projects / platal.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add "directory_hidden" permission to account types
[platal.git] / classes / user.php
CommitLineData
9f8ebb9f
VZ		 1<?php
2/***************************************************************************
c441aabe 3 * Copyright (C) 2003-2014 Polytechnique.org *
9f8ebb9f
VZ		 4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
2d96cf7b 22class User extends PlUser
9f8ebb9f 23{
16d2c883 24 const PERM_API_USER_READONLY = 'api_user_readonly';
30962fae
FB		 25 const PERM_DIRECTORY_AX = 'directory_ax';
26 const PERM_DIRECTORY_PRIVATE = 'directory_private';
7f217324 27 const PERM_DIRECTORY_HIDDEN = 'directory_hidden';
30962fae
FB		 28 const PERM_EDIT_DIRECTORY = 'edit_directory';
29 const PERM_FORUMS = 'forums';
16d2c883 30 const PERM_GROUPS = 'groups';
30962fae 31 const PERM_LISTS = 'lists';
16d2c883 32 const PERM_MAIL = 'mail';
30962fae
FB		 33 const PERM_PAYMENT = 'payment';
34
f036c896
SJ		 35 public static $sub_mail_domains = array(
36 'x' => '',
37 'master' => 'master.',
38 'phd' => 'doc.',
39 'all' => 'alumni.'
40 );
41
3e53a496
FB		 42 private $_profile_fetched = false;
43 private $_profile = null;
44
956608bc
RB		 45 // Additional fields (non core)
46 protected $promo = null;
47
70232020 48 // Implementation of the login to uid method.
b1719b13
VZ		 49 protected function getLogin($login)
50 {
51 global $globals;
52
f6c58d14
VZ		 53 if (!$login) {
54 throw new UserNotFoundException();
55 }
56
455ea0c9 57 if ($login instanceof User) {
14da7ef4 58 return $login->id();
455ea0c9
FB		 59 }
60
e7b93962 61 if ($login instanceof Profile) {
3e53a496
FB		 62 $this->_profile = $login;
63 $this->_profile_fetched = true;
e7b93962
FB		 64 $res = XDB::query('SELECT ap.uid
65 FROM account_profiles AS ap
66 WHERE ap.pid = {?} AND FIND_IN_SET(\'owner\', perms)',
67 $login->id());
68 if ($res->numRows()) {
69 return $res->fetchOneCell();
70 }
71 throw new UserNotFoundException();
72 }
73
b1719b13
VZ		 74 // If $data is an integer, fetches directly the result.
75 if (is_numeric($login)) {
06a548e5
SJ		 76 $res = XDB::query('SELECT uid
77 FROM accounts
78 WHERE uid = {?}', $login);
b1719b13 79 if ($res->numRows()) {
70232020 80 return $res->fetchOneCell();
b1719b13
VZ		 81 }
82
83 throw new UserNotFoundException();
84 }
85
86 // Checks whether $login is a valid hruid or not.
bfc34dc5 87 $res = XDB::query('SELECT uid
06a548e5 88 FROM accounts
c846452b
RB		 89 WHERE hruid = {?}', $login);
90 if ($res->numRows()) {
70232020 91 return $res->fetchOneCell();
b1719b13
VZ		 92 }
93
94 // From now, $login can only by an email alias, or an email redirection.
b1719b13
VZ		 95 $login = trim(strtolower($login));
96 if (strstr($login, '@') === false) {
ac57076f
SJ		 97 $res = XDB::fetchOneCell('SELECT uid
98 FROM email_source_account
99 WHERE email = {?}',
100 $login);
06a548e5
SJ		 101 } else {
102 list($email, $domain) = explode('@', $login);
ac57076f
SJ		 103 $res = XDB::fetchOneCell('SELECT s.uid
104 FROM email_source_account AS s
105 INNER JOIN email_virtual_domains AS m ON (s.domain = m.id)
106 INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)
107 WHERE s.email = {?} AND d.name = {?}',
108 $email, $domain);
b1719b13
VZ		 109 }
110
06a548e5
SJ		 111 if ($res) {
112 return $res;
b1719b13
VZ		 113 }
114
cb8a8977 115 // Looks for an account with the given email.
06a548e5
SJ		 116 $res = XDB::query('SELECT uid
117 FROM accounts
118 WHERE email = {?}', $login);
cb8a8977
FB		 119 if ($res->numRows() == 1) {
120 return $res->fetchOneCell();
121 }
122
b1719b13 123 // Otherwise, we do suppose $login is an email redirection.
