function tips($category = null)
{
OutputModes('xhtml', FeedOutputModes());
if (!CheckPermissions('public')) {
return;
}
if (null === $category) {
$data = array('Categories' => $this->crosswords_model->GetTipCategories(null, true), 'SelfUri' => $this->uri->uri_string());
$this->main_frame->SetFeedTitle('The Yorker Crossword Tips');
if (FeedOutputMode()) {
$this->main_frame->Channel()->SetDescription('All crossword tips.');
$this->_fillTipsFeed();
} else {
$this->main_frame->setContentSimple('crosswords/tips', $data);
/// @todo Use pages interface
$this->main_frame->SetTitle('Crossword Tips');
}
} else {
$category_info = null;
if (is_numeric($category)) {
$category_info = $this->crosswords_model->GetTipCategories((int) $category, true);
if (empty($category_info)) {
$category_info = null;
} else {
$category_info = $category_info[0];
}
}
if (null === $category_info) {
show_404();
}
$this->main_frame->SetFeedTitle('The Yorker Crossword Tips - ' . $category_info['name']);
if (FeedOutputMode()) {
$this->main_frame->Channel()->SetDescription('All crossword tips in category "' . $category_info['name'] . '".');
$this->_fillTipsFeed($category_info['id']);
} else {
$data = array('Category' => $category_info, 'Tips' => new CrosswordTipsList($category_info['id'], null), 'PostAction' => $this->uri->uri_string());
$this->main_frame->setContentSimple('crosswords/tip_cat_view', $data);
/// @todo Use pages interface
$this->main_frame->SetTitle('Crossword Tips - ' . $category_info['name']);
}
}
$this->main_frame->Load();
}
/**
* @param $Permission string or array of the following levels (in the order that
* they are to be obtained:
* - 'public' - anyone
* - 'student' - must be logged on
* - 'vip' - must be logged on as a vip
* - 'vip+pr' - must be logged on as a vip or a pr rep
* - 'office' - must be in the office
* - 'pr' - must be in the office as a pr rep
* - 'editor' - must be in the office as an editor
* - 'admin' - must be in the office as an administrator
* @param $LoadMainFrame bool Whether to load the mainframe if permision hasn't
* yet been acquired (for the login screen).
* @return bool Whether enough privilages.
*/
function CheckPermissions($Permission = 'public', $LoadMainFrame = TRUE, $NoPost = FALSE)
{
// Start a session
$CI =& get_instance();
// Initialisation stuff
$CI->load->library('messages');
$CI->load->model('user_auth');
$CI->load->model('pages_model');
// Decide on output format
if (isset($_POST['fb_sig'])) {
/// @todo AUTHENTICATE FACEBOOK
OutputMode('fbml');
global $_SESSION;
$_SESSION = array();
} else {
if (isset($_GET['opmode'])) {
OutputMode($_GET['opmode']);
} else {
OutputMode(DefaultOutputMode());
}
}
// If the output mode is not supported, show a 404
if (!in_array(OutputMode(), OutputModes())) {
show_404();
}
// Translate some auxilliary permissions
$auxilliary_permissions = array('moderator' => 'editor');
if (array_key_exists($Permission, $auxilliary_permissions)) {
$Permission = $auxilliary_permissions[$Permission];
}
$user_level = GetUserLevel();
// URL analysis regarding vip area
$thru_viparea = $CI->uri->total_segments() >= 1 && $CI->uri->segment(1) === 'viparea';
$thru_office_pr = $CI->uri->total_segments() >= 3 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'pr' && $CI->uri->segment(3) === 'org';
$thru_office_manage = $CI->uri->total_segments() >= 2 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'manage';
$company_short_name = $CI->config->Item('company_organisation_id');
$organisation_specified = FALSE;
if ($thru_viparea) {
if ($CI->uri->total_segments() > 1) {
$organisation_shortname = $CI->uri->segment(2);
$organisation_specified = TRUE;
VipSegments(2);
} else {
$organisation_shortname = $CI->user_auth->organisationShortName;
}
// don't allow access to vip area of the company, only through office/manage
if ($organisation_shortname === $company_short_name) {
$organisation_shortname = '';
$CI->user_auth->logoutOrganisation();
redirect('');
}
vip_url('viparea/' . $organisation_shortname . '/', TRUE);
} elseif ($thru_office_pr) {
$organisation_shortname = $CI->uri->segment(4);
$organisation_specified = TRUE;
VipSegments(4);
vip_url('office/pr/org/' . $organisation_shortname . '/', TRUE);
} elseif ($thru_office_manage) {
$organisation_shortname = $company_short_name;
$organisation_specified = TRUE;
VipSegments(2);
vip_url('office/manage/', TRUE);
} else {
$organisation_shortname = '';
}
VipOrganisation(FALSE, $organisation_shortname);
VipOrganisation(TRUE, $CI->user_auth->organisationShortName);
// Login actions for student/vip/office logins
$student_login_action = array('redirect+url', 'login/main', 'post' => TRUE);
if ($organisation_specified) {
$vip_login_action = array('redirect+url', 'login/vipswitch/' . $organisation_shortname, 'post' => TRUE);
} else {
$vip_login_action = array('redirect+url', 'login/vip', 'post' => TRUE);
}
$office_login_action = array('redirect+url', 'login/office', 'post' => TRUE);
// If vip+pr, use URI to decide which
if ($Permission === 'vip+pr') {
$Permission = $thru_viparea ? 'vip' : ($thru_office_pr ? 'pr' : ($thru_office_manage ? 'manage' : ''));
} elseif ($Permission === 'vip') {
$Permission = $thru_viparea ? 'vip' : ($thru_office_manage ? 'manage' : '');
} elseif ($thru_office_pr && $Permission !== 'pr' || $thru_viparea && $Permission !== 'vip' || $thru_office_manage && $Permission !== 'manage') {
$Permission = '';
}
// Matrix indexed by user level, then page level, of behaviour
// Possible values:
// NULL/notset http error 404
// TRUE allowed
// array specially handled
// otherwise access denied
if ($user_level === 'public') {
$action_levels = array('public' => TRUE, 'student' => $student_login_action, 'vip' => $student_login_action, 'office' => $student_login_action, 'pr' => $student_login_action, 'editor' => $student_login_action, 'manage' => $student_login_action, 'admin' => $student_login_action);
} elseif ($user_level === 'student') {
$action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $vip_login_action, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
} elseif ($user_level === 'organisation') {
// Logged in from public as organisation
$allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
$action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $allow_vip, 'office' => FALSE, 'pr' => FALSE, 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
if ($allow_vip) {
VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
VipOrganisationName(TRUE, $CI->user_auth->organisationName);
VipMode('viparea');
VipLevel('write', TRUE);
}
} elseif ($user_level === 'vip') {
// Logged in as student and in VIP area
$vip_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/vip' . $CI->uri->uri_string()), 'Leave VIP Area') . $CI->pages_model->GetPropertyText('login:warn_open_vip', TRUE), TRUE);
$allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
if ($allow_vip) {
$vip_accessible = TRUE;
VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
VipOrganisationName(TRUE, $CI->user_auth->organisationName);
VipMode('viparea');
VipLevel('write', TRUE);
} else {
// check permissions to access this organisation
$vip_organisations = $CI->user_auth->getOrganisationLogins();
foreach ($vip_organisations as $organisation) {
if ($organisation['organisation_directory_entry_name'] == $organisation_shortname) {
$vip_accessible = $vip_login_action;
break;
}
}
if (!isset($vip_accessible)) {
$vip_accessible = FALSE;
}
}
$action_levels = array('public' => $vip_door_open_action, 'student' => $vip_door_open_action, 'vip' => $vip_accessible, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
} else {
// Office
// Door left open actions
$office_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/office' . $CI->uri->uri_string()), 'Leave Office') . $CI->pages_model->GetPropertyText('login:warn_open_office', TRUE), TRUE);
$admin_door_open_action = $office_door_open_action;
// check permissions to access this organisation
$manage_accessible = FALSE;
$vip_organisations = $CI->user_auth->getOrganisationLogins();
