PHP User::getAuthenticationAuthorityIndex Examples

PHP User::getAuthenticationAuthorityIndex - 7 examples found. These are the top rated real world PHP examples of User::getAuthenticationAuthorityIndex extracted from open source projects. You can rate examples to help us improve the quality of examples.
 protected function setUser(User $user)
 {
     $this->user = $user;
     $_SESSION['userID'] = $user->getUserID();
     $_SESSION['auth_userID'] = $user->getUserID();
     $_SESSION['auth'] = $user->getAuthenticationAuthorityIndex();
     $_SESSION['ping'] = time();
 }
Example #2
0
 /**
   * sets the active user
   * @param User $user
   */
 private function setUser(User $user) {
     if ($auth = $user->getAuthenticationAuthorityIndex()) {
         $this->users[$auth] = $user;
         $this->setSessionVars();
     }
 }
 public function userIsMember(User $user)
 {
     //by definition LDAP groups can only contain users from the same authority
     if ($user->getAuthenticationAuthorityIndex() == $this->getAuthenticationAuthorityIndex()) {
         if (in_array($user->getAttribute($this->AuthenticationAuthority->getField('memberuid')), $this->members)) {
             return true;
         }
     }
     return false;
 }
Example #4
0
 /**
  * Sees if the given user matches the rule
  * @param User $user a valid user object
  * @return mixed, the action if the user matches the rule or false if the rule did not match
  */
 public function evaluateForUser(User $user)
 {
     switch ($this->ruleScope) {
         case self::RULE_SCOPE_USER:
             /* if the value is all then see if the userID is set
                   this will NOT match an anonymous user 
                */
             if ($this->ruleAuthority) {
                 if ($user->getAuthenticationAuthorityIndex() == $this->ruleAuthority) {
                     /* can match either userID or email */
                     if ($this->ruleValue == self::RULE_VALUE_ALL) {
                         if ($user->getUserID()) {
                             return $this->ruleAction;
                         }
                     } else {
                         if ($user->getUserID() == $this->ruleValue || Validator::isValidEmail($this->ruleValue) && $user->getEmail() == $this->ruleValue) {
                             return $this->ruleAction;
                         }
                     }
                 }
             } elseif ($this->ruleValue == self::RULE_VALUE_ALL) {
                 if ($user->getUserID()) {
                     return $this->ruleAction;
                 }
             } else {
                 if ($user->getUserID() == $this->ruleValue || Validator::isValidEmail($this->ruleValue) && $user->getEmail() == $this->ruleValue) {
                     return $this->ruleAction;
                 }
             }
             break;
         case self::RULE_SCOPE_GROUP:
             /* Note: a group value of ALL is not valid */
             if ($authority = AuthenticationAuthority::getAuthenticationAuthority($this->ruleAuthority)) {
                 if ($group = $authority->getGroup($this->ruleValue)) {
                     /* see if the user is a member of the group */
                     if ($group->userIsMember($user)) {
                         return $this->ruleAction;
                     }
                 }
             }
             break;
         case self::RULE_SCOPE_EVERYONE:
             /* always matches */
             return $this->ruleAction;
             break;
     }
     return false;
 }
Example #5
0
 /**
  * Logs in the user
  * @param User $user
  * @return User
  */
 public function login(User $user)
 {
     Kurogo::log(LOG_NOTICE, sprintf("Logging in user %s:%s", $user->getAuthenticationAuthorityIndex(), $user->getUserID()), 'session');
     session_regenerate_id(true);
     $this->setUser($user);
     $this->setLoginCookie();
     return $user;
 }
 public function userIsMember(User $user)
 {
     $property = $this->AuthenticationAuthority->getField('group_groupmember');
     if ($this->AuthenticationAuthority->getField('groupmember_authority')) {
         $sql = sprintf("SELECT * FROM `%s` WHERE %s=? AND %s=? AND %s=?", $this->AuthenticationAuthority->getTable('groupmembers'), $this->AuthenticationAuthority->getField('groupmember_group'), $this->AuthenticationAuthority->getField('groupmember_authority'), $this->AuthenticationAuthority->getField('groupmember_user'));
         $parameters = array($this->{$property}, $user->getAuthenticationAuthorityIndex(), $user->getUserID());
     } elseif ($user->getAuthenticationAuthorityIndex() == $this->getAuthenticationAuthorityIndex()) {
         //if we don't use authorities in this database then make sure the user is from the same authority
         $sql = sprintf("SELECT * FROM `%s` WHERE %s=? AND %s=?", $this->AuthenticationAuthority->getTable('groupmembers'), $this->AuthenticationAuthority->getField('groupmember_group'), $this->AuthenticationAuthority->getField('groupmember_user'));
         $parameters = array($this->{$property}, $user->getUserID());
     } else {
         //user is from another authority
         return false;
     }
     $connection = $this->AuthenticationAuthority->connection();
     $result = $connection->query($sql, $parameters);
     if ($row = $result->fetch()) {
         return true;
     }
     return false;
 }
    /**
     * Sees if the given user matches the rule
     * @param User $user a valid user object
	 * @return mixed, the action if the user matches the rule or false if the rule did not match
     */
    public function evaluateForUser(User $user)
    {
        switch ($this->ruleType)
        {
            case self::RULE_TYPE_AUTHORITY:
                /* if the value is all then see if the userID and authority are set and it's a MATCH
                   this will NOT match an anonymous user 
                */
                if ($this->ruleValue==self::RULE_VALUE_ALL) {
                    if ($user->getUserID() && $user->getAuthenticationAuthority()) {
                        return $this->ruleAction;
                    }

                /* Otherwise see if the userID is set and the authority matches the rule value */
                } elseif ($user->getUserID() && $user->getAuthenticationAuthorityIndex()==$this->ruleValue) {
                    return $this->ruleAction;
                }
                
                break;
            case self::RULE_TYPE_USER:
                /* if the value is all then see if the userID is set
                   this will NOT match an anonymous user 
                */
                if ($this->ruleValue==self::RULE_VALUE_ALL) {
                    if ($user->getUserID()) {
                        return $this->ruleAction;
                    }
                } else { 
                    /* user values are specified as AUTHORITY|userID */
                    $values = explode("|", $this->ruleValue);
                    switch (count($values)) {
                        case 1:
                            $authority = AuthenticationAuthority::getDefaultAuthenticationAuthorityIndex();
                            $userID = $values[0];
                            break;
                        case 2:
                            $authority = $values[0];
                            $userID = $values[1];
                            break;
                    }
                    
                    /* see if the userID/email and authority match */
                    if ($user->getAuthenticationAuthorityIndex()==$authority) {
                        /* can match either userID or email */
                        if ($userID==self::RULE_VALUE_ALL) {
                            if ($user->getUserID()) {
                                return $this->ruleAction;
                            }
                        } else if ($user->getUserID()==$userID ||
                            (Validator::isValidEmail($userID) && $user->getEmail()==$userID)) { 
                            return $this->ruleAction;
                        }
                    }
                }
                break;
            case self::RULE_TYPE_GROUP:
                /* Note: a group value of ALL is not valid */

                /* group values are specified as AUTHORITY|group */
                $values = explode("|", $this->ruleValue);
                switch (count($values)) {
                    case 1:
                        $authority = AuthenticationAuthority::getDefaultAuthenticationAuthorityIndex();
                        $group = $values[0];
                        break;
                    case 2:
                        $authority = $values[0];
                        $group = $values[1];
                        break;
                }


                /* attempt to load the authority, then get the group */
                if ($authority = AuthenticationAuthority::getAuthenticationAuthority($authority)) {
                    if ($group = $authority->getGroup($group)) {

                        /* see if the user is a member of the group */
                        if ($group->userIsMember($user)) {
                            return $this->ruleAction;
                        }
                    }
                }
                
                break;
            case self::RULE_TYPE_EVERYONE:
                /* always matches */
                return $this->ruleAction;
                break;
        }
        
        return false;
    }