public static function initialize(Jam_Meta $meta)
{
$meta->db(Kohana::TESTING);
parent::initialize($meta);
$meta->behaviors(['username' => Jam::behavior('username')]);
$meta->associations(array('user_tokens' => Jam::association('hasmany', array('foreign_model' => 'test_user_token', 'foreign_key' => 'test_user_id')), 'roles' => Jam::association('manytomany', array('foreign_model' => 'test_role', 'join_table' => 'test_roles_users', 'foreign_key' => 'test_role_id', 'association_foreign_key' => 'test_user_id'))));
}
public function save(Validation $validation = NULL)
{
if (!$this->loaded()) {
$this->created = time();
}
return parent::save($validation);
}
/**
* Rules for the user model. Because the password is _always_ a hash
* when it's set,you need to run an additional not_empty rule in your controller
* to make sure you didn't hash an empty string. The password rules
* should be enforced outside the model or with a model helper method.
*
* @return array Rules
* @see Model_Auth_User::rules
*/
public function rules()
{
$parent = parent::rules();
// fixes the min_length username value
$parent['username'][1] = array('min_length', array(':value', 1));
return $parent;
}
/**
* @param array $values Values to insert
* @param array $expected Expected values, the rest will be ignored
* @return Model_User
*/
public function create_user($values, $expected)
{
if (!isset($values['timezone_id'])) {
$values['timezone_id'] = Kohana::$config->load('date.default_timezone');
}
$expected[] = 'timezone_id';
return parent::create_user($values, $expected);
}
public function save(Validation $validation = NULL)
{
if (!$this->loaded()) {
$this->date_created = DB::expr('NOW()');
}
$this->date_updated = DB::expr('NOW()');
return parent::save($validation);
}
public function delete()
{
if (!$this->loaded()) {
throw new Exception('Cannot delete user because model is not loaded.');
}
$materials = ORM::factory('material')->where('teacher_id', '=', $this->id)->find_all();
foreach ($materials as $material) {
$material->delete();
}
parent::delete();
}
/**
* Rules for the user model. Because the password is _always_ a hash
* when it's set,you need to run an additional not_empty rule in your controller
* to make sure you didn't hash an empty string. The password rules
* should be enforced outside the model or with a model helper method.
*
* @return array Rules
* @see Model_Auth_User::rules
*/
public function rules()
{
$parent = parent::rules();
// fixes the min_length username value
$parent['username'][1] = array('min_length', array(':value', 1));
$require_email = Kohana::$config->load('useradmin.require_email');
if ($require_email === false) {
unset($parent['email']);
}
return $parent;
}
public function force_login($user, $mark_session_as_forced = false)
{
if (!is_object($user)) {
$username = $user;
$user = ORM::factory('user');
$user->where($user->unique_key($username), '=', $username)->find();
}
if ($mark_session_as_forced === true) {
Session::instance()->set('auth_forced', $user->username);
}
return parent::complete_login($user);
}
public function values($values)
{
if (isset($values['password']) && $values['password'] === false) {
// use the current salted and crpted password to pass the validation
unset($values['password']);
$values['password2'] = $this->password;
}
if ($this->email != $values['email']) {
$this->new_email = true;
}
return parent::values($values);
}
public static function initialize(Jelly_Meta $meta)
{
Model_Auth_User::initialize($meta);
$meta->table('users');
$meta->fields('username')->label = 'Username';
$meta->fields('username')->prevent_edit = true;
$meta->fields('password')->label = 'Password (leave blank for no change)';
$meta->fields('password_confirm')->label = 'Confirm password';
$meta->fields('password')->rules = $meta->fields('password_confirm')->rules = array('max_length' => array(50), 'min_length' => array(6));
$meta->fields('email')->label = 'Email address';
$meta->fields('email')->rules = array('not_empty' => array(TRUE), 'max_length' => array(127));
// Hide all of these fields from editing...
$meta->fields('logins')->show_in_edit = FALSE;
$meta->fields('last_login')->show_in_edit = FALSE;
$meta->fields('tokens')->show_in_edit = FALSE;
$meta->fields('roles')->show_in_edit = FALSE;
}
/**
* Overrides the default delete behaviour
* Removes all the data associated with the user from
* the system. This data includes buckets, rivers, tags,
* collaborations, subscriptions and auth tokens
*/
public function delete()
{
// Does this user have an account space?
