PageRenderTime 26ms CodeModel.GetById 30ms RepoModel.GetById 1ms app.codeStats 0ms

/lib/securityUser.class.php

https://github.com/rollmax/read2read
PHP | 346 lines | 166 code | 42 blank | 138 comment | 9 complexity | c099aa08fa8f7105bfe85fe8b0eb2c79 MD5 | raw file
Possible License(s): ISC, AGPL-3.0, LGPL-2.1, BSD-3-Clause, LGPL-3.0 
    

  1. <?php
    2. 

  2. class securityUser extends sfBasicSecurityUser
    3. 

  3. {
    4. 

  4.   protected $user = null;
    5. 

  5. 

  6.   /**
    7. 

  7.    * Initializes the securityUser object.
    8. 

  8.    *
    9. 

  9.    * @param sfEventDispatcher $dispatcher The event dispatcher object
    10. 

  10.    * @param sfStorage $storage The session storage object
    11. 

  11.    * @param array $options An array of options
    12. 

  12.    */
    13. 

  13.   public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
    14. 

  14.   {
    15. 

  15.     parent::initialize($dispatcher, $storage, $options);
    16. 

  16. 

  17.     if (!$this->isAuthenticated())
    18. 

  18.     {
    19. 

  19.       // remove user if timeout
    20. 

  20.       $this->getAttributeHolder()->removeNamespace('securityUser');
    21. 

  21.       $this->user = null;
    22. 

  22.     }
    23. 

  23.   }
    24. 

  24. 

  25.   
    26. 

  26.   /**
    27. 

  27.    * Returns the id for authenticated user or null
    28. 

  28.    */
    29. 

  29.   public function getId()
    30. 

  30.   {
    31. 

  31.     if (!$this->isAuthenticated())
    32. 

  32.     {
    33. 

  33.       return null;
    34. 

  34.     }
    35. 

  35.     
    36. 

  36.     return $this->getGuardUser()->getId();
    37. 

  37.   }
    38. 

  38.   
    39. 

  39.   /**
    40. 

  40.    * Returns the referer uri.
    41. 

  41.    *
    42. 

  42.    * @param string $default The default uri to return
    43. 

  43.    * @return string $referer The referer
    44. 

  44.    */
    45. 

  45.   public function getReferer($default)
    46. 

  46.   {
    47. 

  47.     $referer = $this->getAttribute('referer', $default);
    48. 

  48.     $this->getAttributeHolder()->remove('referer');
    49. 

  49. 

  50.     return $referer;
    51. 

  51.   }
    52. 

  52. 

  53.   /**
    54. 

  54.    * Sets the referer.
    55. 

  55.    *
    56. 

  56.    * @param string $referer
    57. 

  57.    */
    58. 

  58.   public function setReferer($referer)
    59. 

  59.   {
    60. 

  60.     if (!$this->hasAttribute('referer'))
    61. 

  61.     {
    62. 

  62.       $this->setAttribute('referer', $referer);
    63. 

  63.     }
    64. 

  64.   }
    65. 

  65. 

  66.   /**
    67. 

  67.    * Returns whether or not the user has the given credential.
    68. 

  68.    *
    69. 

  69.    * @param string $credential The credential name
    70. 

  70.    * @param boolean $useAnd Whether or not to use an AND condition
    71. 

  71.    * @return boolean
    72. 

  72.    */
    73. 

  73.   public function hasCredential($credential, $useAnd = true)
    74. 

  74.   {
    75. 

  75.     if (empty($credential))
    76. 

  76.     {
    77. 

  77.       return true;
    78. 

  78.     }
    79. 

  79. 

  80.     if (!$this->getGuardUser())
    81. 

  81.     {
    82. 

  82.       return false;
    83. 

  83.     }
    84. 

  84. 

  85.     return parent::hasCredential($credential, $useAnd);
    86. 

  86.   }
    87. 

  87. 

  88. 

  89.   /**
    90. 

  90.    * Returns whether or not the user is anonymous.
    91. 

  91.    *
    92. 

  92.    * @return boolean
    93. 

  93.    */
    94. 

  94.   public function isAnonymous()
    95. 

  95.   {
    96. 

  96.     return !$this->isAuthenticated();
    97. 

  97.   }
    98. 

  98. 

  99.   /**
    100. 

  100.    * Signs in the user on the application.
    101. 

  101.    *
    102. 

  102.    * @param User $user The User id
    103. 

  103.    * @param boolean $remember Whether or not to remember the user
    104. 

  104.    * @param Doctrine_Connection $con A Doctrine_Connection object
    105. 

  105.    */
    106. 

  106.   public function signIn($user, $remember = false, $con = null)
    107. 

  107.   {
    108. 

  108.     // signin
    109. 

  109.     $this->setAttribute('user_id', $user->getId(), 'securityUser');
    110. 

  110.     $this->setAuthenticated(true);
    111. 

  111.     $this->clearCredentials();
    112. 

  112.     $this->addCredentials($user->getAllPermissionNames());
    113. 

  113. 

  114.     // remember?
    115. 

  115.     if ($remember)
    116. 

  116.     {
    117. 

  117.       $expiration_age = sfConfig::get('app_user_remember_key_expiration_age', 14 * 86400);
    118. 

  118. 

  119.       // remove old keys
    120. 

  120.       Doctrine::getTable('UserRememberKey')->createQuery()
    121. 

  121.         ->delete()
    122. 

  122.         ->where('created_at < ?', date('Y-m-d H:i:s', time() - $expiration_age))
    123. 

  123.         ->execute();
    124. 

  124. 

  125.       // remove other keys from this user
    126. 

  126.       Doctrine::getTable('UserRememberKey')->createQuery()
    127. 

  127.         ->delete()
    128. 

  128.         ->where('user_id = ?', $user->getId())
    129. 

  129.         ->execute();
    130. 

  130. 

  131.       // generate new keys
    132. 

  132.       $key = $this->generateRandomKey();
    133. 

  133. 

  134.       // save key
    135. 

  135.       $rk = new UserRememberKey();
    136. 

  136.       $rk->remember_key=$key;
    137. 

  137.       $rk->User=$user;
    138. 

  138.       $rk->ip_address=$_SERVER['REMOTE_ADDR'];
    139. 

  139.       $rk->save($con);
    140. 

  140. 

  141.       // make key as a cookie
    142. 

  142.       $remember_cookie = 'remember';
    143. 

  143.       sfContext::getInstance()->getResponse()->setCookie($remember_cookie, $key, time() + $expiration_age);
    144. 

  144.     }
    145. 

  145.   }
    146. 

  146. 

  147.     function generateRandomKey()
    148. 

  148.     {
    149. 

  149.       return base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
    150. 

  150.     }
    151. 

  151. 

  152. 

  153.   /**
    154. 

  154.    * Signs out the user.
    155. 

  155.    *
    156. 

  156.    */
    157. 

  157.   public function signOut()
    158. 

  158.   {
    159. 

  159.     $this->getAttributeHolder()->removeNamespace('securityUser');
    160. 

  160.     $this->user = null;
    161. 

  161.     $this->clearCredentials();
    162. 

  162.     $this->setAuthenticated(false);
    163. 

  163.     $expiration_age = sfConfig::get('app_user_remember_key_expiration_age', 14 * 24 * 3600);
    164. 

  164.     $remember_cookie = 'remember';
    165. 

  165.     sfContext::getInstance()->getResponse()->setCookie($remember_cookie, '', time() - $expiration_age);
    166. 

  166.   }
    167. 

  167. 

  168.   /**
    169. 

  169.    * Returns the related User.
    170. 

  170.    *
    171. 

  171.    * @return User
    172. 

  172.    */
    173. 

  173.   public function getGuardUser()
    174. 

  174.   {
    175. 

  175.     if (!$this->user && $id = $this->getAttribute('user_id', null, 'securityUser'))
    176. 

  176.     {
    177. 

  177.       $this->user = Doctrine::getTable('User')->find($id);
    178. 

  178. 

  179.       if (!$this->user)
    180. 

  180.       {
    181. 

  181.         // the user does not exist anymore in the database
    182. 

  182.         $this->signOut();
    183. 

  183. 

  184.         throw new sfException('Этого пользователя больше нет в БД');
    185. 

  185.       }
    186. 

  186.     }
    187. 

  187. 

  188.     return $this->user;
    189. 

  189.   }
    190. 

  190. 

  191.   /**
    192. 

  192.    * Returns the string representation of the object.
    193. 

  193.    *
    194. 

  194.    * @return string
    195. 

  195.    */
    196. 

  196.   public function __toString()
    197. 

  197.   {
    198. 

  198.     return $this->getGuardUser()->__toString();
    199. 

  199.   }
    200. 

  200. 

  201.   /**
    202. 

  202.    * Returns the User object's email.
    203. 

  203.    *
    204. 

  204.    * @return string
    205. 

  205.    */
    206. 

  206.   public function getEmail()
    207. 

  207.   {
    208. 

  208.     return $this->getGuardUser()->getEmail();
    209. 

  209.   }
    210. 

  210. 

  211.   /**
    212. 

  212.    * Sets the user's password.
    213. 

  213.    *
    214. 

  214.    * @param string $password The password
    215. 

  215.    * @param Doctrine_Collection $con A Doctrine_Connection object
    216. 

  216.    */
    217. 

  217.   public function setPassword($password, $con = null)
    218. 

  218.   {
    219. 

  219.     $this->getGuardUser()->setPassword($password);
    220. 

  220.     $this->getGuardUser()->save($con);
    221. 

  221.   }
    222. 

  222. 

  223.   /**
    224. 

  224.    * Returns whether or not the given password is valid.
    225. 

  225.    *
    226. 

  226.    * @return boolean
    227. 

  227.    */
    228. 

  228.   public function checkPassword($password)
    229. 

  229.   {
    230. 

  230.     return $this->getGuardUser()->checkPassword($password);
    231. 

  231.   }
    232. 

  232. 

  233.   /**
    234. 

  234.    * Returns whether or not the user belongs to the given group.
    235. 

  235.    *
    236. 

  236.    * @param string $name The group name
    237. 

  237.    * @return boolean
    238. 

  238.    */
    239. 

  239.   public function hasGroup($name)
    240. 

  240.   {
    241. 

  241.     return $this->getGuardUser() ? $this->getGuardUser()->hasGroup($name) : false;
    242. 

  242.   }
    243. 

  243. 

  244.   /**
    245. 

  245.    * Returns the user's groups.
    246. 

  246.    *
    247. 

  247.    * @return array|Doctrine_Collection
    248. 

  248.    */
    249. 

  249.   public function getGroups()
    250. 

  250.   {
    251. 

  251.     return $this->getGuardUser() ? $this->getGuardUser()->getGroups() : array();
    252. 

  252.   }
    253. 

  253. 

  254.   /**
    255. 

  255.    * Returns the user's group names.
    256. 

  256.    *
    257. 

  257.    * @return array
    258. 

  258.    */
    259. 

  259.   public function getGroupNames()
    260. 

  260.   {
    261. 

  261.     return $this->getGuardUser() ? $this->getGuardUser()->getGroupNames() : array();
    262. 

  262.   }
    263. 

  263. 

  264.   /**
    265. 

  265.    * Returns whether or not the user has the given permission.
    266. 

  266.    *
    267. 

  267.    * @param string $name The permission name
    268. 

  268.    * @return string
    269. 

  269.    */
    270. 

  270.   public function hasPermission($name)
    271. 

  271.   {
    272. 

  272.     return $this->getGuardUser() ? $this->getGuardUser()->hasPermission($name) : false;
    273. 

  273.   }
    274. 

  274. 

  275.   /**
    276. 

  276.    * Returns the Doctrine_Collection of single UserPermission objects.
    277. 

  277.    *
    278. 

  278.    * @return Doctrine_Collection
    279. 

  279.    */
    280. 

  280.   public function getPermissions()
    281. 

  281.   {
    282. 

  282.     return $this->getGuardUser()->getPermissions();
    283. 

  283.   }
    284. 

  284. 

  285.   /**
    286. 

  286.    * Returns the array of permissions names.
    287. 

  287.    *
    288. 

  288.    * @return array
    289. 

  289.    */
    290. 

  290.   public function getPermissionNames()
    291. 

  291.   {
    292. 

  292.     return $this->getGuardUser() ? $this->getGuardUser()->getPermissionNames() : array();
    293. 

  293.   }
    294. 

  294. 

  295.   /**
    296. 

  296.    * Returns the array of all permissions.
    297. 

  297.    *
    298. 

  298.    * @return array
    299. 

  299.    */
    300. 

  300.   public function getAllPermissions()
    301. 

  301.   {
    302. 

  302.     return $this->getGuardUser() ? $this->getGuardUser()->getAllPermissions() : array();
    303. 

  303.   }
    304. 

  304. 

  305.   /**
    306. 

  306.    * Returns the array of all permissions names.
    307. 

  307.    *
    308. 

  308.    * @return array
    309. 

  309.    */
    310. 

  310.   public function getAllPermissionNames()
    311. 

  311.   {
    312. 

  312.     return $this->getGuardUser() ? $this->getGuardUser()->getAllPermissionNames() : array();
    313. 

  313.   }
    314. 

  314. 

  315.   /**
    316. 

  316.    * Returns the related profile object.
    317. 

  317.    *
    318. 

  318.    * @return Doctrine_Record
    319. 

  319.    */
    320. 

  320.   public function getProfile()
    321. 

  321.   {
    322. 

  322.     return $this->getGuardUser() ? $this->getGuardUser()->getProfile() : null;
    323. 

  323.   }
    324. 

  324. 

  325.   /**
    326. 

  326.    * Adds a group from its name to the current user.
    327. 

  327.    *
    328. 

  328.    * @param string $name The group name
    329. 

  329.    * @param Doctrine_Connection $con A Doctrine_Connection object
    330. 

  330.    */
    331. 

  331.   public function addGroupByName($name, $con = null)
    332. 

  332.   {
    333. 

  333.     return $this->getGuardUser()->addGroupByName($name, $con);
    334. 

  334.   }
    335. 

  335. 

  336.   /**
    337. 

  337.    * Adds a permission from its name to the current user.
    338. 

  338.    *
    339. 

  339.    * @param string $name The permission name
    340. 

  340.    * @param Doctrine_Connection $con A Doctrine_Connection object
    341. 

  341.    */
    342. 

  342.   public function addPermissionByName($name, $con = null)
    343. 

  343.   {
    344. 

  344.     return $this->getGuardUser()->addPermissionByName($name, $con);
    345. 

  345.   }
    346. 

  346. }
    347. 

  347.