/** * The before() method is called before main controller action. * In our template controller we override this method so that we can * set up default values. These variables are then available to our * controllers if they need to be modified. * * @return void */ public function before() { // Execute parent::before first parent::before(); try { $this->session = Session::instance(); } catch (ErrorException $e) { session_destroy(); } // Load the default Cache engine $this->cache = Cache::instance(); // Open session $this->session = Session::instance(); // If an api key has been provided, login that user $api_key = $this->request->query('api_key'); if ($api_key) { $user_orm = ORM::factory('user', array('api_key' => $api_key)); if ($user_orm->loaded() and $user_orm->username != 'public') { Auth::instance()->force_login($user_orm); } else { // api_keys used by apps. Instead of giving the login page // tell them something went wrong. throw new HTTP_Exception_403(); } } // In case anonymous setting changed and user had a session, // log out if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and !(bool) Model_Setting::get_setting('anonymous_access_enabled')) { Auth::instance()->logout(); } // Anonymous logged in and login controller requested, logout if (Auth::instance()->logged_in() and Auth::instance()->get_user()->username == 'public' and $this->request->controller() == 'login') { Auth::instance()->logout(); } // If we're not logged in, gives us chance to auto login $supports_auto_login = new ReflectionClass(get_class(Auth::instance())); $supports_auto_login = $supports_auto_login->hasMethod('auto_login'); if (!Auth::instance()->logged_in() and $supports_auto_login) { // Controller exempt from auth check $exempt_controllers = Kohana::$config->load('auth.ignore_controllers'); Auth::instance()->auto_login(); if (!Auth::instance()->get_user() and !in_array($this->request->controller(), $exempt_controllers)) { $this->login_required(); } } if ($this->auth_required !== FALSE and Auth::instance()->logged_in($this->auth_required) === FALSE) { if (Auth::instance()->logged_in()) { // User is logged in but not on the secure_actions list $this->access_required(); } else { $this->login_required(); } } // Get the logged In User $this->user = Auth::instance()->get_user(); if ($this->user) { // Is anonymous logged in? if ($this->user->username == 'public') { $this->anonymous = TRUE; } // Is this user an admin? $this->admin = $this->user->is_admin(); if (strtolower(Kohana::$config->load('auth.driver')) == 'riverid' and !in_array($this->user->username, Kohana::$config->load('auth.exempt'))) { $this->riverid_auth = TRUE; } // Does this user have an account space? if (!($this->account = $this->cache->get('user_account_' . $this->user->id, FALSE))) { $this->account = ORM::factory('account')->where('user_id', '=', $this->user->id)->find(); $this->cache->set('user_account_' . $this->user->id, $this->account, 3600 + rand(0, 3600)); } if (!$this->account->loaded() and $this->request->uri() != 'register') { // Make the user create an account Request::current()->redirect('register'); } // Logged in user's dashboard url if ($this->anonymous) { $this->dashboard_url = URL::site('welcome'); } else { $this->dashboard_url = URL::site() . $this->account->account_path; } // Build the base URL $visited_account_path = $this->request->param('account'); if ($visited_account_path and $visited_account_path != $this->account->account_path) { $this->base_url = URL::site() . $visited_account_path . '/' . $this->request->controller(); $this->visited_account = ORM::factory('account', array('account_path' => $visited_account_path)); // Visited account doesn't exist? if (!$this->visited_account->loaded()) { $this->request->redirect($this->dashboard_url); } } else { $this->base_url = URL::site() . $this->account->account_path . '/' . $this->request->controller(); $this->visited_account = $this->account; } } // Load Header & Footer & variables if ($this->auto_render) { $this->template->header = View::factory('template/header')->bind('user', $this->user)->bind('site_name', $site_name)->bind('dashboard_url', $this->dashboard_url); $this->template->header->js = ''; // Dynamic Javascript $this->template->header->css = ''; // Dynamic CSS $this->template->header->meta = ''; $this->template->header->show_nav = TRUE; $site_name = Model_Setting::get_setting('site_name'); // Header Nav $this->template->header->nav_header = View::factory('template/nav/header')->bind('user', $this->user)->bind('admin', $this->admin)->bind('account', $this->account)->bind('anonymous', $this->anonymous); $this->template->header->nav_header->controller = $this->request->controller(); if ($this->user) { $this->template->header->nav_header->num_notifications = Model_User_Action::count_notifications($this->user->id); if (!($buckets = Cache::instance()->get('user_buckets_' . $this->user->id, FALSE))) { $buckets = json_encode($this->user->get_buckets_array($this->user)); Cache::instance()->set('user_buckets_' . $this->user->id, $buckets, 3600 + rand(0, 3600)); } $this->template->header->bucket_list = $buckets; if (!($rivers = Cache::instance()->get('user_rivers_' . $this->user->id, FALSE))) { $rivers = json_encode($this->user->get_rivers_array($this->user)); Cache::instance()->set('user_rivers_' . $this->user->id, $rivers, 3600 + rand(0, 3600)); } $this->template->header->river_list = $rivers; } $this->template->content = ''; $this->template->footer = View::factory('template/footer'); if (!in_array($this->request->controller(), array('river', 'bucket', 'search'))) { // Reset cookies Cookie::set(Swiftriver::COOKIE_SEARCH_SCOPE, 'all'); } } }
/** * Bucket collaborators restful api * * @return void */ public function action_collaborators() { $this->template = ''; $this->auto_render = FALSE; $query = $this->request->query('q') ? $this->request->query('q') : NULL; if ($query) { echo json_encode(Model_User::get_like($query, array($this->user->id, $this->bucket->account->user->id))); return; } switch ($this->request->method()) { case "DELETE": // Is the logged in user an owner? if (!$this->owner) { throw new HTTP_Exception_403(); } $user_id = intval($this->request->param('id', 0)); $user_orm = ORM::factory('user', $user_id); if (!$user_orm->loaded()) { return; } $collaborator_orm = $this->bucket->bucket_collaborators->where('user_id', '=', $user_orm->id)->find(); if ($collaborator_orm->loaded()) { $collaborator_orm->delete(); Model_User_Action::delete_invite($this->user->id, 'bucket', $this->bucket->id, $user_orm->id); } break; case "PUT": // Is the logged in user an owner? if (!$this->owner) { throw new HTTP_Exception_403(); } $user_id = intval($this->request->param('id', 0)); $user_orm = ORM::factory('user', $user_id); $collaborator_array = json_decode($this->request->body(), TRUE); $collaborator_orm = ORM::factory("bucket_collaborator")->where('bucket_id', '=', $this->bucket->id)->where('user_id', '=', $user_orm->id)->find(); if (!$collaborator_orm->loaded()) { $collaborator_orm->bucket = $this->bucket; $collaborator_orm->user = $user_orm; Model_User_Action::create_action($this->user->id, 'bucket', $this->bucket->id, $user_orm->id); } if (isset($collaborator_array['read_only'])) { $collaborator_orm->read_only = (bool) $collaborator_array['read_only']; } $collaborator_orm->save(); break; } }
public function action_index() { if ($this->owner) { $this->template->header->title = __('Dashboard'); $this->template->header->js = View::factory('pages/user/js/main'); $this->active = 'dashboard-navigation-link'; $this->sub_content = View::factory('pages/user/main')->bind('owner', $this->owner)->bind('account', $this->visited_account); $gravatar_view = TRUE; } else { $this->template->header->title = __(':name\'s Profile', array(':name' => Text::limit_chars($this->visited_account->user->name))); $this->template->header->js = View::factory('pages/user/js/profile'); $this->template->header->js->visited_account = $this->visited_account; $this->template->header->js->bucket_list = json_encode($this->visited_account->user->get_buckets_array($this->user)); $this->template->header->js->river_list = json_encode($this->visited_account->user->get_rivers_array($this->user)); $this->sub_content = View::factory('pages/user/profile'); $this->sub_content->account = $this->visited_account; $this->sub_content->anonymous = $this->anonymous; $gravatar_view = FALSE; $this->template->content->view_type = "user"; } // Activity stream $this->sub_content->activity_stream = View::factory('template/activities')->bind('activities', $activities)->bind('fetch_url', $fetch_url)->bind('owner', $this->owner)->bind('gravatar_view', $gravatar_view); $fetch_url = URL::site() . $this->visited_account->account_path . '/user/action/actions'; $activity_list = Model_User_Action::get_activity_stream($this->visited_account->user->id, $this->user->id, !$this->owner); $this->sub_content->has_activity = count($activity_list) > 0; $activities = json_encode($activity_list); }