Core  3.2
PHP API documentation
 All Data Structures Namespaces Files Functions Variables Pages
Class.UserAccount.php
Go to the documentation of this file.
1 <?php
2 /*
3  * @author Anakeen
4  * @package FDL
5 */
6 /**
7  * User account document
8  *
9  */
10 namespace Dcp\Core;
11 use Dcp\AttributeIdentifiers\Iuser as MyAttributes;
12 /**
13  * Class UserAccount
14  * @method \Account getAccount($a=false)
15  * @method array getSystemIds($a)
16  * @method string setGroups
17  */
18 class UserAccount extends \Dcp\Family\Document implements \IMailRecipient
19 {
20 
21  public $wuser;
22  var $eviews = array(
23  "USERCARD:CHOOSEGROUP"
24  );
25  var $defaultview = "FDL:VIEWBODYCARD";
26  var $defaultedit = "FDL:EDITBODYCARD";
27  function preRefresh()
28  {
29  $err = parent::preRefresh();
30 
31  if ($this->getRawValue("US_STATUS") == 'D') $err.= ($err == "" ? "" : "\n") . _("user is deactivated");
32 
33  $iduser = $this->getRawValue("US_WHATID");
34  if ($iduser > 0) {
35  $user = $this->getAccount();
36  if (!$user->isAffected()) return sprintf(_("user #%d does not exist") , $iduser);
37  } else {
38  if ($this->getRawValue("us_login") != '-') $err = _("user has not identificator");
39  /**
40  * @var \NormalAttribute $oa
41  */
42  $oa = $this->getAttribute("us_passwd1");
43  if ($oa) $oa->needed = true;
44  /**
45  * @var \NormalAttribute $oa
46  */
47  $oa = $this->getAttribute("us_passwd2");
48  if ($oa) $oa->needed = true;
49  $oa = $this->getAttribute("us_tab_system");
50  $oa->setOption("firstopen", "yes");
51  }
52  $this->updateIncumbents();
53  return $err;
54  }
55  public function updateIncumbents()
56  {
57  $u = $this->getAccount();
58  if ($u) {
59  $this->setValue("us_incumbents", $u->getIncumbents(false));
60  }
61  }
62  /**
63  * test if the document can be set in LDAP
64  */
65  function canUpdateLdapCard()
66  {
67  return ($this->getRawValue("US_STATUS") != 'D');
68  }
69 
70  public function preUndelete()
71  {
72  return _("user cannot be revived");
73  }
74  /**
75  * get all direct group document identificators of the isuser
76  * @return array of group document id, the index of array is the system identifier
77  */
78  public function getUserGroups()
79  {
80  $err = simpleQuery($this->dbaccess, sprintf("SELECT id, fid from users, groups where groups.iduser=%d and users.id = groups.idgroup;", $this->getRawValue("us_whatid")) , $groupIds, false, false);
81  if (!$err) {
82  $gids = array();
83  foreach ($groupIds as $gid) {
84  $gids[$gid["id"]] = $gid["fid"];
85  }
86  return $gids;
87  }
88  return null;
89  }
90  /**
91  * return all direct group and parent group document identificators of $gid
92  * @param string $gid systeme identifier group or users
93  * @return array
94  */
95  protected function getAscendantGroup($gid)
96  {
97  $groupIds = array();
98  if ($gid > 0) {
99  simpleQuery($this->dbaccess, sprintf("SELECT id, fid from users, groups where groups.iduser=%d and users.id = groups.idgroup;", $gid) , $groupIds, false, false);
100  $gids = array(); // current level
101  $pgids = array(); // fathers
102  foreach ($groupIds as $gid) {
103  $gids[$gid["id"]] = $gid["fid"];
104  }
105 
106  foreach ($gids as $systemGid => $docGid) {
107  $pgids+= $this->getAscendantGroup($systemGid);
108  }
109  $groupIds = $gids + $pgids;
110  }
111  return $groupIds;
112  }
113  /**
114  * get all direct group and parent group document identificators of the isuser
115  * @return int[] of group document id the index of array is the system identifier
116  */
117  public function getAllUserGroups()
118  {
119  return $this->getAscendantGroup($this->getRawValue("us_whatid"));
120  }
121  /**
122  * Refresh folder parent containt
123  */
124  function refreshParentGroup()
125  {
126  $tgid = $this->getMultipleRawValues("US_IDGROUP");
127  foreach ($tgid as $gid) {
128  /**
129  * @var \Dcp\Family\Igroup $gdoc
130  */
131  $gdoc = new_Doc($this->dbaccess, $gid);
132  if ($gdoc->isAlive()) {
133  $gdoc->insertGroups();
134  }
135  }
136  }
137  /**
138  * recompute intranet values from USER database
139  */
140  function refreshDocUser()
141  {
142 
143  $err = "";
144  $wid = $this->getRawValue("us_whatid");
145  if ($wid > 0) {
146  $wuser = $this->getAccount(true);
147 
148  if ($wuser->isAffected()) {
149  $this->SetValue(MyAttributes::us_whatid, $wuser->id);
150  $this->SetValue(MyAttributes::us_lname, $wuser->lastname);
151  $this->SetValue(MyAttributes::us_fname, $wuser->firstname);
152  $this->SetValue(MyAttributes::us_passwd1, " ");
153  $this->SetValue(MyAttributes::us_passwd2, " ");
154  $this->SetValue(MyAttributes::us_login, $wuser->login);
155  $this->SetValue(MyAttributes::us_status, $wuser->status);
156  $this->SetValue(MyAttributes::us_passdelay, $wuser->passdelay);
157  $this->SetValue(MyAttributes::us_expires, $wuser->expires);
158  $this->SetValue(MyAttributes::us_daydelay, $wuser->passdelay / 3600 / 24);
159  if ($wuser->substitute > 0) {
160  $this->setValue(MyAttributes::us_substitute, $wuser->getFidFromUid($wuser->substitute));
161  } else {
162  $this->clearValue(MyAttributes::us_substitute);
163  }
164 
165  $rolesIds = $wuser->getRoles(false);
166  $this->clearArrayValues("us_t_roles");
167  $this->SetValue("us_roles", $rolesIds);
168 
169  $mail = $wuser->getMail();
170  if (!$mail) {
171  $this->clearValue(MyAttributes::us_extmail);
172  $this->clearValue(MyAttributes::us_mail);
173  } else {
174  $this->SetValue(MyAttributes::us_mail, $mail);
175  $this->SetValue(MyAttributes::us_extmail, $mail);
176  }
177 
178  if ($wuser->passdelay <> 0) {
179  $this->SetValue(MyAttributes::us_expiresd, strftime("%Y-%m-%d", $wuser->expires));
180  $this->SetValue(MyAttributes::us_expirest, strftime("%H:%M", $wuser->expires));
181  } else {
182  $this->SetValue(MyAttributes::us_expiresd, " ");
183  $this->SetValue(MyAttributes::us_expirest, " ");
184  }
185  // search group of the user
186  $g = new \Group("", $wid);
187  $tgid = array();
188  $tgtitle = array();
189  if (count($g->groups) > 0) {
190  $gt = new \Account($this->dbaccess);
191  foreach ($g->groups as $gid) {
192  $gt->select($gid);
193  $tgid[] = $gt->fid;
194  $tgtitle[] = $this->getTitle($gt->fid);
195  }
196  $this->clearArrayValues(MyAttributes::us_groups);
197  $this->SetValue(MyAttributes::us_idgroup, $tgid);
198  $this->SetValue(MyAttributes::us_group, $tgtitle);
199  } else {
200  $this->clearArrayValues(MyAttributes::us_groups);
201  }
202  $err = $this->modify();
203  } else {
204  $err = sprintf(_("user %d does not exist") , $wid);
205  }
206  }
207 
208  return $err;
209  }
210  /**
211  * affect to default group
212  */
213  function setToDefaultGroup()
214  {
215  $grpid = $this->getFamilyParameterValue("us_defaultgroup");
216  $err = '';
217  if ($grpid) {
218  /**
219  * @var \Dcp\Family\Igroup $grp
220  */
221  $grp = new_doc($this->dbaccess, $grpid);
222  if ($grp->isAlive()) {
223  $err = $grp->insertDocument($this->initid);
224  }
225  }
226  return $err;
227  }
228 
229  function postCreated()
230  {
231  $err = "";
232  /**
233  * @var \Action $action
234  */
235  global $action;
236  $ed = floatval($action->getParam("AUTHENT_ACCOUNTEXPIREDELAY"));
237  if ($ed > 0) {
238  $expdate = time() + ($ed * 24 * 3600);
239  $err = $this->SetValue("us_accexpiredate", strftime("%Y-%m-%d 00:00:00", $expdate));
240  if ($err == '') $err = $this->modify(true, array(
241  "us_accexpiredate"
242  ) , true);
243  }
244 
245  return $err;
246  }
247  /**
248  * update/synchro system user
249  */
250  public function postStore()
251  {
252  $err = $this->synchronizeSystemUser();
253  if (!$err) $this->refreshRoles();
254  return $err;
255  }
256  /**
257  * @deprecated use postStore() instead
258  * @return string
259  */
260  public function postModify()
261  {
262  deprecatedFunction();
263  return self::postStore();
264  }
265  /**
266  * Modify system account from document IUSER
267  */
268  function synchronizeSystemUser()
269  {
270  $err = '';
271  $lname = $this->getRawValue("us_lname");
272  $fname = $this->getRawValue("us_fname");
273  $pwd1 = $this->getRawValue("us_passwd1");
274  $pwd2 = $this->getRawValue("us_passwd2");
275  $daydelay = $this->getRawValue("us_daydelay");
276  if ($daydelay == - 1) $passdelay = $daydelay;
277  else $passdelay = intval($daydelay) * 3600 * 24;
278  $status = $this->getRawValue("us_status");
279  $login = $this->getRawValue("us_login");
280  $substitute = $this->getRawValue("us_substitute");
281  $allRoles = $this->getArrayRawValues("us_t_roles");
282  $extmail = $this->getRawValue("us_extmail", " ");
283 
284  if ($login != "-") {
285  // compute expire for epoch
286  $expiresd = $this->getRawValue("us_expiresd");
287  $expirest = $this->getRawValue("us_expirest", "00:00");
288  //convert date
289  $expdate = $expiresd . " " . $expirest . ":00";
290  $expires = 0;
291  if ($expdate != "") {
292  if (preg_match("|([0-9][0-9])/([0-9][0-9])/(2[0-9][0-9][0-9]) ([0-2][0-9]):([0-5][0-9]):([0-5][0-9])|", $expdate, $reg)) {
293  $expires = mktime($reg[4], $reg[5], $reg[6], $reg[2], $reg[1], $reg[3]);
294  } else if (preg_match("|(2[0-9][0-9][0-9])-([0-9][0-9])-([0-9][0-9]) ([0-2][0-9]):([0-5][0-9]):([0-5][0-9])|", $expdate, $reg)) {
295  $expires = mktime($reg[4], $reg[5], $reg[6], $reg[2], $reg[3], $reg[1]);
296  }
297  }
298 
299  $fid = $this->id;
300  $newuser = false;
301  $user = $this->getAccount();
302  if (!$user) {
303  $user = new \Account(""); // create new user
304  $this->wuser = & $user;
305  $newuser = true;
306  }
307  // get direct system role ids
308  $roles = array();
309  foreach ($allRoles as $arole) {
310  if ($arole["us_rolesorigin"] != "group") $roles[] = $arole["us_roles"];
311  }
312  $roleIds = $this->getSystemIds($roles);
313  // perform update system User table
314  if ($substitute) $substitute = $this->getDocValue($substitute, "us_whatid");
315  $err.= $user->updateUser($fid, $lname, $fname, $expires, $passdelay, $login, $status, $pwd1, $pwd2, $extmail, $roleIds, $substitute);
316  if ($err == "") {
317  if ($user) {
318  $this->setValue(MyAttributes::us_whatid, $user->id);
319  $this->setValue(MyAttributes::us_meid, $this->id);
320 
321  $this->modify(false, array(
322  MyAttributes::us_whatid,
323  MyAttributes::us_meid
324  ));
325  $err = $this->setGroups(); // set groups (add and suppress) may be long
326  if ($newuser) $err.= $this->setToDefaultGroup();
327  }
328  }
329 
330  if ($err == "") {
331  $err = $this->RefreshDocUser(); // refresh from core database
332  // $this->refreshParentGroup();
333  $errldap = $this->RefreshLdapCard();
334  if ($errldap != "") AddWarningMsg($errldap);
335  }
336  } else {
337  // tranfert extern mail if no login specified yet
338  if ($this->getRawValue("us_login") == "-") {
339  $email = $this->getRawValue("us_extmail");
340  if (($email != "") && ($email[0] != "<")) $this->setValue("us_mail", $email);
341  else $this->clearValue("us_mail");
342  }
343  }
344 
345  $this->setValue("US_LDAPDN", $this->getLDAPValue("dn", 1));
346  return $err;
347  }
348 
349  function PostDelete()
350  {
351  parent::PostDelete();
352 
353  $user = $this->getAccount();
354  if ($user) $user->Delete();
355  }
356  /**
357  * Do not call ::setGroup if its import
358  * called only in initialisation
359  * @param array $extra
360  * @return string|void
361  */
362  function preImport(array $extra = array())
363  {
364  if ($this->id > 0) {
365  global $_POST;
366  $_POST["gidnew"] = "N";
367  }
368  }
369 
370  public function preconsultation()
371  {
372  $this->refreshRoles();
373  }
374  public function preEdition()
375  {
376  $allRoles = $this->getArrayRawValues("us_t_roles");
377  $this->clearArrayValues("us_t_roles");
378  // get direct system role ids
379  $roles = array();
380  foreach ($allRoles as $arole) {
381  if ($arole["us_rolesorigin"] != "group") $roles[] = $arole["us_roles"];
382  }
383  $this->setValue("us_roles", $roles);
384 
385  if ($this->getRawValue("us_whatid") == \Account::ANONYMOUS_ID) {
386  // Anonymous has no password
387  $passFrame=$this->getAttribute("us_passwd1");
388  if ($passFrame) {
389  $passFrame->setVisibility("H");
390  }
391  $passFrame=$this->getAttribute("us_passwd2");
392  if ($passFrame) {
393  $passFrame->setVisibility("H");
394  }
395  }
396  }
397  /**
398  * recompute role attributes from system role
399  */
400  public function refreshRoles()
401  {
402  $u = $this->getAccount();
403  if (!$u) return;
404  $directRoleIds = $u->getRoles();
405  $allParents = $u->getUserParents();
406  $allRoles = $allGroup = array();
407  foreach ($allParents as $aParent) {
408  if ($aParent["accounttype"] == \Account::ROLE_TYPE) $allRoles[] = $aParent;
409  else $allGroup[] = $aParent;
410  }
411 
412  $this->clearArrayValues("us_t_roles");
413  foreach ($allRoles as $role) {
414  if (in_array($role["id"], $directRoleIds)) {
415  $group = '';
416  $status = 'internal';
417  $this->addArrayRow("us_t_roles", array(
418  "us_roles" => $role["fid"],
419  "us_rolesorigin" => $status,
420  "us_rolegorigin" => $group
421  ));
422  }
423 
424  $rid = $role["id"];
425  $tgroup = array();
426  foreach ($allGroup as $aGroup) {
427  simpleQuery($this->dbaccess, sprintf("select idgroup from groups where iduser=%d and idgroup=%d", $aGroup["id"], $rid) , $gr);
428  if ($gr) {
429  $tgroup[] = $aGroup["fid"];
430  }
431  }
432  if ($tgroup) {
433  $status = 'group';
434  $group = implode('<BR>', $tgroup);
435  $this->addArrayRow("us_t_roles", array(
436  "us_roles" => $role["fid"],
437  "us_rolesorigin" => $status,
438  "us_rolegorigin" => $group
439  ));
440  }
441  }
442  }
443  /**
444  * return main mail address in RFC822 format
445  * @param bool $rawmail if true only system amil address else add also display name
446  * @return string
447  */
448  public function getMail($rawmail = false)
449  {
450  $wu = $this->getAccount();
451  if ($wu && $wu->isAffected()) {
452  return $wu->getMail($rawmail);
453  }
454  return '';
455  }
456  /**
457  * return main mail address in a user-friendly representation
458  * (by default we return the getMail() address, and it's up to the
459  * descendant to override it and implement it's own user-friendly
460  * representation)
461  * @return string
462  */
463  public function getMailTitle()
464  {
465  return $this->getMail();
466  }
467  /**
468  * return crypted password
469  * @return string
470  */
471  public function getCryptPassword()
472  {
473  $wu = $this->getAccount();
474  if ($wu && $wu->isAffected()) {
475  return $wu->password;
476  }
477  return '';
478  }
479  function constraintPassword($pwd1, $pwd2, $login)
480  {
481  if ($this->testForcePassword($pwd1)) return '';
482  $sug = array();
483  $err = "";
