epagris/SpreadQuiz
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

- UserMgr OO implementation

Browse Source
This commit is contained in:
Wiesner András 2024-09-17 12:13:42 +02:00
parent fc1a438782
commit 2cd2676d59
4 changed files with 386 additions and 130 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

221
class/UserMgr.php Normal file
View File

@ -0,0 +1,221 @@
<?php
require_once "common_func.php";
class User
{
private int $id; // User's ID
private string $nickname; // User's nickname
private string $password; // User's password in it's encoded form or left empty
private string $realname; // User's real name displayed in their profile
private array $groups; // User's assigned groups
private string $privilege; // User's privilege
private UserMgr $userMgr; // UserManager object governing this object.
// -------------------------------------------
// Store modifications to the database.
private function storeMods(): void
{
$this->userMgr->updateUser($this);
}
// -------------------------------------------
function __construct(UserMgr &$usrmgr, int|array $id_serialized, string $nickname = null, string $password = null, string $realname = null, array $groups = null, string $privilege = null)
{
if (is_array($id_serialized)) {
$init = $id_serialized;
$this->id = $id_serialized["_id"] ?? "-1";
$this->nickname = $init["nickname"];
$this->password = $init["password"];
$this->realname = $init["realname"];
$this->groups = $init["groups"];
$this->privilege = $init["privilege"];
} else {
$this->id = $id_serialized;
$this->nickname = $nickname;
$this->password = $password;
$this->realname = $realname;
$this->groups = $groups;
$this->privilege = $privilege;
}
// save reference to user manager
$this->userMgr = &$usrmgr;
}
// Create user from an array
static function fromArray(UserMgr &$usrmgr, array $a): User
{
return new User($usrmgr, $a);
}
// Convert user to array
function toArray(array $omit = []): array
{
$a = [
"_id" => $this->id,
"nickname" => $this->nickname,
"password" => $this->password,
"realname" => $this->realname,
"groups" => $this->groups,
"privilege" => $this->privilege
];
// omit specific fields
foreach ($omit as $field) {
unset($a[$field]);
}
return $a;
}
// Change user password. If $safe, then $old is checked.
function changePassword(string $new, string $old, bool $safe = true): bool
{
if (!$safe || password_verify($old, $this->password)) {
$this->password = password_hash($new, PASSWORD_DEFAULT);
$this->storeMods(); // store modifications
return true;
} else {
return false;
}
}
// Change user groups
function changeGroups(array $add, array $remove): void
{
alter_array_contents($this->groups, $add, $remove);
$this->storeMods(); // store modifications
}
// Get user's groups
function getGroups(): array
{
return $this->groups;
}
// Set user privilege level
function setPrivilege(string $privilege): void
{
$this->privilege = ($this->nickname === QUIZMASTER_NICKNAME) ? PRIVILEGE_QUIZMASTER : $privilege; // quizmaster's privilege mustn't be tampered with
$this->storeMods(); // store modifications
}
// Get user privilege level
function getPrivilege(): string
{
return $this->privilege;
}
// Get user's nickname.
function getNickname(): string
{
return $this->nickname;
}
// Set user's real name.
function setRealname(string $realname): void {
$this->realname = $realname;
}
// Get user's real name.
function getRealname(): string {
return $this->realname;
}
// Check against user credentials.
function checkPassword(string $password): bool
{
return password_verify($password, $this->password);
}
}
class UserMgr
{
public \SleekDB\Store $db;
function __construct()
{
// create database
$this->db = new \SleekDB\Store(USERDB, DATADIR, ["timeout" => false]);
}
// Get user by nickname. Returns with a User object if found, null else.
function getUser(string $nickname): User|null
{
$user_data_array = $this->db->findBy(["nickname", "=", $nickname]);
return count($user_data_array) != 0 ? new User($this, $user_data_array[0]) : null;
}
// Update user.
function updateUser(User $user): void
{
$a = $user->toArray(); // convert to array
$this->db->update($a); // update using the extracted array
}
// checks if a nickname is taken
function isNicknameTaken(string $nickname): bool {
return !($this->db->findOneBy(["nickname", "=", $nickname]) == null);
}
// Add new user.
