/** * Loads in the user object * * @param int|string User id or Login Column value * @return void * @throws SentryUserNotFoundException */ public function __construct($id = null, $check_exists = false) { // load and set config $this->table = strtolower(Config::get('sentry::sentry.table.users')); $this->table_usergroups = strtolower(Config::get('sentry::sentry.table.users_groups')); $this->table_metadata = strtolower(Config::get('sentry::sentry.table.users_metadata')); $this->login_column = strtolower(Config::get('sentry::sentry.login_column')); $this->login_column_str = ucfirst($this->login_column); $db_instance = trim(Config::get('sentry::sentry.db_instance')); try { // init a hashing mechanism $strategy = Config::get('sentry::sentry.hash.strategy'); $options = Config::get('sentry::sentry.hash.strategies.' . $strategy); $this->hash = Sentry_Hash_Driver::forge($strategy, $options); } catch (SentryGroupNotFoundException $e) { throw new SentryUserException($e->getMessage()); } // db_instance check if (!empty($db_instance)) { $this->db_instance = $db_instance; } // if an ID was passed if ($id) { // make sure ID is valid if (is_int($id)) { if ($id <= 0) { throw new SentryUserException(__('sentry::sentry.invalid_user_id')); } // set field to id for query $field = 'id'; } else { // set field to login_column $field = $this->login_column; } //query database for user $user = DB::connection($this->db_instance)->table($this->table)->where($field, '=', $id)->first(); // if there was a result - update user if ($user !== null) { // if just a user exists check - return true, no need for additional queries if ($check_exists) { return true; } $temp = get_object_vars($user); // query for metadata $metadata = DB::connection($this->db_instance)->table($this->table_metadata)->where('user_id', '=', $temp['id'])->first(); $temp['metadata'] = count($metadata) ? get_object_vars($metadata) : array(); // lets set and remove password fields $temp = $this->extract_passwords($temp); $this->user = $temp['user']; $this->passwords = $temp['passwords']; } else { throw new SentryUserNotFoundException(__('sentry::sentry.user_not_found')); } /** * fetch the user's groups and assign as array usable via $this->groups */ $groups_table = Config::get('sentry::sentry.table.groups'); $groups = DB::connection($this->db_instance)->table($groups_table)->where($this->table_usergroups . '.user_id', '=', $this->user['id'])->join($this->table_usergroups, $this->table_usergroups . '.group_id', '=', $groups_table . '.id')->get($groups_table . '.*'); foreach ($groups as &$group) { $group = get_object_vars($group); } $this->groups = $groups; /** * set rules and permissions if enabled */ if (Config::get('sentry::sentry.permissions.enabled')) { $this->rules = Sentry_Rules::fetch_rules(); $this->permissions = $this->fetch_permissions(); } } }
protected function process_permissions($rules = array()) { if (empty($rules) or !is_array($rules)) { throw new SentryGroupPermissionsException(__('sentry::sentry.no_rules_added')); } // loop through the rules and make sure all values are a 1 or 0 foreach ($rules as $rule => $value) { if (!empty($value) and $value !== 1) { throw new SentryGroupPermissionsException('A permission value must be empty or an integer of 1. Value passed: ' . $value . ' (' . gettype($value) . ')'); } } // grab the current group permissions and decode $current_permissions = json_decode($this->get('permissions'), true); $current_permissions = is_array($current_permissions) ? $current_permissions : array(); // get sentry rules $all_rules = Sentry_Rules::fetch_rules(); // Let's go through each of the $rules foreach ($rules as $key => $val) { // Check to make sure the rule is in the config if (in_array($key, $all_rules) or $key === Config::get('sentry::sentry.permissions.superuser')) { if ($val === 1) { $current_permissions[$key] = $val; } else { unset($current_permissions[$key]); } } else { throw new SentryGroupPermissionsException(__('sentry::sentry.rule_not_found', array('rule' => $key))); } } return $current_permissions; }