Namespaces

  • Nette
    • Application
      • Diagnostics
      • Responses
      • Routers
      • UI
    • Caching
      • Storages
    • ComponentModel
    • Config
      • Adapters
      • Extensions
    • Database
      • Diagnostics
      • Drivers
      • Reflection
      • Table
    • DI
      • Diagnostics
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
      • Macros
    • Loaders
    • Localization
    • Mail
    • Reflection
    • Security
      • Diagnostics
    • Templating
    • Utils
      • PhpGenerator
  • NetteModule
  • None
  • PHP

Classes

  • Identity
  • Permission
  • SimpleAuthenticator
  • User

Interfaces

  • IAuthenticator
  • IAuthorizator
  • IIdentity
  • IResource
  • IRole
  • IUserStorage

Exceptions

  • AuthenticationException
  • Overview
  • Namespace
  • Class
  • Tree
  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (http://nette.org)
  5:  *
  6:  * Copyright (c) 2004 David Grudl (http://davidgrudl.com)
  7:  *
  8:  * For the full copyright and license information, please view
  9:  * the file license.txt that was distributed with this source code.
 10:  */
 11: 
 12: namespace Nette\Security;
 13: 
 14: use Nette;
 15: 
 16: 
 17: 
 18: /**
 19:  * User authentication and authorization.
 20:  *
 21:  * @author     David Grudl
 22:  *
 23:  * @property-read bool $loggedIn
 24:  * @property-read IIdentity $identity
 25:  * @property-read mixed $id
 26:  * @property   IAuthenticator $authenticator
 27:  * @property-read int $logoutReason
 28:  * @property-read array $roles
 29:  * @property   IAuthorizator $authorizator
 30:  */
 31: class User extends Nette\Object
 32: {
 33:      /** @deprecated */
 34:     const MANUAL = IUserStorage::MANUAL,
 35:         INACTIVITY = IUserStorage::INACTIVITY,
 36:         BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
 37: 
 38:     /** @var string  default role for unauthenticated user */
 39:     public $guestRole = 'guest';
 40: 
 41:     /** @var string  default role for authenticated user without own identity */
 42:     public $authenticatedRole = 'authenticated';
 43: 
 44:     /** @var array of function(User $sender); Occurs when the user is successfully logged in */
 45:     public $onLoggedIn;
 46: 
 47:     /** @var array of function(User $sender); Occurs when the user is logged out */
 48:     public $onLoggedOut;
 49: 
 50:     /** @var IUserStorage Session storage for current user */
 51:     private $storage;
 52: 
 53:     /** @var IAuthenticator */
 54:     private $authenticator;
 55: 
 56:     /** @var IAuthorizator */
 57:     private $authorizator;
 58: 
 59:     /** @var Nette\DI\Container */
 60:     private $context;
 61: 
 62: 
 63: 
 64:     public function __construct(IUserStorage $storage, Nette\DI\Container $context)
 65:     {
 66:         $this->storage = $storage;
 67:         $this->context = $context; // with IAuthenticator, IAuthorizator
 68:     }
 69: 
 70: 
 71: 
 72:     /**
 73:      * @return IUserStorage
 74:      */
 75:     final public function getStorage()
 76:     {
 77:         return $this->storage;
 78:     }
 79: 
 80: 
 81: 
 82:     /********************* Authentication ****************d*g**/
 83: 
 84: 
 85: 
 86:     /**
 87:      * Conducts the authentication process. Parameters are optional.
 88:      * @param  mixed optional parameter (e.g. username or IIdentity)
 89:      * @param  mixed optional parameter (e.g. password)
 90:      * @return void
 91:      * @throws AuthenticationException if authentication was not successful
 92:      */
 93:     public function login($id = NULL, $password = NULL)
 94:     {
 95:         $this->logout(TRUE);
 96:         if (!$id instanceof IIdentity) {
 97:             $credentials = func_get_args();
 98:             $id = $this->getAuthenticator()->authenticate($credentials);
 99:         }
100:         $this->storage->setIdentity($id);
101:         $this->storage->setAuthenticated(TRUE);
102:         $this->onLoggedIn($this);
103:     }
104: 
105: 
106: 
107:     /**
108:      * Logs out the user from the current session.
109:      * @param  bool  clear the identity from persistent storage?
110:      * @return void
111:      */
112:     final public function logout($clearIdentity = FALSE)
113:     {
114:         if ($this->isLoggedIn()) {
115:             $this->onLoggedOut($this);
116:             $this->storage->setAuthenticated(FALSE);
117:         }
118:         if ($clearIdentity) {
119:             $this->storage->setIdentity(NULL);
120:         }
121:     }
122: 
123: 
124: 
125:     /**
126:      * Is this user authenticated?
127:      * @return bool
128:      */
129:     final public function isLoggedIn()
130:     {
131:         return $this->storage->isAuthenticated();
132:     }
133: 
134: 
135: 
136:     /**
137:      * Returns current user identity, if any.
138:      * @return IIdentity|NULL
139:      */
140:     final public function getIdentity()
141:     {
142:         return $this->storage->getIdentity();
143:     }
144: 
145: 
