Packages

  • Nette
    • Application
      • Diagnostics
      • Responses
      • Routers
      • UI
    • Caching
      • Storages
    • ComponentModel
    • Config
      • Adapters
      • Extensions
    • Database
      • Diagnostics
      • Drivers
      • Reflection
      • Table
    • DI
      • Diagnostics
    • Diagnostics
    • Forms
      • Controls
      • Rendering
    • Http
    • Iterators
    • Latte
      • Macros
    • Loaders
    • Localization
    • Mail
    • Reflection
    • Security
      • Diagnostics
    • Templating
    • Utils
      • PhpGenerator
  • NetteModule
  • none

Classes

Interfaces

Exceptions

  • Overview
  • Package
  • Class
  • Tree
  • Deprecated
  • Other releases
  • Nette homepage
  1: <?php
  2: 
  3: /**
  4:  * This file is part of the Nette Framework (https://nette.org)
  5:  * Copyright (c) 2004 David Grudl (http://davidgrudl.com)
  6:  * @package Nette\Security
  7:  */
  8: 
  9: 
 10: 
 11: /**
 12:  * User authentication and authorization.
 13:  *
 14:  * @author     David Grudl
 15:  *
 16:  * @property-read bool $loggedIn
 17:  * @property-read IIdentity $identity
 18:  * @property-read mixed $id
 19:  * @property   IAuthenticator $authenticator
 20:  * @property-read int $logoutReason
 21:  * @property-read array $roles
 22:  * @property   IAuthorizator $authorizator
 23:  * @package Nette\Security
 24:  */
 25: class NUser extends NObject
 26: {
 27:     /** @var string  default role for unauthenticated user */
 28:     public $guestRole = 'guest';
 29: 
 30:     /** @var string  default role for authenticated user without own identity */
 31:     public $authenticatedRole = 'authenticated';
 32: 
 33:     /** @var array of function(User $sender); Occurs when the user is successfully logged in */
 34:     public $onLoggedIn;
 35: 
 36:     /** @var array of function(User $sender); Occurs when the user is logged out */
 37:     public $onLoggedOut;
 38: 
 39:     /** @var IUserStorage Session storage for current user */
 40:     private $storage;
 41: 
 42:     /** @var IAuthenticator */
 43:     private $authenticator;
 44: 
 45:     /** @var IAuthorizator */
 46:     private $authorizator;
 47: 
 48:     /** @var NDIContainer */
 49:     private $context;
 50: 
 51: 
 52:     public function __construct(IUserStorage $storage, NDIContainer $context)
 53:     {
 54:         $this->storage = $storage;
 55:         $this->context = $context; // with IAuthenticator, IAuthorizator
 56:     }
 57: 
 58: 
 59:     /**
 60:      * @return IUserStorage
 61:      */
 62:     public function getStorage()
 63:     {
 64:         return $this->storage;
 65:     }
 66: 
 67: 
 68:     /********************* Authentication ****************d*g**/
 69: 
 70: 
 71:     /**
 72:      * Conducts the authentication process. Parameters are optional.
 73:      * @param  mixed optional parameter (e.g. username or IIdentity)
 74:      * @param  mixed optional parameter (e.g. password)
 75:      * @return void
 76:      * @throws NAuthenticationException if authentication was not successful
 77:      */
 78:     public function login($id = NULL, $password = NULL)
 79:     {
 80:         $this->logout(TRUE);
 81:         if (!$id instanceof IIdentity) {
 82:             $id = $this->getAuthenticator()->authenticate(func_get_args());
 83:         }
 84:         $this->storage->setIdentity($id);
 85:         $this->storage->setAuthenticated(TRUE);
 86:         $this->onLoggedIn($this);
 87:     }
 88: 
 89: 
 90:     /**
 91:      * Logs out the user from the current session.
 92:      * @param  bool  clear the identity from persistent storage?
 93:      * @return void
 94:      */
 95:     public function logout($clearIdentity = FALSE)
 96:     {
 97:         if ($this->isLoggedIn()) {
 98:             $this->onLoggedOut($this);
 99:             $this->storage->setAuthenticated(FALSE);
100:         }
101:         if ($clearIdentity) {
102:             $this->storage->setIdentity(NULL);
103:         }
104:     }
105: 
106: 
107:     /**
108:      * Is this user authenticated?
109:      * @return bool
110:      */
111:     public function isLoggedIn()
112:     {
113:         return $this->storage->isAuthenticated();
114:     }
115: 
116: 
117:     /**
118:      * Returns current user identity, if any.
119:      * @return IIdentity|NULL
120:      */
121:     public function getIdentity()
122:     {
123:         return $this->storage->getIdentity();
124:     }
125: 
126: 
127:     /**
128:      * Returns current user ID, if any.
129:      * @return mixed
130:      */
131:     public function getId()
132:     {
133:         $identity = $this->getIdentity();
134:         return $identity ? $identity->getId() : NULL;
135:     }
136: 
137: 
138:     /**
139:      * Sets authentication handler.
140:      * @return self
141:      */
142:     public function setAuthenticator(IAuthenticator $handler)
143:     {
144:         $this->authenticator = $handler;
145:         return $this;
146:     }
147: 
148: 
149:     /**
150:      * Returns authentication handler.
151:      * @return IAuthenticator
152:      */
153:     public function getAuthenticator()
154:     {
155:         return ($tmp=$this->authenticator) ? $tmp : $this->context->getByType('IAuthenticator');
156:     }
157: 
158: 
159:     /**
160:      * Enables log out after inactivity.
161:      * @param  string|int|DateTime number of seconds or timestamp
162:      * @param  bool  log out when the browser is closed?
163:      * @param  bool  clear the identity from persistent storage?
164:      * @return self
165:      */
166:     public function setExpiration($time, $whenBrowserIsClosed = TRUE, $clearIdentity = FALSE)
167:     {
168:         $flags = ($whenBrowserIsClosed ? IUserStorage::BROWSER_CLOSED : 0) | ($clearIdentity ? IUserStorage::CLEAR_IDENTITY : 0);
169:         $this->storage->setExpiration($time, $flags);
170:         return $this;
171:     }
172: 
173: 
174:     /**
175:      * Why was user logged out?
176:      * @return int
177:      */
178:     public function getLogoutReason()
179:     {
180:         return $this->storage->getLogoutReason();
181:     }
182: 
183: 
184:     /********************* Authorization ****************d*g**/
185: 
186: 
187:     /**
188:      * Returns a list of effective roles that a user has been granted.
189:      * @return array
190:      */
191:     public function getRoles()
192:     {
193:         if (!$this->isLoggedIn()) {
194:             return array($this->guestRole);
195:         }
196: 
197:         $identity = $this->getIdentity();
198:         return $identity && $identity->getRoles() ? $identity->getRoles() : array($this->authenticatedRole);
199:     }
200: 
201: 
202:     /**
203:      * Is a user in the specified effective role?
204:      * @param  string
205:      * @return bool
206:      */
207:     public function isInRole($role)
208:     {
209:         return in_array($role, $this->getRoles(), TRUE);
210:     }
211: 
212: 
213:     /**
214:      * Has a user effective access to the Resource?
215:      * If $resource is NULL, then the query applies to all resources.
216:      * @param  string  resource
217:      * @param  string  privilege
218:      * @return bool
219:      */
220:     public function isAllowed($resource = IAuthorizator::ALL, $privilege = IAuthorizator::ALL)
221:     {
222:         $authorizator = $this->getAuthorizator();
223:         foreach ($this->getRoles() as $role) {
224:             if ($authorizator->isAllowed($role, $resource, $privilege)) {
225:                 return TRUE;
226:             }
227:         }
228: 
229:         return FALSE;
230:     }
231: 
232: 
233:     /**
234:      * Sets authorization handler.
235:      * @return self
236:      */
237:     public function setAuthorizator(IAuthorizator $handler)
238:     {
239:         $this->authorizator = $handler;
240:         return $this;
241:     }
242: 
243: 
244:     /**
245:      * Returns current authorization handler.
246:      * @return IAuthorizator
247:      */
248:     public function getAuthorizator()
249:     {
250:         return ($tmp=$this->authorizator) ? $tmp : $this->context->getByType('IAuthorizator');
251:     }
252: 
253: 
254:     /********************* deprecated ****************d*g**/
255: 
256:     /** @deprecated */
257:     function setNamespace($namespace)
258:     {
259:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->setNamespace() instead.', E_USER_WARNING);
260:         $this->storage->setNamespace($namespace);
261:         return $this;
262:     }
263: 
264:     /** @deprecated */
265:     function getNamespace()
266:     {
267:         trigger_error(__METHOD__ . '() is deprecated; use getStorage()->getNamespace() instead.', E_USER_WARNING);
268:         return $this->storage->getNamespace();
269:     }
270: 
271:     /** @deprecated */
272:     function setAuthenticationHandler($v)
273:     {
274:         trigger_error(__METHOD__ . '() is deprecated; use setAuthenticator() instead.', E_USER_WARNING);
275:         return $this->setAuthenticator($v);
276:     }
277: 
278:     /** @deprecated */
279:     function setAuthorizationHandler($v)
280:     {
281:         trigger_error(__METHOD__ . '() is deprecated; use setAuthorizator() instead.', E_USER_WARNING);
282:         return $this->setAuthorizator($v);
283:     }
284: 
285: }
286:
Nette Framework 2.0.18 (for PHP 5.2, prefixed) API documentation generated by ApiGen 2.8.0