BMLT Root Server
c_comdef_user.class.php
Go to the documentation of this file.
1 <?php
2 /***********************************************************************/
3 /** \file c_comdef_user.class.php
4  \brief The class file for the c_comdef_change class.
5 
6  This file is part of the Basic Meeting List Toolbox (BMLT).
7 
8  Find out more at: https://bmlt.app
9 
10  BMLT is free software: you can redistribute it and/or modify
11  it under the terms of the MIT License.
12 
13  BMLT is distributed in the hope that it will be useful,
14  but WITHOUT ANY WARRANTY; without even the implied warranty of
15  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16  MIT License for more details.
17 
18  You should have received a copy of the MIT License along with this code.
19  If not, see <https://opensource.org/licenses/MIT>.
20 */
21 
22 defined('BMLT_EXEC') or die('Cannot Execute Directly'); // Makes sure that this file is in the correct context.
23 
24 require_once(dirname(__FILE__)."/../shared/classes/base_templates.inc.php");
25 require_once(dirname(__FILE__)."/../shared/classes/comdef_utilityclasses.inc.php");
26 
29 define("_USER_LEVEL_EDITOR", 3);
30 define("_USER_LEVEL_DISABLED", 4);
31 define("_USER_LEVEL_OBSERVER", 5);
32 
33 /***********************************************************************/
34 /** \class c_comdef_user
35  \brief This class handles BMLT users. One instance is created for
36  each user on the server.
37 ***********************************************************************/
38 // phpcs:disable PSR1.Classes.ClassDeclaration.MissingNamespace
39 // phpcs:disable Squiz.Classes.ValidClassName.NotCamelCaps
41 // phpcs:enable PSR1.Classes.ClassDeclaration.MissingNamespace
42 // phpcs:enable Squiz.Classes.ValidClassName.NotCamelCaps
43 {
44  /// An integer, containing the unique ID of this user.
45  private $_id_bigint = null;
46 
47  /**
48  \brief An integer, containing the user level.
49 
50  Values:
51  - (1) Server Administrator -There can only be one. The user ID is always 1.
52  This administrator can edit all aspects of the server.
53  - (2) Service Body Administrator -There can only be one per Service Body
54  A Service Body Administrator can edit all meetings from the Service Body
55  that assigns the user as its administrator. This user can also assign
56  other Service Body Administrators or Editors as users able to edit
57  meetings belonging to the Service Body.
58  A Service Body Administrator can also edit Service Body information.
59  NOTE: A Service Body Administrator only has extra rights when assigned
60  to a specific Service Body. If assigned as an Editor on another Service
61  Body, they do not have rights beyond those of an Editor.
62  - (3) Editor -There can be many.
63  An Editor is assigned by a Service Body Administrator to edit meetings
64  for that Service Body. They can only edit meetings; not users or
65  Service Bodies.
66  Making a user an editor (or a Service Body Administrator) doesn't
67  automatically give them any rights. They must first be assigned to a
68  Service Body, either by the Server Administrator (Service Body Administrators),
69  or by a Service Body Administrator (Editors).
70  - (4) User Disabled.
71  - (5) Observer -There can be many. This user cannot make changes, but can see visibility 0
72  data items in meetings for the Service bodies to which it has been attached..
73  */
74  private $_user_level_tinyint = null;
75 
76  /// A string, containing the user's email address.
77  private $_email_address_string = null;
78 
79  /// A string, containing the user's login ID.
80  private $_login_string = null;
81 
82  /// A string, containing the user's encrypted password.
83  private $_password_string = null;
84 
85  /// A time date, indicating the last time the user was active. This will be useful for administration.
86  private $_last_access = null;
87 
88  /// An integer containing the id of the user that owns this user.
89  private $_owner_id_bigint = -1;
90 
91  /*******************************************************************/
92  /** \brief Updates or adds this instance to the database.
93 
94  \returns true if successful, false, otherwise.
95 
96  \throws a PDOException if there is a problem.
97  */
98  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
99  public function UpdateToDB(
100  $is_rollback = false, ///< If true, this is a rollback operation.
101  $new_login = null, ///< This is a new login (Due to the self-checking, we can't set our own login before this). If it is null, no new password will be set.
