Actions

Difference between revisions of "Accessing the current user object"

From Joomla! Documentation

m (External Links: Updated URL)
m (Determining Status: fixing code)
(16 intermediate revisions by 5 users not shown)
Line 1: Line 1:
 +
{{version/tutor|2.5,3.x}}
 
== Basics ==
 
== Basics ==
  
 
For every request in Joomla!, there is one user. Information about this user is readily available through the Joomla! framework in the form of an object. To get this object for the current user, use the following member function of JFactory:
 
For every request in Joomla!, there is one user. Information about this user is readily available through the Joomla! framework in the form of an object. To get this object for the current user, use the following member function of JFactory:
  
<pre>
+
<source lang="php">
$user =& JFactory::getUser();
+
$user = JFactory::getUser();
</pre>
+
</source>
  
 
Or, to get information about any other registered user you can call the function with a user 'id', e.g. for user '99'; or a username e.g. 'johnsmith':
 
Or, to get information about any other registered user you can call the function with a user 'id', e.g. for user '99'; or a username e.g. 'johnsmith':
  
<pre>
+
<source lang="php">
$user =& JFactory::getUser(99);
+
$user = JFactory::getUser(99);
        $user =& JFactory::getUser('johnsmith');
+
$user = JFactory::getUser('johnsmith');
</pre>
+
</source>
  
Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name, user type, and group id:
+
Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name and user type:
  
<pre>
+
<source lang="php">
echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";
+
echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";
echo "<p>Your usertype is {$user->usertype} which has a group id of {$user->gid}.</p>";
+
</source>
</pre>
+
'''Note:''' Since version 1.6 Joomla has a flexible ACL system, which makes $user->usertype deprecated!
 +
 
 +
The usertype field in #__users will only contain values for users that have been migrated from Joomla 1.5, but for new created users the field will be empty.
 +
 
 +
Use $user->groups to retrieve an array with all the IDs that refer to the groups (from #__usergroups table) of a user.
  
 
== Object Member Variables and Parameters ==
 
== Object Member Variables and Parameters ==
Line 25: Line 30:
  
 
These are the relevant member variables automatically generated on a call to getUser():
 
These are the relevant member variables automatically generated on a call to getUser():
 +
* id - The unique, numerical user id. Use this when referencing the user record in other database tables.
 +
* name - The name of the user. (e.g. Vint Cerf)
 +
* username - The login/screen name of the user. (e.g. shmuffin1979)
 +
* email - The email address of the user. (e.g. crashoverride@hackers.com)
 +
* password - The encrypted version of the user's password
 +
* password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.
 +
* usertype - <strike>The role of the user within Joomla!. (Super Administrator, Editor, etc...)</strike> Has been deprecated since Joomla 1.6. Use $user->groups to retrieve an array with all the roles of a user.
 +
* groups - Set to the user's group ids.
 +
* block - Set to '1' when the user is set to 'blocked' in Joomla!.
 +
* registerDate - Set to the date when the user was first registered.
 +
* lastvisitDate - Set to the date the user last visited the site.
 +
* guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.
 +
* lastResetTime - Set to the last time the password was reset.
 +
* resetCount - Counts the number of password resets.
  
<ul>
 
<li>id - The unique, numerical user id. Use this when referencing the user record in other database tables.</li>
 
<li>name - The name of the user. (e.g. Vint Cerf)</li>
 
<li>username - The login/screen name of the user. (e.g. shmuffin1979)</li>
 
<li>email - The email address of the user. (e.g. crashoverride@hackers.com)</li>
 
<li>password - The encrypted version of the user's password</li>
 
<li>password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.</li>
 
<li>usertype - The role of the user within Joomla!. (Super Administrator, Editor, etc...)</li>
 
<li>gid - Set to the user's group id, which corresponds to the usertype.</li>
 
<li>block - Set to '1' when the user is set to 'blocked' in Joomla!.</li>
 
<li>registerDate - Set to the date when the user was first registered.</li>
 
<li>lastvisitDate - Set to the date the user last visited the site.</li>
 
<li>guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.</li>
 
</ul>
 
 
 
 
In addition to the member variables (which are stored in the database in columns), there are parameters for the user that hold preferences. To get one of these parameters, call the getParam() member function of the user object, passing in the name of the parameter you want along with a default value in case it is blank.
 
In addition to the member variables (which are stored in the database in columns), there are parameters for the user that hold preferences. To get one of these parameters, call the getParam() member function of the user object, passing in the name of the parameter you want along with a default value in case it is blank.
  
<pre>
+
<source lang="php">
$user =& JFactory::getUser();
+
$user = JFactory::getUser();
$language = $user->getParam('language', 'the default');
+
$language = $user->getParam('language', 'the default');
 
 
echo "<p>Your language is set to {$language}.</p>";
+
echo "<p>Your language is set to {$language}.</p>";
</pre>
+
</source>
 
+
  
 
== Determining Status ==
 
== Determining Status ==
Line 56: Line 60:
 
Frequently, you will just want to make sure the user is logged in before continuing. The 'guest' property will be set to '1' when the current user is not logged in. When the user is authenticated, 'guest' will be set to '0'.
 
