pclib  2.3.2
Lightweight PHP framework
Public Member Functions | Data Fields
AuthManager Class Reference

Auth entities (users,roles,rights) management. More...

Inheritance diagram for AuthManager:
AuthBase BaseObject

Public Member Functions

 sname ($sname, $type)
 Translate "system name" of auth entity to numeric ID. More...
 
 genPassw ()
 Generate random password. More...
 
 mkUser ($sname, $fullName=null, $srole=null, $annot= '')
 Make user $sname. More...
 
 rmUser ($sname)
 Remove user $sname. More...
 
 cpUser ($sname1, $sname2)
 Copy rights and roles from user $sname1 to user $sname2. More...
 
 mkRight ($sname, $annot= '')
 Make right $sname with annotation $annot. More...
 
 rmRight ($sname, $force=false)
 Remove right $sname. More...
 
 setRight ($right)
 Change right values (SNAME, ANNOT, ...) More...
 
 mkRole ($sname, $annot= '')
 Make role $sname with annotation $annot. More...
 
 rmRole ($sname, $force=false)
 Remove role $sname. More...
 
 cpRole ($sname1, $sname2)
 Copy rights from role $sname1 to role $sname2. More...
 
 rGrant ($srole, $sright, $rval= '1', $obj_id=0)
 Grant/revoke right $sright to role $srole. More...
 
 uGrant ($suser, $sright, $rval= '1', $obj_id=0)
 Grant/revoke right $sright to user $suser. More...
 
 uRole ($suser, $srole, $assign=true, $obj_id=0)
 Assign/revoke role $srole to user $suser. More...
 
 getUser ($sname)
 Return user account of user $sname (row from table AUTH_USERS) More...
 
 setUser ($sname, array $user)
 Set user account with array $user. More...
 
 setPassw ($sname, $passw)
 Set password $passw for user $sname. More...
 
 deleteAllAuthData ()
 Caution! Empty all AUTH tables! More...
 
- Public Member Functions inherited from AuthBase
 __construct ()
 Constructor - load config parameters.
 
 passwordHash ($password)
 Return password hash. More...
 
 passwordHashVerify ($password, $hash)
 Verify password hash. More...
 
 setError ($message)
 Add error message into ->errors variable. More...
 
- Public Member Functions inherited from BaseObject
 loadDefaults ($className=null)
 Load default parameters of class $className into object instance.
 
 setProperties (array $defaults)
 Set public properties of object from the array. More...
 
 addEvent ($name, $callback)
 Add event handler to $object->$name property. More...
 
 toArray ()
 Convert object to array. More...
 

Data Fields

 $db
 var Db
 
- Data Fields inherited from AuthBase
 $translator
 var Translator
 
 $errors = array()
 Array of error messages (if any)
 
 $secret
 Secret string used for enpowerment of md5 hash.
 
 $passwordAlgo
 Password algorhitm - can be 'md5' or 'bcrypt'.
 
 $passwordCost = 10
 Bcrypt cost. More...
 
 $throwsExceptions = false
 Throws exceptions instead of just collecting errors in ->errors.
 
 $onError
 Occurs on auth error. More...
 
- Data Fields inherited from BaseObject
 $onNewInstance
 Occurs when new instance of the class is created. More...
 
 $onMissingMethod
 Occurs when called method does not exist. More...
 
 $serviceLocator
 var function() Return service object when requested with service(). More...
 

Additional Inherited Members

- Static Public Member Functions inherited from BaseObject
static defaults ()
 Set or retireve default parameters of the object. More...
 
- Protected Member Functions inherited from AuthBase
 log ($category, $messageId, $message=null, $itemId=null)
 log security issue using App->logger. More...
 
- Protected Member Functions inherited from BaseObject
 fireEvent ($name, array $args=array())
 Run all event handlers in $object->$name property. More...
 
 service ($service, $default=null)
 Try acquire $service and load it into property $this->$service. More...
 
- Protected Attributes inherited from AuthBase
 $app
 var App
 

Detailed Description

Auth entities (users,roles,rights) management.

Features:

Member Function Documentation

cpRole (   $sname1,
  $sname2 
)

Copy rights from role $sname1 to role $sname2.

Both must exists.

Parameters
string$sname1Source "role_name" or "#role_id"
string$sname2Destination role_name" or "#role_id"
Returns
int $n Number of copied rights.
cpUser (   $sname1,
  $sname2 
)

Copy rights and roles from user $sname1 to user $sname2.

Both must exists.

Parameters
string$sname1Source "user_name" or "#user_id"
string$sname2Destination "user_name" or "#user_id"
Returns
int $n Number of copied entities.
deleteAllAuthData ( )

Caution! Empty all AUTH tables!

Returns
bool $ok
genPassw ( )

Generate random password.

Returns
string $password
getUser (   $sname)

Return user account of user $sname (row from table AUTH_USERS)

Parameters
string$snameUser name or #id
Returns
array $user
mkRight (   $sname,
  $annot = '' 
)

Make right $sname with annotation $annot.

If right exists, throw error.

Parameters
string$sname"entity_name"
string$annotannotation string
Returns
int $id ID of new right
mkRole (   $sname,
  $annot = '' 
)

Make role $sname with annotation $annot.

If role exists, throw error.

Parameters
string$sname"entity_name"
string$annotannotation string
Returns
int $id ID of new role
mkUser (   $sname,
  $fullName = null,
  $srole = null,
  $annot = '' 
)

Make user $sname.

If user exists, throw error.

Parameters
string$snameusername
string$fullNameUser's full name.
string$sroleRole name or #id which will be assigned to user.
string$annotAnnotation string.
Returns
int $id ID of new user
rGrant (   $srole,
  $sright,
  $rval = '1',
  $obj_id = 0 
)

Grant/revoke right $sright to role $srole.

Both must exists.

Parameters
string$srole"role_name" or "#role_id"
string$sright"right_name" or "#right_id"
string$rvalValue of the right. If null, right is removed from role.
int$obj_idResource object ID for which right is granted. Value '0' means any object.
Returns
bool $ok
rmRight (   $sname,
  $force = false 
)

Remove right $sname.

If right is used in role or user, throw error.

Parameters
string$sname"entity_name" or "#entity_id"
string$forceForce remove even if right is in use.
Returns
bool $ok
rmRole (   $sname,
  $force = false 
)

Remove role $sname.

If role is assigned to user, throw error.

Parameters
string$sname"entity_name" or "#entity_id"
string$forceForce remove even if role is in use.
Returns
bool $ok
rmUser (   $sname)

Remove user $sname.

Parameters
string$sname"entity_name" or "#entity_id"
Returns
bool $ok
setPassw (   $sname,
  $passw 
)

Set password $passw for user $sname.

Password with length < 6 generates warning. Empty password will enable default password.

Parameters
string$sname"user_name" or "#user_id"
string$passwPassword
Returns
bool $ok
setRight (   $right)

Change right values (SNAME, ANNOT, ...)

Parameters
array$right
Returns
bool $ok
setUser (   $sname,
array  $user 
)

Set user account with array $user.

Array $user must contain ID of user. Throw error if user does not exists. Field PASSW is never set with this function - use setpassw().

Parameters
array$userUser data - table AUTH_USERS will be updated with this.
Returns
bool $ok
See also
setpassw()
sname (   $sname,
  $type 
)

Translate "system name" of auth entity to numeric ID.

Entity can be role, right or user. For system name see column SNAME in AUTH_* tables - ID is primary key from relevant db-table.

Parameters
string$sname"entity_name" or "#entity_id"
enum$type("user", "role", "right")
uGrant (   $suser,
  $sright,
  $rval = '1',
  $obj_id = 0 
)

Grant/revoke right $sright to user $suser.

Both must exists.

Parameters
string$suser"user_name" or "#user_id"
string$sright"right_name" or "#right_id"
string$rvalValue of the right. If null, right is removed from role.
int$obj_idResource object ID for which right is granted. Value '0' means any object.
Returns
bool $ok
uRole (   $suser,
  $srole,
  $assign = true,
  $obj_id = 0 
)

Assign/revoke role $srole to user $suser.

Both must exists. Last assigned role has highest priority. See field R_PRIORITY in table AUTH_USER_ROLE - '1' means highest.

Parameters
string$suser"user_name" or "#user_id"
string$srole"role_name" or "#role_id"
bool$assignassign/revoke
int$obj_idResource object ID for which role is granted. Value '0' means any object.
Returns
bool $ok

The documentation for this class was generated from the following file: