[platal.git] / classes / user.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2009 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class User extends PlUser
{
    // Implementation of the login to uid method.
    protected function getLogin($login)
    {
        global $globals;

        if (!$login) {
            throw new UserNotFoundException();
        }

        // If $data is an integer, fetches directly the result.
        if (is_numeric($login)) {
            $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login);
            if ($res->numRows()) {
                return $res->fetchOneCell();
            }

            throw new UserNotFoundException();
        }

        // Checks whether $login is a valid hruid or not.
        $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE hruid = {?}", $login);
        if ($res->numRows()) {
            return $res->fetchOneCell();
        }

        // From now, $login can only by an email alias, or an email redirection.
        // If it doesn't look like a valid address, appends the plat/al's main domain.
        $login = trim(strtolower($login));
        if (strstr($login, '@') === false) {
            $login = $login . '@' . $globals->mail->domain;
        }

        // Checks if $login is a valid alias on the main domains.
        list($mbox, $fqdn) = explode('@', $login);
        if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
            $res = XDB::query("SELECT  u.user_id
                                 FROM  auth_user_md5 AS u
                           INNER JOIN  aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
                                WHERE  a.alias = {?}", $mbox);
            if ($res->numRows()) {
                return $res->fetchOneCell();
            }

            if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
                $res = XDB::query("SELECT  u.user_id
                                     FROM  auth_user_md5 AS u
                               INNER JOIN  aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
                                    WHERE  a.alias = {?} AND u.promo = {?}", $matches[1], $matches[2]);
                if ($res->numRows() == 1) {
                    return $res->fetchOneCell();
                }
            }

            throw new UserNotFoundException();
        }

        // Looks for $login as an email alias from the dedicated alias domain.
        if ($fqdn == $globals->mail->alias_dom || $fqdn == $globals->mail->alias_dom2) {
            $res = XDB::query("SELECT  redirect
                                 FROM  virtual_redirect
                           INNER JOIN  virtual USING(vid)
                                WHERE  alias = {?}", $mbox . '@' . $globals->mail->alias_dom);
            if ($redir = $res->fetchOneCell()) {
                // We now have a valid alias, which has to be translated to an hruid.
                list($alias, $alias_fqdn) = explode('@', $redir);
                $res = XDB::query("SELECT  u.user_id
                                     FROM  auth_user_md5 AS u
                                LEFT JOIN  aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
                                    WHERE  a.alias = {?}", $alias);
                if ($res->numRows()) {
                    return $res->fetchOneCell();
                }
            }

            throw new UserNotFoundException();
        }

        // Otherwise, we do suppose $login is an email redirection.
        $res = XDB::query("SELECT  u.user_id
                             FROM  auth_user_md5 AS u
                        LEFT JOIN  emails AS e ON (e.uid = u.user_id)
                            WHERE  e.email = {?}", $login);
        if ($res->numRows() == 1) {
            return $res->fetchOneCell();
        }

        throw new UserNotFoundException($res->fetchColumn(1));
    }

    // Implementation of the data loader.
    protected function loadMainFields()
    {
        if ($this->hruid !== null && $this->forlife !== null
            && $this->bestalias !== null && $this->display_name !== null
            && $this->full_name !== null && $this->promo !== null && $this->perms !== null
            && $this->gender !== null && $this->email_format !== null) {
            return;
        }

        global $globals;
        $res = XDB::query("SELECT  u.hruid, u.promo,
                                   CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
                                   CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
                                   CONCAT(u.prenom, ' ', IF(u.nom_usage <> '', u.nom_usage, u.nom)) AS full_name,
                                   IF(u.prenom != '', u.prenom, u.nom) AS display_name,
                                   FIND_IN_SET('femme', u.flags) AS gender,
                                   q.core_mail_fmt AS email_format,
                                   u.perms
                             FROM  auth_user_md5 AS u
                        LEFT JOIN  auth_user_quick AS q ON (q.user_id = u.user_id)
                        LEFT JOIN  aliases AS af ON (af.id = u.user_id AND af.type = 'a_vie')
                        LEFT JOIN  aliases AS ab ON (ab.id = u.user_id AND FIND_IN_SET('bestalias', ab.flags))
                            WHERE  u.user_id = {?}", $this->user_id);
        $this->fillFromArray($res->fetchOneAssoc());
    }

