import v2.0.0.0_RC3 | 2012-07-01
https://github.com/lucanos/CommunityID -> http://www.itadmins.net/archives/357
This commit is contained in:
156
modules/users/models/User.php
Executable file → Normal file
156
modules/users/models/User.php
Executable file → Normal file
@ -1,7 +1,7 @@
|
||||
<?php
|
||||
|
||||
/*
|
||||
* @copyright Copyright (C) 2005-2009 Keyboard Monkeys Ltd. http://www.kb-m.com
|
||||
* @copyright Copyright (C) 2005-2010 Keyboard Monkeys Ltd. http://www.kb-m.com
|
||||
* @license http://creativecommons.org/licenses/BSD/ BSD License
|
||||
* @author Keyboard Monkeys Ltd.
|
||||
* @since CommunityID 0.9
|
||||
@ -15,6 +15,11 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
|
||||
const ROLE_GUEST = 'guest';
|
||||
const ROLE_REGISTERED = 'registered';
|
||||
const ROLE_ADMIN = 'admin';
|
||||
|
||||
const AUTH_PASSWORD = 0;
|
||||
const AUTH_YUBIKEY = 1;
|
||||
|
||||
private $_image;
|
||||
|
||||
/**
|
||||
* To identify the app that owns the user obj in the session.
|
||||
@ -35,10 +40,15 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
|
||||
* Password is stored using md5($this->openid.$password) because
|
||||
* that's what's used in Zend_OpenId
|
||||
*/
|
||||
public function setPassword($password)
|
||||
{
|
||||
$this->password = $password;
|
||||
$this->password_changed = date('Y-m-d');
|
||||
}
|
||||
|
||||
public function setClearPassword($password)
|
||||
{
|
||||
$this->password = md5($this->openid.$password);
|
||||
$this->password_changed = date('Y-m-d');
|
||||
$this->setPassword(md5($this->openid.$password));
|
||||
}
|
||||
|
||||
public function isAllowed($resource, $privilege)
|
||||
@ -56,4 +66,144 @@ class Users_Model_User extends Zend_Db_Table_Row_Abstract
|
||||
|
||||
return md5($token.time());
|
||||
}
|
||||
|
||||
public function overrideWithLdapData(Array $ldapData, $syncDb = false)
|
||||
{
|
||||
$acceptedEula = 1;
|
||||
$username = $ldapData['cn'][0];
|
||||
$firstname = $ldapData['givenname'][0];
|
||||
$lastname = $ldapData['sn'][0];
|
||||
$email = $ldapData['mail'][0];
|
||||
|
||||
if (Zend_Registry::get('config')->ldap->admin == $username) {
|
||||
$role = Users_Model_User::ROLE_ADMIN;
|
||||
} else {
|
||||
$role = Users_Model_User::ROLE_REGISTERED;
|
||||
}
|
||||
|
||||
if ($this->accepted_eula != $acceptedEula
|
||||
|| $this->username != $username
|
||||
|| $this->firstname != $firstname
|
||||
|| $this->lastname != $lastname
|
||||
|| $this->email != $email
|
||||
|| $this->role != $role) {
|
||||
$userChanged = true;
|
||||
} else {
|
||||
$userChanged = false;
|
||||
}
|
||||
|
||||
$this->accepted_eula = $acceptedEula;
|
||||
$this->username = $username;
|
||||
$this->firstname = $firstname;
|
||||
$this->lastname = $lastname;
|
||||
$this->email = $email;
|
||||
$this->role = $role;
|
||||
|
||||
if ($syncDb && $userChanged) {
|
||||
$this->save();
|
||||
}
|
||||
}
|
||||
|
||||
public function generateOpenId($baseUrl)
|
||||
{
|
||||
$config = Zend_Registry::get('config');
|
||||
if ($config->subdomain->enabled) {
|
||||
$openid = Monkeys_Controller_Action::getProtocol() . '://' . $this->username . '.' . $config->subdomain->hostname;
|
||||
} else {
|
||||
$openid = $baseUrl . '/identity/' . $this->username;
|
||||
}
|
||||
|
||||
if ($config->SSL->enable_mixed_mode) {
|
||||
$openid = str_replace('http://', 'https://', $openid);
|
||||
}
|
||||
Zend_OpenId::normalizeUrl($openid);
|
||||
|
||||
$this->openid = $openid;
|
||||
}
|
||||
|
||||
public function createDefaultProfile(Zend_View $view)
|
||||
{
|
||||
$profiles = new Users_Model_Profiles();
|
||||
$profile = $profiles->createRow();
|
||||
$profile->user_id = $this->id;
|
||||
$profile->name = $view->translate('Default profile');
|
||||
$profile->save();
|
||||
|
||||
return $profile->id;
|
||||
}
|
||||
|
||||
public function generatePersonalInfo(Array $ldapData, $profileId)
|
||||
{
|
||||
if (!$this->id) {
|
||||
throw new Exception('Can\'t call User::generatePersonalInfo() on an empty User object');
|
||||
}
|
||||
|
||||
$ldapConfig = Zend_Registry::get('config')->ldap;
|
||||
if (!isset($ldapConfig->fields)) {
|
||||
return;
|
||||
}
|
||||
|
||||
$fieldValues = new Model_FieldsValues();
|
||||
$fields = new Model_Fields();
|
||||
foreach ($ldapConfig->fields->toArray() as $openIdField => $ldapField) {
|
||||
if (!$fieldRow = $fields->getByOpenIdIdentifier($openIdField)) {
|
||||
continue;
|
||||
}
|
||||
|
||||
if (!isset($ldapData[$ldapField])) {
|
||||
if (strpos($ldapField, '+') == false) {
|
||||
continue;
|
||||
}
|
||||
$subfields = explode('+', $ldapField);
|
||||
array_walk($subfields, 'trim');
|
||||
$value = array();
|
||||
foreach ($subfields as $subfield) {
|
||||
if (!isset($ldapData[$subfield])) {
|
||||
continue;
|
||||
}
|
||||
$value[] = $ldapData[$subfield][0];
|
||||
}
|
||||
$value = implode(' ', $value);
|
||||
} else {
|
||||
$value = $ldapData[$ldapField][0];
|
||||
}
|
||||
|
||||
$fieldsValue = $fieldValues->createRow();
|
||||
$fieldsValue->user_id = $this->id;
|
||||
$fieldsValue->profile_id = $profileId;
|
||||
$fieldsValue->field_id = $fieldRow->id;
|
||||
$fieldsValue->value = $value;
|
||||
$fieldsValue->save();
|
||||
}
|
||||
}
|
||||
|
||||
public function getImage()
|
||||
{
|
||||
if (!isset($this->_image)) {
|
||||
$images = new Users_Model_SigninImages();
|
||||
if (!$row = $images->getForUser($this)) {
|
||||
$this->_image = false;
|
||||
} else {
|
||||
$this->_image = $row;
|
||||
}
|
||||
}
|
||||
|
||||
return $this->_image;
|
||||
}
|
||||
|
||||
public function markSuccessfullLogin()
|
||||
{
|
||||
$this->last_login = date('Y-m-d H:i:s');
|
||||
}
|
||||
|
||||
public function getLastLoginUtc()
|
||||
{
|
||||
$time = strtotime($this->last_login);
|
||||
return gmdate('Y-m-d\TH:i:s\Z', $time);
|
||||
}
|
||||
|
||||
public function getSecondsSinceLastLogin()
|
||||
{
|
||||
return time() - strtotime($this->last_login);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user