/**
* The before() method is called before main controller action.
* In our template controller we override this method so that we can
* set up default values. These variables are then available to our
* controllers if they need to be modified.
*
* @return void
*/
public function before()
{
// Execute parent::before first
parent::before();
try {
$this->session = Session::instance();
} catch (ErrorException $e) {
session_destroy();
}
// Load the default Cache engine
$this->cache = Cache::instance();
// Open session
$this->session = Session::instance();
// If an api key has been provided, login that user
$api_key = $this->request->query('api_key');
if ($api_key) {
$user_orm = ORM::factory('user', array('api_key' => $api_key));
if ($user_orm->loaded() and $user_orm->username != 'public') {
Auth::instance()->force_login($user_orm);
} else {
// api_keys used by apps. Instead of giving the login page
// tell them something went wrong.
throw new HTTP_Exception_403();
}
}
// In case anonymous setting changed and user had a session,
// log out
if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and !(bool) Model_Setting::get_setting('anonymous_access_enabled')) {
Auth::instance()->logout();
}
// Anonymous logged in and login controller requested, logout
if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and $this->request->controller() == 'login') {
Auth::instance()->logout();
}
// If we're not logged in, gives us chance to auto login
$supports_auto_login = new ReflectionClass(get_class(Auth::instance()));
$supports_auto_login = $supports_auto_login->hasMethod('auto_login');
if (!Auth::instance()->logged_in() and $supports_auto_login) {
// Controller exempt from auth check
$exempt_controllers = Kohana::$config->load('auth.ignore_controllers');
Auth::instance()->auto_login();
if (!Auth::instance()->get_user() and !in_array($this->request->controller(), $exempt_controllers)) {
$this->login_required();
}
}
if ($this->auth_required !== FALSE and Auth::instance()->logged_in($this->auth_required) === FALSE) {
if (Auth::instance()->logged_in()) {
// User is logged in but not on the secure_actions list
$this->access_required();
} else {
$this->login_required();
}
}
// Get the logged In User
$this->user = Auth::instance()->get_user();
if ($this->user) {
// Is anonymous logged in?
if ($this->user->username == 'public') {
$this->anonymous = TRUE;
}
// Is this user an admin?
$this->admin = $this->user->is_admin();
if (strtolower(Kohana::$config->load('auth.driver')) == 'riverid' and !in_array($this->user->username, Kohana::$config->load('auth.exempt'))) {
$this->riverid_auth = TRUE;
}
// Does this user have an account space?
if (!($this->account = $this->cache->get('user_account_' . $this->user->id, FALSE))) {
$this->account = ORM::factory('account')->where('user_id', '=', $this->user->id)->find();
$this->cache->set('user_account_' . $this->user->id, $this->account, 3600 + rand(0, 3600));
}
if (!$this->account->loaded() and $this->request->uri() != 'register') {
// Make the user create an account
Request::current()->redirect('register');
}
// Logged in user's dashboard url
if ($this->anonymous) {
$this->dashboard_url = URL::site('welcome');
} else {
$this->dashboard_url = URL::site() . $this->account->account_path;
}
// Build the base URL
$visited_account_path = $this->request->param('account');
if ($visited_account_path and $visited_account_path != $this->account->account_path) {
$this->base_url = URL::site() . $visited_account_path . '/' . $this->request->controller();
$this->visited_account = ORM::factory('account', array('account_path' => $visited_account_path));
// Visited account doesn't exist?
