Home Explore Help
Sign In
idleman
/
hackpoint
1
0
Fork 0
Files Issues 11 Pull Requests 0 Wiki
Tree: 09cfb70448
Branches Tags
hackpoint
/
class
/
User.class.php

User.class.php 13 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  * Define an application user.
    5. 

  5.  * @author valentin carruesco
    6. 

  6.  * @category Core
    7. 

  7.  * @license copyright
    8. 

  8.  */
    9. 

  9. class User extends Entity
    10. 

  10. {
    11. 

  11.     public $id,$login,$password,$function,$name,$firstname,$mail,
    12. 

  12.     $state,$rights,$firms,$superadmin,$token,
    13. 

  13.     $preferences,$phone,$mobile,
    14. 

  14.     $groups,$ranks,$manager,$service,$origin,$meta;
    15. 

  15. 

  16.     protected $fields =
    17. 

  17.     array(
    18. 

  18.         'id' => 'key',
    19. 

  19.         'login' => 'string',
    20. 

  20.         'password' => 'string',
    21. 

  21.         'name' => 'string',
    22. 

  22.         'function' => 'string',
    23. 

  23.         'firstname' => 'string',
    24. 

  24.         'token' => 'string',
    25. 

  25.         'mail' => 'string',
    26. 

  26.         'state' => 'string',
    27. 

  27.         'phone' => 'string',
    28. 

  28.         'mobile' => 'string',
    29. 

  29.         'manager' => 'string',
    30. 

  30.         'origin' => 'string',
    31. 

  31.         'service' => 'string',
    32. 

  32.         'superadmin' => 'int'
    33. 

  33.     );
    34. 

  34. 

  35.     function  __construct(){
    36. 

  36.         parent::__construct();
    37. 

  37.         $this->token = self::generateToken();
    38. 

  38.         $this->meta = array();
    39. 

  39.     }
    40. 

  40. 

  41.     public static function getAll($loadRight=true, $force=false){
    42. 

  42.         $users = array();
    43. 

  43.         if(isset($_SESSION['users']))
    44. 

  44.             $users = unserialize($_SESSION['users']);
    45. 

  45. 

  46.         if(empty($users) || $force){
    47. 

  47.             Plugin::callHook('user_load',array(&$users, $loadRight));
    48. 

  48.             uasort($users, function($a, $b){ return strcmp($a->name, $b->name); });
    49. 

  49. 

  50.             foreach (self::loadAll(array('state'=>User::ACTIVE), array(' name ASC ')) as $baseUser) {
    51. 

  51.                 $existingKey = null;
    52. 

  52. 

  53.                 if($loadRight){
    54. 

  54.                     if(!isset($baseUser->ranks)) $baseUser->ranks = array();
    55. 

  55.                     if(!isset($baseUser->firms)) $baseUser->firms = array();
    56. 

  56.                     $baseUser->loadRanks();
    57. 

  57.                     $baseUser->loadRights();
    58. 

  58.                 }
    59. 

  59.                 if(isset($baseUser->manager) && $baseUser->manager!="") $baseUser->manager = User::load(array('login'=>$baseUser->manager));
    60. 

  60. 

  61.                 foreach ($users as $key => $otherUser) {
    62. 

  62.                     //permet la predominance des users db sur les user foreign type type
    63. 

  63.                     if($otherUser->login == $baseUser->login){
    64. 

  64.                         $existingKey = $key;
    65. 

  65.                         break;
    66. 

  66.                     }
    67. 

  67.                 }
    68. 

  68.                 if(isset($existingKey)){
    69. 

  69.                     $users[$existingKey] = $baseUser;
    70. 

  70.                 }else{
    71. 

  71.                     $users[] = $baseUser;
    72. 

  72.                 } 
    73. 

  73.             }
    74. 

  74.             $_SESSION['users'] = serialize($users);
    75. 

  75.         }
    76. 

  76. 

  77.         return $users;
    78. 

  78.     }
    79. 

  79.     
    80. 

  80.     public function __sleep(){
    81. 

  81.         return array_merge(array('rights','ranks','firms','preferences','meta'),array_keys($this->toArray()));
    82. 

  82.     }
    83. 

  83. 

  84.     public function can($section,$right){
    85. 

  85.         if($this->superadmin == 1) return true;
    86. 

  86.         global $myFirm;
    87. 

  87.         $firm = is_object($myFirm) && $myFirm->id !=0 ? $myFirm->id : 0;
    88. 

  88. 

  89.         if(isset($this->rights[$section][$firm][$right])){
    90. 

  90.             return $this->rights[$section][$firm][$right]==1;
    91. 

  91.         }
    92. 

  92.         if(isset($this->rights[$section][0][$right])){
    93. 

  93.             return $this->rights[$section][0][$right]==1;
    94. 

  94.         }
    95. 

  95.         return false;
    96. 

  96.     }
    97. 

  97. 

  98.     //Lance les exception appropriées en fonction du droit ou des droits spécifiés
    99. 

  99.     // ex : User::checkAccess('document','configure');
    100. 

  100.     public static function check_access($section,$right){
    101. 

  101.         global $myUser;
    102. 

  102.         if(!isset($myUser) || !is_object($myUser) || !$myUser->connected()) throw new Exception("Contrôle d'accès - Vous devez être connecté",401);
    103. 

  103.         if(!$myUser->can($section,$right)) throw new Exception("Contrôle d'accès - Permissions insuffisantes",403);
    104. 

  104.     }
    105. 

  105. 

  106.     public function hasRank($rankId){
    107. 

  107.         if($this->superadmin) return true;
    108. 

  108.         $rankIds = array();
    109. 

  109.         global $myFirm;
    110. 

  110.         if(empty($this->ranks) || !isset($this->ranks[$myFirm->id])) return false;
    111. 

  111.         foreach ($this->ranks[$myFirm->id] as $rank)
    112. 

  112.             $rankIds[$rank->id] = true;
    113. 

  113.         return isset($rankIds[$rankId]);
    114. 

  114.     }
    115. 

  115. 

  116.     public function preference($key=null, $value=null){   
    117. 

  117.         if(!isset($key) && !isset($value)) return $this->preferences;
    118. 

  118.         if(isset($key) && !isset($value)) return isset($this->preferences[$key])?$this->preferences[$key]:'';
    119. 

  119. 

  120.         if(isset($key) && isset($value)){
    121. 

  121.             $this->preferences[$key] = $value;
    122. 

  122.             $preference = UserPreference::load(array('key'=>$key,'user'=>$this->login));
    123. 

  123.             if(!$preference) $preference = new UserPreference();
    124. 

  124.             $preference->key = $key;
    125. 

  125.             $preference->value = $value;
    126. 

  126.             $preference->user = $this->login;
    127. 

  127.             $preference->save();
    128. 

  128.         }
    129. 

  129.     }
    130. 

  130. 

  131.     public function loadRanks(){
    132. 

  132.         foreach (UserFirmRank::loadAll(array('user'=>$this->login), null,  null,  array('*'),1) as $firmRank) {
    133. 

  133.             $rank = $firmRank->join('rank');
    134. 

  134.             $firm = $firmRank->join('firm');
    135. 

  135.             $this->firms[$firm->id] = $firm;
    136. 

  136.             if(!isset($this->ranks[$firmRank->firm])) $this->ranks[$firmRank->firm] = array();
    137. 

  137.             $this->ranks[$firmRank->firm][$rank->id]= $rank;
    138. 

  138.         }
    139. 

  139.     }
    140. 

  140. 

  141.     public function loadPreferences(){
    142. 

  142.         $this->preferences = array();
    143. 

  143.         foreach(UserPreference::loadAll(array('user'=>$this->login)) as $line):
    144. 

  144.             $this->preferences[$line->key] = $line->value;
    145. 

  145.         endforeach;
    146. 

  146.     }
    147. 

  147. 

  148.     
    149. 

  149.     public function loadRights(){
    150. 

  150.         global $myFirm;
    151. 

  151.         $this->rights = array();
    152. 

  152.         if($this->superadmin) return;
    153. 

  153.         
    154. 

  154.         if(!isset($this->ranks)) $this->ranks = array();
    155. 

  155.         if(!isset($myFirm) || !isset($this->ranks[$myFirm->id]) || count($this->ranks[$myFirm->id])==0) return;
    156. 

  156. 

  157.         $ranksId = array();
    158. 

  158.         foreach($this->ranks[$myFirm->id] as $rank){
    159. 

  159.             if(!isset($rank->id) || !is_numeric($rank->id)) continue;
    160. 

  160.             $ranksId[] = $rank->id;
    161. 

  161.         }
    162. 

  162.         if(count($ranksId)==0) return;
    163. 

  163. 

  164.         $rights = Right::staticQuery('SELECT * FROM {{table}} WHERE rank IN('.implode(',',$ranksId).')',array(),true);
    165. 

  165.         foreach($rights as $right):
    166. 

  166.             //Pour le premier rang qui aborde cette section on met tous les droits à false
    167. 

  167.             if(!isset($this->rights[$right->section][$right->firm])){
    168. 

  168.                 $this->rights[$right->section][$right->firm] = array(
    169. 

  169.                     'read' => false,
    170. 

  170.                     'edit' => false,
    171. 

  171.                     'delete' => false,
    172. 

  172.                     'configure' => false
    173. 

  173.                 );
    174. 

  174.             }
    175. 

  175.             //Puis on complete uniquement les droits à true sur la section pour chaques rangs additionnels
    176. 

  176.             if($right->read) $this->rights[$right->section][$right->firm]['read'] = true;
    177. 

  177.             if($right->edit) $this->rights[$right->section][$right->firm]['edit'] = true;
    178. 

  178.             if($right->delete) $this->rights[$right->section][$right->firm]['delete'] = true;
    179. 

  179.             if($right->configure) $this->rights[$right->section][$right->firm]['configure'] = true;
    180. 

  180.         endforeach;
    181. 

  181.     }
    182. 

  182.     
    183. 

  183.     public function getFirms(){
    184. 

  184.         $this->firms = array();
    185. 

  185.         foreach(Firm::staticQuery('SELECT f.* FROM {{table}} f LEFT JOIN '.UserFirmRank::tableName().' uf ON uf.firm=f.id WHERE uf.user=?',array($this->login),true) as $firm):
    186. 

  186. 

  187.             $this->firms[$firm->id] = $firm;
    188. 

  188.         endforeach;
    189. 

  189.     }
    190. 

  190. 

  191.     public function haveFirm($id){
    192. 

  192.         return in_array($id, array_keys($this->firms));
    193. 

  193.     }
    194. 

  194. 

  195.     public function getAvatar($getPath = false){
    196. 

  196.         $avatar = 'img/default-avatar.png';
    197. 

  197.         $files = glob(__ROOT__.FILE_PATH.AVATAR_PATH.$this->login.'.{jpg,png,jpeg,gif}',GLOB_BRACE);
    198. 

  198.         if(count($files)>0){
    199. 

  199.             if($getPath) return $files[0];
    200. 

  200.             preg_match("/\.(\w{3,4})$|\?/m", $files[0], $extension);
    201. 

  201.             $avatar = 'action.php?action=account_avatar_download&user='.$this->login.'&extension='.$extension[1];
    202. 

  202.         }
    203. 

  203.         return $avatar;
    204. 

  204.     }
    205. 

  205. 

  206.     public static function check($login, $password, $loadRight = true) {   
    207. 

  207.         global $myFirm;
    208. 

  208.         $user = self::load(array('login' => $login, 'password' => self::password_encrypt($password)));
    209. 

  209.         
    210. 

  210.         //load from plugins
    211. 

  211.         Plugin::callHook("user_login", array(&$user,$login,$password,$loadRight));
    212. 

  212. 

  213.         //load from db
    214. 

  214.         if($user!=false){
    215. 

  215.             $user->ranks = empty($user->ranks) ? array() : $user->ranks;
    216. 

  216.             $user->firms = empty($user->firms) ? array() : $user->firms;
    217. 

  217.             if(isset($user->manager) && !empty($user->manager) && !is_object($user->manager)) $user->manager = self::byLogin($user->manager);
    218. 

  218.             $user->loadRanks();
    219. 

  219.             $user->loadPreferences();
    220. 

  220. 

  221.             if($user->superadmin == 1){
    222. 

  222.                 foreach(Firm::loadAll() as $firm)
    223. 

  223.                     $firms[$firm->id] = $firm;
    224. 

  224.                 $user->setFirms($firms);
    225. 

  225.             }
    226. 

  226. 

  227.             if(!empty($user->firms)){
    228. 

  228.                 $defaultFirm = !empty($user->preference('default_firm')) ? $user->preferences['default_firm'] : key($user->firms);
    229. 

  229.                 $myFirm = isset($user->firms[$defaultFirm]) ? $user->firms[$defaultFirm]:reset($user->firms);
    230. 

  230.                 if(!isset($user->firms[$defaultFirm])) $user->preference('default_firm',$myFirm->id);
    231. 

  231.             }
    232. 

  232.             if($loadRight) $user->loadRights();
    233. 

  233.         }
    234. 

  234. 

  235.         $user = is_object($user) ? $user : new self();
    236. 

  236.         return $user;
    237. 

  237.     }
    238. 

  238. 

  239.     public static function byLogin($login,$loadRight=true){
    240. 

  240.         foreach(User::getAll($loadRight) as $user)
    241. 

  241.             if($user->login == $login) return $user;
    242. 

  242.         return new User();
    243. 

  243.     }
    244. 

  244. 

  245.     public function fullName()
    246. 

  246.     {
    247. 

  247.         $fullName = ucfirst($this->firstname).' '.mb_strtoupper($this->name);
    248. 

  248.         return trim($fullName) != '' ? $fullName : $this->login;
    249. 

  249.     }
    250. 

  250. 

  251.     public function initials(){
    252. 

  252.         $firstname = str_replace(array(' ','\''),'-',$this->firstname);
    253. 

  253.         $firstname = explode('-',$firstname);
    254. 

  254.         $result = '';
    255. 

  255.         foreach($firstname as $pren){
    256. 

  256.             $result.= strtoupper(substr($pren,0,1));
    257. 

  257.         }
    258. 

  258.         return $result.strtoupper(substr($this->name,0,1));
    259. 

  259. 

  260.     }
    261. 

  261. 

  262.      public function subordinates(){
    263. 

  263.         $subordinates = array();
    264. 

  264.         foreach (User::getAll() as $user) {
    265. 

  265.             if(is_object($user->manager) && $user->manager->login == $this->login) $subordinates[] = $user;
    266. 

  266.         }
    267. 

  267.         return $subordinates;
    268. 

  268.     }
    269. 

  269. 

  270.     public static function password_formats(){
    271. 

  271.         $formats = array(
    272. 

  272.             array('pattern'=>'|[0-9]|i','label'=>'Le mot de passe doit comporter au minimum 1 chiffre (norme ANSSI)'),
    273. 

  273.             array('pattern'=>'|[A-Z]|','label'=>'Le mot de passe doit comporter au minimum 1 majuscule (norme ANSSI)'),
    274. 

  274.             array('pattern'=>'|[^A-Za-z0-9éèêëàäâïîöôûüù]|i','label'=>'Le mot de passe doit comporter au minimum 1 caractère spécial (norme ANSSI)'),
    275. 

  275.             array('pattern'=>'|.{6,}|','label'=>'Le mot de passe doit comporter au minimum 6 caractères'),
    276. 

  276.             array('pattern'=>'|.{12,}|','label'=>'Le mot de passe doit comporter au minimum 12 caractères (norme ANSSI)'),
    277. 

  277.         );
    278. 

  278.         return $formats;
    279. 

  279.     }
    280. 

  280. 

  281.     public static function check_password_format($password){
    282. 

  282.         global $conf;
    283. 

  283.         $errors = array();
    284. 

  284.         $formats = array();
    285. 

  285.         foreach (self::password_formats() as $format) {
    286. 

  286.             $formats[$format['pattern']] = $format;
    287. 

  287.         } 
    288. 

  288.         $selectedFormats = json_decode($conf->get('password_format'),true);
    289. 

  289. 

  290.         if(is_array($selectedFormats)){
    291. 

  291.             foreach($selectedFormats as $pattern){
    292. 

  292.                 if(!isset($formats[$pattern])) continue;
    293. 

  293.                 $format = $formats[$pattern];
    294. 

  294.                 if(!preg_match($pattern, $password)) $errors[] = $format['label'];
    295. 

  295.             }
    296. 

  296.         }
    297. 

  297.         return $errors;
    298. 

  298.     }
    299. 

  299. 

  300. 

  301. 

  302.     public static function password_encrypt($password){
    303. 

  303.         return sha1(md5($password));
    304. 

  304.     }
    305. 

  305. 

  306.     public function connected(){
    307. 

  307.         return !empty($this->login);
    308. 

  308.     }
    309. 

  309. 

  310.     public function setLogin($login){
    311. 

  311.         $this->login = $login;
    312. 

  312.     }
    313. 

  313. 

  314.     public function setName($name){
    315. 

  315.         $this->name = $name;
    316. 

  316.     }
    317. 

  317. 

  318.     public function setFirstName($firstname){
    319. 

  319.         $this->firstname = $firstname;
    320. 

  320.     }
    321. 

  321. 

  322.     public function setMail($mail){
    323. 

  323.         $this->mail = $mail;
    324. 

  324.     }
    325. 

  325. 

  326.     public function setPhone($phone){
    327. 

  327.         $this->phone = $phone;
    328. 

  328.     }
    329. 

  329. 

  330.     public function setMobile($mobile){
    331. 

  331.         $this->mobile = $mobile;
    332. 

  332.     }
    333. 

  333. 

  334.     public function setFunction($function){
    335. 

  335.         $this->function = $function;
    336. 

  336.     }
    337. 

  337. 

  338.     public function setGroups($groups){
    339. 

  339.         $this->groups = $groups;
    340. 

  340.     }
    341. 

  341. 

  342.     public static function generateToken(){
    343. 

  343.         return substr(md5(uniqid(rand(), true)),0,10);
    344. 

  344.     }
    345. 

  345. 

  346.     public function getGroups(){
    347. 

  347.         return (is_array($this->groups) ? $this->groups : array());
    348. 

  348.     }
    349. 

  349. 

  350.     public function setFirms($firms){
    351. 

  351.         if(empty($firms)) return;
    352. 

  352.         $this->firms = $firms;
    353. 

  353.     }
    354. 

  354. 

  355.         //Retourne un objet manager (User vide si pas de manager) quel que soit le provider d'entré (ad : objet, db: login)
    356. 

  356.     public function manager(){
    357. 

  357.         $manager = new User();
    358. 

  358.         if(!isset($this->manager)) return $manager;
    359. 

  359.         if(is_object($this->manager)) $manager = $this->manager;
    360. 

  360.         if(is_string($this->manager) && !empty($this->manager)) $manager = User::byLogin($this->manager);
    361. 

  361.        
    362. 

  362.         return is_object($manager) ? $manager: new User();
    363. 

  363.     }
    364. 

  364. }
    365.