/** * creates the initial folder for new accounts * * @param mixed[int|Tinebase_Model_User] $_account the accountd object * @return Tinebase_Record_RecordSet of subtype Tinebase_Model_Container */ public function createPersonalFolder($_accountId) { $translation = Tinebase_Translation::getTranslation('Webconference'); $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $account = Tinebase_User::getInstance()->getUserById($accountId); $newContainer = new Tinebase_Model_Container(array('name' => sprintf($translation->_("%s's personal example records"), $account->accountFullName), 'type' => Tinebase_Model_Container::TYPE_PERSONAL, 'backend' => 'Sql', 'application_id' => Tinebase_Application::getInstance()->getApplicationByName('Webconference')->getId())); $personalContainer = Tinebase_Container::getInstance()->addContainer($newContainer, NULL, FALSE, $accountId); $container = new Tinebase_Record_RecordSet('Tinebase_Model_Container', array($personalContainer)); return $container; }
/** * updates an user * * this function updates an user * * @param Tinebase_Model_FullUser $_user * @return Tinebase_Model_FullUser * @throws */ public function updateUserInSqlBackend(Tinebase_Model_FullUser $_user) { if (!$_user->isValid()) { throw new Tinebase_Exception_Record_Validation('Invalid user object. ' . print_r($_user->getValidationErrors(), TRUE)); } $accountId = Tinebase_Model_User::convertUserIdToInt($_user); $oldUser = $this->getFullUserById($accountId); if (empty($_user->contact_id)) { $_user->visibility = 'hidden'; $_user->contact_id = null; } $accountData = $this->_recordToRawData($_user); // don't update id unset($accountData['id']); // ignore all other states (expired and blocked) if ($_user->accountStatus == Tinebase_User::STATUS_ENABLED) { $accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus; if ($oldUser->accountStatus === Tinebase_User::STATUS_BLOCKED) { $accountData[$this->rowNameMapping['loginFailures']] = 0; } elseif ($oldUser->accountStatus === Tinebase_User::STATUS_EXPIRED) { $accountData[$this->rowNameMapping['accountExpires']] = null; } } elseif ($_user->accountStatus == Tinebase_User::STATUS_DISABLED) { $accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus; } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($accountData, true)); } try { $accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts')); $where = array($this->_db->quoteInto($this->_db->quoteIdentifier('id') . ' = ?', $accountId)); $accountsTable->update($accountData, $where); } catch (Exception $e) { Tinebase_TransactionManager::getInstance()->rollBack(); throw $e; } return $this->getUserById($accountId, 'Tinebase_Model_FullUser'); }
/** * try to convert id of account object and check if correct exceptions are thrown * */ public function testConvertAccountIdToIntWithAccount() { $this->setExpectedException('Exception'); Tinebase_Model_User::convertUserIdToInt($this->objects['noIdAccount']); }
/** * get grants assigned to one account of one container * * @param string|Tinebase_Model_User $_accountId * @param int|Tinebase_Model_Container $_containerId * @param string $_grantModel * @return Tinebase_Model_Grants */ public function getGrantsOfAccount($_accountId, $_containerId, $_grantModel = 'Tinebase_Model_Grants') { $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $containerId = Tinebase_Model_Container::convertContainerIdToInt($_containerId); $container = $_containerId instanceof Tinebase_Model_Container ? $_containerId : $this->getContainerById($_containerId); $classCacheId = $accountId . $containerId . $container->seq . $_grantModel; try { $grants = $this->loadFromClassCache(__FUNCTION__, $classCacheId, Tinebase_Cache_PerRequest::VISIBILITY_SHARED); if ($grants instanceof Tinebase_Model_Grants) { return $grants; } else { if (Tinebase_Core::isLogLevel(Zend_Log::NOTICE)) { Tinebase_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' Invalid data in cache ... fetching fresh data from DB'); } } } catch (Tinebase_Exception_NotFound $tenf) { // not found in cache } $select = $this->_getAclSelectByContainerId($containerId)->group('container_acl.account_grant'); $this->addGrantsSql($select, $accountId, '*'); Tinebase_Backend_Sql_Abstract::traitGroup($select); $stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select); $rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC); $grants = $this->_getGrantsFromArray($rows, $accountId, $_grantModel); $this->saveInClassCache(__FUNCTION__, $classCacheId, $grants, Tinebase_Cache_PerRequest::VISIBILITY_SHARED, self::ACL_CACHE_TIMEOUT); return $grants; }
