1<?php
2
3/*
4 * vim:set softtabstop=4 shiftwidth=4 expandtab:
5 *
6 *  LICENSE: GNU Affero General Public License, version 3 (AGPL-3.0-or-later)
7 * Copyright 2001 - 2020 Ampache.org
8 *
9 * This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
17 * GNU Affero General Public License for more details.
18 *
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
21 *
22 */
23
24declare(strict_types=0);
25
26namespace Ampache\Module\Api\Method;
27
28use Ampache\Config\AmpConfig;
29use Ampache\Repository\Model\Preference;
30use Ampache\Repository\Model\User;
31use Ampache\Module\Api\Api;
32use Ampache\Module\Authorization\Access;
33use Ampache\Module\System\Session;
34use Ampache\Module\User\UserStateTogglerInterface;
35use Ampache\Module\Util\Mailer;
36
37/**
38 * Class UserUpdateMethod
39 * @package Lib\ApiMethods
40 */
41final class UserUpdateMethod
42{
43    private const ACTION = 'user_update';
44
45    /**
46     * user_update
47     * MINIMUM_API_VERSION=400001
48     *
49     * Update an existing user.
50     * Takes the username with optional parameters.
51     *
52     * @param array $input
53     * username   = (string) $username
54     * password   = (string) hash('sha256', $password)) //optional
55     * fullname   = (string) $fullname //optional
56     * email      = (string) $email //optional
57     * website    = (string) $website //optional
58     * state      = (string) $state //optional
59     * city       = (string) $city //optional
60     * disable    = (integer) 0,1 true to disable, false to enable //optional
61     * maxbitrate = (integer) $maxbitrate //optional
62     * @return boolean
63     */
64    public static function user_update(array $input)
65    {
66        if (!Api::check_access('interface', 100, User::get_from_username(Session::username($input['auth']))->id, self::ACTION, $input['api_format'])) {
67            return false;
68        }
69        if (!Api::check_parameter($input, array('username'), self::ACTION)) {
70            return false;
71        }
72        $username   = $input['username'];
73        $fullname   = $input['fullname'];
74        $email      = $input['email'];
75        $website    = $input['website'];
76        $password   = $input['password'];
77        $state      = $input['state'];
78        $city       = $input['city'];
79        $disable    = $input['disable'];
80        $maxbitrate = $input['maxbitrate'];
81
82        // identify the user to modify
83        $user    = User::get_from_username($username);
84        $user_id = $user->getId();
85
86        if ($password && Access::check('interface', 100, $user_id)) {
87            /* HINT: Requested object string/id/type ("album", "myusername", "some song title", 1298376) */
88            Api::error(sprintf(T_('Bad Request: %s'), $username), '4710', self::ACTION, 'system', $input['api_format']);
89
90            return false;
91        }
92
93        $userStateToggler = static::getUserStateToggler();
94
95        if ($user_id > 0) {
96            if ($password && !AmpConfig::get('simple_user_mode')) {
97                $user->update_password('', $password);
98            }
99            if ($fullname) {
100                $user->update_fullname($fullname);
101            }
102            if (Mailer::validate_address($email)) {
103                $user->update_email($email);
104            }
105            if ($website) {
106                $user->update_website($website);
107            }
108            if ($state) {
109                $user->update_state($state);
110            }
111            if ($city) {
112                $user->update_city($city);
113            }
114            if ($disable === '1') {
115                $userStateToggler->disable($user);
116            } elseif ($disable === '0') {
117                $userStateToggler->enable($user);
118            }
119            if ((int) $maxbitrate > 0) {
120                Preference::update('transcode_bitrate', $user_id, $maxbitrate);
121            }
122            Api::message('successfully updated: ' . $username, $input['api_format']);
123
124            return true;
125        }
126        /* HINT: Requested object string/id/type ("album", "myusername", "some song title", 1298376) */
127        Api::error(sprintf(T_('Bad Request: %s'), $username), '4710', self::ACTION, 'system', $input['api_format']);
128        Session::extend($input['auth']);
129
130        return false;
131    }
132
133    /**
134     * @deprecated Inject by constructor
135     */
136    private static function getUserStateToggler(): UserStateTogglerInterface
137    {
138        global $dic;
139
140        return $dic->get(UserStateTogglerInterface::class);
141    }
142}
143