Merge branch 'master' of git@github.com:gallery/gallery3

author: Tim Almdal <tnalmdal@shaw.ca> 2010-02-19 11:49:01 -0800
committer: Tim Almdal <tnalmdal@shaw.ca> 2010-02-19 11:49:01 -0800
commit: f062cc5e1acddfb1bf2b65a55ada7ab873c84aef (patch)
tree: 14be413df53a651499e55bfe714c8678ecfefbef /modules
parent: 10c06989493bdded5f15880baadbc93c5d8ee296 (diff)
parent: d388e4bb868602f293b73918981bee1de6176a24 (diff)
5 files changed, 51 insertions, 35 deletions
diff --git a/modules/gallery/controllers/user_profile.php b/modules/gallery/controllers/user_profile.php
index 05373466..b89bc358 100644
--- a/modules/gallery/controllers/user_profile.php
+++ b/modules/gallery/controllers/user_profile.php
@@ -21,21 +21,21 @@ class User_Profile_Controller extends Controller {
   public function show($id) {
     // If we get here, then we should have a user id other than guest.
     $user = identity::lookup_user($id);
-    $active_user = identity::active_user();
-    $is_current_active = $active_user->id == $id;
-    $can_edit = $is_current_active && !$active_user->guest;
-    $display_all = $active_user->admin || $can_edit;
+    if (!$user) {
+      throw new Kohana_404_Exception();
+    }
 
     $v = new Theme_View("page.html", "other", "profile");
     $v->page_title = t("%name Profile", array("name" => $user->display_name()));
     $v->content = new View("user_profile.html");
 
-    // @todo modify user_home to supply a link to their album,
     $v->content->user = $user;
-    $v->content->not_current = !$is_current_active;
-    $v->content->editable = identity::is_writable() && $can_edit;
+    $v->content->contactable =
+      !$user->guest && $user->id != identity::active_user()->id && $user->email;
+    $v->content->editable =
+      identity::is_writable() && !$user->guest && $user->id == identity::active_user()->id;
 
-    $event_data = (object)array("user" => $user, "display_all" => $display_all, "content" => array());
+    $event_data = (object)array("user" => $user, "content" => array());
     module::event("show_user_profile", $event_data);
     $v->content->info_parts = $event_data->content;
 
diff --git a/modules/gallery/helpers/gallery_event.php b/modules/gallery/helpers/gallery_event.php
index faf1c0c6..36f91142 100644
--- a/modules/gallery/helpers/gallery_event.php
+++ b/modules/gallery/helpers/gallery_event.php
@@ -413,7 +413,7 @@ class gallery_event_Core {
 
     $fields = array("name" => t("Name"), "locale" => t("Language Preference"),
                     "email" => t("Email"), "full_name" => t("Full name"), "url" => "Web site");
-    if (!$data->display_all) {
+    if (!$data->user->guest) {
       $fields = array("name" => t("Name"), "full_name" => t("Full name"), "url" => "Web site");
     }
     $v->user_profile_data = array();
diff --git a/modules/gallery/views/user_profile.html.php b/modules/gallery/views/user_profile.html.php
index 53e8dc1e..257bd7ca 100644
--- a/modules/gallery/views/user_profile.html.php
+++ b/modules/gallery/views/user_profile.html.php
@@ -12,18 +12,18 @@
     <a id="g-profile-return" class="g-button g-right ui-state-default ui-corner-all" href="#">
       <?= t("Return") ?>
     </a>
+    <? if ($editable): ?>
     <a class="g-button g-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("users/form_change_email/{$user->id}") ?>">
       <?= t("Change email") ?>
     </a>
     <a class="g-button g-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("users/form_change_password/{$user->id}") ?>">
       <?= t("Change password") ?>
     </a>
-    <? if ($editable): ?>
     <a class="g-button g-right ui-state-default ui-corner-all g-dialog-link" href="<?= url::site("form/edit/users/{$user->id}") ?>">
       <?= t("Edit") ?>
     </a>
     <? endif ?>
-    <? if (!$user->guest && $not_current && !empty($user->email)): ?>
+    <? if ($contactable): ?>
     <a class="g-button g-right ui-state-default ui-corner-all g-dialog-link"
        href="<?= url::site("user_profile/contact/{$user->id}") ?>">
       <?= t("Contact") ?>
diff --git a/modules/notification/helpers/notification_event.php b/modules/notification/helpers/notification_event.php
index c8628ae4..19e8dedb 100644
--- a/modules/notification/helpers/notification_event.php
+++ b/modules/notification/helpers/notification_event.php
@@ -128,23 +128,31 @@ class notification_event_Core {
   }
 
   static function show_user_profile($data) {
-    if ($data->display_all) {
-      $view = new View("user_profile_notification.html");
-      $view->subscriptions = array();
-      foreach(ORM::factory("subscription")
-              ->where("user_id", "=", $data->user->id)
-              ->find_all() as $subscription) {
-        $item = ORM::factory("item")
+    // Guests don't see comment listings
+    if (identity::active_user()->guest) {
+      return;
+    }
+
+    // Only logged in users can see their comment listings
+    if (identity::active_user()->id != $data->user->id) {
+      return;
+    }
+
+    $view = new View("user_profile_notification.html");
+    $view->subscriptions = array();
+    foreach(ORM::factory("subscription")
+            ->where("user_id", "=", $data->user->id)
+            ->find_all() as $subscription) {
+      $item = ORM::factory("item")
           ->where("id", "=", $subscription->item_id)
           ->find();
-        if ($item->loaded()) {
-          $view->subscriptions[] = (object)array("id" => $subscription->id, "title" => $item->title,
-                                                 "url" => $item->url());
-        }
-      }
-      if (count($view->subscriptions) > 0) {
-        $data->content[] = (object)array("title" => t("Watching"), "view" => $view);
+      if ($item->loaded()) {
+        $view->subscriptions[] = (object)array("id" => $subscription->id, "title" => $item->title,
+                                               "url" => $item->url());
       }
     }
+    if (count($view->subscriptions) > 0) {
+      $data->content[] = (object)array("title" => t("Watching"), "view" => $view);
+    }
   }
 }
 \ No newline at end of file
diff --git a/modules/rest/helpers/rest_event.php b/modules/rest/helpers/rest_event.php
index f9aa34e3..c46e65c4 100644
--- a/modules/rest/helpers/rest_event.php
+++ b/modules/rest/helpers/rest_event.php
@@ -76,19 +76,27 @@ class rest_event {
   }
 
   static function show_user_profile($data) {
-    if ($data->display_all) {
-      $view = new View("user_profile_rest.html");
-      $key = ORM::factory("user_access_token")
+    // Guests can't see a REST key
+    if (identity::active_user()->guest) {
+      return;
+    }
+
+    // Only logged in users can see their own REST key
+    if (identity::active_user()->id != $data->user->id) {
+      return;
+    }
+
+    $view = new View("user_profile_rest.html");
+    $key = ORM::factory("user_access_token")
         ->where("user_id", "=", $data->user->id)
         ->find();
 
-      if (!$key->loaded()) {
-        $key->user_id = $data->user->id;
-        $key->access_key = md5($data->user->name . rand());
-        $key->save();
-      }
-      $view->rest_key = $key->access_key;
-      $data->content[] = (object)array("title" => t("Rest api"), "view" => $view);
+    if (!$key->loaded()) {
+      $key->user_id = $data->user->id;
+      $key->access_key = md5($data->user->name . rand());
+      $key->save();
     }
+    $view->rest_key = $key->access_key;
+    $data->content[] = (object)array("title" => t("Rest api"), "view" => $view);
   }
 }
author	Tim Almdal <tnalmdal@shaw.ca>	2010-02-19 11:49:01 -0800
committer	Tim Almdal <tnalmdal@shaw.ca>	2010-02-19 11:49:01 -0800
commit	f062cc5e1acddfb1bf2b65a55ada7ab873c84aef (patch)
tree	14be413df53a651499e55bfe714c8678ecfefbef /modules
parent	10c06989493bdded5f15880baadbc93c5d8ee296 (diff)
parent	d388e4bb868602f293b73918981bee1de6176a24 (diff)