Newer
Older
<?php
* Copyright Maarch since 2008 under licence GPLv3.
* See LICENCE.txt file at the root folder for more details.
* This file is part of Maarch software.
* @brief Contains the controler of the user object (create, save, modify)
* @file
* @author Claire Figueras <dev@maarch.org>
* @date $date$
* @version $Revision$
* @ingroup core
*/
try {
require_once 'core/core_tables.php' ;
require_once 'core/class/users.php' ;
require_once 'core/class/ObjectControlerAbstract.php';
require_once 'core/class/ObjectControlerIF.php';
require_once 'core/class/class_history.php';
require_once('core' . DIRECTORY_SEPARATOR . 'class'
. DIRECTORY_SEPARATOR . 'class_security.php');
} catch (Exception $e) {
functions::xecho($e->getMessage()) . ' // ';
}
* <li>Get an user object from an id</li>
* <li>Manage the operation on the users related tables in the database
* (insert, select, update, delete)</li>
class users_controler extends ObjectControler implements ObjectControlerIF
{
/**
* Returns an user object based on a user identifier
*
* @param $userId string User identifier
* @param $compWhere string where clause arguments
* @return user object with properties from the database or null
*/
self::set_foolish_ids(array('user_id', 'docserver_location_id'));
self::set_specific_id('user_id');
/**
* Returns an user object based on a user identifier with PDO
*
* @param $userId string User identifier
* @param $compWhere string where clause arguments
* (must begin with and or or)
* @return user object with properties from the database or null
*/
public function getWithComp($userId, $compWhere='', $params=array())
{
self::set_foolish_ids(array('user_id', 'docserver_location_id'));
self::set_specific_id('user_id');
$user = self::advanced_getWithComp($userId, USERS_TABLE, $compWhere, $params);
if (isset($user)
&& ($user->__get('status') == 'OK'
|| $user->__get('status') == 'ABS')
) {
return $user;
} else {
return null;
}
}
* Returns in an array all the groups associated with a user (user_id,
* @return Array or null
*/
$groups = array();
$userUse = \User\models\UserModel::getByLogin(['login' => $userId, 'select' => ['id']]);
$query = 'select u.group_id, uc.role from usergroup_content uc, usergroups u where uc.user_id = ? and uc.group_id = u.id ';
$stmt = self::$db->query($query, array($userUse['id']));
} catch (Exception $e) {
echo _NO_USER_WITH_ID.' '.functions::xssafe($userId).' // ';
return $groups;
}
/**
* Saves in the database a user object
*
* @param $user user object to be saved
* 'GROUP_ID' => Group identifier,
* 'LABEL' => Group label,
* 'PRIMARY' => Y / N (Is the group,
* 'ROLE' => User role in the group (string)
* )
* @param $mode Mode (add or up)
* array('modules_services' => $_SESSION['modules_services']
* type array,
* 'log_user_add' => 'true' / 'false': log user addition,
* 'databasetype' => Type of the database,
* 'userdefaultpassword' => Default password for user,
* 'manageGroups' => If true manage groups for the user
* )
* @return array ( 'status' => 'ok' / 'ko',
* 'value' => User identifier or empty in case of error,
* 'error' => Error message, defined only in case of error
public function save($user, $groups=array(), $mode='', $params=array())
$control = array();
// If user not defined or empty, return an error
'error' => _USER_EMPTY,
return $control;
}
// If mode not up or add, return an error
if (! isset($mode) || empty($mode)
|| ($mode <> 'add' && $mode <> 'up')
return $control;
}
self::set_foolish_ids(array('user_id', 'docserver_location_id'));
self::set_specific_id('user_id');
// Data checks
$control = self::_control($user, $groups, $mode, $params);
if ($control['status'] == 'ok') {
$_SESSION['service_tag'] = 'user_' . $mode;
$params['modules_services'],
'users_add_db',
'include'
//Update existing user
$history = new history();
USERS_TABLE,
$user->user_id,
'UP',
'usersup',
}
} else {
} else { //mode == add
if (self::_insert($user)) {
$control = array(
$history = new history();
USERS_TABLE,
$user->user_id,
'ADD',
'usersadd',
}
} else {
}
}
}
unset($_SESSION['service_tag']);
return $control;
}
/**
* Fill a user object with an object if it's not a user
*
* @param $object ws users object
* @return object users
*/
$func = new functions();
$userObject = new users();
$array = array();
$array = $func->object2array($object);
}
return $userObject;
} else {
return $object;
}
}
/**
*
* @param $user user object
* 'GROUP_ID' => Group identifier,
* 'LABEL' => Group label,
* 'PRIMARY' => Y / N (Is the group, the primary
* 'ROLE' => User role in the group (string)
* )
* @param $mode Mode (add or up)
* array('modules_services' => $_SESSION['modules_services']
* type array,
* 'log_user_up' => 'true' / 'false': log user
* 'log_user_add' => 'true' / 'false': log user
* 'databasetype' => Type of the database
