Return to
User.class.php
CVS log
Up to [Development] / old-advokit-installer
|
Return to
User.class.php
CVS log
|
Up to [Development] / old-advokit-installer
|
|
File: [Development] / old-advokit-installer / User.class.php
(download)
/
(as text)
Revision: 1.1.1.1 (vendor branch), Sat Jun 5 04:22:18 2004 UTC (6 years, 3 months ago) by travislow Branch: advokit-installer, MAIN CVS Tags: start, HEAD Changes since 1.1: +0 -0 lines Initial import of AdvoKit into voter2voter cvs ... I hope you committed your changes. :-) |
<?
#======================================================================
# A user within turban, from the person table.
#
# (c) 2003, Dawnstar - http://dawnstar.com - info@dawnstar.com
#======================================================================
class User
{
var $anoncookie = "anonymous_NOHASH";
var $userinfo;
var $config;
var $logger;
var $db;
#------------------------------------------------------------
# Instance functions
#------------------------------------------------------------
#.................................................. User
#
# Parse cookie string to see if user exists
# and is logged in. If so, populate the userinfo
# array. Otherwise, make an anonymous user.
#
function User( &$config, &$logger, &$db, $username )
{
$this->config =& $config;
$this->logger =& $logger;
$this->db =& $db;
$this->userinfo = NULL;
if( $username && "anonymous" != $username )
{
$this->userinfo = $db->select_one( "select * from ".W_TBL."person where username='".$username."' and status='A'" );
}
if( $this->userinfo )
{
$this->logger->debug( __FILE__, "User '".$username."' created." );
}
else
{
$this->userinfo = array();
$this->userinfo["username"] = "anonymous";
$this->userinfo["id"] = 1;
$this->userinfo["department_id"] = 1;
$this->userinfo["firstname"] = "Anonymous";
$this->userinfo["nickname"] = "Anonymous";
$this->userinfo["lastname"] = "Anonymous";
$this->logger->debug( __FILE__, "Anonymous user created." );
}
}
#.................................................. isAnonymous
#
# Return true if the user is anonymous
#
function isAnonymous()
{
return ( 0 == $this->userinfo["id"] || 1 == $this->userinfo["id"] );
}
#.................................................. isAdmin
#
# Return TRUE if the user belongs to a section having
# the administrative attribute.
#
function isAdmin()
{
$this->logger->debug( __FILE__, "Checking for administrator rights for '".$this->getUsername()."'..." );
$id = $this->getId();
if( ! $id || 1 == $id )
{
$this->logger->debug( __FILE__, " ...anonymous user - administrator rights NOT granted." );
return NULL;
}
$sql = "select * from ".W_TBL."personsection left join ".W_TBL."section on (id = section_id) where person_id=".$id." and admin='Y'";
$sections = $this->db->select_all( $sql );
if( ! $sections )
{
$this->logger->debug( __FILE__, " ...unprivileged user - administrator rights NOT granted." );
return NULL;
}
$this->logger->debug( __FILE__, " ...administrator rights GRANTED! Remember: With great power comes great responsibility." );
return TRUE;
}
#.................................................. isTech
#
# Return TRUE if the user belongs to a section having
# the technician attribute.
#
function isTech()
{
$this->logger->debug( __FILE__, "Checking for technician rights for '".$this->getUsername()."'..." );
$id = $this->getId();
if( ! $id || 1 == $id )
{
$this->logger->debug( __FILE__, " ...anonymous user - technician rights NOT granted." );
return NULL;
}
$sql = "select * from ".W_TBL."personsection left join ".W_TBL."section on (id = section_id) where person_id=$id and tech='Y'";
$sections = $this->db->select_all( $sql );
if( ! $sections )
{
$this->logger->debug( __FILE__, " ...unprivileged user - technician rights NOT granted." );
return NULL;
}
$this->logger->debug( __FILE__, " ...technician rights GRANTED!" );
return TRUE;
}
#.................................................. isSpecial
#
# Return TRUE if the user belongs to a section having
# the special attribute.
#
function isSpecial()
{
$this->logger->debug( __FILE__, "Checking for special rights for '".$this->getUsername()."'..." );
$id = $this->getId();
if( ! $id || 1 == $id )
{
$this->logger->debug( __FILE__, " ...anonymous user - special rights NOT granted." );
return NULL;
}
$sql = "select * from ".W_TBL."personsection left join ".W_TBL."section on (id = section_id) where person_id=$id and special='Y'";
$sections = $this->db->select_all( $sql );
if( ! $sections )
{
$this->logger->debug( __FILE__, " ...unprivileged user - special rights NOT granted." );
return NULL;
}
$this->logger->debug( __FILE__, " ...special rights GRANTED!" );
return TRUE;
