groups wip
This commit is contained in:
parent
ba80c4f945
commit
29b8b28b90
64
User.php
64
User.php
|
|
@ -3,25 +3,34 @@
|
||||||
class User
|
class User
|
||||||
{
|
{
|
||||||
protected $is_connected = false;
|
protected $is_connected = false;
|
||||||
|
protected $login;
|
||||||
protected $external_id; //the user's ID on the external auth system (Object SID on LDAP)
|
protected $external_id; //the user's ID on the external auth system (Object SID on LDAP)
|
||||||
protected $id; //the internal id to store locally user's datas
|
protected $id; //the internal id to store locally user's datas
|
||||||
protected $display_name;
|
protected $display_name;
|
||||||
protected $auth_method;
|
protected $auth_method;
|
||||||
protected $groups =array();
|
protected $is_admin = false;
|
||||||
|
protected $groups = null;
|
||||||
|
|
||||||
protected $db;
|
protected $db;
|
||||||
|
|
||||||
public function __sleep(){
|
public function __sleep(){
|
||||||
return array('is_connected','external_id','id','display_name','auth_method','groups');
|
return array('is_connected','external_id','id','display_name','auth_method','groups','is_admin','login');
|
||||||
}
|
}
|
||||||
|
|
||||||
public function get_id()
|
public function get_display_name()
|
||||||
{
|
{
|
||||||
if($this->is_connected){
|
return $this->display_name;
|
||||||
|
}
|
||||||
|
public function get_id($force = false)
|
||||||
|
{
|
||||||
|
if($this->is_connected || $force){
|
||||||
return $this->id;
|
return $this->id;
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
public function is_admin(){
|
||||||
|
return $this->is_admin;
|
||||||
|
}
|
||||||
public function is_connected()
|
public function is_connected()
|
||||||
{
|
{
|
||||||
return $this->is_connected;
|
return $this->is_connected;
|
||||||
|
|
@ -34,8 +43,37 @@ class User
|
||||||
}
|
}
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
public function get_groups()
|
public function load_groups()
|
||||||
{
|
{
|
||||||
|
$this->groups = array();
|
||||||
|
$tableUsers = User_Manager::get_table_users_str();
|
||||||
|
$tableGroups = User_Manager::get_table_groups_str();
|
||||||
|
$tableRel = $tableUsers . "_" . $tableGroups ." _rel";
|
||||||
|
|
||||||
|
$sql = "
|
||||||
|
SELECT
|
||||||
|
$tableRel.group_id as id,
|
||||||
|
$tableGroups.name as name
|
||||||
|
FROM
|
||||||
|
$tableRel, $tableGroups
|
||||||
|
WHERE $tableRel.group_id = $tableGroups.id
|
||||||
|
AND $tableRel.user_id=:user_id;
|
||||||
|
";
|
||||||
|
$rs = $this->$db->prepare($sql);
|
||||||
|
$rs->execute( array(":id" => $this->get_id()) );
|
||||||
|
$groups = $rs->fetchAll(PDO::FETCH_ASSOC);
|
||||||
|
foreach($groups as $group)
|
||||||
|
{
|
||||||
|
$this->groups[ $group["id"] ] = $group["name"];
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
public function get_groups($forceRefresh = false)
|
||||||
|
{
|
||||||
|
if(is_null($this->groups) || $forceRefresh) {
|
||||||
|
//les groupes n'ont pas été initialisés pour cet user
|
||||||
|
$this->load_groups();
|
||||||
|
}
|
||||||
return $this->groups;
|
return $this->groups;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -47,5 +85,19 @@ class User
|
||||||
public function __construct(PDO $db){
|
public function __construct(PDO $db){
|
||||||
$this->db = $db;
|
$this->db = $db;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
*
|
||||||
|
*/
|
||||||
|
public function set_properties($properties)
|
||||||
|
{
|
||||||
|
$setableProperties = array("login","external_id","id","display_name","auth_method","is_admin","groups");
|
||||||
|
foreach ($setableProperties as $setableProperty){
|
||||||
|
if(isset($properties[$setableProperty])){
|
||||||
|
$this->$setableProperty = $properties[$setableProperty];
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return $this;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
||||||
100
User_Manager.php
100
User_Manager.php
|
|
@ -6,9 +6,24 @@ class User_Manager
|
||||||
private static $table_users = 'users';
|
private static $table_users = 'users';
|
||||||
private static $table_groups = 'groups';
|
private static $table_groups = 'groups';
|
||||||
|
|
||||||
|
|
||||||
//could append 'ldap', 'cas':
|
//could append 'ldap', 'cas':
|
||||||
private static $available_auth_methods = array('local');
|
private static $available_auth_methods = array('local');
|
||||||
|
|
||||||
|
|
||||||
|
public static function get_table_users_str()
|
||||||
|
{
|
||||||
|
return self::$table_users;
|
||||||
|
}
|
||||||
|
public static function get_table_groups_str()
|
||||||
|
{
|
||||||
|
return self::$table_groups;
|
||||||
|
}
|
||||||
|
public static function get_table_users_groups_rel_str()
|
||||||
|
{
|
||||||
|
return self::get_table_users_str() . "_" . self::get_table_groups_str() ."_rel";
|
||||||
|
}
|
||||||
|
|
||||||
const QUERY_CREATE_TABLE_USERS = "
|
const QUERY_CREATE_TABLE_USERS = "
|
||||||
CREATE TABLE %table_users% (
|
CREATE TABLE %table_users% (
|
||||||
`id` int(11) NOT NULL AUTO_INCREMENT,
|
`id` int(11) NOT NULL AUTO_INCREMENT,
|
||||||
|
|
@ -44,6 +59,14 @@ class User_Manager
|
||||||
);
|
);
|
||||||
";
|
";
|
||||||
|
|
||||||
|
const QUERY_CREATE_DEFAULT_GROUPS = "
|
||||||
|
INSERT INTO %table_groups% (id,name,active,created_time,created_by,updated_time,updated_by)
|
||||||
|
VALUES ('0','Administrateurs','1',NOW(),'0',NOW(),'0'),
|
||||||
|
('1','Responsables sécurité','1',NOW(),'0',NOW(),'0'),
|
||||||
|
('2','Agent de prévention HSE','1', NOW(),'0',NOW(),'0')
|
||||||
|
;
|
||||||
|
";
|
||||||
|
|
||||||
const QUERY_CREATE_REL_USERS_GROUPS = "
|
const QUERY_CREATE_REL_USERS_GROUPS = "
|
||||||
CREATE TABLE `%table_users%_%table_groups%_rel` (
|
CREATE TABLE `%table_users%_%table_groups%_rel` (
|
||||||
`user_id` int(11) NOT NULL,
|
`user_id` int(11) NOT NULL,
|
||||||
|
|
@ -76,6 +99,7 @@ class User_Manager
|
||||||
str_replace($searched,$replace,self::QUERY_CREATE_SYSTEM_USER),
|
str_replace($searched,$replace,self::QUERY_CREATE_SYSTEM_USER),
|
||||||
str_replace($searched,$replace,self::QUERY_CREATE_TABLE_GROUPS),
|
str_replace($searched,$replace,self::QUERY_CREATE_TABLE_GROUPS),
|
||||||
str_replace($searched,$replace,self::QUERY_CREATE_REL_USERS_GROUPS),
|
str_replace($searched,$replace,self::QUERY_CREATE_REL_USERS_GROUPS),
|
||||||
|
str_replace($searched,$replace,self::QUERY_CREATE_DEFAULT_GROUPS)
|
||||||
);
|
);
|
||||||
foreach($queries as $query)
|
foreach($queries as $query)
|
||||||
{
|
{
|
||||||
|
|
@ -87,7 +111,7 @@ class User_Manager
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public function authentificate($db,$login, $password){
|
public function authentificate(PDO $db, STRING $login, STRING $password){
|
||||||
|
|
||||||
foreach(self::$available_auth_methods as $method){
|
foreach(self::$available_auth_methods as $method){
|
||||||
|
|
||||||
|
|
@ -109,4 +133,78 @@ class User_Manager
|
||||||
|
|
||||||
return $user;
|
return $user;
|
||||||
}
|
}
|
||||||
|
public static function add_user_to_group(PDO $db, $userId,$groupId)
|
||||||
|
{
|
||||||
|
$tableRel = self::get_table_users_groups_rel_str();
|
||||||
|
$sql = "INSERT INTO $tableRel (user_id,group_id) VALUES (:userid, :groupid)";
|
||||||
|
$rs = $db->prepare($sql);
|
||||||
|
|
||||||
|
$rs->execute( array(
|
||||||
|
":userid" => $userId,
|
||||||
|
":groupid" => $groupId
|
||||||
|
));
|
||||||
|
|
||||||
|
}
|
||||||
|
/*
|
||||||
|
* Return an array of users objects.
