/** * Add a new user into a given project * * @param Integer $group_id Project id * @param PFUser $user User to add * * @return Boolean */ function account_add_user_obj_to_group($group_id, PFUser $user) { //user was found but if it's a pending account adding //is not allowed if (!$user->isActive() && !$user->isRestricted()) { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'account_notactive', $user->getUserName())); return false; } //if not already a member, add it $res_member = db_query("SELECT user_id FROM user_group WHERE user_id=" . $user->getId() . " AND group_id='" . db_ei($group_id) . "'"); if (db_numrows($res_member) < 1) { //not already a member db_query("INSERT INTO user_group (user_id,group_id) VALUES (" . db_ei($user->getId()) . "," . db_ei($group_id) . ")"); //if no unix account, give them a unix_uid if ($user->getUnixStatus() == 'N' || !$user->getUnixUid()) { $user->setUnixStatus('A'); $um = UserManager::instance(); $um->assignNextUnixUid($user); $um->updateDb($user); } // Raise an event $em = EventManager::instance(); $em->processEvent('project_admin_add_user', array('group_id' => $group_id, 'user_id' => $user->getId(), 'user_unix_name' => $user->getUserName())); $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('include_account', 'user_added')); account_send_add_user_to_group_email($group_id, $user->getId()); group_add_history('added_user', $user->getUserName(), $group_id, array($user->getUserName())); return true; } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('include_account', 'user_already_member')); } return false; }
/** * Test is user can read the content of this repository and metadata * * @param PFUser $user The user to test * @param GitRepository $repository The repository to test * * @return Boolean */ public function userCanRead($user, $repository) { if ($repository->isPrivate() && $user->isMember($repository->getProjectId())) { return true; } if ($repository->isPublic()) { if ($user->isRestricted() && $user->isMember($repository->getProjectId())) { return true; } if (!$user->isAnonymous()) { return true; } } return false; }
/** * User can get information about other users if they are active, retricted or suspended * * Suspended is needed to be coherent with the GUI where the suspended users are displayed * like active users to people (otherwise it breaks Mylyn on trackers due to workflow manager) * * @param string $identifier * @param PFUser $user * @param PFUser $current_user * @return array */ function user_to_soap($identifier, PFUser $user = null, PFUser $current_user) { if ($user !== null && ($user->isActive() || $user->isRestricted() || $user->isSuspended())) { if ($current_user->canSee($user)) { return array('identifier' => $identifier, 'username' => $user->getUserName(), 'id' => $user->getId(), 'real_name' => $user->getRealName(), 'email' => $user->getEmail(), 'ldap_id' => $user->getLdapId()); } } }
private function restrictedMemberIsNotProjectMember(PFUser $user, $project_id) { return $user->isRestricted() && !$user->isMember($project_id); }
private function userIsRestrictedAndNotMemberOfProject(PFUser $user, Project $project) { return $user->isRestricted() && !$user->isMember($project->getID()) && $this->project_manager->checkRestrictedAccessForUser($project, $user); }
function trove_get_visibility_for_user($field, PFUser $user) { if (ForgeConfig::areRestrictedUsersAllowed() && $user->isRestricted()) { return $field . ' = "' . db_es(Project::ACCESS_PUBLIC_UNRESTRICTED) . '"'; } else { return $field . ' != "' . db_es(Project::ACCESS_PRIVATE) . '"'; } }
private function userIsRestrictedAndNotProjectMember(PFUser $user, Project $project) { return $project->allowsRestricted() && $user->isRestricted() && !$user->isMember($project->getID()); }
/** * Ensure given user can access given project * * @param PFUser $user * @param Project $project * @return boolean * @throws Project_AccessProjectNotFoundException * @throws Project_AccessDeletedException * @throws Project_AccessRestrictedException * @throws Project_AccessPrivateException */ public function userCanAccessProject(PFUser $user, Project $project) { if ($project->isError()) { throw new Project_AccessProjectNotFoundException(); } elseif ($user->isSuperUser()) { return true; } elseif (!$project->isActive()) { throw new Project_AccessDeletedException($project); } elseif ($user->isMember($project->getID())) { return true; } elseif ($user->isRestricted() && !$this->canRestrictedUserAccess($user, $project)) { throw new Project_AccessRestrictedException(); } elseif ($project->isPublic()) { return true; } elseif ($this->userHasBeenDelegatedAccess($user)) { return true; } throw new Project_AccessPrivateException(); }
public function assertUserCanAccessProject(PFUser $user, Project $project) { if ($project->isPublic() && $user->isRestricted() && !$user->isMember($project->getGroupId()) || !$project->isPublic() && !$user->isMember($project->getGroupId())) { throw new Exception('User do not have access to the project', '3002'); } }