/**
* Register a user with a username on a given provider
* @param User User object
* @param string username on the given provider
* @param provider_name string name of the provider
* @return mixed User_username instance if the registration succeeded, false if it did not
*/
static function register($user, $username, $provider_name)
{
$user_username = new User_username();
$user_username->user_id = $user->id;
$user_username->provider_name = $provider_name;
$user_username->username = $username;
$user_username->created = DB_DataObject_Cast::dateTime();
if ($user_username->insert()) {
return $user_username;
} else {
return false;
}
}
/**
* Register a user with a username on a given provider
* @param User User object
* @param string username on the given provider
* @param provider_name string name of the provider
* @return mixed User_username instance if the registration succeeded, false if it did not
*/
static function register($user, $username, $provider_name)
{
$user_username = new User_username();
$user_username->user_id = $user->id;
$user_username->provider_name = $provider_name;
$user_username->username = $username;
$user_username->created = common_sql_now();
if ($user_username->insert()) {
return $user_username;
} else {
return false;
}
}
function onStartChangePassword($user, $oldpassword, $newpassword)
{
if ($this->password_changeable) {
$user_username = new User_username();
$user_username->user_id = $user->id;
$user_username->provider_name = $this->provider_name;
if ($user_username->find() && $user_username->fetch()) {
$authenticated = $this->checkPassword($user_username->username, $oldpassword);
if ($authenticated) {
$result = $this->changePassword($user_username->username, $oldpassword, $newpassword);
if ($result) {
//stop handling of other handlers, because what was requested was done
return false;
} else {
// TRANS: Exception thrown when a password change fails.
throw new Exception(_('Password changing failed.'));
}
} else {
if ($this->authoritative) {
//since we're authoritative, no other plugin could do this
// TRANS: Exception thrown when a password change fails.
throw new Exception(_('Password changing failed.'));
} else {
//let another handler try
return null;
}
}
}
} else {
if ($this->authoritative) {
//since we're authoritative, no other plugin could do this
// TRANS: Exception thrown when a password change attempt fails because it is not allowed.
throw new Exception(_('Password changing is not allowed.'));
}
}
}
function onCheckSchema()
{
$schema = Schema::get();
$schema->ensureTable('user_username', User_username::schemaDef());
return true;
}
function hasRole($profile, $name)
{
$user_username = new User_username();
$user_username->user_id = $profile->id;
$user_username->provider_name = $this->provider_name;
if ($user_username->find() && $user_username->fetch()) {
$entry = $this->ldapCommon->get_user($user_username->username);
if ($entry) {
if (isset($this->roles_to_groups[$name])) {
if (is_array($this->roles_to_groups[$name])) {
foreach ($this->roles_to_groups[$name] as $group) {
if ($this->ldapCommon->is_dn_member_of_group($entry->dn(), $group)) {
return true;
}
}
} else {
if ($this->ldapCommon->is_dn_member_of_group($entry->dn(), $this->roles_to_groups[$name])) {
return true;
}
}
}
}
}
return false;
}
