1: <?php
2:
3: 4: 5: 6: 7: 8: 9: 10:
11:
12: namespace Nette\Security;
13:
14: use Nette;
15:
16:
17:
18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30:
31: class User extends Nette\Object
32: {
33:
34: const MANUAL = IUserStorage::MANUAL,
35: INACTIVITY = IUserStorage::INACTIVITY,
36: BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
37:
38:
39: public $guestRole = 'guest';
40:
41:
42: public $authenticatedRole = 'authenticated';
43:
44:
45: public $onLoggedIn;
46:
47:
48: public $onLoggedOut;
49:
50:
51: private $storage;
52:
53:
54: private $authenticator;
55:
56:
57: private $authorizator;
58:
59:
60: private $context;
61:
62:
63:
64: public function __construct(IUserStorage $storage, Nette\DI\IContainer $context)
65: {
66: $this->storage = $storage;
67: $this->context = $context;
68: }
69:
70:
71:
72: 73: 74:
75: final public function getStorage()
76: {
77: return $this->storage;
78: }
79:
80:
81:
82:
83:
84:
85:
86: 87: 88: 89: 90: 91: 92:
93: public function login($id = NULL, $password = NULL)
94: {
95: $this->logout(TRUE);
96: if (!$id instanceof IIdentity) {
97: $credentials = func_get_args();
98: $id = $this->getAuthenticator()->authenticate($credentials);
99: }
100: $this->storage->setIdentity($id);
101: $this->storage->setAuthenticated(TRUE);
102: $this->onLoggedIn($this);
103: }
104:
105:
106:
107: 108: 109: 110: 111:
112: final public function logout($clearIdentity = FALSE)
113: {
114: if ($clearIdentity) {
115: $this->storage->setIdentity(NULL);
116: }
117: if ($this->isLoggedIn()) {
118: $this->storage->setAuthenticated(FALSE);
119: $this->onLoggedOut($this);
120: }
121: }
122:
123:
124:
125: 126: 127: 128:
129: final public function isLoggedIn()
130: {
131: return $this->storage->isAuthenticated();
132: }
133:
134:
135:
136: 137: 138: 139:
140: final public function getIdentity()
141: {
142: return $this->storage->getIdentity();
143: }
144:
145:
146:
147: 148: 149: 150:
151: public function getId()
152: {
153: $identity = $this->getIdentity();
154: return $identity ? $identity->getId() : NULL;
155: }
156:
157:
158:
159: 160: 161: 162: 163:
164: public function setAuthenticator(IAuthenticator $handler)
165: {
166: $this->authenticator = $handler;
167: return $this;
168: }
169:
170:
171:
172: 173: 174: 175:
176: final public function getAuthenticator()
177: {
178: return $this->authenticator ?: $this->context->getByType('Nette\Security\IAuthenticator');
179: }
180:
181:
182:
183: 184: 185: 186: 187: 188: 189:
190: public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
191: {
192: $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
193: $this->storage->setExpiration($time, $flags);
194: return $this;
195: }
196:
197:
198:
199: 200: 201: 202:
203: final public function getLogoutReason()
204: {
205: return $this->storage->getLogoutReason();
206: }
207:
208:
209:
210:
211:
212:
213:
214: 215: 216: 217:
218: public function getRoles()
219: {
220: if (!$this->isLoggedIn()) {
221: return array($this->guestRole);
222: }
223:
224: $identity = $this->getIdentity();
225: return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
226: }
227:
228:
229:
230: 231: 232: 233: 234:
235: final public function isInRole($role)
236: {
237: return in_array($role, $this->getRoles(), TRUE);
238: }
239:
240:
241:
242: 243: 244: 245: 246: 247: 248:
249: public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
250: {
251: $authorizator = $this->getAuthorizator();
252: foreach ($this->getRoles() as $role) {
253: if ($authorizator->isAllowed($role, $resource, $privilege)) {
254: return TRUE;
255: }
256: }
257:
258: return FALSE;
259: }
260:
261:
262:
263: 264: 265: 266: 267:
268: public function setAuthorizator(IAuthorizator $handler)
269: {
270: $this->authorizator = $handler;
271: return $this;
272: }
273:
274:
275:
276: 277: 278: 279:
280: final public function getAuthorizator()
281: {
282: return $this->authorizator ?: $this->context->getByType('Nette\Security\IAuthorizator');
283: }
284:
285:
286:
287:
288:
289:
290: function setNamespace($namespace)
291: {
292: trigger_error(__METHOD__ . '() is deprecated; use getStorage()->setNamespace() instead.', E_USER_WARNING);
293: $this->storage->setNamespace($namespace);
294: return $this;
295: }
296:
297:
298: function getNamespace()
299: {
300: trigger_error(__METHOD__ . '() is deprecated; use getStorage()->getNamespace() instead.', E_USER_WARNING);
301: return $this->storage->getNamespace();
302: }
303:
304:
305: function setAuthenticationHandler($v)
306: {
307: trigger_error(__METHOD__ . '() is deprecated; use setAuthenticator() instead.', E_USER_WARNING);
308: return $this->setAuthenticator($v);
309: }
310:
311:
312: function setAuthorizationHandler($v)
313: {
314: trigger_error(__METHOD__ . '() is deprecated; use setAuthorizator() instead.', E_USER_WARNING);
315: return $this->setAuthorizator($v);
316: }
317:
318: }
319: