Added isVisitor, isAdmin, and isRegistered methods to User object instead
of hard coding checks everywhere with group ids. And updated the code base to match.
This commit is contained in:
JT Smith
parent
586164d8d0
commit
ef120fb06b
52 changed files with 201 additions and 118 deletions
|
|
@ -5,6 +5,9 @@
|
|||
- rfe: Process Macros in HTTP Proxy's URL
|
||||
- rfe: TimeZone for the User Profiles displays incorrectly after installation
|
||||
- rfe: choice of type of redirect on redirect assets
|
||||
- Added isVisitor, isAdmin, and isRegistered methods to User object instead
|
||||
of hard coding checks everywhere with group ids. And updated the code base
|
||||
to match.
|
||||
- rfe: Town Hall: EMS badge early bird field/discount
|
||||
- rewrite macro parser, improving speed and making parameter parsing more sane
|
||||
- Made the charset metatag the highest thing in the head block.
|
||||
|
|
|
|||
|
|
@ -52,11 +52,11 @@ A reference to the current session.
|
|||
|
||||
sub grabReferral {
|
||||
my $session = shift;
|
||||
if ($session->user->userId ne "1" && $session->user->referringAffiliate) {
|
||||
if ($session->user->isRegistered && $session->user->referringAffiliate) {
|
||||
return "";
|
||||
} elsif ($session->user->userId ne "1" && (($session->user->referringAffiliate eq "0" && $session->form->process("referringAffiliate")) || $session->form->process("affiliateId"))) {
|
||||
} elsif ($session->user->isRegistered && (($session->user->referringAffiliate eq "0" && $session->form->process("referringAffiliate")) || $session->form->process("affiliateId"))) {
|
||||
$session->user->referringAffiliate($session->scratch->get("referringAffiliate"));
|
||||
} elsif ($session->user->userId ne "1") {
|
||||
} elsif ($session->user->isRegistered) {
|
||||
$session->user->referringAffiliate(1);
|
||||
} elsif ($session->form->process("affiliateId") ne "") {
|
||||
$session->scratch->set("referringAffiliate",$session->form->process("affiliateId"));
|
||||
|
|
|
|||
|
|
@ -778,7 +778,7 @@ sub getAssetAdderLinks {
|
|||
$self->session->errorHandler->error("Couldn't get UI level of ".$class.". Root cause: ".$@);
|
||||
next;
|
||||
}
|
||||
next if ($uiLevel > $self->session->user->profileField("uiLevel"));# && !$self->session->user->isInGroup(3));
|
||||
next if ($uiLevel > $self->session->user->profileField("uiLevel"));# && !$self->session->user->isAdmin);
|
||||
my $canAdd = eval{$class->canAdd($self->session)};
|
||||
if ($@) {
|
||||
$self->session->errorHandler->error("Couldn't determine if user can add ".$class." because ".$@);
|
||||
|
|
@ -1050,7 +1050,7 @@ sub getEditForm {
|
|||
fieldType=>$fieldType
|
||||
);
|
||||
}
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
# Add a quick link to add field
|
||||
$tabform->getTab("meta")->readOnly(
|
||||
-value=>'<p><a href="'.$self->session->url->page("func=editMetaDataField;fid=new").'">'.
|
||||
|
|
|
|||
|
|
@ -2444,7 +2444,7 @@ sub www_view {
|
|||
return $self->session->privilege->noAccess() unless $self->canView;
|
||||
my $check = $self->checkView;
|
||||
return $check if (defined $check);
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor);
|
||||
$self->session->http->sendHeader;
|
||||
$self->prepareView;
|
||||
my $style = $self->getParent->processStyle("~~~");
|
||||
|
|
|
|||
|
|
@ -636,7 +636,7 @@ sub processCommentEditForm {
|
|||
: 0
|
||||
;
|
||||
|
||||
my $visitorIp = $session->user->userId eq "1"
|
||||
my $visitorIp = $session->user->isVisitor
|
||||
? $session->env->get("REMOTE_ADDR")
|
||||
: undef
|
||||
;
|
||||
|
|
|
|||
|
|
@ -91,13 +91,13 @@ sub edit {
|
|||
);
|
||||
$tabform->addTab("security",$i18n->get(107,"Asset"),6);
|
||||
my $subtext;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
$subtext = $self->session->icon->manage('op=listUsers');
|
||||
} else {
|
||||
$subtext = "";
|
||||
}
|
||||
my $clause;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
my $group = WebGUI::Group->new($self->session,4);
|
||||
my $contentManagers = $group->getAllUsers();
|
||||
push (@$contentManagers, $self->session->user->userId);
|
||||
|
|
|
|||
|
|
@ -627,7 +627,7 @@ sub hasRated {
|
|||
my $self = shift;
|
||||
return 1 if $self->isPoster;
|
||||
my $flag = 0;
|
||||
if ($self->session->user->userId eq "1") {
|
||||
if ($self->session->user->isVisitor) {
|
||||
($flag) = $self->session->db->quickArray("select count(*) from Post_rating where assetId=? and ipAddress=?",[$self->getId, $self->session->env->getIp]);
|
||||
} else {
|
||||
($flag) = $self->session->db->quickArray("select count(*) from Post_rating where assetId=? and userId=?",[$self->getId, $self->session->user->userId]);
|
||||
|
|
@ -1255,7 +1255,7 @@ sub www_edit {
|
|||
$var{'form.footer' } = WebGUI::Form::formFooter($session);
|
||||
$var{'usePreview' } = $self->getThread->getParent->get("usePreview");
|
||||
$var{'user.isModerator'} = $self->getThread->getParent->canModerate;
|
||||
$var{'user.isVisitor' } = ($user->userId eq '1');
|
||||
$var{'user.isVisitor' } = ($user->isVisitor);
|
||||
$var{'visitorName.form'} = WebGUI::Form::text($session, {
|
||||
name => "visitorName",
|
||||
value => $form->process('visitorName') || $self->getValue("visitorName")
|
||||
|
|
|
|||
|
|
@ -854,7 +854,7 @@ sub view {
|
|||
my $currentPost = shift || $self;
|
||||
$self->markRead;
|
||||
$self->incrementViews unless ($self->session->form->process("func") eq 'rate');
|
||||
if ($self->session->user->userId eq '1' && !$self->session->form->process("layout")) {
|
||||
if ($self->session->user->isVisitor && !$self->session->form->process("layout")) {
|
||||
my $out = WebGUI::Cache->new($self->session,"view_".$self->getId)->get;
|
||||
return $out if $out;
|
||||
}
|
||||
|
|
@ -864,7 +864,7 @@ sub view {
|
|||
$self->getParent->appendTemplateLabels($var);
|
||||
|
||||
$var->{'karmaIsEnabled' } = $self->session->setting->get("useKarma");
|
||||
$var->{'user.isVisitor' } = ($self->session->user->userId eq '1');
|
||||
$var->{'user.isVisitor' } = ($self->session->user->isVisitor);
|
||||
$var->{'user.isModerator' } = $self->getParent->canModerate;
|
||||
$var->{'user.canPost' } = $self->getParent->canPost;
|
||||
$var->{'user.canReply' } = $self->canReply;
|
||||
|
|
@ -961,7 +961,7 @@ sub view {
|
|||
$var->{'collaboration.description'} = $self->getParent->get("description");
|
||||
my $out = $self->processTemplate($var,undef,$self->{_viewTemplate});
|
||||
|
||||
if ($self->session->user->userId eq '1' && !$self->session->form->process("layout")) {
|
||||
if ($self->session->user->isVisitor && !$self->session->form->process("layout")) {
|
||||
WebGUI::Cache->new($self->session,"view_".$self->getId)->set($out,$self->getThread->getParent->get("visitorCacheTimeout"));
|
||||
}
|
||||
return $out;
|
||||
|
|
@ -1158,7 +1158,7 @@ sub www_view {
|
|||
return $self->session->privilege->noAccess() unless $self->canView;
|
||||
my $check = $self->checkView;
|
||||
return $check if (defined $check);
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor);
|
||||
$self->session->http->sendHeader;
|
||||
$self->prepareView;
|
||||
my $style = $self->getParent->processStyle("~~~");
|
||||
|
|
|
|||
|
|
@ -487,7 +487,7 @@ sub getRichEditor {
|
|||
theme_advanced_toolbar_location => $self->getValue("toolbarLocation"),
|
||||
theme_advanced_statusbar_location => "bottom",
|
||||
valid_elements => $self->getValue("validElements"),
|
||||
wg_userIsVisitor => $self->session->user->userId eq '1' ? JSON::true() : JSON::false(),
|
||||
wg_userIsVisitor => $self->session->user->isVisitor ? JSON::true() : JSON::false(),
|
||||
);
|
||||
foreach my $button (@toolbarButtons) {
|
||||
if ($button eq "spellchecker" && $self->session->config->get('availableDictionaries')) {
|
||||
|
|
|
|||
|
|
@ -771,7 +771,7 @@ sub www_edit {
|
|||
sub www_getUserPrefsForm {
|
||||
#This is a form retrieved by "ajax".
|
||||
my $self = shift;
|
||||
return 'You are no longer logged in' if $self->session->user->userId eq '1';
|
||||
return 'You are no longer logged in' if $self->session->user->isVisitor;
|
||||
return 'You are not allowed to personalize this Dashboard.' unless $self->getParent->canPersonalize;
|
||||
my $output;
|
||||
my @fielden = $self->getPrefFieldsToShow;
|
||||
|
|
|
|||
|
|
@ -424,7 +424,7 @@ sub www_view {
|
|||
$self->update({ views => $self->get('views')+1 });
|
||||
# TODO: This should probably exist, as the CS has one.
|
||||
# $self->session->http->setCacheControl($self->getWiki->get('visitorCacheTimeout'))
|
||||
# if ($self->session->user->userId eq '1');
|
||||
# if ($self->session->user->isVisitor);
|
||||
$self->session->http->sendHeader;
|
||||
$self->prepareView;
|
||||
return $self->getWiki->processStyle($self->view);
|
||||
|
|
|
|||
|
|
@ -58,7 +58,7 @@ sub _visitorCacheKey {
|
|||
#-------------------------------------------------------------------
|
||||
sub _visitorCacheOk {
|
||||
my $self = shift;
|
||||
return ($self->session->user->userId eq '1'
|
||||
return ($self->session->user->isVisitor
|
||||
&& !$self->session->form->process('sortBy'));
|
||||
}
|
||||
|
||||
|
|
@ -308,7 +308,7 @@ sub canSubscribe {
|
|||
? WebGUI::User->new( $session, $userId )
|
||||
: $self->session->user
|
||||
;
|
||||
return ($user->userId ne "1" && $self->canView( $userId ) );
|
||||
return ($user->isRegistered && $self->canView( $userId ) );
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
|
@ -1063,7 +1063,7 @@ sub getViewTemplateVars {
|
|||
$var{"add.url"} = $self->getNewThreadUrl;
|
||||
$var{"rss.url"} = $self->getRssUrl;
|
||||
$var{'user.isModerator'} = $self->canModerate;
|
||||
$var{'user.isVisitor'} = ($self->session->user->userId eq '1');
|
||||
$var{'user.isVisitor'} = ($self->session->user->isVisitor);
|
||||
$var{'user.isSubscribed'} = $self->isSubscribed;
|
||||
$var{'sortby.title.url'} = $self->getSortByUrl("title");
|
||||
$var{'sortby.username.url'} = $self->getSortByUrl("username");
|
||||
|
|
@ -1500,7 +1500,7 @@ sub www_unsubscribe {
|
|||
sub www_view {
|
||||
my $self = shift;
|
||||
my $disableCache = ($self->session->form->process("sortBy") ne "");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1" && !$disableCache);
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor && !$disableCache);
|
||||
return $self->SUPER::www_view(@_);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -193,7 +193,7 @@ sub www_edit {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_mySubscriptions {
|
||||
my $self = shift;
|
||||
return $self->session->privilege->insufficient unless ($self->canView && $self->session->user->userId ne "1");
|
||||
return $self->session->privilege->insufficient unless ($self->canView && $self->session->user->isRegistered);
|
||||
my %var = ();
|
||||
my $meta = $self->getMetaDataFields;
|
||||
my @categories = ();
|
||||
|
|
@ -233,7 +233,7 @@ sub www_mySubscriptions {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_mySubscriptionsSave {
|
||||
my $self = shift;
|
||||
return $self->session->privilege->insufficient unless ($self->canView && $self->session->user->userId ne "1");
|
||||
return $self->session->privilege->insufficient unless ($self->canView && $self->session->user->isRegistered);
|
||||
my $subscriptions = $self->session->form->process("subscriptions", "checkList");
|
||||
$self->setUserSubscriptions($subscriptions);
|
||||
return $self->www_view;
|
||||
|
|
|
|||
|
|
@ -24,14 +24,14 @@ our @ISA = qw(WebGUI::Asset::Wobject);
|
|||
#-------------------------------------------------------------------
|
||||
sub canManage {
|
||||
my $self = shift;
|
||||
return 0 if $self->session->user->userId eq '1';
|
||||
return 0 if $self->session->user->isVisitor;
|
||||
return $self->session->user->isInGroup($self->get("adminsGroupId"));
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
sub canPersonalize {
|
||||
my $self = shift;
|
||||
return 0 if $self->session->user->userId eq '1';
|
||||
return 0 if $self->session->user->isVisitor;
|
||||
return $self->session->user->isInGroup($self->get("usersGroupId"));
|
||||
}
|
||||
|
||||
|
|
@ -273,7 +273,7 @@ sub view {
|
|||
shortcutUrl=>$child->getUrl,
|
||||
canPersonalize=>$self->canPersonalize,
|
||||
showReloadIcon=>$child->{_properties}{showReloadIcon},
|
||||
canEditUserPrefs=>(($self->session->user->userId ne '1') && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
canEditUserPrefs=>(($self->session->user->isRegistered) && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
});
|
||||
$newStuff .= 'available_dashlets["'.$child->getId.'"]=\''.$child->getUrl.'\';';
|
||||
|
||||
|
|
@ -286,7 +286,7 @@ sub view {
|
|||
shortcutUrl=>$child->getUrl,
|
||||
canPersonalize=>$self->canPersonalize,
|
||||
showReloadIcon=>$child->{_properties}{showReloadIcon},
|
||||
canEditUserPrefs=>(($self->session->user->userId ne '1') && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
canEditUserPrefs=>(($self->session->user->isRegistered) && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
});
|
||||
$newStuff .= 'available_dashlets["'.$child->getId.'"]=\''.$child->getUrl.'\';';
|
||||
}
|
||||
|
|
@ -309,7 +309,7 @@ sub view {
|
|||
shortcutUrl=>$child->getUrl,
|
||||
showReloadIcon=>$child->{_properties}{showReloadIcon},
|
||||
canPersonalize=>$self->canPersonalize,
|
||||
canEditUserPrefs=>(($self->session->user->userId ne '1') && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
canEditUserPrefs=>(($self->session->user->isRegistered) && (ref $child eq 'WebGUI::Asset::Shortcut') && (scalar($child->getPrefFieldsToShow) > 0))
|
||||
});
|
||||
$newStuff .= 'available_dashlets["'.$child->getId.'"]=\''.$child->getUrl.'\';';
|
||||
}
|
||||
|
|
@ -329,7 +329,7 @@ sub view {
|
|||
#-------------------------------------------------------------------
|
||||
sub www_setContentPositions {
|
||||
my $self = shift;
|
||||
return 'Visitors cannot save settings' if($self->session->user->userId eq '1');
|
||||
return 'Visitors cannot save settings' if($self->session->user->isVisitor);
|
||||
return $self->session->privilege->insufficient() unless ($self->canPersonalize);
|
||||
return 'empty' unless $self->get("isInitialized");
|
||||
my $dummy = $self->initialize unless $self->get("isInitialized");
|
||||
|
|
|
|||
|
|
@ -1422,7 +1422,7 @@ Displays the badges purchased by the current user, or all users if the user is p
|
|||
sub www_lookupRegistrant {
|
||||
my ($self) = @_;
|
||||
my $session = $self->session;
|
||||
return $session->privilege->noAccess() unless ($self->canView && $self->session->user->userId ne "1");
|
||||
return $session->privilege->noAccess() unless ($self->canView && $self->session->user->isRegistered);
|
||||
|
||||
# set up template variables
|
||||
my %var = (
|
||||
|
|
|
|||
|
|
@ -194,7 +194,7 @@ sub view {
|
|||
my $self = shift;
|
||||
|
||||
# Use cached version for visitors
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
my $out = WebGUI::Cache->new($self->session,"view_".$self->getId)->get;
|
||||
return $out if $out;
|
||||
}
|
||||
|
|
@ -258,7 +258,7 @@ sub view {
|
|||
my $out = $self->processTemplate( $vars, undef, $self->{_viewTemplate} );
|
||||
|
||||
# Update the cache
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
WebGUI::Cache->new($self->session,"view_".$self->getId)
|
||||
->set($out,$self->get("visitorCacheTimeout"));
|
||||
}
|
||||
|
|
@ -277,7 +277,7 @@ See WebGUI::Asset::Wobject::www_view() for details.
|
|||
|
||||
sub www_view {
|
||||
my $self = shift;
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor);
|
||||
$self->SUPER::www_view(@_);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -293,7 +293,7 @@ sub www_compare {
|
|||
$var{isTooMany} = (scalar(@cmsList)>$max);
|
||||
$var{isTooFew} = (scalar(@cmsList)<2);
|
||||
$var{'compare.form'} = $self->getCompareForm(@cmsList);
|
||||
$var{'isLoggedIn'} = ($self->session->user->userId ne "1");
|
||||
$var{'isLoggedIn'} = ($self->session->user->isRegistered);
|
||||
if ($var{isTooMany} || $var{isTooFew}) {
|
||||
return $self->processStyle($self->processTemplate(\%var,$self->get("compareTemplateId")));
|
||||
}
|
||||
|
|
@ -985,7 +985,7 @@ sub www_search {
|
|||
$var{isTooFew} = ($count<2);
|
||||
}
|
||||
}
|
||||
$var{'isLoggedIn'} = ($self->session->user->userId ne "1");
|
||||
$var{'isLoggedIn'} = ($self->session->user->isRegistered);
|
||||
$var{'compare.form'} = $self->getCompareForm(@list);
|
||||
$var{'form.header'} = WebGUI::Form::formHeader($self->session,{action=>$self->getUrl})
|
||||
.WebGUI::Form::hidden($self->session,{
|
||||
|
|
@ -1032,14 +1032,14 @@ sub www_search {
|
|||
#-------------------------------------------------------------------
|
||||
sub view {
|
||||
my $self = shift;
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
my $out = WebGUI::Cache->new($self->session,"view_".$self->getId)->get;
|
||||
return $out if $out;
|
||||
}
|
||||
my (%var);
|
||||
$var{'compare.form'} = $self->getCompareForm;
|
||||
$var{'search.url'} = $self->getUrl("func=search");
|
||||
$var{'isLoggedIn'} = ($self->session->user->userId ne "1");
|
||||
$var{'isLoggedIn'} = ($self->session->user->isRegistered);
|
||||
$var{'field.list.url'} = $self->getUrl('func=listFields');
|
||||
$var{'listing.add.url'} = $self->formatURL("editListing","new");
|
||||
|
||||
|
|
@ -1132,7 +1132,7 @@ sub view {
|
|||
}
|
||||
$sth->finish;
|
||||
my $out = $self->processTemplate(\%var,undef,$self->{_viewTemplate});
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
WebGUI::Cache->new($self->session,"view_".$self->getId)->set($out,$self->get("visitorCacheTimeout"));
|
||||
}
|
||||
return $out;
|
||||
|
|
@ -1148,7 +1148,7 @@ See WebGUI::Asset::Wobject::www_view() for details.
|
|||
|
||||
sub www_view {
|
||||
my $self = shift;
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor);
|
||||
$self->SUPER::www_view(@_);
|
||||
}
|
||||
|
||||
|
|
@ -1167,7 +1167,7 @@ sub www_viewDetail {
|
|||
$var{thumbnail} = $storage->getThumbnailUrl($listing->{filename});
|
||||
}
|
||||
$var{"discussion"} = $forum && $forum->view;
|
||||
$var{'isLoggedIn'} = ($self->session->user->userId ne "1");
|
||||
$var{'isLoggedIn'} = ($self->session->user->isRegistered);
|
||||
if ($self->session->form->process("do") eq "sendEmail" && $self->session->form->process("verify","captcha")) {
|
||||
if ($self->session->form->process("body") ne "") {
|
||||
my $u = WebGUI::User->new($self->session, $listing->{maintainerId});
|
||||
|
|
|
|||
|
|
@ -98,7 +98,7 @@ See WebGUI::Asset::view() for details.
|
|||
|
||||
sub view {
|
||||
my $self = shift;
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
my $out = WebGUI::Cache->new($self->session,"view_".$self->getId)->get;
|
||||
return $out if $out;
|
||||
}
|
||||
|
|
@ -163,7 +163,7 @@ sub view {
|
|||
$var{forum_loop} = \@forum_loop;
|
||||
|
||||
my $out = $self->processTemplate(\%var,undef,$self->{_viewTemplate});
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
WebGUI::Cache->new($self->session,"view_".$self->getId)->set($out,$self->get("visitorCacheTimeout"));
|
||||
}
|
||||
return $out;
|
||||
|
|
@ -179,7 +179,7 @@ See WebGUI::Asset::Wobject::www_view() for details.
|
|||
|
||||
sub www_view {
|
||||
my $self = shift;
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->userId eq "1");
|
||||
$self->session->http->setCacheControl($self->get("visitorCacheTimeout")) if ($self->session->user->isVisitor);
|
||||
$self->SUPER::www_view(@_);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -521,7 +521,7 @@ sub www_goBackToPage {
|
|||
sub www_preview {
|
||||
my $self = shift;
|
||||
$self->session->var->get("adminOn") = 0;
|
||||
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(3));
|
||||
return $self->session->privilege->insufficient() unless ($self->session->user->isAdmin);
|
||||
my $nav = WebGUI::Navigation->new( depth=>$self->session->form->process("depth"),
|
||||
method=>$self->session->form->process("method"),
|
||||
startAt=>$self->session->form->process("startAt"),
|
||||
|
|
|
|||
|
|
@ -374,7 +374,7 @@ sub www_emptyClipboard {
|
|||
my $self = shift;
|
||||
my $ac = WebGUI::AdminConsole->new($self->session,"clipboard");
|
||||
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(4));
|
||||
foreach my $asset (@{$self->getAssetsInClipboard(!($self->session->form->process("systemClipboard") && $self->session->user->isInGroup(3)))}) {
|
||||
foreach my $asset (@{$self->getAssetsInClipboard(!($self->session->form->process("systemClipboard") && $self->session->user->isAdmin))}) {
|
||||
$asset->trash;
|
||||
}
|
||||
return $self->www_manageClipboard();
|
||||
|
|
@ -395,7 +395,7 @@ sub www_manageClipboard {
|
|||
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
|
||||
my $i18n = WebGUI::International->new($self->session, "Asset");
|
||||
my ($header,$limit);
|
||||
if ($self->session->form->process("systemClipboard") && $self->session->user->isInGroup(3)) {
|
||||
if ($self->session->form->process("systemClipboard") && $self->session->user->isAdmin) {
|
||||
$header = $i18n->get(966);
|
||||
$ac->addSubmenuItem($self->getUrl('func=manageClipboard'), $i18n->get(949));
|
||||
$ac->addSubmenuItem($self->getUrl('func=emptyClipboard;systemClipboard=1'), $i18n->get(959),
|
||||
|
|
|
|||
|
|
@ -318,7 +318,7 @@ sub www_manageTrash {
|
|||
return $self->session->privilege->insufficient() unless ($self->session->user->isInGroup(12));
|
||||
my ($header, $limit);
|
||||
$ac->setHelp("trash manage");
|
||||
if ($self->session->form->process("systemTrash") && $self->session->user->isInGroup(3)) {
|
||||
if ($self->session->form->process("systemTrash") && $self->session->user->isAdmin) {
|
||||
$header = $i18n->get(965);
|
||||
$ac->addSubmenuItem($self->getUrl('func=manageTrash'), $i18n->get(10,"WebGUI"));
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -59,7 +59,7 @@ sub _isDuplicateUsername {
|
|||
my $self = shift;
|
||||
my $username = shift;
|
||||
#Return false if the user is already logged in, but not changing their username.
|
||||
return 0 if($self->userId ne "1" && $self->session->user->username eq $username);
|
||||
return 0 if($self->isRegistered && $self->session->user->username eq $username);
|
||||
my ($otherUser) = $self->session->db->quickArray("select count(*) from users where username=".$self->session->db->quote($username));
|
||||
return 0 if !$otherUser;
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
|
|
@ -80,7 +80,7 @@ sub _isValidUsername {
|
|||
my $username = shift;
|
||||
my $error = "";
|
||||
|
||||
return 1 if($self->userId ne "1" && $self->session->user->username eq $username);
|
||||
return 1 if($self->isRegistered && $self->session->user->username eq $username);
|
||||
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
|
||||
|
|
@ -360,7 +360,7 @@ Auth method that the form for creating users should call
|
|||
sub deactivateAccount {
|
||||
my $self = shift;
|
||||
my $method = $_[0];
|
||||
return $self->session->privilege->vitalComponent() if($self->userId eq '1' || $self->userId eq '3');
|
||||
return $self->session->privilege->vitalComponent() if($self->isVisitor || $self->isAdmin);
|
||||
return $self->session->privilege->adminOnly() if(!$self->session->setting->get("selfDeactivation"));
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
my %var;
|
||||
|
|
@ -386,7 +386,7 @@ sub deactivateAccountConfirm {
|
|||
|
||||
# Cannot deactivate "Visitor" or "Admin" users this way
|
||||
return $self->session->privilege->vitalComponent
|
||||
if $self->userId eq '1' || $self->userId eq '3';
|
||||
if $self->isVisitor || $self->isAdmin;
|
||||
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
|
||||
|
|
@ -675,6 +675,19 @@ sub init {
|
|||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isAdmin ()
|
||||
|
||||
Returns 1 if the user is user 3 (admin).
|
||||
|
||||
=cut
|
||||
|
||||
sub isAdmin {
|
||||
my $self = shift;
|
||||
return $self->userId eq '3';
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isCallable ( method )
|
||||
|
||||
Returns whether or not a method is callable
|
||||
|
|
@ -686,6 +699,31 @@ sub isCallable {
|
|||
return isIn($_[0],@{$self->{callable}})
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isRegistered ()
|
||||
|
||||
Returns 1 if the user is not a visitor.
|
||||
|
||||
=cut
|
||||
|
||||
sub isRegistered {
|
||||
my $self = shift;
|
||||
return $self->userId ne '1';
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isVisitor ()
|
||||
|
||||
Returns 1 if the user is a visitor.
|
||||
|
||||
=cut
|
||||
|
||||
sub isVisitor {
|
||||
my $self = shift;
|
||||
return $self->userId eq '1';
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
|
|
|
|||
|
|
@ -221,7 +221,7 @@ sub createAccount {
|
|||
my $message = shift;
|
||||
my $confirm = shift || $self->session->form->process("confirm");
|
||||
my $vars;
|
||||
if ($self->session->user->userId ne "1") {
|
||||
if ($self->session->user->isRegistered) {
|
||||
return $self->displayAccount;
|
||||
}
|
||||
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('userInvitationsEnabled')) {
|
||||
|
|
@ -308,7 +308,7 @@ sub createAccountSave {
|
|||
#-------------------------------------------------------------------
|
||||
sub deactivateAccount {
|
||||
my $self = shift;
|
||||
return $self->displayLogin if($self->userId eq '1');
|
||||
return $self->displayLogin if($self->isVisitor);
|
||||
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
|
||||
}
|
||||
|
||||
|
|
@ -323,7 +323,7 @@ sub deactivateAccountConfirm {
|
|||
sub displayAccount {
|
||||
my $self = shift;
|
||||
my $vars;
|
||||
return $self->displayLogin($_[0]) if ($self->userId eq '1');
|
||||
return $self->displayLogin($_[0]) if ($self->isVisitor);
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
$vars->{displayTitle} = '<h1>'.$i18n->get(61).'</h1>';
|
||||
$vars->{'account.message'} = $i18n->get(856);
|
||||
|
|
@ -339,7 +339,7 @@ sub displayAccount {
|
|||
sub displayLogin {
|
||||
my $self = shift;
|
||||
my $vars;
|
||||
return $self->displayAccount($_[0]) if ($self->userId ne "1");
|
||||
return $self->displayAccount($_[0]) if ($self->isRegistered);
|
||||
$vars->{'login.message'} = $_[0] if ($_[0]);
|
||||
return $self->SUPER::displayLogin("login",$vars);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -136,7 +136,7 @@ sub createAccount {
|
|||
my $vars = shift || {};
|
||||
|
||||
#$self->session->errorHandler->warn('WebGUI::Auth::createAccount called');
|
||||
if ($self->session->user->userId ne "1") {
|
||||
if ($self->session->user->isRegistered) {
|
||||
return $self->displayAccount;
|
||||
}
|
||||
elsif (!$self->session->setting->get("anonymousRegistration") && !$self->session->setting->get('userInvitationsEnabled')) {
|
||||
|
|
@ -188,7 +188,7 @@ sub createAccountSave {
|
|||
my $i18n = WebGUI::International->new($session);
|
||||
|
||||
# Logged in users cannot see this page
|
||||
return $self->displayAccount if ($session->user->userId ne "1");
|
||||
return $self->displayAccount if ($session->user->isRegistered);
|
||||
|
||||
# Make sure anonymous registration is enabled
|
||||
if (!$setting->get("anonymousRegistration") && !$setting->get("userInvitationsEnabled")) {
|
||||
|
|
@ -256,7 +256,7 @@ sub createAccountSave {
|
|||
#-------------------------------------------------------------------
|
||||
sub deactivateAccount {
|
||||
my $self = shift;
|
||||
return $self->displayLogin if($self->userId eq '1');
|
||||
return $self->displayLogin if($self->isVisitor);
|
||||
return $self->SUPER::deactivateAccount("deactivateAccountConfirm");
|
||||
}
|
||||
|
||||
|
|
@ -283,7 +283,7 @@ sub deactivateAccountConfirm {
|
|||
sub displayAccount {
|
||||
my $self = shift;
|
||||
my $vars;
|
||||
return $self->displayLogin($_[0]) if ($self->userId eq '1');
|
||||
return $self->displayLogin($_[0]) if ($self->isVisitor);
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
my $userData = $self->getParams;
|
||||
$vars->{'account.message'} = $_[0] if ($_[0]);
|
||||
|
|
@ -315,7 +315,7 @@ The initial login screen an unauthenticated user sees
|
|||
sub displayLogin {
|
||||
my $self = shift;
|
||||
my $vars;
|
||||
return $self->displayAccount($_[0]) if ($self->userId ne "1");
|
||||
return $self->displayAccount($_[0]) if ($self->isRegistered);
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
$vars->{'login.message'} = '<ul>'.$_[0].'</ul>' if ($_[0]);
|
||||
$vars->{'recoverPassword.isAllowed'} = $self->getSetting("passwordRecovery");
|
||||
|
|
@ -693,7 +693,7 @@ passed directly to the approprate method.
|
|||
sub recoverPassword {
|
||||
my $self = shift;
|
||||
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->userId eq '1';
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
|
||||
|
||||
my $type = $self->getPasswordRecoveryType;
|
||||
|
||||
|
|
@ -829,7 +829,7 @@ sub profileRecoverPasswordFinish {
|
|||
my $session = $self->session;
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI');
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->userId eq '1';
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
|
||||
|
||||
my $username;
|
||||
if ($self->getSetting('passwordRecoveryRequireUsername')) {
|
||||
|
|
@ -942,7 +942,7 @@ sub profileRecoverPasswordFinish {
|
|||
|
||||
sub emailRecoverPasswordFinish {
|
||||
my $self = shift;
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->userId eq '1';
|
||||
return $self->displayLogin unless ($self->session->setting->get('webguiPasswordRecovery') ne '') and $self->isVisitor;
|
||||
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
my $i18n2 = WebGUI::International->new($self->session, 'AuthWebGUI');
|
||||
|
|
@ -1171,7 +1171,7 @@ sub updateAccount {
|
|||
my $display = '<ul><li>'.$i18n->get(81).'</li></ul>';
|
||||
my $error = "";
|
||||
|
||||
if($self->userId eq '1'){
|
||||
if($self->isVisitor){
|
||||
return $self->displayLogin;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -293,7 +293,7 @@ sub www_upload {
|
|||
my $asset = "";
|
||||
|
||||
# prevent malicious visitors from being able to publish children things they've published to tempsace
|
||||
my $owner = ($session->user->userId eq "1") ? "3" : $session->user->userId;
|
||||
my $owner = ($session->user->isVisitor) ? "3" : $session->user->userId;
|
||||
|
||||
my %properties = (
|
||||
title => $filename,
|
||||
|
|
|
|||
|
|
@ -583,7 +583,7 @@ sub passUiLevelCheck {
|
|||
} else { # use programmed default
|
||||
$passUiLevelCheck = ($self->get("uiLevel") <= $self->session->user->profileField("uiLevel"));
|
||||
}
|
||||
$passUiLevelCheck = $self->session->user->isInGroup(3) unless ($passUiLevelCheck); # override if in admins group
|
||||
$passUiLevelCheck = $self->session->user->isAdmin unless ($passUiLevelCheck); # override if in admins group
|
||||
return $passUiLevelCheck;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -167,7 +167,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
|
|||
|
||||
sub toHtmlWithWrapper {
|
||||
my $self = shift;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
my $subtext;
|
||||
if ($self->get("afterEdit")) {
|
||||
$subtext = $self->session->icon->edit("op=editDatabaseLink;lid=".$self->getOriginalValue.";afterEdit=".$self->session->url->escape($self->get("afterEdit")));
|
||||
|
|
|
|||
|
|
@ -195,7 +195,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
|
|||
|
||||
sub toHtmlWithWrapper {
|
||||
my $self = shift;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
my $subtext = $self->session->icon->manage("op=listGroups");
|
||||
$self->set("subtext",$subtext . $self->get("subtext"));
|
||||
}
|
||||
|
|
|
|||
|
|
@ -188,7 +188,7 @@ Renders the form field to HTML as a table row complete with labels, subtext, hov
|
|||
|
||||
sub toHtmlWithWrapper {
|
||||
my $self = shift;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
my $subtext;
|
||||
if ($self->get("afterEdit")) {
|
||||
$subtext = $self->session->icon->edit("op=editLDAPLink;llid=".$self->getOriginalValue.";afterEdit=".$self->session->url->escape($self->get("afterEdit")));
|
||||
|
|
|
|||
|
|
@ -149,7 +149,7 @@ sub toHtml {
|
|||
my $self = shift;
|
||||
my $user = WebGUI::User->new($self->session, $self->getOriginalValue);
|
||||
my $manage = undef;
|
||||
if ($self->session->user->isInGroup(3)) {
|
||||
if ($self->session->user->isAdmin) {
|
||||
$manage = " ".$self->session->icon->manage('op=listUsers');
|
||||
}
|
||||
return WebGUI::Form::Hidden->new($self->session,
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ sub process {
|
|||
my ($session, $groupName, $text, $template) = @_;
|
||||
return "" if ($groupName eq "");
|
||||
return "" if ($text eq "");
|
||||
return "" if ($session->user->userId eq '1');
|
||||
return "" if ($session->user->isVisitor);
|
||||
my $g = WebGUI::Group->find($session, $groupName);
|
||||
return "" unless defined $g->getId;
|
||||
return "" unless ($g->autoAdd);
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ sub process {
|
|||
my ($session, $groupName, $text, $template) = @_;
|
||||
return "" if ($groupName eq "");
|
||||
return "" if ($text eq "");
|
||||
return "" if ($session->user->userId eq '1');
|
||||
return "" if ($session->user->isVisitor);
|
||||
my $g = WebGUI::Group->find($session, $groupName);
|
||||
return "" unless defined $g->getId;
|
||||
return "" unless ($g->autoDelete);
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ sub process {
|
|||
my $login = $param[0] || $i18n->get(716);
|
||||
my $logout = $param[1] || $i18n->get(717);
|
||||
my %var;
|
||||
if ($session->user->userId eq '1') {
|
||||
if ($session->user->isVisitor) {
|
||||
return $session->url->page("op=auth;method=init") if ($param[0] eq "linkonly");
|
||||
$var{'toggle.url'} = $session->url->page('op=auth;method=init');
|
||||
$var{'toggle.text'} = $login;
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ sub getInstance {
|
|||
my $session = shift;
|
||||
#Get Auth Settings
|
||||
my $authMethod = $session->user->authMethod || $session->setting->get("authMethod");
|
||||
$authMethod = $session->setting->get("authMethod") if($session->user->userId eq '1');
|
||||
$authMethod = $session->setting->get("authMethod") if($session->user->isVisitor);
|
||||
$authMethod = $_[0] if($_[0] && isIn($_[0], @{$session->config->get("authMethods")}));
|
||||
my $userId = $_[1];
|
||||
#Create Auth Object
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ Form for inviting a user to become your friend.
|
|||
|
||||
sub www_addFriend {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my $friendId = $session->form->get('userId');
|
||||
my $protoFriend = WebGUI::User->new($session, $friendId);
|
||||
|
||||
|
|
@ -105,7 +105,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_addFriendSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $friendId = $session->form->get('friendId');
|
||||
my $protoFriend = WebGUI::User->new($session, $friendId);
|
||||
|
|
@ -147,7 +147,7 @@ Form for the friend to accept or deny the request.
|
|||
|
||||
sub www_friendRequest {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
|
||||
|
|
@ -241,7 +241,7 @@ Handle form data from the friend's response to the invitation
|
|||
|
||||
sub www_friendRequestSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
my $doWhat = $session->form->get('doWhat');
|
||||
|
|
@ -296,7 +296,7 @@ send private messages to a subset of them.
|
|||
sub www_manageFriends {
|
||||
my $session = shift;
|
||||
my ($user, $url, $style) = $session->quick(qw(user url style));
|
||||
return $session->privilege->insufficient() unless ($user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($user->isRegistered);
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
|
||||
##You have no friends!
|
||||
|
|
@ -349,7 +349,7 @@ Removes friends from the current user's friends list.
|
|||
|
||||
sub www_removeFriends {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my @users = $session->form->param("userId");
|
||||
WebGUI::Friends->new($session)->delete(\@users);
|
||||
return www_manageFriends($session);
|
||||
|
|
@ -366,7 +366,7 @@ Sends a message to selected friends.
|
|||
|
||||
sub www_sendMessageToFriends {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my @users = $session->form->param("userId");
|
||||
my $friends = WebGUI::Friends->new($session);
|
||||
$friends->sendMessage($session->form->process("subject", "text"), $session->form->process("message","textarea"), \@users);
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ Form for sending private messages
|
|||
|
||||
sub www_sendPrivateMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $form = $session->form;
|
||||
|
|
@ -176,7 +176,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_sendPrivateMessageSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $form = $session->form;
|
||||
|
|
@ -250,7 +250,7 @@ Templated display all messages for the current user.
|
|||
|
||||
sub www_viewInbox {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $vars = {};
|
||||
|
|
@ -303,7 +303,7 @@ sub www_viewInbox {
|
|||
my $u = WebGUI::User->new($session,$sentBy);
|
||||
#If the user that sent the message is valid, get the username
|
||||
#This case would happen if the user was deleted after sending a private message
|
||||
if($u->userId ne "1") {
|
||||
if($u->isRegistered) {
|
||||
$from = $u->username;
|
||||
}
|
||||
}
|
||||
|
|
@ -341,7 +341,7 @@ Mark a private message in the inbox as deleted.
|
|||
|
||||
sub www_deletePrivateMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Get the message
|
||||
my $message = WebGUI::Inbox->new($session)->getMessage($session->form->param("messageId"));
|
||||
|
|
@ -362,7 +362,7 @@ Templated display of a single message for the user.
|
|||
|
||||
sub www_viewInboxMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Get the message
|
||||
my $message = WebGUI::Inbox->new($session)->getMessage($session->form->param("messageId"));
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ Form for inviting a user.
|
|||
|
||||
sub www_inviteUser {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my $formError = shift;
|
||||
my $vars = {};
|
||||
my $i18n = WebGUI::International->new($session, 'Invite');
|
||||
|
|
@ -88,7 +88,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_inviteUserSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Mandatory field checks
|
||||
my $hisEmailAddress = $session->form->get('invite_email');
|
||||
|
|
@ -168,7 +168,7 @@ create account page. Otherwise, scourge and flay them.
|
|||
|
||||
sub www_acceptInvite {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() if ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() if ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Invite');
|
||||
|
||||
|
|
|
|||
|
|
@ -201,7 +201,7 @@ A reference to the current session.
|
|||
|
||||
sub www_editProfile {
|
||||
my $session = shift;
|
||||
return WebGUI::Operation::Auth::www_auth($session,"init") if($session->user->userId eq '1');
|
||||
return WebGUI::Operation::Auth::www_auth($session,"init") if($session->user->isVisitor);
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $vars = {};
|
||||
$vars->{displayTitle} .= $i18n->get(338);
|
||||
|
|
@ -261,7 +261,7 @@ A reference to the current session.
|
|||
sub www_editProfileSave {
|
||||
my $session = shift;
|
||||
my ($profile, $error, $warning);
|
||||
return WebGUI::Operation::Auth::www_auth($session, "init") if ($session->user->userId eq '1');
|
||||
return WebGUI::Operation::Auth::www_auth($session, "init") if ($session->user->isVisitor);
|
||||
($profile, $error, $warning) = validateProfileData($session);
|
||||
$error .= $warning;
|
||||
return www_editProfile($session, '<ul>'.$error.'</ul>') if($error ne "");
|
||||
|
|
@ -295,8 +295,8 @@ sub www_viewProfile {
|
|||
|
||||
return $session->privilege->notMember() if($u->username eq "");
|
||||
|
||||
return $session->style->userStyle($vars->{displayTitle}.'. '.$i18n->get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->userId ne $session->form->process("uid") || $session->user->isInGroup(3)));
|
||||
return $session->privilege->insufficient() if(!$session->user->isInGroup(2));
|
||||
return $session->style->userStyle($vars->{displayTitle}.'. '.$i18n->get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->userId ne $session->form->process("uid") || $session->user->isAdmin));
|
||||
return $session->privilege->insufficient() if(!$session->user->isRegistered);
|
||||
|
||||
my @array = ();
|
||||
foreach my $category (@{WebGUI::ProfileCategory->getCategories($session)}) {
|
||||
|
|
|
|||
|
|
@ -576,7 +576,7 @@ keys:
|
|||
sub www_editSettings {
|
||||
my $session = shift;
|
||||
my $argsHash = shift;
|
||||
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
|
||||
return $session->privilege->adminOnly() unless ($session->user->isAdmin);
|
||||
my $i18n = WebGUI::International->new($session, "WebGUI");
|
||||
my $output = '';
|
||||
|
||||
|
|
@ -646,7 +646,7 @@ is in group Admin (3). Returns the user to the Edit Settings screen, www_editSe
|
|||
|
||||
sub www_saveSettings {
|
||||
my $session = shift;
|
||||
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
|
||||
return $session->privilege->adminOnly() unless ($session->user->isAdmin);
|
||||
my $i18n = WebGUI::International->new($session, "WebGUI");
|
||||
my $setting = $session->setting;
|
||||
my $form = $session->form;
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ TODO: DOCUMENT ME
|
|||
my %logout;
|
||||
$logout{'options.display'} = '<a href="'.$session->url->page('op=auth;method=logout').'">'.$i18n->get(64).'</a>';
|
||||
push(@array,\%logout);
|
||||
if ($session->setting->get("selfDeactivation") && !$session->user->isInGroup(3)){
|
||||
if ($session->setting->get("selfDeactivation") && !$session->user->isAdmin){
|
||||
my %hash;
|
||||
$hash{'options.display'} = '<a href="'.$session->url->page('op=auth;method=deactivateAccount').'">'.$i18n->get(65).'</a>';
|
||||
push(@array,\%hash);
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ sub addWord {
|
|||
my $language = shift;
|
||||
my $word = shift;
|
||||
die "You must be logged in to add words to your dictionary.\n:"
|
||||
if ($session->user->userId eq '1');
|
||||
if ($session->user->isVisitor);
|
||||
my $speller = _getSpeller($session, $language);
|
||||
$speller->add_to_personal($word);
|
||||
$speller->save_all_word_lists;
|
||||
|
|
|
|||
|
|
@ -341,7 +341,7 @@ sub www_editUser {
|
|||
my $tabform = WebGUI::TabForm->new($session,\%tabs);
|
||||
$tabform->formHeader({extras=>'autocomplete="off"'});
|
||||
my $u = WebGUI::User->new($session,($uid eq 'new') ? '' : $uid); #Setting uid to '' when uid is 'new' so visitor defaults prefill field for new user
|
||||
my $username = ($u->userId eq '1' && $uid ne "1") ? '' : $u->username;
|
||||
my $username = ($u->isVisitor && $uid ne "1") ? '' : $u->username;
|
||||
$tabform->hidden({name=>"op",value=>"editUserSave"});
|
||||
$tabform->hidden({name=>"uid",value=>$uid});
|
||||
$tabform->getTab("account")->raw('<tr><td width="170"> </td><td> </td></tr>');
|
||||
|
|
@ -395,7 +395,7 @@ sub www_editUser {
|
|||
foreach my $field (@{$category->getFields}) {
|
||||
next if $field->getId =~ /contentPositions/;
|
||||
my $label = $field->getLabel . ($field->isRequired ? "*" : '');
|
||||
if ($field->getId eq "alias" && $u->userId eq '1') {
|
||||
if ($field->getId eq "alias" && $u->isVisitor) {
|
||||
$tabform->getTab("profile")->raw($field->formField({label=>$label},1,undef,1));
|
||||
} else {
|
||||
$tabform->getTab("profile")->raw($field->formField({label=>$label},1,$u));
|
||||
|
|
@ -408,7 +408,7 @@ sub www_editUser {
|
|||
@exclude = (@exclude,"1","2","7");
|
||||
my $secondaryAdmin = $session->user->isInGroup('11');
|
||||
my @extraExclude = ();
|
||||
if ($secondaryAdmin && !$session->user->isInGroup(3)) {
|
||||
if ($secondaryAdmin && !$session->user->isAdmin) {
|
||||
@extraExclude = $session->db->buildArray('select groupId from groups where groupId not in (select groupId from groupings where userId=?)',[$session->user->userId]);
|
||||
}
|
||||
push @extraExclude, @exclude;
|
||||
|
|
@ -425,7 +425,7 @@ sub www_editUser {
|
|||
unless (
|
||||
$group eq "1" || $group eq "2" || $group eq "7" # can't remove user from magic groups
|
||||
|| ($session->user->userId eq $u->userId && $group eq 3) # cannot remove self from admin
|
||||
|| ($u->userId eq "3" && $group eq "3") # admin user cannot be remove from admin
|
||||
|| ($u->isAdmin && $group eq "3") # admin user cannot be remove from admin
|
||||
) {
|
||||
push(@include,$group);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -299,7 +299,7 @@ Save the submitted new workflow priority.
|
|||
sub www_editWorkflowPriority {
|
||||
my $session = shift;
|
||||
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Workflow');
|
||||
my $ac = WebGUI::AdminConsole->new($session,"workflow");
|
||||
|
|
|
|||
|
|
@ -160,7 +160,7 @@ Returns a message stating that the user does not have the privileges necessary t
|
|||
sub noAccess {
|
||||
my $self = shift;
|
||||
$self->session->http->setStatus("401", "No Access");
|
||||
if ($self->session->user->userId eq '1') {
|
||||
if ($self->session->user->isVisitor) {
|
||||
return WebGUI::Operation::Auth::www_auth($self->session, "init");
|
||||
} else {
|
||||
my $i18n = WebGUI::International->new($self->session);
|
||||
|
|
|
|||
|
|
@ -183,7 +183,7 @@ return props[propName];
|
|||
<!--morehead-->
|
||||
';
|
||||
|
||||
if ($self->session->user->isInGroup(2) || $self->session->setting->get("preventProxyCache")) {
|
||||
if ($self->session->user->isRegistered || $self->session->setting->get("preventProxyCache")) {
|
||||
# This "triple incantation" panders to the delicate tastes of various browsers for reliable cache suppression.
|
||||
$var{'head.tags'} .= '
|
||||
<meta http-equiv="Pragma" content="no-cache" />
|
||||
|
|
|
|||
|
|
@ -113,7 +113,7 @@ Displays the general commerce settings.
|
|||
|
||||
sub www_editSettings {
|
||||
my $self = shift;
|
||||
return $self->session->privilege->adminOnly() unless ($self->session->user->isInGroup("3"));
|
||||
return $self->session->privilege->adminOnly() unless ($self->session->user->isAdmin);
|
||||
my $i18n = WebGUI::International->new($self->session, "Shop");
|
||||
my $ac = $self->getAdminConsole;
|
||||
my $setting = $self->session->setting;
|
||||
|
|
@ -176,7 +176,7 @@ Saves the general commerce settings.
|
|||
|
||||
sub www_editSettingsSave {
|
||||
my $self = shift;
|
||||
return $self->session->privilege->adminOnly() unless ($self->session->user->isInGroup("3"));
|
||||
return $self->session->privilege->adminOnly() unless ($self->session->user->isAdmin);
|
||||
my ($setting, $form) = $self->session->quick(qw(setting form));
|
||||
foreach my $template (qw(shopMyPurchasesDetailTemplateId shopMyPurchasesTemplateId
|
||||
shopCartTemplateId shopAddressBookTemplateId shopAddressTemplateId)) {
|
||||
|
|
|
|||
|
|
@ -364,7 +364,7 @@ sub www_selectPaymentGateway {
|
|||
my $i18n = WebGUI::International->new( $session, 'Shop' );
|
||||
|
||||
# Make sure the user is logged in.
|
||||
if ($session->user->userId eq '1') {
|
||||
if ($session->user->isVisitor) {
|
||||
$session->scratch->set( 'redirectAfterLogin', $session->url->page('shop=pay;method=selectPaymentGateway') );
|
||||
|
||||
# We cannot use WebGUI::Operation::execute( $session, 'auth'); because the method form param used by the
|
||||
|
|
|
|||
|
|
@ -803,7 +803,7 @@ sub www_edit {
|
|||
my $admin = WebGUI::Shop::Admin->new($session);
|
||||
my $i18n = WebGUI::International->new($session, "PayDriver");
|
||||
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
|
||||
my $form = $self->getEditForm;
|
||||
$form->submit;
|
||||
|
|
@ -822,7 +822,7 @@ Saves the data from the post.
|
|||
sub www_editSave {
|
||||
my $self = shift;
|
||||
my $session = $self->session;
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
|
||||
$self->processPropertiesFromFormPost;
|
||||
$session->http->setRedirect($session->url->page('shop=pay;method=manage'));
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@ Generates an edit form.
|
|||
sub www_edit {
|
||||
my $self = shift;
|
||||
my $session = $self->session;
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
my $admin = WebGUI::Shop::Admin->new($session);
|
||||
my $i18n = WebGUI::International->new($session, "Shop");
|
||||
my $form = $self->getEditForm;
|
||||
|
|
@ -340,7 +340,7 @@ Saves the data from the post.
|
|||
sub www_editSave {
|
||||
my $self = shift;
|
||||
my $session = $self->session;
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
$self->processPropertiesFromFormPost;
|
||||
$session->http->setRedirect($session->url->page('shop=ship;method=manage'));
|
||||
return undef;
|
||||
|
|
|
|||
|
|
@ -420,6 +420,19 @@ sub identifier {
|
|||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isAdmin ()
|
||||
|
||||
Returns 1 if the user is in the admins group.
|
||||
|
||||
=cut
|
||||
|
||||
sub isAdmin {
|
||||
my $self = shift;
|
||||
return $self->isInGroup(3);
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isInGroup ( [ groupId ] )
|
||||
|
|
@ -481,6 +494,32 @@ sub isOnline {
|
|||
return $flag;
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isRegistered ()
|
||||
|
||||
Returns 1 if the user is not a visitor.
|
||||
|
||||
=cut
|
||||
|
||||
sub isRegistered {
|
||||
my $self = shift;
|
||||
return $self->userId ne '1';
|
||||
}
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
=head2 isVisitor ()
|
||||
|
||||
Returns 1 if the user is a visitor.
|
||||
|
||||
=cut
|
||||
|
||||
sub isVisitor {
|
||||
my $self = shift;
|
||||
return $self->userId eq '1';
|
||||
}
|
||||
|
||||
|
||||
#-------------------------------------------------------------------
|
||||
|
||||
|
|
@ -611,7 +650,7 @@ sub newByEmail {
|
|||
my $email = shift;
|
||||
my ($id) = $session->dbSlave->quickArray("select userId from userProfileData where email=?",[$email]);
|
||||
my $user = $class->new($session, $id);
|
||||
return undef if ($user->userId eq "1"); # visitor is never valid for this method
|
||||
return undef if ($user->isVisitor); # visitor is never valid for this method
|
||||
return undef unless $user->username;
|
||||
return $user;
|
||||
}
|
||||
|
|
@ -640,7 +679,7 @@ sub newByUsername {
|
|||
my $username = shift;
|
||||
my ($id) = $session->dbSlave->quickArray("select userId from users where username=?",[$username]);
|
||||
my $user = $class->new($session, $id);
|
||||
return undef if ($user->userId eq "1"); # visitor is never valid for this method
|
||||
return undef if ($user->isVisitor); # visitor is never valid for this method
|
||||
return undef unless $user->username;
|
||||
return $user;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -86,7 +86,7 @@ sub execute {
|
|||
# get user object
|
||||
$eh->info("Getting user $userId");
|
||||
my $user = WebGUI::User->new($self->session, $userId);
|
||||
next if ($user->userId eq "1");
|
||||
next if ($user->isVisitor);
|
||||
my $emailAddress = $user->profileField("email");
|
||||
next if ($emailAddress eq "");
|
||||
|
||||
|
|
|
|||
7
t/User.t
7
t/User.t
|
|
@ -20,7 +20,7 @@ use WebGUI::Cache;
|
|||
use WebGUI::User;
|
||||
use WebGUI::ProfileField;
|
||||
|
||||
use Test::More tests => 133; # increment this value for each test you create
|
||||
use Test::More tests => 137; # increment this value for each test you create
|
||||
use Test::Deep;
|
||||
|
||||
my $session = WebGUI::Test->session;
|
||||
|
|
@ -222,6 +222,7 @@ is ($result, '194.168.0.101', "userSession setup correctly");
|
|||
|
||||
ok (!$visitor->isInGroup($cm->getId), "Visitor is not member of group");
|
||||
ok ($admin->isInGroup($cm->getId), "Admin is member of group");
|
||||
ok($admin->isAdmin, "Admin user is in admins group");
|
||||
|
||||
my $origFilter = $cm->ipFilter;
|
||||
|
||||
|
|
@ -230,6 +231,8 @@ $cm->ipFilter('194.168.0.0/24');
|
|||
is( $cm->ipFilter, "194.168.0.0/24", "ipFilter assignment to local net, 194.168.0.0/24");
|
||||
|
||||
ok ($visitor->isInGroup($cm->getId), "Visitor is allowed in via IP");
|
||||
ok ($visitor->isVisitor, "User checks out as visitor");
|
||||
ok (!$visitor->isAdmin,"User that isn't an admin doesn't look like admin");
|
||||
|
||||
$session->db->write('update userSession set lastIP=? where sessionId=?',['193.168.0.101', $session->getId]);
|
||||
|
||||
|
|
@ -244,7 +247,7 @@ $cm->ipFilter(defined $origFilter ? $origFilter : '');
|
|||
$user = WebGUI::User->new($session, "new");
|
||||
ok($user->isInGroup(7), "addToGroups: New user is in group 7(Everyone)");
|
||||
ok(!$user->isInGroup(1), "New user not in group 1 (Visitors)");
|
||||
|
||||
ok($user->isRegistered, "User is not a visitor");
|
||||
$user->addToGroups([3]);
|
||||
|
||||
ok($user->isInGroup(3), "addToGroups: New user is in group 3(Admin)");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue