2 namespace wcf\data\user
;
3 use wcf\data\user\group\UserGroup
;
4 use wcf\data\AbstractDatabaseObjectAction
;
5 use wcf\data\IClipboardAction
;
6 use wcf\data\ISearchAction
;
7 use wcf\system\clipboard\ClipboardHandler
;
8 use wcf\system\database\util\PreparedStatementConditionBuilder
;
9 use wcf\system\exception\PermissionDeniedException
;
10 use wcf\system\exception\UserInputException
;
12 use wcf\util\StringUtil
;
15 * Executes user-related actions.
17 * @author Alexander Ebert
18 * @copyright 2001-2012 WoltLab GmbH
19 * @license GNU Lesser General Public License <http://opensource.org/licenses/lgpl-license.php>
20 * @package com.woltlab.wcf
21 * @subpackage data.user
22 * @category Community Framework
24 class UserAction
extends AbstractDatabaseObjectAction
implements IClipboardAction
, ISearchAction
{
26 * @see wcf\data\AbstractDatabaseObjectAction::$className
28 public $className = 'wcf\data\user\UserEditor';
31 * @see wcf\data\AbstractDatabaseObjectAction::$permissionsCreate
33 protected $permissionsCreate = array('admin.user.canAddUser');
36 * @see wcf\data\AbstractDatabaseObjectAction::$permissionsDelete
38 protected $permissionsDelete = array('admin.user.canDeleteUser');
41 * @see wcf\data\AbstractDatabaseObjectAction::$permissionsUpdate
43 protected $permissionsUpdate = array('admin.user.canEditUser');
46 * Validates permissions and parameters.
48 public function validateCreate() {
49 if (!isset($this->parameters
['data']['password'])) {
50 throw new UserInputException('password');
55 * Validates permissions and parameters.
57 public function validateDelete() {
58 // read and validate user objects
59 parent
::validateDelete();
62 foreach ($this->objects
as $user) {
63 // you cannot delete yourself
64 if ($user->userID
== WCF
::getUser()->userID
) {
68 $userIDs[] = $user->userID
;
71 // list might be empty because only our own user id was given
72 if (empty($userIDs)) {
73 throw new UserInputException('objectIDs');
77 $conditions = new PreparedStatementConditionBuilder();
78 $conditions->add("userID IN (?)", array($userIDs));
80 $sql = "SELECT DISTINCT groupID
81 FROM wcf".WCF_N
."_user_to_group
83 $statement = WCF
::getDB()->prepareStatement($sql);
84 $statement->execute($conditions->getParameters());
87 while ($row = $statement->fetchArray()) {
88 $groupIDs[] = $row['groupID'];
91 if (!UserGroup
::isAccessibleGroup($groupIDs)) {
92 throw new PermissionDeniedException();
97 * Validates permissions and parameters.
99 public function validateUpdate() {
101 if (empty($this->objects
)) {
102 $this->readObjects();
104 if (empty($this->objects
)) {
105 throw new UserInputException('objectIDs');
110 WCF
::getSession()->checkPermissions($this->permissionsUpdate
);
112 catch (PermissionDeniedException
$e) {
113 // check if we're editing ourselves
114 if (count($this->objects
) == 1 && ($this->objects
[0]->userID
== WCF
::getUser()->userID
)) {
115 $count = count($this->parameters
);
116 if ($count > 1 ||
($count == 1 && !isset($this->parameters
['options']))) {
117 throw new PermissionDeniedException();
121 throw new PermissionDeniedException();
126 * Creates a new user.
130 public function create() {
131 $user = parent
::create();
132 $userEditor = new UserEditor($user);
134 // updates user options
135 if (isset($this->parameters
['options'])) {
136 $userEditor->updateUserOptions($this->parameters
['options']);
139 // insert user groups
140 $addDefaultGroups = (isset($this->parameters
['addDefaultGroups'])) ?
$this->parameters
['addDefaultGroups'] : true;
141 $groupIDs = (isset($this->parameters
['groups'])) ?
$this->parameters
['groups'] : array();
142 $userEditor->addToGroups($groupIDs, false, $addDefaultGroups);
144 // insert visible languages
145 $languageIDs = (isset($this->parameters
['languages'])) ?
$this->parameters
['languages'] : array();
146 $userEditor->addToLanguages($languageIDs);
152 * @see wcf\data\AbstractDatabaseObjectAction::update()
154 public function update() {
155 if (isset($this->parameters
['data'])) {
158 if (isset($this->parameters
['data']['languageID'])) {
159 foreach ($this->objects
as $object) {
160 if ($object->userID
== WCF
::getUser()->userID
) {
161 if ($this->parameters
['data']['languageID'] != WCF
::getUser()->languageID
) {
162 WCF
::setLanguage($this->parameters
['data']['languageID']);
171 if (empty($this->objects
)) {
172 $this->readObjects();
176 $groupIDs = (isset($this->parameters
['groups'])) ?
$this->parameters
['groups'] : array();
177 $languageIDs = (isset($this->parameters
['languageIDs'])) ?
$this->parameters
['languageIDs'] : array();
178 $removeGroups = (isset($this->parameters
['removeGroups'])) ?
$this->parameters
['removeGroups'] : array();
179 $userOptions = (isset($this->parameters
['options'])) ?
$this->parameters
['options'] : array();
181 foreach ($this->objects
as $userEditor) {
182 if (!empty($groupIDs)) {
183 $userEditor->addToGroups($groupIDs);
186 if (!empty($removeGroups)) {
187 $userEditor->removeFromGroups($removeGroups);
190 if (!empty($userOptions)) {
191 $userEditor->updateUserOptions($userOptions);
194 if (!empty($languageIDs)) {
195 $userEditor->addToLanguages($languageIDs);
201 * @see wcf\data\ISearchAction::validateGetSearchResultList()
203 public function validateGetSearchResultList() {
204 if (!isset($this->parameters
['data']['searchString'])) {
205 throw new UserInputException('searchString');
208 if (!isset($this->parameters
['data']['includeUserGroups'])) {
209 throw new UserInputException('includeUserGroups');
212 if (isset($this->parameters
['data']['excludedSearchValues']) && !is_array($this->parameters
['data']['excludedSearchValues'])) {
213 throw new UserInputException('excludedSearchValues');
218 * @see wcf\data\ISearchAction::getSearchResultList()
220 public function getSearchResultList() {
221 $searchString = $this->parameters
['data']['searchString'];
222 $excludedSearchValues = array();
223 if (isset($this->parameters
['data']['excludedSearchValues'])) {
224 $excludedSearchValues = $this->parameters
['data']['excludedSearchValues'];
228 if ($this->parameters
['data']['includeUserGroups']) {
229 $accessibleGroups = UserGroup
::getAccessibleGroups();
230 foreach ($accessibleGroups as $group) {
231 $groupName = $group->getName();
232 if (!in_array($groupName, $excludedSearchValues)) {
233 $pos = StringUtil
::indexOfIgnoreCase($groupName, $searchString);
234 if ($pos !== false && $pos == 0) {
236 'label' => $groupName,
237 'objectID' => $group->groupID
,
245 $conditionBuilder = new PreparedStatementConditionBuilder();
246 $conditionBuilder->add("username LIKE ?", array($searchString.'%'));
247 if (!empty($excludedSearchValues)) {
248 $conditionBuilder->add("username NOT IN (?)", array($excludedSearchValues));
252 $sql = "SELECT userID, username
253 FROM wcf".WCF_N
."_user
255 $statement = WCF
::getDB()->prepareStatement($sql, 10); /* TODO: add limit parameter */
256 $statement->execute($conditionBuilder->getParameters());
257 while ($row = $statement->fetchArray()) {
259 'label' => $row['username'],
260 'objectID' => $row['userID'],
269 * @see wcf\data\IClipboardAction::validateUnmarkAll()
271 public function validateUnmarkAll() {
276 * @see wcf\data\IClipboardAction::unmarkAll()
278 public function unmarkAll() {
279 ClipboardHandler
::getInstance()->removeItems(ClipboardHandler
::getInstance()->getObjectTypeID('com.woltlab.wcf.user'));