/**
* Adds a new kuser and user_login_data records as needed
* @param kuser $user
* @param string $password
* @param bool $checkPasswordStructure
* @throws kUserException::USER_NOT_FOUND
* @throws kUserException::USER_ALREADY_EXISTS
* @throws kUserException::INVALID_EMAIL
* @throws kUserException::INVALID_PARTNER
* @throws kUserException::ADMIN_LOGIN_USERS_QUOTA_EXCEEDED
* @throws kUserException::LOGIN_ID_ALREADY_USED
* @throws kUserException::PASSWORD_STRUCTURE_INVALID
* @throws kPermissionException::ROLE_ID_MISSING
* @throws kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED
*/
public static function addUser(kuser $user, $password = null, $checkPasswordStructure = true, $sendEmail = null)
{
if (!$user->getPuserId()) {
throw new kUserException('', kUserException::USER_ID_MISSING);
}
// check if user with the same partner and puserId already exists
$existingUser = kuserPeer::getKuserByPartnerAndUid($user->getPartnerId(), $user->getPuserId());
if ($existingUser) {
throw new kUserException('', kUserException::USER_ALREADY_EXISTS);
}
// check if roles are valid - may throw exceptions
if (!$user->getRoleIds() && $user->getIsAdmin()) {
// assign default role according to user type admin / normal
$userRoleId = $user->getPartner()->getAdminSessionRoleId();
$user->setRoleIds($userRoleId);
}
UserRolePeer::testValidRolesForUser($user->getRoleIds(), $user->getPartnerId());
if ($user->getScreenName() === null) {
$user->setScreenName($user->getPuserId());
}
if ($user->getFullName() === null) {
$user->setFirstName($user->getPuserId());
}
if (is_null($user->getStatus())) {
$user->setStatus(KuserStatus::ACTIVE);
}
// if password is set, user should be able to login to the system - add a user_login_data record
if ($password || $user->getIsAdmin()) {
// throws an action on error
$user->enableLogin($user->getEmail(), $password, $checkPasswordStructure, $sendEmail);
}
$user->save();
return $user;
}
/**
* Update existing user, it is possible to update the user id too
*
* @action update
* @param string $userId
* @param KalturaUser $user
* @return KalturaUser
*
* @throws KalturaErrors::INVALID_USER_ID
* @throws KalturaErrors::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER
* @throws KalturaErrors::USER_ROLE_NOT_FOUND
* @throws KalturaErrors::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE
*/
public function updateAction($userId, KalturaUser $user)
{
$dbUser = kuserPeer::getKuserByPartnerAndUid($this->getPartnerId(), $userId);
if (!$dbUser) {
throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $userId);
}
if ($dbUser->getIsAdmin() && !is_null($user->isAdmin) && !$user->isAdmin) {
throw new KalturaAPIException(KalturaErrors::CANNOT_SET_ROOT_ADMIN_AS_NO_ADMIN);
}
// update user
try {
if (!is_null($user->roleIds)) {
UserRolePeer::testValidRolesForUser($user->roleIds);
}
if ($user->id != $userId) {
$existingUser = kuserPeer::getKuserByPartnerAndUid($this->getPartnerId(), $user->id);
if ($existingUser) {
throw new KalturaAPIException(KalturaErrors::DUPLICATE_USER_BY_ID, $user->id);
}
}
$dbUser = $user->toUpdatableObject($dbUser);
$dbUser->save();
} catch (kPermissionException $e) {
$code = $e->getCode();
if ($code == kPermissionException::ROLE_ID_MISSING) {
throw new KalturaAPIException(KalturaErrors::ROLE_ID_MISSING);
}
if ($code == kPermissionException::ONLY_ONE_ROLE_PER_USER_ALLOWED) {
throw new KalturaAPIException(KalturaErrors::ONLY_ONE_ROLE_PER_USER_ALLOWED);
}
if ($code == kPermissionException::USER_ROLE_NOT_FOUND) {
throw new KalturaAPIException(KalturaErrors::USER_ROLE_NOT_FOUND);
}
if ($code == kPermissionException::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE) {
throw new KalturaAPIException(KalturaErrors::ACCOUNT_OWNER_NEEDS_PARTNER_ADMIN_ROLE);
}
throw $e;
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER) {
throw new KalturaAPIException(KalturaErrors::CANNOT_DELETE_OR_BLOCK_ROOT_ADMIN_USER);
}
throw $e;
}
$user = new KalturaUser();
$user->fromObject($dbUser);
return $user;
}
