xref: /webtrees/app/Auth.php (revision 6bef31b0e1f5edb64c54d1cb393c35824d985e44)
1<?php
2namespace Fisharebest\Webtrees;
3
4/**
5 * webtrees: online genealogy
6 * Copyright (C) 2015 webtrees development team
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation, either version 3 of the License, or
10 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 */
18
19use Zend_Session;
20
21/**
22 * Class Auth - authentication functions
23 */
24class Auth {
25	// Privacy constants
26	const PRIV_PRIVATE = 2; // Allows visitors to view the item
27	const PRIV_USER    = 1; // Allows members to access the item
28	const PRIV_NONE    = 0; // Allows managers to access the item
29	const PRIV_HIDE    = -1; // Hide the item to all users
30
31	/**
32	 * Are we currently logged in?
33	 *
34	 * @return boolean
35	 */
36	public static function check() {
37		return self::id() !== null;
38	}
39
40	/**
41	 * Is the specified/current user an administrator?
42	 *
43	 * @param User|null $user
44	 *
45	 * @return boolean
46	 */
47	public static function isAdmin(User $user = null) {
48		if ($user === null) {
49			$user = self::user();
50		}
51
52		return $user && $user->getPreference('canadmin') === '1';
53	}
54
55	/**
56	 * Is the specified/current user a manager of a tree?
57	 *
58	 * @param Tree      $tree
59	 * @param User|null $user
60	 *
61	 * @return boolean
62	 */
63	public static function isManager(Tree $tree, User $user = null) {
64		if ($user === null) {
65			$user = self::user();
66		}
67
68		return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin';
69	}
70
71	/**
72	 * Is the specified/current user a moderator of a tree?
73	 *
74	 * @param Tree      $tree
75	 * @param User|null $user
76	 *
77	 * @return boolean
78	 */
79	public static function isModerator(Tree $tree, User $user = null) {
80		if ($user === null) {
81			$user = self::user();
82		}
83
84		return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept';
85	}
86
87	/**
88	 * Is the specified/current user an editor of a tree?
89	 *
90	 * @param Tree      $tree
91	 * @param User|null $user
92	 *
93	 *
94	 * @return boolean
95	 */
96	public static function isEditor(Tree $tree, User $user = null) {
97		if ($user === null) {
98			$user = self::user();
99		}
100
101		return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit';
102	}
103
104	/**
105	 * Is the specified/current user a member of a tree?
106	 *
107	 * @param Tree      $tree
108	 * @param User|null $user
109	 *
110	 * @return boolean
111	 */
112	public static function isMember(Tree $tree, User $user = null) {
113		if ($user === null) {
114			$user = self::user();
115		}
116
117		return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access';
118	}
119
120	/**
121	 * What is the specified/current user's access level within a tree?
122	 *
123	 * @param Tree      $tree
124	 * @param User|null $user
125	 *
126	 * @return integer
127	 */
128	public static function accessLevel(Tree $tree, User $user = null) {
129		if ($user === null) {
130			$user = self::user();
131		}
132
133		if (self::isManager($tree, $user)) {
134			return self::PRIV_NONE;
135		} elseif (self::isMember($tree, $user)) {
136			return self::PRIV_USER;
137		} else {
138			return self::PRIV_PRIVATE;
139		}
140	}
141
142	/**
143	 * Is the current visitor a search engine?  The global is set in session.php
144	 *
145	 * @return boolean
146	 */
147	public static function isSearchEngine() {
148		global $SEARCH_SPIDER;
149
150		return $SEARCH_SPIDER;
151	}
152
153	/**
154	 * The ID of the authenticated user, from the current session.
155	 *
156	 * @return string|null
157	 */
158	public static function id() {
159		global $WT_SESSION;
160
161		return $WT_SESSION ? $WT_SESSION->wt_user : null;
162	}
163
164	/**
165	 * The authenticated user, from the current session.
166	 *
167	 * @return User
168	 */
169	public static function user() {
170		$user = User::find(self::id());
171		if ($user === null) {
172			$visitor = new \stdClass;
173			$visitor->user_id = '';
174			$visitor->user_name = '';
175			$visitor->real_name = '';
176			$visitor->email = '';
177
178			return new User($visitor);
179		} else {
180			return $user;
181		}
182	}
183
184	/**
185	 * Login directly as an explicit user - for masquerading.
186	 *
187	 * @param User $user
188	 */
189	public static function login(User $user) {
190		global $WT_SESSION;
191
192		$WT_SESSION->wt_user = $user->getUserId();
193		Zend_Session::regenerateId();
194	}
195
196	/**
197	 * End the session for the current user.
198	 */
199	public static function logout() {
200		Zend_Session::regenerateId();
201		Zend_Session::destroy();
202	}
203}
204