/**
* @return Rest_Token
*/
public function generateTokenForUser(PFUser $user)
{
$number_generator = new RandomNumberGenerator();
$token = $number_generator->getNumber();
$this->token_dao->addTokenForUserId($user->getId(), $token, $_SERVER['REQUEST_TIME']);
return new Rest_Token($user->getId(), $token);
}
/**
* Add a new user into a given project
*
* @param Integer $group_id Project id
* @param PFUser $user User to add
*
* @return Boolean
*/
function account_add_user_obj_to_group($group_id, PFUser $user)
{
//user was found but if it's a pending account adding
//is not allowed
if (!$user->isActive() && !$user->isRestricted()) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'account_notactive', $user->getUserName()));
return false;
}
//if not already a member, add it
$res_member = db_query("SELECT user_id FROM user_group WHERE user_id=" . $user->getId() . " AND group_id='" . db_ei($group_id) . "'");
if (db_numrows($res_member) < 1) {
//not already a member
db_query("INSERT INTO user_group (user_id,group_id) VALUES (" . db_ei($user->getId()) . "," . db_ei($group_id) . ")");
//if no unix account, give them a unix_uid
if ($user->getUnixStatus() == 'N' || !$user->getUnixUid()) {
$user->setUnixStatus('A');
$um = UserManager::instance();
$um->assignNextUnixUid($user);
$um->updateDb($user);
}
// Raise an event
$em = EventManager::instance();
$em->processEvent('project_admin_add_user', array('group_id' => $group_id, 'user_id' => $user->getId(), 'user_unix_name' => $user->getUserName()));
$GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('include_account', 'user_added'));
account_send_add_user_to_group_email($group_id, $user->getId());
group_add_history('added_user', $user->getUserName(), $group_id, array($user->getUserName()));
return true;
} else {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'user_already_member'));
}
return false;
}
public function addUserAsProjectAdmin(Project $project, PFUser $user)
{
$project_id = $this->da->escapeInt($project->getId());
$user_id = $this->da->escapeInt($user->getId());
$sql = "UPDATE user_group\n SET admin_flags = 'A'\n WHERE group_id = {$project_id}\n AND user_id = {$user_id}";
return $this->update($sql);
}
public function __construct(PFUser $current_user, Project $project, $milestone_id)
{
$this->user_id = $current_user->getId();
$this->lang = $this->getLanguageAbbreviation($current_user);
$this->project_id = $project->getId();
$this->milestone_id = $milestone_id;
$this->view_mode = $current_user->getPreference('agiledashboard_planning_item_view_mode_' . $this->project_id);
}
private function createChangesetId(Tracker_Artifact $artifact, PFUser $submitter, $submitted_on)
{
$email = null;
if ($submitter->isAnonymous()) {
$email = $submitter->getEmail();
}
return $this->changeset_dao->create($artifact->getId(), $submitter->getId(), $email, $submitted_on);
}
/**
* Return the Tracker object that correspond to the given request
*
* @param Codendi_Request $request The request
* @param PFUser $user Who access the request
*
* @return Tracker_Dispatchable_Interface
*/
function getDispatchableFromRequest(Codendi_Request $request, PFUser $user)
{
if ((int) $request->get('aid')) {
if ($artifact = $this->getArtifactFactory()->getArtifactByid($request->get('aid'))) {
return $artifact;
} else {
throw new Tracker_ResourceDoesntExistException($GLOBALS['Language']->getText('plugin_tracker_common_type', 'artifact_not_exist'));
}
} else {
if ((int) $request->get('report')) {
$store_in_session = true;
if ($request->exist('store_in_session')) {
$store_in_session = (bool) $request->get('store_in_session');
}
if ($report = $this->getArtifactReportFactory()->getReportById($request->get('report'), $user->getId(), $store_in_session)) {
return $report;
} else {
throw new Tracker_ResourceDoesntExistException($GLOBALS['Language']->getText('plugin_tracker_common_type', 'report_not_exist'));
}
} else {
if ((int) $request->get('tracker') || (int) $request->get('atid')) {
$tracker_id = (int) $request->get('tracker');
if (!$tracker_id) {
$tracker_id = (int) $request->get('atid');
}
if ($tracker = $this->getTrackerFactory()->getTrackerByid($tracker_id)) {
return $tracker;
} else {
throw new Tracker_ResourceDoesntExistException($GLOBALS['Language']->getText('plugin_tracker_common_type', 'tracker_not_exist'));
}
} else {
if ((int) $request->get('formElement')) {
if ($formElement = $this->getTracker_FormElementFactory()->getFormElementByid($request->get('formElement'))) {
return $formElement;
}
} else {
if ($request->get('func') == 'new-artifact-link') {
if ($artifact = Tracker_ArtifactFactory::instance()->getArtifactByid($request->get('id'))) {
return $artifact;
} else {
throw new Tracker_ResourceDoesntExistException($GLOBALS['Language']->getText('plugin_tracker_common_type', 'artifact_not_exist'));
}
} else {
if ((int) $request->get('link-artifact-id')) {
if ($artifact = Tracker_ArtifactFactory::instance()->getArtifactByid($request->get('link-artifact-id'))) {
return $artifact;
} else {
throw new Tracker_ResourceDoesntExistException($GLOBALS['Language']->getText('plugin_tracker_common_type', 'artifact_not_exist'));
}
}
}
}
}
}
}
throw new Tracker_NoMachingResourceException();
}
/**
* Remove all pair done with user account
*/
public function removePair(PFUser $user)
{
$user_id = $user->getId();
$dar = $this->dao->searchOpenidUrlsForUserId($user_id);
if ($dar->count()) {
$row = $dar->getRow();
$this->dao->removeConnexionStringForUserId($row['connexion_string'], $user_id);
}
}
/**
* Add forecast date for suspended user
*
* @param PFUser user
*
*/
public function addUserDeletionForecastDate(PFUser $user)
{
$directoryCleanUpDao = $this->getLDAPDirectoryCleanUpDao();
$deletionDate = $_SERVER['REQUEST_TIME'] + $this->retentionPeriod * 24 * 60 * 60;
$creationResult = $directoryCleanUpDao->createForecastDeletionDate($user->getId(), $deletionDate);
if (!$creationResult) {
$this->getBackendLogger()->error("[LDAP Clean Up] Error when adding forecast deletion date to user " . $user->getUserName());
} else {
$this->getBackendLogger()->info("[LDAP Clean Up] Forecast deletion date added to user " . $user->getUserName());
}
}
public function __construct(PFUser $owner, $id, $url, $hostname, $name)
{
$this->id = $id;
$this->url = $url;
$this->hostname = $hostname;
$this->owner = $owner;
$this->name = $name;
$this->ssh_key = $owner->getAuthorizedKeysRaw() ? $owner->getAuthorizedKeysRaw() : '';
$this->owner_name = $owner->getName();
$this->owner_id = $owner->getId();
}
public function __construct(PFUser $current_user, Project $project, $milestone_id, $milestone_representation, $paginated_backlog_items_representations, $paginated_milestones_representations)
{
$this->user_id = $current_user->getId();
$this->lang = $this->getLanguageAbbreviation($current_user);
$this->project_id = $project->getId();
$this->milestone_id = $milestone_id;
$this->view_mode = $current_user->getPreference('agiledashboard_planning_item_view_mode_' . $this->project_id);
$this->milestone_representation = json_encode($milestone_representation);
$this->paginated_backlog_items_representations = json_encode($paginated_backlog_items_representations);
$this->paginated_milestones_representations = json_encode($paginated_milestones_representations);
}
public function userIsGitAdmin(PFUser $user, Project $project)
{
$database_result = $this->getCurrentGitAdminPermissionsForProject($project);
if (db_numrows($database_result) < 1) {
$database_result = $this->getDefaultGitAdminPermissions();
}
$has_permission = false;
while (!$has_permission && ($row = db_fetch_array($database_result))) {
$has_permission = ugroup_user_is_member($user->getId(), $row['ugroup_id'], $project->getID());
}
return $has_permission;
}
public function update(Tracker $tracker, SimpleXMLElement $artifact_xml, array $submitted_values, PFUser $user, $submitted_on)
{
$artifact_xml->changeset->submitted_on = date('c', $submitted_on);
$artifact_xml->changeset->submitted_by = $user->getId();
foreach ($artifact_xml->changeset->field_change as $field_change) {
$field_name = (string) $field_change['field_name'];
$field = $this->formelement_factory->getUsedFieldByNameForUser($tracker->getId(), $field_name, $user);
if ($field && isset($submitted_values[$field->getId()])) {
$submitted_value = $submitted_values[$field->getId()];
$this->visitor->update($field_change, $field, $submitted_value);
}
}
}
/** @return PaginatedWikiPages */
public function getPaginatedUserPages(PFUser $user, $project_id, $limit, $offset, $pagename)
{
$pages = array();
if ($pagename !== '') {
$row_pages = $this->dao->searchPaginatedUserWikiPagesByPagename($project_id, $limit, $offset, $pagename);
} else {
$row_pages = $this->dao->searchPaginatedUserWikiPages($project_id, $limit, $offset);
}
foreach ($row_pages as $page) {
$wiki_page = new PHPWikiPage($project_id, $page['pagename']);
if ($wiki_page->isAutorized($user->getId())) {
$pages[] = $wiki_page;
}
}
return new PaginatedPHPWikiPages($pages);
}
public function displayHeader(Tracker_IFetchTrackerSwitcher $layout, Codendi_Request $request, PFUser $current_user, Tracker_Report $report, $report_can_be_modified)
{
$link_artifact_id = (int) $request->get('link-artifact-id');
if ($report_can_be_modified) {
$title = '';
$breadcrumbs = array();
$params = array('body_class' => array('in_tracker_report'));
$toolbar = null;
$report->getTracker()->displayHeader($layout, $title, $breadcrumbs, $toolbar, $params);
}
if ($request->get('pv')) {
return;
}
$reports = $this->report_factory->getReportsByTrackerId($report->tracker_id, $current_user->getId());
if ($link_artifact_id) {
$this->displayHeaderInArtifactLinkModal($layout, $request, $current_user, $report, $reports, $link_artifact_id);
} else {
$this->displayHeaderInReport($request, $current_user, $report, $reports, $report_can_be_modified);
}
}
private function getUserTemporaryFilePrefix()
{
return self::TEMP_FILE_PREFIX . $this->user->getId() . '_';
}
/**
* Create a cross reference on $source_artifact that point on $target_artifact
*
* @param Tracker_Artifact $source_artifact
* @param Tracker_Artifact $target_artifact
* @param PFUser $user
*
* @return CrossReference
*/
public function getCrossReferenceBetweenTwoArtifacts(Tracker_Artifact $source_artifact, Tracker_Artifact $target_artifact, PFUser $user)
{
return new CrossReference($source_artifact->getId(), $source_artifact->getTracker()->getGroupId(), Tracker_Artifact::REFERENCE_NATURE, $source_artifact->getTracker()->getItemname(), $target_artifact->getId(), $target_artifact->getTracker()->getGroupId(), Tracker_Artifact::REFERENCE_NATURE, $target_artifact->getTracker()->getItemname(), $user->getId());
}
/**
*
* @param PFUser $user
* @return Git_RemoteServer_GerritServer[]
*/
public function getRemoteServersForUser(PFUser $user)
{
return $this->dao->searchAllRemoteServersForUserId($user->getId())->instanciateWith(array($this, 'instantiateFromRow'));
}
/**
* Assign to given user the next available unix_uid
*
* We need to pass the whole user object and to modify it in this
* method to avoid conflicts if updateDb is used after this call. As
* updateDb will perform a select on user table to check what changed
* between the user table and the user object, the user object must contains
* what was updated by this method.
*
* @param PFUser $user A user object to update
*
* @return Boolean
*/
function assignNextUnixUid($user)
{
$newUid = $this->getDao()->assignNextUnixUid($user->getId());
if ($newUid !== false) {
$user->setUnixUid($newUid);
return true;
}
return false;
}
/**
* Retreive and cache all read permissions for a list of itemIds
*
* In order to reduce the perf overhead of permission checking, fetch one for
* all the permissions set on all given items and store them in cache.
*
* @param Array $itemsIds
* @param PFUser $user
*
* @return void
*/
function retreiveReadPermissionsForItems($itemsIds, $user)
{
$dao = $this->getDao();
$userId = $user->getId();
// Collect the item ids we need to check
$objIds = array();
foreach ($itemsIds as $itemid) {
if ($this->userCanAdmin($user)) {
// Docman admin has all rights
$this->_setCanManage($userId, $itemid, true);
} else {
// Otherwise, initialize the perm to "nothing". This is possible here
// as we fetch all the permissions related to an item in the same time
// if we only get READ for an item, the item will only be readable, later
// userCanWrite doesn't need to fetch permissions again.
// This is very specific to this method. With "traditional" userCanRead,
// without cache, fetching read permission gives no info about WRITE or
// MANAGE perms.
$this->_setNoAccess($userId, $itemid);
$objIds[] = $itemid;
}
}
if (count($objIds) > 0) {
$perms = array("'PLUGIN_DOCMAN_READ'", "'PLUGIN_DOCMAN_WRITE'", "'PLUGIN_DOCMAN_MANAGE'");
$dar = $dao->retreivePermissionsForItems($objIds, $perms, $user->getUgroups($this->groupId, array()));
foreach ($dar as $row) {
switch ($row['permission_type']) {
case 'PLUGIN_DOCMAN_MANAGE':
$this->_setCanManage($userId, $row['object_id'], true);
break;
case 'PLUGIN_DOCMAN_WRITE':
$this->_setCanWrite($userId, $row['object_id'], true);
break;
case 'PLUGIN_DOCMAN_READ':
$this->_setCanRead($userId, $row['object_id'], true);
break;
}
}
// Locks
// Iter on all given item_ids and disable write if current user is not
// lock owner and not doc manager.
foreach ($this->getLockFactory()->retreiveLocksForItems($objIds) as $row) {
if ($row['user_id'] != $userId && !$this->cache_manage[$userId][$row['item_id']]) {
$this->cache_write[$userId][$row['item_id']] = false;
}
}
}
}
/**
* @param Git_RemoteServer_GerritServer $server
* @param PFUser $gerrit_users_to_suspend
*
* @throws Git_Driver_Gerrit_Exception
*/
public function setUserAccountInactive(Git_RemoteServer_GerritServer $server, PFUser $user)
{
$query = self::COMMAND . ' set-account --inactive ' . $user->getUserName();
try {
$this->ssh->execute($server, $query);
$this->logger->info($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_successful', array($user->getId(), $user->getUserName(), $server)));
} catch (Git_Driver_Gerrit_RemoteSSHCommandFailure $exception) {
$this->logger->error($GLOBALS['Language']->getText('plugin_git', 'gerrit_user_suspension_error', array($user->getId(), $user->getUserName(), $server, $exception->getStdErr())));
}
}
/**
* Return true if there is no pending rename event of this user, otherwise false
*
* @param PFUser $user
* @return Boolean
*/
public function canRenameUser($user)
{
return !$this->isThereAnEventAlreadyOnGoingMatchingFirstParameter(SystemEvent::TYPE_USER_RENAME, $user->getId());
}
/**
* Remove user from dynamic ugroup
*
* @param PFUser $user User to remove
*
* @return Boolean
*/
protected function removeUserFromDynamicGroup(PFUser $user)
{
$dao = $this->_getUserGroupDao();
if ($this->id == self::PROJECT_ADMIN && $dao->returnProjectAdminsByGroupId($this->group_id)->rowCount() <= 1) {
throw new Exception('Impossible to remove last admin of the project');
}
$flag = $this->getRemoveFlagForUGroupId($this->id);
return $dao->updateUserGroupFlags($user->getId(), $this->group_id, $flag);
}
/**
* Store new LDAP login in database
*
* Force update of SVNAccessFile in project the user belongs to as
* project member or user group member
*
* @param PFUser $user The user to update
* @param String $ldapUid New LDAP login
*
* @return Boolean
*/
function updateLdapUid(PFUser $user, $ldapUid)
{
if ($this->getDao()->updateLdapUid($user->getId(), $ldapUid)) {
$this->addUserToRename($user);
return true;
}
return false;
}
public function countMyAndPublicProjectsForREST(PFUser $user)
{
$user_id = $this->da->escapeInt($user->getId());
$private_type = $this->da->quoteSmart(Project::ACCESS_PRIVATE);
$sql = "SELECT count(DISTINCT group_id) AS 'count_projects'\n FROM groups\n JOIN user_group USING (group_id)\n WHERE status = 'A'\n AND group_id > 100\n AND (access != {$private_type}\n OR user_group.user_id = {$user_id})";
return $this->retrieve($sql);
}
/** @return Tracker_Report */
private function getReportById(\PFUser $user, $id)
{
$store_in_session = false;
$report = Tracker_ReportFactory::instance()->getReportById($id, $user->getId(), $store_in_session);
if (!$report) {
throw new RestException(404);
}
$tracker = $report->getTracker();
if (!$tracker->userCanView($user)) {
throw new RestException(403);
}
ProjectAuthorization::userCanAccessProject($user, $tracker->getProject(), new Tracker_URLVerification());
return $report;
}
private function registerCurrentStep(PFUser $user, Tuleap_Tour $tour, $current_step, $the_end)
{
$this->stats_dao->save($user->getId(), $tour->name, count($tour->steps), $current_step, $the_end);
}
/**
* Return all UGroups the user belongs to
*
* @param PFUser $user The user
*
* @return ProjectUGroup[]
*/
public function getByUserId($user)
{
$ugroups = array();
$dar = $this->getDao()->searchByUserId($user->getId());
if ($dar && !$dar->isError()) {
foreach ($dar as $row) {
$ugroups[] = new ProjectUGroup($row);
}
}
return $ugroups;
}
private function getAddToMyDashboardURL(PFUser $user)
{
return $this->getAddToDashboardURL('u' . $user->getId(), Tracker_Widget_MyRenderer::ID);
}
public function setSubmittedByUser(PFUser $user)
{
$this->submitted_by_user = $user;
$this->submitted_by = $user->getId();
}
public function queueMigrateToGerrit(GitRepository $repository, $remote_server_id, $gerrit_template_id, PFUser $requester)
{
$this->system_event_manager->createEvent(SystemEvent_GIT_GERRIT_MIGRATION::NAME, $repository->getId() . SystemEvent::PARAMETER_SEPARATOR . $remote_server_id . SystemEvent::PARAMETER_SEPARATOR . $gerrit_template_id . SystemEvent::PARAMETER_SEPARATOR . $requester->getId(), SystemEvent::PRIORITY_HIGH, SystemEvent::OWNER_APP);
}