|
||||||
|
* is_connected for each ones is set to false
|
||||||
|
*/
|
||||||
|
public static function get_users_list(PDO $db, $activesOnly = true)
|
||||||
|
{
|
||||||
|
$tableUsers = self::get_table_users_str();
|
||||||
|
$tableGroups = self::get_table_groups_str();
|
||||||
|
$tableRel = $tableUsers . "_" . $tableGroups ."_rel";
|
||||||
|
|
||||||
|
$list = array();
|
||||||
|
|
||||||
|
$sql = "
|
||||||
|
SELECT
|
||||||
|
$tableUsers.id as id,
|
||||||
|
$tableUsers.login as login,
|
||||||
|
$tableUsers.display_name as display_name,
|
||||||
|
$tableUsers.auth_method as auth_method,
|
||||||
|
$tableUsers.external_uid as external_id,
|
||||||
|
$tableUsers.admin as is_admin,
|
||||||
|
$tableUsers.active as active,
|
||||||
|
GROUP_CONCAT(groupsrel.group_id SEPARATOR \",\") as groups_ids,
|
||||||
|
GROUP_CONCAT(groups.name SEPARATOR \",\") as groups_name
|
||||||
|
FROM
|
||||||
|
$tableUsers LEFT JOIN $tableRel as groupsrel ON groupsrel.user_id = $tableUsers.id
|
||||||
|
LEFT JOIN $tableGroups as groups ON groups.id = groupsrel.group_id
|
||||||
|
GROUP BY $tableUsers.id;
|
||||||
|
";
|
||||||
|
|
||||||
|
$rs = $db->query($sql);
|
||||||
|
|
||||||
|
while ($r = $rs->fetch())
|
||||||
|
{
|
||||||
|
|
||||||
|
$groups_id = explode(",", $r["groups_ids"]);
|
||||||
|
$groups_names = explode(",", $r["groups_name"]);
|
||||||
|
$groups = array();
|
||||||
|
for($i = 0; $i < count($groups_id); $i++){
|
||||||
|
$groups[ $groups_id[$i] ] = $groups_names[$i];
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = new User($db);
|
||||||
|
|
||||||
|
// array("login","external_id","id","display_name","auth_method","is_admin","group");
|
||||||
|
$user-> set_properties(
|
||||||
|
array(
|
||||||
|
"login" => $r["login"],
|
||||||
|
"id" => $r["id"],
|
||||||
|
"display_name" => $r["display_name"],
|
||||||
|
"external_id" => $r["external_id"],
|
||||||
|
"auth_method" => $r["auth_method"],
|
||||||
|
"is_admin" => ($r["is_admin"] == "1"),
|
||||||
|
"groups" => $groups
|
||||||
|
)
|
||||||
|
);
|
||||||
|
$list[] = $user;
|
||||||
|
}
|
||||||
|
return $list;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
@ -32,7 +32,7 @@ class User_Sql extends User {
|
||||||
{
|
{
|
||||||
|
|
||||||
$stmt = $this->db->prepare(
|
$stmt = $this->db->prepare(
|
||||||
"SELECT id,display_name,password
|
"SELECT id,display_name,password,admin
|
||||||
FROM users
|
FROM users
|
||||||
WHERE login=:login
|
WHERE login=:login
|
||||||
AND active=1
|
AND active=1
|
||||||
|
|
@ -45,10 +45,12 @@ class User_Sql extends User {
|
||||||
|
|
||||||
//check password
|
//check password
|
||||||
if(password_verify($password,$r["password"])){
|
if(password_verify($password,$r["password"])){
|
||||||
|
|
||||||
$this->is_connected = true;
|
$this->is_connected = true;
|
||||||
$this->display_name = $r["display_name"];
|
$this->display_name = $r["display_name"];
|
||||||
$this->id = $r['id'];
|
$this->id = $r['id'];
|
||||||
$this->auth_method = 'sql';
|
$this->auth_method = 'sql';
|
||||||
|
$this->is_admin = ($r["admin"] == '1')? true : false;
|
||||||
|
|
||||||
return $this;
|
return $this;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue
Block a user