public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$env = sfContext::getInstance()->getConfiguration()->getEnvironment();
if ($env != 'test') {
$this->checkPermissions();
$this->resetPasswordCheck();
// here?
$this->checkDatabase();
$this->checkHtaccess();
$this->performTests();
}
$request = sfContext::getInstance()->getRequest();
if (!$this->isAuthenticated()) {
if ($request->getPostParameter('password') == '' && $request->getCookie($this->cookie_name) != '' && $request->getMethod() != sfRequest::POST) {
$params = array();
$params['password'] = $request->getCookie($this->cookie_name);
$form = new LoginForm($this, true, array(), array(), false);
// no csrf
$form->bind($params);
if ($form->isValid()) {
$this->setAuthenticated(true);
}
}
}
}
public function hasCredential($credential, $useAnd = true)
{
if (!$this->getPhpbbUser()) {
return false;
}
return parent::hasCredential($credential, $useAnd);
}
/**
* Initializes the sfGuardSecurityUser object.
*
* @param sfEventDispatcher $dispatcher The event dispatcher object
* @param sfStorage $storage The session storage object
* @param array $options An array of options
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if (!$this->isAuthenticated()) {
$this->user = null;
}
}
public function initialize($context, $parameters = null)
{
if (sfConfig::get('sf_timeout') == 0) {
// session will expire if window is open for a day
sfConfig::set('sf_timeout', 86400);
}
return parent::initialize($context, $parameters);
}
public function setCulture($culture)
{
if (in_array($culture, array('en', 'fr', 'nl', 'es_ES'))) {
parent::setCulture($culture);
} else {
parent::setCulture('en');
}
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$adminUserId = Doctrine::getTable('AdminUser')->find($this->getId());
if (!$adminUserId) {
$this->logout();
}
}
/**
* Init
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
// remove user if timeout
if (!$this->isAuthenticated()) {
$this->getAttributeHolder()->removeNamespace('open_auth');
$this->_user = null;
}
}
/**
* @see sfUser::setCulture()
*/
public function setCulture($culture)
{
// dummy culture is a fake language code indicating that culture setting must be
// bypassed at this point.
if ($culture == $this->dummy_culture) {
return;
}
parent::setCulture($culture);
}
public function hasCredential($credential, $useAnd = true)
{
if (!$this->getGuardUser()) {
return false;
}
if ($this->getGuardUser()->getIsSuperAdmin()) {
return true;
}
return parent::hasCredential($credential, $useAnd);
}
/**
* Returns whether or not the user has the given credential.
*
* @param string $credential The credential name
* @param boolean $useAnd Whether or not to use an AND condition
* @return boolean
*/
public function hasCredential($credential, $useAnd = true)
{
if (empty($credential)) {
return true;
}
if ($this->isSuperAdmin) {
return true;
}
return parent::hasCredential($credential, $useAnd);
}
/**
* Returns whether or not the user has the given credential.
*
* @param string $credential The credential name
* @param boolean $useAnd Whether or not to use an AND condition
* @return boolean
*/
public function hasCredential($credential, $useAnd = true)
{
if (empty($credential)) {
return true;
}
if (!$this->getGuardUser()) {
return false;
}
return parent::hasCredential($credential, $useAnd);
}
/**
* Initializes the current user.
*
* @see sfBasicSecurityUser
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$request = sfContext::getInstance()->getRequest();
$authMode = $request->getUrlParameter('authMode');
if ($authMode) {
$this->setCurrentAuthMode($authMode);
}
$this->createAuthAdapter($this->getCurrentAuthMode());
$this->initializeCredentials();
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
$request = sfContext::getInstance()->getRequest();
// check auth by api_secret and get parameters
$isAuth = md5(implode('_', array($request->getParameter('api_id'), $request->getParameter('viewer_id'), sfConfig::get('sf_vkontakte_secret_key')))) == $request->getParameter('auth_key');
$this->setAuthenticated($isAuth);
if ($isAuth) {
$this->id = $request->getParameter('viewer_id');
}
}
/**
* Initializes the current user.
*
* @see sfBasicSecurityUser
*/
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if ($this->getMemberId() && $this->isTimedOut()) {
$this->getAttributeHolder()->removeNamespace('opSecurityUser');
}
$request = sfContext::getInstance()->getRequest();
$authMode = $request->getUrlParameter('authMode');
if ($authMode) {
$this->setCurrentAuthMode($authMode);
}
$this->createAuthAdapter($this->getCurrentAuthMode());
}
/**
* Returns whether or not the user has the given credential.
*
* @param string $credential The credential name
* @param boolean $useAnd Whether or not to use an AND condition
* @return boolean
*/
public function hasCredential($credential, $useAnd = true)
{
if (empty($credential)) {
return true;
}
if (!$this->getAccount()) {
return false;
}
if ($this->getAccount()->getIsSuperAdmin()) {
return true;
}
return parent::hasCredential($credential, $useAnd);
}
/**
* Create a ncbtMenuItem element from a configuration array, or null if the item should not be visible.
*
* @static
*
* @param ncbtMenuItemConfig $config The configuration for the item.
* @param sfBasicSecurityUser $user The user to test condition and/or credential against.
*
* @return ncbtMenuItem
*/
public static function createFromConfig(ncbtMenuItemConfig $config, sfBasicSecurityUser $user)
{
if ($credentials = $config->get('credentials')) {
if (false === $user->hasCredential($credentials)) {
return;
}
}
if ($condition = $config->get('condition')) {
$condition_args = $config->get('condition_args', array());
$condition_is_met = call_user_func_array(array($user, $condition), $condition_args);
if (false === $condition_is_met) {
return;
}
}
$children = array();
foreach ($config->get('children', array()) as $key => $child) {
$child_config = new ncbtMenuItemConfig($key, $child);
$child_item = self::createFromConfig($child_config, $user);
if (null !== $child_item) {
$children[] = $child_item;
}
}
return new self($config->get('title'), $children, $config);
}
/**
* Returns whether or not inline editing should be enabled.
*
* This method can be called "in general" (no $obj passed) or answered
* for a very specific object being modified.
*
* @param Object $object The Object being edited - could be a Doctrine_Record, Doctrine_Collection
* @return boolean
*/
public function shouldShowEditor($obj = null, $forceRefresh = false)
{
$key = $obj === null ? 'generic' : spl_object_hash($obj);
if (!isset($this->_shouldShowEditor[$key]) || $forceRefresh) {
$credential = $this->getOption('admin_credential');
if ($credential) {
$shouldShow = $this->_user->hasCredential($credential);
} else {
// even if no credential were passed, still require a login at least
$shouldShow = $this->_user->isAuthenticated();
}
$event = new sfEvent($this, 'editable_content.should_show_editor', array('user' => $this->_user, 'object' => $obj));
$this->_dispatcher->filter($event, $shouldShow);
$this->_shouldShowEditor[$key] = $event->getReturnValue();
}
return $this->_shouldShowEditor[$key];
}
/**
* Returns whether or not the user has the given credential.
*
* @param string $credential The credential name
* @param boolean $useAnd Whether or not to use an AND condition
*
* @return boolean
*/
public function hasCredential($credential, $useAnd = true)
{
if (empty($credential)) {
return true;
}
if (!$this->getGuardUser()) {
return false;
}
if ($this->getGuardUser()->getIsSuperAdmin()) {
return true;
}
// Not very well.
// Used by the OcariMenu to check if a user don't have a credential
if (!is_array($credential) && 0 === strpos($credential, '!')) {
return !in_array(substr($credential, 1), $this->credentials);
}
return parent::hasCredential($credential, $useAnd);
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
// initialize parent
parent::initialize($dispatcher, $storage, $options);
// On timeout, remove *all* user credentials
if ($this->isTimedOut()) {
$this->signOut();
return;
}
if ($this->isAuthenticated()) {
$this->user = QubitUser::getById($this->getUserID());
// If this user's account has been *deleted* or this user session is from a
// different install of qubit on the same server (cross-site), then signout
// user
if (null === $this->user) {
$this->signOut();
}
}
}
/**
* Compute different sources to get the columns that must be showed
* 1) from form request 2) from session 3) from default value
* @param sfBasicSecurityUser $user the user
* @param sfForm $form The filter form with the 'col_fields' field defined
* @param bool $as_string specify if you want the return to be a string (concat of visible cols)
* @return array of fields with check or uncheck or a list of visible fields separated by |
*/
private function getVisibleColumns(sfBasicSecurityUser $user, sfForm $form, $as_string = false)
{
$flds = array('category', 'collection', 'taxon', 'type', 'gtu', 'codes', 'chrono', 'ig', 'acquisition_category', 'litho', 'lithologic', 'mineral', 'expedition', 'type', 'individual_type', 'sex', 'state', 'stage', 'social_status', 'rock_form', 'individual_count', 'part', 'object_name', 'part_status', 'building', 'floor', 'room', 'row', 'col', 'shelf', 'container', 'container_type', 'container_storage', 'sub_container', 'sub_container_type', 'sub_container_storage', 'specimen_count', 'part_codes', 'loans');
$flds = array_fill_keys($flds, 'uncheck');
if ($form->isBound() && $form->getValue('col_fields') != "") {
$req_fields = $form->getValue('col_fields');
$req_fields_array = explode('|', $req_fields);
} else {
$req_fields_array = $user->fetchVisibleCols();
}
if (empty($req_fields_array)) {
$req_fields_array = explode('|', $form->getDefault('col_fields'));
}
if ($as_string) {
return implode('|', $req_fields_array);
}
foreach ($req_fields_array as $k => $val) {
$flds[$val] = 'check';
}
return $flds;
}
public function shutdown()
{
$this->storage->write(self::SITE_IDENTIFIER_NAMESPACE, $this->generateSiteIdentifier());
parent::shutdown();
}
public function shutdown()
{
$this->storage->write(self::SUPER_ADMIN_NAMESPACE, $this->isSuperAdmin);
parent::shutdown();
}
public function hasCredential($credential, $useAnd = true)
{
if (!$this->getGuardUser()) {
return false;
}
if ($this->getGuardUser()->getIsSuperAdmin()) {
return true;
}
if (!is_array($credential)) {
$credentialParts = explode('/', $credential);
if (1 == count($credentialParts)) {
$credentialParts = array(self::CREDENTIAL_GLOBAL_NAMESPACE, $credentialParts[0]);
}
if (self::CREDENTIAL_GLOBAL_NAMESPACE == $credentialParts[0]) {
$table = Doctrine::getTable('sfObjectGuardUserGroup');
} else {
$table = $this->getTableOfCredential($credentialParts[0]);
}
if (!is_null($table)) {
if (!$this->isCredentialsLoadedForTable($table)) {
$this->loadCredentialsForTable($table);
}
if (3 == count($credentialParts)) {
$ownerCredential = $credentialParts[0] . '/' . $credentialParts[1] . '/owner';
if (in_array($ownerCredential, $this->getCredentials())) {
return true;
}
}
} else {
throw new sfException(sprintf('The model "%s" not found', $credentialParts[0]));
}
}
return parent::hasCredential($credential, $useAnd);
}
// admin and (user or subscriber)
$t->is($user->hasCredential(array(array('admin', array('user', 'subscriber')))), true);
$user->addCredentials(array('superadmin1', 'subscriber1'));
$t->is($user->hasCredential('subscriber1'), true);
$t->is($user->hasCredential('superadmin1'), true);
