Namespaces

  • Latte
    • Loaders
    • Macros
    • Runtime
  • Nette
    • Application
      • Responses
      • Routers
      • UI
    • Bridges
      • ApplicationDI
      • ApplicationLatte
      • ApplicationTracy
      • CacheDI
      • CacheLatte
      • DatabaseDI
      • DatabaseTracy
      • DITracy
      • FormsDI
      • FormsLatte
      • Framework
      • HttpDI
      • HttpTracy
      • MailDI
      • ReflectionDI
      • SecurityDI
      • SecurityTracy
    • Caching
      • Storages
    • ComponentModel
    • Database
      • Conventions
      • Drivers
      • Reflection
      • Table
    • DI
      • Config
        • Adapters
      • Extensions
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
    • Loaders
    • Localization
    • Mail
    • Neon
    • PhpGenerator
    • Reflection
    • Security
    • Templating
    • Utils
  • NetteModule
  • none
  • Tracy
    • Bridges
      • Nette

Classes

  • Identity
  • Passwords
  • Permission
  • SimpleAuthenticator
  • User

Interfaces

  • IAuthenticator
  • IAuthorizator
  • IIdentity
  • IResource
  • IRole
  • IUserStorage

Exceptions

  • AuthenticationException
  • Overview
  • Namespace
  • Class
  • Tree
  • Deprecated
  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (http://nette.org)
  5:  * Copyright (c) 2004 David Grudl (http://davidgrudl.com)
  6:  */
  7: 
  8: namespace Nette\Security;
  9: 
 10: use Nette;
 11: 
 12: 
 13: /**
 14:  * User authentication and authorization.
 15:  *
 16:  * @property-read bool $loggedIn
 17:  * @property-read IIdentity $identity
 18:  * @property-read mixed $id
 19:  * @property-read array $roles
 20:  * @property-read int $logoutReason
 21:  * @property-read IUserStorage $storage
 22:  * @property   IAuthenticator $authenticator
 23:  * @property   IAuthorizator $authorizator
 24:  */
 25: class User extends Nette\Object
 26: {
 27:     /** @deprecated */
 28:     const MANUAL = IUserStorage::MANUAL,
 29:         INACTIVITY = IUserStorage::INACTIVITY,
 30:         BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
 31: 
 32:     /** @var string  default role for unauthenticated user */
 33:     public $guestRole = 'guest';
 34: 
 35:     /** @var string  default role for authenticated user without own identity */
 36:     public $authenticatedRole = 'authenticated';
 37: 
 38:     /** @var callable[]  function (User $sender); Occurs when the user is successfully logged in */
 39:     public $onLoggedIn;
 40: 
 41:     /** @var callable[]  function (User $sender); Occurs when the user is logged out */
 42:     public $onLoggedOut;
 43: 
 44:     /** @var IUserStorage Session storage for current user */
 45:     private $storage;
 46: 
 47:     /** @var IAuthenticator */
 48:     private $authenticator;
 49: 
 50:     /** @var IAuthorizator */
 51:     private $authorizator;
 52: 
 53: 
 54:     public function __construct(IUserStorage $storage, IAuthenticator $authenticator = NULL, IAuthorizator $authorizator = NULL)
 55:     {
 56:         $this->storage = $storage;
 57:         $this->authenticator = $authenticator;
 58:         $this->authorizator = $authorizator;
 59:     }
 60: 
 61: 
 62:     /**
 63:      * @return IUserStorage
 64:      */
 65:     public function getStorage()
 66:     {
 67:         return $this->storage;
 68:     }
 69: 
 70: 
 71:     /********************* Authentication ****************d*g**/
 72: 
 73: 
 74:     /**
 75:      * Conducts the authentication process. Parameters are optional.
 76:      * @param  mixed optional parameter (e.g. username or IIdentity)
 77:      * @param  mixed optional parameter (e.g. password)
 78:      * @return void
 79:      * @throws AuthenticationException if authentication was not successful
 80:      */
 81:     public function login($id = NULL, $password = NULL)
 82:     {
 83:         $this->logout(TRUE);
 84:         if (!$id instanceof IIdentity) {
 85:             $id = $this->getAuthenticator()->authenticate(func_get_args());
 86:         }
 87:         $this->storage->setIdentity($id);
 88:         $this->storage->setAuthenticated(TRUE);
 89:         $this->onLoggedIn($this);
 90:     }
 91: 
 92: 
 93:     /**
 94:      * Logs out the user from the current session.
 95:      * @param  bool  clear the identity from persistent storage?
 96:      * @return void
 97:      */
 98:     public function logout($clearIdentity = FALSE)
 99:     {
100:         if ($this->isLoggedIn()) {
101:             $this->onLoggedOut($this);
