1: <?php
2:
3: 4: 5: 6:
7:
8: namespace Nette\Security;
9:
10: use Nette;
11:
12:
13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23:
24: class User
25: {
26: use Nette\SmartObject;
27:
28:
29: const MANUAL = IUserStorage::MANUAL,
30: INACTIVITY = IUserStorage::INACTIVITY,
31: BROWSER_CLOSED = IUserStorage::BROWSER_CLOSED;
32:
33:
34: public $guestRole = 'guest';
35:
36:
37: public $authenticatedRole = 'authenticated';
38:
39:
40: public $onLoggedIn;
41:
42:
43: public $onLoggedOut;
44:
45:
46: private $storage;
47:
48:
49: private $authenticator;
50:
51:
52: private $authorizator;
53:
54:
55: public function __construct(IUserStorage $storage, IAuthenticator $authenticator = NULL, IAuthorizator $authorizator = NULL)
56: {
57: $this->storage = $storage;
58: $this->authenticator = $authenticator;
59: $this->authorizator = $authorizator;
60: }
61:
62:
63: 64: 65:
66: public function getStorage()
67: {
68: return $this->storage;
69: }
70:
71:
72:
73:
74:
75: 76: 77: 78: 79: 80: 81:
82: public function login($id = NULL, $password = NULL)
83: {
84: $this->logout(TRUE);
85: if (!$id instanceof IIdentity) {
86: $id = $this->getAuthenticator()->authenticate(func_get_args());
87: }
88: $this->storage->setIdentity($id);
89: $this->storage->setAuthenticated(TRUE);
90: $this->onLoggedIn($this);
91: }
92:
93:
94: 95: 96: 97: 98:
99: public function logout($clearIdentity = FALSE)
100: {
101: if ($this->isLoggedIn()) {
102: $this->onLoggedOut($this);
103: $this->storage->setAuthenticated(FALSE);
104: }
105: if ($clearIdentity) {
106: $this->storage->setIdentity(NULL);
107: }
108: }
109:
110:
111: 112: 113: 114:
115: public function isLoggedIn()
116: {
117: return $this->storage->isAuthenticated();
118: }
119:
120:
121: 122: 123: 124:
125: public function getIdentity()
126: {
127: return $this->storage->getIdentity();
128: }
129:
130:
131: 132: 133: 134:
135: public function getId()
136: {
137: $identity = $this->getIdentity();
138: return $identity ? $identity->getId() : NULL;
139: }
140:
141:
142: 143: 144: 145:
146: public function setAuthenticator(IAuthenticator $handler)
147: {
148: $this->authenticator = $handler;
149: return $this;
150: }
151:
152:
153: 154: 155: 156:
157: public function getAuthenticator($need = TRUE)
158: {
159: if ($need && !$this->authenticator) {
160: throw new Nette\InvalidStateException('Authenticator has not been set.');
161: }
162: return $this->authenticator;
163: }
164:
165:
166: 167: 168: 169: 170: 171: 172:
173: public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
174: {
175: $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
176: $this->storage->setExpiration($time, $flags);
177: return $this;
178: }
179:
180:
181: 182: 183: 184:
185: public function getLogoutReason()
186: {
187: return $this->storage->getLogoutReason();
188: }
189:
190:
191:
192:
193:
194: 195: 196: 197:
198: public function getRoles()
199: {
200: if (!$this->isLoggedIn()) {
201: return [$this->guestRole];
202: }
203:
204: $identity = $this->getIdentity();
205: return $identity && $identity->getRoles() ? $identity->getRoles() : [$this->authenticatedRole];
206: }
207:
208:
209: 210: 211: 212: 213:
214: public function isInRole($role)
215: {
216: return in_array($role, $this->getRoles(), TRUE);
217: }
218:
219:
220: 221: 222: 223: 224: 225: 226:
227: public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
228: {
229: foreach ($this->getRoles() as $role) {
230: if ($this->getAuthorizator()->isAllowed($role, $resource, $privilege)) {
231: return TRUE;
232: }
233: }
234:
235: return FALSE;
236: }
237:
238:
239: 240: 241: 242:
243: public function setAuthorizator(IAuthorizator $handler)
244: {
245: $this->authorizator = $handler;
246: return $this;
247: }
248:
249:
250: 251: 252: 253:
254: public function getAuthorizator($need = TRUE)
255: {
256: if ($need && !$this->authorizator) {
257: throw new Nette\InvalidStateException('Authorizator has not been set.');
258: }
259: return $this->authorizator;
260: }
261:
262: }
263: