GalleryUser * @g2 GalleryEntity * @g2 * @g2 1 * @g2 2 * @g2 * @g2 * * @package GalleryCore * @subpackage Classes * @author Bharat Mediratta * @version $Revision: 17691 $ */ class GalleryUser extends GalleryEntity { /** * The User's username * @var string * * @g2 * @g2 userName * @g2 STRING * @g2 SMALL * @g2 * @g2 * @g2 READ * @g2 */ var $userName; /** * The User's full name * @var string * * @g2 * @g2 fullName * @g2 STRING * @g2 MEDIUM * @g2 FULL * @g2 */ var $fullName; /** * The User's password in a hashed form. * @var string * * @g2 * @g2 hashedPassword * @g2 STRING * @g2 MEDIUM * @g2 */ var $hashedPassword; /** * The User's email address. * @var string * * @g2 * @g2 email * @g2 STRING * @g2 LARGE * @g2 */ var $email; /** * The User's language preference * @var string * * @g2 * @g2 language * @g2 STRING * @g2 MEDIUM * @g2 READ * @g2 */ var $language; /** * Locked flag - determines whether the user is allowed to edit their own settings * @var bool * * @g2 * @g2 locked * @g2 BOOLEAN * @g2 0 * @g2 */ var $locked; /** * Create a new instance of this user in the persistent store * * @return GalleryStatus a status code */ function create($userName) { global $gallery; $query = ' SELECT [GalleryUser::id] FROM [GalleryUser] WHERE [GalleryUser::userName] = ? '; /* Check to see if we have a collision */ list ($ret, $results) = $gallery->search($query, array($userName), array('limit' => array('count' => 1))); if ($ret) { return $ret; } $result = $results->nextResult(); if ($result[0] > 0) { return GalleryCoreApi::error(ERROR_COLLISION); } $ret = parent::create(); if ($ret) { return $ret; } $this->setUserName($userName); $this->setFullName(null); $this->setEmail(null); $this->setHashedPassword(null); $this->setLanguage(null); return null; } /** * Is the password provided correct? * * @param string $password a plaintext password * @return boolean true if the password is correct */ function isCorrectPassword($password) { $valid = $this->getHashedPassword(); $salt = substr($valid, 0, 4); /* Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: */ $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password)); if (!strcmp($guess, $valid)) { return true; } /* Passwords with <&"> created by G2 prior to 2.1 were hashed with entities */ $sanitizedPassword = $password; GalleryUtilities::sanitizeInputValues($sanitizedPassword, false); $guess = (strlen($valid) == 32) ? md5($sanitizedPassword) : ($salt . md5($salt . $sanitizedPassword)); if (!strcmp($guess, $valid)) { return true; } /* Also support hashes generated by phpass for interoperability with other applications */ if (strlen($valid) == 34) { GalleryCoreApi::requireOnce('lib/phpass/PasswordHash.inc'); $hashGenerator = new PasswordHash(10, true); return $hashGenerator->CheckPassword($password, $valid); } return false; } /** * Change the user's password to the new value provided. * * @param string $newPassword a plaintext password */ function changePassword($newPassword) { $this->setHashedPassword(GalleryUtilities::md5Salt($newPassword)); } /** * Save the changes to this GalleryUser. * Do some bookkeeping, like adding the user to the all user and everybody groups. * * @return GalleryStatus a status code */ function save($postEvent=true) { $isNew = $this->testPersistentFlag(STORAGE_FLAG_NEWLY_CREATED); $ret = parent::save($postEvent); if ($ret) { return $ret; } if ($isNew) { /* Add her to the various groups */ foreach (array('id.allUserGroup', 'id.everybodyGroup') as $groupKey) { list ($ret, $groupId) = GalleryCoreApi::getPluginParameter('module', 'core', $groupKey); if ($ret) { return $ret; } $ret = GalleryCoreApi::addUserToGroup($this->getId(), $groupId); if ($ret) { return $ret; } } } return null; } /** * Delete this GalleryUser. * Do some bookkeeping, like removing the user from all groups, remapping his items to * a site admin user and removing all of his permissions. * * @return GalleryStatus a status code */ function delete() { global $gallery; $activeUserId = $gallery->getActiveUserId(); if ($activeUserId == $this->getId()) { return GalleryCoreApi::error(ERROR_BAD_PARAMETER, __FILE__, __LINE__, 'You cannot delete the active user!'); } /* Don't allow deleting the guest user */ list ($ret, $anonymousUserId) = GalleryCoreApi::getPluginParameter('module', 'core', 'id.anonymousUser'); if ($ret) { return $ret; } if ($anonymousUserId == $this->getId()) { return GalleryCoreApi::error(ERROR_BAD_PARAMETER, __FILE__, __LINE__, 'You cannot delete the anonymous user!'); } /* * First assign all items of this user to another owner. * You should call remapOwner() before calling $user->delete() but we call it here again, * for 100% data integrity. If remapOwner() has been called before, as it is the case with * the AdminDeleteUser controller, this 2nd call to remapOwner() does exactly nothing. */ /* Check if activeUser is Site Admin, if not, get any of the Site Admins */ list ($ret, $isAdmin) = GalleryCoreApi::isUserInSiteAdminGroup(); if ($ret) { return $ret; } if ($isAdmin) { $newOwnerId = $activeUserId; } else { list ($ret, $siteAdminGroupId) = GalleryCoreApi::getPluginParameter('module', 'core', 'id.adminGroup'); if ($ret) { return $ret; } list ($ret, $adminUsers) = GalleryCoreApi::fetchUsersForGroup($siteAdminGroupId, 2); if ($ret) { return $ret; } if (empty($adminUsers)) { return GalleryCoreApi::error(ERROR_MISSING_VALUE); } $adminUsers = array_keys($adminUsers); if ($adminUsers[0] == $this->getId() && count($adminUsers) == 1) { /* Block attempt to delete the only site admin */ return GalleryCoreApi::error(ERROR_BAD_PARAMETER); } $newOwnerId = $adminUsers[0] != $this->getId() ? $adminUsers[0] : $adminUsers[1]; } /* Now remap the owner of all of his items */ $ret = GalleryCoreApi::remapOwnerId($this->getId(), $newOwnerId); if ($ret) { return $ret; } /* Delete all of his permissions from the permissions map table */ $ret = GalleryCoreApi::removeMapEntry( 'GalleryAccessMap', array('userOrGroupId' => $this->getId())); if ($ret) { return $ret; } /* And remove him from all groups he was a member of */ $ret = GalleryCoreApi::removeUserFromAllGroups($this->getId()); if ($ret) { return $ret; } /* And finally delete the user from the database */ $ret = parent::delete(); if ($ret) { return $ret; } return null; } /** * @see GalleryEntity::itemTypeName */ function itemTypeName($localized = true) { if ($localized) { list ($ret, $core) = GalleryCoreApi::loadPlugin('module', 'core'); if (!$ret) { return array($core->translate('User'), $core->translate('user')); } } return array('User', 'user'); } /** * @see GalleryEntity::getClassName */ function getClassName() { return 'GalleryUser'; } function getUserName() { return $this->userName; } function setUserName($userName) { $this->userName = $userName; } function getFullName() { return $this->fullName; } function setFullName($fullName) { $this->fullName = $fullName; } function getHashedPassword() { return $this->hashedPassword; } function setHashedPassword($hashedPassword) { $this->hashedPassword = $hashedPassword; } function getEmail() { return $this->email; } function setEmail($email) { $this->email = $email; } function getLanguage() { return $this->language; } function setLanguage($language) { $this->language = $language; } function isLocked() { return (bool)$this->locked; } function setLocked($lock) { $this->locked = (bool)$lock; } } ?>