1<?php 2/** 3 * webtrees: online genealogy 4 * Copyright (C) 2018 webtrees development team 5 * This program is free software: you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation, either version 3 of the License, or 8 * (at your option) any later version. 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * You should have received a copy of the GNU General Public License 14 * along with this program. If not, see <http://www.gnu.org/licenses/>. 15 */ 16namespace Fisharebest\Webtrees; 17 18use stdClass; 19 20/** 21 * Authentication. 22 */ 23class Auth 24{ 25 // Privacy constants 26 const PRIV_PRIVATE = 2; // Allows visitors to view the item 27 const PRIV_USER = 1; // Allows members to access the item 28 const PRIV_NONE = 0; // Allows managers to access the item 29 const PRIV_HIDE = -1; // Hide the item to all users 30 31 /** 32 * Are we currently logged in? 33 * 34 * @return bool 35 */ 36 public static function check() 37 { 38 return self::id() !== null; 39 } 40 41 /** 42 * Is the specified/current user an administrator? 43 * 44 * @param User|null $user 45 * 46 * @return bool 47 */ 48 public static function isAdmin(User $user = null) 49 { 50 if ($user === null) { 51 $user = self::user(); 52 } 53 54 return $user && $user->getPreference('canadmin') === '1'; 55 } 56 57 /** 58 * Is the specified/current user a manager of a tree? 59 * 60 * @param Tree $tree 61 * @param User|null $user 62 * 63 * @return bool 64 */ 65 public static function isManager(Tree $tree, User $user = null) 66 { 67 if ($user === null) { 68 $user = self::user(); 69 } 70 71 return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin'; 72 } 73 74 /** 75 * Is the specified/current user a moderator of a tree? 76 * 77 * @param Tree $tree 78 * @param User|null $user 79 * 80 * @return bool 81 */ 82 public static function isModerator(Tree $tree, User $user = null) 83 { 84 if ($user === null) { 85 $user = self::user(); 86 } 87 88 return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept'; 89 } 90 91 /** 92 * Is the specified/current user an editor of a tree? 93 * 94 * @param Tree $tree 95 * @param User|null $user 96 * 97 * @return bool 98 */ 99 public static function isEditor(Tree $tree, User $user = null) 100 { 101 if ($user === null) { 102 $user = self::user(); 103 } 104 105 return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit'; 106 } 107 108 /** 109 * Is the specified/current user a member of a tree? 110 * 111 * @param Tree $tree 112 * @param User|null $user 113 * 114 * @return bool 115 */ 116 public static function isMember(Tree $tree, User $user = null) 117 { 118 if ($user === null) { 119 $user = self::user(); 120 } 121 122 return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access'; 123 } 124 125 /** 126 * What is the specified/current user's access level within a tree? 127 * 128 * @param Tree $tree 129 * @param User|null $user 130 * 131 * @return int 132 */ 133 public static function accessLevel(Tree $tree, User $user = null) 134 { 135 if ($user === null) { 136 $user = self::user(); 137 } 138 139 if (self::isManager($tree, $user)) { 140 return self::PRIV_NONE; 141 } elseif (self::isMember($tree, $user)) { 142 return self::PRIV_USER; 143 } else { 144 return self::PRIV_PRIVATE; 145 } 146 } 147 148 /** 149 * The ID of the authenticated user, from the current session. 150 * 151 * @return int|null 152 */ 153 public static function id() 154 { 155 return Session::get('wt_user'); 156 } 157 158 /** 159 * The authenticated user, from the current session. 160 * 161 * @return User 162 */ 163 public static function user() 164 { 165 $user = User::find(self::id()); 166 if ($user === null) { 167 $visitor = new stdClass(); 168 $visitor->user_id = ''; 169 $visitor->user_name = ''; 170 $visitor->real_name = ''; 171 $visitor->email = ''; 172 173 return new User($visitor); 174 } else { 175 return $user; 176 } 177 } 178 179 /** 180 * Login directly as an explicit user - for masquerading. 181 * 182 * @param User $user 183 */ 184 public static function login(User $user) 185 { 186 Session::regenerate(false); 187 Session::put('wt_user', $user->getUserId()); 188 } 189 190 /** 191 * End the session for the current user. 192 */ 193 public static function logout() 194 { 195 Session::regenerate(true); 196 } 197} 198