Merge branch 'master' into use-asset-packegist
This commit is contained in:
		| @ -18,6 +18,8 @@ | |||||||
|  - Enh: Replace the deprecated InvalidParamException in ClassMapHelper (TonisOrmisson) |  - Enh: Replace the deprecated InvalidParamException in ClassMapHelper (TonisOrmisson) | ||||||
|  - Fix #242: Add POST filter for `admin/force-password-change` action (bscheshirwork) |  - Fix #242: Add POST filter for `admin/force-password-change` action (bscheshirwork) | ||||||
|  - Enh #251: Use `asset-packagist` instead of `fxp-asset` if you run it as a module without having a project around (bscheshirwork) |  - Enh #251: Use `asset-packagist` instead of `fxp-asset` if you run it as a module without having a project around (bscheshirwork) | ||||||
|  |  - Fix #252: Delete check for unexpected property `allowPasswordRecovery` for resend email by admin (bscheshirwork) | ||||||
|  |  - Fix #254: Rename `GDPR` properties to `lowerCamelCase` style (bscheshirwork) | ||||||
|  |  | ||||||
| ## 1.1.4 - February 19, 2018 | ## 1.1.4 - February 19, 2018 | ||||||
| - Enh: Check enableEmailConfirmation on registration (faenir) | - Enh: Check enableEmailConfirmation on registration (faenir) | ||||||
|  | |||||||
| @ -5,7 +5,39 @@ Maybe you need to override the default's functionality of the module's controlle | |||||||
| Yii2 Modules have an attribute named `controllerMap` that you can configure with your very own controllers. | Yii2 Modules have an attribute named `controllerMap` that you can configure with your very own controllers. | ||||||
|  |  | ||||||
| Please, before you override a controller's action, make sure that it won't be enough with using the  | Please, before you override a controller's action, make sure that it won't be enough with using the  | ||||||
| (controller's events)[../events/controller-events.md]. | [events](../events). For example you can use event for redirect after finish confirmation or recovery: | ||||||
|  |  | ||||||
|  | ```php | ||||||
|  |     'modules' => [ | ||||||
|  |         'user' => [ | ||||||
|  |             'controllerMap' => [ | ||||||
|  |                'recovery' => [ | ||||||
|  |                     'class' => \Da\User\Controller\RecoveryController::class, | ||||||
|  |                     'on ' . \Da\User\Event\FormEvent::EVENT_AFTER_REQUEST => function (\Da\User\Event\FormEvent $event) { | ||||||
|  |                         \Yii::$app->controller->redirect(['/user/security/login']); | ||||||
|  |                         \Yii::$app->end(); | ||||||
|  |                     }, | ||||||
|  |                     'on ' . \Da\User\Event\ResetPasswordEvent::EVENT_AFTER_RESET => function (\Da\User\Event\ResetPasswordEvent $event) { | ||||||
|  |                         if ($event->token->user ?? false) { | ||||||
|  |                             \Yii::$app->user->login($event->token->user); | ||||||
|  |                         } | ||||||
|  |                         \Yii::$app->controller->redirect(\Yii::$app->getUser()->getReturnUrl()); | ||||||
|  |                         \Yii::$app->end(); | ||||||
|  |                     }, | ||||||
|  |                 ], | ||||||
|  |                 'registration' => [ | ||||||
|  |                     'class' => \Da\User\Controller\RegistrationController::class, | ||||||
|  |                     'on ' . \Da\User\Event\FormEvent::EVENT_AFTER_REGISTER => function (\Da\User\Event\FormEvent $event) { | ||||||
|  |                         \Yii::$app->controller->redirect(['/user/security/login']); | ||||||
|  |                         \Yii::$app->end(); | ||||||
|  |                     }, | ||||||
|  |                     'on ' . \Da\User\Event\FormEvent::EVENT_AFTER_RESEND => function (\Da\User\Event\FormEvent $event) { | ||||||
|  |                         \Yii::$app->controller->redirect(['/user/security/login']); | ||||||
|  |                         \Yii::$app->end(); | ||||||
|  |                     }, | ||||||
|  |                 ], | ||||||
|  | ... | ||||||
|  | ``` | ||||||
|  |  | ||||||
| > See more about this attribute on  | > See more about this attribute on  | ||||||
| > [ The Definitive Guide to Yii 2.0](http://www.yiiframework.com/doc-2.0/guide-structure-controllers.html#controller-map)  | > [ The Definitive Guide to Yii 2.0](http://www.yiiframework.com/doc-2.0/guide-structure-controllers.html#controller-map)  | ||||||
|  | |||||||
| @ -5,8 +5,8 @@ The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in E | |||||||
|  |  | ||||||
| ## Enable GDPR | ## Enable GDPR | ||||||
|  |  | ||||||
| To enable support in yii2-usuario set `enableGDPRcompliance` to `true` and set | To enable support in yii2-usuario set `enableGdprCompliance` to `true` and set | ||||||
|   `GDPRprivacyPolicyUrl` with an url pointing to your privacy policy. |   `gdprPrivacyPolicyUrl` with an url pointing to your privacy policy. | ||||||
|  |  | ||||||
| ### At this moment a few measures apply to your app: | ### At this moment a few measures apply to your app: | ||||||
|  |  | ||||||
| @ -27,7 +27,7 @@ GDPR says: [Article 20](https://gdpr.algolia.com/gdpr-article-20) | |||||||
| Users now have a privacy page in their account settings where they can export his/her personal data | Users now have a privacy page in their account settings where they can export his/her personal data | ||||||
| in a csv file. | in a csv file. | ||||||
| If you collect additional personal information you can to export by adding to | If you collect additional personal information you can to export by adding to | ||||||
| `GDPRexportProperties`. | `gdprExportProperties`. | ||||||
| > Export use `ArrayHelper::getValue()` to extract information, so you can use links to relations. | > Export use `ArrayHelper::getValue()` to extract information, so you can use links to relations. | ||||||
|  |  | ||||||
|  |  | ||||||
| @ -41,7 +41,7 @@ The behavior differs depending module configuration. | |||||||
|  |  | ||||||
| If  `$allowAccountDelete` is set to `true` the account will be fully deleted when clicking *Delete* button, | If  `$allowAccountDelete` is set to `true` the account will be fully deleted when clicking *Delete* button, | ||||||
| while when if that setting is set to `false` the module will remove social network connections and | while when if that setting is set to `false` the module will remove social network connections and | ||||||
| replace the personal data with a custom alias defined in `$GDPRanonymPrefix`. | replace the personal data with a custom alias defined in `$gdprAnonymizePrefix`. | ||||||
|  |  | ||||||
| The account will be blocked and marked as `gdpr_deleted`. | The account will be blocked and marked as `gdpr_deleted`. | ||||||
|  |  | ||||||
|  | |||||||
| @ -12,14 +12,14 @@ Setting this attribute will allow users to configure their login process with tw | |||||||
| By default, Google Authenticator App for two-factor authentication cycles in periods of 30 seconds. In order to allow  | By default, Google Authenticator App for two-factor authentication cycles in periods of 30 seconds. In order to allow  | ||||||
| a bigger period so to avoid out of sync issues. | a bigger period so to avoid out of sync issues. | ||||||
|  |  | ||||||
| #### enableGDPRcompliance (type: `boolean`, default: `false`) | #### enableGdprCompliance (type: `boolean`, default: `false`) | ||||||
|  |  | ||||||
| Setting this attribute enables a serie of measures to comply with EU GDPR regulation, like data consent, right to be forgotten and data portability. | Setting this attribute enables a serie of measures to comply with EU GDPR regulation, like data consent, right to be forgotten and data portability. | ||||||
|  |  | ||||||
| #### GDPRprivacyPolicyUrl (type: `array`, default: null) | #### gdprPrivacyPolicyUrl (type: `array`, default: null) | ||||||
| The link to privacy policy. This will be used on registration form as "read our pivacy policy". It must follow the same format as `yii\helpers\Url::to` | The link to privacy policy. This will be used on registration form as "read our pivacy policy". It must follow the same format as `yii\helpers\Url::to` | ||||||
|  |  | ||||||
| #### GDPRexportProperties (type: `array`) | #### gdprExportProperties (type: `array`) | ||||||
|  |  | ||||||
| An array with the name of the user identity properties to be included when user request download of his data. | An array with the name of the user identity properties to be included when user request download of his data. | ||||||
| Names can include relations like `profile.name`. | Names can include relations like `profile.name`. | ||||||
| @ -39,7 +39,7 @@ Defaults to: | |||||||
| ``` | ``` | ||||||
|  |  | ||||||
|  |  | ||||||
| #### GDPRanonymPrefix (type: `string`, default: `GDPR`) | #### gdprAnonymizePrefix (type: `string`, default: `GDPR`) | ||||||
| Prefix to be used as a replacement when user requeste deletion of his data | Prefix to be used as a replacement when user requeste deletion of his data | ||||||
|  |  | ||||||
|  |  | ||||||
|  | |||||||
| @ -65,6 +65,10 @@ to | |||||||
| $module = Yii::$app->getModule('user'); | $module = Yii::$app->getModule('user'); | ||||||
| if(Yii::$app->session->has($module->switchIdentitySessionKey)) | if(Yii::$app->session->has($module->switchIdentitySessionKey)) | ||||||
| ``` | ``` | ||||||
|  | * If you use event of Controllers see [events](../events) chapter of this docs. **All** of relative controller constant has been move to events class:   | ||||||
|  | from `\dektrium\user\controllers\RecoveryController::EVENT_AFTER_REQUEST` to `\Da\User\Event\FormEvent::EVENT_AFTER_REQUEST`,    | ||||||
|  | from `\dektrium\user\controllers\RecoveryController::EVENT_AFTER_RESET` to `\Da\User\Event\ResetPasswordEvent::EVENT_AFTER_RESET`, etc.   | ||||||
|  | Map of constants can be find in [events](../events) chapter of this docs.  | ||||||
|  |  | ||||||
| ## Rbac migrations | ## Rbac migrations | ||||||
|  |  | ||||||
|  | |||||||
| @ -159,7 +159,7 @@ class SettingsController extends Controller | |||||||
|  |  | ||||||
|     public function actionPrivacy() |     public function actionPrivacy() | ||||||
|     { |     { | ||||||
|         if (!$this->module->enableGDPRcompliance) |         if (!$this->module->enableGdprCompliance) | ||||||
|             throw new NotFoundHttpException(); |             throw new NotFoundHttpException(); | ||||||
|  |  | ||||||
|         return $this->render('privacy', [ |         return $this->render('privacy', [ | ||||||
| @ -169,7 +169,7 @@ class SettingsController extends Controller | |||||||
|  |  | ||||||
|     public function actionGdprdelete() |     public function actionGdprdelete() | ||||||
|     { |     { | ||||||
|         if (!$this->module->enableGDPRcompliance) |         if (!$this->module->enableGdprCompliance) | ||||||
|             throw new NotFoundHttpException(); |             throw new NotFoundHttpException(); | ||||||
|  |  | ||||||
|         /** @var GdprDeleteForm $form */ |         /** @var GdprDeleteForm $form */ | ||||||
| @ -192,7 +192,7 @@ class SettingsController extends Controller | |||||||
|  |  | ||||||
|                 /* @var $security SecurityHelper */ |                 /* @var $security SecurityHelper */ | ||||||
|                 $security = $this->make(SecurityHelper::class); |                 $security = $this->make(SecurityHelper::class); | ||||||
|                 $anonymReplacement = $this->module->GDPRanonymPrefix . $user->id; |                 $anonymReplacement = $this->module->gdprAnonymizePrefix . $user->id; | ||||||
|  |  | ||||||
|                 $user->updateAttributes([ |                 $user->updateAttributes([ | ||||||
|                     'email' => $anonymReplacement . "@example.com", |                     'email' => $anonymReplacement . "@example.com", | ||||||
| @ -260,11 +260,11 @@ class SettingsController extends Controller | |||||||
|      */ |      */ | ||||||
|     public function actionExport() |     public function actionExport() | ||||||
|     { |     { | ||||||
|         if (!$this->module->enableGDPRcompliance) |         if (!$this->module->enableGdprCompliance) | ||||||
|             throw new NotFoundHttpException(); |             throw new NotFoundHttpException(); | ||||||
|  |  | ||||||
|         try { |         try { | ||||||
|             $properties = $this->module->GDPRexportProperties; |             $properties = $this->module->gdprExportProperties; | ||||||
|             $user = Yii::$app->user->identity; |             $user = Yii::$app->user->identity; | ||||||
|             $data = [$properties, []]; |             $data = [$properties, []]; | ||||||
|  |  | ||||||
|  | |||||||
| @ -82,7 +82,7 @@ class RegistrationForm extends Model | |||||||
|                 'compareValue' => true, |                 'compareValue' => true, | ||||||
|                 'message' => Yii::t('usuario', 'Your consent is required to register'), |                 'message' => Yii::t('usuario', 'Your consent is required to register'), | ||||||
|                 'when' => function () { |                 'when' => function () { | ||||||
|                     return $this->module->enableGDPRcompliance; |                     return $this->module->enableGdprCompliance; | ||||||
|                 }] |                 }] | ||||||
|         ]; |         ]; | ||||||
|     } |     } | ||||||
| @ -106,7 +106,7 @@ class RegistrationForm extends Model | |||||||
|             'gdpr_consent' => Yii::t('usuario', 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}', |             'gdpr_consent' => Yii::t('usuario', 'I agree processing of my personal data and the use of cookies to facilitate the operation of this site. For more information read our {privacyPolicy}', | ||||||
|                 [ |                 [ | ||||||
|                     'privacyPolicy' => Html::a(Yii::t('usuario', 'privacy policy'), |                     'privacyPolicy' => Html::a(Yii::t('usuario', 'privacy policy'), | ||||||
|                         $this->module->GDPRprivacyPolicyUrl, |                         $this->module->gdprPrivacyPolicyUrl, | ||||||
|                         ['target' => '_blank'] |                         ['target' => '_blank'] | ||||||
|                     ) |                     ) | ||||||
|                 ]) |                 ]) | ||||||
|  | |||||||
| @ -164,7 +164,7 @@ class User extends ActiveRecord implements IdentityInterface | |||||||
|             TimestampBehavior::class, |             TimestampBehavior::class, | ||||||
|         ]; |         ]; | ||||||
|  |  | ||||||
|         if ($this->module->enableGDPRcompliance) { |         if ($this->module->enableGdprCompliance) { | ||||||
|             $behaviors['GDPR'] = [ |             $behaviors['GDPR'] = [ | ||||||
|                 'class' => TimestampBehavior::class, |                 'class' => TimestampBehavior::class, | ||||||
|                 'createdAtAttribute' => 'gdpr_consent_date', |                 'createdAtAttribute' => 'gdpr_consent_date', | ||||||
|  | |||||||
| @ -29,12 +29,12 @@ class Module extends BaseModule | |||||||
|      *           - Forgot me button in profile view. |      *           - Forgot me button in profile view. | ||||||
|      *           - Download my data button in profile |      *           - Download my data button in profile | ||||||
|      */ |      */ | ||||||
|     public $enableGDPRcompliance = false; |     public $enableGdprCompliance = false; | ||||||
|     /** |     /** | ||||||
|      * @var null|array|string with the url to privacy policy. |      * @var null|array|string with the url to privacy policy. | ||||||
|      *                        Must be in the same format as yii/helpers/Url::to requires. |      *                        Must be in the same format as yii/helpers/Url::to requires. | ||||||
|      */ |      */ | ||||||
|     public $GDPRprivacyPolicyUrl = null; |     public $gdprPrivacyPolicyUrl = null; | ||||||
|     /** |     /** | ||||||
|      * @var array with the name of the user identity properties to be included when user request download of his data. |      * @var array with the name of the user identity properties to be included when user request download of his data. | ||||||
|      *            Names can include relations like `profile.name`. |      *            Names can include relations like `profile.name`. | ||||||
| @ -42,7 +42,7 @@ class Module extends BaseModule | |||||||
|      *            > The data subject shall have the right to receive the personal data concerning him or her, which he |      *            > The data subject shall have the right to receive the personal data concerning him or her, which he | ||||||
|      *            > or she has provided to a controller, in a structured, commonly used and machine-readable format |      *            > or she has provided to a controller, in a structured, commonly used and machine-readable format | ||||||
|      */ |      */ | ||||||
|     public $GDPRexportProperties = [ |     public $gdprExportProperties = [ | ||||||
|         'email', |         'email', | ||||||
|         'username', |         'username', | ||||||
|         'profile.public_email', |         'profile.public_email', | ||||||
| @ -55,7 +55,7 @@ class Module extends BaseModule | |||||||
|     /** |     /** | ||||||
|      * @var string prefix to be used as a replacement when user requests deletion of his data. |      * @var string prefix to be used as a replacement when user requests deletion of his data. | ||||||
|      */ |      */ | ||||||
|     public $GDPRanonymPrefix = 'GDPR'; |     public $gdprAnonymizePrefix = 'GDPR'; | ||||||
