summaryrefslogtreecommitdiff
path: root/app/Api/UserApi.php
blob: 6cb9df1c35600a4d7635fc2c8cbdfcf2d2dbd494 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
<?php

namespace Kanboard\Api;

use LogicException;
use Kanboard\Core\Security\Role;
use Kanboard\Core\Ldap\Client as LdapClient;
use Kanboard\Core\Ldap\ClientException as LdapException;
use Kanboard\Core\Ldap\User as LdapUser;

/**
 * User API controller
 *
 * @package  Kanboard\Api
 * @author   Frederic Guillot
 */
class UserApi extends BaseApi
{
    public function getUser($user_id)
    {
        return $this->userModel->getById($user_id);
    }

    public function getUserByName($username)
    {
        return $this->userModel->getByUsername($username);
    }

    public function getAllUsers()
    {
        return $this->userModel->getAll();
    }

    public function removeUser($user_id)
    {
        return $this->userModel->remove($user_id);
    }

    public function disableUser($user_id)
    {
        return $this->userModel->disable($user_id);
    }

    public function enableUser($user_id)
    {
        return $this->userModel->enable($user_id);
    }

    public function isActiveUser($user_id)
    {
        return $this->userModel->isActive($user_id);
    }

    public function createUser($username, $password, $name = '', $email = '', $role = Role::APP_USER)
    {
        $values = array(
            'username' => $username,
            'password' => $password,
            'confirmation' => $password,
            'name' => $name,
            'email' => $email,
            'role' => $role,
        );

        list($valid, ) = $this->userValidator->validateCreation($values);
        return $valid ? $this->userModel->create($values) : false;
    }

    /**
     * Create LDAP user in the database
     *
     * Only "anonymous" and "proxy" LDAP authentication are supported by this method
     *
     * User information will be fetched from the LDAP server
     *
     * @access public
     * @param  string $username
     * @return bool|int
     */
    public function createLdapUser($username)
    {
        if (LDAP_BIND_TYPE === 'user') {
            $this->logger->error('LDAP authentication "user" is not supported by this API call');
            return false;
        }

        try {

            $ldap = LdapClient::connect();
            $ldap->setLogger($this->logger);
            $user = LdapUser::getUser($ldap, $username);

            if ($user === null) {
                $this->logger->info('User not found in LDAP server');
                return false;
            }

            if ($user->getUsername() === '') {
                throw new LogicException('Username not found in LDAP profile, check the parameter LDAP_USER_ATTRIBUTE_USERNAME');
            }

            $values = array(
                'username' => $user->getUsername(),
                'name' => $user->getName(),
                'email' => $user->getEmail(),
                'role' => $user->getRole(),
                'is_ldap_user' => 1,
            );

            return $this->userModel->create($values);

        } catch (LdapException $e) {
            $this->logger->error($e->getMessage());
            return false;
        }
    }

    public function updateUser($id, $username = null, $name = null, $email = null, $role = null)
    {
        $values = $this->filterValues(array(
            'id' => $id,
            'username' => $username,
            'name' => $name,
            'email' => $email,
            'role' => $role,
        ));

        list($valid, ) = $this->userValidator->validateApiModification($values);
        return $valid && $this->userModel->update($values);
    }
}