accounts/common/models/Account.php

175 lines
5.8 KiB
PHP
Raw Normal View History

<?php
namespace common\models;
use common\helpers\Error as E;
use common\components\UserPass;
use common\validators\LanguageValidator;
use Ely\Yii2\TempmailValidator;
use Yii;
use yii\base\InvalidConfigException;
use yii\behaviors\TimestampBehavior;
use yii\db\ActiveRecord;
/**
* Поля модели:
* @property integer $id
* @property string $uuid
* @property string $username
* @property string $email
* @property string $password_hash
* @property integer $password_hash_strategy
* @property string $lang
* @property integer $status
* @property integer $created_at
* @property integer $updated_at
* @property integer $password_changed_at
*
* Геттеры-сеттеры:
* @property string $password пароль пользователя (только для записи)
*
* Отношения:
* @property EmailActivation[] $emailActivations
* @property OauthSession[] $oauthSessions
* @property UsernameHistory[] $usernameHistory
* @property AccountSession[] $sessions
*
* Поведения:
* @mixin TimestampBehavior
*/
class Account extends ActiveRecord {
const STATUS_DELETED = -10;
const STATUS_REGISTERED = 0;
const STATUS_ACTIVE = 10;
const PASS_HASH_STRATEGY_OLD_ELY = 0;
const PASS_HASH_STRATEGY_YII2 = 1;
public static function tableName() {
return '{{%accounts}}';
}
public function behaviors() {
return [
TimestampBehavior::class,
];
}
public function rules() {
return [
[['username'], 'filter', 'filter' => 'trim'],
[['username'], 'required', 'message' => E::USERNAME_REQUIRED],
[['username'], 'string', 'min' => 3, 'max' => 21,
'tooShort' => E::USERNAME_TOO_SHORT,
'tooLong' => E::USERNAME_TOO_LONG,
],
[['username'], 'match', 'pattern' => '/^[\p{L}\d-_\.!?#$%^&*()\[\]:;]+$/u',
'message' => E::USERNAME_INVALID,
],
[['username'], 'unique', 'message' => E::USERNAME_NOT_AVAILABLE],
[['email'], 'filter', 'filter' => 'trim'],
[['email'], 'required', 'message' => E::EMAIL_REQUIRED],
[['email'], 'string', 'max' => 255, 'tooLong' => E::EMAIL_TOO_LONG],
[['email'], 'email', 'checkDNS' => true, 'enableIDN' => true, 'message' => E::EMAIL_INVALID],
[['email'], TempmailValidator::class, 'message' => E::EMAIL_IS_TEMPMAIL],
[['email'], 'unique', 'message' => E::EMAIL_NOT_AVAILABLE],
[['lang'], LanguageValidator::class],
[['lang'], 'default', 'value' => 'en'],
];
}
/**
* Validates password
*
* @param string $password password to validate
* @param integer $passwordHashStrategy
*
* @return bool if password provided is valid for current user
* @throws InvalidConfigException
*/
public function validatePassword($password, $passwordHashStrategy = NULL) : bool {
if ($passwordHashStrategy === NULL) {
$passwordHashStrategy = $this->password_hash_strategy;
}
switch($passwordHashStrategy) {
case self::PASS_HASH_STRATEGY_OLD_ELY:
$hashedPass = UserPass::make($this->email, $password);
return $hashedPass === $this->password_hash;
case self::PASS_HASH_STRATEGY_YII2:
return Yii::$app->security->validatePassword($password, $this->password_hash);
default:
throw new InvalidConfigException('You must set valid password_hash_strategy before you can validate password');
}
}
/**
* @param string $password
* @throws InvalidConfigException
*/
public function setPassword($password) {
$this->password_hash_strategy = self::PASS_HASH_STRATEGY_YII2;
$this->password_hash = Yii::$app->security->generatePasswordHash($password);
$this->password_changed_at = time();
}
public function getEmailActivations() {
return $this->hasMany(EmailActivation::class, ['account_id' => 'id']);
}
public function getOauthSessions() {
return $this->hasMany(OauthSession::class, ['owner_id' => 'id']);
}
public function getUsernameHistory() {
return $this->hasMany(UsernameHistory::class, ['account_id' => 'id']);
}
public function getSessions() {
return $this->hasMany(AccountSession::class, ['account_id' => 'id']);
}
/**
* Метод проверяет, может ли текущий пользователь быть автоматически авторизован
* для указанного клиента без запроса доступа к необходимому списку прав
*
* @param OauthClient $client
* @param \League\OAuth2\Server\Entity\ScopeEntity[] $scopes
*
* TODO: этому методу здесь не место.
*
* @return bool
*/
public function canAutoApprove(OauthClient $client, array $scopes = []) {
if ($client->is_trusted) {
return true;
}
/** @var OauthSession|null $session */
$session = $this->getOauthSessions()->andWhere(['client_id' => $client->id])->one();
if ($session !== null) {
$existScopes = $session->getScopes()->members();
if (empty(array_diff(array_keys($scopes), $existScopes))) {
return true;
}
}
return false;
}
/**
* Выполняет проверку, принадлежит ли этому нику аккаунт у Mojang
* @return bool
*/
public function hasMojangUsernameCollision() {
return MojangUsername::find()
->andWhere(['username' => $this->username])
->exists();
}
}