Added isVisitor, isAdmin, and isRegistered methods to User object instead
of hard coding checks everywhere with group ids. And updated the code base to match.
This commit is contained in:
JT Smith
parent
586164d8d0
commit
ef120fb06b
52 changed files with 201 additions and 118 deletions
|
|
@ -34,7 +34,7 @@ sub getInstance {
|
|||
my $session = shift;
|
||||
#Get Auth Settings
|
||||
my $authMethod = $session->user->authMethod || $session->setting->get("authMethod");
|
||||
$authMethod = $session->setting->get("authMethod") if($session->user->userId eq '1');
|
||||
$authMethod = $session->setting->get("authMethod") if($session->user->isVisitor);
|
||||
$authMethod = $_[0] if($_[0] && isIn($_[0], @{$session->config->get("authMethods")}));
|
||||
my $userId = $_[1];
|
||||
#Create Auth Object
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ Form for inviting a user to become your friend.
|
|||
|
||||
sub www_addFriend {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my $friendId = $session->form->get('userId');
|
||||
my $protoFriend = WebGUI::User->new($session, $friendId);
|
||||
|
||||
|
|
@ -105,7 +105,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_addFriendSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $friendId = $session->form->get('friendId');
|
||||
my $protoFriend = WebGUI::User->new($session, $friendId);
|
||||
|
|
@ -147,7 +147,7 @@ Form for the friend to accept or deny the request.
|
|||
|
||||
sub www_friendRequest {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
|
||||
|
|
@ -241,7 +241,7 @@ Handle form data from the friend's response to the invitation
|
|||
|
||||
sub www_friendRequestSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
my $doWhat = $session->form->get('doWhat');
|
||||
|
|
@ -296,7 +296,7 @@ send private messages to a subset of them.
|
|||
sub www_manageFriends {
|
||||
my $session = shift;
|
||||
my ($user, $url, $style) = $session->quick(qw(user url style));
|
||||
return $session->privilege->insufficient() unless ($user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($user->isRegistered);
|
||||
my $i18n = WebGUI::International->new($session, 'Friends');
|
||||
|
||||
##You have no friends!
|
||||
|
|
@ -349,7 +349,7 @@ Removes friends from the current user's friends list.
|
|||
|
||||
sub www_removeFriends {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my @users = $session->form->param("userId");
|
||||
WebGUI::Friends->new($session)->delete(\@users);
|
||||
return www_manageFriends($session);
|
||||
|
|
@ -366,7 +366,7 @@ Sends a message to selected friends.
|
|||
|
||||
sub www_sendMessageToFriends {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my @users = $session->form->param("userId");
|
||||
my $friends = WebGUI::Friends->new($session);
|
||||
$friends->sendMessage($session->form->process("subject", "text"), $session->form->process("message","textarea"), \@users);
|
||||
|
|
|
|||
|
|
@ -128,7 +128,7 @@ Form for sending private messages
|
|||
|
||||
sub www_sendPrivateMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $form = $session->form;
|
||||
|
|
@ -176,7 +176,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_sendPrivateMessageSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $form = $session->form;
|
||||
|
|
@ -250,7 +250,7 @@ Templated display all messages for the current user.
|
|||
|
||||
sub www_viewInbox {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $vars = {};
|
||||
|
|
@ -303,7 +303,7 @@ sub www_viewInbox {
|
|||
my $u = WebGUI::User->new($session,$sentBy);
|
||||
#If the user that sent the message is valid, get the username
|
||||
#This case would happen if the user was deleted after sending a private message
|
||||
if($u->userId ne "1") {
|
||||
if($u->isRegistered) {
|
||||
$from = $u->username;
|
||||
}
|
||||
}
|
||||
|
|
@ -341,7 +341,7 @@ Mark a private message in the inbox as deleted.
|
|||
|
||||
sub www_deletePrivateMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Get the message
|
||||
my $message = WebGUI::Inbox->new($session)->getMessage($session->form->param("messageId"));
|
||||
|
|
@ -362,7 +362,7 @@ Templated display of a single message for the user.
|
|||
|
||||
sub www_viewInboxMessage {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Get the message
|
||||
my $message = WebGUI::Inbox->new($session)->getMessage($session->form->param("messageId"));
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ Form for inviting a user.
|
|||
|
||||
sub www_inviteUser {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
my $formError = shift;
|
||||
my $vars = {};
|
||||
my $i18n = WebGUI::International->new($session, 'Invite');
|
||||
|
|
@ -88,7 +88,7 @@ members (determined by email address) and send the email.
|
|||
|
||||
sub www_inviteUserSave {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() unless ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() unless ($session->user->isRegistered);
|
||||
|
||||
#Mandatory field checks
|
||||
my $hisEmailAddress = $session->form->get('invite_email');
|
||||
|
|
@ -168,7 +168,7 @@ create account page. Otherwise, scourge and flay them.
|
|||
|
||||
sub www_acceptInvite {
|
||||
my $session = shift;
|
||||
return $session->privilege->insufficient() if ($session->user->isInGroup(2));
|
||||
return $session->privilege->insufficient() if ($session->user->isRegistered);
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Invite');
|
||||
|
||||
|
|
|
|||
|
|
@ -201,7 +201,7 @@ A reference to the current session.
|
|||
|
||||
sub www_editProfile {
|
||||
my $session = shift;
|
||||
return WebGUI::Operation::Auth::www_auth($session,"init") if($session->user->userId eq '1');
|
||||
return WebGUI::Operation::Auth::www_auth($session,"init") if($session->user->isVisitor);
|
||||
my $i18n = WebGUI::International->new($session);
|
||||
my $vars = {};
|
||||
$vars->{displayTitle} .= $i18n->get(338);
|
||||
|
|
@ -261,7 +261,7 @@ A reference to the current session.
|
|||
sub www_editProfileSave {
|
||||
my $session = shift;
|
||||
my ($profile, $error, $warning);
|
||||
return WebGUI::Operation::Auth::www_auth($session, "init") if ($session->user->userId eq '1');
|
||||
return WebGUI::Operation::Auth::www_auth($session, "init") if ($session->user->isVisitor);
|
||||
($profile, $error, $warning) = validateProfileData($session);
|
||||
$error .= $warning;
|
||||
return www_editProfile($session, '<ul>'.$error.'</ul>') if($error ne "");
|
||||
|
|
@ -295,8 +295,8 @@ sub www_viewProfile {
|
|||
|
||||
return $session->privilege->notMember() if($u->username eq "");
|
||||
|
||||
return $session->style->userStyle($vars->{displayTitle}.'. '.$i18n->get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->userId ne $session->form->process("uid") || $session->user->isInGroup(3)));
|
||||
return $session->privilege->insufficient() if(!$session->user->isInGroup(2));
|
||||
return $session->style->userStyle($vars->{displayTitle}.'. '.$i18n->get(862)) if($u->profileField("publicProfile") < 1 && ($session->user->userId ne $session->form->process("uid") || $session->user->isAdmin));
|
||||
return $session->privilege->insufficient() if(!$session->user->isRegistered);
|
||||
|
||||
my @array = ();
|
||||
foreach my $category (@{WebGUI::ProfileCategory->getCategories($session)}) {
|
||||
|
|
|
|||
|
|
@ -576,7 +576,7 @@ keys:
|
|||
sub www_editSettings {
|
||||
my $session = shift;
|
||||
my $argsHash = shift;
|
||||
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
|
||||
return $session->privilege->adminOnly() unless ($session->user->isAdmin);
|
||||
my $i18n = WebGUI::International->new($session, "WebGUI");
|
||||
my $output = '';
|
||||
|
||||
|
|
@ -646,7 +646,7 @@ is in group Admin (3). Returns the user to the Edit Settings screen, www_editSe
|
|||
|
||||
sub www_saveSettings {
|
||||
my $session = shift;
|
||||
return $session->privilege->adminOnly() unless ($session->user->isInGroup(3));
|
||||
return $session->privilege->adminOnly() unless ($session->user->isAdmin);
|
||||
my $i18n = WebGUI::International->new($session, "WebGUI");
|
||||
my $setting = $session->setting;
|
||||
my $form = $session->form;
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ TODO: DOCUMENT ME
|
|||
my %logout;
|
||||
$logout{'options.display'} = '<a href="'.$session->url->page('op=auth;method=logout').'">'.$i18n->get(64).'</a>';
|
||||
push(@array,\%logout);
|
||||
if ($session->setting->get("selfDeactivation") && !$session->user->isInGroup(3)){
|
||||
if ($session->setting->get("selfDeactivation") && !$session->user->isAdmin){
|
||||
my %hash;
|
||||
$hash{'options.display'} = '<a href="'.$session->url->page('op=auth;method=deactivateAccount').'">'.$i18n->get(65).'</a>';
|
||||
push(@array,\%hash);
|
||||
|
|
|
|||
|
|
@ -104,7 +104,7 @@ sub addWord {
|
|||
my $language = shift;
|
||||
my $word = shift;
|
||||
die "You must be logged in to add words to your dictionary.\n:"
|
||||
if ($session->user->userId eq '1');
|
||||
if ($session->user->isVisitor);
|
||||
my $speller = _getSpeller($session, $language);
|
||||
$speller->add_to_personal($word);
|
||||
$speller->save_all_word_lists;
|
||||
|
|
|
|||
|
|
@ -341,7 +341,7 @@ sub www_editUser {
|
|||
my $tabform = WebGUI::TabForm->new($session,\%tabs);
|
||||
$tabform->formHeader({extras=>'autocomplete="off"'});
|
||||
my $u = WebGUI::User->new($session,($uid eq 'new') ? '' : $uid); #Setting uid to '' when uid is 'new' so visitor defaults prefill field for new user
|
||||
my $username = ($u->userId eq '1' && $uid ne "1") ? '' : $u->username;
|
||||
my $username = ($u->isVisitor && $uid ne "1") ? '' : $u->username;
|
||||
$tabform->hidden({name=>"op",value=>"editUserSave"});
|
||||
$tabform->hidden({name=>"uid",value=>$uid});
|
||||
$tabform->getTab("account")->raw('<tr><td width="170"> </td><td> </td></tr>');
|
||||
|
|
@ -395,7 +395,7 @@ sub www_editUser {
|
|||
foreach my $field (@{$category->getFields}) {
|
||||
next if $field->getId =~ /contentPositions/;
|
||||
my $label = $field->getLabel . ($field->isRequired ? "*" : '');
|
||||
if ($field->getId eq "alias" && $u->userId eq '1') {
|
||||
if ($field->getId eq "alias" && $u->isVisitor) {
|
||||
$tabform->getTab("profile")->raw($field->formField({label=>$label},1,undef,1));
|
||||
} else {
|
||||
$tabform->getTab("profile")->raw($field->formField({label=>$label},1,$u));
|
||||
|
|
@ -408,7 +408,7 @@ sub www_editUser {
|
|||
@exclude = (@exclude,"1","2","7");
|
||||
my $secondaryAdmin = $session->user->isInGroup('11');
|
||||
my @extraExclude = ();
|
||||
if ($secondaryAdmin && !$session->user->isInGroup(3)) {
|
||||
if ($secondaryAdmin && !$session->user->isAdmin) {
|
||||
@extraExclude = $session->db->buildArray('select groupId from groups where groupId not in (select groupId from groupings where userId=?)',[$session->user->userId]);
|
||||
}
|
||||
push @extraExclude, @exclude;
|
||||
|
|
@ -425,7 +425,7 @@ sub www_editUser {
|
|||
unless (
|
||||
$group eq "1" || $group eq "2" || $group eq "7" # can't remove user from magic groups
|
||||
|| ($session->user->userId eq $u->userId && $group eq 3) # cannot remove self from admin
|
||||
|| ($u->userId eq "3" && $group eq "3") # admin user cannot be remove from admin
|
||||
|| ($u->isAdmin && $group eq "3") # admin user cannot be remove from admin
|
||||
) {
|
||||
push(@include,$group);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -299,7 +299,7 @@ Save the submitted new workflow priority.
|
|||
sub www_editWorkflowPriority {
|
||||
my $session = shift;
|
||||
|
||||
return $session->privilege->insufficient() unless $session->user->isInGroup(3);
|
||||
return $session->privilege->insufficient() unless $session->user->isAdmin;
|
||||
|
||||
my $i18n = WebGUI::International->new($session, 'Workflow');
|
||||
my $ac = WebGUI::AdminConsole->new($session,"workflow");
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue