summaryrefslogtreecommitdiff
path: root/classes/User.php
diff options
context:
space:
mode:
Diffstat (limited to 'classes/User.php')
-rw-r--r--classes/User.php132
1 files changed, 54 insertions, 78 deletions
diff --git a/classes/User.php b/classes/User.php
index 447a34141..f905ea2b7 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -114,7 +114,7 @@ class User extends Memcached_DataObject
return $result;
}
- function allowed_nickname($nickname)
+ static function allowed_nickname($nickname)
{
// XXX: should already be validated for size, content, etc.
$blacklist = common_config('nickname', 'blacklist');
@@ -190,7 +190,17 @@ class User extends Memcached_DataObject
$profile->query('BEGIN');
+ if(!empty($email))
+ {
+ $email = common_canonical_email($email);
+ }
+
+ $nickname = common_canonical_nickname($nickname);
$profile->nickname = $nickname;
+ if(! User::allowed_nickname($nickname)){
+ common_log(LOG_WARNING, sprintf("Attempted to register a nickname that is not allowed: %s", $profile->nickname),
+ __FILE__);
+ }
$profile->profileurl = common_profile_url($nickname);
if (!empty($fullname)) {
@@ -242,6 +252,10 @@ class User extends Memcached_DataObject
}
}
+ if(isset($email_confirmed) && $email_confirmed) {
+ $user->email = $email;
+ }
+
// This flag is ignored but still set to 1
$user->inboxed = 1;
@@ -563,11 +577,13 @@ class User extends Memcached_DataObject
'WHERE group_member.profile_id = %d ' .
'ORDER BY group_member.created DESC ';
- if ($offset) {
- if (common_config('db','type') == 'pgsql') {
- $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
- } else {
- $qry .= ' LIMIT ' . $offset . ', ' . $limit;
+ if ($offset>0 && !is_null($limit)) {
+ if ($offset) {
+ if (common_config('db','type') == 'pgsql') {
+ $qry .= ' LIMIT ' . $limit . ' OFFSET ' . $offset;
+ } else {
+ $qry .= ' LIMIT ' . $offset . ', ' . $limit;
+ }
}
}
@@ -643,80 +659,10 @@ class User extends Memcached_DataObject
return Design::staticGet('id', $this->design_id);
}
- function hasRole($name)
- {
- $role = User_role::pkeyGet(array('user_id' => $this->id,
- 'role' => $name));
- return (!empty($role));
- }
-
- function grantRole($name)
- {
- $role = new User_role();
-
- $role->user_id = $this->id;
- $role->role = $name;
- $role->created = common_sql_now();
-
- $result = $role->insert();
-
- if (!$result) {
- common_log_db_error($role, 'INSERT', __FILE__);
- return false;
- }
-
- return true;
- }
-
- function revokeRole($name)
- {
- $role = User_role::pkeyGet(array('user_id' => $this->id,
- 'role' => $name));
-
- if (empty($role)) {
- throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.');
- }
-
- $result = $role->delete();
-
- if (!$result) {
- common_log_db_error($role, 'DELETE', __FILE__);
- throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.');
- }
-
- return true;
- }
-
- /**
- * Does this user have the right to do X?
- *
- * With our role-based authorization, this is merely a lookup for whether the user
- * has a particular role. The implementation currently uses a switch statement
- * to determine if the user has the pre-defined role to exercise the right. Future
- * implementations may allow per-site roles, and different mappings of roles to rights.
- *
- * @param $right string Name of the right, usually a constant in class Right
- * @return boolean whether the user has the right in question
- */
-
function hasRight($right)
{
- $result = false;
- if (Event::handle('UserRightsCheck', array($this, $right, &$result))) {
- switch ($right)
- {
- case Right::DELETEOTHERSNOTICE:
- $result = $this->hasRole(User_role::MODERATOR);
- break;
- case Right::CONFIGURESITE:
- $result = $this->hasRole(User_role::ADMINISTRATOR);
- break;
- default:
- $result = false;
- break;
- }
- }
- return $result;
+ $profile = $this->getProfile();
+ return $profile->hasRight($right);
}
function delete()
@@ -761,4 +707,34 @@ class User extends Memcached_DataObject
$block->delete();
// XXX delete group block? Reset blocker?
}
+
+ function hasRole($name)
+ {
+ $profile = $this->getProfile();
+ return $profile->hasRole($name);
+ }
+
+ function grantRole($name)
+ {
+ $profile = $this->getProfile();
+ return $profile->grantRole($name);
+ }
+
+ function revokeRole($name)
+ {
+ $profile = $this->getProfile();
+ return $profile->revokeRole($name);
+ }
+
+ function isSandboxed()
+ {
+ $profile = $this->getProfile();
+ return $profile->isSandboxed();
+ }
+
+ function isSilenced()
+ {
+ $profile = $this->getProfile();
+ return $profile->isSilenced();
+ }
}