X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fuser.php;h=4d4a28aedba438315a95f9cc546af6b4cfab32d8;hb=20b087ff2e4bb918f601a9bcc2c67d1fbc5b2231;hp=a54b904ad6b50e1c2c3b4f4311f244ddddee4baf;hpb=8def9eb54fa949fce13b35a4e26add2a8118e6aa;p=platal.git diff --git a/classes/user.php b/classes/user.php index a54b904..4d4a28a 100644 --- a/classes/user.php +++ b/classes/user.php @@ -21,6 +21,15 @@ class User extends PlUser { + const PERM_GROUPS = 'groups'; + const PERM_MAIL = 'mail'; + const PERM_DIRECTORY_AX = 'directory_ax'; + const PERM_DIRECTORY_PRIVATE = 'directory_private'; + const PERM_EDIT_DIRECTORY = 'edit_directory'; + const PERM_FORUMS = 'forums'; + const PERM_LISTS = 'lists'; + const PERM_PAYMENT = 'payment'; + private $_profile_fetched = false; private $_profile = null; @@ -37,7 +46,7 @@ class User extends PlUser } if ($login instanceof User) { - $machin->id(); + return $login->id(); } if ($login instanceof Profile) { @@ -91,16 +100,20 @@ class User extends PlUser return $res->fetchOneCell(); } - /** TODO: implements this by inspecting the profile. if (preg_match('/^(.*)\.([0-9]{4})$/u', $mbox, $matches)) { $res = XDB::query('SELECT a.uid - FROM accounts AS a - INNER JOIN aliases AS al ON (al.id = a.uid AND al.type IN ('alias', 'a_vie')) - WHERE al.alias = {?} AND a.promo = {?}', $matches[1], $matches[2]); + FROM accounts AS a + INNER JOIN aliases AS al ON (al.uid = a.uid AND al.type IN (\'alias\', \'a_vie\')) + INNER JOIN account_profiles AS ap ON (a.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms)) + INNER JOIN profiles AS p ON (p.pid = ap.pid) + INNER JOIN profile_education AS pe ON (p.pid = pe.pid AND FIND_IN_SET(\'primary\', pe.flags)) + WHERE p.hrpid = {?} OR ((pe.entry_year <= {?} AND pe.grad_year >= {?}) AND al.alias = {?}) + GROUP BY a.uid', + $matches[0], $matches[2], $matches[2], $matches[1]); if ($res->numRows() == 1) { return $res->fetchOneCell(); } - }*/ + } throw new UserNotFoundException(); } @@ -175,17 +188,18 @@ class User extends PlUser $uids = array_map(array('XDB', 'escape'), $uids); return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date, ah.alias AS homonym, - IF (af.alias IS NULL, a.email, CONCAT(af.alias, \'@' . $globals->mail->domain . '\')) AS forlife, - CONCAT(af.alias, \'@' . $globals->mail->domain2 . '\') AS forlife_alternate, - IF (ab.alias IS NULL, a.email, CONCAT(ab.alias, \'@' . $globals->mail->domain . '\')) AS bestalias, - CONCAT(ab.alias, \'@' . $globals->mail->domain2 . '\') AS bestalias_alternate, - a.full_name, a.display_name, a.sex = \'female\' AS gender, - IF(a.state = \'active\', at.perms, \'\') AS perms, - a.email_format, a.is_admin, a.state, a.type, a.skin, + IF (af.alias IS NULL, NULL, CONCAT(af.alias, \'@' . $globals->mail->domain . '\')) AS forlife, + IF (af.alias IS NULL, NULL, CONCAT(af.alias, \'@' . $globals->mail->domain2 . '\')) AS forlife_alternate, + IF (ab.alias IS NULL, NULL, CONCAT(ab.alias, \'@' . $globals->mail->domain . '\')) AS bestalias, + IF (ab.alias IS NULL, NULL, CONCAT(ab.alias, \'@' . $globals->mail->domain2 . '\')) AS bestalias_alternate, + a.email, a.full_name, a.directory_name, a.display_name, a.sex = \'female\' AS gender, + IF(a.state = \'active\', CONCAT(at.perms, \',\', IF(a.user_perms IS NULL, \'\', a.user_perms)), \'\') AS perms, + a.user_perms, a.email_format, a.is_admin, a.state, a.type, at.description AS type_description, a.skin, FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment, - a.weak_password IS NOT NULL AS weak_access, - a.token IS NOT NULL AS token_access, - (e.email IS NULL AND NOT FIND_IN_SET(\'googleapps\', eo.storage)) AND a.state != \'pending\' AS lost + a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps, + a.token IS NOT NULL AS token_access, a.token, a.last_version, + (e.email IS NULL AND NOT FIND_IN_SET(\'googleapps\', eo.storage)) AND a.state != \'pending\' AS lost, + UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, UNIX_TIMESTAMP(fp.last_seen) AS banana_last ' . $fields . ' FROM accounts AS a INNER JOIN account_types AS at ON (at.type = a.type) @@ -194,6 +208,10 @@ class User extends PlUser LEFT JOIN aliases AS ah ON (ah.uid = a.uid AND ah.type = \'homonyme\') LEFT JOIN emails AS e ON (e.uid = a.uid AND e.flags = \'active\') LEFT JOIN email_options AS eo ON (eo.uid = a.uid) + LEFT JOIN gapps_accounts AS g ON (a.uid = g.l_userid AND g.g_status = \'active\') + LEFT JOIN log_last_sessions AS ls ON (ls.uid = a.uid) + LEFT JOIN log_sessions AS s ON (s.id = ls.id) + LEFT JOIN forum_profiles AS fp ON (fp.uid = a.uid) ' . $joins . ' WHERE a.uid IN (' . implode(', ', $uids) . ') GROUP BY a.uid @@ -212,35 +230,6 @@ class User extends PlUser $this->fillFromArray(self::loadMainFieldsFromUIDs(array($this->uid))->next()); } - // Specialization of the fillFromArray method, to implement hacks to enable - // lazy loading of user's main properties from the session. - // TODO(vzanotti): remove the conversion hacks once the old codebase will - // stop being used actively. - protected function fillFromArray(array $values) - { - // Also, if display_name and full_name are not known, but the user's - // surname and last name are, we can construct the former two. - if (isset($values['prenom']) && isset($values['nom'])) { - if (!isset($values['display_name'])) { - $values['display_name'] = ($values['prenom'] ? $values['prenom'] : $values['nom']); - } - if (!isset($values['full_name'])) { - $values['full_name'] = $values['prenom'] . ' ' . $values['nom']; - } - } - - // We also need to convert the gender (usually named "femme"), and the - // email format parameter (valued "texte" instead of "text"). - if (isset($values['femme'])) { - $values['gender'] = (bool) $values['femme']; - } - if (isset($values['mail_fmt'])) { - $values['email_format'] = $values['mail_fmt']; - } - - parent::fillFromArray($values); - } - // Specialization of the buildPerms method // This function build 'generic' permissions for the user. It does not take // into account page specific permissions (e.g X.net group permissions) @@ -255,6 +244,12 @@ class User extends PlUser $this->perm_flags = self::makePerms($this->perms, $this->is_admin); } + public function setPerms($perms) + { + $this->perms = $perms; + $this->perm_flags = null; + } + // We do not want to store the password in the object. // So, fetch it 'on demand' public function password() @@ -280,6 +275,16 @@ class User extends PlUser return $this->profile()->promo(); } + public function category() + { + $promo = $this->promo(); + if (!empty($promo)) { + return $promo; + } else { + return $this->type_description; + } + } + public function firstName() { if (!$this->hasProfile()) { @@ -296,6 +301,14 @@ class User extends PlUser return $this->profile()->lastName(); } + public function displayName() + { + if (!$this->hasProfile()) { + return $this->display_name; + } + return $this->profile()->yourself; + } + public function fullName($with_promo = false) { if (!$this->hasProfile()) { @@ -307,16 +320,16 @@ class User extends PlUser public function directoryName() { if (!$this->hasProfile()) { - return $this->full_name; + return $this->directory_name; } return $this->profile()->directory_name; } /** Return the main profile attached with this account if any. */ - public function profile() + public function profile($forceFetch = false) { - if (!$this->_profile_fetched) { + if (!$this->_profile_fetched || $forceFetch) { $this->_profile_fetched = true; $this->_profile = Profile::get($this); } @@ -330,12 +343,26 @@ class User extends PlUser return !is_null($this->profile()); } + /** Return true if given a reference to the profile of this user. + */ + public function isMyProfile($other) + { + if (!$other) { + return false; + } else if ($other instanceof Profile) { + $profile = $this->profile(); + return $profile && $profile->id() == $other->id(); + } + return false; + } + /** Check if the user can edit to given profile. */ public function canEdit(Profile $profile) { - // XXX: Check permissions (e.g. secretary permission) - // and flags from the profile + if ($this->checkPerms(User::PERM_EDIT_DIRECTORY)) { + return true; + } return XDB::fetchOneCell('SELECT pid FROM account_profiles WHERE uid = {?} AND pid = {?}', @@ -401,32 +428,58 @@ class User extends PlUser */ private function fetchMarketingData() { - if (isset($this->last_known_email)) { + if (isset($this->pending_registration_date)) { return; } - // FIXME: We should fetch the last known email as well as the pending registration email (they aren't the same !) - $infos = XDB::fetchOneAssoc('SELECT IF (MAX(m.last) > p.relance, MAX(m.last), p.relance) AS last_relance, - p.email AS last_known_email - FROM register_pending AS p - LEFT JOIN register_marketing AS m ON (p.uid = m.uid) - WHERE p.uid = {?} - GROUP BY p.uid', $this->id()); - if (!$infos) { - $infos = array('last_relance' => null, 'last_known_email' => null); + $infos = XDB::fetchOneAssoc('SELECT rp.date AS pending_registration_date, rp.email AS pending_registration_email, + rm.last AS last_marketing_date, rm.email AS last_marketing_email + FROM accounts AS a + LEFT JOIN register_pending AS rp ON (rp.uid = a.uid) + LEFT JOIN register_marketing AS rm ON (rm.uid = a.uid AND rm.last != \'0000-00-00\') + WHERE a.uid = {?} + ORDER BY rm.last DESC', $this->id()); + if (is_null($infos)) { + $infos = array( + 'pending_registration_date' => null, + 'pending_registration_email' => null, + 'last_marketing_date' => null, + 'last_marketing_email' => null + ); } $this->fillFromArray($infos); } - public function lastMarketingRelance() + public function pendingRegistrationDate() + { + $this->fetchMarketingData(); + return $this->pending_registration_date; + } + + public function pendingRegistrationEmail() + { + $this->fetchMarketingData(); + return $this->pending_registration_email; + } + + public function lastMarketingDate() { $this->fetchMarketingData(); - return $this->last_relance; + return $this->last_marketing_date; + } + + public function lastMarketingEmail() + { + $this->fetchMarketingData(); + return $this->last_marketing_email; } public function lastKnownEmail() { $this->fetchMarketingData(); - return $this->last_known_email; + if ($this->pending_registration_email > $this->last_marketing_date) { + return $this->pending_registration_email; + } + return $this->last_marketing_email; } @@ -443,7 +496,6 @@ class User extends PlUser $this->email_format = $format; } - /** Get watch informations */ private function fetchWatchData() @@ -548,29 +600,36 @@ class User extends PlUser // Groupes X private $groups = null; - public function groups() + public function groups($institutions = false, $onlyPublic = false) { if (is_null($this->groups)) { - $this->groups = XDB::fetchAllAssoc('asso_id', 'SELECT asso_id, perms, comm - FROM group_members + $this->groups = XDB::fetchAllAssoc('asso_id', 'SELECT gm.asso_id, gm.perms, gm.comm, + g.diminutif, g.nom, g.site, g.cat, + g.pub + FROM group_members AS gm + INNER JOIN groups AS g ON (g.id = gm.asso_id) WHERE uid = {?}', $this->id()); } - return $this->groups; - } - - public function groupNames($institutions = false) - { - if ($institutions) { - $where = ' AND (g.cat = \'GroupesX\' OR g.cat = \'Institutions\')'; + if (!$institutions && !$onlyPublic) { + return $this->groups; } else { - $where = ''; + $result = array(); + foreach ($this->groups as $id=>$data) { + if ($institutions) { + if ($data['cat'] != Group::CAT_GROUPESX && $data['cat'] != Group::CAT_INSTITUTIONS) { + continue; + } + } + if ($onlyPublic) { + if ($data['pub'] != 'public') { + continue; + } + } + $result[$id] = $data; + } + return $result; } - return XDB::fetchAllAssoc('SELECT g.diminutif, g.nom, g.site - FROM group_members AS gm - LEFT JOIN groups AS g ON (g.id = gm.asso_id) - WHERE gm.uid = {?}' . $where, - $this->id()); } /** @@ -605,13 +664,15 @@ class User extends PlUser } if ($clearAll) { + global $globals; + $groupIds = XDB::iterator('SELECT asso_id FROM group_members WHERE uid = {?}', $this->id()); while ($groupId = $groupIds->next()) { $group = Group::get($groupId); - if ($group->notif_unsub) { + if (!empty($group) && $group->notif_unsub) { $mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl'); $admins = $group->iterAdmins(); while ($admin = $admins->next()) { @@ -624,17 +685,22 @@ class User extends PlUser } } - $tables = array('account_auth_openid', 'gannounce_read', 'contacts', - 'email_options', 'gemail_send_save', 'emails', - 'forum_innd', 'gforum_profiles', 'forum_subs', - 'gapps_accounts', 'ggapps_nicknames', 'group_announces_read', - 'group_members', 'ggroup_member_sub_requests', 'reminder', 'requests', + $tables = array('account_auth_openid', 'announce_read', 'contacts', + 'email_options', 'email_send_save', 'emails', + 'forum_innd', 'forum_profiles', 'forum_subs', + 'group_announces_read', 'group_members', + 'group_member_sub_requests', 'reminder', 'requests', 'requests_hidden'); - foreach ($tables as $t) { XDB::execute('DELETE FROM ' . $t . ' WHERE uid = {?}', - $this->id()); + $this->id()); + } + + foreach (array('gapps_accounts', 'gapps_nicknames') as $t) { + XDB::execute('DELETE FROM ' . $t . ' + WHERE l_userid = {?}', + $this->id()); } XDB::execute("UPDATE accounts @@ -655,74 +721,102 @@ class User extends PlUser if ($globals->mailstorage->googleapps_domain) { require_once 'googleapps.inc.php'; - if (GoogleAppsAccount::account_status($uid)) { - $account = new GoogleAppsAccount($user); + if (GoogleAppsAccount::account_status($this->id())) { + $account = new GoogleAppsAccount($this); $account->suspend(); } } } $mmlist = new MMList($this); - $mmlist->kill($alias, $clearAll); + $mmlist->kill($this->hruid, $clearAll); } // Merge all infos in other user and then clean this one public function mergeIn(User &$newuser) { - if ($this->profile() || !$newuser->id()) { - // don't disable user with profile in this way + if ($this->profile()) { + // Don't disable user with profile in this way. + global $globals; + Platal::page()->trigError('Impossible de fusionner les comptes ' . $this->hruid . ' et ' . $newuser->hruid . + '. Contacte support@' . $globals->mail->domain . '.'); return false; } - // TODO check all tables to see if there is no other info to use - $newemail = $newuser->forlifeEmail(); - if (!$newemail && $this->forlifeEmail()) { - XDB::execute("UPDATE accounts - SET email = {?} - WHERE uid = {?} AND email IS NULL", - $this->forlifeEmail(), $newuser->id()); - $newemail = $this->forlifeEmail(); - } - - // change email used in aliases and mailing lists - if ($this->forlifeEmail() != $newemail && $this->forlifeEmail()) { - // virtual_redirect (email aliases) - XDB::execute("DELETE v1 - FROM virtual_redirect AS v1, virtual_redirect AS v2 - WHERE v1.vid = v2.vid AND v1.redirect = {?} AND v2.redirect = {?}", - $this->forlifeEmail(), $newemail); - XDB::execute("UPDATE virtual_redirect - SET redirect = {?} - WHERE redirect = {?