function addUser(string $nickname, string $password, string $realname, array $groupids = [], string $privilege = PRIVILEGE_PLAYER): bool
{
if ($this->isNicknameTaken($nickname)) { // user exists
return false;
}
$a = [
"nickname" => $nickname,
"password" => password_hash($password, PASSWORD_DEFAULT),
"realname" => $realname,
"groups" => $groupids,
"privilege" => $privilege
];
// create user object
$user = new User($this, $a);
// add user to specific groups FIXME!!!!
foreach ($groupids as $groupid) {
change_group_user_assignments($groupid, $nickname, null);
}
$this->db->insert($user->toArray(["_id"]));
return true; // user registration successful
}
// Delete user from the storage
function deleteUser(string $nickname): void
{
// cannot delete quizmaster
if ($nickname == QUIZMASTER_NICKNAME) {
return;
}
$user = $this->getUser($nickname);
if ($user !== null) {
foreach ($user->getGroups() as $groupid) {
change_group_user_assignments($groupid, null, $nickname);
}
$this->db->deleteBy(["nickname", "=", $nickname]);
}
}
// Dump all users. Users come wrapped in User objects.
function getAllUsers(): array
{
return array_map(fn($a): User => new User($this, $a), $this->db->findAll());
}
// Get all nicknames.
function getAllNicknames(): array
{
$qb = $this->db->createQueryBuilder();
return array_map(fn($c): string => $c["nickname"], $qb->select(["nickname"])->getQuery()->fetch());
}
}

10
install.php
View File

@ -1,5 +1,7 @@
<?php <?php
use Couchbase\UserManager;
require_once "globals.php"; require_once "globals.php";
# -dxdebug.default_enable=1 -dxdebug.remote_enable=1 -dxdebug.remote_autostart=1 -dxdebug.remote_port=9000 -dxdebug.remote_host=127.0.0.1 -dxdebug.idekey=PHPSTORM -dxdebug.mode=debug # -dxdebug.default_enable=1 -dxdebug.remote_enable=1 -dxdebug.remote_autostart=1 -dxdebug.remote_port=9000 -dxdebug.remote_host=127.0.0.1 -dxdebug.idekey=PHPSTORM -dxdebug.mode=debug
@ -16,10 +18,14 @@ require_once "usermgr.php";
require_once "groupmgr.php"; require_once "groupmgr.php";
require_once "gamemgr.php"; require_once "gamemgr.php";
require_once "class/UserMgr.php";
// create "quizmaster" (admin) user // create "quizmaster" (admin) user
$pw = uniqid(); $pw = uniqid();
add_user(QUIZMASTER_NICKNAME, $pw, ""); $usrmgr = new UserMgr();
change_privilege_level(QUIZMASTER_NICKNAME, PRIVILEGE_QUIZMASTER); $usrmgr->addUser(QUIZMASTER_NICKNAME, $pw, "");
$qm = $usrmgr->getUser(QUIZMASTER_NICKNAME);
$qm->setPrivilege(PRIVILEGE_QUIZMASTER);
echo "Quizmaster account: quizmaster, $pw\n"; echo "Quizmaster account: quizmaster, $pw\n";
// deploy install indicator // deploy install indicator

123
interface.php
View File

@ -24,39 +24,47 @@ require_once "controller.php";
require_once "class/ReqHandler.php"; require_once "class/ReqHandler.php";
// ------------------------ require_once "class/UserMgr.php";
function patch_through_image(string $gameid, string $img_url)
{
$game_dir = get_game_dir_by_gameid($gameid);
$image_fetch_url = $game_dir . DIRECTORY_SEPARATOR . $img_url;
$img_fp = fopen($image_fetch_url, "r");
if ($img_fp === false) {
$img_fp = fopen(MISSING_IMAGE_PLACEHOLDER, "r");
}
fpassthru($img_fp);
fclose($img_fp);
}
// ------------------------ // ------------------------
$action = $_REQUEST["action"]; $userMgr = new UserMgr();
// ------------------------
$result = ""; $result = "";
$success = false; $success = false;
// user-related variables
$user = null;
$nickname = "";
$privilege = PRIVILEGE_NONE; $privilege = PRIVILEGE_NONE;
$is_quizmaster = false;
// --------
// create request handler // create request handler
$rh = new ReqHandler(); $rh = new ReqHandler();
// action dump callback
function dump_actions(ReqHandler &$rh, array $params): string {
return $rh->dump_actions();
}
$rh->add("dump_actions", [], PRIVILEGE_QUIZMASTER, "dump_actions", RESP_PLAIN, "Dump all registered actions.");
/* ------------ ACTIONS AVAILABLE WITHOUT LOGGING IN ---------- */ /* ------------ ACTIONS AVAILABLE WITHOUT LOGGING IN ---------- */
// login the user // login the user
function login(ReqHandler &$rh, array $params): string function login(ReqHandler &$rh, array $params): string
{ {
global $userMgr;
global $user;
$nickname = $params["nickname"]; $nickname = $params["nickname"];
$password = $params["password"]; $password = $params["password"];
if (check_user_credentials($nickname, $password)) {
$user = $userMgr->getUser($nickname);
if (($user !== null) && $user->checkPassword($password)) {
session_start(); session_start();
$_SESSION["nickname"] = $nickname; $_SESSION["nickname"] = $nickname;
$result = "OK"; $result = "OK";
@ -74,9 +82,9 @@ if ((session_status() != PHP_SESSION_ACTIVE) || (!isset($_SESSION["nickname"]))
goto process_and_print; goto process_and_print;
} }
$user_data = get_user($_SESSION["nickname"]); $user = $userMgr->getUser($_SESSION["nickname"]);
$nickname = $user_data["nickname"]; $nickname = $user->getNickname();
$privilege = $user_data["privilege"]; $privilege = $user->getPrivilege();
$is_quizmaster = $privilege === PRIVILEGE_QUIZMASTER; $is_quizmaster = $privilege === PRIVILEGE_QUIZMASTER;
/* ---------- ACTIONS REQUIRING BEING LOGGED IN ------------ */ /* ---------- ACTIONS REQUIRING BEING LOGGED IN ------------ */
@ -90,17 +98,17 @@ function logout(ReqHandler &$rh, array $params): string
function get_user_info(ReqHandler &$rh, array $params): array function get_user_info(ReqHandler &$rh, array $params): array
{ {
global $user_data; global $user;
$user_data_filtered = $user_data; $user_data_filtered = $user->toArray();
unset($user_data_filtered["password"]); unset($user_data_filtered["password"]);
return $user_data_filtered; return $user_data_filtered;
} }
function get_available_games(ReqHandler &$rh, array $params): array function get_available_games(ReqHandler &$rh, array $params): array
{ {
global $user_data; global $user;
$games_by_groups = []; $games_by_groups = [];
$groupids = $user_data["groups"]; $groupids = $user->getGroups();
foreach ($groupids as $groupid) { foreach ($groupids as $groupid) {
$group_data = get_group($groupid); $group_data = get_group($groupid);
$game_collection = [ $game_collection = [
@ -221,6 +229,19 @@ function submit_test(ReqHandler &$rh, array $params): string
} }
} }
function patch_through_image(string $gameid, string $img_url)
{
$game_dir = get_game_dir_by_gameid($gameid);
$image_fetch_url = $game_dir . DIRECTORY_SEPARATOR . $img_url;
$img_fp = fopen($image_fetch_url, "r");
if ($img_fp === false) {
$img_fp = fopen(MISSING_IMAGE_PLACEHOLDER, "r");
}
fpassthru($img_fp);
fclose($img_fp);
}
function get_image(ReqHandler &$rh, array $params): string function get_image(ReqHandler &$rh, array $params): string
{ {
$img_url = trim($params["img_url"] ?? ""); $img_url = trim($params["img_url"] ?? "");
@ -248,6 +269,7 @@ $requester_nickname = $is_quizmaster ? "*" : $nickname; // "*" means every game
function create_update_game(ReqHandler &$rh, array $params): array function create_update_game(ReqHandler &$rh, array $params): array
{ {
global $userMgr;
global $nickname; global $nickname;
