public static function blogEntry($author_id = '',$entry_id = '')
{
$entry = new Entry();
$min_access = Application::user()->minAccessLevel();
$access = $entry->also('Access');
$access->clause('access_level',$min_access,Clause::GTE);
if(Application::user()->id())
{
$lbk_user = $entry->also('LogbookUser');
$lbk_user->clauseSafe('user_id',Application::user()->id());
}
if($author_id)
$entry->clauseSafe('author_id',Logbook::current()->authorId());
$entry->maybe('BlogTag');
if(!$entry_id)
$entry_id = Application::param('entry_id');
if($entry_id&&$author_id)
$entry->clauseSafe('entry_id',$entry_id);
$entry->order('entry_date');
/*$entry->order('author_id');
$entry->order('entry_id');*/
$entry->maybe('Comment');
$entry->descending();
try
{
$page = $entry->page(1,1);
$ret = current($page->objects());
Logbook::current()->setAuthorId($ret->get('author_id'));
}
catch(Exception $exc)
{
$ret = new Entry();
}
return $ret;
}
public function userChanged()
{
$ret = false;
if ($this->ajaxResponse()) {
if ($disp = $this->getPreviousDisplay()) {
$prev = $disp['user'];
$ret = Application::user()->toString() != $prev;
}
}
return $ret;
}
public function runHandlerTest()
{
$redir = Application::current()->redirection_listener;
Application::current()->setRedirectionListener($this);
Application::alterParam('h', $this->test_handler->getClass());
try {
ob_start();
Application::current()->run();
$cached = ob_get_clean();
} catch (RedirectionException $exc) {
$this->setResult('Redirected to: ' . $exc->handler() . ' with vars: ' . $exc->varString(), MurphyTest::REDIRECT);
Application::current()->setRedirectionLister($redir);
} catch (AccessDeniedException $exc) {
$this->setResult('Access denied to ' . $this->test_handler->getClass() . ' for user: '******' in test: ' . $this->name, MurphyTest::ACCESS_DENIED);
Application::current()->setRedirectionLister($redir);
} catch (Exception $exc) {
$this->setResult('Exception of type ' . get_class($exc) . ': ' . $exc->getMessage(), MurphyTest::EXCEPTION);
Application::current()->setRedirectionLister($redir);
}
$this->setResult('Completed handler test for: ' . $this->name, MurphyTest::COMPLETE);
}
private static function getSearchObjectForUser($user)
{
$min_access = $user->minAccessLevel();
$ret = new Entry();
$access = $ret->also('Access');
$access->clause('access_level', $min_access, Clause::GTE);
if (Application::user()->id()) {
$lbk_user = $ret->also('LogbookUser');
$lbk_user->clause('user_id', $user);
}
$ret->order('entry_date');
$ret->descending();
$ret->sterile();
return $ret;
}
public function impersonateUser($user)
{
Session::register('not_impersonated_user', Application::user());
Application::setUser($user);
SiteNavigation::init($user->getHandlerTree());
}
public function userCanDoAction($user, $entry, $action)
{
//DEFAULT RETURN VALUE IS TRUE
$ret = true;
//GRANT ALL PERMISSIONS TO THE AUTHOR
$author = new Author();
$author->clause('author_id', $entry->get('author_id'));
$author->noForeign();
$author_user_id = $author->get('user_id');
if ($author_user_id != $user->id()) {
//FIRST CHECK IF WE ARE EXCLUDED BASED ON ACCESS LEVEL
$min_level = Application::user()->minAccessLevel();
$check_entry = $entry->restrict();
//IF THE ENTRY ACCESS ID IS GREATER THAN THE MIN LEVEL
//OF THE CURRENT APP USER (0 IS ROOT LEVEL ACCESS)
if ($access = $check_entry->fetchSingle('Access')) {
$level = $access->get('access_level');
} else {
$level = 0;
}
if ($level >= $min_level) {
if ($user->id()) {
$access = new EntryGroupAccess();
//NOW CHECK IF THERE IS GROUP ACCESS CONTROL FOR
//ANY GROUPS THIS USER IS A MEMBER OF
$user = $user->restrict();
$user->also('Group');
$access->clause('author_id', $entry->get('author_id'));
$access->clause('entry_id', $entry->get('entry_id'));
//IF THE USER IS IN ANY GROUPS
if ($groups = $user->fetch('Group')) {
$access->clause('group_id', $groups, Clause::IN);
} else {
$access->clause('group_id', 0);
}
//IF THERE WERE ACCESS ENTRIES FOR GROUPS THAT THIS USER IS IN
if ($entries = $access->fetch()) {
//LOOP THROUGH UNTIL WE FIND A GROUP THAT DIASALLOWS
//THEN STOP
foreach ($entries as $access_entry) {
if ($ret) {
$ret = $access_entry->get($action);
} else {
end($entries);
}
}
} else {
if ($action != LogbookAccess::VIEW) {
$ret = false;
}
}
} else {
if ($action != LogbookAccess::VIEW) {
$ret = false;
}
}
} else {
$ret = false;
}
}
return $ret;
}
