diff options
Diffstat (limited to 'plugins/UsersManager/API.php')
-rw-r--r-- | plugins/UsersManager/API.php | 217 |
1 files changed, 123 insertions, 94 deletions
diff --git a/plugins/UsersManager/API.php b/plugins/UsersManager/API.php index fda72c78c3..8ab60fb252 100644 --- a/plugins/UsersManager/API.php +++ b/plugins/UsersManager/API.php @@ -17,6 +17,10 @@ class Piwik_UsersManager_API { static private $instance = null; + + /** + * @return Piwik_UsersManager_API + */ static public function getInstance() { if (self::$instance == null) @@ -27,17 +31,51 @@ class Piwik_UsersManager_API return self::$instance; } + const PREFERENCE_DEFAULT_REPORT = 'defaultReport'; + const PREFERENCE_DEFAULT_REPORT_DATE = 'defaultReportDate'; + + /** + * Sets a user preference + * @param $userLogin + * @param $preferenceName + * @param $preferenceValue + * @return void + */ + public function setUserPreference($userLogin, $preferenceName, $preferenceValue) + { + Piwik::checkUserIsSuperUserOrTheUser($userLogin); + Piwik_SetOption($this->getPreferenceId($userLogin, $preferenceName), $preferenceValue); + } + + /** + * Gets a user preference + * @param $userLogin + * @param $preferenceName + * @param $preferenceValue + * @return void + */ + public function getUserPreference($userLogin, $preferenceName) + { + Piwik::checkUserIsSuperUserOrTheUser($userLogin); + return Piwik_GetOption($this->getPreferenceId($userLogin, $preferenceName)); + } + + private function getPreferenceId($login, $preference) + { + return $login . '_' . $preference; + } + /** * Returns the list of all the users * * @return array the list of all the users */ - static public function getUsers() + public function getUsers() { Piwik::checkUserIsSuperUser(); $db = Zend_Registry::get('db'); - $users = $db->fetchAll("SELECT * FROM ".Piwik::prefixTable("user")." ORDER BY login ASC"); + $users = $db->fetchAll("SELECT * FROM ".Piwik_Common::prefixTable("user")." ORDER BY login ASC"); return $users; } @@ -46,12 +84,12 @@ class Piwik_UsersManager_API * * @return array the list of all the users login */ - static public function getUsersLogin() + public function getUsersLogin() { Piwik::checkUserHasSomeAdminAccess(); $db = Zend_Registry::get('db'); - $users = $db->fetchAll("SELECT login FROM ".Piwik::prefixTable("user")." ORDER BY login ASC"); + $users = $db->fetchAll("SELECT login FROM ".Piwik_Common::prefixTable("user")." ORDER BY login ASC"); $return = array(); foreach($users as $login) { @@ -75,15 +113,15 @@ class Piwik_UsersManager_API * ) * */ - static public function getUsersSitesFromAccess( $access ) + public function getUsersSitesFromAccess( $access ) { Piwik::checkUserIsSuperUser(); - self::checkAccessType($access); + $this->checkAccessType($access); $db = Zend_Registry::get('db'); $users = $db->fetchAll("SELECT login,idsite - FROM ".Piwik::prefixTable("access") + FROM ".Piwik_Common::prefixTable("access") ." WHERE access = ?", $access); $return = array(); foreach($users as $user) @@ -109,13 +147,13 @@ class Piwik_UsersManager_API * ... * ) */ - static public function getUsersAccessFromSite( $idSite ) + public function getUsersAccessFromSite( $idSite ) { Piwik::checkUserHasAdminAccess( $idSite ); $db = Zend_Registry::get('db'); $users = $db->fetchAll("SELECT login,access - FROM ".Piwik::prefixTable("access") + FROM ".Piwik_Common::prefixTable("access") ." WHERE idsite = ?", $idSite); $return = array(); foreach($users as $user) @@ -142,15 +180,15 @@ class Piwik_UsersManager_API * ... * ) */ - static public function getSitesAccessFromUser( $userLogin ) + public function getSitesAccessFromUser( $userLogin ) { Piwik::checkUserIsSuperUser(); - self::checkUserExists($userLogin); - self::checkUserIsNotSuperUser($userLogin); + $this->checkUserExists($userLogin); + $this->checkUserIsNotSuperUser($userLogin); $db = Zend_Registry::get('db'); $users = $db->fetchAll("SELECT idsite,access - FROM ".Piwik::prefixTable("access") + FROM ".Piwik_Common::prefixTable("access") ." WHERE login = ?", $userLogin); $return = array(); foreach($users as $user) @@ -170,15 +208,15 @@ class Piwik_UsersManager_API * * @return array the user information */ - static public function getUser( $userLogin ) + public function getUser( $userLogin ) { - Piwik::checkUserIsSuperUser(); - self::checkUserExists($userLogin); - self::checkUserIsNotSuperUser($userLogin); + Piwik::checkUserIsSuperUserOrTheUser($userLogin); + $this->checkUserExists($userLogin); + $this->checkUserIsNotSuperUser($userLogin); $db = Zend_Registry::get('db'); $user = $db->fetchRow("SELECT * - FROM ".Piwik::prefixTable("user") + FROM ".Piwik_Common::prefixTable("user") ." WHERE login = ?", $userLogin); return $user; } @@ -190,48 +228,39 @@ class Piwik_UsersManager_API * * @return array the user information */ - static public function getUserByEmail( $userEmail ) + public function getUserByEmail( $userEmail ) { Piwik::checkUserIsSuperUser(); - self::checkUserEmailExists($userEmail); + $this->checkUserEmailExists($userEmail); $db = Zend_Registry::get('db'); $user = $db->fetchRow("SELECT * - FROM ".Piwik::prefixTable("user") + FROM ".Piwik_Common::prefixTable("user") ." WHERE email = ?", $userEmail); return $user; } - static private function checkLogin($userLogin) + private function checkLogin($userLogin) { - if(self::userExists($userLogin)) + if($this->userExists($userLogin)) { throw new Exception(Piwik_TranslateException('UsersManager_ExceptionLoginExists', $userLogin)); } - $loginMinimumLength = 3; - $loginMaximumLength = 100; - $l = strlen($userLogin); - if(!($l >= $loginMinimumLength - && $l <= $loginMaximumLength - && (preg_match('/^[A-Za-z0-9_.-]*$/', $userLogin) > 0)) - ) - { - throw new Exception(Piwik_TranslateException('UsersManager_ExceptionInvalidLoginFormat', array($loginMinimumLength, $loginMaximumLength))); - } + Piwik::checkValidLoginString($userLogin); } - static private function checkPassword($password) + private function checkPassword($password) { - if(!self::isValidPasswordString($password)) + if(!$this->isValidPasswordString($password)) { throw new Exception(Piwik_TranslateException('UsersManager_ExceptionInvalidPassword')); } } - static private function checkEmail($email) + private function checkEmail($email) { - if(self::userEmailExists($email)) + if($this->userEmailExists($email)) { throw new Exception(Piwik_TranslateException('UsersManager_ExceptionEmailExists', $email)); } @@ -242,7 +271,7 @@ class Piwik_UsersManager_API } } - static private function getCleanAlias($alias,$userLogin) + private function getCleanAlias($alias,$userLogin) { if(empty($alias)) { @@ -251,7 +280,7 @@ class Piwik_UsersManager_API return $alias; } - static private function getCleanPassword($password) + private function getCleanPassword($password) { // if change here, should also edit the installation process // to change how the root pwd is saved in the config file @@ -273,29 +302,30 @@ class Piwik_UsersManager_API * * @exception in case of an invalid parameter */ - static public function addUser( $userLogin, $password, $email, $alias = false ) + public function addUser( $userLogin, $password, $email, $alias = false ) { Piwik::checkUserIsSuperUser(); - self::checkLogin($userLogin); - self::checkUserIsNotSuperUser($userLogin); - self::checkPassword($password); - self::checkEmail($email); + $this->checkLogin($userLogin); + $this->checkUserIsNotSuperUser($userLogin); + $this->checkPassword($password); + $this->checkEmail($email); - $alias = self::getCleanAlias($alias,$userLogin); - $passwordTransformed = self::getCleanPassword($password); + $alias = $this->getCleanAlias($alias,$userLogin); + $passwordTransformed = $this->getCleanPassword($password); - $token_auth = self::getTokenAuth($userLogin, $passwordTransformed); + $token_auth = $this->getTokenAuth($userLogin, $passwordTransformed); $db = Zend_Registry::get('db'); - $db->insert( Piwik::prefixTable("user"), array( + $db->insert( Piwik_Common::prefixTable("user"), array( 'login' => $userLogin, 'password' => $passwordTransformed, 'alias' => $alias, 'email' => $email, 'token_auth' => $token_auth, - ) + 'date_registered' => Piwik_Date::now()->getDatetime() + ) ); // we reload the access list which doesn't yet take in consideration this new user @@ -311,12 +341,12 @@ class Piwik_UsersManager_API * * @see addUser() for all the parameters */ - static public function updateUser( $userLogin, $password = false, $email = false, $alias = false ) + public function updateUser( $userLogin, $password = false, $email = false, $alias = false ) { Piwik::checkUserIsSuperUserOrTheUser($userLogin); - self::checkUserIsNotAnonymous( $userLogin ); - self::checkUserIsNotSuperUser($userLogin); - $userInfo = self::getUser($userLogin); + $this->checkUserIsNotAnonymous( $userLogin ); + $this->checkUserIsNotSuperUser($userLogin); + $userInfo = $this->getUser($userLogin); if(empty($password)) { @@ -324,8 +354,8 @@ class Piwik_UsersManager_API } else { - self::checkPassword($password); - $password = self::getCleanPassword($password); + $this->checkPassword($password); + $password = $this->getCleanPassword($password); } if(empty($alias)) @@ -340,15 +370,15 @@ class Piwik_UsersManager_API if($email != $userInfo['email']) { - self::checkEmail($email); + $this->checkEmail($email); } - $alias = self::getCleanAlias($alias,$userLogin); - $token_auth = self::getTokenAuth($userLogin,$password); + $alias = $this->getCleanAlias($alias,$userLogin); + $token_auth = $this->getTokenAuth($userLogin,$password); $db = Zend_Registry::get('db'); - $db->update( Piwik::prefixTable("user"), + $db->update( Piwik_Common::prefixTable("user"), array( 'password' => $password, 'alias' => $alias, @@ -368,19 +398,18 @@ class Piwik_UsersManager_API * * @return bool true on success */ - static public function deleteUser( $userLogin ) + public function deleteUser( $userLogin ) { Piwik::checkUserIsSuperUser(); - self::checkUserIsNotAnonymous( $userLogin ); - self::checkUserIsNotSuperUser($userLogin); - if(!self::userExists($userLogin)) + $this->checkUserIsNotAnonymous( $userLogin ); + $this->checkUserIsNotSuperUser($userLogin); + if(!$this->userExists($userLogin)) { throw new Exception(Piwik_TranslateException("UsersManager_ExceptionDeleteDoesNotExist", $userLogin)); } - - self::deleteUserOnly( $userLogin ); - self::deleteUserAccess( $userLogin ); + $this->deleteUserOnly( $userLogin ); + $this->deleteUserAccess( $userLogin ); } /** @@ -388,11 +417,10 @@ class Piwik_UsersManager_API * * @return bool true if the user is known */ - static public function userExists( $userLogin ) + public function userExists( $userLogin ) { - Piwik::checkUserHasSomeAdminAccess(); $count = Piwik_FetchOne("SELECT count(*) - FROM ".Piwik::prefixTable("user"). " + FROM ".Piwik_Common::prefixTable("user"). " WHERE login = ?", $userLogin); return $count != 0; } @@ -402,11 +430,11 @@ class Piwik_UsersManager_API * * @return bool true if the user is known */ - static public function userEmailExists( $userEmail ) + public function userEmailExists( $userEmail ) { Piwik::checkUserHasSomeAdminAccess(); $count = Piwik_FetchOne("SELECT count(*) - FROM ".Piwik::prefixTable("user"). " + FROM ".Piwik_Common::prefixTable("user"). " WHERE email = ?", $userEmail); return $count != 0; } @@ -428,11 +456,11 @@ class Piwik_UsersManager_API * * @return bool true on success */ - static public function setUserAccess( $userLogin, $access, $idSites) + public function setUserAccess( $userLogin, $access, $idSites) { - self::checkAccessType( $access ); - self::checkUserExists( $userLogin); - self::checkUserIsNotSuperUser($userLogin); + $this->checkAccessType( $access ); + $this->checkUserExists( $userLogin); + $this->checkUserIsNotSuperUser($userLogin); if($userLogin == 'anonymous' && $access == 'admin') @@ -444,7 +472,7 @@ class Piwik_UsersManager_API // has an 'admin' access if($idSites === 'all') { - $idSites = Piwik_SitesManager_API::getSitesIdWithAdminAccess(); + $idSites = Piwik_SitesManager_API::getInstance()->getSitesIdWithAdminAccess(); } // in case the idSites is an integer we build an array elseif(!is_array($idSites)) @@ -456,7 +484,7 @@ class Piwik_UsersManager_API // basically an admin