/** * fetch one contact of a user identified by his user_id * * @param int $_userId * @return Addressbook_Model_Contact * @throws Addressbook_Exception_NotFound if contact not found */ public function getByUserId($_userId) { $userId = Tinebase_Model_User::convertUserIdToInt($_userId); $contactData = $this->_ldap->fetch($this->_baseDn, "uidnumber={$userId}", $this->_getSupportedLdapAttributes()); if (!$contactData) { throw new Addressbook_Exception_NotFound("Contact with user id {$_userId} not found."); } $contact = $this->_ldap2Contacts(array($contactData))->offsetGet(0); $contact->jpegphoto = $this->_ldap->fetchBinaryAttribute($this->_baseDn, "uidnumber={$userId}", 'jpegphoto'); return $contact; }
/** * returns arrays of metainfo from given accountIds * * @param array $_accountIds * @return array of strings */ protected function _getAccountsMetaData(array $_accountIds) { $filterArray = array(); foreach ($_accountIds as $accountId) { $accountId = Tinebase_Model_User::convertUserIdToInt($accountId); $filterArray[] = "(objectGUID={$accountId})"; } // fetch all dns at once $filter = '(|' . implode('', $filterArray) . ')'; $accounts = $this->_ldap->fetchAll($this->_options['userDn'], $filter, array('sAMAccountName', 'objectGUID', 'objectclass')); if (count($accounts) != count($_accountIds)) { throw new Exception("Some dn's are missing"); } $result = array(); foreach ($accounts as $account) { unset($account['objectclass']['count']); $result[] = array('dn' => $account['dn'], 'uid' => $account['sAMAccountName'][0], 'uidNumber' => $account['objectGUID'][0], 'objectClass' => $account['objectclass']); } return $result; }
/** * returns SQL with container grant condition * * @param string $_aclTableName * @param string $_groupMembersTableName * @param string|array $_requiredGrant (defaults none) * @param Zend_Db_Expr|int|Tinebase_Model_User $_user (defaults current user) * @return string */ protected function _getContainGrantCondition($_aclTableName, $_groupMembersTableName, $_requiredGrant = NULL, $_user = NULL) { $quoteTypeIdentifier = $this->_db->quoteIdentifier($_aclTableName . '.account_type'); $quoteIdIdentifier = $this->_db->quoteIdentifier($_aclTableName . '.account_id'); if ($_user instanceof Zend_Db_Expr) { $userExpression = $_user; } else { $accountId = $_user ? Tinebase_Model_User::convertUserIdToInt($_user) : Tinebase_Core::getUser()->getId(); $userExpression = new Zend_Db_Expr($this->_db->quote($accountId)); } $sql = $this->_db->quoteInto("({$quoteTypeIdentifier} = ?", Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) . " AND {$quoteIdIdentifier} = {$userExpression})" . $this->_db->quoteInto(" OR ({$quoteTypeIdentifier} = ?", Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP) . ' AND ' . $this->_db->quoteIdentifier("{$_groupMembersTableName}.group_id") . " = {$quoteIdIdentifier}" . ')' . $this->_db->quoteInto(" OR ({$quoteTypeIdentifier} = ?)", Tinebase_Acl_Rights::ACCOUNT_TYPE_ANYONE); if ($_requiredGrant) { $sql = "({$sql}) AND " . $this->_db->quoteInto($this->_db->quoteIdentifier($_aclTableName . '.account_grant') . ' IN (?)', (array) $_requiredGrant); } return "({$sql})"; }
/** * get prefered extension of this account * * @param int $_accountId the id of the account to get the prefered extension for * @return array * @throws Phone_Exception_NotFound */ public function getPreferedExtension($_accountId) { $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $extensionsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'phone_extensions')); $select = $extensionsTable->select()->where($this->_db->quoteIdentifier('account_id') . ' = ?', $accountId); $row = $extensionsTable->fetchRow($select); if ($row === NULL) { throw new Phone_Exception_NotFound('No prefered extension found.'); } return $row->toArray(); }
