Home Explore Help
Sign In
ouidade
/
dev-epau.archi.fr
0
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: 87668f1c0b
Branches Tags
dev-epau.arc...
/
system
/
src
/
Grav
/
Common
/
Flex
/
Types
/
Users
/
UserObject.php

UserObject.php 28 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. /**
    6. 

  6.  * @package    Grav\Common\Flex
    7. 

  7.  *
    8. 

  8.  * @copyright  Copyright (c) 2015 - 2022 Trilby Media, LLC. All rights reserved.
    9. 

  9.  * @license    MIT License; see LICENSE file for details.
    10. 

  10.  */
    11. 

  11. 

  12. namespace Grav\Common\Flex\Types\Users;
    13. 

  13. 

  14. use Closure;
    15. 

  15. use Countable;
    16. 

  16. use Grav\Common\Config\Config;
    17. 

  17. use Grav\Common\Data\Blueprint;
    18. 

  18. use Grav\Common\Flex\FlexObject;
    19. 

  19. use Grav\Common\Flex\Traits\FlexGravTrait;
    20. 

  20. use Grav\Common\Flex\Traits\FlexObjectTrait;
    21. 

  21. use Grav\Common\Flex\Types\Users\Traits\UserObjectLegacyTrait;
    22. 

  22. use Grav\Common\Grav;
    23. 

  23. use Grav\Common\Media\Interfaces\MediaCollectionInterface;
    24. 

  24. use Grav\Common\Media\Interfaces\MediaUploadInterface;
    25. 

  25. use Grav\Common\Page\Media;
    26. 

  26. use Grav\Common\Page\Medium\MediumFactory;
    27. 

  27. use Grav\Common\User\Access;
    28. 

  28. use Grav\Common\User\Authentication;
    29. 

  29. use Grav\Common\Flex\Types\UserGroups\UserGroupCollection;
    30. 

  30. use Grav\Common\Flex\Types\UserGroups\UserGroupIndex;
    31. 

  31. use Grav\Common\User\Interfaces\UserInterface;
    32. 

  32. use Grav\Common\User\Traits\UserTrait;
    33. 

  33. use Grav\Common\Utils;
    34. 

  34. use Grav\Framework\File\Formatter\JsonFormatter;
    35. 

  35. use Grav\Framework\File\Formatter\YamlFormatter;
    36. 

  36. use Grav\Framework\Filesystem\Filesystem;
    37. 

  37. use Grav\Framework\Flex\Flex;
    38. 

  38. use Grav\Framework\Flex\FlexDirectory;
    39. 

  39. use Grav\Framework\Flex\Storage\FileStorage;
    40. 

  40. use Grav\Framework\Flex\Traits\FlexMediaTrait;
    41. 

  41. use Grav\Framework\Form\FormFlashFile;
    42. 

  42. use Psr\Http\Message\UploadedFileInterface;
    43. 

  43. use RocketTheme\Toolbox\Event\Event;
    44. 

  44. use RocketTheme\Toolbox\File\FileInterface;
    45. 

  45. use RocketTheme\Toolbox\ResourceLocator\UniformResourceLocator;
    46. 

  46. use RuntimeException;
    47. 

  47. use function is_array;
    48. 

  48. use function is_bool;
    49. 

  49. use function is_object;
    50. 

  50. 

  51. /**
    52. 

  52.  * Flex User
    53. 

  53.  *
    54. 

  54.  * Flex User is mostly compatible with the older User class, except on few key areas:
    55. 

  55.  *
    56. 

  56.  * - Constructor parameters have been changed. Old code creating a new user does not work.
    57. 

  57.  * - Serializer has been changed -- existing sessions will be killed.
    58. 

  58.  *
    59. 

  59.  * @package Grav\Common\User
    60. 

  60.  *
    61. 

  61.  * @property string $username
    62. 

  62.  * @property string $email
    63. 

  63.  * @property string $fullname
    64. 

  64.  * @property string $state
    65. 

  65.  * @property array $groups
    66. 

  66.  * @property array $access
    67. 

  67.  * @property bool $authenticated
    68. 

  68.  * @property bool $authorized
    69. 

  69.  */
    70. 

  70. class UserObject extends FlexObject implements UserInterface, Countable
    71. 

  71. {
    72. 

  72.     use FlexGravTrait;
    73. 

  73.     use FlexObjectTrait;
    74. 

  74.     use FlexMediaTrait {
    75. 

  75.         getMedia as private getFlexMedia;
    76. 

  76.         getMediaFolder as private getFlexMediaFolder;
    77. 

  77.     }
    78. 

  78.     use UserTrait;
    79. 

  79.     use UserObjectLegacyTrait;
    80. 

  80. 

  81.     /** @var Closure|null */
    82. 

  82.     static public $authorizeCallable;
    83. 

  83.     /** @var Closure|null */
    84. 

  84.     static public $isAuthorizedCallable;
    85. 

  85. 

  86.     /** @var array|null */
    87. 

  87.     protected $_uploads_original;
    88. 

  88.     /** @var FileInterface|null */
    89. 

  89.     protected $_storage;
    90. 

  90.     /** @var UserGroupIndex */
    91. 

  91.     protected $_groups;
    92. 

  92.     /** @var Access */
    93. 

  93.     protected $_access;
    94. 

  94.     /** @var array|null */
    95. 

  95.     protected $access;
    96. 

  96. 

  97.     /**
    98. 

  98.      * @return array
    99. 

  99.      */
    100. 

  100.     public static function getCachedMethods(): array
    101. 

  101.     {
    102. 

  102.         return [
    103. 

  103.             'authorize' => 'session',
    104. 

  104.             'load' => false,
    105. 

  105.             'find' => false,
    106. 

  106.             'remove' => false,
    107. 

  107.             'get' => true,
    108. 

  108.             'set' => false,
    109. 

  109.             'undef' => false,
    110. 

  110.             'def' => false,
    111. 

  111.         ] + parent::getCachedMethods();
    112. 

  112.     }
    113. 

  113. 

  114.     /**
    115. 

  115.      * UserObject constructor.
    116. 

  116.      * @param array $elements
    117. 

  117.      * @param string $key
    118. 

  118.      * @param FlexDirectory $directory
    119. 

  119.      * @param bool $validate
    120. 

  120.      */
    121. 

  121.     public function __construct(array $elements, $key, FlexDirectory $directory, bool $validate = false)
    122. 

  122.     {
    123. 

  123.         // User can only be authenticated via login.
    124. 

  124.         unset($elements['authenticated'], $elements['authorized']);
    125. 

  125. 

  126.         // Define username if it's not set.
    127. 

  127.         if (!isset($elements['username'])) {
    128. 

  128.             $storageKey = $elements['__META']['storage_key'] ?? null;
    129. 

  129.             $storage = $directory->getStorage();
    130. 

  130.             if (null !== $storageKey && method_exists($storage, 'normalizeKey') && $key === $storage->normalizeKey($storageKey)) {
    131. 

  131.                 $elements['username'] = $storageKey;
    132. 

  132.             } else {
    133. 

  133.                 $elements['username'] = $key;
    134. 

  134.             }
    135. 

  135.         }
    136. 

  136. 

  137.         // Define state if it isn't set.
    138. 

  138.         if (!isset($elements['state'])) {
    139. 

  139.             $elements['state'] = 'enabled';
    140. 

  140.         }
    141. 

  141. 

  142.         parent::__construct($elements, $key, $directory, $validate);
    143. 

  143.     }
    144. 

  144. 

  145.     public function __clone()
    146. 

  146.     {
    147. 

  147.         $this->_access = null;
    148. 

  148.         $this->_groups = null;
    149. 

  149. 

  150.         parent::__clone();
    151. 

  151.     }
    152. 

  152. 

  153.     /**
    154. 

  154.      * @return void
    155. 

  155.      */
    156. 

  156.     public function onPrepareRegistration(): void
    157. 

  157.     {
    158. 

  158.         if (!$this->getProperty('access')) {
    159. 

  159.             /** @var Config $config */
    160. 

  160.             $config = Grav::instance()['config'];
    161. 

  161. 

  162.             $groups = $config->get('plugins.login.user_registration.groups', '');
    163. 

  163.             $access = $config->get('plugins.login.user_registration.access', ['site' => ['login' => true]]);
    164. 

  164. 

  165.             $this->setProperty('groups', $groups);
    166. 

  166.             $this->setProperty('access', $access);
    167. 

  167.         }
    168. 

  168.     }
    169. 

  169. 

  170.     /**
    171. 

  171.      * Helper to get content editor will fall back if not set
    172. 

  172.      *
    173. 

  173.      * @return string
    174. 

  174.      */
    175. 

  175.     public function getContentEditor(): string
    176. 

  176.     {
    177. 

  177.         return $this->getProperty('content_editor', 'default');
    178. 

  178.     }
    179. 

  179. 

  180.     /**
    181. 

  181.      * Get value by using dot notation for nested arrays/objects.
    182. 

  182.      *
    183. 

  183.      * @example $value = $this->get('this.is.my.nested.variable');
    184. 

  184.      *
    185. 

  185.      * @param string  $name       Dot separated path to the requested value.
    186. 

  186.      * @param mixed   $default    Default value (or null).
    187. 

  187.      * @param string|null  $separator  Separator, defaults to '.'
    188. 

  188.      * @return mixed  Value.
    189. 

  189.      */
    190. 

  190.     public function get($name, $default = null, $separator = null)
    191. 

  191.     {
    192. 

  192.         return $this->getNestedProperty($name, $default, $separator);
    193. 

  193.     }
    194. 

  194. 

  195.     /**
    196. 

  196.      * Set value by using dot notation for nested arrays/objects.
    197. 

  197.      *
    198. 

  198.      * @example $data->set('this.is.my.nested.variable', $value);
    199. 

  199.      *
    200. 

  200.      * @param string  $name       Dot separated path to the requested value.
    201. 

  201.      * @param mixed   $value      New value.
    202. 

  202.      * @param string|null  $separator  Separator, defaults to '.'
    203. 

  203.      * @return $this
    204. 

  204.      */
    205. 

  205.     public function set($name, $value, $separator = null)
    206. 

  206.     {
    207. 

  207.         $this->setNestedProperty($name, $value, $separator);
    208. 

  208. 

  209.         return $this;
    210. 

  210.     }
    211. 

  211. 

  212.     /**
    213. 

  213.      * Unset value by using dot notation for nested arrays/objects.
    214. 

  214.      *
    215. 

  215.      * @example $data->undef('this.is.my.nested.variable');
    216. 

  216.      *
    217. 

  217.      * @param string  $name       Dot separated path to the requested value.
    218. 

  218.      * @param string|null  $separator  Separator, defaults to '.'
    219. 

  219.      * @return $this
    220. 

  220.      */
    221. 

  221.     public function undef($name, $separator = null)
    222. 

  222.     {
    223. 

  223.         $this->unsetNestedProperty($name, $separator);
    224. 

  224. 

  225.         return $this;
    226. 

  226.     }
    227. 

  227. 

  228.     /**
    229. 

  229.      * Set default value by using dot notation for nested arrays/objects.
    230. 

  230.      *
    231. 

  231.      * @example $data->def('this.is.my.nested.variable', 'default');
    232. 

  232.      *
    233. 

  233.      * @param string  $name       Dot separated path to the requested value.
    234. 

  234.      * @param mixed   $default    Default value (or null).
    235. 

  235.      * @param string|null  $separator  Separator, defaults to '.'
    236. 

  236.      * @return $this
    237. 

  237.      */
    238. 

  238.     public function def($name, $default = null, $separator = null)
    239. 

  239.     {
    240. 

  240.         $this->defNestedProperty($name, $default, $separator);
    241. 

  241. 

  242.         return $this;
    243. 

  243.     }
    244. 

  244. 

  245.     /**
    246. 

  246.      * @param UserInterface|null $user
    247. 

  247.      * @return bool
    248. 

  248.      */
    249. 

  249.     public function isMyself(?UserInterface $user = null): bool
    250. 

  250.     {
    251. 

  251.         if (null === $user) {
    252. 

  252.             $user = $this->getActiveUser();
    253. 

  253.             if ($user && !$user->authenticated) {
    254. 

  254.                 $user = null;
    255. 

  255.             }
    256. 

  256.         }
    257. 

  257. 

  258.         return $user && $this->username === $user->username;
    259. 

  259.     }
    260. 

  260. 

  261.     /**
    262. 

  262.      * Checks user authorization to the action.
    263. 

  263.      *
    264. 

  264.      * @param  string $action
    265. 

  265.      * @param  string|null $scope
    266. 

  266.      * @return bool|null
    267. 

  267.      */
    268. 

  268.     public function authorize(string $action, string $scope = null): ?bool
    269. 

  269.     {
    270. 

  270.         if ($scope === 'test') {
    271. 

  271.             // Special scope to test user permissions.
    272. 

  272.             $scope = null;
    273. 

  273.         } else {
    274. 

  274.             // User needs to be enabled.
    275. 

  275.             if ($this->getProperty('state') !== 'enabled') {
    276. 

  276.                 return false;
    277. 

  277.             }
    278. 

  278. 

  279.             // User needs to be logged in.
    280. 

  280.             if (!$this->getProperty('authenticated')) {
    281. 

  281.                 return false;
    282. 

  282.             }
    283. 

  283. 

  284.             if (strpos($action, 'login') === false && !$this->getProperty('authorized')) {
    285. 

  285.                 // User needs to be authorized (2FA).
    286. 

  286.                 return false;
    287. 

  287.             }
    288. 

  288. 

  289.             // Workaround bug in Login::isUserAuthorizedForPage() <= Login v3.0.4
    290. 

  290.             if ((string)(int)$action === $action) {
    291. 

  291.                 return false;
    292. 

  292.             }
    293. 

  293.         }
    294. 

  294. 

  295.         // Check custom application access.
    296. 

  296.         $authorizeCallable = static::$authorizeCallable;
    297. 

  297.         if ($authorizeCallable instanceof Closure) {
    298. 

  298.             $callable = $authorizeCallable->bindTo($this, $this);
    299. 

  299.             $authorized = $callable($action, $scope);
    300. 

  300.             if (is_bool($authorized)) {
    301. 

  301.                 return $authorized;
    302. 

  302.             }
    303. 

  303.         }
    304. 

  304. 

  305.         // Check user access.
    306. 

  306.         $access = $this->getAccess();
    307. 

  307.         $authorized = $access->authorize($action, $scope);
    308. 

  308.         if (is_bool($authorized)) {
    309. 

  309.             return $authorized;
    310. 

  310.         }
    311. 

  311. 

  312.         // Check group access.
    313. 

  313.         $authorized = $this->getGroups()->authorize($action, $scope);
    314. 

  314.         if (is_bool($authorized)) {
    315. 

  315.             return $authorized;
    316. 

  316.         }
    317. 

  317. 

  318.         // If any specific rule isn't hit, check if user is a superuser.
    319. 

  319.         return $access->authorize('admin.super') === true;
    320. 

  320.     }
    321. 

  321. 

  322.     /**
    323. 

  323.      * @param string $property
    324. 

  324.      * @param mixed $default
    325. 

  325.      * @return mixed
    326. 

  326.      */
    327. 

  327.     public function getProperty($property, $default = null)
    328. 

  328.     {
    329. 

  329.         $value = parent::getProperty($property, $default);
    330. 

  330. 

  331.         if ($property === 'avatar') {
    332. 

  332.             $settings = $this->getMediaFieldSettings($property);
    333. 

  333.             $value = $this->parseFileProperty($value, $settings);
    334. 

  334.         }
    335. 

  335. 

  336.         return $value;
    337. 

  337.     }
    338. 

  338. 

  339.     /**
    340. 

  340.      * @return UserGroupIndex
    341. 

  341.      */
    342. 

  342.     public function getRoles(): UserGroupIndex
    343. 

  343.     {
    344. 

  344.         return $this->getGroups();
    345. 

  345.     }
    346. 

  346. 

  347.     /**
    348. 

  348.      * Convert object into an array.
    349. 

  349.      *
    350. 

  350.      * @return array
    351. 

  351.      */
    352. 

  352.     public function toArray()
    353. 

  353.     {
    354. 

  354.         $array = $this->jsonSerialize();
    355. 

  355. 

  356.         $settings = $this->getMediaFieldSettings('avatar');
    357. 

  357.         $array['avatar'] = $this->parseFileProperty($array['avatar'] ?? null, $settings);
    358. 

  358. 

  359.         return $array;
    360. 

  360.     }
    361. 

  361. 

  362.     /**
    363. 

  363.      * Convert object into YAML string.
    364. 

  364.      *
    365. 

  365.      * @param  int $inline  The level where you switch to inline YAML.
    366. 

  366.      * @param  int $indent  The amount of spaces to use for indentation of nested nodes.
    367. 

  367.      * @return string A YAML string representing the object.
    368. 

  368.      */
    369. 

  369.     public function toYaml($inline = 5, $indent = 2)
    370. 

  370.     {
    371. 

  371.         $yaml = new YamlFormatter(['inline' => $inline, 'indent' => $indent]);
    372. 

  372. 

  373.         return $yaml->encode($this->toArray());
    374. 

  374.     }
    375. 

  375. 

  376.     /**
    377. 

  377.      * Convert object into JSON string.
    378. 

  378.      *
    379. 

  379.      * @return string
    380. 

  380.      */
    381. 

  381.     public function toJson()
    382. 

  382.     {
    383. 

  383.         $json = new JsonFormatter();
    384. 

  384. 

  385.         return $json->encode($this->toArray());
    386. 

  386.     }
    387. 

  387. 

  388.     /**
    389. 

  389.      * Join nested values together by using blueprints.
    390. 

  390.      *
    391. 

  391.      * @param string  $name       Dot separated path to the requested value.
    392. 

  392.      * @param mixed   $value      Value to be joined.
    393. 

  393.      * @param string|null  $separator  Separator, defaults to '.'
    394. 

  394.      * @return $this
    395. 

  395.      * @throws RuntimeException
    396. 

  396.      */
    397. 

  397.     public function join($name, $value, $separator = null)
    398. 

  398.     {
    399. 

  399.         $separator = $separator ?? '.';
    400. 

  400.         $old = $this->get($name, null, $separator);
    401. 

  401.         if ($old !== null) {
    402. 

  402.             if (!is_array($old)) {
    403. 

  403.                 throw new RuntimeException('Value ' . $old);
    404. 

  404.             }
    405. 

  405. 

  406.             if (is_object($value)) {
    407. 

  407.                 $value = (array) $value;
    408. 

  408.             } elseif (!is_array($value)) {
    409. 

  409.                 throw new RuntimeException('Value ' . $value);
    410. 

  410.             }
    411. 

  411. 

  412.             $value = $this->getBlueprint()->mergeData($old, $value, $name, $separator);
    413. 

  413.         }
    414. 

  414. 

  415.         $this->set($name, $value, $separator);
    416. 

  416. 

  417.         return $this;
    418. 

  418.     }
    419. 

  419. 

  420.     /**
    421. 

  421.      * Get nested structure containing default values defined in the blueprints.
    422. 

  422.      *
    423. 

  423.      * Fields without default value are ignored in the list.
    424. 

  424. 

  425.      * @return array
    426. 

  426.      */
    427. 

  427.     public function getDefaults()
    428. 

  428.     {
    429. 

  429.         return $this->getBlueprint()->getDefaults();
    430. 

  430.     }
    431. 

  431. 

  432.     /**
    433. 

  433.      * Set default values by using blueprints.
    434. 

  434.      *
    435. 

  435.      * @param string  $name       Dot separated path to the requested value.
    436. 

  436.      * @param mixed   $value      Value to be joined.
    437. 

  437.      * @param string|null  $separator  Separator, defaults to '.'
    438. 

  438.      * @return $this
    439. 

  439.      */
    440. 

  440.     public function joinDefaults($name, $value, $separator = null)
    441. 

  441.     {
    442. 

  442.         if (is_object($value)) {
    443. 

  443.             $value = (array) $value;
    444. 

  444.         }
    445. 

  445. 

  446.         $old = $this->get($name, null, $separator);
    447. 

  447.         if ($old !== null) {
    448. 

  448.             $value = $this->getBlueprint()->mergeData($value, $old, $name, $separator ?? '.');
    449. 

  449.         }
    450. 

  450. 

  451.         $this->setNestedProperty($name, $value, $separator);
    452. 

  452. 

  453.         return $this;
    454. 

  454.     }
    455. 

  455. 

  456.     /**
    457. 

  457.      * Get value from the configuration and join it with given data.
    458. 

  458.      *
    459. 

  459.      * @param string  $name       Dot separated path to the requested value.
    460. 

  460.      * @param array|object $value Value to be joined.
    461. 

  461.      * @param string  $separator  Separator, defaults to '.'
    462. 

  462.      * @return array
    463. 

  463.      * @throws RuntimeException
    464. 

  464.      */
    465. 

  465.     public function getJoined($name, $value, $separator = null)
    466. 

  466.     {
    467. 

  467.         if (is_object($value)) {
    468. 

  468.             $value = (array) $value;
    469. 

  469.         } elseif (!is_array($value)) {
    470. 

  470.             throw new RuntimeException('Value ' . $value);
    471. 

  471.         }
    472. 

  472. 

  473.         $old = $this->get($name, null, $separator);
    474. 

  474. 

  475.         if ($old === null) {
    476. 

  476.             // No value set; no need to join data.
    477. 

  477.             return $value;
    478. 

  478.         }
    479. 

  479. 

  480.         if (!is_array($old)) {
    481. 

  481.             throw new RuntimeException('Value ' . $old);
    482. 

  482.         }
    483. 

  483. 

  484.         // Return joined data.
    485. 

  485.         return $this->getBlueprint()->mergeData($old, $value, $name, $separator ?? '.');
    486. 

  486.     }
    487. 

  487. 

  488.     /**
    489. 

  489.      * Set default values to the configuration if variables were not set.
    490. 

  490.      *
    491. 

  491.      * @param array $data
    492. 

  492.      * @return $this
    493. 

  493.      */
    494. 

  494.     public function setDefaults(array $data)
    495. 

  495.     {
    496. 

  496.         $this->setElements($this->getBlueprint()->mergeData($data, $this->toArray()));
    497. 

  497. 

  498.         return $this;
    499. 

  499.     }
    500. 

  500. 

  501.     /**
    502. 

  502.      * Validate by blueprints.
    503. 

  503.      *
    504. 

  504.      * @return $this
    505. 

  505.      * @throws \Exception
    506. 

  506.      */
    507. 

  507.     public function validate()
    508. 

  508.     {
    509. 

  509.         $this->getBlueprint()->validate($this->toArray());
    510. 

  510. 

  511.         return $this;
    512. 

  512.     }
    513. 

  513. 

  514.     /**
    515. 

  515.      * Filter all items by using blueprints.
    516. 

  516.      * @return $this
    517. 

  517.      */
    518. 

  518.     public function filter()
    519. 

  519.     {
    520. 

  520.         $this->setElements($this->getBlueprint()->filter($this->toArray()));
    521. 

  521. 

  522.         return $this;
    523. 

  523.     }
    524. 

  524. 

  525.     /**
    526. 

  526.      * Get extra items which haven't been defined in blueprints.
    527. 

  527.      *
    528. 

  528.      * @return array
    529. 

  529.      */
    530. 

  530.     public function extra()
    531. 

  531.     {
    532. 

  532.         return $this->getBlueprint()->extra($this->toArray());
    533. 

  533.     }
    534. 

  534. 

  535.     /**
    536. 

  536.      * Return unmodified data as raw string.
    537. 

  537.      *
    538. 

  538.      * NOTE: This function only returns data which has been saved to the storage.
    539. 

  539.      *
    540. 

  540.      * @return string
    541. 

  541.      */
    542. 

  542.     public function raw()
    543. 

  543.     {
    544. 

  544.         $file = $this->file();
    545. 

  545. 

  546.         return $file ? $file->raw() : '';
    547. 

  547.     }
    548. 

  548. 

  549.     /**
    550. 

  550.      * Set or get the data storage.
    551. 

  551.      *
    552. 

  552.      * @param FileInterface|null $storage Optionally enter a new storage.
    553. 

  553.      * @return FileInterface|null
    554. 

  554.      */
    555. 

  555.     public function file(FileInterface $storage = null)
    556. 

  556.     {
    557. 

  557.         if (null !== $storage) {
    558. 

  558.             $this->_storage = $storage;
    559. 

  559.         }
    560. 

  560. 

  561.         return $this->_storage;
    562. 

  562.     }
    563. 

  563. 

  564.     /**
    565. 

  565.      * @return bool
    566. 

  566.      */
    567. 

  567.     public function isValid(): bool
    568. 

  568.     {
    569. 

  569.         return $this->getProperty('state') !== null;
    570. 

  570.     }
    571. 

  571. 

  572.     /**
    573. 

  573.      * Save user
    574. 

  574.      *
    575. 

  575.      * @return static
    576. 

  576.      */
    577. 

  577.     public function save()
    578. 

  578.     {
    579. 

  579.         // TODO: We may want to handle this in the storage layer in the future.
    580. 

  580.         $key = $this->getStorageKey();
    581. 

  581.         if (!$key || strpos($key, '@@')) {
    582. 

  582.             $storage = $this->getFlexDirectory()->getStorage();
    583. 

  583.             if ($storage instanceof FileStorage) {
    584. 

  584.                 $this->setStorageKey($this->getKey());
    585. 

  585.             }
    586. 

  586.         }
    587. 

  587. 

  588.         $password = $this->getProperty('password') ?? $this->getProperty('password1');
    589. 

  589.         if (null !== $password && '' !== $password) {
    590. 

  590.             $password2 = $this->getProperty('password2');
    591. 

  591.             if (!\is_string($password) || ($password2 && $password !== $password2)) {
    592. 

  592.                 throw new \RuntimeException('Passwords did not match.');
    593. 

  593.             }
    594. 

  594. 

  595.             $this->setProperty('hashed_password', Authentication::create($password));
    596. 

  596.         }
    597. 

  597.         $this->unsetProperty('password');
    598. 

  598.         $this->unsetProperty('password1');
    599. 

  599.         $this->unsetProperty('password2');
    600. 

  600. 

  601.         // Backwards compatibility with older plugins.
    602. 

  602.         $fireEvents = $this->isAdminSite() && $this->getFlexDirectory()->getConfig('object.compat.events', true);
    603. 

  603.         $grav = $this->getContainer();
    604. 

  604.         if ($fireEvents) {
    605. 

  605.             $self = $this;
    606. 

  606.             $grav->fireEvent('onAdminSave', new Event(['type' => 'flex', 'directory' => $this->getFlexDirectory(), 'object' => &$self]));
    607. 

  607.             if ($self !== $this) {
    608. 

  608.                 throw new RuntimeException('Switching Flex User object during onAdminSave event is not supported! Please update plugin.');
    609. 

  609.             }
    610. 

  610.         }
    611. 

  611. 

  612.         $instance = parent::save();
    613. 

  613. 

  614.         // Backwards compatibility with older plugins.
    615. 

  615.         if ($fireEvents) {
    616. 

  616.             $grav->fireEvent('onAdminAfterSave', new Event(['type' => 'flex', 'directory' => $this->getFlexDirectory(), 'object' => $this]));
    617. 

  617.         }
    618. 

  618. 

  619.         return $instance;
    620. 

  620.     }
    621. 

  621. 

  622.     /**
    623. 

  623.      * @return array
    624. 

  624.      */
    625. 

  625.     public function prepareStorage(): array
    626. 

  626.     {
    627. 

  627.         $elements = parent::prepareStorage();
    628. 

  628. 

  629.         // Do not save authorization information.
    630. 

  630.         unset($elements['authenticated'], $elements['authorized']);
    631. 

  631. 

  632.         return $elements;
    633. 

  633.     }
    634. 

  634. 

  635.     /**
    636. 

  636.      * @return MediaCollectionInterface
    637. 

  637.      */
    638. 

  638.     public function getMedia()
    639. 

  639.     {
    640. 

  640.         /** @var Media $media */
    641. 

  641.         $media = $this->getFlexMedia();
    642. 

  642. 

  643.         // Deal with shared avatar folder.
    644. 

  644.         $path = $this->getAvatarFile();
    645. 

  645.         if ($path && !$media[$path] && is_file($path)) {
    646. 

  646.             $medium = MediumFactory::fromFile($path);
    647. 

  647.             if ($medium) {
    648. 

  648.                 $media->add($path, $medium);
    649. 

  649.                 $name = Utils::basename($path);
    650. 

  650.                 if ($name !== $path) {
    651. 

  651.                     $media->add($name, $medium);
    652. 

  652.                 }
    653. 

  653.             }
    654. 

  654.         }
    655. 

  655. 

  656.         return $media;
    657. 

  657.     }
    658. 

  658. 

  659.     /**
    660. 

  660.      * @return string|null
    661. 

  661.      */
    662. 

  662.     public function getMediaFolder(): ?string
    663. 

  663.     {
    664. 

  664.         $folder = $this->getFlexMediaFolder();
    665. 

  665. 

  666.         // Check for shared media
    667. 

  667.         if (!$folder && !$this->getFlexDirectory()->getMediaFolder()) {
    668. 

  668.             $this->_loadMedia = false;
    669. 

  669.             $folder = $this->getBlueprint()->fields()['avatar']['destination'] ?? 'account://avatars';
    670. 

  670.         }
    671. 

  671. 

  672.         return $folder;
    673. 

  673.     }
    674. 

  674. 

  675.     /**
    676. 

  676.      * @param string $name
    677. 

  677.      * @return Blueprint
    678. 

  678.      */
    679. 

  679.     protected function doGetBlueprint(string $name = ''): Blueprint
    680. 

  680.     {
    681. 

  681.         $blueprint = $this->getFlexDirectory()->getBlueprint($name ? '.' . $name : $name);
    682. 

  682. 

  683.         // HACK: With folder storage we need to ignore the avatar destination.
    684. 

  684.         if ($this->getFlexDirectory()->getMediaFolder()) {
    685. 

  685.             $field = $blueprint->get('form/fields/avatar');
    686. 

  686.             if ($field) {
    687. 

  687.                 unset($field['destination']);
    688. 

  688.                 $blueprint->set('form/fields/avatar', $field);
    689. 

  689.             }
    690. 

  690.         }
    691. 

  691. 

  692.         return $blueprint;
    693. 

  693.     }
    694. 

  694. 

  695.     /**
    696. 

  696.      * @param UserInterface $user
    697. 

  697.      * @param string $action
    698. 

  698.      * @param string $scope
    699. 

  699.      * @param bool $isMe
    700. 

  700.      * @return bool|null
    701. 

  701.      */
    702. 

  702.     protected function isAuthorizedOverride(UserInterface $user, string $action, string $scope, bool $isMe = false): ?bool
    703. 

  703.     {
    704. 

  704.         // Check custom application access.
    705. 

  705.         $isAuthorizedCallable = static::$isAuthorizedCallable;
    706. 

  706.         if ($isAuthorizedCallable instanceof Closure) {
    707. 

  707.             $callable = $isAuthorizedCallable->bindTo($this, $this);
    708. 

  708.             $authorized = $callable($user, $action, $scope, $isMe);
    709. 

  709.             if (is_bool($authorized)) {
    710. 

  710.                 return $authorized;
    711. 

  711.             }
    712. 

  712.         }
    713. 

  713. 

  714.         if ($user instanceof self && $user->getStorageKey() === $this->getStorageKey()) {
    715. 

  715.             // User cannot delete his own account, otherwise he has full access.
    716. 

  716.             return $action !== 'delete';
    717. 

  717.         }
    718. 

  718. 

  719.         return parent::isAuthorizedOverride($user, $action, $scope, $isMe);
    720. 

  720.     }
    721. 

  721. 

  722.     /**
    723. 

  723.      * @return string|null
    724. 

  724.      */
    725. 

  725.     protected function getAvatarFile(): ?string
    726. 

  726.     {
    727. 

  727.         $avatars = $this->getElement('avatar');
    728. 

  728.         if (is_array($avatars) && $avatars) {
    729. 

  729.             $avatar = array_shift($avatars);
    730. 

  730. 

  731.             return $avatar['path'] ?? null;
    732. 

  732.         }
    733. 

  733. 

  734.         return null;
    735. 

  735.     }
    736. 

  736. 

  737.     /**
    738. 

  738.      * Gets the associated media collection (original images).
    739. 

  739.      *
    740. 

  740.      * @return MediaCollectionInterface  Representation of associated media.
    741. 

  741.      */
    742. 

  742.     protected function getOriginalMedia()
    743. 

  743.     {
    744. 

  744.         $folder = $this->getMediaFolder();
    745. 

  745.         if ($folder) {
    746. 

  746.             $folder .= '/original';
    747. 

  747.         }
    748. 

  748. 

  749.         return (new Media($folder ?? '', $this->getMediaOrder()))->setTimestamps();
    750. 

  750.     }
    751. 

  751. 

  752.     /**
    753. 

  753.      * @param array $files
    754. 

  754.      * @return void
    755. 

  755.      */
    756. 

  756.     protected function setUpdatedMedia(array $files): void
    757. 

  757.     {
    758. 

  758.         /** @var UniformResourceLocator $locator */
    759. 

  759.         $locator = Grav::instance()['locator'];
    760. 

  760. 

  761.         $media = $this->getMedia();
    762. 

  762.         if (!$media instanceof MediaUploadInterface) {
    763. 

  763.             return;
    764. 

  764.         }
    765. 

  765. 

  766.         $filesystem = Filesystem::getInstance(false);
    767. 

  767. 

  768.         $list = [];
    769. 

  769.         $list_original = [];
    770. 

  770.         foreach ($files as $field => $group) {
    771. 

  771.             // Ignore files without a field.
    772. 

  772.             if ($field === '') {
    773. 

  773.                 continue;
    774. 

  774.             }
    775. 

  775.             $field = (string)$field;
    776. 

  776. 

  777.             // Load settings for the field.
    778. 

  778.             $settings = $this->getMediaFieldSettings($field);
    779. 

  779.             foreach ($group as $filename => $file) {
    780. 

  780.                 if ($file) {
    781. 

  781.                     // File upload.
    782. 

  782.                     $filename = $file->getClientFilename();
    783. 

  783. 

  784.                     /** @var FormFlashFile $file */
    785. 

  785.                     $data = $file->jsonSerialize();
    786. 

  786.                     unset($data['tmp_name'], $data['path']);
    787. 

  787.                 } else {
    788. 

  788.                     // File delete.
    789. 

  789.                     $data = null;
    790. 

  790.                 }
    791. 

  791. 

  792.                 if ($file) {
    793. 

  793.                     // Check file upload against media limits (except for max size).
    794. 

  794.                     $filename = $media->checkUploadedFile($file, $filename, ['filesize' => 0] + $settings);
    795. 

  795.                 }
    796. 

  796. 

  797.                 $self = $settings['self'];
    798. 

  798.                 if ($this->_loadMedia && $self) {
    799. 

  799.                     $filepath = $filename;
    800. 

  800.                 } else {
    801. 

  801.                     $filepath = "{$settings['destination']}/{$filename}";
    802. 

  802. 

  803.                     // For backwards compatibility we are always using relative path from the installation root.
    804. 

  804.                     if ($locator->isStream($filepath)) {
    805. 

  805.                         $filepath = $locator->findResource($filepath, false, true);
    806. 

  806.                     }
    807. 

  807.                 }
    808. 

  808. 

  809.                 // Special handling for original images.
    810. 

  810.                 if (strpos($field, '/original')) {
    811. 

  811.                     if ($this->_loadMedia && $self) {
    812. 

  812.                         $list_original[$filename] = [$file, $settings];
    813. 

  813.                     }
    814. 

  814.                     continue;
    815. 

  815.                 }
    816. 

  816. 

  817.                 // Calculate path without the retina scaling factor.
    818. 

  818.                 $realpath = $filesystem->pathname($filepath) . str_replace(['@3x', '@2x'], '', Utils::basename($filepath));
    819. 

  819. 

  820.                 $list[$filename] = [$file, $settings];
    821. 

  821. 

  822.                 $path = str_replace('.', "\n", $field);
    823. 

  823.                 if (null !== $data) {
    824. 

  824.                     $data['name'] = $filename;
    825. 

  825.                     $data['path'] = $filepath;
    826. 

  826. 

  827.                     $this->setNestedProperty("{$path}\n{$realpath}", $data, "\n");
    828. 

  828.                 } else {
    829. 

  829.                     $this->unsetNestedProperty("{$path}\n{$realpath}", "\n");
    830. 

  830.                 }
    831. 

  831.             }
    832. 

  832.         }
    833. 

  833. 

  834.         $this->clearMediaCache();
    835. 

  835. 

  836.         $this->_uploads = $list;
    837. 

  837.         $this->_uploads_original = $list_original;
    838. 

  838.     }
    839. 

  839. 

  840.     protected function saveUpdatedMedia(): void
    841. 

  841.     {
    842. 

  842.         $media = $this->getMedia();
    843. 

  843.         if (!$media instanceof MediaUploadInterface) {
    844. 

  844.             throw new RuntimeException('Internal error UO101');
    845. 

  845.         }
    846. 

  846. 

  847.         // Upload/delete original sized images.
    848. 

  848.         /**
    849. 

  849.          * @var string $filename
    850. 

  850.          * @var UploadedFileInterface|array|null $file
    851. 

  851.          */
    852. 

  852.         foreach ($this->_uploads_original ?? [] as $filename => $file) {
    853. 

  853.             $filename = 'original/' . $filename;
    854. 

  854.             if (is_array($file)) {
    855. 

  855.                 [$file, $settings] = $file;
    856. 

  856.             } else {
    857. 

  857.                 $settings = null;
    858. 

  858.             }
    859. 

  859.             if ($file instanceof UploadedFileInterface) {
    860. 

  860.                 $media->copyUploadedFile($file, $filename, $settings);
    861. 

  861.             } else {
    862. 

  862.                 $media->deleteFile($filename, $settings);
    863. 

  863.             }
    864. 

  864.         }
    865. 

  865. 

  866.         // Upload/delete altered files.
    867. 

  867.         /**
    868. 

  868.          * @var string $filename
    869. 

  869.          * @var UploadedFileInterface|array|null $file
    870. 

  870.          */
    871. 

  871.         foreach ($this->getUpdatedMedia() as $filename => $file) {
    872. 

  872.             if (is_array($file)) {
    873. 

  873.                 [$file, $settings] = $file;
    874. 

  874.             } else {
    875. 

  875.                 $settings = null;
    876. 

  876.             }
    877. 

  877.             if ($file instanceof UploadedFileInterface) {
    878. 

  878.                 $media->copyUploadedFile($file, $filename, $settings);
    879. 

  879.             } else {
    880. 

  880.                 $media->deleteFile($filename, $settings);
    881. 

  881.             }
    882. 

  882.         }
    883. 

  883. 

  884.         $this->setUpdatedMedia([]);
    885. 

  885.         $this->clearMediaCache();
    886. 

  886.     }
    887. 

  887. 

  888.     /**
    889. 

  889.      * @return array
    890. 

  890.      */
    891. 

  891.     protected function doSerialize(): array
    892. 

  892.     {
    893. 

  893.         return [
    894. 

  894.             'type' => $this->getFlexType(),
    895. 

  895.             'key' => $this->getKey(),
    896. 

  896.             'elements' => $this->jsonSerialize(),
    897. 

  897.             'storage' => $this->getMetaData()
    898. 

  898.         ];
    899. 

  899.     }
    900. 

  900. 

  901.     /**
    902. 

  902.      * @return UserGroupIndex
    903. 

  903.      */
    904. 

  904.     protected function getUserGroups()
    905. 

  905.     {
    906. 

  906.         $grav = Grav::instance();
    907. 

  907. 

  908.         /** @var Flex $flex */
    909. 

  909.         $flex = $grav['flex'];
    910. 

  910. 

  911.         /** @var UserGroupCollection|null $groups */
    912. 

  912.         $groups = $flex->getDirectory('user-groups');
    913. 

  913.         if ($groups) {
    914. 

  914.             /** @var UserGroupIndex $index */
    915. 

  915.             $index = $groups->getIndex();
    916. 

  916. 

  917.             return $index;
    918. 

  918.         }
    919. 

  919. 

  920.         return $grav['user_groups'];
    921. 

  921.     }
    922. 

  922. 

  923.     /**
    924. 

  924.      * @return UserGroupIndex
    925. 

  925.      */
    926. 

  926.     protected function getGroups()
    927. 

  927.     {
    928. 

  928.         if (null === $this->_groups) {
    929. 

  929.             /** @var UserGroupIndex $groups */
    930. 

  930.             $groups = $this->getUserGroups()->select((array)$this->getProperty('groups'));
    931. 

  931.             $this->_groups = $groups;
    932. 

  932.         }
    933. 

  933. 

  934.         return $this->_groups;
    935. 

  935.     }
    936. 

  936. 

  937.     /**
    938. 

  938.      * @return Access
    939. 

  939.      */
    940. 

  940.     protected function getAccess(): Access
    941. 

  941.     {
    942. 

  942.         if (null === $this->_access) {
    943. 

  943.             $this->_access = new Access($this->getProperty('access'));
    944. 

  944.         }
    945. 

  945. 

  946.         return $this->_access;
    947. 

  947.     }
    948. 

  948. 

  949.     /**
    950. 

  950.      * @param mixed $value
    951. 

  951.      * @return array
    952. 

  952.      */
    953. 

  953.     protected function offsetLoad_access($value): array
    954. 

  954.     {
    955. 

  955.         if (!$value instanceof Access) {
    956. 

  956.             $value = new Access($value);
    957. 

  957.         }
    958. 

  958. 

  959.         return $value->jsonSerialize();
    960. 

  960.     }
    961. 

  961. 

  962.     /**
    963. 

  963.      * @param mixed $value
    964. 

  964.      * @return array
    965. 

  965.      */
    966. 

  966.     protected function offsetPrepare_access($value): array
    967. 

  967.     {
    968. 

  968.         return $this->offsetLoad_access($value);
    969. 

  969.     }
    970. 

  970. 

  971.     /**
    972. 

  972.      * @param array|null $value
    973. 

  973.      * @return array|null
    974. 

  974.      */
    975. 

  975.     protected function offsetSerialize_access(?array $value): ?array
    976. 

  976.     {
    977. 

  977.         return $value;
    978. 

  978.     }
    979. 

  979. }
    980.