/**
* Run when class is loaded
*
* @return void
*/
public static function _init()
{
// set static vars for later use
static::$login_column = trim(Config::get('sentry::sentry.login_column'));
static::$suspend = trim(Config::get('sentry::sentry.limit.enabled'));
$db_instance = trim(Config::get('sentry::sentry.db_instance'));
// db_instance check
if (!empty($db_instance)) {
static::$db_instance = $db_instance;
Sentry_Rules::set_db_instance($db_instance);
}
// login_column check
if (empty(static::$login_column)) {
throw new SentryConfigException(__('sentry::sentry.login_column_empty'));
}
}
/**
* Loads in the user object
*
* @param int|string User id or Login Column value
* @return void
* @throws SentryUserNotFoundException
*/
public function __construct($id = null, $check_exists = false)
{
// load and set config
$this->table = strtolower(Config::get('sentry::sentry.table.users'));
$this->table_usergroups = strtolower(Config::get('sentry::sentry.table.users_groups'));
$this->table_metadata = strtolower(Config::get('sentry::sentry.table.users_metadata'));
$this->login_column = strtolower(Config::get('sentry::sentry.login_column'));
$this->login_column_str = ucfirst($this->login_column);
$db_instance = trim(Config::get('sentry::sentry.db_instance'));
try {
// init a hashing mechanism
$strategy = Config::get('sentry::sentry.hash.strategy');
$options = Config::get('sentry::sentry.hash.strategies.' . $strategy);
$this->hash = Sentry_Hash_Driver::forge($strategy, $options);
} catch (SentryGroupNotFoundException $e) {
throw new SentryUserException($e->getMessage());
}
// db_instance check
if (!empty($db_instance)) {
$this->db_instance = $db_instance;
}
// if an ID was passed
if ($id) {
// make sure ID is valid
if (is_int($id)) {
if ($id <= 0) {
throw new SentryUserException(__('sentry::sentry.invalid_user_id'));
}
// set field to id for query
$field = 'id';
} else {
// set field to login_column
$field = $this->login_column;
}
//query database for user
$user = DB::connection($this->db_instance)->table($this->table)->where($field, '=', $id)->first();
// if there was a result - update user
if ($user !== null) {
// if just a user exists check - return true, no need for additional queries
if ($check_exists) {
return true;
}
$temp = get_object_vars($user);
// query for metadata
$metadata = DB::connection($this->db_instance)->table($this->table_metadata)->where('user_id', '=', $temp['id'])->first();
$temp['metadata'] = count($metadata) ? get_object_vars($metadata) : array();
// lets set and remove password fields
$temp = $this->extract_passwords($temp);
$this->user = $temp['user'];
$this->passwords = $temp['passwords'];
} else {
throw new SentryUserNotFoundException(__('sentry::sentry.user_not_found'));
}
/**
* fetch the user's groups and assign as array usable via $this->groups
*/
$groups_table = Config::get('sentry::sentry.table.groups');
$groups = DB::connection($this->db_instance)->table($groups_table)->where($this->table_usergroups . '.user_id', '=', $this->user['id'])->join($this->table_usergroups, $this->table_usergroups . '.group_id', '=', $groups_table . '.id')->get($groups_table . '.*');
foreach ($groups as &$group) {
$group = get_object_vars($group);
}
$this->groups = $groups;
/**
* set rules and permissions if enabled
*/
if (Config::get('sentry::sentry.permissions.enabled')) {
$this->rules = Sentry_Rules::fetch_rules();
$this->permissions = $this->fetch_permissions();
}
}
}
protected function process_permissions($rules = array())
{
if (empty($rules) or !is_array($rules)) {
throw new SentryGroupPermissionsException(__('sentry::sentry.no_rules_added'));
}
// loop through the rules and make sure all values are a 1 or 0
foreach ($rules as $rule => $value) {
if (!empty($value) and $value !== 1) {
throw new SentryGroupPermissionsException('A permission value must be empty or an integer of 1. Value passed: ' . $value . ' (' . gettype($value) . ')');
}
}
// grab the current group permissions and decode
$current_permissions = json_decode($this->get('permissions'), true);
$current_permissions = is_array($current_permissions) ? $current_permissions : array();
// get sentry rules
$all_rules = Sentry_Rules::fetch_rules();
// Let's go through each of the $rules
foreach ($rules as $key => $val) {
// Check to make sure the rule is in the config
if (in_array($key, $all_rules) or $key === Config::get('sentry::sentry.permissions.superuser')) {
if ($val === 1) {
$current_permissions[$key] = $val;
} else {
unset($current_permissions[$key]);
}
} else {
throw new SentryGroupPermissionsException(__('sentry::sentry.rule_not_found', array('rule' => $key)));
}
}
return $current_permissions;
}