102  $new_pass = null ///< This is a new password (Due to the self-checking, we can't set our own pass before this). If it is null, no new password will be set.
103  ) {
104  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
105  $ret = false;
106 
108 
109  if ($cur_user instanceof c_comdef_user) {
110  $cur_user_clone = clone ( $cur_user ); // This little dance is to make sure that the live object wasn't changed.
111  $cur_user_clone->RestoreFromDB();
112 
113  if ($cur_user_clone->UserCanEdit($cur_user)) {
114  // We take a snapshot of the user as it currently sits in the database as a "before" image.
115  $before = null;
116  $before_id = null;
117  $before_lang = null;
118  $before_obj = c_comdef_server::GetOneUser($this->GetID());
119 
120  if ($before_obj instanceof c_comdef_user) {
121  $before_obj_clone = clone $before_obj;
122  $before_obj_clone->RestoreFromDB();
123  $before = $before_obj_clone->SerializeObject();
124  $before_id = $before_obj_clone->GetID();
125  $before_lang = $before_obj_clone->GetLocalLang();
126  $before_obj_clone = null;
127  }
128 
129  $this->DeleteFromDB_NoRecord();
130 
131  try {
132  $update = array();
133  if ($this->_id_bigint) {
134  array_push($update, $this->_id_bigint);
135  }
136  array_push($update, $this->_user_level_tinyint);
137  array_push($update, $this->_email_address_string);
138 
139  if (null != $new_login) {
140  $this->SetLogin($new_login);
141  }
142 
143  array_push($update, $this->_login_string);
144 
145  if (null != $new_pass) {
146  $this->SetNewPassword($new_pass);
147  }
148 
149  array_push($update, $this->GetPassword());
150  array_push($update, date("Y-m-d H:i:s", $this->_last_access));
151  array_push($update, $this->GetLocalName());
152  array_push($update, $this->GetLocalDescription());
153  array_push($update, $this->GetLocalLang());
154  array_push($update, $this->GetOwnerID());
155 
156  $sql = "INSERT INTO `".c_comdef_server::GetUserTableName_obj()."` (";
157  if ($this->_id_bigint) {
158  $sql .= "`id_bigint`,";
159  }
160  $sql .= "`user_level_tinyint`,`email_address_string`,`login_string`,`password_string`,`last_access_datetime`,`name_string`,`description_string`,`lang_enum`, `owner_id_bigint`) VALUES (";
161  if ($this->_id_bigint) {
162  $sql .= "?,";
163  }
164  $sql .= "?,?,?,?,?,?,?,?,?)";
165  c_comdef_dbsingleton::preparedExec($sql, $update);
166  // If this is a new user, then we'll need to fetch the ID.
167  if (!$this->_id_bigint) {
168  $sql = "SELECT LAST_INSERT_ID()";
170  if (is_array($rows) && count($rows)) {
171  $this->_id_bigint = intval($rows[0]['last_insert_id()']);
172  }
173  }
174 
175  $after = $this->SerializeObject();
176  $after_id = $this->GetID();
177  $after_lang = $this->GetLocalLang();
178  $cType = (true == $is_rollback) ? 'comdef_change_type_rollback' : ((null != $before) ? 'comdef_change_type_change' : 'comdef_change_type_new');
179  c_comdef_server::AddNewChange($cur_user->GetID(), $cType, null, $before, $after, 'c_comdef_user', $before_id, $after_id, $before_lang, $after_lang);
180  $ret = true;
181  } catch (Exception $ex) {
182  global $_COMDEF_DEBUG;
183 
184  if ($_COMDEF_DEBUG) {
185  echo "Exception Thrown in c_comdef_user::UpdateToDB()!<br />";
186  var_dump($ex);
187  }
188  throw ( $ex );
189  }
190  }
191  }
192 
193  return $ret;
194  }
195 
196  /*******************************************************************/
197  /** \brief Deletes this instance from the database without creating a change record.
198 
199  \returns true if successful, false, otherwise.
200 
201  \throws a PDOException if there is a problem.
