stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-05-22 12:29:11 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
c38bee203b8e89cfb1446ecacd133f3c679ffbcc
gallery3/modules/rest/helpers/rest_event.php
Bharat Mediratta d388e4bb86 Refactor away the "display_all" construct in User_Profile_Controller. 
"display_all" is too coarse, and we should be letting event handlers
make the appropriate decision on what to display and when.  This
duplicates some code, but it's now very clear in the event handlers
what's getting shown.

Throw a 404 if we try to view the user profile for a missing user.

The only feature change in this should be that we now display the
name, full name and website for a user to any other registered user,
which makes sense since these are typically public fields.

Don't show any of the edit buttons unless identity::is_writable()
2010-02-19 11:40:49 -08:00

103 lines
3.0 KiB
PHP
Raw Blame History

<?php defined("SYSPATH") or die("No direct script access.");
/**
* Gallery - a web based photo album viewer and editor
* Copyright (C) 2000-2009 Bharat Mediratta
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or (at
* your option) any later version.
*
* This program is distributed in the hope that it will be useful, but
* WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA.
*/
class rest_event {
/**
* Called just before a user is deleted. This will remove the user from
* the user_homes directory.
*/
static function user_before_delete($user) {
db::build()
->delete("user_access_tokens")
->where("id", "=", $user->id)
->execute();
}
/**
* Called after a user has been added. Just add a remote access key
* on every add.
*/
static function user_add_form_admin_completed($user, $form) {
$key = ORM::factory("user_access_token");
$key->user_id = $user->id;
$key->access_key = md5($user->name . rand());
$key->save();
}
/**
* Called when admin is editing a user
*/
static function user_edit_form_admin($user, $form) {
self::_get_access_key_form($user, $form);
}
/**
* Called when user is editing their own form
*/
static function user_edit_form($user, $form) {
self::_get_access_key_form($user, $form);
}
/**
* Get the form fields for user edit
*/
static function _get_access_key_form($user, $form) {
$key = ORM::factory("user_access_token")
->where("user_id", "=", $user->id)
->find();
if (!$key->loaded()) {
$key->user_id = $user->id;
$key->access_key = md5($user->name . rand());
$key->save();
}
$form->edit_user->input("user_access_token")
->value($key->access_key)
->readonly("readonly")
->class("g-form-static")
->label(t("Remote access key"));
}
static function show_user_profile($data) {
// Guests can't see a REST key
if (identity::active_user()->guest) {
return;
}
// Only logged in users can see their own REST key
if (identity::active_user()->id != $data->user->id) {
return;
}
$view = new View("user_profile_rest.html");
$key = ORM::factory("user_access_token")
->where("user_id", "=", $data->user->id)
->find();
if (!$key->loaded()) {
$key->user_id = $data->user->id;
$key->access_key = md5($data->user->name . rand());
$key->save();
}
$view->rest_key = $key->access_key;
$data->content[] = (object)array("title" => t("Rest api"), "view" => $view);
}
}
Reference in New Issue View Git Blame Copy Permalink