Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Change the name of identity library from Identity to IdentityProvider…

…. Create a helper class called identity to simplify call the Identity Provider. Move the contents of MY_Session.php to the new helper class and remove the MY_Session class
  • Loading branch information...
commit 3c936d661a088fb43b47eb5b208958180e8f65eb 1 parent 4cb9ec1
@talmdal talmdal authored
Showing with 628 additions and 512 deletions.
  1. +1 −1  modules/akismet/tests/Akismet_Helper_Test.php
  2. +4 −4 modules/comment/controllers/comments.php
  3. +1 −1  modules/comment/helpers/comment.php
  4. +1 −1  modules/comment/models/comment.php
  5. +1 −1  modules/comment/tests/Comment_Event_Test.php
  6. +2 −2 modules/comment/tests/Comment_Helper_Test.php
  7. +4 −4 modules/comment/tests/Comment_Model_Test.php
  8. +1 −1  modules/digibug/controllers/digibug.php
  9. +2 −2 modules/digibug/tests/Digibug_Controller_Test.php
  10. +8 −8 modules/g2_import/helpers/g2_import.php
  11. +1 −1  modules/gallery/controllers/admin.php
  12. +5 −5 modules/gallery/controllers/admin_identity.php
  13. +2 −2 modules/gallery/controllers/albums.php
  14. +2 −2 modules/gallery/controllers/l10n_client.php
  15. +4 −4 modules/gallery/controllers/login.php
  16. +1 −1  modules/gallery/controllers/logout.php
  17. +3 −3 modules/gallery/controllers/permissions.php
  18. +2 −2 modules/gallery/controllers/upgrader.php
  19. +2 −2 modules/gallery/controllers/welcome_message.php
  20. +2 −2 modules/gallery/helpers/access.php
  21. +1 −1  modules/gallery/helpers/gallery.php
  22. +3 −7 modules/gallery/helpers/gallery_event.php
  23. +1 −1  modules/gallery/helpers/gallery_installer.php
  24. +1 −1  modules/gallery/helpers/gallery_theme.php
  25. +225 −0 modules/gallery/helpers/identity.php
  26. +2 −2 modules/gallery/helpers/item.php
  27. +1 −1  modules/gallery/helpers/locales.php
  28. +1 −1  modules/gallery/helpers/log.php
  29. +1 −1  modules/gallery/helpers/movie.php
  30. +1 −1  modules/gallery/helpers/photo.php
  31. +1 −1  modules/gallery/helpers/site_status.php
  32. +1 −1  modules/gallery/helpers/task.php
  33. +2 −2 modules/gallery/libraries/Admin_View.php
  34. +0 −222 modules/gallery/libraries/Identity.php
  35. +200 −0 modules/gallery/libraries/IdentityProvider.php
  36. +0 −93 modules/gallery/libraries/MY_Session.php
  37. +3 −3 modules/gallery/libraries/Theme_View.php
  38. +1 −1  modules/gallery/libraries/drivers/{Identity.php → IdentityProvider.php}
  39. +1 −1  modules/gallery/models/item.php
  40. +1 −1  modules/gallery/models/log.php
  41. +1 −1  modules/gallery/models/task.php
  42. +72 −72 modules/gallery/tests/Access_Helper_Test.php
  43. +2 −2 modules/gallery/tests/Albums_Controller_Test.php
  44. +3 −3 modules/gallery/tests/Item_Helper_Test.php
  45. +3 −3 modules/gallery/tests/Photos_Controller_Test.php
  46. +1 −1  modules/gallery/views/kohana_error_page.php
  47. +1 −1  modules/gallery/views/login.html.php
  48. +1 −1  modules/gallery/views/login_ajax.html.php
  49. +5 −5 modules/notification/helpers/notification.php
  50. +1 −1  modules/notification/helpers/notification_event.php
  51. +2 −2 modules/search/helpers/search.php
  52. +2 −2 modules/server_add/controllers/server_add.php
  53. +1 −1  modules/server_add/helpers/server_add_event.php
  54. +1 −1  modules/server_add/helpers/server_add_theme.php
  55. +3 −3 modules/user/controllers/admin_users.php
  56. +1 −1  modules/user/controllers/password.php
  57. +2 −2 modules/user/controllers/users.php
  58. +14 −4 modules/user/helpers/group.php
  59. +15 −15 modules/user/libraries/drivers/{Identity → IdentityProvider}/Gallery.php
  60. +1 −1  modules/user/views/admin_users.html.php
View
2  modules/akismet/tests/Akismet_Helper_Test.php
@@ -26,7 +26,7 @@ public function setup() {
$root = ORM::factory("item", 1);
$this->_comment = comment::create(
- $root, Identity::guest(), "This is a comment",
+ $root, identity::guest(), "This is a comment",
"John Doe", "john@gallery2.org", "http://gallery2.org");
foreach ($this->_comment->list_fields("comments") as $name => $field) {
if (strpos($name, "server_") === 0) {
View
8 modules/comment/controllers/comments.php
@@ -65,7 +65,7 @@ public function _create($comment) {
$form = comment::get_add_form($item);
$valid = $form->validate();
if ($valid) {
- if (Session::active_user()->guest && !$form->add_comment->inputs["name"]->value) {
+ if (identity::active_user()->guest && !$form->add_comment->inputs["name"]->value) {
$form->add_comment->inputs["name"]->add_error("missing", 1);
$valid = false;
}
@@ -78,13 +78,13 @@ public function _create($comment) {
if ($valid) {
$comment = comment::create(
- $item, Session::active_user(),
+ $item, identity::active_user(),
$form->add_comment->text->value,
$form->add_comment->inputs["name"]->value,
$form->add_comment->email->value,
$form->add_comment->url->value);
- $active = Session::active_user();
+ $active = identity::active_user();
if ($active->guest) {
$form->add_comment->inputs["name"]->value("");
$form->add_comment->email->value("");
@@ -192,7 +192,7 @@ public function _form_add($item_id) {
* @see REST_Controller::form_edit($resource)
*/
public function _form_edit($comment) {
- if (!Session::active_user()->admin) {
+ if (!identity::active_user()->admin) {
access::forbidden();
}
print comment::get_edit_form($comment);
View
2  modules/comment/helpers/comment.php
@@ -75,7 +75,7 @@ static function get_add_form($item) {
module::event("comment_add_form", $form);
$group->submit("")->value(t("Add"));
- $active = Session::active_user();
+ $active = identity::active_user();
if (!$active->guest) {
$group->inputs["name"]->value($active->full_name)->disabled("disabled");
$group->email->value($active->email)->disabled("disabled");
View
2  modules/comment/models/comment.php
@@ -23,7 +23,7 @@ function item() {
}
function author() {
- return Identity::lookup_user($this->author_id);
+ return identity::lookup_user($this->author_id);
}
function author_name() {
View
2  modules/comment/tests/Comment_Event_Test.php
@@ -22,7 +22,7 @@ public function deleting_an_item_deletes_its_comments_too_test() {
$rand = rand();
$album = album::create(ORM::factory("item", 1), "test_$rand", "test_$rand");
$comment = comment::create(
- $album, Identity::guest(), "text_$rand", "name_$rand", "email_$rand", "url_$rand");
+ $album, identity::guest(), "text_$rand", "name_$rand", "email_$rand", "url_$rand");
$album->delete();
View
4 modules/comment/tests/Comment_Helper_Test.php
@@ -48,7 +48,7 @@ public function create_comment_for_guest_test() {
$rand = rand();
$root = ORM::factory("item", 1);
$comment = comment::create(
- $root, Identity::guest(), "text_$rand", "name_$rand", "email_$rand", "url_$rand");
+ $root, identity::guest(), "text_$rand", "name_$rand", "email_$rand", "url_$rand");
$this->assert_equal("name_$rand", $comment->author_name());
$this->assert_equal("email_$rand", $comment->author_email());
@@ -77,7 +77,7 @@ public function create_comment_for_guest_test() {
public function create_comment_for_user_test() {
$rand = rand();
$root = ORM::factory("item", 1);
- $admin = Identity::lookup_user(2);
+ $admin = identity::lookup_user(2);
$comment = comment::create(
$root, $admin, "text_$rand", "name_$rand", "email_$rand", "url_$rand");
View
8 modules/comment/tests/Comment_Model_Test.php
@@ -22,17 +22,17 @@ class Comment_Model_Test extends Unit_Test_Case {
public function cant_view_comments_for_unviewable_items_test() {
$root = ORM::factory("item", 1);
$album = album::create($root, rand(), rand(), rand());
- $comment = comment::create($album, Identity::guest(), "text", "name", "email", "url");
- Session::set_active_user(Identity::guest());
+ $comment = comment::create($album, identity::guest(), "text", "name", "email", "url");
+ identity::set_active_user(identity::guest());
// We can see the comment when permissions are granted on the album
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$this->assert_equal(
1,
ORM::factory("comment")->viewable()->where("comments.id", $comment->id)->count_all());
// We can't see the comment when permissions are denied on the album
- access::deny(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $album);
$this->assert_equal(
0,
ORM::factory("comment")->viewable()->where("comments.id", $comment->id)->count_all());
View
2  modules/digibug/controllers/digibug.php
@@ -23,7 +23,7 @@ public function print_photo($id) {
$item = ORM::factory("item", $id);
access::required("view", $item);
- if (access::group_can(Identity::everybody(), "view_full", $item)) {
+ if (access::group_can(identity::everybody(), "view_full", $item)) {
$full_url = $item->file_url(true);
$thumb_url = $item->thumb_url(true);
} else {
View
4 modules/digibug/tests/Digibug_Controller_Test.php
@@ -35,8 +35,8 @@ public function setup() {
$root = ORM::factory("item", 1);
$this->_album = album::create($root, rand(), "test album");
- access::deny(Identity::everybody(), "view_full", $this->_album);
- access::deny(Identity::registered_users(), "view_full", $this->_album);
+ access::deny(identity::everybody(), "view_full", $this->_album);
+ access::deny(identity::registered_users(), "view_full", $this->_album);
$rand = rand();
$this->_item = photo::create($this->_album, MODPATH . "gallery/tests/test.jpg", "$rand.jpg",
View
16 modules/g2_import/helpers/g2_import.php
@@ -230,16 +230,16 @@ static function import_group(&$queue) {
switch ($g2_group->getGroupType()) {
case GROUP_NORMAL:
try {
- $group = Identity::create_group($g2_group->getGroupName());
+ $group = identity::create_group($g2_group->getGroupName());
} catch (Exception $e) {
// @todo For now we assume this is a "duplicate group" exception
- $group = Identity::lookup_user_by_name($g2_group->getGroupname());
+ $group = identity::lookup_user_by_name($g2_group->getGroupname());
}
$message = t("Group '%name' was imported", array("name" => $g2_group->getGroupname()));
break;
case GROUP_ALL_USERS:
- $group = Identity::registered_users();
+ $group = identity::registered_users();
$message = t("Group 'Registered' was converted to '%name'", array("name" => $group->name));
break;
@@ -248,7 +248,7 @@ static function import_group(&$queue) {
break; // This is not a group in G3
case GROUP_EVERYBODY:
- $group = Identity::everybody();
+ $group = identity::everybody();
$message = t("Group 'Everybody' was converted to '%name'", array("name" => $group->name));
break;
}
@@ -270,7 +270,7 @@ static function import_user(&$queue) {
}
if (g2(GalleryCoreApi::isAnonymousUser($g2_user_id))) {
- self::set_map($g2_user_id, Identity::guest()->id);
+ self::set_map($g2_user_id, identity::guest()->id);
return t("Skipping Anonymous User");
}
@@ -285,11 +285,11 @@ static function import_user(&$queue) {
$g2_groups = g2(GalleryCoreApi::fetchGroupsForUser($g2_user->getId()));
try {
- $user = Identity::create_user($g2_user->getUsername(), $g2_user->getfullname(), "");
+ $user = identity::create_user($g2_user->getUsername(), $g2_user->getfullname(), "");
$message = t("Created user: '%name'.", array("name" => $user->name));
} catch (Exception $e) {
// @todo For now we assume this is a "duplicate user" exception
- $user = Identity::lookup_user_by_name($g2_user->getUsername());
+ $user = identity::lookup_user_by_name($g2_user->getUsername());
$message = t("Loaded existing user: '%name'.", array("name" => $user->name));
}
@@ -301,7 +301,7 @@ static function import_user(&$queue) {
$user->admin = true;
$message .= t("\n\tAdded 'admin' flag to user");
} else {
- $group = Identity::lookup_group(self::map($g2_group_id));
+ $group = identity::lookup_group(self::map($g2_group_id));
$user->add($group);
$message .= t("\n\tAdded user to group '%group'.", array("group" => $group->name));
}
View
2  modules/gallery/controllers/admin.php
@@ -21,7 +21,7 @@ class Admin_Controller extends Controller {
private $theme;
public function __construct($theme=null) {
- if (!(Session::active_user()->admin)) {
+ if (!(identity::active_user()->admin)) {
access::forbidden();
}
View
10 modules/gallery/controllers/admin_identity.php
@@ -21,7 +21,7 @@ class Admin_Identity_Controller extends Admin_Controller {
public function index() {
$view = new Admin_View("admin.html");
$view->content = new View("admin_identity.html");
- $view->content->available = Identity::providers();
+ $view->content->available = identity::providers();
$view->content->active = module::get_var("gallery", "identity_provider", "user");
print $view;
}
@@ -39,7 +39,7 @@ public function change() {
access::verify_csrf();
$active_provider = module::get_var("gallery", "identity_provider", "user");
- $providers = Identity::providers();
+ $providers = identity::providers();
$new_provider = $this->input->post("provider");
@@ -47,13 +47,13 @@ public function change() {
module::event("pre_identity_change", $active_provider, $new_provider);
- Identity::deactivate();
+ identity::deactivate();
// Switch authentication
module::set_var("gallery", "identity_provider", $new_provider);
- Identity::reset();
+ identity::reset();
- Identity::activate();
+ identity::activate();
// @todo this type of collation is questionable from an i18n perspective
message::success(t("Changed to %description",
View
4 modules/gallery/controllers/albums.php
@@ -111,7 +111,7 @@ private function _create_album($album) {
$this->input->post("name"),
$this->input->post("title", $this->input->post("name")),
$this->input->post("description"),
- Session::active_user()->id,
+ identity::active_user()->id,
$this->input->post("slug"));
log::success("content", "Created an album",
@@ -146,7 +146,7 @@ private function _create_photo($album) {
$_FILES["file"]["name"],
$this->input->post("title", $this->input->post("name")),
$this->input->post("description"),
- Session::active_user()->id);
+ identity::active_user()->id);
log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo"));
message::success(t("Added photo %photo_title",
View
4 modules/gallery/controllers/l10n_client.php
