protected function checkAccess() { // If backend controller is being used then we should // check for user permissions to use role assigned to current controller and action $rolesCacheDir = ClassLoader::getRealPath('cache.roles'); if (!is_dir($rolesCacheDir)) { if (!@mkdir($rolesCacheDir, 0777, true)) { return false; } } $refl = new ReflectionClass($this); $controllerPath = $refl->getFileName(); $cachePath = $rolesCacheDir . DIRECTORY_SEPARATOR . md5($controllerPath) . '.php'; ClassLoader::import("framework.roles.RolesDirectoryParser"); ClassLoader::import("framework.roles.RolesParser"); $this->roles = new RolesParser($controllerPath, $cachePath); if ($this->roles->wereExpired()) { ClassLoader::import('application.model.role.Role'); Role::addNewRolesNames($this->roles->getRolesNames()); } $role = $this->roles->getRole($this->request->getActionName()); if ($role) { if (!$this->user->hasAccess($role)) { if ($this->user->isAnonymous()) { throw new UnauthorizedException($this); } else { throw new ForbiddenException($this); } } } }
/** * Get LDAPResult object corresponding to a User object * * @param User $user * @return LDAPResult */ function getLdapFromUser($user) { if ($user && !$user->isAnonymous()) { return $this->getLdapFromLdapId($user->getLdapId()); } else { return false; } }
public static function getNewInstance(Product $product, User $user) { $instance = parent::getNewInstance(__CLASS__); $instance->product->set($product); if ($user && $user->isAnonymous()) { $user = null; } $instance->user->set($user); return $instance; }
/** * Add an artefact in the tracker * * @param Tracker_IDisplayTrackerLayout $layout * @param Codendi_Request $request * @param User $user * * @return Tracker_Artifact the new artifact */ private function createArtifact(Tracker_IDisplayTrackerLayout $layout, $request, $user) { $email = null; if ($user->isAnonymous()) { $email = $request->get('email'); } $fields_data = $request->get('artifact'); $this->tracker->augmentDataFromRequest($fields_data); return $this->artifact_factory->createArtifact($this->tracker, $fields_data, $user, $email); }
public static function getNewInstance(Product $product, ProductRatingType $type = null, User $user = null) { $instance = parent::getNewInstance(__CLASS__); $instance->product->set($product); if ($type && is_null($type->getID())) { $type = null; } $instance->ratingType->set($type); if ($user && $user->isAnonymous()) { $user = null; } $instance->user->set($user); return $instance; }
/** * Fetch content of the renderer * @param array $matching_ids * @param Request $request * @return string */ public function fetch($matching_ids, $request, $report_can_be_modified, User $user) { $html = ''; $this->initiateSession(); $readonly = !$report_can_be_modified || $user->isAnonymous(); if (!$readonly && $this->chart_to_edit) { $html .= '<script type="text/javascript" src="/plugins/graphontrackersv5/dependencies.js"></script>'; $url = '?' . http_build_query(array('report' => $this->report->id, 'renderer' => $this->id)); $html .= '<p><a href="' . $url . '">« ' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_include_report', 'return_renderer') . '</a></p>'; $html .= '<form action="' . $url . '" name="edit_chart_form" method="post">'; $html .= '<input type="hidden" name="func" VALUE="renderer" />'; $html .= '<input type="hidden" name="renderer_plugin_graphontrackersv5[edit_chart]" VALUE="' . $this->chart_to_edit->getId() . '" />'; $html .= '<table>'; $html .= '<thead> <tr class="boxtable"> <th class="boxtitle">' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_boxtable', 'chart_properties') . '</th> <th class="boxtitle">' . $GLOBALS['Language']->getText('plugin_graphontrackersv5_boxtable', 'preview') . '</th> </tr> </thead>'; $html .= '<tbody><tr valign="top"><td>'; //{{{ Chart Properties foreach ($this->chart_to_edit->getProperties() as $prop) { $html .= '<p>' . $prop->render() . "</p>\n"; } $html .= '<p style="text-align:center;"><input type="submit" name="renderer_plugin_graphontrackersv5[update_chart]" value="' . $GLOBALS['Language']->getText('global', 'btn_submit') . '" /></p>'; //}}} $html .= '</td><td style="text-align:center">'; //{{{ Chart Preview $html .= $this->chart_to_edit->fetch(); //}}} $html .= '</tr>'; if ($help = $this->chart_to_edit->getHelp()) { $html .= '<tr><td colspan="2" class="inline_help">' . $help . '</td></tr>'; } $html .= '</tbody></table>'; $html .= '</form>'; } else { $in_dashboard = false; $html .= $this->fetchCharts($this->report->getMatchingIds(), $user, $in_dashboard, $readonly); } return $html; }
/** * Update an artifact (means create a new changeset) * * @param array $fields_data Artifact fields values * @param string $comment The comment (follow-up) associated with the artifact update * @param User $submitter The user who is doing the update * @param string $email The email of the person who updates the artifact if modification is done in anonymous mode * @param boolean $send_notification true if a notification must be sent, false otherwise * @param string $comment_format The comment (follow-up) type ("text" | "html") * * @return boolean True if update is done without error, false otherwise */ public function createNewChangeset($fields_data, $comment, $submitter, $email, $send_notification = true, $comment_format = Tracker_Artifact_Changeset_Comment::TEXT_COMMENT) { $is_valid = true; $is_submission = false; if (!$submitter->isAnonymous() || $email != null) { if ($this->validateFields($fields_data, false)) { $comment = trim($comment); $last_changeset = $this->getLastChangeset(); if ($comment || $last_changeset->hasChanges($fields_data)) { //There is a comment or some change in fields: create a changeset $workflow = $this->getWorkflow(); if ($workflow) { $workflow->before($fields_data, $submitter); } if ($changeset_id = $this->getChangesetDao()->create($this->getId(), $submitter->getId(), $email)) { //Store the comment $this->getChangesetCommentDao()->createNewVersion($changeset_id, $comment, $submitter->getId(), 0, $comment_format); //extract references from the comment $this->getReferenceManager()->extractCrossRef($comment, $this->getId(), self::REFERENCE_NATURE, $this->getTracker()->getGroupID(), $submitter->getId(), $this->getTracker()->getItemName()); //Store the value(s) of the fields $used_fields = $this->getFormElementFactory()->getUsedFields($this->getTracker()); foreach ($used_fields as $field) { if (isset($fields_data[$field->getId()]) && $field->userCanUpdate()) { $field->saveNewChangeset($this, $last_changeset, $changeset_id, $fields_data[$field->getId()], $submitter, $is_submission); } else { if ($workflow && isset($fields_data[$field->getId()]) && !$field->userCanUpdate() && $workflow->bypassPermissions($field)) { $bypass_perms = true; $field->saveNewChangeset($this, $last_changeset, $changeset_id, $fields_data[$field->getId()], $submitter, $is_submission, $bypass_perms); } else { $field->saveNewChangeset($this, $last_changeset, $changeset_id, null, $submitter, $is_submission); } } } //Save the artifact $this->getArtifactFactory()->save($this); if ($send_notification) { // Send notifications $this->getChangeset($changeset_id)->notify(); } } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'unable_update')); $is_valid = false; //TODO To be removed } } else { $art_link = '<a class="direct-link-to-artifact" href="' . TRACKER_BASE_URL . '/?aid=' . $this->getId() . '">' . $this->getXRef() . '</a>'; $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'no_changes', array($art_link)), CODENDI_PURIFIER_LIGHT); $is_valid = false; } } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'fields_not_valid')); $is_valid = false; } } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_artifact', 'email_required')); $is_valid = false; } return $is_valid; }
/** * Test is user can read the content of this repository and metadata * * @param User $user The user to test * @param GitRepository $repository The repository to test * * @return Boolean */ public function userCanRead($user, $repository) { if ($repository->isPrivate() && $user->isMember($repository->getProjectId())) { return true; } if ($repository->isPublic()) { if ($user->isRestricted() && $user->isMember($repository->getProjectId())) { return true; } if (!$user->isAnonymous()) { return true; } } return false; }
/** * @covers User::isAnonymous * @covers User::setId */ public function testIsAnonymous() { $this->user->setId(0); $actual = $this->user->isAnonymous(); $this->assertTrue($actual); }
/** * Update db entry of 'user' table with values in object * @param User $user */ function updateDb($user) { if (!$user->isAnonymous()) { $userRow = $user->toRow(); if ($user->getPassword() != '') { if (md5($user->getPassword()) != $user->getUserPw()) { // Update password $userRow['password'] = $user->getPassword(); } } $result = $this->getDao()->updateByRow($userRow); if ($result && ($user->isSuspended() || $user->isDeleted())) { $this->getDao()->deleteAllUserSessions($user->getId()); } return $result; } return false; }
/** * Add an artefact in the tracker * * @param Tracker_IDisplayTrackerLayout $layout * @param Codendi_Request $request * @param User $user * * @return Tracker_Artifact the new artifact */ public function createArtifact(Tracker_IDisplayTrackerLayout $layout, $request, $user) { $email = null; if ($user->isAnonymous()) { $email = $request->get('email'); } $fields_data = $request->get('artifact'); $this->augmentDataFromRequest($fields_data); return Tracker_ArtifactFactory::instance()->createArtifact($this, $fields_data, $user, $email); }