From 4767317d3dcc4316609154287b643eb85afbd9e2 Mon Sep 17 00:00:00 2001 From: xue <> Date: Sun, 20 Nov 2005 14:15:37 +0000 Subject: --- framework/Exceptions/messages.txt | 6 ++ framework/Security/TAuthManager.php | 37 ++++--- framework/Security/TUserManager.php | 188 ++++++++++++++++++++++++++++------ framework/TODO.txt | 4 + framework/Web/UI/TTemplateManager.php | 2 - framework/Web/UI/TThemeManager.php | 6 +- framework/core.php | 52 ++++++++++ 7 files changed, 248 insertions(+), 47 deletions(-) (limited to 'framework') diff --git a/framework/Exceptions/messages.txt b/framework/Exceptions/messages.txt index 8df4dde1..49160370 100644 --- a/framework/Exceptions/messages.txt +++ b/framework/Exceptions/messages.txt @@ -73,6 +73,12 @@ template_property_undefined = Property '%s.%s' configured in template is not template_property_unbindable = Property '%s.%s' configured in template cannot be bound to an expression. Only properties of controls can be bound. template_component_required = '%s' is not a component. Only components can be configured in template. +xmldocument_file_read_failed = TXmlDocument is unable to read file '%s'. +xmldocument_file_write_failed = TXmlDocument is unable to write file '%s'. + +authorizationrule_action_invalid = TAuthorizationRule.Action can only take 'allow' or 'deny' as the value. +authorizationrule_verb_invalid = TAuthorizationRule.Verb can only take 'get' or 'post' as the value. + body_contents_not_allowed = %s: body contents are not allowed. control_id_not_unique = Control ID '%s' is not unique for control type '%s'. control_not_found = Unable to find a control with ID '%s'. diff --git a/framework/Security/TAuthManager.php b/framework/Security/TAuthManager.php index 5e9b188f..32b68cdd 100644 --- a/framework/Security/TAuthManager.php +++ b/framework/Security/TAuthManager.php @@ -1,9 +1,32 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2005 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + * @package System.Security + */ + +/** + * TAuthManager class + * + * TAuthManager performs user authentication and authorization for a Prado application. + * + * + * @author Qiang Xue + * @version $Revision: $ $Date: $ + * @package System.Security + * @since 3.0 + */ + +Prado::using('System.Security.TUserManager'); class TAuthManager extends TComponent implements IModule { const RETURN_URL_VAR='ReturnUrl'; - private $_guest='Guest'; private $_initialized=false; private $_application; private $_users=null; @@ -41,16 +64,6 @@ class TAuthManager extends TComponent implements IModule $this->_initialized=true; } - public function getGuestName() - { - return $this->_guest; - } - - public function setGuestName($value) - { - $this->_guest=$value; - } - public function getUserManager() { if($this->_users instanceof TUserManager) @@ -182,7 +195,7 @@ class TAuthManager extends TComponent implements IModule throw new TConfigurationException('authenticator_session_required'); else { - $userManager->logout($this->_application->getUser()); + $userManager->switchToGuest($this->_application->getUser()); $session->destroy(); } } diff --git a/framework/Security/TUserManager.php b/framework/Security/TUserManager.php index efa17616..c4bcbacd 100644 --- a/framework/Security/TUserManager.php +++ b/framework/Security/TUserManager.php @@ -1,66 +1,96 @@ + * @link http://www.pradosoft.com/ + * @copyright Copyright © 2005 PradoSoft + * @license http://www.pradosoft.com/license/ + * @version $Revision: $ $Date: $ + * @package System.Security + */ /** - * IUser interface. + * TUser class * - * This interface must be implemented by user objects. + * TUser implements basic user functionality for a prado application. + * To get the name of the user, use {@link getName Name} property. + * The property {@link getIsGuest IsGuest} tells if the user a guest/anonymous user. + * To obtain or test the roles that the user is in, use property + * {@link getRoles Roles} and call {@link isInRole()}, respectively. + * + * TUser is meant to be used together with {@link TUserManager} and + * {@link TAuthManager}. * * @author Qiang Xue * @version $Revision: $ $Date: $ * @package System.Security * @since 3.0 */ -interface IUser -{ - public function getManager(); - public function getName(); - public function setName($value); - public function getIsGuest(); - public function setIsGuest($value); - public function getRoles(); - public function setRoles($value); - /** - * @param string role to be tested - * @return boolean whether the user is of this role - */ - public function isInRole($role); - public function saveToString(); - public function loadFromString($string); -} - class TUser extends TComponent implements IUser { + /** + * @var TUserManager user manager + */ private $_manager; - private $_isGuest=false; + /** + * @var boolean if the user is a guest + */ + private $_isGuest=true; + /** + * @var string username + */ private $_name=''; + /** + * @var array user roles + */ private $_roles=array(); + /** + * Constructor. + * @param TUserManager user manager + */ public function __construct($manager=null) { parent::__construct(); $this->_manager=$manager; } + /** + * @return TUserManager user manager + */ public function getManager() { return $this->_manager; } + /** + * @return string username + */ public function getName() { return $this->_name; } + /** + * @param string username + */ public function setName($value) { $this->_name=$value; } + /** + * @return boolean if the user is a guest + */ public function getIsGuest() { return $this->_isGuest; } + /** + * @param boolean if the user is a guest + */ public function setIsGuest($value) { $this->_isGuest=TPropertyValue::ensureBoolean($value); @@ -71,11 +101,17 @@ class TUser extends TComponent implements IUser } } + /** + * @return array list of roles that the user is of + */ public function getRoles() { return $this->_roles; } + /** + * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma + */ public function setRoles($value) { if(is_array($value)) @@ -91,6 +127,10 @@ class TUser extends TComponent implements IUser } } + /** + * @param string role to be tested. Note, role is case-insensitive. + * @return boolean whether the user is of this role + */ public function isInRole($role) { foreach($this->_roles as $r) @@ -99,11 +139,18 @@ class TUser extends TComponent implements IUser return false; } + /** + * @return string user data that is serialized and will be stored in session + */ public function saveToString() { return serialize(array($this->_name,$this->_roles,$this->_isGuest)); } + /** + * @param string user data that is serialized and restored from session + * @return IUser the user object + */ public function loadFromString($data) { if(!empty($data)) @@ -117,15 +164,61 @@ class TUser extends TComponent implements IUser } } - +/** + * TUserManager class + * + * TUserManager manages a static list of users {@link TUser}. + * The user information is specified via module configuration using the following XML syntax, + * + * + * + * + * + * + * + * The user passwords may be specified as clear text, SH1 or MD5 hashed by setting + * {@link setPasswordMode PasswordMode} as Clear, SH1 or MD5. + * The default name for a guest user is Guest. It may be changed + * by setting {@link setGuestName GuestName} property. + * + * TUserManager may be used together with {@link TAuthManager} which manages + * how users are authenticated and authorized in a Prado application. + * + * @author Qiang Xue + * @version $Revision: $ $Date: $ + * @package System.Security + * @since 3.0 + */ class TUserManager extends TComponent implements IModule { + /** + * @var string id of this module + */ private $_id; + /** + * @var array list of users managed by this module + */ private $_users=array(); + /** + * @var array list of roles managed by this module + */ private $_roles=array(); + /** + * @var string guest name + */ private $_guestName='Guest'; + /** + * @var string password mode, Clear|MD5|SH1 + */ private $_passwordMode='MD5'; + /** + * Initializes the module. + * This method is required by IModule and is invoked by application. + * It loads user/role information from the module configuration. + * @param TApplication application + * @param TXmlElement module configuration + */ public function init($application,$config) { foreach($config->getElementsByTagName('user') as $node) @@ -140,36 +233,60 @@ class TUserManager extends TComponent implements IModule } } + /** + * @return string id of this module + */ public function getID() { return $this->_id; } + /** + * @param string id of this module + */ public function setID($value) { $this->_id=$value; } + /** + * @return string guest name, defaults to 'Guest' + */ public function getGuestName() { return $this->_guestName; } + /** + * @param string name to be used for guest users. + */ public function setGuestName($value) { $this->_guestName=$value; } + /** + * @return string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. Default to MD5. + */ public function getPasswordMode() { return $this->_passwordMode; } + /** + * @param string (Clear|MD5|SH1) how password is stored, clear text, or MD5 or SH1 hashed. + */ public function setPasswordMode($value) { $this->_passwordMode=TPropertyValue::ensureEnum($value,array('Clear','MD5','SHA1')); } + /** + * Validates if the username and password