202  */
203  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
204  public function DeleteFromDB_NoRecord()
205  {
206  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
207  $ret = false;
208 
209  if ($this->UserCanEdit()) {
210  try {
211  $sql = "DELETE FROM `".c_comdef_server::GetUserTableName_obj()."` WHERE id_bigint=?";
212  c_comdef_dbsingleton::preparedExec($sql, array ( $this->GetID() ));
213  $ret = true;
214  } catch (Exception $ex) {
215  global $_COMDEF_DEBUG;
216 
217  if ($_COMDEF_DEBUG) {
218  echo "Exception Thrown in c_comdef_user::DeleteFromDB()!<br />";
219  var_dump($ex);
220  }
221  throw ( $ex );
222  }
223  }
224 
225  return $ret;
226  }
227 
228  /*******************************************************************/
229  /** \brief Deletes this instance from the database, and creates a change record.
230 
231  \returns true if successful, false, otherwise.
232 
233  \throws a PDOException if there is a problem.
234  */
235  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
236  public function DeleteFromDB()
237  {
238  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
239  $ret = false;
240 
242 
243  if ($this->UserCanEdit($user)) {
244  // We take a snapshot of the user as it currently sits in the database as a "before" image.
245  $before = null;
246  $before_id = null;
247  $before_lang = null;
248  $before_obj = c_comdef_server::GetOneUser($this->GetID());
249 
250  if ($before_obj instanceof c_comdef_user) {
251  $before = $before_obj->SerializeObject();
252  $before_id = $before_obj->GetID();
253  $before_lang = $before_obj->GetLocalLang();
254  $before_obj = null;
255  }
256 
257  $ret = $this->DeleteFromDB_NoRecord();
258 
259  if ($ret) {
260  c_comdef_server::AddNewChange($user->GetID(), 'comdef_change_type_delete', $this->GetID(), $before, null, 'c_comdef_user', $before_id, null, $before_lang, null);
261  }
262  }
263 
264  return $ret;
265  }
266 
267  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
268  public function ResetChildUsers()
269  {
270  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
271  $ret = false;
272 
273  try {
274  $sql = "UPDATE `".c_comdef_server::GetUserTableName_obj()."` SET owner_id_bigint=-1 WHERE owner_id_bigint=?";
275  c_comdef_dbsingleton::preparedExec($sql, array ( $this->GetID() ));
276  $ret = true;
277  } catch (Exception $ex) {
278  global $_COMDEF_DEBUG;
279 
280  if ($_COMDEF_DEBUG) {
281  echo "Exception Thrown in c_comdef_user::ResetChildUsers()!<br />";
282  var_dump($ex);
283  }
284  throw ( $ex );
285  }
286 
287  return $ret;
288  }
289 
290  /*******************************************************************/
291  /** \brief Updates this instance to the current values in the DB
292  (replacing current values of the instance).
293 
294  \throws a PDOException if there is a problem.
295  */
296  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
297  public function RestoreFromDB()
298  {
299  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
300  try {
301  if ($this->GetID()) {
302  $sql = "SELECT * FROM `".c_comdef_server::GetUserTableName_obj()."` WHERE id_bigint=? LIMIT 1";
303  $rows = c_comdef_dbsingleton::preparedQuery($sql, array ( $this->GetID() ));
304  if (is_array($rows) && count($rows)) {
305  $this->_user_level_tinyint = $rows[0]['user_level_tinyint'];
306  $this->_email_address_string = $rows[0]['email_address_string'];
307  $this->_login_string = $rows[0]['login_string'];
308  $this->_password_string = $rows[0]['password_string'];
309  $this->_owner_id_bigint = $rows[0]['owner_id_bigint'];
310  $time = explode(" ", $rows[0]['last_access_datetime']);
311  $t0 = explode("-", $time[0]);
312  $t1 = explode(":", $time[1]);
313  $this->_last_access = mktime($t1[0], $t1[1], $t1[2], $t0[1], $t0[2], $t0[0]);
314  $this->SetLocalName($rows[0]['name_string']);
315  $this->SetLocalDescription($rows[0]['description_string']);
316  $this->SetLocalLang($rows[0]['lang_enum']);
317  }
318  }
319  } catch (Exception $ex) {
320  global $_COMDEF_DEBUG;
321 
322  if ($_COMDEF_DEBUG) {
323  echo "Exception Thrown in c_comdef_user::RestoreFromDB()!<br />";
324  var_dump($ex);
325  }
326  throw ( $ex );
327  }
328  }
329 
330  /*******************************************************************/
331  /** \brief The initial setup call for the class. If you send in values,
332  the object will set itself up to use them.
333 
334  */
335  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
336  public function __construct(
337  $in_parent_obj, ///< A reference to the parent object for this object
338  $in_id_bigint, ///< Integer. The ID of the user
339  $in_user_level_tinyint,
340  // \brief The user level (an integer).
341  //
342  // Values:
343  // - (1) Server Administrator -There can only be one. The user ID is always 1.
344  // This administrator can edit all aspects of the server.
345  // - (2) Service Body Administrator -There can only be one per Service Body
346  // A Service Body Administrator can edit all meetings from the Service Body
347  // that assigns the user as its administrator. This user can also assign
348  // other Service Body Administrators or Editors as users able to edit
349  // meetings belonging to the Service Body.
350  // A Service Body Administrator can also edit Service Body information.
351  // NOTE: A Service Body Administrator only has extra rights when assigned
352  // to a specific Service Body. If assigned as an Editor on another Service
353  // Body, they do not have rights beyond those of an Editor.
354  // - (3) Editor -There can be many.
355  // An Editor is assigned by a Service Body Administrator to edit meetings
356  // for that Service Body. They can only edit meetings; not users or
357  // Service Bodies.
358  // Making a user an editor (or a Service Body Administrator) doesn't
359  // automatically give them any rights. They must first be assigned to a
360  // Service Body, either by the Server Administrator (Service Body Administrators),
361  // or by a Service Body Administrator (Editors).
362  // - (4) User Disabled.
363  // - (5) Observer -There can be many. This user cannot make changes, but can see visibility 0
364  // data items in meetings for the Service bodies to which it has been attached..
365  $in_email_address_string, ///< A string, containing the user's email address.
366  $in_login_string, ///< A string, containing the user's login.
367  $in_password_string, ///< A string, containing the user's password, in encrypted form.
368  $in_lang_enum, ///< An enum/string, with the user's language.
369  $in_name_string, ///< A string, containing the readble name for the user.
370  $in_description_string, ///< A string, containing a description of the user.
371  $in_owner_id_bigint = -1, ///< An integer containing the id of the user that owns this user.
372  $in_last_access = null ///< An epoch time, indicating the last access of this user (Optional).
373  ) {
374  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
375  // Set the four inherited values.
376  $this->SetParentObj($in_parent_obj);
377  $this->SetLocalLang($in_lang_enum);
378  $this->SetLocalName($in_name_string);
379  $this->SetLocalDescription($in_description_string);
380 
381  // Set the local values.
382  $this->_id_bigint = $in_id_bigint;
383  $this->_user_level_tinyint = $in_user_level_tinyint;
384  $this->_email_address_string = $in_email_address_string;
385  $this->_login_string = $in_login_string;
386  $this->_password_string = $in_password_string;
387  $this->_owner_id_bigint = $in_owner_id_bigint;
388  $this->_last_access = $in_last_access;
389  }
390 
391  /*******************************************************************/
392  /** \brief Returns true if the user is enabled (levels 1-3)
393 
394  \returns a Boolean. true if enabled, false if not.
395  */
396  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
397  public function IsEnabled()
398  {
399  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
400  return ($this->_user_level_tinyint > 0) && ($this->_user_level_tinyint != _USER_LEVEL_DISABLED);
401  }
402 
403  /*******************************************************************/
404  /** \brief Accessor - Returns the user ID as an integer.
405 
406  \returns an integer, containing the user ID.
407  */
408  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
409  public function GetID()
410  {
411  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
412  return $this->_id_bigint;
413  }
414 
415  /*******************************************************************/
416  /** \brief Accessor - Sets the user ID as an integer.
417  */
418  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
419  public function SetID(
420  $in_user_id_bigint ///< An integer, with the user ID.
421  ) {
422  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
423  $this->_id_bigint = $in_user_id_bigint;
424  }
425 
426  /*******************************************************************/
427  /** \brief Accessor - Gets the owner ID as an integer.
428  */
429  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
430  public function GetOwnerID()
431  {
432  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
433  return $this->_owner_id_bigint;
434  }
435 
436  /*******************************************************************/
437  /** \brief Accessor - Sets the owner ID as an integer.
438  */
439  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
440  public function SetOwnerID(
441  $in_owner_id_bigint
442  ) {
443  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
444  $this->_owner_id_bigint = $in_owner_id_bigint;
445  }
446 
447  /*******************************************************************/
448  /** \brief Accessor - Returns the user level as an integer.
449 
450  \returns an integer, containing the user level.
451  Values:
452  - (1) Server Administrator -There can only be one. The user ID is always 1.
453  This administrator can edit all aspects of the server.
454  - (2) Service Body Administrator -There can only be one per Service Body
455  A Service Body Administrator can edit all meetings from the Service Body
456  that assigns the user as its administrator. This user can also assign
457  other Service Body Administrators or Editors as users able to edit
458  meetings belonging to the Service Body.
459  A Service Body Administrator can also edit Service Body information.
460  NOTE: A Service Body Administrator only has extra rights when assigned
461  to a specific Service Body. If assigned as an Editor on another Service
462  Body, they do not have rights beyond those of an Editor.
463  - (3) Editor -There can be many.
464  An Editor is assigned by a Service Body Administrator to edit meetings
465  for that Service Body. They can only edit meetings; not users or
466  Service Bodies.
467  Making a user an editor (or a Service Body Administrator) doesn't
468  automatically give them any rights. They must first be assigned to a
469  Service Body, either by the Server Administrator (Service Body Administrators),
470  or by a Service Body Administrator (Editors).
471  - (4) User Disabled.
472  - (5) Observer -User can see private data in meetings for which it is authorized.
473  */
474  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
475  public function GetUserLevel()
476  {
477  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
478  // We reload ourselves from the database first, just to avoid shenanigans...
479  $this->RestoreFromDB();
480  return $this->_user_level_tinyint;
481  }
482 
483  /*******************************************************************/
484  /** \brief Accessor - Sets the user level.
485  Attempts to set the user level to 1 for users other than User 1 will fail.
486 
487  \returns true if successful, false otherwise.
488  */
489  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
490  public function SetUserLevel(
491  $in_user_level_tinyint
492  // \brief The user level (an integer).
493  // Values:
494  // - (1) Server Administrator -There can only be one. The user ID is always 1.
495  // This administrator can edit all aspects of the server.
496  // - (2) Service Body Administrator -There can only be one per Service Body
497  // A Service Body Administrator can edit all meetings from the Service Body
498  // that assigns the user as its administrator. This user can also assign
499  // other Service Body Administrators or Editors as users able to edit
500  // meetings belonging to the Service Body.
501  // A Service Body Administrator can also edit Service Body information.
502  // NOTE: A Service Body Administrator only has extra rights when assigned
503  // to a specific Service Body. If assigned as an Editor on another Service
504  // Body, they do not have rights beyond those of an Editor.
505  // - (3) Editor -There can be many.
506  // An Editor is assigned by a Service Body Administrator to edit meetings
507  // for that Service Body. They can only edit meetings; not users or
508  // Service Bodies.
509  // Making a user an editor (or a Service Body Administrator) doesn't
510  // automatically give them any rights. They must first be assigned to a
511  // Service Body, either by the Server Administrator (Service Body Administrators),
512  // or by a Service Body Administrator (Editors).
513  // - (4) User Disabled.
514  // - (5) Observer -User can see private data in meetings for which it is authorized.
515  ) {
516  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
517  if (($this->_user_level_tinyint == 1) && ($this->_id_bigint > 1)) {
518  return false;
519  } else {
520  $this->_user_level_tinyint = $in_user_level_tinyint;
521  return true;
522  }
523  }
524 
525  /*******************************************************************/
526  /** \brief Accessor - Returns the user email address.
527 
528  \returns a string, containing the user email address.
529  */
530  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
531  public function GetEmailAddress()
532  {
533  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
534  return $this->_email_address_string;
535  }
536 
537  /*******************************************************************/
538  /** \brief Accessor - Sets the user email address.
539  */
540  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
541  public function SetEmailAddress(
542  $in_email_address_string ///< A string, containing the user's email address.
543  ) {
544  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
545  $this->_email_address_string = $in_email_address_string;
546  }
547 
548  /*******************************************************************/
549  /** \brief Accessor - Returns the user login.
550 
551  \returns a string, containing the user login.
552  */
553  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
554  public function GetLogin()
555  {
556  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
557  return $this->_login_string;
558  }
559 
560  /*******************************************************************/
561  /** \brief Accessor - Sets the userlogin.
562 
563  \returns true if successful, and false if not.
564  */
565  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
566  public function SetLogin(
567  $in_login_string ///< A string, containing the user's login.
568  ) {
569  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
570  $ret = false;
571 
572  if ($in_login_string) {
573  $users_obj = c_comdef_server::GetServer()->GetServerUsersObj();
574 
575  // We are not allowed to select a login that is already in use. The comparison
576  // is case-insensitive.
577  if ($users_obj instanceof c_comdef_users) {
578  $obj_array = $users_obj->GetUsersArray();
579 
580  if (is_array($obj_array)) {
581  $ret = true;
582 
583  foreach ($obj_array as $one_user) {
584  // We don't worry if this is our own object.
585  if ($one_user->GetID() != $this->GetID()) {
586  if (strtolower($one_user->GetLogin()) == strtolower($in_login_string)) {
587  $ret = false;
588  break;
589  }
590  }
591  }
592 
593  // If we went through without a match, we change the login.
594  if ($ret) {
595  $this->_login_string = $in_login_string;
596  }
597  }
598  }
599  }
600 
601  return $ret;
602  }
603 
604  /*******************************************************************/
605  /** \brief See if this is the given user by login and password.
606 
607  The login is case-insensitive, but the password is not.
608 
609  \returns true, if so, false if not.
610  */
611  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
612  public function IsUser(
613  $in_login_string, ///< A string, containing the user's login.
614  $in_password_string, ///< A string, containing the user's password, in encrypted form, or unencrypted, if $in_pw_raw is true.
615  $in_pw_raw = false ///< A Boolean, true if the password has not been encrypted.
616  ) {
617  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
618  $login_match = (strcasecmp($in_login_string, $this->GetLogin()) == 0);
619 
620  // See if we need to encrypt the password.
621  if ($in_pw_raw) {
622  $password_match = password_verify($in_password_string, $this->GetPassword());
623  } else {
624  $password_match = hash_equals($this->GetPassword(), $in_password_string);
625  }
626 
627  return $login_match && $password_match;
628  }
629 
630  /*******************************************************************/
631  /** \brief Accessor - Returns the user password, in encrypted form.
632 
633  \returns a string, containing the user password, as an encrypted hash.
634  */
635  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
636  public function GetPassword()
637  {
638  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
639  return $this->_password_string;
640  }
641 
642  /*******************************************************************/
643  /** \brief Accessor - Sets the password, as an encrypted string.
644  */
645  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
646  public function SetPassword(
647  $in_password_string ///< A string, containing the user's password, in encrypted form.
648  ) {
649  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
650  if (trim($in_password_string)) {
651  $this->_password_string = trim($in_password_string);
652  } else {
653  return null;
654  }
655  }
656 
657  /*******************************************************************/
658  /** \brief Accessor - Sets the password, encrypting it.
659 
660  \returns a string, containing the encrypted password. Returns null if none was provided.
661  */
662  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
663  public function SetNewPassword(
664  $in_password_unencrypted_string ///< A string, containing the user's password, in unencrypted form.
665  ) {
666  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
667  if (trim($in_password_unencrypted_string)) {
669  $strings = $server->GetLocalStrings();
670  $min_pw_len = $strings['min_pw_len'];
671  if ($min_pw_len <= strlen(trim($in_password_unencrypted_string))) {
672  $this->SetPassword(FullCrypt(trim($in_password_unencrypted_string)), $this->GetPassword());
673 
674  return $this->GetPassword();
675  } else {
676  return null;
677  }
678  } else {
679  return null;
680  }
681  }
682 
683  /*******************************************************************/
684  /** \brief Accessor - Gets the last access time.
685 
686  \returns an epoch time that contains the last access time.
