Habari: system/classes/usergroup.php Source File

00001 <?php
00011 namespace Habari;
00012 
00017 class UserGroup extends QueryRecord
00018 {
00019   // These arrays hold the current membership, permission and token settings for this group
00020   // $member_ids is not NOT matched key and value pairs ( like array('foo'=>'foo') )
00021   private $member_ids = null;
00022   private $permissions;
00023 
00028   public static function default_fields()
00029   {
00030     return array(
00031       'id' => '',
00032       'name' => ''
00033     );
00034   }
00035 
00040   public function __construct( $paramarray = array() )
00041   {
00042     $this->fields = array_merge(
00043       self::default_fields(),
00044       $this->fields
00045     );
00046     parent::__construct( $paramarray );
00047 
00048     // exclude field keys from the $this->fields array that should not be updated in the database on insert/update
00049     $this->exclude_fields( array( 'id' ) );
00050   }
00051 
00058   public static function create( $paramarray )
00059   {
00060     $usergroup = new UserGroup( $paramarray );
00061     if ( $usergroup->insert() ) {
00062       return $usergroup;
00063     }
00064     else {
00065       // Does the group already exist?
00066       if ( isset( $paramarray['name'] ) ) {
00067         $exists = DB::get_value( 'SELECT count(1) FROM {groups} WHERE name = ?', array( $paramarray['name'] ) );
00068         if ( $exists ) {
00069           return UserGroup::get_by_name( $paramarray['name'] );
00070         }
00071       }
00072       return false;
00073     }
00074   }
00075 
00079   public function insert()
00080   {
00081     $exists = DB::get_value( 'SELECT count(1) FROM {groups} WHERE name = ?', array( $this->name ) );
00082     if ( $exists ) {
00083       return false;
00084     }
00085 
00086     $allow = true;
00087     // plugins have the opportunity to prevent insertion
00088     $allow = Plugins::filter( 'usergroup_insert_allow', $allow, $this );
00089     if ( ! $allow ) {
00090       return false;
00091     }
00092     Plugins::act( 'usergroup_insert_before', $this );
00093     $this->exclude_fields( 'id' );
00094     $result = parent::insertRecord( DB::table( 'groups' ) );
00095     $this->fields['id'] = DB::last_insert_id();
00096 
00097     $this->set_member_list();
00098 
00099     EventLog::log( _t( 'New group created: %s', array( $this->name ) ), 'info', 'default', 'habari' );
00100     Plugins::act( 'usergroup_insert_after', $this );
00101     return $result;
00102   }
00103 
00107   public function update()
00108   {
00109     $allow = true;
00110     // plugins have the opportunity to prevent modification
00111     $allow = Plugins::filter( 'usergroup_update_allow', $allow, $this );
00112     if ( ! $allow ) {
00113       return false;
00114     }
00115     Plugins::act( 'usergroup_update_before', $this );
00116 
00117     $this->set_member_list();
00118 
00119     EventLog::log( _t( 'User Group updated: %s', array( $this->name ) ), 'info', 'default', 'habari' );
00120     Plugins::act( 'usergroup_update_after', $this );
00121   }
00122 
00126   protected function set_member_list()
00127   {
00128     $this->load_member_cache();
00129 
00130     // Remove all users from this group in preparation for adding the current list
00131     DB::query( 'DELETE FROM {users_groups} WHERE group_id=?', array( $this->id ) );
00132     // Add the current list of users into the group
00133     foreach ( $this->member_ids as $user_id ) {
00134       DB::query( 'INSERT INTO {users_groups} (user_id, group_id) VALUES (?, ?)', array( $user_id, $this->id ) );
00135     }
00136     EventLog::log( _t( 'User Group %s: Member list reset', array( $this->name ) ), 'notice', 'user', 'habari' );
00137   }
00138 
00142   public function delete()
00143   {
00144     $allow = true;
