portal/patient/fwk/libs/verysimple/Phreeze/AuthAccount.php

   1 <?php
   2 /** @package    verysimple::Phreeze */
   3
   4 /**
   5  * import supporting libraries
   6  */
   7 require_once("Model/DAO/AccountDAO.php");
   8 require_once("verysimple/Authentication/IAuthenticatable.php");
   9
  10 // these are some generic permission settings. You should set your own in
  11 // your account object
  12 define("ACCOUNT_PERMISSION_NONE", 0);
  13 define("ACCOUNT_PERMISSION_READ", 1);
  14 define("ACCOUNT_PERMISSION_WRITE", 2);
  15 define("ACCOUNT_PERMISSION_ADMIN", 4);
  16
  17 /**
  18  *
  19  * @package verysimple::Phreeze
  20  */
  21
  22 /**
  23  * This is a sample account object that can be extended under the condition that your
  24  * account object meets the following criteria:
  25  *
  26  * The Model is name Account with the following properties/methods:
  27  * - Id (int/primary key)
  28  * - Username (string)
  29  * - Password (string)
  30  * - Modifed (datetime)
  31  * - GetRole (returns a role object with a 'Permission' property that contains a bit-wise integer)
  32  *
  33  * Extending your account object from this base class will provide the following features:
  34  * - Your class implements IAuthenticatable for use with Controller authentication
  35  * - Login method will load this object
  36  * - Password changes will be detected on save and passwords will be one-way crypted
  37  *
  38  * @package verysimple::Phreeze
  39  * @author VerySimple Inc.
  40  * @copyright 1997-2007 VerySimple, Inc.
  41  * @license http://www.gnu.org/licenses/lgpl.html LGPL
  42  * @version 2.0
  43  */
  44 class AuthAccount extends AccountDAO implements IAuthenticatable
  45 {
  46     /** @var string this is public for serialization */
  47     public $_original_password = "";
  48
  49     /**
  50      * Checks if the current user is "anonymous" meaning they have not authenticated
  51      *
  52      * @return bool true if user is anonymous
  53      */
  54     function IsAnonymous()
  55     {
  56         return (! $this->Id);
  57     }
  58     function PasswordWasChanged()
  59     {
  60         return ($this->Password != $this->_original_password && $this->Password != "");
  61     }
  62
  63     /**
  64      * Returns true if the current account has the specified permission
  65      *
  66      * @param int $permission
  67      *          a bitwise integer representing a unique permission in the application
  68      * @return bool true if the current account is authorize for the given permission
  69      */
  70     function IsAuthorized($permission)
  71     {
  72         if ($this->IsAnonymous()) {
  73             return false;
  74         }
  75
  76         return (($this->GetRole()->Permission & $permission) > 0);
  77     }
  78
  79     /**
  80      * Attempts to authenticate based on the provided username/password.
  81      * if
  82      * successful, the object is populated with data from the data store
  83      *
  84      * @param string $username
  85      * @param string $password
  86      * @return bool true if login was successful
  87      */
  88     function Login($username, $password)
  89     {
  90         // for backwards compatibility with Phreeze 2x, look in multiple places for the AccountCriteria class
  91         if (! class_exists("AccountCriteria")) {
  92             @include_once("Model/AccountCriteria.php");
  93         }
  94
  95         if (! class_exists("AccountCriteria")) {
  96             @include_once("Model/DAO/AccountCriteria.php");
  97         }
  98
  99         if (! class_exists("AccountCriteria")) {
 100             throw new Exception("Unable to locate AccountCriteria class.");
 101         }
 102
 103         if ($username == "" || $password == "") {
 104             return false;
 105         }
 106
 107         $this->_phreezer->Observe("AuthAccount.Login Searching For Matching Account...");
 108
 109         $criteria = new AccountCriteria();
 110         // set both the name and the _Equals properties for backwards compatibility
 111         if (property_exists($criteria, 'Username')) {
 112             $criteria->Username = $username;
 113         }
 114
 115         $criteria->Username_Equals = $username;
 116         if (property_exists($criteria, 'Password')) {
 117             $criteria->Password = base64_encode(crypt($password, $username));
 118         }
 119
 120         $criteria->Password_Equals = base64_encode(crypt($password, $username));
 121
 122         $ds = $this->_phreezer->Query("Account", $criteria);
 123
 124         // we have to clear the cache, this resolves an issue where logging in repeatedly
 125         // will retain the same cached child objects
 126         $this->ClearCache();
 127
 128         if ($account = $ds->Next()) {
 129             // we can't do $this = $account, so instead just clone all the properties:
 130             $this->LoadFromObject($account);
 131             $this->GetRole(); // this triggers the role to load so it will be cached
 132
 133             // we need to update the login date and count
 134                               // $this->LastLogin = date('Y-m-d H:i:s');
 135                               // $this->LoginCount++;
 136                               // $this->Save();
 137
 138             return true;
 139         } else {
 140             return false;
 141         }
 142     }
 143
 144     /**
 145      * if the password has changed since load, then we want to crypt it
 146      * otherwise we don't want to touch it because it is already crypted
 147      *
 148      * @param bool $is_insert
 149      * @return bool
 150      */
 151     function OnSave($is_insert)
 152     {
 153         // if the password has changed since load, then we want to crypt it
 154         // otherwise we don't want to touch it because it is already crypted
 155         if ($is_insert || $this->PasswordWasChanged()) {
 156             $this->_phreezer->Observe("Account-&gt;OnSave: The password has changed");
 157             $this->Password = base64_encode(crypt($this->Password, $this->Username));
 158         } else {
 159             $this->Password = $this->_original_password;
 160             $this->_phreezer->Observe("Account->OnSave: The password was not changed");
 161         }
 162
 163         // update the modified date
 164         $this->Modified = date('Y-m-d H:i:s');
 165         return true;
 166     }
 167
 168     /**
 169      * stores the original password so we can detect if it has been changed
 170      */
 171     function OnLoad()
 172     {
 173         $this->_original_password = $this->Password;
 174     }
 175
 176     /**
 177      * Updates the password for this account
 178      *
 179      * @param string $new_pass
 180      */
 181     function UpdatePassword($new_pass)
 182     {
 183         $this->_original_password = ""; // force Save to crypt the password
 184         $this->Password = $new_pass; // base64_encode(crypt($this->Password,$this->Username));
 185         $this->Save();
 186     }
 187 }