    // Specialization of the fillFromArray method, to implement hacks to enable
    // lazy loading of user's main properties from the session.
    // TODO(vzanotti): remove the conversion hacks once the old codebase will
    // stop being used actively.
    protected function fillFromArray(array $values)
    {
        // It might happen that the 'user_id' field is called uid in some places
        // (eg. in sessions), so we hard link uid to user_id to prevent useless
        // SQL requests.
        if (!isset($values['user_id']) && isset($values['uid'])) {
            $values['user_id'] = $values['uid'];
        }

        // Also, if display_name and full_name are not known, but the user's
        // surname and last name are, we can construct the former two.
        if (isset($values['prenom']) && isset($values['nom'])) {
            if (!isset($values['display_name'])) {
                $values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']);
            }
            if (!isset($values['full_name'])) {
                $values['full_name'] = $values['prenom'] . ' ' . $values['nom'];
            }
        }

        // We also need to convert the gender (usually named "femme"), and the
        // email format parameter (valued "texte" instead of "text").
        if (isset($values['femme'])) {
            $values['gender'] = (bool) $values['femme'];
        }
        if (isset($values['mail_fmt'])) {
            $values['email_format'] = $values['mail_fmt'];
        }
        if (isset($values['email_format'])) {
            $values['email_format'] = ($values['email_format'] ? self::FORMAT_HTML : self::FORMAT_TEXT);
        }

        parent::fillFromArray($values);
    }

    // Specialization of the buildPerms method
    // This function build 'generic' permissions for the user. It does not take
    // into account page specific permissions (e.g X.net group permissions)
    protected function buildPerms()
    {
        if (!is_null($this->perm_flags)) {
            return;
        }
        if ($this->perms === null) {
             $this->loadMainFields();
        }
        $this->perm_flags = self::makePerms($this->perms);
    }

    // Return the password of the user
    public function password()
    {
        return XDB::fetchOneCell('SELECT  u.password
                                    FROM  auth_user_md5 AS u
                                   WHERE  u.user_id = {?}', $this->id());
    }

    // Return permission flags for a given permission level.
    public static function makePerms($perms)
    {
        $flags = new PlFlagSet();
        if (is_null($flags) || $perms == 'disabled' || $perms == 'ext') {
            return $flags;
        }
        $flags->addFlag(PERMS_USER);
        if ($perms == 'admin') {
            $flags->addFlag(PERMS_ADMIN);
        }
        return $flags;
    }

    // Implementation of the default user callback.
    public static function _default_user_callback($login, $results)
    {
        $result_count = count($results);
        if ($result_count == 0 || !S::has_perms()) {
            Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
        } else {
            Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
        }
    }

    // Implementation of the static email locality checker.
    public static function isForeignEmailAddress($email)
    {
        global $globals;
        if (strpos($email, '@') === false) {
            return false;
        }

        list($user, $dom) = explode('@', $email);
        return $dom != $globals->mail->domain &&
               $dom != $globals->mail->domain2 &&
               $dom != $globals->mail->alias_dom &&
               $dom != $globals->mail->alias_dom2;
    }
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
9f8ebb9f VZ	1	<?php
9f8ebb9f VZ	2	/***************************************************************************
8d84c630	3	* Copyright (C) 2003-2009 Polytechnique.org *
9f8ebb9f VZ	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
2d96cf7b	22	class User extends PlUser
9f8ebb9f	23	{
70232020	24	// Implementation of the login to uid method.
b1719b13 VZ	25	protected function getLogin($login)
	26	{
	27	global $globals;
	28
f6c58d14 VZ	29	if (!$login) {
	30	throw new UserNotFoundException();
	31	}
	32
b1719b13 VZ	33	// If $data is an integer, fetches directly the result.
b1719b13 VZ	34	if (is_numeric($login)) {
70232020	35	$res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login);
b1719b13	36	if ($res->numRows()) {
70232020	37	return $res->fetchOneCell();
b1719b13 VZ	38	}
	39
	40	throw new UserNotFoundException();
	41	}
	42
	43	// Checks whether $login is a valid hruid or not.
70232020	44	$res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE hruid = {?}", $login);
b1719b13	45	if ($res->numRows()) {
70232020	46	return $res->fetchOneCell();
b1719b13 VZ	47	}
	48
	49	// From now, $login can only by an email alias, or an email redirection.
	50	// If it doesn't look like a valid address, appends the plat/al's main domain.
	51	$login = trim(strtolower($login));
	52	if (strstr($login, '@') === false) {
	53	$login = $login . '@' . $globals->mail->domain;
	54	}
	55
	56	// Checks if $login is a valid alias on the main domains.
	57	list($mbox, $fqdn) = explode('@', $login);
	58	if ($fqdn == $globals->mail->domain \|\| $fqdn == $globals->mail->domain2) {
70232020	59	$res = XDB::query("SELECT u.user_id
b1719b13 VZ	60	FROM auth_user_md5 AS u
	61	INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
	62	WHERE a.alias = {?}", $mbox);
	63	if ($res->numRows()) {
70232020	64	return $res->fetchOneCell();
b1719b13 VZ	65	}
	66
	67	if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
70232020	68	$res = XDB::query("SELECT u.user_id
b1719b13 VZ	69	FROM auth_user_md5 AS u
	70	INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
	71	WHERE a.alias = {?} AND u.promo = {?}", $matches[1], $matches[2]);
	72	if ($res->numRows() == 1) {
70232020	73	return $res->fetchOneCell();
b1719b13 VZ	74	}
	75	}
	76
	77	throw new UserNotFoundException();
	78	}
	79
	80	// Looks for $login as an email alias from the dedicated alias domain.
	81	if ($fqdn == $globals->mail->alias_dom \|\| $fqdn == $globals->mail->alias_dom2) {
	82	$res = XDB::query("SELECT redirect
	83	FROM virtual_redirect
	84	INNER JOIN virtual USING(vid)
	85	WHERE alias = {?}", $mbox . '@' . $globals->mail->alias_dom);
	86	if ($redir = $res->fetchOneCell()) {
	87	// We now have a valid alias, which has to be translated to an hruid.
	88	list($alias, $alias_fqdn) = explode('@', $redir);
70232020	89	$res = XDB::query("SELECT u.user_id
b1719b13 VZ	90	FROM auth_user_md5 AS u
	91	LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie'))
	92	WHERE a.alias = {?}", $alias);
	93	if ($res->numRows()) {
70232020	94	return $res->fetchOneCell();
b1719b13 VZ	95	}
	96	}
	97
	98	throw new UserNotFoundException();
	99	}
	100
	101	// Otherwise, we do suppose $login is an email redirection.
70232020	102	$res = XDB::query("SELECT u.user_id
b1719b13 VZ	103	FROM auth_user_md5 AS u
	104	LEFT JOIN emails AS e ON (e.uid = u.user_id)
	105	WHERE e.email = {?}", $login);
	106	if ($res->numRows() == 1) {
70232020	107	return $res->fetchOneCell();
b1719b13 VZ	108	}
	109
	110	throw new UserNotFoundException($res->fetchColumn(1));
	111	}
	112
70232020 VZ	113	// Implementation of the data loader.
	114	protected function loadMainFields()
	115	{
c4012d9b VZ	116	if ($this->hruid !== null && $this->forlife !== null
	117	&& $this->bestalias !== null && $this->display_name !== null
	118	&& $this->full_name !== null && $this->promo !== null && $this->perms !== null
	119	&& $this->gender !== null && $this->email_format !== null) {
70232020 VZ	120	return;
	121	}
	122
	123	global $globals;
	124	$res = XDB::query("SELECT u.hruid, u.promo,
	125	CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
	126	CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
