lifetype-1.2/class/action/admin/adminaction.class.php

00001 <?php
00002 
00003         lt_include( PLOG_CLASS_PATH."class/action/action.class.php" );
00004     lt_include( PLOG_CLASS_PATH."class/locale/locales.class.php" );
00005     lt_include( PLOG_CLASS_PATH."class/net/http/httpvars.class.php" );
00006     lt_include( PLOG_CLASS_PATH."class/template/templateservice.class.php" );
00007     lt_include( PLOG_CLASS_PATH."class/misc/version.class.php" );
00008         lt_include( PLOG_CLASS_PATH."class/plugin/pluginmanager.class.php" );
00009         lt_include( PLOG_CLASS_PATH."class/template/cachecontrol.class.php" );
00010         lt_include( PLOG_CLASS_PATH."class/view/admin/admindefaultview.class.php" );
00011         lt_include( PLOG_CLASS_PATH."class/data/textfilter.class.php" );
00012         lt_include( PLOG_CLASS_PATH."class/dao/users.class.php" );
00013         
00017         define( "ADMIN_PERMISSION", 1 );
00018         define( "BLOG_PERMISSION", 2 );
00019 
00035     class AdminAction extends Action 
00036         {
00037 
00038         var $_blogInfo;
00039         var $_userInfo;
00040         var $_session;
00041         var $_config;
00042         var $_locale;
00043                 var $_pm;
00044                 var $_userBlogs;
00045                 var $_permissions;
00046 
00053         function AdminAction( $actionInfo, $request )
00054         {
00055                 $this->Action( $actionInfo, $request );
00056 
00057                         // permission stuff
00058                         $this->_permissions = Array();
00059         
00060             // get information about the session
00061             $session = HttpVars::getSession();
00062             $this->_session = $session["SessionInfo"];
00063 
00064             $this->_config  =& Config::getConfig();
00065 
00066             // get the information about the user and quit if we don't have it...
00067             $this->_getUserInfo();
00068             if( empty( $this->_userInfo ) ) {
00069                 header( "HTTP/1.0 403 Forbidden" );
00070                 print($this->mustAuthenticatePage());
00071                 die();
00072             }
00073 
00074             // do the same with the information about the blog
00075             $this->_getBlogInfo();
00076             if( empty( $this->_blogInfo )) {
00077                 if( $this->_actionInfo->getActionParamValue() != "blogSelect" &&
00078                     $this->_actionInfo->getActionParamValue() != "registerBlog" &&
00079                     $this->_actionInfo->getActionParamValue() != "finishRegisterBlog" ) {
00080                         header( "HTTP/1.0 403 Forbidden" );
00081                         print($this->mustAuthenticatePage());
00082                     die();
00083                 }
00084             }
00085                         
00086                         // prepare the plugin manager in case we'd like to throw events
00087                         $this->_pm =& PluginManager::getPluginManager();                        
00088                         
00089                         // fetch the site locale
00090             $this->_locale =& $this->getLocale();
00091 
00092                         $users =& new Users();
00093             $this->_userBlogs = $users->getUsersBlogs( $this->_userInfo->getId(), BLOG_STATUS_ACTIVE );            
00094                         // in case we're in "admin mode" (where administrators can log into anybody's blog), we should also
00095                         // display the current blog in the drop-down list on the top left corner, if only to make it clear to
00096                         // the user that this is another completely different blog
00097             if( !empty( $this->_blogInfo ) && $this->_blogInfo->getOwnerId() != $this->_userInfo->getId() &&  $this->_userInfo->isSiteAdmin() ) {
00098                                 $find = false;
00099                 foreach( $this->_userBlogs as $userBlog ) {
00100                                         if( $userBlog->getId() == $this->_blogInfo->getId() ) {
00101                                                 $find = true;
00102                                                 break;
00103                                 }
00104                     }
00105                     
00106                             if( !$find ) {
00107                                 $this->_userBlogs[] = $this->_blogInfo;
00108                             }
00109             }            
00110         }
00111 
00116         function _getBlogInfo()
00117         {
00118             $session = HttpVars::getSession();
00119             $sessionInfo = $session["SessionInfo"];
00120 
00121             $this->_blogInfo = $sessionInfo->getValue( "blogInfo" );
00122         }
00123 
00128         function _getUserInfo()
00129         {
00130             $session = HttpVars::getSession();
00131             $sessionInfo = $session["SessionInfo"];
00132             $this->_userInfo = $sessionInfo->getValue("userInfo");
00133         }
00134 
00139         function &getLocale()
00140         {
00141                 // don't like this so much...
00142                 if( !empty( $this->_blogInfo ) ) {
00143                         $this->_blogSettings = $this->_blogInfo->getSettings();
00144                 //$locale =& Locales::getLocale( $this->_blogSettings->getValue("locale"));
00145                                 $locale =& $this->_blogInfo->getLocale();
00146             }
00147             else {
00148                 $locale =& Locales::getLocale( $this->_config->getValue("default_locale"));
00149             }
00150                         
00151                         return $locale;
00152         }
00153 
00161         function setCommonData( $copyFormValues = false )
00162         {       
00163                         parent::setCommonData( $copyFormValues );
00164 
00165                         // initialiaze plugins
00166                         $this->_pm->setBlogInfo( $this->_blogInfo );
00167                         $this->_pm->setUserInfo( $this->_userInfo );
00168                         $this->_pm->getPlugins();                       
00169                         
00170                 $this->_view->setValue( "user", $this->_userInfo );
00171                 $this->_view->setValue( "userBlogs", $this->_userBlogs);
00172                         $this->_view->setUserInfo( $this->_userInfo );
00173             $this->_view->setValue( "blog", $this->_blogInfo );
00174             if( $this->_blogInfo )
00175                 $this->_view->setValue( "blogsettings", $this->_blogInfo->getSettings());
00176             $this->_view->setValue( "op", $this->_actionInfo->_actionParamValue );
00177                         $this->_view->setValue( "locale", $this->_locale );
00178                         $this->_view->setValue( "config", $this->_config );
00179         }
00180 
00185         function saveSession()
00186         {
00187                 if( !empty( $this->_blogInfo ) )
00188                         $this->_session->setValue( "blogId", $this->_blogInfo->getId() );
00189                 if( !empty( $this->_userInfo ) )
00190                 $this->_session->setValue( "userInfo", $this->_userInfo );
00191                 //$_SESSION["SessionInfo"] = $this->_session;
00192             $session = HttpVars::getSession();
00193             $session["SessionInfo"] = $this->_session;
00194             HttpVars::setSession( $session );
00195         }
00196 
00202         function mustAuthenticatePage()
00203         {
00204                         $locale = $this->getLocale();           
00205                         $config =& Config::getConfig();                 
00206                         $destinationUrl = $config->getValue( "logout_destination_url", "" );
00207             if( $destinationUrl == "" ) {
00208                                 $view = new AdminDefaultView();
00209                         }
00210                         else {
00211                                 // nothing else to do, just redirect the browser once we've cleaned up the session
00212                                 lt_include( PLOG_CLASS_PATH."class/view/redirectview.class.php" );                              
00213                                 $view = new RedirectView( $destinationUrl );                                                    
00214                         }
00215                         $view->setErrorMessage( $locale->tr("error_access_forbidden" ));                        
00216                         
00217                         return $view->render();
00218         }
00219                 
00229                 function notifyEvent( $eventType, $params = Array())
00230                 {
00231                         $params[ "from" ] = $this->_actionInfo->getActionParamValue();
00232                         $params[ "request" ] = $this->_request;
00233                         
00234                         return $this->_pm->notifyEvent( $eventType, $params );
00235                 }
00236                 
00245                 function userHasPermission( $permName, $mode = BLOG_PERMISSION )
00246                 {                       
00247                         // check for the permission, whether the user is the blog owner or
00248                         // whether the user is a site administrator
00249                         $hasPermission = false;
00250                         if( $mode == BLOG_PERMISSION ) {
00251                         $hasPermission = ( 
00252                                 $this->_userInfo->hasPermissionByName( $permName, $this->_blogInfo->getId()) ||
00253                                 $this->_blogInfo->getOwnerId() == $this->_userInfo->getId() ||
00254                                         $this->_userInfo->hasPermissionByName( "edit_blog_admin_mode", 0 )
00255                         );
00256                         }
00257                         else {                          
00258                         $hasPermission = ( $this->_userInfo->hasPermissionByName( $permName, 0 ));
00259                         }
00260                         
00261                         return( $hasPermission );
00262                 }
00263                 
00267                 function canPerform()
00268                 {
00269                         foreach( $this->getRequiredPermissions() as $permData ) {
00270                                 if( !$this->userHasPermission( $permData["perm"], $permData["mode"] ))
00271                                         return( false );
00272                         }
00273                         
00274                         return( true );
00275                 }
00276                 
00285                 function requirePermission( $perm, $mode = BLOG_PERMISSION )
00286                 {
00287                         $this->_permissions[] = Array( "perm" => $perm, "mode" => $mode );
00288                 }
00289                 
00296                 function requireAdminPermission( $perm )
00297                 {
00298                         $this->_permissions[] = Array( "perm" => $perm, "mode" => ADMIN_PERMISSION );
00299                 }               
00300                 
00304                 function getRequiredPermissions()
00305                 {
00306                         return( $this->_permissions );
00307                 }               
00308     }
00309 ?>