|
1
|
|
|
<?php |
|
2
|
|
|
/** |
|
3
|
|
|
* security consultant entity |
|
4
|
|
|
*/ |
|
5
|
|
|
|
|
6
|
|
|
namespace Graviton\SecurityBundle\Entities; |
|
7
|
|
|
|
|
8
|
|
|
use Symfony\Component\Security\Core\Role\Role; |
|
9
|
|
|
use Symfony\Component\Security\Core\User\UserInterface; |
|
10
|
|
|
|
|
11
|
|
|
/** |
|
12
|
|
|
* Class SecurityUser |
|
13
|
|
|
* |
|
14
|
|
|
* @author List of contributors <https://github.com/libgraviton/graviton/graphs/contributors> |
|
15
|
|
|
* @license http://opensource.org/licenses/gpl-license.php GNU Public License |
|
16
|
|
|
* @link http://swisscom.ch |
|
17
|
|
|
*/ |
|
18
|
|
|
class SecurityUser implements UserInterface |
|
19
|
|
|
{ |
|
20
|
|
|
const ROLE_USER = 'ROLE_GRAVITON_USER'; |
|
21
|
|
|
const ROLE_ANONYMOUS = 'ROLE_GRAVITON_ANONYMOUS'; |
|
22
|
|
|
|
|
23
|
|
|
/** |
|
24
|
|
|
* @var Object |
|
25
|
|
|
*/ |
|
26
|
|
|
private $user; |
|
27
|
|
|
|
|
28
|
|
|
/** |
|
29
|
|
|
* @var Role[] |
|
30
|
|
|
*/ |
|
31
|
|
|
private $roles; |
|
32
|
|
|
|
|
33
|
|
|
|
|
34
|
|
|
/** |
|
35
|
|
|
* Constructor of the class. |
|
36
|
|
|
* |
|
37
|
|
|
* @param object $user the user |
|
38
|
|
|
* @param Role[] $roles roles for the contract |
|
39
|
|
|
*/ |
|
40
|
|
|
public function __construct($user, array $roles = array()) |
|
41
|
|
|
{ |
|
42
|
|
|
$this->user = $user; |
|
43
|
|
|
$this->roles = $roles; |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
/** |
|
47
|
|
|
* Returns the roles granted to the user. |
|
48
|
|
|
* |
|
49
|
|
|
* @return Role[] The user roles |
|
50
|
|
|
*/ |
|
51
|
|
|
public function getRoles() |
|
52
|
|
|
{ |
|
53
|
|
|
return $this->roles; |
|
54
|
|
|
} |
|
55
|
|
|
|
|
56
|
|
|
/** |
|
57
|
|
|
* Returns the password used to authenticate the user. |
|
58
|
|
|
* |
|
59
|
|
|
* @return string The password |
|
60
|
|
|
*/ |
|
61
|
|
|
public function getPassword() |
|
62
|
|
|
{ |
|
63
|
|
|
return ''; |
|
64
|
|
|
} |
|
65
|
|
|
|
|
66
|
|
|
/** |
|
67
|
|
|
* Returns the salt that was originally used to encode the password. |
|
68
|
|
|
* |
|
69
|
|
|
* @return null The salt |
|
70
|
|
|
*/ |
|
71
|
|
|
public function getSalt() |
|
72
|
|
|
{ |
|
73
|
|
|
return null; |
|
74
|
|
|
} |
|
75
|
|
|
|
|
76
|
|
|
/** |
|
77
|
|
|
* Returns the username used to authenticate the user. |
|
78
|
|
|
* |
|
79
|
|
|
* @return string The username |
|
80
|
|
|
*/ |
|
81
|
|
|
public function getUsername() |
|
82
|
|
|
{ |
|
83
|
|
|
if (method_exists($this->user, 'getUsername')) { |
|
84
|
|
|
return $this->user->getUsername(); |
|
85
|
|
|
} |
|
86
|
|
|
return false; |
|
|
|
|
|
|
87
|
|
|
} |
|
88
|
|
|
|
|
89
|
|
|
/** |
|
90
|
|
|
* Removes sensitive data from the user. |
|
91
|
|
|
* |
|
92
|
|
|
* This is important if, at any given point, sensitive information like |
|
93
|
|
|
* the plain-text password is stored on this object. |
|
94
|
|
|
* |
|
95
|
|
|
* @return void |
|
96
|
|
|
*/ |
|
97
|
|
|
public function eraseCredentials() |
|
98
|
|
|
{ |
|
99
|
|
|
} |
|
100
|
|
|
|
|
101
|
|
|
/** |
|
102
|
|
|
* Provides the consultant object. |
|
103
|
|
|
* |
|
104
|
|
|
* @return Object |
|
105
|
|
|
*/ |
|
106
|
|
|
public function getUser() |
|
107
|
|
|
{ |
|
108
|
|
|
return $this->user; |
|
109
|
|
|
} |
|
110
|
|
|
|
|
111
|
|
|
/** |
|
112
|
|
|
* Check if user has role |
|
113
|
|
|
* @param string $role User Role |
|
114
|
|
|
* @return bool |
|
115
|
|
|
*/ |
|
116
|
|
|
public function hasRole($role) |
|
117
|
|
|
{ |
|
118
|
|
|
return in_array($role, $this->roles); |
|
119
|
|
|
} |
|
120
|
|
|
|
|
121
|
|
|
/** |
|
122
|
|
|
* @return string |
|
123
|
|
|
*/ |
|
124
|
|
|
public function __toString() |
|
125
|
|
|
{ |
|
126
|
|
|
$roles = $this->$this->getRoles(); |
|
127
|
|
|
$username = $this->getUsername() ? $this->getUsername() : 'anonymous'; |
|
128
|
|
|
return reser($roles).':'.$username; |
|
129
|
|
|
} |
|
130
|
|
|
} |
|
131
|
|
|
|
libgraviton /
graviton
If you return a value from a function or method, it should be a sub-type of the type that is given by the parent type f.e. an interface, or abstract method. This is more formally defined by the Lizkov substitution principle, and guarantees that classes that depend on the parent type can use any instance of a child type interchangably. This principle also belongs to the SOLID principles for object oriented design.
Let’s take a look at an example:
Our function
my_functionexpects aPostobject, and outputs the author of the post. The base classPostreturns a simple string and outputting a simple string will work just fine. However, the child classBlogPostwhich is a sub-type ofPostinstead decided to return anobject, and is therefore violating the SOLID principles. If aBlogPostwere passed tomy_function, PHP would not complain, but ultimately fail when executing thestrtouppercall in its body.