1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
<?php
/*
* Copyright 2014 Florian "Bluewind" Pritz <bluewind@server-speed.net>
*
* Licensed under AGPLv3
* (see COPYING for full license text)
*
*/
namespace service;
class user {
/**
* Create a new api key.
*
* Refer to Muser->get_access_levels() for a list of valid access levels.
*
* @param userid ID of the user
* @param comment free text comment describing the api key/it's usage/allowing to identify the key
* @param access_level access level of the key
* @return the new key
*/
static public function create_apikey($userid, $comment, $access_level)
{
$CI =& get_instance();
$valid_levels = $CI->muser->get_access_levels();
if (array_search($access_level, $valid_levels) === false) {
throw new \exceptions\UserInputException("user/validation/access_level/invalid", "Invalid access levels requested.");
}
if (strlen($comment) > 255) {
throw new \exceptions\UserInputException("user/validation/comment/too-long", "Comment may only be 255 chars long.");
}
$key = random_alphanum(32);
$CI->db->set(array(
'key' => $key,
'user' => $userid,
'comment' => $comment,
'access_level' => $access_level
))
->insert('apikeys');
return $key;
}
/**
* Get apikeys for a user
* @param userid ID of the user
* @return array with the key data
*/
static public function apikeys($userid)
{
$CI =& get_instance();
$ret = array();
$query = $CI->db->select('key, created, comment, access_level')
->from('apikeys')
->where('user', $userid)
->order_by('created', 'desc')
->get()->result_array();
// Convert timestamp to unix timestamp
// TODO: migrate database to integer timestamp and get rid of this
foreach ($query as &$record) {
if (!empty($record['created'])) {
$record['created'] = strtotime($record['created']);
}
$ret[$record["key"]] = $record;
}
unset($record);
return array(
"apikeys" => $ret,
);
}
/**
* Create an invitation key for a user
* @param userid id of the user
* @return key the created invitation key
*/
static public function create_invitation_key($userid) {
$CI =& get_instance();
$invitations = $CI->db->select('user')
->from('actions')
->where('user', $userid)
->where('action', 'invitation')
->count_all_results();
if ($invitations + 1 > $CI->config->item('max_invitation_keys')) {
throw new \exceptions\InsufficientPermissionsException("user/invitation-limit", "You can't create more invitation keys at this time.");
}
$key = random_alphanum(12, 16);
$CI->db->set(array(
'key' => $key,
'user' => $userid,
'date' => time(),
'action' => 'invitation'
))
->insert('actions');
return $key;
}
/**
* Remove an invitation key belonging to a user
* @param userid id of the user
* @param key key to remove
* @return number of removed keys
*/
static public function delete_invitation_key($userid, $key) {
$CI =& get_instance();
$CI->db
->where('key', $key)
->where('user', $userid)
->delete('actions');
return $CI->db->affected_rows();
}
}
|