1<?php 2/** 3 * webtrees: online genealogy 4 * Copyright (C) 2018 webtrees development team 5 * This program is free software: you can redistribute it and/or modify 6 * it under the terms of the GNU General Public License as published by 7 * the Free Software Foundation, either version 3 of the License, or 8 * (at your option) any later version. 9 * This program is distributed in the hope that it will be useful, 10 * but WITHOUT ANY WARRANTY; without even the implied warranty of 11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12 * GNU General Public License for more details. 13 * You should have received a copy of the GNU General Public License 14 * along with this program. If not, see <http://www.gnu.org/licenses/>. 15 */ 16namespace Fisharebest\Webtrees; 17 18/** 19 * Authentication. 20 */ 21class Auth 22{ 23 // Privacy constants 24 const PRIV_PRIVATE = 2; // Allows visitors to view the item 25 const PRIV_USER = 1; // Allows members to access the item 26 const PRIV_NONE = 0; // Allows managers to access the item 27 const PRIV_HIDE = -1; // Hide the item to all users 28 29 /** 30 * Are we currently logged in? 31 * 32 * @return bool 33 */ 34 public static function check() 35 { 36 return self::id() !== null; 37 } 38 39 /** 40 * Is the specified/current user an administrator? 41 * 42 * @param User|null $user 43 * 44 * @return bool 45 */ 46 public static function isAdmin(User $user = null) 47 { 48 if ($user === null) { 49 $user = self::user(); 50 } 51 52 return $user && $user->getPreference('canadmin') === '1'; 53 } 54 55 /** 56 * Is the specified/current user a manager of a tree? 57 * 58 * @param Tree $tree 59 * @param User|null $user 60 * 61 * @return bool 62 */ 63 public static function isManager(Tree $tree, User $user = null) 64 { 65 if ($user === null) { 66 $user = self::user(); 67 } 68 69 return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin'; 70 } 71 72 /** 73 * Is the specified/current user a moderator of a tree? 74 * 75 * @param Tree $tree 76 * @param User|null $user 77 * 78 * @return bool 79 */ 80 public static function isModerator(Tree $tree, User $user = null) 81 { 82 if ($user === null) { 83 $user = self::user(); 84 } 85 86 return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept'; 87 } 88 89 /** 90 * Is the specified/current user an editor of a tree? 91 * 92 * @param Tree $tree 93 * @param User|null $user 94 * 95 * @return bool 96 */ 97 public static function isEditor(Tree $tree, User $user = null) 98 { 99 if ($user === null) { 100 $user = self::user(); 101 } 102 103 return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit'; 104 } 105 106 /** 107 * Is the specified/current user a member of a tree? 108 * 109 * @param Tree $tree 110 * @param User|null $user 111 * 112 * @return bool 113 */ 114 public static function isMember(Tree $tree, User $user = null) 115 { 116 if ($user === null) { 117 $user = self::user(); 118 } 119 120 return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access'; 121 } 122 123 /** 124 * What is the specified/current user's access level within a tree? 125 * 126 * @param Tree $tree 127 * @param User|null $user 128 * 129 * @return int 130 */ 131 public static function accessLevel(Tree $tree, User $user = null) 132 { 133 if ($user === null) { 134 $user = self::user(); 135 } 136 137 if (self::isManager($tree, $user)) { 138 return self::PRIV_NONE; 139 } elseif (self::isMember($tree, $user)) { 140 return self::PRIV_USER; 141 } else { 142 return self::PRIV_PRIVATE; 143 } 144 } 145 146 /** 147 * The ID of the authenticated user, from the current session. 148 * 149 * @return int|null 150 */ 151 public static function id() 152 { 153 return Session::get('wt_user'); 154 } 155 156 /** 157 * The authenticated user, from the current session. 158 * 159 * @return User 160 */ 161 public static function user() 162 { 163 $user = User::find(self::id()); 164 if ($user === null) { 165 $visitor = new \stdClass; 166 $visitor->user_id = ''; 167 $visitor->user_name = ''; 168 $visitor->real_name = ''; 169 $visitor->email = ''; 170 171 return new User($visitor); 172 } else { 173 return $user; 174 } 175 } 176 177 /** 178 * Login directly as an explicit user - for masquerading. 179 * 180 * @param User $user 181 */ 182 public static function login(User $user) 183 { 184 Session::regenerate(false); 185 Session::put('wt_user', $user->getUserId()); 186 } 187 188 /** 189 * End the session for the current user. 190 */ 191 public static function logout() 192 { 193 Session::regenerate(true); 194 } 195} 196