Development

/branches/1.3/lib/user/sfBasicSecurityUser.class.php

You must first sign up to be able to contribute.

root/branches/1.3/lib/user/sfBasicSecurityUser.class.php

Revision 29528, 7.4 kB (checked in by fabien, 4 years ago)

[1.3, 1.4] fixed warning in sfBasicSecurityUser when hasCredentials is called before credentials are set (closes #8512)

  • Property svn:mime-type set to text/x-php
  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
Line 
1 <?php
2
3 /*
4  * This file is part of the symfony package.
5  * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
6  * (c) 2004-2006 Sean Kerr <sean@code-box.org>
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11
12 /**
13  * sfBasicSecurityUser will handle any type of data as a credential.
14  *
15  * @package    symfony
16  * @subpackage user
17  * @author     Fabien Potencier <fabien.potencier@symfony-project.com>
18  * @author     Sean Kerr <sean@code-box.org>
19  * @version    SVN: $Id$
20  */
21 class sfBasicSecurityUser extends sfUser implements sfSecurityUser
22 {
23   const LAST_REQUEST_NAMESPACE = 'symfony/user/sfUser/lastRequest';
24   const AUTH_NAMESPACE = 'symfony/user/sfUser/authenticated';
25   const CREDENTIAL_NAMESPACE = 'symfony/user/sfUser/credentials';
26
27   protected $lastRequest = null;
28
29   protected $credentials = null;
30   protected $authenticated = null;
31
32   protected $timedout = false;
33
34   /**
35    * Clears all credentials.
36    *
37    */
38   public function clearCredentials()
39   {
40     $this->credentials = array();
41   }
42
43   /**
44    * @deprecated Use getCredentials() instead
45    */
46   public function listCredentials()
47   {
48     return $this->getCredentials();
49   }
50
51   /**
52    * Returns the current user's credentials.
53    *
54    * @return array
55    */
56   public function getCredentials()
57   {
58     return $this->credentials;
59   }
60
61   /**
62    * Removes a credential.
63    *
64    * @param  mixed $credential credential
65    */
66   public function removeCredential($credential)
67   {
68     if ($this->hasCredential($credential))
69     {
70       foreach ($this->credentials as $key => $value)
71       {
72         if ($credential == $value)
73         {
74           if ($this->options['logging'])
75           {
76             $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('Remove credential "%s"', $credential))));
77           }
78
79           unset($this->credentials[$key]);
80
81           $this->storage->regenerate(false);
82
83           return;
84         }
85       }
86     }
87   }
88
89   /**
90    * Adds a credential.
91    *
92    * @param mixed $credential
93    */
94   public function addCredential($credential)
95   {
96     $this->addCredentials(func_get_args());
97   }
98
99   /**
100    * Adds several credential at once.
101    *
102    * @param  mixed array or list of credentials
103    */
104   public function addCredentials()
105   {
106     if (func_num_args() == 0) return;
107
108     // Add all credentials
109     $credentials = (is_array(func_get_arg(0))) ? func_get_arg(0) : func_get_args();
110
111     if ($this->options['logging'])
112     {
113       $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('Add credential(s) "%s"', implode(', ', $credentials)))));
114     }
115
116     $added = false;
117     foreach ($credentials as $aCredential)
118     {
119       if (!in_array($aCredential, $this->credentials))
120       {
121         $added = true;
122         $this->credentials[] = $aCredential;
123       }
124     }
125
126     if ($added)
127     {
128       $this->storage->regenerate(false);
129     }
130   }
131
132   /**
133    * Returns true if user has credential.
134    *
135    * @param  mixed $credentials
136    * @param  bool  $useAnd       specify the mode, either AND or OR
137    * @return bool
138    *
139    * @author Olivier Verdier <Olivier.Verdier@free.fr>
140    */
141   public function hasCredential($credentials, $useAnd = true)
142   {
143     if (null === $this->credentials)
144     {
145       return false;
146     }
147
148     if (!is_array($credentials))
149     {
150       return in_array($credentials, $this->credentials);
151     }
152
153     // now we assume that $credentials is an array
154     $test = false;
155
156     foreach ($credentials as $credential)
157     {
158       // recursively check the credential with a switched AND/OR mode
159       $test = $this->hasCredential($credential, $useAnd ? false : true);
160
161       if ($useAnd)
162       {
163         $test = $test ? false : true;
164       }
165
166       if ($test) // either passed one in OR mode or failed one in AND mode
167       {
168         break; // the matter is settled
169       }
170     }
171
172     if ($useAnd) // in AND mode we succeed if $test is false
173     {
174       $test = $test ? false : true;
175     }
176
177     return $test;
178   }
179
180   /**
181    * Returns true if user is authenticated.
182    *
183    * @return boolean
184    */
185   public function isAuthenticated()
186   {
187     return $this->authenticated;
188   }
189
190   /**
191    * Sets authentication for user.
192    *
193    * @param  bool $authenticated
194    */
195   public function setAuthenticated($authenticated)
196   {
197     if ($this->options['logging'])
198     {
199       $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('User is %sauthenticated', $authenticated === true ? '' : 'not '))));
200     }
201
202     if ((bool) $authenticated !== $this->authenticated)
203     {
204       if ($authenticated === true)
205       {
206         $this->authenticated = true;
207       }
208       else
209       {
210         $this->authenticated = false;
211         $this->clearCredentials();
212       }
213
214       $this->dispatcher->notify(new sfEvent($this, 'user.change_authentication', array('authenticated' => $this->authenticated)));
215
216       $this->storage->regenerate(false);
217     }
218   }
219
220   public function setTimedOut()
221   {
222     $this->timedout = true;
223   }
224
225   public function isTimedOut()
226   {
227     return $this->timedout;
228   }
229
230   /**
231    * Returns the timestamp of the last user request.
232    *
233    * @return  int
234    */
235   public function getLastRequestTime()
236   {
237     return $this->lastRequest;
238   }
239
240   /**
241    * Available options:
242    *
243    *  * timeout: Timeout to automatically log out the user in seconds (1800 by default)
244    *             Set to false to disable
245    *
246    * @param sfEventDispatcher $dispatcher  An sfEventDispatcher instance.
247    * @param sfStorage         $storage     An sfStorage instance.
248    * @param array             $options     An associative array of options.
249    *
250    * @see sfUser
251    */
252   public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
253   {
254     // initialize parent
255     parent::initialize($dispatcher, $storage, $options);
256
257     if (!array_key_exists('timeout', $this->options))
258     {
259       $this->options['timeout'] = 1800;
260     }
261
262     // force the max lifetime for session garbage collector to be greater than timeout
263     if (ini_get('session.gc_maxlifetime') < $this->options['timeout'])
264     {
265       ini_set('session.gc_maxlifetime', $this->options['timeout']);
266     }
267
268     // read data from storage
269     $this->authenticated = $storage->read(self::AUTH_NAMESPACE);
270     $this->credentials   = $storage->read(self::CREDENTIAL_NAMESPACE);
271     $this->lastRequest   = $storage->read(self::LAST_REQUEST_NAMESPACE);
272
273     if (null === $this->authenticated)
274     {
275       $this->authenticated = false;
276       $this->credentials   = array();
277     }
278     else
279     {
280       // Automatic logout logged in user if no request within timeout parameter seconds
281       $timeout = $this->options['timeout'];
282       if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout)
283       {
284         if ($this->options['logging'])
285         {
286           $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout')));
287         }
288
289         $this->setTimedOut();
290         $this->setAuthenticated(false);
291       }
292     }
293
294     $this->lastRequest = time();
295   }
296
297   public function shutdown()
298   {
299     // write the last request time to the storage
300     $this->storage->write(self::LAST_REQUEST_NAMESPACE, $this->lastRequest);
301
302     $this->storage->write(self::AUTH_NAMESPACE,         $this->authenticated);
303     $this->storage->write(self::CREDENTIAL_NAMESPACE,   $this->credentials);
304
305     // call the parent shutdown method
306     parent::shutdown();
307   }
308 }
309
Note: See TracBrowser for help on using the browser.