1 # BEGIN BPS TAGGED BLOCK {{{
5 # This software is Copyright (c) 1996-2007 Best Practical Solutions, LLC
6 # <jesse@bestpractical.com>
8 # (Except where explicitly superseded by other copyright notices)
13 # This work is made available to you under the terms of Version 2 of
14 # the GNU General Public License. A copy of that license should have
15 # been provided with this software, but in any event can be snarfed
18 # This work is distributed in the hope that it will be useful, but
19 # WITHOUT ANY WARRANTY; without even the implied warranty of
20 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 # General Public License for more details.
23 # You should have received a copy of the GNU General Public License
24 # along with this program; if not, write to the Free Software
25 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
26 # 02110-1301 or visit their web page on the internet at
27 # http://www.gnu.org/copyleft/gpl.html.
30 # CONTRIBUTION SUBMISSION POLICY:
32 # (The following paragraph is not intended to limit the rights granted
33 # to you to modify and distribute this software under the terms of
34 # the GNU General Public License and is only of importance to you if
35 # you choose to contribute your changes and enhancements to the
36 # community by submitting them to Best Practical Solutions, LLC.)
38 # By intentionally submitting any modifications, corrections or
39 # derivatives to this work, or any other work intended for use with
40 # Request Tracker, to Best Practical Solutions, LLC, you confirm that
41 # you are the copyright holder for those contributions and you grant
42 # Best Practical Solutions, LLC a nonexclusive, worldwide, irrevocable,
43 # royalty-free, perpetual, license to use, copy, create derivative
44 # works based on those contributions, and sublicense and distribute
45 # those contributions and any derivatives thereof.
47 # END BPS TAGGED BLOCK }}}
50 RT::CurrentUser - an RT object representing the current user
65 ok (require RT::CurrentUser);
72 package RT::CurrentUser;
78 use base qw/RT::Record/;
82 #The basic idea here is that $self->CurrentUser is always supposed
83 # to be a CurrentUser object. but that's hard to do when we're trying to load
84 # the CurrentUser object
90 $self->{'table'} = "Users";
92 if ( defined($User) ) {
94 if ( UNIVERSAL::isa( $User, 'RT::User' )
95 || UNIVERSAL::isa( $User, 'RT::CurrentUser' ) )
97 $self->Load( $User->id );
100 elsif ( ref($User) ) {
102 "RT::CurrentUser->new() called with a bogus argument: $User");
109 $self->_BuildTableAttributes();
118 return (0, $self->loc('Permission Denied'));
127 return (0, $self->loc('Permission Denied'));
136 Returns the RT::User object associated with this CurrentUser object.
144 my $user = RT::User->new($self);
146 unless ($user->Load($self->Id)) {
147 $RT::Logger->err($self->loc("Couldn't load [_1] from the users database.\n", $self->Id));
153 # {{{ sub PrincipalObj
157 Returns this user's principal object. this is just a helper routine for
158 $self->UserObj->PrincipalObj
164 return($self->UserObj->PrincipalObj);
171 # {{{ sub PrincipalId
175 Returns this user's principal Id. this is just a helper routine for
176 $self->UserObj->PrincipalId
182 return($self->UserObj->PrincipalId);
189 # {{{ sub _Accessible
192 sub _CoreAccessible {
194 Name => { 'read' => 1 },
195 Gecos => { 'read' => 1 },
196 RealName => { 'read' => 1 },
197 Lang => { 'read' => 1 },
198 Password => { 'read' => 0, 'write' => 0 },
199 EmailAddress => { 'read' => 1, 'write' => 0 }
205 # {{{ sub LoadByEmail
209 Loads a User into this CurrentUser object.
210 Takes the email address of the user to load.
216 my $identifier = shift;
218 $identifier = RT::User::CanonicalizeEmailAddress(undef, $identifier);
220 $self->LoadByCol("EmailAddress",$identifier);
225 # {{{ sub LoadByGecos
229 Loads a User into this CurrentUser object.
230 Takes a unix username as its only argument.
236 my $identifier = shift;
238 $self->LoadByCol("Gecos",$identifier);
247 Loads a User into this CurrentUser object.
254 my $identifier = shift;
255 $self->LoadByCol("Name",$identifier);
264 Loads a User into this CurrentUser object.
265 Takes either an integer (users id column reference) or a Name
266 The latter is deprecated. Instead, you should use LoadByName.
267 Formerly, this routine also took email addresses.
273 my $identifier = shift;
275 #if it's an int, load by id. otherwise, load by name.
276 if ($identifier !~ /\D/) {
277 $self->SUPER::LoadById($identifier);
280 elsif (UNIVERSAL::isa($identifier,"RT::User")) {
281 # DWIM if they pass a user in
282 $self->SUPER::LoadById($identifier->Id);
285 # This is a bit dangerous, we might get false authen if somebody
286 # uses ambigous userids or real names:
287 $self->LoadByCol("Name",$identifier);
297 Takes a password as a string. Passes it off to IsPassword in this
298 user's UserObj. If it is the user's password and the user isn't
301 Otherwise, returns undef.
309 return ($self->UserObj->IsPassword($value));
318 Returns true if the current user can be granted rights and be
325 return ($self->UserObj->Privileged());
335 calls $self->UserObj->HasRight with the arguments passed in
341 return ($self->UserObj->HasRight(@_));
348 =head2 LanguageHandle
350 Returns this current user's langauge handle. Should take a language
351 specification. but currently doesn't
355 ok (my $cu = RT::CurrentUser->new('root'));
356 ok (my $lh = $cu->LanguageHandle('en-us'));
358 ok ($lh->isa('Locale::Maketext'));
359 is ($cu->loc('TEST_STRING'), "Concrete Mixer", "Localized TEST_STRING into English");
360 ok ($lh = $cu->LanguageHandle('fr'));
362 skip "fr locale is not loaded", 1 unless grep $_ eq 'fr', @RT::LexiconLanguages;
363 is ($cu->loc('Before'), "Avant", "Localized TEST_STRING into Frenc");
372 if ( ( !defined $self->{'LangHandle'} )
373 || ( !UNIVERSAL::can( $self->{'LangHandle'}, 'maketext' ) )
375 if ( !$RT::SystemUser or ($self->id || 0) == $RT::SystemUser->id() ) {
379 elsif ( $self->Lang ) {
380 push @_, $self->Lang;
382 $self->{'LangHandle'} = RT::I18N->get_handle(@_);
385 # Fall back to english.
386 unless ( $self->{'LangHandle'} ) {
387 die "We couldn't get a dictionary. Nye mogu naidti slovar. No puedo encontrar dictionario.";
389 return ( $self->{'LangHandle'} );
394 return '' if $_[0] eq '';
396 my $handle = $self->LanguageHandle;
399 # pre-scan the lexicon hashes to return _AUTO keys verbatim,
400 # to keep locstrings containing '[' and '~' from tripping over Maketext
401 return $_[0] unless grep { exists $_->{$_[0]} } @{ $handle->_lex_refs };
404 return $handle->maketext(@_);
409 return '' if (!$_[0] || $_[0] eq '');
411 # XXX: work around perl's deficiency when matching utf8 data
412 return $_[0] if Encode::is_utf8($_[0]);
413 my $result = $self->LanguageHandle->maketext_fuzzy(@_);
422 Return the current currentuser object
434 Takes $password, $created and $nonce, and returns a boolean value
435 representing whether the authentication succeeded.
437 If both $nonce and $created are specified, validate $password against:
442 sha1_hex( "$username:$realm:$server_pass" )
445 where $server_pass is the md5_hex(password) digest stored in the
446 database, $created is in ISO time format, and $nonce is a random
447 string no longer than 32 bytes.
452 my ($self, $password, $created, $nonce, $realm) = @_;
455 require Digest::SHA1;
456 require MIME::Base64;
458 my $username = $self->UserObj->Name or return;
459 my $server_pass = $self->UserObj->__Value('Password') or return;
460 my $auth_digest = MIME::Base64::encode_base64(Digest::SHA1::sha1(
463 Digest::MD5::md5_hex("$username:$realm:$server_pass")
469 return ($password eq $auth_digest);
475 eval "require RT::CurrentUser_Vendor";
476 die $@ if ($@ && $@ !~ qr{^Can't locate RT/CurrentUser_Vendor.pm});
477 eval "require RT::CurrentUser_Local";
478 die $@ if ($@ && $@ !~ qr{^Can't locate RT/CurrentUser_Local.pm});