can give the view or the admin access to any user for the websites he manages Piwik::checkUserHasAdminAccess( $idSites ); - self::deleteUserAccess( $userLogin, $idSites); + $this->deleteUserAccess( $userLogin, $idSites); // delete UserAccess $db = Zend_Registry::get('db'); @@ -467,7 +495,7 @@ class Piwik_UsersManager_API { foreach($idSites as $idsite) { - $db->insert( Piwik::prefixTable("access"), + $db->insert( Piwik_Common::prefixTable("access"), array( "idsite" => $idsite, "login" => $userLogin, "access" => $access) @@ -485,9 +513,9 @@ class Piwik_UsersManager_API * @param string user login * @exception if the user doesn't exist */ - static private function checkUserExists( $userLogin ) + private function checkUserExists( $userLogin ) { - if(!self::userExists($userLogin)) + if(!$this->userExists($userLogin)) { throw new Exception(Piwik_TranslateException("UsersManager_ExceptionUserDoesNotExist", $userLogin)); } @@ -499,22 +527,22 @@ class Piwik_UsersManager_API * @param string user email * @exception if the user doesn't exist */ - static private function checkUserEmailExists( $userEmail ) + private function checkUserEmailExists( $userEmail ) { - if(!self::userEmailExists($userEmail)) + if(!$this->userEmailExists($userEmail)) { throw new Exception(Piwik_TranslateException("UsersManager_ExceptionUserDoesNotExist", $userEmail)); } } - static private function checkUserIsNotAnonymous( $userLogin ) + private function checkUserIsNotAnonymous( $userLogin ) { if($userLogin == 'anonymous') { throw new Exception(Piwik_TranslateException("UsersManager_ExceptionEditAnonymous")); } } - static private function checkUserIsNotSuperUser( $userLogin ) + private function checkUserIsNotSuperUser( $userLogin ) { if($userLogin == Zend_Registry::get('config')->superuser->login) { @@ -522,7 +550,7 @@ class Piwik_UsersManager_API } } - static private function checkAccessType($access) + private function checkAccessType($access) { $accessList = Piwik_Access::getListAccess(); @@ -542,10 +570,12 @@ class Piwik_UsersManager_API * @param string the user login. * */ - static private function deleteUserOnly( $userLogin ) + private function deleteUserOnly( $userLogin ) { $db = Zend_Registry::get('db'); - $db->query("DELETE FROM ".Piwik::prefixTable("user")." WHERE login = ?", $userLogin); + $db->query("DELETE FROM ".Piwik_Common::prefixTable("user")." WHERE login = ?", $userLogin); + + Piwik_PostEvent('UsersManager.deleteUser', $userLogin); } @@ -558,13 +588,13 @@ class Piwik_UsersManager_API * * @return bool true on success */ - static private function deleteUserAccess( $userLogin, $idSites = null ) + private function deleteUserAccess( $userLogin, $idSites = null ) { $db = Zend_Registry::get('db'); if(is_null($idSites)) { - $db->query( "DELETE FROM ".Piwik::prefixTable("access"). + $db->query( "DELETE FROM ".Piwik_Common::prefixTable("access"). " WHERE login = ?", array( $userLogin) ); } @@ -572,7 +602,7 @@ class Piwik_UsersManager_API { foreach($idSites as $idsite) { - $db->query( "DELETE FROM ".Piwik::prefixTable("access"). + $db->query( "DELETE FROM ".Piwik_Common::prefixTable("access"). " WHERE idsite = ? AND login = ?", array($idsite, $userLogin) ); @@ -586,12 +616,11 @@ class Piwik_UsersManager_API * @param string Login * @param string MD5ied string of the password */ - static public function getTokenAuth($userLogin, $md5Password) + public function getTokenAuth($userLogin, $md5Password) { if(strlen($md5Password) != 32) { - throw new Exception("UsersManager.getTokenAuth is expecting a MD5-hashed password (32 chars long string). - Please call the md5() function on the password before calling this method."); + throw new Exception(Piwik_TranslateException('UsersManager_ExceptionPasswordMD5HashExpected')); } return md5($userLogin . $md5Password ); } @@ -602,7 +631,7 @@ class Piwik_UsersManager_API * @param string email * @return bool */ - static private function isValidPasswordString( $input ) + private function isValidPasswordString( $input ) { $l = strlen($input); return $l >= 6 && $l <= 26; |