demos/time-tracker/protected/App_Code/Dao/UserDao.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

<?php
/**
 * User Dao class file.
 *
 * @author Wei Zhuo <weizhuo[at]gmail[dot]com>
 * @link http://www.pradosoft.com/
 * @copyright Copyright &copy; 2005-2006 PradoSoft
 * @license http://www.pradosoft.com/license/
 * @package Demos
 */

/**
 * UserDao class list, create, find and delete users.
 * In addition, it can validate username and password, and update
 * the user roles. Furthermore, a unique new token can be generated,
 * this token can be used to perform persistent cookie login.
 *
 * @author Wei Zhuo <weizhuo[at]gmail[dot]com>
 * @package Demos
 * @since 3.1
 */
class UserDao extends BaseDao
{
	/**
	 * @param string username
	 * @return TimeTrackerUser find by user name, null if not found or disabled.
	 */
	public function getUserByName($username)
	{
		$sqlmap = $this->getSqlMap();
		return $sqlmap->queryForObject('GetUserByName', $username);
	}

	/**
	 * @param string username
	 * @return boolean true if username already exists, false otherwise.
	 */
	public function usernameExists($username)
	{
		$sqlmap = $this->getSqlMap();
		return $sqlmap->queryForObject('UsernameExists', $username);
	}

	/**
	 * @return array list of all enabled users.
	 */
	public function getAllUsers()
	{
		$sqlmap = $this->getSqlMap();
		return $sqlmap->queryForList('GetAllUsers');
	}

	/**
	 * @param TimeTrackerUser new user details.
	 * @param string new user password.
	 */
	public function addNewUser($user, $password)
	{
		$sqlmap = $this->getSqlMap();
		$param['user'] = $user;
		$param['password'] = md5($password);
		$sqlmap->insert('AddNewUser', $param);
		if(count($user->getRoles()) > 0)
			$this->updateUserRoles($user);
	}

	/**
	 * @param string username to delete
	 */
	public function deleteUserByName($username)
	{
		$sqlmap = $this->getSqlMap();
		$sqlmap->delete('DeleteUserByName', $username);
	}

	/**
	 * Updates the user profile details, including user roles.
	 * @param TimeTrackerUser updated user details.
	 * @param string new user password, null to avoid updating password.
	 */
	public function updateUser($user,$password=null)
	{
		$sqlmap = $this->getSqlMap();
		if($password !== null)
		{
			$param['user'] = $user;
			$param['password'] = md5($password);
			$sqlmap->update('UpdateUserDetailsAndPassword', $param);
		}
		else
		{
			$sqlmap->update('UpdateUserDetails', $user);
		}
		$this->updateUserRoles($user);
	}

	/**
	 * @param string username to be validated
	 * @param string matching password
	 * @return boolean true if the username and password matches.
	 */
	public function validateUser($username, $password)
	{
		$sqlmap = $this->getSqlMap();
		$param['username'] = $username;
		$param['password'] = md5($password);
		return $sqlmap->queryForObject('ValidateUser', $param);
	}

	/**
	 * @param string unique persistent session token
	 * @return TimeTrackerUser user details if valid token, null otherwise.
	 */
	public function validateSignon($token)
	{
		$sqlmap = $this->getSqlMap();
		$sqlmap->update('UpdateSignon', $token);
		return $sqlmap->queryForObject('ValidateAutoSignon', $token);
	}

	/**
	 * @param TimeTrackerUser user details to generate the token
	 * @return string unique persistent login token.
	 */
	public function createSignonToken($user)
	{
		$sqlmap = $this->getSqlMap();
		$param['username'] = $user->getName();
		$param['token'] = md5(microtime().$param['username']);
		$sqlmap->insert('RegisterAutoSignon', $param);
		return $param['token'];
	}

	/**
	 * @param TimeTrackerUser deletes all signon token for given user, null to delete all
	 * tokens.
	 */
	public function clearSignonTokens($user=null)
	{
		$sqlmap = $this->getSqlMap();
		if($user !== null)
			$sqlmap->delete('DeleteAutoSignon', $user->getName());
		else
			$sqlmap->delete('DeleteAllSignon');
	}

	/**
	 * @param TimeTrackerUser user details for updating the assigned roles.
	 */
	public function updateUserRoles($user)
	{
		$sqlmap = $this->getSqlMap();
		$sqlmap->delete('DeleteUserRoles', $user);
		foreach($user->getRoles() as $role)
		{
			$param['username'] = $user->getName();
			$param['role'] = $role;
			$sqlmap->update('AddUserRole', $param);
		}
	}
}