Move Controller_UserProfile::_can_view_profile_pages($user) -->

Identity::can_view_profile($user). Now REST can use the same check.
gallery · Jun 13, 2013 · 78f08a2 · 78f08a2
1 parent 46cd102
commit 78f08a2
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 29 deletions.
diff --git a/modules/gallery/classes/Gallery/Controller/UserProfile.php b/modules/gallery/classes/Gallery/Controller/UserProfile.php
@@ -37,7 +37,7 @@ public function check_auth($auth) {
   public function action_show() {
     $id = $this->request->arg(0, "digit");
     $user = Identity::lookup_user($id);
-    if (!$this->_can_view_profile_pages($user)) {
+    if (!Identity::can_view_profile($user)) {
       throw HTTP_Exception::factory(404);
     }
 
@@ -61,7 +61,7 @@ public function action_show() {
   public function action_contact() {
     $id = $this->request->arg(0, "digit");
     $user = Identity::lookup_user($id);
-    if (!$this->_can_view_profile_pages($user)) {
+    if (!Identity::can_view_profile($user)) {
       throw HTTP_Exception::factory(404);
     }
 
@@ -104,31 +104,4 @@ public function action_contact() {
 
     $this->response->ajax_form($form);
   }
-
-  protected function _can_view_profile_pages($user) {
-    if (!$user || !$user->loaded()) {
-      return false;
-    }
-
-    if ($user->id == Identity::active_user()->id) {
-      // You can always view your own profile
-      return true;
-    }
-
-    $mode = Module::get_var("gallery", "show_user_profiles_to");
-    switch ($mode) {
-    case "admin_users":
-      return Identity::active_user()->admin;
-
-    case "registered_users":
-      return !Identity::active_user()->guest;
-
-    case "everybody":
-      return true;
-
-    default:
-      // Fail if setting is invalid
-      throw new Gallery_Exception("Invalid show_user_profiles_to setting: $mode");
-    }
-  }
 }
diff --git a/modules/gallery/classes/Gallery/Identity.php b/modules/gallery/classes/Gallery/Identity.php
@@ -135,6 +135,37 @@ static function set_active_user($user) {
     Identity::load_user();
   }
 
+  /**
+   * Can the active user view a user's profile?
+   * @return boolean
+   */
+  static function can_view_profile($user) {
+    if (!$user) {
+      return false;
+    }
+
+    if ($user->id == Identity::active_user()->id) {
+      // You can always view your own profile
+      return true;
+    }
+
+    $mode = Module::get_var("gallery", "show_user_profiles_to");
+    switch ($mode) {
+    case "admin_users":
+      return Identity::active_user()->admin;
+
+    case "registered_users":
+      return !Identity::active_user()->guest;
+
+    case "everybody":
+      return true;
+
+    default:
+      // Fail if setting is invalid
+      throw new Gallery_Exception("Invalid show_user_profiles_to setting: $mode");
+    }
+  }
+
   /**
    * Determine if if the current driver supports updates.
    *