275 lines
7.1 KiB
PHP
275 lines
7.1 KiB
PHP
<?php
|
|
|
|
class RadiusDB_User {
|
|
private $db;
|
|
|
|
private $username;
|
|
private $Usergroup;
|
|
private $Checks;
|
|
private $Attributes;
|
|
private $AllowedNas;
|
|
private $Info;
|
|
|
|
private $_oldUsergroup;
|
|
private $_oldChecks;
|
|
private $_oldAttributes;
|
|
private $_oldAllowedNas;
|
|
private $_oldInfo;
|
|
|
|
private $checkop = ':=';
|
|
private $attribop = '=';
|
|
|
|
public function __construct($db) {
|
|
$this->db = $db;
|
|
$this->Checks = array();
|
|
$this->Attributes = array();
|
|
$this->AllowedNas = array();
|
|
$this->Info = false;
|
|
$this->_oldChecks = array();
|
|
$this->_oldAttributes = array();
|
|
$this->_oldAllowedNas = array();
|
|
$this->_oldInfo = false;
|
|
}
|
|
|
|
public function load($username) {
|
|
if(!$username) {
|
|
return false;
|
|
}
|
|
|
|
$this->username = $username;
|
|
|
|
$res = $this->db->select("radcheck","*","username='$username'");
|
|
if($this->db->num_rows($res)) {
|
|
while($radcheck = $this->db->fetch_object($res)) {
|
|
$this->Checks[$radcheck->attribute] = $radcheck->value;
|
|
}
|
|
} else {
|
|
$this->setPassword("");
|
|
return false;
|
|
}
|
|
|
|
$res = $this->db->select("radreply","*","username='$username'");
|
|
if($this->db->num_rows($res)) {
|
|
while($radreply = $this->db->fetch_object($res)) {
|
|
$this->Attributes[$radreply->attribute] = $radreply->value;
|
|
}
|
|
}
|
|
|
|
$res = $this->db->select("radusergroup", "*", "username='$username'");
|
|
if($this->db->num_rows($res)) {
|
|
$radusergroup = $this->db->fetch_object($res);
|
|
$this->Usergroup = $radusergroup->groupname;
|
|
}
|
|
|
|
$res = $this->db->select("radnascheck", "*", "username='$username'");
|
|
if($this->db->num_rows($res)) {
|
|
while($nascheck = $this->db->fetch_object($res)) {
|
|
$this->AllowedNas[] = $nascheck->nasname;
|
|
}
|
|
}
|
|
|
|
$this->Info = new RadiusDB_UserInfo($username);
|
|
|
|
$this->_oldUsergroup = $this->Usergroup;
|
|
$this->_oldChecks = $this->Checks;
|
|
$this->_oldAttributes = $this->Attributes;
|
|
$this->_oldAllowedNas = $this->AllowedNas;
|
|
|
|
return true;
|
|
}
|
|
|
|
public function getCheck($name) {
|
|
if(isset($this->Checks[$name])) {
|
|
return $this->Checks[$name];
|
|
}
|
|
return null;
|
|
}
|
|
|
|
public function getAttribute($name) {
|
|
if(isset($this->Attributes[$name])) {
|
|
return $this->Attributes[$name];
|
|
}
|
|
return null;
|
|
}
|
|
|
|
public function setCheck($name, $value) {
|
|
$this->Checks[$name] = $value;
|
|
}
|
|
|
|
public function setAttribute($name, $value) {
|
|
$this->Attributes[$name] = $value;
|
|
}
|
|
|
|
public function getPassword() {
|
|
return $this->getCheck("Cleartext-Password");
|
|
}
|
|
public function setPassword($password) {
|
|
$this->setCheck("Cleartext-Password", $password);
|
|
}
|
|
public function getUsergroup() {
|
|
return $this->Usergroup;
|
|
}
|
|
public function setUsergroup($groupname) {
|
|
$this->Usergroup = $groupname;
|
|
}
|
|
|
|
public function isNasAllowed($nas_ip) {
|
|
if(in_array($nas_ip, $this->AllowedNas)) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
public function addAllowedNas($nas_ip) {
|
|
if(!in_array($nas_ip, $this->AllowedNas,true)) {
|
|
$this->AllowedNas[] = $nas_ip;
|
|
}
|
|
}
|
|
|
|
public function removeAllowedNas($nas_ip) {
|
|
if(in_array($nas_ip, $this->AllowedNas, true) !== false) {
|
|
unset($this->AllowedNas[array_search($nas_ip, $this->AllowedNas)]);
|
|
}
|
|
}
|
|
|
|
|
|
public function unset($name) {
|
|
if($name == "usergroup") {
|
|
$this->Usergroup = false;
|
|
}
|
|
|
|
if(isset($this->Checks[$name])) {
|
|
unset($this->Checks[$name]);
|
|
return true;
|
|
}
|
|
if(isset($this->Attributes[$name])) {
|
|
unset($this->Attributes[$name]);
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
public function save() {
|
|
if(!$this->username) {
|
|
return false;
|
|
}
|
|
|
|
$username = $this->username;
|
|
|
|
$error = false;
|
|
|
|
$this->db->query("START TRANSACTION"); // XXX should be put moved to a FronkDB function
|
|
// check queries
|
|
foreach($this->Checks as $attribute => $value) {
|
|
if(isset($this->_oldChecks[$attribute])) {
|
|
if(!$this->db->update("radcheck", ['value' => $value], "username='$username' AND attribute='$attribute'")) {
|
|
$error = true;
|
|
}
|
|
} else {
|
|
if(!$this->db->insert("radcheck", ['username' => $username, 'attribute' => $attribute, 'op' => $this->checkop, 'value' => $value])) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
// attribute queries
|
|
foreach($this->Attributes as $attribute => $value) {
|
|
if(isset($this->_oldAttributes[$attribute])) {
|
|
if(!$this->db->update("radreply", ['value' => $value], "username='$username' AND attribute='$attribute'")) {
|
|
$error = true;
|
|
}
|
|
} else {
|
|
if(!$this->db->insert("radreply", ['username' => $username, 'attribute' => $attribute, 'op' => $this->attribop, 'value' => $value])) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
// update usergroup
|
|
if($this->Usergroup) {
|
|
if($this->_oldUsergroup) {
|
|
if(!$this->db->update("radusergroup", ['groupname' => $this->Usergroup], "username='$username'")) {
|
|
$error = true;
|
|
}
|
|
} else {
|
|
if(!$this->db->insert("radusergroup", ['username' => $username, 'groupname' => $this->Usergroup, 'priority' => 1])) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
// update Nascheck
|
|
foreach($this->AllowedNas as $nas) {
|
|
if(!in_array($nas, $this->_oldAllowedNas, true)) {
|
|
|
|
if(!$this->db->insert("radnascheck", ['username' => $username, 'nasname' => $nas])) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
|
|
// delete attributes
|
|
|
|
foreach($this->_oldChecks as $attribute => $value) {
|
|
if(!isset($this->Checks[$attribute])) {
|
|
if(!$this->db->delete("radcheck", "username='$username' AND attribute='$attribute'")) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
foreach($this->_oldAttributes as $attribute => $old) {
|
|
if(!isset($this->Attributes[$attribute])) {
|
|
if(!$this->db->delete("radreply", "username='$username' AND attribute='$attribute'")) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
if($this->_oldUsergroup && !$this->Usergroup) {
|
|
if(!$this->db->delete("radusergroup", "username='$username'")) {
|
|
$error = true;
|
|
}
|
|
}
|
|
|
|
foreach($this->_oldAllowedNas as $oldnas) {
|
|
if(!in_array($oldnas, $this->AllowedNas, true)) {
|
|
if(!$this->db->delete("radnascheck", "username='$username' AND nasname='$oldnas'")) {
|
|
$error = true;
|
|
}
|
|
}
|
|
}
|
|
|
|
if($error) {
|
|
$this->db->query("ROLLBACK");
|
|
return false;
|
|
} else {
|
|
$this->db->query("COMMIT");
|
|
}
|
|
|
|
// reinitialize _old* values
|
|
$this->_oldUsergroup = $this->Usergroup;
|
|
$this->_oldChecks = $this->Checks;
|
|
$this->_oldAttributes = $this->Attributes;
|
|
$this->_oldAllowedNas = $this->AllowedNas;
|
|
|
|
return true;
|
|
}
|
|
|
|
|
|
public function __get($name) {
|
|
if($name === "username") {
|
|
return $this->username;
|
|
}
|
|
if(in_array($name, array_keys($this->Checks))) {
|
|
return $this->getCheck($name);
|
|
}
|
|
if(in_array($name, array_keys($this->Attributes))) {
|
|
return $this->getAttribute($name);
|
|
}
|
|
}
|
|
|
|
public function __toString() {
|
|
return (string) $this->username;
|
|
}
|
|
} |