/** * test view function * @test * @depends test_generate_key */ public function test_view() { //prepare self::login_as_admin(); self::delete_tokens_file(); $paths = array(); $keys = array(); $paths[1] = Settings::$photos_dir . "/tokenfolder"; $paths[2] = Settings::$photos_dir . "/tokenfolder2"; $paths[3] = Settings::$photos_dir . "/tokenfolder/subfolder"; for ($i = 1; $i <= 3; $i++) { if (!file_exists($paths[$i])) { mkdir($paths[$i]); } $keys[$i] = Guesttoken::generate_key(); GuestToken::create($paths[$i], $keys[$i]); } CurrentUser::logout(); //test for ($i = 1; $i <= 3; $i++) { $this->assertTrue(GuestToken::view($keys[$i], $paths[$i])); } $this->assertFalse(GuestToken::view($keys[3], $paths[1])); $this->assertFalse(GuestToken::view($keys[3], $paths[2])); $this->assertFalse(GuestToken::view($keys[2], $paths[1])); $this->assertTrue(GuestToken::view($keys[1], $paths[3])); }
/** * Returns true if the current user may access this file * * @param string $f file to access * @return bool * @author Thibaud Rohmer */ public static function view($f) { // Check if user has an account if (!isset(CurrentUser::$account) && !isset(CurrentUser::$token)) { // User is not logged in $judge = new Judge($f); return $judge->public; } if (!Judge::inGoodPlace($f)) { return false; } // No Judge required for the admin. This guy rocks. if (CurrentUser::$admin) { return true; } // Create Judge $judge = new Judge($f); // Public file if ($judge->public) { return true; } if (isset(CurrentUser::$account)) { // User allowed if (in_array(CurrentUser::$account->login, $judge->users)) { return true; } // User in allowed group foreach (CurrentUser::$account->groups as $group) { if (in_array($group, $judge->groups)) { return true; } } } if (isset(CurrentUser::$token)) { if (GuestToken::view(CurrentUser::$token, $f)) { return true; } } return false; }