diff options
Diffstat (limited to 'modules/gallery/helpers')
| -rw-r--r-- | modules/gallery/helpers/access.php | 13 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_event.php | 22 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_installer.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/gallery_theme.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/group.php | 120 | ||||
| -rw-r--r-- | modules/gallery/helpers/identity.php | 221 | ||||
| -rw-r--r-- | modules/gallery/helpers/item.php | 4 | ||||
| -rw-r--r-- | modules/gallery/helpers/locales.php | 4 | ||||
| -rw-r--r-- | modules/gallery/helpers/log.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/login.php | 31 | ||||
| -rw-r--r-- | modules/gallery/helpers/module.php | 7 | ||||
| -rw-r--r-- | modules/gallery/helpers/movie.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/photo.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/site_status.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/task.php | 2 | ||||
| -rw-r--r-- | modules/gallery/helpers/user.php | 279 |
17 files changed, 291 insertions, 426 deletions
diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 949aea84..a3abbe2e 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -79,7 +79,7 @@ class access_Core { * @return boolean */ static function can($perm_name, $item) { - return self::user_can(user::active(), $perm_name, $item); + return self::user_can(identity::active_user(), $perm_name, $item); } /** @@ -197,8 +197,8 @@ class access_Core { * @param Item_Model $item * @param boolean $value */ - private static function _set(Group_Model $group, $perm_name, $album, $value) { - if (get_class($group) != "Group_Model") { + private static function _set(Group_Definition $group, $perm_name, $album, $value) { + if (!($group instanceof Group_Definition)) { throw new Exception("@todo PERMISSIONS_ONLY_WORK_ON_GROUPS"); } if (!$album->loaded) { @@ -419,10 +419,11 @@ class access_Core { * @return ORM_Iterator */ private static function _get_all_groups() { - // When we build the gallery package, it's possible that the user module is not installed yet. + // When we build the gallery package, it's possible that there is no identity provider installed yet. // This is ok at packaging time, so work around it. - if (module::is_active("user")) { - return ORM::factory("group")->find_all(); + $config = module::get_var("gallery", "identity_provider"); + if (!empty($config)) { + return identity::groups(); } else { return array(); } diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php index 50e2c43b..84f8a7fb 100644 --- a/modules/gallery/helpers/gallery.php +++ b/modules/gallery/helpers/gallery.php @@ -27,7 +27,7 @@ class gallery_Core { static function maintenance_mode() { $maintenance_mode = Kohana::config("core.maintenance_mode", false, false); - if (Router::$controller != "login" && !empty($maintenance_mode) && !user::active()->admin) { + if (Router::$controller != "login" && !empty($maintenance_mode) && !identity::active_user()->admin) { Router::$controller = "maintenance"; Router::$controller_path = MODPATH . "gallery/controllers/maintenance.php"; Router::$method = "index"; diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index e0de2152..b6afa2c8 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -23,7 +23,7 @@ class gallery_event_Core { * Initialization. */ static function gallery_ready() { - user::load_user(); + identity::load_user(); locales::set_request_locale(); } @@ -135,7 +135,7 @@ class gallery_event_Core { } } - if (user::active()->admin) { + if (identity::active_user()->admin) { $menu->append($admin_menu = Menu::factory("submenu") ->id("admin_menu") ->label(t("Admin"))); @@ -186,11 +186,19 @@ class gallery_event_Core { ->append(Menu::factory("link") ->id("sidebar") ->label(t("Manage Sidebar")) - ->url(url::site("admin/sidebar")))) - ->append(Menu::factory("link") - ->id("users_groups") - ->label(t("Users/Groups")) - ->url(url::site("admin/users"))) + ->url(url::site("admin/sidebar")))); + if (count(identity::providers()) > 1) { + $menu + ->append(Menu::factory("submenu") + ->id("identity_menu") + ->label(t("Identity Management")) + ->append(Menu::factory("link") + ->id("identity_drivers") + ->label(t("Identity Drivers")) + ->url(url::site("admin/identity")))); + } + + $menu ->append(Menu::factory("submenu") ->id("statistics_menu") ->label(t("Statistics"))) diff --git a/modules/gallery/helpers/gallery_installer.php b/modules/gallery/helpers/gallery_installer.php index b1ea1f19..9c19eaed 100644 --- a/modules/gallery/helpers/gallery_installer.php +++ b/modules/gallery/helpers/gallery_installer.php @@ -317,7 +317,7 @@ class gallery_installer { } if ($version == 7) { - $groups = ORM::factory("group")->find_all(); + $groups = identity::groups(); $permissions = ORM::factory("permission")->find_all(); foreach($groups as $group) { foreach($permissions as $permission) { diff --git a/modules/gallery/helpers/gallery_theme.php b/modules/gallery/helpers/gallery_theme.php index a342b4bd..5f3eb2a9 100644 --- a/modules/gallery/helpers/gallery_theme.php +++ b/modules/gallery/helpers/gallery_theme.php @@ -54,7 +54,7 @@ class gallery_theme_Core { static function header_top($theme) { if ($theme->page_type != "login") { $view = new View("login.html"); - $view->user = user::active(); + $view->user = identity::active_user(); return $view->render(); } } diff --git a/modules/gallery/helpers/group.php b/modules/gallery/helpers/group.php deleted file mode 100644 index 1702fb87..00000000 --- a/modules/gallery/helpers/group.php +++ /dev/null @@ -1,120 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -/** - * This is the API for handling groups. - * - * Note: by design, this class does not do any permission checking. - */ -class group_Core { - /** - * Create a new group. - * - * @param string $name - * @return Group_Model - */ - static function create($name) { - $group = ORM::factory("group")->where("name", $name)->find(); - if ($group->loaded) { - throw new Exception("@todo GROUP_ALREADY_EXISTS $name"); - } - - $group->name = $name; - $group->save(); - - return $group; - } - - /** - * The group of all possible visitors. This includes the guest user. - * - * @return Group_Model - */ - static function everybody() { - return model_cache::get("group", 1); - } - - /** - * The group of all logged-in visitors. This does not include guest users. - * - * @return Group_Model - */ - static function registered_users() { - return model_cache::get("group", 2); - } - - /** - * Look up a user by id. - * @param integer $id the user id - * @return User_Model the user object, or null if the id was invalid. - */ - static function lookup($id) { - return self::_lookup_group_by_field("id", $id); - } - - /** - * Look up a group by name. - * @param integer $id the group name - * @return Group_Model the group object, or null if the name was invalid. - */ - static function lookup_by_name($name) { - return self::_lookup_group_by_field("name", $name); - } - - /** - * Look up a user by field value. - * @param string search field - * @param string search value - * @return Group_Model the user object, or null if the name was invalid. - */ - private static function _lookup_group_by_field($field_name, $value) { - try { - $user = model_cache::get("group", $value, $field_name); - if ($user->loaded) { - return $user; - } - } catch (Exception $e) { - if (strpos($e->getMessage(), "MISSING_MODEL") === false) { - throw $e; - } - } - return null; - } - - /** - * List the users - * @param mixed filters (@see Database.php - * @return array the group list. - */ - static function get_group_list($filter=array()) { - $group = ORM::factory("group"); - - foreach($filter as $method => $args) { - switch ($method) { - case "in": - $group->in($args[0], $args[1]); - break; - default: - $group->$method($args); - } - } - return $group->find_all(); - } -} diff --git a/modules/gallery/helpers/identity.php b/modules/gallery/helpers/identity.php new file mode 100644 index 00000000..d0cba8e7 --- /dev/null +++ b/modules/gallery/helpers/identity.php @@ -0,0 +1,221 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ + +class identity_Core { + protected static $available; + + /** + * Return a list of installed Identity Drivers. + * + * @return boolean true if the driver supports updates; false if read only + */ + static function providers() { + if (empty(self::$available)) { + $drivers = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS); + foreach (module::available() as $module_name => $module) { + if (file_exists(MODPATH . "{$module_name}/config/identity.php")) { + $drivers->$module_name = $module->description; + } + } + self::$available = $drivers; + } + return self::$available; + } + + /** + * Frees the current instance of the identity provider so the next call to instance will reload + * + * @param string configuration + * @return Identity_Core + */ + static function reset() { + IdentityProvider::reset(); + } + + /** + * Make sure that we have a session and group_ids cached in the session. + */ + static function load_user() { + //try { + // Call IdentityProvider::instance() now to force the load of the user interface classes. + // We are about to load the active user from the session and which needs the user definition + // class, which can't be reached by Kohana's heiracrchical lookup. + IdentityProvider::instance(); + + $session = Session::instance(); + if (!($user = $session->get("user"))) { + self::set_active_user($user = self::guest()); + } + + // The installer cannot set a user into the session, so it just sets an id which we should + // upconvert into a user. + // @todo set the user name into the session instead of 2 and then use it to get the user object + if ($user === 2) { + $user = IdentityProvider::instance()->lookup_user_by_name("admin"); + self::set_active_user($user); + $session->set("user", $user); + } + + if (!$session->get("group_ids")) { + $ids = array(); + foreach ($user->groups as $group) { + $ids[] = $group->id; + } + $session->set("group_ids", $ids); + } + //} catch (Exception $e) { + // try { + // Session::instance()->destroy(); + // } catch (Exception $e) { + // We don't care if there was a problem destroying the session. + // } + // url::redirect(item::root()->abs_url()); + //} + } + + /** + * Return the array of group ids this user belongs to + * + * @return array + */ + static function group_ids_for_active_user() { + return Session::instance()->get("group_ids", array(1)); + } + + /** + * Return the active user. If there's no active user, return the guest user. + * + * @return User_Definition + */ + static function active_user() { + // @todo (maybe) cache this object so we're not always doing session lookups. + $user = Session::instance()->get("user", null); + if (!isset($user)) { + // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary + // work. + $user = identity::guest(); + } + return $user; + } + + /** + * Change the active user. + * @param User_Definition $user + */ + static function set_active_user($user) { + $session = Session::instance(); + $session->set("user", $user); + $session->delete("group_ids"); + self::load_user(); + } + + /** + * Determine if if the current driver supports updates. + * + * @return boolean true if the driver supports updates; false if read only + */ + static function is_writable() { + return IdentityProvider::instance()->is_writable(); + } + + /** + * @see IdentityProvider_Driver::guest. + */ + static function guest() { + return IdentityProvider::instance()->guest(); + } + + /** + * @see IdentityProvider_Driver::create_user. + */ + static function create_user($name, $full_name, $password) { + return IdentityProvider::instance()->create_user($name, $full_name, $password); + } + + /** + * @see IdentityProvider_Driver::is_correct_password. + */ + static function is_correct_password($user, $password) { + return IdentityProvider::instance()->is_correct_password($user, $password); + } + + /** + * @see IdentityProvider_Driver::lookup_user. + */ + static function lookup_user($id) { + return IdentityProvider::instance()->lookup_user($id); + } + + /** + * @see IdentityProvider_Driver::lookup_user_by_name. + */ + static function lookup_user_by_name($name) { + return IdentityProvider::instance()->lookup_user_by_name($name); + } + + /** + * @see IdentityProvider_Driver::create_group. + */ + static function create_group($name) { + return IdentityProvider::instance()->create_group($name); + } + + /** + * @see IdentityProvider_Driver::everybody. + */ + static function everybody() { + return IdentityProvider::instance()->everybody(); + } + + /** + * @see IdentityProvider_Driver::registered_users. + */ + static function registered_users() { + return IdentityProvider::instance()->everybody(); + } + + /** + * @see IdentityProvider_Driver::lookup_group. + */ + static function lookup_group($id) { + return IdentityProvider::instance()->lookup_group($id); + } + + /** + * @see IdentityProvider_Driver::lookup_group_by_name. + */ + static function lookup_group_by_name($name) { + return IdentityProvider::instance()->lookup_group_by_name($name); + } + + /** + * @see IdentityProvider_Driver::get_user_list. + */ + static function get_user_list($ids) { + return IdentityProvider::instance()->get_user_list($ids); + } + + /** + * @see IdentityProvider_Driver::groups. + */ + static function groups() { + return IdentityProvider::instance()->groups(); + } +}
\ No newline at end of file diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index 084bbc15..b3b6d0bb 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -158,8 +158,8 @@ class item_Core { */ static function viewable($model) { $view_restrictions = array(); - if (!user::active()->admin) { - foreach (user::group_ids() as $id) { + if (!identity::active_user()->admin) { + foreach (identity::group_ids_for_active_user() as $id) { // Separate the first restriction from the rest to make it easier for us to formulate // our where clause below if (empty($view_restrictions)) { diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index f0807c99..2de029ff 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -225,11 +225,11 @@ class locales_Core { $locale = self::cookie_locale(); // 2. Check the user's preference if (!$locale) { - $locale = user::active()->locale; + $locale = identity::active_user()->locale; } // 3. Check the browser's / OS' preference if (!$locale) { - $locale = locales::locale_from_http_request(); + $locale = self::locale_from_http_request(); } // If we have any preference, override the site's default locale if ($locale) { diff --git a/modules/gallery/helpers/log.php b/modules/gallery/helpers/log.php index c8e94b45..184b0b97 100644 --- a/modules/gallery/helpers/log.php +++ b/modules/gallery/helpers/log.php @@ -80,7 +80,7 @@ class log_Core { $log->url = substr(url::abs_current(true), 0, 255); $log->referer = request::referrer(null); $log->timestamp = time(); - $log->user_id = user::active()->id; + $log->user_id = identity::active_user()->id; $log->save(); } diff --git a/modules/gallery/helpers/login.php b/modules/gallery/helpers/login.php new file mode 100644 index 00000000..d44153ad --- /dev/null +++ b/modules/gallery/helpers/login.php @@ -0,0 +1,31 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class login_Core { + static function get_login_form($url) { + $form = new Forge($url, "", "post", array("id" => "g-login-form")); + $form->set_attr('class', "g-narrow"); + $group = $form->group("login")->label(t("Login")); + $group->input("name")->label(t("Username"))->id("g-username")->class(null); + $group->password("password")->label(t("Password"))->id("g-password")->class(null); + $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); + $group->submit("")->value(t("Login")); + return $form; + } +}
\ No newline at end of file diff --git a/modules/gallery/helpers/module.php b/modules/gallery/helpers/module.php index 5b34f453..9d41cd51 100644 --- a/modules/gallery/helpers/module.php +++ b/modules/gallery/helpers/module.php @@ -103,7 +103,8 @@ class module_Core { // Lock certain modules $modules->gallery->locked = true; - $modules->user->locked = true; + $identity_module = self::get_var("gallery", "identity_provider", "user"); + $modules->$identity_module->locked = true; $modules->ksort(); self::$available = $modules; } @@ -129,6 +130,8 @@ class module_Core { array_unshift($kohana_modules, MODPATH . $module_name); Kohana::config_set("core.modules", $kohana_modules); + // Rebuild the include path so the module installer can benefit from auto loading + Kohana::include_paths(true); $installer_class = "{$module_name}_installer"; if (method_exists($installer_class, "install")) { call_user_func_array(array($installer_class, "install"), array()); @@ -153,7 +156,7 @@ class module_Core { */ static function upgrade($module_name) { $kohana_modules = Kohana::config("core.modules"); - array_unshift($kohana_modules, MODPATH . $module_name); + $kohana_modules = array_unshift($kohana_modules, MODPATH . $module_name); Kohana::config_set("core.modules", $kohana_modules); $version_before = module::get_version($module_name); diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index 9ca28fe6..6dac0803 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -77,7 +77,7 @@ class movie_Core { $movie->title = $title; $movie->description = $description; $movie->name = $name; - $movie->owner_id = $owner_id ? $owner_id : user::active(); + $movie->owner_id = $owner_id ? $owner_id : identity::active_user()->id; $movie->width = $movie_info[0]; $movie->height = $movie_info[1]; $movie->mime_type = strtolower($pi["extension"]) == "mp4" ? "video/mp4" : "video/x-flv"; diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index d1d8fb1f..01cf5278 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -76,7 +76,7 @@ class photo_Core { $photo->title = $title; $photo->description = $description; $photo->name = $name; - $photo->owner_id = $owner_id ? $owner_id : user::active(); + $photo->owner_id = $owner_id ? $owner_id : identity::active_user()->id; $photo->width = $image_info[0]; $photo->height = $image_info[1]; $photo->mime_type = empty($image_info['mime']) ? "application/unknown" : $image_info['mime']; diff --git a/modules/gallery/helpers/site_status.php b/modules/gallery/helpers/site_status.php index b7c6de9a..2b090776 100644 --- a/modules/gallery/helpers/site_status.php +++ b/modules/gallery/helpers/site_status.php @@ -95,7 +95,7 @@ class site_status_Core { * @return html text */ static function get() { - if (!user::active()->admin) { + if (!identity::active_user()->admin) { return; } $buf = array(); diff --git a/modules/gallery/helpers/task.php b/modules/gallery/helpers/task.php index 9fa04305..dac5f9d3 100644 --- a/modules/gallery/helpers/task.php +++ b/modules/gallery/helpers/task.php @@ -42,7 +42,7 @@ class task_Core { $task->percent_complete = 0; $task->status = ""; $task->state = "started"; - $task->owner_id = user::active()->id; + $task->owner_id = identity::active_user()->id; $task->context = serialize($context); $task->save(); diff --git a/modules/gallery/helpers/user.php b/modules/gallery/helpers/user.php deleted file mode 100644 index e7e75d64..00000000 --- a/modules/gallery/helpers/user.php +++ /dev/null @@ -1,279 +0,0 @@ -<?php defined("SYSPATH") or die("No direct script access."); -/** - * Gallery - a web based photo album viewer and editor - * Copyright (C) 2000-2009 Bharat Mediratta - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or (at - * your option) any later version. - * - * This program is distributed in the hope that it will be useful, but - * WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. - */ - -/** - * This is the API for handling users. - * - * Note: by design, this class does not do any permission checking. - */ -class user_Core { - static function get_login_form($url) { - $form = new Forge($url, "", "post", array("id" => "g-login-form")); - $form->set_attr('class', "g-narrow"); - $group = $form->group("login")->label(t("Login")); - $group->input("name")->label(t("Username"))->id("g-username")->class(null); - $group->password("password")->label(t("Password"))->id("g-password")->class(null); - $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); - $group->submit("")->value(t("Login")); - return $form; - } - - /** - * Make sure that we have a session and group_ids cached in the session. - */ - static function load_user() { - $session = Session::instance(); - if (!($user = $session->get("user"))) { - $session->set("user", $user = user::guest()); - } - - // The installer cannot set a user into the session, so it just sets an id which we should - // upconvert into a user. - if ($user === 2) { - $user = model_cache::get("user", 2); - user::login($user); - $session->set("user", $user); - } - - if (!$session->get("group_ids")) { - $ids = array(); - foreach ($user->groups as $group) { - $ids[] = $group->id; - } - $session->set("group_ids", $ids); - } - } - - /** - * Return the array of group ids this user belongs to - * - * @return array - */ - static function group_ids() { - return Session::instance()->get("group_ids", array(1)); - } - - /** - * Return the active user. If there's no active user, return the guest user. - * - * @return User_Model - */ - static function active() { - // @todo (maybe) cache this object so we're not always doing session lookups. - $user = Session::instance()->get("user", null); - if (!isset($user)) { - // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary - // work. - $user = user::guest(); - } - return $user; - } - - /** - * Return the guest user. - * - * @todo consider caching - * - * @return User_Model - */ - static function guest() { - return model_cache::get("user", 1); - } - - /** - * Change the active user. - * - * @return User_Model - */ - static function set_active($user) { - $session = Session::instance(); - $session->set("user", $user); - $session->delete("group_ids"); - self::load_user(); - } - - /** - * Create a new user. - * - * @param string $name - * @param string $full_name - * @param string $password - * @return User_Model - */ - static function create($name, $full_name, $password) { - $user = ORM::factory("user")->where("name", $name)->find(); - if ($user->loaded) { - throw new Exception("@todo USER_ALREADY_EXISTS $name"); - } - - $user->name = $name; - $user->full_name = $full_name; - $user->password = $password; - - // Required groups - $user->add(group::everybody()); - $user->add(group::registered_users()); - - $user->save(); - return $user; - } - - /** - * Is the password provided correct? - * - * @param user User Model - * @param string $password a plaintext password - * @return boolean true if the password is correct - */ - static function is_correct_password($user, $password) { - $valid = $user->password; - - // Try phpass first, since that's what we generate. - if (strlen($valid) == 34) { - require_once(MODPATH . "user/lib/PasswordHash.php"); - $hashGenerator = new PasswordHash(10, true); - return $hashGenerator->CheckPassword($password, $valid); - } - - $salt = substr($valid, 0, 4); - // Support both old (G1 thru 1.4.0; G2 thru alpha-4) and new password schemes: - $guess = (strlen($valid) == 32) ? md5($password) : ($salt . md5($salt . $password)); - if (!strcmp($guess, $valid)) { - return true; - } - - // Passwords with <&"> created by G2 prior to 2.1 were hashed with entities - $sanitizedPassword = html::specialchars($password, false); - $guess = (strlen($valid) == 32) ? md5($sanitizedPassword) - : ($salt . md5($salt . $sanitizedPassword)); - if (!strcmp($guess, $valid)) { - return true; - } - - return false; - } - - /** - * Create the hashed passwords. - * @param string $password a plaintext password - * @return string hashed password - */ - static function hash_password($password) { - require_once(MODPATH . "user/lib/PasswordHash.php"); - $hashGenerator = new PasswordHash(10, true); - return $hashGenerator->HashPassword($password); - } - - /** - * Log in as a given user. - * @param object $user the user object. - */ - static function login($user) { - $user->login_count += 1; - $user->last_login = time(); - $user->save(); - - user::set_active($user); - module::event("user_login", $user); - } - - /** - * Log out the active user and destroy the session. - * @param object $user the user object. - */ - static function logout() { - $user = user::active(); - if (!$user->guest) { - try { - Session::instance()->destroy(); - } catch (Exception $e) { - Kohana::log("error", $e); - } - module::event("user_logout", $user); - } - } - - /** - * Look up a user by id. - * @param integer $id the user id - * @return User_Model the user object, or null if the id was invalid. - */ - static function lookup($id) { - return self::_lookup_user_by_field("id", $id); - } - - /** - * Look up a user by name. - * @param integer $name the user name - * @return User_Model the user object, or null if the name was invalid. - */ - static function lookup_by_name($name) { - return self::_lookup_user_by_field("name", $name); - } - - /** - * Look up a user by hash. - * @param integer $hash the user hash value - * @return User_Model the user object, or null if the name was invalid. - */ - static function lookup_by_hash($hash) { - return self::_lookup_user_by_field("hash", $hash); - } - - /** - * List the users - * @param mixed filters (@see Database.php - * @return array the user list. - */ - static function get_user_list($filter=array()) { - $user = ORM::factory("user"); - - foreach($filter as $method => $args) { - switch ($method) { - case "in": - $user->in($args[0], $args[1]); - break; - default: - $user->$method($args); - } - } - return $user->find_all(); - } - - /** - * Look up a user by field value. - * @param string search field - * @param string search value - * @return User_Core the user object, or null if the name was invalid. - */ - private static function _lookup_user_by_field($field_name, $value) { - try { - $user = model_cache::get("user", $value, $field_name); - if ($user->loaded) { - return $user; - } - } catch (Exception $e) { - if (strpos($e->getMessage(), "MISSING_MODEL") === false) { - throw $e; - } - } - return null; - } -}
\ No newline at end of file |