687  */
688  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
689  public function GetLastAccess()
690  {
691  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
692  return $this->_last_access;
693  }
694 
695  /*******************************************************************/
696  /** \brief Simply sets the last access time to now.
697  */
698  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
699  public function SetLastAccess(
700  $in_time = null ///< An epoch time. If not provided, now is used.
701  ) {
702  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
703  $this->_last_access = (null != $in_time) ? $in_time : time();
704  }
705 
706  /*******************************************************************/
707  /** \brief Returns a storable serialization of the object, as a string.
708 
709  This is only used for the changes, as the serialized string may not
710  be easily searched.
711 
712  \returns a string, containing the table array, in serialized form.
713  */
714  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
715  public function SerializeObject()
716  {
717  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
718  $serialize_array = array(
719  $this->_id_bigint,
720  $this->_user_level_tinyint,
721  $this->_email_address_string,
722  $this->_login_string,
723  $this->_password_string,
724  $this->_last_access,
725  $this->GetLocalName(),
726  $this->GetLocalDescription(),
727  $this->_owner_id_bigint,
728  $this->GetLocalLang()
729  );
730 
731  return serialize($serialize_array);
732  }
733 
734  /*******************************************************************/
735  /** \brief This takes the serialized table, and instantiates a
736  new object from it.
737 
738  \returns a new instance of c_comdef_user, set up according to
739  the serialized data passed in.
740  */
741  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
742  public static function UnserializeObject(
743  $in_parent, ///< The parent object.
744  $serialized_string ///< A string containing the serialized data.
745  ) {
746  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
747  list ( $_id_bigint,
748  $_user_level_tinyint,
749  $_email_address_string,
750  $_login_string,
751  $_password_string,
752  $_last_access,
753  $_local_name,
754  $_local_description,
755  $_owner_id_bigint,
756  $_local_lang ) = unserialize($serialized_string);
757 
758  return new c_comdef_user($in_parent, $_id_bigint, $_user_level_tinyint, $_email_address_string, $_login_string, $_password_string, $_local_lang, $_local_name, $_local_description, $_owner_id_bigint, $_last_access);
759  }
760 
761  /*******************************************************************/
762  /** \brief Test to see if a user is allowed to edit an instance (change the data).
763 
764  \returns true, if the user is allowed to edit, false, otherwise.
765  */
766  // phpcs:disable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
767  public function UserCanEdit(
768  $in_user_object = null ///< A reference to a c_comdef_user object, for the user to be validated. If null, or not supplied, the server current user is tested.
769  ) {
770  // phpcs:enable PSR1.Methods.CamelCapsMethodName.NotCamelCaps
771  $ret = false;
772 
773  // We load the server user if one wasn't supplied.
774  if (null == $in_user_object) {
775  $in_user_object = c_comdef_server::GetCurrentUserObj();
776  }
777 
778  // We clone, in case changes have been made, and we don't want to screw them up.
779  $in_user_clone = clone $in_user_object;
780 
781  // If it isn't a user object, we fail right there.
782  if ($in_user_clone instanceof c_comdef_user) {
783  $in_user_clone->RestoreFromDB(); // The reason you do this, is to ensure that the user wasn't modified "live." It's a security precaution.
784  // Server admins can edit users. Service body administrators can edit users they own. Any user can edit itself.
785  if ($in_user_clone->GetUserLevel() == _USER_LEVEL_DISABLED) {
786  return false;
787  }
788 
789  if ($in_user_clone->GetUserLevel() == _USER_LEVEL_OBSERVER) {
790  return false;
791  }
792 
793  if ($in_user_clone->GetID() == $this->GetID()) {
794  return true;
795  }
796 
798  return true;
799  }
800 
801  if (c_comdef_server::IsUserServiceBodyAdmin() && $this->GetOwnerID() == c_comdef_server::GetCurrentUserObj()->GetID()) {
802  return true;
803  }
804 
805  $in_user_clone = null;
806  }
807 
808  return $ret;
809  }
810 }
static AddNewChange($in_user_id_bigint, $in_change_type, $in_service_body_id_bigint, $in_before_string, $in_after_string, $in_object_class_string, $in_before_obj_id_bigint, $in_after_obj_id_bigint, $in_before_obj_lang_enum=null, $in_after_obj_lang_enum=null, $in_name_string=null, $in_description_string=null, $in_lang_enum=null)
Creates a new change record in the Database.