146: 
147:     /**
148:      * Returns current user ID, if any.
149:      * @return mixed
150:      */
151:     public function getId()
152:     {
153:         $identity = $this->getIdentity();
154:         return $identity ? $identity->getId() : NULL;
155:     }
156: 
157: 
158: 
159:     /**
160:      * Sets authentication handler.
161:      * @param  IAuthenticator
162:      * @return User  provides a fluent interface
163:      */
164:     public function setAuthenticator(IAuthenticator $handler)
165:     {
166:         $this->authenticator = $handler;
167:         return $this;
168:     }
169: 
170: 
171: 
172:     /**
173:      * Returns authentication handler.
174:      * @return IAuthenticator
175:      */
176:     final public function getAuthenticator()
177:     {
178:         return $this->authenticator ?: $this->context->getByType('Nette\Security\IAuthenticator');
179:     }
180: 
181: 
182: 
183:     /**
184:      * Enables log out after inactivity.
185:      * @param  string|int|DateTime number of seconds or timestamp
186:      * @param  bool  log out when the browser is closed?
187:      * @param  bool  clear the identity from persistent storage?
188:      * @return User  provides a fluent interface
189:      */
190:     public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
191:     {
192:         $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
193:         $this->storage->setExpiration($time, $flags);
194:         return $this;
195:     }
196: 
197: 
198: 
199:     /**
200:      * Why was user logged out?
201:      * @return int
202:      */
203:     final public function getLogoutReason()
204:     {
205:         return $this->storage->getLogoutReason();
206:     }
207: 
208: 
209: 
210:     /********************* Authorization ****************d*g**/
211: 
212: 
213: 
214:     /**
215:      * Returns a list of effective roles that a user has been granted.
216:      * @return array
217:      */
218:     public function getRoles()
219:     {
220:         if (!$this->isLoggedIn()) {
221:             return array($this->guestRole);
222:         }
223: 
224:         $identity = $this->getIdentity();
225:         return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
226:     }
227: 
228: 
229: 
230:     /**
231:      * Is a user in the specified effective role?
232:      * @param  string
233:      * @return bool
234:      */
235:     final public function isInRole($role)
236:     {
237:         return in_array($role, $this->getRoles(), TRUE);
238:     }
239: 
240: 
241: 
242:     /**
243:      * Has a user effective access to the Resource?
244:      * If $resource is NULL, then the query applies to all resources.
245:      * @param  string  resource
246:      * @param  string  privilege
247:      * @return bool
248:      */
249:     public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
250:     {
251:         $authorizator = $this->getAuthorizator();
252:         foreach ($this->getRoles() as $role) {
253:             if ($authorizator->isAllowed($role, $resource, $privilege)) {
254:                 return TRUE;
255:             }
256:         }
257: 
258:         return FALSE;
259:     }
260: 
261: 
262: 
263:     /**
264:      * Sets authorization handler.
265:      * @param  IAuthorizator
266:      * @return User  provides a fluent interface
267:      */
268:     public function setAuthorizator(IAuthorizator $handler)
269:     {
270:         $this->authorizator = $handler;
271:         return $this;
272:     }
273: 
274: 
275: 
276:     /**
277:      * Returns current authorization handler.
278:      * @return IAuthorizator
279:      */
280:     final public function getAuthorizator()
281:     {
282:         return $this->authorizator ?: $this->context->getByType('Nette\Security\IAuthorizator');
283:     }
284: 
285: 
286: 
287:     /********************* deprecated ****************d*g**/
288: 
289:     /** @deprecated */
290:     function setNamespace($namespace)
291:     {
292:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->setNamespace() instead.', E_USER_WARNING);
293:         $this->storage->setNamespace($namespace);
294:         return $this;
295:     }
296: 
297:     /** @deprecated */
298:     function getNamespace()
299:     {
300:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->getNamespace() instead.', E_USER_WARNING);
301:         return $this->storage->getNamespace();
302:     }
303: 
304:     /** @deprecated */
305:     function setAuthenticationHandler($v)
306:     {
307:         trigger_error(__METHOD__ . '() is deprecated; use setAuthenticator() instead.', E_USER_WARNING);
308:         return $this->setAuthenticator($v);
309:     }
310: 
311:     /** @deprecated */
312:     function setAuthorizationHandler($v)
313:     {
314:         trigger_error(__METHOD__ . '() is deprecated; use setAuthorizator() instead.', E_USER_WARNING);
315:         return $this->setAuthorizator($v);
316:     }
317: 
318: }
319: 
Nette Framework 2.0.3 API API documentation generated by ApiGen 2.7.0