/* the code above is auto generated do not remove the tag below */
###END_AUTOCODE
-
+ /**
+ * send a template
+ * - user must be authenticate or args[no_auth] = true
+ * or template = password_[reset|welcome]
+ *
+ */
function sendTemplate($templateFile, $args)
{
$content->$k = $v;
}
- if (!in_array($templateFile, array(
+ if (empty($args['no_auth']) && !in_array($templateFile, array(
// templates that can be sent without authentication.
'password_reset' ,
'password_welcome'
{
return empty($this->name) ? $this->email : $this->name;
}
- function whereAddIn($key, $list, $type) {
- $ar = array();
- foreach($list as $k) {
- $ar[] = $type =='int' ? (int)$k : $this->escape($k);
- }
- if (!$ar) {
- return;
- }
- $this->whereAdd("$key IN (". implode(',', $ar). ')');
- }
- function fetchAll($k= false, $v = false)
- {
- // should it even do this!!!?!?
- if ($k !== false &&
- ( // only do this is we have not been explicit..
- empty($this->_query['data_select']) ||
- ($this->_query['data_select'] == '*')
- )
- ) {
- $this->selectAdd();
- $this->selectAdd($k);
- if ($v !== false) {
- $this->selectAdd($v);
- }
- }
-
- $this->find();
- $ret = array();
- while ($this->fetch()) {
- if ($v !== false) {
- $ret[$this->$k] = $this->$v;
- continue;
- }
- $ret[] = $k === false ? clone($this) : $this->$k;
- }
- return $ret;
-
- }
+
// ---------------- authentication / passwords and keys stuff ----------------
function isAuth()
{
$_SESSION[__CLASS__][$sesPrefix .'-auth'] = '';
}
+ // local auth -
+ $u = DB_DataObject::factory('Person');
+ $ff = HTML_FlexyFramework::get();
+ if (!empty($ff->Pman['local_autoauth']) &&
+ (!empty($_SERVER['SERVER_ADDR'])) &&
+ ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
+ ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
+ $u->get('email', $ff->Pman['local_autoauth'])
+ ) {
+ $db = $this->getDatabaseConnection();
+ $sesPrefix = $db->dsn['database'];
+ $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($u);
+ return true;
+ }
+
+
// not in session or not matched...
$u = DB_DataObject::factory('Person');
$u->whereAdd(' LENGTH(passwd) > 0');
return $x;
}
+
+ function active()
+ {
+ return $this->active;
+ }
+ function authUserName($n) // set username prior to acheck user exists query.
+ {
+
+ $this->whereAdd('LENGTH(passwd) > 1');
+ $this->email = $n;
+ }
+ function lang($val)
+ {
+ if ($val == $this->lang) {
+ return;
+ }
+ $uu = clone($this);
+ $this->lang = $val;
+ $this->update($uu);
+
+ }
+
+
function authUserArray()
{
- $aur = $thisu->toArray();
+ $aur = $this->toArray();
}
}
}
-
+ /*
+ now handled by interface...
$lang = empty($this->lang) ? 'en' : $this->lang;
if (empty($_SESSION['Pman_I18N'][$lang])) {
require_once 'Pman/I18N.php';
$x = new Pman_I18N();
- $x->setSession($au);
+ $x->setSession($this);
}
$aur['i18n'] =$_SESSION['Pman_I18N'][$lang];
-
+ */
// perms + groups.
$aur['perms'] = $this->getPerms();
$g = DB_DataObject::Factory('Group_Members');
return $g->adminRights();
}
+ $g = DB_DataObject::Factory('Group_Members');
+ if (!$g->count()) {
+ // add the current user to the admin group..
+ $g = DB_DataObject::Factory('Groups');
+ if ($g->get('name', 'Administrators')) {
+ $gm = DB_DataObject::Factory('Group_Members');
+ $gm->group_id = $g->id;
+ $gm->user_id = $this->id;
+ $gm->insert();
+ }
+
+ }
+
$g = DB_DataObject::Factory('Group_Members');
$grps = $g->listGroupMembership($this);
$isAdmin = $g->inAdmin;
}
if (!empty($q['query']['person_internal_only_all'])) {
// must be internal and not current user (need for distribution list)
- $this->whereAdd(" join_company_id_id.isOwner = 1");
+ $this->whereAdd(" join_company_id_id.comptype = 'OWNER'");
}
// -- for distribution
if (!empty($q['query']['person_internal_only'])) {
// must be internal and not current user (need for distribution list)
- $this->whereAdd(" join_company_id_id.isOwner = 1");
+ $this->whereAdd(" join_company_id_id.comptype = 'OWNER'");
//$this->whereAdd(($this->tableName() == 'Person' ? 'Person' : "join_person_id_id") .
// ".id != ".$au->id);
$this->whereAdd("Person.id != {$au->id}");
}
+
+ if (!empty($q['query']['comptype_or_company_id'])) {
+ // DB_DataObject::debugLevel(1);
+ $bits = explode(',', $q['query']['comptype_or_company_id']);
+ $id = (int) array_pop($bits);
+ $ct = $this->escape($bits[0]);
+
+ $this->whereAdd(" join_company_id_id.comptype = '$ct' OR Person.company_id = $id");
+
+ }
+
+
// staff list..
if (!empty($q['query']['person_inactive'])) {
// DB_Dataobject::debugLevel(1);
) {
return true;
}
+ if (empty($this->email)) {
+ return true;
+ }
$xx = DB_Dataobject::factory('Person');
$xx->setFrom(array(
'email' => $this->email,
}
function checkPerm($lvl, $au, $changes=false) //heck who is trying to access this. false == access denied..
{
- // determine if it's staff!!!
+ // do we have an empty system..
+ if ($au && $au->id == -1) {
+ return true;
+ }
+
+ // determine if it's staff!!!
if ($au->company()->comptype != 'OWNER') {
projects / Pman.Core / blobdiff