eZ publish: ezusertype.php Source File

00001 <?php
00002 //
00003 // Definition of eZUserType class
00004 //
00005 // Created on: <30-Apr-2002 13:06:21 bf>
00006 //
00007 // ## BEGIN COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00008 // SOFTWARE NAME: eZ publish
00009 // SOFTWARE RELEASE: 3.9.x
00010 // COPYRIGHT NOTICE: Copyright (C) 1999-2006 eZ systems AS
00011 // SOFTWARE LICENSE: GNU General Public License v2.0
00012 // NOTICE: >
00013 //   This program is free software; you can redistribute it and/or
00014 //   modify it under the terms of version 2.0  of the GNU General
00015 //   Public License as published by the Free Software Foundation.
00016 //
00017 //   This program is distributed in the hope that it will be useful,
00018 //   but WITHOUT ANY WARRANTY; without even the implied warranty of
00019 //   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00020 //   GNU General Public License for more details.
00021 //
00022 //   You should have received a copy of version 2.0 of the GNU General
00023 //   Public License along with this program; if not, write to the Free
00024 //   Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
00025 //   MA 02110-1301, USA.
00026 //
00027 //
00028 // ## END COPYRIGHT, LICENSE AND WARRANTY NOTICE ##
00029 //
00030 
00031 /*!
00032   \class eZUserType ezusertype.php
00033   \brief The class eZUserType handles user accounts and association with content objects
00034   \ingroup eZDatatype
00035 
00036 */
00037 
00038 include_once( "kernel/classes/ezdatatype.php" );
00039 include_once( "kernel/classes/datatypes/ezuser/ezuser.php" );
00040 include_once( "kernel/classes/datatypes/ezuser/ezusersetting.php" );
00041 include_once( "lib/ezutils/classes/ezmail.php" );
00042 
00043 define( "EZ_DATATYPESTRING_USER", "ezuser" );
00044 
00045 class eZUserType extends eZDataType
00046 {
00047     function eZUserType( )
00048     {
00049         $this->eZDataType( EZ_DATATYPESTRING_USER, ezi18n( 'kernel/classes/datatypes', "User account", 'Datatype name' ),
00050                            array( 'translation_allowed' => false,
00051                                   'serialize_supported' => true ) );
00052     }
00053 
00054     /*!
00055      Delete stored object attribute
00056     */
00057     function deleteStoredObjectAttribute( &$contentObjectAttribute, $version = null )
00058     {
00059         $db =& eZDB::instance();
00060         $userID = $contentObjectAttribute->attribute( "contentobject_id" );
00061 
00062         $res = $db->arrayQuery( "SELECT COUNT(*) AS version_count FROM ezcontentobject_version WHERE contentobject_id = $userID" );
00063         $versionCount = $res[0]['version_count'];
00064 
00065         if ( $version == null || $versionCount <= 1 )
00066         {
00067             eZUser::removeUser( $userID );
00068             $db->query( "DELETE FROM ezuser_role WHERE contentobject_id = '$userID'" );
00069         }
00070     }
00071 
00072     /*!
00073      Validates the input and returns true if the input was
00074      valid for this datatype.
