Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/matomo-org/matomo.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/plugins/UsersManager/Model.php
diff options
context:
space:
mode:
Diffstat (limited to 'plugins/UsersManager/Model.php')
-rw-r--r--plugins/UsersManager/Model.php143
1 files changed, 99 insertions, 44 deletions
diff --git a/plugins/UsersManager/Model.php b/plugins/UsersManager/Model.php
index 00fed4f5a5..362491760e 100644
--- a/plugins/UsersManager/Model.php
+++ b/plugins/UsersManager/Model.php
@@ -63,11 +63,11 @@ class Model
public function getUsers(array $userLogins)
{
$where = '';
- $bind = array();
+ $bind = array();
if (!empty($userLogins)) {
$where = 'WHERE login IN (' . Common::getSqlStringFieldsArray($userLogins) . ')';
- $bind = $userLogins;
+ $bind = $userLogins;
}
$db = $this->getDb();
@@ -100,7 +100,7 @@ class Model
{
$db = $this->getDb();
$users = $db->fetchAll("SELECT login,idsite FROM " . Common::prefixTable("access")
- . " WHERE access = ?
+ . " WHERE access = ?
ORDER BY login, idsite", $access);
$return = array();
@@ -115,7 +115,7 @@ class Model
{
$db = $this->getDb();
$users = $db->fetchAll("SELECT login,access FROM " . Common::prefixTable("access")
- . " WHERE idsite = ?", $idSite);
+ . " WHERE idsite = ?", $idSite);
$return = array();
foreach ($users as $user) {
@@ -129,7 +129,7 @@ class Model
{
$db = $this->getDb();
$users = $db->fetchAll("SELECT login FROM " . Common::prefixTable("access")
- . " WHERE idsite = ? AND access = ?", array($idSite, $access));
+ . " WHERE idsite = ? AND access = ?", array($idSite, $access));
$logins = array();
foreach ($users as $user) {
@@ -170,15 +170,21 @@ class Model
$return = array();
foreach ($users as $user) {
$return[] = array(
- 'site' => $user['idsite'],
- 'access' => $user['access'],
+ 'site' => $user['idsite'],
+ 'access' => $user['access'],
);
}
return $return;
}
- public function getSitesAccessFromUserWithFilters($userLogin, $limit = null, $offset = 0, $pattern = null, $access = null, $idSites = null)
- {
+ public function getSitesAccessFromUserWithFilters(
+ $userLogin,
+ $limit = null,
+ $offset = 0,
+ $pattern = null,
+ $access = null,
+ $idSites = null
+ ) {
$siteAccessFilter = new SiteAccessFilter($userLogin, $pattern, $access, $idSites);
list($joins, $bind) = $siteAccessFilter->getJoins('a');
@@ -237,6 +243,7 @@ class Model
{
$db = $this->getDb();
+
$matchedUsers = $db->fetchAll("SELECT * FROM {$this->userTable} WHERE login = ?", $userLogin);
// for BC in 2.15 LTS, if there is a user w/ an exact match to the requested login, return that user.
@@ -278,29 +285,38 @@ class Model
private function generateTokenAuth()
{
- return md5(Common::getRandomString(32, 'abcdef1234567890') . microtime(true) . Common::generateUniqId() . SettingsPiwik::getSalt());
+ return md5(Common::getRandomString(32,
+ 'abcdef1234567890') . microtime(true) . Common::generateUniqId() . SettingsPiwik::getSalt());
}
- public function addTokenAuth($login, $tokenAuth, $description, $dateCreated, $dateExpired = null, $isSystemToken = false)
- {
+ public function addTokenAuth(
+ $login,
+ $tokenAuth,
+ $description,
+ $dateCreated,
+ $dateExpired = null,
+ $isSystemToken = false
+ ) {
if (!$this->getUser($login)) {
throw new \Exception('User ' . $login . ' does not exist');
}
- BaseValidator::check('Description', $description, [new NotEmpty(), new CharacterLength(1, self::MAX_LENGTH_TOKEN_DESCRIPTION)]);
+ BaseValidator::check('Description', $description,
+ [new NotEmpty(), new CharacterLength(1, self::MAX_LENGTH_TOKEN_DESCRIPTION)]);
if (empty($dateExpired)) {
$dateExpired = null;
}
- $isSystemToken = (int) $isSystemToken;
+ $isSystemToken = (int)$isSystemToken;
$insertSql = "INSERT INTO " . $this->tokenTable . ' (login, description, password, date_created, date_expired, system_token, hash_algo) VALUES (?, ?, ?, ?, ?, ?, ?)';