global $is_quizmaster; global $is_quizmaster;
@ -308,7 +330,8 @@ function create_update_game(ReqHandler &$rh, array $params): array
if (($game_data["owner"] === $nickname) || $is_quizmaster) { if (($game_data["owner"] === $nickname) || $is_quizmaster) {
$game_data["owner"] = $owner; $game_data["owner"] = $owner;
} }
$game_data["contributors"] = array_intersect($contributors, get_all_nicknames());
$game_data["contributors"] = array_intersect($contributors, $usrMgr->getAllNicknames());
$game_data["properties"]["time_limit"] = $properties["time_limit"]; $game_data["properties"]["time_limit"] = $properties["time_limit"];
$game_data["properties"]["repeatable"] = $properties["repeatable"]; $game_data["properties"]["repeatable"] = $properties["repeatable"];
@ -457,18 +480,15 @@ if ($privilege === PRIVILEGE_CREATOR) {
function create_update_group(ReqHandler &$rh, array $params): string function create_update_group(ReqHandler &$rh, array $params): string
{ {
global $user_data; global $user;
$update = $params[ReqHandler::ACTION_KEY] === "update_group"; $update = $params[ReqHandler::ACTION_KEY] === "update_group";
$groupname = trim($params["groupname"]); $groupname = trim($params["groupname"]);
$description = trim($params["description"]); $description = trim($params["description"]);
$editors = (!$update) ? [] : explode_list(trim($params["editors"])); $editors = (!$update) ? [] : explode_list(trim($params["editors"]));
$owner = (!$update) ? $user_data["nickname"] : trim($params["owner"]); $owner = (!$update) ? $user->getNickname() : (trim($params["owner"]) ?: $user->getNickname());
$result = "FAIL"; $result = "FAIL";
if ($owner === "") {
$owner = $user_data["nickname"];
}
if ($groupname != "") { if ($groupname != "") {
if (!$update) { if (!$update) {
create_group($groupname, $owner, $description); create_group($groupname, $owner, $description);
@ -511,6 +531,8 @@ function search_player_groups(ReqHandler &$rh, array $params): array
function create_update_user(ReqHandler &$rh, array $params): string function create_update_user(ReqHandler &$rh, array $params): string
{ {
global $userMgr;
$update = $params[ReqHandler::ACTION_KEY] === "update_user"; $update = $params[ReqHandler::ACTION_KEY] === "update_user";
$target_nickname = trim($params["nickname"]); $target_nickname = trim($params["nickname"]);
$password = trim($params["password"]); $password = trim($params["password"]);
@ -523,13 +545,13 @@ function create_update_user(ReqHandler &$rh, array $params): string
$success = false; $success = false;
if (($target_nickname !== "")) { if (($target_nickname !== "")) {
if ((!$update) && ($password !== "")) { // CREATE if ((!$update) && ($password !== "")) { // CREATE
$success = add_user($target_nickname, $password, $realname, $groupids, $privilege); $success = $userMgr->addUser($target_nickname, $password, $realname, $groupids, $privilege);
} else if ($update) { // UPDATE } else if ($update) { // UPDATE
$user_data = get_user($target_nickname); // load user data $tuser = $userMgr->getUser($target_nickname); // load user data
if (count ($user_data) > 0) { if ($tuser !== null) {
// group management // group management
$old_groupids = $user_data["groups"]; // retain old groupids $old_groupids = $tuser->getGroups(); // retain old groupids
$new_groupids = $groupids; // get new groupids $new_groupids = $groupids; // get new groupids
$groupids_add = array_diff($new_groupids, $old_groupids); // groups this user needs to be added to $groupids_add = array_diff($new_groupids, $old_groupids); // groups this user needs to be added to
$groupids_remove = array_diff($old_groupids, $new_groupids); // groups this user need to be removed from $groupids_remove = array_diff($old_groupids, $new_groupids); // groups this user need to be removed from
@ -541,18 +563,18 @@ function create_update_user(ReqHandler &$rh, array $params): string
} }
// re-fetch user // re-fetch user
$user_data = get_user($target_nickname); // load user data //$tuser = get_user($target_nickname); // load user data
// further field update // further field update
$user_data["realname"] = $realname; $tuser->setRealname($realname);
$user_data["privilege"] = $privilege; $tuser->setPrivilege($privilege);
// password replacement, if requested // password replacement, if requested
if ($password !== "") { if ($password !== "") {
$user_data["password"] = password_hash($password, PASSWORD_DEFAULT); $tuser->changePassword(password_hash($password, PASSWORD_DEFAULT), "", false);
} }
$success = update_user($user_data); $success = true;
} }
} }
} }
@ -561,18 +583,23 @@ function create_update_user(ReqHandler &$rh, array $params): string
} }
function delete_users(ReqHandler &$rh, array $params): string { function delete_users(ReqHandler &$rh, array $params): string {
$users = explode_list($params["users"]); global $userMgr;
foreach ($users as $g) { $nicknames = explode_list($params["users"]);
delete_user($g); foreach ($nicknames as $nick) {
$userMgr->deleteUser($nick);
} }
return "OK"; return "OK";
} }
function get_all_game_users(ReqHandler &$rh, array $params): array { function get_all_game_users(ReqHandler &$rh, array $params): array {
$user_data_filtered = get_all_users(); global $userMgr;
for ($i = 0; $i < count($user_data_filtered); $i++) { $user_data_filtered = [];
unset($user_data_filtered[$i]["password"]); // remove password from records $all_users = $userMgr->getAllUsers();
resolve_groupids($user_data_filtered[$i]["groups"]); // resolve group IDs for ($i = 0; $i < count($all_users); $i++) {
$a = $all_users[$i]->toArray(); // convert user to array
unset($a["password"]); // remove password from records
resolve_groupids($a["groups"]); // resolve group IDs
$user_data_filtered[] = $a;
} }
return $user_data_filtered; return $user_data_filtered;
} }
@ -595,11 +622,13 @@ $rh->add("delete_users", ["users"], PRIVILEGE_QUIZMASTER, "delete_users", RESP_P
$rh->add("get_all_users", [], PRIVILEGE_QUIZMASTER, "get_all_game_users", RESP_JSON, "Get all users."); $rh->add("get_all_users", [], PRIVILEGE_QUIZMASTER, "get_all_game_users", RESP_JSON, "Get all users.");
$rh->add("import_users_from_csv", [], PRIVILEGE_QUIZMASTER, "import_users_from_csv", RESP_JSON, "Get all users."); $rh->add("import_users_from_csv", [], PRIVILEGE_QUIZMASTER, "import_users_from_csv", RESP_JSON, "Get all users.");
function dump_actions(ReqHandler &$rh, array $params): string { function test(ReqHandler &$rh, array $params): string {
return $rh->dump_actions(); $usrmgr = new UserMgr();
$nicknames = $usrmgr->getAllNicknames();
return join(", ", $nicknames);
} }
$rh->add("dump_actions", [], PRIVILEGE_QUIZMASTER, "dump_actions", RESP_PLAIN, "Dump all registered actions."); $rh->add("test", [], PRIVILEGE_QUIZMASTER, "test", RESP_PLAIN, "Test.");
// ---------- // ----------

162
usermgr.php
View File

@ -12,42 +12,42 @@ const PRIVILEGE_PLAYER = "player";
const PRIVILEGE_CREATOR = "creator"; const PRIVILEGE_CREATOR = "creator";
const PRIVILEGE_QUIZMASTER = "admin"; // TODO: refactor! const PRIVILEGE_QUIZMASTER = "admin"; // TODO: refactor!
function add_user(string $nickname, string $password, string $realname, array $groupids = [], string $privilege = PRIVILEGE_PLAYER): bool //function add_user(string $nickname, string $password, string $realname, array $groupids = [], string $privilege = PRIVILEGE_PLAYER): bool
{ //{
global $userdb; // global $userdb;
if (count(get_user($nickname)) != 0) { // user exists // if (count(get_user($nickname)) != 0) { // user exists
return false; // return false;
} // }
//
$user_data = [ // $user_data = [
"nickname" => $nickname, // "nickname" => $nickname,
"password" => password_hash($password, PASSWORD_DEFAULT), // "password" => password_hash($password, PASSWORD_DEFAULT),
"realname" => $realname, // "realname" => $realname,
"groups" => $groupids, // "groups" => $groupids,
"privilege" => $privilege // "privilege" => $privilege
]; // ];
foreach ($groupids as $groupid) { // foreach ($groupids as $groupid) {
change_group_user_assignments($groupid, $nickname, null); // change_group_user_assignments($groupid, $nickname, null);
} // }
$userdb->insert($user_data); // $userdb->insert($user_data);
return true; // user registration successful // return true; // user registration successful
} //}
//
function delete_user(string $nickname) //function delete_user(string $nickname)
{ //{
global $userdb; // global $userdb;
if ($nickname == QUIZMASTER_NICKNAME) { // if ($nickname == QUIZMASTER_NICKNAME) {
return; // return;
} // }
//
$user_data = get_user($nickname); // $user_data = get_user($nickname);
if (count($user_data) !== 0) { // if (count($user_data) !== 0) {
foreach ($user_data["groups"] as $groupid) { // foreach ($user_data["groups"] as $groupid) {
change_group_user_assignments($groupid, null, $nickname); // change_group_user_assignments($groupid, null, $nickname);
} // }
$userdb->deleteBy(["nickname", "=", $nickname]); // $userdb->deleteBy(["nickname", "=", $nickname]);
} // }
} //}
function get_user(string $nickname): array function get_user(string $nickname): array
{ {
@ -62,18 +62,18 @@ function update_user(array $user_data)
return $userdb->update($user_data); return $userdb->update($user_data);
} }
function change_password(string $nickname, string $old, string $new): bool //function change_password(string $nickname, string $old, string $new): bool
{ //{
$user_data = get_user($nickname); // $user_data = get_user($nickname);
if (count($user_data) != 0) { // if (count($user_data) != 0) {
if (password_verify($old, $user_data["password"])) { // if (password_verify($old, $user_data["password"])) {
$user_data["password"] = password_hash($new, PASSWORD_DEFAULT); // $user_data["password"] = password_hash($new, PASSWORD_DEFAULT);
update_user($user_data); // update_user($user_data);
return true; // return true;
} // }
} // }
return false; // return false;
} //}
function change_user_group_assignments(string $nickname, $groupname_add, $groupname_remove) function change_user_group_assignments(string $nickname, $groupname_add, $groupname_remove)
{ {
@ -84,36 +84,36 @@ function change_user_group_assignments(string $nickname, $groupname_add, $groupn
} }
} }
function change_privilege_level(string $nickname, string $privilege) //function change_privilege_level(string $nickname, string $privilege)
{ //{
$user_data = get_user($nickname); // $user_data = get_user($nickname);
if (count($user_data) != 0) { // if (count($user_data) != 0) {
$user_data["privilege"] = $privilege; // $user_data["privilege"] = $privilege;
update_user($user_data); // update_user($user_data);
} // }
} //}
//
function check_user_credentials(string $nickname, string $password): bool //function check_user_credentials(string $nickname, string $password): bool
{ //{
$user_data = get_user($nickname); // $user_data = get_user($nickname);
if (count($user_data) != 0) { // if (count($user_data) != 0) {
return password_verify($password, $user_data["password"]); // return password_verify($password, $user_data["password"]);
} else { // } else {
return false; // return false;
} // }
} //}
//
function get_all_users(): array //function get_all_users(): array
{ //{
global $userdb; // global $userdb;
return $userdb->findAll(); // return $userdb->findAll();
} //}
//
function get_all_nicknames() : array { //function get_all_nicknames() : array {
$nicknames = []; // $nicknames = [];
$user_data_array = get_all_users(); // $user_data_array = get_all_users();
foreach ($user_data_array as $user_data) { // foreach ($user_data_array as $user_data) {
$nicknames[] = $user_data["nickname"]; // $nicknames[] = $user_data["nickname"];
} // }
return $nicknames; // return $nicknames;
} //}