diff options
| -rw-r--r-- | framework/Exceptions/messages.txt | 6 | ||||
| -rw-r--r-- | framework/Security/TAuthManager.php | 37 | ||||
| -rw-r--r-- | framework/Security/TUserManager.php | 188 | ||||
| -rw-r--r-- | framework/TODO.txt | 4 | ||||
| -rw-r--r-- | framework/Web/UI/TTemplateManager.php | 2 | ||||
| -rw-r--r-- | framework/Web/UI/TThemeManager.php | 6 | ||||
| -rw-r--r-- | framework/core.php | 52 |
7 files changed, 248 insertions, 47 deletions
diff --git a/framework/Exceptions/messages.txt b/framework/Exceptions/messages.txt index 8df4dde1..49160370 100644 --- a/framework/Exceptions/messages.txt +++ b/framework/Exceptions/messages.txt @@ -73,6 +73,12 @@ template_property_undefined = Property '%s.%s' configured in template is not template_property_unbindable = Property '%s.%s' configured in template cannot be bound to an expression. Only properties of controls can be bound.
template_component_required = '%s' is not a component. Only components can be configured in template.
+xmldocument_file_read_failed = TXmlDocument is unable to read file '%s'.
+xmldocument_file_write_failed = TXmlDocument is unable to write file '%s'.
+
+authorizationrule_action_invalid = TAuthorizationRule.Action can only take 'allow' or 'deny' as the value.
+authorizationrule_verb_invalid = TAuthorizationRule.Verb can only take 'get' or 'post' as the value.
+
body_contents_not_allowed = %s: body contents are not allowed.
control_id_not_unique = Control ID '%s' is not unique for control type '%s'.
control_not_found = Unable to find a control with ID '%s'.
diff --git a/framework/Security/TAuthManager.php b/framework/Security/TAuthManager.php index 5e9b188f..32b68cdd 100644 --- a/framework/Security/TAuthManager.php +++ b/framework/Security/TAuthManager.php @@ -1,9 +1,32 @@ <?php
+/**
+ * TAuthManager class file
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2005 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ */
+
+/**
+ * TAuthManager class
+ *
+ * TAuthManager performs user authentication and authorization for a Prado application.
+ *
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ * @since 3.0
+ */
+
+Prado::using('System.Security.TUserManager');
class TAuthManager extends TComponent implements IModule
{
const RETURN_URL_VAR='ReturnUrl';
- private $_guest='Guest';
private $_initialized=false;
private $_application;
private $_users=null;
@@ -41,16 +64,6 @@ class TAuthManager extends TComponent implements IModule $this->_initialized=true;
}
- public function getGuestName()
- {
- return $this->_guest;
- }
-
- public function setGuestName($value)
- {
- $this->_guest=$value;
- }
-
public function getUserManager()
{
if($this->_users instanceof TUserManager)
@@ -182,7 +195,7 @@ class TAuthManager extends TComponent implements IModule throw new TConfigurationException('authenticator_session_required');
else
{
- $userManager->logout($this->_application->getUser());
+ $userManager->switchToGuest($this->_application->getUser());
$session->destroy();
}
}
diff --git a/framework/Security/TUserManager.php b/framework/Security/TUserManager.php index efa17616..c4bcbacd 100644 --- a/framework/Security/TUserManager.php +++ b/framework/Security/TUserManager.php @@ -1,66 +1,96 @@ <?php
+/**
+ * TUser, TUserManager class
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @link http://www.pradosoft.com/
+ * @copyright Copyright © 2005 PradoSoft
+ * @license http://www.pradosoft.com/license/
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ */
/**
- * IUser interface.
+ * TUser class
*
- * This interface must be implemented by user objects.
+ * TUser implements basic user functionality for a prado application.
+ * To get the name of the user, use {@link getName Name} property.
+ * The property {@link getIsGuest IsGuest} tells if the user a guest/anonymous user.
+ * To obtain or test the roles that the user is in, use property
+ * {@link getRoles Roles} and call {@link isInRole()}, respectively.
+ *
+ * TUser is meant to be used together with {@link TUserManager} and
+ * {@link TAuthManager}.
*
* @author Qiang Xue <qiang.xue@gmail.com>
* @version $Revision: $ $Date: $
* @package System.Security
* @since 3.0
*/
-interface IUser
-{
- public function getManager();
- public function getName();
- public function setName($value);
- public function getIsGuest();
- public function setIsGuest($value);
- public function getRoles();
- public function setRoles($value);
- /**
- * @param string role to be tested
- * @return boolean whether the user is of this role
- */
- public function isInRole($role);
- public function saveToString();
- public function loadFromString($string);
-}
-
class TUser extends TComponent implements IUser
{
+ /**
+ * @var TUserManager user manager
+ */
private $_manager;
- private $_isGuest=false;
+ /**
+ * @var boolean if the user is a guest
+ */
+ private $_isGuest=true;
+ /**
+ * @var string username
+ */
private $_name='';
+ /**
+ * @var array user roles
+ */
private $_roles=array();
+ /**
+ * Constructor.
