1: <?php
   2: 
   3: /**
   4:  * This file contains the system property collection and item class.
   5:  *
   6:  * @package Core
   7:  * @subpackage GenericDB_Model
   8:  * @author Bjoern Behrens
   9:  * @author Holger Librenz
  10:  * @copyright four for business AG <www.4fb.de>
  11:  * @license http://www.contenido.org/license/LIZENZ.txt
  12:  * @link http://www.4fb.de
  13:  * @link http://www.contenido.org
  14:  */
  15: 
  16: defined('CON_FRAMEWORK') || die('Illegal call: Missing framework initialization - request aborted.');
  17: 
  18: /**
  19:  * User collection
  20:  *
  21:  * @package Core
  22:  * @subpackage GenericDB_Model
  23:  */
  24: class cApiUserCollection extends ItemCollection {
  25: 
  26:     /**
  27:      * Constructor to create an instance of this class.
  28:      *
  29:      * @global array $cfg
  30:      * @param string|bool $where [optional]
  31:      *         The where clause in the select, usable to run select by creating
  32:      *         the instance
  33:      */
  34:     public function __construct($where = false) {
  35:         global $cfg;
  36:         parent::__construct($cfg['tab']['user'], 'user_id');
  37:         $this->_setItemClass('cApiUser');
  38:         if ($where !== false) {
  39:             $this->select($where);
  40:         }
  41:     }
  42: 
  43:     /**
  44:      * Createa a user by user name.
  45:      *
  46:      * @param string $username
  47:      * @return cApiUser|bool
  48:      */
  49:     public function create($username) {
  50:         $primaryKeyValue = md5($username);
  51: 
  52:         $item = $this->createNewItem($primaryKeyValue);
  53:         if ($item->usernameExists($username)) {
  54:             return false;
  55:         }
  56: 
  57:         $item->set('username', $username);
  58:         $item->set('salt', md5($username . rand(1000, 9999) . rand(1000, 9999) . rand(1000, 9999)));
  59:         $item->store();
  60: 
  61:         return $item;
  62:     }
  63: 
  64:     /**
  65:      * Removes the specified user from the database by users name.
  66:      *
  67:      * @param string $username
  68:      *         Specifies the username
  69:      * @return bool
  70:      *         True if the delete was successful
  71:      */
  72:     public function deleteUserByUsername($username) {
  73:         $result = $this->deleteBy('username', $username);
  74:         return ($result > 0) ? true : false;
  75:     }
  76: 
  77:     /**
  78:      * Returns all users which are accessible by the current user.
  79:      *
  80:      * @param array $perms
  81:      *         Permissions array
  82:      * @param bool $includeAdmins [optional]
  83:      *         Flag to get admins (admin and sysadmin) too
  84:      * @param string $orderBy [optional]
  85:      *         Order by rule, uses 'realname, username' by default
  86:      * @return array
  87:      *         Array of user objects
  88:      */
  89:     public function fetchAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
  90:         $users = array();
  91:         $limit = array();
  92:         $where = '';
  93: 
  94:         if (!in_array('sysadmin', $perms)) {
  95:             // not sysadmin, compose where rules
  96:             $clientColl = new cApiClientCollection();
  97:             $allClients = $clientColl->getAvailableClients();
  98: 
  99:             foreach ($allClients as $key => $value) {
 100:                 if (in_array('client[' . $key . ']', $perms) || in_array('admin[' . $key . ']', $perms)) {
 101:                     $limit[] = 'perms LIKE "%client[' . $this->escape($key) . ']%"';
 102:                     if ($includeAdmins) {
 103:                         $limit[] = 'perms LIKE "%admin[' . $this->escape($key) . ']%"';
 104:                     }
 105:                 }
 106:                 if (in_array('admin[' . $key . ']', $perms)) {
 107:                     $limit[] = 'perms LIKE "%admin[' . $key . ']%"';
 108:                 }
 109:             }
 110: 
 111:             if ($includeAdmins) {
 112:                 $limit[] = 'perms LIKE "%sysadmin%"';
 113:             }
 114: 
 115:             if (count($limit) > 0) {
 116:                 $where = '1 AND ' . implode(' OR ', $limit);
 117:             }
 118:         }
 119: 
 120:         if (empty($orderBy)) {
 121:             $orderBy = 'realname, username';
 122:         }
 123: 
 124:         $this->select($where, '', $this->escape($orderBy));
 125:         while (($oItem = $this->next()) !== false) {
 126:             $users[] = clone $oItem;
 127:         }
 128: 
 129:         return $users;
 130:     }
 131: 
 132:     /**
 133:      * Returns all users which are accessible by the current user.
 134:      * Is a wrapper of fetchAccessibleUsers() and returns contrary to that
 135:      * function
 136:      * a multidimensional array instead of a list of objects.
 137:      *
 138:      * @param array $perms
 139:      *         Permissions array
 140:      * @param bool $includeAdmins [optional]
 141:      *         Flag to get admins (admin and sysadmin) too
 142:      * @param string $orderBy [optional]
 143:      *         Order by rule, uses 'realname, username' by default
 144:      * @return array
 145:      *         Array of user like $arr[user_id][username], $arr[user_id][realname]
 146:      */
 147:     public function getAccessibleUsers($perms, $includeAdmins = false, $orderBy = '') {
 148:         $users = array();
 149:         $oUsers = $this->fetchAccessibleUsers($perms, $includeAdmins, $orderBy);
 150:         foreach ($oUsers as $oItem) {
 151:             $users[$oItem->get('user_id')] = array(
 152:                 'username' => $oItem->get('username'),
 153:                 'realname' => $oItem->get('realname')
 154:             );
 155:         }
 156:         return $users;
 157:     }
 158: 
 159:     /**
 160:      * Returns all users available in the system
 161:      *
 162:      * @param string $orderBy [optional]
 163:      *         SQL order by part
 164:      * @return array
 165:      */
 166:     public function fetchAvailableUsers($orderBy = 'realname ASC') {
 167:         $users = array();
 168: 
 169:         $this->select('', '', $this->escape($orderBy));
 170:         while (($oItem = $this->next()) !== false) {
 171:             $users[] = clone $oItem;
 172:         }
 173: 
 174:         return $users;
 175:     }
 176: 
 177:     /**
 178:      * Returns all system admins available in the system
 179:      *
 180:      * @param bool $forceActive [optional]
 181:      *         flag if only active sysadmins should be returned
 182:      * @return array
 183:      *         Array of user objects
 184:      */
 185:     public function fetchSystemAdmins($forceActive = false) {
 186:         $users = array();
 187: 
 188:         $where = 'perms LIKE "%sysadmin%"';
 189:         if ($forceActive === true) {
 190:             $where .= " AND (valid_from <= NOW() OR valid_from = '0000-00-00 00:00:00')" . " AND (valid_to >= NOW() OR valid_to = '0000-00-00 00:00:00')";
 191:         }
 192: 
 193:         $this->select($where);
 194:         while (($item = $this->next()) !== false) {
 195:             $users[] = clone $item;
 196:         }
 197: 
 198:         return $users;
 199:     }
 200: 
 201:     /**
 202:      * Returns all system admins available in the system
 203:      *
 204:      * @param int $client
 205:      * @return array
 206:      *         Array of user objects
 207:      */
 208:     public function fetchClientAdmins($client) {
 209:         $client = (int) $client;
 210:         $users = array();
 211: 
 212:         $where = 'perms LIKE "%admin[' . $client . ']%"';
 213: 
 214:         $this->select($where);
 215:         while (($item = $this->next()) !== false) {
 216:             $users[] = clone $item;
 217:         }
 218: 
 219:         return $users;
 220:     }
 221: }
 222: 
 223: /**
 224:  * User item
 225:  *
 226:  * In current version you can administer optional password checks
 227:  * via following configuration values:
 228:  *
 229:  * - En- or disabling checks:
 230:  * $cfg['password']['check_password_mask'] = [true|false]
 231:  * Use this flag to enable (true) or disable (false) the mask checks.
 232:  *
 233:  * $cfg['password']['use_cracklib'] = [true|false]
 234:  * Use this to enable (true) or disable (false) the strength check, currently
 235:  * done with cracklib.
 236:  *
 237:  * - Mask checks:
 238:  * Password mask checks are checks belonging to the "format" of the needed
 239:  * password string.
 240:  *
 241:  * $cfg['password']['min_length'], int
 242:  * Minimum length a password has to have. If not set, 8 chars are set as default
 243:  * $cfg['password']['numbers_mandatory'], int
 244:  * If set to a value greater than 0, at least
 245:  * $cfg['password']['numbers_mandatory'] numbers
 246:  * must be in password
 247:  * $cfg['password']['symbols_mandatory'], int &&
 248:  * $cfg['password']['symbols_regex'], String
 249:  * If 'symbols_mandatory' set to a value greater than 0, at least so many
 250:  * symbols has to appear in
 251:  * given password. What symbols are regcognized can be administrated via
 252:  * 'symbols_regex'. This has
 253:  * to be a regular expression which is used to "find" the symbols in $password.
 254:  * If not set, following
 255:  * RegEx is used: "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/"
 256:  * $cfg['password']['mixed_case_mandatory'], int
 257:  * If set to a value greater than 0 so many lower and upper case character must
 258:  * appear in the password.
 259:  * (e.g.: if set to 2, 2 upper and 2 lower case characters must appear)
 260:  *
 261:  * - Strength check
 262:  * Passwords should have some special characteristics to be a strong, i.e. not
 263:  * easy to guess, password. Currently
 264:  * cracklib is supported. These are the configuration possibilities:
 265:  *
 266:  * $cfg['password']['cracklib_dict'], string
 267:  * Path and file name (without file extension!) to dictionary you want to use.
 268:  * This setting is
 269:  * mandatory!