GetLogin()
Accessor - Returns the user login.
static UnserializeObject($in_parent, $serialized_string)
This takes the serialized table, and instantiates a new object from it.
static GetOneUser($in_id_bigint)
Given an ID for a user, it returns one instance.
static preparedExec($sql, $params=array())
Wrapper for preparing and executing a PDOStatement that does not return a resultset e...
DeleteFromDB()
Deletes this instance from the database, and creates a change record.
SetPassword($in_password_string)
Accessor - Sets the password, as an encrypted string.
This class handles BMLT users. One instance is created for each user on the server.
$ret
Definition: contact.php:226
const _USER_LEVEL_SERVICE_BODY_ADMIN
const _USER_LEVEL_OBSERVER
static preparedQuery($sql, $params=array(), $fetchKeyPair=false)
Wrapper for preparing and executing a PDOStatement that returns a resultset e.g. SELECT SQL statement...
FullCrypt($in_string, $in_salt=null, &$crypt_method=null)
Encrypts a string, using the most effective encryption.
const _USER_LEVEL_DISABLED
GetID()
Accessor - Returns the user ID as an integer.
IsEnabled()
Returns true if the user is enabled (levels 1-3)
SetID($in_user_id_bigint)
Accessor - Sets the user ID as an integer.
const _USER_LEVEL_SERVER_ADMIN
SetLastAccess($in_time=null)
Simply sets the last access time to now.
SetUserLevel($in_user_level_tinyint)
Accessor - Sets the user level. Attempts to set the user level to 1 for users other than User 1 will ...
Allows us to specify a language to the instance (example: English or French)
A class to hold a collection of c_comdef_users objects.
static IsUserServiceBodyAdmin($in_user_obj=null, $in_is_ajax=false)
Find out if the user is a service body admin.
SerializeObject()
Returns a storable serialization of the object, as a string.
GetLastAccess()
Accessor - Gets the last access time.
GetOwnerID()
Accessor - Gets the owner ID as an integer.
GetPassword()
Accessor - Returns the user password, in encrypted form.
const _USER_LEVEL_EDITOR
$server
Definition: GetLangs.php:25
Interface for entities that can be rendered into serialized form.
__construct($in_parent_obj, $in_id_bigint, $in_user_level_tinyint, $in_email_address_string, $in_login_string, $in_password_string, $in_lang_enum, $in_name_string, $in_description_string, $in_owner_id_bigint=-1, $in_last_access=null)
The initial setup call for the class. If you send in values, the object will set itself up to use the...
Interface for entities that store themselves in the database.
DeleteFromDB_NoRecord()
Deletes this instance from the database without creating a change record.
defined('BMLT_EXEC') or define('BMLT_EXEC'
Definition: index.php:3
UpdateToDB($is_rollback=false, $new_login=null, $new_pass=null)
Updates or adds this instance to the database.
global $_COMDEF_DEBUG
This flag, when set to true, will cause extra debug information to be output.
static GetCurrentUserObj($in_is_ajax=false)
Get the current logged-in user, as a c_comdef_user instance.
SetNewPassword($in_password_unencrypted_string)
Accessor - Sets the password, encrypting it.
GetEmailAddress()
Accessor - Returns the user email address.
SetOwnerID($in_owner_id_bigint)
Accessor - Sets the owner ID as an integer.
UserCanEdit($in_user_object=null)
Test to see if a user is allowed to edit an instance (change the data).
static IsUserServerAdmin($in_user_obj=null, $in_is_ajax=false)
Find out if the user is a server admin.
SetLogin($in_login_string)
Accessor - Sets the userlogin.
RestoreFromDB()
Updates this instance to the current values in the DB (replacing current values of the instance)...
IsUser($in_login_string, $in_password_string, $in_pw_raw=false)
See if this is the given user by login and password.
Interface for entities that authenticate users.
SetEmailAddress($in_email_address_string)
Accessor - Sets the user email address.
GetUserLevel()
Accessor - Returns the user level as an integer.