Magento: app/code/core/Mage/Admin/Model/Mysql4/User.php Source File

00001 <?php
00002 /**
00003  * Magento
00004  *
00005  * NOTICE OF LICENSE
00006  *
00007  * This source file is subject to the Open Software License (OSL 3.0)
00008  * that is bundled with this package in the file LICENSE.txt.
00009  * It is also available through the world-wide-web at this URL:
00010  * http://opensource.org/licenses/osl-3.0.php
00011  * If you did not receive a copy of the license and are unable to
00012  * obtain it through the world-wide-web, please send an email
00013  * to license@magentocommerce.com so we can send you a copy immediately.
00014  *
00015  * DISCLAIMER
00016  *
00017  * Do not edit or add to this file if you wish to upgrade Magento to newer
00018  * versions in the future. If you wish to customize Magento for your
00019  * needs please refer to http://www.magentocommerce.com for more information.
00020  *
00021  * @category   Mage
00022  * @package    Mage_Admin
00023  * @copyright  Copyright (c) 2008 Irubin Consulting Inc. DBA Varien (http://www.varien.com)
00024  * @license    http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
00025  */
00026 
00027 /**
00028  * ACL user resource
00029  *
00030  * @category   Mage
00031  * @package    Mage_Admin
00032  * @author      Magento Core Team <core@magentocommerce.com>
00033  */
00034 class Mage_Admin_Model_Mysql4_User extends Mage_Core_Model_Mysql4_Abstract
00035 {
00036 
00037     protected function _construct()
00038     {
00039         $this->_init('admin/user', 'user_id');
00040     }
00041 
00042     /**
00043      * Initialize unique fields
00044      *
00045      * @return Mage_Core_Model_Mysql4_Abstract
00046      */
00047     protected function _initUniqueFields()
00048     {
00049         $this->_uniqueFields = array(
00050             array(
00051                 'field' => 'email',
00052                 'title' => Mage::helper('adminhtml')->__('Email')
00053             ),
00054             array(
00055                 'field' => 'username',
00056                 'title' => Mage::helper('adminhtml')->__('User Name')
00057             ),
00058         );
00059         return $this;
00060     }
00061 
00062     /**
00063      * Authenticate user by $username and $password
00064      *
00065      * @param string $username
00066      * @param string $password
00067      * @return boolean|Object
00068      */
00069     public function recordLogin(Mage_Admin_Model_User $user)
00070     {
00071         $data = array(
00072             'logdate' => now(),
00073             'lognum'  => $user->getLognum()+1
00074         );
00075         $condition = $this->_getWriteAdapter()->quoteInto('user_id=?', $user->getUserId());
00076         $this->_getWriteAdapter()->update($this->getTable('admin/user'), $data, $condition);
00077         return $this;
00078     }
00079 
00080     public function loadByUsername($username)
00081     {
00082         $select = $this->_getReadAdapter()->select()->from($this->getTable('admin/user'))
00083             ->where('username=:username');
00084         return $this->_getReadAdapter()->fetchRow($select, array('username'=>$username));
00085     }
00086 
00087     public function hasAssigned2Role($user)
00088     {
00089         if (is_numeric($user)) {
00090             $userId = $user;
00091         } else if ($user instanceof Mage_Core_Model_Abstract) {
00092             $userId = $user->getUserId();
00093         } else {
00094             return null;
00095         }
00096 
00097         if ( $userId > 0 ) {
00098             $dbh = $this->_getReadAdapter();
00099             $select = $dbh->select();
00100             $select->from($this->getTable('admin/role'))
00101                 ->where("parent_id > 0 AND user_id = {$userId}");
00102             return $dbh->fetchAll($select);
00103         } else {
00104             return null;
00105         }
00106     }
00107 
00108     private function _encryptPassword($pwStr)
00109     {
00110         return Mage::helper('core')->getHash($pwStr, 2);
00111     }
00112 
00113     protected function _beforeSave(Mage_Core_Model_Abstract $user)
00114     {
00115         if (!$user->getId()) {
00116             $user->setCreated(now());
00117         }
00118         $user->setModified(now());
00119         return $this;
00120     }
00121 
00122     protected function _afterSave(Mage_Core_Model_Abstract $user)
00123     {
00124         $user->setExtra(unserialize($user->getExtra()));
00125         return $this;
00126     }
00127 
00128     protected function _afterLoad(Mage_Core_Model_Abstract $user)
00129     {
00130         if (is_string($user->getExtra())) {
00131             $user->setExtra(unserialize($user->getExtra()));
00132         }
00133         return parent::_afterLoad($user);
00134     }
00135 
00136     public function load(Mage_Core_Model_Abstract $user, $value, $field=null)
00137     {
00138 //        if (!intval($value) && is_string($value)) {
00139 //            $field = 'user_id';
00140 //        }
00141         return parent::load($user, $value, $field);
00142     }
00143 
00144     public function delete(Mage_Core_Model_Abstract $user)
00145     {
00146         $dbh = $this->_getWriteAdapter();
00147         $uid = $user->getId();
00148         $dbh->beginTransaction();
00149         try {
00150             $dbh->delete($this->getTable('admin/user'), "user_id=$uid");
00151             $dbh->delete($this->getTable('admin/role'), "user_id=$uid");
00152         } catch (Mage_Core_Exception $e) {
00153             throw $e;
00154             return false;
