2 files changed, 102 insertions, 22 deletions

diff --git a/modules/user/models/group.php b/modules/user/models/group.php
index 10f6f4b3..c00bf5c9 100644
--- a/modules/user/models/group.php
+++ b/modules/user/models/group.php
@@ -20,9 +20,6 @@
 class Group_Model extends ORM implements Group_Definition {
   protected $has_and_belongs_to_many = array("users");
 
-  var $form_rules = array(
-    "name" => "required|length[4,255]");
-
   /**
    * @see ORM::delete()
    */
@@ -37,18 +34,44 @@ class Group_Model extends ORM implements Group_Definition {
     return $this->users->find_all();
   }
 
-  public function save() {
-    if (!$this->loaded()) {
-        $created = 1;
+  /**
+   * Specify our rules here so that we have access to the instance of this model.
+   */
+  public function validate($array=null) {
+    // validate() is recursive, only modify the rules on the outermost call.
+    if (!$array) {
+      $this->rules = array(
+        "name" => array("rules" => array("required", "length[4,255]"),
+                        "callbacks" => array(array($this, "valid_name"))));
     }
 
-    $original = clone $this->original();
-    parent::save();
-    if (isset($created)) {
+    parent::validate($array);
+  }
+
+  public function save() {
+    if (!$this->loaded()) {
+      // New group
+      parent::save();
       module::event("group_created", $this);
     } else {
+      // Updated group
+      $original = clone $this->original();
+      parent::save();
       module::event("group_updated", $original, $this);
     }
+
     return $this;
   }
+
+  /**
+   * Validate the user name.  Make sure there are no conflicts.
+   */
+  public function valid_name(Validation $v, $field) {
+    if (db::build()->from("groups")
+        ->where("name", "=", $this->name)
+        ->where("id", "<>", $this->id)
+        ->count_records() == 1) {
+      $v->add_error("name", "conflict");
+    }
+  }
 }
\ No newline at end of file
diff --git a/modules/user/models/user.php b/modules/user/models/user.php
index edba2a2c..451b5ffb 100644
--- a/modules/user/models/user.php
+++ b/modules/user/models/user.php
@@ -19,14 +19,7 @@
  */
 class User_Model extends ORM implements User_Definition {
   protected $has_and_belongs_to_many = array("groups");
-
-  var $form_rules = array(
-    "name" => "required|length[1,32]",
-    "full_name" => "length[0,255]",
-    "email" => "required|valid_email|length[1,255]",
-    "password" => "length[1,40]",
-    "url" => "valid_url",
-    "locale" => "length[2,10]");
+  protected $password_length = null;
 
   public function __set($column, $value) {
     switch ($column) {
@@ -35,6 +28,7 @@ class User_Model extends ORM implements User_Definition {
       break;
 
     case "password":
+      $this->password_length = strlen($value);
       $value = user::hash_password($value);
       break;
     }
@@ -65,18 +59,48 @@ class User_Model extends ORM implements User_Definition {
     return $this->groups->find_all();
   }
 
+  /**
+   * Specify our rules here so that we have access to the instance of this model.
+   */
+  public function validate($array=null) {
+    // validate() is recursive, only modify the rules on the outermost call.
+    if (!$array) {
+      $this->rules = array(
+        "admin"     => array("callbacks" => array(array($this, "valid_admin"))),
+        "email"     => array("rules"     => array("length[1,255]", "required", "valid::email")),
+        "full_name" => array("rules"     => array("length[0,255]")),
+        "locale"    => array("rules"     => array("length[2,10]")),
+        "name"      => array("rules"     => array("length[1,32]", "required"),
+                             "callbacks" => array(array($this, "valid_name"))),
+        "password"  => array("callbacks" => array(array($this, "valid_password"))),
+        "url"       => array("rules"     => array("valid::url")),
+      );
+    }
+
+    parent::validate($array);
+  }
+
+  /**
+   * Handle any business logic necessary to create or update a user.
+   * @see ORM::save()
+   *
+   * @return ORM User_Model
+   */
   public function save() {
     if (!$this->loaded()) {
-        $created = 1;
-    }
+      // New user
+      $this->add(group::everybody());
+      $this->add(group::registered_users());
 
-    $original = clone $this->original();
-    parent::save();
-    if (isset($created)) {
+      parent::save();
       module::event("user_created", $this);
     } else {
+      // Updated user
+      $original = clone $this->original();
+      parent::save();
       module::event("user_updated", $original, $this);
     }
+
     return $this;
   }
 
@@ -88,4 +112,37 @@ class User_Model extends ORM implements User_Definition {
   public function display_name() {
     return empty($this->full_name) ? $this->name : $this->full_name;
   }
+
+  /**
+   * Validate the user name.  Make sure there are no conflicts.
+   */
+  public function valid_name(Validation $v, $field) {
+    if (db::build()->from("users")
+        ->where("name", "=", $this->name)
+        ->where("id", "<>", $this->id)
+        ->count_records() == 1) {
+      $v->add_error("name", "conflict");
+    }
+  }
+
+  /**
+   * Validate the password.
+   */
+  public function valid_password(Validation $v, $field) {
+    if (!$this->loaded() || $this->password_length) {
+      $minimum_length = module::get_var("user", "mininum_password_length", 5);
+      if ($this->password_length < $minimum_length) {
+        $v->add_error("password", "min_length");
+      }
+    }
+  }
+
+  /**
+   * Validate the admin bit.
+   */
+  public function valid_admin(Validation $v, $field) {
+    if ($this->id == identity::active_user()->id && !$this->admin) {
+      $v->add_error("admin", "locked");
+    }
+  }
 }