methods on User to grant, check, and revoke roles

2009-08-27 11:38:31 -07:00 · 2009-08-27 11:38:31 -07:00 · 522008dee5
parent 41ee56f770
commit 522008dee5
2 changed files with 49 additions and 0 deletions
--- a/classes/User.php
+++ b/classes/User.php
@ -674,4 +674,48 @@ class User extends Memcached_DataObject
    {
        return Design::staticGet('id', $this->design_id);
    }
+
+    function hasRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+        return (!empty($role));
+    }
+
+    function grantRole($name)
+    {
+        $role = new User_role();
+
+        $role->user_id = $this->id;
+        $role->role    = $name;
+        $role->created = common_sql_now();
+
+        $result = $role->insert();
+
+        if (!$result) {
+            common_log_db_error($role, 'INSERT', __FILE__);
+            return false;
+        }
+
+        return true;
+    }
+
+    function revokeRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+
+        if (empty($role)) {
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.');
+        }
+
+        $result = $role->delete();
+
+        if (!$result) {
+            common_log_db_error($role, 'DELETE', __FILE__);
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.');
+        }
+
+        return true;
+    }
 }
--- a/classes/User_role.php
+++ b/classes/User_role.php
@ -40,4 +40,9 @@ class User_role extends Memcached_DataObject

    /* the code above is auto generated do not remove the tag below */
    ###END_AUTOCODE
+
+    function &pkeyGet($kv)
+    {
+        return Memcached_DataObject::pkeyGet('User_role', $kv);
+    }
 }