X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fuser.php;h=e380dacde2037f0f7168675f85a0308b645a0228;hb=6c615821baef0daad2d1d8d7ef988be146da58e3;hp=ab554bc4174ec5fb630869a139e7aaa92c5d164e;hpb=c4f03937349bddfad25990239a825f8161615260;p=platal.git diff --git a/classes/user.php b/classes/user.php index ab554bc..e380dac 100644 --- a/classes/user.php +++ b/classes/user.php @@ -1,6 +1,6 @@ numRows()) { return $res->fetchOneCell(); } @@ -170,7 +171,7 @@ class User extends PlUser FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment, a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps, a.token IS NOT NULL AS token_access, a.token, a.last_version, - UNIX_TIMESTAMP(s.start) AS lastlogin, s.host, UNIX_TIMESTAMP(fp.last_seen) AS banana_last + s.start AS lastlogin, s.host, fp.last_seen AS banana_last ' . $fields . ' FROM accounts AS a INNER JOIN account_types AS at ON (at.type = a.type) @@ -225,6 +226,49 @@ class User extends PlUser $this->perm_flags = null; } + /** Retrieve the 'general' read visibility. + * This is the maximum level of fields that may be viewed by the current user on other profiles. + * + * Rules are: + * - Everyone can view 'public' + * - directory_ax gives access to 'AX' level, ie. the printed directory + * - directory_private gives access to 'private' level + * - admin and directory_hidden gives access to 'hidden' level + */ + public function readVisibility() + { + $level = Visibility::VIEW_NONE; + if ($this->is_admin || $this->checkPerms('directory_hidden')) { + $level = Visibility::VIEW_ADMIN; + } elseif ($this->checkPerms('directory_private')) { + $level = Visibility::VIEW_PRIVATE; + } elseif ($this->checkPerms('directory_ax')) { + $level = Visibility::VIEW_AX; + } else { + $level = Visibility::VIEW_PUBLIC; + } + return Visibility::get($level); + } + + /** Retrieve the 'general' edit visibility. + * This is the maximum level of fields that may be edited by the current user on other profiles. + * + * Rules are: + * - Only admins can edit the 'hidden' fields + * - If someone has 'directory_edit' (which is actually directory_ax_edit): AX level + * - Otherwise, nothing. + */ + public function editVisibility() + { + $level = Visibility::VIEW_NONE; + if ($this->is_admin) { + $level = Visibility::VIEW_ADMIN; + } elseif ($this->checkPerms('directory_edit')) { + $level = Visibility::VIEW_AX; + } + return Visibility::get($level); + } + // We do not want to store the password in the object. // So, fetch it 'on demand' public function password() @@ -263,7 +307,7 @@ class User extends PlUser public function firstName() { if (!$this->hasProfile()) { - return $this->displayName(); + return $this->firstname; } return $this->profile()->firstName(); } @@ -271,7 +315,7 @@ class User extends PlUser public function lastName() { if (!$this->hasProfile()) { - return ''; + return $this->lastname; } return $this->profile()->lastName(); } @@ -292,6 +336,14 @@ class User extends PlUser return $this->profile()->fullName($with_promo); } + public function shortName($with_promo = false) + { + if (!$this->hasProfile()) { + return $this->full_name; + } + return $this->profile()->shortName($with_promo); + } + public function directoryName() { if (!$this->hasProfile()) { @@ -312,10 +364,18 @@ class User extends PlUser if (!$this->_profile_fetched || $forceFetch) { $this->_profile_fetched = true; $this->_profile = Profile::get($this, $fields, $visibility); + } else if ($this->_profile !== null && $visibility !== null && !$this->_profile->visibility->equals($visibility)) { + return Profile::get($this, $fields, $visibility); } return $this->_profile; } + public function setPrefetchedProfile(Profile $profile) + { + $this->_profile_fetched = true; + $this->_profile = $profile; + } + /** Return true if the user has an associated profile. */ public function hasProfile() @@ -515,6 +575,10 @@ class User extends PlUser $watch['watch_promos'] = XDB::fetchColumn('SELECT promo FROM watch_promo WHERE uid = {?}', $this->id()); + $watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid + FROM watch_group AS w + INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub)) + WHERE w.uid = {?}", $this->id()); $watch['watch_users'] = XDB::fetchColumn('SELECT ni_id FROM watch_nonins WHERE uid = {?}', $this->id()); @@ -545,6 +609,12 @@ class User extends PlUser return $this->watch_promos; } + public function watchGroups() + { + $this->fetchWatchData(); + return $this->watch_groups; + } + public function watchUsers() { $this->fetchWatchData(); @@ -563,6 +633,7 @@ class User extends PlUser unset($this->watch_users); unset($this->watch_last); unset($this->watch_promos); + unset($this->watch_groups); } @@ -655,7 +726,7 @@ class User extends PlUser /** * Clears a user. * *always deletes in: account_lost_passwords, register_marketing, - * register_pending, register_subs, watch_nonins, watch, watch_promo + * register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group, * *always keeps in: account_types, accounts, email_virtual, carvas, * group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account * *deletes if $clearAll: account_auth_openid, announce_read, contacts, @@ -675,7 +746,7 @@ class User extends PlUser { $tables = array('account_lost_passwords', 'register_marketing', 'register_pending', 'register_subs', 'watch_nonins', - 'watch', 'watch_promo'); + 'watch', 'watch_promo', 'watch_group'); foreach ($tables as $t) { XDB::execute('DELETE FROM ' . $t . ' @@ -769,11 +840,13 @@ class User extends PlUser $this->forlifeEmail(), $newuser->id()); // Reftech new user so its forlifeEmail will be correct. - $newuser = getSilentWithUID($newuser->id()); + $newuser = self::getSilentWithUID($newuser->id()); } // Change email used in mailing lists. if ($this->forlifeEmail() != $newuser->forlifeEmail()) { + // The super user is the user who has the right to do the modification. + $super_user = S::user(); // group mailing lists $group_domains = XDB::fetchColumn('SELECT g.mail_domain FROM groups AS g @@ -781,11 +854,11 @@ class User extends PlUser WHERE g.mail_domain != \'\' AND gm.uid = {?}', $this->id()); foreach ($group_domains as $mail_domain) { - $mmlist = new MMList($this, $mail_domain); + $mmlist = new MMList($super_user, $mail_domain); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } // main domain lists - $mmlist = new MMList($this); + $mmlist = new MMList($super_user); $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail()); } } @@ -831,7 +904,6 @@ class User extends PlUser public static function makePerms($perms, $is_admin) { $flags = new PlFlagSet($perms); - $flags->addFlag(PERMS_USER); if ($is_admin) { $flags->addFlag(PERMS_ADMIN); } @@ -1036,5 +1108,5 @@ class UserIterator implements PlIterator } } -// vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: +// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8: ?>