<?php

/*
 * SCROTT Copyright (C) 2016 Malf Furious
 *
 * Scrott is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published
 * by the Free Software Foundation, either version 3 of the License,
 * or (at your option) any later version.
 *
 * Scrott is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
 * License for more details.
 */

require_once "class/object.class.php";
require_once "class/group.class.php";

/*
 * Application users
 */
class User extends Object
{
    /*
     * Constructor
     */
    function __construct($guid = null)
    {
        $cols = array(
            "guid",
            "key",
            "salt",
            "alias",
            "admin",
            "email",
            "emailConf",
            "emailConfKey"
        );

        parent::__construct("user", $cols);
        $this->loadObj($guid);
    }

    /*
     * Initialize object by username
     */
    function initByUsername($username)
    {
        $query = "SELECT guid FROM object WHERE type = 'user' AND name = '" . $this->db->esc($username) . "'";
        $result = $this->db->query($query);

        if (count($result) == 0)
            return false;

        $this->loadObj($result[0]['guid']);
        return true;
    }

    /*
     * Get all users -- ordered by name, ascending
     */
    function getAllUsers_orderByName()
    {
        $query = "SELECT guid FROM `object` WHERE `type` = 'user' ORDER BY name";
        $result = $this->db->query($query);

        $users = array();

        foreach ($result as $u)
            $users[] = new User($u['guid']);

        return $users;
    }

    /*
     * Get all users -- ordered by admin DESC (admins first), then by name
     */
    function getAllUsers_orderByAdminByName()
    {
        $query = "SELECT o.guid FROM object o JOIN user u ON o.guid = u.guid WHERE o.type = 'user' ORDER BY u.admin DESC, o.name";
        $result = $this->db->query($query);

        $users = array();

        foreach ($result as $u)
            $users[] = new User($u['guid']);

        return $users;
    }

    /*
     * Get the number of administrative accounts in the system
     */
    function getNumAdmins()
    {
        $query = "SELECT count(*) as cnt FROM user WHERE admin = 1";
        $results = $this->db->query($query);
        return $results[0]['cnt'];
    }

    /*
     * Check whether a given username is currently in use
     */
    function usernameInUse($username)
    {
        $escd_username = $this->db->esc($username);

        $query = "SELECT name FROM object WHERE type = 'user' AND name = '" . $escd_username . "'";
        $results = $this->db->query($query);

        if (count($results) > 0)
            return true;

        return false;
    }

    /*
     * Generate a key from a user's password and salt
     */
    function getKey($password, $salt)
    {
        return hash("sha256", $salt . $password);
    }

    /*
     * Create a new User object with the given username and keyed with the given plain-text password
     * This function returns false if $username is already being used
     * On success, this object should be initialized as the new user (use only on new User() objects)
     */
    function createNewUser($username, $password)
    {
        if ($this->usernameInUse($username))
            return false;

        /* if there exist no users already, make this new one an admin */
        if (count($this->getAllUsers_orderByName()) == 0)
            $this->admin = 1;

        $this->perms = 0;
        $this->name = $username;
        $this->type = "user";
        $this->setPassword($password);
        $this->setEmail("");

        $this->saveObj();

        $this->owner = $this->guid;
        $this->saveObj();

        return true;
    }

    /*
     * Validate the password for this user.  Returns true if correct, false otherwise
     */
    function validatePassword($password)
    {
        $key = $this->getKey($password, $this->salt);
        return $key == $this->key;
    }

    /*
     * Validate the email confirmation key for a user, returns true if correct, false otherwise.  On success, $this->emailConf is also set to 1
     */
    function confirmEmailKey($key)
    {
        if ($key != $this->emailConfKey)
            return false;

        $this->emailConf = 1;
        return true;
    }

    /*
     * Overwrite the salt and key for this user, given a new plaintext password
     */
    function setPassword($password)
    {
        $this->salt = $this->getBlob();
        $this->key = $this->getKey($password, $this->salt);
    }

    /*
     * Overwrite the emailConfKey and flag, and change user's saved email address
     */
    function setEmail($email)
    {
        $this->email = $email;
        $this->emailConf = 0;
        $this->emailConfKey = $this->getBlob();
    }

    /*
     * If a user has an alias set, display it instead of their username
     */
    function getDisplayName()
    {
        if ($this->alias != "")
            return $this->alias;

        return $this->name;
    }

    /*
     * Get the glyphicon to use for this user
     */
    function getGlyphicon()
    {
        if ($this->admin)
            return "glyphicon glyphicon-sunglasses";

        return "glyphicon glyphicon-user";
    }

    /*
     * Get this user's head image
     */
    function getHeadImage()
    {
        return $this->ar() . "/file.php?d=img/heads&f=" . $this->guid;
    }

    /*
     * Remove this user's head image
     */
    function rmHeadImage()
    {
        if (!is_file("assets/img/heads/" . $this->guid))
            return true;

        return unlink("assets/img/heads/" . $this->guid);
    }

    /*
     * Get all groups this user owns or is a member of
     */
    function getGroups()
    {
        /* owner */
        $query = "SELECT guid FROM object WHERE type = 'group' AND owner = '" . $this->db->esc($this->guid) . "'";
        $result = $this->db->query($query);

        $groups = array();

        foreach ($result as $g)
            $groups[] = new Group($g['guid']);

        /* member */
        $query = "SELECT o.guid FROM object o JOIN obj_member om ON o.guid = om.guid WHERE o.type = 'group' AND member = '" . $this->db->esc($this->guid) . "'";
        $result = $this->db->query($query);

        foreach ($result as $g)
            $groups[] = new Group($g['guid']);

        return $groups;
    }
}

?>