projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Fix SUID.
[platal.git] / classes / pluser.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2010 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 /**
23 * PlUserNotFound is raised when a user id cannot be linked to a real user.
24 * The @p results give the list hruids (useful when several users are found).
25 */
26 class UserNotFoundException extends Exception
27 {
28 public function __construct($results = array())
29 {
30 $this->results = $results;
31 parent::__construct();
32 }
33 }
34
35 interface PlUserInterface
36 {
37 public static function _default_user_callback($login, $results);
38
39 /**
40 * Determines if the @p login is an email address, and an email address not
41 * served locally by plat/al.
42 */
43 public static function isForeignEmailAddress($email);
44 }
45
46 /**
47 * Represents an user of plat/al (without any further assumption), with a
48 * special focus on always-used properties (identification fields, display name,
49 * forlife/bestalias emails, ...).
50 * NOTE: each implementation of plat/al-code MUST subclass PlUser, and name it
51 * 'User'.
52 */
53 abstract class PlUser implements PlUserInterface
54 {
55 /**
56 * User data enumerations.
57 */
58 const GENDER_FEMALE = true;
59 const GENDER_MALE = false;
60 const FORMAT_HTML = "html";
61 const FORMAT_TEXT = "text";
62
63 /**
64 * User data storage.
65 * By convention, null means the information hasn't been fetched yet, and
66 * false means the information is not available.
67 */
68
69 // uid is internal user ID (potentially numeric), whereas hruid is a
70 // "human readable" unique ID
71 protected $uid = null;
72 protected $hruid = null;
73
74 // User main email aliases (forlife is the for-life email address, bestalias
75 // is user-chosen preferred email address, email might be any email available
76 // for the user).
77 protected $forlife = null;
78 protected $bestalias = null;
79 protected $email = null;
80
81 // Display name is user-chosen name to display (eg. in "Welcome
82 // <display name> !"), while full name is the official full name.
83 protected $display_name = null;
84 protected $full_name = null;
85
86 // Other important parameters used when sending emails.
87 protected $gender = null; // Acceptable values are GENDER_MALE and GENDER_FEMALE
88 protected $email_format = null; // Acceptable values are FORMAT_HTML and FORMAT_TEXT
89
90 // Permissions
91 protected $perms = null;
92 protected $perm_flags = null;
93
94 // Other properties are listed in this key-value hash map.
95 protected $data = array();
96
97 /**
98 * Constructs the PlUser object from an identifier (any identifier which is
99 * understood by getLogin() implementation).
100 *
101 * @param $login An user login.
102 * @param $values List of known user properties.
103 */
104 public function __construct($login, $values = array())
105 {
106 $this->fillFromArray($values);
107
108 // If the user id was not part of the known values, determines it from
109 // the login.
110 if (!$this->uid) {
111 $this->uid = $this->getLogin($login);
112 }
113
114 // Preloads main properties (assumes the loader will lazily get them
115 // from variables already set in the object).
116 $this->loadMainFields();
117 }
118
119 /**
120 * Get the canonical user id for the @p login.
121 *
122 * @param $login An user login.
123 * @return The canonical user id.
124 * @throws UserNotFoundException when login is not found.
125 */
126 abstract protected function getLogin($login);
127
128 /**
129 * Loads the main properties (hruid, forlife, bestalias, ...) from the
130 * database. Should return immediately when the properties are already
131 * available.
132 */
133 abstract protected function loadMainFields();
134
135 /**
136 * Accessors to the main properties, ie. those available as top level
137 * object variables.
138 */
139 public function id()
140 {
141 return $this->uid;
142 }
143
144 public function login()
145 {
146 return $this->hruid;
147 }
148
149 public function isMe($other)
150 {
151 if (!$other) {
152 return false;
153 } else if ($other instanceof PlUser) {
154 return $other->id() == $this->id();
155 } else {
156 return false;
157 }
158 }
159
160 public function bestEmail()
161 {
162 if (!empty($this->bestalias)) {
163 return $this->bestalias;
164 }
165 return $this->email;
166 }
167 public function forlifeEmail()
168 {
169 if (!empty($this->forlife)) {
170 return $this->forlife;
171 }
172 return $this->email;
173 }
174
175 public function displayName()
176 {
177 return $this->display_name;
178 }
179 public function fullName()
180 {
181 return $this->full_name;
182 }
183
184 abstract public function password();
185
186 // Fallback value is GENDER_MALE.
187 public function isFemale()
188 {
189 return $this->gender == self::GENDER_FEMALE;
190 }
191
192 // Fallback value is FORMAT_TEXT.
193 public function isEmailFormatHtml()
194 {
195 return $this->email_format == self::FORMAT_HTML;
196 }
197
198 /**
199 * Other properties are available directly through the $data array, or as
200 * standard object variables, using a getter.
201 */
202 public function data()
203 {
204 return $this->data;
205 }
206
207 public function __get($name)
208 {
209 if (property_exists($this, $name)) {
210 return $this->$name;
211 }
212
213 if (isset($this->data[$name])) {
214 return $this->data[$name];
215 }
216
217 return null;
218 }
219
220 public function __isset($name)
221 {
222 return property_exists($this, $name) || isset($this->data[$name]);
223 }
224
225 public function __unset($name)
226 {
227 if (property_exists($this, $name)) {
228 $this->$name = null;
229 } else {
230 unset($this->data[$name]);
231 }
232 }
233
234 /**
235 * Fills the object properties using the @p associative array; the intended
236 * user case is to fill the object using SQL obtained arrays.
237 *
238 * @param $values Key-value array of user properties.
239 */
240 protected function fillFromArray(array $values)
241 {
242 // Merge main properties with existing ones.
243 unset($values['data']);
244 foreach ($values as $key => $value) {
245 if (property_exists($this, $key) && !isset($this->$key)) {
246 $this->$key = $value;
247 }
248 }
249
250 // Merge all value into the $this->data placeholder.
251 $this->data = array_merge($this->data, $values);
252 }
253
254 /**
255 * Adds properties to the object; this method does not allow the caller to
256 * update core properties (id, ...).
257 *
258 * @param $values An associative array of non-core properties.
259 */
260 public function addProperties(array $values)
261 {
262 foreach ($values as $key => $value) {
263 if (!property_exists($this, $key)) {
264 $this->data[$key] = $value;
265 }
266 }
267 }
268
269
270 /**
271 * Build the permissions flags for the user.
272 */
273 abstract protected function buildPerms();
274
275 /**
276 * Check wether the user got the given permission combination.
277 */
278 public function checkPerms($perms)
279 {
280 if (is_null($this->perm_flags)) {
281 $this->buildPerms();
282 }
283 if (is_null($this->perm_flags)) {
284 return false;
285 }
286 return $this->perm_flags->hasFlagCombination($perms);
287 }
288
289
290 /**
291 * Returns a valid User object built from the @p id and optionnal @p values,
292 * or returns false and calls the callback if the @p id is not valid.
293 */
294 public static function get($login, $callback = false)
295 {
296 return User::getWithValues($login, array(), $callback);
297 }
298
299 public static function getWithValues($login, $values, $callback = false)
300 {
301 if (!$callback) {
302 $callback = array('User', '_default_user_callback');
303 }
304
305 try {
306 return new User($login, $values);
307 } catch (UserNotFoundException $e) {
308 return call_user_func($callback, $login, $e->results);
309 }
310 }
311
312 public static function getWithUID($uid, $callback = false)
313 {
314 return User::getWithValues(null, array('uid' => $uid), $callback);
315 }
316
317 // Same as above, but using the silent callback as default.
318 public static function getSilent($login)
319 {
320 return User::getWithValues($login, array(), array('User', '_silent_user_callback'));
321 }
322
323 public static function getSilentWithValues($login, $values)
324 {
325 return User::getWithValues($login, $values, array('User', '_silent_user_callback'));
326 }
327
328 public static function getSilentWithUID($uid)
329 {
330 return User::getWithValues(null, array('uid' => $uid), array('User', '_silent_user_callback'));
331 }
332
333 /**
334 * Retrieves User objects corresponding to the @p logins, and eventually
335 * extracts and returns the @p property. If @p strict mode is disabled, it
336 * also includes logins for which no forlife was found (but it still calls
337 * the callback for them).
