source: contrib/davical/inc/DAViCalSession.php @ 3733

Revision 3733, 4.9 KB checked in by gabriel.malheiros, 13 years ago (diff)

Ticket #1541 - <Davical customizado para o Expresso.Utiliza Caldav e CardDav?>
Line 
1<?php
2/**
3* DAViCal extensions to AWL Session handling
4*
5* @package   davical
6* @subpackage   DAViCalSession
7* @author Andrew McMillan <andrew@mcmillan.net.nz>
8* @copyright Catalyst .Net Ltd, Morphoss Ltd <http://www.morphoss.com/>
9* @license   http://gnu.org/copyleft/gpl.html GNU GPL v2
10*/
11
12/**
13* @global resource $session
14* @name $session
15* The session object is global.
16*/
17$session = 1;  // Fake initialisation
18
19// The Session object uses some (optional) configurable SQL to load
20// the records related to the logged-on user...  (the where clause gets added).
21// It's very important that someone not be able to externally control this,
22// so we make it a function rather than a variable.
23/**
24* @todo Make this a defined constant
25*/
26function local_session_sql() {
27  $sql = <<<EOSQL
28SELECT session.*, usr.*, principal.*
29        FROM session JOIN usr USING(user_no) JOIN principal USING(user_no)
30EOSQL;
31  return $sql;
32}
33
34/**
35* We extend the AWL Session class.
36*/
37require('Session.php');
38
39
40@Session::_CheckLogout();
41
42/**
43* A class for creating and holding session information.
44*
45* @package   davical
46*/
47class DAViCalSession extends Session
48{
49
50  /**
51  * Create a new DAViCalSession object.
52  *
53  * We create a Session and extend it with some additional useful RSCDS
54  * related information.
55  *
56  * @param string $sid A session identifier.
57  */
58  function __construct( $sid='' ) {
59    $this->Session($sid);
60  }
61
62
63  /**
64  * Internal function used to assign the session details to a user's new session.
65  * @param object $u The user+session object we (probably) read from the database.
66  */
67  function AssignSessionDetails( $u ) {
68    if ( !isset($u->principal_id) ) {
69      // If they don't have a principal_id set then we should re-read from our local database
70      $qry = new AwlQuery('SELECT * FROM dav_principal WHERE username = :username', array(':username' => $u->username) );
71      if ( $qry->Exec() && $qry->rows() == 1 ) {
72        $u = $qry->Fetch();
73      }
74    }
75
76    parent::AssignSessionDetails( $u );
77    $this->GetRoles();
78    if ( function_exists('awl_set_locale') && isset($this->locale) && $this->locale != '' ) {
79      awl_set_locale($this->locale);
80    }
81  }
82
83
84  /**
85  * Method used to get the user's roles
86  */
87  function GetRoles () {
88    $this->roles = array();
89    $sql = 'SELECT role_name FROM roles JOIN role_member ON roles.role_no=role_member.role_no WHERE user_no = '.$this->user_no;
90    $qry = new AwlQuery( $sql );
91    if ( $qry->Exec('DAViCalSession') && $qry->rows() > 0 ) {
92      while( $role = $qry->Fetch() ) {
93        $this->roles[$role->role_name] = 1;
94      }
95    }
96  }
97
98
99  /**
100  * Checks that this user is logged in, and presents a login screen if they aren't.
101  *
102  * The function can optionally confirm whether they are a member of one of a list
103  * of roles, and deny access if they are not a member of any of them.
104  *
105  * @param string $roles The list of roles that the user must be a member of one of to be allowed to proceed.
106  * @return boolean Whether or not the user is logged in and is a member of one of the required roles.
107  */
108  function LoginRequired( $roles = '' ) {
109    global $c, $session, $main_menu, $sub_menu, $tab_menu;
110
111    $current_domain = (isset($_SERVER['SERVER_NAME'])?$_SERVER['SERVER_NAME']:$_SERVER['SERVER_ADDR']);
112    if ( (isset($c->restrict_admin_domain) && $c->restrict_admin_domain != $current_domain)
113      || (isset($c->restrict_admin_port) && $c->restrict_admin_port != $_SERVER['SERVER_PORT'] ) ) {
114      header('Location: caldav.php');
115      dbg_error_log( 'LOG WARNING', 'Access to "%s" via "%s:%d" rejected.', $_SERVER['REQUEST_URI'], $current_domain, $_SERVER['SERVER_PORT'] );
116      exit(0);
117    }
118    if ( isset($c->restrict_admin_roles) && $roles == '' ) $roles = $c->restrict_admin_roles;
119    if ( $this->logged_in && $roles == '' ) return;
120    if ( ! $this->logged_in ) {
121      $c->messages[] = i18n('You must log in to use this system.');
122      include_once('page-header.php');
123      if ( function_exists('local_index_not_logged_in') ) {
124        local_index_not_logged_in();
125      }
126      else {
127        if ( $this->login_failed ) {
128          $c->messages[] = i18n('Invalid user name or password.');
129        }
130        echo '<h1>'.translate('Log On Please')."</h1>\n";
131        echo '<p>'.translate('For access to the')
132                  .' '.translate($c->system_name).' '
133                  .translate('you should log on with the username and password that have been issued to you.')
134            ."</p>\n";
135        echo '<p>'.translate('If you would like to request access, please e-mail').' '.$c->admin_email."</p>\n";
136        echo $this->RenderLoginPanel();
137      }
138    }
139    else {
140      $valid_roles = explode(',', $roles);
141      foreach( $valid_roles AS $k => $v ) {
142        if ( $this->AllowedTo($v) ) return;
143      }
144      $c->messages[] = i18n('You are not authorised to use this function.');
145      include_once('page-header.php');
146    }
147
148    include('page-footer.php');
149    exit;
150  }
151}
152
153$session = new DAViCalSession();
154$session->_CheckLogin();
155
Note: See TracBrowser for help on using the repository browser.