diff --git a/User.php b/User.php index 13c3914..facad8d 100644 --- a/User.php +++ b/User.php @@ -3,25 +3,34 @@ class User { protected $is_connected = false; + protected $login; protected $external_id; //the user's ID on the external auth system (Object SID on LDAP) protected $id; //the internal id to store locally user's datas protected $display_name; protected $auth_method; - protected $groups =array(); + protected $is_admin = false; + protected $groups = null; protected $db; public function __sleep(){ - return array('is_connected','external_id','id','display_name','auth_method','groups'); + return array('is_connected','external_id','id','display_name','auth_method','groups','is_admin','login'); } - - public function get_id() + + public function get_display_name() { - if($this->is_connected){ + return $this->display_name; + } + public function get_id($force = false) + { + if($this->is_connected || $force){ return $this->id; } return false; } + public function is_admin(){ + return $this->is_admin; + } public function is_connected() { return $this->is_connected; @@ -34,8 +43,37 @@ class User } return false; } - public function get_groups() + public function load_groups() + { + $this->groups = array(); + $tableUsers = User_Manager::get_table_users_str(); + $tableGroups = User_Manager::get_table_groups_str(); + $tableRel = $tableUsers . "_" . $tableGroups ." _rel"; + + $sql = " + SELECT + $tableRel.group_id as id, + $tableGroups.name as name + FROM + $tableRel, $tableGroups + WHERE $tableRel.group_id = $tableGroups.id + AND $tableRel.user_id=:user_id; + "; + $rs = $this->$db->prepare($sql); + $rs->execute( array(":id" => $this->get_id()) ); + $groups = $rs->fetchAll(PDO::FETCH_ASSOC); + foreach($groups as $group) + { + $this->groups[ $group["id"] ] = $group["name"]; + } + + } + public function get_groups($forceRefresh = false) { + if(is_null($this->groups) || $forceRefresh) { + //les groupes n'ont pas été initialisés pour cet user + $this->load_groups(); + } return $this->groups; } @@ -47,5 +85,19 @@ class User public function __construct(PDO $db){ $this->db = $db; } + + /* + * + */ + public function set_properties($properties) + { + $setableProperties = array("login","external_id","id","display_name","auth_method","is_admin","groups"); + foreach ($setableProperties as $setableProperty){ + if(isset($properties[$setableProperty])){ + $this->$setableProperty = $properties[$setableProperty]; + } + } + return $this; + } } diff --git a/User_Manager.php b/User_Manager.php index 520a42a..87074ef 100644 --- a/User_Manager.php +++ b/User_Manager.php @@ -6,9 +6,24 @@ class User_Manager private static $table_users = 'users'; private static $table_groups = 'groups'; + //could append 'ldap', 'cas': private static $available_auth_methods = array('local'); + + public static function get_table_users_str() + { + return self::$table_users; + } + public static function get_table_groups_str() + { + return self::$table_groups; + } + public static function get_table_users_groups_rel_str() + { + return self::get_table_users_str() . "_" . self::get_table_groups_str() ."_rel"; + } + const QUERY_CREATE_TABLE_USERS = " CREATE TABLE %table_users% ( `id` int(11) NOT NULL AUTO_INCREMENT, @@ -44,6 +59,14 @@ class User_Manager ); "; + const QUERY_CREATE_DEFAULT_GROUPS = " + INSERT INTO %table_groups% (id,name,active,created_time,created_by,updated_time,updated_by) + VALUES ('0','Administrateurs','1',NOW(),'0',NOW(),'0'), + ('1','Responsables sécurité','1',NOW(),'0',NOW(),'0'), + ('2','Agent de prévention HSE','1', NOW(),'0',NOW(),'0') + ; + "; + const QUERY_CREATE_REL_USERS_GROUPS = " CREATE TABLE `%table_users%_%table_groups%_rel` ( `user_id` int(11) NOT NULL, @@ -76,6 +99,7 @@ class User_Manager str_replace($searched,$replace,self::QUERY_CREATE_SYSTEM_USER), str_replace($searched,$replace,self::QUERY_CREATE_TABLE_GROUPS), str_replace($searched,$replace,self::QUERY_CREATE_REL_USERS_GROUPS), + str_replace($searched,$replace,self::QUERY_CREATE_DEFAULT_GROUPS) ); foreach($queries as $query) { @@ -87,7 +111,7 @@ class User_Manager } - public function authentificate($db,$login, $password){ + public function authentificate(PDO $db, STRING $login, STRING $password){ foreach(self::$available_auth_methods as $method){ @@ -109,4 +133,78 @@ class User_Manager return $user; } + public static function add_user_to_group(PDO $db, $userId,$groupId) + { + $tableRel = self::get_table_users_groups_rel_str(); + $sql = "INSERT INTO $tableRel (user_id,group_id) VALUES (:userid, :groupid)"; + $rs = $db->prepare($sql); + + $rs->execute( array( + ":userid" => $userId, + ":groupid" => $groupId + )); + + } + /* + * Return an array of users objects. + * is_connected for each ones is set to false + */ + public static function get_users_list(PDO $db, $activesOnly = true) + { + $tableUsers = self::get_table_users_str(); + $tableGroups = self::get_table_groups_str(); + $tableRel = $tableUsers . "_" . $tableGroups ."_rel"; + + $list = array(); + + $sql = " + SELECT + $tableUsers.id as id, + $tableUsers.login as login, + $tableUsers.display_name as display_name, + $tableUsers.auth_method as auth_method, + $tableUsers.external_uid as external_id, + $tableUsers.admin as is_admin, + $tableUsers.active as active, + GROUP_CONCAT(groupsrel.group_id SEPARATOR \",\") as groups_ids, + GROUP_CONCAT(groups.name SEPARATOR \",\") as groups_name + FROM + $tableUsers LEFT JOIN $tableRel as groupsrel ON groupsrel.user_id = $tableUsers.id + LEFT JOIN $tableGroups as groups ON groups.id = groupsrel.group_id + GROUP BY $tableUsers.id; + "; + + $rs = $db->query($sql); + + while ($r = $rs->fetch()) + { + + $groups_id = explode(",", $r["groups_ids"]); + $groups_names = explode(",", $r["groups_name"]); + $groups = array(); + for($i = 0; $i < count($groups_id); $i++){ + $groups[ $groups_id[$i] ] = $groups_names[$i]; + } + + $user = new User($db); + + // array("login","external_id","id","display_name","auth_method","is_admin","group"); + $user-> set_properties( + array( + "login" => $r["login"], + "id" => $r["id"], + "display_name" => $r["display_name"], + "external_id" => $r["external_id"], + "auth_method" => $r["auth_method"], + "is_admin" => ($r["is_admin"] == "1"), + "groups" => $groups + ) + ); + $list[] = $user; + } + return $list; + } + + + } \ No newline at end of file diff --git a/User_Sql.php b/User_Sql.php index 3a8c41a..ec68e34 100644 --- a/User_Sql.php +++ b/User_Sql.php @@ -32,7 +32,7 @@ class User_Sql extends User { { $stmt = $this->db->prepare( - "SELECT id,display_name,password + "SELECT id,display_name,password,admin FROM users WHERE login=:login AND active=1 @@ -45,10 +45,12 @@ class User_Sql extends User { //check password if(password_verify($password,$r["password"])){ + $this->is_connected = true; $this->display_name = $r["display_name"]; $this->id = $r['id']; $this->auth_method = 'sql'; + $this->is_admin = ($r["admin"] == '1')? true : false; return $this; }