refactor the user and group helpers into the gallery core module. 2 reason, first it makes sense that users and groups are a gallery requirement and belong in core. secondly, prepares the way for the Identity refactor.

author: Tim Almdal <tnalmdal@shaw.ca> 2009-10-13 13:37:37 -0700
committer: Tim Almdal <tnalmdal@shaw.ca> 2009-10-13 13:37:37 -0700
commit: 14e14003de0ae5dfe1886bec5bec435d15c7554f (patch)
tree: 7c52b07001c3df348928f72493f6e79a2c31f6f1 /modules/gallery/helpers
parent: 2af48060117bdf30fb48929dd8c9d22800a70843 (diff)
2 files changed, 495 insertions, 0 deletions
diff --git a/modules/gallery/helpers/group.php b/modules/gallery/helpers/group.php
new file mode 100644
index 00000000..fbc5157d
--- /dev/null
+++ b/modules/gallery/helpers/group.php
@@ -0,0 +1,128 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+/**
+ * This is the API for handling groups.
+ *
+ * Note: by design, this class does not do any permission checking.
+ */
+class group_Core {
+  /**
+   * Create a new group.
+   *
+   * @param string  $name
+   * @return Group_Model
+   */
+  static function create($name) {
+    $group = ORM::factory("group")->where("name", $name)->find();
+    if ($group->loaded) {
+      throw new Exception("@todo GROUP_ALREADY_EXISTS $name");
+    }
+
+    $group->name = $name;
+    $group->save();
+
+    return $group;
+  }
+
+  /**
+   * The group of all possible visitors.  This includes the guest user.
+   *
+   * @return Group_Model
+   */
+  static function everybody() {
+    return model_cache::get("group", 1);
+  }
+
+  /**
+   * The group of all logged-in visitors.  This does not include guest users.
+   *
+   * @return Group_Model
+   */
+  static function registered_users() {
+    return model_cache::get("group", 2);
+  }
+
+  /**
+   * Look up a group by name.
+   * @param integer      $id the group name
+   * @return Group_Model  the group object, or null if the name was invalid.
+   */
+  static function lookup_by_name($name) {
+    $group = model_cache::get("group", $name, "name");
+    if ($group->loaded) {
+      return $group;
+    }
+    return null;
+  }
+
+  /**
+   * List the users
+   * @param mixed      filters (@see Database.php
+   * @return array     the group list.
+   */
+  static function get_group_list($filter=array()) {
+    $group = ORM::factory("group");
+
+    foreach($filter as $method => $args) {
+      switch ($method) {
+      case "in":
+        $group->in($args[0], $args[1]);
+        break;
+      default:
+        $group->$method($args);
+      }
+    }
+    return $group->find_all();
+  }
+
+  static function get_edit_form_admin($group) {
+    $form = new Forge("admin/users/edit_group/$group->id", "", "post", array("id" => "g-edit-group-form"));
+    $form_group = $form->group("edit_group")->label(t("Edit Group"));
+    $form_group->input("name")->label(t("Name"))->id("g-name")->value($group->name);
+    $form_group->inputs["name"]->error_messages(
+      "in_use", t("There is already a group with that name"));
+    $form_group->submit("")->value(t("Save"));
+    $form->add_rules_from($group);
+    return $form;
+  }
+
+  static function get_add_form_admin() {
+    $form = new Forge("admin/users/add_group", "", "post", array("id" => "g-add-group-form"));
+    $form->set_attr('class', "g-narrow");
+    $form_group = $form->group("add_group")->label(t("Add Group"));
+    $form_group->input("name")->label(t("Name"))->id("g-name");
+    $form_group->inputs["name"]->error_messages(
+      "in_use", t("There is already a group with that name"));
+    $form_group->submit("")->value(t("Add Group"));
+    $group = ORM::factory("group");
+    $form->add_rules_from($group);
+    return $form;
+  }
+
+  static function get_delete_form_admin($group) {
+    $form = new Forge("admin/users/delete_group/$group->id", "", "post",
+                      array("id" => "g-delete-group-form"));
+    $form_group = $form->group("delete_group")->label(
+      t("Are you sure you want to delete group %group_name?", array("group_name" => $group->name)));
+    $form_group->submit("")->value(t("Delete"));
+    return $form;
+  }
+}
diff --git a/modules/gallery/helpers/user.php b/modules/gallery/helpers/user.php
new file mode 100644
index 00000000..7aa990e1
--- /dev/null
+++ b/modules/gallery/helpers/user.php
@@ -0,0 +1,367 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+/**
+ * This is the API for handling users.
+ *
+ * Note: by design, this class does not do any permission checking.
+ */
+class user_Core {
+  static function get_edit_form($user) {
+    $form = new Forge("users/update/$user->id", "", "post", array("id" => "g-edit-user-form"));
+    $form->set_attr("class", "g-narrow");
+    $group = $form->group("edit_user")->label(t("Edit User: %name", array("name" => $user->name)));
+    $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name);
+    self::_add_locale_dropdown($group, $user);
+    $group->password("password")->label(t("Password"))->id("g-password");
+    $group->password("password2")->label(t("Confirm Password"))->id("g-password2")
+      ->matches($group->password);
+    $group->input("email")->label(t("Email"))->id("g-email")->value($user->email);
+    $group->input("url")->label(t("URL"))->id("g-url")->value($user->url);
+    $form->add_rules_from($user);
+
+    module::event("user_edit_form", $user, $form);
+    $group->submit("")->value(t("Save"));
+    return $form;
+  }
+
+  static function get_edit_form_admin($user) {
+    $form = new Forge(
+      "admin/users/edit_user/$user->id", "", "post", array("id" => "g-edit-user-form"));
+    $group = $form->group("edit_user")->label(t("Edit User"));
+    $group->input("name")->label(t("Username"))->id("g-username")->value($user->name);
+    $group->inputs["name"]->error_messages(
+      "in_use", t("There is already a user with that username"));
+    $group->input("full_name")->label(t("Full Name"))->id("g-fullname")->value($user->full_name);
+    self::_add_locale_dropdown($group, $user);
+    $group->password("password")->label(t("Password"))->id("g-password");
+    $group->password("password2")->label(t("Confirm Password"))->id("g-password2")
+      ->matches($group->password);
+    $group->input("email")->label(t("Email"))->id("g-email")->value($user->email);
+    $group->input("url")->label(t("URL"))->id("g-url")->value($user->url);
+    $group->checkbox("admin")->label(t("Admin"))->id("g-admin")->checked($user->admin);
+    $form->add_rules_from($user);
+    $form->edit_user->password->rules("-required");
+
+    module::event("user_edit_form_admin", $user, $form);
+    $group->submit("")->value(t("Modify User"));
+    return $form;
+  }
+
+  static function get_add_form_admin() {
+    $form = new Forge("admin/users/add_user", "", "post", array("id" => "g-add-user-form"));
+    $form->set_attr('class', "g-narrow");
+    $group = $form->group("add_user")->label(t("Add User"));
+    $group->input("name")->label(t("Username"))->id("g-username")
+      ->error_messages("in_use", t("There is already a user with that username"));
+    $group->input("full_name")->label(t("Full Name"))->id("g-fullname");
+    $group->password("password")->label(t("Password"))->id("g-password");
+    $group->password("password2")->label(t("Confirm Password"))->id("g-password2")
+      ->matches($group->password);
+    $group->input("email")->label(t("Email"))->id("g-email");
+    $group->input("url")->label(t("URL"))->id("g-url");
+    self::_add_locale_dropdown($group);
+    $group->checkbox("admin")->label(t("Admin"))->id("g-admin");
+    $user = ORM::factory("user");
+    $form->add_rules_from($user);
+
+    module::event("user_add_form_admin", $user, $form);
+    $group->submit("")->value(t("Add User"));
+    return $form;
+  }
+
+  private static function _add_locale_dropdown(&$form, $user=null) {
+    $locales = locales::installed();
+    foreach ($locales as $locale => $display_name) {
+      $locales[$locale] = SafeString::of_safe_html($display_name);
+    }
+    if (count($locales) > 1) {
+      // Put "none" at the first position in the array
+      $locales = array_merge(array("" => t("« none »")), $locales);
+      $selected_locale = ($user && $user->locale) ? $user->locale : "";
+      $form->dropdown("locale")
+        ->label(t("Language Preference"))
