/**
* @param array $params plugin parameters for the current action
* @return null or jSelectorAct if action should change
*/
public function beforeAction($params)
{
$selector = null;
$aclok = true;
if (isset($params['jacl.right'])) {
$aclok = jAcl::check($params['jacl.right'][0], $params['jacl.right'][1]);
} elseif (isset($params['jacl.rights.and'])) {
$aclok = true;
foreach ($params['jacl.rights.and'] as $right) {
if (!jAcl::check($right[0], $right[1])) {
$aclok = false;
break;
}
}
} elseif (isset($params['jacl.rights.or'])) {
$aclok = false;
foreach ($params['jacl.rights.or'] as $right) {
if (jAcl::check($right[0], $right[1])) {
$aclok = true;
break;
}
}
}
if (!$aclok) {
if ($this->config['on_error'] == 1 || !$GLOBALS['gJCoord']->request->isAllowedResponse('jResponseRedirect')) {
throw new jException($this->config['error_message']);
} else {
$selector = new jSelectorAct($this->config['on_error_action']);
}
}
return $selector;
}
/**
* logout a user and delete the user in the php session
*/
public static function logout()
{
$config = self::_getConfig();
jEvent::notify('AuthLogout', array('login' => $_SESSION[$config['session_name']]->login));
$_SESSION[$config['session_name']] = new jAuthDummyUser();
try {
jAcl::clearCache();
} catch (Exception $e) {
}
try {
jAcl2::clearCache();
} catch (Exception $e) {
}
if (isset($config['persistant_enable']) && $config['persistant_enable']) {
if (!isset($config['persistant_cookie_name'])) {
throw new jException('jelix~auth.error.persistant.incorrectconfig', 'persistant_cookie_name, persistant_crypt_key');
}
setcookie($config['persistant_cookie_name'] . '[auth]', '', time() - 3600, $config['persistant_cookie_path']);
}
}
public function testCheck()
{
//jAcl::check($subject, $value, $resource=null)
$this->assertTrue(jAcl::check('super.cms', 'LIST'));
$this->assertTrue(jAcl::check('super.cms', 'UPDATE'));
$this->assertFalse(jAcl::check('super.cms', 'CREATE'));
$this->assertFalse(jAcl::check('super.cms', 'READ'));
$this->assertFalse(jAcl::check('super.cms', 'DELETE'));
$this->assertTrue(jAcl::check('admin.access', 'TRUE'));
$this->assertFalse(jAcl::check('admin.access', 'FALSE'));
$this->assertTrue(jAcl::check('super.cms', 'LIST', 154));
$this->assertTrue(jAcl::check('super.cms', 'UPDATE', 154));
$this->assertFalse(jAcl::check('super.cms', 'CREATE', 154));
$this->assertFalse(jAcl::check('super.cms', 'READ', 154));
$this->assertTrue(jAcl::check('super.cms', 'DELETE', 154));
// avec une ressource non repertoriée
$this->assertTrue(jAcl::check('super.cms', 'LIST', 22));
$this->assertTrue(jAcl::check('super.cms', 'UPDATE', 22));
$this->assertFalse(jAcl::check('super.cms', 'CREATE', 22));
$this->assertFalse(jAcl::check('super.cms', 'READ', 22));
$this->assertFalse(jAcl::check('super.cms', 'DELETE', 22));
$this->assertFalse(jAcl::check('foo', 'bar'));
$this->assertFalse(jAcl::check('foo', 'bar', 'baz'));
}
/**
* Delete the given subject
* @param string $subject the key of the subject
*/
public static function removeSubject($subject)
{
// supprime dans jacl_rights
// supprime dans jacl_subject
$p = jAclDb::getProfile();
$daoright = jDao::get('jelix~jaclrights', $p);
$daoright->deleteBySubject($subject);
$daosbj = jDao::get('jelix~jaclsubject', $p);
$daosbj->delete($subject);
jAcl::clearCache();
}
/**
* Delete the given subject
* @param string $subject the key of the subject
*/
public static function removeSubject($subject)
{
// delete into jacl_rights
$daoright = jDao::get('jacldb~jaclrights', 'jacl_profile');
$daoright->deleteBySubject($subject);
// delete into jacl_subject
$daosbj = jDao::get('jacldb~jaclsubject', 'jacl_profile');
$daosbj->delete($subject);
jAcl::clearCache();
}