Development

/branches/1.0/lib/user/sfBasicSecurityUser.class.php

You must first sign up to be able to contribute.

root/branches/1.0/lib/user/sfBasicSecurityUser.class.php

Revision 7791, 5.9 kB (checked in by fabien, 7 years ago)

updated Sean Kerr email address

  • Property svn:mime-type set to text/x-php
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id Rev Date
Line 
1 <?php
2
3 /*
4  * This file is part of the symfony package.
5  * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
6  * (c) 2004-2006 Sean Kerr <sean@code-box.org>
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11
12 /**
13  * sfBasicSecurityUser will handle any type of data as a credential.
14  *
15  * @package    symfony
16  * @subpackage user
17  * @author     Fabien Potencier <fabien.potencier@symfony-project.com>
18  * @author     Sean Kerr <sean@code-box.org>
19  * @version    SVN: $Id$
20  */
21 class sfBasicSecurityUser extends sfUser implements sfSecurityUser
22 {
23   const LAST_REQUEST_NAMESPACE = 'symfony/user/sfUser/lastRequest';
24   const AUTH_NAMESPACE = 'symfony/user/sfUser/authenticated';
25   const CREDENTIAL_NAMESPACE = 'symfony/user/sfUser/credentials';
26
27   protected $lastRequest = null;
28
29   protected $credentials = null;
30   protected $authenticated = null;
31
32   protected $timedout = false;
33
34   /**
35    * Clears all credentials.
36    *
37    */
38   public function clearCredentials()
39   {
40     $this->credentials = null;
41     $this->credentials = array();
42   }
43
44   /**
45    * returns an array containing the credentials
46    */
47   public function listCredentials()
48   {
49     return $this->credentials;
50   }
51
52   /**
53    * Removes a credential.
54    *
55    * @param  mixed credential
56    */ 
57   public function removeCredential($credential)
58   {
59     if ($this->hasCredential($credential))
60     {
61       foreach ($this->credentials as $key => $value)
62       {
63         if ($credential == $value)
64         {
65           if (sfConfig::get('sf_logging_enabled'))
66           {
67             $this->getContext()->getLogger()->info('{sfUser} remove credential "'.$credential.'"');
68           }
69
70           unset($this->credentials[$key]);
71           return;
72         }
73       }
74     }
75   } 
76
77   /**
78    * Adds a credential.
79    *
80    * @param  mixed credential
81    */
82   public function addCredential($credential)
83   {
84     $this->addCredentials(func_get_args());
85   }
86
87   /**
88    * Adds several credential at once.
89    *
90    * @param  mixed array or list of credentials
91    */
92   public function addCredentials()
93   {
94     if (func_num_args() == 0) return;
95
96     // Add all credentials
97     $credentials = (is_array(func_get_arg(0))) ? func_get_arg(0) : func_get_args();
98
99     if (sfConfig::get('sf_logging_enabled'))
100     {
101       $this->getContext()->getLogger()->info('{sfUser} add credential(s) "'.implode(', ', $credentials).'"');
102     }
103
104     foreach ($credentials as $aCredential)
105     {
106       if (!in_array($aCredential, $this->credentials))
107       {
108         $this->credentials[] = $aCredential;
109       }
110     }
111   }
112
113  
114   /**
115    * Returns true if user has credential.
116    *
117    * @param  mixed credentials
118    * @param  boolean useAnd specify the mode, either AND or OR
119    * @return boolean
120    *
121    * @author Olivier Verdier <Olivier.Verdier@free.fr>
122    */
123   public function hasCredential($credentials, $useAnd = true)
124   {
125     if (!is_array($credentials))
126     {
127       return in_array($credentials, $this->credentials);
128     }
129
130     // now we assume that $credentials is an array
131     $test = false;
132
133     foreach ($credentials as $credential)
134     {
135       // recursively check the credential with a switched AND/OR mode
136       $test = $this->hasCredential($credential, $useAnd ? false : true);
137
138       if ($useAnd)
139       {
140         $test = $test ? false : true;
141       }
142
143       if ($test) // either passed one in OR mode or failed one in AND mode
144       {
145         break; // the matter is settled
146       }
147     }
148
149     if ($useAnd) // in AND mode we succeed if $test is false
150     {
151       $test = $test ? false : true;
152     }
153
154     return $test;
155   }
156
157   /**
158    * Returns true if user is authenticated.
159    *
160    * @return boolean
161    */
162   public function isAuthenticated()
163   {
164     return $this->authenticated;
165   }
166
167   /**
168    * Sets authentication for user.
169    *
170    * @param  boolean
171    */
172   public function setAuthenticated($authenticated)
173   {
174     if (sfConfig::get('sf_logging_enabled'))
175     {
176       $this->getContext()->getLogger()->info('{sfUser} user is '.($authenticated === true ? '' : 'not ').'authenticated');
177     }
178
179     if ($authenticated === true)
180     {
181       $this->authenticated = true;
182     }
183     else
184     {
185       $this->authenticated = false;
186       $this->clearCredentials();
187     }
188   }
189
190   public function setTimedOut()
191   {
192     $this->timedout = true;
193   }
194
195   public function isTimedOut()
196   {
197     return $this->timedout;
198   }
199
200   /**
201    * Returns the timestamp of the last user request.
202    *
203    * @param  integer
204    */
205   public function getLastRequestTime()
206   {
207     return $this->lastRequest;
208   }
209
210   public function initialize($context, $parameters = null)
211   {
212     // initialize parent
213     parent::initialize($context, $parameters);
214
215     // read data from storage
216     $storage = $this->getContext()->getStorage();
217
218     $this->authenticated = $storage->read(self::AUTH_NAMESPACE);
219     $this->credentials   = $storage->read(self::CREDENTIAL_NAMESPACE);
220     $this->lastRequest   = $storage->read(self::LAST_REQUEST_NAMESPACE);
221
222     if ($this->authenticated == null)
223     {
224       $this->authenticated = false;
225       $this->credentials   = array();
226     }
227     else
228     {
229       // Automatic logout logged in user if no request within [sf_timeout] setting
230       if (null !== $this->lastRequest && (time() - $this->lastRequest) > sfConfig::get('sf_timeout'))
231       {
232         if (sfConfig::get('sf_logging_enabled'))
233         {
234           $this->getContext()->getLogger()->info('{sfUser} automatic user logout due to timeout');
235         }
236         $this->setTimedOut();
237         $this->setAuthenticated(false);
238       }
239     }
240
241     $this->lastRequest = time();
242   }
243
244   public function shutdown()
245   {
246     $storage = $this->getContext()->getStorage();
247
248     // write the last request time to the storage
249     $storage->write(self::LAST_REQUEST_NAMESPACE, $this->lastRequest);
250
251     $storage->write(self::AUTH_NAMESPACE,         $this->authenticated);
252     $storage->write(self::CREDENTIAL_NAMESPACE,   $this->credentials);
253
254     // call the parent shutdown method
255     parent::shutdown();
256   }
257 }
258
Note: See TracBrowser for help on using the browser.