Add RememberMe feature and authentications history

author: Frédéric Guillot <fguillot@users.noreply.github.com> 2014-04-19 22:12:12 -0400
committer: Frédéric Guillot <fguillot@users.noreply.github.com> 2014-04-19 22:12:12 -0400
commit: a04ecbde778decfdea7200806a6b1144861ae05f (patch)
tree: e4670e3013734d9c7bd201f5d6ef1fbaae13d3b5 /models/acl.php
parent: 5aacb6a76351889a6ec5ed01c8e80f139c2b2027 (diff)
1 files changed, 99 insertions, 12 deletions
diff --git a/models/acl.php b/models/acl.php
index ea7dd5cb..c8a39ee4 100644
--- a/models/acl.php
+++ b/models/acl.php
@@ -4,16 +4,32 @@ namespace Model;
 
 require_once __DIR__.'/base.php';
 
+/**
+ * Acl model
+ *
+ * @package  model
+ * @author   Frederic Guillot
+ */
 class Acl extends Base
 {
-    // Controllers and actions allowed from outside
+    /**
+     * Controllers and actions allowed from outside
+     *
+     * @access private
+     * @var array
+     */
     private $public_actions = array(
         'user' => array('login', 'check'),
         'task' => array('add'),
         'board' => array('readonly'),
     );
 
-    // Controllers and actions allowed for regular users
+    /**
+     * Controllers and actions allowed for regular users
+     *
+     * @access private
+     * @var array
+     */
     private $user_actions = array(
         'app' => array('index'),
         'board' => array('index', 'show', 'assign', 'assigntask', 'save'),
@@ -21,10 +37,18 @@ class Acl extends Base
         'task' => array('show', 'create', 'save', 'edit', 'update', 'close', 'confirmclose', 'open', 'confirmopen', 'description', 'duplicate'),
         'comment' => array('save', 'confirm', 'remove', 'update', 'edit'),
         'user' => array('index', 'edit', 'update', 'forbidden', 'logout', 'index'),
-        'config' => array('index'),
+        'config' => array('index', 'removeremembermetoken'),
     );
 
-    // Return true if the specified controller/action is allowed according to the given acl
+    /**
+     * Return true if the specified controller/action is allowed according to the given acl
+     *
+     * @access public
+     * @param  array    $acl          Acl list
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
     public function isAllowedAction(array $acl, $controller, $action)
     {
         if (isset($acl[$controller])) {
@@ -34,37 +58,100 @@ class Acl extends Base
         return false;
     }
 
-    // Return true if the given action is public
+    /**
+     * Return true if the given action is public
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
     public function isPublicAction($controller, $action)
     {
         return $this->isAllowedAction($this->public_actions, $controller, $action);
     }
 
-    // Return true if the given action is allowed for a regular user
+    /**
+     * Return true if the given action is allowed for a regular user
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
     public function isUserAction($controller, $action)
     {
         return $this->isAllowedAction($this->user_actions, $controller, $action);
     }
 
-    // Return true if the logged user is admin
+    /**
+     * Return true if the logged user is admin
+     *
+     * @access public
+     * @return bool
+     */
     public function isAdminUser()
     {
-        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === '1';
+        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === true;
     }
 
-    // Return true if the logged user is not admin
+    /**
+     * Return true if the logged user is not admin
+     *
+     * @access public
+     * @return bool
+     */
     public function isRegularUser()
     {
-        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === '0';
+        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === false;
     }
 
-    // Get the connected user id
+    /**
+     * Get the connected user id
+     *
+     * @access public
+     * @return bool
+     */
     public function getUserId()
     {
         return isset($_SESSION['user']['id']) ? (int) $_SESSION['user']['id'] : 0;
     }
 
-    // Check if an action is allowed for the logged user
+    /**
+     * Check is the user is connected
+     *
+     * @access public
+     * @return bool
+     */
+    public function isLogged()
+    {
+        return ! empty($_SESSION['user']);
+    }
+
+    /**
+     * Check is the user was authenticated with the RememberMe or set the value
+     *
+     * @access public
+     * @param  bool   $value   Set true if the user use the RememberMe
+     * @return bool
+     */
+    public function isRememberMe($value = null)
+    {
+        if ($value !== null) {
+            $_SESSION['is_remember_me'] = $value;
+        }
+
+        return empty($_SESSION['is_remember_me']) ? false : $_SESSION['is_remember_me'];
+    }
+
+    /**
+     * Check if an action is allowed for the logged user
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
     public function isPageAccessAllowed($controller, $action)
     {
         return $this->isPublicAction($controller, $action) ||
author	Frédéric Guillot <fguillot@users.noreply.github.com>	2014-04-19 22:12:12 -0400
committer	Frédéric Guillot <fguillot@users.noreply.github.com>	2014-04-19 22:12:12 -0400
commit	a04ecbde778decfdea7200806a6b1144861ae05f (patch)
tree	e4670e3013734d9c7bd201f5d6ef1fbaae13d3b5 /models/acl.php
parent	5aacb6a76351889a6ec5ed01c8e80f139c2b2027 (diff)