1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/kanboard_ynh.git synced 2024-09-03 19:36:17 +02:00
kanboard_ynh/sources/app/Model/User.php

414 lines
11 KiB
PHP
Raw Normal View History

2014-07-20 12:26:15 +02:00
<?php
namespace Model;
use SimpleValidator\Validator;
use SimpleValidator\Validators;
2014-11-23 20:13:38 +01:00
use Core\Session;
2014-07-20 12:26:15 +02:00
/**
* User model
*
* @package model
* @author Frederic Guillot
*/
class User extends Base
{
/**
* SQL table name
*
* @var string
*/
const TABLE = 'users';
/**
* Id used for everbody (filtering)
*
* @var integer
*/
const EVERYBODY_ID = -1;
2015-02-25 17:29:06 +01:00
/**
* Return true if the user exists
*
* @access public
* @param integer $user_id User id
* @return boolean
*/
public function exists($user_id)
{
return $this->db->table(self::TABLE)->eq('id', $user_id)->count() === 1;
}
/**
* Get query to fetch all users
*
* @access public
* @return \PicoDb\Table
*/
public function getQuery()
{
return $this->db
->table(self::TABLE)
->columns(
'id',
'username',
'name',
'email',
'is_admin',
'default_project_id',
'is_ldap_user',
'notifications_enabled',
'google_id',
2015-04-21 17:56:16 +02:00
'github_id',
'twofactor_activated'
2015-02-25 17:29:06 +01:00
);
}
2015-01-16 14:23:05 +01:00
/**
* Return the full name
*
* @param array $user User properties
* @return string
*/
public function getFullname(array $user)
{
return $user['name'] ?: $user['username'];
}
2014-11-23 20:13:38 +01:00
/**
* Return true is the given user id is administrator
*
* @access public
* @param integer $user_id User id
* @return boolean
*/
public function isAdmin($user_id)
{
2015-01-16 14:23:05 +01:00
return $this->userSession->isAdmin() || // Avoid SQL query if connected
$this->db
2014-11-23 20:13:38 +01:00
->table(User::TABLE)
->eq('id', $user_id)
->eq('is_admin', 1)
2015-01-16 14:23:05 +01:00
->count() === 1;
2014-10-22 19:59:09 +02:00
}
2014-07-20 12:26:15 +02:00
/**
* Get a specific user by id
*
* @access public
* @param integer $user_id User id
* @return array
*/
public function getById($user_id)
{
return $this->db->table(self::TABLE)->eq('id', $user_id)->findOne();
}
/**
* Get a specific user by the Google id
*
* @access public
* @param string $google_id Google unique id
* @return array
*/
public function getByGoogleId($google_id)
{
return $this->db->table(self::TABLE)->eq('google_id', $google_id)->findOne();
}
/**
* Get a specific user by the GitHub id
*
* @access public
* @param string $github_id GitHub user id
* @return array
*/
public function getByGitHubId($github_id)
{
return $this->db->table(self::TABLE)->eq('github_id', $github_id)->findOne();
}
/**
* Get a specific user by the username
*
* @access public
* @param string $username Username
* @return array
*/
public function getByUsername($username)
{
return $this->db->table(self::TABLE)->eq('username', $username)->findOne();
}
/**
* Get all users
*
* @access public
* @return array
*/
public function getAll()
{
2015-02-25 17:29:06 +01:00
return $this->getQuery()->asc('username')->findAll();
2014-11-23 20:13:38 +01:00
}
/**
* Get the number of users
*
* @access public
* @return integer
*/
public function count()
{
return $this->db->table(self::TABLE)->count();
}
2014-07-20 12:26:15 +02:00
/**
* List all users (key-value pairs with id/username)
*
* @access public
* @return array
*/
public function getList()
{
2014-10-22 19:59:09 +02:00
$users = $this->db->table(self::TABLE)->columns('id', 'username', 'name')->findAll();
2014-11-23 20:13:38 +01:00
return $this->prepareList($users);
}
2014-10-22 19:59:09 +02:00
2014-11-23 20:13:38 +01:00
/**
* Common method to prepare a user list
*
* @access public
* @param array $users Users list (from database)
* @return array Formated list
*/
public function prepareList(array $users)
{
2014-10-22 19:59:09 +02:00
$result = array();
foreach ($users as $user) {
$result[$user['id']] = $user['name'] ?: $user['username'];
}
asort($result);
return $result;
2014-07-20 12:26:15 +02:00
}
/**
2014-10-22 19:59:09 +02:00
* Prepare values before an update or a create
2014-07-20 12:26:15 +02:00
*
* @access public
2014-10-22 19:59:09 +02:00
* @param array $values Form values
2014-07-20 12:26:15 +02:00
*/
2014-10-22 19:59:09 +02:00
public function prepare(array &$values)
2014-07-20 12:26:15 +02:00
{
2014-10-22 19:59:09 +02:00
if (isset($values['password'])) {
if (! empty($values['password'])) {
$values['password'] = \password_hash($values['password'], PASSWORD_BCRYPT);
}
else {
unset($values['password']);
}
}
2014-11-23 20:13:38 +01:00
$this->removeFields($values, array('confirmation', 'current_password'));
$this->resetFields($values, array('is_admin', 'is_ldap_user'));
2014-10-22 19:59:09 +02:00
}
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
/**
* Add a new user in the database
*
* @access public
* @param array $values Form values
2014-12-22 19:15:38 +01:00
* @return boolean|integer
2014-10-22 19:59:09 +02:00
*/
public function create(array $values)
{
$this->prepare($values);
2014-12-22 19:15:38 +01:00
return $this->persist(self::TABLE, $values);
2014-07-20 12:26:15 +02:00
}
/**
* Modify a new user
*
* @access public
* @param array $values Form values
* @return array
*/
public function update(array $values)
{
2014-10-22 19:59:09 +02:00
$this->prepare($values);
2014-07-20 12:26:15 +02:00
$result = $this->db->table(self::TABLE)->eq('id', $values['id'])->update($values);
2014-10-22 19:59:09 +02:00
// If the user is connected refresh his session
2015-01-16 14:23:05 +01:00
if (Session::isOpen() && $this->userSession->getId() == $values['id']) {
$this->userSession->refresh();
2014-07-20 12:26:15 +02:00
}
return $result;
}
/**
* Remove a specific user
*
* @access public
* @param integer $user_id User id
* @return boolean
*/
public function remove($user_id)
{
2014-12-22 19:15:38 +01:00
return $this->db->transaction(function ($db) use ($user_id) {
2014-07-20 12:26:15 +02:00
2014-12-22 19:15:38 +01:00
// All assigned tasks are now unassigned
if (! $db->table(Task::TABLE)->eq('owner_id', $user_id)->update(array('owner_id' => 0))) {
return false;
}
2014-07-20 12:26:15 +02:00
2014-12-22 19:15:38 +01:00
// All private projects are removed
$project_ids = $db->table(Project::TABLE)
->eq('is_private', 1)
->eq(ProjectPermission::TABLE.'.user_id', $user_id)
->join(ProjectPermission::TABLE, 'project_id', 'id')
->findAllByColumn(Project::TABLE.'.id');
2014-07-20 12:26:15 +02:00
2014-12-22 19:15:38 +01:00
if (! empty($project_ids)) {
$db->table(Project::TABLE)->in('id', $project_ids)->remove();
}
// Finally remove the user
if (! $db->table(User::TABLE)->eq('id', $user_id)->remove()) {
return false;
}
});
2014-07-20 12:26:15 +02:00
}
/**
2014-10-22 19:59:09 +02:00
* Common validation rules
2014-07-20 12:26:15 +02:00
*
2014-10-22 19:59:09 +02:00
* @access private
* @return array
2014-07-20 12:26:15 +02:00
*/
2014-10-22 19:59:09 +02:00
private function commonValidationRules()
2014-07-20 12:26:15 +02:00
{
2014-10-22 19:59:09 +02:00
return array(
2014-07-20 12:26:15 +02:00
new Validators\MaxLength('username', t('The maximum length is %d characters', 50), 50),
new Validators\Unique('username', t('The username must be unique'), $this->db->getConnection(), self::TABLE, 'id'),
2014-10-22 19:59:09 +02:00
new Validators\Email('email', t('Email address invalid')),