if (!$this->visited_account->loaded()) {
$this->request->redirect($this->dashboard_url);
}
} else {
$this->base_url = URL::site() . $this->account->account_path . '/' . $this->request->controller();
$this->visited_account = $this->account;
}
}
// Load Header & Footer & variables
if ($this->auto_render) {
$this->template->header = View::factory('template/header')->bind('user', $this->user)->bind('site_name', $site_name)->bind('dashboard_url', $this->dashboard_url);
$this->template->header->js = '';
// Dynamic Javascript
$this->template->header->css = '';
// Dynamic CSS
$this->template->header->meta = '';
$this->template->header->show_nav = TRUE;
$site_name = Model_Setting::get_setting('site_name');
// Header Nav
$this->template->header->nav_header = View::factory('template/nav/header')->bind('user', $this->user)->bind('admin', $this->admin)->bind('account', $this->account)->bind('anonymous', $this->anonymous);
$this->template->header->nav_header->controller = $this->request->controller();
if ($this->user) {
$this->template->header->nav_header->num_notifications = Model_User_Action::count_notifications($this->user->id);
if (!($buckets = Cache::instance()->get('user_buckets_' . $this->user->id, FALSE))) {
$buckets = json_encode($this->user->get_buckets_array($this->user));
Cache::instance()->set('user_buckets_' . $this->user->id, $buckets, 3600 + rand(0, 3600));
}
$this->template->header->bucket_list = $buckets;
if (!($rivers = Cache::instance()->get('user_rivers_' . $this->user->id, FALSE))) {
$rivers = json_encode($this->user->get_rivers_array($this->user));
Cache::instance()->set('user_rivers_' . $this->user->id, $rivers, 3600 + rand(0, 3600));
}
$this->template->header->river_list = $rivers;
}
$this->template->content = '';
$this->template->footer = View::factory('template/footer');
if (!in_array($this->request->controller(), array('river', 'bucket', 'search'))) {
// Reset cookies
Cookie::set(Swiftriver::COOKIE_SEARCH_SCOPE, 'all');
}
}
}
/**
* Bucket collaborators restful api
*
* @return void
*/
public function action_collaborators()
{
$this->template = '';
$this->auto_render = FALSE;
$query = $this->request->query('q') ? $this->request->query('q') : NULL;
if ($query) {
echo json_encode(Model_User::get_like($query, array($this->user->id, $this->bucket->account->user->id)));
return;
}
switch ($this->request->method()) {
case "DELETE":
// Is the logged in user an owner?
if (!$this->owner) {
throw new HTTP_Exception_403();
}
$user_id = intval($this->request->param('id', 0));
$user_orm = ORM::factory('user', $user_id);
if (!$user_orm->loaded()) {
return;
}
$collaborator_orm = $this->bucket->bucket_collaborators->where('user_id', '=', $user_orm->id)->find();
if ($collaborator_orm->loaded()) {
$collaborator_orm->delete();
Model_User_Action::delete_invite($this->user->id, 'bucket', $this->bucket->id, $user_orm->id);
}
break;
case "PUT":
// Is the logged in user an owner?
if (!$this->owner) {
throw new HTTP_Exception_403();
}
$user_id = intval($this->request->param('id', 0));
$user_orm = ORM::factory('user', $user_id);
$collaborator_array = json_decode($this->request->body(), TRUE);
$collaborator_orm = ORM::factory("bucket_collaborator")->where('bucket_id', '=', $this->bucket->id)->where('user_id', '=', $user_orm->id)->find();
if (!$collaborator_orm->loaded()) {
$collaborator_orm->bucket = $this->bucket;
$collaborator_orm->user = $user_orm;
Model_User_Action::create_action($this->user->id, 'bucket', $this->bucket->id, $user_orm->id);
}
if (isset($collaborator_array['read_only'])) {
$collaborator_orm->read_only = (bool) $collaborator_array['read_only'];
}
$collaborator_orm->save();
break;
}
}
public function action_index()
{
if ($this->owner) {
$this->template->header->title = __('Dashboard');
$this->template->header->js = View::factory('pages/user/js/main');
$this->active = 'dashboard-navigation-link';
$this->sub_content = View::factory('pages/user/main')->bind('owner', $this->owner)->bind('account', $this->visited_account);
$gravatar_view = TRUE;
} else {
$this->template->header->title = __(':name\'s Profile', array(':name' => Text::limit_chars($this->visited_account->user->name)));
$this->template->header->js = View::factory('pages/user/js/profile');
$this->template->header->js->visited_account = $this->visited_account;
$this->template->header->js->bucket_list = json_encode($this->visited_account->user->get_buckets_array($this->user));
$this->template->header->js->river_list = json_encode($this->visited_account->user->get_rivers_array($this->user));
$this->sub_content = View::factory('pages/user/profile');
$this->sub_content->account = $this->visited_account;
$this->sub_content->anonymous = $this->anonymous;
$gravatar_view = FALSE;
$this->template->content->view_type = "user";
}
// Activity stream
$this->sub_content->activity_stream = View::factory('template/activities')->bind('activities', $activities)->bind('fetch_url', $fetch_url)->bind('owner', $this->owner)->bind('gravatar_view', $gravatar_view);
$fetch_url = URL::site() . $this->visited_account->account_path . '/user/action/actions';
$activity_list = Model_User_Action::get_activity_stream($this->visited_account->user->id, $this->user->id, !$this->owner);
$this->sub_content->has_activity = count($activity_list) > 0;
$activities = json_encode($activity_list);
}