+        ->options($locales)
+        ->selected($selected_locale);
+    }
+  }
+
+  static function get_delete_form_admin($user) {
+    $form = new Forge("admin/users/delete_user/$user->id", "", "post",
+                      array("id" => "g-delete-user-form"));
+    $group = $form->group("delete_user")->label(
+      t("Are you sure you want to delete user %name?", array("name" => $user->name)));
+    $group->submit("")->value(t("Delete user %name", array("name" => $user->name)));
+    return $form;
+  }
+
+  static function get_login_form($url) {
+    $form = new Forge($url, "", "post", array("id" => "g-login-form"));
+    $form->set_attr('class', "g-narrow");
+    $group = $form->group("login")->label(t("Login"));
+    $group->input("name")->label(t("Username"))->id("g-username")->class(null);
+    $group->password("password")->label(t("Password"))->id("g-password")->class(null);
+    $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password"));
+    $group->submit("")->value(t("Login"));
+    return $form;
+  }
+
+  /**
+   * Make sure that we have a session and group_ids cached in the session.
+   */
+  static function load_user() {
+    $session = Session::instance();
+    if (!($user = $session->get("user"))) {
+      $session->set("user", $user = user::guest());
+    }
+
+    // The installer cannot set a user into the session, so it just sets an id which we should
+    // upconvert into a user.
+    if ($user === 2) {
+      $user = model_cache::get("user", 2);
+      user::login($user);
+      $session->set("user", $user);
+    }
+
+    if (!$session->get("group_ids")) {
+      $ids = array();
+      foreach ($user->groups as $group) {
+        $ids[] = $group->id;
+      }
+      $session->set("group_ids", $ids);
+    }
+  }
+
+  /**
+   * Return the array of group ids this user belongs to
+   *
+   * @return array
+   */
+  static function group_ids() {
+    return Session::instance()->get("group_ids", array(1));
+  }
+
+  /**
+   * Return the active user.  If there's no active user, return the guest user.
+   *
+   * @return User_Model
+   */
+  static function active() {
+    // @todo (maybe) cache this object so we're not always doing session lookups.
+    $user = Session::instance()->get("user", null);
+    if (!isset($user)) {
+      // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary
+      // work.
+      $user = user::guest();
+    }
+    return $user;
+  }
+
+  /**
+   * Return the guest user.
+   *
+   * @todo consider caching
+   *
+   * @return User_Model
+   */
+  static function guest() {
+    return model_cache::get("user", 1);
+  }
+
+  /**
+   * Change the active user.
+   *
+   * @return User_Model
+   */
+  static function set_active($user) {
+    $session = Session::instance();
+    $session->set("user", $user);
+    $session->delete("group_ids");
+    self::load_user();
+  }
+
+  /**
+   * Create a new user.
+   *
+   * @param string  $name
+   * @param string  $full_name
+   * @param string  $password
+   * @return User_Model
+   */
+  static function create($name, $full_name, $password) {
+    $user = ORM::factory("user")->where("name", $name)->find();
+    if ($user->loaded) {
+      throw new Exception("@todo USER_ALREADY_EXISTS $name");
+    }
+
+    $user->name = $name;
+    $user->full_name = $full_name;
+    $user->password = $password;
+
+    // Required groups
+    $user->add(group::everybody());
+    $user->add(group::registered_users());
+
+    $user->save();
+    return $user;
+  }
+
+  /**
+   * Is the password provided correct?
+   *
+   * @param user User Model
+   * @param string $password a plaintext password
+   * @return boolean true if the password is correct
+   */
+  static function is_correct_password($user, $password) {
+    $valid = $user->password;
+
+    // Try phpass first, since that's what we generate.
+    if (strlen($valid) == 34) {
+      require_once(MODPATH . "user/lib/PasswordHash.php");
+      $hashGenerator = new PasswordHash(10, true);
+      return $hashGenerator->CheckPassword($password, $valid);
+    }
+
+    $salt = substr($valid, 0, 4);
+    // Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes:
+    $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password));
+    if (!strcmp($guess, $valid)) {
+      return true;
+    }
+
+    // Passwords with <&"> created by G2 prior to 2.1 were hashed with entities
+    $sanitizedPassword = html::specialchars($password, false);
+    $guess = (strlen($valid) == 32) ? md5($sanitizedPassword)
+          : ($salt . md5($salt . $sanitizedPassword));
+    if (!strcmp($guess, $valid)) {
+      return true;
+    }
+
+    return false;
+  }
+
+  /**
+   * Create the hashed passwords.
+   * @param string $password a plaintext password
+   * @return string hashed password
+   */
+  static function hash_password($password) {
+    require_once(MODPATH . "user/lib/PasswordHash.php");
+    $hashGenerator = new PasswordHash(10, true);
+    return $hashGenerator->HashPassword($password);
+  }
+
+  /**
+   * Log in as a given user.
+   * @param object $user the user object.
+   */
+  static function login($user) {
+    $user->login_count += 1;
+    $user->last_login = time();
+    $user->save();
+
+    user::set_active($user);
+    module::event("user_login", $user);
+  }
+
+  /**
+   * Log out the active user and destroy the session.
+   * @param object $user the user object.
+   */
+  static function logout() {
+    $user = user::active();
+    if (!$user->guest) {
+      try {
+        Session::instance()->destroy();
+      } catch (Exception $e) {
+        Kohana::log("error", $e);
+      }
+      module::event("user_logout", $user);
+    }
+  }
+
+  /**
+   * Look up a user by id.
+   * @param integer      $id the user id
+   * @return User_Model  the user object, or null if the id was invalid.
+   */
+  static function lookup($id) {
+    return self::_lookup_user_by_field("id", $id);
+  }
+
+  /**
+   * Look up a user by name.
+   * @param integer      $name the user name
+   * @return User_Model  the user object, or null if the name was invalid.
+   */
+  static function lookup_by_name($name) {
+    return self::_lookup_user_by_field("name", $name);
+  }
+
+  /**
+   * Look up a user by hash.
+   * @param integer      $hash the user hash value
+   * @return User_Model  the user object, or null if the name was invalid.
+   */
+  static function lookup_by_hash($hash) {
+    return self::_lookup_user_by_field("hash", $hash);
+  }
+
+  /**
+   * List the users
+   * @param mixed      filters (@see Database.php
+   * @return array     the user list.
+   */
+  static function get_user_list($filter=array()) {
+    $user = ORM::factory("user");
+
+    foreach($filter as $method => $args) {
+      switch ($method) {
+      case "in":
+        $user->in($args[0], $args[1]);
+        break;
+      default:
+        $user->$method($args);
+      }
+    }
+    return $user->find_all();
+  }
+
+  /**
+   * Look up a user by field value.
+   * @param string      search field
+   * @param string      search value
+   * @return User_Core  the user object, or null if the name was invalid.
+   */
+ private static function _lookup_user_by_field($field_name, $value) {
+    try {
+      $user = model_cache::get("user", $value, $field_name);
+      if ($user->loaded) {
+        return $user;
+      }
+    } catch (Exception $e) {
+      if (strpos($e->getMessage(), "MISSING_MODEL") === false) {
+       throw $e;
+      }
+    }
+    return null;
+  }
+}
+\ No newline at end of file
author	Tim Almdal <tnalmdal@shaw.ca>	2009-10-13 13:37:37 -0700
committer	Tim Almdal <tnalmdal@shaw.ca>	2009-10-13 13:37:37 -0700
commit	14e14003de0ae5dfe1886bec5bec435d15c7554f (patch)
tree	7c52b07001c3df348928f72493f6e79a2c31f6f1 /modules/gallery/helpers
parent	2af48060117bdf30fb48929dd8c9d22800a70843 (diff)