1 | <?php |
---|
2 | |
---|
3 | /** |
---|
4 | * Security class for Workflow module. |
---|
5 | * You should never forget to call 'enable' |
---|
6 | * public method to enable security before |
---|
7 | * executing process code. |
---|
8 | * |
---|
9 | * @author Pedro Eugênio Rocha |
---|
10 | * @package Security |
---|
11 | * @static |
---|
12 | */ |
---|
13 | class Security { |
---|
14 | |
---|
15 | /** |
---|
16 | * @var boolean $_protection Stores the current security mode. |
---|
17 | * @access private |
---|
18 | * @static |
---|
19 | */ |
---|
20 | private static $_protection = false; |
---|
21 | |
---|
22 | |
---|
23 | /** |
---|
24 | * Disallow the instantiation of this class. |
---|
25 | * @access public |
---|
26 | * @return void |
---|
27 | */ |
---|
28 | public function __construct() { |
---|
29 | throw new Exception("Oops! Static only class."); |
---|
30 | } |
---|
31 | |
---|
32 | |
---|
33 | /** |
---|
34 | * Returns the current security mode. |
---|
35 | * @access public |
---|
36 | * @return boolean |
---|
37 | */ |
---|
38 | public static function isEnabled() { |
---|
39 | return self::$_protection; |
---|
40 | } |
---|
41 | |
---|
42 | |
---|
43 | /** |
---|
44 | * Change to secured mode. |
---|
45 | * @access public |
---|
46 | * @return boolean |
---|
47 | * @static |
---|
48 | */ |
---|
49 | public static function enable() { |
---|
50 | |
---|
51 | if (self::_isAllowed()) |
---|
52 | self::$_protection = true; |
---|
53 | else |
---|
54 | throw new Exception('You are not allowed to change security mode.'); |
---|
55 | return true; |
---|
56 | } |
---|
57 | |
---|
58 | /** |
---|
59 | * Change to unsecured mode. |
---|
60 | * @access public |
---|
61 | * @return boolean |
---|
62 | * @static |
---|
63 | */ |
---|
64 | public static function disable() { |
---|
65 | |
---|
66 | if (self::_isAllowed()) |
---|
67 | self::$_protection = false; |
---|
68 | else |
---|
69 | throw new Exception('You are not allowed to change security mode.'); |
---|
70 | return true; |
---|
71 | } |
---|
72 | |
---|
73 | |
---|
74 | /** |
---|
75 | * This function do all the security stuff. |
---|
76 | * Here we must define in which files we are able |
---|
77 | * to change the security mode. |
---|
78 | * |
---|
79 | * @access private |
---|
80 | * @return boolean |
---|
81 | * @static |
---|
82 | */ |
---|
83 | private static function _isAllowed() { |
---|
84 | $backtrace = debug_backtrace(); |
---|
85 | |
---|
86 | /* TODO - These are not definitive validations */ |
---|
87 | /* $backtrace[1] specifies the imediate antecessor function */ |
---|
88 | $basedir = dirname($backtrace[1]['file']); |
---|
89 | |
---|
90 | if ($basedir == dirname(__FILE__)) |
---|
91 | return true; |
---|
92 | return false; |
---|
93 | } |
---|
94 | } |
---|
95 | |
---|
96 | ?> |
---|