/** * Sends an identity cookie. * This method is used when [[enableAutoLogin]] is true. * It saves [[id]], [[IdentityInterface::getAuthKey()|auth key]], and the duration of cookie-based login * information in the cookie. * @param IdentityInterface $identity * @param integer $duration number of seconds that the user can remain in logged-in status. * @see loginByCookie() */ protected function sendIdentityCookie($identity, $duration) { $cookie = new Cookie($this->identityCookie); $cookie->value = json_encode([$identity->getId(), $identity->getAuthKey(), $this->getRole(), $duration], JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); $cookie->expire = time() + $duration; Yii::$app->getResponse()->getCookies()->add($cookie); }
/** * Inserts or updates RemoteUser. * @return IdentityInterface user */ public function setRemoteUser(ClientInterface $client, IdentityInterface $user) { $model = $this->getRemoteUser($client); $model->client_id = $user->getId(); $model->save(); return $user; }
/** * AssignmentModel constructor. * * @param IdentityInterface $user * @param array $config * * @throws InvalidConfigException */ public function __construct(IdentityInterface $user, $config = []) { $this->user = $user; $this->userId = $user->getId(); $this->manager = Yii::$app->authManager; if ($this->userId === null) { throw new InvalidConfigException('The "userId" property must be set.'); } parent::__construct($config); }
/** * @param array $relations list of model relations to check, supports dot notation for indirect relations * @param IdentityInterface $user if null, Yii::$app->user->identity will be used * @return bool */ public function isRelated($relations, $user = null) { /** @var \yii\db\ActiveRecord $owner */ $owner = $this->owner; if ($owner->getIsNewRecord()) { return true; } $key = sha1(serialize($relations) . $user->getId()); $token = !YII_DEBUG ? '' : $this->modelClass . ' (' . print_r($owner->getPrimaryKey(), true) . ') through ' . json_encode($relations) . ' for ' . $user->getId(); \Yii::trace('Checking access to ' . $token, 'relationAuthorizer'); if (array_key_exists($key, $this->isRelatedCache)) { return $this->isRelatedCache[$key]; } $schema = $owner->getDb()->getSchema(); $t = $schema->quoteSimpleTableName('t'); $pks = $owner->primaryKey(); $pkConditions = []; $pkParams = []; foreach ($pks as $index => $pk) { $pkConditions[$t . '.' . $schema->quoteSimpleColumnName($pk)] = ':pk' . $index; $pkParams[':pk' . $index] = $owner->{$pk}; } $pkConditions = 'ROW(' . implode(',', array_keys($pkConditions)) . ') ' . '= ROW(' . implode(',', $pkConditions) . ')'; $relationQuery = $owner->find()->getRelatedUserQuery($owner, $relations, $user, $pkConditions, $pkParams, $owner->primaryKey); if (!empty($relationQuery->where)) { $query = 'SELECT ' . $owner->getDb()->getQueryBuilder()->buildCondition($relationQuery->where, $relationQuery->params); $match = $owner->getDb()->createCommand($query, $relationQuery->params)->queryScalar(); if ($match) { \Yii::trace('Allowing access to ' . $token, 'relationAuthorizer'); return $this->isRelatedCache[$key] = true; } else { \Yii::trace('Denying access to ' . $token . ', not related ' . 'through existing relations.', 'relationAuthorizer'); return $this->isRelatedCache[$key] = false; } } // model and user has no direct or indirect relation spanning at least 1 model \Yii::trace('Denying access to ' . $token . ', no common relations found.', 'relationAuthorizer'); return $this->isRelatedCache[$key] = null; }
/** * Connects auth client with user. * * @param ClientInterface $client auth client * @param IdentityInterface $identity the user identity * @return boolean whether the auth client is connected to user */ public function connectAuthClient(ClientInterface $client, IdentityInterface $identity) { /** @var Auth $authClass */ $authClass = $this->module->authModel; /** @var Auth $auth */ $auth = $authClass::findByClient($client); if (!$auth) { $auth = $authClass::getInstance($client); } if (!$auth->user || $auth->isNewRecord) { $auth->user_id = $identity->getId(); $auth->save(); } return $auth->user_id ? true : false; }
/** * Set owner of file * @param IdentityInterface $user * @return $this */ public function setUser(IdentityInterface $user) { $this->user_id = $user->getId(); return $this; }
/** * Returns queries that contain necessary joins and condition * to select only those records which are related directly or indirectly * with the current user. * @param ActiveRecord $model must have the AuthorizerBehavior attached * @param array $relations list of model relations to check, supports dot notation for indirect relations * @param IdentityInterface $user if null, Yii::$app->user->identity will be used * @param array $baseConditions * @param array $baseParams * @return ActiveQuery[] */ public function getCompositeRelatedUserQuery($model, array $relations, $user, $baseConditions = [], $baseParams = []) { $schema = $model->getDb()->getSchema(); $userPk = array_map([$schema, 'quoteSimpleColumnName'], $user::primaryKey()); $result = []; if (count($userPk) > 1) { throw new InvalidCallException('Composite primary key in User model is not supported.'); } else { $userPk = reset($userPk); } $mainQuery = $model->find(); if (empty($mainQuery->from)) { $mainQuery->from = [$model->tableName() . ' t']; } $mainQuery->distinct = true; foreach ($relations as $relationName) { if (($pos = strpos($relationName, '.')) === false) { $relation = $model->getRelation($relationName); if (!$relation->multiple) { $query = $mainQuery; } else { $query = $model->find(); if (empty($query->from)) { $query->from = [$model->tableName() . ' t']; } } $query->innerJoinWith([$relationName => function ($query) use($relation, $relationName) { /** @var ActiveRecord $modelClass */ $modelClass = $relation->modelClass; return $query->from([$modelClass::tableName() . ' ' . $relationName]); }]); $column = $schema->quoteSimpleTableName($relationName) . '.' . $userPk; $query->orWhere($column . ' IS NOT NULL AND ' . $column . ' = :current_user_id'); $query->addParams([':current_user_id' => $user->getId()]); if ($relation->multiple) { $query->andWhere($baseConditions, $baseParams); $result[] = $query; } } else { $userRelationName = substr($relationName, $pos + 1); $relationName = substr($relationName, 0, $pos); $relation = $model->getRelation($relationName); /** @var ActiveRecord $relationModel */ $relationModel = new $relation->modelClass(); $userRelation = $relationModel->getRelation($userRelationName); $userQuery = $relationModel->find(); if (empty($userQuery->from)) { $userQuery->from = [$relationModel->tableName() . ' t']; } $userQuery->distinct(); $userQuery->select($this->quoteColumn('t', $relationModel::primaryKey(), $schema)); //$userQuery->innerJoinWith($userRelationName); $userQuery->innerJoinWith([$userRelationName => function ($query) use($userRelation, $userRelationName) { /** @var ActiveRecord $modelClass */ $modelClass = $userRelation->modelClass; return $query->from([$modelClass::tableName() . ' ' . $userRelationName]); }]); $userQuery->andWhere($schema->quoteSimpleTableName($userRelationName) . '.' . $userPk . ' = :current_user_id'); $command = $userQuery->createCommand($model->getDb()); $query = $model->find(); if (empty($query->from)) { $query->from = [$model->tableName() . ' t']; } $query->distinct(); //$query->innerJoinWith($relationName); $query->innerJoinWith([$relationName => function ($query) use($relation, $relationName) { /** @var ActiveRecord $modelClass */ $modelClass = $relation->modelClass; return $query->from([$modelClass::tableName() . ' ' . $relationName]); }]); $fk = $this->quoteColumn($relationName, $relationModel::primaryKey(), $schema); $query->orWhere('COALESCE(' . (is_array($relationModel::primaryKey()) ? 'ROW(' . $fk . ')' : $fk) . ' IN (' . $command->getSql() . '), false)'); $query->addParams([':current_user_id' => $user->getId()]); $query->andWhere($baseConditions, $baseParams); $result[] = $query; } } $mainQuery->andWhere($baseConditions, $baseParams); $result[] = $mainQuery; return $result; }