 270:  *
 271:  * Keep in mind that these type of check only works if crack module is
 272:  * available.
 273:  *
 274:  * @package Core
 275:  * @subpackage GenericDB_Model
 276:  */
 277: class cApiUser extends Item {
 278: 
 279:     /**
 280:      * Password is ok and stored.
 281:      *
 282:      * @var int
 283:      *
 284:      */
 285:     const PASS_OK = 0;
 286: 
 287:     /**
 288:      * Given password is to short
 289:      *
 290:      * @var int
 291:      *
 292:      */
 293:     const PASS_TO_SHORT = 1;
 294: 
 295:     /**
 296:      * Given password is not strong enough
 297:      *
 298:      * @var int
 299:      *
 300:      */
 301:     const PASS_NOT_STRONG = 2;
 302: 
 303:     /**
 304:      * Given password is not complex enough
 305:      *
 306:      * @var int
 307:      *
 308:      */
 309:     const PASS_NOT_COMPLEX = 3;
 310: 
 311:     /**
 312:      * Password does not contain enough numbers.
 313:      *
 314:      * @var int
 315:      *
 316:      */
 317:     const PASS_NOT_ENOUGH_NUMBERS = 4;
 318: 
 319:     /**
 320:      * Password does not contain enough symbols.
 321:      *
 322:      * @var int
 323:      */
 324:     const PASS_NOT_ENOUGH_SYMBOLS = 5;
 325: 
 326:     /**
 327:      * Password does not contain enough mixed characters.
 328:      *
 329:      * @var int
 330:      *
 331:      */
 332:     const PASS_NOT_ENOUGH_MIXED_CHARS = 6;
 333: 
 334:     /**
 335:      * Password does not contain enough different characters.
 336:      *
 337:      * @var int
 338:      *
 339:      */
 340:     const PASS_NOT_ENOUGH_DIFFERENT_CHARS = 7;
 341: 
 342:     /**
 343:      * Exception code, which is used if you try to add an user
 344:      * that already exists.
 345:      *
 346:      * @var int
 347:      *
 348:      */
 349:     const EXCEPTION_USERNAME_EXISTS = 8;
 350: 
 351:     /**
 352:      * Exception code, which is used if an password is set to save
 353:      * that is not valid.
 354:      *
 355:      * @var int
 356:      *
 357:      */
 358:     const EXCEPTION_PASSWORD_INVALID = 9;
 359: 
 360:     /**
 361:      * This value will be used if no minimum length
 362:      * for passwords are set via $cfg['password']['min_length']
 363:      *
 364:      * @var int
 365:      *
 366:      */
 367:     const MIN_PASS_LENGTH_DEFAULT = 8;
 368: 
 369:     /**
 370:      * Constructor to create an instance of this class.
 371:      *
 372:      * @param mixed $mId [optional]
 373:      *         Specifies the ID of item to load
 374:      */
 375:     public function __construct($mId = false) {
 376:         global $cfg;
 377:         parent::__construct($cfg['tab']['user'], 'user_id');
 378:         $this->setFilters(array(), array());
 379:         if ($mId !== false) {
 380:             $this->loadByPrimaryKey($mId);
 381:         }
 382:     }
 383: 
 384:     /**
 385:      * Loads a user from the database by its userID.
 386:      *
 387:      * @param string $userId
 388:      *         Specifies the userID
 389:      * @return bool
 390:      *         True if the load was successful
 391:      */
 392:     public function loadUserByUserID($userId) {
 393:         return $this->loadByPrimaryKey($userId);
 394:     }
 395: 
 396:     /**
 397:      * Loads a user entry by username.
 398:      *
 399:      * @param string $userName
 400:      *         Specifies the username
 401:      * @return bool
 402:      *         True if the load was successful
 403:      */
 404:     public function loadUserByUsername($userName) {
 405:         return $this->loadBy('username', $userName);
 406:     }
 407: 
 408:     /**
 409:      * Checks if a user with the id $userId exists
 410:      *
 411:      * @param string $userId
 412:      * @return bool
 413:      *         user exists or not
 414:      */
 415:     public static function userExists($userId) {
 416:         $test = new cApiUser();
 417: 
 418:         return $test->loadByPrimaryKey($userId);
 419:     }
 420: 
 421:     /**
 422:      * Checks if a username exists
 423:      *
 424:      * @param string $username
 425:      *         the name
 426:      * @return bool
 427:      *         username exists or not
 428:      */
 429:     public static function usernameExists($username) {
 430:         $user = new cApiUser();
 431:         return $user->loadBy('username', $username);
 432:     }
 433: 
 434:     /**
 435:      * Checks a given password against some predefined rules like minimum
 436:      * character
 437:      * length, required special character, etc...
 438:      * This behaviour is configurable in global configuration $cfg['password'].
 439:      *
 440:      * @param string $password
 441:      *         The password check
 442:      * @return int
 443:      *         One of defined PASS_* constants (PASS_OK if everything was ok)
 444:      */
 445:     public static function checkPasswordMask($password) {
 446:         global $cfg;
 447: 
 448:         $iResult = self::PASS_OK;
 449: 
 450:         $cfgPw = $cfg['password'];
 451: 
 452:         if (!isset($cfgPw['check_password_mask']) || $cfgPw['check_password_mask'] == false) {
 453:             // no or disabled password check configuration
 454:             return $iResult;
 455:         }
 456: 
 457:         // any min length in config set?
 458:         $iMinLength = self::MIN_PASS_LENGTH_DEFAULT;
 459:         if (isset($cfgPw['min_length'])) {
 460:             $iMinLength = (int) $cfgPw['min_length'];
 461:         }
 462: 
 463:         // check length...
 464:         if (strlen($password) < $iMinLength) {
 465:             $iResult = self::PASS_TO_SHORT;
 466:         }
 467: 
 468:         // check password elements
 469:         // numbers.....
 470:         if ($iResult == self::PASS_OK && isset($cfgPw['numbers_mandatory']) && (int) $cfgPw['numbers_mandatory'] > 0) {
 471: 
 472:             $aNumbersInPassword = array();
 473:             preg_match_all('/[0-9]/', $password, $aNumbersInPassword);
 474: 
 475:             if (count($aNumbersInPassword[0]) < (int) $cfgPw['numbers_mandatory']) {
 476:                 $iResult = self::PASS_NOT_ENOUGH_NUMBERS;
 477:             }
 478:         }
 479: 
 480:         // symbols....
 481:         if ($iResult == self::PASS_OK && isset($cfgPw['symbols_mandatory']) && (int) $cfgPw['symbols_mandatory'] > 0) {
 482: 
 483:             $aSymbols = array();
 484:             $sSymbolsDefault = "/[|!@#$%&*\/=?,;.:\-_+~^¨\\\]/";
 485:             if (isset($cfgPw['symbols_regex']) && !empty($cfgPw['symbols_regex'])) {
 486:                 $sSymbolsDefault = $cfgPw['symbols_regex'];
 487:             }
 488: 
 489:             preg_match_all($sSymbolsDefault, $password, $aSymbols);
 490: 
 491:             if (count($aSymbols[0]) < (int) $cfgPw['symbols_mandatory']) {
 492:                 $iResult = self::PASS_NOT_ENOUGH_SYMBOLS;
 493:             }
 494:         }
 495: 
 496:         // mixed case??
 497:         if ($iResult == self::PASS_OK && isset($cfgPw['mixed_case_mandatory']) && (int) $cfgPw['mixed_case_mandatory'] > 0) {
 498: 
 499:             $aLowerCaseChars = array();
 500:             $aUpperCaseChars = array();
 501: 
 502:             preg_match_all('/[a-z]/', $password, $aLowerCaseChars);
 503:             preg_match_all('/[A-Z]/', $password, $aUpperCaseChars);
 504: 
 505:             if ((count($aLowerCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory']) || (count($aUpperCaseChars[0]) < (int) $cfgPw['mixed_case_mandatory'])) {
 506:                 $iResult = self::PASS_NOT_ENOUGH_MIXED_CHARS;
 507:             }
 508:         }
 509: 
 510:         return $iResult;
 511:     }
 512: 
 513:     /**
 514:      * Encodes a passed password (uses md5 to generate a hash of it).
 515:      *
 516:      * @param string $password
 517:      *         The password to encode
 518:      * @return string
 519:      *         Encoded password
 520:      */
 521:     public function encodePassword($password) {
 522:         return hash("sha256", md5($password) . $this->get("salt"));
 523:     }
 524: 
 525:     /**
 526:      * User defined field value setter.
 527:      *
 528:      * @see Item::setField()
 529:      * @param string $sField
 530:      *         Field name
 531:      * @param string $mValue
 532:      *         Value to set
 533:      * @param bool $bSafe [optional]
 534:      *         Flag to run defined inFilter on passed value
 535:      * @return bool
 536:      */
 537:     public function setField($sField, $mValue, $bSafe = true) {
 538:         if ('perms' === $sField) {
 539:             if (is_array($mValue)) {
 540:                 $mValue = implode(',', $mValue);
 541:             }
 542:         }
 543: 
 544:         return parent::setField($sField, $mValue, $bSafe);
 545:     }
 546: 
 547:     /**
 548:      * Returns user id, currently set.
 549:      *
 550:      * @return string
 551:      */
 552:     public function getUserId() {
 553:         return $this->get('user_id');
 554:     }
 555: 
 556:     /**
 557:      * User id settter.
 558:      * NOTE: Setting the user id by this method will load the user model.
 559:      *
 560:      * @param string $uid
 561:      */
 562:     public function setUserId($uid) {
 563:         $this->loadByPrimaryKey($uid);
 564:     }
 565: 
 566:     /**
 567:      * Checks password which has to be set and return PASS_* values (i.e.
 568:      * on success PASS_OK).
 569:      *
 570:      * @param string $password
 571:      * @return int
 572:      */
 573:     public function setPassword($password) {
 574:         $result = self::checkPasswordMask($password);
 575:         if ($result != self::PASS_OK) {
 576:             return $result;
 577:         }
 578: 
 579:         $encPass = $this->encodePassword($password);
 580: 
 581:         if ($this->get('password') != $encPass) {
 582:             $this->set('password', $encPass);
 583:             $this->set('using_pw_request', '0');
 584:         }
 585: 
 586:         return $result;
 587:     }
 588: 
 589:     /**
 590:      * This method saves the given password $password.
 591:      *
 592:      * The password has to be checked, before it is set to the database.
 593:      *
 594:      * The resulting integer value represents the result code.
 595:      *
 596:      * Use the PASS_* constants to check what happens.
 597:      *
 598:      * @param string $password
 599:      * @return int|bool
 600:      *         PASS_* or false if saving fails
 601:      */
 602:     public function savePassword($password) {
 603:         if ($this->get('password') == $this->encodePassword($password)) {
 604:             return self::PASS_OK;
 605:         }
 606: 
 607:         $result = $this->setPassword($password);
 608: 
 609:         if ($this->store() === false) {
 610:             return false;
 611:         } else {
 612:             return $result;
 613:         }
 614:     }
 615: 
 616:     /**
 617:      * Returns user name, currently set
 618:      *
 619:      * @return string
 620:      */
 621:     public function getUserName() {
 622:         return $this->get('username');
 623:     }
 624: 
 625:     /**
 626:      * Sets up new user name.
 627:      *
 628:      * @param string $sUserName
 629:      */
 630:     public function setUserName($sUserName) {
 631:         if ($this->get('username') != $sUserName) {
 632:             $this->set('username', $sUserName);
 633:         }
 634:     }
 635: 
 636:     /**
 637:      * Getter method to get user realname
 638:      *
 639:      * @return string
 640:      *         Realname of user
 641:      */
 642:     public function getRealName() {
 643:         return $this->get('realname');
 644:     }
 645: 
 646:     /**
 647:      * Returns effective user name (if exists realname , otherwise username)
 648:      *
 649:      * @return string
 650:      *         Realname or username of user
 651:      */
 652:     public function getEffectiveName() {
 653:         $name = trim($this->get('realname'));
 654:         if (strlen($name) == 0) {
 655:             $name = trim($this->get('username'));
 656:         }
 657:         return $name;
 658:     }
 659: 
 660:     /**
 661:      * Getter method to get user mail
 662:      *
 663:      * @return string
 664:      */
 665:     public function getMail() {
 666:         return $this->get('email');
 667:     }
 668: 
 669:     /**
 670:      * Getter method to get user tel number
 671:      *
 672:      * @return string
 673:      */
 674:     public function getTelNumber() {
 675:         return $this->get('telephone');
 676:     }
 677: 
 678:     /**
 679:      * Getter method to get user adress data
 680:      *
 681:      * @return array
 682:      *         Address data array like:
 683:      *         <pre>
 684:      *         $aAddress['street'], $aAddress['city'], $aAddress['country'],
 685:      *         $aAddress['zip']
 686:      *         </pre>
 687:      */
 688:     public function getAddressData() {
 689:         $aret = array(
 690:             'street' => $this->get('address_street'),
 691:             'city' => $this->get('address_city'),
 692:             'country' => $this->get('address_country'),
 693:             'zip' => $this->get('address_zip')
 694:         );
 695: 
 696:         return $aret;
 697:     }
 698: 
 699:     /**
 700:      * Getter method to get user wysi
 701:      *
 702:      * @return int
 703:      */
 704:     public function getUseWysi() {
 705:         return $this->get('wysi');
 706:     }
 707: 
 708:     /**
 709:      * Getter method to get user valid date from-to
 710:      *
 711:      * @return string
 712:      */
 713:     public function getValidDateTo() {
 714:         return $this->get('valid_to');
 715:     }
 716: 
 717:     /**
 718:      * Getter method to get user valid date from-to
 719:      *
 720:      * @return string
 721:      */
 722:     public function getValidDateFrom() {
 723:         return $this->get('valid_from');
 724:     }
 725: 
 726:     /**
 727:      * Getter method to get user perm name
 728:      *
 729:      * @return string
 730:      */
 731:     public function getPerms() {
 732:         return $this->get('perms');
 733:     }
 734: 
 735:     /**
 736:      * Returns list of user permissions.
 737:      *
 738:      * @return array
 739:      */
 740:     public function getPermsArray() {
 741:         return explode(',', $this->get('perms'));
 742:     }
 743: 
 744:     /**
 745:      * Setter method to set user real name
 746:      *
 747:      * @param string $sRealName
 748:      */
 749:     public function setRealName($sRealName) {
 750:         if ($this->get('realname') != $sRealName) {
 751:             $this->set('realname', $sRealName);
 752:         }
 753:     }
 754: 
 755:     /**
 756:      * Setter method to set user mail address
 757:      *
 758:      * @param string $sMail
 759:      */
 760:     public function setMail($sMail) {
 761:         if ($this->get('email') != $sMail) {
 762:             $this->set('email', $sMail);
 763:         }
 764:     }
 765: 
 766:     /**
 767:      * Setter method to set user tel number
 768:      *
 769:      * @param string $sTelNumber
 770:      */
 771:     public function setTelNumber($sTelNumber) {
 772:         if ($this->get('telephone') != $sTelNumber) {
 773:             $this->set('telephone', $sTelNumber);
 774:         }
 775:     }
 776: 
 777:     /**
 778:      * Setter method to set address data
 779:      *
 780:      * @param string $sStreet
 781:      * @param string $sCity
 782:      * @param string $sZip
 783:      * @param string $sCountry
 784:      */
 785:     public function setAddressData($sStreet, $sCity, $sZip, $sCountry) {
 786:         if ($this->get('address_street') != $sStreet) {
 787:             $this->set('address_street', $sStreet);
 788:         }
 789:         if ($this->get('address_city') != $sCity) {
 790:             $this->set('address_city', $sCity);
 791:         }
 792:         if ($this->get('address_zip') != $sZip) {
 793:             $this->set('address_zip', $sZip);
 794:         }
 795:         if ($this->get('address_country') != $sCountry) {
 796:             $this->set('address_country', $sCountry);
 797:         }
 798:     }
 799: 
 800:     /**
 801:      * Sets value for street.
 802:      *
 803:      * @param string $sStreet
 804:      */
 805:     public function setStreet($sStreet) {
 806:         if ($this->get('address_street') != $sStreet) {
 807:             $this->set('address_street', $sStreet);
 808:         }
 809:     }
 810: 
 811:     /**
 812:      * Sets value for city.
 813:      *
 814:      * @param string $sCity
 815:      */
 816:     public function setCity($sCity) {
 817:         if ($this->get('address_city') != $sCity) {
 818:             $this->set('address_city', $sCity);
 819:         }
 820:     }
 821: 
 822:     /**
 823:      * Sets value for ZIP.
 824:      *
 825:      * @param string $sZip
 826:      */
 827:     public function setZip($sZip) {
 828:         if ($this->get('address_zip') != $sZip) {
 829:             $this->set('address_zip', $sZip);
 830:         }
 831:     }
 832: 
 833:     /**
 834:      * Sets value for country.
 835:      *
 836:      * @param string $sCountry
 837:      */
 838:     public function setCountry($sCountry) {
 839:         if ($this->get('address_country') != $sCountry) {
 840:             $this->set('address_country', $sCountry);
 841:         }
 842:     }
 843: 
 844:     /**
 845:      * Setter method to set wysi
 846:      *
 847:      * @param int $iUseWysi
 848:      */
 849:     public function setUseWysi($iUseWysi) {
 850:         if ($this->get('wysi') != $iUseWysi) {
 851:             $this->set('wysi', $iUseWysi);
 852:         }
 853:     }
 854: 
 855:     /**
 856:      * Setter method to set valid_to
 857:      *
 858:      * @todo add type check
 859:      * @param string $sValidateTo
 860:      */
 861:     public function setValidDateTo($sValidateTo) {
 862:         if ('0000-00-00' == $this->get('valid_to') && 0 == strlen(trim($sValidateTo))) {
 863:             return;
 864:         }
 865:         if ($this->get('valid_to') != $sValidateTo) {
 866:             $this->set('valid_to', $sValidateTo);
 867:         }
 868:     }
 869: 
 870:     /**
 871:      * Setter method to set valid_from
 872:      *
 873:      * @todo add type checks
 874:      * @param string $sValidateFrom
 875:      */
 876:     public function setValidDateFrom($sValidateFrom) {
 877:         if ('0000-00-00' == $this->get('valid_from') && 0 == strlen(trim($sValidateFrom))) {
 878:             return;
 879:         }
 880:         if ($this->get('valid_from') != $sValidateFrom) {
 881:             $this->set('valid_from', $sValidateFrom);
 882:         }
 883:     }
 884: 
 885:     /**
 886:      * Setter method to set perms
 887:      *
 888:      * @param array|string $perms
 889:      */
 890:     public function setPerms($perms) {
 891:         if ($this->get('perms') != $perms) {
 892:             $this->set('perms', $perms);
 893:         }
 894:     }
 895: 
 896:     /**
 897:      * Function returns effective perms for user including group rights as perm
 898:      * string.
