diff options
| author | Tim Almdal <tnalmdal@shaw.ca> | 2009-10-16 10:06:58 -0700 |
|---|---|---|
| committer | Tim Almdal <tnalmdal@shaw.ca> | 2009-10-16 10:06:58 -0700 |
| commit | 78ee4193b70329c8e0929efd18c22324dd2ad8e0 (patch) | |
| tree | 900c686f12934fdf168ebe214afc1cb414bf4683 | |
| parent | bc241e44c2e4d10ac19ccc32a40c90426672d963 (diff) | |
Remove all non Identity API methods from Identity.php. Created an MY_Session class to provide the user state changes in the session and a login.php helper that has the login form.
41 files changed, 194 insertions, 176 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 84d6ca47..c0658cc1 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -65,7 +65,7 @@ class Comments_Controller extends REST_Controller { $form = comment::get_add_form($item); $valid = $form->validate(); if ($valid) { - if (Identity::active()->guest && !$form->add_comment->inputs["name"]->value) { + if (Session::active_user()->guest && !$form->add_comment->inputs["name"]->value) { $form->add_comment->inputs["name"]->add_error("missing", 1); $valid = false; } @@ -78,13 +78,13 @@ class Comments_Controller extends REST_Controller { if ($valid) { $comment = comment::create( - $item, Identity::active(), + $item, Session::active_user(), $form->add_comment->text->value, $form->add_comment->inputs["name"]->value, $form->add_comment->email->value, $form->add_comment->url->value); - $active = Identity::active(); + $active = Session::active_user(); if ($active->guest) { $form->add_comment->inputs["name"]->value(""); $form->add_comment->email->value(""); @@ -192,7 +192,7 @@ class Comments_Controller extends REST_Controller { * @see REST_Controller::form_edit($resource) */ public function _form_edit($comment) { - if (!Identity::active()->admin) { + if (!Session::active_user()->admin) { access::forbidden(); } print comment::get_edit_form($comment); diff --git a/modules/comment/helpers/comment.php b/modules/comment/helpers/comment.php index 38d65db6..e741266d 100644 --- a/modules/comment/helpers/comment.php +++ b/modules/comment/helpers/comment.php @@ -75,7 +75,7 @@ class comment_Core { module::event("comment_add_form", $form); $group->submit("")->value(t("Add")); - $active = Identity::active(); + $active = Session::active_user(); if (!$active->guest) { $group->inputs["name"]->value($active->full_name)->disabled("disabled"); $group->email->value($active->email)->disabled("disabled"); diff --git a/modules/comment/tests/Comment_Model_Test.php b/modules/comment/tests/Comment_Model_Test.php index 76de2a34..84532a96 100644 --- a/modules/comment/tests/Comment_Model_Test.php +++ b/modules/comment/tests/Comment_Model_Test.php @@ -23,7 +23,7 @@ class Comment_Model_Test extends Unit_Test_Case { $root = ORM::factory("item", 1); $album = album::create($root, rand(), rand(), rand()); $comment = comment::create($album, Identity::guest(), "text", "name", "email", "url"); - Identity::set_active(Identity::guest()); + Session::set_active_user(Identity::guest()); // We can see the comment when permissions are granted on the album access::allow(Identity::everybody(), "view", $album); diff --git a/modules/gallery/controllers/admin.php b/modules/gallery/controllers/admin.php index 8a4181a6..24eebe7d 100644 --- a/modules/gallery/controllers/admin.php +++ b/modules/gallery/controllers/admin.php @@ -21,7 +21,7 @@ class Admin_Controller extends Controller { private $theme; public function __construct($theme=null) { - if (!(Identity::active()->admin)) { + if (!(Session::active_user()->admin)) { access::forbidden(); } diff --git a/modules/gallery/controllers/albums.php b/modules/gallery/controllers/albums.php index fdf06ec0..055ff22b 100644 --- a/modules/gallery/controllers/albums.php +++ b/modules/gallery/controllers/albums.php @@ -29,7 +29,7 @@ class Albums_Controller extends Items_Controller { $view = new Theme_View("page.html", "login"); $view->page_title = t("Log in to Gallery"); $view->content = new View("login_ajax.html"); - $view->content->form = Identity::get_login_form("login/auth_html"); + $view->content->form = login::get_login_form("login/auth_html"); print $view; return; } else { @@ -111,7 +111,7 @@ class Albums_Controller extends Items_Controller { $this->input->post("name"), $this->input->post("title", $this->input->post("name")), $this->input->post("description"), - Identity::active()->id, + Session::active_user()->id, $this->input->post("slug")); log::success("content", "Created an album", @@ -146,7 +146,7 @@ class Albums_Controller extends Items_Controller { $_FILES["file"]["name"], $this->input->post("title", $this->input->post("name")), $this->input->post("description"), - Identity::active()->id); + Session::active_user()->id); log::success("content", "Added a photo", html::anchor("photos/$photo->id", "view photo")); message::success(t("Added photo %photo_title", diff --git a/modules/gallery/controllers/l10n_client.php b/modules/gallery/controllers/l10n_client.php index b3929c5d..2ab73102 100644 --- a/modules/gallery/controllers/l10n_client.php +++ b/modules/gallery/controllers/l10n_client.php @@ -20,7 +20,7 @@ class L10n_Client_Controller extends Controller { public function save() { access::verify_csrf(); - if (!Identity::active()->admin) { + if (!Session::active_user()->admin) { access::forbidden(); } @@ -85,7 +85,7 @@ class L10n_Client_Controller extends Controller { public function toggle_l10n_mode() { access::verify_csrf(); - if (!Identity::active()->admin) { + if (!Session::active_user()->admin) { access::forbidden(); } diff --git a/modules/gallery/controllers/login.php b/modules/gallery/controllers/login.php index c8b771ca..96a97a1d 100644 --- a/modules/gallery/controllers/login.php +++ b/modules/gallery/controllers/login.php @@ -21,7 +21,7 @@ class Login_Controller extends Controller { public function ajax() { $view = new View("login_ajax.html"); - $view->form = Identity::get_login_form("login/auth_ajax"); + $view->form = login::get_login_form("login/auth_ajax"); print $view; } @@ -40,7 +40,7 @@ class Login_Controller extends Controller { } public function html() { - print Identity::get_login_form("login/auth_html"); + print login::get_login_form("login/auth_html"); } public function auth_html() { @@ -54,7 +54,7 @@ class Login_Controller extends Controller { } } private function _auth($url) { - $form = Identity::get_login_form($url); + $form = login::get_login_form($url); $valid = $form->validate(); if ($valid) { $user = Identity::lookup_user_by_name($form->login->inputs["name"]->value); @@ -69,7 +69,12 @@ class Login_Controller extends Controller { } if ($valid) { - Identity::login($user); + if (Identity::is_writable()) { + $user->login_count += 1; + $user->last_login = time(); + $user->save(); + } + Session::set_active_user($user); log::info("user", t("User %name logged in", array("name" => $user->name))); } diff --git a/modules/gallery/controllers/logout.php b/modules/gallery/controllers/logout.php index 6841b870..058860fa 100644 --- a/modules/gallery/controllers/logout.php +++ b/modules/gallery/controllers/logout.php @@ -19,10 +19,15 @@ */ class Logout_Controller extends Controller { public function index() { - //access::verify_csrf(); - - $user = Identity::active(); - Identity::logout(); + $user = Session::active_user(); + if (!$user->guest) { + try { + Session::instance()->destroy(); + } catch (Exception $e) { + Kohana::log("error", $e); + } + module::event("user_logout", $user); + } log::info("user", t("User %name logged out", array("name" => $user->name)), html::anchor("user/$user->id", html::clean($user->name))); if ($continue_url = $this->input->get("continue")) { diff --git a/modules/gallery/controllers/permissions.php b/modules/gallery/controllers/permissions.php index 6b1e926f..7a06c3d3 100644 --- a/modules/gallery/controllers/permissions.php +++ b/modules/gallery/controllers/permissions.php @@ -74,7 +74,7 @@ class Permissions_Controller extends Controller { // If the active user just took away their own edit permissions, give it back. if ($perm->name == "edit") { - if (!access::user_can(Identity::active(), "edit", $item)) { + if (!access::user_can(Session::active_user(), "edit", $item)) { access::allow($group, $perm->name, $item); } } diff --git a/modules/gallery/controllers/upgrader.php b/modules/gallery/controllers/upgrader.php index f6ca4c8a..e0c5d340 100644 --- a/modules/gallery/controllers/upgrader.php +++ b/modules/gallery/controllers/upgrader.php @@ -40,7 +40,7 @@ class Upgrader_Controller extends Controller { } $view = new View("upgrader.html"); - $view->can_upgrade = Identity::active()->admin || $session->get("can_upgrade"); + $view->can_upgrade = Session::active_user()->admin || $session->get("can_upgrade"); $view->upgrade_token = $upgrade_token; $view->available = module::available(); $view->done = ($available_upgrades == 0); @@ -52,7 +52,7 @@ class Upgrader_Controller extends Controller { // @todo this may screw up some module installers, but we don't have a better answer at // this time. $_SERVER["HTTP_HOST"] = "example.com"; - } else if (!Identity::active()->admin && !Session::instance()->get("can_upgrade", false)) { + } else if (!Session::active_user()->admin && !Session::instance()->get("can_upgrade", false)) { access::forbidden(); } diff --git a/modules/gallery/controllers/welcome_message.php b/modules/gallery/controllers/welcome_message.php index c093b67d..cfdc3976 100644 --- a/modules/gallery/controllers/welcome_message.php +++ b/modules/gallery/controllers/welcome_message.php @@ -19,12 +19,12 @@ */ class Welcome_Message_Controller extends Controller { public function index() { - if (!Identity::active()->admin) { + if (!Session::active_user()->admin) { url::redirect(item::root()->abs_url()); } $v = new View("welcome_message.html"); - $v->user = Identity::active(); + $v->user = Session::active_user(); print $v; } } diff --git a/modules/gallery/helpers/access.php b/modules/gallery/helpers/access.php index 0e0e749e..21f4de81 100644 --- a/modules/gallery/helpers/access.php +++ b/modules/gallery/helpers/access.php @@ -79,7 +79,7 @@ class access_Core { * @return boolean */ static function can($perm_name, $item) { - return self::user_can(Identity::active(), $perm_name, $item); + return self::user_can(Session::active_user(), $perm_name, $item); } /** diff --git a/modules/gallery/helpers/gallery.php b/modules/gallery/helpers/gallery.php index e1fa2a7c..18bb2609 100644 --- a/modules/gallery/helpers/gallery.php +++ b/modules/gallery/helpers/gallery.php @@ -27,7 +27,7 @@ class gallery_Core { static function maintenance_mode() { $maintenance_mode = Kohana::config("core.maintenance_mode", false, false); - if (Router::$controller != "login" && !empty($maintenance_mode) && !Identity::active()->admin) { + if (Router::$controller != "login" && !empty($maintenance_mode) && !Session::active_user()->admin) { Router::$controller = "maintenance"; Router::$controller_path = MODPATH . "gallery/controllers/maintenance.php"; Router::$method = "index"; diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php index abead9e3..a6aa0657 100644 --- a/modules/gallery/helpers/gallery_event.php +++ b/modules/gallery/helpers/gallery_event.php @@ -24,10 +24,10 @@ class gallery_event_Core { */ static function gallery_ready() { // Call Identity::instance() now to force the load of the user interface classes. - // Identity::load_user will attempt to load the active user from the session and needs + // Session::load_user will attempt to load the active user from the session and needs // the user definition class, which can't be reached by Kohana's heiracrchical lookup. Identity::instance(); - Identity::load_user(); + Session::load_user(); locales::set_request_locale(); } @@ -139,7 +139,7 @@ class gallery_event_Core { } } - if (Identity::active()->admin) { + if (Session::active_user()->admin) { $menu->append($admin_menu = Menu::factory("submenu") ->id("admin_menu") ->label(t("Admin"))); diff --git a/modules/gallery/helpers/gallery_theme.php b/modules/gallery/helpers/gallery_theme.php index cc46a88a..d21cb124 100644 --- a/modules/gallery/helpers/gallery_theme.php +++ b/modules/gallery/helpers/gallery_theme.php @@ -54,7 +54,7 @@ class gallery_theme_Core { static function header_top($theme) { if ($theme->page_type != "login") { $view = new View("login.html"); - $view->user = Identity::active(); + $view->user = Session::active_user(); return $view->render(); } } diff --git a/modules/gallery/helpers/item.php b/modules/gallery/helpers/item.php index bce83bb3..3d36a324 100644 --- a/modules/gallery/helpers/item.php +++ b/modules/gallery/helpers/item.php @@ -158,8 +158,8 @@ class item_Core { */ static function viewable($model) { $view_restrictions = array(); - if (!Identity::active()->admin) { - foreach (Identity::group_ids_for_active_user() as $id) { + if (!Session::active_user()->admin) { + foreach (Session::group_ids_for_active_user() as $id) { // Separate the first restriction from the rest to make it easier for us to formulate // our where clause below if (empty($view_restrictions)) { diff --git a/modules/gallery/helpers/locales.php b/modules/gallery/helpers/locales.php index 2dfc7f21..f80fce03 100644 --- a/modules/gallery/helpers/locales.php +++ b/modules/gallery/helpers/locales.php @@ -141,7 +141,7 @@ class locales_Core { $locale = self::cookie_locale(); // 2. Check the user's preference if (!$locale) { - $locale = Identity::active()->locale; + $locale = Session::active_user()->locale; } // 3. Check the browser's / OS' preference if (!$locale) { diff --git a/modules/gallery/helpers/log.php b/modules/gallery/helpers/log.php index 512723dd..d1b34e3a 100644 --- a/modules/gallery/helpers/log.php +++ b/modules/gallery/helpers/log.php @@ -80,7 +80,7 @@ class log_Core { $log->url = substr(url::abs_current(true), 0, 255); $log->referer = request::referrer(null); $log->timestamp = time(); - $log->user_id = Identity::active()->id; + $log->user_id = Session::active_user()->id; $log->save(); } diff --git a/modules/gallery/helpers/login.php b/modules/gallery/helpers/login.php new file mode 100644 index 00000000..d44153ad --- /dev/null +++ b/modules/gallery/helpers/login.php @@ -0,0 +1,31 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ +class login_Core { + static function get_login_form($url) { + $form = new Forge($url, "", "post", array("id" => "g-login-form")); + $form->set_attr('class', "g-narrow"); + $group = $form->group("login")->label(t("Login")); + $group->input("name")->label(t("Username"))->id("g-username")->class(null); + $group->password("password")->label(t("Password"))->id("g-password")->class(null); + $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); + $group->submit("")->value(t("Login")); + return $form; + } +}
\ No newline at end of file diff --git a/modules/gallery/helpers/movie.php b/modules/gallery/helpers/movie.php index bc0efa01..9541f20e 100644 --- a/modules/gallery/helpers/movie.php +++ b/modules/gallery/helpers/movie.php @@ -77,7 +77,7 @@ class movie_Core { $movie->title = $title; $movie->description = $description; $movie->name = $name; - $movie->owner_id = $owner_id ? $owner_id : Identity::active()->id; + $movie->owner_id = $owner_id ? $owner_id : Session::active_user()->id; $movie->width = $movie_info[0]; $movie->height = $movie_info[1]; $movie->mime_type = strtolower($pi["extension"]) == "mp4" ? "video/mp4" : "video/x-flv"; diff --git a/modules/gallery/helpers/photo.php b/modules/gallery/helpers/photo.php index ad23e322..203862cd 100644 --- a/modules/gallery/helpers/photo.php +++ b/modules/gallery/helpers/photo.php @@ -76,7 +76,7 @@ class photo_Core { $photo->title = $title; $photo->description = $description; $photo->name = $name; - $photo->owner_id = $owner_id ? $owner_id : Identity::active()->id; + $photo->owner_id = $owner_id ? $owner_id : Session::active_user()->id; $photo->width = $image_info[0]; $photo->height = $image_info[1]; $photo->mime_type = empty($image_info['mime']) ? "application/unknown" : $image_info['mime']; diff --git a/modules/gallery/helpers/site_status.php b/modules/gallery/helpers/site_status.php index 3f7ff19d..06b29fda 100644 --- a/modules/gallery/helpers/site_status.php +++ b/modules/gallery/helpers/site_status.php @@ -95,7 +95,7 @@ class site_status_Core { * @return html text */ static function get() { - if (!Identity::active()->admin) { + if (!Session::active_user()->admin) { return; } $buf = array(); diff --git a/modules/gallery/helpers/task.php b/modules/gallery/helpers/task.php index 4735c36c..f84fd10e 100644 --- a/modules/gallery/helpers/task.php +++ b/modules/gallery/helpers/task.php @@ -42,7 +42,7 @@ class task_Core { $task->percent_complete = 0; $task->status = ""; $task->state = "started"; - $task->owner_id = Identity::active()->id; + $task->owner_id = Session::active_user()->id; $task->context = serialize($context); $task->save(); diff --git a/modules/gallery/libraries/Admin_View.php b/modules/gallery/libraries/Admin_View.php index b1bb4ada..74a08c77 100644 --- a/modules/gallery/libraries/Admin_View.php +++ b/modules/gallery/libraries/Admin_View.php @@ -36,12 +36,12 @@ class Admin_View_Core extends Gallery_View { parent::__construct($name); $this->theme_name = module::get_var("gallery", "active_admin_theme"); - if (Identity::active()->admin) { + if (Session::active_user()->admin) { $this->theme_name = Input::instance()->get("theme", $this->theme_name); } $this->sidebar = ""; $this->set_global("theme", $this); - $this->set_global("user", Identity::active()); + $this->set_global("user", Session::active_user()); } public function admin_menu() { diff --git a/modules/gallery/libraries/Identity.php b/modules/gallery/libraries/Identity.php index fb553de6..f844cf8f 100644 --- a/modules/gallery/libraries/Identity.php +++ b/modules/gallery/libraries/Identity.php @@ -194,111 +194,4 @@ class Identity_Core { static function get_user_list($ids) { return self::instance()->driver->get_user_list($ids); } - - static function get_login_form($url) { - $form = new Forge($url, "", "post", array("id" => "g-login-form")); - $form->set_attr('class', "g-narrow"); - $group = $form->group("login")->label(t("Login")); - $group->input("name")->label(t("Username"))->id("g-username")->class(null); - $group->password("password")->label(t("Password"))->id("g-password")->class(null); - $group->inputs["name"]->error_messages("invalid_login", t("Invalid name or password")); - $group->submit("")->value(t("Login")); - return $form; - } - - /** - * Return the active user. If there's no active user, return the guest user. - * - * @return User_Model - */ - static function active() { - // @todo (maybe) cache this object so we're not always doing session lookups. - $user = Session::instance()->get("user", null); - if (!isset($user)) { - // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary - // work. - $user = self::guest(); - } - return $user; - } - - /** - * Change the active user. - * - * @return User_Model - */ - static function set_active($user) { - $session = Session::instance(); - $session->set("user", $user); - $session->delete("group_ids"); - self::load_user(); - } - - /** - * Return the array of group ids this user belongs to - * - * @return array - */ - static function group_ids_for_active_user() { - return Session::instance()->get("group_ids", array(1)); - } - - /** - * Make sure that we have a session and group_ids cached in the session. This is one - * of the first calls to reference the user so call the Identity::instance to load the - * driver classes. - */ - static function load_user() { - $session = Session::instance(); - if (!($user = $session->get("user"))) { - $session->set("user", $user = self::guest()); - } - - // The installer cannot set a user into the session, so it just sets an id which we should - // upconvert into a user. - // @todo set the user name into the session instead of 2 and then use it to get the user object - if ($user === 2) { - $user = self::lookup_user_by_name("admin"); - self::login($user); - $session->set("user", $user); - } - - if (!$session->get("group_ids")) { - $ids = array(); - foreach ($user->groups as $group) { - $ids[] = $group->id; - } - $session->set("group_ids", $ids); - } - } - - /** - * Log in as a given user. - * @param object $user the user object. - */ - static function login($user) { - // @todo make this an interface call - $user->login_count += 1; - $user->last_login = time(); - $user->save(); - - self::set_active($user); - module::event("user_login", $user); - } - - /** - * Log out the active user and destroy the session. - * @param object $user the user object. - */ - static function logout() { - $user = self::active(); - if (!$user->guest) { - try { - Session::instance()->destroy(); - } catch (Exception $e) { - Kohana::log("error", $e); - } - module::event("user_logout", $user); - } - } } // End Identity diff --git a/modules/gallery/libraries/MY_Session.php b/modules/gallery/libraries/MY_Session.php new file mode 100644 index 00000000..6394c0fb --- /dev/null +++ b/modules/gallery/libraries/MY_Session.php @@ -0,0 +1,84 @@ +<?php defined("SYSPATH") or die("No direct script access."); +/** + * Gallery - a web based photo album viewer and editor + * Copyright (C) 2000-2009 Bharat Mediratta + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or (at + * your option) any later version. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. + */ + +class Session extends Session_Core { + /** + * Make sure that we have a session and group_ids cached in the session. + */ + static function load_user() { + $session = Session::instance(); + if (!