CHIEFSOFT\ameye
426 lines
15 KiB
PHP
426 lines
15 KiB
PHP
<?php
|
|
/**
|
|
* @file classes/user/Repository.php
|
|
*
|
|
* Copyright (c) 2014-2021 Simon Fraser University
|
|
* Copyright (c) 2000-2021 John Willinsky
|
|
* Distributed under the GNU GPL v3. For full terms see the file docs/COPYING.
|
|
*
|
|
* @class Repository
|
|
*
|
|
* @brief A repository to find and manage users.
|
|
*/
|
|
|
|
namespace PKP\user;
|
|
|
|
use APP\core\Application;
|
|
use APP\facades\Repo;
|
|
use APP\submission\Submission;
|
|
use Carbon\Carbon;
|
|
use PKP\context\Context;
|
|
use PKP\context\SubEditorsDAO;
|
|
use PKP\core\PKPApplication;
|
|
use PKP\db\DAORegistry;
|
|
use PKP\file\TemporaryFileDAO;
|
|
use PKP\log\SubmissionEmailLogDAO;
|
|
use PKP\log\SubmissionEventLogDAO;
|
|
use PKP\note\NoteDAO;
|
|
use PKP\notification\NotificationDAO;
|
|
use PKP\plugins\Hook;
|
|
use PKP\security\AccessKeyDAO;
|
|
use PKP\security\Role;
|
|
use PKP\security\RoleDAO;
|
|
use PKP\session\SessionDAO;
|
|
use PKP\stageAssignment\StageAssignmentDAO;
|
|
use PKP\submission\reviewAssignment\ReviewAssignmentDAO;
|
|
use PKP\submission\SubmissionCommentDAO;
|
|
|
|
class Repository
|
|
{
|
|
/** @var DAO $dao */
|
|
public $dao;
|
|
|
|
/** @var string $schemaMap The name of the class to map this entity to its schema */
|
|
public $schemaMap = maps\Schema::class;
|
|
|
|
public function __construct(DAO $dao)
|
|
{
|
|
$this->dao = $dao;
|
|
}
|
|
|
|
/** @copydoc DAO::newDataObject() */
|
|
public function newDataObject(array $params = []): User
|
|
{
|
|
$object = $this->dao->newDataObject();
|
|
if (!empty($params)) {
|
|
$object->setAllData($params);
|
|
}
|
|
return $object;
|
|
}
|
|
|
|
/** @copydoc DAO::get() */
|
|
public function get(int $id, $allowDisabled = false): ?User
|
|
{
|
|
return $this->dao->get($id, $allowDisabled);
|
|
}
|
|
|
|
/**
|
|
* Retrieve a user by API key.
|
|
*/
|
|
public function getByApiKey(string $apiKey): ?User
|
|
{
|
|
return $this->getCollector()
|
|
->filterBySettings(['apiKey' => $apiKey])
|
|
->getMany()
|
|
->first();
|
|
}
|
|
|
|
/** @copydoc DAO::get() */
|
|
public function getByUsername(string $username, bool $allowDisabled = false): ?User
|
|
{
|
|
return $this->dao->getByUsername($username, $allowDisabled);
|
|
}
|
|
|
|
/** @copydoc DAO::get() */
|
|
public function getByEmail(string $email, bool $allowDisabled = false): ?User
|
|
{
|
|
return $this->dao->getByEmail($email, $allowDisabled);
|
|
}
|
|
|
|
/** @copydoc DAO::getCollector() */
|
|
public function getCollector(): Collector
|
|
{
|
|
return app(Collector::class);
|
|
}
|
|
|
|
/**
|
|
* Get an instance of the map class for mapping users to their schema
|
|
*/
|
|
public function getSchemaMap(): maps\Schema
|
|
{
|
|
return app('maps')->withExtensions($this->schemaMap);
|
|
}
|
|
|
|
/** @copydoc DAO::insert() */
|
|
public function add(User $user): int
|
|
{
|
|
$id = $this->dao->insert($user);
|
|
Hook::call('User::add', [$user]);
|
|
|
|
return $id;
|
|
}
|
|
|
|
/** @copydoc DAO::update() */
|
|
public function edit(User $user, array $params = [])
|
|
{
|
|
$newUser = clone $user;
|
|
$newUser->setAllData(array_merge($newUser->_data, $params));
|
|
|
|
Hook::call('User::edit', [$newUser, $user, $params]);
|
|
|
|
$this->dao->update($newUser);
|
|
}
|
|
|
|
/** @copydoc DAO::delete */
|
|
public function delete(User $user)
|
|
{
|
|
Hook::call('User::delete::before', [&$user]);
|
|
|
|
$this->dao->delete($user);
|
|
|
|
Hook::call('User::delete', [&$user]);
|
|
}
|
|
|
|
/**
|
|
* Can the current user view and edit the gossip field for a user
|
|
*
|
|
* @param int $userId The user who's gossip field should be accessed
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function canCurrentUserGossip($userId)
|
|
{
|
|
$request = Application::get()->getRequest();
|
|
$context = $request->getContext();
|
|
$contextId = $context ? $context->getId() : \PKP\core\PKPApplication::CONTEXT_ID_NONE;
|
|
$currentUser = $request->getUser();
|
|
|
|
// Logged out users can never view gossip fields
|
|
if (!$currentUser) {
|
|
return false;
|
|
}
|
|
|
|
// Users can never view their own gossip fields
|
|
if ($currentUser->getId() === $userId) {
|
|
return false;
|
|
}
|
|
|
|
$roleDao = DAORegistry::getDAO('RoleDAO'); /** @var RoleDAO $roleDao */
|
|
// Only reviewers have gossip fields
|
|
if (!$roleDao->userHasRole($contextId, $userId, Role::ROLE_ID_REVIEWER)) {
|
|
return false;
|
|
}
|
|
|
|
// Only admins, editors and subeditors can view gossip fields
|
|
if (!$roleDao->userHasRole($contextId, $currentUser->getId(), [Role::ROLE_ID_MANAGER, Role::ROLE_ID_SITE_ADMIN, Role::ROLE_ID_SUB_EDITOR])) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Can this user access the requested workflow stage
|
|
*
|
|
* The user must have an assigned role in the specified stage or
|
|
* be a manager or site admin that has no assigned role in the
|
|
* submission.
|
|
*
|
|
* @param string $stageId One of the WORKFLOW_STAGE_ID_* constants.
|
|
* @param string $workflowType Accessing the editorial or author workflow? PKPApplication::WORKFLOW_TYPE_*
|
|
* @param array $userAccessibleStages User's assignments to the workflow stages. Application::ASSOC_TYPE_ACCESSIBLE_WORKFLOW_STAGES
|
|
* @param array $userRoles User's roles in the context
|
|
*
|
|
* @return bool
|
|
*/
|
|
public function canUserAccessStage($stageId, $workflowType, $userAccessibleStages, $userRoles)
|
|
{
|
|
$workflowRoles = Application::get()->getWorkflowTypeRoles()[$workflowType];
|
|
|
|
if (array_key_exists($stageId, $userAccessibleStages)
|
|
&& !empty(array_intersect($workflowRoles, $userAccessibleStages[$stageId]))) {
|
|
return true;
|
|
}
|
|
if (empty($userAccessibleStages) && count(array_intersect([Role::ROLE_ID_MANAGER, Role::ROLE_ID_SITE_ADMIN], $userRoles))) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
/**
|
|
* Retrieve user roles which give access to (certain) submission workflow stages
|
|
* returns [
|
|
* stage ID => [role IDs]
|
|
* ]
|
|
*
|
|
*/
|
|
public function getAccessibleWorkflowStages(int $userId, int $contextId, Submission $submission, ?array $userRoleIds = null): array
|
|
{
|
|
$stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO'); /** @var StageAssignmentDAO $stageAssignmentDao */
|
|
$stageAssignmentsResult = $stageAssignmentDao->getBySubmissionAndUserIdAndStageId($submission->getId(), $userId);
|
|
|
|
if (is_null($userRoleIds)) {
|
|
$roleDao = DAORegistry::getDAO('RoleDAO'); /** @var RoleDAO $roleDao */
|
|
$userRoles = $roleDao->getByUserIdGroupedByContext($userId);
|
|
|
|
$userRoleIds = [];
|
|
if (array_key_exists($contextId, $userRoles)) {
|
|
$contextRoles = $userRoles[$contextId];
|
|
|
|
foreach ($contextRoles as $contextRole) { /** @var Role $userRole */
|
|
$userRoleIds[] = $contextRole->getRoleId();
|
|
}
|
|
}
|
|
|
|
// Has admin role?
|
|
if ($contextId != PKPApplication::CONTEXT_ID_NONE &&
|
|
array_key_exists(PKPApplication::CONTEXT_ID_NONE, $userRoles) &&
|
|
in_array(Role::ROLE_ID_SITE_ADMIN, $userRoles[PKPApplication::CONTEXT_ID_NONE])
|
|
) {
|
|
$userRoleIds[] = Role::ROLE_ID_SITE_ADMIN;
|
|
}
|
|
}
|
|
|
|
$accessibleWorkflowStages = [];
|
|
|
|
// Assigned users have access based on their assignment
|
|
while ($stageAssignment = $stageAssignmentsResult->next()) {
|
|
$userGroup = Repo::userGroup()->get($stageAssignment->getUserGroupId());
|
|
$roleId = $userGroup->getRoleId();
|
|
|
|
// Check global user roles within the context, e.g., user can be assigned in the role, which was revoked
|
|
if (!in_array($roleId, $userRoleIds)) {
|
|
continue;
|
|
}
|
|
|
|
$accessibleWorkflowStages[$stageAssignment->getStageId()][] = $roleId;
|
|
}
|
|
|
|
// Managers and admin have access if not assigned to the submission or are assigned in a revoked role
|
|
$managerRoles = array_intersect($userRoleIds, [Role::ROLE_ID_SITE_ADMIN, Role::ROLE_ID_MANAGER]);
|
|
if (empty($accessibleWorkflowStages) && !empty($managerRoles)) {
|
|
$workflowStages = Application::getApplicationStages();
|
|
foreach ($workflowStages as $stageId) {
|
|
$accessibleWorkflowStages[$stageId] = $managerRoles;
|
|
}
|
|
}
|
|
|
|
return $accessibleWorkflowStages;
|
|
}
|
|
|
|
/**
|
|
* Retrieves a filtered user report instance
|
|
*
|
|
* @param array $args
|
|
* - @option int[] contextIds Context IDs (required)
|
|
* - @option int[] userGroupIds List of user groups (all groups by default)
|
|
*/
|
|
public function getReport(array $args): Report
|
|
{
|
|
$dataSource = $this->getCollector()
|
|
->filterByUserGroupIds($args['userGroupIds'] ?? null)
|
|
->filterByContextIds($args['contextIds'] ?? [])
|
|
->getMany();
|
|
|
|
$report = new Report($dataSource);
|
|
|
|
Hook::call('User::getReport', [$report]);
|
|
|
|
return $report;
|
|
}
|
|
|
|
public function getRolesOverview(Collector $collector)
|
|
{
|
|
$result = [
|
|
[
|
|
'id' => 'total',
|
|
'name' => 'stats.allUsers',
|
|
'value' => $this->dao->getCount($collector),
|
|
],
|
|
];
|
|
|
|
$roleNames = Application::get()->getRoleNames();
|
|
|
|
foreach ($roleNames as $roleId => $roleName) {
|
|
$result[] = [
|
|
'id' => $roleId,
|
|
'name' => $roleName,
|
|
'value' => $this->dao->getCount($collector->filterByRoleIds([$roleId])),
|
|
];
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
/**
|
|
* Merge user accounts and delete the old user account.
|
|
*
|
|
* @param int $oldUserId The user ID to remove
|
|
* @param int $newUserId The user ID to receive all "assets" (i.e. submissions) from old user
|
|
*/
|
|
public function mergeUsers(int $oldUserId, int $newUserId)
|
|
{
|
|
// Need both user ids for merge
|
|
if (empty($oldUserId) || empty($newUserId)) {
|
|
return false;
|
|
}
|
|
|
|
Hook::call('UserAction::mergeUsers', [&$oldUserId, &$newUserId]);
|
|
|
|
$submissionFiles = Repo::submissionFile()
|
|
->getCollector()
|
|
->filterByUploaderUserIds([$oldUserId])
|
|
->includeDependentFiles()
|
|
->getMany();
|
|
|
|
foreach ($submissionFiles as $submissionFile) {
|
|
Repo::submissionFile()->edit($submissionFile, ['uploaderUserId' => $newUserId]);
|
|
}
|
|
|
|
$noteDao = DAORegistry::getDAO('NoteDAO'); /** @var NoteDAO $noteDao */
|
|
$notes = $noteDao->getByUserId($oldUserId);
|
|
while ($note = $notes->next()) {
|
|
$note->setUserId($newUserId);
|
|
$noteDao->updateObject($note);
|
|
}
|
|
|
|
Repo::decision()->dao->reassignDecisions($oldUserId, $newUserId);
|
|
|
|
$reviewAssignmentDao = DAORegistry::getDAO('ReviewAssignmentDAO'); /** @var ReviewAssignmentDAO $reviewAssignmentDao */
|
|
foreach ($reviewAssignmentDao->getByUserId($oldUserId) as $reviewAssignment) {
|
|
$reviewAssignment->setReviewerId($newUserId);
|
|
$reviewAssignmentDao->updateObject($reviewAssignment);
|
|
}
|
|
|
|
$submissionEmailLogDao = DAORegistry::getDAO('SubmissionEmailLogDAO'); /** @var SubmissionEmailLogDAO $submissionEmailLogDao */
|
|
$submissionEmailLogDao->changeUser($oldUserId, $newUserId);
|
|
Repo::eventLog()->dao->changeUser($oldUserId, $newUserId);
|
|
|
|
$submissionCommentDao = DAORegistry::getDAO('SubmissionCommentDAO'); /** @var SubmissionCommentDAO $submissionCommentDao */
|
|
$submissionComments = $submissionCommentDao->getByUserId($oldUserId);
|
|
|
|
while ($submissionComment = $submissionComments->next()) {
|
|
$submissionComment->setAuthorId($newUserId);
|
|
$submissionCommentDao->updateObject($submissionComment);
|
|
}
|
|
|
|
$accessKeyDao = DAORegistry::getDAO('AccessKeyDAO'); /** @var AccessKeyDAO $accessKeyDao */
|
|
$accessKeyDao->transferAccessKeys($oldUserId, $newUserId);
|
|
|
|
$notificationDao = DAORegistry::getDAO('NotificationDAO'); /** @var NotificationDAO $notificationDao */
|
|
$notificationDao->transferNotifications($oldUserId, $newUserId);
|
|
|
|
// Delete the old user and associated info.
|
|
$sessionDao = DAORegistry::getDAO('SessionDAO'); /** @var SessionDAO $sessionDao */
|
|
$sessionDao->deleteByUserId($oldUserId);
|
|
$temporaryFileDao = DAORegistry::getDAO('TemporaryFileDAO'); /** @var TemporaryFileDAO $temporaryFileDao */
|
|
$temporaryFileDao->deleteByUserId($oldUserId);
|
|
$subEditorsDao = DAORegistry::getDAO('SubEditorsDAO'); /** @var SubEditorsDAO $subEditorsDao */
|
|
$subEditorsDao->deleteByUserId($oldUserId);
|
|
|
|
// Transfer old user's roles
|
|
$userGroups = Repo::userGroup()->userUserGroups($oldUserId);
|
|
foreach ($userGroups as $userGroup) {
|
|
if (!Repo::userGroup()->userInGroup($newUserId, $userGroup->getId())) {
|
|
Repo::userGroup()->assignUserToGroup($newUserId, $userGroup->getId());
|
|
}
|
|
}
|
|
|
|
Repo::userGroup()->deleteAssignmentsByUserId($oldUserId);
|
|
|
|
// Transfer stage assignments.
|
|
$stageAssignmentDao = DAORegistry::getDAO('StageAssignmentDAO'); /** @var StageAssignmentDAO $stageAssignmentDao */
|
|
$stageAssignments = $stageAssignmentDao->getByUserId($oldUserId);
|
|
while ($stageAssignment = $stageAssignments->next()) {
|
|
$duplicateAssignments = $stageAssignmentDao->getBySubmissionAndStageId($stageAssignment->getSubmissionId(), null, $stageAssignment->getUserGroupId(), $newUserId);
|
|
if (!$duplicateAssignments->next()) {
|
|
// If no similar assignments already exist, transfer this one.
|
|
$stageAssignment->setUserId($newUserId);
|
|
$stageAssignmentDao->updateObject($stageAssignment);
|
|
} else {
|
|
// There's already a stage assignment for the new user; delete.
|
|
$stageAssignmentDao->deleteObject($stageAssignment);
|
|
}
|
|
}
|
|
|
|
$this->delete($this->get($oldUserId, true));
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Create a user object from the Context contact details
|
|
*/
|
|
public function getUserFromContextContact(Context $context): User
|
|
{
|
|
$contextUser = $this->newDataObject();
|
|
$supportedLocales = $context->getSupportedFormLocales();
|
|
$contextUser->setData('email', $context->getData('contactEmail'));
|
|
$contextUser->setData('givenName', array_fill_keys($supportedLocales, $context->getData('contactName')));
|
|
return $contextUser;
|
|
}
|
|
|
|
/**
|
|
* Delete unvalidated expired users
|
|
*
|
|
* @param Carbon $dateTillValid The dateTime till before which user will consider expired
|
|
* @param array $excludableUsersId The users id to exclude form delete operation
|
|
*
|
|
* @return int The number rows affected by DB operation
|
|
*/
|
|
public function deleteUnvalidatedExpiredUsers(Carbon $dateTillValid, array $excludableUsersId = [])
|
|
{
|
|
return $this->dao->deleteUnvalidatedExpiredUsers($dateTillValid, $excludableUsersId);
|
|
}
|
|
}
|