1 | <?php |
||
2 | /** |
||
3 | * webtrees: online genealogy |
||
4 | * Copyright (C) 2019 webtrees development team |
||
5 | * This program is free software: you can redistribute it and/or modify |
||
6 | * it under the terms of the GNU General Public License as published by |
||
7 | * the Free Software Foundation, either version 3 of the License, or |
||
8 | * (at your option) any later version. |
||
9 | * This program is distributed in the hope that it will be useful, |
||
10 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
11 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
12 | * GNU General Public License for more details. |
||
13 | * You should have received a copy of the GNU General Public License |
||
14 | * along with this program. If not, see <http://www.gnu.org/licenses/>. |
||
15 | */ |
||
16 | namespace Fisharebest\Webtrees; |
||
17 | |||
18 | /** |
||
19 | * Authentication. |
||
20 | */ |
||
21 | class Auth |
||
22 | { |
||
23 | // Privacy constants |
||
24 | const PRIV_PRIVATE = 2; // Allows visitors to view the item |
||
25 | const PRIV_USER = 1; // Allows members to access the item |
||
26 | const PRIV_NONE = 0; // Allows managers to access the item |
||
27 | const PRIV_HIDE = -1; // Hide the item to all users |
||
28 | |||
29 | /** |
||
30 | * Are we currently logged in? |
||
31 | * |
||
32 | * @return bool |
||
33 | */ |
||
34 | public static function check() |
||
35 | { |
||
36 | return self::id() !== null; |
||
37 | } |
||
38 | |||
39 | /** |
||
40 | * Is the specified/current user an administrator? |
||
41 | * |
||
42 | * @param User|null $user |
||
43 | * |
||
44 | * @return bool |
||
45 | */ |
||
46 | public static function isAdmin(User $user = null) |
||
47 | { |
||
48 | if ($user === null) { |
||
49 | $user = self::user(); |
||
50 | } |
||
51 | |||
52 | return $user && $user->getPreference('canadmin') === '1'; |
||
53 | } |
||
54 | |||
55 | /** |
||
56 | * Is the specified/current user a manager of a tree? |
||
57 | * |
||
58 | * @param Tree $tree |
||
59 | * @param User|null $user |
||
60 | * |
||
61 | * @return bool |
||
62 | */ |
||
63 | public static function isManager(Tree $tree, User $user = null) |
||
64 | { |
||
65 | if ($user === null) { |
||
66 | $user = self::user(); |
||
67 | } |
||
68 | |||
69 | return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin'; |
||
70 | } |
||
71 | |||
72 | /** |
||
73 | * Is the specified/current user a moderator of a tree? |
||
74 | * |
||
75 | * @param Tree $tree |
||
76 | * @param User|null $user |
||
77 | * |
||
78 | * @return bool |
||
79 | */ |
||
80 | public static function isModerator(Tree $tree, User $user = null) |
||
81 | { |
||
82 | if ($user === null) { |
||
83 | $user = self::user(); |
||
84 | } |
||
85 | |||
86 | return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept'; |
||
87 | } |
||
88 | |||
89 | /** |
||
90 | * Is the specified/current user an editor of a tree? |
||
91 | * |
||
92 | * @param Tree $tree |
||
93 | * @param User|null $user |
||
94 | * |
||
95 | * @return bool |
||
96 | */ |
||
97 | public static function isEditor(Tree $tree, User $user = null) |
||
98 | { |
||
99 | if ($user === null) { |
||
100 | $user = self::user(); |
||
101 | } |
||
102 | |||
103 | return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit'; |
||
104 | } |
||
105 | |||
106 | /** |
||
107 | * Is the specified/current user a member of a tree? |
||
108 | * |
||
109 | * @param Tree $tree |
||
110 | * @param User|null $user |
||
111 | * |
||
112 | * @return bool |
||
113 | */ |
||
114 | public static function isMember(Tree $tree, User $user = null) |
||
115 | { |
||
116 | if ($user === null) { |
||
117 | $user = self::user(); |
||
118 | } |
||
119 | |||
120 | return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access'; |
||
121 | } |
||
122 | |||
123 | /** |
||
124 | * What is the specified/current user's access level within a tree? |
||
125 | * |
||
126 | * @param Tree $tree |
||
127 | * @param User|null $user |
||
128 | * |
||
129 | * @return int |
||
130 | */ |
||
131 | public static function accessLevel(Tree $tree, User $user = null) |
||
132 | { |
||
133 | if ($user === null) { |
||
134 | $user = self::user(); |
||
135 | } |
||
136 | |||
137 | if (self::isManager($tree, $user)) { |
||
138 | return self::PRIV_NONE; |
||
139 | } elseif (self::isMember($tree, $user)) { |
||
140 | return self::PRIV_USER; |
||
141 | } else { |
||
142 | return self::PRIV_PRIVATE; |
||
143 | } |
||
144 | } |
||
145 | |||
146 | /** |
||
147 | * Is the current visitor a search engine? The global is set in session.php |
||
148 | * |
||
149 | * @return bool |
||
150 | */ |
||
151 | public static function isSearchEngine() |
||
152 | { |
||
153 | global $SEARCH_SPIDER; |
||
154 | |||
155 | return $SEARCH_SPIDER; |
||
156 | } |
||
157 | |||
158 | /** |
||
159 | * The ID of the authenticated user, from the current session. |
||
160 | * |
||
161 | * @return string|null |
||
162 | */ |
||
163 | public static function id() |
||
164 | { |
||
165 | return Session::get('wt_user'); |
||
166 | } |
||
167 | |||
168 | /** |
||
169 | * The authenticated user, from the current session. |
||
170 | * |
||
171 | * @return User |
||
172 | */ |
||
173 | public static function user() |
||
174 | { |
||
175 | $user = User::find(self::id()); |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
176 | if ($user === null) { |
||
177 | $visitor = new \stdClass; |
||
178 | $visitor->user_id = ''; |
||
179 | $visitor->user_name = ''; |
||
180 | $visitor->real_name = ''; |
||
181 | $visitor->email = ''; |
||
182 | |||
183 | return new User($visitor); |
||
184 | } else { |
||
185 | return $user; |
||
186 | } |
||
187 | } |
||
188 | |||
189 | /** |
||
190 | * Login directly as an explicit user - for masquerading. |
||
191 | * |
||
192 | * @param User $user |
||
193 | */ |
||
194 | public static function login(User $user) |
||
195 | { |
||
196 | Session::regenerate(false); |
||
197 | Session::put('wt_user', $user->getUserId()); |
||
198 | } |
||
199 | |||
200 | /** |
||
201 | * End the session for the current user. |
||
202 | */ |
||
203 | public static function logout() |
||
204 | { |
||
205 | Session::regenerate(true); |
||
206 | } |
||
207 | } |
||
208 |