$username
$username : string
Username of the current user, it is to be considered read-only.
System user, basically encapsulates a MidgardPerson. It does not provide a way to manipulate accounts, instead, this is an abstraction used in the ACL system.
You must not create these objects directly. Instead, use the factory method midcom::get()->auth->get_user($id), where $id is any valid constructor argument for a midcom_db_person.
$scope : integer
The scope value, which must be set during the _load callback, indicates the "depth" of the group in the inheritance tree.
This is used during privilege merging in the content privilege code, which needs a way to determine the proper ordering. All persons currently use the magic value -1.
The variable is considered to be read-only.
$_storage : \midgard_person
The storage object on which we are based.
This is no MidCOM DBA layer object since it must not do any Access Control for the internal system to work. The instance may not be accessed from the outside.
Access to this member is restricted to the ACL user/group core. In case you need a real Storage object for this group, call get_storage() instead.
$_all_groups : array<mixed,\midcom_core_group>
Lists all groups in which a user is a member, both directly and indirectly.
There is no hierarchy, just a plain listing of midcom_core_group objects. It is to be considered read-only.
The array is indexed by the group identifiers, which are used to perform in_group checks.
It is loaded on demand.
$_direct_groups : array<mixed,\midcom_core_group>
Lists all groups in which a user is an immediate member.
It is to be considered read-only.
The array is indexed by the group identifiers, which are used to perform in_group checks.
It is loaded on demand.
$_inheritance_chains : array
All groups the user is a member in, ordered by their inheritance chain.
The first element in the array is always the top-level group, while the last one is always a member of $_direct_groups. This is therefore a multilevel array and is indexed by the direct group id's (midcom_core_group id's, not Midgard IDs!) of the direct groups. The values are group identifiers as well, which can be resolved by either get_group or using the all_groups listing.
This member is populated with $_all_groups.
$_per_class_privileges : Array
List of all privileges assigned to that user based on the class he is accessing. It is to be considered read-only.
This is a multi level array. It holds regular privilege name/state arrays indexed by the name of the class (or subtype thereof) for which they should apply.
It is loaded on demand.
__construct(mixed $id)
The constructor retrieves the user identified by its name from the database and prepares the object for operation.
The class relies on the Midgard Framework to ensure the uniqueness of a user.
The class is only intended to operate with users and groups, and should not be used in normal operations regarding persons.
| mixed | $id | This is either a Midgard Person ID or GUID, a midcom_user ID or an already instantiated midgard_person. |
list_memberships() : array<mixed,\midcom_core_group>
Retrieves a list of groups for which this user is an immediate member.
A list of groups in which the current user is a member
list_all_memberships() : array<mixed,\midcom_core_group>
Retrieves a list of groups for which this user is a member, both directly and indirectly.
There is no hierarchy in the resultset, it is just a plain listing.
A list of groups in which the current user is a member
get_per_class_privileges(object $object) : array
Returns the specific per class global privilege set assigned to this user, taking all parent groups into account.
If the class specified is unknown, an empty array is returned.
| object | $object | The object for which we should look up privileges for. |
Array keys are the privilege names, the values are the Privilege states (ALLOW/DENY).
is_in_group(mixed $group) : boolean
Checks whether a user is a member of the given group.
The group argument may be one of the following (checked in this order of precedence):
| mixed | $group | Group to check against, this can be either a midcom_core_group object or a group string identifier. |
Indicating membership state.
get_storage() : \midcom_db_person
Return the MidCOM DBA object for the current user.
Be aware that depending on ACL information, the retrieval of the user may fail.
The user which is associated with this record or false if the object cannot be accessed.
is_online() : string
Checks the online state of the user. You require the privilege midcom:isonline for the storage object you are going to check. The privilege is not granted by default, to allow users full control over their privacy.
'unknown' is returned in cases where you have insufficient permissions.
One of 'online', 'offline' or 'unknown', indicating the current online state.
get_last_login() : mixed
Returns the last login of the given user.
You require the privilege midcom:isonline for the storage object you are going to check. The privilege is not granted by default, to allow users full control over their privacy.
null is returned in cases where you have insufficient permissions.
The time of the last login, or null in case of insufficient privileges. If there is no known last login time, numeric zero is returned.
get_first_login() : integer
Returns the first login time of the user, if available.
In contrast to get_last_login and is_online this query does not require the isonline privilege, as it is usually used to determine the "age" of a user account in a community.
The time of the first login, or zero in case of users which have never logged in.