/**
* creates the initial folder for new accounts
*
* @param mixed[int|Tinebase_Model_User] $_account the accountd object
* @return Tinebase_Record_RecordSet of subtype Tinebase_Model_Container
*/
public function createPersonalFolder($_accountId)
{
$translation = Tinebase_Translation::getTranslation('Webconference');
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$account = Tinebase_User::getInstance()->getUserById($accountId);
$newContainer = new Tinebase_Model_Container(array('name' => sprintf($translation->_("%s's personal example records"), $account->accountFullName), 'type' => Tinebase_Model_Container::TYPE_PERSONAL, 'backend' => 'Sql', 'application_id' => Tinebase_Application::getInstance()->getApplicationByName('Webconference')->getId()));
$personalContainer = Tinebase_Container::getInstance()->addContainer($newContainer, NULL, FALSE, $accountId);
$container = new Tinebase_Record_RecordSet('Tinebase_Model_Container', array($personalContainer));
return $container;
}
/**
* updates an user
*
* this function updates an user
*
* @param Tinebase_Model_FullUser $_user
* @return Tinebase_Model_FullUser
* @throws
*/
public function updateUserInSqlBackend(Tinebase_Model_FullUser $_user)
{
if (!$_user->isValid()) {
throw new Tinebase_Exception_Record_Validation('Invalid user object. ' . print_r($_user->getValidationErrors(), TRUE));
}
$accountId = Tinebase_Model_User::convertUserIdToInt($_user);
$oldUser = $this->getFullUserById($accountId);
if (empty($_user->contact_id)) {
$_user->visibility = 'hidden';
$_user->contact_id = null;
}
$accountData = $this->_recordToRawData($_user);
// don't update id
unset($accountData['id']);
// ignore all other states (expired and blocked)
if ($_user->accountStatus == Tinebase_User::STATUS_ENABLED) {
$accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus;
if ($oldUser->accountStatus === Tinebase_User::STATUS_BLOCKED) {
$accountData[$this->rowNameMapping['loginFailures']] = 0;
} elseif ($oldUser->accountStatus === Tinebase_User::STATUS_EXPIRED) {
$accountData[$this->rowNameMapping['accountExpires']] = null;
}
} elseif ($_user->accountStatus == Tinebase_User::STATUS_DISABLED) {
$accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus;
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($accountData, true));
}
try {
$accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts'));
$where = array($this->_db->quoteInto($this->_db->quoteIdentifier('id') . ' = ?', $accountId));
$accountsTable->update($accountData, $where);
} catch (Exception $e) {
Tinebase_TransactionManager::getInstance()->rollBack();
throw $e;
}
return $this->getUserById($accountId, 'Tinebase_Model_FullUser');
}
/**
* try to convert id of account object and check if correct exceptions are thrown
*
*/
public function testConvertAccountIdToIntWithAccount()
{
$this->setExpectedException('Exception');
Tinebase_Model_User::convertUserIdToInt($this->objects['noIdAccount']);
}
/**
* get grants assigned to one account of one container
*
* @param string|Tinebase_Model_User $_accountId
* @param int|Tinebase_Model_Container $_containerId
* @param string $_grantModel
* @return Tinebase_Model_Grants
*/
public function getGrantsOfAccount($_accountId, $_containerId, $_grantModel = 'Tinebase_Model_Grants')
{
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$containerId = Tinebase_Model_Container::convertContainerIdToInt($_containerId);
$container = $_containerId instanceof Tinebase_Model_Container ? $_containerId : $this->getContainerById($_containerId);
$classCacheId = $accountId . $containerId . $container->seq . $_grantModel;
try {
$grants = $this->loadFromClassCache(__FUNCTION__, $classCacheId, Tinebase_Cache_PerRequest::VISIBILITY_SHARED);
if ($grants instanceof Tinebase_Model_Grants) {
return $grants;
} else {
if (Tinebase_Core::isLogLevel(Zend_Log::NOTICE)) {
Tinebase_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' Invalid data in cache ... fetching fresh data from DB');
}
}
} catch (Tinebase_Exception_NotFound $tenf) {
// not found in cache
}
