/** * Update the user table to include the last date of login and any other * specified attributes. Creates new user if neccesary. * If any attributes in User are set other than * username, those will also be written to db over-riding anything that may * have been there. Returns User filled out with information matching * db. * * @param User $user * @return User $user */ public function touchUser(User $user) { // array to pass to db updating routines. Make an array out of our // properties. $update_values = array(); foreach ($user->properties() as $key => $value) { $update_values[":" . $key] = $value; } // don't use usergroups though. unset($update_values[":usergroups"]); $update_values[":last_login"] = date("Y-m-d H:i:s"); $this->beginTransaction(); $strSQL = "SELECT * FROM xerxes_users WHERE username = :username"; $arrResults = $this->select($strSQL, array(":username" => $user->username)); if (count($arrResults) == 1) { // user already exists in database, so update the last_login time and // use any data specified in our User record to overwrite. Start // with what's already there, overwrite with anything provided in // the User object. $db_values = $arrResults[0]; foreach ($db_values as $key => $value) { if (!(is_null($value) || is_numeric($key))) { $dbKey = ":" . $key; // merge with currently specified values if (!array_key_exists($dbKey, $update_values)) { $update_values[$dbKey] = $value; //And add it to the user object too //$user->$key = $value; } } } $strSQL = "UPDATE xerxes_users " . "SET last_login = :last_login, suspended = :suspended, first_name = :first_name, " . "last_name = :last_name, email_addr = :email_addr " . "WHERE username = :username"; $status = $this->update($strSQL, $update_values); } else { // add em otherwise $strSQL = "INSERT INTO xerxes_users " . "( username, last_login, suspended, first_name, last_name, email_addr) " . "VALUES (:username, :last_login, :suspended, :first_name, :last_name, :email_addr)"; $status = $this->insert($strSQL, $update_values); } // add let's make our group assignments match, unless the group // assignments have been marked null which means to keep any existing ones // only. if (is_null($user->usergroups)) { // fetch what's in the db and use that please. $fetched = $this->select("SELECT usergroup FROM xerxes_user_usergroups WHERE username = :username", array(":username" => $user->username)); if (count($fetched)) { $user->usergroups = $fetched[0]; } else { $user->usergroups = array(); } } else { $status = $this->delete("DELETE FROM xerxes_user_usergroups WHERE username = :username", array(":username" => $user->username)); foreach ($user->usergroups as $usergroup) { $status = $this->insert("INSERT INTO xerxes_user_usergroups (username, usergroup) " . "VALUES (:username, :usergroup)", array(":username" => $user->username, ":usergroup" => $usergroup)); } } $this->commit(); return $user; }
/** * Determines if the database is searchable by user * * @return boolean */ public function isSearchableByUser(User $user) { $allowed = ""; if ($this->searchable != 1) { $allowed = false; //nobody can search it! } elseif ($this->guest_access != "") { $allowed = true; //anyone can search it! } elseif (count($this->group_restrictions) > 0) { // user has to be authenticated, and in a group that is included in the restrictions, // or in an ip address associated with a restricted group. // @todo: setup user groups in user object $allowed = $user->isAuthenticated() && array_intersect($user->getUserGroups(), $this->group_restrictions); if (!$allowed) { // not by virtue of a login, but now check for ip address $ranges = array(); foreach ($this->group_restrictions as $group) { $ranges[] = $this->config()->getGroupLocalIpRanges($group); // @todo: move this to registry? } $allowed = $user->isInLocalIpRange(); } } else { // ordinary generally restricted resource. they need to be // an authenticated user, or in the local ip range. if ($user->isAuthenticated() || $user->isInLocalIpRange()) { $allowed = true; } } return $allowed; }