06a548e5
SJ		 124 $res = XDB::query('SELECT uid
125 FROM email_redirect_account
126 WHERE redirect = {?}', $login);
b1719b13 127 if ($res->numRows() == 1) {
70232020 128 return $res->fetchOneCell();
b1719b13
VZ		 129 }
130
131 throw new UserNotFoundException($res->fetchColumn(1));
132 }
133
0d906109 134 protected static function loadMainFieldsFromUIDs(array $uids, $respect_order = true)
832e6fcb 135 {
6d33f1d3
FB		 136 if (empty($uids)) {
137 return PlIteratorUtils::emptyIterator();
138 }
139
45dcd6dd 140 global $globals;
832e6fcb 141 $joins = '';
45dcd6dd 142 $fields = array();
45dcd6dd 143 if ($globals->asso('id')) {
eb41eda9 144 $joins .= XDB::format("LEFT JOIN group_members AS gpm ON (gpm.uid = a.uid AND gpm.asso_id = {?})\n", $globals->asso('id'));
45dcd6dd 145 $fields[] = 'gpm.perms AS group_perms';
a6761ca9 146 $fields[] = 'gpm.comm AS group_comm';
33fcb12c 147 $fields[] = 'gpm.position AS group_position';
45dcd6dd
FB		 148 }
149 if (count($fields) > 0) {
150 $fields = ', ' . implode(', ', $fields);
a3118782
FB		 151 } else {
152 $fields = '';
45dcd6dd 153 }
0d906109
RB		 154
155 if ($respect_order) {
156 $order = 'ORDER BY ' . XDB::formatCustomOrder('a.uid', $uids);
157 } else {
158 $order = '';
159 }
160
45dcd6dd 161 $uids = array_map(array('XDB', 'escape'), $uids);
0d906109 162
b7753795 163 return XDB::iterator('SELECT a.uid, a.hruid, a.registration_date, h.uid IS NOT NULL AS homonym, a.firstname, a.lastname,
f036c896
SJ		 164 IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', mf.name)) AS forlife,
165 IF(ef.email IS NULL, NULL, CONCAT(ef.email, \'@\', df.name)) AS forlife_alternate,
166 IF(eb.email IS NULL, NULL, CONCAT(eb.email, \'@\', mb.name)) AS bestalias,
dac6e2c6 167 (er.redirect IS NULL AND a.state = \'active\' AND FIND_IN_SET(\'mail\', at.perms)) AS lost,
33a4f3f9 168 a.email, a.full_name, a.directory_name, a.display_name, a.sex = \'female\' AS gender,
7fd6dbb3 169 IF(a.state = \'active\', CONCAT(at.perms, \',\', IF(a.user_perms IS NULL, \'\', a.user_perms)), \'\') AS perms,
f60c3d1f 170 a.user_perms, a.email_format, a.is_admin, a.state, a.type, at.description AS type_description, a.skin,
832e6fcb 171 FIND_IN_SET(\'watch\', a.flags) AS watch, a.comment,
2ab3486b
SJ		 172 a.weak_password IS NOT NULL AS weak_access, g.g_account_name IS NOT NULL AS googleapps,
173 a.token IS NOT NULL AS token_access, a.token, a.last_version,
1b78b883 174 s.start AS lastlogin, s.host, fp.last_seen AS banana_last
2c411733 175 ' . $fields . '
06a548e5
SJ		 176 FROM accounts AS a
177 INNER JOIN account_types AS at ON (at.type = a.type)
178 LEFT JOIN email_source_account AS ef ON (ef.uid = a.uid AND ef.type = \'forlife\')
179 LEFT JOIN email_virtual_domains AS mf ON (ef.domain = mf.id)
f036c896
SJ		 180 LEFT JOIN email_virtual_domains AS df ON (df.aliasing = mf.id AND
181 df.name LIKE CONCAT(\'%\', {?}) AND df.name NOT LIKE \'alumni.%\')
f67c8d9a 182 LEFT JOIN email_source_account AS eb ON (eb.uid = a.uid AND FIND_IN_SET(\'bestalias\',eb.flags))
9f3f87bc 183 LEFT JOIN email_virtual_domains AS mb ON (a.best_domain = mb.id)
06a548e5
SJ		 184 LEFT JOIN email_redirect_account AS er ON (er.uid = a.uid AND er.flags = \'active\' AND er.broken_level < 3
185 AND er.type != \'imap\' AND er.type != \'homonym\')
186 LEFT JOIN homonyms_list AS h ON (h.uid = a.uid)
187 LEFT JOIN gapps_accounts AS g ON (a.uid = g.l_userid AND g.g_status = \'active\')
188 LEFT JOIN log_last_sessions AS ls ON (ls.uid = a.uid)
189 LEFT JOIN log_sessions AS s ON (s.id = ls.id)
190 LEFT JOIN forum_profiles AS fp ON (fp.uid = a.uid)
d865c296 191 ' . $joins . '
832e6fcb 192 WHERE a.uid IN (' . implode(', ', $uids) . ')
0d906109 193 GROUP BY a.uid
f036c896 194 ' . $order, $globals->mail->domain2, $globals->mail->domain2);
832e6fcb
FB		 195 }
196
70232020
VZ		 197 // Implementation of the data loader.
198 protected function loadMainFields()
199 {
c4012d9b
VZ		 200 if ($this->hruid !== null && $this->forlife !== null
201 && $this->bestalias !== null && $this->display_name !== null
8f2104cb 202 && $this->full_name !== null && $this->perms !== null
c4012d9b 203 && $this->gender !== null && $this->email_format !== null) {
70232020
VZ		 204 return;
205 }
1bf36cd1 206 $this->fillFromArray(self::loadMainFieldsFromUIDs(array($this->uid))->next());
70232020
VZ		 207 }
208
50d5ec0b
FB		 209 // Specialization of the buildPerms method
210 // This function build 'generic' permissions for the user. It does not take
211 // into account page specific permissions (e.g X.net group permissions)
212 protected function buildPerms()
213 {
214 if (!is_null($this->perm_flags)) {
215 return;
216 }
217 if ($this->perms === null) {
218 $this->loadMainFields();
219 }
365ba8c3 220 $this->perm_flags = self::makePerms($this->perms, $this->is_admin);
50d5ec0b
FB		 221 }
222
20b087ff
FB		 223 public function setPerms($perms)
224 {
225 $this->perms = $perms;
226 $this->perm_flags = null;
227 }
228
38a86f60
RB		 229 /** Retrieve the 'general' read visibility.
230 * This is the maximum level of fields that may be viewed by the current user on other profiles.
