Add RememberMe feature and authentications history

2014-04-19 22:12:12 -04:00
parent 5aacb6a763
commit a04ecbde77
24 changed files with 949 additions and 55 deletions
--- a/models/acl.php
+++ b/models/acl.php
@@ -4,16 +4,32 @@ namespace Model;

 require_once __DIR__.'/base.php';

+/**
+ * Acl model
+ *
+ * @package  model
+ * @author   Frederic Guillot
+ */
 class Acl extends Base
 {
-    // Controllers and actions allowed from outside
+    /**
+     * Controllers and actions allowed from outside
+     *
+     * @access private
+     * @var array
+     */
    private $public_actions = array(
        'user' => array('login', 'check'),
        'task' => array('add'),
        'board' => array('readonly'),
    );

-    // Controllers and actions allowed for regular users
+    /**
+     * Controllers and actions allowed for regular users
+     *
+     * @access private
+     * @var array
+     */
    private $user_actions = array(
        'app' => array('index'),
        'board' => array('index', 'show', 'assign', 'assigntask', 'save'),
@@ -21,10 +37,18 @@ class Acl extends Base
        'task' => array('show', 'create', 'save', 'edit', 'update', 'close', 'confirmclose', 'open', 'confirmopen', 'description', 'duplicate'),
        'comment' => array('save', 'confirm', 'remove', 'update', 'edit'),
        'user' => array('index', 'edit', 'update', 'forbidden', 'logout', 'index'),
-        'config' => array('index'),
+        'config' => array('index', 'removeremembermetoken'),
    );

-    // Return true if the specified controller/action is allowed according to the given acl
+    /**
+     * Return true if the specified controller/action is allowed according to the given acl
+     *
+     * @access public
+     * @param  array    $acl          Acl list
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
    public function isAllowedAction(array $acl, $controller, $action)
    {
        if (isset($acl[$controller])) {
@@ -34,37 +58,100 @@ class Acl extends Base
        return false;
    }

-    // Return true if the given action is public
+    /**
+     * Return true if the given action is public
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
    public function isPublicAction($controller, $action)
    {
        return $this->isAllowedAction($this->public_actions, $controller, $action);
    }

-    // Return true if the given action is allowed for a regular user
+    /**
+     * Return true if the given action is allowed for a regular user
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
    public function isUserAction($controller, $action)
    {
        return $this->isAllowedAction($this->user_actions, $controller, $action);
    }

-    // Return true if the logged user is admin
+    /**
+     * Return true if the logged user is admin
+     *
+     * @access public
+     * @return bool
+     */
    public function isAdminUser()
    {
-        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === '1';
+        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === true;
    }

-    // Return true if the logged user is not admin
+    /**
+     * Return true if the logged user is not admin
+     *
+     * @access public
+     * @return bool
+     */
    public function isRegularUser()
    {
-        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === '0';
+        return isset($_SESSION['user']['is_admin']) && $_SESSION['user']['is_admin'] === false;
    }

-    // Get the connected user id
+    /**
+     * Get the connected user id
+     *
+     * @access public
+     * @return bool
+     */
    public function getUserId()
    {
        return isset($_SESSION['user']['id']) ? (int) $_SESSION['user']['id'] : 0;
    }

-    // Check if an action is allowed for the logged user
+    /**
+     * Check is the user is connected
+     *
+     * @access public
+     * @return bool
+     */
+    public function isLogged()
+    {
+        return ! empty($_SESSION['user']);
+    }
+
+    /**
+     * Check is the user was authenticated with the RememberMe or set the value
+     *
+     * @access public
+     * @param  bool   $value   Set true if the user use the RememberMe
+     * @return bool
+     */
+    public function isRememberMe($value = null)
+    {
+        if ($value !== null) {
+            $_SESSION['is_remember_me'] = $value;
+        }
+
+        return empty($_SESSION['is_remember_me']) ? false : $_SESSION['is_remember_me'];
+    }
+
+    /**
+     * Check if an action is allowed for the logged user
+     *
+     * @access public
+     * @param  string   $controller   Controller name
+     * @param  string   $action       Action name
+     * @return bool
+     */
    public function isPageAccessAllowed($controller, $action)
    {
        return $this->isPublicAction($controller, $action) ||