[platal.git] / classes / user.php

<?php
/***************************************************************************
 *  Copyright (C) 2003-2008 Polytechnique.org                              *
 *  http://opensource.polytechnique.org/                                   *
 *                                                                         *
 *  This program is free software; you can redistribute it and/or modify   *
 *  it under the terms of the GNU General Public License as published by   *
 *  the Free Software Foundation; either version 2 of the License, or      *
 *  (at your option) any later version.                                    *
 *                                                                         *
 *  This program is distributed in the hope that it will be useful,        *
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of         *
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the          *
 *  GNU General Public License for more details.                           *
 *                                                                         *
 *  You should have received a copy of the GNU General Public License      *
 *  along with this program; if not, write to the Free Software            *
 *  Foundation, Inc.,                                                      *
 *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
 ***************************************************************************/

class User extends PlUser
{
    private $_profile_fetched = false;
    private $_profile = null;

    // Implementation of the login to uid method.
    protected function getLogin($login)
    {
        global $globals;

        if ($login instanceof Profile) {
            $this->_profile = $login;
            $this->_profile_fetched = true;
            $res = XDB::query('SELECT  ap.uid
                                 FROM  account_profiles AS ap
                                WHERE  ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
                              $login->id());
            if ($res->numRows()) {
                return $res->fetchOneCell();
            }
            throw new UserNotFoundException();
        }

        // If $data is an integer, fetches directly the result.
        if (is_numeric($login)) {
            $res = XDB::query('SELECT  a.uid
                                 FROM  accounts AS a
                                WHERE  a.uid = {?}', $login);
            if ($res->numRows()) {
                return $res->fetchOneCell();
            }

            throw new UserNotFoundException();
        }

        // Checks whether $login is a valid hruid or not.
        $res = XDB::query('SELECT  a.uid
                             FROM  accounts AS a
                            WHERE  a.hruid = {?}', $login);
        if ($res->numRows()) {
            return $res->fetchOneCell();
        }

        // From now, $login can only by an email alias, or an email redirection.
        // If it doesn't look like a valid address, appends the plat/al's main domain.
        $login = trim(strtolower($login));
        if (strstr($login, '@') === false) {
            $login = $login . '@' . $globals->mail->domain;
        }

        // Checks if $login is a valid alias on the main domains.
        list($mbox, $fqdn) = explode('@', $login);
        if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
            $res = XDB::query('SELECT  a.uid
                                 FROM  accounts AS a
                           INNER JOIN  aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\'))
                                WHERE  al.alias = {?}', $mbox);
            if ($res->numRows()) {
                return $res->fetchOneCell();
            }

            /** TODO: implements this by inspecting the profile.
            if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
                $res = XDB::query('SELECT  a.uid
                                     FROM  accounts AS a
                               INNER JOIN  aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
                                    WHERE  al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]);
                if ($res->numRows() == 1) {
                    return $res->fetchOneCell();
                }
            }*/

            throw new UserNotFoundException();
        }

        // Looks for $login as an email alias from the dedicated alias domain.
        if ($fqdn == $globals->mail->alias_dom || $fqdn == $globals->mail->alias_dom2) {
            $res = XDB::query("SELECT  redirect
                                 FROM  virtual_redirect
                           INNER JOIN  virtual USING(vid)
                                WHERE  alias = {?}", $mbox . '@' . $globals->mail->alias_dom);
            if ($redir = $res->fetchOneCell()) {
                // We now have a valid alias, which has to be translated to an hruid.
                list($alias, $alias_fqdn) = explode('@', $redir);
                $res = XDB::query("SELECT  a.uid
                                     FROM  accounts AS a
                                LEFT JOIN  aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
                                    WHERE  al.alias = {?}", $alias);
                if ($res->numRows()) {
                    return $res->fetchOneCell();
                }
            }

            throw new UserNotFoundException();
        }

        // Otherwise, we do suppose $login is an email redirection.
        $res = XDB::query("SELECT  a.uid
                             FROM  accounts AS a
                        LEFT JOIN  emails AS e ON (e.uid = a.uid)
                            WHERE  e.email = {?}", $login);
        if ($res->numRows() == 1) {
            return $res->fetchOneCell();
        }

        throw new UserNotFoundException($res->fetchColumn(1));
    }

    // Implementation of the data loader.
    protected function loadMainFields()
    {
        if ($this->hruid !== null && $this->forlife !== null
            && $this->bestalias !== null && $this->display_name !== null
            && $this->full_name !== null && $this->promo !== null && $this->perms !== null
            && $this->gender !== null && $this->email_format !== null) {
            return;
        }

