Sākums Izpētīt Palīdzība
Pierakstīties
ouidade
/
lecampus.valdedrome.com
2
0
Atdalīts 0
Faili Problēmas 0 Izmaiņu pieprasījumi 0 Vikivietne
Koks: faaab9c4d3
Atzari Tagi
lecampus.val...
/
system
/
src
/
Grav
/
Common
/
Flex
/
Types
/
Users
/
UserObject.php

UserObject.php 30 KB
Vēsture Neapstrādāts

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059 
  1. <?php
    2. 

  2. 

  3. declare(strict_types=1);
    4. 

  4. 

  5. /**
    6. 

  6.  * @package    Grav\Common\Flex
    7. 

  7.  *
    8. 

  8.  * @copyright  Copyright (c) 2015 - 2023 Trilby Media, LLC. All rights reserved.
    9. 

  9.  * @license    MIT License; see LICENSE file for details.
    10. 

  10.  */
    11. 

  11. 

  12. namespace Grav\Common\Flex\Types\Users;
    13. 

  13. 

  14. use Closure;
    15. 

  15. use Countable;
    16. 

  16. use Grav\Common\Config\Config;
    17. 

  17. use Grav\Common\Data\Blueprint;
    18. 

  18. use Grav\Common\Flex\FlexObject;
    19. 

  19. use Grav\Common\Flex\Traits\FlexGravTrait;
    20. 

  20. use Grav\Common\Flex\Traits\FlexObjectTrait;
    21. 

  21. use Grav\Common\Flex\Types\Users\Traits\UserObjectLegacyTrait;
    22. 

  22. use Grav\Common\Grav;
    23. 

  23. use Grav\Common\Media\Interfaces\MediaCollectionInterface;
    24. 

  24. use Grav\Common\Media\Interfaces\MediaUploadInterface;
    25. 

  25. use Grav\Common\Page\Media;
    26. 

  26. use Grav\Common\Page\Medium\MediumFactory;
    27. 

  27. use Grav\Common\User\Access;
    28. 

  28. use Grav\Common\User\Authentication;
    29. 

  29. use Grav\Common\Flex\Types\UserGroups\UserGroupCollection;
    30. 

  30. use Grav\Common\Flex\Types\UserGroups\UserGroupIndex;
    31. 

  31. use Grav\Common\User\Interfaces\UserInterface;
    32. 

  32. use Grav\Common\User\Traits\UserTrait;
    33. 

  33. use Grav\Common\Utils;
    34. 

  34. use Grav\Framework\Contracts\Relationships\ToOneRelationshipInterface;
    35. 

  35. use Grav\Framework\File\Formatter\JsonFormatter;
    36. 

  36. use Grav\Framework\File\Formatter\YamlFormatter;
    37. 

  37. use Grav\Framework\Filesystem\Filesystem;
    38. 

  38. use Grav\Framework\Flex\Flex;
    39. 

  39. use Grav\Framework\Flex\FlexDirectory;
    40. 

  40. use Grav\Framework\Flex\Storage\FileStorage;
    41. 

  41. use Grav\Framework\Flex\Traits\FlexMediaTrait;
    42. 

  42. use Grav\Framework\Flex\Traits\FlexRelationshipsTrait;
    43. 

  43. use Grav\Framework\Form\FormFlashFile;
    44. 

  44. use Grav\Framework\Media\MediaIdentifier;
    45. 

  45. use Grav\Framework\Media\UploadedMediaObject;
    46. 

  46. use Psr\Http\Message\UploadedFileInterface;
    47. 

  47. use RocketTheme\Toolbox\Event\Event;
    48. 

  48. use RocketTheme\Toolbox\File\FileInterface;
    49. 

  49. use RocketTheme\Toolbox\ResourceLocator\UniformResourceLocator;
    50. 

  50. use RuntimeException;
    51. 

  51. use function is_array;
    52. 

  52. use function is_bool;
    53. 

  53. use function is_object;
    54. 

  54. 

  55. /**
    56. 

  56.  * Flex User
    57. 

  57.  *
    58. 

  58.  * Flex User is mostly compatible with the older User class, except on few key areas:
    59. 

  59.  *
    60. 

  60.  * - Constructor parameters have been changed. Old code creating a new user does not work.
    61. 

  61.  * - Serializer has been changed -- existing sessions will be killed.
    62. 

  62.  *
    63. 

  63.  * @package Grav\Common\User
    64. 

  64.  *
    65. 

  65.  * @property string $username
    66. 

  66.  * @property string $email
    67. 

  67.  * @property string $fullname
    68. 

  68.  * @property string $state
    69. 

  69.  * @property array $groups
    70. 

  70.  * @property array $access
    71. 

  71.  * @property bool $authenticated
    72. 

  72.  * @property bool $authorized
    73. 

  73.  */
    74. 

  74. class UserObject extends FlexObject implements UserInterface, Countable
    75. 

  75. {
    76. 

  76.     use FlexGravTrait;
    77. 

  77.     use FlexObjectTrait;
    78. 

  78.     use FlexMediaTrait {
    79. 

  79.         getMedia as private getFlexMedia;
    80. 

  80.         getMediaFolder as private getFlexMediaFolder;
    81. 

  81.     }
    82. 

  82.     use UserTrait;
    83. 

  83.     use UserObjectLegacyTrait;
    84. 

  84.     use FlexRelationshipsTrait;
    85. 

  85. 

  86.     /** @var Closure|null */
    87. 

  87.     static public $authorizeCallable;
    88. 

  88.     /** @var Closure|null */
    89. 

  89.     static public $isAuthorizedCallable;
    90. 

  90. 

  91.     /** @var array|null */
    92. 

  92.     protected $_uploads_original;
    93. 

  93.     /** @var FileInterface|null */
    94. 

  94.     protected $_storage;
    95. 

  95.     /** @var UserGroupIndex */
    96. 

  96.     protected $_groups;
    97. 

  97.     /** @var Access */
    98. 

  98.     protected $_access;
    99. 

  99.     /** @var array|null */
    100. 

  100.     protected $access;
    101. 

  101. 

  102.     /**
    103. 

  103.      * @return array
    104. 

  104.      */
    105. 

  105.     public static function getCachedMethods(): array
    106. 

  106.     {
    107. 

  107.         return [
    108. 

  108.             'authorize' => 'session',
    109. 

  109.             'load' => false,
    110. 

  110.             'find' => false,
    111. 

  111.             'remove' => false,
    112. 

  112.             'get' => true,
    113. 

  113.             'set' => false,
    114. 

  114.             'undef' => false,
    115. 

  115.             'def' => false,
    116. 

  116.         ] + parent::getCachedMethods();
    117. 

  117.     }
    118. 

  118. 

  119.     /**
    120. 

  120.      * UserObject constructor.
    121. 

  121.      * @param array $elements
    122. 

  122.      * @param string $key
    123. 

  123.      * @param FlexDirectory $directory
    124. 

  124.      * @param bool $validate
    125. 

  125.      */
    126. 

  126.     public function __construct(array $elements, $key, FlexDirectory $directory, bool $validate = false)
    127. 

  127.     {
    128. 

  128.         // User can only be authenticated via login.
    129. 

  129.         unset($elements['authenticated'], $elements['authorized']);
    130. 

  130. 

  131.         // Define username if it's not set.
    132. 

  132.         if (!isset($elements['username'])) {
    133. 

  133.             $storageKey = $elements['__META']['storage_key'] ?? null;
    134. 

  134.             $storage = $directory->getStorage();
    135. 

  135.             if (null !== $storageKey && method_exists($storage, 'normalizeKey') && $key === $storage->normalizeKey($storageKey)) {
    136. 

  136.                 $elements['username'] = $storageKey;
    137. 

  137.             } else {
    138. 

  138.                 $elements['username'] = $key;
    139. 

  139.             }
    140. 

  140.         }
    141. 

  141. 

  142.         // Define state if it isn't set.
    143. 

  143.         if (!isset($elements['state'])) {
    144. 

  144.             $elements['state'] = 'enabled';
    145. 

  145.         }
    146. 

  146. 

  147.         parent::__construct($elements, $key, $directory, $validate);
    148. 

  148.     }
    149. 

  149. 

  150.     public function __clone()
    151. 

  151.     {
    152. 

  152.         $this->_access = null;
    153. 

  153.         $this->_groups = null;
    154. 

  154. 

  155.         parent::__clone();
    156. 

  156.     }
    157. 

  157. 

  158.     /**
    159. 

  159.      * @return void
    160. 

  160.      */
    161. 

  161.     public function onPrepareRegistration(): void
    162. 

  162.     {
    163. 

  163.         if (!$this->getProperty('access')) {
    164. 

  164.             /** @var Config $config */
    165. 

  165.             $config = Grav::instance()['config'];
    166. 

  166. 

  167.             $groups = $config->get('plugins.login.user_registration.groups', '');
    168. 

  168.             $access = $config->get('plugins.login.user_registration.access', ['site' => ['login' => true]]);
    169. 

  169. 

  170.             $this->setProperty('groups', $groups);
    171. 

  171.             $this->setProperty('access', $access);
    172. 

  172.         }
    173. 

  173.     }
    174. 

  174. 

  175.     /**
    176. 

  176.      * Helper to get content editor will fall back if not set
    177. 

  177.      *
    178. 

  178.      * @return string
    179. 

  179.      */
    180. 

  180.     public function getContentEditor(): string
    181. 

  181.     {
    182. 

  182.         return $this->getProperty('content_editor', 'default');
    183. 

  183.     }
    184. 

  184. 

  185.     /**
    186. 

  186.      * Get value by using dot notation for nested arrays/objects.
    187. 

  187.      *
    188. 

  188.      * @example $value = $this->get('this.is.my.nested.variable');
    189. 

  189.      *
    190. 

  190.      * @param string  $name       Dot separated path to the requested value.
    191. 

  191.      * @param mixed   $default    Default value (or null).
    192. 

  192.      * @param string|null  $separator  Separator, defaults to '.'
    193. 

  193.      * @return mixed  Value.
    194. 

  194.      */
    195. 

  195.     public function get($name, $default = null, $separator = null)
    196. 

  196.     {
    197. 

  197.         return $this->getNestedProperty($name, $default, $separator);
    198. 

  198.     }
    199. 

  199. 

  200.     /**
    201. 

  201.      * Set value by using dot notation for nested arrays/objects.
    202. 

  202.      *
    203. 

  203.      * @example $data->set('this.is.my.nested.variable', $value);
    204. 

  204.      *
    205. 

  205.      * @param string  $name       Dot separated path to the requested value.
    206. 

  206.      * @param mixed   $value      New value.
    207. 

  207.      * @param string|null  $separator  Separator, defaults to '.'
    208. 

  208.      * @return $this
    209. 

  209.      */
    210. 

  210.     public function set($name, $value, $separator = null)
    211. 

  211.     {
    212. 

  212.         $this->setNestedProperty($name, $value, $separator);
    213. 

  213. 

  214.         return $this;
    215. 

  215.     }
    216. 

  216. 

  217.     /**
    218. 

  218.      * Unset value by using dot notation for nested arrays/objects.
    219. 

  219.      *
    220. 

  220.      * @example $data->undef('this.is.my.nested.variable');
    221. 

  221.      *
    222. 

  222.      * @param string  $name       Dot separated path to the requested value.
    223. 

  223.      * @param string|null  $separator  Separator, defaults to '.'
    224. 

  224.      * @return $this
    225. 

  225.      */
    226. 

  226.     public function undef($name, $separator = null)
    227. 

  227.     {
    228. 

  228.         $this->unsetNestedProperty($name, $separator);
    229. 

  229. 

  230.         return $this;
    231. 

  231.     }
    232. 

  232. 

  233.     /**
    234. 

  234.      * Set default value by using dot notation for nested arrays/objects.
    235. 

  235.      *
    236. 

