/**
* Update the local cache of the remote user details
* @param object $usr The user details we read from the remote.
*/
function UpdateUserFromExternal(&$usr)
{
global $c;
auth_functions_deprecated('UpdateUserFromExternal', 'refactor to use the "Principal" class');
/**
* When we're doing the create we will usually need to generate a user number
*/
if (!isset($usr->user_no) || intval($usr->user_no) == 0) {
$qry = new AwlQuery("SELECT nextval('usr_user_no_seq');");
$qry->Exec('Login', __LINE__, __FILE__);
$sequence_value = $qry->Fetch(true);
// Fetch as an array
$usr->user_no = $sequence_value[0];
}
$qry = new AwlQuery('SELECT * FROM usr WHERE user_no = :user_no', array(':user_no' => $usr->user_no));
if ($qry->Exec('Login', __LINE__, __FILE__) && $qry->rows() == 1) {
$type = "UPDATE";
if ($old = $qry->Fetch()) {
$changes = false;
foreach ($usr as $k => $v) {
if ($old->{$k} != $v) {
$changes = true;
dbg_error_log("Login", "User '%s' field '%s' changed from '%s' to '%s'", $usr->username, $k, $old->{$k}, $v);
break;
}
}
if (!$changes) {
dbg_error_log("Login", "No changes to user record for '%s' - leaving as-is.", $usr->username);
if (isset($usr->active) && $usr->active == 'f') {
return false;
}
return;
// Normal case, if there are no changes
} else {
dbg_error_log("Login", "Changes to user record for '%s' - updating.", $usr->username);
}
}
} else {
$type = "INSERT";
}
$params = array();
if ($type != 'INSERT') {
$params[':user_no'] = $usr->user_no;
}
$qry = new AwlQuery(sql_from_object($usr, $type, 'usr', 'WHERE user_no= :user_no'), $params);
$qry->Exec('Login', __LINE__, __FILE__);
/**
* We disallow login by inactive users _after_ we have updated the local copy
*/
if (isset($usr->active) && ($usr->active === 'f' || $usr->active === false)) {
return false;
}
if ($type == 'INSERT') {
$qry = new AwlQuery('INSERT INTO principal( type_id, user_no, displayname, default_privileges) SELECT 1, user_no, fullname, :privs::INT::BIT(24) FROM usr WHERE username=(text(:username))', array(':privs' => privilege_to_bits($c->default_privileges), ':username' => $usr->username));
$qry->Exec('Login', __LINE__, __FILE__);
CreateHomeCalendar($usr->username);
CreateDefaultRelationships($usr->username);
} else {
if ($usr->fullname != $old->{'fullname'}) {
// Also update the displayname if the fullname has been updated.
$qry->QDo('UPDATE principal SET displayname=:new_display WHERE user_no=:user_no', array(':new_display' => $usr->fullname, ':user_no' => $usr->user_no));
}
}
}
/**
* Synchronise a cached user with one from LDAP
* @param object $principal A Principal object to be updated (or created)
*/
function sync_user_from_LDAP(Principal &$principal, $mapping, $ldap_values)
{
global $c;
dbg_error_log("LDAP", "Going to sync the user from LDAP");
$fields_to_set = array();
$updateable_fields = Principal::updateableFields();
foreach ($updateable_fields as $field) {
if (isset($mapping[$field])) {
$tab_part_fields = explode(',', $mapping[$field]);
foreach ($tab_part_fields as $part_field) {
if (isset($ldap_values[$part_field])) {
if (isset($fields_to_set[$field])) {
$fields_to_set[$field] .= ' ' . $ldap_values[$part_field];
} else {
$fields_to_set[$field] = $ldap_values[$part_field];
}
}
}
dbg_error_log("LDAP", "Setting usr->%s to %s from LDAP field %s", $field, $fields_to_set[$field], $mapping[$field]);
} else {
if (isset($c->authenticate_hook['config']['default_value']) && is_array($c->authenticate_hook['config']['default_value']) && isset($c->authenticate_hook['config']['default_value'][$field])) {
$fields_to_set[$field] = $c->authenticate_hook['config']['default_value'][$field];
dbg_error_log("LDAP", "Setting usr->%s to %s from configured defaults", $field, $c->authenticate_hook['config']['default_value'][$field]);
}
}
}
if ($principal->Exists()) {
$principal->Update($fields_to_set);
} else {
$principal->Create($fields_to_set);
CreateHomeCollections($principal->username());
CreateDefaultRelationships($principal->username());
}
}
