xref: /webtrees/app/Auth.php (revision 12c79f746ea1903d66aea1fe0412eda6149a5532)
1<?php
2/**
3 * webtrees: online genealogy
4 * Copyright (C) 2018 webtrees development team
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16namespace Fisharebest\Webtrees;
17
18use stdClass;
19
20/**
21 * Authentication.
22 */
23class Auth
24{
25    // Privacy constants
26    const PRIV_PRIVATE = 2; // Allows visitors to view the item
27    const PRIV_USER    = 1; // Allows members to access the item
28    const PRIV_NONE    = 0; // Allows managers to access the item
29    const PRIV_HIDE    = -1; // Hide the item to all users
30
31    /**
32     * Are we currently logged in?
33     *
34     * @return bool
35     */
36    public static function check()
37    {
38        return self::id() !== null;
39    }
40
41    /**
42     * Is the specified/current user an administrator?
43     *
44     * @param User|null $user
45     *
46     * @return bool
47     */
48    public static function isAdmin(User $user = null)
49    {
50        if ($user === null) {
51            $user = self::user();
52        }
53
54        return $user && $user->getPreference('canadmin') === '1';
55    }
56
57    /**
58     * Is the specified/current user a manager of a tree?
59     *
60     * @param Tree      $tree
61     * @param User|null $user
62     *
63     * @return bool
64     */
65    public static function isManager(Tree $tree, User $user = null)
66    {
67        if ($user === null) {
68            $user = self::user();
69        }
70
71        return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin';
72    }
73
74    /**
75     * Is the specified/current user a moderator of a tree?
76     *
77     * @param Tree      $tree
78     * @param User|null $user
79     *
80     * @return bool
81     */
82    public static function isModerator(Tree $tree, User $user = null)
83    {
84        if ($user === null) {
85            $user = self::user();
86        }
87
88        return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept';
89    }
90
91    /**
92     * Is the specified/current user an editor of a tree?
93     *
94     * @param Tree      $tree
95     * @param User|null $user
96     *
97     * @return bool
98     */
99    public static function isEditor(Tree $tree, User $user = null)
100    {
101        if ($user === null) {
102            $user = self::user();
103        }
104
105        return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit';
106    }
107
108    /**
109     * Is the specified/current user a member of a tree?
110     *
111     * @param Tree      $tree
112     * @param User|null $user
113     *
114     * @return bool
115     */
116    public static function isMember(Tree $tree, User $user = null)
117    {
118        if ($user === null) {
119            $user = self::user();
120        }
121
122        return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access';
123    }
124
125    /**
126     * What is the specified/current user's access level within a tree?
127     *
128     * @param Tree      $tree
129     * @param User|null $user
130     *
131     * @return int
132     */
133    public static function accessLevel(Tree $tree, User $user = null)
134    {
135        if ($user === null) {
136            $user = self::user();
137        }
138
139        if (self::isManager($tree, $user)) {
140            return self::PRIV_NONE;
141        } elseif (self::isMember($tree, $user)) {
142            return self::PRIV_USER;
143        } else {
144            return self::PRIV_PRIVATE;
145        }
146    }
147
148    /**
149     * The ID of the authenticated user, from the current session.
150     *
151     * @return int|null
152     */
153    public static function id()
154    {
155        return Session::get('wt_user');
156    }
157
158    /**
159     * The authenticated user, from the current session.
160     *
161     * @return User
162     */
163    public static function user()
164    {
165        $user = User::find(self::id());
166        if ($user === null) {
167            $visitor            = new stdClass();
168            $visitor->user_id   = '';
169            $visitor->user_name = '';
170            $visitor->real_name = '';
171            $visitor->email     = '';
172
173            return new User($visitor);
174        } else {
175            return $user;
176        }
177    }
178
179    /**
180     * Login directly as an explicit user - for masquerading.
181     *
182     * @param User $user
183     */
184    public static function login(User $user)
185    {
186        Session::regenerate(false);
187        Session::put('wt_user', $user->getUserId());
188    }
189
190    /**
191     * End the session for the current user.
192     */
193    public static function logout()
194    {
195        Session::regenerate(true);
196    }
197}
198