/** * add(): Add a new user to TABLE, auto-generating password-hash and salt, and automatically * adding her to the 'all' group and to a group with the name '${username}_grp'. * @param string $username Username. * @param string $password Unhashed password. * @param string $realname Real name. * @return bool */ public static function add($username, $password, $realname) { list($hash, $salt) = TlonHash::password($password); if (!(TlonUserGroup::add($username, TlonGroup::EVERYONE, TlonRights::READ, TlonGroup::EVERYONEINFO) && TlonUserGroup::add($username, TlonGroup::userGroupname($username), TlonRights::READ_WRITE, $realname))) { return false; } return TlonData::insert(self::$TABLE, array($username, $hash, $realname, $salt, null)); }
/** * modifyUser(): add a user to a group. * @param string $authtoken Auth token. * @param string $username Username * @param string $groupname Groupname. * @param int $rights User rights. * @return TlonSoapResponse Result */ public function modifyUser($authtoken, $username, $groupname, $rights = TlonRights::READ) { if (TlonUser::getByUsername($username) && $this->_checkRights($authtoken, $groupname, TlonRights::WRITE) && TlonUserGroup::edit($username, $groupname, $rights)) { return $this->returnSuccess($authtoken, array('username' => $username, 'groupname' => $groupname, 'rights' => $rights)); } else { return $this->returnFailure($authtoken); } }
it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see <http://www.gnu.org/licenses/>. */ require_once 'class.tlondata.php'; require_once 'class.tlonrights.php'; require_once 'class.tlongroup.php'; TlonUserGroup::$TABLE = new TlonDataTable('tl_user_group', 'username, groupname, rights'); class TlonUserGroup { public static $TABLE = null; public static function add($username, $groupname, $rights = TlonRights::READ_WRITE, $groupinfo = '') { if (!TlonGroup::exists($groupname)) { if (!TlonGroup::add($groupname, $groupinfo)) { return false; } } if (self::getByUsernameGroupname($username, $groupname)) { return self::edit($username, $groupname, $rights); } else { return TlonData::insert(self::$TABLE, array($username, $groupname, $rights)); }
private function authUser($auth_token, $document_id, $auth_rights = TlonRights::READ) { if (($u = TlonUser::getByAuthToken($auth_token)) && ($groups = TlonUserGroup::getByUsername($u['username']))) { foreach ($groups as $grp) { $gi .= ', ' . $grp['groupname']; if (TlonGroupDocument::hasRights($grp['groupname'], $document_id, $auth_rights)) { return true; } } } else { return "No groups gotten"; } return "No groups matched ({$gi})"; }