/** * Create a new user on an account * * @static * @since 1.0.1 * * @param string $account ObjectID of the account to create user against * @param string $email Valid email address * @param string $secret Plaintext secret/password * @param string $display_name Display name for the user * @param array $custom_fields Array of custom fields to save for this user * @return \argent_error */ public static function user_create($account = NULL, $email = NULL, $secret = NULL, $display_name = NULL, $custom_fields = NULL) { if (is_array($account)) { $db =& $account['db']; $account = $account['object_id']; $end_transaction = false; } else { /* Create a new database connection */ $db = new argent_database(); $end_transaction = true; $db->start_transaction(); } /* Create a new error object to store errors in */ $error = new argent_error(); /** * Validate Inputs */ // Email is valid if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $error->add('1001', 'Invalid email address', $email, 'argent_uauth'); } // Password matches complexity requirements if (!preg_match(UA_PASSWORD_COMPLEXITY, $secret)) { $error->add('1002', UA_PASSWORD_COMPLEXITY_ERROR, $secret, 'argent_uauth'); } // Display name is not empty if (empty($display_name)) { $error->add('1003', 'A display name must be specified', 'argent_uauth'); } // Email is not already registered to this account if (self::email_exists($email, NULL)) { $error->add('1004', 'Email address is already registered', $email, 'argent_uauth'); } // Account Exists if (!self::object_exists($account)) { $error->add('1005', 'Account does not exist', $account, 'argent_uauth'); } /** * Check that validation is successful */ if (!$error->has_errors()) { /* Successful Validation */ // Generate an object_id and meta_guid $meta_guid = argent_identifier::meta_guid(); $object_id = argent_identifier::object_id('USR'); // Encrypt secret $secret = self::encrypt_secret($secret); // Insert User Data $sql = "\r\n INSERT INTO\r\n `ua_users`\r\n VALUES(\r\n '{$db->escape_value($meta_guid)}',\r\n '{$db->escape_value($object_id)}',\r\n '{$db->escape_value($email)}',\r\n '{$db->escape_value($secret)}',\r\n '{$db->escape_value($display_name)}',\r\n '{$db->escape_value($account)}',\r\n NOW(),\r\n 'USR-TEST',\r\n '{$db->escape_value($_SERVER['REMOTE_ADDR'])}'\r\n )\r\n "; $db->query($sql); $permissions = array('create' => 1, 'read' => 1, 'update' => 1, 'delete' => 1); argent_uauth::set_permissions($permissions, $account, $object_id); if (is_array($custom_fields) && count($custom_fields > 0)) { foreach ($custom_fields as $key => $value) { $record = array(); $record['object_id'] = argent_identifier::object_id('CFL'); $record['field_name'] = $db->escape_value($key); $record['field_data'] = $db->escape_value($value); $record['ua_parent_object'] = $object_id; $record = argent_meta::add_meta($record); argent_meta::save_record($record, 'ua_custom_fields'); } } if ($end_transaction) { $db->end_transaction(); } } else { /* Failed Validation */ return $error; } }
public static function register_object($object_type = NULL, $ua_parent_object = NULL) { $error = new argent_error(); if (!argent_uauth::has_permission(AG_PERMISSION_CREATE, $ua_parent_object)) { $error->add('1024', 'Access denied', $object_id, 'argent_meta'); } if (!self::valid_object_type($object_type)) { $error->add('1036', 'Unregistered object type', $object_type, 'argent_meta'); } if ($error->has_errors()) { return $error; } $db = new argent_database(); $object_id = argent_identifier::object_id($object_type); $sql = "\r\n INSERT INTO\r\n `ua_object_register`\r\n (\r\n `object_id`,\r\n `ua_parent_object`\r\n )\r\n VALUES(\r\n '{$db->escape_value($object_id)}',\r\n '{$db->escape_value($ua_parent_object)}'\r\n )\r\n "; $res = $db->query($sql); if (!$res) { $error->add('1000', 'Database Error', $sql, 'argent_meta'); return $error; } $permissions = array('create' => 1, 'read' => 1, 'update' => 1, 'delete' => 1); $perms = argent_uauth::set_permissions($permissions, $object_id, argent_uauth::session_user()); if (argent_error::check($perms)) { return $perms; } return $object_id; }