$tokenAuth = $this->hashTokenAuth($tokenAuth);
$db = $this->getDb();
- $db->query($insertSql, [$login, $description, $tokenAuth, $dateCreated, $dateExpired, $isSystemToken, self::TOKEN_HASH_ALGO]);
+ $db->query($insertSql,
+ [$login, $description, $tokenAuth, $dateCreated, $dateExpired, $isSystemToken, self::TOKEN_HASH_ALGO]);
return $db->lastInsertId();
}
@@ -317,7 +333,8 @@ class Model
{
$db = $this->getDb();
- $token = $db->fetchRow("SELECT description FROM " . $this->tokenTable . " WHERE `idusertokenauth` = ? and login = ? LIMIT 1", array($idTokenAuth, $login));
+ $token = $db->fetchRow("SELECT description FROM " . $this->tokenTable . " WHERE `idusertokenauth` = ? and login = ? LIMIT 1",
+ array($idTokenAuth, $login));
return $token ? $token['description'] : '';
}
@@ -325,8 +342,8 @@ class Model
private function getQueryNotExpiredToken()
{
return array(
- 'sql' => ' (date_expired is null or date_expired > ?)',
- 'bind' => array(Date::now()->getDatetime())
+ 'sql' => ' (date_expired is null or date_expired > ?)',
+ 'bind' => array(Date::now()->getDatetime())
);
}
@@ -338,7 +355,8 @@ class Model
$expired = $this->getQueryNotExpiredToken();
$bind = array_merge(array($tokenAuth), $expired['bind']);
- $token = $db->fetchRow("SELECT * FROM " . $this->tokenTable . " WHERE `password` = ? and " . $expired['sql'], $bind);
+ $token = $db->fetchRow("SELECT * FROM " . $this->tokenTable . " WHERE `password` = ? and " . $expired['sql'],
+ $bind);
return $token;
}
@@ -347,9 +365,20 @@ class Model
{
$db = $this->getDb();
- return $db->query("DELETE FROM " . $this->tokenTable . " WHERE `date_expired` is not null and date_expired < ?", $expiredSince);
+ return $db->query("DELETE FROM " . $this->tokenTable . " WHERE `date_expired` is not null and date_expired < ?",
+ $expiredSince);
}
+ public function checkUserHasUnexpiredToken($login)
+ {
+ $db = $this->getDb();
+ $expired = $this->getQueryNotExpiredToken();
+ $bind = array_merge(array($login), $expired['bind']);
+ return $db->fetchOne("SELECT idusertokenauth FROM " . $this->tokenTable . " WHERE `login` = ? and " . $expired['sql'],
+ $bind);
+ }
+
+
public function deleteAllTokensForUser($login)
{
$db = $this->getDb();
@@ -365,7 +394,8 @@ class Model
$expired = $this->getQueryNotExpiredToken();
$bind = array_merge(array($login), $expired['bind']);
- return $db->fetchAll("SELECT * FROM " . $this->tokenTable . " WHERE `login` = ? and system_token = 0 and " . $expired['sql'] . ' order by idusertokenauth ASC', $bind);
+ return $db->fetchAll("SELECT * FROM " . $this->tokenTable . " WHERE `login` = ? and system_token = 0 and " . $expired['sql'] . ' order by idusertokenauth ASC',
+ $bind);
}
public function getAllHashedTokensForLogins($logins)
@@ -380,7 +410,8 @@ class Model
$expired = $this->getQueryNotExpiredToken();
$bind = array_merge($logins, $expired['bind']);
- $tokens = $db->fetchAll("SELECT password FROM " . $this->tokenTable . " WHERE `login` IN (".$placeholder.") and " . $expired['sql'], $bind);
+ $tokens = $db->fetchAll("SELECT password FROM " . $this->tokenTable . " WHERE `login` IN (" . $placeholder . ") and " . $expired['sql'],
+ $bind);
return array_column($tokens, 'password');
}
@@ -388,7 +419,8 @@ class Model
{
$db = $this->getDb();
- return $db->query("DELETE FROM " . $this->tokenTable . " WHERE `idusertokenauth` = ? and login = ?", array($idTokenAuth, $login));
+ return $db->query("DELETE FROM " . $this->tokenTable . " WHERE `idusertokenauth` = ? and login = ?",
+ array($idTokenAuth, $login));
}
public function setTokenAuthWasUsed($tokenAuth, $dateLastUsed)
@@ -406,23 +438,25 @@ class Model
}
$this->updateTokenAuthTable($token['idusertokenauth'], array(
- 'last_used' => $dateLastUsed
+ 'last_used' => $dateLastUsed
));
}
}
- private function updateTokenAuthTable($idTokenAuth, $fields) {
- $set = array();
+ private function updateTokenAuthTable($idTokenAuth, $fields)
+ {
+ $set = array();
$bind = array();
foreach ($fields as $key => $val) {
- $set[] = "`$key` = ?";
+ $set[] = "`$key` = ?";
$bind[] = $val;
}
$bind[] = $idTokenAuth;
$db = $this->getDb();
- $db->query(sprintf('UPDATE `%s` SET %s WHERE `idusertokenauth` = ?', $this->tokenTable, implode(', ', $set)), $bind);
+ $db->query(sprintf('UPDATE `%s` SET %s WHERE `idusertokenauth` = ?', $this->tokenTable, implode(', ', $set)),
+ $bind);
}
public function getUserByEmail($userEmail)
@@ -444,36 +478,42 @@ class Model
}
}
- public function addUser($userLogin, $hashedPassword, $email, $dateRegistered)
+ public function addUser($userLogin, $hashedPassword, $email, $dateRegistered, $inviteStatus = null)
{
$user = array(
- 'login' => $userLogin,
- 'password' => $hashedPassword,
- 'email' => $email,
- 'date_registered' => $dateRegistered,
- 'superuser_access' => 0,
- 'ts_password_modified' => Date::now()->getDatetime(),
- 'idchange_last_viewed' => null
+ 'login' => $userLogin,
+ 'password' => $hashedPassword,
+ 'email' => $email,
+ 'date_registered' => $dateRegistered,
+ 'superuser_access' => 0,
+ 'ts_password_modified' => Date::now()->getDatetime(),
+ 'idchange_last_viewed' => null
);
+
+ if ($inviteStatus) {
+ $user['invite_status'] = 'pending';
+ }
+
$db = $this->getDb();
$db->insert($this->userTable, $user);
+ return $user;
}
public function setSuperUserAccess($userLogin, $hasSuperUserAccess)
{
$this->updateUserFields($userLogin, array(
- 'superuser_access' => $hasSuperUserAccess ? 1 : 0
+ 'superuser_access' => $hasSuperUserAccess ? 1 : 0
));
}
public function updateUserFields($userLogin, $fields)
{
- $set = array();
+ $set = array();
$bind = array();
foreach ($fields as $key => $val) {
- $set[] = "`$key` = ?";
+ $set[] = "`$key` = ?";
$bind[] = $val;
}
@@ -507,7 +547,7 @@ class Model
public function updateUser($userLogin, $hashedPassword, $email)
{
$fields = array(
- 'email' => $email,
+ 'email' => $email,
);
if (!empty($hashedPassword)) {
$fields['password'] = $hashedPassword;
@@ -589,7 +629,8 @@ class Model
$db->query("DELETE FROM " . Common::prefixTable("access") . " WHERE login = ?", $userLogin);
} else {
foreach ($idSites as $idsite) {
- $db->query("DELETE FROM " . Common::prefixTable("access") . " WHERE idsite = ? AND login = ?", [$idsite, $userLogin]);
+ $db->query("DELETE FROM " . Common::prefixTable("access") . " WHERE idsite = ? AND login = ?",
+ [$idsite, $userLogin]);
}
}
}
@@ -628,8 +669,14 @@ class Model
* @param string[]|null $logins the logins to limit the search to (if any)
* @return array
*/
- public function getUsersWithRole($idSite, $limit = null, $offset = null, $pattern = null, $access = null, $logins = null)
- {
+ public function getUsersWithRole(
+ $idSite,
+ $limit = null,
+ $offset = null,
+ $pattern = null,
+ $access = null,
+ $logins = null
+ ) {
$filter = new UserTableFilter($access, $idSite, $pattern, $logins);
list($joins, $bind) = $filter->getJoins('u');
@@ -681,11 +728,19 @@ class Model
$idSites = array_map('intval', $idSites);
$loginSql = 'SELECT DISTINCT ia.login FROM ' . Common::prefixTable('access') . ' ia WHERE ia.idsite IN ('
- . implode(',', $idSites) . ')';
+ . implode(',', $idSites) . ')';
$logins = \Piwik\Db::fetchAll($loginSql);
$logins = array_column($logins, 'login');
return $logins;
}
+ public function getPendingUser($userLogin)
+ {
+ $db = $this->getDb();
+ $sql = "SELECT count(*) FROM " . $this->userTable . " WHERE login = ? and invite_status not like ?";
+ $bind = [$userLogin, 'accept'];
+ return $db->fetchOne($sql, $bind);
+ }
+
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-31 21:02:37 +0300