($user = $session->get("user"))) { + $session->set("user", $user = Identity::guest()); + } + + // The installer cannot set a user into the session, so it just sets an id which we should + // upconvert into a user. + // @todo set the user name into the session instead of 2 and then use it to get the user object + if ($user === 2) { + $user = Instance::lookup_user_by_name("admin"); + self::set_active_user($user); + $session->set("user", $user); + } + + if (!$session->get("group_ids")) { + $ids = array(); + foreach ($user->groups as $group) { + $ids[] = $group->id; + } + $session->set("group_ids", $ids); + } + } + + /** + * Return the array of group ids this user belongs to + * + * @return array + */ + static function group_ids_for_active_user() { + return self::instance()->get("group_ids", array(1)); + } + + /** + * Return the active user. If there's no active user, return the guest user. + * + * @return User_Definition + */ + static function active_user() { + // @todo (maybe) cache this object so we're not always doing session lookups. + $user = self::instance()->get("user", null); + if (!isset($user)) { + // Don't do this as a fallback in the Session::get() call because it can trigger unnecessary + // work. + $user = Identity::guest(); + } + return $user; + } + + /** + * Change the active user. + * @param User_Definition $user + */ + static function set_active_user($user) { + $session = Session::instance(); + $session->set("user", $user); + $session->delete("group_ids"); + self::load_user(); + } +}
\ No newline at end of file diff --git a/modules/gallery/libraries/Theme_View.php b/modules/gallery/libraries/Theme_View.php index 4e87f4fb..2fdc7531 100644 --- a/modules/gallery/libraries/Theme_View.php +++ b/modules/gallery/libraries/Theme_View.php @@ -37,13 +37,13 @@ class Theme_View_Core extends Gallery_View { parent::__construct($name); $this->theme_name = module::get_var("gallery", "active_site_theme"); - if (Identity::active()->admin) { + if (Session::active_user()->admin) { $this->theme_name = Input::instance()->get("theme", $this->theme_name); } $this->item = null; $this->tag = null; $this->set_global("theme", $this); - $this->set_global("user", Identity::active()); + $this->set_global("user", Session::active_user()); $this->set_global("page_type", $page_type); $this->set_global("page_title", null); if ($page_type == "album") { @@ -158,7 +158,7 @@ class Theme_View_Core extends Gallery_View { */ public function sidebar_blocks() { $sidebar = block_manager::get_html("site.sidebar", $this); - if (empty($sidebar) && Identity::active()->admin) { + if (empty($sidebar) && Session::active_user()->admin) { $sidebar = new View("no_sidebar.html"); } return $sidebar; diff --git a/modules/gallery/tests/Access_Helper_Test.php b/modules/gallery/tests/Access_Helper_Test.php index 4904887a..b3b5ed30 100644 --- a/modules/gallery/tests/Access_Helper_Test.php +++ b/modules/gallery/tests/Access_Helper_Test.php @@ -45,7 +45,7 @@ class Access_Helper_Test extends Unit_Test_Case { } public function setup() { - Identity::set_active(Identity::guest()); + Session::set_active_user(Identity::guest()); } public function groups_and_permissions_are_bound_to_columns_test() { @@ -295,7 +295,7 @@ class Access_Helper_Test extends Unit_Test_Case { $user->remove($group); } $user->save(); - Identity::set_active($user); + Session::set_active_user($user); // This user can't edit anything $root = ORM::factory("item", 1); @@ -308,7 +308,7 @@ class Access_Helper_Test extends Unit_Test_Case { access::allow($group, "edit", $root); $user = Identity::lookup_user($user->id); // reload() does not flush related columns - Identity::set_active($user); + Session::set_active_user($user); // And verify that the user can edit. $this->assert_true(access::can("edit", $root)); @@ -363,7 +363,7 @@ class Access_Helper_Test extends Unit_Test_Case { } public function moved_items_inherit_new_permissions_test() { - Identity::set_active(Identity::lookup_user_by_name("admin")); + Session::set_active_user(Identity::lookup_user_by_name("admin")); $root = ORM::factory("item", 1); $public_album = album::create($root, rand(), "public album"); diff --git a/modules/gallery/tests/Item_Helper_Test.php b/modules/gallery/tests/Item_Helper_Test.php index d4cfebba..fc01db91 100644 --- a/modules/gallery/tests/Item_Helper_Test.php +++ b/modules/gallery/tests/Item_Helper_Test.php @@ -23,7 +23,7 @@ class Item_Helper_Test extends Unit_Test_Case { $root = ORM::factory("item", 1); $album = album::create($root, rand(), rand(), rand()); $item = self::_create_random_item($album); - Identity::set_active(Identity::guest()); + Session::set_active_user(Identity::guest()); // We can see the item when permissions are granted access::allow(Identity::everybody(), "view", $album); diff --git a/modules/gallery/tests/Photos_Controller_Test.php b/modules/gallery/tests/Photos_Controller_Test.php index 3f99e037..cdb4ae4f 100644 --- a/modules/gallery/tests/Photos_Controller_Test.php +++ b/modules/gallery/tests/Photos_Controller_Test.php @@ -31,7 +31,7 @@ class Photos_Controller_Test extends Unit_Test_Case { $root = ORM::factory("item", 1); $photo = photo::create( $root, MODPATH . "gallery/tests/test.jpg", "test.jpeg", - "test", "test", Identity::active(), "slug"); + "test", "test", Session::active_user(), "slug"); $orig_name = $photo->name; $_POST["filename"] = "test.jpeg"; diff --git a/modules/gallery/views/kohana_error_page.php b/modules/gallery/views/kohana_error_page.php index bca29298..0256fabb 100644 --- a/modules/gallery/views/kohana_error_page.php +++ b/modules/gallery/views/kohana_error_page.php @@ -57,7 +57,7 @@ <title><?= t("Something went wrong!") ?></title> </head> <body> - <? try { $user = Identity::active(); } catch (Exception $e) { } ?> + <? try { $user = Session::active_user(); } catch (Exception $e) { } ?> <? $admin = php_sapi_name() == "cli" || isset($user) && $user->admin ?> <div class="big_box" id="framework_error"> <h1> diff --git a/modules/gallery/views/maintenance.html.php b/modules/gallery/views/maintenance.html.php index dc8925b4..0aeaaec2 100644 --- a/modules/gallery/views/maintenance.html.php +++ b/modules/gallery/views/maintenance.html.php @@ -43,7 +43,7 @@ <p> <?= t("This site is currently only accessible by site administrators.") ?> </p> - <?= Identity::get_login_form("login/auth_html") ?> + <?= login::get_login_form("login/auth_html") ?> </body> </html> diff --git a/modules/notification/helpers/notification.php b/modules/notification/helpers/notification.php index 2e22eeae..64eed8dc 100644 --- a/modules/notification/helpers/notification.php +++ b/modules/notification/helpers/notification.php @@ -20,7 +20,7 @@ class notification { static function get_subscription($item_id, $user=null) { if (empty($user)) { - $user = Identity::active(); + $user = Session::active_user(); } return ORM::factory("subscription") @@ -31,7 +31,7 @@ class notification { static function is_watching($item, $user=null) { if (empty($user)) { - $user = Identity::active(); + $user = Session::active_user(); } return ORM::factory("subscription") @@ -44,7 +44,7 @@ class notification { static function add_watch($item, $user=null) { if ($item->is_album()) { if (empty($user)) { - $user = Identity::active(); + $user = Session::active_user(); } $subscription = ORM::factory("subscription"); $subscription->item_id = $item->id; @@ -56,7 +56,7 @@ class notification { static function remove_watch($item, $user=null) { if ($item->is_album()) { if (empty($user)) { - $user = Identity::active(); + $user = Session::active_user(); } $subscription = ORM::factory("subscription") diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index d519bdc4..f0530cd9 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -95,7 +95,7 @@ class notification_event_Core { } static function site_menu($menu, $theme) { - if (!Identity::active()->guest) { + if (!Session::active_user()->guest) { $item = $theme->item(); if ($item && $item->is_album() && access::can("view", $item)) { diff --git a/modules/search/helpers/search.php b/modules/search/helpers/search.php index 86107714..8b14cfa9 100644 --- a/modules/search/helpers/search.php +++ b/modules/search/helpers/search.php @@ -22,8 +22,8 @@ class search_Core { $db = Database::instance(); $q = $db->escape_str($q); - if (!Identity::active()->admin) { - foreach (Identity::group_ids_for_active_user() as $id) { + if (!Session::active_user()->admin) { + foreach (Session::group_ids_for_active_user() as $id) { $fields[] = "`view_$id` = TRUE"; // access::ALLOW } $access_sql = "AND (" . join(" AND ", $fields) . ")"; diff --git a/modules/server_add/controllers/server_add.php b/modules/server_add/controllers/server_add.php index 701c89fd..428065f6 100644 --- a/modules/server_add/controllers/server_add.php +++ b/modules/server_add/controllers/server_add.php @@ -103,7 +103,7 @@ class Server_Add_Controller extends Admin_Controller { access::verify_csrf(); $task = ORM::factory("task", $task_id); - if (!$task->loaded || $task->owner_id != Identity::active()->id) { + if (!$task->loaded || $task->owner_id != Session::active_user()->id) { access::forbidden(); } @@ -207,7 +207,7 @@ class Server_Add_Controller extends Admin_Controller { $task->set("mode", "done"); } - $owner_id = Identity::active()->id; + $owner_id = Session::active_user()->id; foreach ($entries as $entry) { if (microtime(true) - $start > 0.5) { break; diff --git a/modules/server_add/helpers/server_add_event.php b/modules/server_add/helpers/server_add_event.php index 76357871..8f8b0016 100644 --- a/modules/server_add/helpers/server_add_event.php +++ b/modules/server_add/helpers/server_add_event.php @@ -30,7 +30,7 @@ class server_add_event_Core { $item = $theme->item(); $paths = unserialize(module::get_var("server_add", "authorized_paths")); - if ($item && Identity::active()->admin && $item->is_album() && !empty($paths) && + if ($item && Session::active_user()->admin && $item->is_album() && !empty($paths) && is_writable($item->is_album() ? $item->file_path() : $item->parent()->file_path())) { $menu->get("add_menu") ->append(Menu::factory("dialog") diff --git a/modules/server_add/helpers/server_add_theme.php b/modules/server_add/helpers/server_add_theme.php index cecb90b4..44681d36 100644 --- a/modules/server_add/helpers/server_add_theme.php +++ b/modules/server_add/helpers/server_add_theme.php @@ -19,7 +19,7 @@ */ class server_add_theme_Core { static function head($theme) { - if (Identity::active()->admin) { + if (Session::active_user()->admin) { $theme->script("server_add.js"); } } diff --git a/modules/user/controllers/admin_users.php b/modules/user/controllers/admin_users.php index fed872a5..258de843 100644 --- a/modules/user/controllers/admin_users.php +++ b/modules/user/controllers/admin_users.php @@ -69,7 +69,7 @@ class Admin_Users_Controller extends Admin_Controller { public function delete_user($id) { access::verify_csrf(); - if ($id == Identity::active()->id || $id == user::guest()->id) { + if ($id == Session::active_user()->id || $id == user::guest()->id) { access::forbidden(); } @@ -136,7 +136,7 @@ class Admin_Users_Controller extends Admin_Controller { } // An admin can change the admin status for any user but themselves - if ($user->id != Identity::active()->id) { + if ($user->id != Session::active_user()->id) { $user->admin = $form->edit_user->admin->checked; } $user->save(); @@ -158,7 +158,7 @@ class Admin_Users_Controller extends Admin_Controller { $form = $this->_get_user_edit_form_admin($user); // Don't allow the user to control their own admin bit, else you can lock yourself out - if ($user->id == Identity::active()->id) { + if ($user->id == Session::active_user()->id) { $form->edit_user->admin->disabled(1); } print $form; diff --git a/modules/user/controllers/users.php b/modules/user/controllers/users.php index ebce1d8d..0ccf3e2a 100644 --- a/modules/user/controllers/users.php +++ b/modules/user/controllers/users.php @@ -21,7 +21,7 @@ class Users_Controller extends Controller { public function update($id) { $user = user::lookup($id); - if ($user->guest || $user->id != Identity::active()->id) { + if ($user->guest || $user->id != Session::active_user()->id) { access::forbidden(); } @@ -59,7 +59,7 @@ class Users_Controller extends Controller { public function form_edit($id) { $user = user::lookup($id); - if ($user->guest || $user->id != Identity::active()->id) { + if ($user->guest || $user->id != Session::active_user()->id) { access::forbidden(); } diff --git a/modules/user/views/admin_users.html.php b/modules/user/views/admin_users.html.php index 400686cc..899e0b68 100644 --- a/modules/user/views/admin_users.html.php +++ b/modules/user/views/admin_users.html.php @@ -90,7 +90,7 @@ <span class="ui-icon ui-icon-pencil"></span><span class="g-button-text"> <?= t("edit") ?> </span></a> - <? if (Identity::active()->id != $user->id && !$user->guest): ?> + <? if (Session::active_user()->id != $user->id && !$user->guest): ?> <a href="<?= url::site("admin/users/delete_user_form/$user->id") ?>" class="g-dialog-link g-button ui-state-default ui-corner-all ui-icon-left"> <span class="ui-icon ui-icon-trash"></span><?= t("delete") ?></a> |