484 
485  if ($pwd1 <> $pwd2) {
486  $err = _("the 2 passwords are not the same");
487  } else if (($pwd1 == "") && ($this->getRawValue("us_whatid") == "")) {
488  if ($login != "-") $err = _("passwords must not be empty");
489  }
490 
491  return array(
492  "err" => $err,
493  "sug" => $sug
494  );
495  }
496  public function testForcePassword($pwd)
497  {
498  $minLength = intval(getParam("AUTHENT_PWDMINLENGTH"));
499  $minDigitLength = intval(getParam("AUTHENT_PWDMINDIGITLENGTH"));
500  $minUpperLength = intval(getParam("AUTHENT_PWDMINUPPERALPHALENGTH"));
501  $minLowerLength = intval(getParam("AUTHENT_PWDMINLOWERALPHALENGTH"));
502  $minSymbolLength = intval(getParam("AUTHENT_PWDMINSYMBOLLENGTH"));
503 
504  if (preg_match('/[\p{C}]/u', $pwd)) {
505  return _("Control characters are not allowed");
506  }
507 
508  $msg = sprintf(_("Your password is not secure."));
509  if ($minLength > 0) $msg.= "\n " . sprintf(_("It must contains at least %d characters (total length)") , $minLength);
510  if ($minDigitLength + $minUpperLength + $minLowerLength + $minSymbolLength > 0) $msg.= " " . sprintf(_("with these conditions"));
511  if ($minDigitLength) {
512  if ($minDigitLength > 1) $msg.= "\n - " . sprintf(_("at least %d digits") , $minDigitLength);
513  else $msg.= "\n - " . sprintf(_("at least one digit"));
514  }
515  if ($minUpperLength) {
516  if ($minUpperLength > 1) $msg.= "\n - " . sprintf(_("at least %d uppercase alpha characters") , $minUpperLength);
517  else $msg.= "\n - " . sprintf(_("at least one uppercase alpha character"));
518  }
519  if ($minLowerLength) {
520  if ($minLowerLength > 1) $msg.= "\n - " . sprintf(_("at least %d lowercase alpha characters") , $minLowerLength);
521  else $msg.= "\n - " . sprintf(_("at least one lowercase alpha character"));
522  }
523  if ($minSymbolLength) {
524  if ($minSymbolLength > 1) $msg.= "\n - " . sprintf(_("at least %d symbol characters") , $minSymbolLength);
525  else $msg.= "\n - " . sprintf(_("at least one symbol character"));
526  }
527  if (mb_strlen($pwd) < $minLength) {
528  $err = _("Not enough characters.") . "\n";
529  return nl2br($err . $msg);
530  }
531  $alphanum = 0;
532 
533  if ($minDigitLength) {
534  preg_match_all('/[0-9]/', $pwd, $matches);
535  $alphanum+= count($matches[0]);
536  if (count($matches[0]) < $minDigitLength) {
537  $err = _("Not enough digits.") . "\n";
538  return nl2br($err . $msg);
539  }
540  }
541  if ($minUpperLength) {
542  preg_match_all('/[\p{Lu}]/u', $pwd, $matches);
543  $alphanum+= count($matches[0]);
544  if (count($matches[0]) < $minUpperLength) {
545  $err = _("Not enough uppercase characters.") . "\n";
546  return nl2br($err . $msg);
547  }
548  }
549  if ($minLowerLength) {
550  preg_match_all('/[\p{Ll}]/u', $pwd, $matches);
551  $alphanum+= count($matches[0]);
552  if (count($matches[0]) < $minLowerLength) {
553  $err = _("Not enough lowercase characters.") . "\n";
554  return nl2br($err . $msg);
555  }
556  }
557  if ($minSymbolLength) {
558  if ((mb_strlen($pwd) - $alphanum) < $minSymbolLength) {
559  $err = _("Not enough special characters.") . "\n";
560  return nl2br($err . $msg);
561  }
562  }
563  return '';
564  }
565  /**
566  * Constraint to verify expiration data
567  * @param $expiresd
568  * @param $expirest
569  * @param $daydelay
570  * @return array
571  */
572  function constraintExpires($expiresd, $expirest, $daydelay)
573  {
574  $err = '';
575  $sug = array();
576  if (($expiresd <> "") && ($daydelay == 0)) {
577  $err = _("Expiration delay must not be 0 to keep expiration date");
578  }
579 
580  return array(
581  "err" => $err,
582  "sug" => $sug
583  );
584  }
585  /**
586  * @templateController
587  * @param string $target
588  * @param bool $ulink
589  * @param string $abstract
590  */
591  function editlikeperson($target = "finfo", $ulink = true, $abstract = "Y")
592  {
593  global $action;
594 
595  $this->lay = new \Layout(getLayoutFile("FDL", "editbodycard.xml") , $action);
596 
597  $this->attributes->attr['us_tab_system']->visibility = 'R';
598  $this->attributes->attr['us_fr_userchange']->visibility = 'R';
599  $this->ApplyMask();
600 
601  $this->attributes->attr['us_extmail']->mvisibility = 'W';
602  $this->attributes->attr['us_extmail']->fieldSet = $this->attributes->attr['us_fr_coord'];
603  $this->attributes->attr['us_extmail']->ordered = $this->attributes->attr['us_pphone']->ordered - 1;
604  $this->attributes->orderAttributes();
605 
606  $this->editbodycard($target, $ulink, $abstract);
607  }
608  /**
609  * interface to only modify name and password
610  * @templateController
611  */
612  function editchangepassword()
613  {
614  $this->viewprop();
615  $this->editattr(false);
616  }
617  /**
618  * Set/change user password
619  * @param string $password password to crypt
620  * @return string
621  */
622  function setPassword($password)
623  {
624  $idwuser = $this->getRawValue("US_WHATID");
625 
626  $wuser = $this->getAccount();
627  if (!$wuser->isAffected()) {
628  return sprintf(_("user #%d does not exist") , $idwuser);
629  }
630  // Change what user password
631  $wuser->password_new = $password;
632  $err = $wuser->modify();
633  if ($err != "") {
634  return $err;
635  }
636 
637  return "";
638  }
639  /**
640  * Increase login failure count
641  */
642  function increaseLoginFailure()
643  {
644  if ($this->getRawValue("us_whatid") == 1) return ""; // it makes non sense for admin
645  $lf = intval($this->getRawValue("us_loginfailure", 0)) + 1;
646  $err = $this->SetValue("us_loginfailure", $lf);
647  if ($err == "") {
648  $this->modify(false, array(
649  "us_loginfailure"
650  ) , false);
651  }
652  return "";
653  }
654  /**
655  * Reset login failure count
656  * @apiExpose
657  */
658  function resetLoginFailure()
659  {
660  if ($this->getRawValue("us_whatid") == 1) return ""; // it makes non sense for admin
661  $err = $this->canEdit();
662  if ($err == '') {
663  if (intval($this->getRawValue("us_loginfailure")) > 0) {
664  $err = $this->setValue("us_loginfailure", 0);
665  if ($err == "") {
666  $err = $this->modify(false, array(
667  "us_loginfailure"
668  ) , false);
669  }
670  }
671  }
672  return $err;
673  }
674  /**
675  * the incumbent account documents cannot be modified by susbtitutes
676  * @param string $aclname
677  * @param bool $strict
678  * @return string
679  */
680  public function control($aclname, $strict = false)
681  {
682  $u = $this->getAccount();
683  if ($u && ($u->substitute == $this->getSystemUserId())) {
684  return parent::control($aclname, true);
685  } else {
686  return parent::control($aclname, $strict);
687  }
688  }
689  /**
690  * Security menus visibilities
691  */
692  function menuResetLoginFailure()
693  {
694  // Do not show the menu if the user has no FUSERS privileges
695  global $action;
696  if (!$action->parent->hasPermission('FUSERS', 'FUSERS')) {
697  return MENU_INVISIBLE;
698  }
699  // Do not show the menu if the user has no edit rights on the document
700  if ($this->canEdit() != '') {
701  return MENU_INVISIBLE;
702  }
703  // Do not show the menu on the 'admin' user
704  if ($this->getRawValue('us_whatid') == 1) {
705  return MENU_INVISIBLE;
706  }
707  // Do not show the menu if the account had no failures
708  if ($this->getRawValue("us_loginfailure") <= 0) {
709  return MENU_INVISIBLE;
710  }
711  return MENU_ACTIVE;
712  }
713  function menuActivateAccount()
714  {
715  // Do not show the menu if the user has no FUSERS privileges
716  global $action;
717  if (!$action->parent->hasPermission('FUSERS', 'FUSERS')) {
718  return MENU_INVISIBLE;
719  }
720  // Do not show the menu if the user has no edit rights on the document
721  if ($this->canEdit() != '') {
722  return MENU_INVISIBLE;
723  }
724  // Do not show the menu on the 'admin' user
725  if ($this->getRawValue('us_whatid') == 1) {
726  return MENU_INVISIBLE;
727  }
728  // Do not show the menu if the account is already active
729  if ($this->getRawValue('us_status', 'A') == 'A') {
730  return MENU_INVISIBLE;
731  }
732  return MENU_ACTIVE;
733  }
734  function menuDeactivateAccount()
735  {
736  // Do not show the menu if the user has no FUSERS privileges
737  global $action;
738  if (!$action->parent->hasPermission('FUSERS', 'FUSERS')) {
739  return MENU_INVISIBLE;
740  }
741  // Do not show the menu if the user has no edit rights on the document
742  if ($this->canEdit() != '') {
743  return MENU_INVISIBLE;
744  }
745  // Do not show the menu on the 'admin' user
746  if ($this->getRawValue('us_whatid') == 1) {
747  return MENU_INVISIBLE;
748  }
749  // Do not show the menu if the account is already inactive
750  if ($this->getRawValue('us_status', 'A') != 'A') {
751  return MENU_INVISIBLE;
752  }
753  return MENU_ACTIVE;
754  }
755  /**
756  * Manage account security
757  */
758  function isAccountActive()
759  {
760  if ($this->getRawValue("us_whatid") == 1) return false; // it makes non sense for admin
761  $u = $this->getAccount();
762  if ($u) {
763  return $u->status != 'D';
764  }
765  return false;
766  }
767  /**
768  * @apiExpose
769  * @return string error message
770  */
771  function activateAccount()
772  {
773  // Check that the user has FUSERS privileges
774  global $action;
775  if ($this->canEdit() != '' || !$action->parent->hasPermission('FUSERS', 'FUSERS')) {
776  return _("current user cannot deactivate account");
777  }
778  // The 'admin' account cannot be deactivated
779  if ($this->getRawValue("us_whatid") == 1) {
780  return '';
781  }
782  $err = $this->SetValue("us_status", 'A');
783  if ($err == "") {
784  $err = $this->modify(true, array(
785  "us_status"
786  ) , true);
787  $this->synchronizeSystemUser();
788  }
789  return $err;
790  }
791  function isAccountInactive()
792  {
793  return (!$this->isAccountActive());
794  }
795  /**
796  * @apiExpose
797  * @return string error message
798  */
799  function deactivateAccount()
800  {
801  // Check that the user has FUSERS privileges
802  global $action;
803  if ($this->canEdit() != '' || !$action->parent->hasPermission('FUSERS', 'FUSERS')) {
804  return _("current user cannot deactivate account");
805  }
806  // The 'admin' account cannot be deactivated
807  if ($this->getRawValue("us_whatid") == 1) {
808  return '';
809  }
810  $err = $this->SetValue("us_status", 'D');
811  if ($err == "") {
812  $err = $this->modify(true, array(
813  "us_status"
814  ) , true);
815  $this->synchronizeSystemUser();
816  }
817  return $err;
818  }
819  function accountHasExpired()
820  {
821  if ($this->getRawValue("us_whatid") == 1) return false;
822  $expd = $this->getRawValue("us_accexpiredate");
823  //convert date
824  $expires = 0;
825  if ($expd != "") {
826  if (preg_match("|([0-9][0-9])/([0-9][0-9])/(2[0-9][0-9][0-9])|", $expd, $reg)) {
827  $expires = mktime(0, 0, 0, $reg[2], $reg[1], $reg[3]);
828  } else if (preg_match("|(2[0-9][0-9][0-9])-([0-9][0-9])-([0-9][0-9])|", $expd, $reg)) {
829  $expires = mktime(0, 0, 0, $reg[2], $reg[3], $reg[1]);
830  }
831  return ($expires <= time());