}
#.................................................. getPassword
#
# Return the password hash.
#
function getPassword()
{
return $this->userinfo["password"];
}
#.................................................. getUsername
#
# Return the username (login name).
#
function getUsername()
{
return $this->userinfo["username"];
}
#.................................................. getId
#
# Return the id (db primary key).
#
function getId()
{
return $this->userinfo["id"] ? $this->userinfo["id"] : 1;
}
#.................................................. get
#
# Return the specified value
#
function get( $key )
{
return $this->userinfo[$key];
}
#.................................................. isLoggedIn
#
# Return true if the user is logged in. We unset
# password for anonymous users, so just use that.
#
function isLoggedIn()
{
return ! $this->isAnonymous();
}
#.................................................. updateLastActivity
#
# Set the last activity for this user to the current time.
#
function updateLastActivity()
{
$this->db->execute( "update ".W_TBL."person set lastactivity=now() where id=".$this->getId() );
}
#.................................................. getSectionIds
#
# Return an array containing sections to which the user belongs.
# Return NULL if the user belongs to no sections.
#
function getSectionIds()
{
if( $this->isAnonymous() )
{
return array( array( "section_id" => "1" ) );
}
$sql = "select section_id from ".W_TBL."personsection where person_id=".$this->getId();
return( $this->db->select_all( $sql ) );
}
#.................................................. hasDisplayAcls
#
# Return true if the user belongs to a section that is
# listed in the sectiondisplay table for the specified displayname.
#
# The semantics of this depend on the value of the access_policy
# configuration option. If the policy is "deny", then a match
# means that the user is denied access to the display. Vice versa
# if the policy is "allow".
#
function hasDisplayAcls( $displayname )
{
$section_ids = $this->getSectionIds();
if( !$section_ids )
{
# If user isn't in a section, there can't be any acls.
# (Rhymes with "cackles".)
return FALSE;
}
$sql = "select section_id from ".W_TBL."sectiondisplay where displayname='".$displayname."'";
$acled_section_ids = $this->db->select_all( $sql );
if( !$acled_section_ids )
{
# If nothing appropriate in sectiondisplay table,
# then no acls.
return FALSE;
}
for( $i = 0; $i < count( $section_ids ); $i++ )
{
for( $j = 0; $j < count( $acled_section_ids ); $j++ )
{
if( $section_ids[$i]["section_id"] == $acled_section_ids[$j]["section_id"] )
{
# Display is mentioned in the sectiondisplay table,
# so it's acled. (Rhymes with "cackled".)
return TRUE;
}
}
}
# If we made it through all this, then there can't
# possibly be any acles.
return FALSE;
}
#.................................................. hasActionAcls
#
# Return true if the user belongs to a section that is
# listed in the sectionaction table for the specified actionname.
#
# The semantics of this depend on the value of the access_policy
# configuration option. If the policy is "deny", then a match
# means that the user is denied access to the action. Vice versa
# if the policy is "allow".
#
function hasActionAcls( $actionname )
{
$section_ids = $this->getSectionIds();
if( !$section_ids )
{
# If user isn't in a section, there can't be any acls.
# (Rhymes with "cackles".)
return TRUE;
}
$actionname = preg_replace( "/Action$/", "", $actionname );
$sql = "select section_id from ".W_TBL."sectionaction where actionname='".$actionname."'";
$acled_section_ids = $this->db->select_all( $sql );
if( !$acled_section_ids )
{
# If nothing appropriate in sectionaction table,
# then no acls.
return FALSE;
}
for( $i = 0; $i < count( $section_ids ); $i++ )
{
for( $j = 0; $j < count( $acled_section_ids ); $j++ )
{
if( $section_ids[$i]["section_id"] == $acled_section_ids[$j]["section_id"] )
{
# Action is mentioned in the sectionaction table,
# so it's acled. (Rhymes with "cackled".)
return TRUE;
}
}
}
# If we made it through all this, then there can't
# possibly be any acles.
return FALSE;
}
#.................................................. canView
#
# Return true if the user has the right to view the
# specified display.
#
function canView( $displayname )
{
if( ! $displayname )
{
# Anyone can view nothing. Why not?
return true;
}
$hasdisplay = $this->hasDisplayAcls( $displayname );
if( "allow" == $this->config->get( "access_policy" ) )
{
return !$hasdisplay;
}
else
{
return $hasdisplay;
}
}
#.................................................. canPerform
#
# Return true if the user has the right to perform the
# specified action.
#
function canPerform( $actionname )
{
if( ! $actionname )
{
# Anyone can do nothing.
return true;
}
$hasaction = $this->hasActionAcls( $actionname );
if( "allow" == $this->config->get( "access_policy" ) )
{
return !$hasaction;
}
else
{
return $hasaction;
}
}
}
?>
| cvsadmin@voter2voter.org | CVS Snapshots (updated daily) |