\coreUser

This class represents a known CAT User (i.e. an institution and/or federation adiministrator).

IdPs have properties of their own, and may have one or more Profiles. The profiles can override the institution-wide properties.

Summary

Methods
Properties
Constants
__construct()
getAttributes()
beginFlushAttributes()
commitFlushAttributes()
flushAttributes()
addAttribute()
fetchRawDataByIndex()
isDataRestricted()
updateFreshness()
__destruct()
getAttributeValue()
createTemporaryDirectory()
rrmdir()
uuid()
randomString()
isFederationAdmin()
isSuperadmin()
isIdPOwner()
sendMailToUser()
findLoginIdPByEmail()
$identifier
$name
$userName
L_OK
L_REMARK
L_WARN
L_ERROR
PROVIDER_STRINGS
No protected methods found
No protected properties found
N/A
No private methods found
No private properties found
N/A

Constants

L_OK

L_OK = 0

L_REMARK

L_REMARK = 4

L_WARN

L_WARN = 32

L_ERROR

L_ERROR = 256

PROVIDER_STRINGS

PROVIDER_STRINGS = [eduPersonTargetedID => eduGAIN, facebook_targetedID => Facebook, google_eppn => Google, linkedin_targetedID => LinkedIn, twitter_targetedID => Twitter, openid => Google (defunct)]

Properties

$identifier

$identifier : 

the unique identifier of this entity instance refers to the integer row name in the DB -> int; Federation has no own DB, so the identifier is of no use there -> use Fedearation->$tld

Type

— identifier of the entity instance

$name

$name : 

the name of the entity in the current locale

Type

$userName

$userName : 

Type

Methods

__construct()

__construct(  userId) : 

Class constructor. The required argument is a user's persistent identifier as was returned by the authentication source.

Logs the start of lifetime of the entity to the debug log on levels 3 and higher.

Parameters

userId

User Identifier as per authentication source

Returns

getAttributes()

getAttributes(  optionName = NULL) : mixed|string|int

This function retrieves the entity's attributes.

If called with the optional parameter, only attribute values for the attribute name in $optionName are retrieved; otherwise, all attributes are retrieved. The retrieval is in-memory from the internal attributes class member - no DB callback, so changes in the database during the class instance lifetime are not considered.

Parameters

optionName

optionally, the name of the attribute that is to be retrieved

Returns

mixed|string|int —

of arrays of attributes which were set for this IdP

beginFlushAttributes()

beginFlushAttributes() : mixed|string|int

deletes all attributes in this profile except the _file ones, these are reported as array

Returns

mixed|string|int —

list of row id's of file-based attributes which weren't deleted

commitFlushAttributes()

commitFlushAttributes(mixed|string|int  tobedeleted) : 

after a beginFlushAttributes, deletes all attributes which are in the tobedeleted array.

Parameters

mixed|string|int tobedeleted

array of database rows which are to be deleted

Returns

flushAttributes()

flushAttributes() : 

deletes all attributes of this entity from the database

Returns

addAttribute()

addAttribute(  attrName,   attrLang,   attrValue) : 

Adds an attribute for the entity instance into the database. Multiple instances of the same attribute are supported.

Parameters

attrName

Name of the attribute. This must be a well-known value from the profile_option_dict table in the DB.

attrLang

language of the attribute. Can be NULL.

attrValue

Value of the attribute. Can be anything; will be stored in the DB as-is.

Returns

fetchRawDataByIndex()

fetchRawDataByIndex(  table,   row) : string|bool

Retrieves data from the underlying tables, for situations where instantiating the IdP or Profile object is inappropriate

Parameters

table

institution_option or profile_option

row

rowindex

Returns

string|bool —

the data, or FALSE if something went wrong

isDataRestricted()

isDataRestricted(  table,   row) : 

Checks if a raw data pointer is public data (return value FALSE) or if yes who the authorised admins to view it are (return array of user IDs)

Parameters

table

which database table is this about

row

row index of the table

Returns

FALSE if the data is public, an array of owners of the data if it is NOT public

updateFreshness()

updateFreshness() : 

NOOP in this class, only need to override abstract base class

Returns

__destruct()

__destruct() : 

destroys the entity.

Logs the end of lifetime of the entity to the debug log on level 5.

Returns

getAttributeValue()

getAttributeValue(mixed|string|int  attributeArray, string|int  index1, string|int  index2) : 

This is a helper fuction to retrieve a value from two-dimensional arrays The function tests if the value for the first indes is defined and then the same with the second and finally returns the value if something on the way is not defined, NULL is returned

Parameters

mixed|string|int attributeArray
string|int index1
string|int index2

Returns

createTemporaryDirectory()

createTemporaryDirectory(  purpose = installer,   failIsFatal = 1) : mixed|string|int

create a temporary directory and return the location

Parameters

purpose

one of 'installer', 'logo', 'test' defined the purpose of the directory

failIsFatal

decides if a creation failure should cause an error; defaults to true

Returns

mixed|string|int —

the tuple of: base path, absolute path for directory, directory name

rrmdir()

rrmdir(  dir) : 

this direcory delete function has been copied from PHP documentation

Parameters

dir

name of the directory to delete

Returns

uuid()

uuid(  prefix,  deterministicSource = NULL) : 

generates a UUID, for the devices which identify file contents by UUID

Parameters

prefix

an extra prefix to set before the UUID

deterministicSource

Returns

UUID (possibly prefixed)

randomString()

randomString(  length,   keyspace = 23456789abcdefghijkmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ) : 

produces a random string

Parameters

length

the length of the string to produce

keyspace

the pool of characters to use for producing the string

Throws

\Exception

Returns

isFederationAdmin()

isFederationAdmin(  federation) : 

This function checks whether a user is a federation administrator. When called without argument, it only checks if the user is a federation administrator of *any* federation. When given a parameter (ISO shortname of federation), it checks if the user administers this particular federation.

Parameters

federation

optional: federation to be checked

Returns

TRUE if the user is federation admin, FALSE if not

isSuperadmin()

isSuperadmin() : 

This function tests if the current user has been configured as the system superadmin, i.e. if the user is allowed to execute the 112365365321.php script

Returns

TRUE if the user is a superadmin, FALSE if not

isIdPOwner()

isIdPOwner( idp) : 

This function tests if the current user is an ovner of a given IdP

Parameters

idp

Returns

TRUE if the user is an owner, FALSE if not

sendMailToUser()

sendMailToUser(  subject,   content) : 

shorthand function for email sending to the user

Parameters

subject
content

Returns

did it work?

findLoginIdPByEmail()

findLoginIdPByEmail(  mail) : bool|array

Some users apparently forget which eduGAIN/social ID they originally used to log into CAT. We can try to help them: if they tell us the email address by which they received the invitation token, then we can see if any CAT IdPs are associated to an account which originally came in via that email address. We then see which pretty-print auth provider name was used

Parameters

mail

Returns

bool|array —

the list of auth source IdPs we found for the mail, or FALSE if none found or invalid input