  236.      * @example $data->def('this.is.my.nested.variable', 'default');
    237. 

  237.      *
    238. 

  238.      * @param string  $name       Dot separated path to the requested value.
    239. 

  239.      * @param mixed   $default    Default value (or null).
    240. 

  240.      * @param string|null  $separator  Separator, defaults to '.'
    241. 

  241.      * @return $this
    242. 

  242.      */
    243. 

  243.     public function def($name, $default = null, $separator = null)
    244. 

  244.     {
    245. 

  245.         $this->defNestedProperty($name, $default, $separator);
    246. 

  246. 

  247.         return $this;
    248. 

  248.     }
    249. 

  249. 

  250.     /**
    251. 

  251.      * @param UserInterface|null $user
    252. 

  252.      * @return bool
    253. 

  253.      */
    254. 

  254.     public function isMyself(?UserInterface $user = null): bool
    255. 

  255.     {
    256. 

  256.         if (null === $user) {
    257. 

  257.             $user = $this->getActiveUser();
    258. 

  258.             if ($user && !$user->authenticated) {
    259. 

  259.                 $user = null;
    260. 

  260.             }
    261. 

  261.         }
    262. 

  262. 

  263.         return $user && $this->username === $user->username;
    264. 

  264.     }
    265. 

  265. 

  266.     /**
    267. 

  267.      * Checks user authorization to the action.
    268. 

  268.      *
    269. 

  269.      * @param  string $action
    270. 

  270.      * @param  string|null $scope
    271. 

  271.      * @return bool|null
    272. 

  272.      */
    273. 

  273.     public function authorize(string $action, string $scope = null): ?bool
    274. 

  274.     {
    275. 

  275.         if ($scope === 'test') {
    276. 

  276.             // Special scope to test user permissions.
    277. 

  277.             $scope = null;
    278. 

  278.         } else {
    279. 

  279.             // User needs to be enabled.
    280. 

  280.             if ($this->getProperty('state') !== 'enabled') {
    281. 

  281.                 return false;
    282. 

  282.             }
    283. 

  283. 

  284.             // User needs to be logged in.
    285. 

  285.             if (!$this->getProperty('authenticated')) {
    286. 

  286.                 return false;
    287. 

  287.             }
    288. 

  288. 

  289.             if (strpos($action, 'login') === false && !$this->getProperty('authorized')) {
    290. 

  290.                 // User needs to be authorized (2FA).
    291. 

  291.                 return false;
    292. 

  292.             }
    293. 

  293. 

  294.             // Workaround bug in Login::isUserAuthorizedForPage() <= Login v3.0.4
    295. 

  295.             if ((string)(int)$action === $action) {
    296. 

  296.                 return false;
    297. 

  297.             }
    298. 

  298.         }
    299. 

  299. 

  300.         // Check custom application access.
    301. 

  301.         $authorizeCallable = static::$authorizeCallable;
    302. 

  302.         if ($authorizeCallable instanceof Closure) {
    303. 

  303.             $callable = $authorizeCallable->bindTo($this, $this);
    304. 

  304.             $authorized = $callable($action, $scope);
    305. 

  305.             if (is_bool($authorized)) {
    306. 

  306.                 return $authorized;
    307. 

  307.             }
    308. 

  308.         }
    309. 

  309. 

  310.         // Check user access.
    311. 

  311.         $access = $this->getAccess();
    312. 

  312.         $authorized = $access->authorize($action, $scope);
    313. 

  313.         if (is_bool($authorized)) {
    314. 

  314.             return $authorized;
    315. 

  315.         }
    316. 

  316. 

  317.         // Check group access.
    318. 

  318.         $authorized = $this->getGroups()->authorize($action, $scope);
    319. 

  319.         if (is_bool($authorized)) {
    320. 

  320.             return $authorized;
    321. 

  321.         }
    322. 

  322. 

  323.         // If any specific rule isn't hit, check if user is a superuser.
    324. 

  324.         return $access->authorize('admin.super') === true;
    325. 

  325.     }
    326. 

  326. 

  327.     /**
    328. 

  328.      * @param string $property
    329. 

  329.      * @param mixed $default
    330. 

  330.      * @return mixed
    331. 

  331.      */
    332. 

  332.     public function getProperty($property, $default = null)
    333. 

  333.     {
    334. 

  334.         $value = parent::getProperty($property, $default);
    335. 

  335. 

  336.         if ($property === 'avatar') {
    337. 

  337.             $settings = $this->getMediaFieldSettings($property);
    338. 

  338.             $value = $this->parseFileProperty($value, $settings);
    339. 

  339.         }
    340. 

  340. 

  341.         return $value;
    342. 

  342.     }
    343. 

  343. 

  344.     /**
    345. 

  345.      * @return UserGroupIndex
    346. 

  346.      */
    347. 

  347.     public function getRoles(): UserGroupIndex
    348. 

  348.     {
    349. 

  349.         return $this->getGroups();
    350. 

  350.     }
    351. 

  351. 

  352.     /**
    353. 

  353.      * Convert object into an array.
    354. 

  354.      *
    355. 

  355.      * @return array
    356. 

  356.      */
    357. 

  357.     public function toArray()
    358. 

  358.     {
    359. 

  359.         $array = $this->jsonSerialize();
    360. 

  360. 

  361.         $settings = $this->getMediaFieldSettings('avatar');
    362. 

  362.         $array['avatar'] = $this->parseFileProperty($array['avatar'] ?? null, $settings);
    363. 

  363. 

  364.         return $array;
    365. 

  365.     }
    366. 

  366. 

  367.     /**
    368. 

  368.      * Convert object into YAML string.
    369. 

  369.      *
    370. 

  370.      * @param  int $inline  The level where you switch to inline YAML.
    371. 

  371.      * @param  int $indent  The amount of spaces to use for indentation of nested nodes.
    372. 

  372.      * @return string A YAML string representing the object.
    373. 

  373.      */
    374. 

  374.     public function toYaml($inline = 5, $indent = 2)
    375. 

  375.     {
    376. 

  376.         $yaml = new YamlFormatter(['inline' => $inline, 'indent' => $indent]);
    377. 

  377. 

  378.         return $yaml->encode($this->toArray());
    379. 

  379.     }
    380. 

  380. 

  381.     /**
    382. 

  382.      * Convert object into JSON string.
    383. 

  383.      *
    384. 

  384.      * @return string
    385. 

  385.      */
    386. 

  386.     public function toJson()
    387. 

  387.     {
    388. 

  388.         $json = new JsonFormatter();
    389. 

  389. 

  390.         return $json->encode($this->toArray());
    391. 

  391.     }
    392. 

  392. 

  393.     /**
    394. 

  394.      * Join nested values together by using blueprints.
    395. 

  395.      *
    396. 

  396.      * @param string  $name       Dot separated path to the requested value.
    397. 

  397.      * @param mixed   $value      Value to be joined.
    398. 

  398.      * @param string|null  $separator  Separator, defaults to '.'
    399. 

  399.      * @return $this
    400. 

  400.      * @throws RuntimeException
    401. 

  401.      */
    402. 

  402.     public function join($name, $value, $separator = null)
    403. 

  403.     {
    404. 

  404.         $separator = $separator ?? '.';
    405. 

  405.         $old = $this->get($name, null, $separator);
    406. 

  406.         if ($old !== null) {
    407. 

  407.             if (!is_array($old)) {
    408. 

  408.                 throw new RuntimeException('Value ' . $old);
    409. 

  409.             }
    410. 

  410. 

  411.             if (is_object($value)) {
    412. 

  412.                 $value = (array) $value;
    413. 

  413.             } elseif (!is_array($value)) {
    414. 

  414.                 throw new RuntimeException('Value ' . $value);
    415. 

  415.             }
    416. 

  416. 

  417.             $value = $this->getBlueprint()->mergeData($old, $value, $name, $separator);
    418. 

  418.         }
    419. 

  419. 

  420.         $this->set($name, $value, $separator);
    421. 

  421. 

  422.         return $this;
    423. 

  423.     }
    424. 

  424. 

  425.     /**
    426. 

  426.      * Get nested structure containing default values defined in the blueprints.
    427. 

  427.      *
    428. 

  428.      * Fields without default value are ignored in the list.
    429. 

  429. 

  430.      * @return array
    431. 

  431.      */
    432. 

  432.     public function getDefaults()
    433. 

  433.     {
    434. 

  434.         return $this->getBlueprint()->getDefaults();
    435. 

  435.     }
    436. 

  436. 

  437.     /**
    438. 

  438.      * Set default values by using blueprints.
    439. 

  439.      *
    440. 

  440.      * @param string  $name       Dot separated path to the requested value.
    441. 

  441.      * @param mixed   $value      Value to be joined.
    442. 

  442.      * @param string|null  $separator  Separator, defaults to '.'
    443. 

  443.      * @return $this
    444. 

  444.      */
    445. 

  445.     public function joinDefaults($name, $value, $separator = null)
    446. 

  446.     {
    447. 

  447.         if (is_object($value)) {
    448. 

  448.             $value = (array) $value;
    449. 

  449.         }
    450. 

  450. 

  451.         $old = $this->get($name, null, $separator);
    452. 

  452.         if ($old !== null) {
    453. 

  453.             $value = $this->getBlueprint()->mergeData($value, $old, $name, $separator ?? '.');
    454. 

  454.         }
    455. 

  455. 

  456.         $this->setNestedProperty($name, $value, $separator);
    457. 

  457. 

  458.         return $this;
    459. 

  459.     }
    460. 

  460. 

  461.     /**
    462. 

  462.      * Get value from the configuration and join it with given data.
    463. 

  463.      *
    464. 

  464.      * @param string  $name       Dot separated path to the requested value.
    465. 

  465.      * @param array|object $value Value to be joined.
    466. 

  466.      * @param string  $separator  Separator, defaults to '.'
    467. 

  467.      * @return array
    468. 

  468.      * @throws RuntimeException
    469. 

  469.      */
    470. 

  470.     public function getJoined($name, $value, $separator = null)
    471. 

  471.     {
    472. 

  472.         if (is_object($value)) {
    473. 

  473.             $value = (array) $value;
    474. 

  474.         } elseif (!is_array($value)) {
    475. 

  475.             throw new RuntimeException('Value ' . $value);
    476. 

  476.         }
    477. 

  477. 

  478.         $old = $this->get($name, null, $separator);
    479. 

  479. 

  480.         if ($old === null) {
    481. 

  481.             // No value set; no need to join data.
    482. 

  482.             return $value;
    483. 

  483.         }
    484. 

  484. 

  485.         if (!is_array($old)) {
    486. 

  486.             throw new RuntimeException('Value ' . $old);
    487. 

  487.         }
    488. 

  488. 

  489.         // Return joined data.
    490. 

  490.         return $this->getBlueprint()->mergeData($old, $value, $name, $separator ?? '.');
    491. 

  491.     }
    492. 

  492. 

  493.     /**
    494. 

  494.      * Set default values to the configuration if variables were not set.
    495. 

  495.      *
    496. 

  496.      * @param array $data
    497. 

  497.      * @return $this
    498. 

  498.      */
    499. 

  499.     public function setDefaults(array $data)
    500. 

  500.     {
    501. 

  501.         $this->setElements($this->getBlueprint()->mergeData($data, $this->toArray()));
    502. 

  502. 

  503.         return $this;
    504. 

  504.     }
    505. 

  505. 

  506.     /**
    507. 

  507.      * Validate by blueprints.
    508. 

  508.      *
    509. 

  509.      * @return $this
    510. 

  510.      * @throws \Exception
    511. 

  511.      */
    512. 

  512.     public function validate()
    513. 

  513.     {
    514. 

  514.         $this->getBlueprint()->validate($this->toArray());
    515. 

  515. 

  516.         return $this;
    517. 

  517.     }
    518. 

  518. 

  519.     /**
    520. 

