1. sfBasicSecurityUser.class.php
  2. /**
 * sfBasicSecurityUser will handle any type of data as a credential.
 *
 * @package    symfony
 * @subpackage user
 * @author     Fabien Potencier 
 * @author     Sean Kerr 
 * @version    SVN: $Id: sfBasicSecurityUser.class.php 24045 2009-11-16 18:24:48Z Kris.Wallsmith $
 */
  3. class sfBasicSecurityUser extends sfUser implements sfSecurityUser
  4. {
  5.   const LAST_REQUEST_NAMESPACE = 'symfony/user/sfUser/lastRequest';
  6.   const AUTH_NAMESPACE = 'symfony/user/sfUser/authenticated';
  7.   const CREDENTIAL_NAMESPACE = 'symfony/user/sfUser/credentials';
  9.   protected $lastRequest = null;
  11.   protected $credentials = null;
  12.   protected $authenticated = null;
  14.   protected $timedout = false;
  16.   /**
  17.    * Clears all credentials.
  18.    *
  19.    */
  20.   public function clearCredentials()
  21.   {
  22.     $this->credentials = null;
  23.     $this->credentials = array();
  24.   }
  26.   /**
  27.    * Returns the current user's credentials.
  28.    * 
  29.    * @return array
  30.    */
  31.   public function getCredentials()
  32.   {
  33.     return $this->credentials;
  34.   }
  36.   /**
  37.    * Removes a credential.
  38.    *
  39.    * @param  mixed $credential credential
  40.    */
  41.   public function removeCredential($credential)
  42.   {
  43.     if ($this->hasCredential($credential))
  44.     {
  45.       foreach ($this->credentials as $key => $value)
  46.       {
  47.         if ($credential == $value)
  48.         {
  49.           if ($this->options['logging'])
  50.           {
  51.             $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('Remove credential "%s"', $credential))));
  52.           }
  54.           unset($this->credentials[$key]);
  56.           $this->storage->regenerate(false);
  58.           return;
  59.         }
  60.       }
  61.     }
  62.   }
  64.   /**
  65.    * Adds a credential.
  66.    *
  67.    * @param mixed $credential
  68.    */
  69.   public function addCredential($credential)
  70.   {
  71.     $this->addCredentials(func_get_args());
  72.   }
  74.   /**
  75.    * Adds several credential at once.
  76.    *
  77.    * @param  mixed array or list of credentials
  78.    */
  79.   public function addCredentials()
  80.   {
  81.     if (func_num_args() == 0) return;
  83.     // Add all credentials
  84.     $credentials = (is_array(func_get_arg(0))) ? func_get_arg(0) : func_get_args();
  86.     if ($this->options['logging'])
  87.     {
  88.       $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('Add credential(s) "%s"', implode(', ', $credentials)))));
  89.     }
  91.     $added = false;
  92.     foreach ($credentials as $aCredential)
  93.     {
  94.       if (!in_array($aCredential, $this->credentials))
  95.       {
  96.         $added = true;
  97.         $this->credentials[] = $aCredential;
  98.       }
  99.     }
  101.     if ($added)
  102.     {
  103.       $this->storage->regenerate(false);
  104.     }
  105.   }
  107.   /**
  108.    * Returns true if user has credential.
  109.    *
  110.    * @param  mixed $credentials
  111.    * @param  bool  $useAnd       specify the mode, either AND or OR
  112.    * @return bool
  113.    *
  114.    * @author Olivier Verdier <Olivier.Verdier@free.fr>
  115.    */
  116.   public function hasCredential($credentials, $useAnd = true)
  117.   {
  118.     if (!is_array($credentials))
  119.     {
  120.       return in_array($credentials, $this->credentials);
  121.     }
  123.     // now we assume that $credentials is an array
  124.     $test = false;
  126.     foreach ($credentials as $credential)
  127.     {
  128.       // recursively check the credential with a switched AND/OR mode
  129.       $test = $this->hasCredential($credential, $useAnd ? false : true);
  131.       if ($useAnd)
  132.       {
  133.         $test = $test ? false : true;
  134.       }
  136.       if ($test) // either passed one in OR mode or failed one in AND mode
  137.       {
  138.         break; // the matter is settled
  139.       }
  140.     }
  142.     if ($useAnd) // in AND mode we succeed if $test is false
  143.     {
  144.       $test = $test ? false : true;
  145.     }
  147.     return $test;
  148.   }
  150.   /**
  151.    * Returns true if user is authenticated.
  152.    *
  153.    * @return boolean
  154.    */
  155.   public function isAuthenticated()
  156.   {
  157.     return $this->authenticated;
  158.   }
  160.   /**
  161.    * Sets authentication for user.
  162.    *
  163.    * @param  bool $authenticated
  164.    */
  165.   public function setAuthenticated($authenticated)
  166.   {
  167.     if ($this->options['logging'])
  168.     {
  169.       $this->dispatcher->notify(new sfEvent($this, 'application.log', array(sprintf('User is %sauthenticated', $authenticated === true ? '' : 'not '))));
  170.     }
  172.     if ((bool) $authenticated !== $this->authenticated)
  173.     {
  174.       if ($authenticated === true)
  175.       {
  176.         $this->authenticated = true;
  177.       }
  178.       else
  179.       {
  180.         $this->authenticated = false;
  181.         $this->clearCredentials();
  182.       }
  184.       $this->dispatcher->notify(new sfEvent($this, 'user.change_authentication', array('authenticated' => $this->authenticated)));
  186.       $this->storage->regenerate(false);
  187.     }
  188.   }
  190.   public function setTimedOut()
  191.   {
  192.     $this->timedout = true;
  193.   }
  195.   public function isTimedOut()
  196.   {
  197.     return $this->timedout;
  198.   }
  200.   /**
  201.    * Returns the timestamp of the last user request.
  202.    *
  203.    * @return  int
  204.    */
  205.   public function getLastRequestTime()
  206.   {
  207.     return $this->lastRequest;
  208.   }
  210.   /**
  211.    * Available options:
  212.    *
  213.    *  * timeout: Timeout to automatically log out the user in seconds (1800 by default)
  214.    *             Set to false to disable
  215.    *
  216.    * @param sfEventDispatcher $dispatcher  An sfEventDispatcher instance.
  217.    * @param sfStorage         $storage     An sfStorage instance.
  218.    * @param array             $options     An associative array of options.
  219.    *
  220.    * @see sfUser
  221.    */
  222.   public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
  223.   {
  224.     // initialize parent
  225.     parent::initialize($dispatcher, $storage, $options);
  227.     if (!array_key_exists('timeout', $this->options))
  228.     {
  229.       $this->options['timeout'] = 1800;
  230.     }
  232.     // force the max lifetime for session garbage collector to be greater than timeout
  233.     if (ini_get('session.gc_maxlifetime') < $this->options['timeout'])
  234.     {
  235.       ini_set('session.gc_maxlifetime', $this->options['timeout']);
  236.     }
  238.     // read data from storage
  239.     $this->authenticated = $storage->read(self::AUTH_NAMESPACE);
  240.     $this->credentials   = $storage->read(self::CREDENTIAL_NAMESPACE);
  241.     $this->lastRequest   = $storage->read(self::LAST_REQUEST_NAMESPACE);
  243.     if (null === $this->authenticated)
  244.     {
  245.       $this->authenticated = false;
  246.       $this->credentials   = array();
  247.     }
  248.     else
  249.     {
  250.       // Automatic logout logged in user if no request within timeout parameter seconds
  251.       $timeout = $this->options['timeout'];
  252.       if (false !== $timeout && null !== $this->lastRequest && time() - $this->lastRequest >= $timeout)
  253.       {
  254.         if ($this->options['logging'])
  255.         {
  256.           $this->dispatcher->notify(new sfEvent($this, 'application.log', array('Automatic user logout due to timeout')));
  257.         }
  259.         $this->setTimedOut();
  260.         $this->setAuthenticated(false);
  261.       }
  262.     }
  264.     $this->lastRequest = time();
  265.   }
  267.   public function shutdown()
  268.   {
  269.     // write the last request time to the storage
  270.     $this->storage->write(self::LAST_REQUEST_NAMESPACE, $this->lastRequest);
  272.     $this->storage->write(self::AUTH_NAMESPACE,         $this->authenticated);
  273.     $this->storage->write(self::CREDENTIAL_NAMESPACE,   $this->credentials);
  275.     // call the parent shutdown method
  276.     parent::shutdown();
  277.   }
  278. }
Debug toolbar