* 'userdefaultpassword' => Default password for user,
* 'manageGroups' => If true manage groups for the user
* )
* @return array ( 'status' => 'ok' / 'ko',
* 'value' => User identifier or empty in case of error,
* 'error' => Error message, defined only in case of error
$error = "";
$f = new functions();
if (strpos($user->user_id, "'") !== false) {
$error .= _USER_ID . ' '._WRONG_FORMAT . '#';
}
$user->user_id = $f->wash($user->user_id, 'no', _THE_ID, 'yes', 0, 128);
$sec = new security();
$user->password = $sec->getPasswordHash($params['userdefaultpassword']);
$error .= _USER . ' ' . _ALREADY_EXISTS;
if (self::userDeleted($user->user_id)) {
$url = "'".$_SESSION['config']['businessappurl']."index.php?admin=users&page=users_management_controler&mode=up&reactivate=true'";
$error .= _ALREADY_CREATED_AND_DELETED . '. ';
$_SESSION['reactivateUser'] = '<input class="button" style="cursor:pointer;text-align: center" onclick="document.getElementById(\'frmuser\').action ='.$url.';document.getElementById(\'user_submit\').click();" value="' . _REACTIVATE .' ?">';
$user->firstname = $f->wash($user->firstname, 'no', _THE_FIRSTNAME, 'yes', 0, 255);
$user->lastname = $f->wash($user->lastname, 'no', _THE_LASTNAME, 'yes', 0, 255);
$user->department = $f->wash($user->department, 'no', _DEPARTMENT, 'yes', 0, 50);
$user->phone = $f->wash($user->phone, 'no', _PHONE, 'yes', 0, 32);
$user->loginmode = $f->wash($user->loginmode, 'no', _LOGIN_MODE, 'yes', 0, 50);
$user->mail = $f->wash($user->mail, 'mail', _MAIL, 'yes', 0, 255);
$_SESSION['service_tag'] = 'user_check';
$params['modules_services'],
'user_check',
'include'
$error .= $_SESSION['error'];
//TODO:rewrite wash to return errors without html and not in the session
$error = str_replace("<br />", "#", $error);
$return = array();
}
unset($_SESSION['service_tag']);
return $return;
*
* @param $user user object
* @return bool true if the insertion is complete, false otherwise
*/
return self::advanced_insert($user);
}
/**
* Updates a user in the database (users table) with a user object
*
* @param $user user object
* @return bool true if the update is complete, false otherwise
*/
return self::advanced_update($user);
}
public function delete($user, $params = array())
}
/**
* Asserts if a given user (user_id) exists in the database
*
* @return bool true if the user exists, false otherwise
*/
$query = 'select user_id from ' . USERS_TABLE . " where user_id = ? and status<>'DEL'";
} catch (Exception $e) {
echo _UNKNOWN . ' ' . _USER . ' ' . functions::xssafe($userId) . ' // ';
if ($stmt->rowCount() > 0) {
return true;
}
return false;
}
/**
* Disables a given user
*
* @param $user user object
* @return bool true if the disabling is complete, false otherwise
*/
}
/**
* Enables a given user
*
* @param $user user object
* @return bool true if the enabling is complete, false otherwise
*/
/**
* Asserts if a given user (user_id) is deleted in the database
*
* @param $userId String User identifier
* @return bool true if the user is deleted, false otherwise
*/
public function userDeleted($userId)
{
if (! isset($userId) || empty($userId)) {
return false;
}
$query = 'select user_id from ' . USERS_TABLE . " where lower(user_id) = lower(?) and status = 'DEL'";
try {
$stmt = self::$db->query($query, array($userId));
} catch (Exception $e) {
echo _UNKNOWN . ' ' . _USER . ' ' . functions::xssafe($userId) . ' // ';
return false;
}
/**
* Reactivate a given user
*
* @param $user user object
* @return bool true if activate is complete, false otherwise
*/
public function reactivate($user)
{
$user = self::_isAUser($user);
self::set_foolish_ids(array('user_id', 'docserver_location_id'));
self::set_specific_id('user_id');
if (self::advanced_reactivate($user)) {
self::$db = new Database();
$query = "update users set user_id = ? where lower(user_id)=lower(?)";
$stmt = self::$db->query($query, array($user->user_id, $user->user_id));
} else {
return false;
/**
* Returns in an array all the entities associated with a user (user_id,
* entity_id, primary and role)
*
* @param $userId string User identifier
* @return Array or null
*/
public function getEntities($userId)
{
$entities = array();
if (empty($userId)) {
return null;
}
$func = new functions();
$query = "SELECT ue.entity_id, ue.user_role, ue.primary_entity
FROM users_entities ue, entities e
WHERE ue.user_id = ? and e.enabled = 'Y' and e.entity_id = ue.entity_id
ORDER BY primary_entity desc";
// set primary entity to the first row
try {
$stmt = self::$db->query($query, array($userId));
} catch (Exception $e) {
echo _NO_USER_WITH_ID.' '.functions::xssafe($userId).' // ';
$entities,
array(
'USER_ID' => $userId,
'ENTITY_ID' => $res->entity_id,
'PRIMARY' => $res->primary_entity,
'ROLE' => $res->user_role,
)
);
}