/**
* User logout function
*
*/
public function logout()
{
Session::clear("user_id");
Session::clear("user_permission");
Session::clear("username");
Session::clear("name");
}
public function __construct($method, $arguments = NULL)
{
if (Permissions::checkUserPermissions(__CLASS__, $method, $arguments)) {
parent::__construct($method, $arguments);
} else {
if (Session::get("user_id")) {
die("You have no access.");
} else {
header("Location: /user");
}
}
}
public static function checkUserPermissions($controller, $method, $arguments = NULL)
{
$Permissions = new Permissions(str_replace('Controller', '', $controller), $method, $arguments);
// Get the permissions for the requested page.
$nodePermission = $Permissions->getNodePermissions();
// If the page has no permissions sets then it is
// accessible to all visitors.
if ($nodePermission === FALSE || $nodePermission == 0) {
return TRUE;
}
// If the request requires special permissions, the
// visitor must be logged in with a user id.
$userID = Session::get("user_id");
if ($userID === NULL) {
return FALSE;
}
$userPermission = $Permissions->getUserPermissions($userID);
if ($userPermission === FALSE || $userPermission < $nodePermission) {
return FALSE;
}
return TRUE;
}
/**
* Returns all the users (authors)
* from the database.
*
* @return array
*/
public function getUsers()
{
$sqlQuery = "SELECT id, CONCAT_WS(' ', firstname, lastname) AS author FROM Users";
$response = $this->read($sqlQuery);
$returnValue = array("current" => Session::get("user_id"), "list" => $response);
return $returnValue;
}