are correct. + * @param string user name + * @param string password + * @return boolean true if validation is successful, false otherwise. + */ public function validateUser($username,$password) { if($this->_passwordMode==='MD5') @@ -180,19 +297,17 @@ class TUserManager extends TComponent implements IModule return (isset($this->_users[$username]) && $this->_users[$username]===$password); } - public function logout($user) - { - $user->setIsGuest(true); - $user->setName($this->getGuestName()); - $user->setRoles(array()); - } - + /** + * Returns a user instance given the user name. + * @param string user name, null if it is a guest. + * @return TUser the user instance, null if the specified username is not in the user database. + */ public function getUser($username=null) { if($username===null) { $user=new TUser($this); - $user->setIsGuest($username===null); + $user->setIsGuest(true); return $user; } else @@ -202,6 +317,7 @@ class TUserManager extends TComponent implements IModule { $user=new TUser($this); $user->setName($username); + $user->setIsGuest(false); if(isset($this->_roles[$username])) $user->setRoles($this->_roles[$username]); return $user; @@ -210,6 +326,18 @@ class TUserManager extends TComponent implements IModule return null; } } + + /** + * Sets a user as a guest. + * User name is changed as guest name, and roles are emptied. + * @param TUser the user to be changed to a guest. + */ + public function switchToGuest($user) + { + $user->setIsGuest(true); + $user->setName($this->getGuestName()); + $user->setRoles(array()); + } } ?> \ No newline at end of file diff --git a/framework/TODO.txt b/framework/TODO.txt index 7394796d..e7d988c6 100644 --- a/framework/TODO.txt +++ b/framework/TODO.txt @@ -1,3 +1,7 @@ +how to display context information for template parsing and instantiation? File name? line number? +how to do this for Theme (skin files)? +how to correctly highlight source code displayed for exception context? + checkbox if checked, posted, unchecked and then post, it will be checked. add application state: off, debug, normal, performance think more about encoding/decoding diff --git a/framework/Web/UI/TTemplateManager.php b/framework/Web/UI/TTemplateManager.php index c9a4b9da..81fb7704 100644 --- a/framework/Web/UI/TTemplateManager.php +++ b/framework/Web/UI/TTemplateManager.php @@ -32,8 +32,6 @@ * @package System.Web.UI * @since 3.0 */ - - class TTemplateManager extends TComponent implements IModule { /** diff --git a/framework/Web/UI/TThemeManager.php b/framework/Web/UI/TThemeManager.php index 178cc91f..47c32a2e 100644 --- a/framework/Web/UI/TThemeManager.php +++ b/framework/Web/UI/TThemeManager.php @@ -105,7 +105,7 @@ class TThemeManager extends TComponent implements IModule } } -class TTheme extends TTemplate +class TTheme extends TComponent { const THEME_CACHE_PREFIX='prado:theme:'; const SKIN_FILE_EXT='.skin'; @@ -171,9 +171,9 @@ class TTheme extends TTemplate } } closedir($dir); + if($cache!==null) + $cache->set(self::THEME_CACHE_PREFIX.$themePath,array($this->_skins,time())); } - if($cache!==null) - $cache->set(self::THEME_CACHE_PREFIX.$themePath,array($this->_skins,time())); } public function applySkin($control) diff --git a/framework/core.php b/framework/core.php index efaf7f86..2a4ddcbb 100644 --- a/framework/core.php +++ b/framework/core.php @@ -231,6 +231,58 @@ interface ITemplate public function instantiateIn($parent); } +/** + * IUser interface. + * + * This interface must be implemented by user objects. + * + * @author Qiang Xue + * @version $Revision: $ $Date: $ + * @package System + * @since 3.0 + */ +interface IUser +{ + /** + * @return string username + */ + public function getName(); + /** + * @param string username + */ + public function setName($value); + /** + * @return boolean if the user is a guest + */ + public function getIsGuest(); + /** + * @param boolean if the user is a guest + */ + public function setIsGuest($value); + /** + * @return array list of roles that the user is of + */ + public function getRoles(); + /** + * @return array|string list of roles that the user is of. If it is a string, roles are assumed by separated by comma + */ + public function setRoles($value); + /** + * @param string role to be tested + * @return boolean whether the user is of this role + */ + public function isInRole($role); + /** + * @return string user data that is serialized and will be stored in session + */ + public function saveToString(); + /** + * @param string user data that is serialized and restored from session + * @return IUser the user object + */ + public function loadFromString($string); +} + /** * PradoBase class. * -- cgit v1.2.3