/**
* test view function
* @test
* @depends test_generate_key
*/
public function test_view()
{
//prepare
self::login_as_admin();
self::delete_tokens_file();
$paths = array();
$keys = array();
$paths[1] = Settings::$photos_dir . "/tokenfolder";
$paths[2] = Settings::$photos_dir . "/tokenfolder2";
$paths[3] = Settings::$photos_dir . "/tokenfolder/subfolder";
for ($i = 1; $i <= 3; $i++) {
if (!file_exists($paths[$i])) {
mkdir($paths[$i]);
}
$keys[$i] = Guesttoken::generate_key();
GuestToken::create($paths[$i], $keys[$i]);
}
CurrentUser::logout();
//test
for ($i = 1; $i <= 3; $i++) {
$this->assertTrue(GuestToken::view($keys[$i], $paths[$i]));
}
$this->assertFalse(GuestToken::view($keys[3], $paths[1]));
$this->assertFalse(GuestToken::view($keys[3], $paths[2]));
$this->assertFalse(GuestToken::view($keys[2], $paths[1]));
$this->assertTrue(GuestToken::view($keys[1], $paths[3]));
}
/**
* Returns true if the current user may access this file
*
* @param string $f file to access
* @return bool
* @author Thibaud Rohmer
*/
public static function view($f)
{
// Check if user has an account
if (!isset(CurrentUser::$account) && !isset(CurrentUser::$token)) {
// User is not logged in
$judge = new Judge($f);
return $judge->public;
}
if (!Judge::inGoodPlace($f)) {
return false;
}
// No Judge required for the admin. This guy rocks.
if (CurrentUser::$admin) {
return true;
}
// Create Judge
$judge = new Judge($f);
// Public file
if ($judge->public) {
return true;
}
if (isset(CurrentUser::$account)) {
// User allowed
if (in_array(CurrentUser::$account->login, $judge->users)) {
return true;
}
// User in allowed group
foreach (CurrentUser::$account->groups as $group) {
if (in_array($group, $judge->groups)) {
return true;
}
}
}
if (isset(CurrentUser::$token)) {
if (GuestToken::view(CurrentUser::$token, $f)) {
return true;
}
}
return false;
}
