[Sommaire] [Imprimer]

   1  <?php
   2  
   3  /*
   4   * This file is part of the symfony package.
   5   * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
   6   * (c) 2004-2006 Sean Kerr.
   7   * 
   8   * For the full copyright and license information, please view the LICENSE
   9   * file that was distributed with this source code.
  10   */
  11  
  12  /**
  13   * sfBasicSecurityUser will handle any type of data as a credential.
  14   *
  15   * @package    symfony
  16   * @subpackage user
  17   * @author     Fabien Potencier <fabien.potencier@symfony-project.com>
  18   * @author     Sean Kerr <skerr@mojavi.org>
  19   * @version    SVN: $Id: sfBasicSecurityUser.class.php 3148 2007-01-04 19:34:28Z fabien $
  20   */
  21  class sfBasicSecurityUser extends sfUser implements sfSecurityUser
  22  {
  23    const LAST_REQUEST_NAMESPACE = 'symfony/user/sfUser/lastRequest';
  24    const AUTH_NAMESPACE = 'symfony/user/sfUser/authenticated';
  25    const CREDENTIAL_NAMESPACE = 'symfony/user/sfUser/credentials';
  26  
  27    protected $lastRequest = null;
  28  
  29    protected $credentials = null;
  30    protected $authenticated = null;
  31  
  32    protected $timedout = false;
  33  
  34    /**
  35     * Clears all credentials.
  36     *
  37     */
  38    public function clearCredentials()
  39    {
  40      $this->credentials = null;
  41      $this->credentials = array();
  42    }
  43  
  44    /**
  45     * returns an array containing the credentials
  46     */
  47    public function listCredentials()
  48    {
  49      return $this->credentials;
  50    }
  51  
  52    /**
  53     * Removes a credential.
  54     *
  55     * @param  mixed credential
  56     */  
  57    public function removeCredential($credential)
  58    {
  59      if ($this->hasCredential($credential))
  60      {
  61        foreach ($this->credentials as $key => $value)
  62        {
  63          if ($credential == $value)
  64          {
  65            if (sfConfig::get('sf_logging_enabled'))
  66            {
  67              $this->getContext()->getLogger()->info('{sfUser} remove credential "'.$credential.'"');
  68            }
  69  
  70            unset($this->credentials[$key]);
  71            return;
  72          }
  73        }
  74      }
  75    }  
  76  
  77    /**
  78     * Adds a credential.
  79     *
  80     * @param  mixed credential
  81     */
  82    public function addCredential($credential)
  83    {
  84      $this->addCredentials(func_get_args());
  85    }
  86  
  87    /**
  88     * Adds several credential at once.
  89     *
  90     * @param  mixed array or list of credentials
  91     */
  92    public function addCredentials()
  93    {
  94      if (func_num_args() == 0) return;
  95  
  96      // Add all credentials
  97      $credentials = (is_array(func_get_arg(0))) ? func_get_arg(0) : func_get_args();
  98  
  99      if (sfConfig::get('sf_logging_enabled'))
 100      {
 101        $this->getContext()->getLogger()->info('{sfUser} add credential(s) "'.implode(', ', $credentials).'"');
 102      }
 103  
 104      foreach ($credentials as $aCredential)
 105      {
 106        if (!in_array($aCredential, $this->credentials))
 107        {
 108          $this->credentials[] = $aCredential;
 109        }
 110      }
 111    }
 112  
 113    
 114    /**
 115     * Returns true if user has credential.
 116     *
 117     * @param  mixed credentials
 118     * @param  boolean useAnd specify the mode, either AND or OR
 119     * @return boolean
 120     *
 121     * @author Olivier Verdier <Olivier.Verdier@free.fr>
 122     */
 123    public function hasCredential($credentials, $useAnd = true)
 124    {
 125      if (!is_array($credentials))
 126      {
 127        return in_array($credentials, $this->credentials);
 128      }
 129  
 130      // now we assume that $credentials is an array
 131      $test = false;
 132  
 133      foreach ($credentials as $credential)
 134      {
 135        // recursively check the credential with a switched AND/OR mode
 136        $test = $this->hasCredential($credential, $useAnd ? false : true);
 137  
 138        if ($useAnd)
 139        {
 140          $test = $test ? false : true;
 141        }
 142  
 143        if ($test) // either passed one in OR mode or failed one in AND mode
 144        {
 145          break; // the matter is settled
 146        }
 147      }
 148  
 149      if ($useAnd) // in AND mode we succeed if $test is false
 150      {
 151        $test = $test ? false : true;
 152      }
 153  
 154      return $test;
 155    }
 156  
 157    /**
 158     * Returns true if user is authenticated.
 159     *
 160     * @return boolean
 161     */
 162    public function isAuthenticated()
 163    {
 164      return $this->authenticated;
 165    }
 166  
 167    /**
 168     * Sets authentication for user.
 169     *
 170     * @param  boolean
 171     */
 172    public function setAuthenticated($authenticated)
 173    {
 174      if (sfConfig::get('sf_logging_enabled'))
 175      {
 176        $this->getContext()->getLogger()->info('{sfUser} user is '.($authenticated === true ? '' : 'not ').'authenticated');
 177      }
 178  
 179      if ($authenticated === true)
 180      {
 181        $this->authenticated = true;
 182      }
 183      else
 184      {
 185        $this->authenticated = false;
 186        $this->clearCredentials();
 187      }
 188    }
 189  
 190    public function setTimedOut()
 191    {
 192      $this->timedout = true;
 193    }
 194  
 195    public function isTimedOut()
 196    {
 197      return $this->timedout;
 198    }
 199  
 200    /**
 201     * Returns the timestamp of the last user request.
 202     *
 203     * @param  integer
 204     */
 205    public function getLastRequestTime()
 206    {
 207      return $this->lastRequest;
 208    }
 209  
 210    public function initialize($context, $parameters = null)
 211    {
 212      // initialize parent
 213      parent::initialize($context, $parameters);
 214  
 215      // read data from storage
 216      $storage = $this->getContext()->getStorage();
 217  
 218      $this->authenticated = $storage->read(self::AUTH_NAMESPACE);
 219      $this->credentials   = $storage->read(self::CREDENTIAL_NAMESPACE);
 220      $this->lastRequest   = $storage->read(self::LAST_REQUEST_NAMESPACE);
 221  
 222      if ($this->authenticated == null)
 223      {
 224        $this->authenticated = false;
 225        $this->credentials   = array();
 226      }
 227  
 228      // Automatic logout if no request for more than [sf_timeout]
 229      if (null !== $this->lastRequest && (time() - $this->lastRequest) > sfConfig::get('sf_timeout'))
 230      {
 231        if (sfConfig::get('sf_logging_enabled'))
 232        {
 233          $this->getContext()->getLogger()->info('{sfUser} automatic user logout');
 234        }
 235        $this->setTimedOut();
 236        $this->clearCredentials();
 237        $this->setAuthenticated(false);
 238      }
 239  
 240      $this->lastRequest = time();
 241    }
 242  
 243    public function shutdown()
 244    {
 245      $storage = $this->getContext()->getStorage();
 246  
 247      // write the last request time to the storage
 248      $storage->write(self::LAST_REQUEST_NAMESPACE, $this->lastRequest);
 249  
 250      $storage->write(self::AUTH_NAMESPACE,         $this->authenticated);
 251      $storage->write(self::CREDENTIAL_NAMESPACE,   $this->credentials);
 252  
 253      // call the parent shutdown method
 254      parent::shutdown();
 255    }
 256  }