modules/User/UserHandler.php

   1 <?php
   2
   3 /**
   4  * Handles user data
   5  * @author Sebastian Skejø
   6  */
   7
   8 class UserHandler extends AOOSModule
   9 {
  10     private $_storageObj = null;
  11
  12     public function __construct($core) {
  13         parent::__construct($core);
  14
  15         $this->_storageObj = $this->core()->newStorageDevice();
  16         $this->_storageObj->setTable("User");
  17     }
  18     /**
  19      * Returns a model with the fields given in $fields, selected by $where and ordered by $sort
  20      * @param array $fields Fields to be returned
  21      * @param where-clause $where A valid where-clause
  22      * @param field $order The field the data is ordered by
  23      * @param ASC|DESC $sort Determines if data should be ordered
  24      * @return AOOSModel
  25      */
  26     public function getUserList($fields, $where = null, $limit = null, $order = "username", $sort = "ASC") {
  27         $this->_storageObj->setSort($sort);
  28         $model = $this->_storageObj->selectModel($fields, $where, $limit, $order);
  29         return true;
  30     }
  31
  32     /**
  33      * Tries to login with the given $username and $password
  34      * @param AOOSModel $data A model containing data to login
  35      * @return bool
  36      */
  37     public function login(AOOSModel $data) {
  38         // We have to do it in this order since passwords don't need quotes until we it is encrypted
  39         // XXX This part is quite ugly - should be take care of in StorageDevice
  40         $password = $data->getColumn("PASSWORD", true);
  41         $data->setQuote(true);
  42         $username = $data->getColumn("USERNAME", true);
  43
  44         $password = hash("sha256", $password); // XXX Need to check if this is supported on the server!
  45         $password = "'".$password."'";
  46         $u = $this->core()->getModule("User");
  47
  48         $where = array(
  49             "USERNAME" => $username,
  50             "PASSWORD" => $password,
  51             "ACTIVATED" => 1
  52         );
  53         if (!($m = $this->_storageObj->selectModel("*", $where))) {
  54             throw new AOOSException($this->core(), $this->tr("login_failed", "User"), $this->tr("check_user_pass_active", "User"), true, 1);
  55             return false;
  56         }
  57
  58         // Set the userdata
  59         $u->setUsername($m->getColumn("USERNAME", true));
  60         $u->setPassword($m->getColumn("PASSWORD", true));
  61         //        $u->setStatus(1); // 1 == online XXX Could be neat
  62         $u->setLoggedIn(true);
  63         $u->setEmail($m->getColumn("EMAIL", true));
  64         $u->setGroups($m->getColumn("GROUPS", true));
  65         $u->setLevel($m->getColumn("LEVEL", true));
  66         return true;
  67     }
  68
  69     /**
  70      * Creates a user in the database
  71      * @param AOOSModel $data The model containing all the data for the user to be created
  72      * @return bool
  73      */
  74     public function createUser($data) {
  75         $username = $data->getColumn("USERNAME");
  76         $where = array("USERNAME" => $username);
  77         if ($this->_storageObj->numRows($where) != 0) {
  78             throw new AOOSException($this->core(), $this->tr("username_taken", "User"), "", true, 1);
  79             return false;
  80         }
  81
  82         // We only want to insert these fields
  83         $fields = array(
  84             "USERNAME",
  85             "PASSWORD",
  86             "EMAIL"
  87         );
  88
  89         // Encryption of password
  90         $uPass = $data->getColumn("PASSWORD");
  91         $pass = hash("sha256", $uPass[0]);
  92         $data->setData($pass, -1, "PASSWORD");
  93
  94         $data->setColumnIndex($fields);
  95         return $this->_storageObj->insertModel($data);
  96     }
  97
  98     /**
  99      * Deletes the user, $username
 100      * @param string $username The user
 101      * @return bool
 102      */
 103     public function deleteUser($username) {
 104         // Only admins have rights to do this
 105         if (!$this->core()->getModule("user")->checkLevel("admin")) {
 106             throw new AOOSException($this->core(), $this->tr("access_denied", "User"), "", true, 1);
 107             return false;
 108         }
 109
 110         $d = array("USERNAME" => $username);
 111         return $this->_storageObj->deleteFromArray($d);
 112     }
 113
 114     /**
 115      * Updates the data for the given user
 116      * @param string $username The username of the user which data we update
 117      * @param AOOSModel $data All the new data, saved in an AOOSModel
 118      * @return bool
 119      */
 120     public function updateUser($username, $data) {
 121         $u = $this->core()->getModule("user");
 122
 123         // Only admins or the user itself have rights to do this
 124         if (!($u->checkLevel("admin") || $u->username() == $username)) {
 125             throw new AOOSException($this->core(), $this->tr("access_denied", "User"), "", true, 1);
 126             return false;
 127         }
 128
 129         $where = array("USERNAME" => $username);
 130         return $this->_storageObj->updateFromModel($data, $where);
 131     }
 132 }