X-Git-Url: http://git.polytechnique.org/?a=blobdiff_plain;f=classes%2Fxnetsession.php;h=fdda6d78c65fc1550385d7e4b75eaa88d93e5925;hb=671b7073a0debbd347e7276f44fa04c961693f4c;hp=155b76527607e641aa4c60b80c78c3c55e9fe118;hpb=bb749d55509e1ea442cf67ad03975a2f4535aa90;p=platal.git

diff --git a/classes/xnetsession.php b/classes/xnetsession.php
index 155b765..fdda6d7 100644
--- a/classes/xnetsession.php
+++ b/classes/xnetsession.php
@@ -1,6 +1,6 @@
 <?php
 /***************************************************************************
- *  Copyright (C) 2003-2008 Polytechnique.org                              *
+ *  Copyright (C) 2003-2009 Polytechnique.org                              *
  *  http://opensource.polytechnique.org/                                   *
  *                                                                         *
  *  This program is free software; you can redistribute it and/or modify   *
@@ -19,20 +19,15 @@
  *  59 Temple Place, Suite 330, Boston, MA  02111-1307  USA                *
  ***************************************************************************/
 
-class XnetSession extends PlSession
+class XnetSession extends XorgSession
 {
     public function __construct()
     {
         parent::__construct();
-        S::bootstrap('perms_backup', new PlFlagSet());
     }
 
     public function startAvailableAuth()
     {
-        if (!(S::v('perms') instanceof PlFlagSet)) {
-            S::set('perms', S::v('perms_backup'));
-        }
-
         if (!S::logged() && Get::has('auth')) {
             if (!$this->start(AUTH_MDP)) {
                 return false;
@@ -74,7 +69,6 @@ class XnetSession extends PlSession
                 $perms->addFlag('groupannu');
             }
             S::set('perms', $perms);
-            S::set('perms_backup', $perms);
         }
         return true;
     }
@@ -82,7 +76,7 @@ class XnetSession extends PlSession
     protected function doAuth($level)
     {
         if (S::identified()) { // ok, c'est bon, on n'a rien Ã  faire
-            return S::i('uid');
+            return User::getSilentWithValues(null, array('user_id' => S::i('uid')));
         }
         if (!Get::has('auth')) {
             return null;
@@ -93,31 +87,25 @@ class XnetSession extends PlSession
         }
         Get::kill('auth');
         S::set('auth', AUTH_MDP);
-        return Get::i('uid');
+        return User::getSilentWithValues(null, array('user_id' => Get::i('uid')));
     }
 
     protected function startSessionAs($user, $level)
     {
-        global $globals;
-
-        if ($level == -1) {
+        if ($level == AUTH_SUID) {
             S::set('auth', AUTH_MDP);
         }
-        $res  = XDB::query("SELECT  u.user_id AS uid, u.hruid, prenom, nom, perms, promo, password, FIND_IN_SET('femme', u.flags) AS femme,
-                                    CONCAT(a.alias, '@{$globals->mail->domain}') AS forlife,
-                                    CONCAT(a2.alias, '@{$globals->mail->domain}') AS bestalias,
-                                    q.core_mail_fmt AS mail_fmt, q.core_rss_hash
-                              FROM  auth_user_md5   AS u
-                        INNER JOIN  auth_user_quick AS q  USING(user_id)
-                        INNER JOIN  aliases         AS a  ON (u.user_id = a.id AND a.type = 'a_vie')
-                        INNER JOIN  aliases         AS a2 ON (u.user_id = a2.id AND FIND_IN_SET('bestalias', a2.flags))
-                             WHERE  u.user_id = {?} AND u.perms IN('admin', 'user')
-                             LIMIT  1", $user);
+        $res  = XDB::query("SELECT  a.uid, a.hruid, a.display_name, a.full_name,
+                                    a.sex = 'female' AS femme,
+                                    a.email_format, a.token,
+                                    at.perms, a.is_admin
+                              FROM  accounts AS a
+                        INNER JOIN  account_types AS at ON (at.type = a.type)
+                             WHERE  a.uid = {?} AND a.state = 'active'
+                             LIMIT  1", $user->id());
         $sess = $res->fetchOneAssoc();
-        $perms = $sess['perms'];
-        unset($sess['perms']);
         $_SESSION = array_merge($_SESSION, $sess);
-        $this->makePerms($perms);
+        $this->makePerms(S::s('perms'), S::b('is_admin'));
         S::kill('challenge');
         S::kill('loginX');
         S::kill('may_update');
@@ -134,47 +122,25 @@ class XnetSession extends PlSession
 
     public function doSelfSuid()
     {
-        if (!$this->startSUID(S::i('uid'))) {
+        $user =& S::user();
+        if (!$this->startSUID($user)) {
             return false;
         }
-        $this->makePerms('user');
+        S::set('perms', User::makePerms('user'));
         return true;
     }
 
     public function stopSUID()
     {
-        $suid = S::v('suid');
+        $perms = S::suid('perms');
         if (!parent::stopSUID()) {
             return false;
         }
-        S::kill('suid');
         S::kill('may_update');
         S::kill('is_member');
-        S::set('perms', $suid['perms']);
-        S::set('perms_backup', $suid['perms_backup']);
+        S::set('perms', $perms);
         return true;
     }
-
-    public function makePerms($perm)
-    {
-        $flags = new PlFlagSet();
-        if ($perm == 'disabled' || $perm == 'ext') {
-            S::set('perms', $flags);
-            S::set('perms_backup', $flags);
-            return;
-        }
-        $flags->addFlag(PERMS_USER);
-        if ($perm == 'admin') {
-            $flags->addFlag(PERMS_ADMIN);
-        }
-        S::set('perms', $flags);
-        S::set('perms_backup', $flags);
-    }
-
-    public function sureLevel()
-    {
-        return AUTH_MDP;
-    }
 }
 
 // {{{ function may_update
@@ -196,11 +162,11 @@ function may_update($force = false, $lose = false)
         return false;
     } elseif ($lose) {
         $may_update[$asso_id] = false;
-    } elseif (S::has_perms() || (S::has('suid') && $force)) {
+    } elseif (S::admin() || (S::suid() && $force)) {
         $may_update[$asso_id] = true;
     } elseif (!isset($may_update[$asso_id]) || $force) {
         $res = XDB::query("SELECT  perms
-                             FROM  groupex.membres
+                             FROM  #groupex#.membres
                             WHERE  uid={?} AND asso_id={?}",
                           S::v('uid'), $asso_id);
         $may_update[$asso_id] = ($res->fetchOneCell() == 'admin');
@@ -228,11 +194,11 @@ function is_member($force = false, $lose = false)
         return false;
     } elseif ($lose) {
         $is_member[$asso_id] = false;
-    } elseif (S::has('suid') && $force) {
+    } elseif (S::suid() && $force) {
         $is_member[$asso_id] = true;
     } elseif (!isset($is_member[$asso_id]) || $force) {
         $res = XDB::query("SELECT  COUNT(*)
-                             FROM  groupex.membres
+                             FROM  #groupex#.membres
                             WHERE  uid={?} AND asso_id={?}",
                 S::v('uid'), $asso_id);
         $is_member[$asso_id] = ($res->fetchOneCell() == 1);