/** * Check if user "owns" a stream template for a publisher * @method isOwner * @static * @param {string} $publisherId * @param {string} $type * @param {string|Users_User} [$user=null] * @return {boolean} */ static function isOwner($publisherId, $type, $user = null) { if (!isset($user)) { $user = Users::loggedInUser(); } else { if (is_string($user)) { $user = Users_User::fetch($user); } } if (!isset($user)) { return false; } // check if user is owner of stream template $stream = new Streams_Stream(); $stream->publisherId = $publisherId; $stream->name = $type . '/'; if (!$stream->retrieve()) { return false; } $stream->calculateAccess($user->id); return $stream->testAdminLevel('own'); }
/** * Calculates whether a given user is authorized by a specific publisher * to create a particular type of stream. * @method isAuthorizedToCreate * @static * @param {string} $userId The user who would be creating the stream. * @param {string} $publisherId The id of the user who would be publishing the stream. * @param {string} $streamType The type of the stream that would be created * @param {array} [$relate=array()] * The user would also be authorized if the stream would be related to * an existing category stream, in which the user has a writeLevel of at least "relate", * and the user that would be publishing this new stream has a template for this stream type * that is related to either the category stream or a template matching the category stream. * To test for this, pass an array with the following keys: * @param {string} $relate.publisherId The id of the user publishing that stream, defaults to $publisherId * @param {string} $relate.streamName The name of the stream to which the new stream would be related * @param {string} $relate.type The type of relation, defaults to "" * @return {Streams_Stream|boolean} Returns a stream template the user must use, * otherwise a boolean true/false to indicate a yes or no regardless of template. */ static function isAuthorizedToCreate($userId, $publisherId, $streamType, $relate = array()) { $authorized = false; if (!empty($relate['streamName'])) { if (empty($relate['publisherId'])) { $relate['publisherId'] = $publisherId; } if (empty($relate['type'])) { $relate['type'] = ''; } } if ($publisherId == $userId) { $authorized = true; // user can publish streams under their own name } if (!$authorized) { // Check for permissions using templates $template = new Streams_Stream(); $template->publisherId = $publisherId; $template->name = $streamType . '/'; $template->type = 'Streams/template'; $retrieved = $template->retrieve(); if (!$retrieved) { $template->publisherId = ''; $retrieved = $template->retrieve(); } if ($retrieved) { $template->calculateAccess($userId); if ($template->testAdminLevel('own')) { $authorized = $template; } } } if (!$authorized and $retrieved and !empty($relate['streamName'])) { // Check if user is perhaps authorized to create a related stream $to_stream = Streams::fetchOne($userId, $relate['publisherId'], $relate['streamName']); if ($to_stream and $to_stream->testWriteLevel('relate')) { $to_template = new Streams_Stream(); $to_template->publisherId = $to_stream->publisherId; $to_template->name = $to_stream->type . '/'; $to_template->type = 'Streams/template'; $retrieved = $to_template->retrieve(); if (!$retrieved) { $to_template->publisherId = ''; $retrieved = $to_template->retrieve(); } if ($retrieved) { $relatedTo = new Streams_RelatedTo(); $relatedTo->toPublisherId = $to_template->publisherId; $relatedTo->toStreamName = $to_template->name; $relatedTo->type = $relate['type']; $relatedTo->fromPublisherId = $template->publisherId; $relatedTo->fromStreamName = $template->name; if ($retrieved = $relatedTo->retrieve()) { $authorized = $template; } } } } return $authorized; }