Completed
Push — master ( da58d4...61a0f7 )
by Henry
06:34
created

includes/Auth.php (2 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
namespace Redaxscript;
3
4
use function array_key_exists;
5
use function array_merge;
6
use function in_array;
7
use function is_array;
8
use function json_decode;
9
10
/**
11
 * parent class to authenticate the user
12
 *
13
 * @since 3.0.0
14
 *
15
 * @package Redaxscript
16
 * @category Auth
17
 * @author Henry Ruhs
18
 *
19
 * @method bool getPermissionNew(string $type)
20
 * @method bool getPermissionInstall(string $type)
21
 * @method bool getPermissionEdit(string $type)
22
 * @method bool getPermissionDelete(string $type)
23
 * @method bool getPermissionUninstall(string $type)
24
 * @method bool getFilter()
25
 */
26
27
class Auth
28
{
29
	/**
30
	 * instance of the request class
31
	 *
32
	 * @var Request
33
	 */
34
35
	protected $_request;
36
37
	/**
38
	 * array of the user
39
	 *
40
	 * @var array
41
	 */
42
43
	protected $_userArray = [];
44
45
	/**
46
	 * array of the permission
47
	 *
48
	 * @var array
49
	 */
50
51
	protected $_permissionArray = [];
52
53
	/**
54
	 * array of the type
55
	 *
56
	 * @var array
57
	 */
58
59
	protected $_typeArray =
60
	[
61
		'categories',
62
		'articles',
63
		'extras',
64
		'comments',
65
		'groups',
66
		'users',
67
		'modules',
68
		'settings',
69
		'filter'
70
	];
71
72
	/**
73
	 * array of the call
74
	 *
75
	 * @var array
76
	 */
77
78
	protected $_callArray =
79
	[
80
		'categories' =>
81
		[
82
			'getPermissionNew' => 1,
83
			'getPermissionEdit' => 2,
84
			'getPermissionDelete' => 3
85
		],
86
		'articles' =>
87
		[
88
			'getPermissionNew' => 1,
89
			'getPermissionEdit' => 2,
90
			'getPermissionDelete' => 3
91
		],
92
		'extras' =>
93
		[
94
			'getPermissionNew' => 1,
95
			'getPermissionEdit' => 2,
96
			'getPermissionDelete' => 3
97
		],
98
		'comments' =>
99
		[
100
			'getPermissionNew' => 1,
101
			'getPermissionEdit' => 2,
102
			'getPermissionDelete' => 3
103
		],
104
		'groups' =>
105
		[
106
			'getPermissionNew' => 1,
107
			'getPermissionEdit' => 2,
108
			'getPermissionDelete' => 3
109
		],
110
		'users' =>
111
		[
112
			'getPermissionNew' => 1,
113
			'getPermissionEdit' => 2,
114
			'getPermissionDelete' => 3
115
		],
116
		'modules' =>
117
		[
118
			'getPermissionInstall' => 1,
119
			'getPermissionEdit' => 2,
120
			'getPermissionUninstall' => 3
121
		],
122
		'settings' =>
123
		[
124
			'getPermissionEdit' => 1
125
		],
126
		'filter' =>
127
		[
128
			'getFilter' => 0
129
		]
130
	];
131
132
	/**
133
	 * constructor of the class
134
	 *
135
	 * @since 3.0.0
136
	 *
137
	 * @param Request $request instance of the request class
138
	 */
139
140 27
	public function __construct(Request $request)
141
	{
142 27
		$this->_request = $request;
143 27
	}
144
145
	/**
146
	 * call method as needed
147
	 *
148
	 * @since 3.0.0
149
	 *
150
	 * @param string $method name of the method
151
	 * @param array $argumentArray arguments of the method
152
	 *
153
	 * @return bool
154
	 */
155
156 24
	public function __call(string $method = null, array $argumentArray = []) : bool
157
	{
158 24
		$type = $argumentArray[0];
159 24
		if (is_array($this->_callArray[$type]) && array_key_exists($method, $this->_callArray[$type]))
160
		{
161 20
			$permissionArray = $this->getPermission($type);
162 20
			return is_array($permissionArray) && in_array($this->_callArray[$type][$method], $permissionArray);
163
		}
164 24
		if ($method === 'getFilter')
165
		{
166 4
			$permissionArray = $this->getPermission('filter');
167 4
			return !is_array($permissionArray) || !in_array($this->_callArray['filter'][$method], $permissionArray);
168
		}
169 20
		return false;
170
	}
171
172
	/**
173
	 * init the class
174
	 *
175
	 * @since 3.0.0
176
	 */
177
178 1
	public function init() : void
179
	{
180 1
		$authArray = $this->_getAuth();
181 1
		if (is_array($authArray) && array_key_exists('user', $authArray))
182
		{
183 1
			$this->_userArray = $authArray['user'];
184
		}
185 1
		if (is_array($authArray) && array_key_exists('permission', $authArray))
186
		{
187 1
			$this->_permissionArray = $authArray['permission'];
188
		}
189 1
	}
190
191
	/**
192
	 * login the user
193
	 *
194
	 * @since 3.0.0
195
	 *
196
	 * @param int $userId identifier of the user
197
	 *
198
	 * @return int
199
	 */
200
201 26
	public function login(int $userId = null) : int
202
	{
203 26
		$userModel = new Model\User();
204 26
		$user = $userModel->getById($userId);
205
206
		/* handle user */
207
208 26
		if ($user->user && $user->password && $user->status)
209
		{
210 26
			$groupArray = (array)json_decode($user->groups);
211 26
			if ($groupArray)
212
			{
213 20
				$groups = Db::forTablePrefix('groups')
214 20
					->whereIdIn($groupArray)
215 20
					->where('status', 1)
216 20
					->select($this->_typeArray)
217 20
					->findArray();
218
219
				/* set the filter */
220
221 20
				$this->setPermission('filter',
222
				[
223 20
					1
224
				]);
225
226
				/* process groups */
227
228 20
				foreach ($groups as $value)
229
				{
230 14
					foreach ($value as $keySub => $valueSub)
231
					{
232 14
						$valueArray = (array)json_decode($valueSub);
233 14
						$this->setPermission($keySub, $valueArray);
234
					}
235
				}
236
			}
237
238
			/* set the user */
239
240 26
			$this->setUser('id', $user->id);
241 26
			$this->setUser('name', $user->name);
242 26
			$this->setUser('user', $user->user);
243 26
			$this->setUser('email', $user->email);
244 26
			$this->setUser('language', $user->language);
245 26
			$this->setUser('groups', $user->groups);
246
247
			/* save user and permission */
248
249 26
			$this->save();
250
		}
251 26
		return $this->getStatus();
252
	}
253
254
	/**
255
	 * logout the user
256
	 *
257
	 * @since 3.0.0
258
	 *
259
	 * @return bool
260
	 */
261
262 1
	public function logout() : bool
263
	{
264 1
		if ($this->getStatus())
265
		{
266 1
			$this->_setAuth();
267 1
			$this->_request->setSession('language', null);
268 1
			return !$this->getStatus();
269
		}
270 1
		return false;
271
	}
272
273
	/**
274
	 * get the value from user
275
	 *
276
	 * @since 3.0.0
277
	 *
278
	 * @param string $key key of the user
279
	 *
280
	 * @return string|null
281
	 */
282
283 27
	public function getUser(string $key = null) : ?string
284
	{
285 27
		if (is_array($this->_userArray) && array_key_exists($key, $this->_userArray))
286
		{
287 1
			return $this->_userArray[$key];
288
		}
289 26
		return null;
290
	}
291 26
292
	/**
293 1
	 * get the array from user
294
	 *
295
	 * @since 4.0.0
296
	 *
297
	 * @return array
298
	 */
299
300
	public function getUserArray() : array
301
	{
302
		return $this->_userArray;
303
	}
304
305 26
	/**
306
	 * set the user
307 26
	 *
308 26
	 * @since 3.0.0
309
	 *
310
	 * @param string $key key of the user
311
	 * @param string|array|null $value value of the user
312
	 */
313
314
	public function setUser(string $key = null, $value = null) : void
315
	{
316
		$this->_userArray[$key] = $value;
317
	}
318
319
	/**
320 27
	 * get the value from permission
321
	 *
322 27
	 * @since 3.0.0
323
	 *
324 14
	 * @param string $key key of the permission
325
	 *
326 26
	 * @return string|array|null
327
	 */
328 26
329
	public function getPermission(string $key = null)
330 11
	{
331
		if (is_array($this->_permissionArray) && array_key_exists($key, $this->_permissionArray))
332
		{
333
			return $this->_permissionArray[$key];
334
		}
335
		return null;
336
	}
337
338
	/**
339
	 * get the array from permission
340
	 *
341
	 * @since 4.0.0
342 20
	 *
343
	 * @return array
344 20
	 */
345
346 14
	public function getPermissionArray() : array
347
	{
348 20
		return $this->_permissionArray;
349 20
	}
350
351
	/**
352
	 * set the permission
353
	 *
354
	 * @since 3.0.0
355
	 *
356
	 * @param string $key key of the permission
357
	 * @param array $permissionArray array of the permission
358
	 */
359 26
360
	public function setPermission(string $key = null, array $permissionArray = []) : void
361 26
	{
362 26
		if (is_array($this->_permissionArray[$key]))
363
		{
364
			$permissionArray = array_merge($this->_permissionArray[$key], $permissionArray);
365
		}
366
		$this->_permissionArray[$key] = $permissionArray;
367
	}
368
369
	/**
370
	 * get the auth status
371 26
	 *
372
	 * @since 3.0.0
373 26
	 *
374 26
	 * @return int
375
	 */
376
377
	public function getStatus() : int
378 26
	{
379
		$authArray = $this->_getAuth();
380 20
		return is_array($authArray) && array_key_exists('user', $authArray) && array_key_exists('permission', $authArray) ? 1 : 0;
381
	}
382 20
383 20
	/**
384
	 * save user and permission
385 20
	 *
386
	 * @since 3.0.0
387 26
	 */
388
389
	public function save() : void
390
	{
391
		$userArray = $this->getUserArray();
392
		$permissionArray = $this->getPermissionArray();
393
394
		/* set the session */
395
396
		if ($userArray && $permissionArray)
0 ignored issues
show
Bug Best Practice introduced by
The expression $userArray of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
Bug Best Practice introduced by
The expression $permissionArray of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
397 27
		{
398
			$this->_setAuth(
399 27
			[
400 27
				'user' => $userArray,
401
				'permission' => $permissionArray
402
			]);
403
			$this->_request->setSession('language', $userArray['language']);
404
		}
405
	}
406
407
	/**
408
	 * get the auth from session
409
	 *
410
	 * @since 3.0.0
411 20
	 *
412
	 * @return array|null
413 20
	 */
414 20
415 20
	protected function _getAuth() : ?array
416
	{
417
		$root = new Server\Root($this->_request);
418
		return $this->_request->getSession($root->getOutput() . '/auth');
419
	}
420
421
	/**
422
	 * set the auth to session
423
	 *
424
	 * @since 3.0.0
425
	 *
426
	 * @param array $authArray
427
	 */
428
429
	protected function _setAuth(array $authArray = []) : void
430
	{
431
		$root = new Server\Root($this->_request);
432
		$this->_request->setSession($root->getOutput() . '/auth', $authArray);
433
	}
434
}
435