foreach ($vip_organisations as $organisation) {
if ($organisation['organisation_directory_entry_name'] == $company_short_name) {
$manage_accessible = TRUE;
break;
}
}
// Refine further
if ($user_level === 'office') {
$action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => 'pr', 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
} elseif ($user_level === 'editor') {
$action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => FALSE);
} elseif ($user_level === 'admin') {
$action_levels = array('public' => $admin_door_open_action, 'student' => $admin_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => TRUE);
}
// Change an office user to pr if they rep for the organisation
static $vipModes = array('pr' => 'office', 'manage' => 'manage');
if (array_key_exists($Permission, $vipModes)) {
// Get organisation information
$CI->db->select('organisation_entity_id AS id,' . 'organisation_name AS name,' . 'organisation_pr_rep AS rep');
$CI->db->join('entities', 'organisation_entity_id = entity_id', 'inner');
$CI->db->where(array('organisation_directory_entry_name' => $organisation_shortname, 'entity_deleted = FALSE'));
$matching_org = $CI->db->get('organisations')->result_array();
if (empty($matching_org)) {
$action_levels[$Permission] = FALSE;
} else {
$matching_org = $matching_org[0];
if ($action_levels[$Permission] === 'pr') {
$action_levels[$Permission] = TRUE;
$rep = $matching_org['rep'] == $CI->user_auth->entityId;
if ($rep) {
VipLevel('rep', TRUE);
} else {
VipLevel('read', TRUE);
}
} elseif ($action_levels[$Permission]) {
VipLevel('write', TRUE);
}
VipOrganisationId(FALSE, $matching_org['id']);
VipOrganisationName(FALSE, $matching_org['name']);
VipOrganisationId(TRUE, $matching_org['id']);
VipOrganisationName(TRUE, $matching_org['name']);
VipMode($vipModes[$Permission]);
}
}
}
$access_allowed = FALSE;
// No permission set or NULL indicates page doesn't exist at this URI
if (!array_key_exists($Permission, $action_levels) || NULL === $action_levels[$Permission]) {
return show_404();
} else {
$action = $action_levels[$Permission];
// True is allow
if (TRUE === $action) {
$access_allowed = TRUE;
} elseif (is_array($action)) {
// Array is special decider
// Perform action
switch ($action[0]) {
case 'handle':
$access_allowed = $action[1]($action[2], $Permission);
if (array_key_exists(3, $action)) {
$CI->messages->AddMessage($action[3], $action[4], FALSE);
}
break;
case 'redirect+url':
$action[1] .= $CI->uri->uri_string();
case 'redirect':
if (array_key_exists(2, $action)) {
$CI->messages->AddMessage($action[2], $action[3]);
}
if (array_key_exists('post', $action) && $action['post']) {
// store post data
if (!empty($_POST)) {
SetRedirectData($action[1], serialize($_POST));
}
}
// Before redirecting, forward on the redirected post data
$post_data = GetRedirectData();
if (NULL !== $post_data) {
SetRedirectData($action[1], $post_data);
}
// Do the redirect
redirect($action[1]);
return FALSE;
case 'message':
$CI->messages->AddMessage($action[1], $action[2], FALSE);
$access_allowed = $action[3];
break;
default:
break;
}
} else {
// Anything else is disallow
$CI->messages->AddMessage('warning', 'You do not have the ' . $Permission . ' privilages required!');
//redirect('');
}
// Restore post data
if ((TRUE === $action || is_array($action)) && !$NoPost) {
$post_data = GetRedirectData();
if (NULL !== $post_data) {
$post_data = @unserialize($post_data);
if (is_array($post_data)) {
if (!isset($_POST)) {
global $_POST;
$_POST = array();
}
foreach ($post_data as $key => $value) {
$_POST[$key] = $value;
}
}
}
}
}
if ('fbml' === OutputMode()) {
$Permission = 'facebookapp';
} elseif ('ajax' === OutputMode()) {
$Permission = 'ajax';
} elseif (FeedOutputMode()) {
$Permission = 'feed';
}
SetupMainFrame($Permission, FALSE);
if (!$access_allowed && $LoadMainFrame) {
$CI->load->library('Custom_pages');
$page = new CustomPageView('error:permissions');
$CI->main_frame->SetContent($page);
$CI->main_frame->Load();
}
return $access_allowed;
}
