/** * Create an album for the newly created user and give him view and edit permissions. */ static function user_created($user) { // Create a group with the same name, if necessary $group_name = "auto: {$user->name}"; $group = identity::lookup_group_by_name($group_name); if (!$group) { $group = identity::create_group($group_name); identity::add_user_to_group($user, $group); } // Create an album for the user, if it doesn't exist $album = ORM::factory("item")->where("parent_id", "=", item::root()->id)->where("name", "=", $user->name)->find(); if (!$album->loaded()) { $album->type = "album"; $album->name = $user->name; $album->title = "{$user->name}'s album"; $album->parent_id = item::root()->id; $album->sort_column = "weight"; $album->sort_order = "asc"; $album->save(); access::allow($group, "view", item::root()); access::allow($group, "view_full", $album); access::allow($group, "edit", $album); access::allow($group, "add", $album); } }
static function create_new_user($id) { $user = ORM::factory("pending_user", $id); $password = md5(rand()); $new_user = identity::create_user($user->name, $user->full_name, $password); $new_user->email = $user->email; $new_user->url = $user->url; $new_user->admin = false; $new_user->guest = false; $new_user->save(); $default_group = module::get_var("registration", "default_group"); if (!empty($default_group)) { identity::add_user_to_group($new_user, $default_group); } $user->hash = md5(rand()); $user->state = 2; $user->save(); self::send_user_created_confirmation($user, $password); return $new_user; }
static function album_add_form_completed($album, $form) { if ($form->privacy->private->checked) { $username = $form->privacy->username->value; $password = $form->privacy->password->value; // TODO validation // create a group based on username $group = identity::create_group($username); // create a user based on username $user = identity::create_user($username, $username, $password, $username . "@unknown.com"); identity::add_user_to_group($user, $group); // create user home $home = ORM::factory("user_home")->where("id", "=", $user->id)->find(); $home->id = $user->id; $home->home = $album->id; $home->save(); // reload album $album->reload(); // set permissions // deny all groups. $groups = ORM::factory("group")->find_all(); foreach ($groups as $group2) { if ($group->id != $group2->id) { access::deny($group2, "view", $album); access::deny($group2, "view_full", $album); } } // deny all other albums $albums = ORM::factory("item")->where("type", "=", "album")->find_all(); foreach ($albums as $albumt) { access::deny($group, "view", $albumt); } // allow access to newly created group access::allow($group, "view_full", $album); $parents = $album->parents(); foreach ($parents as $parent) { access::allow($group, "view", $parent); } access::allow($group, "view", $album); } }