832  }
833  return false;
834  }
835  /**
836  * return attribute used to filter from keyword
837  * @return string
838  */
839  static function getMailAttribute()
840  {
841  return "us_mail";
842  }
843  /**
844  * @begin-method-ignore
845  * this part will be deleted when construct document class until end-method-ignore
846  */
847 }
848 /**
849  * @end-method-ignore
850  */
Doc\clearArrayValues
clearArrayValues($idAttr)
Definition: Class.Doc.php:3480
$status
$status
Definition: index.php:30
$action
global $action
Definition: accountRefreshGroup.php:16
Doc\getAttribute
& getAttribute($idAttr, &$oa=null, $useMask=true)
Definition: Class.Doc.php:2152
$_POST
global $_POST
Definition: chgpasswd.php:17
MENU_INVISIBLE
const MENU_INVISIBLE
Definition: Class.Doc.php:37
Dcp\Core\UserAccount\control
control($aclname, $strict=false)
Definition: Class.UserAccount.php:680
Dcp\Core\UserAccount\preImport
preImport(array $extra=array())
Definition: Class.UserAccount.php:362
Account\ANONYMOUS_ID
const ANONYMOUS_ID
Definition: Class.Account.php:33
Doc\canEdit
canEdit($verifyDomain=true)
Definition: Class.Doc.php:1364
Doc\clearValue
clearValue($attrid)
Definition: Class.Doc.php:4409
Dcp\Core\UserAccount\constraintPassword
constraintPassword($pwd1, $pwd2, $login)
Definition: Class.UserAccount.php:479
Doc\getArrayRawValues
getArrayRawValues($idAttr, $index=-1)
Definition: Class.Doc.php:3292
DocLDAP\getLDAPValue
getLDAPValue($idattr, $index="")
Definition: Class.DocLDAP.php:286
Doc\getFamilyParameterValue
getFamilyParameterValue($idp, $def="")
Definition: Class.Doc.php:1538
Doc\viewprop
viewprop($target="_self", $ulink=true, $abstract=false)
Definition: Class.Doc.php:7781
MENU_ACTIVE
const MENU_ACTIVE
Definition: Class.Doc.php:36
DbObj\modify
modify($nopost=false, $sfields="", $nopre=false)
Definition: Class.DbObj.php:449
Doc\getDocValue
getDocValue($docid, $attrid, $def=" ", $latest=false)
Definition: Class.Doc.php:8870
Doc\editattr
editattr($withtd=true)
Definition: Class.Doc.php:8129
Doc\addArrayRow
addArrayRow($idAttr, $tv, $index=-1)
Definition: Class.Doc.php:3425
getLayoutFile
getLayoutFile($app, $layfile)
Definition: Lib.Common.php:258
$tgid
$tgid
Definition: refreshGroups.php:40
Doc\editbodycard
editbodycard($target="_self", $ulink=true, $abstract=false, $onlyopt=false)
Definition: Class.Doc.php:7900
Doc\setValue
setValue($attrid, $value, $index=-1, &$kvalue=null)
Definition: Class.Doc.php:3528
Doc\getMultipleRawValues
getMultipleRawValues($idAttr, $def="", $index=-1)
Definition: Class.Doc.php:3240
$login
$login
Definition: dav.php:40
Dcp\Core\UserAccount\editlikeperson
editlikeperson($target="finfo", $ulink=true, $abstract="Y")
Definition: Class.UserAccount.php:591
Doc\getParam
getParam($param, $defv="")
Definition: Class.Doc.php:8686
Doc\getTitle
getTitle($id="-1", $def="", $latest=false)
Definition: Class.Doc.php:8715
Doc\postCreated
postCreated()
Definition: Class.Doc.php:2953
Doc\preRefresh
preRefresh()
Definition: Class.Doc.php:5946
deprecatedFunction
deprecatedFunction($msg= '')
Definition: Lib.Common.php:86
Dcp\Core\UserAccount\constraintExpires
constraintExpires($expiresd, $expirest, $daydelay)
Definition: Class.UserAccount.php:572
new_Doc
new_Doc($dbaccess, $id= '', $latest=false)
Definition: freedom_util.php:119
simpleQuery
simpleQuery($dbaccess, $query, &$result=array(), $singlecolumn=false, $singleresult=false, $useStrict=null)
Definition: Lib.Common.php:484
$err
if($file) if($subject==""&&$file) if($subject=="") $err
Definition: fdl_sendmail.php:78
Doc\getRawValue
getRawValue($idAttr, $def="")
Definition: Class.Doc.php:3117
Account\ROLE_TYPE
const ROLE_TYPE
Definition: Class.Account.php:40
← centre documentaire © anakeen