header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time() + 30 * 60)); $data = array(); // TODO would like to depreceate httpDomain and get scripts to just use httpDomainIndex & httpDomainSite for clarity $data['httpDomain'] = $site->getSlug() . "." . $CONFIG->webSiteDomain; $data['httpDomainIndex'] = $CONFIG->webIndexDomain; if ($CONFIG->hasSSL) { $data['hasSSL'] = true; $data['httpsDomain'] = $site->getSlug() . "." . $CONFIG->webSiteDomainSSL; $data['httpsDomainIndex'] = $CONFIG->webIndexDomainSSL; } else { $data['hasSSL'] = false; } $data['twitter'] = $CONFIG->contactTwitter; $data['isSingleSiteMode'] = false; $user = userGetCurrent(); if ($user) { $data['currentUser'] = array('username' => $user->getUsername()); } else { $data['currentUser'] = false; } $removeEditorPermissions = false; $userHasNoEditorPermissionsInSiteRepo = new UserHasNoEditorPermissionsInSiteRepository(); if ($app['currentUser'] && $userHasNoEditorPermissionsInSiteRepo->isUserInSite($app['currentUser'], $site)) { $removeEditorPermissions = true; } $userPermissionsRepo = new \repositories\UserPermissionsRepository($app['extensions']); $currentUserPermissions = $userPermissionsRepo->getPermissionsForUserInSite($user, $site, $removeEditorPermissions, true); $data['currentUserPermissions'] = $currentUserPermissions->getAsArrayForJSON(); print "var config = " . json_encode($data); } }
if ($app['currentSite']->getIsClosedBySysAdmin()) { $app['twig']->addGlobal('currentUserInSite', null); $app['twig']->addGlobal('currentUserCanAdminSite', false); $app['twig']->addGlobal('currentUserCanEditSite', false); return new Response($app['twig']->render('site/closed_by_sys_admin.html.twig', array())); } # ////////////// Features $siteFeaturesRepo = new repositories\SiteFeatureRepository($app); $app['currentSiteFeatures'] = new SiteFeaturesList($siteFeaturesRepo->getForSiteAsTree($app['currentSite'])); $app['twig']->addGlobal('currentSiteFeatures', $app['currentSiteFeatures']); $app['currentSiteFeatures']->setFeaturesOnSite($app['currentSite']); # ////////////// Permissions and Watch $userPermissionsRepo = new \repositories\UserPermissionsRepository($app['extensions']); // We do not check UserHasNoEditorPermissionsInSiteRepository(); because that is site mode only. // In Single Site mode sysadmins can remove this right. $app['currentUserPermissions'] = $userPermissionsRepo->getPermissionsForUserInSite($app['currentUser'], $app['currentSite'], false, true); # ////////////// User and their watch and perms $app['currentUserActions'] = new UserActionsSiteList($app['currentSite'], $app['currentUserPermissions']); $app['currentUserWatchesSite'] = false; if ($app['currentUser']) { $uwsr = new UserWatchesSiteRepository(); $uws = $uwsr->loadByUserAndSite($app['currentUser'], $app['currentSite']); $app['currentUserWatchesSite'] = $uws && $uws->getIsWatching(); } $app['twig']->addGlobal('currentUserActions', $app['currentUserActions']); $app['twig']->addGlobal('currentUserWatchesSite', $app['currentUserWatchesSite']); # ////////////// if not current user, let templates see what currentUser could do if (!$app['currentUser']) { // We don't pass $removeEditorPermissions here because that is about specific users being banned and this is potential users $app['anyVerifiedUserPermissions'] = $userPermissionsRepo->getPermissionsForAnyVerifiedUserInSite($app['currentSite'], false, true); $app['anyVerifiedUserActions'] = new UserActionsSiteList($app['currentSite'], $app['anyVerifiedUserPermissions']);
// User Token $userTokenRepo = new API2ApplicationUserTokenRepository(); if ($data['user_token']) { $app['apiUserToken'] = $userTokenRepo->loadByAppAndUserTokenAndUserSecret($apiapp, $data['user_token'], $data['user_secret']); if ($app['apiUserToken']) { // User $userRepo = new UserAccountRepository(); $app['apiUser'] = $userRepo->loadByID($app['apiUserToken']->getUserId()); } } } // user permissons $userPermissionsRepo = new \repositories\UserPermissionsRepository($app['extensions']); // if app is not editor or token is not editor, remove edit permissions $removeEditPermissions = $app['apiApp'] && !$app['apiApp']->getIsEditor() || $app['apiUserToken'] && !$app['apiUserToken']->getIsEditor(); $app['currentUserPermissions'] = $userPermissionsRepo->getPermissionsForUserInSite($app['apiUser'], $app['currentSite'], $removeEditPermissions, true); // finally user actions $app['currentUserActions'] = new UserActionsSiteList($app['currentSite'], $app['currentUserPermissions']); }); $appUserRequired = function (Request $request) use($app) { if (!$app['apiUser']) { // TODO also if app closed die("ERROR"); // TODO something better } }; $appUserPermissionCalendarChangeRequired = function (Request $request) use($app) { if (!$app['apiUser']) { // TODO also if app closed die("ERROR"); // TODO something better
function testSiteOwnerSpecificEdit() { global $CONFIG; $CONFIG->newUsersAreEditors = true; $this->addCountriesToTestDB(); $userOwner = new UserAccountModel(); $userOwner->setEmail("*****@*****.**"); $userOwner->setUsername("test"); $userOwner->setPassword("password"); $userVerified = new UserAccountModel(); $userVerified->setEmail("*****@*****.**"); $userVerified->setUsername("verified"); $userVerified->setPassword("password"); $userUnverified = new UserAccountModel(); $userUnverified->setEmail("*****@*****.**"); $userUnverified->setUsername("unverified"); $userUnverified->setPassword("password"); $userRepo = new UserAccountRepository(); $userRepo->create($userOwner); $userRepo->verifyEmail($userOwner); $userRepo->create($userVerified); $userRepo->verifyEmail($userVerified); $userRepo->create($userUnverified); // reload user object so all flags set correctly $userOwner = $userRepo->loadByUserName($userOwner->getUsername()); $userVerified = $userRepo->loadByUserName($userVerified->getUsername()); $userUnverified = $userRepo->loadByUserName($userUnverified->getUsername()); $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); $siteModel = new \models\SiteModel(); $siteModel->setTitle("Test"); $siteModel->setSlug("test"); $siteRepository = new \repositories\SiteRepository(); $countryRepository = new \repositories\CountryRepository(); $siteRepository->create($siteModel, $userOwner, array($countryRepository->loadByTwoCharCode("GB")), $this->getSiteQuotaUsedForTesting(), false); ## Check! $extensionsManager = new ExtensionManager($this->app); $userPerRepo = new \repositories\UserPermissionsRepository($extensionsManager); $permissions = $userPerRepo->getPermissionsForUserInSite($userOwner, $siteModel, false); $this->assertEquals(2, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userOwner, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userVerified, $siteModel, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userVerified, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userUnverified, $siteModel, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForUserInSite($userUnverified, $siteModel, true); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnonymousInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnyUserInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); $permissions = $userPerRepo->getPermissionsForAnyVerifiedUserInSite($siteModel, false, false); $this->assertEquals(0, count($permissions->getPermissions())); }