@@ -20,7 +20,7 @@
class L10n_Client_Controller extends Controller {
public function save() {
access::verify_csrf();
- if (!Session::active_user()->admin) {
+ if (!identity::active_user()->admin) {
access::forbidden();
}
@@ -85,7 +85,7 @@ public function save() {
public function toggle_l10n_mode() {
access::verify_csrf();
- if (!Session::active_user()->admin) {
+ if (!identity::active_user()->admin) {
access::forbidden();
}
View
8 modules/gallery/controllers/login.php
@@ -58,8 +58,8 @@ private function _auth($url) {
$form = login::get_login_form($url);
$valid = $form->validate();
if ($valid) {
- $user = Identity::lookup_user_by_name($form->login->inputs["name"]->value);
- if (empty($user) || !Identity::is_correct_password($user, $form->login->password->value)) {
+ $user = identity::lookup_user_by_name($form->login->inputs["name"]->value);
+ if (empty($user) || !identity::is_correct_password($user, $form->login->password->value)) {
log::warning(
"user",
t("Failed login for %name",
@@ -70,12 +70,12 @@ private function _auth($url) {
}
if ($valid) {
- if (Identity::is_writable()) {
+ if (identity::is_writable()) {
$user->login_count += 1;
$user->last_login = time();
$user->save();
}
- Session::set_active_user($user);
+ identity::set_active_user($user);
log::info("user", t("User %name logged in", array("name" => $user->name)));
}
View
2  modules/gallery/controllers/logout.php
@@ -19,7 +19,7 @@
*/
class Logout_Controller extends Controller {
public function index() {
- $user = Session::active_user();
+ $user = identity::active_user();
if (!$user->guest) {
try {
Session::instance()->destroy();
View
6 modules/gallery/controllers/permissions.php
@@ -51,7 +51,7 @@ function form($id) {
function change($command, $group_id, $perm_id, $item_id) {
access::verify_csrf();
- $group = Identity::lookup_group($group_id);
+ $group = identity::lookup_group($group_id);
$perm = ORM::factory("permission", $perm_id);
$item = ORM::factory("item", $item_id);
access::required("view", $item);
@@ -74,7 +74,7 @@ function change($command, $group_id, $perm_id, $item_id) {
// If the active user just took away their own edit permissions, give it back.
if ($perm->name == "edit") {
- if (!access::user_can(Session::active_user(), "edit", $item)) {
+ if (!access::user_can(identity::active_user(), "edit", $item)) {
access::allow($group, $perm->name, $item);
}
}
@@ -84,7 +84,7 @@ function change($command, $group_id, $perm_id, $item_id) {
private function _get_form($item) {
$view = new View("permissions_form.html");
$view->item = $item;
- $view->groups = Identity::groups();
+ $view->groups = identity::groups();
$view->permissions = ORM::factory("permission")->find_all();
return $view;
}
View
4 modules/gallery/controllers/upgrader.php
@@ -40,7 +40,7 @@ public function index() {
}
$view = new View("upgrader.html");
- $view->can_upgrade = Session::active_user()->admin || $session->get("can_upgrade");
+ $view->can_upgrade = identity::active_user()->admin || $session->get("can_upgrade");
$view->upgrade_token = $upgrade_token;
$view->available = module::available();
$view->done = ($available_upgrades == 0);
@@ -52,7 +52,7 @@ public function upgrade() {
// @todo this may screw up some module installers, but we don't have a better answer at
// this time.
$_SERVER["HTTP_HOST"] = "example.com";
- } else if (!Session::active_user()->admin && !Session::instance()->get("can_upgrade", false)) {
+ } else if (!identity::active_user()->admin && !Session::instance()->get("can_upgrade", false)) {
access::forbidden();
}
View
4 modules/gallery/controllers/welcome_message.php
@@ -19,12 +19,12 @@
*/
class Welcome_Message_Controller extends Controller {
public function index() {
- if (!Session::active_user()->admin) {
+ if (!identity::active_user()->admin) {
url::redirect(item::root()->abs_url());
}
$v = new View("welcome_message.html");
- $v->user = Session::active_user();
+ $v->user = identity::active_user();
print $v;
}
}
View
4 modules/gallery/helpers/access.php
@@ -79,7 +79,7 @@ class access_Core {
* @return boolean
*/
static function can($perm_name, $item) {
- return self::user_can(Session::active_user(), $perm_name, $item);
+ return self::user_can(identity::active_user(), $perm_name, $item);
}
/**
@@ -423,7 +423,7 @@ private static function _get_all_groups() {
// This is ok at packaging time, so work around it.
$config = module::get_var("gallery", "identity_provider");
if (!empty($config)) {
- return Identity::groups();
+ return identity::groups();
} else {
return array();
}
View
2  modules/gallery/helpers/gallery.php
@@ -27,7 +27,7 @@ class gallery_Core {
static function maintenance_mode() {
$maintenance_mode = Kohana::config("core.maintenance_mode", false, false);
- if (Router::$controller != "login" && !empty($maintenance_mode) && !Session::active_user()->admin) {
+ if (Router::$controller != "login" && !empty($maintenance_mode) && !identity::active_user()->admin) {
Router::$controller = "maintenance";
Router::$controller_path = MODPATH . "gallery/controllers/maintenance.php";
Router::$method = "index";
View
10 modules/gallery/helpers/gallery_event.php
@@ -23,11 +23,7 @@ class gallery_event_Core {
* Initialization.
*/
static function gallery_ready() {
- // Call Identity::instance() now to force the load of the user interface classes.
- // Session::load_user will attempt to load the active user from the session and needs
- // the user definition class, which can't be reached by Kohana's heiracrchical lookup.
- Identity::instance();
- Session::load_user();
+ identity::load_user();
locales::set_request_locale();
}
@@ -139,7 +135,7 @@ static function site_menu($menu, $theme) {
}
}
- if (Session::active_user()->admin) {
+ if (identity::active_user()->admin) {
$menu->append($admin_menu = Menu::factory("submenu")
->id("admin_menu")
->label(t("Admin")));
@@ -191,7 +187,7 @@ static function admin_menu($menu, $theme) {
->id("sidebar")
->label(t("Manage Sidebar"))
->url(url::site("admin/sidebar"))));
- if (count(Identity::providers()) > 1) {
+ if (count(identity::providers()) > 1) {
$menu
->append(Menu::factory("submenu")
->id("identity_menu")
View
2  modules/gallery/helpers/gallery_installer.php
@@ -317,7 +317,7 @@ static function upgrade($version) {
}
if ($version == 7) {
- $groups = Identity::groups();
+ $groups = identity::groups();
$permissions = ORM::factory("permission")->find_all();
foreach($groups as $group) {
foreach($permissions as $permission) {
View
2  modules/gallery/helpers/gallery_theme.php
@@ -54,7 +54,7 @@ static function head($theme) {
static function header_top($theme) {
if ($theme->page_type != "login") {
$view = new View("login.html");
- $view->user = Session::active_user();
+ $view->user = identity::active_user();
return $view->render();
}
}
View
225 modules/gallery/helpers/identity.php
@@ -0,0 +1,225 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+class identity_Core {
+ protected static $available;
+
+ /**
+ * Return a list of installed Identity Drivers.
