X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fuser.php;h=29b490408fe3238d8de5b88f0248f432e593e7b4;hb=455ea0c945b03435bd30ded9c92b7f2619f42af0;hp=b99b2ddd826ef446badaf99193fe0ad4fb3007f1;hpb=702320204661a870319c2d60a4803f2ff6d27df9;p=platal.git diff --git a/classes/user.php b/classes/user.php index b99b2dd..29b4904 100644 --- a/classes/user.php +++ b/classes/user.php @@ -21,14 +21,36 @@ class User extends PlUser { + private $_profile_fetched = false; + private $_profile = null; + // Implementation of the login to uid method. protected function getLogin($login) { global $globals; + if ($login instanceof User) { + $machin->id(); + } + + if ($login instanceof Profile) { + $this->_profile = $login; + $this->_profile_fetched = true; + $res = XDB::query('SELECT ap.uid + FROM account_profiles AS ap + WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)', + $login->id()); + if ($res->numRows()) { + return $res->fetchOneCell(); + } + throw new UserNotFoundException(); + } + // If $data is an integer, fetches directly the result. if (is_numeric($login)) { - $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE user_id = {?}", $login); + $res = XDB::query('SELECT a.uid + FROM accounts AS a + WHERE a.uid = {?}', $login); if ($res->numRows()) { return $res->fetchOneCell(); } @@ -37,7 +59,9 @@ class User extends PlUser } // Checks whether $login is a valid hruid or not. - $res = XDB::query("SELECT user_id FROM auth_user_md5 WHERE hruid = {?}", $login); + $res = XDB::query('SELECT a.uid + FROM accounts AS a + WHERE a.hruid = {?}', $login); if ($res->numRows()) { return $res->fetchOneCell(); } @@ -52,23 +76,24 @@ class User extends PlUser // Checks if $login is a valid alias on the main domains. list($mbox, $fqdn) = explode('@', $login); if ($fqdn == $globals->mail->domain || $fqdn == $globals->mail->domain2) { - $res = XDB::query("SELECT u.user_id - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie')) - WHERE a.alias = {?}", $mbox); + $res = XDB::query('SELECT a.uid + FROM accounts AS a + INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN (\'alias\', \'a_vie\')) + WHERE al.alias = {?}', $mbox); if ($res->numRows()) { return $res->fetchOneCell(); } + /** TODO: implements this by inspecting the profile. if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) { - $res = XDB::query("SELECT u.user_id - FROM auth_user_md5 AS u - INNER JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie')) - WHERE a.alias = {?} AND u.promo = {?}", $matches[1], $matches[2]); + $res = XDB::query('SELECT a.uid + FROM accounts AS a + INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie')) + WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]); if ($res->numRows() == 1) { return $res->fetchOneCell(); } - } + }*/ throw new UserNotFoundException(); } @@ -82,10 +107,10 @@ class User extends PlUser if ($redir = $res->fetchOneCell()) { // We now have a valid alias, which has to be translated to an hruid. list($alias, $alias_fqdn) = explode('@', $redir); - $res = XDB::query("SELECT u.user_id - FROM auth_user_md5 AS u - LEFT JOIN aliases AS a ON (a.id = u.user_id AND a.type IN ('alias', 'a_vie')) - WHERE a.alias = {?}", $alias); + $res = XDB::query("SELECT a.uid + FROM accounts AS a + LEFT JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie')) + WHERE al.alias = {?}", $alias); if ($res->numRows()) { return $res->fetchOneCell(); } @@ -94,10 +119,18 @@ class User extends PlUser throw new UserNotFoundException(); } + // Looks for an account with the given email. + $res = XDB::query('SELECT a.uid + FROM accounts AS a + WHERE a.email = {?}', $login); + if ($res->numRows() == 1) { + return $res->fetchOneCell(); + } + // Otherwise, we do suppose $login is an email redirection. - $res = XDB::query("SELECT u.user_id - FROM auth_user_md5 AS u - LEFT JOIN emails AS e ON (e.uid = u.user_id) + $res = XDB::query("SELECT a.uid + FROM accounts AS a + LEFT JOIN emails AS e ON (e.uid = a.uid) WHERE e.email = {?}", $login); if ($res->numRows() == 1) { return $res->fetchOneCell(); @@ -106,30 +139,97 @@ class User extends PlUser throw new UserNotFoundException($res->fetchColumn(1)); } + protected static function loadMainFieldsFromUIDs(array $uids, $sorted = null) + { + global $globals; + $joins = ''; + $orderby = ''; + $fields = array(); + if (!is_null($sorted)) { + $order = array(); + $with_ap = false; + $with_pd = false; + foreach (explode(',', $sorted) as $part) { + $desc = ($part[0] == '-'); + if ($desc) { + $part = substr($desc, 1); + } + switch ($part) { + case 'promo': + $with_pd = true; + $with_ap = true; + $part = 'IF (pd.promo IS NULL, \'ext\', pd.promo)'; + break; + case 'full_name': + $part = 'a.full_name'; + break; + case 'display_name': + $part = 'a.display_name'; + break; + default: + $part = null; + } + if (!is_null($part)) { + if ($desc) { + $part .= ' DESC'; + } + $order[] = $part; + } + } + if (count($order) > 0) { + if ($with_ap) { + $joins .= "LEFT JOIN account_profiles AS ap ON (ap.uid = a.uid AND FIND_IN_SET('owner', ap.perms))\n"; + } + if ($with_pd) { + $joins .= "LEFT JOIN profile_display AS pd ON (pd.pid = ap.pid)\n"; + } + $orderby = 'ORDER BY ' . implode(', ', $order); + } + } + if ($globals->asso('id')) { + $joins .= XDB::format("LEFT JOIN groupex.membres AS gpm ON (gpm.uid = a.uid AND gpm.asso_id = {?})\n", $globals->asso('id')); + $fields[] = 'gpm.perms AS group_perms'; + } + if (count($fields) > 0) { + $fields = ', ' . implode(', ', $fields); + } else { + $fields = ''; + } + $uids = array_map(array('XDB', 'escape'), $uids); + return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date, + CONCAT(af.alias, \'@' . $globals->mail->domain . '\') AS forlife, + CONCAT(ab.alias, \'@' . $globals->mail->domain . '\') AS bestalias, + a.full_name, a.display_name, a.sex = \'female\' AS gender, + IF(a.state = \'active\', at.perms, \'\') AS perms, + a.email_format, a.is_admin, a.state, a.type, a.skin, + FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment, + a.weak_password IS NOT NULL AS weak_access, + a.token IS NOT NULL AS token_access ' . $fields . ' + FROM accounts AS a + INNER JOIN account_types AS at ON (at.type = a.type) + LEFT JOIN aliases AS af ON (af.id = a.uid AND af.type = \'a_vie\') + LEFT JOIN aliases AS ab ON (ab.id = a.uid AND FIND_IN_SET(\'bestalias\', ab.flags)) + ' . $joins . ' + WHERE a.uid IN (' . implode(', ', $uids) . ') + ' . $orderby); + } + // Implementation of the data loader. protected function loadMainFields() { - if ($this->hruid != null && $this->forlife != null && - $this->bestalias != null && $this->display_name != null && - $this->full_name != null && $this->promo != NULL) { + if ($this->hruid !== null && $this->forlife !== null + && $this->bestalias !== null && $this->display_name !== null + && $this->full_name !== null && $this->perms !== null + && $this->gender !== null && $this->email_format !== null) { return; } - - global $globals; - $res = XDB::query("SELECT u.hruid, u.promo, - CONCAT(af.alias, '@{$globals->mail->domain}') AS forlife, - CONCAT(ab.alias, '@{$globals->mail->domain}') AS bestalias, - CONCAT(u.prenom, ' ', u.nom) AS full_name, - IF(u.prenom != '', u.prenom, u.nom) AS display_name - FROM auth_user_md5 AS u - LEFT JOIN aliases AS af ON (af.id = u.user_id AND af.type = 'a_vie') - LEFT JOIN aliases AS ab ON (ab.id = u.user_id AND FIND_IN_SET('bestalias', ab.flags)) - WHERE u.user_id = {?}", $this->user_id); - $this->fillFromArray($res->fetchOneAssoc()); + $this->fillFromArray(self::loadMainFieldsFromUIDs(array($this->user_id))->next()); } // Specialization of the fillFromArray method, to implement hacks to enable // lazy loading of user's main properties from the session. + // TODO(vzanotti): remove the conversion hacks once the old codebase will + // stop being used actively. protected function fillFromArray(array $values) { // It might happen that the 'user_id' field is called uid in some places @@ -150,9 +250,133 @@ class User extends PlUser } } + // We also need to convert the gender (usually named "femme"), and the + // email format parameter (valued "texte" instead of "text"). + if (isset($values['femme'])) { + $values['gender'] = (bool) $values['femme']; + } + if (isset($values['mail_fmt'])) { + $values['email_format'] = $values['mail_fmt']; + } + parent::fillFromArray($values); } + // Specialization of the buildPerms method + // This function build 'generic' permissions for the user. It does not take + // into account page specific permissions (e.g X.net group permissions) + protected function buildPerms() + { + if (!is_null($this->perm_flags)) { + return; + } + if ($this->perms === null) { + $this->loadMainFields(); + } + $this->perm_flags = self::makePerms($this->perms, $this->is_admin); + } + + // We do not want to store the password in the object. + // So, fetch it 'on demand' + public function password() + { + return XDB::fetchOneCell('SELECT a.password + FROM accounts AS a + WHERE a.uid = {?}', $this->id()); + } + + /** Overload PlUser::promo(): there no promo defined for a user in the current + * schema. The promo is a field from the profile. + */ + public function promo() + { + if (!$this->hasProfile()) { + return ''; + } + return $this->profile()->promo(); + } + + /** Return the main profile attached with this account if any. + */ + public function profile() + { + if (!$this->_profile_fetched) { + $this->_profile_fetched = true; + $this->_profile = Profile::get($this); + } + return $this->_profile; + } + + /** Return true if the user has an associated profile. + */ + public function hasProfile() + { + return !is_null($this->profile()); + } + + /** Check if the user can edit to given profile. + */ + public function canEdit(Profile $profile) + { + // XXX: Check permissions (e.g. secretary permission) + // and flags from the profile + return XDB::fetchOneCell('SELECT pid + FROM account_profiles + WHERE uid = {?} AND pid = {?}', + $this->id(), $profile->id()); + } + + /** Get the email alias of the user. + */ + public function emailAlias() + { + global $globals; + $data = $this->emailAliases($globals->mail->alias_dom); + if (count($data) > 0) { + return array_pop($data); + } + return null; + } + + /** Get all the aliases the user belongs to. + */ + public function emailAliases($domain = null) + { + $where = ''; + if (!is_null($domain)) { + $where = XDB::format(' AND alias LIKE CONCAT("%@", {?})', $domain); + } + return XDB::fetchColumn('SELECT v.alias + FROM virtual AS v + INNER JOIN virtual_redirect AS vr ON (v.vid = vr.vid) + WHERE (vr.redirect = {?} OR vr.redirect = {?}) + ' . $where, + $this->forlifeEmail(), $this->m4xForlifeEmail()); + } + + /** Get the alternative forlife email + * TODO: remove this uber-ugly hack. The issue is that you need to remove + * all @m4x.org addresses in virtual_redirect first. + * XXX: This is juste to make code more readable, to be remove as soon as possible + */ + public function m4xForlifeEmail() + { + global $globals; + trigger_error('USING M4X FORLIFE', E_USER_NOTICE); + return $this->login() . '@' . $globals->mail->domain2; + } + + // Return permission flags for a given permission level. + public static function makePerms($perms, $is_admin) + { + $flags = new PlFlagSet($perms); + $flags->addFlag(PERMS_USER); + if ($is_admin) { + $flags->addFlag(PERMS_ADMIN); + } + return $flags; + } + // Implementation of the default user callback. public static function _default_user_callback($login, $results) { @@ -178,6 +402,17 @@ class User extends PlUser $dom != $globals->mail->alias_dom && $dom != $globals->mail->alias_dom2; } + + // Fetch a set of users from a list of UIDs + public static function getBuildUsersWithUIDs(array $uids, $sortby = null) + { + $fields = self::loadMainFieldsFromUIDs($uids, $sortby); + $users = array(); + while (($list = $fields->next())) { + $users[] = User::getSilentWithValues(null, $list); + } + return $users; + } } // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: