xref: /webtrees/app/Auth.php (revision da83637ca6236094f5a00d6e54530cd25ac7aa0e)
1<?php
2/**
3 * webtrees: online genealogy
4 * Copyright (C) 2018 webtrees development team
5 * This program is free software: you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation, either version 3 of the License, or
8 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://www.gnu.org/licenses/>.
15 */
16namespace Fisharebest\Webtrees;
17
18/**
19 * Authentication.
20 */
21class Auth
22{
23    // Privacy constants
24    const PRIV_PRIVATE = 2; // Allows visitors to view the item
25    const PRIV_USER    = 1; // Allows members to access the item
26    const PRIV_NONE    = 0; // Allows managers to access the item
27    const PRIV_HIDE    = -1; // Hide the item to all users
28
29    /**
30     * Are we currently logged in?
31     *
32     * @return bool
33     */
34    public static function check()
35    {
36        return self::id() !== null;
37    }
38
39    /**
40     * Is the specified/current user an administrator?
41     *
42     * @param User|null $user
43     *
44     * @return bool
45     */
46    public static function isAdmin(User $user = null)
47    {
48        if ($user === null) {
49            $user = self::user();
50        }
51
52        return $user && $user->getPreference('canadmin') === '1';
53    }
54
55    /**
56     * Is the specified/current user a manager of a tree?
57     *
58     * @param Tree      $tree
59     * @param User|null $user
60     *
61     * @return bool
62     */
63    public static function isManager(Tree $tree, User $user = null)
64    {
65        if ($user === null) {
66            $user = self::user();
67        }
68
69        return self::isAdmin($user) || $user && $tree->getUserPreference($user, 'canedit') === 'admin';
70    }
71
72    /**
73     * Is the specified/current user a moderator of a tree?
74     *
75     * @param Tree      $tree
76     * @param User|null $user
77     *
78     * @return bool
79     */
80    public static function isModerator(Tree $tree, User $user = null)
81    {
82        if ($user === null) {
83            $user = self::user();
84        }
85
86        return self::isManager($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'accept';
87    }
88
89    /**
90     * Is the specified/current user an editor of a tree?
91     *
92     * @param Tree      $tree
93     * @param User|null $user
94     *
95     * @return bool
96     */
97    public static function isEditor(Tree $tree, User $user = null)
98    {
99        if ($user === null) {
100            $user = self::user();
101        }
102
103        return self::isModerator($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'edit';
104    }
105
106    /**
107     * Is the specified/current user a member of a tree?
108     *
109     * @param Tree      $tree
110     * @param User|null $user
111     *
112     * @return bool
113     */
114    public static function isMember(Tree $tree, User $user = null)
115    {
116        if ($user === null) {
117            $user = self::user();
118        }
119
120        return self::isEditor($tree, $user) || $user && $tree->getUserPreference($user, 'canedit') === 'access';
121    }
122
123    /**
124     * What is the specified/current user's access level within a tree?
125     *
126     * @param Tree      $tree
127     * @param User|null $user
128     *
129     * @return int
130     */
131    public static function accessLevel(Tree $tree, User $user = null)
132    {
133        if ($user === null) {
134            $user = self::user();
135        }
136
137        if (self::isManager($tree, $user)) {
138            return self::PRIV_NONE;
139        } elseif (self::isMember($tree, $user)) {
140            return self::PRIV_USER;
141        } else {
142            return self::PRIV_PRIVATE;
143        }
144    }
145
146    /**
147     * The ID of the authenticated user, from the current session.
148     *
149     * @return string|null
150     */
151    public static function id()
152    {
153        return Session::get('wt_user');
154    }
155
156    /**
157     * The authenticated user, from the current session.
158     *
159     * @return User
160     */
161    public static function user()
162    {
163        $user = User::find(self::id());
164        if ($user === null) {
165            $visitor            = new \stdClass;
166            $visitor->user_id   = '';
167            $visitor->user_name = '';
168            $visitor->real_name = '';
169            $visitor->email     = '';
170
171            return new User($visitor);
172        } else {
173            return $user;
174        }
175    }
176
177    /**
178     * Login directly as an explicit user - for masquerading.
179     *
180     * @param User $user
181     */
182    public static function login(User $user)
183    {
184        Session::regenerate(false);
185        Session::put('wt_user', $user->getUserId());
186    }
187
188    /**
189     * End the session for the current user.
190     */
191    public static function logout()
192    {
193        Session::regenerate(true);
194    }
195}
196