X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fuser.php;h=bc9adc5e41b778ab8344a72759008628faef61f4;hb=fd58ac2072e83c7c8ebbe740290288a78bb599aa;hp=a0daff6f5a73f3e93700d0382b959932b510d9a8;hpb=fc1227efba2971cfcca9fe113b98fe94c197ee89;p=platal.git diff --git a/classes/user.php b/classes/user.php index a0daff6..bc9adc5 100644 --- a/classes/user.php +++ b/classes/user.php @@ -225,6 +225,49 @@ class User extends PlUser $this->perm_flags = null; } + /** Retrieve the 'general' read visibility. + * This is the maximum level of fields that may be viewed by the current user on other profiles. + * + * Rules are: + * - Everyone can view 'public' + * - directory_ax gives access to 'AX' level + * - directory_private gives access to 'private' level + * - admin gives access to 'hidden' level + */ + public function readVisibility() + { + $level = Visibility::VIEW_NONE; + if ($this->is_admin) { + $level = Visibility::VIEW_ADMIN; + } elseif ($this->checkPerms('directory_private')) { + $level = Visibility::VIEW_PRIVATE; + } elseif ($this->checkPerms('directory_ax')) { + $level = Visibility::VIEW_AX; + } else { + $level = Visibility::VIEW_PUBLIC; + } + return Visibility::get($level); + } + + /** Retrieve the 'general' edit visibility. + * This is the maximum level of fields that may be edited by the current user on other profiles. + * + * Rules are: + * - Only admins can edit the 'hidden' fields + * - If someone has 'directory_edit' (which is actually directory_ax_edit): AX level + * - Otherwise, nothing. + */ + public function editVisibility() + { + $level = Visibility::VIEW_NONE; + if ($this->is_admin) { + $level = Visibility::VIEW_ADMIN; + } elseif ($this->checkPerms('directory_edit')) { + $level = Visibility::VIEW_AX; + } + return Visibility::get($level); + } + // We do not want to store the password in the object. // So, fetch it 'on demand' public function password() @@ -263,7 +306,7 @@ class User extends PlUser public function firstName() { if (!$this->hasProfile()) { - return $this->displayName(); + return $this->firstname; } return $this->profile()->firstName(); } @@ -271,7 +314,7 @@ class User extends PlUser public function lastName() { if (!$this->hasProfile()) { - return ''; + return $this->lastname; } return $this->profile()->lastName(); } @@ -320,6 +363,8 @@ class User extends PlUser if (!$this->_profile_fetched || $forceFetch) { $this->_profile_fetched = true; $this->_profile = Profile::get($this, $fields, $visibility); + } else if ($this->_profile !== null && !$this->_profile->visibility->equals($visibility)) { + return Profile::get($this, $fields, $visibility); } return $this->_profile; } @@ -523,6 +568,10 @@ class User extends PlUser $watch['watch_promos'] = XDB::fetchColumn('SELECT promo FROM watch_promo WHERE uid = {?}', $this->id()); + $watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid + FROM watch_group AS w + INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub)) + WHERE w.uid = {?}", $this->id()); $watch['watch_users'] = XDB::fetchColumn('SELECT ni_id FROM watch_nonins WHERE uid = {?}', $this->id()); @@ -553,6 +602,12 @@ class User extends PlUser return $this->watch_promos; } + public function watchGroups() + { + $this->fetchWatchData(); + return $this->watch_groups; + } + public function watchUsers() { $this->fetchWatchData(); @@ -571,6 +626,7 @@ class User extends PlUser unset($this->watch_users); unset($this->watch_last); unset($this->watch_promos); + unset($this->watch_groups); } @@ -663,7 +719,7 @@ class User extends PlUser /** * Clears a user. * *always deletes in: account_lost_passwords, register_marketing, - * register_pending, register_subs, watch_nonins, watch, watch_promo + * register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group, * *always keeps in: account_types, accounts, email_virtual, carvas, * group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account * *deletes if $clearAll: account_auth_openid, announce_read, contacts, @@ -683,7 +739,7 @@ class User extends PlUser { $tables = array('account_lost_passwords', 'register_marketing', 'register_pending', 'register_subs', 'watch_nonins', - 'watch', 'watch_promo'); + 'watch', 'watch_promo', 'watch_group'); foreach ($tables as $t) { XDB::execute('DELETE FROM ' . $t . ' @@ -777,11 +833,13 @@ class User extends PlUser $this->forlifeEmail(), $newuser->id()); // Reftech new user so its forlifeEmail will be correct. - $newuser = getSilentWithUID($newuser->id()); + $newuser = self::getSilentWithUID($newuser->id()); } // Change email used in mailing lists. if ($this->forlifeEmail() != $newuser->forlifeEmail()) { + // The super user is the user who has the right to do the modification. + $super_user = S::user(); // group mailing lists $group_domains = XDB::fetchColumn('SELECT g.mail_domain FROM groups AS g @@ -789,11 +847,11 @@ class User extends PlUser WHERE g.mail_domain != \'\' AND gm.uid = {?}', $this->id()); foreach ($group_domains as $mail_domain) { - $mmlist = new MMList($this, $mail_domain); + $mmlist = new MMList($super_user, $mail_domain); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } // main domain lists - $mmlist = new MMList($this); + $mmlist = new MMList($super_user); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } } @@ -839,7 +897,6 @@ class User extends PlUser public static function makePerms($perms, $is_admin) { $flags = new PlFlagSet($perms); - $flags->addFlag(PERMS_USER); if ($is_admin) { $flags->addFlag(PERMS_ADMIN); }