+ * @param TUserManager user manager
+ */
public function __construct($manager=null)
{
parent::__construct();
$this->_manager=$manager;
}
+ /**
+ * @return TUserManager user manager
+ */
public function getManager()
{
return $this->_manager;
}
+ /**
+ * @return string username
+ */
public function getName()
{
return $this->_name;
}
+ /**
+ * @param string username
+ */
public function setName($value)
{
$this->_name=$value;
}
+ /**
+ * @return boolean if the user is a guest
+ */
public function getIsGuest()
{
return $this->_isGuest;
}
+ /**
+ * @param boolean if the user is a guest
+ */
public function setIsGuest($value)
{
$this->_isGuest=TPropertyValue::ensureBoolean($value);
@@ -71,11 +101,17 @@ class TUser extends TComponent implements IUser }
}
+ /**
+ * @return array list of roles that the user is of
+ */
public function getRoles()
{
return $this->_roles;
}
+ /**
+ * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma
+ */
public function setRoles($value)
{
if(is_array($value))
@@ -91,6 +127,10 @@ class TUser extends TComponent implements IUser }
}
+ /**
+ * @param string role to be tested. Note, role is case-insensitive.
+ * @return boolean whether the user is of this role
+ */
public function isInRole($role)
{
foreach($this->_roles as $r)
@@ -99,11 +139,18 @@ class TUser extends TComponent implements IUser return false;
}
+ /**
+ * @return string user data that is serialized and will be stored in session
+ */
public function saveToString()
{
return serialize(array($this->_name,$this->_roles,$this->_isGuest));
}
+ /**
+ * @param string user data that is serialized and restored from session
+ * @return IUser the user object
+ */
public function loadFromString($data)
{
if(!empty($data))
@@ -117,15 +164,61 @@ class TUser extends TComponent implements IUser }
}
-
+/**
+ * TUserManager class
+ *
+ * TUserManager manages a static list of users {@link TUser}.
+ * The user information is specified via module configuration using the following XML syntax,
+ * <code>
+ * <user name="Joe" password="demo" />
+ * <user name="John" password="demo" />
+ * <role name="Administrator" users="John" />
+ * <role name="Writer" users="Joe,John" />
+ * </code>
+ *
+ * The user passwords may be specified as clear text, SH1 or MD5 hashed by setting
+ * {@link setPasswordMode PasswordMode} as <b>Clear</b>, <b>SH1</b> or <b>MD5</b>.
+ * The default name for a guest user is <b>Guest</b>. It may be changed
+ * by setting {@link setGuestName GuestName} property.
+ *
+ * TUserManager may be used together with {@link TAuthManager} which manages
+ * how users are authenticated and authorized in a Prado application.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Revision: $ $Date: $
+ * @package System.Security
+ * @since 3.0
+ */
class TUserManager extends TComponent implements IModule
{
+ /**
+ * @var string id of this module
+ */
private $_id;
+ /**
+ * @var array list of users managed by this module
+ */
private $_users=array();
+ /**
+ * @var array list of roles managed by this module
+ */
private $_roles=array();
+ /**
+ * @var string guest name
+ */
private $_guestName='Guest';
+ /**
+ * @var string password mode, Clear|MD5|SH1
+ */
private $_passwordMode='MD5';
+ /**
+ * Initializes the module.
+ * This method is required by IModule and is invoked by application.
+ * It loads user/role information from the module configuration.
+ * @param TApplication application
+ * @param TXmlElement module configuration
+ */
public function init($application,$config)
{
foreach($config->getElementsByTagName('user') as $node)
@@ -140,36 +233,60 @@ class TUserManager extends TComponent implements IModule }
}
+ /**
+ * @return string id of this module
+ */
public function getID()
{
return $this->_id;
}
+ /**
+ * @param string id of this module
+ */
public function setID($value)
{
$this->_id=$value;
}
+ /**
+ * @return string guest name, defaults to 'Guest'
+ */
public function getGuestName()
{
return $this->_guestName;
}
+ /**
+ * @param string name to be used for guest users.
+ */
public function setGuestName($value)
{
$this->_guestName=$value;
}
+ /**
+ * @return string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. Default to MD5.
+ */
public function getPasswordMode()
{
return $this->_passwordMode;
}
+ /**
+ * @param string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed.
+ */
public function setPasswordMode($value)
{
$this->_passwordMode=TPropertyValue::ensureEnum($value,array('Clear','MD5','SHA1'));
}
+ /**
+ * Validates if the username and password are correct.
+ * @param string user name
+ * @param string password
+ * @return boolean true if validation is successful, false otherwise.
+ */
public function validateUser($username,$password)
{
if($this->_passwordMode==='MD5')
@@ -180,19 +297,17 @@ class TUserManager extends TComponent implements IModule return (isset($this->_users[$username]) && $this->_users[$username]===$password);
}
- public function logout($user)
- {
- $user->setIsGuest(true);
- $user->setName($this->getGuestName());
- $user->setRoles(array());
- }
-
+ /**
+ * Returns a user instance given the user name.
+ * @param string user name, null if it is a guest.
+ * @return TUser the user instance, null if the specified username is not in the user database.
+ */
public function getUser($username=null)
{
if($username===null)
{
$user=new TUser($this);
- $user->setIsGuest($username===null);
+ $user->setIsGuest(true);
return $user;
}
else
@@ -202,6 +317,7 @@ class TUserManager extends TComponent implements IModule {
$user=new TUser($this);
$user->setName($username);
+ $user->setIsGuest(false);
if(isset($this->_roles[$username]))
$user->setRoles($this->_roles[$username]);
return $user;
@@ -210,6 +326,18 @@ class TUserManager extends TComponent implements IModule return null;
}
}
+
+ /**
+ * Sets a user as a guest.
+ * User name is changed as guest name, and roles are emptied.
+ * @param TUser the user to be changed to a guest.
+ */
+ public function switchToGuest($user)
+ {
+ $user->setIsGuest(true);
+ $user->setName($this->getGuestName());
+ $user->setRoles(array());
+ }
}
?>
\ No newline at end of file diff --git a/framework/TODO.txt b/framework/TODO.txt index 7394796d..e7d988c6 100644 --- a/framework/TODO.txt +++ b/framework/TODO.txt @@ -1,3 +1,7 @@ +how to display context information for template parsing and instantiation? File name? line number?
+how to do this for Theme (skin files)?
+how to correctly highlight source code displayed for exception context?
+
checkbox if checked, posted, unchecked and then post, it will be checked.
add application state: off, debug, normal, performance
think more about encoding/decoding
diff --git a/framework/Web/UI/TTemplateManager.php b/framework/Web/UI/TTemplateManager.php index c9a4b9da..81fb7704 100644 --- a/framework/Web/UI/TTemplateManager.php +++ b/framework/Web/UI/TTemplateManager.php @@ -32,8 +32,6 @@ * @package System.Web.UI
* @since 3.0
*/
-
-
class TTemplateManager extends TComponent implements IModule
{
/**
diff --git a/framework/Web/UI/TThemeManager.php b/framework/Web/UI/TThemeManager.php index 178cc91f..47c32a2e 100644 --- a/framework/Web/UI/TThemeManager.php +++ b/framework/Web/UI/TThemeManager.php @@ -105,7 +105,7 @@ class TThemeManager extends TComponent implements IModule }
}
-class TTheme extends TTemplate
+class TTheme extends TComponent
{
const THEME_CACHE_PREFIX='prado:theme:';
const SKIN_FILE_EXT='.skin';
@@ -171,9 +171,9 @@ class TTheme extends TTemplate }
}
closedir($dir);
+ if($cache!==null)
+ $cache->set(self::THEME_CACHE_PREFIX.$themePath,array($this->_skins,time()));
}
- if($cache!==null)
- $cache->set(self::THEME_CACHE_PREFIX.$themePath,array($this->_skins,time()));
}
public function applySkin($control)
diff --git a/framework/core.php b/framework/core.php index efaf7f86..2a4ddcbb 100644 --- a/framework/core.php +++ b/framework/core.php @@ -232,6 +232,58 @@ interface ITemplate }
/**
+ * IUser interface.
+ *
+ * This interface must be implemented by user objects.
+ *
+ * @author Qiang Xue <qiang.xue@gmail.com>
+ * @version $Revision: $ $Date: $
+ * @package System
+ * @since 3.0
+ */
+interface IUser
+{
+ /**
+ * @return string username
+ */
+ public function getName();
+ /**
+ * @param string username
+ */
+ public function setName($value);
+ /**
+ * @return boolean if the user is a guest
+ */
+ public function getIsGuest();
+ /**
+ * @param boolean if the user is a guest
+ */
+ public function setIsGuest($value);
+ /**
+ * @return array list of roles that the user is of
+ */
+ public function getRoles();
+ /**
+ * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma
+ */
+ public function setRoles($value);
+ /**
+ * @param string role to be tested
+ * @return boolean whether the user is of this role
+ */
+ public function isInRole($role);
+ /**
+ * @return string user data that is serialized and will be stored in session
+ */
+ public function saveToString();
+ /**
+ * @param string user data that is serialized and restored from session
+ * @return IUser the user object
+ */
+ public function loadFromString($string);
+}
+
+/**
* PradoBase class.
*
* PradoBase implements a few fundamental static methods.
|