$select = $this->_getAclSelectByContainerId($containerId)->group('container_acl.account_grant');
$this->addGrantsSql($select, $accountId, '*');
Tinebase_Backend_Sql_Abstract::traitGroup($select);
$stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select);
$rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC);
$grants = $this->_getGrantsFromArray($rows, $accountId, $_grantModel);
$this->saveInClassCache(__FUNCTION__, $classCacheId, $grants, Tinebase_Cache_PerRequest::VISIBILITY_SHARED, self::ACL_CACHE_TIMEOUT);
return $grants;
}
/**
* fetch one contact of a user identified by his user_id
*
* @param int $_userId
* @return Addressbook_Model_Contact
* @throws Addressbook_Exception_NotFound if contact not found
*/
public function getByUserId($_userId)
{
$userId = Tinebase_Model_User::convertUserIdToInt($_userId);
$contactData = $this->_ldap->fetch($this->_baseDn, "uidnumber={$userId}", $this->_getSupportedLdapAttributes());
if (!$contactData) {
throw new Addressbook_Exception_NotFound("Contact with user id {$_userId} not found.");
}
$contact = $this->_ldap2Contacts(array($contactData))->offsetGet(0);
$contact->jpegphoto = $this->_ldap->fetchBinaryAttribute($this->_baseDn, "uidnumber={$userId}", 'jpegphoto');
return $contact;
}
/**
* returns arrays of metainfo from given accountIds
*
* @param array $_accountIds
* @return array of strings
*/
protected function _getAccountsMetaData(array $_accountIds)
{
$filterArray = array();
foreach ($_accountIds as $accountId) {
$accountId = Tinebase_Model_User::convertUserIdToInt($accountId);
$filterArray[] = "(objectGUID={$accountId})";
}
// fetch all dns at once
$filter = '(|' . implode('', $filterArray) . ')';
$accounts = $this->_ldap->fetchAll($this->_options['userDn'], $filter, array('sAMAccountName', 'objectGUID', 'objectclass'));
if (count($accounts) != count($_accountIds)) {
throw new Exception("Some dn's are missing");
}
$result = array();
foreach ($accounts as $account) {
unset($account['objectclass']['count']);
$result[] = array('dn' => $account['dn'], 'uid' => $account['sAMAccountName'][0], 'uidNumber' => $account['objectGUID'][0], 'objectClass' => $account['objectclass']);
}
return $result;
}
/**
* returns SQL with container grant condition
*
* @param string $_aclTableName
* @param string $_groupMembersTableName
* @param string|array $_requiredGrant (defaults none)
* @param Zend_Db_Expr|int|Tinebase_Model_User $_user (defaults current user)
* @return string
*/
protected function _getContainGrantCondition($_aclTableName, $_groupMembersTableName, $_requiredGrant = NULL, $_user = NULL)
{
$quoteTypeIdentifier = $this->_db->quoteIdentifier($_aclTableName . '.account_type');
$quoteIdIdentifier = $this->_db->quoteIdentifier($_aclTableName . '.account_id');
if ($_user instanceof Zend_Db_Expr) {
$userExpression = $_user;
} else {
$accountId = $_user ? Tinebase_Model_User::convertUserIdToInt($_user) : Tinebase_Core::getUser()->getId();
$userExpression = new Zend_Db_Expr($this->_db->quote($accountId));
}
$sql = $this->_db->quoteInto("({$quoteTypeIdentifier} = ?", Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) . " AND {$quoteIdIdentifier} = {$userExpression})" . $this->_db->quoteInto(" OR ({$quoteTypeIdentifier} = ?", Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP) . ' AND ' . $this->_db->quoteIdentifier("{$_groupMembersTableName}.group_id") . " = {$quoteIdIdentifier}" . ')' . $this->_db->quoteInto(" OR ({$quoteTypeIdentifier} = ?)", Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE);
if ($_requiredGrant) {
$sql = "({$sql}) AND " . $this->_db->quoteInto($this->_db->quoteIdentifier($_aclTableName . '.account_grant') . ' IN (?)', (array) $_requiredGrant);
}
return "({$sql})";
}
/**
* get prefered extension of this account
*
* @param int $_accountId the id of the account to get the prefered extension for
* @return array
* @throws Phone_Exception_NotFound
*/
public function getPreferedExtension($_accountId)
{
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$extensionsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'phone_extensions'));
$select = $extensionsTable->select()->where($this->_db->quoteIdentifier('account_id') . ' = ?', $accountId);
$row = $extensionsTable->fetchRow($select);
if ($row === NULL) {
throw new Phone_Exception_NotFound('No prefered extension found.');
}
return $row->toArray();
}
/**
* get grants assigned to given account of multiple records
*
* @param Tinebase_Record_RecordSet $_records records to get the grants for
* @param string|Tinebase_Model_User $_accountId the account to get the grants for
* @param string $_containerProperty container property
* @param string $_grantModel
* @throws Tinebase_Exception_NotFound
*/
public function getGrantsOfRecords(Tinebase_Record_RecordSet $_records, $_accountId, $_containerProperty = 'container_id', $_grantModel = 'Tinebase_Model_Grants')
{
// get container ids
$containers = array();
foreach ($_records as $record) {
if (isset($record[$_containerProperty]) && !isset($containers[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])])) {
$containers[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])] = array();
}
}
if (empty($containers)) {
return;
}
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$select = $this->_getSelect(array('container.id', 'container.name'), TRUE)->where("{$this->_db->quoteIdentifier('container.id')} IN (?)", array_keys($containers))->join(array('container_acl' => SQL_TABLE_PREFIX . 'container_acl'), "{$this->_db->quoteIdentifier('container_acl.container_id')} = {$this->_db->quoteIdentifier('container.id')}", array('container_id', 'account_grants' => Tinebase_Backend_Sql_Command::getAggregateFunction($this->_db, $this->_db->quoteIdentifier('container_acl.account_grant'))))->group(array('container.id', 'container.name', 'container_acl.account_type', 'container_acl.container_id'));
$this->addGrantsSql($select, $accountId, '*');
$stmt = $this->_db->query($select);
$arr = $stmt->fetchAll(Zend_Db::FETCH_ASSOC);
// check array for duplicate entries of container_id
$rows = array();
$last_arr = array();
foreach ($arr as $row) {
if ($last_arr['container_id'] === $row['container_id']) {
$row['account_grants'] = $last_arr['account_grants'] . ',' . $row['account_grants'];
end($rows);
$rows[key($rows)] = $row;
} else {
array_push($rows, $row);
}
$last_arr = $row;
}
// add results to container ids and get grants array
foreach ($rows as $row) {
// NOTE id is non-ambiguous
$row['id'] = $row['container_id'];
$grantsArray = array_unique(explode(',', $row['account_grants']));
$row['account_grants'] = $this->_getGrantsFromArray($grantsArray, $accountId, $_grantModel)->toArray();
$containers[$row['id']] = new Tinebase_Model_Container($row, TRUE);
}
// add container & grants to records
foreach ($_records as &$record) {
try {
if (!isset($record->{$_containerProperty})) {
continue;
}
$containerId = $record[$_containerProperty];
if (!is_array($containerId) && !$containerId instanceof Tinebase_Record_Abstract && !empty($containers[$containerId])) {
$record[$_containerProperty] = $containers[$containerId];
$record[$_containerProperty]['path'] = $containers[$containerId]->getPath();
}
} catch (Exception $e) {
// if path is not determinable, skip this container
$_records->removeRecord($record);
}
}
}
/**
* get metatada of existing user
*
* @param string $_userId
* @return array
*/
protected function _getMetaData($_userId)
{
$userId = Tinebase_Model_User::convertUserIdToInt($_userId);
$filter = Zend_Ldap_Filter::equals($this->_rowNameMapping['accountId'], Zend_Ldap::filterEscape($userId));
$result = $this->_ldap->search($filter, $this->_baseDn, $this->_userSearchScope);
if (count($result) !== 1) {
throw new Tinebase_Exception_NotFound("user with userid {$_userId} not found");
}
return $result->getFirst();
}
/**
* returns default displayContainer id of given attendee
*
* @param string $userAccountId
*/
public static function getDefaultDisplayContainerId($userAccountId)
{
$userAccountId = Tinebase_Model_User::convertUserIdToInt($userAccountId);
$displayCalId = Tinebase_Core::getPreference('Calendar')->getValueForUser(Calendar_Preference::DEFAULTCALENDAR, $userAccountId);
try {
// assert that displaycal is of type personal
$container = Tinebase_Container::getInstance()->getContainerById($displayCalId);
if ($container->type != Tinebase_Model_Container::TYPE_PERSONAL) {
$displayCalId = NULL;
}
} catch (Exception $e) {
$displayCalId = NULL;
}
if (!isset($displayCalId)) {
$containers = Tinebase_Container::getInstance()->getPersonalContainer($userAccountId, 'Calendar_Model_Event', $userAccountId, 0, true);
if ($containers->count() > 0) {
$displayCalId = $containers->getFirstRecord()->getId();
}
}
return $displayCalId;
}
/**
* returns arrays of metainfo from given accountIds
*
* @param array $_accountIds
* @return array of strings
*/
protected function _getAccountsMetaData(array $_accountIds)
{
$filterArray = array();
foreach ($_accountIds as $accountId) {
$accountId = Tinebase_Model_User::convertUserIdToInt($accountId);
$filterArray[] = Zend_Ldap_Filter::equals($this->_userUUIDAttribute, Zend_Ldap::filterEscape($accountId));
}
$filter = new Zend_Ldap_Filter_Or($filterArray);
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $filter: ' . $filter . ' count: ' . count($filterArray));
}
// fetch all dns at once
$accounts = $this->_ldap->search($filter, $this->_options['userDn'], $this->_userSearchScope, array('uid', $this->_userUUIDAttribute, 'objectclass'));
if (count($_accountIds) != count($accounts)) {
$wantedAccountIds = array();
$retrievedAccountIds = array();
foreach ($_accountIds as $accountId) {
$wantedAccountIds[] = Tinebase_Model_User::convertUserIdToInt($accountId);
}
foreach ($accounts as $account) {
$retrievedAccountIds[] = $account[$this->_userUUIDAttribute][0];
}
throw new Tinebase_Exception_NotFound("Some dn's are missing. " . print_r(array_diff($wantedAccountIds, $retrievedAccountIds), true));
}
$result = array();
foreach ($accounts as $account) {
$result[] = array('dn' => $account['dn'], 'objectclass' => $account['objectclass'], 'uid' => $account['uid'][0], $this->_userUUIDAttribute => $account[$this->_userUUIDAttribute][0]);
}
return $result;
}
/**
* updates an user
*
* this function updates an user
*
* @param Tinebase_Model_FullUser $_user
* @return Tinebase_Model_FullUser
* @throws
*/
public function updateUserInSqlBackend(Tinebase_Model_FullUser $_user)
{
if (!$_user->isValid()) {
throw new Tinebase_Exception_Record_Validation('Invalid user object. ' . print_r($_user->getValidationErrors(), TRUE));
}
$accountId = Tinebase_Model_User::convertUserIdToInt($_user);
$oldUser = $this->getFullUserById($accountId);
$accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts'));
if (empty($_user->contact_id)) {
$_user->visibility = 'hidden';
$_user->contact_id = null;
}
$accountData = array('login_name' => $_user->accountLoginName, 'expires_at' => $_user->accountExpires instanceof DateTime ? $_user->accountExpires->get(Tinebase_Record_Abstract::ISO8601LONG) : NULL, 'primary_group_id' => $_user->accountPrimaryGroup, 'home_dir' => $_user->accountHomeDirectory, 'login_shell' => $_user->accountLoginShell, 'openid' => $_user->openid, 'visibility' => $_user->visibility, 'contact_id' => $_user->contact_id, $this->rowNameMapping['accountDisplayName'] => $_user->accountDisplayName, $this->rowNameMapping['accountFullName'] => $_user->accountFullName, $this->rowNameMapping['accountFirstName'] => $_user->accountFirstName, $this->rowNameMapping['accountLastName'] => $_user->accountLastName, $this->rowNameMapping['accountEmailAddress'] => $_user->accountEmailAddress);
// ignore all other states (expired and blocked)
if ($_user->accountStatus == Tinebase_User::STATUS_ENABLED) {
$accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus;
if ($oldUser->accountStatus === Tinebase_User::STATUS_BLOCKED) {
$accountData[$this->rowNameMapping['loginFailures']] = 0;
} elseif ($oldUser->accountStatus === Tinebase_User::STATUS_EXPIRED) {
$accountData[$this->rowNameMapping['accountExpires']] = null;
}
} elseif ($_user->accountStatus == Tinebase_User::STATUS_DISABLED) {
$accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus;
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($accountData, true));
}
try {
$accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts'));
$where = array($this->_db->quoteInto($this->_db->quoteIdentifier('id') . ' = ?', $accountId));
$accountsTable->update($accountData, $where);
} catch (Exception $e) {
Tinebase_TransactionManager::getInstance()->rollBack();
throw $e;
}
return $this->getUserById($accountId, 'Tinebase_Model_FullUser');
}
/**
* get list of role members
*
* @param int $_accountId
* @return array of array with account ids & types
* @throws Tinebase_Exception_NotFound
*/
public function getRoleMemberships($_accountId)
{
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($accountId);
if (empty($groupMemberships)) {
throw new Tinebase_Exception_NotFound('Any account must belong to at least one group. The account with accountId ' . $accountId . ' does not belong to any group.');
}
$memberships = array();
$select = $this->_roleMembersTable->select();
$select->where($this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . ' = ?', $_accountId) . ' AND ' . $this->_db->quoteInto($this->_db->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_USER))->orwhere($this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . ' IN (?)', $groupMemberships) . ' AND ' . $this->_db->quoteInto($this->_db->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP));
$rows = $this->_roleMembersTable->fetchAll($select)->toArray();
foreach ($rows as $membership) {
$memberships[] = $membership['role_id'];
}
return $memberships;
}
/**
* get metatada of existing user
*
* @param string $_userId
* @return array
*/
protected function _getMetaData($_userId)
{
$userId = $this->_encodeAccountId(Tinebase_Model_User::convertUserIdToInt($_userId));
$filter = Zend_Ldap_Filter::equals($this->_rowNameMapping['accountId'], $userId);
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' fetch meta data - filter: ' . $filter);
}
$result = $this->_ldap->search($filter, $this->_baseDn, $this->_userSearchScope);
if (count($result) !== 1) {
throw new Tinebase_Exception_NotFound("user with userid {$_userId} not found");
}
return $result->getFirst();
}
/**
* get grants assigned to one account of one container
*
* @param string|Tinebase_Model_User $_accountId
* @param int|Tinebase_Model_Container $_containerId
* @param string $_grantModel
* @return Tinebase_Model_Grants
*/
public function getGrantsOfAccount($_accountId, $_containerId, $_grantModel = 'Tinebase_Model_Grants')
{
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$containerId = Tinebase_Model_Container::convertContainerIdToInt($_containerId);
$container = $_containerId instanceof Tinebase_Model_Container ? $_containerId : $this->getContainerById($_containerId);
$classCacheId = $accountId . $containerId . $container->seq . $_grantModel;
try {
return $this->loadFromClassCache(__FUNCTION__, $classCacheId, Tinebase_Cache_PerRequest::VISIBILITY_SHARED);
} catch (Tinebase_Exception_NotFound $tenf) {
}
$select = $this->_getAclSelectByContainerId($containerId)->group('container_acl.account_grant');
$this->addGrantsSql($select, $accountId, '*');
Tinebase_Backend_Sql_Abstract::traitGroup($select);
$stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select);
$rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC);
$grants = $this->_getGrantsFromArray($rows, $accountId, $_grantModel);
$this->saveInClassCache(__FUNCTION__, $classCacheId, $grants, Tinebase_Cache_PerRequest::VISIBILITY_SHARED, self::ACL_CACHE_TIMEOUT);
return $grants;
}
/**
* remove one groupmember from the group
*
* @param mixed $_groupId
* @param mixed $_accountId
*/
public function removeGroupMemberFromSqlBackend($_groupId, $_accountId)
{
$groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId);
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$where = array($this->_db->quoteInto($this->_db->quoteIdentifier('group_id') . '= ?', $groupId), $this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . '= ?', $accountId));
$this->groupMembersTable->delete($where);
$this->_clearCache(array('getGroupMembers' => $groupId, 'getGroupMemberships' => $accountId));
