function testAllUsersCreateSiteByDefault() { $user = new UserAccountModel(); $user->setEmail("*****@*****.**"); $user->setUsername("test"); $user->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($user); $userRepo->verifyEmail($user); // reload user object so all flags set correctly $user = $userRepo->loadByUserName("test"); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); ## user can create sites, anon can't! $permissions = $userPerRepo->getPermissionsForUserInIndex(null, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex(null, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, false); $this->assertEquals(1, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, true); $this->assertEquals(0, count($permissions->getPermissions())); }
function testSpecificUsersCreateSite() { $user = new UserAccountModel(); $user->setEmail("*****@*****.**"); $user->setUsername("test"); $user->setPassword("password"); $userOther = new UserAccountModel(); $userOther->setEmail("*****@*****.**"); $userOther->setUsername("other"); $userOther->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($user); $userRepo->verifyEmail($user); $userRepo->create($userOther); $userRepo->verifyEmail($userOther); // reload user object so all flags set correctly $userOther = $userRepo->loadByUserName($userOther->getUsername()); $user = $userRepo->loadByUserName("test"); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); ## Noone can create sites $permissions = $userPerRepo->getPermissionsForUserInIndex(null); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther); $this->assertEquals(0, count($permissions->getPermissions())); ## Now create user group for all users $userGroupModel = new \models\UserGroupModel(); $userGroupModel->setTitle("TITLE"); $userGroupRepo = new \repositories\UserGroupRepository(); $userGroupRepo->createForIndex($userGroupModel); $userGroupRepo->addUserToGroup($user, $userGroupModel); $userGroupRepo->addPermissionToGroup(new \userpermissions\CreateSiteUserPermission(), $userGroupModel, null); ## Now user can create sites, anon can't! $permissions = $userPerRepo->getPermissionsForUserInIndex(null, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex(null, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, false); $this->assertEquals(1, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($user, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInIndex($userOther, true); $this->assertEquals(0, count($permissions->getPermissions())); }
if (isset($_GET['mytimezone']) && in_array($_GET['mytimezone'], $timezones)) { setcookie("siteIndextimezone", $_GET['mytimezone'], time() + 60 * 60 * 24 * 365, '/', $CONFIG->webCommonSessionDomain, false, false); $timezone = $_GET['mytimezone']; } else { if (isset($_COOKIE["siteIndextimezone"]) && in_array($_COOKIE["siteIndextimezone"], $timezones)) { $timezone = $_COOKIE["siteIndextimezone"]; } else { $timezone = 'Europe/London'; } } $app['twig']->addGlobal('currentTimeZone', $timezone); $app['twig']->addGlobal('allowedTimeZones', $timezones); $app['currentTimeZone'] = $timezone; # ////////////// Permissions $userPermissionsRepo = new \repositories\UserPermissionsRepository($app['extensions']); $app['currentUserPermissions'] = $userPermissionsRepo->getPermissionsForUserInIndex($app['currentUser'], false, true); $app['twig']->addGlobal('actionCreateSite', $app['currentUserPermissions']->hasPermission("org.openacalendar", "CREATE_SITE")); }); $permissionCreateSiteRequired = function (Request $request, Application $app) { global $CONFIG; if (!$app['currentUserPermissions']->hasPermission("org.openacalendar", "CREATE_SITE")) { return new RedirectResponse($CONFIG->getWebIndexDomainSecure() . '/you/login'); } }; $appUserRequired = function (Request $request) use($app) { global $CONFIG; if (!$app['currentUser']) { return new RedirectResponse($CONFIG->getWebIndexDomainSecure() . '/you/login'); } }; $appUnverifiedUserRequired = function (Request $request) use($app) {
// User Token $userTokenRepo = new API2ApplicationUserTokenRepository(); if ($data['user_token']) { $app['apiUserToken'] = $userTokenRepo->loadByAppAndUserTokenAndUserSecret($apiapp, $data['user_token'], $data['user_secret']); if ($app['apiUserToken']) { // User $userRepo = new UserAccountRepository(); $app['apiUser'] = $userRepo->loadByID($app['apiUserToken']->getUserId()); } } } // user permissons $userPermissionsRepo = new \repositories\UserPermissionsRepository($app['extensions']); // if app is not editor or token is not editor, remove edit permissions $removeEditPermissions = $app['apiApp'] && !$app['apiApp']->getIsEditor() || $app['apiUserToken'] && !$app['apiUserToken']->getIsEditor(); $app['currentUserPermissions'] = $userPermissionsRepo->getPermissionsForUserInIndex($app['apiUser'], $removeEditPermissions, true); }); $appUserRequired = function (Request $request) use($app) { if (!$app['apiUser']) { // TODO also if app closed die("ERROR"); // TODO something better } }; require APP_ROOT_DIR . '/core/webIndex/indexapi2.routes.php'; foreach ($CONFIG->extensions as $extensionName) { if (file_exists(APP_ROOT_DIR . '/extension/' . $extensionName . '/webIndex/indexapi2.routes.php')) { require APP_ROOT_DIR . '/extension/' . $extensionName . '/webIndex/indexapi2.routes.php'; } } $app->run();