/**
* Gets the auth ID of a user.
*
* @access public
* @param string Perm user ID.
* @return mixed Permission ID or MDB2 error.
*/
function getAuthUserId($permId)
{
return LiveUser::raiseError(LIVEUSER_NOT_SUPPORTED, null, null, 'Method not supported by this container');
}
/**
* Checks if a user with the given perm_user_id exists in the
* permission container and returns true on success.
*
* @access public
* @param integer The users id in the permission table.
* @return boolean true if the id was found, else false.
*/
function userExists($user_id)
{
return LiveUser::raiseError(LIVEUSER_ERROR_NOT_SUPPORTED, null, null, 'userExists(): Method not supported by this container');
}
/**
* Add a user
*
* @access public
* @param string $authId Auth user ID of the user that should be added.
* @param string $authname Auth container name.
* @param int $type User type (constants defined in Perm/Common.php) (optional).
* @param mixed $permId If specificed no new ID will be automatically generated instead
* @return mixed string (perm_user_id) or DB Error object
*/
function addUser($authId, $authName = null, $type = LIVEUSER_USER_TYPE_ID, $permId = null)
{
if (!$this->init_ok) {
return false;
}
if (is_null($authName)) {
return LiveUser::raiseError(LIVEUSER_ERROR, null, null, 'Auth name has to be passed with the function');
}
if (is_null($permId)) {
$permId = $this->dbc->nextId($this->prefix . 'perm_users', true);
}
$query = '
INSERT INTO
' . $this->prefix . 'perm_users
(perm_user_id, auth_user_id, perm_type, auth_container_name)
VALUES
(
' . (int) $permId . ',
' . $this->dbc->quoteSmart($authId) . ',
' . (int) $type . ',
' . $this->dbc->quoteSmart($authName) . '
)';
$result = $this->dbc->query($query);
if (DB::isError($result)) {
return $result;
}
return $permId;
}
/**
* Assign subgroup to parent group.
*
* First checks that the child group does not have a parent group
* already assigned to it. If so it returns an error object
*
* @access public
* @param integer id of parent group
* @param integer id of child group
* @return mixed boolean, MDB2 Error object or LiveUser Error Object
*/
function assignSubgroup($group_id, $subgroup_id)
{
$query = 'SELECT subgroup_id FROM
' . $this->prefix . 'group_subgroups
WHERE subgroup_id=' . $this->dbc->quote($subgroup_id, 'integer');
if (!is_null($this->dbc->queryOne($query))) {
return LiveUser::raiseError(LIVEUSER_ERROR, null, null, 'Child group already has a parent group');
}
$query = 'INSERT INTO
' . $this->prefix . 'group_subgroups
(group_id, subgroup_id)
VALUES
(
' . $this->dbc->quote($group_id, 'integer') . ',
' . $this->dbc->quote($subgroup_id, 'integer') . '
)';
$result = $this->dbc->query($query);
return $result;
}
/**
* A "store" on the server contains the password and the
* cookie id in an encrypted form.
*
* This method reads the data contained in it.
*
* @access private
* @param string the filename of the store
* @return mixed an array of the data, false otherwise
*/
function _readStoreCookiePasswdId($store)
{
if (!defined('LIVEUSER_TMPDIR')) {
define('LIVEUSER_TMPDIR', ini_get('session.save_path'));
}
if (!($fh = fopen(LIVEUSER_TMPDIR . "/{$store}.lu", 'rb'))) {
$this->_error = true;
return LiveUser::raiseError(LIVEUSER_ERROR_COOKIE, null, null, "Cannot open file for reading in LiveUser::_readStoreCookiePasswdId()");
}
if (!($fields = fread($fh, 4096))) {
fclose($fh);
$this->_error = true;
return LiveUser::raiseError(LIVEUSER_COOKIE_ERROR, null, null, "Cannot read file in LiveUser::_readStoreCookiePasswdId()");
}
fclose($fh);
$params = unserialize($this->_cookieCryptMode(false, $fields));
return count($params) == 2 ? $params : false;
}
/**
* Constructor
*
* @param mixed $connectoptions connection options
* @return void
*/
function &LiveUser_Perm_Container_XML_Simple(&$connectOptions)
{
if (is_array($connectOptions)) {
foreach ($connectOptions as $key => $value) {
if (isset($this->{$key})) {
$this->{$key} = $value;
}
}
if (!is_file($this->file)) {
if (is_file(getenv('DOCUMENT_ROOT') . $this->file)) {
$this->file = getenv('DOCUMENT_ROOT') . $this->file;
} else {
return LiveUser::raiseError(LIVEUSER_ERROR_MISSING_DEPS, null, null, "Perm initialisation failed. Can't find xml file.");
}
}
if ($this->file) {
if (class_exists('XML_Tree')) {
$tree =& new XML_Tree($this->file);
$err =& $tree->getTreeFromFile();
if (PEAR::isError($err)) {
return $err;
} else {
$this->tree = $tree;
$this->init_ok = true;
}
} else {
$this->_error = true;
return LiveUser::raiseError(LIVEUSER_ERROR_MISSING_DEPS, null, null, "Perm initialisation failed. Can't find XML_Tree class.");
}
} else {
return LiveUser::raiseError(LIVEUSER_ERROR_MISSING_DEPS, null, null, "Perm initialisation failed. Can't find xml file.");
}
}
}
/**
* Gets all users with handle, passwd, authId,
* lastlogin, is_active and individual rights.
*
* The array will look like this:
* <code>
* $userData[0]['auth_user_id'] = 'wujha433gawefawfwfiuj2ou9823r98h';
* ['handle'] = 'myLogin';
* ['passwd'] = 'd346gs2gwaeiuhaeiuuweijfjuwaefhj';
* ['lastlogin'] = 1254801292; (Unix timestamp)
* ['is_active'] = 1; (1 = yes, 0 = no)
* </code>
*
* @access public
* @param array filters to apply to fetched data
* @param array custom fields you wane to be returned
* @return mixed Array with user data or error object.
*/
function getUsers($filters = array(), $customFields = array())
{
return LiveUser::raiseError(LIVEUSER_ERROR_NOT_SUPPORTED, null, null, 'getUsers(): Method not supported by this container');
}
/**
* Finds and gets userinfo by his userID, customFields can
* also be gotten
*
* Untested: it most likely doesn't work.
*
* @access public
* @param mixed User ID
* @param array custom fields you want to be returned. If not specified
* the basic set of fields is returned. The keys are the
* names and the values
* @return mixed Array with userinfo if found else error object
*/
function getUser($userId, $customFields = array())
{
if (is_object($this->auth) && is_object($this->perm)) {
if (is_array($this->auth->authTableCols['user_id'])) {
$user_auth_id = $this->auth->authTableCols['user_id']['name'];
$type = $this->auth->authTableCols['user_id']['type'];
} else {
$user_auth_id = $this->auth->authTableCols['user_id'];
$type = '';
}
$filters = array($user_auth_id => array('op' => '=', 'value' => $userId, 'cond' => '', 'type' => $type));
$search = $this->auth->getUsers($filters, $customFields);
if (LiveUser::isError($search)) {
return $search;
}
return $search;
}
return LiveUser::raiseError(LIVEUSER_ERROR, null, null, 'Perm or Auth container couldn\\t be started.');
}
/**
* Helper function that checks if there is a user in
* the database who's matching the given parameters.
* If $checkHandle is given and $checkPW is set to
* false, it only checks if a user with that handle
* exists. If only $checkPW is given and $checkHandle
* is set to false, it will check if there exists a
* user with that password. If both values are set to
* anything but false, it will find the first user in
* the database with both values matching.
* Please note:
* - If no match was found, the return value is false
* - If a match was found, the auth_user_id from the database
* is being returned
* Whatever is returned, please keep in mind that this
* function only searches for the _first_ occurence
* of the search values in the database. So when you
* have multiple users with the same handle, only the
* ID of the first one is returned. Same goes for
* passwords. Searching for both password and handle
* should be pretty safe, though - having more than
* one user with the same handle/password combination
* in the database would be pretty stupid anyway.
*
* Again, this does nothing in the base class. The
* described functionality must be implemented in a
* subclass overriding this method.
*
* @param boolean check handle ?
* @param boolean check password ?
* @return mixed user id when there is a match, false otherwise
*/
function userExists($checkHandle = false, $checkPW = false)
{
return LiveUser::raiseError(LIVEUSER_ERROR_NOT_SUPPORTED, null, null, 'userExists(): Method not supported by this container');
}
/**
* LiveUser_Auth_Container_XML::_updateUserData()
*
* Writes current values for user back to the database.
* This method does nothing in the base class and is supposed to
* be overridden in subclasses according to the supported backend.
*
* @access private
*/
function _updateUserData()
{
if (!$this->init_ok || !$this->userObj) {
return false;
}
$data = array('lastLogin' => $this->currentLogin);
$index = 0;
foreach ($this->userObj->children as $value) {
if (in_array($value->name, array_keys($data))) {
$el =& $this->userObj->getElement(array($index));
$el->setContent($data[$value->name]);
}
$index++;
}
$success = false;
do {
$fp = fopen($this->file, 'wb');
if (!$fp) {
$errorMsg = "Auth freeze failure. Failed to open the xml file.";
break;
}
if (!flock($fp, LOCK_EX)) {
$errorMsg = "Auth freeze failure. Couldn't get an exclusive lock on the file.";
break;
}
if (!fwrite($fp, $this->tree->get())) {
$errorMsg = "Auth freeze failure. Write error when writing back the file.";
break;
}
@fflush($fp);
$success = true;
} while (false);
@flock($fp, LOCK_UN);
@fclose($fp);
if (!$success) {
return LiveUser::raiseError(LIVEUSER_ERROR, null, null, $errorMsg);
}
return $success;
}
/**
* Finds and gets userinfo by his userID, customFields can
* also be gotten
*
* Untested: it most likely doesn't work.
*
* @access public
* @param mixed Perm User ID
* @return mixed Array with userinfo if found else error object
*/
function getUser($permId)
{
if (is_object($this->auth) && is_object($this->perm)) {
$user_auth_id = $this->auth->authTableCols['required']['auth_user_id']['name'];
$type = isset($this->auth->authTableCols['required']['auth_user_id']['type']) ? $this->auth->authTableCols['required']['auth_user_id']['type'] : '';
$authData = $this->perm->getAuthUserId($permId);
$filters = array($user_auth_id => array('name' => $user_auth_id, 'op' => '=', 'value' => $authData['auth_user_id'], 'cond' => '', 'type' => $type));
$search = $this->auth->getUsers($filters);
if (LiveUser::isError($search)) {
return $search;
}
return $search;
}
return LiveUser::raiseError(LIVEUSER_ERROR, null, null, 'Perm or Auth container couldn\\t be started.');
}
