/** * Performs actions related to security once the legacy kernel has been built. * * @param PostBuildKernelEvent $event */ public function onKernelBuilt(PostBuildKernelEvent $event) { // Ignore if not in web context, if legacy_mode is active or if user is not authenticated if ($this->enabled === false || !$event->getKernelHandler() instanceof ezpWebBasedKernelHandler || $this->configResolver->getParameter('legacy_mode') === true || !$this->isUserAuthenticated()) { return; } $currentUser = $this->repository->getCurrentUser(); $event->getLegacyKernel()->runCallback(function () use($currentUser) { $legacyUser = eZUser::fetch($currentUser->id); eZUser::setCurrentlyLoggedInUser($legacyUser, $legacyUser->attribute('contentobject_id'), eZUser::NO_SESSION_REGENERATE); }, false, false); }
public function getView(Location $location, $viewType) { if ($viewType !== 'full') { return null; } if ($location->getContentInfo()->sectionId !== $this->premiumSectionId) { return null; } if ($this->subscriptionChecker->userIsSubscriber($this->repository->getCurrentUser())) { return null; } return new ContentView("eZDemoBundle:{$viewType}:premium_content.html.twig"); }
/** * Copy Type incl fields and groupIds to a new Type object * * New Type will have $creator as creator / modifier, created / modified should be updated with current time, * updated remoteId and identifier should be appended with '_' + unique string. * * @throws \eZ\Publish\API\Repository\Exceptions\UnauthorizedException if the current-user is not allowed to copy a content type * * @param \eZ\Publish\API\Repository\Values\ContentType\ContentType $contentType * @param \eZ\Publish\API\Repository\Values\User\User $creator if null the current-user is used * * @return \eZ\Publish\API\Repository\Values\ContentType\ContentType */ public function copyContentType( APIContentType $contentType, User $creator = null ) { if ( $this->repository->hasAccess( 'class', 'create' ) !== true ) throw new UnauthorizedException( 'ContentType', 'create' ); if ( empty( $creator ) ) { $creator = $this->repository->getCurrentUser(); } $this->repository->beginTransaction(); try { $spiContentType = $this->contentTypeHandler->copy( $creator->id, $contentType->id, SPIContentType::STATUS_DEFINED ); $this->repository->commit(); } catch ( Exception $e ) { $this->repository->rollback(); throw $e; } return $this->loadContentType( $spiContentType->id ); }
public function getView(View $view) { $viewType = $view->getViewType(); if ($viewType !== 'full') { return null; } if (!$view instanceof ContentValueView) { return null; } if ($view->getContent()->contentInfo->sectionId !== $this->premiumSectionId) { return null; } if ($this->subscriptionChecker->userIsSubscriber($this->repository->getCurrentUser())) { return null; } return new ContentView("eZDemoBundle:{$viewType}:premium_content.html.twig"); }
/** * Given user is deleted. * * @param $userId * * @throws \eZ\Publish\Core\REST\Server\Exceptions\ForbiddenException * * @return \eZ\Publish\Core\REST\Server\Values\NoContent */ public function deleteUser($userId) { $user = $this->userService->loadUser($userId); if ($user->id == $this->repository->getCurrentUser()->id) { throw new Exceptions\ForbiddenException('Currently authenticated user cannot be deleted'); } $this->userService->deleteUser($user); return new Values\NoContent(); }
/** * Refresh given session. * * @param string $sessionId * * @throws \eZ\Publish\Core\REST\Common\Exceptions\NotFoundException * @return \eZ\Publish\Core\REST\Server\Values\UserSession */ public function refreshSession($sessionId) { /** @var $session \Symfony\Component\HttpFoundation\Session\Session */ $session = $this->request->getSession(); $inputCsrf = $this->request->headers->get('X-CSRF-Token'); if (!$session->isStarted() || $session->getId() != $sessionId || $session == null) { throw new RestNotFoundException("Session not valid"); } return new Values\UserSession($this->repository->getCurrentUser(), $session->getName(), $session->getId(), $inputCsrf, false); }
/** * Return the user object of the current user as well as an information, whether the user is * logged in. * * @return array Array containing the user object and a boolean, whether the user is logged in. * <pre> * array( * 'content' => Values\User\User object, * 'isLogged' => false * ) * </pre> */ public function getCurrentUser() { $currentUser = $this->repository->getCurrentUser(); $result = array(); // $result['versionInfo'] = $currentUser->versionInfo; $result['content'] = $currentUser; $result['isLogged'] = false; // TODO => deprecated function call *loadAnonymousUser()* $anonymousUserId = $this->userService->loadAnonymousUser()->content->versionInfo->contentInfo->id; if ($anonymousUserId && $anonymousUserId != $currentUser->id) { $result['isLogged'] = true; } return $result; }
/** * Get current user * * @return \eZ\Publish\API\Repository\Values\User\User */ public function getCurrentUser() { return $this->repository->getCurrentUser(); }