+ *
+ * @return boolean true if the driver supports updates; false if read only
+ */
+ static function providers() {
+ if (empty(self::$available)) {
+ $drivers = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS);
+ foreach (module::available() as $module_name => $module) {
+ if (file_exists(MODPATH . "{$module_name}/config/identity.php")) {
+ $drivers->$module_name = $module->description;
+ }
+ }
+ self::$available = $drivers;
+ }
+ return self::$available;
+ }
+
+ /**
+ * Make sure that we have a session and group_ids cached in the session.
+ */
+ static function load_user() {
+ //try {
+ // Call IdentityProvider::instance() now to force the load of the user interface classes.
+ // We are about to load the active user from the session and which needs the user definition
+ // class, which can't be reached by Kohana's heiracrchical lookup.
+ IdentityProvider::instance();
+
+ $session = Session::instance();
+ if (!($user = $session->get("user"))) {
+ self::set_active_user($user = self::guest());
+ }
+
+ // The installer cannot set a user into the session, so it just sets an id which we should
+ // upconvert into a user.
+ // @todo set the user name into the session instead of 2 and then use it to get the user object
+ if ($user === 2) {
+ $user = IdentityProvider::instance()->lookup_user_by_name("admin");
+ self::set_active_user($user);
+ $session->set("user", $user);
+ }
+
+ if (!$session->get("group_ids")) {
+ $ids = array();
+ foreach ($user->groups as $group) {
+ $ids[] = $group->id;
+ }
+ $session->set("group_ids", $ids);
+ }
+ //} catch (Exception $e) {
+ //try {
+ //Session::instance()->destroy();
+ //} catch (Exception $e) {
+ // We don't care if there was a problem destroying the session.
+ //}
+ //url::redirect(item::root()->abs_url());
+ //}
+ }
+
+ /**
+ * Return the array of group ids this user belongs to
+ *
+ * @return array
+ */
+ static function group_ids_for_active_user() {
+ return Session::instance()->get("group_ids", array(1));
+ }
+
+ /**
+ * Return the active user. If there's no active user, return the guest user.
+ *
+ * @return User_Definition
+ */
+ static function active_user() {
+ // @todo (maybe) cache this object so we're not always doing session lookups.
+ $user = Session::instance()->get("user", null);
+ if (!isset($user)) {
+ // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary
+ // work.
+ $user = identity::guest();
+ }
+ return $user;
+ }
+
+ /**
+ * Change the active user.
+ * @param User_Definition $user
+ */
+ static function set_active_user($user) {
+ $session = Session::instance();
+ $session->set("user", $user);
+ $session->delete("group_ids");
+ self::load_user();
+ }
+
+ /**
+ * Determine if if the current driver supports updates.
+ *
+ * @return boolean true if the driver supports updates; false if read only
+ */
+ static function is_writable() {
+ return IdentityProvider::instance()->is_writable();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::activate.
+ */
+ static function activate() {
+ IdentityProvider::instance()->activate();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::deactivate.
+ */
+ static function deactivate() {
+ IdentityProvider::instance()->deactivate();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::guest.
+ */
+ static function guest() {
+ return IdentityProvider::instance()->guest();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::create_user.
+ */
+ static function create_user($name, $full_name, $password) {
+ return IdentityProvider::instance()->create_user($name, $full_name, $password);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::is_correct_password.
+ */
+ static function is_correct_password($user, $password) {
+ return IdentityProvider::instance()->is_correct_password($user, $password);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_user.
+ */
+ static function lookup_user($id) {
+ return IdentityProvider::instance()->lookup_user($id);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_user_by_name.
+ */
+ static function lookup_user_by_name($name) {
+ return IdentityProvider::instance()->lookup_user_by_name($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::create_group.
+ */
+ static function create_group($name) {
+ return IdentityProvider::instance()->create_group($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::everybody.
+ */
+ static function everybody() {
+ return IdentityProvider::instance()->everybody();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::registered_users.
+ */
+ static function registered_users() {
+ return IdentityProvider::instance()->everybody();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_group.
+ */
+ static function lookup_group($id) {
+ return IdentityProvider::instance()->lookup_group($id);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_group_by_name.
+ */
+ static function lookup_group_by_name($name) {
+ return IdentityProvider::instance()->lookup_group_by_name($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::get_user_list.
+ */
+ static function get_user_list($ids) {
+ return IdentityProvider::instance()->get_user_list($ids);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::groups.
+ */
+ static function groups() {
+ return IdentityProvider::instance()->groups();
+ }
+}
View
4 modules/gallery/helpers/item.php
@@ -158,8 +158,8 @@ static function get_max_weight() {
*/
static function viewable($model) {
$view_restrictions = array();
- if (!Session::active_user()->admin) {
- foreach (Session::group_ids_for_active_user() as $id) {
+ if (!identity::active_user()->admin) {
+ foreach (identity::group_ids_for_active_user() as $id) {
// Separate the first restriction from the rest to make it easier for us to formulate
// our where clause below
if (empty($view_restrictions)) {
View
2  modules/gallery/helpers/locales.php
@@ -141,7 +141,7 @@ static function set_request_locale() {
$locale = self::cookie_locale();
// 2. Check the user's preference
if (!$locale) {
- $locale = Session::active_user()->locale;
+ $locale = identity::active_user()->locale;
}
// 3. Check the browser's / OS' preference
if (!$locale) {
View
2  modules/gallery/helpers/log.php
@@ -80,7 +80,7 @@ private static function _add($category, $message, $html, $severity) {
$log->url = substr(url::abs_current(true), 0, 255);
$log->referer = request::referrer(null);
$log->timestamp = time();
- $log->user_id = Session::active_user()->id;
+ $log->user_id = identity::active_user()->id;
$log->save();
}
View
2  modules/gallery/helpers/movie.php
@@ -77,7 +77,7 @@ static function create($parent, $filename, $name, $title,
$movie->title = $title;
$movie->description = $description;
$movie->name = $name;
- $movie->owner_id = $owner_id ? $owner_id : Session::active_user()->id;
+ $movie->owner_id = $owner_id ? $owner_id : identity::active_user()->id;
$movie->width = $movie_info[0];
$movie->height = $movie_info[1];
$movie->mime_type = strtolower($pi["extension"]) == "mp4" ? "video/mp4" : "video/x-flv";
View
2  modules/gallery/helpers/photo.php
@@ -76,7 +76,7 @@ static function create($parent, $filename, $name, $title,
$photo->title = $title;
$photo->description = $description;
$photo->name = $name;
- $photo->owner_id = $owner_id ? $owner_id : Session::active_user()->id;
+ $photo->owner_id = $owner_id ? $owner_id : identity::active_user()->id;
$photo->width = $image_info[0];
$photo->height = $image_info[1];
$photo->mime_type = empty($image_info['mime']) ? "application/unknown" : $image_info['mime'];
View
2  modules/gallery/helpers/site_status.php
@@ -95,7 +95,7 @@ static function clear($permanent_key) {
* @return html text
*/
static function get() {
- if (!Session::active_user()->admin) {
+ if (!identity::active_user()->admin) {
return;
}
$buf = array();
View
2  modules/gallery/helpers/task.php
@@ -42,7 +42,7 @@ static function create($task_def, $context) {
$task->percent_complete = 0;
$task->status = "";
$task->state = "started";
- $task->owner_id = Session::active_user()->id;
+ $task->owner_id = identity::active_user()->id;
$task->context = serialize($context);
$task->save();
View
4 modules/gallery/libraries/Admin_View.php
@@ -36,12 +36,12 @@ public function __construct($name) {
parent::__construct($name);
$this->theme_name = module::get_var("gallery", "active_admin_theme");
- if (Session::active_user()->admin) {
+ if (identity::active_user()->admin) {
$this->theme_name = Input::instance()->get("theme", $this->theme_name);
}
$this->sidebar = "";
$this->set_global("theme", $this);
- $this->set_global("user", Session::active_user());
+ $this->set_global("user", identity::active_user());
}
public function admin_menu() {
View
222 modules/gallery/libraries/Identity.php
@@ -1,222 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-/**
- * Provides a driver-based interface for managing users and groups.
- */
-class Identity_Core {
- protected static $instance;
-
- protected static $active;
-
- // Configuration
- protected $config;
-
- // Driver object
- protected $driver;
-
- /**
- * Returns a singleton instance of Identity.
- * There can only be one Identity driver configured at a given point
- *
- * @param string configuration
- * @return Identity_Core
- */
- static function & instance() {
- if (!isset(self::$instance)) {
- // Create a new instance
- self::$instance = new Identity();
- }
-
- return self::$instance;
- }
-
- /**
- * Returns a singleton instance of Identity.
- * There can only be one Identity driver configured at a given point
- *
- * @param string configuration
- * @return Identity_Core
- */
- static function reset() {
- self::$instance = new Identity();
- }
-
- /**
- * Loads the configured driver and validates it.
- *
- * @return void
- */
- public function __construct() {
- $config = module::get_var("gallery", "identity_provider", "user");
-
- // Test the config group name
- if (($this->config = Kohana::config("identity.".$config)) === NULL) {
- throw new Exception("@todo NO USER LIBRARY CONFIGURATION FOR: $config");
- }
-
- // Set driver name
- $driver = "Identity_".ucfirst($this->config["driver"])."_Driver";
-
- // Load the driver
- if ( ! Kohana::auto_load($driver)) {
- throw new Kohana_Exception("core.driver_not_found", $this->config["driver"],
- get_class($this));
- }
-
- // Initialize the driver
- $this->driver = new $driver($this->config["params"]);
-
- // Validate the driver
- if ( !($this->driver instanceof Identity_Driver)) {
- throw new Kohana_Exception("core.driver_implements", $this->config["driver"],
- get_class($this), "Identity_Driver");
- }
-
- Kohana::log("debug", "Identity Library initialized");
- }
-
- /**
- * Return a list of installed Identity Drivers.
- *
- * @return boolean true if the driver supports updates; false if read only
- */
- static function providers() {
- if (empty(self::$active)) {
- $drivers = new ArrayObject(array(), ArrayObject::ARRAY_AS_PROPS);
- foreach (module::active() as $module) {
- $module_name = $module->name;
- if (file_exists(MODPATH . "{$module->name}/config/identity.php") &&
- ($info = module::info($module_name))) {
- $drivers->$module_name = $info->description;
- }
- }
- self::$active = $drivers;
- }
- return self::$active;
- }
-
- /**
- * @see Identity_Driver::activate.
- */
- static function activate() {
- self::instance()->driver->activate();
- }
-
- /**
- * @see Identity_Driver::deactivate.
- */
- static function deactivate() {
- self::instance()->driver->deactivate();
- }
-
- /**
- * Determine if if the current driver supports updates.
- *
- * @return boolean true if the driver supports updates; false if read only
- */
- static function is_writable() {
- return !empty(self::instance()->config["allow_updates"]);
- }
-
- /**
- * @see Identity_Driver::guest.
- */
- static function guest() {
- return self::instance()->driver->guest();
- }
-
- /**
- * @see Identity_Driver::create_user.
- */
- static function create_user($name, $full_name, $password) {
- return self::instance()->driver->create_user($name, $full_name, $password);
- }
-
- /**
- * @see Identity_Driver::is_correct_password.
- */
- static function is_correct_password($user, $password) {
- return self::instance()->driver->is_correct_password($user, $password);
- }
-
- /**
- * @see Identity_Driver::lookup_user.
- */
- static function lookup_user($id) {
- return self::instance()->driver->lookup_user($id);
- }
-
- /**
- * @see Identity_Driver::lookup_user_by_name.
- */
- static function lookup_user_by_name($name) {
- return self::instance()->driver->lookup_user_by_name($name);
- }
-
- /**
- * @see Identity_Driver::create_group.
- */
- static function create_group($name) {
- return self::instance()->driver->create_group($name);
- }
-
- /**
- * @see Identity_Driver::everybody.
- */
- static function everybody() {
- return self::instance()->driver->everybody();
- }
-
- /**
- * @see Identity_Driver::registered_users.
- */
- static function registered_users() {
- return self::instance()->driver->everybody();
- }
-
- /**
- * @see Identity_Driver::lookup_group.
- */
- static function lookup_group($id) {
- return self::instance()->driver->lookup_group($id);
- }
-
- /**
- * @see Identity_Driver::lookup_group_by_name.
- */
- static function lookup_group_by_name($name) {
- return self::instance()->driver->lookup_group_by_name($name);
- }
-
- /**
- * @see Identity_Driver::get_user_list.
- */
- static function get_user_list($ids) {
- return self::instance()->driver->get_user_list($ids);
- }
-
- /**
- * @see Identity_Driver::groups.
- */
- static function groups() {
- return self::instance()->driver->groups();
- }
-} // End Identity
View
200 modules/gallery/libraries/IdentityProvider.php
@@ -0,0 +1,200 @@
+<?php defined("SYSPATH") or die("No direct script access.");
+/**
+ * Gallery - a web based photo album viewer and editor
+ * Copyright (C) 2000-2009 Bharat Mediratta
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or (at
+ * your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+
+/**
+ * Provides a driver-based interface for managing users and groups.
+ */
+class IdentityProvider_Core {
+ protected static $instance;
+
+ // Configuration
+ protected $config;
+
+ // Driver object
+ protected $driver;
+
+ /**
+ * Returns a singleton instance of Identity.
+ * There can only be one Identity driver configured at a given point
+ *
+ * @param string configuration
+ * @return Identity_Core
+ */
+ static function & instance() {
+ if (!isset(self::$instance)) {
+ // Create a new instance
+ self::$instance = new IdentityProvider();
+ }
+
+ return self::$instance;
+ }
+
+ /**
+ * Returns a singleton instance of Identity.
+ * There can only be one Identity driver configured at a given point
+ *
+ * @param string configuration
+ * @return Identity_Core
+ */
+ static function reset() {
+ self::$instance = new IdentityProvider();
+ }
+
+ /**
+ * Loads the configured driver and validates it.
+ *
+ * @return void
+ */
+ public function __construct() {
+ $config = module::get_var("gallery", "identity_provider", "user");
+
+ // Test the config group name
+ if (($this->config = Kohana::config("identity.".$config)) === NULL) {
+ throw new Exception("@todo NO USER LIBRARY CONFIGURATION FOR: $config");
+ }
+
+ // Set driver name
+ $driver = "IdentityProvider_".ucfirst($this->config["driver"])."_Driver";
+
+ // Load the driver
+ if ( ! Kohana::auto_load($driver)) {
+ throw new Kohana_Exception("core.driver_not_found", $this->config["driver"],
+ get_class($this));
+ }
+
+ // Initialize the driver
+ $this->driver = new $driver($this->config["params"]);
+
+ // Validate the driver
+ if ( !($this->driver instanceof IdentityProvider_Driver)) {
+ throw new Kohana_Exception("core.driver_implements", $this->config["driver"],
+ get_class($this), "IdentityProvider_Driver");
+ }
+
+ Kohana::log("debug", "Identity Library initialized");
+ }
+
+ /**
+ * Determine if if the current driver supports updates.
+ *
+ * @return boolean true if the driver supports updates; false if read only
+ */
+ public function is_writable() {
+ return !empty($this->config["allow_updates"]);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::activate.
+ */
+ public function activate() {
+ $this->driver->activate();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::deactivate.
+ */
+ public function deactivate() {
+ $this->driver->deactivate();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::guest.
+ */
+ public function guest() {
+ return $this->driver->guest();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::create_user.
+ */
+ public function create_user($name, $full_name, $password) {
+ return $this->driver->create_user($name, $full_name, $password);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::is_correct_password.
+ */
+ public function is_correct_password($user, $password) {
+ return $this->driver->is_correct_password($user, $password);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_user.
+ */
+ public function lookup_user($id) {
+ return $this->driver->lookup_user($id);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_user_by_name.
+ */
+ public function lookup_user_by_name($name) {
+ return $this->driver->lookup_user_by_name($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::create_group.
+ */
+ public function create_group($name) {
+ return $this->driver->create_group($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::everybody.
+ */
+ public function everybody() {
+ return $this->driver->everybody();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::registered_users.
+ */
+ public function registered_users() {
+ return $this->driver->everybody();
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_group.
+ */
+ public function lookup_group($id) {
+ return $this->driver->lookup_group($id);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::lookup_group_by_name.
+ */
+ public function lookup_group_by_name($name) {
+ return $this->driver->lookup_group_by_name($name);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::get_user_list.
+ */
+ public function get_user_list($ids) {
+ return $this->driver->get_user_list($ids);
+ }
+
+ /**
+ * @see IdentityProvider_Driver::groups.
+ */
+ public function groups() {
+ return $this->driver->groups();
+ }
+} // End Identity
View
93 modules/gallery/libraries/MY_Session.php
@@ -1,93 +0,0 @@
-<?php defined("SYSPATH") or die("No direct script access.");
-/**
- * Gallery - a web based photo album viewer and editor
- * Copyright (C) 2000-2009 Bharat Mediratta
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or (at
- * your option) any later version.
- *
- * This program is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
-class Session extends Session_Core {
- /**
- * Make sure that we have a session and group_ids cached in the session.
- */
- static function load_user() {
- try {
- $session = Session::instance();
- if (!($user = $session->get("user"))) {
- $session->set("user", $user = Identity::guest());
- }
-
- // The installer cannot set a user into the session, so it just sets an id which we should
- // upconvert into a user.
- // @todo set the user name into the session instead of 2 and then use it to get the user object
- if ($user === 2) {
- $user = Instance::lookup_user_by_name("admin");
- self::set_active_user($user);
- $session->set("user", $user);
- }
-
- if (!$session->get("group_ids")) {
- $ids = array();
- foreach ($user->groups as $group) {
- $ids[] = $group->id;
- }
- $session->set("group_ids", $ids);
- }
- } catch (Exception $e) {
- try {
- Session::instance()->destroy();
- } catch (Exception $e) {
- // We don't care if there was a problem destroying the session.
- }
- url::redirect(item::root()->abs_url());
- }
- }
-
- /**
- * Return the array of group ids this user belongs to
- *
- * @return array
- */
- static function group_ids_for_active_user() {
- return self::instance()->get("group_ids", array(1));
- }
-
- /**
- * Return the active user. If there's no active user, return the guest user.
- *
- * @return User_Definition
- */
- static function active_user() {
- // @todo (maybe) cache this object so we're not always doing session lookups.
- $user = self::instance()->get("user", null);
- if (!isset($user)) {
- // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary
- // work.
- $user = Identity::guest();
- }
- return $user;
- }
-
- /**
- * Change the active user.
- * @param User_Definition $user
- */
- static function set_active_user($user) {
- $session = Session::instance();
- $session->set("user", $user);
- $session->delete("group_ids");
- self::load_user();
- }
-}
View
6 modules/gallery/libraries/Theme_View.php
@@ -37,13 +37,13 @@ public function __construct($name, $page_type) {
parent::__construct($name);
$this->theme_name = module::get_var("gallery", "active_site_theme");
- if (Session::active_user()->admin) {
+ if (identity::active_user()->admin) {
$this->theme_name = Input::instance()->get("theme", $this->theme_name);
}
$this->item = null;
$this->tag = null;
$this->set_global("theme", $this);
- $this->set_global("user", Session::active_user());
+ $this->set_global("user", identity::active_user());
$this->set_global("page_type", $page_type);
$this->set_global("page_title", null);
if ($page_type == "album") {
@@ -158,7 +158,7 @@ public function messages() {
*/
public function sidebar_blocks() {
$sidebar = block_manager::get_html("site.sidebar", $this);
- if (empty($sidebar) && Session::active_user()->admin) {
+ if (empty($sidebar) && identity::active_user()->admin) {
$sidebar = new View("no_sidebar.html");
}
return $sidebar;
View
2  modules/gallery/libraries/drivers/Identity.php → ...es/gallery/libraries/drivers/IdentityProvider.php
@@ -17,7 +17,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
-interface Identity_Driver {
+interface IdentityProvider_Driver {
/**
* Initialize the provider so it is ready to use
*/
View
2  modules/gallery/models/item.php
@@ -333,7 +333,7 @@ public function __get($column) {
// This relationship depends on an outside module, which may not be present so handle
// failures gracefully.
try {
- return Identity::lookup_user($this->owner_id);
+ return identity::lookup_user($this->owner_id);
} catch (Exception $e) {
return null;
}
View
2  modules/gallery/models/log.php
@@ -26,7 +26,7 @@ public function __get($column) {
// This relationship depends on an outside module, which may not be present so handle
// failures gracefully.
try {
- return Identity::lookup_user($this->user_id);
+ return identity::lookup_user($this->user_id);
} catch (Exception $e) {
return null;
}
View
2  modules/gallery/models/task.php
@@ -46,7 +46,7 @@ public function delete() {
}
public function owner() {
- return Identity::lookup_user($this->owner_id);
+ return identity::lookup_user($this->owner_id);
}
/**
View
144 modules/gallery/tests/Access_Helper_Test.php
@@ -22,7 +22,7 @@ class Access_Helper_Test extends Unit_Test_Case {
public function teardown() {
try {
- $group = Identity::lookup_group_by_name("access_test");
+ $group = identity::lookup_group_by_name("access_test");
if (!empty($group)) {
$group->delete();
}
@@ -33,7 +33,7 @@ public function teardown() {
} catch (Exception $e) { }
try {
- $user = Identity::lookup_user_by_name("access_test");
+ $user = identity::lookup_user_by_name("access_test");
if (!empty($user)) {
$user->delete();
}
@@ -41,16 +41,16 @@ public function teardown() {
// Reset some permissions that we mangle below
$root = ORM::factory("item", 1);
- access::allow(Identity::everybody(), "view", $root);
+ access::allow(identity::everybody(), "view", $root);
}
public function setup() {
- Session::set_active_user(Identity::guest());
+ identity::set_active_user(identity::guest());
}
public function groups_and_permissions_are_bound_to_columns_test() {
access::register_permission("access_test", "Access Test");
- $group = Identity::create_group("access_test");
+ $group = identity::create_group("access_test");
// We have a new column for this perm / group combo
$fields = Database::instance()->list_fields("access_caches");
@@ -65,17 +65,17 @@ public function groups_and_permissions_are_bound_to_columns_test() {
}
public function user_can_access_test() {
- $access_test = Identity::create_group("access_test");
+ $access_test = identity::create_group("access_test");
$root = ORM::factory("item", 1);
access::allow($access_test, "view", $root);
$item = album::create($root, rand(), "test album");
- access::deny(Identity::everybody(), "view", $item);
- access::deny(Identity::registered_users(), "view", $item);
+ access::deny(identity::everybody(), "view", $item);
+ access::deny(identity::registered_users(), "view", $item);
- $user = Identity::create_user("access_test", "Access Test", "");
+ $user = identity::create_user("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
@@ -89,10 +89,10 @@ public function user_can_no_access_test() {
$root = ORM::factory("item", 1);
$item = album::create($root, rand(), "test album");
- access::deny(Identity::everybody(), "view", $item);
- access::deny(Identity::registered_users(), "view", $item);
+ access::deny(identity::everybody(), "view", $item);
+ access::deny(identity::registered_users(), "view", $item);
- $user = Identity::create_user("access_test", "Access Test", "");
+ $user = identity::create_user("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
@@ -121,11 +121,11 @@ public function new_photos_inherit_parent_permissions_test() {
$root = ORM::factory("item", 1);
$album = album::create($root, rand(), "test album");
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$photo = photo::create($album, MODPATH . "gallery/images/gallery.png", "", "");
- $this->assert_true($photo->__get("view_" . Identity::everybody()->id));
+ $this->assert_true($photo->__get("view_" . identity::everybody()->id));
}
public function can_allow_deny_and_reset_intent_test() {
@@ -134,23 +134,23 @@ public function can_allow_deny_and_reset_intent_test() {
$intent = ORM::factory("access_intent")->where("item_id", $album)->find();
// Allow
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$this->assert_same(access::ALLOW, $intent->reload()->view_1);
// Deny
- access::deny(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $album);
$this->assert_same(
access::DENY,
ORM::factory("access_intent")->where("item_id", $album)->find()->view_1);
// Allow again. If the initial value was allow, then the first Allow clause above may not
// have actually changed any values.
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$this->assert_same(
access::ALLOW,
ORM::factory("access_intent")->where("item_id", $album)->find()->view_1);
- access::reset(Identity::everybody(), "view", $album);
+ access::reset(identity::everybody(), "view", $album);
$this->assert_same(
null,
ORM::factory("access_intent")->where("item_id", $album)->find()->view_1);
@@ -158,7 +158,7 @@ public function can_allow_deny_and_reset_intent_test() {
public function cant_reset_root_item_test() {
try {
- access::reset(Identity::everybody(), "view", ORM::factory("item", 1));
+ access::reset(identity::everybody(), "view", ORM::factory("item", 1));
} catch (Exception $e) {
return;
}
@@ -167,17 +167,17 @@ public function cant_reset_root_item_test() {
public function can_view_item_test() {
$root = ORM::factory("item", 1);
- access::allow(Identity::everybody(), "view", $root);
- $this->assert_true(access::group_can(Identity::everybody(), "view", $root));
+ access::allow(identity::everybody(), "view", $root);
+ $this->assert_true(access::group_can(identity::everybody(), "view", $root));
}
public function can_always_fails_on_unloaded_items_test() {
$root = ORM::factory("item", 1);
- access::allow(Identity::everybody(), "view", $root);
- $this->assert_true(access::group_can(Identity::everybody(), "view", $root));
+ access::allow(identity::everybody(), "view", $root);
+ $this->assert_true(access::group_can(identity::everybody(), "view", $root));
$bogus = ORM::factory("item", -1);
- $this->assert_false(access::group_can(Identity::everybody(), "view", $bogus));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $bogus));
}
public function cant_view_child_of_hidden_parent_test() {
@@ -185,21 +185,21 @@ public function cant_view_child_of_hidden_parent_test() {
$album = album::create($root, rand(), "test album");
$root->reload();
- access::deny(Identity::everybody(), "view", $root);
- access::reset(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $root);
+ access::reset(identity::everybody(), "view", $album);
$album->reload();
- $this->assert_false(access::group_can(Identity::everybody(), "view", $album));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $album));
}
public function view_permissions_propagate_down_test() {
$root = ORM::factory("item", 1);
$album = album::create($root, rand(), "test album");
- access::allow(Identity::everybody(), "view", $root);
- access::reset(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $root);
+ access::reset(identity::everybody(), "view", $album);
$album->reload();
- $this->assert_true(access::group_can(Identity::everybody(), "view", $album));
+ $this->assert_true(access::group_can(identity::everybody(), "view", $album));
}
public function can_toggle_view_permissions_propagate_down_test() {
@@ -214,18 +214,18 @@ public function can_toggle_view_permissions_propagate_down_test() {
$album3->reload();
$album4->reload();
- access::allow(Identity::everybody(), "view", $root);
- access::deny(Identity::everybody(), "view", $album1);
- access::reset(Identity::everybody(), "view", $album2);
- access::reset(Identity::everybody(), "view", $album3);
- access::reset(Identity::everybody(), "view", $album4);
+ access::allow(identity::everybody(), "view", $root);
+ access::deny(identity::everybody(), "view", $album1);
+ access::reset(identity::everybody(), "view", $album2);
+ access::reset(identity::everybody(), "view", $album3);
+ access::reset(identity::everybody(), "view", $album4);
$album4->reload();
- $this->assert_false(access::group_can(Identity::everybody(), "view", $album4));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $album4));
- access::allow(Identity::everybody(), "view", $album1);
+ access::allow(identity::everybody(), "view", $album1);
$album4->reload();
- $this->assert_true(access::group_can(Identity::everybody(), "view", $album4));
+ $this->assert_true(access::group_can(identity::everybody(), "view", $album4));
}
public function revoked_view_permissions_cant_be_allowed_lower_down_test() {
@@ -234,29 +234,29 @@ public function revoked_view_permissions_cant_be_allowed_lower_down_test() {
$album2 = album::create($album1, rand(), "test album");
$root->reload();
- access::deny(Identity::everybody(), "view", $root);
- access::allow(Identity::everybody(), "view", $album2);
+ access::deny(identity::everybody(), "view", $root);
+ access::allow(identity::everybody(), "view", $album2);
$album1->reload();
- $this->assert_false(access::group_can(Identity::everybody(), "view", $album1));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $album1));
$album2->reload();
- $this->assert_false(access::group_can(Identity::everybody(), "view", $album2));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $album2));
}
public function can_edit_item_test() {
$root = ORM::factory("item", 1);
- access::allow(Identity::everybody(), "edit", $root);
- $this->assert_true(access::group_can(Identity::everybody(), "edit", $root));
+ access::allow(identity::everybody(), "edit", $root);
+ $this->assert_true(access::group_can(identity::everybody(), "edit", $root));
}
public function non_view_permissions_propagate_down_test() {
$root = ORM::factory("item", 1);
$album = album::create($root, rand(), "test album");
- access::allow(Identity::everybody(), "edit", $root);
- access::reset(Identity::everybody(), "edit", $album);
- $this->assert_true(access::group_can(Identity::everybody(), "edit", $album));
+ access::allow(identity::everybody(), "edit", $root);
+ access::reset(identity::everybody(), "edit", $album);
+ $this->assert_true(access::group_can(identity::everybody(), "edit", $album));
}
public function non_view_permissions_can_be_revoked_lower_down_test() {
@@ -276,36 +276,36 @@ public function non_view_permissions_can_be_revoked_lower_down_test() {
$outer->reload();
$inner->reload();
- access::allow(Identity::everybody(), "edit", $root);
- access::deny(Identity::everybody(), "edit", $outer);
- access::allow(Identity::everybody(), "edit", $inner);
+ access::allow(identity::everybody(), "edit", $root);
+ access::deny(identity::everybody(), "edit", $outer);
+ access::allow(identity::everybody(), "edit", $inner);
// Outer album is not editable, inner one is.
- $this->assert_false(access::group_can(Identity::everybody(), "edit", $outer_photo));
- $this->assert_true(access::group_can(Identity::everybody(), "edit", $inner_photo));
+ $this->assert_false(access::group_can(identity::everybody(), "edit", $outer_photo));
+ $this->assert_true(access::group_can(identity::everybody(), "edit", $inner_photo));
}
public function i_can_edit_test() {
// Create a new user that belongs to no groups
- $user = Identity::create_user("access_test", "Access Test", "");
+ $user = identity::create_user("access_test", "Access Test", "");
foreach ($user->groups as $group) {
$user->remove($group);
}
$user->save();
- Session::set_active_user($user);
+ identity::set_active_user($user);
// This user can't edit anything
$root = ORM::factory("item", 1);
$this->assert_false(access::can("edit", $root));
// Now add them to a group that has edit permission
- $group = Identity::create_group("access_test");
+ $group = identity::create_group("access_test");
$group->add($user);
$group->save();
access::allow($group, "edit", $root);
- $user = Identity::lookup_user($user->id); // reload() does not flush related columns
- Session::set_active_user($user);
+ $user = identity::lookup_user($user->id); // reload() does not flush related columns
+ identity::set_active_user($user);
// And verify that the user can edit.
$this->assert_true(access::can("edit", $root));
@@ -317,16 +317,16 @@ public function everybody_view_permission_maintains_htaccess_files_test() {
$this->assert_false(file_exists($album->file_path() . "/.htaccess"));
- access::deny(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $album);
$this->assert_true(file_exists($album->file_path() . "/.htaccess"));
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$this->assert_false(file_exists($album->file_path() . "/.htaccess"));
- access::deny(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $album);
$this->assert_true(file_exists($album->file_path() . "/.htaccess"));
- access::reset(Identity::everybody(), "view", $album);
+ access::reset(identity::everybody(), "view", $album);
$this->assert_false(file_exists($album->file_path() . "/.htaccess"));
}
@@ -338,44 +338,44 @@ public function everybody_view_full_permission_maintains_htaccess_files_test() {
$this->assert_false(file_exists($album->resize_path() . "/.htaccess"));
$this->assert_false(file_exists($album->thumb_path() . "/.htaccess"));
- access::deny(Identity::everybody(), "view_full", $album);
+ access::deny(identity::everybody(), "view_full", $album);
$this->assert_true(file_exists($album->file_path() . "/.htaccess"));
$this->assert_false(file_exists($album->resize_path() . "/.htaccess"));
$this->assert_false(file_exists($album->thumb_path() . "/.htaccess"));
- access::allow(Identity::everybody(), "view_full", $album);
+ access::allow(identity::everybody(), "view_full", $album);
$this->assert_false(file_exists($album->file_path() . "/.htaccess"));
$this->assert_false(file_exists($album->resize_path() . "/.htaccess"));
$this->assert_false(file_exists($album->thumb_path() . "/.htaccess"));
- access::deny(Identity::everybody(), "view_full", $album);
+ access::deny(identity::everybody(), "view_full", $album);
$this->assert_true(file_exists($album->file_path() . "/.htaccess"));
$this->assert_false(file_exists($album->resize_path() . "/.htaccess"));
$this->assert_false(file_exists($album->thumb_path() . "/.htaccess"));
- access::reset(Identity::everybody(), "view_full", $album);
+ access::reset(identity::everybody(), "view_full", $album);
$this->assert_false(file_exists($album->file_path() . "/.htaccess"));
$this->assert_false(file_exists($album->resize_path() . "/.htaccess"));
$this->assert_false(file_exists($album->thumb_path() . "/.htaccess"));
}
public function moved_items_inherit_new_permissions_test() {
- Session::set_active_user(Identity::lookup_user_by_name("admin"));
+ identity::set_active_user(identity::lookup_user_by_name("admin"));
$root = ORM::factory("item", 1);
$public_album = album::create($root, rand(), "public album");
$public_photo = photo::create($public_album, MODPATH . "gallery/images/gallery.png", "", "");
- access::allow(Identity::everybody(), "view", $public_album);
+ access::allow(identity::everybody(), "view", $public_album);
$root->reload(); // Account for MPTT changes
$private_album = album::create($root, rand(), "private album");
- access::deny(Identity::everybody(), "view", $private_album);
+ access::deny(identity::everybody(), "view", $private_album);
$private_photo = photo::create($private_album, MODPATH . "gallery/images/gallery.png", "", "");
// Make sure that we now have a public photo and private photo.
- $this->assert_true(access::group_can(Identity::everybody(), "view", $public_photo));
- $this->assert_false(access::group_can(Identity::everybody(), "view", $private_photo));
+ $this->assert_true(access::group_can(identity::everybody(), "view", $public_photo));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $private_photo));
// Swap the photos
item::move($public_photo, $private_album);
@@ -391,7 +391,7 @@ public function moved_items_inherit_new_permissions_test() {
$public_photo->reload();
// Make sure that the public_photo is now private, and the private_photo is now public.
- $this->assert_false(access::group_can(Identity::everybody(), "view", $public_photo));
- $this->assert_true(access::group_can(Identity::everybody(), "view", $private_photo));
+ $this->assert_false(access::group_can(identity::everybody(), "view", $public_photo));
+ $this->assert_true(access::group_can(identity::everybody(), "view", $private_photo));
}
}
View
4 modules/gallery/tests/Albums_Controller_Test.php
@@ -45,7 +45,7 @@ public function change_album_test() {
$_POST["csrf"] = access::csrf_token();
$_POST["slug"] = "new_name";
$_POST["_method"] = "put";
- access::allow(Identity::everybody(), "edit", $root);
+ access::allow(identity::everybody(), "edit", $root);
ob_start();
$controller->_update($this->_album);
@@ -69,7 +69,7 @@ public function change_album_no_csrf_fails_test() {
$_POST["name"] = "new name";
$_POST["title"] = "new title";
$_POST["description"] = "new description";
- access::allow(Identity::everybody(), "edit", $root);
+ access::allow(identity::everybody(), "edit", $root);
try {
$controller->_update($this->_album);
View
6 modules/gallery/tests/Item_Helper_Test.php
@@ -23,16 +23,16 @@ public function viewable_test() {
$root = ORM::factory("item", 1);
$album = album::create($root, rand(), rand(), rand());
$item = self::_create_random_item($album);
- Session::set_active_user(Identity::guest());
+ identity::set_active_user(identity::guest());
// We can see the item when permissions are granted
- access::allow(Identity::everybody(), "view", $album);
+ access::allow(identity::everybody(), "view", $album);
$this->assert_equal(
1,
ORM::factory("item")->viewable()->where("id", $item->id)->count_all());
// We can't see the item when permissions are denied
- access::deny(Identity::everybody(), "view", $album);
+ access::deny(identity::everybody(), "view", $album);
$this->asser