xref: /webtrees/app/Auth.php (revision 0a016d046f63b3b1ece7ec913216782c17f0cbad)
1<?php
2/**
3 * webtrees: online genealogy
4 * Copyright (C) 2017 webtrees development team
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16namespace Fisharebest\Webtrees;
17
18/**
19 * Authentication.
20 */
21class Auth {
22	// Privacy constants
23	const PRIV_PRIVATE = 2; // Allows visitors to view the item
24	const PRIV_USER    = 1; // Allows members to access the item
25	const PRIV_NONE    = 0; // Allows managers to access the item
26	const PRIV_HIDE    = -1; // Hide the item to all users
27
28	/**
29	 * Are we currently logged in?
30	 *
31	 * @return bool
32	 */
33	public static function check() {
34		return self::id() !== null;
35	}
36
37	/**
38	 * Is the specified/current user an administrator?
39	 *
40	 * @param User|null $user
41	 *
42	 * @return bool
43	 */
44	public static function isAdmin(User $user = null) {
45		if ($user === null) {
46			$user = self::user();
47		}
48
49		return $user && $user->getPreference('canadmin') === '1';
50	}
51
52	/**
53	 * Is the specified/current user a manager of a tree?
54	 *
55	 * @param Tree      $tree
56	 * @param User|null $user
57	 *
58	 * @return bool
59	 */
60	public static function isManager(Tree $tree, User $user = null) {
61		if ($user === null) {
62			$user = self::user();
63		}
64
65		return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin';
66	}
67
68	/**
69	 * Is the specified/current user a moderator of a tree?
70	 *
71	 * @param Tree      $tree
72	 * @param User|null $user
73	 *
74	 * @return bool
75	 */
76	public static function isModerator(Tree $tree, User $user = null) {
77		if ($user === null) {
78			$user = self::user();
79		}
80
81		return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept';
82	}
83
84	/**
85	 * Is the specified/current user an editor of a tree?
86	 *
87	 * @param Tree      $tree
88	 * @param User|null $user
89	 *
90	 * @return bool
91	 */
92	public static function isEditor(Tree $tree, User $user = null) {
93		if ($user === null) {
94			$user = self::user();
95		}
96
97		return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit';
98	}
99
100	/**
101	 * Is the specified/current user a member of a tree?
102	 *
103	 * @param Tree      $tree
104	 * @param User|null $user
105	 *
106	 * @return bool
107	 */
108	public static function isMember(Tree $tree, User $user = null) {
109		if ($user === null) {
110			$user = self::user();
111		}
112
113		return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access';
114	}
115
116	/**
117	 * What is the specified/current user's access level within a tree?
118	 *
119	 * @param Tree      $tree
120	 * @param User|null $user
121	 *
122	 * @return int
123	 */
124	public static function accessLevel(Tree $tree, User $user = null) {
125		if ($user === null) {
126			$user = self::user();
127		}
128
129		if (self::isManager($tree, $user)) {
130			return self::PRIV_NONE;
131		} elseif (self::isMember($tree, $user)) {
132			return self::PRIV_USER;
133		} else {
134			return self::PRIV_PRIVATE;
135		}
136	}
137
138	/**
139	 * The ID of the authenticated user, from the current session.
140	 *
141	 * @return string|null
142	 */
143	public static function id() {
144		return Session::get('wt_user');
145	}
146
147	/**
148	 * The authenticated user, from the current session.
149	 *
150	 * @return User
151	 */
152	public static function user() {
153		$user = User::find(self::id());
154		if ($user === null) {
155			$visitor            = new \stdClass;
156			$visitor->user_id   = '';
157			$visitor->user_name = '';
158			$visitor->real_name = '';
159			$visitor->email     = '';
160
161			return new User($visitor);
162		} else {
163			return $user;
164		}
165	}
166
167	/**
168	 * Login directly as an explicit user - for masquerading.
169	 *
170	 * @param User $user
171	 */
172	public static function login(User $user) {
173		Session::regenerate(false);
174		Session::put('wt_user', $user->getUserId());
175	}
176
177	/**
178	 * End the session for the current user.
179	 */
180	public static function logout() {
181		Session::regenerate(true);
182	}
183}
184