       autocomplete="current-password"
-                      uib-tooltip="Capslock is on"
-                      tooltip-trigger="focus"
-                      tooltip-enable="isCapsLockOn"
                       class="form-control"
                       minlength="8"
                       maxlength="255"
                       type="{{$ctrl.passwordInputType()}}"
                       ng-required="true"
-                      placeholder="Password" />
+                      placeholder="Current password (for security, you know)" />
                     <div ng-show="$ctrl.form.$submitted || $ctrl.form.password.$touched">
                       <span ng-show="$ctrl.form.password.$error.required" class="help-block">Password is missing</span>
                       <span ng-show="!$ctrl.form.password.$error.required && $ctrl.form.password.$error.minlength" class="help-block">Password is too short - 8 characters minimum</span>
@@ -116,9 +116,6 @@ <h2 class="text-center">Update User Profile</h2>
                       name="newPassword"
                       ng-model="$ctrl.userProfile.newPassword"
                       autocomplete="new-password"
-                      uib-tooltip="Capslock is on"
-                      tooltip-trigger="focus"
-                      tooltip-enable="isCapsLockOn"
                       class="form-control"
                       minlength="8"
                       maxlength="255"
@@ -146,10 +143,7 @@ <h2 class="text-center">Update User Profile</h2>
                   <div class="col-xs-6">
                     <input id="newConfirmedPassword"
                       name="newConfirmedPassword"
-                      uib-tooltip="Capslock is on"
                       autocomplete="new-password"
-                      tooltip-trigger="focus"
-                      tooltip-enable="isCapsLockOn"
                       ng-model="$ctrl.userProfile.newConfirmedPassword"
                       class="form-control"
                       minlength="8"

app/features/authentication/editProfile.component.html

@@ -12,22 +12,27 @@ class EditProfileController {
     this.errorService = errorService;
     this.pathHelperService = pathHelperService;
     this.lodash = lodash;
+
+    this.loading = true;
   }
 
   $onInit() {
     this.showPassword = false;
     this.userProfile = {};
+    this.loading = true;
 
     this.loadUserProfileData();
   }
 
   loadUserProfileData() {
     const loadSuccess = data => {
       this.lodash.merge(this.userProfile, data);
+      this.loading = false;
     };
 
     const errorHandler = () => {
       this.messageService.showError('Unable to load user profile');
+      this.loading = false;
     };
 
     this.api.Authentication.getProfile({}, loadSuccess, errorHandler);