No OneTemporary
Actions

Size

19 KB

Referenced Files

None

Subscribers

None

View Options

	diff --git a/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php b/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
	index e2dbdb9..65ea5a4 100644
	--- a/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
	+++ b/workspaces/src/Engines/Auth/Actions/AddToGroupUserAction.php
	@@ -1,84 +1,83 @@
	<?php

	/**
	* _, __, _, _ __, _ _, _, _
	* / \ \|_) (_ \| \| \ \| /_\ \|\ \|
	* \ / \|_) , ) \| \|_/ \| \| \| \| \\|
	* ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
	*
	* Add to group user action class
	*
	* @package ObsidianWorkspaces
	* @subpackage Auth
	* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
	* @license http://www.opensource.org/licenses/bsd-license.php BSD
	* @filesource
	*
	*/

	namespace Waystone\Workspaces\Engines\Auth\Actions;

	use Waystone\Workspaces\Engines\Auth\UserAction;
	use Waystone\Workspaces\Engines\Serialization\ArrayDeserializable;
	+use Waystone\Workspaces\Engines\Users\UserGroup;

	use Exception;
	use JsonSerializable;

	-use UserGroup;
	-
	/**
	* User action to add a user into a group
	*/
	class AddToGroupUserAction extends UserAction implements ArrayDeserializable, JsonSerializable {

	/**
	* @var UserGroup The group to add the user to
	*/
	public $group;

	/**
	* @var boolean Determines if the target user has to be added to the group
	* in the quality of admin
	*/
	public $isAdmin;


	/**
	* Executes the user action
	*/
	public function run () {
	if ($this->targetUser->isMemberOfGroup($this->group)) {
	if ($this->isAdmin) {
	//Promotes to admin if needed
	$this->targetUser->addToGroup($this->group, true);
	}
	} else {
	//Adds user to the group
	$this->targetUser->addToGroup($this->group, $this->isAdmin);
	}
	}

	/**
	* Loads an AddToGroupUserAction instance from an object.
	*
	* @param array $data The associative array to deserialize
	*
	* @return AddToGroupUserAction The deserialized instance
	* @throws Exception when the group code is not found
	*/
	public static function loadFromArray (array $data) : self {
	$instance = new AddToGroupUserAction();

	$instance->group = UserGroup::fromCode($data["code"]);
	$instance->isAdmin = ($data["isAdmin"] == true);

	return $instance;
	}

	public function jsonSerialize () : array {
	return [
	"code" => $this->group->code,
	"isAdmin" => $this->isAdmin
	];
	}
	}
	diff --git a/workspaces/src/Engines/Framework/Resources.php b/workspaces/src/Engines/Framework/Resources.php
	index ec9c049..1b0e29e 100644
	--- a/workspaces/src/Engines/Framework/Resources.php
	+++ b/workspaces/src/Engines/Framework/Resources.php
	@@ -1,55 +1,54 @@
	<?php

	namespace Waystone\Workspaces\Engines\Framework;

	+use Waystone\Workspaces\Engines\Users\UserGroup;
	use Waystone\Workspaces\Engines\Users\UserRepository;
	use Waystone\Workspaces\Engines\Workspaces\Workspace;

	use Keruald\OmniTools\DataTypes\Option\None;
	use Keruald\OmniTools\DataTypes\Option\Option;
	use Keruald\OmniTools\DataTypes\Option\Some;

