1e5a6b4d4SGreg Roach<?php 23976b470SGreg Roach 3e5a6b4d4SGreg Roach/** 4e5a6b4d4SGreg Roach * webtrees: online genealogy 5e5a6b4d4SGreg Roach * Copyright (C) 2019 webtrees development team 6e5a6b4d4SGreg Roach * This program is free software: you can redistribute it and/or modify 7e5a6b4d4SGreg Roach * it under the terms of the GNU General Public License as published by 8e5a6b4d4SGreg Roach * the Free Software Foundation, either version 3 of the License, or 9e5a6b4d4SGreg Roach * (at your option) any later version. 10e5a6b4d4SGreg Roach * This program is distributed in the hope that it will be useful, 11e5a6b4d4SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 12e5a6b4d4SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13e5a6b4d4SGreg Roach * GNU General Public License for more details. 14e5a6b4d4SGreg Roach * You should have received a copy of the GNU General Public License 15e5a6b4d4SGreg Roach * along with this program. If not, see <http://www.gnu.org/licenses/>. 16e5a6b4d4SGreg Roach */ 17*fcfa147eSGreg Roach 18e5a6b4d4SGreg Roachdeclare(strict_types=1); 19e5a6b4d4SGreg Roach 20e5a6b4d4SGreg Roachnamespace Fisharebest\Webtrees\Services; 21e5a6b4d4SGreg Roach 22e5a6b4d4SGreg Roachuse Fisharebest\Webtrees\Auth; 23a00bcc63SGreg Roachuse Fisharebest\Webtrees\Carbon; 24e5a6b4d4SGreg Roachuse Fisharebest\Webtrees\Individual; 255229eadeSGreg Roachuse Fisharebest\Webtrees\Tree; 26e5a6b4d4SGreg Roachuse Fisharebest\Webtrees\User; 27e5a6b4d4SGreg Roachuse Illuminate\Database\Capsule\Manager as DB; 28e5a6b4d4SGreg Roachuse Illuminate\Database\Query\JoinClause; 29e5a6b4d4SGreg Roachuse Illuminate\Support\Collection; 305229eadeSGreg Roachuse InvalidArgumentException; 316ccdf4f0SGreg Roachuse Psr\Http\Message\ServerRequestInterface; 32f1d4b4a2SGreg Roach 336ccdf4f0SGreg Roachuse function app; 345229eadeSGreg Roachuse function assert; 35e5a6b4d4SGreg Roach 36e5a6b4d4SGreg Roach/** 37e5a6b4d4SGreg Roach * Functions for managing users. 38e5a6b4d4SGreg Roach */ 39e5a6b4d4SGreg Roachclass UserService 40e5a6b4d4SGreg Roach{ 41e5a6b4d4SGreg Roach /** 42e5a6b4d4SGreg Roach * Find the user with a specified user_id. 43e5a6b4d4SGreg Roach * 44e5a6b4d4SGreg Roach * @param int|null $user_id 45e5a6b4d4SGreg Roach * 46e5a6b4d4SGreg Roach * @return User|null 47e5a6b4d4SGreg Roach */ 4825d7fe95SGreg Roach public function find($user_id): ?User 49e5a6b4d4SGreg Roach { 500b5fd0a6SGreg Roach return app('cache.array')->rememberForever(__CLASS__ . $user_id, static function () use ($user_id): ?User { 51e5a6b4d4SGreg Roach return DB::table('user') 52e5a6b4d4SGreg Roach ->where('user_id', '=', $user_id) 53e5a6b4d4SGreg Roach ->get() 54e5a6b4d4SGreg Roach ->map(User::rowMapper()) 55e5a6b4d4SGreg Roach ->first(); 56e5a6b4d4SGreg Roach }); 57e5a6b4d4SGreg Roach } 58e5a6b4d4SGreg Roach 59e5a6b4d4SGreg Roach /** 60e5a6b4d4SGreg Roach * Find the user with a specified email address. 