methods on User to grant, check, and revoke roles

diff --git a/classes/User.php b/classes/User.php
index aa366a5f343c92c5187e8251ad96b564fba0a3e4..58f9a6874e2534385a12e79086f1321ca72fe86f 100644 (file)
--- a/classes/User.php
+++ b/classes/User.php
@@ -674,4 +674,48 @@ class User extends Memcached_DataObject
     {
         return Design::staticGet('id', $this->design_id);
     }
+
+    function hasRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+        return (!empty($role));
+    }
+
+    function grantRole($name)
+    {
+        $role = new User_role();
+
+        $role->user_id = $this->id;
+        $role->role    = $name;
+        $role->created = common_sql_now();
+
+        $result = $role->insert();
+
+        if (!$result) {
+            common_log_db_error($role, 'INSERT', __FILE__);
+            return false;
+        }
+
+        return true;
+    }
+
+    function revokeRole($name)
+    {
+        $role = User_role::pkeyGet(array('user_id' => $this->id,
+                                         'role' => $name));
+
+        if (empty($role)) {
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; does not exist.');
+        }
+
+        $result = $role->delete();
+
+        if (!$result) {
+            common_log_db_error($role, 'DELETE', __FILE__);
+            throw new Exception('Cannot revoke role "'.$name.'" for user #'.$this->id.'; database error.');
+        }
+
+        return true;
+    }
 }

diff --git a/classes/User_role.php b/classes/User_role.php
index 658c920007ca06c2cdbdc3653d2498365e1496d2..85ecfb422dbe5547b17e05ffb373d774d875f31f 100644 (file)
--- a/classes/User_role.php
+++ b/classes/User_role.php
@@ -40,4 +40,9 @@ class User_role extends Memcached_DataObject
 
     /* the code above is auto generated do not remove the tag below */
     ###END_AUTOCODE
+
+    function &pkeyGet($kv)
+    {
+        return Memcached_DataObject::pkeyGet('User_role', $kv);
+    }
 }