Magento: app/code/core/Mage/Admin/Model/User.php Source File

00001 <?php
00002 /**
00003  * Magento
00004  *
00005  * NOTICE OF LICENSE
00006  *
00007  * This source file is subject to the Open Software License (OSL 3.0)
00008  * that is bundled with this package in the file LICENSE.txt.
00009  * It is also available through the world-wide-web at this URL:
00010  * http://opensource.org/licenses/osl-3.0.php
00011  * If you did not receive a copy of the license and are unable to
00012  * obtain it through the world-wide-web, please send an email
00013  * to license@magentocommerce.com so we can send you a copy immediately.
00014  *
00015  * DISCLAIMER
00016  *
00017  * Do not edit or add to this file if you wish to upgrade Magento to newer
00018  * versions in the future. If you wish to customize Magento for your
00019  * needs please refer to http://www.magentocommerce.com for more information.
00020  *
00021  * @category    Mage
00022  * @package     Mage_Admin
00023  * @copyright   Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
00024  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
00025  */
00026 
00027 /**
00028  * Admin user model
00029  *
00030  * @category    Mage
00031  * @package     Mage_Admin
00032  * @author      Magento Core Team <core@magentocommerce.com>
00033  */
00034 class Mage_Admin_Model_User extends Mage_Core_Model_Abstract
00035 {
00036     const XML_PATH_FORGOT_EMAIL_TEMPLATE    = 'admin/emails/forgot_email_template';
00037     const XML_PATH_FORGOT_EMAIL_IDENTITY    = 'admin/emails/forgot_email_identity';
00038     const XML_PATH_STARTUP_PAGE             = 'admin/startup/page';
00039 
00040     protected $_eventPrefix = 'admin_user';
00041 
00042     /**
00043      * @var Mage_Admin_Model_Roles
00044      */
00045     protected $_role;
00046 
00047     /**
00048      * Varien constructor
00049      */
00050     protected function _construct()
00051     {
00052         $this->_init('admin/user');
00053     }
00054 
00055     /**
00056      * Save user
00057      *
00058      * @return Mage_Admin_Model_User
00059      */
00060     public function save()
00061     {
00062         $this->_beforeSave();
00063         $data = array(
00064             'firstname' => $this->getFirstname(),
00065             'lastname'  => $this->getLastname(),
00066             'email'     => $this->getEmail(),
00067             'modified'  => now(),
00068             'extra'     => serialize($this->getExtra())
00069         );
00070 
00071         if($this->getId() > 0) {
00072             $data['user_id'] = $this->getId();
00073         }
00074 
00075         if( $this->getUsername() ) {
00076             $data['username'] = $this->getUsername();
00077         }
00078 
00079         if ($this->getPassword()) {
00080             $data['password'] = $this->_getEncodedPassword($this->getPassword());
00081         }
00082 
00083         if ($this->getNewPassword()) {
00084             $data['password'] = $this->_getEncodedPassword($this->getNewPassword());
00085         }
00086         elseif ($this->getPassword()) {
00087             $data['new_password'] = $this->getPassword();
00088         }
00089 
00090         if ( !is_null($this->getIsActive()) ) {
00091             $data['is_active'] = intval($this->getIsActive());
00092         }
00093 
00094         $this->addData($data);
00095         $this->_getResource()->save($this);
00096         $this->_afterSave();
00097         return $this;
00098     }
00099 
00100     /**
00101      * Save admin user extra data (like configuration sections state)
00102      *
00103      * @param   array $data
00104      * @return  Mage_Admin_Model_User
00105      */
00106     public function saveExtra($data)
00107     {
00108         if (is_array($data)) {
00109             $data = serialize($data);
00110         }
00111         $this->_getResource()->saveExtra($this, $data);
00112         return $this;
00113     }
00114 
00115     /**
00116      * Delete user
00117      *
00118      * @return Mage_Admin_Model_User
00119      */
00120     public function delete()
00121     {
00122         $this->_getResource()->delete($this);
00123         return $this;
00124     }
00125 
00126     /**
00127      * Save user roles
00128      *
00129      * @return Mage_Admin_Model_User
00130      */
00131     public function saveRelations()
00132     {
00133         $this->_getResource()->_saveRelations($this);
00134         return $this;
00135     }
00136 
00137     public function getRoles()
00138     {
00139         return $this->_getResource()->getRoles($this);
00140     }
00141 
00142     /**
00143      * Get admin role model
00144      *
00145      * @return Mage_Admin_Model_Roles
00146      */
00147     public function getRole()
00148     {
00149         if (null === $this->_role) {
00150             $this->_role = Mage::getModel('admin/roles');
00151             $roles = $this->getRoles();
00152             if ($roles && isset($roles[0]) && $roles[0]) {
00153                 $this->_role->load($roles[0]);
00154             }
00155         }
00156         return $this->_role;
00157     }
00158 
00159     public function deleteFromRole()
00160     {
00161         $this->_getResource()->deleteFromRole($this);
00162         return $this;
00163     }
00164 
00165     public function roleUserExists()
00166     {
00167         $result = $this->_getResource()->roleUserExists($this);
00168         return ( is_array($result) && count($result) > 0 ) ? true : false;
00169     }
00170 
00171     public function add()
00172     {
00173         $this->_getResource()->add($this);
00174         return $this;
00175     }
00176 
00177     public function userExists()
00178     {
00179         $result = $this->_getResource()->userExists($this);
00180         return ( is_array($result) && count($result) > 0 ) ? true : false;
00181     }
00182 
00183     public function getCollection() {
00184         return Mage::getResourceModel('admin/user_collection');
00185     }
00186 
00187     /**
00188      * Send email with new user password
00189      *
00190      * @return Mage_Admin_Model_User
00191      */
00192     public function sendNewPasswordEmail()
00193     {
00194         $translate = Mage::getSingleton('core/translate');
00195         /* @var $translate Mage_Core_Model_Translate */
00196         $translate->setTranslateInline(false);
00197 
00198         Mage::getModel('core/email_template')
00199             ->setDesignConfig(array('area' => 'adminhtml', 'store' => $this->getStoreId()))
00200             ->sendTransactional(
00201                 Mage::getStoreConfig(self::XML_PATH_FORGOT_EMAIL_TEMPLATE),
00202                 Mage::getStoreConfig(self::XML_PATH_FORGOT_EMAIL_IDENTITY),
00203                 $this->getEmail(),
00204                 $this->getName(),
00205                 array('user' => $this, 'password' => $this->getPlainPassword()));
00206 
00207         $translate->setTranslateInline(true);
00208 
00209         return $this;
00210     }
00211 
00212     public function getName($separator=' ')
00213     {
00214         return $this->getFirstname() . $separator . $this->getLastname();
00215     }
00216 
00217     public function getId()
00218     {
00219         return $this->getUserId();
00220     }
00221 
00222     /**
00223      * Get user ACL role
00224      *
00225      * @return string
00226      */
00227     public function getAclRole()
00228     {
00229         return 'U' . $this->getUserId();
00230     }
00231 
00232     /**
00233      * Authenticate user name and password and save loaded record
00234      *
00235      * @param string $username
00236      * @param string $password
00237      * @return boolean
00238      * @throws Mage_Core_Exception
00239      */
00240     public function authenticate($username, $password)
00241     {
00242         $result = false;
00243         try {
00244             $this->loadByUsername($username);
00245             if ($this->getId() && Mage::helper('core')->validateHash($password, $this->getPassword())) {
00246                 if ($this->getIsActive() != '1') {
00247                     Mage::throwException(Mage::helper('adminhtml')->__('This account is inactive.'));
00248                 }
00249                 if (!$this->hasAssigned2Role($this->getId())) {
00250                     Mage::throwException(Mage::helper('adminhtml')->__('Access Denied.'));
00251                 }
00252                 $result = true;
00253             }
00254 
00255             Mage::dispatchEvent('admin_user_authenticate_after', array(
00256                 'username' => $username,
00257                 'password' => $password,
00258                 'user'     => $this,
00259                 'result'   => $result,
00260             ));
00261         }
00262         catch (Mage_Core_Exception $e) {
00263             $this->unsetData();
00264             throw $e;
00265         }
00266 
00267         if (!$result) {
00268             $this->unsetData();
00269         }
00270         return $result;
00271     }
00272 
00273     /**
00274      * Login user
00275      *
00276      * @param   string $login
00277      * @param   string $password
00278      * @return  Mage_Admin_Model_User
00279      */
00280     public function login($username, $password)
00281     {
00282         if ($this->authenticate($username, $password)) {
00283             $this->getResource()->recordLogin($this);
00284         }
00285         return $this;
00286     }
00287 
00288     public function reload()
00289     {
00290         $id = $this->getId();
00291         $this->setId(null);
00292         $this->load($id);
00293         return $this;
00294     }
00295 
00296     public function loadByUsername($username)
00297     {
00298         $this->setData($this->getResource()->loadByUsername($username));
00299         return $this;
00300     }
00301 
00302     public function hasAssigned2Role($user)
00303     {
00304         return $this->getResource()->hasAssigned2Role($user);
00305     }
00306 
00307     protected function _getEncodedPassword($pwd)
00308     {
00309         return Mage::helper('core')->getHash($pwd, 2);
00310     }
00311 
00312     /**
00313      * Find first menu item that user is able to access
00314      *
00315      * @param Mage_Core_Model_Config_Element $parent
00316      * @param string $path
00317      * @param integer $level
00318      * @return string
00319      */
00320     public function findFirstAvailableMenu($parent=null, $path='', $level=0)
00321     {
00322         if ($parent == null) {
00323             $parent = Mage::getConfig()->getNode('adminhtml/menu');
00324         }
00325         foreach ($parent->children() as $childName=>$child) {
00326             $aclResource = 'admin/' . $path . $childName;
00327             if (Mage::getSingleton('admin/session')->isAllowed($aclResource)) {
00328                 if (!$child->children) {
00329                     return (string)$child->action;
00330                 } else if ($child->children) {
00331                     $action = $this->findFirstAvailableMenu($child->children, $path . $childName . '/', $level+1);
00332                     return $action ? $action : (string)$child->action;
00333                 }
00334             }
00335         }
00336     }
00337 
00338     /**
00339      * Find admin start page url
00340      *
00341      * @deprecated Please use getStartupPageUrl() method instead
00342      * @see getStartupPageUrl()
00343      * @return string
00344      */
00345     public function getStatrupPageUrl()
00346     {
00347         return $this->getStartupPageUrl();
00348     }
00349 
00350     /**
00351      * Find admin start page url
00352      *
00353      * @return string
00354      */
00355     public function getStartupPageUrl()
00356     {
00357         $startupPage = Mage::getStoreConfig(self::XML_PATH_STARTUP_PAGE);
00358         $aclResource = 'admin/' . $startupPage;
00359         if (Mage::getSingleton('admin/session')->isAllowed($aclResource)) {
00360             $nodePath = 'adminhtml/menu/' . join('/children/', split('/', $startupPage)) . '/action';
00361             if ($url = Mage::getConfig()->getNode($nodePath)) {
00362                 return $url;
00363             }
00364         }
00365         return $this->findFirstAvailableMenu();
00366     }
00367 
00368 }