77057a5c	127	CONCAT(u.prenom, ' ', IF(u.nom_usage <> '', u.nom_usage, u.nom)) AS full_name,
50d5ec0b	128	IF(u.prenom != '', u.prenom, u.nom) AS display_name,
c4012d9b VZ	129	FIND_IN_SET('femme', u.flags) AS gender,
c4012d9b VZ	130	q.core_mail_fmt AS email_format,
50d5ec0b	131	u.perms
70232020	132	FROM auth_user_md5 AS u
c4012d9b	133	LEFT JOIN auth_user_quick AS q ON (q.user_id = u.user_id)
70232020 VZ	134	LEFT JOIN aliases AS af ON (af.id = u.user_id AND af.type = 'a_vie')
	135	LEFT JOIN aliases AS ab ON (ab.id = u.user_id AND FIND_IN_SET('bestalias', ab.flags))
	136	WHERE u.user_id = {?}", $this->user_id);
	137	$this->fillFromArray($res->fetchOneAssoc());
	138	}
	139
	140	// Specialization of the fillFromArray method, to implement hacks to enable
	141	// lazy loading of user's main properties from the session.
c4012d9b VZ	142	// TODO(vzanotti): remove the conversion hacks once the old codebase will
c4012d9b VZ	143	// stop being used actively.
70232020 VZ	144	protected function fillFromArray(array $values)
	145	{
	146	// It might happen that the 'user_id' field is called uid in some places
	147	// (eg. in sessions), so we hard link uid to user_id to prevent useless
	148	// SQL requests.
	149	if (!isset($values['user_id']) && isset($values['uid'])) {
	150	$values['user_id'] = $values['uid'];
	151	}
	152
	153	// Also, if display_name and full_name are not known, but the user's
	154	// surname and last name are, we can construct the former two.
	155	if (isset($values['prenom']) && isset($values['nom'])) {
	156	if (!isset($values['display_name'])) {
	157	$values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']);
	158	}
	159	if (!isset($values['full_name'])) {
	160	$values['full_name'] = $values['prenom'] . ' ' . $values['nom'];
	161	}
	162	}
	163
c4012d9b VZ	164	// We also need to convert the gender (usually named "femme"), and the
	165	// email format parameter (valued "texte" instead of "text").
	166	if (isset($values['femme'])) {
	167	$values['gender'] = (bool) $values['femme'];
	168	}
	169	if (isset($values['mail_fmt'])) {
	170	$values['email_format'] = $values['mail_fmt'];
	171	}
	172	if (isset($values['email_format'])) {
	173	$values['email_format'] = ($values['email_format'] ? self::FORMAT_HTML : self::FORMAT_TEXT);
	174	}
	175
70232020 VZ	176	parent::fillFromArray($values);
	177	}
	178
50d5ec0b FB	179	// Specialization of the buildPerms method
	180	// This function build 'generic' permissions for the user. It does not take
	181	// into account page specific permissions (e.g X.net group permissions)
	182	protected function buildPerms()
	183	{
	184	if (!is_null($this->perm_flags)) {
	185	return;
	186	}
	187	if ($this->perms === null) {
	188	$this->loadMainFields();
	189	}
	190	$this->perm_flags = self::makePerms($this->perms);
	191	}
	192
d69477d3 FB	193	// Return the password of the user
	194	public function password()
	195	{
	196	return XDB::fetchOneCell('SELECT u.password
	197	FROM auth_user_md5 AS u
	198	WHERE u.user_id = {?}', $this->id());
	199	}
	200
50d5ec0b FB	201	// Return permission flags for a given permission level.
	202	public static function makePerms($perms)
	203	{
	204	$flags = new PlFlagSet();
	205	if (is_null($flags) \|\| $perms == 'disabled' \|\| $perms == 'ext') {
	206	return $flags;
	207	}
	208	$flags->addFlag(PERMS_USER);
	209	if ($perms == 'admin') {
	210	$flags->addFlag(PERMS_ADMIN);
	211	}
	212	return $flags;
	213	}
	214
b1719b13 VZ	215	// Implementation of the default user callback.
	216	public static function _default_user_callback($login, $results)
	217	{
b1719b13 VZ	218	$result_count = count($results);
b1719b13 VZ	219	if ($result_count == 0 \|\| !S::has_perms()) {
70232020	220	Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
b1719b13	221	} else {
70232020	222	Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
b1719b13 VZ	223	}
b1719b13 VZ	224	}
70232020 VZ	225
	226	// Implementation of the static email locality checker.
	227	public static function isForeignEmailAddress($email)
	228	{
	229	global $globals;
	230	if (strpos($email, '@') === false) {
	231	return false;
	232	}
	233
	234	list($user, $dom) = explode('@', $email);
	235	return $dom != $globals->mail->domain &&
	236	$dom != $globals->mail->domain2 &&
	237	$dom != $globals->mail->alias_dom &&
	238	$dom != $globals->mail->alias_dom2;
	239	}
9f8ebb9f VZ	240	}
	241
	242	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
	243	?>