<?php
/**
* Copyright 2012-2014 Rackspace US, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
namespace OpenCloud\Identity\Resource;
use OpenCloud\Common\Collection\PaginatedIterator;
use OpenCloud\Common\Http\Message\Formatter;
use OpenCloud\Common\PersistentObject;
use OpenCloud\Rackspace;
/**
* User class which encapsulates functionality for a user.
*
* A user is a digital representation of a person, system, or service who consumes cloud services. Users have
* credentials and may be assigned tokens; based on these credentials and tokens, the authentication service validates
* that incoming requests are being made by the user who claims to be making the request, and that the user has the
* right to access the requested resources. Users may be directly assigned to a particular tenant and behave as if they
* are contained within that tenant.
*
* @package OpenCloud\Identity\Resource
*/
class User extends PersistentObject
{
/** @var string The default region for this region. Can be ORD, DFW, IAD, LON, HKG or SYD */
private $defaultRegion;
/** @var string */
private $domainId;
/** @var int The ID of this user */
private $id;
/** @var string The username of this user */
private $username;
/** @var string The email address of this user */
private $email;
/** @var bool Whether or not this user is enabled or not */
private $enabled;
/** @var string The string password for this user */
private $password;
protected $createKeys = array('username', 'email', 'enabled', 'password');
protected $updateKeys = array('username', 'email', 'enabled', 'RAX-AUTH:defaultRegion', 'RAX-AUTH:domainId', 'id');
protected $aliases = array(
'name' => 'username',
'RAX-AUTH:defaultRegion' => 'defaultRegion',
'RAX-AUTH:domainId' => 'domainId',
'OS-KSADM:password' => 'password'
);
protected static $url_resource = 'users';
protected static $json_name = 'user';
public function createJson()
{
$json = parent::createJson();
if ($this->getClient() instanceof Rackspace) {
$json->user->username = $json->user->name;
unset($json->user->name);
}
return $json;
}
/**
* @param $region Set the default region
*/
public function setDefaultRegion($region)
{
$this->defaultRegion = $region;
}
/**
* @return string Get the default region
*/
public function getDefaultRegion()
{
return $this->defaultRegion;
}
/**
* @param $domainId Set the domain ID
*/
public function setDomainId($domainId)
{
$this->domainId = $domainId;
}
/**
* @return string Get the domain ID
*/
public function getDomainId()
{
return $this->domainId;
}
/**
* @param $id Set the ID
*/
public function setId($id)
{
$this->id = $id;
}
/**
* @return int Get the ID
*/
public function getId()
{
return $this->id;
}
/**
* @param $username Set the username
*/
public function setUsername($username)
{
$this->username = $username;
}
/**
* @return string Get the username
*/
public function getUsername()
{
return $this->username;
}
/**
* @param $email Sets the email
*/
public function setEmail($email)
{
$this->email = $email;
}
/**
* @return string Get the email
*/
public function getEmail()
{
return $this->email;
}
/**
* @param $enabled Sets the enabled flag
*/
public function setEnabled($enabled)
{
$this->enabled = $enabled;
}
/**
* @return bool Get the enabled flag
*/
public function getEnabled()
{
return $this->enabled;
}
/**
* @return bool Check whether this user is enabled or not
*/
public function isEnabled()
{
return $this->enabled === true;
}
/**
* @param $password Set the password
*/
public function setPassword($password)
{
$this->password = $password;
}
/**
* @return string Get the password
*/
public function getPassword()
{
return $this->password;
}
/**
* @return string
*/
public function primaryKeyField()
{
return 'id';
}
public function updateJson($params = array())
{
$array = array();
foreach ($this->updateKeys as $key) {
if (isset($this->$key)) {
$array[$key] = $this->$key;
}
}
return (object) array('user' => $array);
}
/**
* This operation will set the user's password to a new value.
*
* @param $newPassword The new password to use for this user
* @return \Guzzle\Http\Message\Response
*/
public function updatePassword($newPassword)
{
$array = array(
'username' => $this->username,
'OS-KSADM:password' => $newPassword
);
$json = json_encode((object) array('user' => $array));
return $this->getClient()->post($this->getUrl(), self::getJsonHeader(), $json)->send();
}
/**
* This operation lists a user's non-password credentials for all authentication methods available to the user.
*
* @return array|null
*/
public function getOtherCredentials()
{
$url = $this->getUrl();
$url->addPath('OS-KSADM')->addPath('credentials');
$response = $this->getClient()->get($url)->send();
if ($body = Formatter::decode($response)) {
return isset($body->credentials) ? $body->credentials : null;
}
}
/**
* Get the API key for this user.
*
* @return string|null
*/
public function getApiKey()
{
$url = $this->getUrl();
$url->addPath('OS-KSADM')->addPath('credentials')->addPath('RAX-KSKEY:apiKeyCredentials');
$response = $this->getClient()->get($url)->send();
if ($body = Formatter::decode($response)) {
return isset($body->{'RAX-KSKEY:apiKeyCredentials'}->apiKey)
? $body->{'RAX-KSKEY:apiKeyCredentials'}->apiKey
: null;
}
}
/**
* Reset the API key for this user to a new arbitrary value (which is returned).
*
* @return string|null
*/
public function resetApiKey()
{
$url = $this->getUrl();
$url->addPath('OS-KSADM')
->addPath('credentials')
->addPath('RAX-KSKEY:apiKeyCredentials')
->addPath('RAX-AUTH')
->addPath('reset');
$response = $this->getClient()->post($url)->send();
if ($body = Formatter::decode($response)) {
return isset($body->{'RAX-KSKEY:apiKeyCredentials'}->apiKey)
? $body->{'RAX-KSKEY:apiKeyCredentials'}->apiKey
: null;
}
}
/**
* Add a role, specified by its ID, to a user.
*
* @param $roleId
* @return \Guzzle\Http\Message\Response
*/
public function addRole($roleId)
{
$url = $this->getUrl();
$url->addPath('roles')->addPath('OS-KSADM')->addPath($roleId);
return $this->getClient()->put($url)->send();
}
/**
* Remove a role, specified by its ID, from a user.
*
* @param $roleId
* @return \Guzzle\Http\Message\Response
*/
public function removeRole($roleId)
{
$url = $this->getUrl();
$url->addPath('roles')->addPath('OS-KSADM')->addPath($roleId);
return $this->getClient()->delete($url)->send();
}
/**
* Get all the roles for which this user is associated with.
*
* @return \OpenCloud\Common\Collection\PaginatedIterator
*/
public function getRoles()
{
$url = $this->getUrl();
$url->addPath('roles');
return PaginatedIterator::factory($this, array(
'baseUrl' => $url,
'resourceClass' => 'Role',
'key.collection' => 'roles',
'key.links' => 'roles_links'
));
}
public function update($params = array())
{
if (!empty($params)) {
$this->populate($params);
}
$json = json_encode($this->updateJson($params));
$this->checkJsonError();
return $this->getClient()->post($this->getUrl(), self::getJsonHeader(), $json)->send();
}
}