Frequently, you will just want to make sure the user is logged in before continuing. The 'guest' property will be set to '1' when the current user is not logged in. When the user is authenticated, 'guest' will be set to '0'.
  
<pre>
+
<source lang="php">
$user =& JFactory::getUser();
+
$user = JFactory::getUser();
 
 
 
if ($user->guest) {
 
if ($user->guest) {
 
echo "<p>You must login to see the content. I want your email address.</p>";
 
echo "<p>You must login to see the content. I want your email address.</p>";
 
} else {
 
} else {
?>
+
+
 
<h1>Impromptu leftovers salad that goes well with fish</h1>
 
<h1>Impromptu leftovers salad that goes well with fish</h1>
 
<ul>
 
<ul>
Line 75: Line 78:
 
<li>Several lettuce leaves</li>
 
<li>Several lettuce leaves</li>
 
</ul>
 
</ul>
+
 
<p>Wash the lettuce and basil and place in a salad bowl.
+
<p>Wash the lettuce and basil and place in a salad bowl.
Get out a much smaller bowl and swish around all of the remaining ingredients. Pour this over the greens and toss.
+
Get out a much smaller bowl and swish around all of the remaining ingredients.  
Serves two.</p>
+
Pour this over the greens and toss.
<?php
+
Serves two.</p>
 +
 
 
}
 
}
</pre>
+
</source>
  
 
== Privileges ==
 
== Privileges ==
 +
Not all users are given equal rights. For instance, a Super Administrator may be able to edit anyone's content, while a Publisher may only be able to edit their own. The authorise() member function can be used to determine if the current user has permission to do a certain task. The first parameter is used to identify which task we wish to check being allowed. The second represents the component we wish to retrieve the ACL information from.
  
 
+
<source lang="php">
Not all authenticated users are given equal rights. For instance, a Super Administrator may be able to edit anyone's content, while a Publisher may only be able to edit their own. The authorize() member function can be used to determine if the current user has permission to do a certain task. The first parameter is used to identify which component or function we wish to authenticate against. The second represents the task. The third and fourth are optional; they further break the permissions down into record types and ownership respectively.
+
$user = JFactory::getUser();
 
+
In Joomla! 1.5, the rights for all of the core components are stored in libraries/joomla/user/authorization.php. These are available to all extensions wherever authentication is required. If the permission scheme of the Content component suits your extension's needs, you can use code similar to the following to determine what functions to give to a specific user.
+
 
+
<pre>
+
$user =& JFactory::getUser();
+
 
 
if ($user->authorize('com_content', 'edit', 'content', 'all')) {
+
if ($user->authorise('core.edit', 'com_content'))
 +
{
 
echo "<p>You may edit all content.</p>";
 
echo "<p>You may edit all content.</p>";
} else {
+
}
 +
else
 +
{
 
echo "<p>You may not edit all content.</p>";
 
echo "<p>You may not edit all content.</p>";
 
}
 
}
 
 
if ($user->authorize('com_content', 'publish', 'content', 'own')) {
+
if ($user->authorise('core.edit.own', 'com_content'))
echo "<p>You may publish your own content.</p>";
+
{
} else {
+
echo "<p>You may edit your own content.</p>";
echo "<p>You may not publish your own content.</p>";
+
 
}
 
}
</pre>
+
else
 
+
{
The permissions for core functions may not be suitable for your extension. If this is the case, you can create your own permissions. You will probably want to add this code in a place where it will always be executed, such as the beginning of the component you are building or in a systemwide plugin. First, you need to get an authorization object using the getACL() member function of JFactory. This works like getUser() in that it only creates one authorization object during any particular Joomla! request. Once you have this object, call the addACL() member function to add permissions. Pass in the name of your component or function, the task name, the string 'users', and the user type (in lowercase) respectively. If you want to also define record sets and ownership, pass those in as an additional two parameters.
+
echo "<p>You may not edit your own content.</p>";
 
+
Note that in Joomla! 1.5, permissions are not inherited. For example, if you give an Administrator the right to edit content, Super Administrators do not automatically get this right; you must grant it separately.
+
 
+
<pre>
+
$auth =& JFactory::getACL();
+
+
$auth->addACL('com_userinfo15', 'persuade', 'users', 'super administrator');
+
$auth->addACL('com_userinfo15', 'persuade', 'users', 'administrator');
+
$auth->addACL('com_userinfo15', 'persuade', 'users', 'manager');
+
 
+
$user =& JFactory::getUser();
+
+
if ($user->authorize('com_userinfo15', 'persuade')) {
+
echo "<p>You may persuade the system to do what you wish.</p>";
+
} else {
+
echo "<p>You are not very persuasive.</p>";
+
 
}
 
}
</pre>
+
</source>
 
+
  
 
== Summary ==
 
== Summary ==
  
  
Information about the current user is readily available in any part of your Joomla! extension. You need only fetch the object and access the member variables. You can authorize the user against the core permissions set, or create your own to suit your needs.
+
Information about the current user is readily available in any part of your Joomla! extension. You need only fetch the object and access the member variables. You can authorise the user against the core permissions set, or create your own to suit your needs.
  
 
== External Links ==
 
== External Links ==
  
[http://api.joomla.org/Joomla-Platform/User/JUser.html JUser API documentation] see getInstance.
+
[http://docs.joomla.org/JFactory/getUser JUser API documentation] see getInstance.
  
 
[[Category:Development]]
 
[[Category:Development]]

Revision as of 08:20, 15 January 2014

Contents

Basics

For every request in Joomla!, there is one user. Information about this user is readily available through the Joomla! framework in the form of an object. To get this object for the current user, use the following member function of JFactory:

$user = JFactory::getUser();

Or, to get information about any other registered user you can call the function with a user 'id', e.g. for user '99'; or a username e.g. 'johnsmith':

$user = JFactory::getUser(99);
$user = JFactory::getUser('johnsmith');

Getting a reference through getUser() ensures that only one user object is created during any one Joomla! request, saving on memory and processing time. Most of the information about the user is available through public member variables of the user object. This code displays the current user's name, email, user name and user type:

echo "<p>Your name is {$user->name}, your email is {$user->email}, and your username is {$user->username}</p>";

Note: Since version 1.6 Joomla has a flexible ACL system, which makes $user->usertype deprecated!

The usertype field in #__users will only contain values for users that have been migrated from Joomla 1.5, but for new created users the field will be empty.

Use $user->groups to retrieve an array with all the IDs that refer to the groups (from #__usergroups table) of a user.

Object Member Variables and Parameters

These are the relevant member variables automatically generated on a call to getUser():

  • id - The unique, numerical user id. Use this when referencing the user record in other database tables.
  • name - The name of the user. (e.g. Vint Cerf)
  • username - The login/screen name of the user. (e.g. shmuffin1979)
  • email - The email address of the user. (e.g. crashoverride@hackers.com)
  • password - The encrypted version of the user's password
  • password_clear - Set to the user's password only when it is being changed. Otherwise, remains blank.
  • usertype - The role of the user within Joomla!. (Super Administrator, Editor, etc...) Has been deprecated since Joomla 1.6. Use $user->groups to retrieve an array with all the roles of a user.
  • groups - Set to the user's group ids.
  • block - Set to '1' when the user is set to 'blocked' in Joomla!.
  • registerDate - Set to the date when the user was first registered.
  • lastvisitDate - Set to the date the user last visited the site.
  • guest - If the user is not logged in, this variable will be set to '1'. The other variables will be unset or default values.
  • lastResetTime - Set to the last time the password was reset.
  • resetCount - Counts the number of password resets.


In addition to the member variables (which are stored in the database in columns), there are parameters for the user that hold preferences. To get one of these parameters, call the getParam() member function of the user object, passing in the name of the parameter you want along with a default value in case it is blank.

$user = JFactory::getUser();
$language = $user->getParam('language', 'the default');
 
echo "<p>Your language is set to {$language}.</p>";

Determining Status

Frequently, you will just want to make sure the user is logged in before continuing. The 'guest' property will be set to '1' when the current user is not logged in. When the user is authenticated, 'guest' will be set to '0'.

        $user = JFactory::getUser();
 
        if ($user->guest) {
                echo "<p>You must login to see the content. I want your email address.</p>";
        } else {
 
                <h1>Impromptu leftovers salad that goes well with fish</h1>
                <ul>
                        <li>1/2 cup chopped celery</li>
                        <li>1/4 cup raisins</li>
                        <li>1 teaspoon Extra Virgin Olive Oil</li>
                        <li>2 tablespoons of faux Thai lemongrass marinade</li>
                        <li>1/4 cup shredded fresh basil</li>
                        <li>Sprinkling of dill weed</li>
                        <li>Big pinch of kosher salt</li>
                        <li>Several lettuce leaves</li>
                </ul>
 
                        <p>Wash the lettuce and basil and place in a salad bowl.
                        Get out a much smaller bowl and swish around all of the remaining ingredients. 
                        Pour this over the greens and toss.
                        Serves two.</p>
 
        }

Privileges

Not all users are given equal rights. For instance, a Super Administrator may be able to edit anyone's content, while a Publisher may only be able to edit their own. The authorise() member function can be used to determine if the current user has permission to do a certain task. The first parameter is used to identify which task we wish to check being allowed. The second represents the component we wish to retrieve the ACL information from.

        $user = JFactory::getUser();
 
        if ($user->authorise('core.edit', 'com_content'))
        {
                echo "<p>You may edit all content.</p>";
        }
        else
        {
                echo "<p>You may not edit all content.</p>";
        }
 
        if ($user->authorise('core.edit.own', 'com_content'))
        {
                echo "<p>You may edit your own content.</p>";
        }
        else
        {
                echo "<p>You may not edit your own content.</p>";
        }

Summary

Information about the current user is readily available in any part of your Joomla! extension. You need only fetch the object and access the member variables. You can authorise the user against the core permissions set, or create your own to suit your needs.

External Links

JUser API documentation see getInstance.