public static function getInstance()
{
if (empty(self::$instance)) {
self::$instance = new Database_Users();
}
return self::$instance;
}
public static function assignees()
{
$session_logic = Session_Logic::getInstance();
$database_users = Database_Users::getInstance();
$database_bibles = Database_Bibles::getInstance();
$myuser = $session_logic->currentUser();
$mylevel = $session_logic->currentLevel();
// Bibles the user has write access to.
$mybibles = array();
$bibles = $database_bibles->getBibles();
foreach ($bibles as $bible) {
if (Access_Bible::write($bible, $myuser)) {
$mybibles[] = $bible;
}
}
// This holds the assignees.
$assignees = array();
// Process all users.
$users = $database_users->getUsers();
sort($users);
foreach ($users as $user) {
// Assignees should have a level less than or equal to $mylevel.
$level = $database_users->getUserLevel($user);
if ($level <= $mylevel) {
// Assignees should have access to $mybibles or no access to any Bible.
// The admin has all users assigned.
$userBibles = $database_users->getBibles4User($user);
$biblesInCommon = array_intersect($userBibles, $mybibles);
if (!empty($biblesInCommon) || empty($userBibles) || $mylevel >= Filter_Roles::ADMIN_LEVEL) {
$assignees[] = $user;
}
}
}
return $assignees;
}
public static function write($bible, $user = "")
{
// Client: User has access to all Bibles.
if (Filter_Client::enabled()) {
return true;
}
if ($user == "") {
$session_logic = Session_Logic::getInstance();
$user = $session_logic->currentUser();
}
$database_users = Database_Users::getInstance();
if (!$database_users->hasAccess2Bible($user, $bible)) {
return false;
}
$readonly = $database_users->hasReadOnlyAccess2Bible($user, $bible);
return !$readonly;
}
/**
* Sends email $id
*/
function sendMail($id)
{
// The databases involved.
$database_mail = Database_Mail::getInstance();
$database_log = Database_Logs::getInstance();
$database_users = Database_Users::getInstance();
// Get all details of the mail.
$details = $database_mail->get($id);
$username = $details['username'];
$email = $database_users->getUserToEmail($username);
$subject = $details['subject'];
$body = $details['body'];
// Bail out when username was empty.
if ($username == "") {
return;
}
// If this username was not found, it could be that the email was addressed to a non-user,
// and that the To: address was actually contained in the $username.
if ($email == "") {
$email = $username;
$username = "";
}
// If the email address validates, ok, else remove this mail from the queue and log the action.
$validator = new Zend_Validate_EmailAddress();
if (!$validator->isValid($email)) {
$database_mail->delete($id);
$message = "Email to {$email} was deleted because of an invalid email address";
$database_log->log($message);
return;
}
// Send the email.
try {
$mail = new Mail_Send($email, $username, $subject, $body);
unset($mail);
$database_mail->delete($id);
$message = "Email to {$email} with subject {$subject} was sent successfully";
$database_log->log($message, Filter_Roles::MANAGER_LEVEL);
} catch (Exception $e) {
$database_mail->postpone($id);
$message = $e->getMessage();
$message = "Email to {$email} could not be sent - reason: {$message}";
$database_log->log($message);
}
}
public static function setup($user = "", $hash = "")
{
$database_config_general = Database_Config_General::getInstance();
$database_users = Database_Users::getInstance();
if ($user == "") {
$users = $database_users->getUsers();
if (empty($users)) {
return false;
}
$user = $users[0];
$hash = $database_users->getmd5($user);
}
$encoded_user = bin2hex($user);
$address = $database_config_general->getServerAddress();
$url = "{$address}/sync/setup.php?user={$encoded_user}&pass={$hash}";
@($response = file_get_contents($url));
if ($response >= Filter_Roles::GUEST_LEVEL && $response <= Filter_Roles::ADMIN_LEVEL) {
// Set user's role on the client to be the same as on the server.
$database_users->updateUserLevel($user, $response);
}
return $response;
}
/**
* handleEmail - handles a confirmation email received from $from with subject $subject and body $body.
* Returns true if the mail was handled, else false.
*/
public function handleEmail($from, $subject, $body)
{
// Find out in the confirmation database whether the $subject line contains an active ID.
