/**
* Append project dynamic ugroups of user
*
* @param User $user
* @param array $user_ugroups
*
* @return array the new array of user's ugroup
*/
private function appendDynamicUGroups(User $user, array $user_ugroups = array())
{
$user_projects = $user->getProjects(true);
foreach ($user_projects as $user_project) {
$project_name = strtolower($user_project['unix_group_name']);
$group_id = $user_project['group_id'];
$user_ugroups[] = $this->ugroupIdToStringWithoutArobase(UGroup::PROJECT_MEMBERS, $project_name);
if ($user->isMember($group_id, 'A')) {
$user_ugroups[] = $this->ugroupIdToStringWithoutArobase(UGroup::PROJECT_ADMIN, $project_name);
}
}
return $user_ugroups;
}
/**
* Tests if the user is Superuser, or File release admin
*
* @param User $user
* @param Integer $groupId
*
* @return Boolean
*/
function userCanWrite($user, $groupId)
{
// R2 refers to File release admin
return $this->isWriteEnabled() && ($user->isSuperUser() || $user->isMember($groupId, 'R2'));
}
<?php
$title = 'Membership Management';
$page = 'main';
require './header.php';
$cardid = strtoupper($_GET['cardid']);
$cards = fRecordSet::build('Card', array('uid=' => $cardid));
if ($cards->count() == 0) {
fURL::redirect("/kiosk/addcard.php?cardid=" . $cardid);
}
$card = $cards->getRecord(0);
$user = new User($card->getUserId());
$user->load();
if ($user->isMember()) {
$result = fRecordSet::build('Transaction', array('user_id=' => $user->getId(), 'timestamp>' => new fDate('2009-01-01'), 'timestamp<' => new fDate('now')), array('timestamp' => 'desc'));
if (sizeof($result) > 1) {
$expires = strtotime($result[0]->getTimestamp());
# 30 days ~= a month
# we don't include the 14 days grace period here.
$expires += 30 * 24 * 60 * 60;
$expires = date('d F Y', $expires);
} else {
# This is a special case for Russ, whose payments don't get
# automatically recognised due to issues with payments between
# barclays accounts on the same login
$expires = null;
}
}
?>
<?php
function isMember()
{
return parent::isMember() && $this->isLogged();
}
/**
* Test if user can modify repository configuration
*
* @param User $user The user to test
*
* @return Boolean
*/
public function userCanAdmin($user)
{
return $user->isMember($this->getProjectId(), 'A');
}
public function assertUserCanAccessProject(User $user, Project $project)
{
if ($project->isPublic() && $user->isRestricted() && !$user->isMember($project->getGroupId()) || !$project->isPublic() && !$user->isMember($project->getGroupId())) {
throw new Exception('User do not have access to the project', '3002');
}
}
/**
* Test is user can administrate FRS service of given project
*
* @param User $user User to test
* @param Integer $groupId Project
*
* @return Boolean
*/
public static function userCanAdmin($user, $groupId)
{
return $user->isSuperUser() || $user->isMember($groupId, 'R2') || $user->isMember($groupId, 'A');
}
/**
* Test is user can read the content of this repository and metadata
*
* @param User $user The user to test
* @param GitRepository $repository The repository to test
*
* @return Boolean
*/
public function userCanRead($user, $repository)
{
if ($repository->isPrivate() && $user->isMember($repository->getProjectId())) {
return true;
}
if ($repository->isPublic()) {
if ($user->isRestricted() && $user->isMember($repository->getProjectId())) {
return true;
}
if (!$user->isAnonymous()) {
return true;
}
}
return false;
}
} catch (fNotFoundException $e) {
header('HTTP/1.1 404 Not Found');
echo "Profile not found";
exit;
}
}
$title = "Member Profile: {$this_user->getFullName()}";
if ($user->getMemberNumber() == $this_user->getMemberNumber()) {
$page = 'profile';
} else {
$page = 'memberslist';
}
$desc = '';
require '../header.php';
ensureLogin();
if (($user->isMember() && $this_user->isMember() || $user->getMemberNumber() == $this_user->getMemberNumber() || $user->isAdmin()) && $this_user->getHasProfile() == 1 && $this_user->getDisabledProfile() == 0) {
$user_profile = $this_user->createUsersProfile();
if (!$this_user->isMember() && $user->getMemberNumber() == $this_user->getMemberNumber()) {
?>
<div class="alert alert-info"><p>Thanks! Your profile will become available to other members when your payment has been received.</p></div>
<?php
}
?>
<div class="row profile profile-view">
<div class="col-md-3">
<div class="member-avatar">
<span class="thumbnail">
<img src="/members/photo.php?name=<?php
echo $user_profile->getPhoto();
?>
" class="display img-responsive" alt="User photo"/>
foreach ($projects as $project) {
echo 'checking for changes to "#' . $project->getId() . ': ' . $project->getName() . "\" ...\n";
$from = new DateTime($project->getFromDate());
$to = new DateTime($project->getToDate());
$user = new User($project->getUserId());
$extension = addDays($to, $project->getExtensionDuration());
$logs = fRecordSet::build('ProjectsLog', array('project_id=' => $project->getId()));
if (count($logs) > 0) {
$postedTime = new DateTime(date("c", $logs[0]->getTimestamp()));
}
// We only care about the latest due date if it's been extended
if ($project->hasExtension()) {
$to = $extension;
}
// automatically unapprove projects when user is unsubscribed
if (!$user->isMember() && $project->getState() == 'Pending Approval') {
$project->setState('Unapproved');
$project->store();
// email the owner
$message = "Dear " . htmlspecialchars($user->getFullName()) . ",<br/><br/>" . "Just to let you know our records show you're no longer a paying member at London Hackspace. Your outstanding storage request <a href=\"https://london.hackspace.org.uk/storage/" . $project->getId() . "\">" . $project->getName() . "</a> has been automatically unapproved. If you're having trouble with your membership payment please <a href=\"mailto:contact@london.hackspace.org.uk\">get in touch</a>.<br/><br/>" . "Best,<br/>" . "Monkeys in the machine";
$subject = 'London Hackspace Storage Request #' . $project->getId() . ': ' . $project->getName();
$headers = 'From: no-reply@london.hackspace.org.uk' . "\r\n" . 'Reply-To: contact@london.hackspace.org.uk' . "\r\n" . 'Content-Type:text/html;charset=utf-8' . "\r\n" . 'X-Mailer: PHP/' . phpversion();
mail($user->getEmail(), $subject, $message, $headers);
// log the update
$logmsg = 'Owner isn\'t a subscribed member, status automatically changed to ' . $project->getState();
$project->submitLog($logmsg, false);
$project->submitMailingList($logmsg);
echo $logmsg . "\n";
}
// automatically pass the deadline on projects when the user is unsubscribed
if (!$user->isMember() && ($project->getState() == 'Approved' || $project->getState() == 'Extended')) {
$page = 'memberdetail';
require '../header.php';
if (!isset($user)) {
fURL::redirect('/login.php?forward=/members/members.php');
}
try {
$this_user = new User($_GET['id']);
} catch (fNotFoundException $e) {
header('HTTP/1.1 404 Not Found');
echo "User not found";
require '../footer.php';
echo "</body></html>";
exit;
}
if ($user->isMember() && $this_user->isMember() || $user->isAdmin()) {
?>
<h2>Member Info</h2>
<table>
<tr><th>Name</th><td><?php
echo htmlspecialchars($this_user->getFullName());
?>
</td></tr>
<tr><th>ID</th><td><?php
echo $this_user->getMemberNumber();
?>
</td></tr>
<?php
if ($this_user->getHasProfile()) {
?>
<tr><th>Profile</th><td><a href="/members/profile.php?id=<?php
$title = "Please login";
} else {
$title = "Member Profile: {$this_user->getFullName()}";
}
if ($user && $user->getMemberNumber() == $this_user->getMemberNumber()) {
$page = 'profile';
} else {
$page = 'memberslist';
}
$desc = '';
require('../header.php');
