galette/lib/Galette/Core/Authentication.php

   1 <?php
   2
   3 /* vim: set expandtab tabstop=4 shiftwidth=4 softtabstop=4: */
   4
   5 /**
   6  * Abstract authentication class for galette
   7  *
   8  * PHP version 5
   9  *
  10  * Copyright © 2009-2023 The Galette Team
  11  *
  12  * This file is part of Galette (http://galette.tuxfamily.org).
  13  *
  14  * Galette is free software: you can redistribute it and/or modify
  15  * it under the terms of the GNU General Public License as published by
  16  * the Free Software Foundation, either version 3 of the License, or
  17  * (at your option) any later version.
  18  *
  19  * Galette is distributed in the hope that it will be useful,
  20  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  22  *  GNU General Public License for more details.
  23  *
  24  * You should have received a copy of the GNU General Public License
  25  * along with Galette. If not, see <http://www.gnu.org/licenses/>.
  26  *
  27  * @category  Authentication
  28  * @package   Galette
  29  *
  30  * @author    Johan Cwiklinski <johan@x-tnd.be>
  31  * @copyright 2009-2023 The Galette Team
  32  * @license   http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
  33  * @link      http://galette.tuxfamily.org
  34  * @since     Available since 0.7dev - 2009-02-28
  35  */
  36
  37 namespace Galette\Core;
  38
  39 /**
  40  * Abstract authentication class for galette
  41  *
  42  * @category  Authentication
  43  * @name      Authentication
  44  * @package   Galette
  45  * @author    Johan Cwiklinski <johan@x-tnd.be>
  46  * @copyright 2009-2023 The Galette Team
  47  * @license   http://www.gnu.org/licenses/gpl-3.0.html GPL License 3.0 or (at your option) any later version
  48  * @link      http://galette.tuxfamily.org
  49  * @since     Available since 0.7dev - 2009-02-28
  50  *
  51  * @property  ?string $login
  52  * @property  ?string $name
  53  * @property  ?string $surname
  54  * @property  ?integer $id
  55  * @property  ?string $lang
  56  * @property  array $managed_groups
  57  */
  58
  59 abstract class Authentication
  60 {
  61     public const ACCESS_USER = 0;
  62     public const ACCESS_MANAGER = 1;
  63     public const ACCESS_STAFF = 2;
  64     public const ACCESS_ADMIN = 3;
  65     public const ACCESS_SUPERADMIN = 4;
  66
  67     protected $login;
  68     protected $name;
  69     protected $surname;
  70     protected $admin = false;
  71     protected $id;
  72     protected $lang;
  73     protected $logged = false;
  74     protected $active = false;
  75     protected $superadmin = false;
  76     protected $staff = false;
  77     protected $uptodate = false;
  78     protected $managed_groups = [];
  79     protected $cron = false;
  80     protected $compact_menu = false;
  81     protected $dark_mode = false;
  82
  83     /**
  84      * Logs in user.
  85      *
  86      * @param string $user  user's login
  87      * @param string $passe user's password
  88      *
  89      * @return boolean
  90      */
  91     abstract public function logIn($user, $passe);
  92
  93     /**
  94      * Does this login already exists ?
  95      * These function should be used for setting admin login into Preferences
  96      *
  97      * @param string $user the username
  98      *
  99      * @return true if the username already exists, false otherwise
 100      */
 101     abstract public function loginExists($user);
 102
 103     /**
 104      * Login for the superuser
 105      *
 106      * @param string      $login       name
 107      * @param Preferences $preferences Preferences instance
 108      *
 109      * @return void
 110      */
 111     public function logAdmin($login, Preferences $preferences)
 112     {
 113         $this->logged = true;
 114         $this->name = 'Admin';
 115         $this->login = $login;
 116         $this->admin = true;
 117         $this->active = true;
 118         $this->staff = false;
 119         $this->uptodate = false;
 120         $this->id = 0;
 121         $this->lang = $preferences->pref_lang;
 122         //a flag for super admin only, since it's not a regular user
 123         $this->superadmin = true;
 124     }
 125
 126     /**
 127      * Authenticate from cron
 128      *
 129      * @param string $name Service name
 130      *
 131      * @return void
 132      */
 133     public function logCron($name)
 134     {
 135         //known cronable files
 136         $ok = array('reminder');
 137
 138         if (in_array($name, $ok)) {
 139             $this->logged = true;
 140             $this->cron = true;
 141             $this->login = 'cron';
 142         } else {
 143             trigger_error('Not authorized!', E_USER_ERROR);
 144         }
 145     }
 146
 147     /**
 148      * Log out user and unset variables
 149      *
 150      * @return void
 151      */
 152     public function logOut()
 153     {
 154         $this->id = null;
 155         $this->logged = false;
 156         $this->name = null;
 157         $this->login = null;
 158         $this->admin = false;
 159         $this->active = false;
 160         $this->superadmin = false;
 161         $this->staff = false;
 162         $this->uptodate = false;
 163     }
 164
 165     /**
 166      * Is user logged-in?
 167      *
 168      * @return bool
 169      */
 170     public function isLogged()
 171     {
 172         return $this->logged;
 173     }
 174
 175     /**
 176      * Is user admin?
 177      *
 178      * @return bool
 179      */
 180     public function isAdmin(): bool
 181     {
 182         return (bool)$this->admin;
 183     }
 184
 185     /**
 186      * Is user super admin?
 187      *
 188      * @return bool
 189      */
 190     public function isSuperAdmin(): bool
 191     {
 192         return (bool)$this->superadmin;
 193     }
 194
 195     /**
 196      * Is user active?
 197      *
 198      * @return bool
 199      */
 200     public function isActive(): bool
 201     {
 202         return (bool)$this->active;
 203     }
 204
 205     /**
 206      * Is user member of staff?
 207      *
 208      * @return bool
 209      */
 210     public function isStaff(): bool
 211     {
 212         return (bool)$this->staff;
 213     }
 214
 215     /**
 216      * is user a crontab?
 217      *
 218      * @return bool
 219      */
 220     public function isCron(): bool
 221     {
 222         return (bool)$this->cron;
 223     }
 224
 225     /**
 226      * Is user a group manager?
 227      * If no group id is specified, check if user is manager for at
 228      * least one group.
 229      *
 230      * @param array|int $id_group Group(s) identifier(s)
 231      *
 232      * @return boolean
 233      */
 234     public function isGroupManager($id_group = null): bool
 235     {
 236         $manager = false;
 237         if ($this->isAdmin() || $this->isStaff()) {
 238             return true;
 239         } else {
 240             if ($id_group === null) {
 241                 $manager = count($this->managed_groups) > 0;
 242             } else {
 243                 $groups = (array)$id_group;
 244
 245                 foreach ($groups as $group) {
 246                     if (in_array($group, $this->managed_groups)) {
 247                         $manager = true;
 248                         break;
 249                     }
 250                 }
 251             }
 252         }
 253         return $manager;
 254     }
 255
 256     /**
 257      * Get managed groups
 258      *
 259      * @return array
 260      */
 261     public function getManagedGroups(): array
 262     {
 263         return $this->managed_groups;
 264     }
 265
 266     /**
 267      * Get compact menu mode
 268      *
 269      * @return bool
 270      */
 271     public function getCompactMenu(): bool
 272     {
 273         return $this->logged && isset($_COOKIE['galette_compact_menu']) && $_COOKIE['galette_compact_menu'];
 274     }
 275
 276     /**
 277      * Is dark mode enabled?
 278      *
 279      * @return bool
 280      */
 281     public function isDarkModeEnabled(): bool
 282     {
 283         return isset($_COOKIE['galette_dark_mode']) && $_COOKIE['galette_dark_mode'];
 284     }
 285
 286     /**
 287      * Is user currently up to date?
 288      * An up-to-date member is active and either due free, or with up-to-date
 289      * subscription
 290      *
 291      * @return bool
 292      */
 293     public function isUp2Date(): bool
 294     {
 295         return (bool)$this->uptodate;
 296     }
 297
 298     /**
 299      * Display logged in member name
 300      *
 301      * @param boolean $only_name If we want only the name without any additional text
 302      *
 303      * @return String
 304      */
 305     public function loggedInAs($only_name = false)
 306     {
 307         $n = $this->name . ' ' . $this->surname . ' (' . $this->login . ')';
 308         if ($only_name === false) {
 309             return str_replace(
 310                 '%login',
 311                 $n,
 312                 _T("Logged in as:<br/>%login")
 313             );
 314         } else {
 315             return $n;
 316         }
 317     }
 318
 319     /**
 320      * Global getter method
 321      *
 322      * @param string $name name of the property we want to retrieve
 323      *
 324      * @return mixed
 325      */
 326     public function __get($name)
 327     {
 328         $forbidden = array('logged', 'admin', 'active', 'superadmin', 'staff', 'cron', 'uptodate');
 329         if (isset($this->$name) && !in_array($name, $forbidden)) {
 330             switch ($name) {
 331                 case 'id':
 332                     return (int)$this->$name;
 333                 default:
 334                     return $this->$name;
 335             }
 336         } else {
 337             return false;
 338         }
 339     }
 340
 341     /**
 342      * Global isset method
 343      * Required for twig to access properties via __get
 344      *
 345      * @param string $name name of the property we want to retrieve
 346      *
 347      * @return bool
 348      */
 349     public function __isset($name)
 350     {
 351         $forbidden = array('logged', 'admin', 'active', 'superadmin', 'staff', 'cron', 'uptodate');
 352         if (isset($this->$name) && !in_array($name, $forbidden)) {
 353             return true;
 354         } else {
 355             return false;
 356         }
 357     }
 358
 359
 360     /**
 361      * get user access level
 362      *
 363      * @return integer
 364      */
 365     public function getAccessLevel()
 366     {
 367
 368         if ($this->isSuperAdmin()) {
 369             return self::ACCESS_SUPERADMIN;
 370         } elseif ($this->isAdmin()) {
 371             return self::ACCESS_ADMIN;
 372         } elseif ($this->isStaff()) {
 373             return self::ACCESS_STAFF;
 374         } elseif ($this->isGroupManager()) {
 375             return self::ACCESS_MANAGER;
 376         } else {
 377             return self::ACCESS_USER;
 378         }
 379     }
 380 }