Merge pull request #116 from REJack/master

Sub-Groups added (group hierarchy #115) & some enhancements

(This closes #115, closes #125 & closes #129)

README.md

@@ -86,10 +86,10 @@ $this->aauth->allow_group('elves','immortality');
 $this->aauth->allow_group('hobbits','immortality');
 ``` 
 
-Wait a minute! Hobbits should not have `immortality`. We need to fix this, we can use `deny()` to remove the permission.
+Wait a minute! Hobbits should not have `immortality`. We need to fix this, we can use `deny_group()` to remove the permission.
 
 ```php
-$this->aauth->deny('hobbits','immortality');
+$this->aauth->deny_group('hobbits','immortality');
 ``` 
 
 Gandalf can also live forever.

application/config/aauth.php

@@ -38,7 +38,7 @@
 | 	['max']                            	Maximum char long for Password
 | 	['min']                            	Minimum char long for Password
 |
-| 	['valid_chars']                    	Valid chars for username. Non alphanumeric characters that are allowed by default
+| 	['additional_valid_chars']          Additional valid chars for username. Non alphanumeric characters that are allowed by default
 |
 | 	['ddos_protection']                	If it is true, the user will be banned temporary when he exceed the login 'try'
 |
@@ -81,6 +81,7 @@
 
 	'users'                          => 'aauth_users',
 	'groups'                         => 'aauth_groups',
+	'group_to_group'                 => 'aauth_group_to_group',
 	'user_to_group'                  => 'aauth_user_to_group',
 	'perms'                          => 'aauth_perms',
 	'perm_to_group'                  => 'aauth_perm_to_group',
@@ -94,7 +95,7 @@
 	'max'                            => 13,
 	'min'                            => 5,
 
-	'valid_chars'                    => array(),
+	'additional_valid_chars'         => array(),
 
 	'ddos_protection'                => true,
 

application/language/english/aauth_lang.php

@@ -46,11 +46,13 @@
 $lang['aauth_error_no_user'] = 'User does not exist';
 $lang['aauth_error_account_not_verified'] = 'Your account has not been verified. Please check your e-mail and verify your account.';
 $lang['aauth_error_no_group'] = 'Group does not exist';
+$lang['aauth_error_no_subgroup'] = 'Subgroup does not exist';
 $lang['aauth_error_self_pm'] = 'It is not possible to send a Message to yourself.';
 $lang['aauth_error_no_pm'] = 'Private Message not found';
 
 
 /* Info messages */
 $lang['aauth_info_already_member'] = 'User is already member of group';
+$lang['aauth_info_already_subgroup'] = 'Subgroup is already member of group';
 $lang['aauth_info_group_exists'] = 'Group name already exists';
 $lang['aauth_info_perm_exists'] = 'Permission name already exists';

application/libraries/Aauth.php

@@ -13,7 +13,7 @@
  *
  * @copyright 2014-2015 Emre Akay
  *
- * @version 2.4.6
+ * @version 2.4.7
  *
  * @license LGPL
  * @license http://opensource.org/licenses/LGPL-3.0 Lesser GNU Public License
@@ -723,7 +723,7 @@ public function create_user($email, $pass, $name = FALSE) {
 			$this->error($this->CI->lang->line('aauth_error_password_invalid'));
 			$valid = FALSE;
 		}
-		if ($name != FALSE && !ctype_alnum(str_replace($this->config_vars['valid_chars'], '', $name))){
+		if ($name != FALSE && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){
 			$this->error($this->CI->lang->line('aauth_error_username_invalid'));
 			$valid = FALSE;
 		}
@@ -745,7 +745,7 @@ public function create_user($email, $pass, $name = FALSE) {
 			$this->add_member($user_id, $this->config_vars['default_group']);
 
 			// if verification activated
-			if($this->config_vars['verification']){
+			if($this->config_vars['verification'] && !$this->is_admin()){
 				$data = null;
 				$data['banned'] = 1;
 
@@ -819,7 +819,7 @@ public function update_user($user_id, $email = FALSE, $pass = FALSE, $name = FAL
 				$this->error($this->CI->lang->line('aauth_error_update_username_exists'));
 				$valid = FALSE;
 			}
-			if ($name !='' && !ctype_alnum(str_replace($this->config_vars['valid_chars'], '', $name))){
+			if ($name !='' && !ctype_alnum(str_replace($this->config_vars['additional_valid_chars'], '', $name))){
 				$this->error($this->CI->lang->line('aauth_error_username_invalid'));
 				$valid = FALSE;
 			}
@@ -1237,6 +1237,12 @@ public function delete_group($group_par) {
 
 		$this->aauth_db->where('group_id', $group_id);
 		$this->aauth_db->delete($this->config_vars['perm_to_group']);
+
+		$this->aauth_db->where('group_id', $group_id);
+		$this->aauth_db->delete($this->config_vars['group_to_group']);
+
+		$this->aauth_db->where('subgroup_id', $group_id);
+		$this->aauth_db->delete($this->config_vars['group_to_group']);
 
 		$this->aauth_db->where('id', $group_id);
 		return $this->aauth_db->delete($this->config_vars['groups']);
@@ -1292,6 +1298,60 @@ public function remove_member($user_id, $group_par) {
 		return $this->aauth_db->delete($this->config_vars['user_to_group']);
 	}
 
+	/**
+	 * Add subgroup
+	 * Add a subgroup to a group
+	 * @param int $user_id User id to add to group
+	 * @param int|string $group_par Group id or name to add user to
+	 * @return bool Add success/failure
+	 */
+	public function add_subgroup($group_par, $subgroup_par) {
+
+		$group_id = $this->get_group_id($group_par);
+		$subgroup_id = $this->get_group_id($subgroup_par);
+
+		if( ! $group_id ) {
+			$this->error( $this->CI->lang->line('aauth_error_no_group') );
+			return FALSE;
+		}
+
+		if( ! $subgroup_id ) {
+			$this->error( $this->CI->lang->line('aauth_error_no_subgroup') );
+			return FALSE;
+		}
+
+		$query = $this->aauth_db->where('group_id',$group_id);
+		$query = $this->aauth_db->where('subgroup_id',$subgroup_id);
+		$query = $this->aauth_db->get($this->config_vars['group_to_group']);
+
+		if ($query->num_rows() < 1) {
+			$data = array(
+				'group_id' => $group_id,
+				'subgroup_id' => $subgroup_id,
+			);
+
+			return $this->aauth_db->insert($this->config_vars['group_to_group'], $data);
+		}
+		$this->info($this->CI->lang->line('aauth_info_already_subgroup'));
+		return TRUE;
+	}
+
+	/**
+	 * Remove subgroup
+	 * Remove a subgroup from a group
+	 * @param int|string $group_par Group id or name to remove 
+	 * @param int|string $subgroup_par Sub-Group id or name to remove
+	 * @return bool Remove success/failure
+	 */
+	public function remove_subgroup($group_par, $subgroup_par) {
+
+		$group_par = $this->get_group_id($group_par);
+		$subgroup_par = $this->get_group_id($subgroup_par);
+		$this->aauth_db->where('group_id', $group_par);
+		$this->aauth_db->where('subgroup_id', $subgroup_par);
+		return $this->aauth_db->delete($this->config_vars['group_to_group']);
+	}
+
 	//tested
 	/**
 	 * Remove member
@@ -1399,6 +1459,26 @@ public function get_group_id ( $group_par ) {
 		return $row->id;
 	}
 
+	/**
+	 * Get subgroups
+	 * Get subgroups from group name or id ( ! Case sensitive)
+	 * @param int|string $group_par Group id or name to get
+	 * @return object Array of subgroup_id's
+	 */
+	public function get_subgroups ( $group_par ) {
+
+		$group_id = $this->get_group_id($group_par);
+
+		$query = $this->aauth_db->where('group_id', $group_id);
+		$query = $this->aauth_db->select('subgroup_id');
+		$query = $this->aauth_db->get($this->config_vars['group_to_group']);
+
+		if ($query->num_rows() == 0)
+			return FALSE;
+
+		return $query->result();
+	}
+
 	########################
 	# Permission Functions
 	########################
@@ -1531,17 +1611,25 @@ public function is_group_allowed($perm_par, $group_par=FALSE){
 		// if group par is given
 		if($group_par != FALSE){
 
+			$subgroup_ids = $this->get_subgroups($group_par);
 			$group_par = $this->get_group_id($group_par);
-
 			$query = $this->aauth_db->where('perm_id', $perm_id);
 			$query = $this->aauth_db->where('group_id', $group_par);
 			$query = $this->aauth_db->get( $this->config_vars['perm_to_group'] );
+
+			$g_allowed=FALSE;
+			if(is_array($subgroup_ids)){
+				foreach ($subgroup_ids as $g ){
+					if($this->is_group_allowed($perm_id, $g->subgroup_id)){
+						$g_allowed=TRUE;
+					}
+				}
+			}
 
 			if( $query->num_rows() > 0){
-				return TRUE;
-			} else {
-				return FALSE;
+				$g_allowed=TRUE;
 			}
+			return $g_allowed;
 		}
 		// if group par is not given
 		// checks current user's all groups
@@ -1555,9 +1643,8 @@ public function is_group_allowed($perm_par, $group_par=FALSE){
 			if (!$this->is_loggedin()){return FALSE;}
 
 			$group_pars = $this->get_user_groups();
-
 			foreach ($group_pars as $g ){
-				if($this->is_group_allowed($perm_id, $g -> id)){
+				if($this->is_group_allowed($perm_id, $g->id)){
 					return TRUE;
 				}
 			}
@@ -2149,6 +2236,33 @@ public function get_user_var( $key, $user_id = FALSE){
 	}
 
 
+    /**
+	 * Get User Variables by user id
+	 * Return array with all user keys & variables
+	 * @param int $user_id ; if not given current user
+	 * @return bool|array , FALSE if var is not set, the value of var if set
+	 */
+	public function get_user_vars( $user_id = FALSE){
+
+		if ( ! $user_id ){
+			$user_id = $this->CI->session->userdata('id');
+		}
+
+		// if specified user is not found
+		if ( ! $this->get_user($user_id)){
+			return FALSE;
+		}
+
+		$query = $this->aauth_db->select('data_key, value');
+
+		$query = $this->aauth_db->where('user_id', $user_id);
+
+		$query = $this->aauth_db->get( $this->config_vars['user_variables'] );
+
+		return $query->result();
+
+	}
+
 	/**
 	 * List User Variable Keys by UserID
 	 * Return array of variable keys or FALSE

sql/Aauth_v2.sql

@@ -160,3 +160,18 @@ CREATE TABLE `aauth_user_variables` (
 -- ----------------------------
 -- Records of aauth_user_variables
 -- ----------------------------
+
+-- ----------------------------
+-- Table structure for `aauth_perm_to_group`
+-- ----------------------------
+DROP TABLE IF EXISTS `aauth_group_to_group`;
+CREATE TABLE `aauth_group_to_group` (
+  `group_id` int(11) unsigned DEFAULT NULL,
+  `subgroup_id` int(11) unsigned DEFAULT NULL,
+  PRIMARY KEY (`group_id`,`subgroup_id`)
+) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+
+-- ----------------------------
+-- Records of aauth_perm_to_group
+-- ----------------------------
+