AuthUser Class Reference
[Security]

AuthUser provides a storage and methods for user data used for authentication/authorization purposes. This class requires php >= 4.1.0. More...

Inheritance diagram for AuthUser:

[legend]


Public Member Functions
	login ($login, $password, $isPasswordEncrypted=false)
	addPolicies ($policies)
	authorize ($actionKey)
	matchRoles ($val)
	parsePolicy ($val)
	setDefaultPolicy ($val)
	getLoginTime ()
	toString ()
	setLogin ($login)
	getLogin ()
	setPassword ($password)
	getPassword ()
	setName ($name)
	getName ()
	setFirstname ($firstname)
	getFirstname ()
	setConfig ($config)
	getConfig ()
	addRole ($rolename)
	removeRole ($rolename)
	hasRole ($rolename)
	getRoles ()
	getClassDefinitionFiles ()
	loadFromSession ()
Data Fields
	$_login_time = ""
	$_policies = array()
	$_defaulPolicy = true
	$_user = null

Detailed Description

AuthUser provides a storage and methods for user data used for authentication/authorization purposes. This class requires php >= 4.1.0.

Licensed under the terms of any of the following licenses at your choice:

GNU Lesser General Public License (LGPL) http://www.gnu.org/licenses/lgpl.html
Eclipse Public License (EPL) http://www.eclipse.org/org/documents/epl-v10.php

See the license.txt file distributed with this work for additional information.

Id: class.AuthUser.php 929 2009-02-22 23:20:49Z iherwig

Author:: ingo herwig <ingo@wemove.com>

Definition at line 34 of file class.AuthUser.php.

Member Function Documentation

login	(	$	login,
		$	password,
		$	isPasswordEncrypted = `false`
	)

Log a user into the application.

Parameters:

	login	The login string of the user
	password	The password string of the user
	isPasswordEncrypted	True/False wether the password is encrypted or not [default: false]

Returns:: True/False whether login succeeded.

Reimplemented in AnonymousUser.

Definition at line 48 of file class.AuthUser.php.

References $GLOBALS, addPolicies(), UserManager::encryptPassword(), getConfig(), PersistenceFacade::getInstance(), RightsManager::getInstance(), InifileParser::getInstance(), UserManager::getUserClassName(), PersistentObject::setOID(), and WCMFException::throwEx().

Here is the call graph for this function:

addPolicies ( $ policies )

Adds one ore more policies to the policy repository of the user.

Parameters:

policies

An associative array with the policy information (key=action, value=policy string).

Note:: A policy string looks like this "+*, -guest, +admin"

Definition at line 106 of file class.AuthUser.php.

References parsePolicy().

Referenced by login().

Here is the call graph for this function:

authorize ( $ actionKey )

Checks, if the user is authorized for this action. Returns defaulPolicy if action key is not defined.

Parameters:

actionKey

An action key string

Returns:: True/False whether authorization succeeded

Definition at line 124 of file class.AuthUser.php.

References matchRoles().

Here is the call graph for this function:

matchRoles ( $ val )

Matches the roles of the user and the roles for a certain key

Parameters:

val

An array containing policy information as an associative array with the keys ('default', 'allow', 'deny'). Where 'allow', 'deny' are arrays itselves holding roles. 'allow' overwrites 'deny' overwrites 'default'

Returns:: True/False whether the user has access right according to this policy.

Definition at line 141 of file class.AuthUser.php.

References hasRole().

Referenced by authorize().

Here is the call graph for this function:

parsePolicy ( $ val )

Parse an policy string and returns an associative array with the keys ('default', 'allow', 'deny'). Where 'allow', 'deny' are arrays itselves holding roles. 'deny' overwrites 'allow' overwrites 'default'

Parameters:

val

An role string (+*, +admin, -guest, entries without '+' or '-' prefix default to allow rules).