// If not, bail out.
$database_confirm = Database_Confirm::getInstance();
$id = $database_confirm->searchID($subject);
if ($id == 0) {
return false;
}
// An active ID was found: Execute the associated database query.
$query = $database_confirm->getQuery($id);
$database_users = Database_Users::getInstance();
Database_SQLite::exec($database_users->db, $query);
// Send confirmation mail.
$mailto = $database_confirm->getMailTo($id);
$subject = $database_confirm->getSubject($id);
$body = $database_confirm->getBody($id);
$database_mail = Database_Mail::getInstance();
$database_mail->send($mailto, $subject, $body);
// Delete the confirmation record.
$database_confirm->delete($id);
// Job done.
return true;
}
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
*/
require_once "../bootstrap/bootstrap.php";
$database_users = Database_Users::getInstance();
$database_logs = Database_Logs::getInstance();
$database_bibles = Database_Bibles::getInstance();
$database_books = Database_Books::getInstance();
$session_logic = Session_Logic::getInstance();
$database_mail = Database_Mail::getInstance();
@($username = Filter_Hex::hex2bin($_POST['u']));
@($password = $_POST['p']);
@($bible = $_POST['b']);
@($book = $_POST['bk']);
@($chapter = $_POST['c']);
$action = $_POST['a'];
if ($action == "total") {
// The server reads the credentials from the client's user,
// checks which Bibles this user has access to,
// calculate the checksum of all chapters in those Bibles,
/**
* handleEmailNew - handles an email received from $from with subject $subject and body $body.
* Returns true if the mail was processed, else false.
* The email is considered to have been processed if it created a new Consultation Note.
*/
public function handleEmailNew($from, $subject, $body)
{
// Store the original subject.
$originalSubject = $subject;
// Check that the subject indicates that a new consultation note is to be created.
$pos = strpos(strtolower($subject), "new note");
if ($pos === false) {
return false;
}
// There is a new note. Remove that bit from the $subject.
$subject = substr($subject, 0, $pos) . substr($subject, $pos + 8);
// Clean the subject line.
$subject = trim($subject);
$subject = str_replace(".", " ", $subject);
$subject = str_replace(":", " ", $subject);
$subject = str_replace(" ", " ", $subject);
$subject = str_replace(" ", " ", $subject);
$subject = str_replace(" ", " ", $subject);
$subject = str_replace(" ", " ", $subject);
// Check that the $from address of the email belongs to an existing user.
$from = Filter_Email::extractEmail($from);
$database_users = Database_Users::getInstance();
if (!$database_users->emailExists($from)) {
return false;
}
$username = $database_users->getEmailToUser($from);
// Extract book, chapter, verse, and note summary from the $subject
$book = NULL;
$chapter = NULL;
$verse = NULL;
$summary = NULL;
$subject = explode(" ", $subject);
if (count($subject) > 0) {
$book = Filter_Books::interpretBook($subject[0]);
}
if (count($subject) > 1) {
$chapter = Filter_Numeric::integer_in_string($subject[1]);
}
if (count($subject) > 2) {
$verse = Filter_Numeric::integer_in_string($subject[2]);
}
unset($subject[0]);
unset($subject[1]);
unset($subject[2]);
$summary = implode(" ", $subject);
unset($subject);
// Check book, chapter, verse, and summary. Give feedback if there's anything wrong.
$noteCheck = "";
if (!(is_numeric($book) && $book > 0)) {
$noteCheck .= Locale_Translate::_("Unknown book");
}
if (!is_numeric($chapter)) {
$noteCheck .= " " . Locale_Translate::_("Unknown chapter");
}
if (!is_numeric($verse)) {
$noteCheck .= " " . Locale_Translate::_("Unknown verse");
}
if ($summary == NULL || $summary == "") {
$noteCheck .= " " . Locale_Translate::_("Unknown summary");
}
// Mail user if the note could not be posted.
$database_mail = Database_Mail::getInstance();
if ($noteCheck != "") {
$subject = Locale_Translate::_("Your new note could not be posted");
$database_mail->send($username, $subject . ": " . $originalSubject, $noteCheck);
return false;
}
// Clean the email's body.
$body = Filter_Email::extractBody($body);
// Post the note.
$session_logic = Session_Logic::getInstance();
$sessionuser = $session_logic->currentUser();
$session_logic->setUsername($username);
$database_notes = Database_Notes::getInstance();
$identifier = $database_notes->storeNewNote("", $book, $chapter, $verse, $summary, $body, false);
$this->handlerNewNote($identifier);
$session_logic->setUsername($sessionuser);
// Mail confirmation to the $username.
$database_config_user = Database_Config_User::getInstance();
if ($database_config_user->getUserNotifyMeOfMyPosts($username)) {
$subject = Locale_Translate::_("Your new note was posted");
$database_mail->send($username, $subject . ": " . $originalSubject, $body);
}
// Log operation.
$database_logs = Database_Logs::getInstance();
$database_logs->log("New note posted" . ":" . " " . $body);
// Job done.
return true;
}
function clientAccess()
{
// If client mode is prepared,
// log in as the first username in the users database,
// of as the admin in case no user have been set up yet.
if (Filter_Client::prepared()) {
$database_users = Database_Users::getInstance();
$users = $database_users->getUsers();
if (empty($users)) {
$user = "******";
$level = Filter_Roles::ADMIN_LEVEL;
} else {
$user = $users[0];
$level = $database_users->getUserLevel($user);
}
$this->setUsername($user);
$this->level = $level;
$this->logged_in = true;
return true;
}
return false;
}
function enable_client($username, $password, $level)
{
// Enable client mode upon a successful connection.
Filter_Client::set(true);
// Remove all users from the database, and add the current one.
remove_all_users();
$database_users = Database_Users::getInstance();
$database_users->addNewUser($username, $password, $level, "");
// Clear all pending note actions and Bible actions and settings updates.
$database_noteactions = Database_NoteActions::getInstance();
$database_bibleactions = Database_BibleActions::getInstance();
$database_config_user = Database_Config_User::getInstance();
$session_logic = Session_Logic::getInstance();
$database_noteactions->clear();
$database_noteactions->create();
$database_bibleactions->clear();
$database_bibleactions->create();
$session_logic->setUsername($username);
$database_config_user->setUpdatedSettings(array());
// Set it repeats sync every so often.
$database_config_general = Database_Config_General::getInstance();
$database_config_general->setRepeatSendReceive(2);
// Schedule a sync operation straight-away.
SendReceive_Logic::queuesync(true);
}
public function tearDown()
{
$database_users = Database_Users::getInstance();
$database_users->removeUser("phpunit");
}
public function testReadOnlyAccess()
{
$database_users = Database_Users::getInstance();
// Without any entry, read-only access should be false.
$readonly = $database_users->hasReadOnlyAccess2Bible("phpunit", "bible");
$this->assertFalse($readonly);
// After granting access to a Bible, read-only should be false.
$database_users->grantAccess2Bible("phpunit", "bible");
$readonly = $database_users->hasReadOnlyAccess2Bible("phpunit", "bible");
$this->assertFalse($readonly);
// Set read-only access to true, and check.
$database_users->setReadOnlyAccess2Bible("phpunit", "bible", true);
$readonly = $database_users->hasReadOnlyAccess2Bible("phpunit", "bible");
$this->assertTrue($readonly);
// Check on another user.
$readonly = $database_users->hasReadOnlyAccess2Bible("phpunit2", "bible");
$this->assertFalse($readonly);
// Set read-only access to false, and check.
$database_users->setReadOnlyAccess2Bible("phpunit", "bible", false);
$readonly = $database_users->hasReadOnlyAccess2Bible("phpunit", "bible");
$this->assertFalse($readonly);
}
public function trim()
{
// Reset the sprint month and year after some time.
// When a user visits the Sprint page after a few days, it will then display the current Sprint.
// If the Sprint is not reset, the user may enter new tasks in the wrong sprint.
$time = strtotime("-2 days");
$database_users = Database_Users::getInstance();
$users = $database_users->getUsers();
foreach ($users as $user) {
$file = $this->file($user, $this->keySprintMonth());
if (file_exists($file)) {
if (filemtime($file) < $time) {
unlink($file);
}
}
}
}
