/**
  * @inheritdoc
  */
 public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
 {
     $userFactory = new UserFactory($db, $cache);
     $user = $userFactory->load($_REQUEST['user']);
     $response = new OperationResponse();
     if (!$user) {
         $response->setStatus(400);
         $response->setBody(array('error' => 'Argument "user" is referring to a user that does not exist'));
     } elseif ($this->user->isEqual($user)) {
         $response->setStatus(400);
         $response->setBody(array('error' => 'A user can not change admin privileges for its own user account'));
     } else {
         $userFactory->setAdminPrivileges($user, $_REQUEST['admin'] == '1');
         $response->setStatus(204);
     }
     return $response;
 }
 /**
  * @param $data
  * @return \Rocker\Object\User\UserInterface|null
  */
 public function basicAuth($data, $server)
 {
     $parts = explode(':', base64_decode($data));
     if (count($parts) == 2 && !is_numeric($parts[0])) {
         // don't allow to login using user id
         $user = $this->userFactory->load($parts[0]);
         if ($user !== null && $user->hasPassword($parts[1])) {
             return $user;
         }
     }
     return null;
 }
 /**
  * @inheritdoc
  */
 public function exec(Server $server, ConnectionInterface $db, CacheInterface $cache)
 {
     // add possible config
     $this->setConfig($server->config('application.user_object'));
     // Create user factory
     if (empty($this->conf['factory'])) {
         $this->userFactory = new UserFactory($db, $cache);
     } else {
         $this->userFactory = new $this->conf['factory']($db, $cache);
     }
     $method = $this->request->getMethod();
     $requestedUser = $this->requestedObject() ? $this->userFactory->load($this->requestedObject()) : false;
     if (($method == 'POST' || $method == 'DELETE') && $requestedUser && !$this->user->isAdmin() && !$this->user->isEqual($requestedUser)) {
         return new OperationResponse(401, array('error' => 'Only admins can edit/remove other users'));
     }
     if ($method == 'DELETE' && $requestedUser && $requestedUser->isAdmin()) {
         return new OperationResponse(403, array('error' => 'A user with admin privileges can not be removed. You have to remove admin privileges first (/api/admin)'));
     }
     // Trigger event
     $server->triggerEvent(strtolower($method) . '.user', $db, $cache);
     return parent::exec($server, $db, $cache);
 }
 public function testMoreAdvancedSearch()
 {
     $this->truncateDB();
     $john = self::$f->createUser('*****@*****.**', 'John', '');
     $john->meta()->setByArray(array('gender' => 'Male', 'school' => 'Kenna', 'grade' => 19));
     self::$f->update($john);
     $jenny = self::$f->createUser('*****@*****.**', 'jenny', '');
     $jenny->meta()->setByArray(array('gender' => 'Female', 'school' => 'Jenna', 'grade' => 18));
     self::$f->update($jenny);
     $axel = self::$f->createUser('*****@*****.**', 'jenny', '');
     $axel->meta()->setByArray(array('gender' => 'Male', 'school' => 'Kenna', 'grade' => 18));
     self::$f->update($axel);
     $sven = self::$f->createUser('*****@*****.**', 'jenny', '');
     $sven->meta()->setByArray(array('gender' => 'Male', 'school' => 'Benna', 'grade' => 12));
     self::$f->update($sven);
     $this->assertEquals(4, self::$f->metaSearch(array())->getNumMatching());
     $this->assertEquals(1, self::$f->metaSearch(array('grade<' => 18))->getNumMatching());
     $query = array('school' => '*enn*', array('AND' => array('gender' => array('Male', 'Female'))), array('AND' => array('grade>' => 17)));
     $this->assertEquals(3, self::$f->metaSearch($query)->getNumMatching());
     $query = array('school' => '*enn*', array('AND' => array('gender' => 'Female')), array('AND' => array('grade>' => 17)));
     $this->assertEquals(1, self::$f->metaSearch($query)->getNumMatching());
 }
 /**
  * @param Server $server
  * @param ConnectionInterface $db
  * @param \Rocker\Cache\CacheInterface $cache
  * @return array
  */
 public static function deleteUserEvent($server, $db, $cache)
 {
     $userFactory = new UserFactory($db, $cache);
     $user = $userFactory->load(basename($server->request()->getPath()));
     if ($user !== null && ($files = $user->meta()->get('files', array()))) {
         $storage = self::loadStorageClass($server);
         self::deleteAllFiles($user, $userFactory, $files, $storage);
     }
 }