summaryrefslogtreecommitdiff
path: root/modules/user
diff options
context:
space:
mode:
authorTim Almdal <tnalmdal@shaw.ca>2009-10-05 14:04:27 -0700
committerTim Almdal <tnalmdal@shaw.ca>2009-10-09 01:26:35 -0700
commit00ee91837faf4807fb17dde3272ca8248a9dcd94 (patch)
tree29bf1e98cdb6fc16c548b5dfbe15a965cb524235 /modules/user
parentf67bfd099296602f60d48914ae4b09d65b0ad8d3 (diff)
Convert direct lookups for the user table using ORM to using the user::lookup_by_name and user_lookup API methods.
Convert the Admin_User controller Convert the login and password change controller Change the item model to call user::lookup to get the owner. On the log model, delete the relationship between the log and user table, and replace with a call to user::lookup (cherry picked from commit 194cc3b27a73afe5119da9f09407c1e068dc6fa3) Create the get_user_list, lookup_by_name, lookup_by_hash and get_group_list api functions
Diffstat (limited to 'modules/user')
-rw-r--r--modules/user/controllers/admin_users.php65
-rw-r--r--modules/user/controllers/login.php5
-rw-r--r--modules/user/controllers/password.php15
-rw-r--r--modules/user/helpers/group.php14
-rw-r--r--modules/user/helpers/user.php55
5 files changed, 97 insertions, 57 deletions
diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php
index 0b748955..a8a8cd95 100644
--- a/modules/user/controllers/admin_users.php
+++ b/modules/user/controllers/admin_users.php
@@ -21,8 +21,8 @@ class Admin_Users_Controller extends Admin_Controller {
public function index() {
$view = new Admin_View("admin.html");
$view->content = new View("admin_users.html");
- $view->content->users = ORM::factory("user")->orderby("name")->find_all();
- $view->content->groups = ORM::factory("group")->orderby("name")->find_all();
+ $view->content->users = user::get_user_list(array("orderby" => array("name" => "ASC")));
+ $view->content->groups = group::get_group_list(array("orderby" => array("name" => "ASC")));
print $view;
}
@@ -32,8 +32,7 @@ class Admin_Users_Controller extends Admin_Controller {
$form = user::get_add_form_admin();
$valid = $form->validate();
$name = $form->add_user->inputs["name"]->value;
- $user = ORM::factory("user")->where("name", $name)->find();
- if ($user->loaded) {
+ if ($user = user::lookup_by_name($name)) {
$form->add_user->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
@@ -70,8 +69,8 @@ class Admin_Users_Controller extends Admin_Controller {
access::forbidden();
}
- $user = ORM::factory("user", $id);
- if (!$user->loaded) {
+ $user = user::lookup($id);
+ if (empty($user)) {
kohana::show_404();
}
@@ -91,8 +90,8 @@ class Admin_Users_Controller extends Admin_Controller {
}
public function delete_user_form($id) {
- $user = ORM::factory("user", $id);
- if (!$user->loaded) {
+ $user = user::lookup($id);
+ if (empty($user)) {
kohana::show_404();
}
print user::get_delete_form_admin($user);
@@ -101,8 +100,8 @@ class Admin_Users_Controller extends Admin_Controller {
public function edit_user($id) {
access::verify_csrf();
- $user = ORM::factory("user", $id);
- if (!$user->loaded) {
+ $user = user::lookup($id);
+ if (empty($user)) {
kohana::show_404();
}
@@ -110,12 +109,9 @@ class Admin_Users_Controller extends Admin_Controller {
$valid = $form->validate();
if ($valid) {
$new_name = $form->edit_user->inputs["name"]->value;
+ $temp_user = user::lookup_by_name($new_name);
if ($new_name != $user->name &&
- ORM::factory("user")
- ->where("name", $new_name)
- ->where("id !=", $user->id)
- ->find()
- ->loaded) {
+ ($temp_user && $temp_user->id != $user->id)) {
$form->edit_user->inputs["name"]->add_error("in_use", 1);
$valid = false;
} else {
@@ -151,8 +147,8 @@ class Admin_Users_Controller extends Admin_Controller {
}
public function edit_user_form($id) {
- $user = ORM::factory("user", $id);
- if (!$user->loaded) {
+ $user = user::lookup($id);
+ if (empty($user)) {
kohana::show_404();
}
@@ -166,23 +162,23 @@ class Admin_Users_Controller extends Admin_Controller {
public function add_user_to_group($user_id, $group_id) {
access::verify_csrf();
- $group = ORM::factory("group", $group_id);
- $user = ORM::factory("user", $user_id);
+ $group = group::lookup($group_id);
+ $user = user::lookup($user_id);
$group->add($user);
$group->save();
}
public function remove_user_from_group($user_id, $group_id) {
access::verify_csrf();
- $group = ORM::factory("group", $group_id);
- $user = ORM::factory("user", $user_id);
+ $group = group::lookup($group_id);
+ $user = user::lookup($user_id);
$group->remove($user);
$group->save();
}
public function group($group_id) {
$view = new View("admin_users_group.html");
- $view->group = ORM::factory("group", $group_id);
+ $view->group = group::lookup($group_id);
print $view;
}
@@ -193,8 +189,8 @@ class Admin_Users_Controller extends Admin_Controller {
$valid = $form->validate();
if ($valid) {
$new_name = $form->add_group->inputs["name"]->value;
- $group = ORM::factory("group")->where("name", $new_name)->find();
- if ($group->loaded) {
+ $group = group::lookup_by_name($new_name);
+ if (!empty($group)) {
$form->add_group->inputs["name"]->add_error("in_use", 1);
$valid = false;
}
@@ -219,8 +215,8 @@ class Admin_Users_Controller extends Admin_Controller {
public function delete_group($id) {
access::verify_csrf();
- $group = ORM::factory("group", $id);
- if (!$group->loaded) {
+ $group = group::lookup($id);
+ if (empty($group)) {
kohana::show_404();
}
@@ -240,19 +236,20 @@ class Admin_Users_Controller extends Admin_Controller {
}
public function delete_group_form($id) {
- $group = ORM::factory("group", $id);
- if (!$group->loaded) {
+ $group = group::lookup($id);
+ if (empty($group)) {
kohana::show_404();
}
+
print group::get_delete_form_admin($group);
}
public function edit_group($id) {
access::verify_csrf();
- $group = ORM::factory("group", $id);
- if (!$group->loaded) {
- kohana::show_404();
+ $group = group::lookup($id);
+ if (empty($group)) {
+ kohana::show_404();
}
$form = group::get_edit_form_admin($group);
@@ -260,7 +257,7 @@ class Admin_Users_Controller extends Admin_Controller {
if ($valid) {
$new_name = $form->edit_group->inputs["name"]->value;
- $group = ORM::factory("group")->where("name", $new_name)->find();
+ $group = group::lookup_by_name($name);
if ($group->loaded) {
$form->edit_group->inputs["name"]->add_error("in_use", 1);
$valid = false;
@@ -282,8 +279,8 @@ class Admin_Users_Controller extends Admin_Controller {
}
public function edit_group_form($id) {
- $group = ORM::factory("group", $id);
- if (!$group->loaded) {
+ $group = group::lookup($id);
+ if (empty($group)) {
kohana::show_404();
}
diff --git a/modules/user/controllers/login.php b/modules/user/controllers/login.php
index 8bee7db5..2c4bd557 100644
--- a/modules/user/controllers/login.php
+++ b/modules/user/controllers/login.php
@@ -53,13 +53,12 @@ class Login_Controller extends Controller {
print $form;
}
}
-
private function _auth($url) {
$form = user::get_login_form($url);
$valid = $form->validate();
if ($valid) {
- $user = ORM::factory("user")->where("name", $form->login->inputs["name"]->value)->find();
- if (!$user->loaded || !user::is_correct_password($user, $form->login->password->value)) {
+ $user = user::lookup_by_name($form->login->inputs["name"]->value);
+ if (empty($user) || !user::is_correct_password($user, $form->login->password->value)) {
log::warning(
"user",
t("Failed login for %name",
diff --git a/modules/user/controllers/password.php b/modules/user/controllers/password.php
index 4629bbf2..e8b08960 100644
--- a/modules/user/controllers/password.php
+++ b/modules/user/controllers/password.php
@@ -32,10 +32,8 @@ class Password_Controller extends Controller {
if (request::method() == "post") {
$this->_change_password();
} else {
- $user = ORM::factory("user")
- ->where("hash", Input::instance()->get("key"))
- ->find();
- if ($user->loaded) {
+ $user = user::lookup_by_hash(Input::instance()->get("key"));
+ if (!empty($user)) {
print $this->_new_password_form($user->hash);
} else {
throw new Exception("@todo FORBIDDEN", 503);
@@ -48,7 +46,7 @@ class Password_Controller extends Controller {
$valid = $form->validate();
if ($valid) {
- $user = ORM::factory("user")->where("name", $form->reset->inputs["name"]->value)->find();
+ $user = user::lockup_by_name($form->reset->inputs["name"]->value);
if (!$user->loaded || empty($user->email)) {
$form->reset->inputs["name"]->add_error("no_email", 1);
$valid = false;
@@ -118,11 +116,8 @@ class Password_Controller extends Controller {
private function _change_password() {
$view = $this->_new_password_form();
if ($view->content->validate()) {
- $user = ORM::factory("user")
- ->where("hash", $view->content->reset->hash->value)
- ->find();
-
- if (!$user->loaded) {
+ $user = user::lookup_by_hash(Input::instance()->get("key"));
+ if (empty($user)) {
throw new Exception("@todo FORBIDDEN", 503);
}
diff --git a/modules/user/helpers/group.php b/modules/user/helpers/group.php
index b13895bc..2590c7d1 100644
--- a/modules/user/helpers/group.php
+++ b/modules/user/helpers/group.php
@@ -73,6 +73,20 @@ class group_Core {
return null;
}
+ /**
+ * List the users
+ * @param mixed filters (@see Database.php
+ * @return array the group list.
+ */
+ static function get_group_list($filter=array()) {
+ $group = ORM::factory("group");
+
+ foreach($filter as $method => $args) {
+ $group->$method($args);
+ }
+ return $group->find_all();
+ }
+
static function get_edit_form_admin($group) {
$form = new Forge("admin/users/edit_group/$group->id", "", "post", array("id" => "g-edit-group-form"));
$form_group = $form->group("edit_group")->label(t("Edit Group"));
diff --git a/modules/user/helpers/user.php b/modules/user/helpers/user.php
index 432994d6..6a155768 100644
--- a/modules/user/helpers/user.php
+++ b/modules/user/helpers/user.php
@@ -304,27 +304,62 @@ class user_Core {
* @return User_Model the user object, or null if the id was invalid.
*/
static function lookup($id) {
- $user = model_cache::get("user", $id);
- if ($user->loaded) {
- return $user;
- }
- return null;
+ return self::_lookup_user_by_field("id", $id);
}
/**
* Look up a user by name.
- * @param integer $id the user name
+ * @param integer $name the user name
* @return User_Model the user object, or null if the name was invalid.
*/
static function lookup_by_name($name) {
- $user = model_cache::get("user", $name, "name");
- if ($user->loaded) {
- return $user;
+ return self::_lookup_user_by_field("name", $name);
+ }
+
+ /**
+ * Look up a user by hash.
+ * @param integer $hash the user hash value
+ * @return User_Model the user object, or null if the name was invalid.
+ */
+ static function lookup_by_hash($hash) {
+ return self::_lookup_user_by_field("hash", $hash);
+ }
+
+ /**
+ * List the users
+ * @param mixed filters (@see Database.php
+ * @return array the user list.
+ */
+ static function get_user_list($filter=array()) {
+ $user = ORM::factory("user");
+
+ foreach($filter as $method => $args) {
+ $user->$method($args);
}
- return null;
+ return $user->find_all();
}
/**
+ * Look up a user by field value.
+ * @param string search field
+ * @param string search value
+ * @return User_Core the user object, or null if the name was invalid.
+ */
+ private static function _lookup_user_by_field($field_name, $value) {
+ try {
+ $user = model_cache::get("user", $value, $field_name);
+ if ($user->loaded) {
+ return $user;
+ }
+ } catch (Exception $e) {
+ if (strpos($e->getMessage(), "MISSING_MODEL") === false) {
+ throw $e;
+ }
+ }
+ return null;
+ }
+
+ /**
* Create a hashed password using md5 plus salt.
* @param string $password plaintext password
* @param string $salt (optional) salt or hash containing salt (randomly generated if omitted)
generated by cgit v1.2.3 (git 2.51.0) at 2025-10-31 03:46:38 +0000