MensBeam
/
Arsse
3
1
Fork 0
Code Issues 24 Pull Requests Releases 28 Activity
The clean & modern RSS server that doesn't give you any crap. https://thearsse.com/
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
107 Commits
10 Branches
28 Tags
52 MiB
Tree: 9d5dab249c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '9d5dab249c'
${ noResults }
Arsse/lib/User.php

387 lines
19 KiB
Raw Normal View History

Functioning (but still incomplete) user management
8 years ago
<?php
declare(strict_types=1);
namespace JKingWeb\NewsSync;
class User {
Converted all hard tabs to soft tabs
7 years ago
public $id = null;
protected $data;
protected $u;
protected $authz = true;
protected $authzSupported = 0;
Start on tests for authorization
7 years ago
protected $actor = [];
Converted all hard tabs to soft tabs
7 years ago
static public function listDrivers(): array {
$sep = \DIRECTORY_SEPARATOR;
$path = __DIR__.$sep."User".$sep;
$classes = [];
Reorganize Db namespace; alter User ns to match
7 years ago
foreach(glob($path."*".$sep."Driver.php") as $file) {
$name = basename(dirname($file));
$class = NS_BASE."User\\$name\\Driver";
$classes[$class] = $class::driverName();
Converted all hard tabs to soft tabs
7 years ago
}
return $classes;
}
public function __construct(\JKingWeb\NewsSync\RuntimeData $data) {
$this->data = $data;
$driver = $data->conf->userDriver;
Remove last vestiges of PDO accomodation
7 years ago
$this->u = new $driver($data);
Converted all hard tabs to soft tabs
7 years ago
$this->authzSupported = $this->u->driverFunctions("authorize");
}
public function __toString() {
if($this->id===null) $this->credentials();
return (string) $this->id;
}
Remove authz from User driver; moved to main class
7 years ago
// checks whether the logged in user is authorized to act for the affected user (used especially when granting rights)
function authorize(string $affectedUser, string $action, int $newRightsLevel = 0): bool {
// if authorization checks are disabled (either because we're running the installer or the background updater) just return true
if(!$this->authz) return true;
// if we don't have a logged-in user, fetch credentials
if($this->id===null) $this->credentials();
// if the affected user is the actor and the actor is not trying to grant themselves rights, accept the request
if($affectedUser==$this->data->user->id && $action != "userRightsSet") return true;
// get properties of actor if not already available
if(!sizeof($this->actor)) $this->actor = $this->propertiesGet($this->data->user->id);
$rights =& $this->actor["rights"];
// if actor is a global admin, accept the request
if($rights==User\Driver::RIGHTS_GLOBAL_ADMIN) return true;
// if actor is a common user, deny the request
if($rights==User\Driver::RIGHTS_NONE) return false;
// if actor is not some other sort of admin, deny the request
if(!in_array($rights,[User\Driver::RIGHTS_GLOBAL_MANAGER,User\Driver::RIGHTS_DOMAIN_MANAGER,User\Driver::RIGHTS_DOMAIN_ADMIN],true)) return false;
// if actor is a domain admin/manager and domains don't match, deny the request
if($this->data->conf->userComposeNames && $this->actor["domain"] && $rights != User\Driver::RIGHTS_GLOBAL_MANAGER) {
$test = "@".$this->actor["domain"];
if(substr($affectedUser,-1*strlen($test)) != $test) return false;
}
// certain actions shouldn't check affected user's rights
if(in_array($action, ["userRightsGet","userExists","userList"], true)) return true;
if($action=="userRightsSet") {
// setting rights above your own is not allowed
if($newRightsLevel > $rights) return false;
Full set of tests for authorization Invalid/unknown rights levels still need better testing.
7 years ago
// setting yourself to rights you already have is harmless and can be allowed
if($this->id==$affectedUser && $newRightsLevel==$rights) return true;
// managers can only set their own rights, and only to normal user
if(in_array($rights, [User\Driver::RIGHTS_DOMAIN_MANAGER, User\Driver::RIGHTS_GLOBAL_MANAGER])) {
if($this->id != $affectedUser || $newRightsLevel != User\Driver::RIGHTS_NONE) return false;
return true;
}
Remove authz from User driver; moved to main class
7 years ago
}
$affectedRights = $this->rightsGet($affectedUser);
Full set of tests for authorization Invalid/unknown rights levels still need better testing.
7 years ago
// managers can only act on themselves (checked above) or regular users
if(in_array($rights,[User\Driver::RIGHTS_GLOBAL_MANAGER,User\Driver::RIGHTS_DOMAIN_MANAGER]) && $affectedRights != User\Driver::RIGHTS_NONE) return false;
Cover unknown/invalid user levels
7 years ago
// domain admins canot act above themselves
if(!in_array($affectedRights,[User\Driver::RIGHTS_NONE,User\Driver::RIGHTS_DOMAIN_MANAGER,User\Driver::RIGHTS_DOMAIN_ADMIN])) return false;
Remove authz from User driver; moved to main class
7 years ago
return true;
}
Converted all hard tabs to soft tabs
7 years ago
public function credentials(): array {
if($this->data->conf->userAuthPreferHTTP) {
return $this->credentialsHTTP();
} else {
return $this->credentialsForm();
}
}
public function credentialsForm(): array {
// FIXME: stub
$this->id = "john.doe@example.com";
return ["user" => "john.doe@example.com", "password" => "secret"];
}
public function credentialsHTTP(): array {
if($_SERVER['PHP_AUTH_USER']) {
$out = ["user" => $_SERVER['PHP_AUTH_USER'], "password" => $_SERVER['PHP_AUTH_PW']];
} else if($_SERVER['REMOTE_USER']) {
$out = ["user" => $_SERVER['REMOTE_USER'], "password" => ""];
} else {
$out = ["user" => "", "password" => ""];
}
if($this->data->conf->userComposeNames && $out["user"] != "") {
$out["user"] = $this->composeName($out["user"]);
}
$this->id = $out["user"];
return $out;
}
public function auth(string $user = null, string $password = null): bool {
if($user===null) {
if($this->data->conf->userAuthPreferHTTP) return $this->authHTTP();
return $this->authForm();
} else {
Start on tests for authorization
7 years ago
$this->id = $user;
Full set of tests for authorization Invalid/unknown rights levels still need better testing.
7 years ago
$this->actor = [];
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
switch($this->u->driverFunctions("auth")) {
case User\Driver::FUNC_EXTERNAL:
$out = $this->u->auth($user, $password);
if($out && !$this->data->db->userExists($user)) $this->autoProvision($user, $password);
return $out;
case User\Driver::FUNC_INTERNAL:
return $this->u->auth($user, $password);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
return false;
Converted all hard tabs to soft tabs
7 years ago
}
}
}
public function authForm(): bool {
$cred = $this->credentialsForm();
if(!$cred["user"]) return $this->challengeForm();
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
if(!$this->auth($cred["user"], $cred["password"])) return $this->challengeForm();
Converted all hard tabs to soft tabs
7 years ago
return true;
}
public function authHTTP(): bool {
$cred = $this->credentialsHTTP();
if(!$cred["user"]) return $this->challengeHTTP();
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
if(!$this->auth($cred["user"], $cred["password"])) return $this->challengeHTTP();
Converted all hard tabs to soft tabs
7 years ago
return true;
}
public function driverFunctions(string $function = null) {
return $this->u->driverFunctions($function);
}
public function list(string $domain = null): array {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userList";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if($domain===null) {
if(!$this->authorize("@".$domain, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $domain]);
} else {
if(!$this->authorize("", $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => "all users"]);
}
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userList($domain);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $domain]);
Converted all hard tabs to soft tabs
7 years ago
}
}
public function authorizationEnabled(bool $setting = null): bool {
if($setting===null) return $this->authz;
$this->authz = $setting;
return $setting;
}
public function exists(string $user): bool {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userExists";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userExists($user);
Added synthetic tests for external User drivers Fixed two typos in external driver handling
7 years ago
if($out && !$this->data->db->userExists($user)) $this->autoProvision($user, "");
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userExists($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// throwing an exception here would break all kinds of stuff; we just report that the user exists
return true;
Converted all hard tabs to soft tabs
7 years ago
}
}
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
public function add($user, $password = null): string {
$func = "userAdd";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$newPassword = $this->u->userAdd($user, $password);
// if there was no exception and we don't have the user in the internal database, add it
if(!$this->data->db->userExists($user)) $this->autoProvision($user, $newPassword);
return $newPassword;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userAdd($user, $password);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
Converted all hard tabs to soft tabs
7 years ago
}
}
public function remove(string $user): bool {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userRemove";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userRemove($user);
if($out && $this->data->db->userExists($user)) {
// if the user was removed and we have it in our data, remove it there
if(!$this->data->db->userExists($user)) $this->data->db->userRemove($user);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRemove($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
Converted all hard tabs to soft tabs
7 years ago
}
}
More User tests and resultant fixes
7 years ago
public function passwordSet(string $user, string $newPassword = null, $oldPassword = null): string {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userPasswordSet";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userPasswordSet($user, $newPassword, $oldPassword);
if($this->data->db->userExists($user)) {
// if the password change was successful and the user exists, set the internal password to the same value
$this->data->db->userPasswordSet($user, $out);
} else {
// if the user does not exists in the internal database, create it
$this->autoProvision($user, $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userPasswordSet($user, $newPassword);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
Converted all hard tabs to soft tabs
7 years ago
}
}
public function propertiesGet(string $user): array {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
// prepare default values
Converted all hard tabs to soft tabs
7 years ago
$domain = null;
if($this->data->conf->userComposeNames) $domain = substr($user,strrpos($user,"@")+1);
$init = [
"id" => $user,
"name" => $user,
"rights" => User\Driver::RIGHTS_NONE,
"domain" => $domain
];
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userPropertiesGet";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = array_merge($init, $this->u->userPropertiesGet($user));
// remove password if it is return (not exhaustive, but...)
if(array_key_exists('password', $out)) unset($out['password']);
// if the user does not exist in the internal database, add it
if(!$this->data->db->userExists($user)) $this->autoProvision($user, "", $out);
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return array_merge($init, $this->u->userPropertiesGet($user));
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// we can return generic values if the function is not implemented
return $init;
Converted all hard tabs to soft tabs
7 years ago
}
}
public function propertiesSet(string $user, array $properties): array {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
// remove from the array any values which should be set specially
Last of the basic tests for the User class
7 years ago
foreach(['id', 'domain', 'password', 'rights'] as $key) {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
if(array_key_exists($key, $properties)) unset($properties[$key]);
}
$func = "userPropertiesSet";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userPropertiesSet($user, $properties);
if($this->data->db->userExists($user)) {
// if the property change was successful and the user exists, set the internal properties to the same values
Added synthetic tests for external User drivers Fixed two typos in external driver handling
7 years ago
$this->data->db->userPropertiesSet($user, $out);
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
} else {
// if the user does not exists in the internal database, create it
$this->autoProvision($user, "", $out);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userPropertiesSet($user, $properties);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
Converted all hard tabs to soft tabs
7 years ago
}
}
public function rightsGet(string $user): int {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userRightsGet";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userRightsGet($user);
// if the user does not exist in the internal database, add it
if(!$this->data->db->userExists($user)) $this->autoProvision($user, "", null, $out);
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRightsGet($user);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
// assume all users are unprivileged
return User\Driver::RIGHTS_NONE;
Converted all hard tabs to soft tabs
7 years ago
}
}
public function rightsSet(string $user, int $level): bool {
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$func = "userRightsSet";
switch($this->u->driverFunctions($func)) {
case User\Driver::FUNC_EXTERNAL:
// we handle authorization checks for external drivers
if(!$this->authorize($user, $func)) throw new User\ExceptionAuthz("notAuthorized", ["action" => $func, "user" => $user]);
$out = $this->u->userRightsSet($user, $level);
// if the user does not exist in the internal database, add it
if($out && $this->data->db->userExists($user)) {
$authz = $this->authorizationEnabled();
$this->authorizationEnabled(false);
$this->data->db->userRightsSet($user, $level);
$this->authorizationEnabled($authz);
} else if($out) {
$this->autoProvision($user, "", null, $level);
}
return $out;
case User\Driver::FUNC_INTERNAL:
// internal functions handle their own authorization
return $this->u->userRightsSet($user, $level);
case User\Driver::FUNCT_NOT_IMPLEMENTED:
throw new User\ExceptionNotImplemented("notImplemented", ["action" => $func, "user" => $user]);
Converted all hard tabs to soft tabs
7 years ago
}
}
// FIXME: stubs
public function challenge(): bool {throw new User\Exception("authFailed");}
public function challengeForm(): bool {throw new User\Exception("authFailed");}
public function challengeHTTP(): bool {throw new User\Exception("authFailed");}
protected function composeName(string $user): string {
if(preg_match("/.+?@[^@]+$/",$user)) {
return $user;
} else {
return $user."@".$_SERVER['HTTP_HOST'];
}
}
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
protected function autoProvision(string $user, string $password = null, array $properties = null, int $rights = 0): string {
// temporarily disable authorization checks, to avoid potential problems
$authz = $this->authorizationEnabled();
$this->authorizationEnabled(false);
// create the user
$out = $this->data->db->userAdd($user, $password);
// set the user rights
Last of the basic tests for the User class
7 years ago
$this->data->db->userRightsSet($user, $rights);
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
// set the user properties...
if($properties===null) {
// if nothing is provided but the driver uses an external function, try to get the current values from the external source
try {
if($this->u->driverFunctions("userPropertiesGet")==User\Driver::FUNC_EXTERNAL) $this->data->db->userPropertiesSet($user, $this->u->userPropertiesGet($user));
} catch(\Throwable $e) {}
} else {
// otherwise if values are provided, use those
$this->data->db->userPropertiesSet($user, $properties);
Converted all hard tabs to soft tabs
7 years ago
}
Last of the basic tests for the User class
7 years ago
// re-enable authorization and return
Complete rewrite of User class and other changes - User-related database methods will now throw User\Exception upon errors - Internal userAdd method can now generate random passwords - Pursuant to above, dependency on password genrator has been added, and password-related methods now return strings instead of booleans - User class methods now all explicitly follow different branches for internal/external/missing implementations - various User class methods now perform auto-provisioning of the internal database when external implementations report success on users not in the database - Tests have been adjusted to account for the above changes - Lots is probably still broken
7 years ago
$this->authorizationEnabled($authz);
return $out;
Converted all hard tabs to soft tabs
7 years ago
}
Functioning (but still incomplete) user management
8 years ago
}