1a25f0a04SGreg Roach<?php 2a25f0a04SGreg Roach/** 3a25f0a04SGreg Roach * webtrees: online genealogy 4*1062a142SGreg Roach * Copyright (C) 2018 webtrees development team 5a25f0a04SGreg Roach * This program is free software: you can redistribute it and/or modify 6a25f0a04SGreg Roach * it under the terms of the GNU General Public License as published by 7a25f0a04SGreg Roach * the Free Software Foundation, either version 3 of the License, or 8a25f0a04SGreg Roach * (at your option) any later version. 9a25f0a04SGreg Roach * This program is distributed in the hope that it will be useful, 10a25f0a04SGreg Roach * but WITHOUT ANY WARRANTY; without even the implied warranty of 11a25f0a04SGreg Roach * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12a25f0a04SGreg Roach * GNU General Public License for more details. 13a25f0a04SGreg Roach * You should have received a copy of the GNU General Public License 14a25f0a04SGreg Roach * along with this program. If not, see <http://www.gnu.org/licenses/>. 15a25f0a04SGreg Roach */ 1676692c8bSGreg Roachnamespace Fisharebest\Webtrees; 17a25f0a04SGreg Roach 18a25f0a04SGreg Roach/** 1976692c8bSGreg Roach * Authentication. 20a25f0a04SGreg Roach */ 21a25f0a04SGreg Roachclass Auth { 224b9ff166SGreg Roach // Privacy constants 234b9ff166SGreg Roach const PRIV_PRIVATE = 2; // Allows visitors to view the item 244b9ff166SGreg Roach const PRIV_USER = 1; // Allows members to access the item 254b9ff166SGreg Roach const PRIV_NONE = 0; // Allows managers to access the item 264b9ff166SGreg Roach const PRIV_HIDE = -1; // Hide the item to all users 274b9ff166SGreg Roach 28a25f0a04SGreg Roach /** 29a25f0a04SGreg Roach * Are we currently logged in? 30a25f0a04SGreg Roach * 31cbc1590aSGreg Roach * @return bool 32a25f0a04SGreg Roach */ 33a25f0a04SGreg Roach public static function check() { 344b9ff166SGreg Roach return self::id() !== null; 35a25f0a04SGreg Roach } 36a25f0a04SGreg Roach 37a25f0a04SGreg Roach /** 38a25f0a04SGreg Roach * Is the specified/current user an administrator? 39a25f0a04SGreg Roach * 40a25f0a04SGreg Roach * @param User|null $user 41a25f0a04SGreg Roach * 42cbc1590aSGreg Roach * @return bool 43a25f0a04SGreg Roach */ 44a25f0a04SGreg Roach public static function isAdmin(User $user = null) { 45a25f0a04SGreg Roach if ($user === null) { 46a25f0a04SGreg Roach $user = self::user(); 47a25f0a04SGreg Roach } 48a25f0a04SGreg Roach 49a25f0a04SGreg Roach return $user && $user->getPreference('canadmin') === '1'; 50a25f0a04SGreg Roach } 51a25f0a04SGreg Roach 52a25f0a04SGreg Roach /** 534b9ff166SGreg Roach * Is the specified/current user a manager of a tree? 54a25f0a04SGreg Roach * 5584caa210SGreg Roach * @param Tree $tree 56a25f0a04SGreg Roach * @param User|null $user 57a25f0a04SGreg Roach * 58cbc1590aSGreg Roach * @return bool 59a25f0a04SGreg Roach */ 6084caa210SGreg Roach public static function isManager(Tree $tree, User $user = null) { 61a25f0a04SGreg Roach if ($user === null) { 62a25f0a04SGreg Roach $user = self::user(); 63a25f0a04SGreg Roach } 64a25f0a04SGreg Roach 65a25f0a04SGreg Roach return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin'; 66a25f0a04SGreg Roach } 67a25f0a04SGreg Roach 68a25f0a04SGreg Roach /** 694b9ff166SGreg Roach * Is the specified/current user a moderator of a tree? 70a25f0a04SGreg Roach * 7184caa210SGreg Roach * @param Tree $tree 72a25f0a04SGreg Roach * @param User|null $user 73a25f0a04SGreg Roach * 74cbc1590aSGreg Roach * @return bool 75a25f0a04SGreg Roach */ 7684caa210SGreg Roach public static function isModerator(Tree $tree, User $user = null) { 77a25f0a04SGreg Roach if ($user === null) { 78a25f0a04SGreg Roach $user = self::user(); 79a25f0a04SGreg Roach } 80a25f0a04SGreg Roach 81a25f0a04SGreg Roach return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept'; 82a25f0a04SGreg Roach } 83a25f0a04SGreg Roach 84a25f0a04SGreg Roach /** 854b9ff166SGreg Roach * Is the specified/current user an editor of a tree? 86a25f0a04SGreg Roach * 8784caa210SGreg Roach * @param Tree $tree 88a25f0a04SGreg Roach * @param User|null $user 89a25f0a04SGreg Roach * 90cbc1590aSGreg Roach * @return bool 91a25f0a04SGreg Roach */ 9284caa210SGreg Roach public static function isEditor(Tree $tree, User $user = null) { 93a25f0a04SGreg Roach if ($user === null) { 94a25f0a04SGreg Roach $user = self::user(); 95a25f0a04SGreg Roach } 96a25f0a04SGreg Roach 97a25f0a04SGreg Roach return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit'; 98a25f0a04SGreg Roach } 99a25f0a04SGreg Roach 100a25f0a04SGreg Roach /** 1014b9ff166SGreg Roach * Is the specified/current user a member of a tree? 102a25f0a04SGreg Roach * 10384caa210SGreg Roach * @param Tree $tree 104a25f0a04SGreg Roach * @param User|null $user 105a25f0a04SGreg Roach * 106cbc1590aSGreg Roach * @return bool 107a25f0a04SGreg Roach */ 10884caa210SGreg Roach public static function isMember(Tree $tree, User $user = null) { 109a25f0a04SGreg Roach if ($user === null) { 110a25f0a04SGreg Roach $user = self::user(); 111a25f0a04SGreg Roach } 112a25f0a04SGreg Roach 113a25f0a04SGreg Roach return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access'; 114a25f0a04SGreg Roach } 115a25f0a04SGreg Roach 116a25f0a04SGreg Roach /** 1174b9ff166SGreg Roach * What is the specified/current user's access level within a tree? 1184b9ff166SGreg Roach * 1194b9ff166SGreg Roach * @param Tree $tree 1204b9ff166SGreg Roach * @param User|null $user 1214b9ff166SGreg Roach * 122cbc1590aSGreg Roach * @return int 1234b9ff166SGreg Roach */ 1244b9ff166SGreg Roach public static function accessLevel(Tree $tree, User $user = null) { 1254b9ff166SGreg Roach if ($user === null) { 1264b9ff166SGreg Roach $user = self::user(); 1274b9ff166SGreg Roach } 1284b9ff166SGreg Roach 1294b9ff166SGreg Roach if (self::isManager($tree, $user)) { 1304b9ff166SGreg Roach return self::PRIV_NONE; 1314b9ff166SGreg Roach } elseif (self::isMember($tree, $user)) { 1324b9ff166SGreg Roach return self::PRIV_USER; 1334b9ff166SGreg Roach } else { 1344b9ff166SGreg Roach return self::PRIV_PRIVATE; 1354b9ff166SGreg Roach } 1364b9ff166SGreg Roach } 1374b9ff166SGreg Roach 1384b9ff166SGreg Roach /** 139a25f0a04SGreg Roach * The ID of the authenticated user, from the current session. 140a25f0a04SGreg Roach * 141a25f0a04SGreg Roach * @return string|null 142a25f0a04SGreg Roach */ 143a25f0a04SGreg Roach public static function id() { 14431bc7874SGreg Roach return Session::get('wt_user'); 145a25f0a04SGreg Roach } 146a25f0a04SGreg Roach 147a25f0a04SGreg Roach /** 148a25f0a04SGreg Roach * The authenticated user, from the current session. 149a25f0a04SGreg Roach * 150a25f0a04SGreg Roach * @return User 151a25f0a04SGreg Roach */ 152a25f0a04SGreg Roach public static function user() { 1534b9ff166SGreg Roach $user = User::find(self::id()); 154a25f0a04SGreg Roach if ($user === null) { 155a25f0a04SGreg Roach $visitor = new \stdClass; 156a25f0a04SGreg Roach $visitor->user_id = ''; 157a25f0a04SGreg Roach $visitor->user_name = ''; 158a25f0a04SGreg Roach $visitor->real_name = ''; 159a25f0a04SGreg Roach $visitor->email = ''; 160a25f0a04SGreg Roach 161a25f0a04SGreg Roach return new User($visitor); 162a25f0a04SGreg Roach } else { 163a25f0a04SGreg Roach return $user; 164a25f0a04SGreg Roach } 165a25f0a04SGreg Roach } 166a25f0a04SGreg Roach 167a25f0a04SGreg Roach /** 168a25f0a04SGreg Roach * Login directly as an explicit user - for masquerading. 169a25f0a04SGreg Roach * 170a25f0a04SGreg Roach * @param User $user 171a25f0a04SGreg Roach */ 172a25f0a04SGreg Roach public static function login(User $user) { 173e988f922SGreg Roach Session::regenerate(false); 17431bc7874SGreg Roach Session::put('wt_user', $user->getUserId()); 175a25f0a04SGreg Roach } 176a25f0a04SGreg Roach 177a25f0a04SGreg Roach /** 178a25f0a04SGreg Roach * End the session for the current user. 179a25f0a04SGreg Roach */ 180a25f0a04SGreg Roach public static function logout() { 18131bc7874SGreg Roach Session::regenerate(true); 182a25f0a04SGreg Roach } 183a25f0a04SGreg Roach} 184