1: <?php
2:
3: 4: 5: 6:
7:
8: namespace Nette\Security;
9:
10: use Nette;
11:
12:
13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24:
25: class User extends Nette\Object
26: {
27:
28: const MANUAL = IUserStorage::MANUAL,
29: INACTIVITY = IUserStorage::INACTIVITY,
30: BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
31:
32:
33: public $guestRole = 'guest';
34:
35:
36: public $authenticatedRole = 'authenticated';
37:
38:
39: public $onLoggedIn;
40:
41:
42: public $onLoggedOut;
43:
44:
45: private $storage;
46:
47:
48: private $authenticator;
49:
50:
51: private $authorizator;
52:
53:
54: public function __construct(IUserStorage $storage, IAuthenticator $authenticator = NULL, IAuthorizator $authorizator = NULL)
55: {
56: $this->storage = $storage;
57: $this->authenticator = $authenticator;
58: $this->authorizator = $authorizator;
59: }
60:
61:
62: 63: 64:
65: public function getStorage()
66: {
67: return $this->storage;
68: }
69:
70:
71:
72:
73:
74: 75: 76: 77: 78: 79: 80:
81: public function login($id = NULL, $password = NULL)
82: {
83: $this->logout(TRUE);
84: if (!$id instanceof IIdentity) {
85: $id = $this->getAuthenticator()->authenticate(func_get_args());
86: }
87: $this->storage->setIdentity($id);
88: $this->storage->setAuthenticated(TRUE);
89: $this->onLoggedIn($this);
90: }
91:
92:
93: 94: 95: 96: 97:
98: public function logout($clearIdentity = FALSE)
99: {
100: if ($this->isLoggedIn()) {
101: $this->onLoggedOut($this);
102: $this->storage->setAuthenticated(FALSE);
103: }
104: if ($clearIdentity) {
105: $this->storage->setIdentity(NULL);
106: }
107: }
108:
109:
110: 111: 112: 113:
114: public function isLoggedIn()
115: {
116: return $this->storage->isAuthenticated();
117: }
118:
119:
120: 121: 122: 123:
124: public function getIdentity()
125: {
126: return $this->storage->getIdentity();
127: }
128:
129:
130: 131: 132: 133:
134: public function getId()
135: {
136: $identity = $this->getIdentity();
137: return $identity ? $identity->getId() : NULL;
138: }
139:
140:
141: 142: 143: 144:
145: public function setAuthenticator(IAuthenticator $handler)
146: {
147: $this->authenticator = $handler;
148: return $this;
149: }
150:
151:
152: 153: 154: 155:
156: public function getAuthenticator($need = TRUE)
157: {
158: if ($need && !$this->authenticator) {
159: throw new Nette\InvalidStateException('Authenticator has not been set.');
160: }
161: return $this->authenticator;
162: }
163:
164:
165: 166: 167: 168: 169: 170: 171:
172: public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
173: {
174: $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
175: $this->storage->setExpiration($time, $flags);
176: return $this;
177: }
178:
179:
180: 181: 182: 183:
184: public function getLogoutReason()
185: {
186: return $this->storage->getLogoutReason();
187: }
188:
189:
190:
191:
192:
193: 194: 195: 196:
197: public function getRoles()
198: {
199: if (!$this->isLoggedIn()) {
200: return array($this->guestRole);
201: }
202:
203: $identity = $this->getIdentity();
204: return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
205: }
206:
207:
208: 209: 210: 211: 212:
213: public function isInRole($role)
214: {
215: return in_array($role, $this->getRoles(), TRUE);
216: }
217:
218:
219: 220: 221: 222: 223: 224: 225:
226: public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
227: {
228: foreach ($this->getRoles() as $role) {
229: if ($this->getAuthorizator()->isAllowed($role, $resource, $privilege)) {
230: return TRUE;
231: }
232: }
233:
234: return FALSE;
235: }
236:
237:
238: 239: 240: 241:
242: public function setAuthorizator(IAuthorizator $handler)
243: {
244: $this->authorizator = $handler;
245: return $this;
246: }
247:
248:
249: 250: 251: 252:
253: public function getAuthorizator($need = TRUE)
254: {
255: if ($need && !$this->authorizator) {
256: throw new Nette\InvalidStateException('Authorizator has not been set.');
257: }
258: return $this->authorizator;
259: }
260:
261: }
262: