X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fuser.php;h=10e131c7d41202db5a5355f09103f503e0e78b2e;hb=fda78a6777a5f385537fc9f291afb310e12525e5;hp=039fec63be05a87080bb27dfb7f6106364fa02b7;hpb=f88d915428d9375442839f4528313f4ffe2b778e;p=platal.git

diff --git a/classes/user.php b/classes/user.php
index 039fec6..10e131c 100644
--- a/classes/user.php
+++ b/classes/user.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2011 Polytechnique.org                              *
+ *  Copyright (C) 2003-2014 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -85,28 +85,28 @@ class User extends PlUser
         // Checks whether $login is a valid hruid or not.
         $res = XDB::query('SELECT  uid
                              FROM  accounts
-                            WHERE  hruid = {?}', $login);
+                             WHERE  hruid = {?}', $login);
         if ($res->numRows()) {
             return $res->fetchOneCell();
         }
 
         // From now, $login can only by an email alias, or an email redirection.
-        // If it doesn't look like a valid address, appends the plat/al's main domain.
         $login = trim(strtolower($login));
         if (strstr($login, '@') === false) {
-            $email = $login;
-            $domain = $this->mainEmailDomain();
+            $res = XDB::fetchOneCell('SELECT  uid
+                                        FROM  email_source_account
+                                       WHERE  email = {?}',
+                                     $login);
         } else {
             list($email, $domain) = explode('@', $login);
+            $res = XDB::fetchOneCell('SELECT  s.uid
+                                        FROM  email_source_account  AS s
+                                  INNER JOIN  email_virtual_domains AS m ON (s.domain = m.id)
+                                  INNER JOIN  email_virtual_domains AS d ON (d.aliasing = m.id)
+                                       WHERE  s.email = {?} AND d.name = {?}',
+                                     $email, $domain);
         }
 
-        // Checks if $login is a valid alias on any domain.
-        $res = XDB::fetchOneCell('SELECT  s.uid
-                                    FROM  email_source_account  AS s
-                              INNER JOIN  email_virtual_domains AS m ON (s.domain = m.id)
-                              INNER JOIN  email_virtual_domains AS d ON (d.aliasing = m.id)
-                                   WHERE  s.email = {?} AND d.name = {?}',
-                                 $email, $domain);
         if ($res) {
             return $res;
         }
@@ -159,19 +159,18 @@ class User extends PlUser
 
         $uids = array_map(array('XDB', 'escape'), $uids);
 
-        return XDB::iterator('SELECT  a.uid, a.hruid, a.registration_date, h.uid IS NOT NULL AS homonym,
+        return XDB::iterator('SELECT  a.uid, a.hruid, a.registration_date, h.uid IS NOT NULL AS homonym, a.firstname, a.lastname,
                                       IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', mf.name)) AS forlife,
                                       IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', df.name)) AS forlife_alternate,
                                       IF(eb.email IS NULL, NULL, CONCAT(eb.email, \'@\', mb.name)) AS bestalias,
-                                      IF(eb.email IS NULL, NULL, CONCAT(eb.email, \'@\', db.name)) AS bestalias_alternate,
-                                      (er.redirect IS NULL AND a.state = \'active\') AS lost,
+                                      (er.redirect IS NULL AND a.state = \'active\' AND FIND_IN_SET(\'mail\', at.perms)) AS lost,
                                       a.email, a.full_name, a.directory_name, a.display_name, a.sex = \'female\' AS gender,
                                       IF(a.state = \'active\', CONCAT(at.perms, \',\', IF(a.user_perms IS NULL, \'\', a.user_perms)), \'\') AS perms,
                                       a.user_perms, a.email_format, a.is_admin, a.state, a.type, at.description AS type_description, a.skin,
                                       FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
                                       a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps,
                                       a.token IS NOT NULL AS token_access, a.token, a.last_version,
-                                      UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, UNIX_TIMESTAMP(fp.last_seen) AS banana_last
+                                      s.start AS lastlogin, s.host, fp.last_seen AS banana_last
                                       ' . $fields . '
                                 FROM  accounts               AS a
                           INNER JOIN  account_types          AS at ON (at.type = a.type)
@@ -179,10 +178,8 @@ class User extends PlUser
                            LEFT JOIN  email_virtual_domains  AS mf ON (ef.domain = mf.id)
                            LEFT JOIN  email_virtual_domains  AS df ON (df.aliasing = mf.id AND
                                                                        df.name LIKE CONCAT(\'%\', {?}) AND df.name NOT LIKE \'alumni.%\')
-                           LEFT JOIN  email_source_account   AS eb ON (eb.uid = a.uid AND eb.flags = \'bestalias\')
-                           LEFT JOIN  email_virtual_domains  AS mb ON (eb.domain = mb.id)
-                           LEFT JOIN  email_virtual_domains  AS db ON (db.aliasing = mb.id AND
-                                                                       db.name LIKE CONCAT(\'%\', {?}) AND db.name NOT LIKE \'alumni.%\')
+                           LEFT JOIN  email_source_account   AS eb ON (eb.uid = a.uid AND FIND_IN_SET(\'bestalias\',eb.flags))
+                           LEFT JOIN  email_virtual_domains  AS mb ON (a.best_domain = mb.id)
                            LEFT JOIN  email_redirect_account AS er ON (er.uid = a.uid AND er.flags = \'active\' AND er.broken_level < 3
                                                                        AND er.type != \'imap\' AND er.type != \'homonym\')
                            LEFT JOIN  homonyms_list          AS h  ON (h.uid = a.uid)
@@ -228,6 +225,49 @@ class User extends PlUser
         $this->perm_flags = null;
     }
 
+    /** Retrieve the 'general' read visibility.
+     * This is the maximum level of fields that may be viewed by the current user on other profiles.
+     *
+     * Rules are:
+     *  - Everyone can view 'public'
+     *  - directory_ax gives access to 'AX' level
+     *  - directory_private gives access to 'private' level
+     *  - admin gives access to 'hidden' level
+     */
+    public function readVisibility()
+    {
+        $level = Visibility::VIEW_NONE;
+        if ($this->is_admin) {
+            $level = Visibility::VIEW_ADMIN;
+        } elseif ($this->checkPerms('directory_private')) {
+            $level = Visibility::VIEW_PRIVATE;
+        } elseif ($this->checkPerms('directory_ax')) {
+            $level = Visibility::VIEW_AX;
+        } else {
+            $level = Visibility::VIEW_PUBLIC;
+        }
+        return Visibility::get($level);
+    }
+
+    /** Retrieve the 'general' edit visibility.
+     * This is the maximum level of fields that may be edited by the current user on other profiles.
+     *
+     * Rules are:
+     *  - Only admins can edit the 'hidden' fields
+     *  - If someone has 'directory_edit' (which is actually directory_ax_edit): AX level
+     *  - Otherwise, nothing.
+     */
+    public function editVisibility()
+    {
+        $level = Visibility::VIEW_NONE;
+        if ($this->is_admin) {
+            $level = Visibility::VIEW_ADMIN;
+        } elseif ($this->checkPerms('directory_edit')) {
+            $level = Visibility::VIEW_AX;
+        }
+        return Visibility::get($level);
+    }
+
     // We do not want to store the password in the object.
     // So, fetch it 'on demand'
     public function password()
@@ -266,7 +306,7 @@ class User extends PlUser
     public function firstName()
     {
         if (!$this->hasProfile()) {
-            return $this->displayName();
+            return $this->firstname;
         }
         return $this->profile()->firstName();
     }
@@ -274,7 +314,7 @@ class User extends PlUser
     public function lastName()
     {
         if (!$this->hasProfile()) {
-            return '';
+            return $this->lastname;
         }
         return $this->profile()->lastName();
     }
@@ -295,6 +335,14 @@ class User extends PlUser
         return $this->profile()->fullName($with_promo);
     }
 
+    public function shortName($with_promo = false)
+    {
+        if (!$this->hasProfile()) {
+            return $this->full_name;
+        }
+        return $this->profile()->shortName($with_promo);
+    }
+
     public function directoryName()
     {
         if (!$this->hasProfile()) {
@@ -303,6 +351,11 @@ class User extends PlUser
         return $this->profile()->directory_name;
     }
 
+    static public function compareDirectoryName($a, $b)
+    {
+        return strcasecmp(replace_accent($a->directoryName()), replace_accent($b->directoryName()));
+    }
+
     /** Return the main profile attached with this account if any.
      */
     public function profile($forceFetch = false, $fields = 0x0000, $visibility = null)
@@ -310,10 +363,18 @@ class User extends PlUser
         if (!$this->_profile_fetched || $forceFetch) {
             $this->_profile_fetched = true;
             $this->_profile = Profile::get($this, $fields, $visibility);
+        } else if ($this->_profile !== null && $visibility !== null && !$this->_profile->visibility->equals($visibility)) {
+            return Profile::get($this, $fields, $visibility);
         }
         return $this->_profile;
     }
 
+    public function setPrefetchedProfile(Profile $profile)
+    {
+        $this->_profile_fetched = true;
+        $this->_profile = $profile;
+    }
+
     /** Return true if the user has an associated profile.
      */
     public function hasProfile()
@@ -365,6 +426,14 @@ class User extends PlUser
         }
     }
 
+    public function forlifeEmailAlternate()
+    {
+        if (!empty($this->forlife_alternate)) {
+            return $this->forlife_alternate;
+        }
+        return $this->email;
+    }
+
     /** Fetch existing auxiliary alias.
      */
     public function emailAlias()
@@ -505,6 +574,10 @@ class User extends PlUser
         $watch['watch_promos'] = XDB::fetchColumn('SELECT  promo
                                                      FROM  watch_promo
                                                     WHERE  uid = {?}', $this->id());
+        $watch['watch_groups'] = XDB::fetchColumn("SELECT  w.groupid
+                                                     FROM  watch_group AS w
+                                               INNER JOIN  groups      AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub))
+                                                    WHERE  w.uid = {?}", $this->id());
         $watch['watch_users'] = XDB::fetchColumn('SELECT  ni_id
                                                     FROM  watch_nonins
                                                    WHERE  uid = {?}', $this->id());
@@ -535,6 +608,12 @@ class User extends PlUser
         return $this->watch_promos;
     }
 
+    public function watchGroups()
+    {
+        $this->fetchWatchData();
+        return $this->watch_groups;
+    }
+
     public function watchUsers()
     {
         $this->fetchWatchData();
@@ -553,6 +632,7 @@ class User extends PlUser
         unset($this->watch_users);
         unset($this->watch_last);
         unset($this->watch_promos);
+        unset($this->watch_groups);
     }
 
 
@@ -625,10 +705,27 @@ class User extends PlUser
         }
     }
 
+    public function groupCount()
+    {
+        return XDB::fetchOneCell('SELECT  COUNT(DISTINCT(asso_id))
+                                    FROM  group_members
+                                   WHERE  uid = {?}',
+                                 $this->id());
+    }
+
+    public function inGroup($asso_id)
+    {
+        $res = XDB::fetchOneCell('SELECT  COUNT(*)
+                                    FROM  group_members
+                                   WHERE  uid = {?} AND asso_id = {?}',
+                                 $this->id(), $asso_id);
+        return ($res > 0);
+    }
+
     /**
      * Clears a user.
      *  *always deletes in: account_lost_passwords, register_marketing,
-     *      register_pending, register_subs, watch_nonins, watch, watch_promo
+     *      register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group,
      *  *always keeps in: account_types, accounts, email_virtual, carvas,
      *      group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account
      *  *deletes if $clearAll: account_auth_openid, announce_read, contacts,
@@ -648,7 +745,7 @@ class User extends PlUser
     {
         $tables = array('account_lost_passwords', 'register_marketing',
                         'register_pending', 'register_subs', 'watch_nonins',
-                        'watch', 'watch_promo');
+                        'watch', 'watch_promo', 'watch_group');
 
         foreach ($tables as $t) {
             XDB::execute('DELETE FROM  ' . $t . '
@@ -679,7 +776,7 @@ class User extends PlUser
             }
 
             $tables = array('account_auth_openid', 'announce_read', 'contacts',
-                            'email_send_save', 'email_virtual',
+                            'email_send_save',
                             'forum_innd', 'forum_profiles', 'forum_subs',
                             'group_announces_read', 'group_members',
                             'group_member_sub_requests', 'reminder', 'requests',
@@ -692,6 +789,9 @@ class User extends PlUser
             XDB::execute('DELETE FROM  email_redirect_account
                                 WHERE  uid = {?} AND type != \'homonym\'',
                          $this->id());
+            XDB::execute('DELETE FROM  email_virtual
+                                WHERE  redirect = {?}',
+                         $this->forlifeEmail());
 
             foreach (array('gapps_accounts', 'gapps_nicknames') as $t) {
                 XDB::execute('DELETE FROM  ' . $t . '
@@ -739,11 +839,13 @@ class User extends PlUser
                              $this->forlifeEmail(), $newuser->id());
 
                 // Reftech new user so its forlifeEmail will be correct.
-                $newuser = getSilentWithUID($newuser->id());
+                $newuser = self::getSilentWithUID($newuser->id());
             }
 
             // Change email used in mailing lists.
             if ($this->forlifeEmail() != $newuser->forlifeEmail()) {
+                // The super user is the user who has the right to do the modification.
+                $super_user = S::user();
                 // group mailing lists
                 $group_domains = XDB::fetchColumn('SELECT  g.mail_domain
                                                      FROM  groups        AS g
@@ -751,11 +853,11 @@ class User extends PlUser
                                                     WHERE  g.mail_domain != \'\' AND gm.uid = {?}',
                                                   $this->id());
                 foreach ($group_domains as $mail_domain) {
-                    $mmlist = new MMList($this, $mail_domain);
+                    $mmlist = new MMList($super_user, $mail_domain);
                     $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
                 }
                 // main domain lists
-                $mmlist = new MMList($this);
+                $mmlist = new MMList($super_user);
                 $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
             }
         }
@@ -801,7 +903,6 @@ class User extends PlUser
     public static function makePerms($perms, $is_admin)
     {
         $flags = new PlFlagSet($perms);
-        $flags->addFlag(PERMS_USER);
         if ($is_admin) {
             $flags->addFlag(PERMS_ADMIN);
         }
@@ -835,7 +936,7 @@ class User extends PlUser
 
         $is_main_domain = false;
         foreach (self::$sub_mail_domains as $sub_domain) {
-            $is_main_domain = $is_main_domain || $domain != ($sub_domain . $globals->mail->domain) && $domain != ($sub_domain . $globals->mail->domain2);
+            $is_main_domain = $is_main_domain || $domain == ($sub_domain . $globals->mail->domain) || $domain == ($sub_domain . $globals->mail->domain2);
         }
         return $is_main_domain;
     }
@@ -1006,5 +1107,5 @@ class UserIterator implements PlIterator
     }
 }
 
-// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
+// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
 ?>