interim db code for retrieving user details upon successful authentication, to b…

…e replaced by UserManager calls git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@277 c91229c3-7414-0410-bfa2-8a42b809f60b

interim db code for retrieving user details upon successful authentication, to b…
…e replaced by UserManager calls git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@277 c91229c3-7414-0410-bfa2-8a42b809f60b
Michael Joseph
1 parent c1f3bef1
Showing 1 changed file with 46 additions and 20 deletions
lib/authentication/Authenticator.inc
 <?php
  
+//require_once("$default->owl_fs_root/lib/administration/UserManager.inc");
+
 /**
  * $Id$
  * 
@@ -8,8 +10,8 @@
  * Licensed under the GNU GPL. For full terms see the file COPYING.
  *
  * @version $Revision$
- * @author <a href="mailto:michael@jamwarehouse.com>Michael Joseph</a>, Jam Warehouse (Pty) Ltd, South Africa
- * @package dms 
+ * @author <a href="mailto:michael@jamwarehouse.com">Michael Joseph</a>, Jam Warehouse (Pty) Ltd, South Africa
+ * @package dmslib 
  */
 class Authenticator {
  
@@ -25,13 +27,19 @@ class Authenticator {
      */
     function login($userName, $password) {
         // TODO: create session, add user details to the session
-        global $default;
+        global $default, $lang_err_database;
         if ($this->checkPassword($userName, $password)) {
             // retrieve user details from the database and return
-            // $userDetails = UnitManager::getUserDetails($userName);
-            // TODO: refactor the code below (and change for new db)
-            //       also need to add ldap dn to user table
-            $sql = new Owl_DB; 
+            /*
+            $userID = lookupID($default->owl_users_table, "username", "'$userName'");
+            $userDetails = UserManager::getUserDetails($userID);
+            if (!$userDetails) {
+                // we don't have a session yet, so return a general error message
+                $userDetails["status"] = -1;
+            }
+            */
+            // FIXME: remove when user manager method coded
+            $sql = new Owl_DB(); 
             $query = "select * from $default->owl_users_table where username = '$userName'";
             $sql->query($query);
             $numrows = $sql->num_rows($sql);
@@ -41,28 +49,46 @@ class Authenticator {
                         $userDetails["status"]       = 2;
                     } else {
                         $userDetails["status"]       = 1;
-                        $userDetails["user_id"]      = $sql->f("id");
+                        $userDetails["userID"]      = $sql->f("id");
                         $userDetails["username"]     = $sql->f("username");
-                        //$userDetails["group_id"]     = $sql->f("group_id");
                         $userDetails["max_sessions"] = $sql->f("max_sessions") + 1;
                     }
                 }
  
+                // retrieve user groups
+                $sql = new Owl_DB; 
+                $query = "select group_id from $default->owl_users_groups_table where user_id = " . $userDetails["userID"];
+                $sql->query($query);
+                $userDetails["groupID"] = array();
+                while($sql->next_record()) {
+                    $userDetails["groupID"][] = $sql->f("group_id");
+                    if (!isset($userDetails["unitID"])) {
+                        $userDetails["unitID"] = lookupID($default->owl_groups_units_table, "group_id", $sql->f("group_id"));
+                        $userDetails["organisationID"] = lookupField($default->owl_units_table, "organisation_id", "id", $userDetails["unitID"]);
+                    }
+                }
+            // FIXME: remove when user manager method coded
+                    
                 // remove stale sessions from the database for the user
                 // that is signing on.
-                Session::removeStaleSessions($userDetails["user_id"]);
+                Session::removeStaleSessions($userDetails["userID"]);
  
-                 // Check if Maxsessions has been reached
-                $sql = new Owl_DB; 
-                $sql->query("select * from $default->owl_sessions_table where id = '".$userDetails["user_id"]."'");
-                if ($sql->num_rows($sql) >= $userDetails["max_sessions"]) {
-                    if ( $userDetails["group_id"] == 0) {
-                        // ignore maxsessions check for admin group
-                        $userDetails["status"] = 1;
-                    } else {
-                        // return too many sessions status code
-                        $userDetails["status"] = 3;
+                
+                // Check if Maxsessions has been reached
+                $sql = new Owl_DB;
+                if ($sql->query("SELECT * FROM $default->owl_sessions_table WHERE user_id = '".$userDetails["user_id"]."'")) {
+                    if ($sql->num_rows($sql) >= $userDetails["max_sessions"]) {
+                        // FIXME: change for multiple groups
+                        if ( $userDetails["groupID"] == 0) {
+                            // ignore maxsessions check for admin group
+                            $userDetails["status"] = 1;
+                        } else {
+                            // return too many sessions status code
+                            $userDetails["status"] = 3;
+                        }
                     }
+                } else {
+                    $_SESSION["errorMessage"] = $lang_err_database;
                 }
             }            
         } else {