00155         } catch (Exception $e){
00156             $dbh->rollBack();
00157             return false;
00158         }
00159         $dbh->commit();
00160         return true;
00161     }
00162 
00163     /**
00164      * TODO: unify _saveRelations() and add() methods, they make same things
00165      */
00166     public function _saveRelations(Mage_Core_Model_Abstract $user)
00167     {
00168         $rolesIds = $user->getRoleIds();
00169 
00170         if( !is_array($rolesIds) || count($rolesIds) == 0 ) {
00171             return $user;
00172         }
00173 
00174         $this->_getWriteAdapter()->beginTransaction();
00175 
00176         try {
00177             $this->_getWriteAdapter()->delete($this->getTable('admin/role'), "user_id = {$user->getId()}");
00178             foreach ($rolesIds as $rid) {
00179                 $rid = intval($rid);
00180                 if ($rid > 0) {
00181                     $row = Mage::getModel('admin/role')->load($rid)->getData();
00182                 } else {
00183                     $row = array('tree_level' => 0);
00184                 }
00185 
00186                 $data = array(
00187                     'parent_id'     => $rid,
00188                     'tree_level'    => $row['tree_level'] + 1,
00189                     'sort_order'    => 0,
00190                     'role_type'     => 'U',
00191                     'user_id'       => $user->getId(),
00192                     'role_name'     => $user->getFirstname()
00193                 );
00194                 $this->_getWriteAdapter()->insert($this->getTable('admin/role'), $data);
00195             }
00196             $this->_getWriteAdapter()->commit();
00197         } catch (Mage_Core_Exception $e) {
00198             throw $e;
00199         } catch (Exception $e){
00200             $this->_getWriteAdapter()->rollBack();
00201         }
00202     }
00203 
00204     public function getRoles(Mage_Core_Model_Abstract $user)
00205     {
00206         if ( !$user->getId() ) {
00207             return array();
00208         }
00209         $table  = $this->getTable('admin/role');
00210         $read   = $this->_getReadAdapter();
00211         $select = $read->select()->from($table, array())
00212                     ->joinLeft(array('ar' => $table), "(ar.role_id = `{$table}`.parent_id and ar.role_type = 'G')", array('role_id'))
00213                     ->where("`{$table}`.user_id = {$user->getId()}");
00214 
00215         return (($roles = $read->fetchCol($select)) ? $roles : array());
00216     }
00217 
00218     public function add(Mage_Core_Model_Abstract $user)
00219     {
00220         $dbh = $this->_getWriteAdapter();
00221 
00222         $aRoles = $this->hasAssigned2Role($user);
00223         if ( sizeof($aRoles) > 0 ) {
00224             foreach($aRoles as $idx => $data){
00225                 $dbh->delete($this->getTable('admin/role'), "role_id = {$data['role_id']}");
00226             }
00227         }
00228 
00229         if ($user->getId() > 0) {
00230             $role = Mage::getModel('admin/role')->load($user->getRoleId());
00231         } else {
00232             $role = new Varien_Object();
00233             $role->setTreeLevel(0);
00234         }
00235         $dbh->insert($this->getTable('admin/role'), array(
00236             'parent_id' => $user->getRoleId(),
00237             'tree_level'=> ($role->getTreeLevel() + 1),
00238             'sort_order'=> 0,
00239             'role_type' => 'U',
00240             'user_id'   => $user->getUserId(),
00241             'role_name' => $user->getFirstname()
00242         ));
00243 
00244         return $this;
00245     }
00246 
00247     public function deleteFromRole(Mage_Core_Model_Abstract $user)
00248     {
00249         if ( $user->getUserId() <= 0 ) {
00250             return $this;
00251         }
00252         if ( $user->getRoleId() <= 0 ) {
00253             return $this;
00254         }
00255         $dbh = $this->_getWriteAdapter();
00256         $condition = "`{$this->getTable('admin/role')}`.user_id = ".$dbh->quote($user->getUserId())." AND `{$this->getTable('admin/role')}`.parent_id = ".$dbh->quote($user->getRoleId());
00257         $dbh->delete($this->getTable('admin/role'), $condition);
00258         return $this;
00259     }
00260 
00261     public function roleUserExists(Mage_Core_Model_Abstract $user)
00262     {
00263         if ( $user->getUserId() > 0 ) {
00264             $roleTable = $this->getTable('admin/role');
00265             $dbh    = $this->_getReadAdapter();
00266             $select = $dbh->select()->from($roleTable)
00267                 ->where("parent_id = {$user->getRoleId()} AND user_id = {$user->getUserId()}");
00268             return $dbh->fetchCol($select);
00269         } else {
00270             return array();
00271         }
00272     }
00273 
00274     public function userExists(Mage_Core_Model_Abstract $user)
00275     {
00276         $usersTable = $this->getTable('admin/user');
00277         $select = $this->_getReadAdapter()->select();
00278         $select->from($usersTable);
00279         $select->where("({$usersTable}.username = '{$user->getUsername()}' OR {$usersTable}.email = '{$user->getEmail()}') AND {$usersTable}.user_id != '{$user->getId()}'");
00280         return $this->_getReadAdapter()->fetchRow($select);
00281     }
00282 
00283     public function saveExtra($object, $data)
00284     {
00285         if ($object->getId()) {
00286             $this->_getWriteAdapter()->update($this->getMainTable(), array('extra'=>$data));
00287         }
00288         return $this;
00289     }
00290 }