}
/**
* remove one groupmember from the group
*
* @param mixed $_groupId
* @param mixed $_accountId
*/
public function removeGroupMemberFromSqlBackend($_groupId, $_accountId)
{
$groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId);
$accountId = Tinebase_Model_User::convertUserIdToInt($_accountId);
$where = array($this->_db->quoteInto($this->_db->quoteIdentifier('group_id') . '= ?', $groupId), $this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . '= ?', $accountId));
$this->groupMembersTable->delete($where);
// invalidate cache
$cacheId = convertCacheId('groupMembers' . $groupId);
Tinebase_Core::getCache()->remove($cacheId);
$cacheId = convertCacheId('groupMemberships' . $accountId);
Tinebase_Core::getCache()->remove($cacheId);
}
/**
* checks if container is a personal container of given account
*
* @param mixed $account
*/
public function isPersonalOf($account)
{
return $this->type == Tinebase_Model_Container::TYPE_PERSONAL && $this->getOwner() == Tinebase_Model_User::convertUserIdToInt($account);
}
/**
* returns account_grants of given timeaccount
* - this function caches its result (with cache tag 'container')
*
* @param Tinebase_Model_User|int $_accountId
* @param Timetracker_Model_Timeaccount|string $_timeaccountId
* @param bool $_ignoreAcl
* @return array
*/
public static function getGrantsOfAccount($_accountId, $_timeaccountId, $_ignoreAcl = FALSE)
{
$cache = Tinebase_Core::getCache();
$cacheId = convertCacheId('getGrantsOfAccount' . Tinebase_Model_User::convertUserIdToInt($_accountId) . ($_timeaccountId instanceof Timetracker_Model_Timeaccount ? $_timeaccountId->getId() : $_timeaccountId) . $_ignoreAcl);
$result = $cache->load($cacheId);
if ($result === FALSE) {
$timeaccount = $_timeaccountId instanceof Timetracker_Model_Timeaccount ? $_timeaccountId : Timetracker_Controller_Timeaccount::getInstance()->get($_timeaccountId);
$containerGrantsArray = Tinebase_Container::getInstance()->getGrantsOfAccount($_accountId, $timeaccount->container_id, 'Timetracker_Model_TimeaccountGrants')->toArray();
$account_grants = new Timetracker_Model_TimeaccountGrants($containerGrantsArray);
$result = $account_grants->toArray();
$cache->save($result, $cacheId, array('container'));
}
return $result;
}
/**
* returns arrays of metainfo from given accountIds
*
* @param array $_accountIds
* @param boolean $throwExceptionOnMissingAccounts
* @return array of strings
*/
protected function _getAccountsMetaData(array $_accountIds, $throwExceptionOnMissingAccounts = TRUE)
{
$filterArray = array();
foreach ($_accountIds as $accountId) {
$accountId = Tinebase_Model_User::convertUserIdToInt($accountId);
$filterArray[] = Zend_Ldap_Filter::equals($this->_userUUIDAttribute, $this->_encodeAccountId($accountId));
}
$filter = new Zend_Ldap_Filter_Or($filterArray);
if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) {
Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $filter: ' . $filter . ' count: ' . count($filterArray));
}
// fetch all dns at once
$accounts = $this->getLdap()->search($filter, $this->_options['userDn'], $this->_userSearchScope, array($this->_userUUIDAttribute, 'objectclass', 'primarygroupid'));
if (count($_accountIds) != count($accounts)) {
$wantedAccountIds = array();
$retrievedAccountIds = array();
foreach ($_accountIds as $accountId) {
$wantedAccountIds[] = Tinebase_Model_User::convertUserIdToInt($accountId);
}
foreach ($accounts as $account) {
$retrievedAccountIds[] = $account[$this->_userUUIDAttribute][0];
}
$message = "Some dn's are missing. " . print_r(array_diff($wantedAccountIds, $retrievedAccountIds), true);
if ($throwExceptionOnMissingAccounts) {
throw new Tinebase_Exception_NotFound($message);
} else {
if (Tinebase_Core::isLogLevel(Zend_Log::WARN)) {
Tinebase_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' ' . $message);
}
}
}
$result = array();
foreach ($accounts as $account) {
$result[] = array('dn' => $account['dn'], 'objectclass' => $account['objectclass'], $this->_userUUIDAttribute => $this->_decodeGroupId($account[$this->_userUUIDAttribute][0]), 'primarygroupid' => $account['primarygroupid'][0]);