102:             $this->storage->setAuthenticated(FALSE);
103:         }
104:         if ($clearIdentity) {
105:             $this->storage->setIdentity(NULL);
106:         }
107:     }
108: 
109: 
110:     /**
111:      * Is this user authenticated?
112:      * @return bool
113:      */
114:     public function isLoggedIn()
115:     {
116:         return $this->storage->isAuthenticated();
117:     }
118: 
119: 
120:     /**
121:      * Returns current user identity, if any.
122:      * @return IIdentity|NULL
123:      */
124:     public function getIdentity()
125:     {
126:         return $this->storage->getIdentity();
127:     }
128: 
129: 
130:     /**
131:      * Returns current user ID, if any.
132:      * @return mixed
133:      */
134:     public function getId()
135:     {
136:         $identity = $this->getIdentity();
137:         return $identity ? $identity->getId() : NULL;
138:     }
139: 
140: 
141:     /**
142:      * Sets authentication handler.
143:      * @return self
144:      */
145:     public function setAuthenticator(IAuthenticator $handler)
146:     {
147:         $this->authenticator = $handler;
148:         return $this;
149:     }
150: 
151: 
152:     /**
153:      * Returns authentication handler.
154:      * @return IAuthenticator
155:      */
156:     public function getAuthenticator($need = TRUE)
157:     {
158:         if ($need && !$this->authenticator) {
159:             throw new Nette\InvalidStateException('Authenticator has not been set.');
160:         }
161:         return $this->authenticator;
162:     }
163: 
164: 
165:     /**
166:      * Enables log out after inactivity.
167:      * @param  string|int|DateTime number of seconds or timestamp
168:      * @param  bool  log out when the browser is closed?
169:      * @param  bool  clear the identity from persistent storage?
170:      * @return self
171:      */
172:     public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
173:     {
174:         $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
175:         $this->storage->setExpiration($time, $flags);
176:         return $this;
177:     }
178: 
179: 
180:     /**
181:      * Why was user logged out?
182:      * @return int
183:      */
184:     public function getLogoutReason()
185:     {
186:         return $this->storage->getLogoutReason();
187:     }
188: 
189: 
190:     /********************* Authorization ****************d*g**/
191: 
192: 
193:     /**
194:      * Returns a list of effective roles that a user has been granted.
195:      * @return array
196:      */
197:     public function getRoles()
198:     {
199:         if (!$this->isLoggedIn()) {
200:             return array($this->guestRole);
201:         }
202: 
203:         $identity = $this->getIdentity();
204:         return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
205:     }
206: 
207: 
208:     /**
209:      * Is a user in the specified effective role?
210:      * @param  string
211:      * @return bool
212:      */
213:     public function isInRole($role)
214:     {
215:         return in_array($role, $this->getRoles(), TRUE);
216:     }
217: 
218: 
219:     /**
220:      * Has a user effective access to the Resource?
221:      * If $resource is NULL, then the query applies to all resources.
222:      * @param  string  resource
223:      * @param  string  privilege
224:      * @return bool
225:      */
226:     public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
227:     {
228:         foreach ($this->getRoles() as $role) {
229:             if ($this->getAuthorizator()->isAllowed($role, $resource, $privilege)) {
230:                 return TRUE;
231:             }
232:         }
233: 
234:         return FALSE;
235:     }
236: 
237: 
238:     /**
239:      * Sets authorization handler.
240:      * @return self
241:      */
242:     public function setAuthorizator(IAuthorizator $handler)
243:     {
244:         $this->authorizator = $handler;
245:         return $this;
246:     }
247: 
248: 
249:     /**
250:      * Returns current authorization handler.
251:      * @return IAuthorizator
252:      */
253:     public function getAuthorizator($need = TRUE)
254:     {
255:         if ($need && !$this->authorizator) {
256:             throw new Nette\InvalidStateException('Authorizator has not been set.');
257:         }
258:         return $this->authorizator;
259:     }
260: 
261: }
262: 
Nette 2.3.8 API API documentation generated by ApiGen 2.8.0