Skip to content
Snippets Groups Projects
Commit 3b477eda authored by Hahn Axel (hahn)'s avatar Hahn Axel (hahn)
Browse files

user class: php8 only; added variable types; use short array syntax

parent 78b4f912
No related branches found
No related tags found
1 merge request!66php8 only; added variable types; short array syntax; remove glyphicons
This commit is part of merge request !66. Comments created here will be created in the context of that merge request.
......@@ -141,7 +141,6 @@ class sws {
if (is_array($aKnownClasses)) {
$this->setConfig($aKnownClasses);
}
return true;
}
// ----------------------------------------------------------------------
......
......@@ -5,32 +5,36 @@
* This class is used in the base class
*
* @author hahn
*
* Axel <axel.hahn@unibe.ch>
* 2024-08-29 Axel php8 only; added variable types; use short array syntax
*/
class user {
class user
{
/**
* login name of the current user
* @var string
*/
private $_sUsername=false;
private string $_sUsername = '';
/**
* list of groups of the current user
* @var array
*/
private $_aUserGroups=array();
private array $_aUserGroups = [];
/**
* list of roles based on the groups
* @var array
*/
private $_aUserPermmissions=array();
private array $_aUserPermmissions = [];
/**
* list of projects the current user is involved in
* @var array
*/
private $_aProjects=array();
private $_aProjects = [];
/**
* name of the last checked role
......@@ -39,10 +43,13 @@ class user {
private $_sLastCheckedPermission = false;
/**
* Constructor
* init user with optional given user
* @param type $sUser
*
* @param string $sUser username to set
*/
public function __construct($sUser=false){
public function __construct(string $sUser = '')
{
$this->setUser($sUser);
}
......@@ -53,11 +60,13 @@ class user {
/**
* get string with detected user from current session / basic auth / cli access
* Get string with detected user from current session / basic auth / cli access
*
* @return string
*/
private function _autoDetectUser(){
$sUser=false;
private function _autoDetectUser(): string
{
$sUser = '';
if (isset($_SESSION) && isset($_SESSION["PHP_AUTH_USER"])) {
$sUser = $_SESSION["PHP_AUTH_USER"];
}
......@@ -70,8 +79,12 @@ class user {
return $sUser;
}
// UNUSED SO FAR
private function _getUser2Projects(){
/**
* UNUSED SO FAR
* Idea: limit user access to a set of projects
*/
private function _getUser2Projects()
{
$sFile = __DIR__ . '/../../../config/inc_user2projects.php';
return file_exists($sFile)
? require $sFile
......@@ -79,21 +92,28 @@ class user {
;
}
private function _getUser2Roles(){
/**
* Load roles per user from config
* @return array
*/
private function _getUser2Roles(): array
{
$sFile = __DIR__ . '/../../../config/inc_user2roles.php';
return file_exists($sFile)
? require $sFile
: ['admin' => ['admin']]
;
}
/**
* TODO: reimplement
* get the user groups of the current user from an internal source.
* The function returns a flat aray with names of the groups
* @return array
*/
private function _getUserGroups(){
$aGroups=array();
private function _getUserGroups(): array
{
$aGroups = [];
if ($this->_sUsername) {
$aGroups[] = "authenticated";
// $aGroups[]='#'.$this->_sUsername;
......@@ -114,8 +134,9 @@ class user {
* The function returns a flat aray with names of the roles
* @return array
*/
private function _getUserPermission(){
$aRoles=array();
private function _getUserPermission(): array
{
$aRoles = [];
$aRolesDefinitions = require(__DIR__ . '/../../../config/inc_roles.php');
// anonymous roles:
......@@ -139,11 +160,14 @@ class user {
/**
* authenticate a user with the configured methods
*
* @global array $aConfig global config
* @global array $aParams params (i.e. GET and POST)
*
* @return boolean
*/
public function authenticate(){
public function authenticate(): bool
{
global $aConfig, $aParams;
if (!isset($aConfig['auth']) || !is_array($aConfig['auth']) || !count($aConfig['auth']) || !isset($aParams['user'])) {
return false;
......@@ -184,7 +208,8 @@ class user {
* logoff user
* @return boolean
*/
public function logoff(){
public function logoff(): bool
{
unset($_SESSION["PHP_AUTH_USER"]);
$this->setUser();
return true;
......@@ -193,9 +218,11 @@ class user {
/**
* set an authenticated user and get its roles
* @param string $sUser optional: set a given username
* @return void
*/
public function setUser($sUser=false){
if($sUser!==false){
public function setUser(string $sUser = ''): void
{
if ($sUser) {
$this->_sUsername = $sUser;
$_SESSION["PHP_AUTH_USER"] = $sUser;
} else {
......@@ -207,10 +234,11 @@ class user {
}
/**
* return html code to display a denied message
* Get html code to display a denied message
* @return string
*/
public function showDenied(){
public function showDenied(): string
{
return '<div class="alert alert-danger" role="alert">'
. ($this->_sUsername
? t("class-user-error-deny-no-role") . '<br>' . $this->_sUsername . ' --> (' . $this->_sLastCheckedPermission . ')<br>'
......@@ -226,56 +254,70 @@ class user {
// ----------------------------------------------------------------------
// UNUSED SO FAR
public function getUser2Projects(){
/**
* UNUSED SO FAR
* Idea: limit user access to a set of projects
*/
public function getUser2Projects()
{
return $this->_getUser2Projects();
}
public function getUser2Roles(){
/**
* Get a list of all roles for the current user
* @return array
*/
public function getUser2Roles(): array
{
return $this->_getUser2Roles();
}
/**
* get the current username
* Get the current username
* @return string
*/
public function getUsername(){
public function getUsername(): string
{
return $this->_sUsername;
}
/**
* get a flat array with roles of the current user
* Get a flat array with roles of the current user
* @return array
*/
public function getUserGroups(){
public function getUserGroups(): array
{
return $this->_aUserGroups;
}
/**
* get a flat array with roles of the current user
* Get a flat array with roles of the current user
* @return array
*/
public function getUserPermission(){
public function getUserPermission(): array
{
return $this->_aUserPermmissions;
}
/**
* check if the current user has a given role name
* @param string $sGroupname name of the role to check
* @return type
* @return bool
*/
public function hasGroup($sGroupname){
return (array_search($sGroupname, $this->_aUserGroups)!==false);
public function hasGroup($sGroupname)
{
return !!(array_search($sGroupname, $this->_aUserGroups) !== false);
}
/**
* check if the current user has a given role name
* @param string $sPermission name of the role to check
* @return type
* @return boolean
*/
public function hasPermission($sPermission){
public function hasPermission($sPermission): bool
{
$this->_sLastCheckedPermission = $sPermission;
$bReturn=array_search($sPermission, $this->_aUserPermmissions)!==false;
$bReturn = !!(array_search($sPermission, $this->_aUserPermmissions) !== false);
// $this->log(__FUNCTION__ . "($sRolename) -> " . $bReturn ? 'true' : 'false');
return $bReturn;
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment