static function authorize($domain, $userid)
{
$context = Model_Context::getInstance();
if (!isset($_SESSION['identity'])) {
$_SESSION['identity'] = array();
}
if (!isset($_SESSION['identity'][$domain])) {
$_SESSION['identity'][$domain] = array();
}
$_SESSION['identity'][$domain] = $userid;
if ($domain != 'textcube') {
return;
}
/* Support code for legacy */
$_SESSION['userid'] = $userid;
if ($userid == 1) {
$ownership = "group.creators";
} else {
$ownership = "group.owners";
}
$data = DBModel::getInstance();
$data->reset('Privileges');
$data->setQualifier('userid', 'equals', intval($userid));
$result = $data->getAll('blogid,acl');
foreach ($result as $rec) {
$priv = array("group.writers", "textcube.{$userid}");
if ($rec['acl'] & BITWISE_OWNER) {
array_push($priv, $ownership);
}
if ($rec['acl'] & BITWISE_EDITOR) {
array_push($priv, "group.editors");
}
if ($rec['acl'] & BITWISE_ADMINISTRATOR) {
array_push($priv, "group.administrators");
}
Acl::setAcl($rec['blogid'], $priv, false);
}
$blogid = getBlogId();
$data->reset('Privileges');
$data->setQualifier('blogid', 'equals', $blogid);
$data->setQualifier('userid', 'equals', intval($userid));
$data->setAttribute('lastLogin', Timestamp::getUNIXtime());
$data->update();
return;
}
<?php
/// Copyright (c) 2004-2016, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('GET' => array('identify' => array('string', 'min' => 1), 'owner' => array('email')));
require ROOT . '/library/preprocessor.php';
requireStrictRoute();
requirePrivilege('group.creators');
if ($uid = User::getUserIdByEmail($_GET['owner'])) {
$result = addBlog('', $uid, $_GET['identify']);
if ($result === true) {
if ($_GET['owner'] == User::getEmail(getUserId())) {
/// Update current user's access list.
$priv = array();
array_push($priv, "group.administrators");
Acl::setAcl($rec['blogid'], $priv, true);
}
Respond::PrintResult(array('error' => 0));
} else {
Respond::PrintResult(array('error' => -1, 'result' => $result));
}
} else {
Respond::PrintResult(array('error' => -2, 'result' => _t('등록되지 않은 소유자 E-mail 입니다.')));
}
