1 Session = mondelefant.new_class()

2 Session.table = 'session'

3 Session.primary_key = { 'ident' }

4

5 Session:add_reference{

6 mode = 'm1',

7 to = "Member",

8 this_key = 'member_id',

9 that_key = 'id',

10 ref = 'member',

11 }

12

13 local function random_string()

14 return multirand.string(

15 32,

16 '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'

17 )

18 end

19

20 function Session:new()

21 local session = self.prototype.new(self) -- super call

22 session.ident = random_string()

23 session.additional_secret = random_string()

24 session:save()

25 return session

26 end

27

28 function Session:by_ident(ident)

29 local selector = self:new_selector()

30 selector:add_where{ 'ident = ?', ident }

31 selector:optional_object_mode()

32 return selector:exec()

33 end

34

35 function Session.object:has_access(level)

36 if level == "member" then

37 if app.session.member_id then

38 return true

39 else

40 return false

41 end

42

43 elseif level == "everything" then

44 if self:has_access("member") or config.public_access == "everything" then

45 return true

46 else

47 return false

48 end

49

50 elseif level == "all_pseudonymous" then

51 if self:has_access("everything") or config.public_access == "all_pseudonymous" then

52 return true

53 else

54 return false

55 end

56

57 elseif level == "authors_pseudonymous" then

58 if self:has_access("all_pseudonymous") or config.public_access == "authors_pseudonymous" then

59 return true

60 else

61 return false

62 end

63

64 elseif level == "anonymous" then

65 if self:has_access("authors_pseudonymous") or config.public_access == "anonymous" then

66 return true

67 else

68 return false

69 end

70

71 end

72

73 error("invalid access level")

74 end