Merge branch 'master' into feature/#572_malpositioned_disconnect_button_in_networks_view

src/User/Bootstrap.php

@@ -30,6 +30,7 @@ use yii\console\Application as ConsoleApplication;
 use yii\helpers\ArrayHelper;
 use yii\i18n\PhpMessageSource;
 use yii\web\Application as WebApplication;
+use yii\web\UrlManager;
 
 /**
  * Bootstrap class of the yii2-usuario extension. Configures container services, initializes translations,
@@ -49,10 +50,10 @@ class Bootstrap implements BootstrapInterface
             $this->initTranslations($app);
             $this->initContainer($app, $map);
             $this->initMailServiceConfiguration($app, $app->getModule('user'));
+            $this->initUrlRoutes($app);
 
             if ($app instanceof WebApplication) {
                 $this->initControllerNamespace($app);
-                $this->initUrlRoutes($app);
                 $this->initUrlRestRoutes($app);
                 $this->initAuthCollection($app);
                 $this->initAuthManager($app);
@@ -256,11 +257,11 @@ class Bootstrap implements BootstrapInterface
     /**
      * Initializes web url routes (rules in Yii2).
      *
-     * @param WebApplication $app
+     * @param Application $app
      *
      * @throws InvalidConfigException
      */
-    protected function initUrlRoutes(WebApplication $app)
+    protected function initUrlRoutes(Application $app)
     {
         /** @var $module Module */
         $module = $app->getModule('user');
@@ -274,8 +275,13 @@ class Bootstrap implements BootstrapInterface
             $config['routePrefix'] = 'user';
         }
 
+        $urlManager = $app->getUrlManager();
+        if(!($urlManager instanceof UrlManager)) {
+            return;
+        }
+
         $rule = Yii::createObject($config);
-        $app->getUrlManager()->addRules([$rule], false);
+        $urlManager->addRules([$rule], false);
     }
 
     /**
@@ -399,13 +405,17 @@ class Bootstrap implements BootstrapInterface
                 'Assignment',
                 'Permission',
                 'Role',
-                'SessionHistory'
+                'SessionHistory',
+                'AbstractAuthItem',
+                'Rule',
             ],
             'Da\User\Search' => [
                 'UserSearch',
                 'PermissionSearch',
                 'RoleSearch',
                 'SessionHistorySearch',
+                'RuleSearch',
+                'AbstractAuthItemSearch',
             ],
             'Da\User\Form' => [
                 'RegistrationForm',
@@ -413,12 +423,36 @@ class Bootstrap implements BootstrapInterface
                 'LoginForm',
                 'SettingsForm',
                 'RecoveryForm',
+                'GdprDeleteForm',
             ],
             'Da\User\Service' => [
+                'AccountConfirmationService',
+                'AuthItemEditionService',
+                'AuthRuleEditionService',
+                'EmailChangeService',
                 'MailService',
+                'PasswordExpireService',
+                'PasswordRecoveryService',
+                'ResendConfirmationService',
+                'ResetPasswordService',
+                'SocialNetworkAccountConnectService',
+                'SocialNetworkAuthenticateService',
+                'SwitchIdentityService',
+                'TwoFactorEmailCodeGeneratorService',
+                'TwoFactorQrCodeUriGeneratorService',
+                'TwoFactorSmsCodeGeneratorService',
+                'UpdateAuthAssignmentsService',
+                'UserBlockService',
+                'UserConfirmationService',
+                'UserCreateService',
+                'UserRegisterService',
             ],
             'Da\User\Helper' => [
+                'AuthHelper',
+                'ClassMapHelper',
+                'MigrationHelper',
                 'SecurityHelper',
+                'TimezoneHelper',
             ]
         ];
 

src/User/Controller/ProfileController.php

@@ -25,6 +25,15 @@ class ProfileController extends Controller
 {
     use ModuleAwareTrait;
 
+    /** @var int will allow only profile owner */
+    const PROFILE_VISIBILITY_OWNER = 0;
+    /** @var int will allow profile owner and admin users */
+    const PROFILE_VISIBILITY_ADMIN = 1;
+    /** @var int will allow any logged-in users */
+    const PROFILE_VISIBILITY_USERS = 2;
+    /** @var int will allow anyone, including guests */
+    public const PROFILE_VISIBILITY_PUBLIC = 3;
+
     protected $profileQuery;
 
     /**
@@ -73,10 +82,32 @@ class ProfileController extends Controller
     public function actionShow($id)
     {
         $user = Yii::$app->user;
-        /** @var User $identity */
+        $id = (int) $id;
+
+        /** @var ?User $identity */
         $identity = $user->getIdentity();
-        if($user->getId() != $id && $this->module->disableProfileViewsForRegularUsers && !$identity->getIsAdmin()) {
-            throw new ForbiddenHttpException();
+
+        switch($this->module->profileVisibility) {
+            case static::PROFILE_VISIBILITY_OWNER:
+                if($identity === null || $id !== $user->getId()) {
+                    throw new ForbiddenHttpException();
+                }
+                break;
+            case static::PROFILE_VISIBILITY_ADMIN:
+                if($id === $user->getId() || ($identity !== null && $identity->getIsAdmin())) {
+                    break;
+                }
+                throw new ForbiddenHttpException();
+            case static::PROFILE_VISIBILITY_USERS:
+                if((!$user->getIsGuest())) {
+                    break;
+                }
+                throw new ForbiddenHttpException();
+            case static::PROFILE_VISIBILITY_PUBLIC:
+                break;
+            default:
+                throw new ForbiddenHttpException();
+
         }
 
         $profile = $this->profileQuery->whereUserId($id)->one();

src/User/Controller/RecoveryController.php

@@ -89,14 +89,18 @@ class RecoveryController extends Controller
             throw new NotFoundHttpException();
         }
 
+        $request = Yii::$app->request;
+
         /** @var RecoveryForm $form */
         $form = $this->make(RecoveryForm::class, [], ['scenario' => RecoveryForm::SCENARIO_REQUEST]);
-
+        if(!$request->getIsPost() && !empty($request->get('email'))) {
+            $form->email = $request->get('email');
+        }
         $event = $this->make(FormEvent::class, [$form]);
 
         $this->make(AjaxRequestModelValidator::class, [$form])->validate();
 
-        if ($form->load(Yii::$app->request->post()) && $form->validate()) {
+        if ($form->load($request->post()) && $form->validate()) {
             $this->trigger(FormEvent::EVENT_BEFORE_REQUEST, $event);
 
             $mailService = MailFactory::makeRecoveryMailerService($form->email);

src/User/Module.php

@@ -12,6 +12,7 @@
 namespace Da\User;
 
 use Da\User\Contracts\MailChangeStrategyInterface;
+use Da\User\Controller\ProfileController;
 use Da\User\Filter\AccessRuleFilter;
 use Yii;
 use yii\base\Module as BaseModule;
@@ -181,6 +182,12 @@ class Module extends BaseModule
      * @var string the administrator permission name
      */
     public $administratorPermissionName;
+    /**
+     * @var int $profileVisibility Defines the level of user's profile page visibility.
+     *          Defaults to ProfileController::PROFILE_VISIBILITY_OWNER meaning no-one except the user itself can view
+     *          the profile. @see ProfileController constants for possible options
+     */
+    public $profileVisibility = ProfileController::PROFILE_VISIBILITY_OWNER;
     /**
      * @var string the route prefix
      */
@@ -219,6 +226,7 @@ class Module extends BaseModule
         '<action:(register|resend)>' => 'registration/<action>',
         'confirm/<id:\d+>/<code:[A-Za-z0-9_-]+>' => 'registration/confirm',
         'forgot' => 'recovery/request',
+        'forgot/<email:[a-zA-Z0-9_.±]+@[a-zA-Z0-9-]+.[a-zA-Z0-9-.]+>' => 'recovery/request',
         'recover/<id:\d+>/<code:[A-Za-z0-9_-]+>' => 'recovery/reset'
     ];
     /**
@@ -241,10 +249,6 @@ class Module extends BaseModule
      * @var boolean whether to disable IP logging into user table
      */
     public $disableIpLogging = false;
-    /**
-     * @var boolean whether to disable viewing any user's profile for non-admin users
-     */
-    public $disableProfileViewsForRegularUsers = false;
     /**
      * @var array Minimum requirements when a new password is automatically generated.
      *            Array structure: `requirement => minimum number characters`.

src/User/Service/SocialNetworkAccountConnectService.php

@@ -93,6 +93,6 @@ class SocialNetworkAccountConnectService implements ServiceInterface
             }
         }
 
-        return false;
+        return $account;
     }
 }