        global $globals;
        /** TODO: promo stuff again */
        /** TODO: fix perms field to fit new perms system */
        $res = XDB::query("SELECT  a.hruid, d.promo,
                                   CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
                                   CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
                                   a.full_name, a.display_name, a.sex = 'female' AS gender,
                                   IF(a.state = 'active', at.perms, '') AS perms,
                                   a.email_format, a.is_admin
                             FROM  accounts AS a
                       INNER JOIN  account_types AS at ON (at.type = a.type)
                       INNER JOIN  profile_display AS d ON (d.pid = a.uid)
                        LEFT JOIN  aliases AS af ON (af.id = a.uid AND af.type = 'a_vie')
                        LEFT JOIN  aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET('bestalias', ab.flags))
                            WHERE  a.uid = {?}", $this->user_id);
        $this->fillFromArray($res->fetchOneAssoc());
    }

    // Specialization of the fillFromArray method, to implement hacks to enable
    // lazy loading of user's main properties from the session.
    // TODO(vzanotti): remove the conversion hacks once the old codebase will
    // stop being used actively.
    protected function fillFromArray(array $values)
    {
        // It might happen that the 'user_id' field is called uid in some places
        // (eg. in sessions), so we hard link uid to user_id to prevent useless
        // SQL requests.
        if (!isset($values['user_id']) && isset($values['uid'])) {
            $values['user_id'] = $values['uid'];
        }

        // Also, if display_name and full_name are not known, but the user's
        // surname and last name are, we can construct the former two.
        if (isset($values['prenom']) && isset($values['nom'])) {
            if (!isset($values['display_name'])) {
                $values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']);
            }
            if (!isset($values['full_name'])) {
                $values['full_name'] = $values['prenom'] . ' ' . $values['nom'];
            }
        }

        // We also need to convert the gender (usually named "femme"), and the
        // email format parameter (valued "texte" instead of "text").
        if (isset($values['femme'])) {
            $values['gender'] = (bool) $values['femme'];
        }
        if (isset($values['mail_fmt'])) {
            $values['email_format'] = $values['mail_fmt'];
        }

        parent::fillFromArray($values);
    }

    // Specialization of the buildPerms method
    // This function build 'generic' permissions for the user. It does not take
    // into account page specific permissions (e.g X.net group permissions)
    protected function buildPerms()
    {
        if (!is_null($this->perm_flags)) {
            return;
        }
        if ($this->perms === null) {
             $this->loadMainFields();
        }
        $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
    }

    // We do not want to store the password in the object.
    // So, fetch it 'on demand'
    public function password()
    {
        return XDB::fetchOneCell('SELECT  a.password
                                    FROM  accounts AS a
                                   WHERE  a.uid = {?}', $this->id());
    }

    /** Return the main profile attached with this account if any.
     */
    public function profile()
    {
        if (!$this->_profile_fetched) {
            $this->_profile_fetched = true;
            $this->_profile = Profile::get($this);
        }
        return $this->_profile;
    }

    /** Return true if the user has an associated profile.
     */
    public function hasProfile()
    {
        return !is_null($this->profile());
    }

    /** Get the email alias of the user.
     */
    public function emailAlias()
    {
        global $globals;
        return  XDB::fetchOneCell("SELECT  v.alias
                                     FROM  virtual AS v
                               INNER JOIN  virtual_redirect AS vr ON (v.vid = vr.vid)
                                    WHERE  (vr.redirect = {?} OR vr.redirect = {?})
                                           AND alias LIKE '%@{$globals->mail->alias_dom}'",
                          $this->forlifeEmail(), $this->m4xForlifeEmail(), $this->id());
    }

    /** Get the alternative forlife email
     * TODO: remove this uber-ugly hack. The issue is that you need to remove
     * all @m4x.org addresses in virtual_redirect first.
     * XXX: This is juste to make code more readable, to be remove as soon as possible
     */
    public function m4xForlifeEmail()
    {
        global $globals;
        trigger_error('USING M4X FORLIFE', E_USER_NOTICE);
        return $this->login() . '@' . $globals->mail->domain2;
    }

    // Return permission flags for a given permission level.
    public static function makePerms($perms, $is_admin)
    {
        $flags = new PlFlagSet($perms);
        $flags->addFlag(PERMS_USER);
        if ($is_admin) {
            $flags->addFlag(PERMS_ADMIN);
        }
        return $flags;
    }

