<?php
/***************************************************************************
- * Copyright (C) 2003-2011 Polytechnique.org *
+ * Copyright (C) 2003-2014 Polytechnique.org *
* http://opensource.polytechnique.org/ *
* *
* This program is free software; you can redistribute it and/or modify *
const PERM_API_USER_READONLY = 'api_user_readonly';
const PERM_DIRECTORY_AX = 'directory_ax';
const PERM_DIRECTORY_PRIVATE = 'directory_private';
+ const PERM_DIRECTORY_HIDDEN = 'directory_hidden';
const PERM_EDIT_DIRECTORY = 'edit_directory';
const PERM_FORUMS = 'forums';
const PERM_GROUPS = 'groups';
// Checks whether $login is a valid hruid or not.
$res = XDB::query('SELECT uid
FROM accounts
- WHERE hruid = {?}', $login);
+ WHERE hruid = {?}', $login);
if ($res->numRows()) {
return $res->fetchOneCell();
}
$uids = array_map(array('XDB', 'escape'), $uids);
- return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date, h.uid IS NOT NULL AS homonym,
+ return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date, h.uid IS NOT NULL AS homonym, a.firstname, a.lastname,
IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', mf.name)) AS forlife,
IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', df.name)) AS forlife_alternate,
IF(eb.email IS NULL, NULL, CONCAT(eb.email, \'@\', mb.name)) AS bestalias,
(er.redirect IS NULL AND a.state = \'active\' AND FIND_IN_SET(\'mail\', at.perms)) AS lost,
- a.email, a.full_name, a.directory_name, a.display_name, a.sex = \'female\' AS gender,
+ a.email, a.full_name, a.directory_name, a.display_name, a.sort_name, a.sex = \'female\' AS gender,
IF(a.state = \'active\', CONCAT(at.perms, \',\', IF(a.user_perms IS NULL, \'\', a.user_perms)), \'\') AS perms,
a.user_perms, a.email_format, a.is_admin, a.state, a.type, at.description AS type_description, a.skin,
FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps,
a.token IS NOT NULL AS token_access, a.token, a.last_version,
- UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, UNIX_TIMESTAMP(fp.last_seen) AS banana_last
+ s.start AS lastlogin, s.host, fp.last_seen AS banana_last
' . $fields . '
FROM accounts AS a
INNER JOIN account_types AS at ON (at.type = a.type)
LEFT JOIN email_virtual_domains AS mf ON (ef.domain = mf.id)
LEFT JOIN email_virtual_domains AS df ON (df.aliasing = mf.id AND
df.name LIKE CONCAT(\'%\', {?}) AND df.name NOT LIKE \'alumni.%\')
- LEFT JOIN email_source_account AS eb ON (eb.uid = a.uid AND eb.flags = \'bestalias\')
+ LEFT JOIN email_source_account AS eb ON (eb.uid = a.uid AND FIND_IN_SET(\'bestalias\',eb.flags))
LEFT JOIN email_virtual_domains AS mb ON (a.best_domain = mb.id)
LEFT JOIN email_redirect_account AS er ON (er.uid = a.uid AND er.flags = \'active\' AND er.broken_level < 3
AND er.type != \'imap\' AND er.type != \'homonym\')
$this->perm_flags = null;
}
+ /** Retrieve the 'general' read visibility.
+ * This is the maximum level of fields that may be viewed by the current user on other profiles.
+ *
+ * Rules are:
+ * - Everyone can view 'public'
+ * - directory_ax gives access to 'AX' level, ie. the printed directory
+ * - directory_private gives access to 'private' level
+ * - admin and directory_hidden gives access to 'hidden' level
+ */
+ public function readVisibility()
+ {
+ $level = Visibility::VIEW_NONE;
+ if ($this->is_admin || $this->checkPerms('directory_hidden')) {
+ $level = Visibility::VIEW_ADMIN;
+ } elseif ($this->checkPerms('directory_private')) {
+ $level = Visibility::VIEW_PRIVATE;
+ } elseif ($this->checkPerms('directory_ax')) {
+ $level = Visibility::VIEW_AX;
+ } else {
+ $level = Visibility::VIEW_PUBLIC;
+ }
+ return Visibility::get($level);
+ }
+
+ /** Retrieve the 'general' edit visibility.
+ * This is the maximum level of fields that may be edited by the current user on other profiles.
+ *
+ * Rules are:
+ * - Only admins can edit the 'hidden' fields
+ * - If someone has 'directory_edit' (which is actually directory_ax_edit): AX level
+ * - Otherwise, nothing.
+ */
+ public function editVisibility()
+ {
+ $level = Visibility::VIEW_NONE;
+ if ($this->is_admin) {
+ $level = Visibility::VIEW_ADMIN;
+ } elseif ($this->checkPerms('directory_edit')) {
+ $level = Visibility::VIEW_AX;
+ }
+ return Visibility::get($level);
+ }
+
// We do not want to store the password in the object.
