/**
* Unlinks a local account from Twitter
*
* @access public
* @return void
**/
public function unlink_user($user_id = NULL)
{
// Grab reference to the userobject
$_userobj =& get_userobject();
// --------------------------------------------------------------------------
if (NULL === $user_id) {
$_uid = active_user('id');
} else {
if (is_callable(array($_userobj, 'get_by_id'))) {
$_u = get_userobject()->get_by_id($user_id);
if (!empty($_u->id)) {
$_uid = $_u->id;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
// --------------------------------------------------------------------------
// Update our user
if (is_callable(array($_userobj, 'update'))) {
$_data = array();
$_data['tw_id'] = NULL;
$_data['tw_token'] = NULl;
$_data['tw_secret'] = NULl;
return $_userobj->update($_uid, $_data);
} else {
return TRUE;
}
}
/**
* Construct the model
*
* @access public
* @return void
**/
public function __construct()
{
parent::__construct();
// --------------------------------------------------------------------------
// Ensure models all have access to the global user_model
if (function_exists('get_userobject')) {
$this->user_model = get_userobject();
$this->user = get_userobject();
}
// --------------------------------------------------------------------------
// Set the cache method
// TODO: check for availability of things like memcached
// TODO: apply same logic to CDN library
$this->_cache_values = array();
$this->_cache_keys = array();
$this->_cache_method = 'LOCAL';
// --------------------------------------------------------------------------
// Define defaults
$this->_errors = $this->clear_errors();
$this->_destructive_delete = TRUE;
$this->_table_id_column = 'id';
$this->_table_slug_column = 'slug';
$this->_table_label_column = 'label';
$this->_table_auto_set_timestamps = TRUE;
$this->_deleted_flag = 'is_deleted';
$this->_per_page = 50;
}
function user_has_permission($permission, $user = NULL)
{
$_usr_obj = get_userobject();
if ($_usr_obj) {
return $_usr_obj->has_permission($permission, $user);
} else {
return FALSE;
}
}
function show_401($message = '<strong>Sorry,</strong> you need to be logged in to see that page.')
{
$_usr = get_userobject();
// Logged in users can't be redirected to log in, they
// simply get an unauthorised page
if ($_usr->is_logged_in()) {
show_error('The page you are trying to view is restricted. Sadly you don\'t have enough permissions to see it\'s content.', 401, 'Sorry, you are not authorised to view this page');
}
$_ci =& get_instance();
$_ci->session->set_flashdata('message', $message);
if ($_ci->input->server('REQUEST_URI')) {
$_return = $_ci->input->server('REQUEST_URI');
} elseif (uri_string()) {
$_return = uri_string();
} else {
$_return = '';
}
$_return = $_return ? '?return_to=' . urlencode($_return) : '';
redirect('auth/login' . $_return);
}
// can make sure there'll be some output before we render the box header (i.e
// if a user only has access to an unlisted method they won't have an options
// here - e.g edit member - themselves - but not view members).
$_options = array();
foreach ($config->funcs as $method => $label) {
$_temp = new stdClass();
$_temp->is_active = FALSE;
$_temp->label = $label;
$_temp->method = $method;
$_temp->url = 'admin/' . $module . '/' . $method;
$_temp->notification = new stdClass();
$_temp->notification->type = '';
$_temp->notification->title = '';
$_temp->notification->value = '';
// Is the method enabled?
if (get_userobject()->is_superuser() || isset($_acl['admin'][$module][$method])) {
// Method enabled?
$_temp->is_active = $this->uri->rsegment(1) == $module && $this->uri->rsegment(2) == $method ? 'current' : '';
// Notifications for this method?
if (!empty($_notifications[$method])) {
$_temp->notification->type = isset($_notifications[$method]['type']) ? $_notifications[$method]['type'] : 'neutral';
$_temp->notification->title = isset($_notifications[$method]['title']) ? $_notifications[$method]['title'] : '';
$_temp->notification->value = isset($_notifications[$method]['value']) ? $_notifications[$method]['value'] : '';
$_temp->notification->options = isset($_notifications[$method]['options']) ? $_notifications[$method]['options'] : '';
}
// --------------------------------------------------------------------------
// Add to main $_options array
$_options[] = $_temp;
}
}
// --------------------------------------------------------------------------
/**
* Create an event object
*
* @access public
* @param string $type The type of event to create
* @param int $created_by The event creator (NULL == system)
* @param int/array $interested_party The ID of an interested aprty (array for multiple interested parties)
* @param mixed $data Any data to store alongside the event object
* @param int $ref A numeric reference to store alongside the event (e.g the id of the object the event relates to)
* @param string $recorded A strtotime() friendly string of the date to use instead of NOW() for the created date
* @return int or boolean
**/
public function create($type, $created_by = NULL, $level = 0, $interested_parties = NULL, $data = NULL, $ref = NULL, $recorded = NULL)
{
// Admins logged in as people shouldn't be creating events, GHOST MODE, woooooooo
// Ghost mode runs on production only, all other environments generate events (for testing)
if (ENVIRONMENT == 'production' && get_userobject()->was_admin()) {
return TRUE;
}
// --------------------------------------------------------------------------
if (empty($type)) {
$this->_add_error('Event type not defined.');
return FALSE;
}
// --------------------------------------------------------------------------
if (!is_string($type)) {
$this->_add_error('Event type must be a string.');
return FALSE;
}
// --------------------------------------------------------------------------
// Get the event type
if (!isset($this->_event_type[$type])) {
$this->db->select('id');
$this->db->where('slug', $type);
$this->_event_type[$type] = $this->db->get(NAILS_DB_PREFIX . 'event_type')->row();
if (!$this->_event_type[$type]) {
show_error('Unrecognised event type.');
}
}
// --------------------------------------------------------------------------
// Prep created by
$created_by = (int) $created_by;
if (!$created_by) {
$created_by = active_user('id') ? (int) active_user('id') : NULL;
}
// --------------------------------------------------------------------------
// Prep data
$_data = array();
$_data['type_id'] = (int) $this->_event_type[$type]->id;
$_data['created_by'] = $created_by;
$_data['url'] = uri_string();
$_data['data'] = $data ? serialize($data) : NULL;
$_data['ref'] = (int) $ref;
$_data['ref'] = $_data['ref'] ? $_data['ref'] : NULL;
$_data['level'] = $level;
// --------------------------------------------------------------------------
$this->db->set($_data);
if ($recorded) {
$_data['created'] = date('Y-m-d H:i:s', strtotime($recorded));
} else {
$this->db->set('created', 'NOW()', FALSE);
}
// --------------------------------------------------------------------------
// Create the event
$this->db->insert(NAILS_DB_PREFIX . 'event');
// --------------------------------------------------------------------------
if (!$this->db->affected_rows()) {
$this->_add_error('Event could not be created');
return FALSE;
} else {
$_event_id = $this->db->insert_id();
}
// --------------------------------------------------------------------------
/**
* Add the interested parties.
* The creator (if one is defined) will also be added as an interested party
* however it will be immediately marked as read (so as not to generate a
* notification badge for them.
*
**/
// Prep the $_data array
$_data = array();
if ($created_by) {
$_data[] = array('event_id' => $_event_id, 'user_id' => $created_by, 'is_read' => TRUE);
}
// --------------------------------------------------------------------------
// Add the other interested parties (if any)
if ($interested_parties !== NULL) {
if (is_numeric($interested_parties)) {
$interested_parties = array($interested_parties);
}
// --------------------------------------------------------------------------
foreach ($interested_parties as $ip) {
// Don't add the creator as an interested party
if ($ip == $created_by) {
continue;
}
// --------------------------------------------------------------------------
$_data[] = array('event_id' => $_event_id, 'user_id' => $ip, 'is_read' => FALSE);
}
}
// --------------------------------------------------------------------------
if ($_data) {
// Attempt to add interested parties
$this->db->insert_batch(NAILS_DB_PREFIX . 'event_interested_party', $_data);
if ($this->db->affected_rows()) {
// All good! Return the new event ID
return $_event_id;
} else {
$this->_add_error('Interested parties failed to add, event not created');
// Roll back the event
$this->db->where('id', $_event_id);
$this->db->delete(NAILS_DB_PREFIX . 'event');
return FALSE;
}
} else {
// No interested parties, so simply return the event ID
return $_event_id;
}
// --------------------------------------------------------------------------
// Return result
return TRUE;
}
/**
* Unlinks a local account from Facebook
*
* @access public
* @param int $user_id The ID of the user to unlink
* @return void
**/
public function unlink_user($user_id = NULL)
{
// Grab reference to the userobject
$_userobj =& get_userobject();
// --------------------------------------------------------------------------
if (NULL === $user_id) {
$_uid = active_user('id');
$_fb_id = active_user('fb_id');
} else {
if (is_callable(array($_userobj, 'get_by_id'))) {
$_u = get_userobject()->get_by_id($user_id);
if (!empty($_u->fb_id)) {
$_uid = $_u->id;
$_fb_id = $_u->fb_id;
} else {
return FALSE;
}
} else {
return FALSE;
}
}
// --------------------------------------------------------------------------
// Attempt to revoke permissions on Facebook
$this->_facebook->api('/' . $_fb_id . '/permissions', 'DELETE');
// --------------------------------------------------------------------------
$this->_facebook->destroySession();
// --------------------------------------------------------------------------
// Update our user
if (is_callable(array($_userobj, 'update'))) {
$_data = array();
$_data['fb_id'] = NULL;
$_data['fb_token'] = NULl;
return $_userobj->update($_uid, $_data);
} else {
return TRUE;
}
}
/**
* Creates a new bucket
*
* @access public
* @param string
* @return boolean
**/
public function bucket_create($bucket)
{
$_dir = DEPLOY_CDN_PATH . $bucket;
if (is_dir($_dir) && is_writeable($_dir)) {
return TRUE;
}
// --------------------------------------------------------------------------
if (@mkdir($_dir)) {
return TRUE;
} else {
if (get_userobject()->is_superuser()) {
$this->cdn->set_error(lang('cdn_error_bucket_mkdir_su', $_dir));
} else {
$this->cdn->set_error(lang('cdn_error_bucket_mkdir'));
}
return FALSE;
}
}
/**
* Determines whether the active_user() can access the specified module
*
* @access static
* @param $module A reference to the module definition
* @param $file The file we're checking
* @return mixed
*
**/
static function _can_access(&$module, $file)
{
$_acl = active_user('acl');
$_module = basename($file, '.php');
// --------------------------------------------------------------------------
// Super users can see what they like
if (get_userobject()->is_superuser()) {
return $module;
}
// --------------------------------------------------------------------------
// Everyone else needs to have the correct ACL
if (isset($_acl['admin'][$_module])) {
return $module;
} else {
return NULL;
}
}
/**
* Send an email
*
* @access public
* @param object $input The input object
* @param bool $graceful Whether to gracefully fail or not
* @return void
**/
public function send($input, $graceful = FALSE)
{
// We got something to work with?
if (empty($input)) {
$this->_set_error('EMAILER: No input');
return FALSE;
}
// --------------------------------------------------------------------------
// Ensure $input is an object
if (!is_object($input)) {
$input = (object) $input;
}
// --------------------------------------------------------------------------
// Check we have at least a user_id/email and an email type
if (empty($input->to_id) && empty($input->to_email) || empty($input->type)) {
$this->_set_error('EMAILER: Missing user ID, user email or email type');
return FALSE;
}
// --------------------------------------------------------------------------
// If no email has been given make sure it's NULL
if (empty($input->to_email)) {
$input->to_email = NULL;
}
// --------------------------------------------------------------------------
// If no id has been given make sure it's NULL
if (empty($input->to_id)) {
$input->to_id = NULL;
}
// --------------------------------------------------------------------------
// If no internal_ref has been given make sure it's NULL
if (empty($input->internal_ref)) {
$input->internal_ref = NULL;
}
// --------------------------------------------------------------------------
// Make sure that at least empty data is available
if (empty($input->data)) {
$input->data = array();
}
// --------------------------------------------------------------------------
// Lookup the email type (caching it as we go)
if (empty($this->email_type[$input->type])) {
$this->db->where('et.slug', $input->type);
$this->email_type[$input->type] = $this->db->get(NAILS_DB_PREFIX . 'email_type et')->row();
if (!$this->email_type[$input->type]) {
if (!$graceful) {
show_error('EMAILER: Invalid Email Type "' . $input->type . '"');
} else {
$this->_set_error('EMAILER: Invalid Email Type "' . $input->type . '"');
}
return FALSE;
}
}
// --------------------------------------------------------------------------
// If we're sending to an email address, try and associate it to a registered user
if ($input->to_email) {
$_user = get_userobject()->get_by_email($input->to_email);
if ($_user) {
$input->to_id = $_user->id;
}
} else {
// Sending to an ID, fetch the user's email
$_user = get_userobject()->get_by_id($input->to_id);
if (!empty($_user->email)) {
$input->to_email = $_user->email;
}
}
// --------------------------------------------------------------------------
// Check to see if the user has opted out of receiving these emails
if ($input->to_id) {
if ($this->user_has_unsubscribed($input->to_id, $this->email_type[$input->type]->id)) {
// User doesn't want to receive these notifications; abort.
return TRUE;
}
}
// --------------------------------------------------------------------------
// Generate a unique reference - ref is sent in each email and can allow the
// system to generate 'view online' links
$input->ref = $this->_generate_reference();
// --------------------------------------------------------------------------
// Double check we have an email address (a user may exist but not have an
// email address set)
if (empty($input->to_email)) {
if (!$graceful) {
show_error('EMAILER: No email address to send to.');
} else {
$this->_set_error('EMAILER: No email address to send to.');
FALSE;
}
}
// --------------------------------------------------------------------------
// Add to the archive table
$this->db->set('ref', $input->ref);
$this->db->set('user_id', $input->to_id);
$this->db->set('user_email', $input->to_email);
$this->db->set('type_id', $this->email_type[$input->type]->id);
$this->db->set('email_vars', serialize($input->data));
$this->db->set('internal_ref', $input->internal_ref);
$this->db->insert(NAILS_DB_PREFIX . 'email_archive');
if ($this->db->affected_rows()) {
$input->id = $this->db->insert_id();
} else {
if (!$graceful) {
show_error('EMAILER: Insert Failed.');
} else {
$this->_set_error('EMAILER: Insert Failed.');
FALSE;
}
}
if ($this->_send($input->id, $graceful)) {
return $input->ref;
} else {
return FALSE;
}
}
