1 Session = mondelefant.new_class()

2 Session.table = 'session'

3 Session.primary_key = { 'ident' }

4

5 Session:add_reference{

6 mode = 'm1',

7 to = "Member",

8 this_key = 'member_id',

9 that_key = 'id',

10 ref = 'member',

11 }

12

13 local function random_string()

14 return multirand.string(

15 32,

16 '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

17 )

18 end

19

20 function Session:new()

21 local session = self.prototype.new(self) -- super call

22 session.ident = random_string()

23 session.additional_secret = random_string()

24 session:save()

25 return session

26 end

27

28 function Session:by_ident(ident)

29 local selector = self:new_selector()

30 selector:add_where{ 'ident = ?', ident }

31 selector:add_field{ 'authority_uid' }

32 selector:optional_object_mode()

33 return selector:exec()

34 end

35

36 function Session.object:has_access(level)

37 if level == "member" then

38 if app.session.member_id then

39 return true

40 else

41 return false

42 end

43

44 elseif level == "everything" then

45 if self:has_access("member") or config.public_access == "everything" then

46 return true

47 else

48 return false

49 end

50

51 elseif level == "all_pseudonymous" then

52 if self:has_access("everything") or config.public_access == "all_pseudonymous" then

53 return true

54 else

55 return false

56 end

57

58 elseif level == "authors_pseudonymous" then

59 if self:has_access("all_pseudonymous") or config.public_access == "authors_pseudonymous" then

60 return true

61 else

62 return false

63 end

64

65 elseif level == "anonymous" then

66 if self:has_access("authors_pseudonymous") or config.public_access == "anonymous" then

67 return true

68 else

69 return false

70 end

71

72 end

73

74 error("invalid access level")

75 end