 899:      *
 900:      * @author Timo Trautmann
 901:      * @return string
 902:      *         Current users permissions
 903:      */
 904:     public function getEffectiveUserPerms() {
 905:         global $perm;
 906: 
 907:         // first get users own permissions and filter them into result array
 908:         // $aUserPerms
 909:         $aUserPerms = array();
 910:         $aUserPermsSelf = explode(',', $this->values['perms']);
 911:         foreach ($aUserPermsSelf as $sPerm) {
 912:             if (trim($sPerm) != '') {
 913:                 $aUserPerms[] = $sPerm;
 914:             }
 915:         }
 916: 
 917:         // get all corresponding groups for this user
 918:         $groups = $perm->getGroupsForUser($this->values['user_id']);
 919: 
 920:         foreach ($groups as $value) {
 921:             // get global group permissions
 922:             $oGroup = new cApiGroup($value);
 923:             $aGroupPerms = $oGroup->getPermsArray();
 924: 
 925:             // add group permissions to $aUserPerms if they were not alredy
 926:             // defined before
 927:             foreach ($aGroupPerms as $sPerm) {
 928:                 if (trim($sPerm) != '' && !in_array($sPerm, $aUserPerms)) {
 929:                     $aUserPerms[] = $sPerm;
 930:                 }
 931:             }
 932:         }
 933:         return implode(',', $aUserPerms);
 934:     }
 935: 
 936:     /**
 937:      * Returns group names where the user is in.
 938:      *
 939:      * @param string $userid [optional]
 940:      *         user id, uses id of loaded user by default.
 941:      * @param bool $bAddDescription [optional]
 942:      *         Flag to add description like "groupname (description)"
 943:      * @return array
 944:      */
 945:     public function getGroupNamesByUserID($userid = NULL, $bAddDescription = true) {
 946:         $userid = (NULL === $userid) ? $this->get('user_id') : $userid;
 947: 
 948:         $aGroups = array();
 949: 
 950:         $oGroupColl = new cApiGroupCollection();
 951:         $groups = $oGroupColl->fetchByUserID($userid);
 952: 
 953:         foreach ($groups as $group) {
 954:             $sTemp = $group->get('groupname');
 955:             $sTemp = substr($sTemp, 4, strlen($sTemp) - 4);
 956: 
 957:             if (true === $bAddDescription) {
 958:                 $sDescription = trim($group->get('description'));
 959:                 if ($sDescription != '') {
 960:                     $sTemp .= ' (' . $sDescription . ')';
 961:                 }
 962:             }
 963: 
 964:             $aGroups[] = $sTemp;
 965:         }
 966: 
 967:         return $aGroups;
 968:     }
 969: 
 970:     /**
 971:      * Returns group ids where the user is in.
 972:      *
 973:      * @param string $userid [optional]
 974:      *         user id, uses id of loaded user by default.
 975:      * @return array
 976:      */
 977:     public function getGroupIDsByUserID($userid) {
 978:         $userid = (NULL === $userid) ? $this->get('user_id') : $userid;
 979: 
 980:         $aGroups = array();
 981: 
 982:         $oGroupColl = new cApiGroupCollection();
 983:         $groups = $oGroupColl->fetchByUserID($userid);
 984: 
 985:         foreach ($groups as $group) {
 986:             $aGroups[] = $group->get('group_id');
 987:         }
 988: 
 989:         return $aGroups;
 990:     }
 991: 
 992:     /**
 993:      * Retrieves the effective user property.
 994:      *
 995:      * @param string $type
 996:      *         Type (class, category etc) for the property to retrieve
 997:      * @param string $name
 998:      *         Name of the property to retrieve
 999:      * @param bool $group [optional]
1000:      *         Flag to search in groups
1001:      * @return string|bool
1002:      *         value of the retrieved property or false
1003:      */
1004:     public function getUserProperty($type, $name, $group = false) {
1005:         global $perm;
1006: 
1007:         if (!is_object($perm)) {
1008:             $perm = new cPermission();
1009:         }
1010: 
1011:         $result = false;
1012: 
1013:         if ($group == true) {
1014:             // first get property by existing groups, if desired
1015:             $groups = $perm->getGroupsForUser($this->values['user_id']);
1016: 
1017:             foreach ($groups as $groupid) {
1018:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
1019:                 $groupProp = $groupPropColl->fetchByGroupIdTypeName($type, $name);
1020:                 if ($groupProp) {
1021:                     $result = $groupProp->get('value');
1022:                 }
1023:             }
1024:         }
1025: 
1026:         // get property of user
1027:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1028:         $userProp = $userPropColl->fetchByUserIdTypeName($type, $name);
1029:         if ($userProp) {
1030:             $result = $userProp->get('value');
1031:         }
1032: 
1033:         return ($result !== false) ? $result : false;
1034:     }
1035: 
1036:     /**
1037:      * Returns all user properties by type.