61e5a6b4d4SGreg Roach * 62e5a6b4d4SGreg Roach * @param string $email 63e5a6b4d4SGreg Roach * 64e5a6b4d4SGreg Roach * @return User|null 65e5a6b4d4SGreg Roach */ 66e364afe4SGreg Roach public function findByEmail($email): ?User 67e5a6b4d4SGreg Roach { 68e5a6b4d4SGreg Roach return DB::table('user') 69e5a6b4d4SGreg Roach ->where('email', '=', $email) 70e5a6b4d4SGreg Roach ->get() 71e5a6b4d4SGreg Roach ->map(User::rowMapper()) 72e5a6b4d4SGreg Roach ->first(); 73e5a6b4d4SGreg Roach } 74e5a6b4d4SGreg Roach 75e5a6b4d4SGreg Roach /** 76e5a6b4d4SGreg Roach * Find the user with a specified user_name or email address. 77e5a6b4d4SGreg Roach * 78e5a6b4d4SGreg Roach * @param string $identifier 79e5a6b4d4SGreg Roach * 80e5a6b4d4SGreg Roach * @return User|null 81e5a6b4d4SGreg Roach */ 82e364afe4SGreg Roach public function findByIdentifier($identifier): ?User 83e5a6b4d4SGreg Roach { 84e5a6b4d4SGreg Roach return DB::table('user') 85e5a6b4d4SGreg Roach ->where('user_name', '=', $identifier) 86e5a6b4d4SGreg Roach ->orWhere('email', '=', $identifier) 87e5a6b4d4SGreg Roach ->get() 88e5a6b4d4SGreg Roach ->map(User::rowMapper()) 89e5a6b4d4SGreg Roach ->first(); 90e5a6b4d4SGreg Roach } 91e5a6b4d4SGreg Roach 92e5a6b4d4SGreg Roach /** 93e5a6b4d4SGreg Roach * Find the user(s) with a specified genealogy record. 94e5a6b4d4SGreg Roach * 95e5a6b4d4SGreg Roach * @param Individual $individual 96e5a6b4d4SGreg Roach * 9754c7f8dfSGreg Roach * @return Collection 98e5a6b4d4SGreg Roach */ 99e5a6b4d4SGreg Roach public function findByIndividual(Individual $individual): Collection 100e5a6b4d4SGreg Roach { 101e5a6b4d4SGreg Roach return DB::table('user') 102e5a6b4d4SGreg Roach ->join('user_gedcom_setting', 'user_gedcom_setting.user_id', '=', 'user.user_id') 103e5a6b4d4SGreg Roach ->where('gedcom_id', '=', $individual->tree()->id()) 104e5a6b4d4SGreg Roach ->where('setting_value', '=', $individual->xref()) 105e5a6b4d4SGreg Roach ->where('setting_name', '=', 'gedcomid') 106e5a6b4d4SGreg Roach ->select(['user.*']) 107e5a6b4d4SGreg Roach ->get() 108e5a6b4d4SGreg Roach ->map(User::rowMapper()); 109e5a6b4d4SGreg Roach } 110e5a6b4d4SGreg Roach 111e5a6b4d4SGreg Roach /** 112a00bcc63SGreg Roach * Find the user with a specified password reset token. 113a00bcc63SGreg Roach * 114a00bcc63SGreg Roach * @param string $token 115a00bcc63SGreg Roach * 116a00bcc63SGreg Roach * @return User|null 117a00bcc63SGreg Roach */ 118a00bcc63SGreg Roach public function findByToken(string $token): ?User 119a00bcc63SGreg Roach { 120a00bcc63SGreg Roach return DB::table('user') 121a00bcc63SGreg Roach ->join('user_setting AS us1', 'us1.user_id', '=', 'user.user_id') 122a00bcc63SGreg Roach ->where('us1.setting_name', '=', 'password-token') 123a00bcc63SGreg Roach ->where('us1.setting_value', '=', $token) 124a00bcc63SGreg Roach ->join('user_setting AS us2', 'us2.user_id', '=', 'user.user_id') 125a00bcc63SGreg Roach ->where('us2.setting_name', '=', 'password-token-expire') 126a00bcc63SGreg Roach ->where('us2.setting_value', '>', Carbon::now()->timestamp) 127a00bcc63SGreg Roach ->select(['user.*']) 128a00bcc63SGreg Roach ->get() 129a00bcc63SGreg Roach ->map(User::rowMapper()) 130a00bcc63SGreg Roach ->first(); 131a00bcc63SGreg Roach } 132a00bcc63SGreg Roach 133a00bcc63SGreg Roach /** 134e5a6b4d4SGreg Roach * Find the user with a specified user_name. 135e5a6b4d4SGreg Roach * 136e5a6b4d4SGreg Roach * @param string $user_name 137e5a6b4d4SGreg Roach * 138e5a6b4d4SGreg Roach * @return User|null 139e5a6b4d4SGreg Roach */ 140e364afe4SGreg Roach public function findByUserName($user_name): ?User 141e5a6b4d4SGreg Roach { 142e5a6b4d4SGreg Roach return DB::table('user') 143e5a6b4d4SGreg Roach ->where('user_name', '=', $user_name) 144e5a6b4d4SGreg Roach ->get() 145e5a6b4d4SGreg Roach ->map(User::rowMapper()) 146e5a6b4d4SGreg Roach ->first(); 147e5a6b4d4SGreg Roach } 148e5a6b4d4SGreg Roach 149e5a6b4d4SGreg Roach /** 150e5a6b4d4SGreg Roach * Get a list of all users. 151e5a6b4d4SGreg Roach * 15254c7f8dfSGreg Roach * @return Collection 153e5a6b4d4SGreg Roach */ 154e5a6b4d4SGreg Roach public function all(): Collection 155e5a6b4d4SGreg Roach { 156e5a6b4d4SGreg Roach return DB::table('user') 157e5a6b4d4SGreg Roach ->where('user_id', '>', 0) 158e5a6b4d4SGreg Roach ->orderBy('real_name') 159e5a6b4d4SGreg Roach ->get() 160e5a6b4d4SGreg Roach ->map(User::rowMapper()); 161e5a6b4d4SGreg Roach } 162e5a6b4d4SGreg Roach 163e5a6b4d4SGreg Roach /** 164e5a6b4d4SGreg Roach * Get a list of all administrators. 165e5a6b4d4SGreg Roach * 16654c7f8dfSGreg Roach * @return Collection 167e5a6b4d4SGreg Roach */ 168e5a6b4d4SGreg Roach public function administrators(): Collection 169e5a6b4d4SGreg Roach { 170e5a6b4d4SGreg Roach return DB::table('user') 1710b5fd0a6SGreg Roach ->join('user_setting', static function (JoinClause $join): void { 172e5a6b4d4SGreg Roach $join 173e5a6b4d4SGreg Roach ->on('user_setting.user_id', '=', 'user.user_id') 174e5a6b4d4SGreg Roach ->where('user_setting.setting_name', '=', 'canadmin') 175e5a6b4d4SGreg Roach ->where('user_setting.setting_value', '=', '1'); 176e5a6b4d4SGreg Roach }) 177e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 178e5a6b4d4SGreg Roach ->orderBy('real_name') 179e5a6b4d4SGreg Roach ->select(['user.*']) 180e5a6b4d4SGreg Roach ->get() 181e5a6b4d4SGreg Roach ->map(User::rowMapper()); 182e5a6b4d4SGreg Roach } 183e5a6b4d4SGreg Roach 184e5a6b4d4SGreg Roach /** 185e5a6b4d4SGreg Roach * Get a list of all managers. 186e5a6b4d4SGreg Roach * 18754c7f8dfSGreg Roach * @return Collection 188e5a6b4d4SGreg Roach */ 189e5a6b4d4SGreg Roach public function managers(): Collection 190e5a6b4d4SGreg Roach { 191e5a6b4d4SGreg Roach return DB::table('user') 1920b5fd0a6SGreg Roach ->join('user_gedcom_setting', static function (JoinClause $join): void { 193e5a6b4d4SGreg Roach $join 194e5a6b4d4SGreg Roach ->on('user_gedcom_setting.user_id', '=', 'user.user_id') 195e5a6b4d4SGreg Roach ->where('user_gedcom_setting.setting_name', '=', 'canedit') 196e5a6b4d4SGreg Roach ->where('user_gedcom_setting.setting_value', '=', 'admin'); 197e5a6b4d4SGreg Roach }) 198e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 199e5a6b4d4SGreg Roach ->orderBy('real_name') 200e5a6b4d4SGreg Roach ->select(['user.