// admin and (user or subscriber) and (superadmin1 or subscriber1)
$t->is($user->hasCredential(array(array('admin', array('user', 'subscriber'), array('superadmin1', 'subscriber1')))), true);
// numerical credentials
$user->clearCredentials();
$user->addCredentials(array('1', 2));
$t->is($user->hasCredential(1), true, '->hasCrendential() supports numerical credentials');
$t->is($user->hasCredential('2'), true, '->hasCrendential() supports numerical credentials');
$t->is($user->hasCredential(array('1', 2)), true, '->hasCrendential() supports numerical credentials');
$t->is($user->hasCredential(array(1, '2')), true, '->hasCrendential() supports numerical credentials');
// ->removeCredential()
$t->diag('->removeCredential()');
$user->removeCredential('user');
$t->is($user->hasCredential('user'), false);
// ->clearCredentials()
$t->diag('->clearCredentials()');
$user->clearCredentials();
$t->is($user->hasCredential('subscriber'), false);
$t->is($user->hasCredential('superadmin'), false);
// timeout
$user->setAuthenticated(true);
$user->shutdown();
$user = new sfBasicSecurityUser($dispatcher, $storage, array('timeout' => 0));
$t->is($user->isTimedOut(), true, '->initialize() times out the user if no request made for a long time');
$user = new sfBasicSecurityUser($dispatcher, $storage, array('timeout' => false));
$t->is($user->isTimedOut(), false, '->initialize() takes a timeout parameter which can be false to disable session timeout');
sfToolkit::clearDirectory($sessionPath);
$user->initialize($context);
// ->listCredentials()
$t->diag('->listCredentials()');
$user->clearCredentials();
$user->addCredential('user');
$t->is($user->listCredentials(), array('user'), '->listCredentials() returns user credentials as an array');
// ->setAuthenticated() ->isAuthenticated()
$t->diag('->setAuthenticated() ->isAuthenticated()');
$t->is($user->isAuthenticated(), false, '->isAuthenticated() returns false by default');
$user->setAuthenticated(true);
$t->is($user->isAuthenticated(), true, '->isAuthenticated() returns true if the user is authenticated');
$user->setAuthenticated(false);
$t->is($user->isAuthenticated(), false, '->setAuthenticated() accepts a boolean as its first parameter');
// ->setTimedOut() ->getTimedOut()
sfConfig::set('sf_timeout', 86400);
$user = new sfBasicSecurityUser();
$user->initialize($context);
$t->diag('->setTimedOut() ->isTimedOut()');
$t->is($user->isTimedOut(), false, '->isTimedOut() returns false if the session is not timed out');
$user->setTimedOut();
$t->is($user->isTimedOut(), true, '->isTimedOut() returns true if the session is timed out');
// ->hasCredential()
$t->diag('->hasCredential()');
$user->clearCredentials();
$t->is($user->hasCredential('admin'), false, '->hasCredential() returns false if user has not the credential');
$user->addCredential('admin');
$t->is($user->hasCredential('admin'), true, '->addCredential() takes a credential as its first argument');
// admin AND user
$t->is($user->hasCredential(array('admin', 'user')), false, '->hasCredential() can takes an array of credential as a parameter');
// admin OR user
$t->is($user->hasCredential(array(array('admin', 'user'))), true, '->hasCredential() can takes an array of credential as a parameter');
/**
* Cette fonction est appelée lorsque la requête a été traitée
* On serialise a ce moment là le profil afin de le stocker dans la session
*
* @see sfBasicSecurityUser.shutdown()
*/
public function shutdown()
{
if ($this->profile !== null) {
$this->setAttribute('profile', serialize($this->profile), self::SESSION_NAMESPACE);
}
parent::shutdown();
}
public function initialize(sfEventDispatcher $dispatcher, sfStorage $storage, $options = array())
{
parent::initialize($dispatcher, $storage, $options);
if ($this->isTimedOut()) {
$authService = new AuthenticationService();
$authService->clearCredentials();
$_SESSION = array();
}
}