|     /** |     /** | ||||||
|      * @var bool whether to enable two factor authentication or not |      * @var bool whether to enable two factor authentication or not | ||||||
|      */ |      */ | ||||||
|  | |||||||
| @ -152,7 +152,7 @@ $module = Yii::$app->getModule('user'); | |||||||
|                         return null; |                         return null; | ||||||
|                     }, |                     }, | ||||||
|                     'reset' => function ($url, $model) use ($module) { |                     'reset' => function ($url, $model) use ($module) { | ||||||
|                         if(!$module->allowPasswordRecovery && $module->allowAdminPasswordRecovery) { |                         if($module->allowAdminPasswordRecovery) { | ||||||
|                             return Html::a( |                             return Html::a( | ||||||
|                                 '<span class="glyphicon glyphicon-flash"></span>', |                                 '<span class="glyphicon glyphicon-flash"></span>', | ||||||
|                                 ['/user/admin/password-reset', 'id' => $model->id], |                                 ['/user/admin/password-reset', 'id' => $model->id], | ||||||
|  | |||||||
| @ -45,7 +45,7 @@ $this->params['breadcrumbs'][] = $this->title; | |||||||
|                     <?= $form->field($model, 'password')->passwordInput() ?> |                     <?= $form->field($model, 'password')->passwordInput() ?> | ||||||
|                 <?php endif ?> |                 <?php endif ?> | ||||||
|  |  | ||||||
|                 <?php if ($module->enableGDPRcompliance): ?> |                 <?php if ($module->enableGdprCompliance): ?> | ||||||
|                     <?= $form->field($model, 'gdpr_consent')->checkbox(['value' => 1]) ?> |                     <?= $form->field($model, 'gdpr_consent')->checkbox(['value' => 1]) ?> | ||||||
|                 <?php endif ?> |                 <?php endif ?> | ||||||
|  |  | ||||||
|  | |||||||
| @ -43,7 +43,7 @@ $networksVisible = count(Yii::$app->authClientCollection->clients) > 0; | |||||||
|                     ['label' => Yii::t('usuario', 'Account'), 'url' => ['/user/settings/account']], |                     ['label' => Yii::t('usuario', 'Account'), 'url' => ['/user/settings/account']], | ||||||
|                     ['label' => Yii::t('usuario', 'Privacy'), |                     ['label' => Yii::t('usuario', 'Privacy'), | ||||||
|                         'url' => ['/user/settings/privacy'], |                         'url' => ['/user/settings/privacy'], | ||||||
|                         'visible' => $module->enableGDPRcompliance |                         'visible' => $module->enableGdprCompliance | ||||||
|                     ], |                     ], | ||||||
|                     [ |                     [ | ||||||
|                         'label' => Yii::t('usuario', 'Networks'), |                         'label' => Yii::t('usuario', 'Networks'), | ||||||
|  | |||||||
| @ -28,7 +28,7 @@ $this->params['breadcrumbs'][] = $this->title; | |||||||
|  |  | ||||||
| <div class="row"> | <div class="row"> | ||||||
|     <div class="col-md-3"> |     <div class="col-md-3"> | ||||||
|         <?= $this->render('/networks/_menu') ?> |         <?= $this->render('/settings/_menu') ?> | ||||||
|     </div> |     </div> | ||||||
|     <div class="col-md-9"> |     <div class="col-md-9"> | ||||||
|         <div class="panel panel-default"> |         <div class="panel panel-default"> | ||||||
|  | |||||||
| @ -68,7 +68,7 @@ class GdprCest | |||||||
|         $module = Yii::$app->getModule('user'); |         $module = Yii::$app->getModule('user'); | ||||||
|         $module->enableEmailConfirmation = $emailConfirmation; |         $module->enableEmailConfirmation = $emailConfirmation; | ||||||
|         $module->generatePasswords = $generatePasswords; |         $module->generatePasswords = $generatePasswords; | ||||||
|         $module->enableGDPRcompliance = $enableGdpr; |         $module->enableGdprCompliance = $enableGdpr; | ||||||
|     } |     } | ||||||
|  |  | ||||||
|     protected function register(FunctionalTester $I, $email, $username = null, $password = null, $gdpr_consent = true) |     protected function register(FunctionalTester $I, $email, $username = null, $password = null, $gdpr_consent = true) | ||||||
|  | |||||||
		Reference in New Issue
	
	Block a user