Packages

  • Nette
    • Application
      • Diagnostics
      • Responses
      • Routers
      • UI
    • Caching
      • Storages
    • ComponentModel
    • Config
      • Adapters
      • Extensions
    • Database
      • Diagnostics
      • Drivers
      • Reflection
      • Table
    • DI
      • Diagnostics
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
      • Macros
    • Loaders
    • Localization
    • Mail
    • Reflection
    • Security
      • Diagnostics
    • Templating
    • Utils
      • PhpGenerator
  • NetteModule
  • None
  • PHP

Classes

  • Identity
  • Permission
  • SimpleAuthenticator
  • User

Interfaces

  • IAuthenticator
  • IAuthorizator
  • IIdentity
  • IResource
  • IRole
  • IUserStorage

Exceptions

  • AuthenticationException
  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (http://nette.org)
  5:  *
  6:  * Copyright (c) 2004 David Grudl (http://davidgrudl.com)
  7:  *
  8:  * For the full copyright and license information, please view
  9:  * the file license.txt that was distributed with this source code.
 10:  * @package Nette\Security
 11:  */
 12: 
 13: 
 14: 
 15: /**
 16:  * User authentication and authorization.
 17:  *
 18:  * @author     David Grudl
 19:  *
 20:  * @property-read bool $loggedIn
 21:  * @property-read IIdentity $identity
 22:  * @property-read mixed $id
 23:  * @property   IAuthenticator $authenticator
 24:  * @property-read int $logoutReason
 25:  * @property-read array $roles
 26:  * @property   IAuthorizator $authorizator
 27:  * @package Nette\Security
 28:  */
 29: class User extends Object
 30: {
 31:     /** @var string  default role for unauthenticated user */
 32:     public $guestRole = 'guest';
 33: 
 34:     /** @var string  default role for authenticated user without own identity */
 35:     public $authenticatedRole = 'authenticated';
 36: 
 37:     /** @var array of function(User $sender); Occurs when the user is successfully logged in */
 38:     public $onLoggedIn;
 39: 
 40:     /** @var array of function(User $sender); Occurs when the user is logged out */
 41:     public $onLoggedOut;
 42: 
 43:     /** @var IUserStorage Session storage for current user */
 44:     private $storage;
 45: 
 46:     /** @var IAuthenticator */
 47:     private $authenticator;
 48: 
 49:     /** @var IAuthorizator */
 50:     private $authorizator;
 51: 
 52:     /** @var DIContainer */
 53:     private $context;
 54: 
 55: 
 56:     public function __construct(IUserStorage $storage, DIContainer $context)
 57:     {
 58:         $this->storage = $storage;
 59:         $this->context = $context; // with IAuthenticator, IAuthorizator
 60:     }
 61: 
 62: 
 63:     /**
 64:      * @return IUserStorage
 65:      */
 66:     final public function getStorage()
 67:     {
 68:         return $this->storage;
 69:     }
 70: 
 71: 
 72:     /********************* Authentication ****************d*g**/
 73: 
 74: 
 75:     /**
 76:      * Conducts the authentication process. Parameters are optional.
 77:      * @param  mixed optional parameter (e.g. username or IIdentity)
 78:      * @param  mixed optional parameter (e.g. password)
 79:      * @return void
 80:      * @throws AuthenticationException if authentication was not successful
 81:      */
 82:     public function login($id = NULL, $password = NULL)
 83:     {
 84:         $this->logout(TRUE);
 85:         if (!$id instanceof IIdentity) {
 86:             $id = $this->getAuthenticator()->authenticate(func_get_args());
 87:         }
 88:         $this->storage->setIdentity($id);
 89:         $this->storage->setAuthenticated(TRUE);
 90:         $this->onLoggedIn($this);
 91:     }
 92: 
 93: 
 94:     /**
 95:      * Logs out the user from the current session.
 96:      * @param  bool  clear the identity from persistent storage?
 97:      * @return void
 98:      */
 99:     final public function logout($clearIdentity = FALSE)
100:     {
101:         if ($this->isLoggedIn()) {
102:             $this->onLoggedOut($this);
103:             $this->storage->setAuthenticated(FALSE);
104:         }
105:         if ($clearIdentity) {
106:             $this->storage->setIdentity(NULL);
107:         }
108:     }
109: 
110: 
111:     /**
112:      * Is this user authenticated?
113:      * @return bool
114:      */
115:     final public function isLoggedIn()
116:     {
117:         return $this->storage->isAuthenticated();
118:     }
119: 
120: 
121:     /**
122:      * Returns current user identity, if any.
123:      * @return IIdentity|NULL
124:      */
125:     final public function getIdentity()
126:     {
127:         return $this->storage->getIdentity();
128:     }
129: 
130: 
131:     /**
132:      * Returns current user ID, if any.
133:      * @return mixed
134:      */
135:     public function getId()
136:     {
137:         $identity = $this->getIdentity();
138:         return $identity ? $identity->getId() : NULL;
139:     }
140: 
141: 
142:     /**
143:      * Sets authentication handler.
144:      * @return self
145:      */
146:     public function setAuthenticator(IAuthenticator $handler)
147:     {
148:         $this->authenticator = $handler;
149:         return $this;
150:     }
151: 
152: 
153:     /**
154:      * Returns authentication handler.
155:      * @return IAuthenticator
156:      */
157:     final public function getAuthenticator()
158:     {
159:         return ($tmp=$this->authenticator) ? $tmp : $this->context->getByType('IAuthenticator');
160:     }
161: 
162: 
163:     /**
164:      * Enables log out after inactivity.
165:      * @param  string|int|DateTime number of seconds or timestamp
166:      * @param  bool  log out when the browser is closed?
167:      * @param  bool  clear the identity from persistent storage?
168:      * @return self
169:      */
170:     public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
171:     {
172:         $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
173:         $this->storage->setExpiration($time, $flags);
174:         return $this;
175:     }
176: 
177: 
178:     /**
179:      * Why was user logged out?
180:      * @return int
181:      */
182:     final public function getLogoutReason()
183:     {
184:         return $this->storage->getLogoutReason();
185:     }
186: 
187: 
188:     /********************* Authorization ****************d*g**/
189: 
190: 
191:     /**
192:      * Returns a list of effective roles that a user has been granted.
193:      * @return array
194:      */
195:     public function getRoles()
196:     {
197:         if (!$this->isLoggedIn()) {
198:             return array($this->guestRole);
199:         }
200: 
201:         $identity = $this->getIdentity();
202:         return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
203:     }
204: 
205: 
206:     /**
207:      * Is a user in the specified effective role?
208:      * @param  string
209:      * @return bool
210:      */
211:     final public function isInRole($role)
212:     {
213:         return in_array($role, $this->getRoles(), TRUE);
214:     }
215: 
216: 
217:     /**
218:      * Has a user effective access to the Resource?
219:      * If $resource is NULL, then the query applies to all resources.
220:      * @param  string  resource
221:      * @param  string  privilege
222:      * @return bool
223:      */
224:     public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
225:     {
226:         $authorizator = $this->getAuthorizator();
227:         foreach ($this->getRoles() as $role) {
228:             if ($authorizator->isAllowed($role, $resource, $privilege)) {
229:                 return TRUE;
230:             }
231:         }
232: 
233:         return FALSE;
234:     }
235: 
236: 
237:     /**
238:      * Sets authorization handler.
239:      * @return self
240:      */
241:     public function setAuthorizator(IAuthorizator $handler)
242:     {
243:         $this->authorizator = $handler;
244:         return $this;
245:     }
246: 
247: 
248:     /**
249:      * Returns current authorization handler.
250:      * @return IAuthorizator
251:      */
252:     final public function getAuthorizator()
253:     {
254:         return ($tmp=$this->authorizator) ? $tmp : $this->context->getByType('IAuthorizator');
255:     }
256: 
257: 
258:     /********************* deprecated ****************d*g**/
259: 
260:     /** @deprecated */
261:     function setNamespace($namespace)
262:     {
263:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->setNamespace() instead.', E_USER_WARNING);
264:         $this->storage->setNamespace($namespace);
265:         return $this;
266:     }
267: 
268:     /** @deprecated */
269:     function getNamespace()
270:     {
271:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->getNamespace() instead.', E_USER_WARNING);
272:         return $this->storage->getNamespace();
273:     }
274: 
275:     /** @deprecated */
276:     function setAuthenticationHandler($v)
277:     {
278:         trigger_error(__METHOD__ . '() is deprecated; use setAuthenticator() instead.', E_USER_WARNING);
279:         return $this->setAuthenticator($v);
280:     }
281: 
282:     /** @deprecated */
283:     function setAuthorizationHandler($v)
284:     {
285:         trigger_error(__METHOD__ . '() is deprecated; use setAuthorizator() instead.', E_USER_WARNING);
286:         return $this->setAuthorizator($v);
287:     }
288: 
289: }
290: 
Nette Framework 2.0.13 (for PHP 5.2, un-prefixed) API API documentation generated by ApiGen 2.8.0