1038:      *
1039:      * @todo return value should be similar to getUserProperties()
1040:      *
1041:      * @param string $type
1042:      *         Type (class, category etc) of the properties to retrieve
1043:      * @param bool $group [optional]
1044:      *         Flag to retrieve in group properties. If enabled, group
1045:      *         properties will be merged with user properties where the user
1046:      *         poperties will overwrite group properties
1047:      * @return array
1048:      *         Assoziative properties array as follows:
1049:      *         - $arr[name] = value
1050:      */
1051:     public function getUserPropertiesByType($type, $group = false) {
1052:         global $perm;
1053: 
1054:         if (!is_object($perm)) {
1055:             $perm = new cPermission();
1056:         }
1057: 
1058:         $props = array();
1059: 
1060:         if ($group == true) {
1061:             // first get properties by existing groups, if desired
1062:             $groups = $perm->getGroupsForUser($this->values['user_id']);
1063:             foreach ($groups as $groupid) {
1064:                 $groupPropColl = new cApiGroupPropertyCollection($groupid);
1065:                 $groupProps = $groupPropColl->fetchByGroupIdType($type);
1066:                 foreach ($groupProps as $groupProp) {
1067:                     $props[$groupProp->get('name')] = $groupProp->get('value');
1068:                 }
1069:             }
1070:         }
1071: 
1072:         // get properties of user
1073:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1074:         $userProps = $userPropColl->fetchByUserIdType($type);
1075:         foreach ($userProps as $userProp) {
1076:             $props[$userProp->get('name')] = $userProp->get('value');
1077:         }
1078: 
1079:         return $props;
1080:     }
1081: 
1082:     /**
1083:      * Retrieves all available properties of the user.
1084:      *
1085:      * @return array
1086:      *         Return value in new mode is:
1087:      *         - $arr[iduserprop][name]
1088:      *         - $arr[iduserprop][type]
1089:      *         - $arr[iduserprop][value]
1090:      */
1091:     public function getUserProperties() {
1092:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1093:         $userProps = $userPropColl->fetchByUserId();
1094: 
1095:         $props = array();
1096: 
1097:         foreach ($userProps as $userProp) {
1098:             $props[$userProp->get('iduserprop')] = array(
1099:                 'name' => $userProp->get('name'),
1100:                 'type' => $userProp->get('type'),
1101:                 'value' => $userProp->get('value')
1102:             );
1103:         }
1104: 
1105:         return $props;
1106:     }
1107: 
1108:     /**
1109:      * Stores a property to the database
1110:      *
1111:      * @param string $type
1112:      *         Type (class, category etc) for the property to retrieve
1113:      * @param string $name
1114:      *         Name of the property to retrieve
1115:      * @param string $value
1116:      *         Value to insert
1117:      */
1118:     public function setUserProperty($type, $name, $value) {
1119:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1120:         $userProps = $userPropColl->setValueByTypeName($type, $name, $value);
1121:     }
1122: 
1123:     /**
1124:      * Deletes a user property from the table.
1125:      *
1126:      * @param string $type
1127:      *         Type (class, category etc) of property to retrieve
1128:      * @param string $name
1129:      *         Name of property to retrieve
1130:      * @return bool
1131:      */
1132:     public function deleteUserProperty($type, $name) {
1133:         $userPropColl = new cApiUserPropertyCollection($this->values['user_id']);
1134:         return $userPropColl->deleteByUserIdTypeName($type, $name);
1135:     }
1136: 
1137:     /**
1138:      * This static method provides a simple way to get error messages depending
1139:      * on error code $iErrorCode, which is returned by checkPassword* methods.
1140:      *
1141:      * @param int $iErrorCode
1142:      * @return string
1143:      */
1144:     public static function getErrorString($iErrorCode) {
1145:         global $cfg;
1146: 
1147:         $sError = '';
1148: 
1149:         switch ($iErrorCode) {
1150:             case self::PASS_NOT_ENOUGH_MIXED_CHARS:
1151:                 $sError = sprintf(i18n('Please use at least %d lower and upper case characters in your password!'), $cfg['password']['mixed_case_mandatory']);
1152:                 break;
1153:             case self::PASS_NOT_ENOUGH_NUMBERS:
1154:                 $sError = sprintf(i18n('Please use at least %d numbers in your password!'), $cfg['password']['numbers_mandatory']);
1155:                 break;
1156:             case self::PASS_NOT_ENOUGH_SYMBOLS:
1157:                 $sError = sprintf(i18n('Please use at least %d symbols in your password!'), $cfg['password']['symbols_mandatory']);
1158:                 break;
1159:             case self::PASS_TO_SHORT:
1160:                 $sError = sprintf(i18n('Password is too short! Please use at least %d signs.'), ($cfg['password']['min_length'] > 0? $cfg['password']['min_length'] : self::MIN_PASS_LENGTH_DEFAULT));
1161:                 break;
1162:             case self::PASS_NOT_ENOUGH_DIFFERENT_CHARS:
1163:                 $sError = sprintf(i18n('Password does not contain enough different characters.'));
1164:                 break;
1165:             case self::PASS_NOT_STRONG:
1166:                 $sError = i18n('Please choose a more secure password!');
1167:                 break;
1168:             default:
1169:                 $sError = 'I do not really know what has happened. But your password does not match the
1170:                 policies! Please consult your administrator. The error code is #' . $iErrorCode;
1171:         }
1172: 
1173:         return $sError;
1174:     }
1175: }
1176: