Пример #1
0
 public function test_anonymous()
 {
     $anonymous = User::anonymous();
     $this->assert_true($this->user instanceof User, 'Anonymous user should be a User.');
     $this->assert_equal(0, $anonymous->id, "Anonymous user ID should be 0.");
     $this->assert_equal("Anonymous", $anonymous->username, "Anonymous username should be 'Anonymous'.");
     // @TODO: test action_create_anonymous_user
     unset($anonymous);
 }
Пример #2
0
 /**
  * Preserve anonymity for threads/replies
  */
 public function filter_post_anonymous($anonymous, $post)
 {
     if ($post->content_type == Post::type('thread') || $post->content_type == Post::type('reply')) {
         if (self::$anonymity && $post->info->anonymous) {
             return User::anonymous();
         } else {
             return false;
         }
     } else {
         return $anonymous;
     }
 }
Пример #3
0
	/**
	 * function __get
	 * magic get function for returning virtual properties of the class
	 * @param mixed the property to get
	 * @return mixed the property
	 */
	public function __get( $param )
	{
		switch ( $param ) {
			case 'members':
				$this->load_member_cache();
				return (array) $this->member_ids;
				break;
			case 'users':
				$this->load_member_cache();
				$results = DB::get_results( 'SELECT u.* FROM {users} u INNER JOIN {users_groups} ug ON ug.user_id = u.id WHERE ug.group_id= ?', array( $this->id ), 'User' );
				if ( in_array( 0, $this->member_ids ) ) {
					$results[] = User::anonymous();
				}
				return $results;
			case 'permissions':
				$this->load_permissions_cache();
				return $this->permissions;
				break;
			default:
				return parent::__get( $param );
				break;
		}
	}
Пример #4
0
 /**
  * Handles GET requests for a group's page.
  */
 public function get_group()
 {
     $group = UserGroup::get_by_id($this->handler_vars['id']);
     if (null == $group) {
         Utils::redirect(URL::get('admin', 'page=groups'));
     } else {
         $tokens = ACL::all_tokens('id');
         $access_names = ACL::$access_names;
         $access_names[] = 'deny';
         // attach access bitmasks to the tokens
         foreach ($tokens as $token) {
             $token->access = ACL::get_group_token_access($group->id, $token->id);
         }
         // separate tokens into groups
         $grouped_tokens = array();
         foreach ($tokens as $token) {
             $grouped_tokens[$token->token_group][$token->token_type ? 'crud' : 'bool'][] = $token;
         }
         $group = UserGroup::get_by_id($this->handler_vars['id']);
         $potentials = array();
         $users = Users::get_all();
         $users[] = User::anonymous();
         $members = $group->members;
         $jsusers = array();
         foreach ($users as $user) {
             $jsuser = new StdClass();
             $jsuser->id = $user->id;
             $jsuser->username = $user->username;
             $jsuser->member = in_array($user->id, $members);
             $jsusers[$user->id] = $jsuser;
         }
         $this->theme->potentials = $potentials;
         $this->theme->users = $users;
         $this->theme->members = $members;
         $js = '$(function(){groupManage.init(' . json_encode($jsusers) . ');});';
         Stack::add('admin_header_javascript', $js, 'groupmanage', 'admin');
         $this->theme->access_names = $access_names;
         $this->theme->grouped_tokens = $grouped_tokens;
         $this->theme->groups = UserGroups::get_all();
         $this->theme->group = $group;
         $this->theme->id = $group->id;
         $this->theme->wsse = Utils::WSSE();
         $this->display('group');
     }
 }
Пример #5
0
 /**
  * Handles AJAX requests from the groups page.
  */
 public function ajax_groups($handler_vars)
 {
     Utils::check_request_method(array('GET', 'HEAD'));
     $theme_dir = Plugins::filter('admin_theme_dir', Site::get_dir('admin_theme', true));
     $this->theme = Themes::create('admin', 'RawPHPEngine', $theme_dir);
     $output = '';
     foreach (UserGroups::get_all() as $group) {
         $this->theme->group = $group;
         $group = UserGroup::get_by_id($group->id);
         $users = array();
         foreach ($group->members as $id) {
             $user = $id == 0 ? User::anonymous() : User::get_by_id($id);
             if ($user->id == 0) {
                 $users[] = '<strong>' . $user->displayname . '</strong>';
             } else {
                 $users[] = '<strong><a href="' . URL::get('admin', 'page=user&id=' . $user->id) . '">' . $user->displayname . '</a></strong>';
             }
         }
         $this->theme->users = $users;
         $output .= $this->theme->fetch('groups_item');
     }
     echo json_encode(array('items' => $output));
 }
Пример #6
0
 /**
  * Handles AJAX requests from the groups page.
  */
 public function ajax_groups($handler_vars)
 {
     Utils::check_request_method(array('GET', 'HEAD'));
     $this->create_theme();
     $output = '';
     foreach (UserGroups::get_all() as $group) {
         $this->theme->group = $group;
         $group = UserGroup::get_by_id($group->id);
         $users = array();
         foreach ($group->members as $id) {
             $user = $id == 0 ? User::anonymous() : User::get_by_id($id);
             if ($user->id == 0) {
                 $users[] = '<strong>' . $user->displayname . '</strong>';
             } else {
                 $users[] = '<strong><a href="' . URL::get('admin', 'page=user&id=' . $user->id) . '">' . $user->displayname . '</a></strong>';
             }
         }
         $this->theme->users = $users;
         $output .= $this->theme->fetch('groups_item');
     }
     $ar = new AjaxResponse();
     $ar->data = array('items' => $output);
     $ar->out();
 }
Пример #7
0
     }
     json_error(405, "Invalid method: {$method}", $method);
 } else {
     if ($params = matchUriTemplate('/logout')) {
         if ($method == "POST") {
             User::logout();
             link_header(JSON_ROOT . '/', 'invalidates');
             json_exit(TRUE);
         }
         json_error(405, "Invalid method: {$method}", $method);
     } else {
         if ($params = matchUriTemplate('/{userId}/')) {
             $user = $params->userId == "me" ? User::current($params->userId) : User::open($params->userId);
             if (!$user) {
                 if ($params->userId == "me") {
                     $user = User::anonymous();
                     json_exit($user->get(), SCHEMA_ROOT . "/user");
                 } else {
                     json_error(404, "User not found", $params->userId);
                 }
             }
             if ($method == "GET") {
                 json_exit($user->get(), SCHEMA_ROOT . '/user');
             } else {
                 if ($method == "PUT") {
                     $user->put($jsonData);
                     $user->save();
                     json_exit($user->get(), SCHEMA_ROOT . '/user');
                 }
             }
             json_error(405, "Invalid method: {$method}", $method);
Пример #8
0
 public static function generate_new_user()
 {
     $user_code = User::generate_user_code();
     $new_user = new User();
     $new_user->anonymous($user_code);
     $new_user->created_date(TODAY_DATE);
     $user_id = $new_user->insert();
     return $user_id;
 }
Пример #9
0
 public function tweet_about_posts()
 {
     while (count($this->tweet_about) > 0) {
         $post_id = array_pop($this->tweet_about);
         if (Options::get('twitter__post_status') == '1' && ($post = Post::get($post_id))) {
             $anon = User::anonymous();
             if (Options::get('twitter__post_nonanon') == '1' || $post->get_access($anon)->read) {
                 require_once dirname(__FILE__) . '/lib/twitteroauth/twitteroauth.php';
                 $user = User::get_by_id($post->user_id);
                 $oauth = new TwitterOAuth(Twitter::CONSUMER_KEY_WRITE, Twitter::CONSUMER_SECRET_WRITE, $user->info->twitter__access_token, $user->info->twitter__access_token_secret);
                 $oauth->post('statuses/update', array('status' => Options::get('twitter__prepend') . $post->title . ' ' . $post->permalink));
                 Session::notice(_t('Post Tweeted', 'twitter'));
             } else {
                 Session::notice(_t('Post not tweeted due to access restrictions', 'twitter'));
             }
         }
     }
 }
Пример #10
-1
 public function filter_post_content($content, Post $post)
 {
     if ($post->info->password) {
         // if user logged in, show post
         // make sure it's not just the anonymous user!
         $user = User::identify();
         if ($user instanceof User && $user != User::anonymous()) {
             return $content;
         }
         $session = Session::get_set('post_passwords', false);
         $token = Utils::crypt('42' . $post->info->password . $post->id . Options::get('GUID'));
         // if password was submitted verify it
         if (Controller::get_var('post_password') && Controller::get_var('post_password_id') == $post->id) {
             $pass = InputFilter::filter(Controller::get_var('post_password'));
             if (Utils::crypt($pass, $post->info->password)) {
                 Session::add_to_set('post_passwords', $token, $post->id);
                 $session[$post->id] = $token;
             } else {
                 Session::error(_t('That password was incorrect.', 'postpass'));
             }
         }
         // if password is stored in session verify it
         if (isset($session[$post->id]) && $session[$post->id] == $token) {
             return $content;
         } else {
             $theme = Themes::create();
             $theme->post = $post;
             return $theme->fetch('post_password_form');
         }
     } else {
         return $content;
     }
 }