diff options
Diffstat (limited to 'classes/User.php')
| -rw-r--r-- | classes/User.php | 93 |
1 files changed, 72 insertions, 21 deletions
diff --git a/classes/User.php b/classes/User.php index 007662131..48df0cdd7 100644 --- a/classes/User.php +++ b/classes/User.php @@ -103,10 +103,7 @@ class User extends Memcached_DataObject } $toupdate = implode(', ', $parts); - $table = $this->tableName(); - if(common_config('db','quote_identifiers')) { - $table = '"' . $table . '"'; - } + $table = common_database_tablename($this->tableName()); $qry = 'UPDATE ' . $table . ' SET ' . $toupdate . ' WHERE id = ' . $this->id; $orig->decache(); @@ -634,11 +631,7 @@ class User extends Memcached_DataObject 'ORDER BY subscription.created DESC '; if ($offset) { - if (common_config('db','type') == 'pgsql') { - $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $qry .= ' LIMIT ' . $offset . ', ' . $limit; - } + $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; } $profile = new Profile(); @@ -661,11 +654,7 @@ class User extends Memcached_DataObject 'AND subscription.subscribed != subscription.subscriber ' . 'ORDER BY subscription.created DESC '; - if (common_config('db','type') == 'pgsql') { - $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; - } else { - $qry .= ' LIMIT ' . $offset . ', ' . $limit; - } + $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset; $profile = new Profile(); @@ -674,20 +663,82 @@ class User extends Memcached_DataObject return $profile; } - function hasOpenID() + function getDesign() + { + return Design::staticGet('id', $this->design_id); + } + + function hasRole($name) { - $oid = new User_openid(); + $role = User_role::pkeyGet(array('user_id' => $this->id, + 'role' => $name)); + return (!empty($role)); + } + + function grantRole($name) + { + $role = new User_role(); + + $role->user_id = $this->id; + $role->role = $name; + $role->created = common_sql_now(); - $oid->user_id = $this->id; + $result = $role->insert(); - $cnt = $oid->find(); + if (!$result) { + common_log_db_error($role, 'INSERT', __FILE__); + return false; + } - return ($cnt > 0); + return true; } - function getDesign() + function revokeRole($name) { - return Design::staticGet('id', $this->design_id); + $role = User_role::pkeyGet(array('user_id' => $this->id, + 'role' => $name)); + + if (empty($role)) { + throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.'); + } + + $result = $role->delete(); + + if (!$result) { + common_log_db_error($role, 'DELETE', __FILE__); + throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.'); + } + + return true; + } + + /** + * Does this user have the right to do X? + * + * With our role-based authorization, this is merely a lookup for whether the user + * has a particular role. The implementation currently uses a switch statement + * to determine if the user has the pre-defined role to exercise the right. Future + * implementations may allow per-site roles, and different mappings of roles to rights. + * + * @param $right string Name of the right, usually a constant in class Right + * @return boolean whether the user has the right in question + */ + + function hasRight($right) + { + $result = false; + if (Event::handle('UserRightsCheck', array($this, $right, &$result))) { + switch ($right) + { + case Right::deleteOthersNotice: + $result = $this->hasRole('moderator'); + break; + default: + $result = false; + break; + } + } + return $result; } function delete() |