summaryrefslogtreecommitdiffstats
path: root/application/service/user.php
diff options
context:
space:
mode:
Diffstat (limited to 'application/service/user.php')
-rw-r--r--application/service/user.php128
1 files changed, 128 insertions, 0 deletions
diff --git a/application/service/user.php b/application/service/user.php
new file mode 100644
index 000000000..1d678106a
--- /dev/null
+++ b/application/service/user.php
@@ -0,0 +1,128 @@
+<?php
+/*
+ * Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
+ *
+ * Licensed under AGPLv3
+ * (see COPYING for full license text)
+ *
+ */
+
+namespace service;
+
+class user {
+
+ /**
+ * Create a new api key.
+ *
+ * Refer to Muser->get_access_levels() for a list of valid access levels.
+ *
+ * @param userid ID of the user
+ * @param comment free text comment describing the api key/it's usage/allowing to identify the key
+ * @param access_level access level of the key
+ * @return the new key
+ */
+ static public function create_apikey($userid, $comment, $access_level)
+ {
+ $CI =& get_instance();
+
+ $valid_levels = $CI->muser->get_access_levels();
+ if (array_search($access_level, $valid_levels) === false) {
+ throw new \exceptions\UserInputException("user/validation/access_level/invalid", "Invalid access levels requested.");
+ }
+
+ if (strlen($comment) > 255) {
+ throw new \exceptions\UserInputException("user/validation/comment/too-long", "Comment may only be 255 chars long.");
+ }
+
+ $key = random_alphanum(32);
+
+ $CI->db->set(array(
+ 'key' => $key,
+ 'user' => $userid,
+ 'comment' => $comment,
+ 'access_level' => $access_level
+ ))
+ ->insert('apikeys');
+
+ return $key;
+ }
+
+ /**
+ * Get apikeys for a user
+ * @param userid ID of the user
+ * @return array with the key data
+ */
+ static public function apikeys($userid)
+ {
+ $CI =& get_instance();
+ $ret = array();
+
+ $query = $CI->db->select('key, created, comment, access_level')
+ ->from('apikeys')
+ ->where('user', $userid)
+ ->order_by('created', 'desc')
+ ->get()->result_array();
+
+ // Convert timestamp to unix timestamp
+ // TODO: migrate database to integer timestamp and get rid of this
+ foreach ($query as &$record) {
+ if (!empty($record['created'])) {
+ $record['created'] = strtotime($record['created']);
+ }
+ $ret[$record["key"]] = $record;
+ }
+ unset($record);
+
+ return array(
+ "apikeys" => $ret,
+ );
+ }
+
+ /**
+ * Create an invitation key for a user
+ * @param userid id of the user
+ * @return key the created invitation key
+ */
+ static public function create_invitation_key($userid) {
+ $CI =& get_instance();
+
+ $invitations = $CI->db->select('user')
+ ->from('actions')
+ ->where('user', $userid)
+ ->where('action', 'invitation')
+ ->count_all_results();
+
+ if ($invitations + 1 > $CI->config->item('max_invitation_keys')) {
+ throw new \exceptions\InsufficientPermissionsException("user/invitation-limit", "You can't create more invitation keys at this time.");
+ }
+
+ $key = random_alphanum(12, 16);
+
+ $CI->db->set(array(
+ 'key' => $key,
+ 'user' => $userid,
+ 'date' => time(),
+ 'action' => 'invitation'
+ ))
+ ->insert('actions');
+
+ return $key;
+ }
+
+ /**
+ * Remove an invitation key belonging to a user
+ * @param userid id of the user
+ * @param key key to remove
+ * @return number of removed keys
+ */
+ static public function delete_invitation_key($userid, $key) {
+ $CI =& get_instance();
+
+ $CI->db
+ ->where('key', $key)
+ ->where('user', $userid)
+ ->delete('actions');
+
+ return $CI->db->affected_rows();
+ }
+}