	-use UserGroup;
	-
	use InvalidArgumentException;

	class Resources {

	public function __construct (
	public UserRepository $users,
	) {
	}

	/**
	* @return Option<int>
	*/
	public function resolveID (string $resource_type, string $identifier) : Option {
	//Trivial cases: already an ID, null or void ID
	if (is_numeric($identifier)) {
	return new Some((int)$identifier);
	}

	if (!$identifier) {
	return new None;
	}

	//Searches identifier
	switch ($resource_type) {
	case 'U':
	return $this->users->resolveUserID($identifier);

	case 'G':
	$group = UserGroup::fromCode($identifier);

	return new Some($group->id);

	case 'W':
	$workspace = Workspace::fromCode($identifier);

	return new Some($workspace->id);

	default:
	throw new InvalidArgumentException("Unknown resource type: $resource_type", E_USER_ERROR);
	}
	}
	}
	diff --git a/workspaces/src/Engines/Users/User.php b/workspaces/src/Engines/Users/User.php
	index 46bb184..961e17b 100755
	--- a/workspaces/src/Engines/Users/User.php
	+++ b/workspaces/src/Engines/Users/User.php
	@@ -1,260 +1,258 @@
	<?php

	/**
	* _, __, _, _ __, _ _, _, _
	* / \ \|_) (_ \| \| \ \| /_\ \|\ \|
	* \ / \|_) , ) \| \|_/ \| \| \| \| \\|
	* ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
	*
	* User class
	*
	* @package ObsidianWorkspaces
	* @subpackage Model
	* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
	* @license http://www.opensource.org/licenses/bsd-license.php BSD
	* @filesource
	*
	*/

	namespace Waystone\Workspaces\Engines\Users;

	use Waystone\Workspaces\Engines\Errors\ErrorHandling;
	use Waystone\Workspaces\Engines\Workspaces\Workspace;

	use Keruald\Database\DatabaseEngine;

	-use UserGroup;
	-
	/**
	* User class
	*/
	class User {

	public ?int $id;
	public $name;
	public $password;
	public $active = 0;
	public $email;
	public $regdate;

	public array $session = [];

	public string $lastError;

	/**
	* @var array\|null An array of the workspaces the user has access to, each element an instance of the Workspace object. As long as the field hasn't been initialized by get_workspaces, null.
	*/
	private $workspaces = null;

	private DatabaseEngine $db;

	///
	/// Constructors
	///

	public static function fromRow (array $row) : self {
	$user = new self;
	$user->load_from_row($row);

	return $user;
	}

	/**
	* Create a new user instance with arbitrary user_id
	*
	* The created user is not saved in the database.
	*
	* @param int $user_id A unassigned user ID
	* @return self
	*/
	public static function create (int $user_id) : self {
	$user = new self;

	$user->id = $user_id;
	$user->active = true;
	$user->regdate = time();

	return $user;
	}

	/**
	* Creates a new anonymous user instance
	*/
	public static function anonymous () : User {
	return User::create(ANONYMOUS_USER);
	}

	///
	/// Load data
	///

	/**
	* Loads the object User (ie fill the properties) from the $_POST array
	*/
	function load_from_form () {
	if (array_key_exists('name', $_POST)) $this->name = $_POST['name'];
	if (array_key_exists('password', $_POST)) $this->password = $_POST['password'];
	if (array_key_exists('active', $_POST)) $this->active = $_POST['active'];
	if (array_key_exists('actkey', $_POST)) $this->actkey = $_POST['actkey'];
	if (array_key_exists('email', $_POST)) $this->email = $_POST['email'];
	if (array_key_exists('regdate', $_POST)) $this->regdate = $_POST['regdate'];
	}

	/**
	* Loads the object User (ie fill the properties) from the database row
	*/
	function load_from_row ($row) {
	$this->id = $row['user_id'];
	$this->name = $row['username'];
	$this->password = $row['user_password'];
	$this->active = $row['user_active'] ? true : false;
	$this->email = $row['user_email'];
	$this->regdate = $row['user_regdate'];
	}

	//
	// User properties
	//

	/**
	* Fills password field with encrypted version
	* of the specified clear password
	*/
	public function setPassword ($password) {
	$this->password = md5($password);
	}

	//
	// Interaction with groups and permissions
	//

	/**
	* Gets the groups where the current user has access to.
	*
	* @return array an array containing group_id, matching groups the current user has access to.
	*/
	public function get_groups () {
	return self::get_groups_from_user_id($this->id, $this->db);
	}

	/**
	* Determines if the user is a member of the specified group
	*
	* @param UserGroup $group The group to check
	*/
	public function isMemberOfGroup (UserGroup $group) {
	$db = $this->db;

	$sql = "SELECT count(*) FROM users_groups_members WHERE group_id = $group->id AND user_id = $this->id";
	if (!$result = $db->query($sql)) {
	ErrorHandling::messageAndDie(SQL_ERROR, "Can't determine if the user belongs to the group", '', __LINE__, __FILE__, $sql);
	}
	$row = $db->fetchRow($result);

	return $row[0] == 1;
	}

	/**
	* Adds user to the specified group
	*
	* @param UserGroup $group The group where to add the user
	* @parap boolean $isAdmin if true, set the user admin; otherwise, set it regular user.
	*/
	public function addToGroup (UserGroup $group, $isAdmin = false) {
	$db = $this->db;

	$isAdmin = $isAdmin ? 1 : 0;
	$sql = "REPLACE INTO users_groups_members VALUES ($group->id, $this->id, $isAdmin)";
	if (!$db->query($sql)) {
	ErrorHandling::messageAndDie(SQL_ERROR, "Can't add user to group", '', __LINE__, __FILE__, $sql);
	}
	}

	/**
	* Gets the SQL permission clause to select resources where the user is the subject.
	*
	* @return string The SQL WHERE clause
	*/
	public function get_permissions_clause () {
	return self::get_permissions_clause_from_user_id($this->id, $this->db);
	}

	/**
	* Gets workspaces this user has access to.
	*
	* @return Array A list of workspaces
	*/
	public function get_workspaces () {
	if ($this->workspaces === null) {
	$this->workspaces = Workspace::get_user_workspaces($this->id);
	}
	return $this->workspaces;
	}

	/**
	* Sets user permission
	*
	* @param string $resourceType The target resource type
	* @param int $resourceId The target resource ID
	* @param string $permissionName The permission name
	* @param int $permissionFlag The permission flag (facultative; by default, 1)
	*/
	public function setPermission ($resourceType, $resourceId, $permissionName, $permissionFlag = 1) {
	$db = $this->db;

	$resourceType = $db->escape($resourceType);
	if (!is_numeric($resourceId)) {
	throw new Exception("Resource ID must be a positive or null integer, and not $resourceId.");
	}
	$permissionName = $db->escape($permissionName);
	if (!is_numeric($permissionFlag)) {
	throw new Exception("Permission flag must be a positive or null integer, and not $permissionFlag.");
	}

	$sql = "REPLACE INTO permissions
	(subject_resource_type, subject_resource_id,
	target_resource_type, target_resource_id,
	permission_name, permission_flag)
	VALUES
	('U', $this->id,
	'$resourceType', $resourceId,
	'$permissionName', $permissionFlag)";
	if (!$db->query($sql)) {
	ErrorHandling::messageAndDie(SQL_ERROR, "Can't set user permission", '', __LINE__, __FILE__, $sql);
	}
	}

	/**
	* Gets the groups where a user has access to.
	*
	* @param int $user_id the user to get the groups list
	* @return array an array containing group_id, matching groups the specified user has access to.
	*/
	public static function get_groups_from_user_id ($user_id, DatabaseEngine $db) {
	$sql = "SELECT group_id FROM " . TABLE_UGROUPS_MEMBERS . " WHERE user_id = " . $user_id;
	if (!$result = $db->query($sql)) {
	ErrorHandling::messageAndDie(SQL_ERROR, "Can't get user groups", '', __LINE__, __FILE__, $sql);
	}
	$gids = array();
	while ($row = $db->fetchRow($result)) {
	$gids[] = $row['group_id'];
	}
	return $gids;
	}

	/**
	* Gets the SQL permission clause to select resources where the specified user is the subject.
	*
	* @param $user_id The user ID
	* @return string The SQL WHERE clause
	*/
	public static function get_permissions_clause_from_user_id ($user_id, DatabaseEngine $db) {
	$clause = "subject_resource_type = 'U' AND subject_resource_id = $user_id";
	if ($groups = self::get_groups_from_user_id ($user_id, $db)) {
	$clause = "($clause) OR (subject_resource_type = 'G' AND subject_resource_id = ";
	$clause .= join(") OR (subject_resource_type = 'G' AND subject_resource_id = ", $groups);
	$clause .= ')';
	}
	return $clause;
	}
	}
	diff --git a/workspaces/src/includes/objects/usergroup.php b/workspaces/src/Engines/Users/UserGroup.php
	similarity index 98%
	rename from workspaces/src/includes/objects/usergroup.php
	rename to workspaces/src/Engines/Users/UserGroup.php
	index 9f08eea..570c8cf 100644
	--- a/workspaces/src/includes/objects/usergroup.php
	+++ b/workspaces/src/Engines/Users/UserGroup.php
	@@ -1,121 +1,125 @@
	<?php

	/**
	* _, __, _, _ __, _ _, _, _
	* / \ \|_) (_ \| \| \ \| /_\ \|\ \|
	* \ / \|_) , ) \| \|_/ \| \| \| \| \\|
	* ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
	*
	* UserGroup class
	*
	* @package ObsidianWorkspaces
	* @subpackage Model
	* @author Sébastien Santoro aka Dereckson <dereckson@espace-win.org>
	* @license http://www.opensource.org/licenses/bsd-license.php BSD
	* @filesource
	*/

	+namespace Waystone\Workspaces\Engines\Users;
	+
	use Waystone\Workspaces\Engines\Errors\ErrorHandling;

	+use Exception;
	+
	/**
	* UserGroup class
	*
	* This class maps the users_groups table.
	*/
	class UserGroup {

	public $id;
	public $code;
	public $title;
	public $description;

	/**
	* Initializes a new instance
	*
	* @param int $id the primary key
	*/
	function __construct ($id = NULL) {
	if ($id) {
	$this->id = $id;
	$this->load_from_database();
	}
	}

	/**
	* Loads the object UserGroup (ie fill the properties) from the $_POST array
	*/
	function load_from_form () {
	if (array_key_exists('code', $_POST)) $this->code = $_POST['code'];
	if (array_key_exists('title', $_POST)) $this->title = $_POST['title'];
	if (array_key_exists('description', $_POST)) $this->description = $_POST['description'];
	}

	/**
	* Loads the object UserGroup (ie fill the properties) from the SQL row
	*/
	function load_from_row ($row) {
	$this->id = $row['group_id'];
	$this->code = $row['group_code'];
	$this->title = $row['group_title'];
	$this->description = $row['group_description'];
	}

	/**
	* Loads the object UserGroup (ie fill the properties) from the database
	*/
	function load_from_database () {
	global $db;
	$id = $db->escape($this->id);
	$sql = "SELECT * FROM " . TABLE_UGROUPS . " WHERE group_id = '" . $id . "'";
	if (!$result = $db->query($sql)) ErrorHandling::messageAndDie(SQL_ERROR, "Unable to query users_groups", '', __LINE__, __FILE__, $sql);
	if (!$row = $db->fetchRow($result)) {
	$this->lastError = "UserGroup unknown: " . $this->id;
	return false;
	}
	$this->load_from_row($row);
	return true;
	}

	/**
	* Loads the specified user group from code
	*
	* @param string $code The user group code
	* @return UserGroup The specified user group instance
	*/
	public static function fromCode ($code) {
	global $db;
	$code = $db->escape($code);
	$sql = "SELECT * FROM " . TABLE_UGROUPS . " WHERE group_code = '" . $code . "'";
	if (!$result = $db->query($sql)) ErrorHandling::messageAndDie(SQL_ERROR, "Unable to query group", '', __LINE__, __FILE__, $sql);
	if (!$row = $db->fetchRow($result)) {
	throw new Exception("Group unknown: " . $code);
	}

	$instance = new static();
	$instance->load_from_row($row);
	return $instance;
	}

	/**
	* Saves to database
	*/
	function save_to_database () {
	global $db;

	$id = $this->id ? "'" . $db->escape($this->id) . "'" : 'NULL';
	$code = $db->escape($this->code);
	$title = $db->escape($this->title);
	$description = $db->escape($this->description);

	//Updates or inserts
	$sql = "REPLACE INTO " . TABLE_UGROUPS . " (`group_id`, `group_code`, `group_title`, `group_description`) VALUES ('$id', '$code', '$title', '$description')";
	if (!$db->query($sql)) {
	ErrorHandling::messageAndDie(SQL_ERROR, "Unable to save", '', __LINE__, __FILE__, $sql);
	}

	if (!$this->id) {
	//Gets new record id value
	$this->id = $db->nextId();
	}
	}
	}
	diff --git a/workspaces/src/includes/autoload.php b/workspaces/src/includes/autoload.php
	index 7eb2623..85b0eae 100644
	--- a/workspaces/src/includes/autoload.php
	+++ b/workspaces/src/includes/autoload.php
	@@ -1,57 +1,56 @@
	<?php

	/**
	* _, __, _, _ __, _ _, _, _
	* / \ \|_) (_ \| \| \ \| /_\ \|\ \|
	* \ / \|_) , ) \| \|_/ \| \| \| \| \\|
	* ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
	*
	* Classes and interfaces auto loader
	*
	* @package ObsidianWorkspaces
	* @filesource
	*/

	/**
	* This SPL autoloader method is called when a class or an interface can't be loaded.
	*/
	function obsidian_autoload ($name) {
	$dir = dirname(__DIR__);

	///
	/// Applications
	///

	if ($name == 'Document') { require $dir . '/apps/documents/Document.php'; return true; }
	if ($name == 'DocumentsApplication') { require $dir . '/apps/documents/DocumentsApplication.php'; return true; }
	if ($name == 'DocumentsApplicationConfiguration') { require $dir . '/apps/documents/DocumentsApplicationConfiguration.php'; return true; }
	if ($name == 'DocumentType') { require $dir . '/apps/documents/DocumentType.php'; return true; }

	if ($name == 'HelloWorldApplication') { require $dir . '/apps/helloworld/HelloWorldApplication.php'; return true; }

	if ($name == 'MediaWikiMirrorApplication') { require $dir . '/apps/mediawikimirror/MediaWikiMirrorApplication.php'; return true; }
	if ($name == 'MediaWikiMirrorApplicationConfiguration') { require $dir . '/apps/mediawikimirror/MediaWikiMirrorApplicationConfiguration.php'; return true; }

	if ($name == 'StaticContentApplication') { require $dir . '/apps/staticcontent/StaticContentApplication.php'; return true; }
	if ($name == 'StaticContentApplicationConfiguration') { require $dir . '/apps/staticcontent/StaticContentApplicationConfiguration.php'; return true; }

	///
	/// Core controllers
	///

	if ($name == 'ErrorPageController') { require $dir . '/controllers/errorpage.php'; return true; }
	if ($name == 'FooterController') { require $dir . '/controllers/footer.php'; return true; }
	if ($name == 'HeaderController') { require $dir . '/controllers/header.php'; return true; }
	if ($name == 'HomepageController') { require $dir . '/controllers/home.php'; return true; }

	///
	/// Keruald and Obsidian Workspaces libraries
	///

	if ($name == 'Disclaimer') { require $dir . '/includes/objects/Disclaimer.php'; return true; }
	- if ($name == 'UserGroup') { require $dir . '/includes/objects/usergroup.php'; return true; }

	return false;
	}

	spl_autoload_register('obsidian_autoload');

File Metadata

Mime Type: text/x-diff
Expires: Wed, Mar 18, 13:08 (23 h, 44 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 3539935
Default Alt Text: (19 KB)

No OneTemporaryActions

View Options

File Metadata

Event Timeline

No OneTemporary
Actions