231 *
232 * Rules are:
233 * - Everyone can view 'public'
7f217324 234 * - directory_ax gives access to 'AX' level, ie. the printed directory
38a86f60 235 * - directory_private gives access to 'private' level
7f217324 236 * - admin and directory_hidden gives access to 'hidden' level
38a86f60
RB		 237 */
238 public function readVisibility()
239 {
22771578 240 $level = Visibility::VIEW_NONE;
7f217324 241 if ($this->is_admin || $this->checkPerms('directory_hidden')) {
22771578 242 $level = Visibility::VIEW_ADMIN;
38a86f60 243 } elseif ($this->checkPerms('directory_private')) {
22771578 244 $level = Visibility::VIEW_PRIVATE;
38a86f60 245 } elseif ($this->checkPerms('directory_ax')) {
22771578 246 $level = Visibility::VIEW_AX;
38a86f60 247 } else {
22771578 248 $level = Visibility::VIEW_PUBLIC;
38a86f60 249 }
22771578 250 return Visibility::get($level);
38a86f60
RB		 251 }
252
253 /** Retrieve the 'general' edit visibility.
254 * This is the maximum level of fields that may be edited by the current user on other profiles.
255 *
256 * Rules are:
257 * - Only admins can edit the 'hidden' fields
22771578 258 * - If someone has 'directory_edit' (which is actually directory_ax_edit): AX level
38a86f60
RB		 259 * - Otherwise, nothing.
260 */
261 public function editVisibility()
262 {
22771578 263 $level = Visibility::VIEW_NONE;
38a86f60 264 if ($this->is_admin) {
22771578 265 $level = Visibility::VIEW_ADMIN;
38a86f60 266 } elseif ($this->checkPerms('directory_edit')) {
22771578 267 $level = Visibility::VIEW_AX;
38a86f60 268 }
22771578 269 return Visibility::get($level);
38a86f60
RB		 270 }
271
7f1ff426
FB		 272 // We do not want to store the password in the object.
273 // So, fetch it 'on demand'
274 public function password()
275 {
276 return XDB::fetchOneCell('SELECT a.password
277 FROM accounts AS a
278 WHERE a.uid = {?}', $this->id());
279 }
280
280806d9
SJ		 281 public function isActive()
282 {
283 return $this->state == 'active';
284 }
285
8f2104cb
FB		 286 /** Overload PlUser::promo(): there no promo defined for a user in the current
287 * schema. The promo is a field from the profile.
288 */
289 public function promo()
290 {
291 if (!$this->hasProfile()) {
292 return '';
293 }
294 return $this->profile()->promo();
295 }
296
f60c3d1f
FB		 297 public function category()
298 {
299 $promo = $this->promo();
300 if (!empty($promo)) {
301 return $promo;
302 } else {
303 return $this->type_description;
304 }
305 }
306
a6761ca9
FB		 307 public function firstName()
308 {
309 if (!$this->hasProfile()) {
94b6106c 310 return $this->firstname;
a6761ca9
FB		 311 }
312 return $this->profile()->firstName();
313 }
314
315 public function lastName()
316 {
317 if (!$this->hasProfile()) {
94b6106c 318 return $this->lastname;
a6761ca9
FB		 319 }
320 return $this->profile()->lastName();
321 }
322
2ab3486b
SJ		 323 public function displayName()
324 {
325 if (!$this->hasProfile()) {
326 return $this->display_name;
327 }
328 return $this->profile()->yourself;
329 }
330
09e54905
SJ		 331 public function fullName($with_promo = false)
332 {
333 if (!$this->hasProfile()) {
334 return $this->full_name;
335 }
336 return $this->profile()->fullName($with_promo);
337 }
338
fc1227ef
SJ		 339 public function shortName($with_promo = false)
340 {
341 if (!$this->hasProfile()) {
342 return $this->full_name;
343 }
344 return $this->profile()->shortName($with_promo);
345 }
346
09e54905
SJ		 347 public function directoryName()
348 {
349 if (!$this->hasProfile()) {
d081acb2 350 return $this->directory_name;
09e54905
SJ		 351 }
352 return $this->profile()->directory_name;
353 }
354
52366335
SJ		 355 static public function compareDirectoryName($a, $b)
356 {
357 return strcasecmp(replace_accent($a->directoryName()), replace_accent($b->directoryName()));
358 }
359
e7b93962
FB		 360 /** Return the main profile attached with this account if any.
361 */
4ac2e2ba 362 public function profile($forceFetch = false, $fields = 0x0000, $visibility = null)
e7b93962 363 {
4e698dc9 364 if (!$this->_profile_fetched || $forceFetch) {
3e53a496 365 $this->_profile_fetched = true;
4ac2e2ba 366 $this->_profile = Profile::get($this, $fields, $visibility);
6178c3f3 367 } else if ($this->_profile !== null && $visibility !== null && !$this->_profile->visibility->equals($visibility)) {
22771578 368 return Profile::get($this, $fields, $visibility);
3e53a496
FB		 369 }
370 return $this->_profile;
371 }
372
83040cf5
RB		 373 public function setPrefetchedProfile(Profile $profile)
374 {
375 $this->_profile_fetched = true;
376 $this->_profile = $profile;
377 }
378
3e53a496
FB		 379 /** Return true if the user has an associated profile.
380 */
381 public function hasProfile()
382 {
383 return !is_null($this->profile());
384 }
385
fceed6ea
FB		 386 /** Return true if given a reference to the profile of this user.
387 */
388 public function isMyProfile($other)
389 {
390 if (!$other) {
391 return false;
392 } else if ($other instanceof Profile) {
393 $profile = $this->profile();
394 return $profile && $profile->id() == $other->id();
395 }
396 return false;
397 }
398
3af21f99
FB		 399 /** Check if the user can edit to given profile.
400 */
401 public function canEdit(Profile $profile)
402 {
a81ee987
FB		 403 if ($this->checkPerms(User::PERM_EDIT_DIRECTORY)) {
404 return true;
405 }
3af21f99
FB		 406 return XDB::fetchOneCell('SELECT pid
407 FROM account_profiles
408 WHERE uid = {?} AND pid = {?}',
409 $this->id(), $profile->id());
410 }
411
f036c896 412 /** Determines main email domain for this user.
