<?php
/**
 * User management class
 * 
 *
 * @author gERD Schaufelberger <gerd@exit0.net>
 * @copyright 2004 by gERD Schaufelberger
 * @package wombatSite
 * @subpackage user
 */
 
/**
 * User authentification and basic utilities
 *
 * This class provides required functionality to handle login, logout.
 * Furthermore it provides interfaces to reciece detailed user information
 * and automatically handles meta data like time of last login. It also
 * implents interfaces to check user flags and groups membership - used
 * by authentication modules.
 *
 * The derived class wbUser_Admin extends the funktionality to maintain user
 * accounts etc.
 *
 * This class is follows a very lean design. This allows you to include and
 * instatiate it on every request (this is usually what you need for if you
 * have user support on your website) . Therefore wbUser used database connection
 * on login and to load the group-membership. During normal operation (no login)
 * wbUser just requires patSession which buffers all required user data.
 * 
 * Note: This results, that changes in database take effect after relogin!
 *
 * @version 0.3
 * @package wombatSite
 * @subpackage user
 */
class wbUser
{
   /**
	* patSession object
	* @var	object	$_sess
	*/
	var	$_sess = null;
	
   /**
	* datasource object
	* @access private
	* @var	object	$_ds
	*/
	var	$_ds = null;
	
   /**
	* user-id
	* @access private
	* @var	int	$id
	*/
	var	$_id = null;

   /**
	* user-data
	* @access private
	* @var	array $user associative array contains primary user information
	*/
	var	$_user = null;

   /**
	* associated groups
	* @access private
	* @var	array $groups list of groups
	*/
	var	$_groups = null;

   /**
	* list of user-flags
	* @access private
	* @var	array $flags list of flags in user-config
	*/
	var	$_flags = null;

   /**
	* required flags
	* use "!" as first letter of a flag to negate
	* @access protected
	* @var	array $flags required flags for login
	*/
	var	$_flagsReqiured = array( 'enabled', '!new', '!deleted', 'approved' );
	
   /**
	* constructor
	* loads session-handler and seeks for already authenticated user
	* 
	* @access public
	*/
    function __construct( $flags = null ) {
		$this->setRequiredFlags( $flags );
		$this->_sess	=&	wbFactory::singleton( 'patSession' );

		// check for valid session
		$sessState		=	$this->_sess->getState();
		if( $sessState !== 'active' ) {
			$this->_sess->fork();
			$this->logoff();
		}
		
		$auth				=	$this->_sess->get( 'wbuser_authenticated' );
		if( $auth ) {
			$this->_id		=	$this->_sess->get( 'wbuser_id' );
			$this->_user	=	$this->_sess->get( 'wbuser_data' );
			$this->_groups	=	$this->_sess->get( 'wbuser_groups' );
			$this->_flags	=	explode( ',', $this->_user['flags'] );
		}
		
    }

   /**
	* php4-constructor 
	* 
	* @access public
	*/
    function wbUser(  $flags = null ) {
		$this->__construct(  $flags );
    }

   /**
    * configure which flags are required
	*
	* @access private
	* @param string $flags comma sepertatred list of needed flags
	* @return boolean $result true on success
	* @see $_flagsRequired
	*/
    function setRequiredFlags( $flags )
    {
		if( $flags === null ) {
			return false;
		}
		
	    $this->_flagsReqiured	=	explode( ',', $flags );
		return true;
    }

   /**
	* isAuthenticated
	*
	* @access private
	* @return boolean $result true if user is logged in
	*/
    function isAuthenticated()
    {
		$auth	=	$this->_sess->get( 'wbuser_authenticated' );
		if( $auth ) {
			return true;
		}
		
		return false;
    }
	
   /**
	* recieve user id
	*
	* @access private
	* @return int $id the user-id
	*/
    function getUserId()
    {
		if( $this->_id ) {
			return $this->_id;
		}
		
		return false;
    }

   /**
	* recieve user data
	*
	* @access private
	* @return array $user primary data of the logged in user, if any
	*/
    function getUserData()
    {
		if( $this->_id ) {
			return $this->_user;
		}
		return false;
    }

   /**
	* check whether a flag is set or not
	*
	* @access public
	* @param string $flag name of the flag
	* @return boolean $result true if the flag is set
	*/
    function checkFlag( $flag )
    {
		if( $this->_id ) {
			return in_array( $flag, $this->_flags );
		}
		
        return false;
    }

   /**
	* check whether the user is in group
	*     
	* @access public
	* @param string $group named group
	* @return boolean $result true if the flag is set
	*/
    function checkGroup( $group )
    {
		if( $this->_id ) {
			return in_array( $group, $this->_groups );
		}
		
        return false;
    }

   /**
	* login
	*
	* @access public
	* @return boolean $result true on success
	*/
    function login( $user, $pass ) {

		if( $this->_id !== null ) {
	        return $this->_id;
		}
		
		$clause	=	array(
							array( 'field' => 'user', 'value' => $user ),
							array( 'field' => 'password', 'value' => md5( $pass ) ),
						);
				
		// add requried flags to query		
		foreach( $this->_flagsReqiured as $req ) {
			$relation	=	'in_set';
			if( $req[0] === '!' ) {
				$relation	=	'not_in_set';
				$req		=	substr( $req, 1 );
			}
			array_push( $clause, array( 'field' => 'flags', 'value' => $req, 'relation' => $relation ) );
		}
        
        // load datasource - if not already done				
		if( $this->_ds === null ) {
			$this->_ds	=&	wbFactory::create( 'wbDatasource' );
		}

		$user	=	$this->_ds->getEntry( 'user', null, null, $clause );
		if( patErrorManager::isError( $user ) ) {
			return $user;
		}
		// login failed - got wrong number of entries
		if( is_numeric( $user ) ) {
			return false;
		}

		// fork session after successful authentication
		$this->_sess->fork();
		
		$primary		=	$this->_ds->getPrimaryKey( 'user' );
		
		// collect data
		$this->_id		=	(int) $user[$primary];
		$this->_user	=	$user;
		$this->_flags	=	explode( ',', $this->_user['flags'] );
		$groups			=	$this->getGroups( $this->_id );
		
		$this->_groups	=	array();
		foreach( $groups as $group ) {
			array_push( $this->_groups, $group['groupname'] );
		}
		
		if( $this->_user['recent'] === '0000-00-00 00:00:00' ) {
			$this->_user['recent']	=	$this->_user['created'];
		}
		
		// save current login
		$data	=	array(
							'recent'	=>	date( 'Y-m-d H:i:s' ) 
						);
		
		$result	=	$this->_ds->save( 'user', $this->_id, $data );
		
		$this->_sess->set( 'wbuser_authenticated', true );
		$this->_sess->set( 'wbuser_id', $this->_id );
		$this->_sess->set( 'wbuser_data', $this->_user );
		$this->_sess->set( 'wbuser_groups', $this->_groups );
		
        return $this->_id;
    }
	
   /**
	* logoff
	*
	* @access public
	* @return boolean $result true on success
	*/
    function logoff() {
		$this->_id	=	null;
		$this->_sess->clear( 'wbuser_authenticated' );
		$this->_sess->clear( 'wbuser_id' );
		$this->_sess->clear( 'wbuser_data' );
		$this->_sess->clear( 'wbuser_groups' );
		
        return null;
    }

   /**
    * get groups a user belong to
	*
	* @access private
	* @param int $uid id of the user
	* @return array $groups list of groups
	*/
    function getGroups( $uid = null ) {
		if( $this->_ds === null ) {
			$this->_ds	=&	wbFactory::create( 'wbDatasource' );
		}

		if( $uid ) {
			$primary	=	$this->_ds->getPrimaryKey( 'user' );
			$clause	=	array(
					array( 'field' => $primary, 'value' => $uid )
				);
			return	$this->_ds->getEntries( 'usergroup', null, $clause );
		}
		return $this->_ds->getEntries( 'group' );
    }
}
?>