Example #1
0
 /**
  * Performs actions related to security once the legacy kernel has been built.
  *
  * @param PostBuildKernelEvent $event
  */
 public function onKernelBuilt(PostBuildKernelEvent $event)
 {
     // Ignore if not in web context, if legacy_mode is active or if user is not authenticated
     if ($this->enabled === false || !$event->getKernelHandler() instanceof ezpWebBasedKernelHandler || $this->configResolver->getParameter('legacy_mode') === true || !$this->isUserAuthenticated()) {
         return;
     }
     $currentUser = $this->repository->getCurrentUser();
     $event->getLegacyKernel()->runCallback(function () use($currentUser) {
         $legacyUser = eZUser::fetch($currentUser->id);
         eZUser::setCurrentlyLoggedInUser($legacyUser, $legacyUser->attribute('contentobject_id'), eZUser::NO_SESSION_REGENERATE);
     }, false, false);
 }
Example #2
0
 public function getView(Location $location, $viewType)
 {
     if ($viewType !== 'full') {
         return null;
     }
     if ($location->getContentInfo()->sectionId !== $this->premiumSectionId) {
         return null;
     }
     if ($this->subscriptionChecker->userIsSubscriber($this->repository->getCurrentUser())) {
         return null;
     }
     return new ContentView("eZDemoBundle:{$viewType}:premium_content.html.twig");
 }
Example #3
0
    /**
     * Copy Type incl fields and groupIds to a new Type object
     *
     * New Type will have $creator as creator / modifier, created / modified should be updated with current time,
     * updated remoteId and identifier should be appended with '_' + unique string.
     *
     * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the current-user is not allowed to copy a content type
     *
     * @param \eZ\Publish\API\Repository\Values\ContentType\ContentType $contentType
     * @param \eZ\Publish\API\Repository\Values\User\User $creator if null the current-user is used
     *
     * @return \eZ\Publish\API\Repository\Values\ContentType\ContentType
     */
    public function copyContentType( APIContentType $contentType, User $creator = null )
    {
        if ( $this->repository->hasAccess( 'class', 'create' ) !== true )
            throw new UnauthorizedException( 'ContentType', 'create' );

        if ( empty( $creator ) )
        {
            $creator = $this->repository->getCurrentUser();
        }

        $this->repository->beginTransaction();
        try
        {
            $spiContentType = $this->contentTypeHandler->copy(
                $creator->id,
                $contentType->id,
                SPIContentType::STATUS_DEFINED
            );
            $this->repository->commit();
        }
        catch ( Exception $e )
        {
            $this->repository->rollback();
            throw $e;
        }

        return $this->loadContentType( $spiContentType->id );
    }
Example #4
0
 public function getView(View $view)
 {
     $viewType = $view->getViewType();
     if ($viewType !== 'full') {
         return null;
     }
     if (!$view instanceof ContentValueView) {
         return null;
     }
     if ($view->getContent()->contentInfo->sectionId !== $this->premiumSectionId) {
         return null;
     }
     if ($this->subscriptionChecker->userIsSubscriber($this->repository->getCurrentUser())) {
         return null;
     }
     return new ContentView("eZDemoBundle:{$viewType}:premium_content.html.twig");
 }
Example #5
0
 /**
  * Given user is deleted.
  *
  * @param $userId
  *
  * @throws \eZ\Publish\Core\REST\Server\Exceptions\ForbiddenException
  *
  * @return \eZ\Publish\Core\REST\Server\Values\NoContent
  */
 public function deleteUser($userId)
 {
     $user = $this->userService->loadUser($userId);
     if ($user->id == $this->repository->getCurrentUser()->id) {
         throw new Exceptions\ForbiddenException('Currently authenticated user cannot be deleted');
     }
     $this->userService->deleteUser($user);
     return new Values\NoContent();
 }
Example #6
0
 /**
  * Refresh given session.
  *
  * @param string $sessionId
  *
  * @throws \eZ\Publish\Core\REST\Common\Exceptions\NotFoundException
  * @return \eZ\Publish\Core\REST\Server\Values\UserSession
  */
 public function refreshSession($sessionId)
 {
     /** @var $session \Symfony\Component\HttpFoundation\Session\Session */
     $session = $this->request->getSession();
     $inputCsrf = $this->request->headers->get('X-CSRF-Token');
     if (!$session->isStarted() || $session->getId() != $sessionId || $session == null) {
         throw new RestNotFoundException("Session not valid");
     }
     return new Values\UserSession($this->repository->getCurrentUser(), $session->getName(), $session->getId(), $inputCsrf, false);
 }
Example #7
0
 /**
  * Return the user object of the current user as well as an information, whether the user is
  * logged in.
  *
  * @return array Array containing the user object and a boolean, whether the user is logged in.
  * <pre>
  *  array(
  *      'content'  => Values\User\User object,
  *      'isLogged' => false
  *  )
  * </pre>
  */
 public function getCurrentUser()
 {
     $currentUser = $this->repository->getCurrentUser();
     $result = array();
     //        $result['versionInfo'] = $currentUser->versionInfo;
     $result['content'] = $currentUser;
     $result['isLogged'] = false;
     // TODO => deprecated function call *loadAnonymousUser()*
     $anonymousUserId = $this->userService->loadAnonymousUser()->content->versionInfo->contentInfo->id;
     if ($anonymousUserId && $anonymousUserId != $currentUser->id) {
         $result['isLogged'] = true;
     }
     return $result;
 }
Example #8
0
 /**
  * Get current user
  *
  * @return \eZ\Publish\API\Repository\Values\User\User
  */
 public function getCurrentUser()
 {
     return $this->repository->getCurrentUser();
 }