}", - $newemail, $this->forlifeEmail()); - - // require_once 'mmlist.php'; - - // group mailing lists - $group_domains = XDB::fetchColumn("SELECT g.mail_domain - FROM groups AS g - INNER JOIN group_members AS gm ON(g.id = gm.asso_id) - WHERE g.mail_domain != '' AND gm.uid = {?}", - $this->id()); - foreach ($group_domains as $mail_domain) { - $mmlist = new MMList($this, $mail_domain); - $mmlist->replace_email_in_all($this->forlifeEmail(), $newmail); + if ($this->forlifeEmail()) { + // If the new user is not registered and does not have already an email address, + // we need to give him the old user's email address if he has any. + if (!$newuser->perms) { + XDB::execute('UPDATE accounts + SET email = {?} + WHERE uid = {?} AND email IS NULL', + $this->forlifeEmail(), $newuser->id()); } - // main domain lists - $mmlist = new MMList($this); - $mmlist->replace_email_in_all($this->forlifeEmail(), $newmail); - } - - // group_members (xnet group membership) - XDB::execute("DELETE g1 - FROM group_members AS g1, group_members AS g2 - WHERE g1.uid = {?} AND g2.uid = {?} AND g1.asso_id = g2.asso_id", - $this->id(), $newuser->id()); - XDB::execute("UPDATE group_members - SET uid = {?} - WHERE uid = {?}", - $this->id(), $newuser->id()); + $newemail = XDB::fetchOneCell('SELECT email + FROM accounts + WHERE uid = {?}', + $newuser->id()); + + // Change email used in aliases and mailing lists. + if ($this->forlifeEmail() != $newemail) { + // virtual_redirect (email aliases) + XDB::execute('DELETE v1 + FROM virtual_redirect AS v1, virtual_redirect AS v2 + WHERE v1.vid = v2.vid AND v1.redirect = {?} AND v2.redirect = {?}', + $this->forlifeEmail(), $newemail); + XDB::execute('UPDATE virtual_redirect + SET redirect = {?} + WHERE redirect = {?}', + $newemail, $this->forlifeEmail()); + + // group mailing lists + $group_domains = XDB::fetchColumn('SELECT g.mail_domain + FROM groups AS g + INNER JOIN group_members AS gm ON(g.id = gm.asso_id) + WHERE g.mail_domain != \'\' AND gm.uid = {?}', + $this->id()); + foreach ($group_domains as $mail_domain) { + $mmlist = new MMList($this, $mail_domain); + $mmlist->replace_email_in_all($this->forlifeEmail(), $newemail); + } + // main domain lists + $mmlist = new MMList($this); + $mmlist->replace_email_in_all($this->forlifeEmail(), $newemail); + } + } - XDB::execute("DELETE FROM accounts WHERE uid = {?}", $this->id()); + // Updates user in following tables. + foreach (array('group_announces', 'payment_transactions', 'log_sessions', 'group_events') as $table) { + XDB::execute('UPDATE ' . $table . ' + SET uid = {?} + WHERE uid = {?}', + $newuser->id(), $this->id()); + } + + // Merges user in following tables, ie updates when possible, then deletes remaining occurences of the old user. + foreach (array('group_announces_read', 'group_event_participants', 'group_member_sub_requests', 'group_members') as $table) { + XDB::execute('UPDATE IGNORE ' . $table . ' + SET uid = {?} + WHERE uid = {?}', + $newuser->id(), $this->id()); + XDB::execute('DELETE FROM ' . $table . ' + WHERE uid = {?}', + $this->id()); + } + + // Eventually updates last session id and deletes old user's accounts entry. + $lastSession = XDB::fetchOneCell('SELECT id + FROM log_sessions + WHERE uid = {?} + ORDER BY start DESC + LIMIT 1', + $newuser->id()); + XDB::execute('UPDATE log_last_sessions + SET id = {?} + WHERE uid = {?}', + $newuser->id()); + XDB::execute('DELETE FROM accounts + WHERE uid = {?}', + $this->id()); return true; } @@ -735,6 +829,11 @@ class User extends PlUser if ($is_admin) { $flags->addFlag(PERMS_ADMIN); } + + // Access to private directory implies access to 'less'-private version. + if ($flags->hasFlag('directory_private')) { + $flags->addFlag('directory_ax'); + } return $flags; }