  520.      * Filter all items by using blueprints.
    521. 

  521.      * @return $this
    522. 

  522.      */
    523. 

  523.     public function filter()
    524. 

  524.     {
    525. 

  525.         $this->setElements($this->getBlueprint()->filter($this->toArray()));
    526. 

  526. 

  527.         return $this;
    528. 

  528.     }
    529. 

  529. 

  530.     /**
    531. 

  531.      * Get extra items which haven't been defined in blueprints.
    532. 

  532.      *
    533. 

  533.      * @return array
    534. 

  534.      */
    535. 

  535.     public function extra()
    536. 

  536.     {
    537. 

  537.         return $this->getBlueprint()->extra($this->toArray());
    538. 

  538.     }
    539. 

  539. 

  540.     /**
    541. 

  541.      * Return unmodified data as raw string.
    542. 

  542.      *
    543. 

  543.      * NOTE: This function only returns data which has been saved to the storage.
    544. 

  544.      *
    545. 

  545.      * @return string
    546. 

  546.      */
    547. 

  547.     public function raw()
    548. 

  548.     {
    549. 

  549.         $file = $this->file();
    550. 

  550. 

  551.         return $file ? $file->raw() : '';
    552. 

  552.     }
    553. 

  553. 

  554.     /**
    555. 

  555.      * Set or get the data storage.
    556. 

  556.      *
    557. 

  557.      * @param FileInterface|null $storage Optionally enter a new storage.
    558. 

  558.      * @return FileInterface|null
    559. 

  559.      */
    560. 

  560.     public function file(FileInterface $storage = null)
    561. 

  561.     {
    562. 

  562.         if (null !== $storage) {
    563. 

  563.             $this->_storage = $storage;
    564. 

  564.         }
    565. 

  565. 

  566.         return $this->_storage;
    567. 

  567.     }
    568. 

  568. 

  569.     /**
    570. 

  570.      * @return bool
    571. 

  571.      */
    572. 

  572.     public function isValid(): bool
    573. 

  573.     {
    574. 

  574.         return $this->getProperty('state') !== null;
    575. 

  575.     }
    576. 

  576. 

  577.     /**
    578. 

  578.      * Save user
    579. 

  579.      *
    580. 

  580.      * @return static
    581. 

  581.      */
    582. 

  582.     public function save()
    583. 

  583.     {
    584. 

  584.         // TODO: We may want to handle this in the storage layer in the future.
    585. 

  585.         $key = $this->getStorageKey();
    586. 

  586.         if (!$key || strpos($key, '@@')) {
    587. 

  587.             $storage = $this->getFlexDirectory()->getStorage();
    588. 

  588.             if ($storage instanceof FileStorage) {
    589. 

  589.                 $this->setStorageKey($this->getKey());
    590. 

  590.             }
    591. 

  591.         }
    592. 

  592. 

  593.         $password = $this->getProperty('password') ?? $this->getProperty('password1');
    594. 

  594.         if (null !== $password && '' !== $password) {
    595. 

  595.             $password2 = $this->getProperty('password2');
    596. 

  596.             if (!\is_string($password) || ($password2 && $password !== $password2)) {
    597. 

  597.                 throw new \RuntimeException('Passwords did not match.');
    598. 

  598.             }
    599. 

  599. 

  600.             $this->setProperty('hashed_password', Authentication::create($password));
    601. 

  601.         }
    602. 

  602.         $this->unsetProperty('password');
    603. 

  603.         $this->unsetProperty('password1');
    604. 

  604.         $this->unsetProperty('password2');
    605. 

  605. 

  606.         // Backwards compatibility with older plugins.
    607. 

  607.         $fireEvents = $this->isAdminSite() && $this->getFlexDirectory()->getConfig('object.compat.events', true);
    608. 

  608.         $grav = $this->getContainer();
    609. 

  609.         if ($fireEvents) {
    610. 

  610.             $self = $this;
    611. 

  611.             $grav->fireEvent('onAdminSave', new Event(['type' => 'flex', 'directory' => $this->getFlexDirectory(), 'object' => &$self]));
    612. 

  612.             if ($self !== $this) {
    613. 

  613.                 throw new RuntimeException('Switching Flex User object during onAdminSave event is not supported! Please update plugin.');
    614. 

  614.             }
    615. 

  615.         }
    616. 

  616. 

  617.         $instance = parent::save();
    618. 

  618. 

  619.         // Backwards compatibility with older plugins.
    620. 

  620.         if ($fireEvents) {
    621. 

  621.             $grav->fireEvent('onAdminAfterSave', new Event(['type' => 'flex', 'directory' => $this->getFlexDirectory(), 'object' => $this]));
    622. 

  622.         }
    623. 

  623. 

  624.         return $instance;
    625. 

  625.     }
    626. 

  626. 

  627.     /**
    628. 

  628.      * @return array
    629. 

  629.      */
    630. 

  630.     public function prepareStorage(): array
    631. 

  631.     {
    632. 

  632.         $elements = parent::prepareStorage();
    633. 

  633. 

  634.         // Do not save authorization information.
    635. 

  635.         unset($elements['authenticated'], $elements['authorized']);
    636. 

  636. 

  637.         return $elements;
    638. 

  638.     }
    639. 

  639. 

  640.     /**
    641. 

  641.      * @return MediaCollectionInterface
    642. 

  642.      */
    643. 

  643.     public function getMedia()
    644. 

  644.     {
    645. 

  645.         /** @var Media $media */
    646. 

  646.         $media = $this->getFlexMedia();
    647. 

  647. 

  648.         // Deal with shared avatar folder.
    649. 

  649.         $path = $this->getAvatarFile();
    650. 

  650.         if ($path && !$media[$path] && is_file($path)) {
    651. 

  651.             $medium = MediumFactory::fromFile($path);
    652. 

  652.             if ($medium) {
    653. 

  653.                 $media->add($path, $medium);
    654. 

  654.                 $name = Utils::basename($path);
    655. 

  655.                 if ($name !== $path) {
    656. 

  656.                     $media->add($name, $medium);
    657. 

  657.                 }
    658. 

  658.             }
    659. 

  659.         }
    660. 

  660. 

  661.         return $media;
    662. 

  662.     }
    663. 

  663. 

  664.     /**
    665. 

  665.      * @return string|null
    666. 

  666.      */
    667. 

  667.     public function getMediaFolder(): ?string
    668. 

  668.     {
    669. 

  669.         $folder = $this->getFlexMediaFolder();
    670. 

  670. 

  671.         // Check for shared media
    672. 

  672.         if (!$folder && !$this->getFlexDirectory()->getMediaFolder()) {
    673. 

  673.             $this->_loadMedia = false;
    674. 

  674.             $folder = $this->getBlueprint()->fields()['avatar']['destination'] ?? 'account://avatars';
    675. 

  675.         }
    676. 

  676. 

  677.         return $folder;
    678. 

  678.     }
    679. 

  679. 

  680.     /**
    681. 

  681.      * @param string $name
    682. 

  682.      * @return array|object|null
    683. 

  683.      * @internal
    684. 

  684.      */
    685. 

  685.     public function initRelationship(string $name)
    686. 

  686.     {
    687. 

  687.         switch ($name) {
    688. 

  688.             case 'media':
    689. 

  689.                 $list = [];
    690. 

  690.                 foreach ($this->getMedia()->all() as $filename => $object) {
    691. 

  691.                     $list[] = $this->buildMediaObject(null, $filename, $object);
    692. 

  692.                 }
    693. 

  693. 

  694.                 return $list;
    695. 

  695.             case 'avatar':
    696. 

  696.                 return $this->buildMediaObject('avatar', basename($this->getAvatarUrl()), $this->getAvatarImage());
    697. 

  697.         }
    698. 

  698. 

  699.         throw new \InvalidArgumentException(sprintf('%s: Relationship %s does not exist', $this->getFlexType(), $name));
    700. 

  700.     }
    701. 

  701. 

  702.     /**
    703. 

  703.      * @return bool Return true if relationships were updated.
    704. 

  704.      */
    705. 

  705.     protected function updateRelationships(): bool
    706. 

  706.     {
    707. 

  707.         $modified = $this->getRelationships()->getModified();
    708. 

  708.         if ($modified) {
    709. 

  709.             foreach ($modified as $relationship) {
    710. 

  710.                 $name = $relationship->getName();
    711. 

  711.                 switch ($name) {
    712. 

  712.                     case 'avatar':
    713. 

  713.                         \assert($relationship instanceof ToOneRelationshipInterface);
    714. 

  714.                         $this->updateAvatarRelationship($relationship);
    715. 

  715.                         break;
    716. 

  716.                     default:
    717. 

  717.                         throw new \InvalidArgumentException(sprintf('%s: Relationship %s cannot be modified', $this->getFlexType(), $name), 400);
    718. 

  718.                 }
    719. 

  719.             }
    720. 

  720. 

  721.             $this->resetRelationships();
    722. 

  722. 

  723.             return true;
    724. 

  724.         }
    725. 

  725. 

  726.         return false;
    727. 

  727.     }
    728. 

  728. 

  729.     /**
    730. 

  730.      * @param ToOneRelationshipInterface $relationship
    731. 

  731.      */
    732. 

  732.     protected function updateAvatarRelationship(ToOneRelationshipInterface $relationship): void
    733. 

  733.     {
    734. 

  734.         $files = [];
    735. 

  735.         $avatar = $this->getAvatarImage();
    736. 

  736.         if ($avatar) {
    737. 

  737.             $files['avatar'][$avatar->filename] = null;
    738. 

  738.         }
    739. 

  739. 

  740.         $identifier = $relationship->getIdentifier();
    741. 

  741.         if ($identifier) {
    742. 

  742.             \assert($identifier instanceof MediaIdentifier);
    743. 

  743.             $object = $identifier->getObject();
    744. 

  744.             if ($object instanceof UploadedMediaObject) {
    745. 

  745.                 $uploadedFile = $object->getUploadedFile();
    746. 

  746.                 if ($uploadedFile) {
    747. 

  747.                     $files['avatar'][$uploadedFile->getClientFilename()] = $uploadedFile;
    748. 

  748.                 }
    749. 

  749.             }
    750. 

  750.         }
    751. 

  751. 

  752.         $this->update([], $files);
    753. 

  753.     }
    754. 

  754. 

  755.     /**
    756. 

  756.      * @param string $name
    757. 

  757.      * @return Blueprint
    758. 

  758.      */
    759. 

  759.     protected function doGetBlueprint(string $name = ''): Blueprint
    760. 

  760.     {
    761. 

  761.         $blueprint = $this->getFlexDirectory()->getBlueprint($name ? '.' . $name : $name);
    762. 

  762. 

  763.         // HACK: With folder storage we need to ignore the avatar destination.
    764. 

  764.         if ($this->getFlexDirectory()->getMediaFolder()) {
    765. 

  765.             $field = $blueprint->get('form/fields/avatar');
    766. 

  766.             if ($field) {
    767. 

  767.                 unset($field['destination']);
    768. 

  768.                 $blueprint->set('form/fields/avatar', $field);
    769. 

  769.             }
    770. 

  770.         }
    771. 

  771. 

  772.         return $blueprint;
    773. 

  773.     }
    774. 

  774. 

  775.     /**
    776. 

  776.      * @param UserInterface $user
    777. 

  777.      * @param string $action
    778. 

  778.      * @param string $scope
    779. 

  779.      * @param bool $isMe
    780. 

  780.      * @return bool|null
    781. 

  781.      */
    782. 

  782.     protected function isAuthorizedOverride(UserInterface $user, string $action, string $scope, bool $isMe = false): ?bool
    783. 

  783.     {
    784. 

  784.         // Check custom application access.
    785. 

  785.         $isAuthorizedCallable = static::$isAuthorizedCallable;
    786. 

  786.         if ($isAuthorizedCallable instanceof Closure) {
    787. 

  787.             $callable = $isAuthorizedCallable->bindTo($this, $this);
    788. 

  788.             $authorized = $callable($user, $action, $scope, $isMe);
    789. 

  789.             if (is_bool($authorized)) {
    790. 

  790.                 return $authorized;
    791. 

  791.             }
    792. 

  792.         }
    793. 

  793. 

  794.         if ($user instanceof self && $user->getStorageKey() === $this->getStorageKey()) {
    795. 

  795.             // User cannot delete his own account, otherwise he has full access.
    796. 

  796.             return $action !== 'delete';
    797. 

  797.         }
    798. 

  798. 

  799.         return parent::isAuthorizedOverride($user, $action, $scope, $isMe);
    800. 

  800.     }
    801. 

  801. 

  802.     /**
    803. 

  803.      * @return string|null
    804. 

  804.      */
    805. 

  805.     protected function getAvatarFile(): ?string
    806. 

  806.     {
    807. 

  807.         $avatars = $this->getElement('avatar');
    808. 

  808.         if (is_array($avatars) && $avatars) {
    809. 

  809.             $avatar = array_shift($avatars);
    810. 

  810. 

  811.             return $avatar['path'] ?? null;
    812. 

  812.         }
    813. 

  813. 

  814.         return null;
    815. 

  815.     }
    816. 

  816. 

  817.     /**
    818. 

  818.      * Gets the associated media collection (original images).
    819. 

  819.      *
    820. 

  820.      * @return MediaCollectionInterface  Representation of associated media.
    821. 

  821.      */
    822. 

  822.     protected function getOriginalMedia()
    823. 

  823.     {
    824. 

  824.         $folder = $this->getMediaFolder();
    825. 

  825.         if ($folder) {
    826. 

  826.             $folder .= '/original';
    827. 

  827.         }
    828. 

  828. 

  829.         return (new Media($folder ?? '', $this->getMediaOrder()))->setTimestamps();
    830. 

  830.     }
    831. 

  831. 

  832.     /**
    833. 

  833.      * @param array $files
    834. 

  834.      * @return void
    835. 

  835.      */
    836. 

  836.     protected function setUpdatedMedia(array $files): void
    837. 

  837.     {
    838. 

  838.         /** @var UniformResourceLocator $locator */
    839. 

  839.         $locator = Grav::instance()['locator'];
    840. 

  840. 

  841.         $media = $this->getMedia();
    842. 

  842.         if (!$media instanceof MediaUploadInterface) {
    843. 

  843.             return;
    844. 

  844.         }
    845. 

  845. 

  846.         $filesystem = Filesystem::getInstance(false);
    847. 

  847. 

  848.         $list = [];
    849. 

  849.         $list_original = [];
    850. 

  850.         foreach ($files as $field => $group) {
    851. 

  851.             // Ignore files without a field.
    852. 

  852.             if ($field === '') {
    853. 

  853.                 continue;
    854. 

  854.             }
    855. 

  855.             $field = (string)$field;
    856. 

  856. 

  857.             // Load settings for the field.
    858. 

  858.             $settings = $this->getMediaFieldSettings($field);
    859. 

  859.             foreach ($group as $filename => $file) {
    860. 

  860.                 if ($file) {
    861. 

  861.                     // File upload.
    862. 

  862.                     $filename = $file->getClientFilename();
    863. 

  863. 

  864.                     /** @var FormFlashFile $file */
    865. 

  865.                     $data = $file->jsonSerialize();
    866. 

  866.                     unset($data['tmp_name'], $data['path']);
    867. 

  867.                 } else {
    868. 

  868.                     // File delete.
    869. 

  869.                     $data = null;
    870. 

  870.                 }
    871. 

  871. 

  872.                 if ($file) {
    873. 

  873.                     // Check file upload against media limits (except for max size).
    874. 

  874.                     $filename = $media->checkUploadedFile($file, $filename, ['filesize' => 0] + $settings);
    875. 

  875.                 }
    876. 

  876. 

  877.                 $self = $settings['self'];
    878. 

  878.                 if ($this->_loadMedia && $self) {
    879. 

  879.                     $filepath = $filename;
    880. 

  880.                 } else {
    881. 

  881.                     $filepath = "{$settings['destination']}/{$filename}";
    882. 

  882. 

  883.                     // For backwards compatibility we are always using relative path from the installation root.
    884. 

  884.                     if ($locator->isStream($filepath)) {
    885. 

  885.                         $filepath = $locator->findResource($filepath, false, true);
    886. 

  886.                     }
    887. 

  887.                 }
    888. 

  888. 

  889.                 // Special handling for original images.
    890. 

  890.                 if (strpos($field, '/original')) {
    891. 

  891.                     if ($this->_loadMedia && $self) {
    892. 

  892.                         $list_original[$filename] = [$file, $settings];
    893. 

  893.                     }
    894. 

  894.                     continue;
    895. 

  895.                 }
    896. 

  896. 

  897.                 // Calculate path without the retina scaling factor.
    898. 

  898.                 $realpath = $filesystem->pathname($filepath) . str_replace(['@3x', '@2x'], '', Utils::basename($filepath));
    899. 

  899. 

  900.                 $list[$filename] = [$file, $settings];
    901. 

  901. 

  902.                 $path = str_replace('.', "\n", $field);
    903. 

  903.                 if (null !== $data) {
    904. 

  904.                     $data['name'] = $filename;
    905. 

  905.                     $data['path'] = $filepath;
    906. 

  906. 

  907.                     $this->setNestedProperty("{$path}\n{$realpath}", $data, "\n");
    908. 

  908.                 } else {
    909. 

  909.                     $this->unsetNestedProperty("{$path}\n{$realpath}", "\n");
    910. 

  910.                 }
    911. 

  911.             }
    912. 

  912.         }
    913. 

  913. 

  914.         $this->clearMediaCache();
    915. 

  915. 

  916.         $this->_uploads = $list;
    917. 

  917.         $this->_uploads_original = $list_original;
    918. 

  918.     }
    919. 

  919. 

  920.     protected function saveUpdatedMedia(): void
    921. 

  921.     {
    922. 

  922.         $media = $this->getMedia();
    923. 

  923.         if (!$media instanceof MediaUploadInterface) {
    924. 

  924.             throw new RuntimeException('Internal error UO101');
    925. 

  925.         }
    926. 

  926. 

  927.         // Upload/delete original sized images.
    928. 

  928.         /**
    929. 

  929.          * @var string $filename
    930. 

  930.          * @var UploadedFileInterface|array|null $file
    931. 

  931.          */
    932. 

  932.         foreach ($this->_uploads_original ?? [] as $filename => $file) {
    933. 

  933.             $filename = 'original/' . $filename;
    934. 

  934.             if (is_array($file)) {
    935. 

  935.                 [$file, $settings] = $file;
    936. 

  936.             } else {
    937. 

  937.                 $settings = null;
    938. 

  938.             }
    939. 

  939.             if ($file instanceof UploadedFileInterface) {
    940. 

  940.                 $media->copyUploadedFile($file, $filename, $settings);
    941. 

  941.             } else {
    942. 

  942.                 $media->deleteFile($filename, $settings);
    943. 

  943.             }
    944. 

  944.         }
    945. 

  945. 

  946.         // Upload/delete altered files.
    947. 

  947.         /**
    948. 

  948.          * @var string $filename
    949. 

  949.          * @var UploadedFileInterface|array|null $file
    950. 

  950.          */
    951. 

  951.         foreach ($this->getUpdatedMedia() as $filename => $file) {
    952. 

  952.             if (is_array($file)) {
    953. 

  953.                 [$file, $settings] = $file;
    954. 

  954.             } else {
    955. 

  955.                 $settings = null;
    956. 

  956.             }
    957. 

  957.             if ($file instanceof UploadedFileInterface) {
    958. 

  958.                 $media->copyUploadedFile($file, $filename, $settings);
    959. 

  959.             } else {
    960. 

  960.                 $media->deleteFile($filename, $settings);
    961. 

  961.             }
    962. 

  962.         }
    963. 

  963. 

  964.         $this->setUpdatedMedia([]);
    965. 

  965.         $this->clearMediaCache();
    966. 

  966.     }
    967. 

  967. 

  968.     /**
    969. 

  969.      * @return array
    970. 

  970.      */
    971. 

  971.     protected function doSerialize(): array
    972. 

  972.     {
    973. 

  973.         return [
    974. 

  974.             'type' => $this->getFlexType(),
    975. 

  975.             'key' => $this->getKey(),
    976. 

  976.             'elements' => $this->jsonSerialize(),
    977. 

  977.             'storage' => $this->getMetaData()
    978. 

  978.         ];
    979. 

  979.     }
    980. 

  980. 

  981.     /**
    982. 

  982.      * @return UserGroupIndex
    983. 

  983.      */
    984. 

  984.     protected function getUserGroups()
    985. 

  985.     {
    986. 

  986.         $grav = Grav::instance();
    987. 

  987. 

  988.         /** @var Flex $flex */
    989. 

  989.         $flex = $grav['flex'];
    990. 

  990. 

  991.         /** @var UserGroupCollection|null $groups */
    992. 

  992.         $groups = $flex->getDirectory('user-groups');
    993. 

  993.         if ($groups) {
    994. 

  994.             /** @var UserGroupIndex $index */
    995. 

  995.             $index = $groups->getIndex();
    996. 

  996. 

  997.             return $index;
    998. 

  998.         }
    999. 

  999. 

  1000.         return $grav['user_groups'];
    1001. 

  1001.     }
    1002. 

  1002. 

  1003.     /**
    1004. 

  1004.      * @return UserGroupIndex
    1005. 

  1005.      */
    1006. 

  1006.     protected function getGroups()
    1007. 

  1007.     {
    1008. 

  1008.         if (null === $this->_groups) {
    1009. 

  1009.             /** @var UserGroupIndex $groups */
    1010. 

  1010.             $groups = $this->getUserGroups()->select((array)$this->getProperty('groups'));
    1011. 

  1011.             $this->_groups = $groups;
    1012. 

  1012.         }
    1013. 

  1013. 

  1014.         return $this->_groups;
    1015. 

  1015.     }
    1016. 

  1016. 

  1017.     /**
    1018. 

  1018.      * @return Access
    1019. 

  1019.      */
    1020. 

  1020.     protected function getAccess(): Access
    1021. 

  1021.     {
    1022. 

  1022.         if (null === $this->_access) {
    1023. 

  1023.             $this->_access = new Access($this->getProperty('access'));
    1024. 

  1024.         }
    1025. 

  1025. 

  1026.         return $this->_access;
    1027. 

  1027.     }
    1028. 

  1028. 

  1029.     /**
    1030. 

  1030.      * @param mixed $value
    1031. 

  1031.      * @return array
    1032. 

  1032.      */
    1033. 

  1033.     protected function offsetLoad_access($value): array
    1034. 

  1034.     {
    1035. 

  1035.         if (!$value instanceof Access) {
    1036. 

  1036.             $value = new Access($value);
    1037. 

  1037.         }
    1038. 

  1038. 

  1039.         return $value->jsonSerialize();
    1040. 

  1040.     }
    1041. 

  1041. 

  1042.     /**
    1043. 

  1043.      * @param mixed $value
    1044. 

  1044.      * @return array
    1045. 

  1045.      */
    1046. 

  1046.     protected function offsetPrepare_access($value): array
    1047. 

  1047.     {
    1048. 

  1048.         return $this->offsetLoad_access($value);
    1049. 

  1049.     }
    1050. 

  1050. 

  1051.     /**
    1052. 

  1052.      * @param array|null $value
    1053. 

  1053.      * @return array|null
    1054. 

  1054.      */
    1055. 

  1055.     protected function offsetSerialize_access(?array $value): ?array
    1056. 

  1056.     {
    1057. 

  1057.         return $value;
    1058. 

  1058.     }
    1059. 

  1059. }
    1060.