Merge branch 'master' into OS-144Stats-Architecture

Conflicts:
	server/controllers/system.php
	server/controllers/system/init-settings.php
	tests/init.rb

server/controllers/system.php

@@ -10,6 +10,8 @@ require_once 'system/get-mail-templates.php';
 require_once 'system/edit-mail-template.php';
 require_once 'system/recover-mail-template.php';
 require_once 'system/get-stats.php';
+require_once 'system/disable-registration.php';
+require_once 'system/enable-registration.php';
 
 $systemControllerGroup = new ControllerGroup();
 $systemControllerGroup->setGroupPath('/system');
@@ -24,6 +26,8 @@ $systemControllerGroup->addController(new GetLogsController);
 $systemControllerGroup->addController(new GetMailTemplatesController);
 $systemControllerGroup->addController(new EditMailTemplateController);
 $systemControllerGroup->addController(new RecoverMailTemplateController);
+$systemControllerGroup->addController(new DisableRegistrationController);
+$systemControllerGroup->addController(new EnableRegistrationController);
 $systemControllerGroup->addController(new GetStatsController);
 
 $systemControllerGroup->finalize();

server/controllers/system/disable-registration.php

@@ -0,0 +1,28 @@
+<?php
+
+class DisableRegistrationController extends Controller {
+    const PATH = '/disable-registration';
+
+    public function validations() {
+        return [
+            'permission' => 'staff_3',
+            'requestData' => []
+        ];
+    }
+    
+    public function handler() {
+        $password = Controller::request('password');
+
+        if(!Hashing::verifyPassword($password, Controller::getLoggedUser()->password)) {
+            Response::respondError(ERRORS::INVALID_PASSWORD);
+            return;
+        }
+
+        $registrationRow = Setting::getSetting('registration');
+
+        $registrationRow->value = false;
+        $registrationRow->store();
+
+        Response::respondSuccess();
+    }
+}

server/controllers/system/enable-registration.php

@@ -0,0 +1,29 @@
+<?php
+use Respect\Validation\Validator as DataValidator;
+
+class EnableRegistrationController extends Controller {
+    const PATH = '/enable-registration';
+
+    public function validations() {
+        return [
+            'permission' => 'staff_3',
+            'requestData' => []
+        ];
+    }
+
+    public function handler() {
+        $password = Controller::request('password');
+
+        if(!Hashing::verifyPassword($password,Controller::getLoggedUser()->password)) {
+            Response::respondError(ERRORS::INVALID_PASSWORD);
+            return;
+        }
+
+        $registrationRow = Setting::getSetting('registration');
+
+        $registrationRow->value = true;
+        $registrationRow->store();
+
+        Response::respondSuccess();
+    }
+}

server/controllers/system/get-settings.php

@@ -28,6 +28,7 @@ class GetSettingsController extends Controller {
                 'smtp-port' => Setting::getSetting('smtp-port')->getValue(),
                 'smtp-host' => Setting::getSetting('smtp-host')->getValue(),
                 'smtp-user' => Setting::getSetting('smtp-user')->getValue(),
+                'registration' => Setting::getSetting('registration')->getValue(),
                 'departments' => Department::getDepartmentNames(),
                 'supportedLanguages' => Language::getSupportedLanguages(),
                 'allowedLanguages' => Language::getAllowedLanguages()
@@ -42,6 +43,7 @@ class GetSettingsController extends Controller {
                 'allow-attachments' => Setting::getSetting('allow-attachments')->getValue(),
                 'max-size' => Setting::getSetting('max-size')->getValue(),
                 'title' => Setting::getSetting('title')->getValue(),
+                'registration' => Setting::getSetting('registration')->getValue(),
                 'departments' => Department::getDepartmentNames(),
                 'supportedLanguages' => Language::getSupportedLanguages(),
                 'allowedLanguages' => Language::getAllowedLanguages()

server/controllers/system/init-settings.php

@@ -41,7 +41,8 @@ class InitSettingsController extends Controller {
             'max-size' => 0,
             'title' => 'Support Center',
             'url' => 'http://www.opensupports.com/support',
-            'last-stat-day' => '20170101'//TODO: get current date
+            'registration' => true,
+            'last-stat-day' => '20170101' //TODO: get current date
         ]);
     }
 

server/controllers/user/signup.php

@@ -51,6 +51,11 @@ class SignUpController extends Controller {
             return;
         }
 
+        if (!Setting::getSetting('registration')->value) {
+            Response::respondError(ERRORS::NO_PERMISSION);
+            return;
+        }
+
         $userId = $this->createNewUserAndRetrieveId();
         $this->sendRegistrationMail();
 

tests/init.rb

@@ -52,4 +52,6 @@ require './staff/last-events.rb'
 require './system/get-mail-templates.rb'
 require './system/edit-mail-template.rb'
 require './system/recover-mail-template.rb'
+require './system/disable-registration.rb'
+require './system/enable-registration.rb'
 require './system/get-stats.rb'

tests/system/disable-registration.rb

@@ -0,0 +1,43 @@
+describe'/system/disable-registration' do
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
+
+    it 'should not disable registration if password is not correct' do
+        result= request('/system/disable-registration', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            password: 'hello'
+        })
+
+        (result['status']).should.equal('fail')
+
+        row = $database.getRow('setting', 'registration', 'name')
+
+        (row['value']).should.equal('1')
+    end
+
+    it 'should disable registration' do
+        result= request('/system/disable-registration', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            password: $staff[:password]
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('setting', 'registration', 'name')
+
+        (row['value']).should.equal('0')
+    end
+
+    it 'should not create user in database if registration is false' do
+        response = request('/user/signup', {
+          :name => 'ponzio',
+          :email => 'jc@ponziolandia.com',
+          :password => 'tequila'
+        })
+
+        (response['status']).should.equal('fail')
+
+    end
+end

tests/system/enable-registration.rb

@@ -0,0 +1,33 @@
+describe'/system/enable-registration' do
+    request('/user/logout')
+    Scripts.login($staff[:email], $staff[:password], true)
+
+    it 'should not enable registration if password is not correct' do
+        result= request('/system/enable-registration', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            password: 'hello'
+        })
+
+        (result['status']).should.equal('fail')
+
+        row = $database.getRow('setting', 'registration', 'name')
+
+        (row['value']).should.equal('0')
+    end
+
+    it 'should enable registration' do
+        result= request('/system/enable-registration', {
+            csrf_userid: $csrf_userid,
+            csrf_token: $csrf_token,
+            password: $staff[:password]
+        })
+
+        (result['status']).should.equal('success')
+
+        row = $database.getRow('setting', 'registration', 'name')
+
+        (row['value']).should.equal('1')
+    end
+
+end