Ejemplo n.º 1
0
Archivo: note.php Proyecto: anqh/core
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
             return (bool) $user;
         case self::PERMISSION_UPDATE:
             return $user && ($user->id == $this->author_id || $user->has_role('admin', 'photo admin'));
         case self::PERMISSION_DELETE:
             return $user && (in_array($user->id, array($this->user_id, $this->author_id)) || $user->has_role('admin', 'photo admin'));
         case self::PERMISSION_READ:
             return true;
     }
     return false;
 }
Ejemplo n.º 2
0
 /**
  * Find Notifications for user.
  *
  * @static
  * @param   Model_User  $target
  * @return  Model_Notification[]
  */
 public function find_by_target(Model_User $target)
 {
     // User notifications
     $query = DB::select_array($this->fields())->where('target_id', '=', $target->id)->order_by('id', 'DESC');
     // Admin notifications
     if ($target->has_role('admin', 'photo moderator')) {
         $query = $query->or_where_open()->where('class', '=', Notification_Galleries::CLASS_GALLERIES)->and_where('type', '=', Notification_Galleries::TYPE_IMAGE_REPORT)->or_where_close();
     }
     return $this->load($query, 0);
 }
Ejemplo n.º 3
0
Archivo: area.php Proyecto: anqh/forum
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_POST:
         case self::PERMISSION_READ:
             return (bool) $user;
     }
     return false;
 }
Ejemplo n.º 4
0
Archivo: entry.php Proyecto: anqh/blog
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_READ:
             return true;
         case self::PERMISSION_CREATE:
         case self::PERMISSION_COMMENT:
         case self::PERMISSION_COMMENTS:
             return (bool) $user;
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && ($this->author_id == $user->id || $user->has_role('admin'));
     }
     return false;
 }
Ejemplo n.º 5
0
Archivo: role.php Proyecto: anqh/core
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         // Everybody can read roles
         case self::PERMISSION_READ:
             return true;
             // Don't allow to delete nor rename of critical roles
         // Don't allow to delete nor rename of critical roles
         case self::PERMISSION_DELETE:
             if (in_array($this->id, array(self::LOGIN, self::ADMIN))) {
                 return false;
             }
         default:
             return $user && $user->has_role('admin');
     }
 }
Ejemplo n.º 6
0
Archivo: group.php Proyecto: anqh/forum
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     $status = false;
     switch ($permission) {
         case self::PERMISSION_DELETE:
             if (count($this->areas())) {
                 // Don't delete groups with areas
                 return false;
             }
         case self::PERMISSION_CREATE:
         case self::PERMISSION_CREATE_AREA:
         case self::PERMISSION_UPDATE:
             $status = $user && $user->has_role('admin');
             break;
         case self::PERMISSION_READ:
             $status = true;
             break;
     }
     return $status;
 }
Ejemplo n.º 7
0
Archivo: topic.php Proyecto: anqh/anqh
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_DELETE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_POST:
             return ($this->status != self::STATUS_LOCKED || $user->has_role('admin')) && $this->has_permission(self::PERMISSION_READ, $user);
         case self::PERMISSION_READ:
             return $user && in_array($user->id, $this->recipients());
         case self::PERMISSION_UPDATE:
             return $this->has_permission(self::PERMISSION_READ, $user) && parent::has_permission($permission, $user);
     }
     return false;
 }
Ejemplo n.º 8
0
Archivo: flyer.php Proyecto: anqh/anqh
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_DELETE:
             return $user && $user->has_role(array('admin', 'photo moderator'));
         case self::PERMISSION_COMMENT:
         case self::PERMISSION_COMMENTS:
         case self::PERMISSION_CREATE:
         case self::PERMISSION_READ:
             return (bool) $user;
         case self::PERMISSION_UPDATE:
             return $user && !$this->has_full_date();
     }
     return false;
 }
Ejemplo n.º 9
0
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
             return (bool) $user;
             break;
         case self::PERMISSION_COMBINE:
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && $user->has_role('admin', 'venue moderator');
             break;
         case self::PERMISSION_READ:
             return true;
     }
     return false;
 }
Ejemplo n.º 10
0
Archivo: image.php Proyecto: anqh/anqh
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
         case self::PERMISSION_NOTE:
         case self::PERMISSION_REPORT:
             return (bool) $user;
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && ($user->id == $this->author_id || $user->has_role('admin', 'photo moderator'));
         case self::PERMISSION_READ:
             return true;
     }
     return false;
 }
Ejemplo n.º 11
0
Archivo: area.php Proyecto: anqh/anqh
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_POST:
             return $user && !$this->is_hidden && (!$this->is_moderated || $user->has_role('admin'));
         case self::PERMISSION_READ:
             return !$this->is_hidden && $this->area_type != self::TYPE_PRIVATE && (!$this->is_private || $user);
     }
     return false;
 }
Ejemplo n.º 12
0
Archivo: topic.php Proyecto: anqh/forum
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_DELETE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_POST:
             return $user && ($this->status !== self::STATUS_LOCKED || $user->has_role('admin'));
         case self::PERMISSION_READ:
             return Permission::has($this->area(), Model_Forum_Area::PERMISSION_READ, $user);
         case self::PERMISSION_UPDATE:
             return $user && ($this->status !== self::STATUS_LOCKED && $user->id == $this->author_id || $user->has_role('admin'));
     }
     return false;
 }
Ejemplo n.º 13
0
Archivo: area.php Proyecto: anqh/forum
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_CREATE:
         case self::PERMISSION_DELETE:
         case self::PERMISSION_UPDATE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_POST:
             return $user && ($this->access_write != self::WRITE_ADMINS && $this->area_type != self::TYPE_BIND && $this->status != self::STATUS_HIDDEN || $user->has_role('admin'));
         case self::PERMISSION_READ:
             return $this->status == self::STATUS_NORMAL && $this->area_type != self::TYPE_PRIVATE && ($this->access_read == self::READ_NORMAL || $user);
     }
     return false;
 }
Ejemplo n.º 14
0
 protected function add_edit(Model_User &$user)
 {
     $errors = array();
     $roles = ORM::factory('Role')->where('id', '!=', Model_User::LOGIN_ROLE_ID)->order_by('id')->find_all()->as_array('id');
     if ($this->request->method() == Request::POST) {
         $data = $this->request->post();
         $_data = $data;
         // operate on copy: $_data
         $email = $user->email;
         // keep email in the case od validation exception to restore this value in $user
         $external_validation = Validation::factory($_data)->labels(array('repeat_email' => 'Repeat e-mail'))->rules('roles', array(array('each_in_array', array(':value', array_keys($roles)))))->rules('repeat_email', array(array('matches', array(':validation', ':field', 'email'))));
         if ($user->loaded()) {
             if (empty($_data['email'])) {
                 // no email while editing means: no changing but ORM model need email value to be not empty
                 $_data['email'] = $user->email;
             }
         } else {
             $_data['password'] = Text::random('alnum', 14);
             // set random password for new user
         }
         try {
             $user->values($_data)->save($external_validation);
         } catch (ORM_Validation_Exception $vex) {
             $errors = $vex->errors('orm');
             $user->email = $email;
             // restore original email value
         }
         // Manage roles for user:
         if (empty($errors)) {
             $user_roles = (array) Arr::get($data, 'roles', array());
             foreach ($roles as $role) {
                 // Adding:
                 if (in_array($role->id, $user_roles) and !$user->has_role($role->id)) {
                     $user->add('roles', $role);
                 }
                 // Removing:
                 if (!in_array($role->id, $user_roles) and $user->has_role($role->id)) {
                     $user->remove('roles', $role);
                 }
             }
             if (!empty($data['send_hashlink'])) {
                 $this->send_activation($user);
             }
             // finish saving
             return TRUE;
         }
     } else {
         if ($user->loaded()) {
             $data = $user->as_array();
             $data['email'] = '';
             $data['roles'] = array();
             foreach ($roles as $role) {
                 if ($user->has_role($role->id)) {
                     $data['roles'][] = $role->id;
                 }
             }
         } else {
             $data = array('send_hashlink' => '1');
         }
     }
     $this->content = View::factory("users/edit")->bind("user", $user)->bind("roles", $roles)->bind("data", $data)->bind("errors", $errors);
 }
Ejemplo n.º 15
0
 /**
  * Attempt to log in a user by using an ORM object and plain-text password.
  *
  * @param   Model_User  $user
  * @param   string      $password  plain text
  * @param   boolean     $remember  auto-login
  * @return  boolean
  */
 public function login(Model_User $user, $password, $remember = false)
 {
     if (!$password || !$user) {
         return false;
     }
     // Get the salt from the stored password
     $salt = $this->find_salt($user->password_kohana);
     // Create a hashed password using the salt from the stored password
     $hashed_password = $this->hash_password($password, $salt);
     // If the passwords match to hashed password or "generated" password, perform a login
     if (($user->password_kohana === $hashed_password || self::generate_password($user->password_kohana) === $password) && $user->has_role('login')) {
         if ($remember === true) {
             // Create a new autologin token
             $token = new Model_User_Token();
             $token->user_id = $user->id;
             $token->expires = time() + $this->_config['lifetime'];
             $token->create();
             // Set the autologin cookie
             Cookie::set($this->_config['cookie_name'], $token->token, $this->_config['lifetime']);
         }
         // Finish the login
         $this->complete_login($user);
         return true;
     }
     // Login failed
     return false;
 }
Ejemplo n.º 16
0
 /**
  * Check permission
  *
  * @param   string      $permission
  * @param   Model_User  $user
  * @return  boolean
  */
 public function has_permission($permission, $user)
 {
     switch ($permission) {
         case self::PERMISSION_APPROVE:
         case self::PERMISSION_UPDATE:
             return $user && $user->has_role(array('admin', 'photo moderator'));
         case self::PERMISSION_APPROVE_WAITING:
             return $user && $user->has_role(array('photo', 'admin', 'photo moderator'));
         case self::PERMISSION_DELETE:
             return $user && $user->has_role('admin');
         case self::PERMISSION_COMMENT:
         case self::PERMISSION_COMMENTS:
         case self::PERMISSION_CREATE:
         case self::PERMISSION_UPLOAD:
             return (bool) $user;
         case self::PERMISSION_READ:
             return true;
     }
     return false;
 }