00145     // plugins have the opportunity to prevent deletion
00146     $allow = Plugins::filter( 'usergroup_delete_allow', $allow, $this );
00147     if ( ! $allow ) {
00148       return;
00149     }
00150 
00151     $name = $this->name;
00152     Plugins::act( 'usergroup_delete_before', $this );
00153     // remove all this group's permissions
00154     $results = DB::query( 'DELETE FROM {group_token_permissions} WHERE group_id=?', array( $this->id ) );
00155     // remove all this group's members
00156     $results = DB::query( 'DELETE FROM {users_groups} WHERE group_id=?', array( $this->id ) );
00157     // remove this group
00158     $result = parent::deleteRecord( DB::table( 'groups' ), array( 'id' => $this->id ) );
00159     Plugins::act( 'usergroup_delete_after', $this );
00160     EventLog::log( _t( 'User Group %s: Group deleted.', array( $name ) ), 'notice', 'user', 'habari' );
00161     return $result;
00162   }
00163 
00170   public function __get( $param )
00171   {
00172     switch ( $param ) {
00173       case 'members':
00174         $this->load_member_cache();
00175         return (array) $this->member_ids;
00176         break;
00177       case 'users':
00178         $this->load_member_cache();
00179         $results = DB::get_results( 'SELECT u.* FROM {users} u INNER JOIN {users_groups} ug ON ug.user_id = u.id WHERE ug.group_id= ?', array( $this->id ), 'User' );
00180         if ( in_array( 0, $this->member_ids ) ) {
00181           $results[] = User::anonymous();
00182         }
00183         return $results;
00184       case 'permissions':
00185         $this->load_permissions_cache();
00186         return $this->permissions;
00187         break;
00188       default:
00189         return parent::__get( $param );
00190         break;
00191     }
00192   }
00193 
00198   public function add( $users )
00199   {
00200     $this->load_member_cache();
00201     $users = Utils::single_array( $users );
00202     // Use ids internally for all users
00203     $user_ids = array_map( Method::create( '\Habari\User', 'get_id' ), $users );
00204     // Remove users from group membership
00205     $this->member_ids = array_merge( (array) $this->member_ids, (array) $user_ids );
00206     // List each group member exactly once
00207     $this->member_ids = array_unique( $this->member_ids );
00208     $this->update();
00209 
00210     EventLog::log( _t( 'User Group %1$s: Users were added to the group.', array( $this->name ) ), 'notice', 'user', 'habari' );
00211   }
00212 
00217   public function remove( $users )
00218   {
00219     $this->load_member_cache();
00220     $users = Utils::single_array( $users );
00221     // Use ids internally for all users
00222     $users = array_map( Method::create( '\Habari\User', 'get_id' ), $users );
00223     // Remove users from group membership
00224     $this->member_ids = array_diff( $this->member_ids, $users );
00225     $this->update();
00226 
00227     EventLog::log( _t( 'User Group %1$s: Users were removed from the group.', array( $this->name ) ), 'notice', 'user', 'habari' );
00228   }
00229 
00234   public function grant( $tokens, $access = 'full' )
00235   {
00236     $tokens = Utils::single_array( $tokens );
00237     // Use ids internally for all tokens
00238     $tokens = array_map( Method::create( '\Habari\ACL', 'token_id' ), $tokens );
00239 
00240     // grant the new permissions
00241     foreach ( $tokens as $token ) {
00242       ACL::grant_group( $this->id, $token, $access );
00243     }
00244   }
00245 
00250   public function deny( $tokens )
00251   {
00252     $this->grant( $tokens, 'deny' );
00253   }
00254 
00259   public function revoke( $tokens )
00260   {
00261     $tokens = Utils::single_array( $tokens );
00262     $tokens = array_map( Method::create( '\Habari\ACL', 'token_id' ), $tokens );
00263 
00264     foreach ( $tokens as $token ) {
00265       ACL::revoke_group_token( $this->id, $token );
00266     }
00267   }
00268 
00277   public function can( $token, $access = 'full' )
00278   {
00279     $token = ACL::token_id( $token );
00280     $this->load_permissions_cache();
00281     if ( isset( $this->permissions[$token] ) && ACL::access_check( $this->permissions[$token], $access ) ) {
00282       return true;
00283     }
00284     return false;
00285   }
00286 
00293   public function get_access( $token )
00294   {
00295     $token = ACL::token_id( $token );
00296     $this->load_permissions_cache();
00297     if ( isset( $this->permissions[$token] ) ) {
00298       return ACL::get_bitmask( $this->permissions[$token] );
00299     }
00300     return false;
00301   }
00302 
00308   public function get_tokens()
00309   {
00310     $this->load_permissions_cache();
00311     return $this->permissions;
00312   }
00313 
00317   public function clear_permissions_cache()
00318   {
00319     //unset( $this->permissions );
00320     $this->permissions = null;
00321   }
00322 
00326   public function load_permissions_cache()
00327   {
00328     if ( is_null( $this->permissions ) ) {
00329       if ( $results = DB::get_results( 'SELECT token_id, access_mask FROM {group_token_permissions} WHERE group_id=?', array( $this->id ) ) ) {
00330         foreach ( $results as $result ) {
00331           $this->permissions[$result->token_id] = ACL::get_bitmask( $result->access_mask );
00332         }
00333       }
00334     }
00335   }
00336 
00343   public static function get( $group )
00344   {
00345     if ( $group instanceof UserGroup ) {
00346       return $group;
00347     }
00348     if ( is_numeric( $group ) ) {
00349       return self::get_by_id( $group );
00350     }
00351     else {
00352       return self::get_by_name( $group );
00353     }
00354   }
00355 
00361   public static function get_by_id( $id )
00362   {
00363     return DB::get_row( 'SELECT * FROM {groups} WHERE id=?', array( $id ), 'UserGroup' );
00364   }
00365 
00371   public static function get_by_name( $name )
00372   {
00373     return DB::get_row( 'SELECT * FROM {groups} WHERE name=?', array( $name ), 'UserGroup' );
00374   }
00375 
00381   public static function exists( $group )
00382   {
00383     return !is_null( self::id( $group ) );
00384   }
00385 
00391   public static function name( $id )
00392   {
00393     $check_field = is_numeric( $id ) ? 'id' : 'name';
00394     $name = DB::get_value( "SELECT name FROM {groups} WHERE {$check_field}=?", array( $id ) );
00395     return $name;  // get_value returns false if no record is returned
00396   }
00397 
00403   public static function id( $name )
00404   {
00405     if($name instanceof UserGroup) {
00406       return $name->id;
00407     }
00408     elseif(is_numeric($name)) {
00409       $check_field = 'id';
00410     }
00411     else {
00412       $check_field = 'name';
00413     }
00414     $id = DB::get_value( "SELECT id FROM {groups} WHERE {$check_field}=?", array( $name ) );
00415     return $id; // get_value returns false if no record is returned
00416   }
00417 
00423   public function member( $user_id )
00424   {
00425     if ( ! is_numeric( $user_id ) ) {
00426       $user = User::get( $user_id );
00427       $user_id = $user->id;
00428     }
00429 
00430     if ( in_array( $user_id, $this->member_ids ) ) {
00431       return true;
00432     }
00433     return false;
00434   }
00435 
00441   protected function load_member_cache( $refresh = false )
00442   {
00443     // if we have an ID, load this UserGroup's members & permissions
00444     if ( $this->id && ( $refresh || !isset( $this->member_ids ) ) ) {
00445       $this->member_ids = DB::get_column( 'SELECT user_id FROM {users_groups} WHERE group_id= ?', array( $this->id ) );
00446     }
00447   }
00448 }
00449 ?>