}
return $result;
}
/**
* set all groups an user is member of
*
* @param mixed $_userId the account as integer or Tinebase_Model_User
* @param mixed $_groupIds
* @return array
*/
public function setGroupMemberships($_userId, $_groupIds)
{
$this->checkRight('MANAGE_ACCOUNTS');
if ($_groupIds instanceof Tinebase_Record_RecordSet) {
$_groupIds = $_groupIds->getArrayOfIds();
}
if (count($_groupIds) === 0) {
throw new Tinebase_Exception_InvalidArgument('user must belong to at least one group');
}
$userId = Tinebase_Model_User::convertUserIdToInt($_userId);
$groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($userId);
$removeGroupMemberships = array_diff($groupMemberships, $_groupIds);
$addGroupMemberships = array_diff($_groupIds, $groupMemberships);
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' current groupmemberships: ' . print_r($groupMemberships, true));
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' new groupmemberships: ' . print_r($_groupIds, true));
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' added groupmemberships: ' . print_r($addGroupMemberships, true));
}
if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) {
Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' removed groupmemberships: ' . print_r($removeGroupMemberships, true));
}
foreach ($addGroupMemberships as $groupId) {
$this->addGroupMember($groupId, $userId);
}
foreach ($removeGroupMemberships as $groupId) {
$this->removeGroupMember($groupId, $userId);
}
return Tinebase_Group::getInstance()->getGroupMemberships($userId);
}
/**
* get list of role memberships
*
* @param int $accountId
* @param string $type
* @return array of array with role ids
* @throws Tinebase_Exception_NotFound
*/
public function getRoleMemberships($accountId, $type = Tinebase_Acl_Rights::ACCOUNT_TYPE_USER)
{
if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) {
$accountId = Tinebase_Model_User::convertUserIdToInt($accountId);
$groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($accountId);
if (empty($groupMemberships)) {
throw new Tinebase_Exception_NotFound('Any account must belong to at least one group. The account with accountId ' . $accountId . ' does not belong to any group.');
}
$classCacheId = Tinebase_Helper::convertCacheId($accountId . implode('', $groupMemberships) . $type);
} else {
if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP) {
$accountId = Tinebase_Model_Group::convertGroupIdToInt($accountId);
$classCacheId = Tinebase_Helper::convertCacheId($accountId . $type);
} else {
throw new Tinebase_Exception_InvalidArgument('Invalid type: ' . $type);
}
}
if (isset($this->_classCache[__FUNCTION__][$classCacheId])) {
return $this->_classCache[__FUNCTION__][$classCacheId];
}
$select = $this->_getDb()->select()->distinct()->from(array('role_accounts' => SQL_TABLE_PREFIX . 'role_accounts'), array('role_id'))->where($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' = ?', $accountId) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', $type));
if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) {
$select->orwhere($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' IN (?)', $groupMemberships) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP));
}
$stmt = $this->_getDb()->query($select);
$memberships = $stmt->fetchAll(Zend_Db::FETCH_COLUMN);
$this->_classCache[__FUNCTION__][$classCacheId] = $memberships;
return $memberships;
}
/**
* try to convert id of account object and check if correct exceptions are thrown
*
*/
public function testConvertAccountIdToIntWithAccount()
{
$noIdAccount = new Tinebase_Model_FullUser(array('accountLoginName' => 'tine20phpunit-noid', 'accountStatus' => Tinebase_User::STATUS_DISABLED, 'accountExpires' => null, 'accountPrimaryGroup' => Tinebase_Core::getUser()->accountPrimaryGroup, 'accountLastName' => 'Tine 2.0 noid', 'accountFirstName' => 'PHPUnit noid', 'accountEmailAddress' => '*****@*****.**'));
$this->setExpectedException('Tinebase_Exception_NotFound');
Tinebase_Model_User::convertUserIdToInt($noIdAccount);
}