3e53a496 413 */
f036c896 414 public function mainEmailDomain()
3e53a496 415 {
f036c896
SJ		 416 if (array_key_exists($this->type, self::$sub_mail_domains)) {
417 return self::$sub_mail_domains[$this->type] . Platal::globals()->mail->domain;
8f2104cb 418 }
8f2104cb
FB		 419 }
420
f036c896 421 /** Determines alternate email domain for this user.
8f2104cb 422 */
f036c896
SJ		 423 public function alternateEmailDomain()
424 {
425 if (array_key_exists($this->type, self::$sub_mail_domains)) {
426 return self::$sub_mail_domains[$this->type] . Platal::globals()->mail->domain2;
a6761ca9 427 }
f036c896
SJ		 428 }
429
72e12532
SJ		 430 public function forlifeEmailAlternate()
431 {
432 if (!empty($this->forlife_alternate)) {
433 return $this->forlife_alternate;
8f2104cb 434 }
72e12532 435 return $this->email;
3e53a496
FB		 436 }
437
08d33afc 438 /** Fetch existing auxiliary alias.
3e53a496 439 */
3e53a496 440 public function emailAlias()
3e53a496 441 {
06a548e5
SJ		 442 $aliases = $this->emailAliases();
443 if (count($aliases)) {
444 return $aliases[0];
8f2104cb
FB		 445 }
446 return null;
e7b93962
FB		 447 }
448
08d33afc 449 /** Fetch existing auxiliary aliases.
8f2104cb 450 */
06a548e5
SJ		 451 public function emailAliases()
452 {
453 return XDB::fetchColumn('SELECT CONCAT(s.email, \'@\', d.name)
454 FROM email_source_account AS s
455 INNER JOIN email_virtual_domains AS m ON (s.domain = m.id)
456 INNER JOIN email_virtual_domains AS d ON (d.aliasing = m.id)
08d33afc 457 WHERE s.uid = {?} AND s.type = \'alias_aux\'
06a548e5 458 ORDER BY d.name',
08d33afc 459 $this->id());
3e53a496
FB		 460 }
461
06a548e5 462 /** Get all group aliases the user belongs to.
3e53a496 463 */
06a548e5
SJ		 464 public function emailGroupAliases($domain = null)
465 {
466 if (is_null($domain)) {
467 return XDB::fetchColumn('SELECT CONCAT(v.email, \'@\', dv.name) AS alias
468 FROM email_virtual AS v
469 INNER JOIN email_virtual_domains AS dv ON (v.domain = dv.id)
470 INNER JOIN email_source_account AS s ON (s.uid = {?})
471 INNER JOIN email_virtual_domains AS ms ON (s.domain = ms.id)
472 INNER JOIN email_virtual_domains AS ds ON (ds.aliasing = ms.id)
51c2c63a 473 WHERE v.redirect = CONCAT(s.email, \'@\', ds.name) AND v.type = \'alias\'',
06a548e5
SJ		 474 $this->id());
475 } else {
a94fdc4e
SJ		 476 return XDB::fetchAllAssoc('alias',
477 'SELECT CONCAT(v.email, \'@\', dv.name) AS alias, MAX(v.redirect = CONCAT(s.email, \'@\', ds.name)) AS sub
06a548e5
SJ		 478 FROM email_virtual AS v
479 INNER JOIN email_virtual_domains AS dv ON (v.domain = dv.id AND dv.name = {?})
480 INNER JOIN email_source_account AS s ON (s.uid = {?})
481 INNER JOIN email_virtual_domains AS ms ON (s.domain = ms.id)
482 INNER JOIN email_virtual_domains AS ds ON (ds.aliasing = ms.id)
51c2c63a 483 WHERE v.type = \'alias\'
a94fdc4e
SJ		 484 GROUP BY v.email
485 ORDER BY v.email',
06a548e5
SJ		 486 $domain, $this->id());
487 }
e7b93962 488 }
38c6fe96
FB		 489
490 /** Get marketing informations
491 */
492 private function fetchMarketingData()
493 {
db8432d5 494 if (isset($this->pending_registration_date)) {
38c6fe96
FB		 495 return;
496 }
db8432d5
SJ		 497 $infos = XDB::fetchOneAssoc('SELECT rp.date AS pending_registration_date, rp.email AS pending_registration_email,
498 rm.last AS last_marketing_date, rm.email AS last_marketing_email
499 FROM accounts AS a
500 LEFT JOIN register_pending AS rp ON (rp.uid = a.uid)
501 LEFT JOIN register_marketing AS rm ON (rm.uid = a.uid AND rm.last != \'0000-00-00\')
502 WHERE a.uid = {?}
503 ORDER BY rm.last DESC', $this->id());
504 if (is_null($infos)) {
505 $infos = array(
506 'pending_registration_date' => null,
507 'pending_registration_email' => null,
508 'last_marketing_date' => null,
509 'last_marketing_email' => null
510 );
38c6fe96
FB		 511 }
512 $this->fillFromArray($infos);
513 }
514
db8432d5 515 public function pendingRegistrationDate()
38c6fe96
FB		 516 {
517 $this->fetchMarketingData();
db8432d5
SJ		 518 return $this->pending_registration_date;
519 }
520
521 public function pendingRegistrationEmail()
522 {
523 $this->fetchMarketingData();
524 return $this->pending_registration_email;
525 }
526
527 public function lastMarketingDate()
528 {
529 $this->fetchMarketingData();
530 return $this->last_marketing_date;
531 }
532
533 public function lastMarketingEmail()
534 {
535 $this->fetchMarketingData();
536 return $this->last_marketing_email;
38c6fe96
FB		 537 }
538
539 public function lastKnownEmail()
540 {
541 $this->fetchMarketingData();
db8432d5
SJ		 542 if ($this->pending_registration_email > $this->last_marketing_date) {
543 return $this->pending_registration_email;
544 }
545 return $this->last_marketing_email;
38c6fe96
FB		 546 }
547
009b8ab7 548
8d308ee4
FB		 549 /** Format of the emails sent by the site
550 */
551 public function setEmailFormat($format)
552 {
553 Platal::assert($format == self::FORMAT_HTML || $format == self::FORMAT_TEXT,
554 "Invalid email format \"$format\"");
555 XDB::execute("UPDATE accounts
556 SET email_format = {?}
557 WHERE uid = {?}",
558 $format, $this->uid);
559 $this->email_format = $format;
560 }
561
009b8ab7
FB		 562 /** Get watch informations
563 */
564 private function fetchWatchData()
565 {
566 if (isset($this->watch_actions)) {
567 return;
568 }
569 $watch = XDB::fetchOneAssoc('SELECT flags AS watch_flags, actions AS watch_actions,
570 UNIX_TIMESTAMP(last) AS watch_last
571 FROM watch
572 WHERE uid = {?}', $this->id());
573 $watch['watch_flags'] = new PlFlagSet($watch['watch_flags']);
574 $watch['watch_actions'] = new PlFlagSet($watch['watch_actions']);
575 $watch['watch_promos'] = XDB::fetchColumn('SELECT promo
576 FROM watch_promo
577 WHERE uid = {?}', $this->id());
fe286e5f
SJ		 578 $watch['watch_groups'] = XDB::fetchColumn("SELECT w.groupid
579 FROM watch_group AS w
580 INNER JOIN groups AS g ON (w.groupid = g.id AND NOT FIND_IN_SET('private', pub))
581 WHERE w.uid = {?}", $this->id());
009b8ab7
FB		 582 $watch['watch_users'] = XDB::fetchColumn('SELECT ni_id
583 FROM watch_nonins
584 WHERE uid = {?}', $this->id());
585 $this->fillFromArray($watch);
586 }
587
a87530ea 588 public function watchType($type)
009b8ab7
FB		 589 {
590 $this->fetchWatchData();
591 return $this->watch_actions->hasFlag($type);
592 }
593
594 public function watchContacts()
595 {
596 $this->fetchWatchData();
597 return $this->watch_flags->hasFlag('contacts');
598 }
599
600 public function watchEmail()
601 {
602 $this->fetchWatchData();
603 return $this->watch_flags->hasFlag('mail');
604 }
605
606 public function watchPromos()
607 {
608 $this->fetchWatchData();
609 return $this->watch_promos;
610 }
611
fe286e5f
SJ		 612 public function watchGroups()
613 {
614 $this->fetchWatchData();
615 return $this->watch_groups;
616 }
617
009b8ab7
FB		 618 public function watchUsers()
619 {
620 $this->fetchWatchData();
621 return $this->watch_users;
622 }
623
624 public function watchLast()
625 {
626 $this->fetchWatchData();
627 return $this->watch_last;
628 }
629
069ddda8
FB		 630 public function invalidWatchCache()
631 {
632 unset($this->watch_actions);
633 unset($this->watch_users);
634 unset($this->watch_last);
635 unset($this->watch_promos);
fe286e5f 636 unset($this->watch_groups);
069ddda8
FB		 637 }
638
c350577b
FB		 639
640 // Contacts
641 private $contacts = null;
48e683dd 642 private function fetchContacts()
c350577b 643 {
76cbe885 644 if (is_null($this->contacts)) {
c350577b
FB		 645 $this->contacts = XDB::fetchAllAssoc('contact', 'SELECT *
646 FROM contacts
647 WHERE uid = {?}',
648 $this->id());
649 }
48e683dd
FB		 650 }
651
652 public function iterContacts()
653 {
654 $this->fetchContacts();
a289e967 655 return Profile::iterOverPIDs(array_keys($this->contacts));
48e683dd
FB		 656 }
657
658 public function getContacts()
659 {
660 $this->fetchContacts();
a289e967 661 return Profile::getBulkProfilesWithPIDs(array_keys($this->contacts));
48e683dd
FB		 662 }
663
26ba053e 664 public function isContact(Profile $profile)
48e683dd
FB		 665 {
666 $this->fetchContacts();
a289e967 667 return isset($this->contacts[$profile->id()]);
c350577b
FB		 668 }
669
26ba053e 670 public function isWatchedUser(Profile $profile)
958def08
PC		 671 {
672 return in_array($profile->id(), $this->watchUsers());
673 }
674
f5ef8b57
RB		 675 // Groupes X
676 private $groups = null;
56cd7aee 677 public function groups($institutions = false, $onlyPublic = false)
f5ef8b57
RB		 678 {
679 if (is_null($this->groups)) {
56cd7aee
FB		 680 $this->groups = XDB::fetchAllAssoc('asso_id', 'SELECT gm.asso_id, gm.perms, gm.comm,
681 g.diminutif, g.nom, g.site, g.cat,
682 g.pub
683 FROM group_members AS gm
684 INNER JOIN groups AS g ON (g.id = gm.asso_id)
f5ef8b57
RB		 685 WHERE uid = {?}',
686 $this->id());
687 }
56cd7aee
FB		 688 if (!$institutions && !$onlyPublic) {
689 return $this->groups;
fa589f90 690 } else {
56cd7aee
FB		 691 $result = array();
692 foreach ($this->groups as $id=>$data) {
693 if ($institutions) {
1d889ac4 694 if ($data['cat'] != Group::CAT_GROUPESX && $data['cat'] != Group::CAT_INSTITUTIONS) {
56cd7aee
FB		 695 continue;
696 }
697 }
698 if ($onlyPublic) {
699 if ($data['pub'] != 'public') {
700 continue;
701 }
702 }
703 $result[$id] = $data;
704 }
705 return $result;
fa589f90 706 }
fa589f90
RB		 707 }
708
9a7f3d8e 709 public function groupCount()
4257b11a 710 {
9a7f3d8e
SJ		 711 return XDB::fetchOneCell('SELECT COUNT(DISTINCT(asso_id))
712 FROM group_members
713 WHERE uid = {?}',
714 $this->id());
4257b11a
SJ		 715 }
716
7ae5c545
SJ		 717 public function inGroup($asso_id)
718 {
719 $res = XDB::fetchOneCell('SELECT COUNT(*)
720 FROM group_members
721 WHERE uid = {?} AND asso_id = {?}',
722 $this->id(), $asso_id);
723 return ($res > 0);
724 }
725
6150f591
SJ		 726 /**
727 * Clears a user.
