DAR-10: client subscription

application/classes/Controller/Layout.php

@@ -36,11 +36,11 @@ class Controller_Layout extends Controller {
   {
     if ($this->auto_render)
     {
-      if (!empty($this->controls))
+      if (!empty($this->controls) && empty($this->template->controls))
       {
         $this->template->controls = $this->controls;
       }
-      $renderer = Kostache_Layout::factory('layout');
+      $renderer = Kostache_Layout::factory($this->template->_layout);
       $this->response->body($renderer->render($this->template, $this->template->_view));
     }
     if ($this->is_private)

application/classes/Controller/Subscription.php

@@ -64,10 +64,61 @@ class Controller_Subscription extends Controller_Layout {
     }
   }
 
+  public function action_subscribe()
+  {
+    $this->template = new View_Subscription_Subscribe;
+    $id = $this->request->param('id');
+    $subscription = ORM::factory('Subscription', $id);
+    if (!$subscription->loaded())
+    {
+      $this->redirect('error/404');
+    }
+    $this->template->title = __('Subscribe to ').$subscription->title;
+    $controls = array(
+      'name' => 'input',
+      'email' => 'input'
+    );
+    $this->template->controls = $controls;
+    $this->template->errors = array();
+    
+    if ($this->request->method() === HTTP_Request::POST) {
+      $model = ORM::factory('Client')->where('email', '=', $this->request->post('email'))->find();
+      if (!$model->loaded())
+      {
+        $model = ORM::factory('Client');
+      }
+      $model->values($this->request->post(), array_keys($controls));
+      $model->customize();
+      $validation = $model->validate_create($this->request->post());
+      try
+      {
+        if ($validation->check())
+        {
+          $model->save();
+          $model->add('subscription', $subscription);
+          // TODO: send welcome letter
+        }
+        else
+        {
+          $this->template->errors = $validation->errors('default');
+        }
+      }
+      catch (ORM_Validation_Exception $e)
+      {
+        $this->template->errors = $e->errors('default');
+      }
+      if (empty($this->template->errors))
+      {
+        Session::instance()->set('flash_success', __('You were subscribed. A welcome email has been sent to you. Please check your inbox.'));
+      }
+    }
+    $this->template->model = $model;
+  }
+
   /**
    * Edit or create model.
    **/
-  protected function _edit($model)
+  protected function _edit($model, $controls = NULL)
   {
     if (!($model instanceof ORM))
     {
@@ -75,11 +126,15 @@ class Controller_Subscription extends Controller_Layout {
       $this->redirect('error/500');
     }
     $this->template->errors = array();
+    if (is_null($controls))
+    {
+      $controls = $this->controls;
+    }
     
     if ($this->request->method() === HTTP_Request::POST) {
-      $model->values($this->request->post(), array_keys($this->controls));
+      $model->values($this->request->post(), array_keys($controls));
-      $validation = $model->validate_create($this->request->post());
       $model->customize();
+      $validation = $model->validate_create($this->request->post());
       try
       {
         if ($validation->check())

application/classes/Form.php

@@ -49,7 +49,7 @@ class Form extends Kohana_Form {
     $template->value = $model->$name;
     return self::render_control($template);
   }
-  public static function input($name, $value = NULL, array $attributes = NULL)
+  public static function textinput($name, $value = NULL, array $attributes = NULL)
   {
     $template = new View_Form_Input;
     $template->name = $name;

application/classes/Model/Client.php

@@ -6,8 +6,11 @@
  * @author Oreolek
  **/
 class Model_Client extends ORM {
-  protected $has_many = array(
+  protected $_has_many = array(
-    'subscription'
+    'subscription' => array(
+      'model' => 'Subscription',
+      'through' => 'clients_subscriptions'
+    )
   );
   
   /**
@@ -25,10 +28,6 @@ class Model_Client extends ORM {
 				array('not_empty'),
 				array('min_length', array(':value', 5)),
       ),
-      'token' => array(
-				array('not_empty'),
-        array('numeric')
-      )
 		);
 	}
 
@@ -42,5 +41,9 @@ class Model_Client extends ORM {
     'token' => 'Subscription token'
   );
 
+  public function customize()
+  {
+    $this->token = base64_encode(openssl_random_pseudo_bytes(32));
+  }
 
 }

application/classes/Model/Subscription.php

@@ -7,6 +7,12 @@
  * @author Oreolek
  **/
 class Model_Subscription extends ORM {
+  protected $_has_many = array(
+    'client' => array(
+      'model' => 'Client',
+      'through' => 'clients_subscriptions'
+    )
+  );
 
   /**
    * @return array validation rules

application/classes/ORM.php

@@ -22,6 +22,14 @@ class ORM extends Kohana_ORM {
     foreach ($rules as $field => $rules)
     {
       $validation->rules($field, $rules);
+    }
+    // check CSRF token
+    if (array_key_exists('csrf', $post_data))
+    {
+      $validation->rules('csrf', array(
+        array('not_empty'),
+        array('Security::check')
+      ));
     }
 		return $validation;
 	}

application/classes/View/Edit.php

@@ -56,10 +56,11 @@ class View_Edit extends View_Layout {
           $input = Form::textarea($key, $value['value']);
           break;
         default:
-          $input = Form::input($key,$value['value']);
+          $input = Form::textinput($key,$value['value']);
       }
       $output .= $input.'</div>';
     }
+    $output .= Form::hidden('csrf', Security::token());
     $output .= Form::btn_submit('Отправить');
     return $output;
   }

application/classes/View/Layout.php

@@ -5,6 +5,7 @@
  **/
 class View_Layout {
   public $_view = NULL;
+  public $_layout = 'layout';
   public $title = '';
   public $scripts = array();
   public $base_scripts = array(
@@ -68,7 +69,6 @@ class View_Layout {
   {
     $result = array();
     $navigation = array(
-      __('Subscriptions') => 'subscription/index',
     );
     if (!Auth::instance()->logged_in())
     {
@@ -77,6 +77,7 @@ class View_Layout {
     else
     {
       $navigation = array_merge($navigation, array(
+        __('Subscriptions') => 'subscription/index',
         'Клиенты' => 'clients/index',
         'Поиск клиентов' => 'clients/search',
       ));
@@ -101,4 +102,15 @@ class View_Layout {
     }
     return $result;
   }
+
+  public function flashes()
+  {
+    $session = Session::instance();
+    return array(
+      'info' => $session->get_once('flash_info'),
+      'success' => $session->get_once('flash_success'),
+      'error' => $session->get_once('flash_error'),
+      'warning' => $session->get_once('flash_warning'),
+    );
+  }
 }

application/classes/View/Subscription/Subscribe.php

@@ -0,0 +1,8 @@
+<?php defined('SYSPATH') or die('No direct script access.');
+
+/**
+ * Subscription form view controller
+ **/
+class View_Subscription_Subscribe extends View_Edit {
+  public $_layout = 'empty';
+}

application/i18n/ru.php

@@ -24,5 +24,8 @@ return array(
   'New subscription' => 'Новая рассылка',
   'Subscription index' => 'Все рассылки',
   'Delete subscription' => 'Удалить рассылку',
-  'Edit subscription' => 'Редактировать рассылку'
+  'Edit subscription' => 'Редактировать рассылку',
+  'Subscribe to ' => 'Подписка на ',
+  'Name' => 'Имя',
+  'You were subscribed. A welcome email has been sent to you. Please check your inbox.' => 'Вы были подписаны. Вам было выслано вступительное письмо; пожалуйста, проверьте входящие сообщения.'
 );

application/templates/empty.mustache

@@ -0,0 +1,33 @@
+<!doctype html>
+<html lang="ru">
+  <head>
+    <title>{{title}}</title>
+    <meta charset="utf-8">
+    <meta content="width=device-width, initial-scale=1" name="viewport">
+    <link href='{{favicon}}' rel='shortcut icon' type='image/x-icon'/>
+    {{{stylesheet}}}
+   </head>
+  <body>
+    <div class="container">
+      <div class = "main_content">
+        <h2>{{title}}</h2>
+      {{#flashes}}
+        {{#info}}
+          <div class="alert alert-info">{{.}}</div>
+        {{/info}}
+        {{#error}}
+          <div class="alert alert-danger">{{.}}</div>
+        {{/error}}
+        {{#warning}}
+          <div class="alert alert-warning">{{.}}</div>
+        {{/warning}}
+        {{#success}}
+          <div class="alert alert-success">{{.}}</div>
+        {{/success}}
+      {{/flashes}}
+{{>content}}
+      </div>
+    </div>
+{{{scripts}}}
+  </body>
+</html>

application/templates/layout.mustache

@@ -39,6 +39,20 @@
       <a href="#" class="link_top hidden-xs"><i class="fa fa-angle-up">&nbsp;</i>Наверх</a>
       <div class = "main_content">
         <h2>{{title}}</h2>
+      {{#flashes}}
+        {{#info}}
+          <div class="alert alert-info">{{.}}</div>
+        {{/info}}
+        {{#error}}
+          <div class="alert alert-danger">{{.}}</div>
+        {{/error}}
+        {{#warning}}
+          <div class="alert alert-warning">{{.}}</div>
+        {{/warning}}
+        {{#success}}
+          <div class="alert alert-success">{{.}}</div>
+        {{/success}}
+      {{/flashes}}
 {{>content}}
       </div>
       <div class="paging">

application/templates/subscription/subscribe.mustache

@@ -0,0 +1,11 @@
+<form method="POST">
+{{#has_errors}}
+  <p class="message">При проверке формы были найдены ошибки:</p>
+  <ul class="errors">
+    {{#get_errors}}
+    <li>{{.}}</li>
+    {{/get_errors}}
+  </ul>
+{{/has_errors}}
+{{{get_controls}}}
+</form>