new Validators\Integer('default_project_id', t('This value must be an integer')),
new Validators\Integer('is_admin', t('This value must be an integer')),
);
}
/**
* Common password validation rules
*
* @access private
* @return array
*/
private function commonPasswordValidationRules()
{
return array(
2014-07-20 12:26:15 +02:00
new Validators\Required('password', t('The password is required')),
new Validators\MinLength('password', t('The minimum length is %d characters', 6), 6),
new Validators\Required('confirmation', t('The confirmation is required')),
new Validators\Equals('password', 'confirmation', t('Passwords don\'t match')),
2014-10-22 19:59:09 +02:00
);
}
/**
* Validate user creation
*
* @access public
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
public function validateCreation(array $values)
{
$rules = array(
new Validators\Required('username', t('The username is required')),
);
$v = new Validator($values, array_merge($rules, $this->commonValidationRules(), $this->commonPasswordValidationRules()));
2014-07-20 12:26:15 +02:00
return array(
$v->execute(),
$v->getErrors()
);
}
/**
* Validate user modification
*
* @access public
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
public function validateModification(array $values)
{
2014-10-22 19:59:09 +02:00
$rules = array(
2014-07-20 12:26:15 +02:00
new Validators\Required('id', t('The user id is required')),
new Validators\Required('username', t('The username is required')),
2014-10-22 19:59:09 +02:00
);
$v = new Validator($values, array_merge($rules, $this->commonValidationRules()));
2014-07-20 12:26:15 +02:00
return array(
$v->execute(),
$v->getErrors()
);
}
/**
2014-10-22 19:59:09 +02:00
* Validate user API modification
2014-07-20 12:26:15 +02:00
*
* @access public
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
2014-10-22 19:59:09 +02:00
public function validateApiModification(array $values)
2014-07-20 12:26:15 +02:00
{
2014-10-22 19:59:09 +02:00
$rules = array(
2014-07-20 12:26:15 +02:00
new Validators\Required('id', t('The user id is required')),
2014-10-22 19:59:09 +02:00
);
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
$v = new Validator($values, array_merge($rules, $this->commonValidationRules()));
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
return array(
$v->execute(),
$v->getErrors()
);
2014-07-20 12:26:15 +02:00
}
/**
2014-10-22 19:59:09 +02:00
* Validate password modification
2014-07-20 12:26:15 +02:00
*
* @access public
* @param array $values Form values
* @return array $valid, $errors [0] = Success or not, [1] = List of errors
*/
2014-10-22 19:59:09 +02:00
public function validatePasswordModification(array $values)
2014-07-20 12:26:15 +02:00
{
2014-10-22 19:59:09 +02:00
$rules = array(
new Validators\Required('id', t('The user id is required')),
new Validators\Required('current_password', t('The current password is required')),
);
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
$v = new Validator($values, array_merge($rules, $this->commonPasswordValidationRules()));
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
if ($v->execute()) {
2014-07-20 12:26:15 +02:00
2014-10-22 19:59:09 +02:00
// Check password
2015-01-16 14:23:05 +01:00
if ($this->authentication->authenticate($this->session['user']['username'], $values['current_password'])) {
2014-10-22 19:59:09 +02:00
return array(true, array());
2014-07-20 12:26:15 +02:00
}
else {
2014-10-22 19:59:09 +02:00
return array(false, array('current_password' => array(t('Wrong password'))));
2014-07-20 12:26:15 +02:00
}
}
2014-10-22 19:59:09 +02:00
return array(false, $v->getErrors());
2014-07-20 12:26:15 +02:00
}
}