diff options
author | Bharat Mediratta <bharat@menalto.com> | 2010-02-19 11:40:49 -0800 |
---|---|---|
committer | Bharat Mediratta <bharat@menalto.com> | 2010-02-19 11:40:49 -0800 |
commit | d388e4bb868602f293b73918981bee1de6176a24 (patch) | |
tree | ba51b80b60f412519b57aa48865e74f9d1ca8363 /modules/notification | |
parent | 643fffdba0e595e4e3c4777a52088f81bafded40 (diff) |
Refactor away the "display_all" construct in User_Profile_Controller.
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when. This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.
Throw a 404 if we try to view the user profile for a missing user.
The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.
Don't show any of the edit buttons unless identity::is_writable()
Diffstat (limited to 'modules/notification')
-rw-r--r-- | modules/notification/helpers/notification_event.php | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php index c8628ae4..19e8dedb 100644 --- a/modules/notification/helpers/notification_event.php +++ b/modules/notification/helpers/notification_event.php @@ -128,23 +128,31 @@ class notification_event_Core { } static function show_user_profile($data) { - if ($data->display_all) { - $view = new View("user_profile_notification.html"); - $view->subscriptions = array(); - foreach(ORM::factory("subscription") - ->where("user_id", "=", $data->user->id) - ->find_all() as $subscription) { - $item = ORM::factory("item") + // Guests don't see comment listings + if (identity::active_user()->guest) { + return; + } + + // Only logged in users can see their comment listings + if (identity::active_user()->id != $data->user->id) { + return; + } + + $view = new View("user_profile_notification.html"); + $view->subscriptions = array(); + foreach(ORM::factory("subscription") + ->where("user_id", "=", $data->user->id) + ->find_all() as $subscription) { + $item = ORM::factory("item") ->where("id", "=", $subscription->item_id) ->find(); - if ($item->loaded()) { - $view->subscriptions[] = (object)array("id" => $subscription->id, "title" => $item->title, - "url" => $item->url()); - } - } - if (count($view->subscriptions) > 0) { - $data->content[] = (object)array("title" => t("Watching"), "view" => $view); + if ($item->loaded()) { + $view->subscriptions[] = (object)array("id" => $subscription->id, "title" => $item->title, + "url" => $item->url()); } } + if (count($view->subscriptions) > 0) { + $data->content[] = (object)array("title" => t("Watching"), "view" => $view); + } } }
\ No newline at end of file |