default.class.php
Go to the documentation of this file.
00001 <?php 00011 class security_default extends security_abstract { 00012 00018 protected $session; 00019 00025 protected $table; 00026 00032 protected $user; 00033 00039 protected $form; 00040 00046 protected $logged = false; 00047 00053 protected $roles = array(); 00054 00055 protected function afterInit() { 00056 parent::afterInit(); 00057 $this->session = session::getInstance(array( 00058 'nameSpace'=>$this->cfg->sessionNameSpace 00059 )); 00060 $this->table = db::get('table', $this->cfg->table); 00061 $this->autoLogin(); 00062 } 00063 00067 protected function autoLogin() { 00068 $fromSession = true; 00069 if (!$cryptic = $this->session->cryptic) { 00070 // Try to check the cookie 00071 $cook = factory::get('http_cookie', $this->cfg->cookie); 00072 $cryptic = $cook->get(true); 00073 $fromSession = false; 00074 } 00075 00076 if ($cryptic) { 00077 $this->user = $this->getUserFromCryptic($cryptic); 00078 if ($this->user) { 00079 $this->logged = true; 00080 $this->hook('autoLogin'.($fromSession ? 'Session' : null)); 00081 $this->session->cryptic = $cryptic; 00082 } else if (isset($cook)) 00083 $cook->del(); 00084 } 00085 } 00086 00093 public function getUserFromCryptic($cryptic) { 00094 return $this->table->find(array_merge(array( 00095 $this->table->getRawName().'.'.$this->cfg->getInArray('fields', 'cryptic')=>$cryptic 00096 ), $this->cfg->where)); 00097 } 00098 00099 public function isLogged() { 00100 return $this->logged; 00101 } 00102 00108 public function getUser() { 00109 if ($this->isLogged() && $this->user) 00110 return $this->user; 00111 return null; 00112 } 00113 00120 public function setUser(db_row $user, $saveLogin=true) { 00121 $this->user = $user; 00122 if ($saveLogin) 00123 $this->saveLogin(); 00124 } 00125 00130 protected function saveLogin() { 00131 $crypticKey = $this->cfg->getInArray('fields', 'cryptic'); 00132 $cryptic = $this->cryptPass(uniqid(), 'Cryptic'); 00133 $this->user->set($crypticKey, $cryptic); 00134 $this->user->save(); 00135 $this->logFromCryptic($cryptic); 00136 } 00137 00146 public function login($prm = null, $page = null, $redirectIfLogged = true) { 00147 $loginField = $this->cfg->getInArray('fields', 'login'); 00148 $passField = $this->cfg->getInArray('fields', 'pass'); 00149 00150 $form = $this->getLoginForm(); 00151 if (is_null($prm)) { 00152 if (request::isPost()) { 00153 $form->refill(); 00154 $prm = $form->getValues(true); 00155 } 00156 } 00157 00158 if (is_array($prm) 00159 && array_key_exists($loginField, $prm) 00160 && array_key_exists($passField, $prm)) { 00161 $tableName = $this->table->getRawName(); 00162 $this->user = $this->table->find(array_merge(array( 00163 $tableName.'.'.$loginField=>$prm[$loginField], 00164 $tableName.'.'.$passField=>$this->cryptPass($prm[$passField]) 00165 ), $this->cfg->where)); 00166 if ($this->user) { 00167 $this->saveLogin(); 00168 if (array_key_exists('stayConnected', $prm) && $prm['stayConnected']) { 00169 $cook = factory::get('http_cookie', $this->cfg->cookie); 00170 $cook->set($this->user->get($this->cfg->getInArray('fields', 'cryptic'))); 00171 $cook->save(); 00172 } 00173 $this->hook('login'); 00174 } else 00175 $form->addCustomError($loginField, $this->cfg->errorMsg); 00176 if ($this->logged && $redirectIfLogged) { 00177 if (is_null($page)) { 00178 if ($this->session->pageFrom) { 00179 $page = $this->session->pageFrom; 00180 unset($this->session->pageFrom); 00181 } else 00182 $page = request::uri($this->getPage('logged')); 00183 } else 00184 $page = request::uri($page); 00185 response::getInstance()->redirect($page); 00186 } 00187 } 00188 return $this->logged; 00189 } 00190 00196 public function logFromCryptic($cryptic) { 00197 $this->session->cryptic = $cryptic; 00198 $this->logged = true; 00199 } 00200 00208 public function cryptPass($str, $plus='Password') { 00209 $crypt = $this->cfg->get('crypt'.$plus); 00210 if ($crypt && function_exists($crypt)) 00211 $str = $crypt($str); 00212 return $str; 00213 } 00214 00215 public function logout($prm = null) { 00216 if ($this->isLogged()) { 00217 $this->session->del('cryptic'); 00218 $this->logged = false; 00219 // Clear the cookie 00220 $cook = factory::get('http_cookie', $this->cfg->cookie); 00221 $cook->del(); 00222 } 00223 $this->hook('logout'); 00224 return $this->logged == false; 00225 } 00226 00227 public function addRole($role) { 00228 $this->roles[$role] = true; 00229 return true; 00230 } 00231 00232 public function hasRole($role=null) { 00233 if (is_null($role)) 00234 return $this->roles; 00235 00236 return array_key_exists($role, $this->roles); 00237 } 00238 00239 public function delRole($role=null) { 00240 if (is_null($role)) { 00241 $this->roles = array(); 00242 return true; 00243 } 00244 unset($this->roles[$rol]); 00245 return true; 00246 } 00247 00248 public function check(array $url = null, $redirect=true) { 00249 if (is_null($url)) 00250 $url = request::get(); 00251 00252 if ($this->isContained($url, $this->cfg->noSecurity)) 00253 return true; 00254 00255 $hasRight = $this->cfg->default; 00256 if ($this->isContained($url, $this->cfg->spec)) { 00257 if ($hasRight) { 00258 $hasRight = $this->isLogged(); 00259 } else { 00260 $hasRight = true; 00261 } 00262 } else if ($this->isLogged()) { 00263 if (!empty($this->cfg->rightRoles)) { 00264 $checks = array(); 00265 foreach($this->hasRole() as $r=>$t) { 00266 $tmp = $this->cfg->getInArray('rightRoles', $r); 00267 if (is_array($tmp)) { 00268 foreach($tmp as $c) 00269 $checks[] = $c; 00270 } 00271 } 00272 $hasRight = $this->isContained($url, $checks); 00273 } else 00274 $hasRight = true; 00275 } 00276 00277 if (!$hasRight && $redirect) { 00278 $request = request::removeLangOutUrl('/'.request::get('request')); 00279 if ($request != $this->getPage('forbidden') && $request != $this->getPage('login')) { 00280 $this->session->pageFrom = request::get('localUri'); 00281 session::setFlash('nyroError', $this->cfg->errorText); 00282 $this->hook('redirectError'); 00283 response::getInstance()->redirect($this->getPage('forbidden', true), 403); 00284 } 00285 } 00286 00287 return $hasRight; 00288 } 00289 00290 public function getLoginForm(array $prm = array()) { 00291 if (!$this->form) { 00292 $this->form = $this->table->getRow()->getForm(array( 00293 $this->cfg->getInArray('fields', 'login'), 00294 $this->cfg->getInArray('fields', 'pass') 00295 ), array_merge($this->cfg->formOptions, $prm, array( 00296 'action'=>request::uri($this->getPage('login')) 00297 )), false); 00298 $this->form->get($this->cfg->getInArray('fields', 'login'))->getValid()->delRule('dbUnique'); 00299 if ($this->cfg->stayConnected) { 00300 $this->form->add('checkbox', array( 00301 'name'=>'stayConnected', 00302 'label'=>false, 00303 'uniqValue'=>true, 00304 'valid'=>array('required'=>false), 00305 'list'=>array( 00306 1=>utils::htmlOut($this->cfg->labelStayConnected) 00307 ) 00308 )); 00309 } 00310 } 00311 00312 return $this->form; 00313 } 00314 00320 public function getSession() { 00321 return $this->session; 00322 } 00323 00324 }