ensureLogin();
if(
(($user->isMember() && $this_user->isMember())
|| ($user->getMemberNumber() == $this_user->getMemberNumber())
|| $user->isAdmin())
&& $this_user->getHasProfile() == 1 && $this_user->getDisabledProfile() == 0
) {
$user_profile = $this_user->createUsersProfile();
if(!$this_user->isMember() && ($user->getMemberNumber() == $this_user->getMemberNumber())) { ?>
<div class="alert alert-info"><p>Thanks! Your profile will become available to other members when your payment has been received.</p></div>
<? } ?>
<div class="row profile profile-view">
<div class="col-md-3">
<div class="member-avatar">
<span class="thumbnail">
<img src="/members/photo.php?name=<?=$user_profile->getPhoto() ?>" class="display img-responsive" alt="User photo"/>
</span>
/**
* Test is user can read the content of this repository and metadata
*
* @param User $user The user to test
* @param GitRepository $repository The repository to test
*
* @return Boolean
*/
public function userCanRead($user, $repository)
{
return $user->isMember($repository->getProjectId(), 'A') || $user->hasPermission(Git::PERM_READ, $repository->getId(), $repository->getProjectId()) || $user->hasPermission(Git::PERM_WRITE, $repository->getId(), $repository->getProjectId()) || $user->hasPermission(Git::PERM_WPLUS, $repository->getId(), $repository->getProjectId());
}
<form method="POST" style="position:absolute; left:-9999px;">
<input type="text" name="attendance_card" id="cardid" accesskey="i"/>
</form>
<?php
if (isset($_POST['attendance_card'])) {
$cards = fRecordSet::build('Card', array('uid=' => $_POST['attendance_card']));
if ($cards->count() == 0) {
?>
<div class="alert alert-danger" role="alert">Unknown Card</div>
<?php
} else {
$card = $cards->getRecord(0);
$attending_user = new User($card->getUserId());
$attending_user->load();
if (!$attending_user->isMember()) {
?>
<div class="alert alert-danger" role="alert">You are not a London Hackspace member</div>
<?php
} else {
$res = $db->translatedQuery("SELECT 1 FROM meeting_attendees WHERE user_id = %s AND meeting = %s", $attending_user->getId(), $meeting);
if ($res->countReturnedRows() == 0) {
$db->execute("INSERT INTO meeting_attendees (user_id, meeting) VALUES (%s, %s)", $attending_user->getId(), $meeting);
?>
<div class="alert alert-success" role="alert">Welcome, <?php
echo $attending_user->prepareFullName();
?>
.
Your attendance has been registered.</div>
<?php
} else {
/**
* Test if given url is restricted for user
*
* @param User $user
* @param Url $url
* @param Array $request_uri
* @param Array $script_name
*
* @return Boolean False if user not allowed to see the content
*/
protected function restrictedUserCanAccessUrl($user, $url, $request_uri, $script_name)
{
$group_id = isset($GLOBALS['group_id']) ? $GLOBALS['group_id'] : $url->getGroupIdFromUrl($request_uri);
// Make sure the URI starts with a single slash
$req_uri = '/' . trim($request_uri, "/");
$user_is_allowed = false;
/* Examples of input params:
Script: /projects, Uri=/projects/ljproj/
Script: /survey/index.php, Uri=/survey/?group_id=101
Script: /project/admin/index.php, Uri=/project/admin/?group_id=101
Script: /tracker/index.php, Uri=/tracker/index.php?group_id=101
Script: /tracker/index.php, Uri=/tracker/?func=detail&aid=14&atid=101&group_id=101
*/
// Restricted users cannot access any page belonging to a project they are not a member of.
// In addition, the following URLs are forbidden (value overriden in site-content file)
$forbidden_url = array('/snippet', '/softwaremap/', '/new/', '/search', '/people/', '/stats', '/top', '/project/register.php', '/export', '/info.php');
// Default values are very restrictive, but they can be overriden in the site-content file
// Default support project is project 1.
$allow_welcome_page = false;
// Allow access to welcome page
$allow_news_browsing = false;
// Allow restricted users to read/comment news, including for their project
$allow_user_browsing = false;
// Allow restricted users to access other user's page (Developer Profile)
$allow_access_to_project_forums = array(1);
// Support project help forums are accessible through the 'Discussion Forums' link
$allow_access_to_project_trackers = array(1);
// Support project trackers are used for support requests
$allow_access_to_project_docs = array(1);
// Support project documents and wiki (Note that the User Guide is always accessible)
$allow_access_to_project_mail = array(1);
// Support project mailing lists (Developers Channels)
$allow_access_to_project_frs = array(1);
// Support project file releases
$allow_access_to_project_refs = array(1);
// Support project references
$allow_access_to_project_news = array(1);
// Support project news
// List of fully public projects (same access for restricted and unrestricted users)
$public_projects = array();
// Customizable security settings for restricted users:
include $GLOBALS['Language']->getContent('include/restricted_user_permissions', 'en_US');
// End of customization
// For convenient reasons, admin can customize those variables as arrays
// but for performances reasons we prefer to use hashes (avoid in_array)
// so we transform array(101) => array(101=>0)
$allow_access_to_project_forums = array_flip($allow_access_to_project_forums);
$allow_access_to_project_trackers = array_flip($allow_access_to_project_trackers);
$allow_access_to_project_docs = array_flip($allow_access_to_project_docs);
$allow_access_to_project_mail = array_flip($allow_access_to_project_mail);
$allow_access_to_project_frs = array_flip($allow_access_to_project_frs);
$public_projects = array_flip($public_projects);
$allow_access_to_project_refs = array_flip($allow_access_to_project_refs);
$allow_access_to_project_news = array_flip($allow_access_to_project_news);
foreach ($forbidden_url as $str) {
$pos = strpos($req_uri, $str);
if ($pos === false) {
// Not found
} else {
if ($pos == 0) {
// beginning of string
return false;
}
}
}
// Welcome page
if (!$allow_welcome_page) {
$sc_name = '/' . trim($script_name, "/");
if ($sc_name == '/index.php') {
return false;
}
}
// Forbid access to other user's page (Developer Profile)
if (strpos($req_uri, '/users/') === 0 && !$allow_user_browsing) {
if ($req_uri != '/users/' . $user->getName()) {
return false;
}
}
// Forum and news. Each published news is a special forum of project 'news'
if (strpos($req_uri, '/news/') === 0 && isset($allow_access_to_project_news[$group_id])) {
$user_is_allowed = true;
}
if (strpos($req_uri, '/news/') === 0 && $allow_news_browsing) {
$user_is_allowed = true;
}
if (strpos($req_uri, '/forum/') === 0 && isset($allow_access_to_project_forums[$group_id])) {
$user_is_allowed = true;
}
// Codendi trackers
if (strpos($req_uri, '/tracker/') === 0 && isset($allow_access_to_project_trackers[$group_id])) {
$user_is_allowed = true;
}
// Codendi documents and wiki
if ((strpos($req_uri, '/docman/') === 0 || strpos($req_uri, '/plugins/docman/') === 0 || strpos($req_uri, '/wiki/') === 0) && isset($allow_access_to_project_docs[$group_id])) {
$user_is_allowed = true;
}
// Codendi mailing lists page
if (strpos($req_uri, '/mail/') === 0 && isset($allow_access_to_project_mail[$group_id])) {
$user_is_allowed = true;
}
// Codendi file releases
if (strpos($req_uri, '/file/') === 0 && isset($allow_access_to_project_frs[$group_id])) {
$user_is_allowed = true;
}
// References
if (strpos($req_uri, '/goto') === 0 && isset($allow_access_to_project_refs[$group_id])) {
$user_is_allowed = true;
}
// Now check group_id
if (isset($group_id)) {
if (!$user_is_allowed) {
if (!$user->isMember($group_id) && !isset($public_projects[$group_id])) {
return false;
}
}
} elseif (array_key_exists('group_id', $_REQUEST)) {
if (!$user_is_allowed) {
if (!$user->isMember($_REQUEST['group_id']) && !isset($public_projects[$_REQUEST['group_id']])) {
return false;
}
}
}
return true;
}
/**
* Return a project the user is authorized to use as template
*
* @param Integer $id
* @param User $requester
*
* @return Project
*/
private function getTemplateById($id, User $requester)
{
$project = $this->projectManager->getProject($id);
if ($project && !$project->isError()) {
if ($project->isTemplate() || $requester->isMember($project->getID(), 'A')) {
return $project;
}
throw new SoapFault('3104', 'Project is not a template');
}
throw new SoapFault('3100', 'Invalid template id ' . $id);
}
<?php
$title = 'Member Box Sticker';
require './header.php';
$cards = fRecordSet::build('Card', array('uid=' => $_GET['cardid']));
if ($cards->count() == 0) {
fURL::redirect("/kiosk/addcard.php?cardid=" . $_GET['cardid']);
}
$card = $cards->getRecord(0);
$user = new User($card->getUserId());
$user->load();
if (isset($_POST['print']) && $user->isMember()) {
$data = array('owner_id' => $user->getId(), 'owner_name' => $user->getFull_Name());
$data_string = json_encode($data);
$ch = curl_init('http://kiosk.london.hackspace.org.uk:12345/print/box');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json', 'Content-Length: ' . strlen($data_string)));
$result = curl_exec($ch);
curl_close($ch);
echo "<p>Your sticker is being printed now.</p>";
}
?>
<?php
if ($user->isMember()) {
?>
<p>On this page you can print a label for your box.</p>
/**
* Remove a notified mail address from all private repositories of a project
*
* @param Integer $groupId Porject ID to remove its repositories notification
* @param User $user User to exclude from notification
*
* @return void
*/
function removeMailByProjectPrivateRepository($groupId, $user)
{
if (!$user->isMember($groupId)) {
$gitDao = $this->_getGitDao();
$repositoryList = $gitDao->getProjectRepositoryList($groupId);
if ($repositoryList) {
foreach ($repositoryList as $row) {
$repository = $this->_getGitRepository();
$repository->setId($row['repository_id']);
$repository->load();
if (!$repository->userCanRead($user)) {
if (!$this->removeMailByRepository($repository, $user->getEmail())) {
$GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_git', 'dao_error_remove_notification'));
}
}
}
}
}
}
public function getUserProjectsAsOptions(User $user, ProjectManager $manager, $currentProjectId)
{
$purifier = Codendi_HTMLPurifier::instance();
$html = '';
$option = '<option value="%d" title="%s">%s</option>';
$usrProject = array_diff($user->getAllProjects(), array($currentProjectId));
foreach ($usrProject as $projectId) {
$project = $manager->getProject($projectId);
if ($user->isMember($projectId, 'A') && $project->usesService(GitPlugin::SERVICE_SHORTNAME)) {
$projectName = $project->getPublicName();
$projectUnixName = $purifier->purify($project->getUnixName());
$html .= sprintf($option, $projectId, $projectUnixName, $projectName);
}
}
return $html;
}
public static function getNextAvailableItem($params)
{
$username = $params['username'];
$projectSlug = $params['projectSlug'];
$type = $params['type'];
$role = $type . "er";
$success = false;
$errorCode = '';
$db = Settings::getProtected('db');
$auth = Settings::getProtected('auth');
// Make sure we're authenticated as the user we say we are
$auth->forceAuthentication();
$loggedInUsername = $auth->getUsername();
if ($username != $loggedInUsername) {
$code = "not-authenticated-as-correct-user";
}
// Load user
$user = new User($username);
// Does this user belong to the project?
if (!$user->isMember($projectSlug, $role)) {
$code = "not-a-member";
}
// Does this user already have an item from this project?
if ($user->hasProjectItem($projectSlug)) {
$code = "has-unfinished-item";
}
// Load the user's queue
$userQueue = new Queue("user.{$type}:{$username}", false, array('include-removed' => true));
$userQueueItems = $userQueue->getItems();
// Load the project's queue
$queue = new Queue("project.{$type}:{$projectSlug}");
$queueItems = $queue->getItems();
// Go through the project queue and get the first item the user hasn't yet done
foreach ($queueItems as $item) {
if (!in_array($item, $userQueueItems)) {
$nextItem = $item;
break;
}
}
if (isset($nextItem) && $nextItem->item_id != -1) {
// Concatenate proofed transcripts
if ($type == 'review') {
// Get proofed transcripts for the new item
$transcripts = $db->loadItemTranscripts($nextItem->project_id, $nextItem->item_id, 'proof');
// Only diff them if there's more than one
if (count($transcripts) > 1) {
$transcriptText = Transcript::diff($transcripts);
} else {
$transcriptText = $transcripts[0]['transcript'];
}
// Only get the fields for the first transcript
$transcriptFields = $transcripts[0]['fields'];
// Create transcript and add to the database
$transcript = new Transcript();
$transcript->setText($transcriptText);
$transcript->setFields($transcriptFields);
$transcript->save(array('item' => $nextItem, 'status' => 'draft', 'type' => 'review'));
}
// Reload the user's queue, this time ignoring items they've already done
// Add it to the user's queue
$userQueue = new Queue("user.{$type}:{$username}", false);
$userQueue->add($nextItem);
$userQueue->save();
// Remove it from the project queue
$queue->remove($nextItem);
$queue->save();
$success = true;
$code = $nextItem->item_id;
} else {
$code = "no-item-available";
}
return array('status' => $success, 'code' => $code);
}
