projects / platal.git / blob
? search:


012300368bc41e43b80c64a42113bd4f31015140
[platal.git] / classes / user.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2010 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class User extends PlUser
23 {
24 private $_profile_fetched = false;
25 private $_profile = null;
26
27 // Additional fields (non core)
28 protected $promo = null;
29
30 // Implementation of the login to uid method.
31 protected function getLogin($login)
32 {
33 global $globals;
34
35 if (!$login) {
36 throw new UserNotFoundException();
37 }
38
39 if ($login instanceof User) {
40 $machin->id();
41 }
42
43 if ($login instanceof Profile) {
44 $this->_profile = $login;
45 $this->_profile_fetched = true;
46 $res = XDB::query('SELECT ap.uid
47 FROM account_profiles AS ap
48 WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
49 $login->id());
50 if ($res->numRows()) {
51 return $res->fetchOneCell();
52 }
53 throw new UserNotFoundException();
54 }
55
56 // If $data is an integer, fetches directly the result.
57 if (is_numeric($login)) {
58 $res = XDB::query('SELECT a.uid
59 FROM accounts AS a
60 WHERE a.uid = {?}', $login);
61 if ($res->numRows()) {
62 return $res->fetchOneCell();
63 }
64
65 throw new UserNotFoundException();
66 }
67
68 // Checks whether $login is a valid hruid or not.
69 $res = XDB::query('SELECT a.uid
70 FROM accounts AS a
71 WHERE a.hruid = {?}', $login);
72 if ($res->numRows()) {
73 return $res->fetchOneCell();
74 }
75
76 // From now, $login can only by an email alias, or an email redirection.
77 // If it doesn't look like a valid address, appends the plat/al's main domain.
78 $login = trim(strtolower($login));
79 if (strstr($login, '@') === false) {
80 $login = $login . '@' . $globals->mail->domain;
81 }
82
83 // Checks if $login is a valid alias on the main domains.
84 list($mbox, $fqdn) = explode('@', $login);
85 if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) {
86 $res = XDB::query('SELECT a.uid
87 FROM accounts AS a
88 INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\'))
89 WHERE al.alias = {?}', $mbox);
90 if ($res->numRows()) {
91 return $res->fetchOneCell();
92 }
93
94 /** TODO: implements this by inspecting the profile.
95 if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) {
96 $res = XDB::query('SELECT a.uid
97 FROM accounts AS a
98 INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
99 WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]);
100 if ($res->numRows() == 1) {
101 return $res->fetchOneCell();
102 }
103 }*/
104
105 throw new UserNotFoundException();
106 }
107
108 // Looks for $login as an email alias from the dedicated alias domain.
109 if ($fqdn == $globals->mail->alias_dom || $fqdn == $globals->mail->alias_dom2) {
110 $res = XDB::query("SELECT redirect
111 FROM virtual_redirect
112 INNER JOIN virtual USING(vid)
113 WHERE alias = {?}", $mbox . '@' . $globals->mail->alias_dom);
114 if ($redir = $res->fetchOneCell()) {
115 // We now have a valid alias, which has to be translated to an hruid.
116 list($alias, $alias_fqdn) = explode('@', $redir);
117 $res = XDB::query("SELECT a.uid
118 FROM accounts AS a
119 LEFT JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie'))
120 WHERE al.alias = {?}", $alias);
121 if ($res->numRows()) {
122 return $res->fetchOneCell();
123 }
124 }
125
126 throw new UserNotFoundException();
127 }
128
129 // Looks for an account with the given email.
130 $res = XDB::query('SELECT a.uid
131 FROM accounts AS a
132 WHERE a.email = {?}', $login);
133 if ($res->numRows() == 1) {
134 return $res->fetchOneCell();
135 }
136
137 // Otherwise, we do suppose $login is an email redirection.
138 $res = XDB::query("SELECT a.uid
139 FROM accounts AS a
140 LEFT JOIN emails AS e ON (e.uid = a.uid)
141 WHERE e.email = {?}", $login);
142 if ($res->numRows() == 1) {
143 return $res->fetchOneCell();
144 }
145
146 throw new UserNotFoundException($res->fetchColumn(1));
147 }
148
149 protected static function loadMainFieldsFromUIDs(array $uids, $respect_order = true)
150 {
151 global $globals;
152 $joins = '';
153 $fields = array();
154 if ($globals->asso('id')) {
155 $joins .= XDB::format("LEFT JOIN group_members AS gpm ON (gpm.uid = a.uid AND gpm.asso_id = {?})\n", $globals->asso('id'));
156 $fields[] = 'gpm.perms AS group_perms';
157 $fields[] = 'gpm.comm AS group_comm';
158 }
159 if (count($fields) > 0) {
160 $fields = ', ' . implode(', ', $fields);
161 } else {
162 $fields = '';
163 }
164
165 if ($respect_order) {
166 $order = 'ORDER BY ' . XDB::formatCustomOrder('a.uid', $uids);
167 } else {
168 $order = '';
169 }
170
171 $uids = array_map(array('XDB', 'escape'), $uids);
172
173 return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date,
174 CONCAT(af.alias, \'@' . $globals->mail->domain . '\') AS forlife,
175 CONCAT(af.alias, \'@' . $globals->mail->domain2 . '\') AS forlife_alternate,
176 CONCAT(ab.alias, \'@' . $globals->mail->domain . '\') AS bestalias,
177 CONCAT(ab.alias, \'@' . $globals->mail->domain2 . '\') AS bestalias_alternate,
178 a.full_name, a.display_name, a.sex = \'female\' AS gender,
179 IF(a.state = \'active\', at.perms, \'\') AS perms,
180 a.email_format, a.is_admin, a.state, a.type, a.skin,
181 FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
182 a.weak_password IS NOT NULL AS weak_access,
183 a.token IS NOT NULL AS token_access,
184 (e.email IS NULL AND NOT FIND_IN_SET(\'googleapps\', eo.storage)) AND a.state != \'pending\' AS lost
185 ' . $fields . '
186 FROM accounts AS a
187 INNER JOIN account_types AS at ON (at.type = a.type)
188 LEFT JOIN aliases AS af ON (af.id = a.uid AND af.type = \'a_vie\')
189 LEFT JOIN aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET(\'bestalias\', ab.flags))
190 LEFT JOIN emails AS e ON (e.uid = a.uid AND e.flags = \'active\')
191 LEFT JOIN email_options AS eo ON (eo.uid = a.uid)
192 ' . $joins . '
193 WHERE a.uid IN (' . implode(', ', $uids) . ')
194 GROUP BY a.uid
195 ' . $order);
196 }
197
198 // Implementation of the data loader.
199 protected function loadMainFields()
200 {
201 if ($this->hruid !== null && $this->forlife !== null
202 && $this->bestalias !== null && $this->display_name !== null
203 && $this->full_name !== null && $this->perms !== null
204 && $this->gender !== null && $this->email_format !== null) {
205 return;
206 }
207 $this->fillFromArray(self::loadMainFieldsFromUIDs(array($this->user_id))->next());
208 }
209
210 // Specialization of the fillFromArray method, to implement hacks to enable
211 // lazy loading of user's main properties from the session.
212 // TODO(vzanotti): remove the conversion hacks once the old codebase will
213 // stop being used actively.
214 protected function fillFromArray(array $values)
215 {
216 // It might happen that the 'user_id' field is called uid in some places
217 // (eg. in sessions), so we hard link uid to user_id to prevent useless
218 // SQL requests.
219 if (!isset($values['user_id']) && isset($values['uid'])) {
220 $values['user_id'] = $values['uid'];
221 }
222
223 // Also, if display_name and full_name are not known, but the user's
224 // surname and last name are, we can construct the former two.
225 if (isset($values['prenom']) && isset($values['nom'])) {
226 if (!isset($values['display_name'])) {
227 $values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']);
228 }
229 if (!isset($values['full_name'])) {
230 $values['full_name'] = $values['prenom'] . ' ' . $values['nom'];
231 }
232 }
233
234 // We also need to convert the gender (usually named "femme"), and the
235 // email format parameter (valued "texte" instead of "text").
236 if (isset($values['femme'])) {
237 $values['gender'] = (bool) $values['femme'];
238 }
239 if (isset($values['mail_fmt'])) {
240 $values['email_format'] = $values['mail_fmt'];
241 }
242
243 parent::fillFromArray($values);
244 }
245
246 // Specialization of the buildPerms method
247 // This function build 'generic' permissions for the user. It does not take
248 // into account page specific permissions (e.g X.net group permissions)
249 protected function buildPerms()
250 {
251 if (!is_null($this->perm_flags)) {
252 return;
253 }
254 if ($this->perms === null) {
255 $this->loadMainFields();
256 }
257 $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
258 }
259
260 // We do not want to store the password in the object.
261 // So, fetch it 'on demand'
262 public function password()
263 {
264 return XDB::fetchOneCell('SELECT a.password
265 FROM accounts AS a
266 WHERE a.uid = {?}', $this->id());
267 }
268
269 /** Overload PlUser::promo(): there no promo defined for a user in the current
270 * schema. The promo is a field from the profile.
271 */
272 public function promo()
273 {
274 if (!$this->hasProfile()) {
275 return '';
276 }
277 return $this->profile()->promo();
278 }
279
280 public function firstName()
281 {
282 if (!$this->hasProfile()) {
283 return $this->displayName();
284 }
285 return $this->profile()->firstName();
286 }
287
288 public function lastName()
289 {
290 if (!$this->hasProfile()) {
291 return '';
292 }
293 return $this->profile()->lastName();
294 }
295
296 /** Return the main profile attached with this account if any.
297 */
298 public function profile()
299 {
300 if (!$this->_profile_fetched) {
301 $this->_profile_fetched = true;
302 $this->_profile = Profile::get($this);
303 }
304 return $this->_profile;
305 }
306
307 /** Return true if the user has an associated profile.
308 */
309 public function hasProfile()
310 {
311 return !is_null($this->profile());
312 }
313
314 /** Check if the user can edit to given profile.
315 */
316 public function canEdit(Profile $profile)
317 {
318 // XXX: Check permissions (e.g. secretary permission)
319 // and flags from the profile
320 return XDB::fetchOneCell('SELECT pid
321 FROM account_profiles
322 WHERE uid = {?} AND pid = {?}',
323 $this->id(), $profile->id());
324 }
325
326 /** Get the email alias of the user.
327 */
328 public function emailAlias()
329 {
330 global $globals;
331 $data = $this->emailAliases($globals->mail->alias_dom);
332 if (count($data) > 0) {
333 return array_pop($data);
334 }
335 return null;
336 }
337
338 /** Get all the aliases the user belongs to.
339 */
340 public function emailAliases($domain = null, $type = 'user', $sub_state = false)
341 {
342 $join = XDB::format('(vr.redirect = {?} OR vr.redirect = {?}) ',
343 $this->forlifeEmail(), $this->m4xForlifeEmail());
344 $where = '';
345 if (!is_null($domain)) {
346 $where = XDB::format('WHERE v.alias LIKE CONCAT("%@", {?})', $domain);
347 }
348 if (!is_null($type)) {
349 if (empty($where)) {
350 $where = XDB::format('WHERE v.type = {?}', $type);
351 } else {
352 $where .= XDB::format(' AND v.type = {?}', $type);
353 }
354 }
355 if ($sub_state) {
356 return XDB::fetchAllAssoc('alias', 'SELECT v.alias, vr.redirect IS NOT NULL AS sub
357 FROM virtual AS v
358 LEFT JOIN virtual_redirect AS vr ON (v.vid = vr.vid AND ' . $join . ')
359 ' . $where);
360 } else {
361 return XDB::fetchColumn('SELECT v.alias
362 FROM virtual AS v
363 INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid AND ' . $join . ')
364 ' . $where);
365 }
366 }
367
368 /** Get the alternative forlife email
369 * TODO: remove this uber-ugly hack. The issue is that you need to remove
370 * all @m4x.org addresses in virtual_redirect first.
371 * XXX: This is juste to make code more readable, to be remove as soon as possible
372 */
373 public function m4xForlifeEmail()
374 {
375 global $globals;
376 trigger_error('USING M4X FORLIFE', E_USER_NOTICE);
377 return $this->login() . '@' . $globals->mail->domain2;
378 }
379
380
381 /** Get marketing informations
382 */
383 private function fetchMarketingData()
384 {
385 if (isset($this->last_known_email)) {
386 return;
387 }
388 $infos = XDB::fetchOneAssoc('SELECT IF (MAX(m.last) > p.relance, MAX(m.last), p.relance) AS last_relance,
389 p.email AS last_known_email
390 FROM register_pending AS p
391 LEFT JOIN register_marketing AS m ON (p.uid = m.uid)
392 WHERE p.uid = {?}
393 GROUP BY p.uid', $this->id());
394 if (!$infos) {
395 $infos = array('last_relance' => null, 'last_known_email' => null);
396 }
397 $this->fillFromArray($infos);
398 }
399
400 public function lastMarketingRelance()
401 {
402 $this->fetchMarketingData();
403 return $this->last_relance;
404 }
405
406 public function lastKnownEmail()
407 {
408 $this->fetchMarketingData();
409 return $this->last_known_email;
410 }
411
412
413 /** Get watch informations
414 */
415 private function fetchWatchData()
416 {
417 if (isset($this->watch_actions)) {
418 return;
419 }
420 $watch = XDB::fetchOneAssoc('SELECT flags AS watch_flags, actions AS watch_actions,
421 UNIX_TIMESTAMP(last) AS watch_last
422 FROM watch
423 WHERE uid = {?}', $this->id());
424 $watch['watch_flags'] = new PlFlagSet($watch['watch_flags']);
425 $watch['watch_actions'] = new PlFlagSet($watch['watch_actions']);
426 $watch['watch_promos'] = XDB::fetchColumn('SELECT promo
427 FROM watch_promo
428 WHERE uid = {?}', $this->id());
429 $watch['watch_users'] = XDB::fetchColumn('SELECT ni_id
430 FROM watch_nonins
431 WHERE uid = {?}', $this->id());
432 $this->fillFromArray($watch);
433 }
434
435 public function watch($type)
436 {
437 $this->fetchWatchData();
438 return $this->watch_actions->hasFlag($type);
439 }
440
441 public function watchContacts()
442 {
443 $this->fetchWatchData();
444 return $this->watch_flags->hasFlag('contacts');
445 }
446
447 public function watchEmail()
448 {
449 $this->fetchWatchData();
450 return $this->watch_flags->hasFlag('mail');
451 }
452
453 public function watchPromos()
454 {
455 $this->fetchWatchData();
456 return $this->watch_promos;
457 }
458
459 public function watchUsers()
460 {
461 $this->fetchWatchData();
462 return $this->watch_users;
463 }
464
465 public function watchLast()
466 {
467 $this->fetchWatchData();
468 return $this->watch_last;
469 }
470
471
472 // Contacts
473 private $contacts = null;
474 public function isContact(PlUser &$user)
475 {
476 if (is_null($this->contacts)) {
477 $this->contacts = XDB::fetchAllAssoc('contact', 'SELECT *
478 FROM contacts
479 WHERE uid = {?}',
480 $this->id());
481 }
482 return isset($this->contacts[$user->id()]);
483 }
484
485 // Groupes X
486 private $groups = null;
487 public function groups()
488 {
489 if (is_null($this->groups)) {
490 $this->groups = XDB::fetchAllAssoc('asso_id', 'SELECT asso_id, perms, comm
491 FROM group_members
492 WHERE uid = {?}',
493 $this->id());
494 }
495 return $this->groups;
496 }
497
498 // Return permission flags for a given permission level.
499 public static function makePerms($perms, $is_admin)
500 {
501 $flags = new PlFlagSet($perms);
502 $flags->addFlag(PERMS_USER);
503 if ($is_admin) {
504 $flags->addFlag(PERMS_ADMIN);
505 }
506 return $flags;
507 }
508
509 // Implementation of the default user callback.
510 public static function _default_user_callback($login, $results)
511 {
512 $result_count = count($results);
513 if ($result_count == 0 || !S::admin()) {
514 Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
515 } else {
516 Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
517 }
518 }
519
520 // Implementation of the static email locality checker.
521 public static function isForeignEmailAddress($email)
522 {
523 global $globals;
524 if (strpos($email, '@') === false) {
525 return false;
526 }
527
528 list($user, $dom) = explode('@', $email);
529 return $dom != $globals->mail->domain &&
530 $dom != $globals->mail->domain2 &&
531 $dom != $globals->mail->alias_dom &&
532 $dom != $globals->mail->alias_dom2;
533 }
534
535 public static function isVirtualEmailAddress($email)
536 {
537 global $globals;
538 if (strpos($email, '@') === false) {
539 return false;
540 }
541
542 list($user, $dom) = explode('@', $email);
543 return $dom == $globals->mail->alias_dom
544 || $dom == $globals->mail->alias_dom2;
545 }
546
547 public static function iterOverUIDs($uids, $respect_order = true)
548 {
549 return new UserIterator(self::loadMainFieldsFromUIDs($uids, $respect_order));
550 }
551
552 /** Fetch a set of users from a list of UIDs
553 * @param $data The list of uids to fetch, or an array of arrays
554 * @param $orig If $data is an array of arrays, the subfield where uids are stored
555 * @param $dest If $data is an array of arrays, the subfield to fill with Users
556 * @param $fetchProfile Whether to fetch Profiles as well
557 * @return either an array of $uid => User, or $data with $data[$i][$dest] = User
558 */
559 public static function getBulkUsersWithUIDs(array $data, $orig = null, $dest = null, $fetchProfile = true)
560 {
561 // Fetch the list of uids
562 if (is_null($orig)) {
563 $uids = $data;
564 } else {
565 if (is_null($dest)) {
566 $dest = $orig;
567 }
568 $uids = array();
569 foreach ($data as $key=>$entry) {
570 if (isset($entry[$orig])) {
571 $uids[] = $entry[$orig];
572 }
573 }
574 }
575
576 // Fetch users
577 if (count($uids) == 0) {
578 return $data;
579 }
580 $users = self::iterOverUIDs($uids, true);
581
582 $table = array();
583 if ($fetchProfile) {
584 $profiles = Profile::iterOverUIDS($uids, true);
585 $profile = $profiles->next();
586 }
587
588 /** We iterate through the users, moving in
589 * profiles when they match the user ID :
590 * there can be users without a profile, but not
591 * the other way around.
592 */
593 while (($user = $users->next())) {
594 if ($fetchProfile) {
595 if ($profile->owner_id == $user->id()) {
596 $user->_profile = $profile;
597 $profile = $profiles->next();
598 }
599 $user->_profile_fetched = true;
600 }
601 $table[$user->id()] = $user;
602 }
603
604 // Build the result with respect to input order.
605 if (is_null($orig)) {
606 return $table;
607 } else {
608 foreach ($data as $key=>$entry) {
609 if (isset($entry[$orig])) {
610 $entry[$dest] = $table[$entry[$orig]];
611 $data[$key] = $entry;
612 }
613 }
614 return $data;
615 }
616 }
617
618 public static function getBulkUsersFromDB($fetchProfile = true)
619 {
620 $args = func_get_args();
621 $uids = call_user_func_array(array('XDB', 'fetchColumn'), $args);
622 return self::getBulkUsersWithUIDs($uids, null, null, $fetchProfile);
623 }
624 }
625
626 /** Iterator over a set of Users
627 * @param an XDB::Iterator obtained from a User::loadMainFieldsFromUIDs
628 */
629 class UserIterator implements PlIterator
630 {
631 private $dbiter;
632
633 public function __construct($dbiter)
634 {
635 $this->dbiter = $dbiter;
636 }
637
638 public function next()
639 {
640 $data = $this->dbiter->next();
641 if ($data == null) {
642 return null;
643 } else {
644 return User::getSilentWithValues(null, $data);
645 }
646 }
647
648 public function total()
649 {
650 return $this->dbiter->total();
651 }
652
653 public function first()
654 {
655 return $this->dbiter->first();
656 }
657
658 public function last()
659 {
660 return $this->dbiter->last();
661 }
662 }
663
664 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
665 ?>
plat/al