<?php
/**
 * 
 * @author  Benjamin Gillissen <hide@address.com>
 * 
 *	**************************************************************

	Copyright (C) 2009  Benjamin Gillissen
	
	This program is free software; you can redistribute it and/or
	modify it under the terms of the GNU General Public License
	as published by the Free Software Foundation; either version 2
	of the License, or (at your option) any later version.
	
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU General Public License for more details at:
	http://www.gnu.org/copyleft/gpl.html

 *	**************************************************************
 */
class realm_accounts {
	
	private $realm;
	private static $_ACC;
	
	public function __construct($realm, $arefs){
		if ( !is_array($arefs) ){ $arefs[] = $arefs; }
		foreach($arefs as $k => $acc ){
			if ( ! isset(self::$_ACC[$acc]) ){ 
				$type = configs::get('account', $acc, 'type');
				if ( FALSE === $type  ){ errors::raise('Account "'.$acc.'" used in realm "'.$realm.'" is missing "type" option', CORE_LOG_ALERT, 'REALM'); }
				$class = 'acc_'.$type;
				self::$_ACC[$acc] = new $class($realm, $acc);
			}
		}
	}
	
	public static function splitid($uid){
		list($o['acc'], $o['id']) = split(':', $uid);
		return $o;
	}
	
	public static function mergeid($acc, $uid){ return $acc.':'.$uid; }
	
	public static function passcrypt($realm, $aref, $pass, $login=NULL){
		$hash = configs::get('account', $aref, 'hash');
		if ($hash !== 'clear'){ 
			$scheme = configs::get('account', $aref, 'hashscheme');
			if ( FALSE !== $scheme ){
				$n = str_replace('%realm', $realm, $scheme); 
				$n = str_replace('%login', $login, $n);
				$n = str_replace('%pass', $pass, $n);
				$pass = $n;
				unset($n);
			}
			switch($hash){
				case 'MD5' : $pass = md5($pass);break;
				case 'SHA1': $pass = sha1($pass);break;
			}
		}
		return $pass;
	}
	
	public function authcheck($login, $pass){
		foreach(self::$_ACC as $aref => &$acc){
			$uid = $acc->authcheck($login, $pass);
			if ( FALSE !== $uid ){ return self::mergeid($aref, $uid); }
		}
		return FALSE;
	}
	
	
	public function getpass($uid){ 			
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->getpass($uid['id']); 
	}
	
	public function cookcheck($login, $key){ 
		foreach(self::$_ACC as $aref => &$acc){
			$uid = $acc->cookcheck($login, $key);
			if ( FALSE !== $uid ){ return self::mergeid($aref, $uid); }
		}
		return FALSE; 
	}

	public function set_cookey($uid, $key){
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; } 	
		return self::$_ACC[$uid['acc']]->set_cookey($uid['id'], $key); 
	}
	
	public function update_lastlogin($uid){ 	
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->set_lastlogin($uid['id'], time()); 
	}
	
	public function islocked($uid){ 			
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->islocked($uid['id']); 
	}
	
	public function lock($uid){
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->lock($uid['id']); }
	
	public function unlock($uid){
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->unlock($uid['id']); 
	}
	
	public function ismemberof($uid){
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		$ar = self::$_ACC[$uid['acc']]->ismemberof($uid['id']);
		if ( !is_array($ar) ){ return FALSE; }
		foreach($ar as $level => &$groups ){
			foreach($groups as $k => &$grp ){ $grp = self::mergeid($uid['acc'], $grp); }
		}
		return $ar;
	}
	
	public function infobyuid($info, $uid){ 	
		$uid = self::splitid($uid);
		if ( !isset(self::$_ACC[$uid['acc']]) ){ return FALSE; }
		return self::$_ACC[$uid['acc']]->infobyuid($info, $uid['id']); 
	}
	
	public function uidbylogin($login){ 
		foreach(self::$_ACC as $aref => &$acc){
			$uid = $acc->infobylogin('uid', $login);
			if ( FALSE !== $uid ){ return self::mergeid($aref, $uid); }
		}
		return FALSE;
	}
	
	public function groupbygid($rgid){
		$gid = self::splitid($rgid);
		if ( !isset(self::$_ACC[$gid['acc']]) ){ return FALSE; }		
		return self::$_ACC[$gid['acc']]->groupbygid($gid['id']); 
	}
}