Ticket #132: usergroup.php

File usergroup.php, 7.7 kB (added by skippy, 12 months ago)
Line 
1<?php
2/**
3* Habari UserGroup Class
4* @package Habari
5**/
6class UserGroup extends QueryRecord
7{
8    /**
9     * Static storage for this group's info
10    **/
11    // these first three hold the original values as fetched from the DB
12    private $db_member_ids= null;
13    private $db_permissions_granted= null;
14    private $db_permissons_denied= null;
15
16    // these next three hold changes before they're committed to the DB
17    private $member_ids= null;
18    private $permissions_granted= null;
19    private $permissons_denied= null;
20    private $permissions_revoked= null;
21
22    /**
23     * get default fields for this record
24     * @return array an array of the fields used in the UserGroup table
25    **/
26    public static function default_fields()
27    {
28        return array(
29            'id' => '',
30            'name' => ''
31        );
32    }
33
34    /**
35     * Constructor for the UserGroup class
36     * @param array $paramarray an associative array of UserGroup fields
37    **/
38    public function __construct( $paramarray= array() )
39    {
40        $this->fields= array_merge(
41            self::default_fields(),
42            $this->fields );
43        parent::__construct( $paramarray );
44        $this->exclude_fields('id');
45        $this->permissions_revoked= array();
46        $this->db_member_ids= array();
47        $this->db_permissions_granted= array();
48        $this->db_permissions_denied= array();
49       
50        // if we have an ID, load this UserGroup's members & permissions
51        if ( $this->id ) {
52            $result= DB::get_column( 'SELECT user_id FROM {users_groups} WHERE group_id= ?', array( $this->id ) );
53            if ( $result ) {
54                foreach( $result as $id ) {
55                    $this->db_member_ids[ $id ]= $id;
56                }
57            }
58
59            $result= DB::get_column( 'SELECT permission_id FROM {groups_permissions} WHERE group_id=? AND denied=0 ', array( $this->id ) );
60            if ( $result ) {
61                foreach ( $result as $granted ) {
62                    $this->db_permissions_granted[ $granted ]= $granted;
63                }
64            }
65
66            $result= DB::get_column( 'SELECT permission_id FROM {groups_permissions} WHERE group_id=? AND denied=1', array( $this->id ) );
67            if ( $result ) {
68                foreach( $result as $denied ) {
69                    $this->permissions_denied[ $denied ]= $denied;
70                }
71            }
72        }
73
74        // set the temporary variables to hold the initial values from the DB, if any
75        $this->member_ids= $this->db_member_ids;
76        $this->permissions_granted= $this->db_permissions_granted;
77        $this->permissions_denied= $this->db_permissions_denied;
78    }
79
80    /**
81     * Create a new UserGroup object and save it to the database
82     * @param array An associative array of UserGroup fields
83     * @return UserGroup the UserGroup that was created
84    **/
85    public static function create( $paramarray )
86    {
87        $usergroup= new UserGroup( $paramarray );
88        $usergroup->insert();
89        return $usergroup;
90    }
91
92    /**
93     * Save a new UserGroup to the UserGroup table
94    **/
95    public function insert()
96    {
97        $allow= true;
98        $allow= Plugins::filter('usergroup_insert_allow', $allow, $this);
99        if ( ! $allow ) {
100            return;
101        }
102        Plugins::act('usergroup_insert_before', $this);
103        $this->exclude_fields('id');
104        $result= parent::insertRecord( DB::table('users') );
105        $this->fields['id']= DB::last_insert_id();
106        EventLog::log('New group created: ' . $this->name, 'info', 'default', 'habari');
107        Plugins::act('usergroup_insert_after', $this);
108        return $result;
109    }
110
111    /**
112     * Updates an existing UserGroup in the DB
113    **/
114    public function update()
115    {
116        $allow= true;
117        $allow= Plugins::filter('usergroup_update_allow', $allow, $this);
118        if ( ! $allow ) {
119            return;
120        }
121        Plugins::act('usergroup_update_before', $this);
122        // figure out what needs to be changed
123        if ( $this->member_ids != $this->db_member_ids ) {
124            $added= array_diff_assoc( $this->member_ids, $this->db_member_ids);
125            if ( count( $added ) > 0 ) {
126                foreach ( $added as $id )
127                    DB::query('INSERT INTO {users_groups} (user_id, group_id) VALUES (?, ?)', array( $id, $this->id) );
128                }
129            }
130            $removed= array_diff_assoc( $this->db_member_ids, $this->member_ids );
131            if ( count( $removed ) > 0 ) {
132                foreach ( $removed as $id ) {
133                    DB::query('DELETE FROM {users_groups} WHERE user_id=? AND group_id=?', array( $id, $this->id ) );
134                }
135            }
136        }
137        if ( $this->permissions_granted != $this->db_permissions_granted ) {
138            $granted= array_diff_assoc( $this->permissions_granted, $this->db_permissions_granted );
139            if ( count( $granted ) > 0 ) {
140                foreach( $granted as $perm ) {
141                    DB::query('INSERT INTO {groups_permissions} (group_id, permission_id, denied ) VALUES (?, ?, 0)', array( $this->id, $perm) );
142                }
143            }
144        }
145        if ( $this->permissions_denied != $this->db_permissions_denied ) {
146            $denied= array_diff_assoc( $this->permissions_denied, $this->db_permissions_denied );
147            if ( count( $denied ) > 0 ) {
148                foreach( $denied as $perm ) {
149                    DB::query('INSERT INTO {groups_permissions} (group_id, permission_id, denied) VAlUED (?, ? 1)', array( $this->id, $perm ) );
150                }
151            }
152        }
153        if ( count( $this->permissions_revoked ) > 0 ) {
154            foreach ( $this->permissions_revoked as $perm ) {
155                DB::query( 'DELETE FROM {users_groups} WHERE group_id=? AND permission_id=?', array( $this->id, $perm ) );
156            }
157        }
158        Plugins::act('usergroup_update_after', $this);
159    }
160
161    /**
162     * Delete a UserGroup
163    **/
164    public function delete()
165    {
166        $allow= true;
167        $allow= Plugins::filter('usergroup_delete_allow', $allow, $this);
168         if ( ! $allow ) {
169             return;
170        }
171        Plugins::act('usergroup_delete_before', $this);
172        // remove all this group's permissions
173        $results= DB::query( 'DELETE FROM {groups_permissions} WHERE group_id=?', array( $this->id ) );
174        // remove all this group's members
175        $results= DB::query( 'DELETE FROM {users_groups} WHERE group_id=?', array( $this->id ) );
176        // remove this group
177        $result= parent::deleteRecord( DB::table('groups'), array( 'id' => $this->id ) );
178        Plugins::act('usergroup_delete_after', $this);
179        return $result;
180    }
181
182    /**
183     * function members
184     * returns an array of user IDs belogning to this UserGroup
185     * @return array an array of user IDs
186    **/
187    public function members()
188    {
189        return $this->member_ids;
190    }
191   
192    /**
193     * Add a user to this group
194     * @param int a user ID
195    **/
196    public function add( $id )
197    {
198        if ( in_array( $id, $self->member_ids ) ) {
199            return false;
200        }
201        $self->member_ids[$id]= $id;
202        return true;
203    }
204
205    /**
206     * Remove a user from this group
207     * @param int a user ID
208    **/
209    public function remove( $id )
210    {
211        if ( ! in_array( $id, $self->member_ids ) ) {
212            return false;
213        }
214        unset($self->member_ids[ $id ]);
215        return true;
216    }
217
218    /**
219     * Assign a new permission to this group
220     * @param int A permission ID
221    **/
222    public function grant( $permission )
223    {
224        if ( ! in_array( $permisson, $this->permissions_granted ) ) {
225            $this->permissions_granted[ $permission ]= $permission;
226        }
227        if ( in_array( $permission, $this->permissions_denied ) ) {
228            unset( $this->permissions_denied[ $permission ] );
229        }
230    }
231
232    /**
233     * Deny a permission to this group
234     * @param int The permission ID to be denied
235    **/
236    public function deny( $permission )
237    {
238        if ( ! in_array( $permission, $this->permissions_denied ) ) {
239            $this->permissions_denied[ $permission ] = $permission;
240        }
241        if ( in_array( $permission, $this->permissions_granted ) ) {
242            unset( $this->permissions_granted[ $permission ] );
243        }
244    }
245
246    /**
247     * Remove a permission from a group
248     * @param int a permission ID
249    **/
250    public function revoke( $permission )
251    {
252        if ( in_array( $permisson, $this->permissons_granted ) ) {
253            unset( $this->permissions_granted[ $permission ] );
254        }
255        if ( in_array( $permission, $this->permissions_denied ) ) {
256            unset( $this->permissions_denied[ $permission] );
257        }
258        $this->permissions_revoked[ $permission ]= $permission;
259    }
260
261    /**
262     * Determine whether members of a group can do something
263     * @param string a text description of a permission
264     * @return bool Whether the group can do the thing
265    **/
266    public function can( $permission )
267    {
268        if ( isset( $this->permissions_granted[ $permission ] ) ) {
269            return true;
270        }
271        return false;
272    }
273}
274?>