// So, fetch it 'on demand'
public function password()
public function firstName()
{
if (!$this->hasProfile()) {
- return $this->displayName();
+ return $this->firstname;
}
return $this->profile()->firstName();
}
public function lastName()
{
if (!$this->hasProfile()) {
- return '';
+ return $this->lastname;
}
return $this->profile()->lastName();
}
return $this->profile()->fullName($with_promo);
}
+ public function shortName($with_promo = false)
+ {
+ if (!$this->hasProfile()) {
+ return $this->full_name;
+ }
+ return $this->profile()->shortName($with_promo);
+ }
+
public function directoryName()
{
if (!$this->hasProfile()) {
return $this->profile()->directory_name;
}
+ public function sortName()
+ {
+ if (!$this->hasProfile()) {
+ return $this->sort_name;
+ }
+ return $this->profile()->sort_name;
+ }
+
+ static public function compareDirectoryName($a, $b)
+ {
+ return strcasecmp(replace_accent($a->directoryName()), replace_accent($b->directoryName()));
+ }
+
/** Return the main profile attached with this account if any.
*/
public function profile($forceFetch = false, $fields = 0x0000, $visibility = null)
if (!$this->_profile_fetched || $forceFetch) {
$this->_profile_fetched = true;
$this->_profile = Profile::get($this, $fields, $visibility);
+ } else if ($this->_profile !== null && $visibility !== null && !$this->_profile->visibility->equals($visibility)) {
+ return Profile::get($this, $fields, $visibility);
}
return $this->_profile;
}
+ public function setPrefetchedProfile(Profile $profile)
+ {
+ $this->_profile_fetched = true;
+ $this->_profile = $profile;
+ }
+
/** Return true if the user has an associated profile.
*/
public function hasProfile()
$watch['watch_promos'] = XDB::fetchColumn('SELECT promo
FROM watch_promo
WHERE uid = {?}', $this->id());
+ $watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid
+ FROM watch_group AS w
+ INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub))
+ WHERE w.uid = {?}", $this->id());
$watch['watch_users'] = XDB::fetchColumn('SELECT ni_id
FROM watch_nonins
WHERE uid = {?}', $this->id());
return $this->watch_promos;
}
+ public function watchGroups()
+ {
+ $this->fetchWatchData();
+ return $this->watch_groups;
+ }
+
public function watchUsers()
{
$this->fetchWatchData();
unset($this->watch_users);
unset($this->watch_last);
unset($this->watch_promos);
+ unset($this->watch_groups);
}
/**
* Clears a user.
* *always deletes in: account_lost_passwords, register_marketing,
- * register_pending, register_subs, watch_nonins, watch, watch_promo
+ * register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group,
* *always keeps in: account_types, accounts, email_virtual, carvas,
* group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account
* *deletes if $clearAll: account_auth_openid, announce_read, contacts,
{
$tables = array('account_lost_passwords', 'register_marketing',
'register_pending', 'register_subs', 'watch_nonins',
- 'watch', 'watch_promo');
+ 'watch', 'watch_promo', 'watch_group');
foreach ($tables as $t) {
XDB::execute('DELETE FROM ' . $t . '
}
$tables = array('account_auth_openid', 'announce_read', 'contacts',
- 'email_send_save', 'email_virtual',
+ 'email_send_save',
'forum_innd', 'forum_profiles', 'forum_subs',
'group_announces_read', 'group_members',
'group_member_sub_requests', 'reminder', 'requests',
XDB::execute('DELETE FROM email_redirect_account
WHERE uid = {?} AND type != \'homonym\'',
$this->id());
+ XDB::execute('DELETE FROM email_virtual
+ WHERE redirect = {?}',
+ $this->forlifeEmail());
foreach (array('gapps_accounts', 'gapps_nicknames') as $t) {
XDB::execute('DELETE FROM ' . $t . '
$this->forlifeEmail(), $newuser->id());
// Reftech new user so its forlifeEmail will be correct.
- $newuser = getSilentWithUID($newuser->id());
+ $newuser = self::getSilentWithUID($newuser->id());
}
// Change email used in mailing lists.
if ($this->forlifeEmail() != $newuser->forlifeEmail()) {
+ // The super user is the user who has the right to do the modification.
+ $super_user = S::user();
// group mailing lists
$group_domains = XDB::fetchColumn('SELECT g.mail_domain
FROM groups AS g
WHERE g.mail_domain != \'\' AND gm.uid = {?}',
$this->id());
foreach ($group_domains as $mail_domain) {
- $mmlist = new MMList($this, $mail_domain);
+ $mmlist = new MMList($super_user, $mail_domain);
$mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
}
// main domain lists
- $mmlist = new MMList($this);
+ $mmlist = new MMList($super_user);
$mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
}
}
public static function makePerms($perms, $is_admin)
{
$flags = new PlFlagSet($perms);
- $flags->addFlag(PERMS_USER);
if ($is_admin) {
$flags->addFlag(PERMS_ADMIN);
}
$is_main_domain = false;
foreach (self::$sub_mail_domains as $sub_domain) {
- $is_main_domain = $is_main_domain || $domain == ($sub_domain . $globals->mail->domain) && $domain == ($sub_domain . $globals->mail->domain2);
+ $is_main_domain = $is_main_domain || $domain == ($sub_domain . $globals->mail->domain) || $domain == ($sub_domain . $globals->mail->domain2);
}
return $is_main_domain;
}
}
}
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
?>
projects / platal.git / blobdiff