$account = ORM::factory('account')->where('user_id', '=', $this->id)->find();
if ($account->loaded()) {
// Delete buckets - droplets, subscriptions and collaborations
$buckets = ORM::factory('bucket')->where('account_id', '=', $account->id)->find_all();
foreach ($buckets as $bucket) {
$bucket->delete();
}
// Delete rivers - droplets, subscriptions and collaborations
$rivers = ORM::factory('river')->where('account_id', '=', $account->id)->find_all();
foreach ($rivers as $river) {
$river->delete();
}
// User created tags
DB::delete('account_droplet_tags')->where('account_id', '=', $account->id)->execute();
// User created places
DB::delete('account_droplet_places')->where('account_id', '=', $account->id)->execute();
// User created links
DB::delete('account_droplet_links')->where('account_id', '=', $account->id)->execute();
// User created media
DB::delete('account_droplet_media')->where('account_id', '=', $account->id)->execute();
}
// Remove follows and list of followers
DB::delete('user_followers')->where('user_id', '=', $this->id)->or_where('follower_id', '=', $this->id)->execute();
// Accounts associated with the user
DB::delete('accounts')->where('user_id', '=', $this->id)->execute();
// User tokens
DB::delete('user_tokens')->where('user_id', '=', $this->id)->execute();
// Purge the logs - where the user has initiated an action
// or an action has been performed on them
DB::delete('user_actions')->where('user_id', '=', $this->id)->or_where('action_to_id', '=', $this->id)->execute();
// Default
parent::delete();
}
public function delete($id = null)
{
//delete all comments
foreach ($this->comments->find_all() as $comment) {
$comment->delete();
}
//delete all photos
foreach ($this->photos->find_all() as $photo) {
$photo->delete();
}
//delete avatar
if ($this->avatar->loaded()) {
$this->avatar->delete();
}
//delete all logs that refer to this user
$logInfos = ORM::factory("Game_LogInfo")->or_where_open()->where("name", "=", "user")->or_where("name", "=", "user_id")->or_where_close()->where("data", "=", $this->id)->find_all();
foreach ($logInfos as $logInfo) {
$logInfo->_eventLog->delete();
}
//delete the user in gamification DB
$site = Helper_Game::getSite();
$gUser = $site->getUser($this->id);
$gUser->delete();
parent::delete($id);
}
public function after_delete($id)
{
Kohana::$log->add(Log::INFO, 'User with id :user_id has been deleted by :user', array(':user_id' => $id))->write();
Observer::notify('user_after_delete', $id);
return parent::after_delete($id);
}
public static function initialize(Jelly_Meta $meta)
{
$meta->table('kohanut_users')->fields(array('roles' => new Field_ManyToMany(array('through' => array('model' => 'kohanut_roles_users', 'columns' => array('user_id', 'role_id')), 'foreign' => 'kohanut_role'))));
parent::initialize($meta);
}
public function update(Validation $validation = NULL)
{
if (!empty($this->username)) {
$this->username_clean = mb_strtolower($this->username);
}
$this->user_email_hash = Helper::phpbb_email_hash($this->email);
return parent::update($validation);
}
/**
* Create an account
*
* @return void
*/
public function action_create()
{
$this->template->content = View::factory('pages/login/create')->bind('form_name', $form_name)->bind('form_nickname', $form_nickname)->bind('errors', $errors);
$email = $this->request->param('email');
$token = $this->request->param('token');
$user = ORM::factory('user', array('email' => $email));
if ($user->loaded()) {
$this->template->content = View::factory('pages/login/landing');
$this->template->content->errors = array(__('Email is already registered'));
$this->template->header->meta = '<meta HTTP-EQUIV="REFRESH" content="5; url=' . URL::site() . '">';
return;
} else {
// To retun user entered values in case of errors
$form_name = $this->request->post('name');
$form_nickname = $this->request->post('nickname');
}
if ($this->request->post() and !$user->loaded()) {
$post = Model_Auth_User::get_password_validation($this->request->post())->rule('name', 'not_empty')->rule('nickname', 'not_empty')->rule('nickname', 'alpha_dash');
if (!$post->check()) {
$errors = $post->errors('user');
} else {
// RiverID validation
if ($this->riverid_auth) {
$riverid_api = RiverID_API::instance();
$resp = $riverid_api->set_password($email, $token, $this->request->post('password'));
if (!$resp['status']) {
$errors = array($resp['error']);
}
} else {
// ORM auth validation
$token = Model_Auth_Token::get_token($token, 'new_registration');
if (!$token) {
$errors = array(__('Error'));
} else {
$data = json_decode($token->data);
$token->delete();
if ($email != $data->email) {
// The email in the request does not match
// the email in the token
$errors = array(__('Invalid email'));
}
}
}
// Is the nickname taken?
$nickname = strtolower($this->request->post('nickname'));
$account = ORM::factory('account', array('account_path' => $nickname));
if ($account->loaded()) {
$errors = array(__('Nickname is already taken'));
}
}
if (!$errors) {
// User entry
$user = ORM::factory('user');
$user->username = $user->email = $email;
$user->name = $this->request->post('name');
if (!$this->riverid_auth) {
// Password only needed locally for ORM auth
$user->password = $this->request->post('password');
}
$user->save();
// Account entry
$nickname = strtolower($this->request->post('nickname'));
$user->account->account_path = $nickname;
$user->account->user_id = $user->id;
$user->account->save();
// Allow the user be able to login immediately
$login_role = ORM::factory('role', array('name' => 'login'));
$user->add('roles', $login_role);
$user->save();
// Auto login
Auth::instance()->login($user->username, $this->request->post('password'), FALSE);
// Show a message and redirect to swift
$this->template->content = View::factory('pages/login/landing');
$this->template->content->messages = array(__('Account was created successfuly.'));
$this->template->header->meta = '<meta HTTP-EQUIV="REFRESH" content="5; url=' . URL::site() . '">';
}
}
}
/**
* Overloads “has_role” to always return true if user has “admin”
*
* @param string | role
* @return boolean
*/
public function has_role($role)
{
return parent::has_role('admin') || parent::has_role($role);
}
protected function _init()
{
parent::_init();
// Overrule the names of the Roles and User_Token model to the Site_... version
$this->_fields = array_merge($this->_fields, array('tokens' => new Sprig_Field_HasMany(array('model' => 'Site_User_Token', 'editable' => FALSE)), 'roles' => new Sprig_Field_ManyToMany(array('model' => 'Site_Role', 'through' => 'site_roles_users'))));
}
private function _update_settings()
{
// Validate current password
$validated = FALSE;
$current_password = $_POST['current_password'];
if ($this->riverid_auth) {
$response = RiverID_API::instance()->signin($this->user->email, $_POST['current_password']);
$validated = ($response and $response['status']);
} else {
$validated = Auth::instance()->hash($current_password) == $this->user->password;
}
if (!$validated) {
$this->errors = __('Current password is incorrect');
return;
}
$messages = array();
// Password is changing and we are using RiverID authentication
if (!empty($_POST['password']) or !empty($_POST['password_confirm'])) {
$post = Model_Auth_User::get_password_validation($_POST);
if (!$post->check()) {
$this->errors = $post->errors('user');
return;
}
// Are we using RiverID?
if ($this->riverid_auth) {
$resp = RiverID_API::instance()->change_password($this->user->email, $_POST['current_password'], $_POST['password']);
if (!$resp['status']) {
$this->errors = $resp['error'];
return;
}
// For API calls below, use this new password
$current_password = $_POST['password'];
unset($_POST['password'], $_POST['password_confirm']);
}
}
// Email address is changing
if ($_POST['email'] != $this->user->email) {
$new_email = $_POST['email'];
if (!Valid::email($new_email)) {
$this->errors = __('Invalid email address');
return;
}
if ($this->riverid_auth) {
// RiverID email change process
$mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
$secret_url = url::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/%token%', TRUE, TRUE);
$site_email = Kohana::$config->load('useradmin.email_address');
$mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
$resp = RiverID_API::instance()->change_email($this->user->email, $new_email, $current_password, $mail_body, $mail_subject, $site_email);
if (!$resp['status']) {
$this->errors = $resp['error'];
return;
}
} else {
// Make sure the new email address is not yet registered
$user = ORM::factory('user', array('email' => $new_email));
if ($user->loaded()) {
$this->errors = __('The new email address has already been registered');
return;
}
$auth_token = Model_Auth_Token::create_token('change_email', array('new_email' => $new_email, 'old_email' => $this->user->email));
if ($auth_token->loaded()) {
// Send an email with a secret token URL
$mail_body = View::factory('emails/changeemail')->bind('secret_url', $secret_url);
$secret_url = URL::site('login/changeemail/' . urlencode($this->user->email) . '/' . urlencode($new_email) . '/' . $auth_token->token, TRUE, TRUE);
// Send email to the user using the new address
$mail_subject = __(':sitename: Email Change', array(':sitename' => Model_Setting::get_setting('site_name')));
Swiftriver_Mail::send($new_email, $mail_subject, $mail_body);
} else {
$this->errors = __('Error');
return;
}
$messages[] = __("A confirmation email has been sent to :email", array(':email' => $new_email));
}
// Don't change email address immediately.
// Only do so after the tokens sent above are validated
unset($_POST['email']);
}
// END if - email address change
// Nickname is changing
if ($_POST['nickname'] != $this->user->account->account_path) {
$nickname = $_POST['nickname'];
// Make sure the account path is not already taken
$account = ORM::factory('account', array('account_path' => $nickname));
if ($account->loaded()) {
$this->errors = __('Nickname is already taken');
return;
}
// Update
$this->user->account->account_path = $nickname;
$this->user->account->save();
}
$this->user->update_user($_POST, array('name', 'password', 'email'));
$messages[] = __("Account settings were saved successfully.");
Session::instance()->set("messages", $messages);
$this->request->redirect(URL::site($this->user->account->account_path . '/settings'));
}
/**
* Allows a model to use a user id, in addition to email and username, as unique identifier.
*
* @param mixed unique value
* @return string field name
*/
public function unique_key($value)
{
return (is_int($value)) ? 'id' : parent::unique_key($value);
}
public function save(validation $val = null)
{
if ($this->created == 0) {
$this->created = time();
}
return parent::save($val);
}
/**
*
* @dataProvider provider_unique_key
*/
public function test_unique_key($value, $expected_attribute)
{
$this->assertEquals($expected_attribute, Model_Auth_User::unique_key($value));
}
public static function initialize(Jam_Meta $meta)
{
parent::initialize($meta);
$meta->behaviors(array('visitor_user' => Jam::behavior('visitor_user')));
}
public function rules()
{
parent::rules();
return array('username' => array(array('not_empty')), 'password' => array(array('not_empty')), 'email' => array(array('not_empty')));
}