728 * *always deletes in: account_lost_passwords, register_marketing,
fe286e5f 729 * register_pending, register_subs, watch_nonins, watch, watch_promo, watch_group,
06a548e5
SJ		 730 * *always keeps in: account_types, accounts, email_virtual, carvas,
731 * group_members, homonyms_list, newsletter_ins, register_mstats, email_source_account
6150f591 732 * *deletes if $clearAll: account_auth_openid, announce_read, contacts,
06a548e5 733 * email_redirect_account, email_redirect_account, email_send_save, forum_innd, forum_profiles,
6150f591
SJ		 734 * forum_subs, gapps_accounts, gapps_nicknames, group_announces_read,
735 * group_member_sub_requests, reminder, requests, requests_hidden,
06a548e5 736 * email_virtual, ML
6150f591
SJ		 737 * *modifies if $clearAll: accounts
738 *
739 * Use cases:
740 * *$clearAll == false: when a user dies, her family still needs to keep in
741 * touch with the community.
742 * *$clearAll == true: in every other case we want the account to be fully
743 * deleted so that it can not be used anymore.
744 */
745 public function clear($clearAll = true)
746 {
405d70cc
RB		 747 $tables = array('account_lost_passwords', 'register_marketing',
748 'register_pending', 'register_subs', 'watch_nonins',
fe286e5f 749 'watch', 'watch_promo', 'watch_group');
405d70cc
RB		 750
751 foreach ($tables as $t) {
752 XDB::execute('DELETE FROM ' . $t . '
753 WHERE uid = {?}',
754 $this->id());
755 }
6150f591
SJ		 756
757 if ($clearAll) {
c79e28fc
SJ		 758 global $globals;
759
0e5b3438
SJ		 760 $groupIds = XDB::iterator('SELECT asso_id
761 FROM group_members
762 WHERE uid = {?}',
763 $this->id());
764 while ($groupId = $groupIds->next()) {
765 $group = Group::get($groupId);
c79e28fc 766 if (!empty($group) && $group->notif_unsub) {
0e5b3438
SJ		 767 $mailer = new PlMailer('xnetgrp/unsubscription-notif.mail.tpl');
768 $admins = $group->iterAdmins();
769 while ($admin = $admins->next()) {
770 $mailer->addTo($admin);
771 }
772 $mailer->assign('group', $group->shortname);
773 $mailer->assign('user', $this);
774 $mailer->assign('selfdone', false);
775 $mailer->send();
776 }
777 }
778
c79e28fc 779 $tables = array('account_auth_openid', 'announce_read', 'contacts',
13b45814 780 'email_send_save',
c79e28fc
SJ		 781 'forum_innd', 'forum_profiles', 'forum_subs',
782 'group_announces_read', 'group_members',
783 'group_member_sub_requests', 'reminder', 'requests',
06a548e5 784 'requests_hidden');
405d70cc
RB		 785 foreach ($tables as $t) {
786 XDB::execute('DELETE FROM ' . $t . '
787 WHERE uid = {?}',
c79e28fc
SJ		 788 $this->id());
789 }
06a548e5
SJ		 790 XDB::execute('DELETE FROM email_redirect_account
791 WHERE uid = {?} AND type != \'homonym\'',
792 $this->id());
13b45814
SJ		 793 XDB::execute('DELETE FROM email_virtual
794 WHERE redirect = {?}',
795 $this->forlifeEmail());
c79e28fc
SJ		 796
797 foreach (array('gapps_accounts', 'gapps_nicknames') as $t) {
798 XDB::execute('DELETE FROM ' . $t . '
799 WHERE l_userid = {?}',
800 $this->id());
405d70cc
RB		 801 }
802
6150f591
SJ		 803 XDB::execute("UPDATE accounts
804 SET registration_date = 0, state = 'pending', password = NULL,
805 weak_password = NULL, token = NULL, is_admin = 0
806 WHERE uid = {?}",
807 $this->id());
808
6150f591
SJ		 809 if ($globals->mailstorage->googleapps_domain) {
810 require_once 'googleapps.inc.php';
811
c79e28fc
SJ		 812 if (GoogleAppsAccount::account_status($this->id())) {
813 $account = new GoogleAppsAccount($this);
6150f591
SJ		 814 $account->suspend();
815 }
816 }
817 }
818
dec84555 819 $mmlist = new MMList(S::user());
a85562a0 820 $mmlist->kill($this->hruid, $clearAll);
6150f591
SJ		 821 }
822
ab06182d 823 // Merge all infos in other user and then clean this one
26ba053e 824 public function mergeIn(User $newuser) {
33a4f3f9
SJ		 825 if ($this->profile()) {
826 // Don't disable user with profile in this way.
827 global $globals;
828 Platal::page()->trigError('Impossible de fusionner les comptes ' . $this->hruid . ' et ' . $newuser->hruid .
829 '. Contacte support@' . $globals->mail->domain . '.');
ab06182d
PC		 830 return false;
831 }
ab06182d 832
33a4f3f9
SJ		 833 if ($this->forlifeEmail()) {
834 // If the new user is not registered and does not have already an email address,
835 // we need to give him the old user's email address if he has any.
836 if (!$newuser->perms) {
837 XDB::execute('UPDATE accounts
838 SET email = {?}
839 WHERE uid = {?} AND email IS NULL',
840 $this->forlifeEmail(), $newuser->id());
06a548e5
SJ		 841
842 // Reftech new user so its forlifeEmail will be correct.
cb8b7945 843 $newuser = self::getSilentWithUID($newuser->id());
ab06182d 844 }
33a4f3f9 845
06a548e5
SJ		 846 // Change email used in mailing lists.
847 if ($this->forlifeEmail() != $newuser->forlifeEmail()) {
f7d43ed5
SJ		 848 // The super user is the user who has the right to do the modification.
849 $super_user = S::user();
33a4f3f9
SJ		 850 // group mailing lists
851 $group_domains = XDB::fetchColumn('SELECT g.mail_domain
852 FROM groups AS g
853 INNER JOIN group_members AS gm ON(g.id = gm.asso_id)
854 WHERE g.mail_domain != \'\' AND gm.uid = {?}',
855 $this->id());
856 foreach ($group_domains as $mail_domain) {
f7d43ed5 857 $mmlist = new MMList($super_user, $mail_domain);
06a548e5 858 $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
33a4f3f9
SJ		 859 }
860 // main domain lists
f7d43ed5 861 $mmlist = new MMList($super_user);
06a548e5 862 $mmlist->replace_email_in_all($this->forlifeEmail(), $newuser->forlifeEmail());
33a4f3f9
SJ		 863 }
864 }
865
866 // Updates user in following tables.
7f376ae0 867 foreach (array('group_announces', 'payment_transactions', 'log_sessions', 'group_events') as $table) {
33a4f3f9
SJ		 868 XDB::execute('UPDATE ' . $table . '
869 SET uid = {?}
870 WHERE uid = {?}',
871 $newuser->id(), $this->id());
872 }
33a4f3f9
SJ		 873
874 // Merges user in following tables, ie updates when possible, then deletes remaining occurences of the old user.
06a548e5 875 foreach (array('group_announces_read', 'group_event_participants', 'group_member_sub_requests', 'group_members', 'email_redirect_account') as $table) {
33a4f3f9
SJ		 876 XDB::execute('UPDATE IGNORE ' . $table . '
877 SET uid = {?}
878 WHERE uid = {?}',
879 $newuser->id(), $this->id());
880 XDB::execute('DELETE FROM ' . $table . '
881 WHERE uid = {?}',
882 $this->id());
883 }
ab06182d 884
33a4f3f9
SJ		 885 // Eventually updates last session id and deletes old user's accounts entry.
886 $lastSession = XDB::fetchOneCell('SELECT id
887 FROM log_sessions
888 WHERE uid = {?}
889 ORDER BY start DESC
890 LIMIT 1',
891 $newuser->id());
892 XDB::execute('UPDATE log_last_sessions
893 SET id = {?}
894 WHERE uid = {?}',
be281b31 895 $lastSession, $newuser->id());
33a4f3f9
SJ		 896 XDB::execute('DELETE FROM accounts
897 WHERE uid = {?}',
898 $this->id());
ab06182d
PC		 899
900 return true;
901 }
902
50d5ec0b 903 // Return permission flags for a given permission level.
365ba8c3 904 public static function makePerms($perms, $is_admin)
50d5ec0b 905 {
365ba8c3 906 $flags = new PlFlagSet($perms);
365ba8c3 907 if ($is_admin) {
50d5ec0b
FB		 908 $flags->addFlag(PERMS_ADMIN);
909 }
7fd6dbb3
FB		 910
911 // Access to private directory implies access to 'less'-private version.
912 if ($flags->hasFlag('directory_private')) {
913 $flags->addFlag('directory_ax');
914 }
50d5ec0b
FB		 915 return $flags;
916 }
917
b1719b13
VZ		 918 // Implementation of the default user callback.
919 public static function _default_user_callback($login, $results)
920 {
b1719b13 921 $result_count = count($results);
dd70cd28 922 if ($result_count == 0 || !S::admin()) {
70232020 923 Platal::page()->trigError("Il n'y a pas d'utilisateur avec l'identifiant : $login");
b1719b13 924 } else {
70232020 925 Platal::page()->trigError("Il y a $result_count utilisateurs avec cet identifiant : " . join(', ', $results));
b1719b13
VZ		 926 }
927 }
70232020 928
f88d9154
SJ		 929 public static function makeHomonymHrmid($alias)
930 {
931 return 'h.' . $alias . '.' . Platal::globals()->mail->domain;
932 }
933
f036c896 934 public static function isMainMailDomain($domain)
70232020
VZ		 935 {
936 global $globals;
70232020 937
f036c896
SJ		 938 $is_main_domain = false;
939 foreach (self::$sub_mail_domains as $sub_domain) {
ca2f19b8 940 $is_main_domain = $is_main_domain || $domain == ($sub_domain . $globals->mail->domain) || $domain == ($sub_domain . $globals->mail->domain2);
f036c896
SJ		 941 }
942 return $is_main_domain;
70232020 943 }
832e6fcb 944
f036c896 945 public static function isAliasMailDomain($domain)
aa21c568
FB		 946 {
947 global $globals;
f036c896
SJ		 948
949 return $domain == $globals->mail->alias_dom || $domain == $globals->mail->alias_dom2;
950 }
951
952 // Implementation of the static email locality checker.
953 public static function isForeignEmailAddress($email)
954 {
aa21c568
FB		 955 if (strpos($email, '@') === false) {
956 return false;
957 }
958
f036c896
SJ		 959 list(, $domain) = explode('@', $email);
960 return !(self::isMainMailDomain($domain) || self::isAliasMailDomain($domain));
aa21c568
FB		 961 }
962
61a7d279
SJ		 963 /* Tries to find pending accounts with an hruid close to $login. */
964 public static function getPendingAccounts($login, $iterator = false)
965 {
61a7d279
SJ		 966 if (strpos($login, '@') === false) {
967 return null;
968 }
969
970 list($login, $domain) = explode('@', $login);
971
f036c896 972 if ($domain && !self::isMainMailDomain($domain)) {
61a7d279
SJ		 973 return null;
974 }
975
976 $sql = "SELECT uid, full_name
977 FROM accounts
978 WHERE state = 'pending' AND REPLACE(hruid, '-', '') LIKE
979 CONCAT('%', REPLACE(REPLACE(REPLACE({?}, ' ', ''), '-', ''), '\'', ''), '%')
980 ORDER BY full_name";
981 if ($iterator) {
982 return XDB::iterator($sql, $login);
983 } else {
984 $res = XDB::query($sql, $login);
985 return $res->fetchAllAssoc();
986 }
987 }
988
989
0d906109
RB		 990 public static function iterOverUIDs($uids, $respect_order = true)
991 {
992 return new UserIterator(self::loadMainFieldsFromUIDs($uids, $respect_order));
993 }
994
995 /** Fetch a set of users from a list of UIDs
996 * @param $data The list of uids to fetch, or an array of arrays
997 * @param $orig If $data is an array of arrays, the subfield where uids are stored
998 * @param $dest If $data is an array of arrays, the subfield to fill with Users
999 * @param $fetchProfile Whether to fetch Profiles as well
1000 * @return either an array of $uid => User, or $data with $data[$i][$dest] = User
1001 */
b774ddab 1002 public static function getBulkUsersWithUIDs(array $data, $orig = null, $dest = null, $fetchProfile = true)
832e6fcb 1003 {
07eb5b0e
FB		 1004 // Fetch the list of uids
1005 if (is_null($orig)) {
1006 $uids = $data;
1007 } else {
1008 if (is_null($dest)) {
1009 $dest = $orig;
1010 }
1011 $uids = array();
1012 foreach ($data as $key=>$entry) {
1013 if (isset($entry[$orig])) {
1014 $uids[] = $entry[$orig];
1015 }
1016 }
1017 }
1018
1019 // Fetch users
38c6fe96 1020 if (count($uids) == 0) {
07eb5b0e 1021 return $data;
38c6fe96 1022 }
0d906109
RB		 1023 $users = self::iterOverUIDs($uids, true);
1024
d865c296 1025 $table = array();
b774ddab 1026 if ($fetchProfile) {
0d906109 1027 $profiles = Profile::iterOverUIDS($uids, true);
7a8da8e8
PC		 1028 if ($profiles != null) {
1029 $profile = $profiles->next();
1030 } else {
1031 $profile = null;
1032 }
b774ddab 1033 }
0d906109
RB		 1034
1035 /** We iterate through the users, moving in
1036 * profiles when they match the user ID :
1037 * there can be users without a profile, but not
1038 * the other way around.
1039 */
1040 while (($user = $users->next())) {
b774ddab 1041 if ($fetchProfile) {
7a8da8e8 1042 if ($profile != null && $profile->owner_id == $user->id()) {
0d906109
RB		 1043 $user->_profile = $profile;
1044 $profile = $profiles->next();
b774ddab
FB		 1045 }
1046 $user->_profile_fetched = true;
1047 }
0d906109 1048 $table[$user->id()] = $user;
d865c296 1049 }
07eb5b0e
FB		 1050
1051 // Build the result with respect to input order.
1052 if (is_null($orig)) {
0d906109 1053 return $table;
07eb5b0e
FB		 1054 } else {
1055 foreach ($data as $key=>$entry) {
1056 if (isset($entry[$orig])) {
1057 $entry[$dest] = $table[$entry[$orig]];
1058 $data[$key] = $entry;
1059 }
1060 }
1061 return $data;
832e6fcb 1062 }
07eb5b0e
FB		 1063 }
1064
b774ddab 1065 public static function getBulkUsersFromDB($fetchProfile = true)
07eb5b0e
FB		 1066 {
1067 $args = func_get_args();
1068 $uids = call_user_func_array(array('XDB', 'fetchColumn'), $args);
b774ddab 1069 return self::getBulkUsersWithUIDs($uids, null, null, $fetchProfile);
832e6fcb 1070 }
9f8ebb9f
VZ		 1071}
1072
0d906109
RB		 1073/** Iterator over a set of Users
1074 * @param an XDB::Iterator obtained from a User::loadMainFieldsFromUIDs
1075 */
1076class UserIterator implements PlIterator
1077{
1078 private $dbiter;
1079
1080 public function __construct($dbiter)
1081 {
1082 $this->dbiter = $dbiter;
1083 }
1084
1085 public function next()
1086 {
1087 $data = $this->dbiter->next();
1088 if ($data == null) {
1089 return null;
1090 } else {
1091 return User::getSilentWithValues(null, $data);
1092 }
1093 }
1094
1095 public function total()
1096 {
1097 return $this->dbiter->total();
1098 }
1099
1100 public function first()
1101 {
1102 return $this->dbiter->first();
1103 }
1104
1105 public function last()
1106 {
1107 return $this->dbiter->last();
1108 }
1109}
1110
448c8cdc 1111// vim:set et sw=4 sts=4 sws=4 foldmethod=marker fenc=utf-8:
9f8ebb9f 1112?>
plat/al