/** * get grants assigned to given account of multiple records * * @param Tinebase_Record_RecordSet $_records records to get the grants for * @param string|Tinebase_Model_User $_accountId the account to get the grants for * @param string $_containerProperty container property * @param string $_grantModel * @throws Tinebase_Exception_NotFound */ public function getGrantsOfRecords(Tinebase_Record_RecordSet $_records, $_accountId, $_containerProperty = 'container_id', $_grantModel = 'Tinebase_Model_Grants') { // get container ids $containers = array(); foreach ($_records as $record) { if (isset($record[$_containerProperty]) && !isset($containers[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])])) { $containers[Tinebase_Model_Container::convertContainerIdToInt($record[$_containerProperty])] = array(); } } if (empty($containers)) { return; } $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $select = $this->_getSelect(array('container.id', 'container.name'), TRUE)->where("{$this->_db->quoteIdentifier('container.id')} IN (?)", array_keys($containers))->join(array('container_acl' => SQL_TABLE_PREFIX . 'container_acl'), "{$this->_db->quoteIdentifier('container_acl.container_id')} = {$this->_db->quoteIdentifier('container.id')}", array('container_id', 'account_grants' => Tinebase_Backend_Sql_Command::getAggregateFunction($this->_db, $this->_db->quoteIdentifier('container_acl.account_grant'))))->group(array('container.id', 'container.name', 'container_acl.account_type', 'container_acl.container_id')); $this->addGrantsSql($select, $accountId, '*'); $stmt = $this->_db->query($select); $arr = $stmt->fetchAll(Zend_Db::FETCH_ASSOC); // check array for duplicate entries of container_id $rows = array(); $last_arr = array(); foreach ($arr as $row) { if ($last_arr['container_id'] === $row['container_id']) { $row['account_grants'] = $last_arr['account_grants'] . ',' . $row['account_grants']; end($rows); $rows[key($rows)] = $row; } else { array_push($rows, $row); } $last_arr = $row; } // add results to container ids and get grants array foreach ($rows as $row) { // NOTE id is non-ambiguous $row['id'] = $row['container_id']; $grantsArray = array_unique(explode(',', $row['account_grants'])); $row['account_grants'] = $this->_getGrantsFromArray($grantsArray, $accountId, $_grantModel)->toArray(); $containers[$row['id']] = new Tinebase_Model_Container($row, TRUE); } // add container & grants to records foreach ($_records as &$record) { try { if (!isset($record->{$_containerProperty})) { continue; } $containerId = $record[$_containerProperty]; if (!is_array($containerId) && !$containerId instanceof Tinebase_Record_Abstract && !empty($containers[$containerId])) { $record[$_containerProperty] = $containers[$containerId]; $record[$_containerProperty]['path'] = $containers[$containerId]->getPath(); } } catch (Exception $e) { // if path is not determinable, skip this container $_records->removeRecord($record); } } }
/** * get metatada of existing user * * @param string $_userId * @return array */ protected function _getMetaData($_userId) { $userId = Tinebase_Model_User::convertUserIdToInt($_userId); $filter = Zend_Ldap_Filter::equals($this->_rowNameMapping['accountId'], Zend_Ldap::filterEscape($userId)); $result = $this->_ldap->search($filter, $this->_baseDn, $this->_userSearchScope); if (count($result) !== 1) { throw new Tinebase_Exception_NotFound("user with userid {$_userId} not found"); } return $result->getFirst(); }
/** * returns default displayContainer id of given attendee * * @param string $userAccountId */ public static function getDefaultDisplayContainerId($userAccountId) { $userAccountId = Tinebase_Model_User::convertUserIdToInt($userAccountId); $displayCalId = Tinebase_Core::getPreference('Calendar')->getValueForUser(Calendar_Preference::DEFAULTCALENDAR, $userAccountId); try { // assert that displaycal is of type personal $container = Tinebase_Container::getInstance()->getContainerById($displayCalId); if ($container->type != Tinebase_Model_Container::TYPE_PERSONAL) { $displayCalId = NULL; } } catch (Exception $e) { $displayCalId = NULL; } if (!isset($displayCalId)) { $containers = Tinebase_Container::getInstance()->getPersonalContainer($userAccountId, 'Calendar_Model_Event', $userAccountId, 0, true); if ($containers->count() > 0) { $displayCalId = $containers->getFirstRecord()->getId(); } } return $displayCalId; }
/** * returns arrays of metainfo from given accountIds * * @param array $_accountIds * @return array of strings */ protected function _getAccountsMetaData(array $_accountIds) { $filterArray = array(); foreach ($_accountIds as $accountId) { $accountId = Tinebase_Model_User::convertUserIdToInt($accountId); $filterArray[] = Zend_Ldap_Filter::equals($this->_userUUIDAttribute, Zend_Ldap::filterEscape($accountId)); } $filter = new Zend_Ldap_Filter_Or($filterArray); if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $filter: ' . $filter . ' count: ' . count($filterArray)); } // fetch all dns at once $accounts = $this->_ldap->search($filter, $this->_options['userDn'], $this->_userSearchScope, array('uid', $this->_userUUIDAttribute, 'objectclass')); if (count($_accountIds) != count($accounts)) { $wantedAccountIds = array(); $retrievedAccountIds = array(); foreach ($_accountIds as $accountId) { $wantedAccountIds[] = Tinebase_Model_User::convertUserIdToInt($accountId); } foreach ($accounts as $account) { $retrievedAccountIds[] = $account[$this->_userUUIDAttribute][0]; } throw new Tinebase_Exception_NotFound("Some dn's are missing. " . print_r(array_diff($wantedAccountIds, $retrievedAccountIds), true)); } $result = array(); foreach ($accounts as $account) { $result[] = array('dn' => $account['dn'], 'objectclass' => $account['objectclass'], 'uid' => $account['uid'][0], $this->_userUUIDAttribute => $account[$this->_userUUIDAttribute][0]); } return $result; }
/** * updates an user * * this function updates an user * * @param Tinebase_Model_FullUser $_user * @return Tinebase_Model_FullUser * @throws */ public function updateUserInSqlBackend(Tinebase_Model_FullUser $_user) { if (!$_user->isValid()) { throw new Tinebase_Exception_Record_Validation('Invalid user object. ' . print_r($_user->getValidationErrors(), TRUE)); } $accountId = Tinebase_Model_User::convertUserIdToInt($_user); $oldUser = $this->getFullUserById($accountId); $accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts')); if (empty($_user->contact_id)) { $_user->visibility = 'hidden'; $_user->contact_id = null; } $accountData = array('login_name' => $_user->accountLoginName, 'expires_at' => $_user->accountExpires instanceof DateTime ? $_user->accountExpires->get(Tinebase_Record_Abstract::ISO8601LONG) : NULL, 'primary_group_id' => $_user->accountPrimaryGroup, 'home_dir' => $_user->accountHomeDirectory, 'login_shell' => $_user->accountLoginShell, 'openid' => $_user->openid, 'visibility' => $_user->visibility, 'contact_id' => $_user->contact_id, $this->rowNameMapping['accountDisplayName'] => $_user->accountDisplayName, $this->rowNameMapping['accountFullName'] => $_user->accountFullName, $this->rowNameMapping['accountFirstName'] => $_user->accountFirstName, $this->rowNameMapping['accountLastName'] => $_user->accountLastName, $this->rowNameMapping['accountEmailAddress'] => $_user->accountEmailAddress); // ignore all other states (expired and blocked) if ($_user->accountStatus == Tinebase_User::STATUS_ENABLED) { $accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus; if ($oldUser->accountStatus === Tinebase_User::STATUS_BLOCKED) { $accountData[$this->rowNameMapping['loginFailures']] = 0; } elseif ($oldUser->accountStatus === Tinebase_User::STATUS_EXPIRED) { $accountData[$this->rowNameMapping['accountExpires']] = null; } } elseif ($_user->accountStatus == Tinebase_User::STATUS_DISABLED) { $accountData[$this->rowNameMapping['accountStatus']] = $_user->accountStatus; } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' ' . print_r($accountData, true)); } try { $accountsTable = new Tinebase_Db_Table(array('name' => SQL_TABLE_PREFIX . 'accounts')); $where = array($this->_db->quoteInto($this->_db->quoteIdentifier('id') . ' = ?', $accountId)); $accountsTable->update($accountData, $where); } catch (Exception $e) { Tinebase_TransactionManager::getInstance()->rollBack(); throw $e; } return $this->getUserById($accountId, 'Tinebase_Model_FullUser'); }
/** * get list of role members * * @param int $_accountId * @return array of array with account ids & types * @throws Tinebase_Exception_NotFound */ public function getRoleMemberships($_accountId) { $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($accountId); if (empty($groupMemberships)) { throw new Tinebase_Exception_NotFound('Any account must belong to at least one group. The account with accountId ' . $accountId . ' does not belong to any group.'); } $memberships = array(); $select = $this->_roleMembersTable->select(); $select->where($this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . ' = ?', $_accountId) . ' AND ' . $this->_db->quoteInto($this->_db->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_USER))->orwhere($this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . ' IN (?)', $groupMemberships) . ' AND ' . $this->_db->quoteInto($this->_db->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP)); $rows = $this->_roleMembersTable->fetchAll($select)->toArray(); foreach ($rows as $membership) { $memberships[] = $membership['role_id']; } return $memberships; }
/** * get metatada of existing user * * @param string $_userId * @return array */ protected function _getMetaData($_userId) { $userId = $this->_encodeAccountId(Tinebase_Model_User::convertUserIdToInt($_userId)); $filter = Zend_Ldap_Filter::equals($this->_rowNameMapping['accountId'], $userId); if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' fetch meta data - filter: ' . $filter); } $result = $this->_ldap->search($filter, $this->_baseDn, $this->_userSearchScope); if (count($result) !== 1) { throw new Tinebase_Exception_NotFound("user with userid {$_userId} not found"); } return $result->getFirst(); }
/** * get grants assigned to one account of one container * * @param string|Tinebase_Model_User $_accountId * @param int|Tinebase_Model_Container $_containerId * @param string $_grantModel * @return Tinebase_Model_Grants */ public function getGrantsOfAccount($_accountId, $_containerId, $_grantModel = 'Tinebase_Model_Grants') { $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $containerId = Tinebase_Model_Container::convertContainerIdToInt($_containerId); $container = $_containerId instanceof Tinebase_Model_Container ? $_containerId : $this->getContainerById($_containerId); $classCacheId = $accountId . $containerId . $container->seq . $_grantModel; try { return $this->loadFromClassCache(__FUNCTION__, $classCacheId, Tinebase_Cache_PerRequest::VISIBILITY_SHARED); } catch (Tinebase_Exception_NotFound $tenf) { } $select = $this->_getAclSelectByContainerId($containerId)->group('container_acl.account_grant'); $this->addGrantsSql($select, $accountId, '*'); Tinebase_Backend_Sql_Abstract::traitGroup($select); $stmt = $this->_db->query('/*' . __FUNCTION__ . '*/' . $select); $rows = $stmt->fetchAll(Zend_Db::FETCH_ASSOC); $grants = $this->_getGrantsFromArray($rows, $accountId, $_grantModel); $this->saveInClassCache(__FUNCTION__, $classCacheId, $grants, Tinebase_Cache_PerRequest::VISIBILITY_SHARED, self::ACL_CACHE_TIMEOUT); return $grants; }
/** * remove one groupmember from the group * * @param mixed $_groupId * @param mixed $_accountId */ public function removeGroupMemberFromSqlBackend($_groupId, $_accountId) { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $where = array($this->_db->quoteInto($this->_db->quoteIdentifier('group_id') . '= ?', $groupId), $this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . '= ?', $accountId)); $this->groupMembersTable->delete($where); $this->_clearCache(array('getGroupMembers' => $groupId, 'getGroupMemberships' => $accountId)); }
/** * remove one groupmember from the group * * @param mixed $_groupId * @param mixed $_accountId */ public function removeGroupMemberFromSqlBackend($_groupId, $_accountId) { $groupId = Tinebase_Model_Group::convertGroupIdToInt($_groupId); $accountId = Tinebase_Model_User::convertUserIdToInt($_accountId); $where = array($this->_db->quoteInto($this->_db->quoteIdentifier('group_id') . '= ?', $groupId), $this->_db->quoteInto($this->_db->quoteIdentifier('account_id') . '= ?', $accountId)); $this->groupMembersTable->delete($where); // invalidate cache $cacheId = convertCacheId('groupMembers' . $groupId); Tinebase_Core::getCache()->remove($cacheId); $cacheId = convertCacheId('groupMemberships' . $accountId); Tinebase_Core::getCache()->remove($cacheId); }
/** * checks if container is a personal container of given account * * @param mixed $account */ public function isPersonalOf($account) { return $this->type == Tinebase_Model_Container::TYPE_PERSONAL && $this->getOwner() == Tinebase_Model_User::convertUserIdToInt($account); }
/** * returns account_grants of given timeaccount * - this function caches its result (with cache tag 'container') * * @param Tinebase_Model_User|int $_accountId * @param Timetracker_Model_Timeaccount|string $_timeaccountId * @param bool $_ignoreAcl * @return array */ public static function getGrantsOfAccount($_accountId, $_timeaccountId, $_ignoreAcl = FALSE) { $cache = Tinebase_Core::getCache(); $cacheId = convertCacheId('getGrantsOfAccount' . Tinebase_Model_User::convertUserIdToInt($_accountId) . ($_timeaccountId instanceof Timetracker_Model_Timeaccount ? $_timeaccountId->getId() : $_timeaccountId) . $_ignoreAcl); $result = $cache->load($cacheId); if ($result === FALSE) { $timeaccount = $_timeaccountId instanceof Timetracker_Model_Timeaccount ? $_timeaccountId : Timetracker_Controller_Timeaccount::getInstance()->get($_timeaccountId); $containerGrantsArray = Tinebase_Container::getInstance()->getGrantsOfAccount($_accountId, $timeaccount->container_id, 'Timetracker_Model_TimeaccountGrants')->toArray(); $account_grants = new Timetracker_Model_TimeaccountGrants($containerGrantsArray); $result = $account_grants->toArray(); $cache->save($result, $cacheId, array('container')); } return $result; }
/** * returns arrays of metainfo from given accountIds * * @param array $_accountIds * @param boolean $throwExceptionOnMissingAccounts * @return array of strings */ protected function _getAccountsMetaData(array $_accountIds, $throwExceptionOnMissingAccounts = TRUE) { $filterArray = array(); foreach ($_accountIds as $accountId) { $accountId = Tinebase_Model_User::convertUserIdToInt($accountId); $filterArray[] = Zend_Ldap_Filter::equals($this->_userUUIDAttribute, $this->_encodeAccountId($accountId)); } $filter = new Zend_Ldap_Filter_Or($filterArray); if (Tinebase_Core::isLogLevel(Zend_Log::DEBUG)) { Tinebase_Core::getLogger()->debug(__METHOD__ . '::' . __LINE__ . ' $filter: ' . $filter . ' count: ' . count($filterArray)); } // fetch all dns at once $accounts = $this->getLdap()->search($filter, $this->_options['userDn'], $this->_userSearchScope, array($this->_userUUIDAttribute, 'objectclass', 'primarygroupid')); if (count($_accountIds) != count($accounts)) { $wantedAccountIds = array(); $retrievedAccountIds = array(); foreach ($_accountIds as $accountId) { $wantedAccountIds[] = Tinebase_Model_User::convertUserIdToInt($accountId); } foreach ($accounts as $account) { $retrievedAccountIds[] = $account[$this->_userUUIDAttribute][0]; } $message = "Some dn's are missing. " . print_r(array_diff($wantedAccountIds, $retrievedAccountIds), true); if ($throwExceptionOnMissingAccounts) { throw new Tinebase_Exception_NotFound($message); } else { if (Tinebase_Core::isLogLevel(Zend_Log::WARN)) { Tinebase_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' ' . $message); } } } $result = array(); foreach ($accounts as $account) { $result[] = array('dn' => $account['dn'], 'objectclass' => $account['objectclass'], $this->_userUUIDAttribute => $this->_decodeGroupId($account[$this->_userUUIDAttribute][0]), 'primarygroupid' => $account['primarygroupid'][0]); } return $result; }
/** * set all groups an user is member of * * @param mixed $_userId the account as integer or Tinebase_Model_User * @param mixed $_groupIds * @return array */ public function setGroupMemberships($_userId, $_groupIds) { $this->checkRight('MANAGE_ACCOUNTS'); if ($_groupIds instanceof Tinebase_Record_RecordSet) { $_groupIds = $_groupIds->getArrayOfIds(); } if (count($_groupIds) === 0) { throw new Tinebase_Exception_InvalidArgument('user must belong to at least one group'); } $userId = Tinebase_Model_User::convertUserIdToInt($_userId); $groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($userId); $removeGroupMemberships = array_diff($groupMemberships, $_groupIds); $addGroupMemberships = array_diff($_groupIds, $groupMemberships); if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' current groupmemberships: ' . print_r($groupMemberships, true)); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' new groupmemberships: ' . print_r($_groupIds, true)); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' added groupmemberships: ' . print_r($addGroupMemberships, true)); } if (Tinebase_Core::isLogLevel(Zend_Log::TRACE)) { Tinebase_Core::getLogger()->trace(__METHOD__ . '::' . __LINE__ . ' removed groupmemberships: ' . print_r($removeGroupMemberships, true)); } foreach ($addGroupMemberships as $groupId) { $this->addGroupMember($groupId, $userId); } foreach ($removeGroupMemberships as $groupId) { $this->removeGroupMember($groupId, $userId); } return Tinebase_Group::getInstance()->getGroupMemberships($userId); }
/** * get list of role memberships * * @param int $accountId * @param string $type * @return array of array with role ids * @throws Tinebase_Exception_NotFound */ public function getRoleMemberships($accountId, $type = Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { $accountId = Tinebase_Model_User::convertUserIdToInt($accountId); $groupMemberships = Tinebase_Group::getInstance()->getGroupMemberships($accountId); if (empty($groupMemberships)) { throw new Tinebase_Exception_NotFound('Any account must belong to at least one group. The account with accountId ' . $accountId . ' does not belong to any group.'); } $classCacheId = Tinebase_Helper::convertCacheId($accountId . implode('', $groupMemberships) . $type); } else { if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP) { $accountId = Tinebase_Model_Group::convertGroupIdToInt($accountId); $classCacheId = Tinebase_Helper::convertCacheId($accountId . $type); } else { throw new Tinebase_Exception_InvalidArgument('Invalid type: ' . $type); } } if (isset($this->_classCache[__FUNCTION__][$classCacheId])) { return $this->_classCache[__FUNCTION__][$classCacheId]; } $select = $this->_getDb()->select()->distinct()->from(array('role_accounts' => SQL_TABLE_PREFIX . 'role_accounts'), array('role_id'))->where($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' = ?', $accountId) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', $type)); if ($type === Tinebase_Acl_Rights::ACCOUNT_TYPE_USER) { $select->orwhere($this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_id') . ' IN (?)', $groupMemberships) . ' AND ' . $this->_getDb()->quoteInto($this->_getDb()->quoteIdentifier('account_type') . ' = ?', Tinebase_Acl_Rights::ACCOUNT_TYPE_GROUP)); } $stmt = $this->_getDb()->query($select); $memberships = $stmt->fetchAll(Zend_Db::FETCH_COLUMN); $this->_classCache[__FUNCTION__][$classCacheId] = $memberships; return $memberships; }
/** * try to convert id of account object and check if correct exceptions are thrown * */ public function testConvertAccountIdToIntWithAccount() { $noIdAccount = new Tinebase_Model_FullUser(array('accountLoginName' => 'tine20phpunit-noid', 'accountStatus' => Tinebase_User::STATUS_DISABLED, 'accountExpires' => null, 'accountPrimaryGroup' => Tinebase_Core::getUser()->accountPrimaryGroup, 'accountLastName' => 'Tine 2.0 noid', 'accountFirstName' => 'PHPUnit noid', 'accountEmailAddress' => '*****@*****.**')); $this->setExpectedException('Tinebase_Exception_NotFound'); Tinebase_Model_User::convertUserIdToInt($noIdAccount); }