338 * In all cases, email addresses which are not from the local domains are
339 * kept.
340 *
341 * @param $logins Array of user logins.
342 * @param $property Property to retrieve from the User objects.
343 * @param $strict Should unvalidated logins be returned as-is or discarded ?
344 * @param $callback Callback to call when a login is unknown to the system.
345 * @return Array of validated user forlife emails.
346 */
347 private static function getBulkUserProperties($logins, $property, $strict, $callback)
348 {
349 if (!is_array($logins)) {
350 if (strlen(trim($logins)) == 0) {
351 return null;
352 }
353 $logins = preg_split("/[; ,\r\n\|]+/", $logins);
354 }
355
356 if ($logins) {
357 $list = array();
358 foreach ($logins as $i => $login) {
359 $login = trim($login);
360 if (empty($login)) {
361 continue;
362 }
363
364 if (($user = User::get($login, $callback))) {
365 $list[$i] = $user->$property();
366 } else if (!$strict || (User::isForeignEmailAddress($login) && isvalid_email($login))) {
367 $list[$i] = $login;
368 }
369 }
370 return $list;
371 }
372 return null;
373 }
374
375 /**
376 * Returns hruid corresponding to the @p logins. See getBulkUserProperties()
377 * for details.
378 */
379 public static function getBulkHruid($logins, $callback = false)
380 {
381 return self::getBulkUserProperties($logins, 'login', true, $callback);
382 }
383
384 /**
385 * Returns forlife emails corresponding to the @p logins. See
386 * getBulkUserProperties() for details.
387 */
388 public static function getBulkForlifeEmails($logins, $strict = true, $callback = false)
389 {
390 return self::getBulkUserProperties($logins, 'forlifeEmail', $strict, $callback);
391 }
392
393 /**
394 * Predefined callbacks for the user lookup; they are called when a given
395 * login is found not to be associated with any valid user. Silent callback
396 * does nothing; default callback is supposed to display an error message,
397 * using the Platal::page() hook.
398 */
399 public static function _silent_user_callback($login, $results)
400 {
401 return;
402 }
403
404 private static function stripBadChars($text)
405 {
406 return str_replace(array(' ', "'"), array('-', ''),
407 strtolower(stripslashes(replace_accent(trim($text)))));
408 }
409
410 /** Creates a username from a first and last name
411 * @param $firstname User's firstname
412 * @param $lasttname User's lastname
413 * return STRING the corresponding username
414 */
415 public static function makeUserName($firstname, $lastname)
416 {
417 return self::stripBadChars($firstname) . '.' . self::stripBadChars($lastname);
418 }
419
420 /**
421 * Creates a user forlive identifier from:
422 * @param $firstname User's firstname
423 * @param $lasttname User's lastname
424 * @param $category User's promotion or type of account
425 */
426 public static function makeHrid($firstname, $lastname, $category)
427 {
428 $cat = self::stripBadChars($category);
429 if (!cat) {
430 Platal::page()->kill("$category is not a suitable category.");
431 }
432
433 return self::makeUserName($firstname, $lastname) . '.' . $cat;
434 }
435
436 /** Reformats the firstname so that all letters are in lower case,
437 * except the first letter of each part of the name.
438 */
439 public static function fixFirstnameCase($firstname)
440 {
441 $firstname = strtolower($firstname);
442 $pieces = explode('-', $firstname);
443
444 foreach ($pieces as $piece) {
445 $subpieces = explode("'", $piece);
446 $usubpieces = '';
447
448 foreach ($subpieces as $subpiece) {
449 $usubpieces[] = ucwords($subpiece);
450 }
451 $upieces[] = implode("'", $usubpieces);
452 }
453 return implode('-', $upieces);
454 }
455 }
456
457 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
458 ?>
plat/al