    // Implementation of the default user callback.
    public static function _default_user_callback($login, $results)
    {
        $result_count = count($results);
        if ($result_count == 0 || !S::has_perms()) {
            Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
        } else {
            Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
        }
    }

    // Implementation of the static email locality checker.
    public static function isForeignEmailAddress($email)
    {
        global $globals;
        if (strpos($email, '@') === false) {
            return false;
        }

        list($user, $dom) = explode('@', $email);
        return $dom != $globals->mail->domain &&
               $dom != $globals->mail->domain2 &&
               $dom != $globals->mail->alias_dom &&
               $dom != $globals->mail->alias_dom2;
    }
}

// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
?>
Commit	Line	Data
9f8ebb9f VZ	1	<?php
	2	/***************************************************************************
	3	* Copyright (C) 2003-2008 Polytechnique.org *
	4	* http://opensource.polytechnique.org/ *
	5	* *
	6	* This program is free software; you can redistribute it and/or modify *
	7	* it under the terms of the GNU General Public License as published by *
	8	* the Free Software Foundation; either version 2 of the License, or *
	9	* (at your option) any later version. *
	10	* *
	11	* This program is distributed in the hope that it will be useful, *
	12	* but WITHOUT ANY WARRANTY; without even the implied warranty of *
	13	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
	14	* GNU General Public License for more details. *
	15	* *
	16	* You should have received a copy of the GNU General Public License *
	17	* along with this program; if not, write to the Free Software *
	18	* Foundation, Inc., *
	19	* 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
	20	***************************************************************************/
	21
2d96cf7b	22	class User extends PlUser
9f8ebb9f	23	{
3e53a496 FB	24	private $_profile_fetched = false;
	25	private $_profile = null;
	26
70232020	27	// Implementation of the login to uid method.
b1719b13 VZ	28	protected function getLogin($login)
	29	{
	30	global $globals;
	31
e7b93962	32	if ($login instanceof Profile) {
3e53a496 FB	33	$this->_profile = $login;
3e53a496 FB	34	$this->_profile_fetched = true;
e7b93962 FB	35	$res = XDB::query('SELECT ap.uid
	36	FROM account_profiles AS ap
	37	WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
	38	$login->id());
	39	if ($res->numRows()) {
	40	return $res->fetchOneCell();
	41	}
	42	throw new UserNotFoundException();
	43	}
	44
b1719b13 VZ	45	// If $data is an integer, fetches directly the result.
b1719b13 VZ	46	if (is_numeric($login)) {
e7b93962 FB	47	$res = XDB::query('SELECT a.uid
	48	FROM accounts AS a
	49	WHERE a.uid = {?}', $login);
b1719b13	50	if ($res->numRows()) {
70232020	51	return $res->fetchOneCell();
b1719b13 VZ	52	}
	53
	54	throw new UserNotFoundException();
	55	}
	56
	57	// Checks whether $login is a valid hruid or not.
e7b93962 FB	58	$res = XDB::query('SELECT a.uid
	59	FROM accounts AS a
	60	WHERE a.hruid = {?}', $login);
b1719b13	61	if ($res->numRows()) {
70232020	62	return $res->fetchOneCell();
b1719b13 VZ	63	}
	64
	65	// From now, $login can only by an email alias, or an email redirection.
	66	// If it doesn't look like a valid address, appends the plat/al's main domain.
	67	$login = trim(strtolower($login));
	68	if (strstr($login, '@') === false) {
	69	$login = $login . '@' . $globals->mail->domain;
	70	}
	71
	72	// Checks if $login is a valid alias on the main domains.
	73	list($mbox, $fqdn) = explode('@', $login);
	74	if ($fqdn == $globals->mail->domain \|\| $fqdn == $globals->mail->domain2) {
e7b93962 FB	75	$res = XDB::query('SELECT a.uid
	76	FROM accounts AS a
	77	INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\'))
	78	WHERE al.alias = {?}', $mbox);
b1719b13	79	if ($res->numRows()) {
70232020	80	return $res->fetchOneCell();
b1719b13 VZ	81	}
b1719b13 VZ	82
e7b93962	83	/** TODO: implements this by inspecting the profile.
b1719b13	84	if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
e7b93962 FB	85	$res = XDB::query('SELECT a.uid
	86	FROM accounts AS a
	87	INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
	88	WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]);
b1719b13	89	if ($res->numRows() == 1) {
70232020	90	return $res->fetchOneCell();
b1719b13	91	}
e7b93962	92	}*/
b1719b13 VZ	93
	94	throw new UserNotFoundException();
	95	}
	96
	97	// Looks for $login as an email alias from the dedicated alias domain.
	98	if ($fqdn == $globals->mail->alias_dom \|\| $fqdn == $globals->mail->alias_dom2) {
	99	$res = XDB::query("SELECT redirect
	100	FROM virtual_redirect
	101	INNER JOIN virtual USING(vid)
	102	WHERE alias = {?}", $mbox . '@' . $globals->mail->alias_dom);
	103	if ($redir = $res->fetchOneCell()) {
	104	// We now have a valid alias, which has to be translated to an hruid.
	105	list($alias, $alias_fqdn) = explode('@', $redir);
e7b93962 FB	106	$res = XDB::query("SELECT a.uid
	107	FROM accounts AS a
	108	LEFT JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
	109	WHERE al.alias = {?}", $alias);
b1719b13	110	if ($res->numRows()) {
70232020	111	return $res->fetchOneCell();
b1719b13 VZ	112	}
	113	}
	114
	115	throw new UserNotFoundException();
	116	}
	117
	118	// Otherwise, we do suppose $login is an email redirection.
e7b93962 FB	119	$res = XDB::query("SELECT a.uid
	120	FROM accounts AS a
	121	LEFT JOIN emails AS e ON (e.uid = a.uid)
b1719b13 VZ	122	WHERE e.email = {?}", $login);
b1719b13 VZ	123	if ($res->numRows() == 1) {
70232020	124	return $res->fetchOneCell();
b1719b13 VZ	125	}
	126
	127	throw new UserNotFoundException($res->fetchColumn(1));
	128	}
	129
70232020 VZ	130	// Implementation of the data loader.
	131	protected function loadMainFields()
	132	{
c4012d9b VZ	133	if ($this->hruid !== null && $this->forlife !== null
	134	&& $this->bestalias !== null && $this->display_name !== null
	135	&& $this->full_name !== null && $this->promo !== null && $this->perms !== null
	136	&& $this->gender !== null && $this->email_format !== null) {
70232020 VZ	137	return;
	138	}
	139
	140	global $globals;
e7b93962 FB	141	/** TODO: promo stuff again */
e7b93962 FB	142	/** TODO: fix perms field to fit new perms system */
6e909db8	143	$res = XDB::query("SELECT a.hruid, d.promo,
70232020 VZ	144	CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife,
70232020 VZ	145	CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias,
e7b93962	146	a.full_name, a.display_name, a.sex = 'female' AS gender,
7f1ff426 FB	147	IF(a.state = 'active', at.perms, '') AS perms,
7f1ff426 FB	148	a.email_format, a.is_admin
e7b93962	149	FROM accounts AS a
365ba8c3	150	INNER JOIN account_types AS at ON (at.type = a.type)
6e909db8	151	INNER JOIN profile_display AS d ON (d.pid = a.uid)
e7b93962 FB	152	LEFT JOIN aliases AS af ON (af.id = a.uid AND af.type = 'a_vie')
	153	LEFT JOIN aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET('bestalias', ab.flags))
	154	WHERE a.uid = {?}", $this->user_id);
70232020 VZ	155	$this->fillFromArray($res->fetchOneAssoc());
	156	}
	157
	158	// Specialization of the fillFromArray method, to implement hacks to enable
	159	// lazy loading of user's main properties from the session.
c4012d9b VZ	160	// TODO(vzanotti): remove the conversion hacks once the old codebase will
c4012d9b VZ	161	// stop being used actively.
70232020 VZ	162	protected function fillFromArray(array $values)
	163	{
	164	// It might happen that the 'user_id' field is called uid in some places
	165	// (eg. in sessions), so we hard link uid to user_id to prevent useless
	166	// SQL requests.
	167	if (!isset($values['user_id']) && isset($values['uid'])) {
	168	$values['user_id'] = $values['uid'];
	169	}
	170
	171	// Also, if display_name and full_name are not known, but the user's
	172	// surname and last name are, we can construct the former two.
	173	if (isset($values['prenom']) && isset($values['nom'])) {
	174	if (!isset($values['display_name'])) {
	175	$values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']);
	176	}
	177	if (!isset($values['full_name'])) {
	178	$values['full_name'] = $values['prenom'] . ' ' . $values['nom'];
	179	}
	180	}
	181
c4012d9b VZ	182	// We also need to convert the gender (usually named "femme"), and the
	183	// email format parameter (valued "texte" instead of "text").
	184	if (isset($values['femme'])) {
	185	$values['gender'] = (bool) $values['femme'];
	186	}
	187	if (isset($values['mail_fmt'])) {
	188	$values['email_format'] = $values['mail_fmt'];
	189	}
c4012d9b	190
70232020 VZ	191	parent::fillFromArray($values);
	192	}
	193
50d5ec0b FB	194	// Specialization of the buildPerms method
	195	// This function build 'generic' permissions for the user. It does not take
	196	// into account page specific permissions (e.g X.net group permissions)
	197	protected function buildPerms()
	198	{
	199	if (!is_null($this->perm_flags)) {
	200	return;
	201	}
	202	if ($this->perms === null) {
	203	$this->loadMainFields();
	204	}
365ba8c3	205	$this->perm_flags = self::makePerms($this->perms, $this->is_admin);
50d5ec0b FB	206	}
50d5ec0b FB	207
7f1ff426 FB	208	// We do not want to store the password in the object.
	209	// So, fetch it 'on demand'
	210	public function password()
	211	{
	212	return XDB::fetchOneCell('SELECT a.password
	213	FROM accounts AS a
	214	WHERE a.uid = {?}', $this->id());
	215	}
	216
e7b93962 FB	217	/** Return the main profile attached with this account if any.
	218	*/
	219	public function profile()
	220	{
3e53a496 FB	221	if (!$this->_profile_fetched) {
	222	$this->_profile_fetched = true;
	223	$this->_profile = Profile::get($this);
	224	}
	225	return $this->_profile;
	226	}
	227
	228	/** Return true if the user has an associated profile.
	229	*/
	230	public function hasProfile()
	231	{
	232	return !is_null($this->profile());
	233	}
	234
	235	/** Get the email alias of the user.
	236	*/
	237	public function emailAlias()
	238	{
	239	global $globals;
	240	return XDB::fetchOneCell("SELECT v.alias
	241	FROM virtual AS v
	242	INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid)
	243	WHERE (vr.redirect = {?} OR vr.redirect = {?})
	244	AND alias LIKE '%@{$globals->mail->alias_dom}'",
	245	$this->forlifeEmail(), $this->m4xForlifeEmail(), $this->id());
	246	}
	247
	248	/** Get the alternative forlife email
	249	* TODO: remove this uber-ugly hack. The issue is that you need to remove
	250	* all @m4x.org addresses in virtual_redirect first.
	251	* XXX: This is juste to make code more readable, to be remove as soon as possible
	252	*/
	253	public function m4xForlifeEmail()
	254	{
	255	global $globals;
	256	trigger_error('USING M4X FORLIFE', E_USER_NOTICE);
	257	return $this->login() . '@' . $globals->mail->domain2;
e7b93962 FB	258	}
e7b93962 FB	259
50d5ec0b	260	// Return permission flags for a given permission level.
365ba8c3	261	public static function makePerms($perms, $is_admin)
50d5ec0b	262	{
365ba8c3	263	$flags = new PlFlagSet($perms);
50d5ec0b	264	$flags->addFlag(PERMS_USER);
365ba8c3	265	if ($is_admin) {
50d5ec0b FB	266	$flags->addFlag(PERMS_ADMIN);
	267	}
	268	return $flags;
	269	}
	270
b1719b13 VZ	271	// Implementation of the default user callback.
	272	public static function _default_user_callback($login, $results)
	273	{
b1719b13 VZ	274	$result_count = count($results);
b1719b13 VZ	275	if ($result_count == 0 \|\| !S::has_perms()) {
70232020	276	Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
b1719b13	277	} else {
70232020	278	Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
b1719b13 VZ	279	}
b1719b13 VZ	280	}
70232020 VZ	281
	282	// Implementation of the static email locality checker.
	283	public static function isForeignEmailAddress($email)
	284	{
	285	global $globals;
	286	if (strpos($email, '@') === false) {
	287	return false;
	288	}
	289
	290	list($user, $dom) = explode('@', $email);
	291	return $dom != $globals->mail->domain &&
	292	$dom != $globals->mail->domain2 &&
	293	$dom != $globals->mail->alias_dom &&
	294	$dom != $globals->mail->alias_dom2;
	295	}
9f8ebb9f VZ	296	}
	297
	298	// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
	299	?>