1: <?php
   2: /**
   3:  * This file contains the system property collection and item class.
   4:  *
   5:  * @package          Core
   6:  * @subpackage       GenericDB_Model
   7:  * @version          SVN Revision $Rev:$
   8:  *
   9:  * @author           Bjoern Behrens
  10:  * @author           Holger Librenz
  11:  * @copyright        four for business AG <www.4fb.de>
  12:  * @license          http://www.contenido.org/license/LIZENZ.txt
  13:  * @link             http://www.4fb.de
  14:  * @link             http://www.contenido.org
  15:  */
  16: 
  17: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
  18: 
  19: /**
  20:  * User collection
  21:  *
  22:  * @package Core
  23:  * @subpackage GenericDB_Model
  24:  */
  25: class cApiUserCollection extends ItemCollection {
  26: 
  27:     /**
  28:      * Constructor function.
  29:      *
  30:      * @global array $cfg
  31:      * @param string|bool $where The where clause in the select, usable to run
  32:      *        select by creating the instance
  33:      */
  34:     public function __construct($where = false) {
  35:         global $cfg;
  36:         parent::__construct($cfg['tab']['user'], 'user_id');
  37:         $this->_setItemClass('cApiUser');
  38:         if ($where !== false) {
  39:             $this->select($where);
  40:         }
  41:     }
  42: 
  43:     /**
  44:      * Createa a user by user name.
  45:      *
  46:      * @param string $username
  47:      * @return cApiUser|false
  48:      */
  49:     public function create($username) {
  50:         $primaryKeyValue = md5($username);
  51: 
  52:         $item = parent::createNewItem($primaryKeyValue);
  53:         if ($item->usernameExists($username)) {
  54:             return false;
  55:         }
  56: 
  57:         $item->set('username', $username);
  58:         $item->set('salt', md5($username.rand(1000, 9999).rand(1000, 9999).rand(1000, 9999)));
  59:         $item->store();
  60: 
  61:         return $item;
  62:     }
  63: 
  64:     /**
  65:      * Removes the specified user from the database by users name.
  66:      *
  67:      * @param string $username Specifies the username
  68:      * @return bool True if the delete was successful
  69:      */
  70:     public function deleteUserByUsername($username) {
  71:         $result = $this->deleteBy('username', $username);
  72:         return ($result > 0)? true : false;
  73:     }
  74: 
  75:     /**
  76:      * Returns all users which are accessible by the current user.
  77:      *
  78:      * @param array $perms Permissions array
  79:      * @param bool $includeAdmins Flag to get admins (admin and sysadmin) too
  80:      * @param string $orderBy Order by rule, uses 'realname, username' by
  81:      *        default
  82:      * @return cApiUser[] Array of user objects
  83:      */
  84:     public function fetchAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
  85:         $users = array();
  86:         $limit = array();
  87:         $where = '';
  88: 
  89:         if (!in_array('sysadmin', $perms)) {
  90:             // not sysadmin, compose where rules
  91:             $clientColl = new cApiClientCollection();
  92:             $allClients = $clientColl->getAvailableClients();
  93: 
  94:             foreach ($allClients as $key => $value) {
  95:                 if (in_array('client[' . $key . ']', $perms) || in_array('admin[' . $key . ']', $perms)) {
  96:                     $limit[] = 'perms LIKE "%client[' . $$this->escape($key) . ']%"';
  97:                     if ($includeAdmins) {
  98:                         $limit[] = 'perms LIKE "%admin[' . $this->escape($key) . ']%"';
  99:                     }
 100:                 }
 101:                 if (in_array('admin[' . $key . ']', $perms)) {
 102:                     $limit[] = 'perms LIKE "%admin[' . $key . ']%"';
 103:                 }
 104:             }
 105: 
 106:             if ($includeAdmins) {
 107:                 $limit[] = 'perms LIKE "%sysadmin%"';
 108:             }
 109: 
 110:             if (count($limit) > 0) {
 111:                 $where = '1 AND ' . implode(' OR ', $limit);
 112:             }
 113:         }
 114: 
 115:         if (empty($orderBy)) {
 116:             $orderBy = 'realname, username';
 117:         }
 118: 
 119:         $this->select($where, '', $this->escape($orderBy));
 120:         while (($oItem = $this->next()) !== false) {
 121:             $users[] = clone $oItem;
 122:         }
 123: 
 124:         return $users;
 125:     }
 126: 
 127:     /**
 128:      * Returns all users which are accessible by the current user.
 129:      * Is a wrapper of fetchAccessibleUsers() and returns contrary to that
 130:      * function
 131:      * a multidimensional array instead of a list of objects.
 132:      *
 133:      * @param array $perms Permissions array
 134:      * @param bool $includeAdmins Flag to get admins (admin and sysadmin) too
 135:      * @param string $orderBy Order by rule, uses 'realname, username' by
 136:      *        default
 137:      * @return array Array of user like $arr[user_id][username],
 138:      *         $arr[user_id][realname]
 139:      */
 140:     public function getAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
 141:         $users = array();
 142:         $oUsers = $this->fetchAccessibleUsers($perms, $includeAdmins, $orderBy);
 143:         foreach ($oUsers as $oItem) {
 144:             $users[$oItem->get('user_id')] = array(
 145:                 'username' => $oItem->get('username'),
 146:                 'realname' => $oItem->get('realname')
 147:             );
 148:         }
 149:         return $users;
 150:     }
 151: 
 152:     /**
 153:      * Returns all users available in the system
 154:      *
 155:      * @param string $orderBy SQL order by part
 156:      * @return cApiUser[]
 157:      */
 158:     public function fetchAvailableUsers($orderBy = 'realname ASC') {
 159:         $users = array();
 160: 
 161:         $this->select('', '', $this->escape($orderBy));
 162:         while (($oItem = $this->next()) !== false) {
 163:             $users[] = clone $oItem;
 164:         }
 165: 
 166:         return $users;
 167:     }
 168: 
 169:     /**
 170:      * Returns all system admins available in the system
 171:      *
 172:      * @param boolean $forceActive Is forceActive true return only activ
 173:      *        Sysadmins
 174:      * @return cApiUser[] Array of user objects
 175:      */
 176:     public function fetchSystemAdmins($forceActive = false) {
 177:         $users = array();
 178: 
 179:         $where = 'perms LIKE "%sysadmin%"';
 180:         if ($forceActive === true) {
 181:             $where .= " AND (valid_from <= NOW() OR valid_from = '0000-00-00')" . " AND (valid_to >= NOW() OR valid_to = '0000-00-00')";
 182:         }
 183: 
 184:         $this->select($where);
 185:         while (($item = $this->next()) !== false) {
 186:             $users[] = clone $item;
 187:         }
 188: 
 189:         return $users;
 190:     }
 191: 
 192:     /**
 193:      * Returns all system admins available in the system
 194:      *
 195:      * @param int $client
 196:      * @return cApiUser[] Array of user objects
 197:      */
 198:     public function fetchClientAdmins($client) {
 199:         $client = (int) $client;
 200:         $users = array();
 201: 
 202:         $where = 'perms LIKE "%admin[' . $client . ']%"';
 203: 
 204:         $this->select($where);
 205:         while (($item = $this->next()) !== false) {
 206:             $users[] = clone $item;
 207:         }
 208: 
 209:         return $users;
 210:     }
 211: 
 212: }
 213: 
 214: /**
 215:  * User item
 216:  *
 217:  * In current version you can administer optional password checks
 218:  * via following configuration values:
 219:  *
 220:  * - En- or disabling checks:
 221:  * $cfg['password']['check_password_mask'] = [true|false]
 222:  * Use this flag to enable (true) or disable (false) the mask checks.
 223:  *
 224:  * $cfg['password']['use_cracklib'] = [true|false]
 225:  * Use this to enable (true) or disable (false) the strength check, currently
 226:  * done with cracklib.
 227:  *
 228:  * - Mask checks:
 229:  * Password mask checks are checks belonging to the "format" of the needed
 230:  * password string.
 231:  *
 232:  * $cfg['password']['min_length'], int
 233:  * Minimum length a password has to have. If not set, 8 chars are set as default
 234:  * $cfg['password']['numbers_mandatory'], int
 235:  * If set to a value greater than 0, at least
 236:  * $cfg['password']['numbers_mandatory'] numbers
 237:  * must be in password
 238:  * $cfg['password']['symbols_mandatory'], int &&
 239:  * $cfg['password']['symbols_regex'], String
 240:  * If 'symbols_mandatory' set to a value greater than 0, at least so many
 241:  * symbols has to appear in
 242:  * given password. What symbols are regcognized can be administrated via
 243:  * 'symbols_regex'. This has
 244:  * to be a regular expression which is used to "find" the symbols in $password.
 245:  * If not set, following
 246:  * RegEx is used: "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/"
 247:  * $cfg['password']['mixed_case_mandatory'], int
 248:  * If set to a value greater than 0 so many lower and upper case character must
 249:  * appear in the password.
 250:  * (e.g.: if set to 2, 2 upper and 2 lower case characters must appear)
 251:  *
 252:  * - Strength check
 253:  * Passwords should have some special characteristics to be a strong, i.e. not
 254:  * easy to guess, password. Currently
 255:  * cracklib is supported. These are the configuration possibilities:
 256:  *
 257:  * $cfg['password']['cracklib_dict'], string
 258:  * Path and file name (without file extension!) to dictionary you want to use.
 259:  * This setting is
 260:  * mandatory!
 261:  *
 262:  * Keep in mind that these type of check only works if crack module is
 263:  * available.
 264:  *
 265:  * @package Core
 266:  * @subpackage GenericDB_Model
 267:  */
 268: class cApiUser extends Item {
 269: 
 270:     /**
 271:      * Password is ok and stored.
 272:      *
 273:      * @var int
 274: 
 275:      */
 276:     const PASS_OK = 0;
 277: 
 278:     /**
 279:      * Given password is to short
 280:      *
 281:      * @var int
 282: 
 283:      */
 284:     const PASS_TO_SHORT = 1;
 285: 
 286:     /**
 287:      * Given password is not strong enough
 288:      *
 289:      * @var int
 290: 
 291:      */
 292:     const PASS_NOT_STRONG = 2;
 293: 
 294:     /**
 295:      * Given password is not complex enough
 296:      *
 297:      * @var int
 298: 
 299:      */
 300:     const PASS_NOT_COMPLEX = 3;
 301: 
 302:     /**
 303:      * Password does not contain enough numbers.
 304:      *
 305:      * @var int
 306: 
 307:      */
 308:     const PASS_NOT_ENOUGH_NUMBERS = 4;
 309: 
 310:     /**
 311:      * Password does not contain enough symbols.
 312:      *
 313:      * @var int
 314:      */
 315:     const PASS_NOT_ENOUGH_SYMBOLS = 5;
 316: 
 317:     /**
 318:      * Password does not contain enough mixed characters.
 319:      *
 320:      * @var int
 321: 
 322:      */
 323:     const PASS_NOT_ENOUGH_MIXED_CHARS = 6;
 324: 
 325:     /**
 326:      * Password does not contain enough different characters.
 327:      *
 328:      * @var int
 329: 
 330:      */
 331:     const PASS_NOT_ENOUGH_DIFFERENT_CHARS = 7;
 332: 
 333:     /**
 334:      * Exception code, which is used if you try to add an user
 335:      * that already exists.
 336:      *
 337:      * @var int
 338: 
 339:      */
 340:     const EXCEPTION_USERNAME_EXISTS = 8;
 341: 
 342:     /**
 343:      * Exception code, which is used if an password is set to save
 344:      * that is not valid.
 345:      *
 346:      * @var int
 347: 
 348:      */
 349:     const EXCEPTION_PASSWORD_INVALID = 9;
 350: 
 351:     /**
 352:      * This value will be used if no minimum length
 353:      * for passwords are set via $cfg['password']['min_length']
 354:      *
 355:      * @var int
 356: 
 357:      */
 358:     const MIN_PASS_LENGTH_DEFAULT = 8;
 359: 
 360:     /**
 361:      * Constructor function
 362:      *
 363:      * @param mixed $mId Specifies the ID of item to load
 364:      */
 365:     public function __construct($mId = false) {
 366:         global $cfg;
 367:         parent::__construct($cfg['tab']['user'], 'user_id');
 368:         $this->setFilters(array(), array());
 369:         if ($mId !== false) {
 370:             $this->loadByPrimaryKey($mId);
 371:         }
 372:     }
 373: 
 374:     /**
 375:      * Loads a user from the database by its userID.
 376:      *
 377:      * @param string $userId Specifies the userID
 378:      * @return bool True if the load was successful
 379:      */
 380:     public function loadUserByUserID($userId) {
 381:         return $this->loadByPrimaryKey($userId);
 382:     }
 383: 
 384:     /**
 385:      * Loads a user entry by username.
 386:      *
 387:      * @param string $userName Specifies the username
 388:      * @return bool True if the load was successful
 389:      */
 390:     public function loadUserByUsername($userName) {
 391:         return $this->loadBy('username', $userName);
 392:     }
 393: 
 394:     /**
 395:      * Checks if a user with the id $userId exists
 396:      *
 397:      * @return bool user exists or not
 398:      */
 399:     public static function userExists($userId) {
 400:         $test = new cApiUser();
 401: 
 402:         return $test->loadByPrimaryKey($userId);
 403:     }
 404: 
 405:     /**
 406:      * Checks if a username exists
 407:      *
 408:      * @param string $username the name
 409:      * @return bool username exists or not
 410:      */
 411:     public static function usernameExists($username) {
 412:         $user = new cApiUser();
 413:         return $user->loadBy('username', $username);
 414:     }
 415: 
 416:     /**
 417:      * Checks a given password against some predefined rules like minimum
 418:      * character
 419:      * length, required special character, etc...
 420:      * This behaviour is configurable in global configuration $cfg['password'].
 421:      *
 422:      * @param string $password The password check
 423:      * @return int One of defined PASS_* constants (PASS_OK if everything was
 424:      *         ok)
 425:      */
 426:     public static function checkPasswordMask($password) {
 427:         global $cfg;
 428: 
 429:         $iResult = self::PASS_OK;
 430: 
 431:         $cfgPw = $cfg['password'];
 432: 
 433:         if (!isset($cfgPw['check_password_mask']) || $cfgPw['check_password_mask'] == false) {
 434:             // no or disabled password check configuration
 435:             return $iResult;
 436:         }
 437: 
 438:         // any min length in config set?
 439:         $iMinLength = self::MIN_PASS_LENGTH_DEFAULT;
 440:         if (isset($cfgPw['min_length'])) {
 441:             $iMinLength = (int) $cfgPw['min_length'];
 442:         }
 443: 
 444:         // check length...
 445:         if (strlen($password) < $iMinLength) {
 446:             $iResult = self::PASS_TO_SHORT;
 447:         }
 448: 
 449:         // check password elements
 450:         // numbers.....
 451:         if ($iResult == self::PASS_OK && isset($cfgPw['numbers_mandatory']) && (int) $cfgPw['numbers_mandatory'] > 0) {
 452: 
 453:             $aNumbersInPassword = array();
 454:             preg_match_all('/[0-9]/', $password, $aNumbersInPassword);
 455: 
 456:             if (count($aNumbersInPassword[0]) < (int) $cfgPw['numbers_mandatory']) {
 457:                 $iResult = self::PASS_NOT_ENOUGH_NUMBERS;
 458:             }
 459:         }
 460: 
 461:         // symbols....
 462:         if ($iResult == self::PASS_OK && isset($cfgPw['symbols_mandatory']) && (int) $cfgPw['symbols_mandatory'] > 0) {
 463: 
 464:             $aSymbols = array();
 465:             $sSymbolsDefault = "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/";
 466:             if (isset($cfgPw['symbols_regex']) && !empty($cfgPw['symbols_regex'])) {
 467:                 $sSymbolsDefault = $cfgPw['symbols_regex'];
 468:             }
 469: 
 470:             preg_match_all($sSymbolsDefault, $password, $aSymbols);
 471: 
 472:             if (count($aSymbols[0]) < (int) $cfgPw['symbols_mandatory']) {
 473:                 $iResult = self::PASS_NOT_ENOUGH_SYMBOLS;
 474:             }
 475:         }
 476: 
 477:         // mixed case??
 478:         if ($iResult == self::PASS_OK && isset($cfgPw['mixed_case_mandatory']) && (int) $cfgPw['mixed_case_mandatory'] > 0) {
 479: 
 480:             $aLowerCaseChars = array();
 481:             $aUpperCaseChars = array();
 482: 
 483:             preg_match_all('/[a-z]/', $password, $aLowerCaseChars);
 484:             preg_match_all('/[A-Z]/', $password, $aUpperCaseChars);
 485: 
 486:             if ((count($aLowerCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory']) || (count($aUpperCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory'])) {
 487:                 $iResult = self::PASS_NOT_ENOUGH_MIXED_CHARS;
 488:             }
 489:         }
 490: 
 491:         return $iResult;
 492:     }
 493: 
 494:     /**
 495:      * Encodes a passed password (uses md5 to generate a hash of it).
 496:      *
 497:      * @param string $password The password to encode
 498:      * @return string Encoded password
 499:      */
 500:     public function encodePassword($password) {
 501:         return hash("sha256", md5($password).$this->get("salt"));
 502:     }
 503: 
 504:     /**
 505:      * User defined field value setter.
 506:      *
 507:      * @param string $sField Field name
 508:      * @param string $mValue Value to set
 509:      * @param bool $bSafe Flag to run defined inFilter on passed value
 510:      */
 511:     public function setField($sField, $mValue, $bSafe = true) {
 512:         if ('perms' === $sField) {
 513:             if (is_array($mValue)) {
 514:                 $mValue = implode(',', $mValue);
 515:             }
 516:         }
 517: 
 518:         return parent::setField($sField, $mValue, $bSafe);
 519:     }
 520: 
 521:     /**
 522:      * Returns user id, currently set.
 523:      *
 524:      * @return string
 525:      */
 526:     public function getUserId() {
 527:         return $this->get('user_id');
 528:     }
 529: 
 530:     /**
 531:      * User id settter.
 532:      * NOTE: Setting the user id by this method will load the user model.
 533:      *
 534:      * @param string $uid
 535:      */
 536:     public function setUserId($uid) {
 537:         $this->loadByPrimaryKey($uid);
 538:     }
 539: 
 540:     /**
 541:      * Checks password which has to be set and return PASS_* values (i.e.
 542:      * on success PASS_OK).
 543:      *
 544:      * @param string $password
 545:      * @return int
 546:      */
 547:     public function setPassword($password) {
 548:         $result = self::checkPasswordMask($password);
 549:         if ($result != self::PASS_OK) {
 550:             return $result;
 551:         }
 552: 
 553:         $encPass = $this->encodePassword($password);
 554: 
 555:         if ($this->get('password') != $encPass) {
 556:             $this->set('password', $encPass);
 557:             $this->set('using_pw_request', '0');
 558:         }
 559: 
 560:         return $result;
 561:     }
 562: 
 563:     /**
 564:      * This method saves the given password $password.
 565:      * The password
 566:      * has to be checked, before it is set to the database. The resulting
 567:      * integer value represents the result code.
 568:      * Use the PASS_* constants to check what happens.
 569:      *
 570:      * @param string $password
 571:      * @return int bool PASS_* or false if saving fails
 572:      */
 573:     public function savePassword($password) {
 574:         if ($this->get('password') == $this->encodePassword($password)) {
 575:             return self::PASS_OK;
 576:         }
 577: 
 578:         $result = $this->setPassword($password);
 579: 
 580:         if ($this->store() === false) {
 581:             return false;
 582:         } else {
 583:             return $result;
 584:         }
 585:     }
 586: 
 587:     /**
 588:      * Returns user name, currently set
 589:      *
 590:      * @return string
 591:      */
 592:     public function getUserName() {
 593:         return $this->get('username');
 594:     }
 595: 
 596:     /**
 597:      * Sets up new user name.
 598:      *
 599:      * @param string $sUserName
 600:      */
 601:     public function setUserName($sUserName) {
 602:         if ($this->get('username') != $sUserName) {
 603:             $this->set('username', $sUserName);
 604:         }
 605:     }
 606: 
 607:     /**
 608:      * Getter method to get user realname
 609:      *
 610:      * @return string Realname of user
 611:      */
 612:     public function getRealName() {
 613:         return $this->get('realname');
 614:     }
 615: 
 616:     /**
 617:      * Returns effective user name (if exists realname , otherwhise username)
 618:      *
 619:      * @return string Realname or username of user
 620:      */
 621:     public function getEffectiveName() {
 622:         $name = trim($this->get('realname'));
 623:         if (strlen($name) == 0) {
 624:             $name = trim($this->get('username'));
 625:         }
 626:         return $name;
 627:     }
 628: 
 629:     /**
 630:      * Getter method to get user mail
 631:      *
 632:      * @return string
 633:      */
 634:     public function getMail() {
 635:         return $this->get('email');
 636:     }
 637: 
 638:     /**
 639:      * Getter method to get user tel number
 640:      *
 641:      * @return string
 642:      */
 643:     public function getTelNumber() {
 644:         return $this->get('telephone');
 645:     }
 646: 
 647:     /**
 648:      * Getter method to get user adress data
 649:      *
 650:      * @return array Address data array like:
 651:      *         <pre>
 652:      *         $aAddress['street'], $aAddress['city'], $aAddress['country'],
 653:      *         $aAddress['zip']
 654:      *         </pre>
 655:      */
 656:     public function getAddressData() {
 657:         $aret = array(
 658:             'street' => $this->get('address_street'),
 659:             'city' => $this->get('address_city'),
 660:             'country' => $this->get('address_country'),
 661:             'zip' => $this->get('address_zip')
 662:         );
 663: 
 664:         return $aret;
 665:     }
 666: 
 667:     /**
 668:      * Getter method to get user wysi
 669:      *
 670:      * @return int
 671:      */
 672:     public function getUseWysi() {
 673:         return $this->get('wysi');
 674:     }
 675: 
 676:     /**
 677:      * Getter method to get user valid date from-to
 678:      *
 679:      * @return string
 680:      */
 681:     public function getValidDateTo() {
 682:         return $this->get('valid_to');
 683:     }
 684: 
 685:     /**
 686:      * Getter method to get user valid date from-to
 687:      *
 688:      * @return string
 689:      */
 690:     public function getValidDateFrom() {
 691:         return $this->get('valid_from');
 692:     }
 693: 
 694:     /**
 695:      * Getter method to get user perm name
 696:      *
 697:      * @return string
 698:      */
 699:     public function getPerms() {
 700:         return $this->get('perms');
 701:     }
 702: 
 703:     /**
 704:      * Returns list of user permissions.
 705:      *
 706:      * @return array
 707:      */
 708:     public function getPermsArray() {
 709:         return explode(',', $this->get('perms'));
 710:     }
 711: 
 712:     /**
 713:      * Setter method to set user real name
 714:      *
 715:      * @param string $sRealName
 716:      */
 717:     public function setRealName($sRealName) {
 718:         if ($this->get('realname') != $sRealName) {
 719:             $this->set('realname', $sRealName);
 720:         }
 721:     }
 722: 
 723:     /**
 724:      * Setter method to set user mail address
 725:      *
 726:      * @param string $sMail
 727:      */
 728:     public function setMail($sMail) {
 729:         if ($this->get('email') != $sMail) {
 730:             $this->set('email', $sMail);
 731:         }
 732:     }
 733: 
 734:     /**
 735:      * Setter method to set user tel number
 736:      *
 737:      * @param string $sTelNumber
 738:      */
 739:     public function setTelNumber($sTelNumber) {
 740:         if ($this->get('telephone') != $sTelNumber) {
 741:             $this->set('telephone', $sTelNumber);
 742:         }
 743:     }
 744: 
 745:     /**
 746:      * Setter method to set address data
 747:      *
 748:      * @param string $sStreet
 749:      * @param string $sCity
 750:      * @param string $sZip
 751:      * @param string $sCountry
 752:      */
 753:     public function setAddressData($sStreet, $sCity, $sZip, $sCountry) {
 754:         if ($this->get('address_street') != $sStreet) {
 755:             $this->set('address_street', $sStreet);
 756:         }
 757:         if ($this->get('address_city') != $sCity) {
 758:             $this->set('address_city', $sCity);
 759:         }
 760:         if ($this->get('address_zip') != $sZip) {
 761:             $this->set('address_zip', $sZip);
 762:         }
 763:         if ($this->get('address_country') != $sCountry) {
 764:             $this->set('address_country', $sCountry);
 765:         }
 766:     }
 767: 
 768:     /**
 769:      * Sets value for street.
 770:      *
 771:      * @param string $sStreet
 772:      */
 773:     public function setStreet($sStreet) {
 774:         if ($this->get('address_street') != $sStreet) {
 775:             $this->set('address_street', $sStreet);
 776:         }
 777:     }
 778: 
 779:     /**
 780:      * Sets value for city.
 781:      *
 782:      * @param string $sCity
 783:      */
 784:     public function setCity($sCity) {
 785:         if ($this->get('address_city') != $sCity) {
 786:             $this->set('address_city', $sCity);
 787:         }
 788:     }
 789: 
 790:     /**
 791:      * Sets value for ZIP.
 792:      *
 793:      * @param string $sZip
 794:      */
 795:     public function setZip($sZip) {
 796:         if ($this->get('address_zip') != $sZip) {
 797:             $this->set('address_zip', $sZip);
 798:         }
 799:     }
 800: 
 801:     /**
 802:      * Sets value for country.
 803:      *
 804:      * @param string $sCountry
 805:      */
 806:     public function setCountry($sCountry) {
 807:         if ($this->get('address_country') != $sCountry) {
 808:             $this->set('address_country', $sCountry);
 809:         }
 810:     }
 811: 
 812:     /**
 813:      * Setter method to set wysi
 814:      *
 815:      * @param int $iUseWysi
 816:      */
 817:     public function setUseWysi($iUseWysi) {
 818:         if ($this->get('wysi') != $iUseWysi) {
 819:             $this->set('wysi', $iUseWysi);
 820:         }
 821:     }
 822: 
 823:     /**
 824:      * Setter method to set valid_to
 825:      *
 826:      * @param string $sValidateTo TODO add type check
 827:      */
 828:     public function setValidDateTo($sValidateTo) {
 829:         if ('0000-00-00' == $this->get('valid_to') && 0 == strlen(trim($sValidateTo))) {
 830:             return;
 831:         }
 832:         if ($this->get('valid_to') != $sValidateTo) {
 833:             $this->set('valid_to', $sValidateTo);
 834:         }
 835:     }
 836: 
 837:     /**
 838:      * Setter method to set valid_from
 839:      *
 840:      * @param string $sValidateFrom TODO add type checks
 841:      */
 842:     public function setValidDateFrom($sValidateFrom) {
 843:         if ('0000-00-00' == $this->get('valid_from') && 0 == strlen(trim($sValidateFrom))) {
 844:             return;
 845:         }
 846:         if ($this->get('valid_from') != $sValidateFrom) {
 847:             $this->set('valid_from', $sValidateFrom);
 848:         }
 849:     }
 850: 
 851:     /**
 852:      * Setter method to set perms
 853:      *
 854:      * @param array|string $perms
 855:      */
 856:     public function setPerms($perms) {
 857:         if ($this->get('perms') != $perms) {
 858:             $this->set('perms', $perms);
 859:         }
 860:     }
 861: 
 862:     /**
 863:      * Function returns effective perms for user including group rights as perm
 864:      * string.
 865:      *
 866:      * @author Timo Trautmann
 867:      * @return string Current users permissions
 868:      */
 869:     public function getEffectiveUserPerms() {
 870:         global $perm;
 871: 
 872:         // first get users own permissions and filter them into result array
 873:         // $aUserPerms
 874:         $aUserPerms = array();
 875:         $aUserPermsSelf = explode(',', $this->values['perms']);
 876:         foreach ($aUserPermsSelf as $sPerm) {
 877:             if (trim($sPerm) != '') {
 878:                 $aUserPerms[] = $sPerm;
 879:             }
 880:         }
 881: 
 882:         // get all corresponding groups for this user
 883:         $groups = $perm->getGroupsForUser($this->values['user_id']);
 884: 
 885:         foreach ($groups as $value) {
 886:             // get global group permissions
 887:             $oGroup = new cApiGroup($value);
 888:             $aGroupPerms = $oGroup->getPermsArray();
 889: 
 890:             // add group permissions to $aUserPerms if they were not alredy
 891:             // defined before
 892:             foreach ($aGroupPerms as $sPerm) {
 893:                 if (trim($sPerm) != '' && !in_array($sPerm, $aUserPerms)) {
 894:                     $aUserPerms[] = $sPerm;
 895:                 }
 896:             }
 897:         }
 898:         return implode(',', $aUserPerms);
 899:     }
 900: 
 901:     /**
 902:      * Returns group names where the user is in.
 903:      *
 904:      * @param string $userid Optional user id, uses id of loaded user by
 905:      *        default.
 906:      * @param bool $bAddDescription Flag to add description like "groupname
 907:      *        (description)"
 908:      * @return array
 909:      */
 910:     public function getGroupNamesByUserID($userid = null, $bAddDescription = true) {
 911:         $userid = (null === $userid)? $this->get('user_id') : $userid;
 912: 
 913:         $aGroups = array();
 914: 
 915:         $oGroupColl = new cApiGroupCollection();
 916:         $groups = $oGroupColl->fetchByUserID($userid);
 917: 
 918:         foreach ($groups as $group) {
 919:             $sTemp = $group->get('groupname');
 920:             $sTemp = substr($sTemp, 4, strlen($sTemp) - 4);
 921: 
 922:             if (true === $bAddDescription) {
 923:                 $sDescription = trim($group->get('description'));
 924:                 if ($sDescription != '') {
 925:                     $sTemp .= ' (' . $sDescription . ')';
 926:                 }
 927:             }
 928: 
 929:             $aGroups[] = $sTemp;
 930:         }
 931: 
 932:         return $aGroups;
 933:     }
 934: 
 935:     /**
 936:      * Returns group ids where the user is in.
 937:      *
 938:      * @param string $userid Optional user id, uses id of loaded user by
 939:      *        default.
 940:      * @return array
 941:      */
 942:     public function getGroupIDsByUserID($userid) {
 943:         $userid = (null === $userid)? $this->get('user_id') : $userid;
 944: 
 945:         $aGroups = array();
 946: 
 947:         $oGroupColl = new cApiGroupCollection();
 948:         $groups = $oGroupColl->fetchByUserID($userid);
 949: 
 950:         foreach ($groups as $group) {
 951:             $aGroups[] = $group->get('group_id');
 952:         }
 953: 
 954:         return $aGroups;
 955:     }
 956: 
 957:     /**
 958:      * Retrieves the effective user property.
 959:      *
 960:      * @param string $type Type (class, category etc) for the property to
 961:      *        retrieve
 962:      * @param string $name Name of the property to retrieve
 963:      * @param bool $group Flag to search in groups
 964:      * @return string bool value of the retrieved property or false
 965:      */
 966:     public function getUserProperty($type, $name, $group = false) {
 967:         global $perm;
 968: 
 969:         if (!is_object($perm)) {
 970:             $perm = new cPermission();
 971:         }
 972: 
 973:         $result = false;
 974: 
 975:         if ($group == true) {
 976:             // first get property by existing groups, if desired
 977:             $groups = $perm->getGroupsForUser($this->values['user_id']);
 978: 
 979:             foreach ($groups as $groupid) {
 980:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
 981:                 $groupProp = $groupPropColl->fetchByGroupIdTypeName($type, $name);
 982:                 if ($groupProp) {
 983:                     $result = $groupProp->get('value');
 984:                 }
 985:             }
 986:         }
 987: 
 988:         // get property of user
 989:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
 990:         $userProp = $userPropColl->fetchByUserIdTypeName($type, $name);
 991:         if ($userProp) {
 992:             $result = $userProp->get('value');
 993:         }
 994: 
 995:         return ($result !== false)? $result : false;
 996:     }
 997: 
 998:     /**
 999:      * Returns all user properties by type.
1000:      *
1001:      * @todo return value should be similar to getUserProperties()
1002:      *
1003:      * @param string $type Type (class, category etc) of the properties to
1004:      *        retrieve
1005:      * @param bool $group Flag to retrieve in group properties. If enabled,
1006:      *        group properties
1007:      *        will be merged with user properties where the user poperties will
1008:      *        overwrite group properties
1009:      * @return array Assoziative properties array as follows:
1010:      *         - $arr[name] = value
1011:      */
1012:     public function getUserPropertiesByType($type, $group = false) {
1013:         global $perm;
1014: 
1015:         if (!is_object($perm)) {
1016:             $perm = new cPermission();
1017:         }
1018: 
1019:         $props = array();
1020: 
1021:         if ($group == true) {
1022:             // first get properties by existing groups, if desired
1023:             $groups = $perm->getGroupsForUser($this->values['user_id']);
1024:             foreach ($groups as $groupid) {
1025:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
1026:                 $groupProps = $groupPropColl->fetchByGroupIdType($type);
1027:                 foreach ($groupProps as $groupProp) {
1028:                     $props[$groupProp->get('name')] = $groupProp->get('value');
1029:                 }
1030:             }
1031:         }
1032: 
1033:         // get properties of user
1034:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1035:         $userProps = $userPropColl->fetchByUserIdType($type);
1036:         foreach ($userProps as $userProp) {
1037:             $props[$userProp->get('name')] = $userProp->get('value');
1038:         }
1039: 
1040:         return $props;
1041:     }
1042: 
1043:     /**
1044:      * Retrieves all available properties of the user.
1045:      *
1046:      * @return array bool a array or false in downwards compatible mode,
1047:      *         otherwhise a array.
1048:      *         Return value in new mode is:
1049:      *         - $arr[iduserprop][name]
1050:      *         - $arr[iduserprop][type]
1051:      *         - $arr[iduserprop][value]
1052:      *         Return value in downwards compatible mode is:
1053:      *         - $arr[pos][name]
1054:      *         - $arr[pos][type]
1055:      */
1056:     public function getUserProperties() {
1057:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1058:         $userProps = $userPropColl->fetchByUserId();
1059: 
1060:         $props = array();
1061: 
1062:         foreach ($userProps as $userProp) {
1063:             $props[$userProp->get('iduserprop')] = array(
1064:                 'name' => $userProp->get('name'),
1065:                 'type' => $userProp->get('type'),
1066:                 'value' => $userProp->get('value')
1067:             );
1068:         }
1069: 
1070:         return $props;
1071:     }
1072: 
1073:     /**
1074:      * Stores a property to the database
1075:      *
1076:      * @param string $type Type (class, category etc) for the property to
1077:      *        retrieve
1078:      * @param string $name Name of the property to retrieve
1079:      * @param string $value Value to insert
1080:      * @return cApiUserProperty
1081:      */
1082:     public function setUserProperty($type, $name, $value) {
1083:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1084:         $userProps = $userPropColl->setValueByTypeName($type, $name, $value);
1085:     }
1086: 
1087:     /**
1088:      * Deletes a user property from the table.
1089:      *
1090:      * @param string $type Type (class, category etc) of property to retrieve
1091:      * @param string $name Name of property to retrieve
1092:      * @return bool
1093:      */
1094:     public function deleteUserProperty($type, $name) {
1095:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1096:         return $userPropColl->deleteByUserIdTypeName($type, $name);
1097:     }
1098: 
1099:     /**
1100:      * This static method provides a simple way to get error messages depending
1101:      * on error code $iErrorCode, which is returned by checkPassword* methods.
1102:      *
1103:      * @param int $iErrorCode
1104:      * @return string
1105:      */
1106:     public static function getErrorString($iErrorCode) {
1107:         global $cfg;
1108: 
1109:         $sError = '';
1110: 
1111:         switch ($iErrorCode) {
1112:             case self::PASS_NOT_ENOUGH_MIXED_CHARS:
1113:                 $sError = sprintf(i18n('Please use at least %d lower and upper case characters in your password!'), $cfg['password']['mixed_case_mandatory']);
1114:                 break;
1115:             case self::PASS_NOT_ENOUGH_NUMBERS:
1116:                 $sError = sprintf(i18n('Please use at least %d numbers in your password!'), $cfg['password']['numbers_mandatory']);
1117:                 break;
1118:             case self::PASS_NOT_ENOUGH_SYMBOLS:
1119:                 $sError = sprintf(i18n('Please use at least %d symbols in your password!'), $cfg['password']['symbols_mandatory']);
1120:                 break;
1121:             case self::PASS_TO_SHORT:
1122:                 $sError = sprintf(i18n('Password is too short! Please use at least %d signs.'), ($cfg['password']['min_length'] > 0? $cfg['password']['min_length'] : self::MIN_PASS_LENGTH_DEFAULT));
1123:                 break;
1124:             case self::PASS_NOT_ENOUGH_DIFFERENT_CHARS:
1125:                 $sError = sprintf(i18n('Password does not contain enough different characters.'));
1126:                 break;
1127:             case self::PASS_NOT_STRONG:
1128:                 $sError = i18n('Please choose a more secure password!');
1129:                 break;
1130:             default:
1131:                 $sError = 'I do not really know what has happened. But your password does not match the
1132:                 policies! Please consult your administrator. The error code is #' . $iErrorCode;
1133:         }
1134: 
1135:         return $sError;
1136:     }
1137: 
1138: }
1139: