예제 #1
0
파일: Access.php 프로젝트: nnnnathann/piwik
 /**
  * Loads the access levels for the current user.
  *
  * Calls the authentication method to try to log the user in the system.
  * If the user credentials are not correct we don't load anything.
  * If the login/password is correct the user is either the SuperUser or a normal user.
  * We load the access levels for this user for all the websites.
  *
  * @param null|Piwik_Auth  $auth  Auth adapter
  * @return bool  true on success, false if reloading access failed (when auth object wasn't specified and user is not enforced to be Super User)
  */
 public function reloadAccess(Piwik_Auth $auth = null)
 {
     if (!is_null($auth)) {
         $this->auth = $auth;
     }
     // if the Piwik_Auth wasn't set, we may be in the special case of setSuperUser(), otherwise we fail
     if (is_null($this->auth)) {
         if ($this->isSuperUser()) {
             return $this->reloadAccessSuperUser();
         }
         return false;
     }
     // access = array ( idsite => accessIdSite, idsite2 => accessIdSite2)
     $result = $this->auth->authenticate();
     if (!$result->isValid()) {
         return false;
     }
     $this->login = $result->getIdentity();
     $this->token_auth = $result->getTokenAuth();
     // case the superUser is logged in
     if ($result->getCode() == Piwik_Auth_Result::SUCCESS_SUPERUSER_AUTH_CODE) {
         return $this->reloadAccessSuperUser();
     }
     // in case multiple calls to API using different tokens, we ensure we reset it as not SU
     $this->setSuperUser(false);
     // we join with site in case there are rows in access for an idsite that doesn't exist anymore
     // (backward compatibility ; before we deleted the site without deleting rows in _access table)
     $accessRaw = self::getRawSitesWithSomeViewAccess($this->login);
     foreach ($accessRaw as $access) {
         $this->idsitesByAccess[$access['access']][] = $access['idsite'];
     }
     return true;
 }
예제 #2
0
 /**
  * Loads the access levels for the current user.
  *
  * Calls the authentication method to try to log the user in the system.
  * If the user credentials are not correct we don't load anything.
  * If the login/password is correct the user is either the SuperUser or a normal user.
  * We load the access levels for this user for all the websites.
  * 
  * @return true on success, false if reloading access failed (when auth object wasn't specified and user is not enforced to be Super User)
  */
 public function reloadAccess(Piwik_Auth $auth = null)
 {
     if (!is_null($auth)) {
         $this->auth = $auth;
     }
     // if the Piwik_Auth wasn't set, we may be in the special case of setSuperUser(), otherwise we fail
     if (is_null($this->auth)) {
         if ($this->isSuperUser()) {
             return $this->reloadAccessSuperUser();
         }
         return false;
     }
     // access = array ( idsite => accessIdSite, idsite2 => accessIdSite2)
     $result = $this->auth->authenticate();
     if (!$result->isValid()) {
         return false;
     }
     $this->login = $result->getIdentity();
     $this->token_auth = $result->getTokenAuth();
     // case the superUser is logged in
     if ($result->getCode() == Piwik_Auth_Result::SUCCESS_SUPERUSER_AUTH_CODE) {
         return $this->reloadAccessSuperUser();
     }
     // case valid authentification (normal user logged in)
     // we join with site in case there are rows in access for an idsite that doesn't exist anymore
     // (backward compatibility ; before we deleted the site without deleting rows in _access table)
     $accessRaw = Piwik_FetchAll("SELECT access, t2.idsite\n\t\t\t\t\t\t  FROM " . Piwik::prefixTable('access') . " as t1 \n\t\t\t\t\t\t\tJOIN " . Piwik::prefixTable('site') . " as t2 USING (idsite) " . " WHERE login = ?", $this->login);
     foreach ($accessRaw as $access) {
         $this->idsitesByAccess[$access['access']][] = $access['idsite'];
     }
     return true;
 }