00075     */
00076     function validateObjectAttributeHTTPInput( &$http, $base, &$contentObjectAttribute )
00077     {
00078         if ( $http->hasPostVariable( $base . "_data_user_login_" . $contentObjectAttribute->attribute( "id" ) ) )
00079         {
00080             $classAttribute =& $contentObjectAttribute->contentClassAttribute();
00081             $loginName = $http->postVariable( $base . "_data_user_login_" . $contentObjectAttribute->attribute( "id" ) );
00082             $email = $http->postVariable( $base . "_data_user_email_" . $contentObjectAttribute->attribute( "id" ) );
00083             $password = $http->postVariable( $base . "_data_user_password_" . $contentObjectAttribute->attribute( "id" ) );
00084             $passwordConfirm = $http->postVariable( $base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute( "id" ) );
00085             if ( trim( $loginName ) == '' )
00086             {
00087                 if ( $contentObjectAttribute->validateIsRequired() || trim( $email ) != '' )
00088                 {
00089                     $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00090                                                                          'The username must be specified.' ) );
00091                     return EZ_INPUT_VALIDATOR_STATE_INVALID;
00092                 }
00093             }
00094             else
00095             {
00096                 $existUser = eZUser::fetchByName( $loginName );
00097                 if ( $existUser != null )
00098                 {
00099                     $userID = $existUser->attribute( 'contentobject_id' );
00100                     if ( $userID !=  $contentObjectAttribute->attribute( "contentobject_id" ) )
00101                     {
00102                         $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00103                                                                              'The username already exists, please choose another one.' ) );
00104                         return EZ_INPUT_VALIDATOR_STATE_INVALID;
00105                     }
00106                 }
00107                 $isValidate = eZMail::validate( $email );
00108                 if ( !$isValidate )
00109                 {
00110                     $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00111                                                                          'The email address is not valid.' ) );
00112                     return EZ_INPUT_VALIDATOR_STATE_INVALID;
00113                 }
00114 
00115                 $authenticationMatch = eZUser::authenticationMatch();
00116                 if ( $authenticationMatch & EZ_USER_AUTHENTICATE_EMAIL )
00117                 {
00118                     if ( eZUser::requireUniqueEmail() )
00119                     {
00120                         $userByEmail = eZUser::fetchByEmail( $email );
00121                         if ( $userByEmail != null )
00122                         {
00123                             $userID = $userByEmail->attribute( 'contentobject_id' );
00124                             if ( $userID !=  $contentObjectAttribute->attribute( "contentobject_id" ) )
00125                             {
00126                                 $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00127                                                                                      'A user with this email already exists.' ) );
00128                                 return EZ_INPUT_VALIDATOR_STATE_INVALID;
00129                             }
00130                         }
00131                     }
00132                 }
00133                 $ini =& eZINI::instance();
00134                 $generatePasswordIfEmpty = $ini->variable( "UserSettings", "GeneratePasswordIfEmpty" ) == 'true';
00135                 if ( !$generatePasswordIfEmpty || ( $password != "" ) )
00136                 {
00137                     if ( ( $password != $passwordConfirm ) || ( $password == "" ) )
00138                     {
00139                         $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00140                                                                              'The passwords do not match.',
00141                                                                              'eZUserType' ) );
00142                         return EZ_INPUT_VALIDATOR_STATE_INVALID;
00143                     }
00144                     $minPasswordLength = $ini->hasVariable( 'UserSettings', 'MinPasswordLength' ) ? $ini->variable( 'UserSettings', 'MinPasswordLength' ) : 3;
00145 
00146                     if ( strlen( $password ) < (int) $minPasswordLength )
00147                     {
00148                         $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00149                                                                              'The password must be at least %1 characters long.',null, array( $minPasswordLength ) ) );
00150                         return EZ_INPUT_VALIDATOR_STATE_INVALID;
00151                     }
00152                     if ( strtolower( $password ) == 'password' )
00153                     {
00154                         $contentObjectAttribute->setValidationError( ezi18n( 'kernel/classes/datatypes',
00155                                                                              'The password mustn\'t be "password".' ) );
00156                         return EZ_INPUT_VALIDATOR_STATE_INVALID;
00157                     }
00158                 }
00159             }
00160         }
00161         return EZ_INPUT_VALIDATOR_STATE_ACCEPTED;
00162     }
00163 
00164     /*!
00165      Fetches the http post var integer input and stores it in the data instance.
00166     */
00167     function fetchObjectAttributeHTTPInput( &$http, $base, &$contentObjectAttribute )
00168     {
00169         if ( $http->hasPostVariable( $base . "_data_user_login_" . $contentObjectAttribute->attribute( "id" ) ) )
00170         {
00171             $login = $http->postVariable( $base . "_data_user_login_" . $contentObjectAttribute->attribute( "id" ) );
00172             $email = $http->postVariable( $base . "_data_user_email_" . $contentObjectAttribute->attribute( "id" ) );
00173             $password = $http->postVariable( $base . "_data_user_password_" . $contentObjectAttribute->attribute( "id" ) );
00174             $passwordConfirm = $http->postVariable( $base . "_data_user_password_confirm_" . $contentObjectAttribute->attribute( "id" ) );
00175 
00176             $contentObjectID = $contentObjectAttribute->attribute( "contentobject_id" );
00177 
00178             $user =& $contentObjectAttribute->content();
00179             if ( $user === null )
00180             {
00181                 $user = eZUser::create( $contentObjectID );
00182             }
00183 
00184             $ini =& eZINI::instance();
00185             $generatePasswordIfEmpty = $ini->variable( "UserSettings", "GeneratePasswordIfEmpty" );
00186             if (  $password == "" )
00187             {
00188                 if ( $generatePasswordIfEmpty == 'true' )
00189                 {
00190                     $passwordLength = $ini->variable( "UserSettings", "GeneratePasswordLength" );
00191                     $password = $user->createPassword( $passwordLength );
00192                     $passwordConfirm = $password;
00193                     $http->setSessionVariable( "GeneratedPassword", $password );
00194                 }
00195                 else
00196                 {
00197                     $password = null;
00198                 }
00199             }
00200 
00201             eZDebugSetting::writeDebug( 'kernel-user', $password, "password" );
00202             eZDebugSetting::writeDebug( 'kernel-user', $passwordConfirm, "passwordConfirm" );
00203             eZDebugSetting::writeDebug( 'kernel-user', $login, "login" );
00204             eZDebugSetting::writeDebug( 'kernel-user', $email, "email" );
00205             eZDebugSetting::writeDebug( 'kernel-user', $contentObjectID, "contentObjectID" );
00206             if ( $password == "_ezpassword" )
00207             {
00208                 $password = false;
00209                 $passwordConfirm = false;
00210             }
00211             else
00212                 $http->setSessionVariable( "GeneratedPassword", $password );
00213 
00214             eZDebugSetting::writeDebug( 'kernel-user', "setInformation run", "ezusertype" );
00215             $user->setInformation( $contentObjectID, $login, $email, $password, $passwordConfirm );
00216             $contentObjectAttribute->setContent( $user );
00217             return true;
00218         }
00219         return false;
00220     }
00221 
00222     function storeObjectAttribute( &$contentObjectAttribute )
00223     {
00224         $user =& $contentObjectAttribute->content();
00225         if ( get_class( $user ) != "ezuser" )
00226         {
00227             // create a default user account
00228             $user = eZUser::create( $contentObjectAttribute->attribute( "contentobject_id" ) );
00229             $userID = $contentObjectAttribute->attribute( "contentobject_id" );
00230             $isEnabled = 1;
00231             $userSetting = eZUserSetting::create( $userID, $isEnabled );
00232             $userSetting->store();
00233         }
00234         $user->store();
00235         $contentObjectAttribute->setContent( $user );
00236     }
00237 
00238     /*!
00239      Returns the object title.
00240     */
00241     function title( &$contentObjectAttribute, $name = "login" )
00242     {
00243         $user = $this->objectAttributeContent( $contentObjectAttribute );
00244 
00245         $value = $user->attribute( $name );
00246 
00247         return $value;
00248     }
00249 
00250     function hasObjectAttributeContent( &$contentObjectAttribute )
00251     {
00252         $user = $this->objectAttributeContent( $contentObjectAttribute );
00253         if ( is_object( $user ) and
00254              $user->isEnabled() )
00255             return true;
00256         return false;
00257     }
00258 
00259     /*!
00260      Returns the user object.
00261     */
00262     function &objectAttributeContent( &$contentObjectAttribute )
00263     {
00264         $userID = $contentObjectAttribute->attribute( "contentobject_id" );
00265         $user =& $GLOBALS['eZUserObject_' . $userID];
00266         if ( !isset( $user ) or
00267              get_class( $user ) != 'ezuser' )
00268             $user = eZUser::fetch( $userID );
00269         eZDebugSetting::writeDebug( 'kernel-user', $user, 'user' );
00270         return $user;
00271     }
00272 
00273     /*!
