From 522008dee570aafcc844bf123d25203c7d9c3ebc Mon Sep 17 00:00:00 2001
From: Evan Prodromou <evan@status.net>
Date: Thu, 27 Aug 2009 11:38:31 -0700
Subject: methods on User to grant, check, and revoke roles

---
 classes/User.php | 44 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 44 insertions(+)

(limited to 'classes/User.php')

diff --git a/classes/User.php b/classes/User.php
index aa366a5f3..58f9a6874 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -674,4 +674,48 @@ class User extends Memcached_DataObject
     {
         return Design::staticGet('id', $this->design_id);
     }
+
+    function hasRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+        return (!empty($role));
+    }
+
+    function grantRole($name)
+    {
+        $role = new User_role();
+
+        $role->user_id = $this->id;
+        $role->role    = $name;
+        $role->created = common_sql_now();
+
+        $result = $role->insert();
+
+        if (!$result) {
+            common_log_db_error($role, 'INSERT', __FILE__);
+            return false;
+        }
+
+        return true;
+    }
+
+    function revokeRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+
+        if (empty($role)) {
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.');
+        }
+
+        $result = $role->delete();
+
+        if (!$result) {
+            common_log_db_error($role, 'DELETE', __FILE__);
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.');
+        }
+
+        return true;
+    }
 }
-- 
cgit v1.2.3-54-g00ecf