*']) 201e5a6b4d4SGreg Roach ->get() 202e5a6b4d4SGreg Roach ->map(User::rowMapper()); 203e5a6b4d4SGreg Roach } 204e5a6b4d4SGreg Roach 205e5a6b4d4SGreg Roach /** 206e5a6b4d4SGreg Roach * Get a list of all moderators. 207e5a6b4d4SGreg Roach * 20854c7f8dfSGreg Roach * @return Collection 209e5a6b4d4SGreg Roach */ 210e5a6b4d4SGreg Roach public function moderators(): Collection 211e5a6b4d4SGreg Roach { 212e5a6b4d4SGreg Roach return DB::table('user') 2130b5fd0a6SGreg Roach ->join('user_gedcom_setting', static function (JoinClause $join): void { 214e5a6b4d4SGreg Roach $join 215e5a6b4d4SGreg Roach ->on('user_gedcom_setting.user_id', '=', 'user.user_id') 216e5a6b4d4SGreg Roach ->where('user_gedcom_setting.setting_name', '=', 'canedit') 217e5a6b4d4SGreg Roach ->where('user_gedcom_setting.setting_value', '=', 'accept'); 218e5a6b4d4SGreg Roach }) 219e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 220e5a6b4d4SGreg Roach ->orderBy('real_name') 221e5a6b4d4SGreg Roach ->select(['user.*']) 222e5a6b4d4SGreg Roach ->get() 223e5a6b4d4SGreg Roach ->map(User::rowMapper()); 224e5a6b4d4SGreg Roach } 225e5a6b4d4SGreg Roach 226e5a6b4d4SGreg Roach /** 227e5a6b4d4SGreg Roach * Get a list of all verified users. 228e5a6b4d4SGreg Roach * 22954c7f8dfSGreg Roach * @return Collection 230e5a6b4d4SGreg Roach */ 231e5a6b4d4SGreg Roach public function unapproved(): Collection 232e5a6b4d4SGreg Roach { 233e5a6b4d4SGreg Roach return DB::table('user') 2340b5fd0a6SGreg Roach ->join('user_setting', static function (JoinClause $join): void { 235e5a6b4d4SGreg Roach $join 236e5a6b4d4SGreg Roach ->on('user_setting.user_id', '=', 'user.user_id') 237e5a6b4d4SGreg Roach ->where('user_setting.setting_name', '=', 'verified_by_admin') 238e5a6b4d4SGreg Roach ->where('user_setting.setting_value', '=', '0'); 239e5a6b4d4SGreg Roach }) 240e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 241e5a6b4d4SGreg Roach ->orderBy('real_name') 242e5a6b4d4SGreg Roach ->select(['user.*']) 243e5a6b4d4SGreg Roach ->get() 244e5a6b4d4SGreg Roach ->map(User::rowMapper()); 245e5a6b4d4SGreg Roach } 246e5a6b4d4SGreg Roach 247e5a6b4d4SGreg Roach /** 248e5a6b4d4SGreg Roach * Get a list of all verified users. 249e5a6b4d4SGreg Roach * 25054c7f8dfSGreg Roach * @return Collection 251e5a6b4d4SGreg Roach */ 252e5a6b4d4SGreg Roach public function unverified(): Collection 253e5a6b4d4SGreg Roach { 254e5a6b4d4SGreg Roach return DB::table('user') 2550b5fd0a6SGreg Roach ->join('user_setting', static function (JoinClause $join): void { 256e5a6b4d4SGreg Roach $join 257e5a6b4d4SGreg Roach ->on('user_setting.user_id', '=', 'user.user_id') 258e5a6b4d4SGreg Roach ->where('user_setting.setting_name', '=', 'verified') 259e5a6b4d4SGreg Roach ->where('user_setting.setting_value', '=', '0'); 260e5a6b4d4SGreg Roach }) 261e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 262e5a6b4d4SGreg Roach ->orderBy('real_name') 263e5a6b4d4SGreg Roach ->select(['user.*']) 264e5a6b4d4SGreg Roach ->get() 265e5a6b4d4SGreg Roach ->map(User::rowMapper()); 266e5a6b4d4SGreg Roach } 267e5a6b4d4SGreg Roach 268e5a6b4d4SGreg Roach /** 269e5a6b4d4SGreg Roach * Get a list of all users who are currently logged in. 270e5a6b4d4SGreg Roach * 27154c7f8dfSGreg Roach * @return Collection 272e5a6b4d4SGreg Roach */ 273e5a6b4d4SGreg Roach public function allLoggedIn(): Collection 274e5a6b4d4SGreg Roach { 275e5a6b4d4SGreg Roach return DB::table('user') 276e5a6b4d4SGreg Roach ->join('session', 'session.user_id', '=', 'user.user_id') 277e5a6b4d4SGreg Roach ->where('user.user_id', '>', 0) 278e5a6b4d4SGreg Roach ->orderBy('real_name') 279e5a6b4d4SGreg Roach ->select(['user.*']) 280e5a6b4d4SGreg Roach ->distinct() 281e5a6b4d4SGreg Roach ->get() 282e5a6b4d4SGreg Roach ->map(User::rowMapper()); 283e5a6b4d4SGreg Roach } 284e5a6b4d4SGreg Roach 285e5a6b4d4SGreg Roach /** 286e5a6b4d4SGreg Roach * Create a new user. 287e5a6b4d4SGreg Roach * The calling code needs to check for duplicates identifiers before calling 288e5a6b4d4SGreg Roach * this function. 289e5a6b4d4SGreg Roach * 290e5a6b4d4SGreg Roach * @param string $user_name 291e5a6b4d4SGreg Roach * @param string $real_name 292e5a6b4d4SGreg Roach * @param string $email 293e5a6b4d4SGreg Roach * @param string $password 294e5a6b4d4SGreg Roach * 295e5a6b4d4SGreg Roach * @return User 296e5a6b4d4SGreg Roach */ 2976be338f5SGreg Roach public function create(string $user_name, string $real_name, string $email, string $password): User 298e5a6b4d4SGreg Roach { 299e5a6b4d4SGreg Roach DB::table('user')->insert([ 300e5a6b4d4SGreg Roach 'user_name' => $user_name, 301e5a6b4d4SGreg Roach 'real_name' => $real_name, 302e5a6b4d4SGreg Roach 'email' => $email, 303e5a6b4d4SGreg Roach 'password' => password_hash($password, PASSWORD_DEFAULT), 304e5a6b4d4SGreg Roach ]); 305e5a6b4d4SGreg Roach 306e5a6b4d4SGreg Roach $user_id = (int) DB::connection()->getPdo()->lastInsertId(); 307e5a6b4d4SGreg Roach 308e5a6b4d4SGreg Roach return new User($user_id, $user_name, $real_name, $email); 309e5a6b4d4SGreg Roach } 310e5a6b4d4SGreg Roach 311e5a6b4d4SGreg Roach /** 312e5a6b4d4SGreg Roach * Delete a user 313e5a6b4d4SGreg Roach * 314e5a6b4d4SGreg Roach * @param User $user 315e5a6b4d4SGreg Roach * 316e5a6b4d4SGreg Roach * @return void 317e5a6b4d4SGreg Roach */ 318e364afe4SGreg Roach public function delete(User $user): void 319e5a6b4d4SGreg Roach { 320e5a6b4d4SGreg Roach // Don't delete the logs, just set the user to null. 321e5a6b4d4SGreg Roach DB::table('log') 322e5a6b4d4SGreg Roach ->where('user_id', '=', $user->id()) 323e5a6b4d4SGreg Roach ->update(['user_id' => null]); 324e5a6b4d4SGreg Roach 325e5a6b4d4SGreg Roach // Take over the user’s pending changes. (What else could we do with them?) 326e5a6b4d4SGreg Roach DB::table('change') 327e5a6b4d4SGreg Roach ->where('user_id', '=', $user->id()) 328e5a6b4d4SGreg Roach ->where('status', '=', 'rejected') 329e5a6b4d4SGreg Roach ->delete(); 330e5a6b4d4SGreg Roach 331e5a6b4d4SGreg Roach DB::table('change') 332e5a6b4d4SGreg Roach ->where('user_id', '=', $user->id()) 333e5a6b4d4SGreg Roach ->update(['user_id' => Auth::id()]); 334e5a6b4d4SGreg Roach 335e5a6b4d4SGreg Roach // Delete settings and preferences 336e5a6b4d4SGreg Roach DB::table('block_setting') 337e5a6b4d4SGreg Roach ->join('block', 'block_setting.block_id', '=', 'block.block_id') 338e5a6b4d4SGreg Roach ->where('user_id', '=', $user->id()) 339e5a6b4d4SGreg Roach ->delete(); 340e5a6b4d4SGreg Roach 341e5a6b4d4SGreg Roach DB::table('block')->where('user_id', '=', $user->id())->delete(); 342e5a6b4d4SGreg Roach DB::table('user_gedcom_setting')->where('user_id', '=', $user->id())->delete(); 343e5a6b4d4SGreg Roach DB::table('user_setting')->where('user_id', '=', $user->id())->delete(); 344e5a6b4d4SGreg Roach DB::table('message')->where('user_id', '=', $user->id())->delete(); 345e5a6b4d4SGreg Roach DB::table('user')->where('user_id', '=', $user->id())->delete(); 346e5a6b4d4SGreg Roach } 34786730b84SGreg Roach 34886730b84SGreg Roach /** 3494db4b4a9SGreg Roach * @param User $contact_user 350a992e8c1SGreg Roach * @param ServerRequestInterface $request 35186730b84SGreg Roach * 35286730b84SGreg Roach * @return string 35386730b84SGreg Roach */ 354a992e8c1SGreg Roach public function contactLink(User $contact_user, ServerRequestInterface $request): string 355dcbe9044SGreg Roach { 356a992e8c1SGreg Roach $tree = $request->getAttribute('tree'); 3575229eadeSGreg Roach assert($tree instanceof Tree, new InvalidArgumentException()); 3585229eadeSGreg Roach 359a992e8c1SGreg Roach $user = $request->getAttribute('user'); 36086730b84SGreg Roach 36186730b84SGreg Roach if ($contact_user->getPreference('contactmethod') === 'mailto') { 36286730b84SGreg Roach $url = 'mailto:' . $contact_user->email(); 36386730b84SGreg Roach } elseif ($user instanceof User) { 36486730b84SGreg Roach // Logged-in users send direct messages 365d72b284aSGreg Roach $url = route('message', ['to' => $contact_user->userName(), 'tree' => $tree->name()]); 36686730b84SGreg Roach } else { 36786730b84SGreg Roach // Visitors use the contact form. 36886730b84SGreg Roach $url = route('contact', [ 36986730b84SGreg Roach 'to' => $contact_user->userName(), 370d72b284aSGreg Roach 'tree' => $tree->name(), 371f567c3d8SGreg Roach 'url' => (string) $request->getUri(), 37286730b84SGreg Roach ]); 37386730b84SGreg Roach } 37486730b84SGreg Roach 37586730b84SGreg Roach return '<a href="' . e($url) . '" dir="auto">' . e($contact_user->realName()) . '</a>'; 37686730b84SGreg Roach } 377e5a6b4d4SGreg Roach} 378