00274      \reimp
00275     */
00276     function isIndexable()
00277     {
00278         return true;
00279     }
00280 
00281     /*!
00282      \reimp
00283      We can only remove the user attribute if:
00284      - The current user, anonymous user and administrator user is not using this class
00285      - There are more classes with the ezuser datatype
00286     */
00287     function classAttributeRemovableInformation( &$contentClassAttribute, $includeAll = true )
00288     {
00289         $result  = array( 'text' => ezi18n( 'kernel/classes/datatypes',
00290                                             "Cannot remove the account:" ),
00291                           'list' => array() );
00292         $reasons =& $result['list'];
00293 
00294         $currentUser =& eZUser::currentUser();
00295         $userObject  =& $currentUser->attribute( 'contentobject' );
00296         $ini         =& eZINI::instance();
00297         $anonID      = (int)$ini->variable( 'UserSettings', 'AnonymousUserID' );
00298         $classID     = (int)$contentClassAttribute->attribute( 'contentclass_id' );
00299         $db          =& eZDB::instance();
00300 
00301         if ( $classID == $userObject->attribute( 'contentclass_id' ) )
00302         {
00303             $reasons[] = array( 'text' => ezi18n( 'kernel/classes/datatypes',
00304                                                   "The account owner is currently logged in." ) );
00305             if ( !$includeAll )
00306                 return $result;
00307         }
00308 
00309         $sql = "SELECT id FROM ezcontentobject WHERE id = $anonID AND contentclass_id = $classID";
00310         $rows = $db->arrayQuery( $sql );
00311         if ( count( $rows ) > 0 )
00312         {
00313             $reasons[] = array( 'text' => ezi18n( 'kernel/classes/datatypes',
00314                                                   "The account is currently used by the anonymous user." ) );
00315             if ( !$includeAll )
00316                 return $result;
00317         }
00318 
00319         $sql = "SELECT ezco.id FROM ezcontentobject ezco, ezuser
00320  WHERE ezco.contentclass_id = $classID AND
00321        ezuser.login = 'admin' AND
00322        ezco.id = ezuser.contentobject_id ";
00323         $rows = $db->arrayQuery( $sql );
00324         if ( count( $rows ) > 0 )
00325         {
00326             $reasons[] = array( 'text' => ezi18n( 'kernel/classes/datatypes',
00327                                                   "The account is currenty used the administrator user." ) );
00328             if ( !$includeAll )
00329                 return $result;
00330         }
00331 
00332         $sql = "SELECT count( ezcc.id ) AS count FROM ezcontentclass ezcc, ezcontentclass_attribute ezcca
00333  WHERE ezcc.id != $classID AND
00334        ezcca.data_type_string = 'ezuser' AND
00335        ezcc.id = ezcca.contentclass_id ";
00336         $rows = $db->arrayQuery( $sql );
00337         if ( $rows[0]['count'] == 0 )
00338         {
00339             $reasons[] = array( 'text' => ezi18n( 'kernel/classes/datatypes',
00340                                                   "You can not remove the last class holding user accounts." ) );
00341             if ( !$includeAll )
00342                 return $result;
00343         }
00344 
00345         return $result;
00346     }
00347 
00348     /*!
00349      Returns the meta data used for storing search indeces.
00350     */
00351     function metaData( $contentObjectAttribute )
00352     {
00353         $metaString = "";
00354         $user =& $contentObjectAttribute->content();
00355 
00356         if ( get_class( $user ) == "ezuser" )
00357         {
00358             // create a default user account
00359             $metaString .= $user->attribute( 'login' ) . " ";
00360             $metaString .= $user->attribute( 'email' ) . " ";
00361         }
00362         return $metaString;
00363     }
00364 
00365     function toString( $contentObjectAttribute )
00366     {
00367         $userID = $contentObjectAttribute->attribute( "contentobject_id" );
00368         $user =& $GLOBALS['eZUserObject_' . $userID];
00369         if ( !isset( $user ) or
00370              get_class( $user ) != 'ezuser' )
00371             $user = eZUser::fetch( $userID );
00372 
00373         return implode( '|', array( $user->attribute( 'login' ),
00374                                     $user->attribute( 'email' ),
00375                                     $user->attribute( 'password_hash' ),
00376                                     eZUser::passwordHashTypeName( $user->attribute( 'password_hash_type' ) )  ) );
00377     }
00378 
00379 
00380     function fromString( &$contentObjectAttribute, $string )
00381     {
00382         if ( $string == '' )
00383             return true;
00384         $userData = explode( '|', $string );
00385         if( count( $userData ) < 2 )
00386             return false;
00387         $login = $userData[0];
00388         $email = $userData[1];
00389 
00390         if ( eZUser::fetchByName( $login ) || eZUser::fetchByEmail( $email ) )
00391             return false;
00392 
00393         $user = eZUser::create( $contentObjectAttribute->attribute( 'contentobject_id' ) );
00394 
00395         $user->setAttribute( 'login', $login );
00396         $user->setAttribute( 'email', $email );
00397         if ( isset( $userData[2] ) )
00398             $user->setAttribute( 'password_hash', $userData[2] );
00399 
00400         if ( isset( $userData[3] ) )
00401             $user->setAttribute( 'password_hash_type', eZUser::passwordHashTypeID( $userData[3] ) );
00402         $user->store();
00403         return $user;
00404     }
00405 
00406     /*!
00407      \param package
00408      \param content attribute
00409 
00410      \return a DOM representation of the content object attribute
00411     */
00412     function serializeContentObjectAttribute( &$package, &$objectAttribute )
00413     {
00414         $node = $this->createContentObjectAttributeDOMNode( $objectAttribute );
00415         $userID = $objectAttribute->attribute( "contentobject_id" );
00416         $user = eZUser::fetch( $userID );
00417         if ( is_object( $user ) )
00418         {
00419             $userNode = eZDOMDocument::createElementNode( 'account' );
00420             $userNode->appendAttribute( eZDOMDocument::createAttributeNode( 'login', $user->attribute( 'login' ) ) );
00421             $userNode->appendAttribute( eZDOMDocument::createAttributeNode( 'email', $user->attribute( 'email' ) ) );
00422             $userNode->appendAttribute( eZDOMDocument::createAttributeNode( 'password_hash', $user->attribute( 'password_hash' ) ) );
00423             $userNode->appendAttribute( eZDOMDocument::createAttributeNode( 'password_hash_type', eZUser::passwordHashTypeName( $user->attribute( 'password_hash_type' ) ) ) );
00424             $node->appendChild( $userNode );
00425         }
00426 
00427         return $node;
00428     }
00429 
00430     /*!
00431      \reimp
00432      \param package
00433      \param contentobject attribute object
00434      \param ezdomnode object
00435     */
00436     function unserializeContentObjectAttribute( &$package, &$objectAttribute, $attributeNode )
00437     {
00438         $userNode = $attributeNode->elementByName( 'account' );
00439         if ( is_object( $userNode ) )
00440         {
00441             $userID = $objectAttribute->attribute( 'contentobject_id' );
00442             $user = eZUser::fetch( $userID );
00443             if ( !is_object( $user ) )
00444             {
00445                 $user = eZUser::create( $userID );
00446             }
00447             $user->setAttribute( 'login', $userNode->attributeValue( 'login' ) );
00448             $user->setAttribute( 'email', $userNode->attributeValue( 'email' ) );
00449             $user->setAttribute( 'password_hash', $userNode->attributeValue( 'password_hash' ) );
00450             $user->setAttribute( 'password_hash_type', eZUser::passwordHashTypeID( $userNode->attributeValue( 'password_hash_type' ) ) );
00451             $user->store();
00452         }
00453     }
00454 }
00455 
00456 eZDataType::register( EZ_DATATYPESTRING_USER, "ezusertype" );
00457 
00458 ?>