diff --git a/lib/classes/Session/Authentication/Guest.class.php b/lib/classes/Session/Authentication/Guest.class.php index a89b1734ad..458385c77e 100644 --- a/lib/classes/Session/Authentication/Guest.class.php +++ b/lib/classes/Session/Authentication/Guest.class.php @@ -9,6 +9,8 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Application; + /** * Session Authentication Object for guest access * @@ -20,9 +22,9 @@ class Session_Authentication_Guest implements Session_Authentication_Interface { /** * - * @var appbox + * @var Application */ - protected $appbox; + protected $app; /** * @@ -32,16 +34,16 @@ class Session_Authentication_Guest implements Session_Authentication_Interface /** * - * @param appbox $appbox + * @param Application $app * @return Session_Authentication_Guest */ - public function __construct(appbox &$appbox) + public function __construct(Application $app) { - $this->appbox = $appbox; + $this->app = $app; $nonce = random::generatePassword(16); $password = random::generatePassword(24); - $this->user = User_Adapter::create($this->appbox, 'invite', $password, null, false, true); + $this->user = User_Adapter::create($this->app, 'invite', $password, null, false, true); return $this; } @@ -70,8 +72,8 @@ class Session_Authentication_Guest implements Session_Authentication_Interface */ public function signOn() { - $inviteUsrid = User_Adapter::get_usr_id_from_login('invite'); - $invite_user = User_Adapter::getInstance($inviteUsrid, $this->appbox); + $inviteUsrid = User_Adapter::get_usr_id_from_login($this->app, 'invite'); + $invite_user = User_Adapter::getInstance($inviteUsrid, $this->app); $usr_base_ids = array_keys($this->user->ACL()->get_granted_base()); $this->user->ACL()->revoke_access_from_bases($usr_base_ids); @@ -88,7 +90,11 @@ class Session_Authentication_Guest implements Session_Authentication_Interface */ public function postlog() { + /** + * TODO NEUTRON FIX THIS + */ \Session_Handler::set_cookie('invite-usr_id', $this->user->get_id(), 0, true); + return $this; } } diff --git a/lib/classes/Session/Authentication/Native.class.php b/lib/classes/Session/Authentication/Native.class.php index 238c630e69..fc19858b15 100644 --- a/lib/classes/Session/Authentication/Native.class.php +++ b/lib/classes/Session/Authentication/Native.class.php @@ -9,6 +9,8 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Application; + /** * Native Authentication for Phraseanet (login/password) * @@ -20,9 +22,9 @@ class Session_Authentication_Native implements Session_Authentication_Interface { /** * - * @var appbox + * @var Application */ - protected $appbox; + protected $app; /** * @@ -50,20 +52,20 @@ class Session_Authentication_Native implements Session_Authentication_Interface /** * - * @param appbox $appbox + * @param Application $app * @param string $login * @param string $password * @return Session_Authentication_Native */ - public function __construct(appbox &$appbox, $login, $password) + public function __construct(Application $app, $login, $password) { - $this->appbox = $appbox; + $this->app = $app; $this->login = $login; $this->password = $password; try { - $usr_id = User_Adapter::get_usr_id_from_login($this->login); - $this->user = User_Adapter::getInstance($usr_id, $this->appbox); + $usr_id = User_Adapter::get_usr_id_from_login($this->app, $this->login); + $this->user = User_Adapter::getInstance($usr_id, $this->app); } catch (Exception $e) { throw new Exception_Unauthorized('User does not exists anymore'); } @@ -129,7 +131,7 @@ class Session_Authentication_Native implements Session_Authentication_Interface */ protected function check_mail_locked() { - $conn = $this->appbox->get_connection(); + $conn = $this->app['phraseanet.appbox']->get_connection(); $sql = 'SELECT mail_locked, usr_id FROM usr @@ -152,7 +154,7 @@ class Session_Authentication_Native implements Session_Authentication_Interface */ public function challenge_password(Browser $browser = null) { - $conn = $this->appbox->get_connection(); + $conn = $this->app['phraseanet.appbox']->get_connection(); $sql = 'SELECT usr_id FROM usr @@ -163,7 +165,7 @@ class Session_Authentication_Native implements Session_Authentication_Interface AND salted_password = 1 AND model_of="0" AND invite="0"'; - $salt = User_Adapter::salt_password($this->password, $this->user->get_nonce()); + $salt = User_Adapter::salt_password($this->app, $this->password, $this->user->get_nonce()); $stmt = $conn->prepare($sql); $stmt->execute(array( ':login' => $this->login, @@ -189,12 +191,12 @@ class Session_Authentication_Native implements Session_Authentication_Interface */ protected function save_badlog(Browser $browser) { - $conn = $this->appbox->get_connection(); + $conn = $this->app['phraseanet.appbox']->get_connection(); $date_obj = new DateTime('-5 month'); $sql = 'DELETE FROM badlog WHERE date < :date'; $stmt = $conn->prepare($sql); - $stmt->execute(array(':date' => phraseadate::format_mysql($date_obj))); + $stmt->execute(array(':date' => $this->app['date-formatter']->format_mysql($date_obj))); $stmt->closeCursor(); $sql = 'INSERT INTO badlog (date,login,pwd,ip,locked) @@ -228,13 +230,13 @@ class Session_Authentication_Native implements Session_Authentication_Interface ':password' => hash('sha256', $this->password) ); - $stmt = $this->appbox->get_connection()->prepare($sql); + $stmt = $this->app['phraseanet.appbox']->get_connection()->prepare($sql); $stmt->execute($params); $row = $stmt->fetch(PDO::FETCH_ASSOC); $stmt->closeCursor(); if ($row && $row['salted_password'] === '0') - throw new Exception_Session_BadSalinity(); + throw new Exception_Session_BadSalinity('Bad password salinity'); return $this; } @@ -246,8 +248,8 @@ class Session_Authentication_Native implements Session_Authentication_Interface */ protected function check_and_revoke_badlogs($ip) { - $conn = $this->appbox->get_connection(); - $registry = $this->appbox->get_registry(); + $conn = $this->app['phraseanet.appbox']->get_connection(); + $registry = $this->app['phraseanet.appbox']->get_registry(); $sql = 'SELECT id FROM badlog WHERE (login = :login OR ip = :ip) AND locked="1"'; @@ -270,7 +272,7 @@ class Session_Authentication_Native implements Session_Authentication_Interface $stmt->closeCursor(); } elseif ($row_count > 9) { if ($this->is_captcha_activated($registry)) - throw new Exception_Session_RequireCaptcha(); + throw new Exception_Session_RequireCaptcha('Require captcha'); } return $this; @@ -283,7 +285,7 @@ class Session_Authentication_Native implements Session_Authentication_Interface */ protected function is_captcha_activated(registryInterface $registry) { - $registry = $this->appbox->get_registry(); + $registry = $this->app['phraseanet.appbox']->get_registry(); return ($registry->get('GV_captchas') && trim($registry->get('GV_captcha_private_key')) !== '' diff --git a/lib/classes/Session/Authentication/PersistentCookie.class.php b/lib/classes/Session/Authentication/PersistentCookie.class.php index 304f5f9dc9..2be2fe9c06 100644 --- a/lib/classes/Session/Authentication/PersistentCookie.class.php +++ b/lib/classes/Session/Authentication/PersistentCookie.class.php @@ -9,6 +9,8 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Application; + /** * * @package Session @@ -19,9 +21,9 @@ class Session_Authentication_PersistentCookie implements Session_Authentication_ { /** * - * @var type + * @var Application */ - protected $appbox; + protected $app; /** * @@ -37,18 +39,18 @@ class Session_Authentication_PersistentCookie implements Session_Authentication_ /** * - * @param appbox $appbox + * @param Application $appbox * @param type $persistent_cookie * @return Session_Authentication_PersistentCookie */ - public function __construct(appbox &$appbox, $persistent_cookie) + public function __construct(Application $app, $persistent_cookie) { - $this->appbox = $appbox; + $this->app= $app; $this->persistent_cookie = $persistent_cookie; $browser = Browser::getInstance(); - $conn = $this->appbox->get_connection(); + $conn = $this->app['phraseanet.appbox']->get_connection(); $sql = 'SELECT usr_id, session_id, nonce, token FROM cache WHERE token = :token'; $stmt = $conn->prepare($sql); $stmt->execute(array(':token' => $this->persistent_cookie)); @@ -61,11 +63,11 @@ class Session_Authentication_PersistentCookie implements Session_Authentication_ $string = $browser->getBrowser() . '_' . $browser->getPlatform(); - if (User_Adapter::salt_password($string, $row['nonce']) !== $row['token']) { + if (User_Adapter::salt_password($this->app, $string, $row['nonce']) !== $row['token']) { throw new Exception_Session_WrongToken(); } - $this->user = User_Adapter::getInstance($row['usr_id'], $this->appbox); + $this->user = User_Adapter::getInstance($row['usr_id'], $this->app); $this->ses_id = (int) $row['session_id']; return $this; @@ -89,7 +91,7 @@ class Session_Authentication_PersistentCookie implements Session_Authentication_ * * @return int */ - public function get_ses_id() + public function getSessionId() { return $this->ses_id; } diff --git a/lib/classes/Session/Authentication/Token.class.php b/lib/classes/Session/Authentication/Token.class.php index 05ccea9e67..5b8f85d994 100644 --- a/lib/classes/Session/Authentication/Token.class.php +++ b/lib/classes/Session/Authentication/Token.class.php @@ -9,6 +9,8 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Application; + /** * * @package Session @@ -19,9 +21,9 @@ class Session_Authentication_Token implements Session_Authentication_Interface { /** * - * @var appbox + * @var Application */ - protected $appbox; + protected $app; /** * @@ -36,15 +38,15 @@ class Session_Authentication_Token implements Session_Authentication_Interface * @param type $token * @return Session_Authentication_Token */ - public function __construct(appbox &$appbox, $token) + public function __construct(Application $app, $token) { - $this->appbox = $appbox; + $this->app = $app; $this->token = $token; try { - $datas = random::helloToken($token); + $datas = random::helloToken($app, $token); $usr_id = $datas['usr_id']; - $this->user = User_Adapter::getInstance($usr_id, $this->appbox); + $this->user = User_Adapter::getInstance($usr_id, $this->app); } catch (Exception_NotFound $e) { throw new Exception_Session_WrongToken(); } diff --git a/lib/classes/Session/Handler.class.php b/lib/classes/Session/Handler.class.php deleted file mode 100644 index ae481061de..0000000000 --- a/lib/classes/Session/Handler.class.php +++ /dev/null @@ -1,717 +0,0 @@ -appbox = $appbox; - $this->init_session_storage(); - - if ($this->is_authenticated()) { - try { - $user = User_Adapter::getInstance($this->get_usr_id(), $appbox); - $this->restore($user, $this->get_ses_id()); - } catch (Exception $e) { - $this->close_phrasea_session(); - } - } - - return $this; - } - - /** - * - * @return Session_Handler - */ - public static function getInstance(appbox &$appbox) - { - if ( ! self::$_instance) { - self::$_instance = new self($appbox); - } - - return self::$_instance; - } - - /** - * - * @return Void - */ - public function logout() - { -// $this->remove_cookies(); - if ( ! $this->is_authenticated()) { - return; - } - - $this->storage()->reset(); - $this->close_phrasea_session(); - - return; - } - - /** - * - * @return Session_Storage_Interface - */ - public function storage() - { - return $this->session_storage; - } - - /** - * Close the session storage. It can't be re-opened after that - * - * @return Session_Handler - */ - public function close_storage() - { - $this->storage()->close(); - - return $this; - } - - /** - * Get the current locale used in this session - * - * @return string - */ - public static function get_locale() - { - return self::get_cookie('locale'); - } - - /** - * Set the locale used in this session - * - * @param string $value under the form i18n_l10n (de_DE, en_US...) - * @return Session_Handler; - */ - public static function set_locale($value) - { - if ((self::isset_cookie('locale') && self::get_cookie('locale') != $value) || ! self::isset_cookie('locale')) - self::set_cookie("locale", $value, 0, false); - } - - /** - * Get the localization code - * - * @return string - */ - public function get_l10n() - { - return array_pop(explode('_', self::get_locale())); - } - - /** - * Gets the internationalization code - * - * @return string - */ - public function get_I18n() - { - return array_shift(explode('_', self::get_locale())); - } - - /** - * Returns wheter or not it's authenticated - * - * @return boolean - */ - public function is_authenticated() - { - return ($this->storage()->has('ses_id') === true && - $this->storage()->has('usr_id') === true); - } - - /** - * Get the usr_id of the owner - * - * @deprecated - * @return int - */ - public function get_usr_id() - { - return $this->storage()->get('usr_id', null); - } - - /** - * Get the ses_id of the owner - * - * @return type - */ - public function get_ses_id() - { - return $this->storage()->get('ses_id', null); - } - - public function isset_postlog() - { - return self::isset_cookie('postlog'); - } - - public function set_postlog() - { - return self::set_cookie('postlog', '1', 0, false); - } - - public function get_postlog() - { - return self::get_cookie('postlog', null); - } - - public function delete_postlog() - { - return self::set_cookie('postlog', '', -5, false); - } - - /** - * Set temporary preference (till the session ends) - * - * @param string $key - * @param mixed $value - * @return Session_Handler - */ - public function set_session_prefs($key, $value) - { - $datas = $this->storage()->get('temp_prefs'); - $datas[$key] = $value; - $this->storage()->set('temp_prefs', $datas); - - return $this; - } - - /** - * - * @param string $key - * @return mixed - */ - public function get_session_prefs($key) - { - $datas = $this->storage()->get('temp_prefs'); - if (isset($datas[$key])) { - return $datas[$key]; - } - - return null; - } - - /** - * - * @param string $name - * @param mixed $default_value - * @return mixed - */ - public static function get_cookie($name, $default_value = null) - { - if (http_request::is_command_line() && isset(self::$_cookie[$name])) { - return self::$_cookie[$name]; - } elseif ( ! http_request::is_command_line() && isset($_COOKIE[$name])) { - return $_COOKIE[$name]; - } elseif ($default_value !== null) { - return $default_value; - } - - return null; - } - - /** - * - * @param string $name - * @param mixed $value - * @param int $avalaibility - * @param boolean $http_only - * @return boolean - */ - public static function set_cookie($name, $value, $avalaibility, $http_only) - { - $https = false; - if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS']) - $https = true; - - $expire = $avalaibility === 0 ? 0 : time() + (int) $avalaibility; - - $http_only = ! ! $http_only; - - if ($avalaibility >= 0) { - if (http_request::is_command_line()) - self::$_cookie[$name] = $value; - else - $_COOKIE[$name] = $value; - } else { - if (http_request::is_command_line() && isset(self::$_cookie[$name])) - unset(self::$_cookie[$name]); - else - unset($_COOKIE[$name]); - } - if ( ! http_request::is_command_line()) { - return setcookie($name, $value, $expire, '/', '', $https, $http_only); - } else { - return true; - } - } - - /** - * - * @param string $name - * @return boolean - */ - public static function isset_cookie($name) - { - if (http_request::is_command_line()) { - return isset(self::$_cookie[$name]); - } - - return isset($_COOKIE[$name]); - } - - public function renew_phrasea_session() - { - if ( ! $this->phrasea_session instanceof Session_Phrasea) - throw new \Exception('No phrasea session available'); - - $this->phrasea_session->close(); - - $user = \User_Adapter::getInstance($this->get_usr_id(), $this->appbox); - - $this->phrasea_session = new Session_Phrasea($this->appbox, $user); - $this->phrasea_session->create(\Browser::getInstance()); - - $this->phrasea_session->open(); - $ses_id = $this->phrasea_session->get_id(); - - $this->storage()->set('usr_id', $user->get_id()); - $this->storage()->set('ses_id', $ses_id); - } - - /** - * Open the phrasea session - * - * @return Session_Handler - */ - public function open_phrasea_session() - { - if ( ! $this->phrasea_session instanceof Session_Phrasea) - throw new \Exception('No phrasea session available'); - - $this->phrasea_session->open(); - - return $this; - } - - /** - * - * @param User_Adapter $user - * @param type $ses_id - */ - public function restore(User_Adapter $user, $ses_id) - { -// if ($this->is_authenticated()) -// $this->close_phrasea_session(); - - $this->phrasea_session = new Session_Phrasea($this->appbox, $user, $ses_id); - $this->phrasea_session->open(); - $ses_id = $this->phrasea_session->get_id(); - $this->storage()->set('usr_id', $user->get_id()); - $this->storage()->set('ses_id', $ses_id); - } - - /** - * Process the authentication - * - * @param Session_Authentication_Interface $auth - * @return Session_Handler - */ - public function authenticate(Session_Authentication_Interface $auth, $persistent = false) - { - if ($this->appbox->get_registry()->get('GV_maintenance')) { - throw new Exception_ServiceUnavailable(); - } - - $conn = $this->appbox->get_connection(); - $browser = Browser::getInstance(); - - $this->send_reminders(); - - $auth->prelog(); - - if ($this->is_authenticated() && $this->get_usr_id() == $auth->get_user()->get_id()) { - return $this; - } - if ($this->is_authenticated() && $this->get_usr_id() != $auth->get_user()->get_id()) { - $this->close_phrasea_session(); - } - - $user = $auth->signOn(); - $usr_id = $user->get_id(); - - $this->phrasea_session = new Session_Phrasea($this->appbox, $user); - $this->phrasea_session->create($browser); - $ses_id = $this->phrasea_session->get_id(); - $this->storage()->set('usr_id', $usr_id); - $this->storage()->set('ses_id', $ses_id); - - $locale = $this->storage()->get('locale', $user->get_locale($usr_id)); - $this->storage()->set('locale', $locale); - $user->ACL()->inject_rights(); - - foreach ($user->ACL()->get_granted_sbas() as $databox) { - Session_Logger::create($databox, $browser, $this, $user); - \cache_databox::insertClient($databox); - } - - $this->set_usr_lastconn($conn, $user->get_id()); - $this->transfer_baskets($user); - $this->delete_postlog(); - - $auth->postlog(); - if ($persistent) { - $this->add_persistent_cookie(); - } - self::set_cookie('last_act', '', -400000, true); - - return $this; - } - - protected function transfer_baskets(\User_Adapter $user) - { - $Core = \bootstrap::getCore(); - - $transferBasks = ($this->isset_postlog() && $this->get_postlog() == '1'); - if ($transferBasks && $user->is_guest() == false && Session_Handler::isset_cookie('invite-usr_id')) { - - $oldusr = self::get_cookie('invite-usr_id'); - - if ($oldusr == $user->get_id()) { - return $this; - } - - $repo = $Core['EM']->getRepository('Entities\Basket'); - $baskets = $repo->findBy(array('usr_id' => $oldusr)); - - foreach ($baskets as $basket) { - $basket->setUsrId($user->get_id()); - $Core['EM']->persist($basket); - } - - $Core['EM']->flush(); - } - - return $this; - } - - protected function set_usr_lastconn(connection_pdo &$conn, $usr_id) - { - $sql = 'UPDATE usr SET last_conn=now(), locale = :locale - WHERE usr_id = :usr_id'; - $stmt = $conn->prepare($sql); - $stmt->execute(array( - ':locale' => self::get_locale(), - ':usr_id' => $usr_id - )); - $stmt->closeCursor(); - } - - public function add_persistent_cookie() - { - $theclient = Browser::getInstance(); - $nonce = random::generatePassword(16); - - $string = $theclient->getBrowser() . '_' . $theclient->getPlatform(); - - $token = User_Adapter::salt_password($string, $nonce); - - $sql = 'UPDATE cache SET nonce = :nonce, token = :token WHERE session_id = :ses_id'; - - $params = array( - ':nonce' => $nonce, - ':ses_id' => $this->get_ses_id(), - ':token' => $token - ); - - $stmt = $this->appbox->get_connection()->prepare($sql); - $stmt->execute($params); - $stmt->closeCursor(); - self::set_cookie('persistent', $token, (30 * 24 * 3600), true); - - return $this; - } - - protected function init_session_storage() - { - $session_name = 'system'; - if (http_request::is_command_line()) { - $this->session_storage = Session_Storage_CommandLine::getInstance($session_name); - } else { - $this->session_storage = Session_Storage_PHPSession::getInstance($session_name); - } - - return $this; - } - - protected function close_phrasea_session() - { - if ($this->phrasea_session instanceof Session_Phrasea) - $this->phrasea_session->close(); - $this->storage()->reset(); - - return $this; - } - - public function remove_cookies() - { - self::set_cookie($this->storage()->getName(), '', -420000, false); - self::set_cookie('last_act', '{}', -420000, true); - self::set_cookie('persistent', '', -420000, true); - - return $this; - } - - /** - * - * @param databox $databox - * @return Session_Logger - */ - public function get_logger(databox $databox) - { - try { - return Session_Logger::load($databox, $this); - } catch (Exception_Session_LoggerNotFound $e) { - $user = null; - $browser = Browser::getInstance(); - - if ($this->is_authenticated()) - $user = User_Adapter::getInstance($this->get_usr_id(), appbox::get_instance(\bootstrap::getCore())); - - return Session_Logger::create($databox, $browser, $this, $user); - } - } - - protected function send_reminders() - { - if ( ! class_exists('eventsmanager_broker')) { - return $this; - } - - $core = bootstrap::getCore(); - - $registry = $core->getRegistry(); - - $date = new DateTime('+' . (int) $registry->get('GV_validation_reminder') . ' days'); - - $eventsMngr = $core['events-manager']; - - $em = $core->getEntityManager(); - /* @var $em \Doctrine\ORM\EntityManager */ - $participantRepo = $em->getRepository('\Entities\ValidationParticipant'); - /* @var $participantRepo \Repositories\ValidationParticipantRepository */ - $participants = $participantRepo->findNotConfirmedAndNotRemindedParticipantsByExpireDate($date); - - foreach ($participants as $participant) { - /* @var $participant \Entities\ValidationParticipant */ - $validationSession = $participant->getSession(); - $participantId = $participant->getUsrId(); - $basketId = $validationSession->getBasket()->getId(); - - try { - $token = \random::getValidationToken($participantId, $basketId); - } catch (\Exception_NotFound $e) { - continue; - } - - $eventsMngr->trigger('__VALIDATION_REMINDER__', array( - 'to' => $participantId, - 'ssel_id' => $basketId, - 'from' => $validationSession->getInitiatorId(), - 'validate_id' => $validationSession->getId(), - 'url' => $registry->get('GV_ServerName') . 'lightbox/validate/' . $basketId . '/?LOG=' . $token - )); - } - - return $this; - } - - public function get_my_sessions() - { - $sql = 'SELECT session_id, lastaccess, ip, platform, browser, screen - , created_on, browser_version, token - FROM cache WHERE usr_id = :usr_id'; - $stmt = $this->appbox->get_connection()->prepare($sql); - $stmt->execute(array(':usr_id' => $this->get_usr_id())); - $rs = $stmt->fetchAll(PDO::FETCH_ASSOC); - $stmt->closeCursor(); - - $geonames = new geonames(); - - foreach ($rs as $k => $row) { - $datas = $geonames->find_geoname_from_ip($row['ip']); - - if ($datas['city']) { - $infos = $datas['city'] . ' (' . $datas['country'] . ')'; - } elseif ($datas['fips']) { - $infos = $datas['fips'] . ' (' . $datas['country'] . ')'; - } elseif ($datas['country']) { - $infos = $datas['country']; - } else { - $infos = ''; - } - $rs[$k]['session_id'] = (int) $rs[$k]['session_id']; - $rs[$k]['ip_infos'] = $infos; - $rs[$k]['created_on'] = new \DateTime($row['created_on']);; - $rs[$k]['lastaccess'] = new \DateTime($row['lastaccess']); - } - - return $rs; - } - - public function set_event_module($app, $enter) - { - $sql = "SELECT app FROM cache WHERE session_id = :ses_id AND usr_id = :usr_id"; - - $stmt = $this->appbox->get_connection()->prepare($sql); - $stmt->execute(array(':ses_id' => $this->get_ses_id(), ':usr_id' => $this->get_usr_id())); - $row = $stmt->fetch(PDO::FETCH_ASSOC); - $stmt->closeCursor(); - - $apps = false; - - if ($row) { - $apps = unserialize($row['app']); - } - if ( ! is_array($apps)) - $apps = array(); - - if ($enter) { - if ($app && ! in_array($app, $apps)) - $apps[] = $app; - } elseif (in_array($app, $apps)) { - unset($apps[$app]); - } - - $ret['apps'] = count($apps); - - $sql = "UPDATE cache SET lastaccess=now(),app = :apps WHERE session_id = :ses_id AND usr_id = :usr_id"; - - $stmt = $this->appbox->get_connection()->prepare($sql); - $stmt->execute(array(':ses_id' => $this->get_ses_id(), ':usr_id' => $this->get_usr_id(), ':apps' => serialize($apps))); - $stmt->closeCursor(); - - return $this; - } - - public static function get_active_sessions() - { - - $conn = connection::getPDOConnection(); - $date_obj = new DateTime('-5 min'); - $time = date("Y-m-d H:i:s", $date_obj->format('U')); - - $sql = "SELECT session_id,app, usr_id, user_agent, ip, lastaccess, - platform, browser, screen, created_on, browser_version, token - FROM cache WHERE lastaccess > :time"; - - $stmt = $conn->prepare($sql); - $stmt->execute(array(':time' => $time)); - $rs = $stmt->fetchAll(PDO::FETCH_ASSOC); - $stmt->closeCursor(); - - $geonames = new geonames(); - - $ret = array( - 'sessions' => array(), - 'applications' => array( - '0' => 0, - '1' => 0, - '2' => 0, - '3' => 0, - '4' => 0, - '5' => 0, - '6' => 0, - '7' => 0, - '8' => 0, - ) - ); - - foreach ($rs as $row) { - - $session = array(); - - $session['browser'] = $row['browser']; - $session['browser_version'] = $row['browser_version']; - $session['session_id'] = $row['session_id']; - $session['user_agent'] = $row['user_agent']; - $session['ip'] = $row['ip']; - $session['screen'] = $row['screen']; - $session['platform'] = $row['platform']; - $session['created_on'] = new DateTime($row['created_on']); - $session['lastaccess'] = new DateTime($row['lastaccess']); - $session['token'] = ! ! $row['token']; - $session['user'] = User_Adapter::getInstance($row['usr_id'], appbox::get_instance(\bootstrap::getCore())); - $session["app"] = (array) unserialize($row["app"]); - - foreach ($session["app"] as $app) { - if (isset($ret['applications'][$app])) { - $ret['applications'][$app] ++; - } - } - - $datas = $geonames->find_geoname_from_ip($row['ip']); - - if ($datas['city']) { - $infos = $datas['city'] . ' (' . $datas['country'] . ')'; - } elseif ($datas['fips']) { - $infos = $datas['fips'] . ' (' . $datas['country'] . ')'; - } elseif ($datas['country']) { - $infos = $datas['country']; - } else { - $infos = ''; - } - - $session['ip_infos'] = $infos; - - $ret['sessions'][] = $session; - } - - return $ret; - } -} - diff --git a/lib/classes/Session/Logger.class.php b/lib/classes/Session/Logger.class.php index 5c8fb00e19..96bea4b0b6 100644 --- a/lib/classes/Session/Logger.class.php +++ b/lib/classes/Session/Logger.class.php @@ -9,6 +9,8 @@ * file that was distributed with this source code. */ +use Alchemy\Phrasea\Application; + /** * * @package Session @@ -28,6 +30,7 @@ class Session_Logger * @var databox */ protected $databox; + protected $app; const EVENT_DELETE = 'delete'; const EVENT_EDIT = 'edit'; @@ -47,8 +50,9 @@ class Session_Logger * @param int $log_id * @return Session_Logger */ - public function __construct(databox &$databox, $log_id) + public function __construct(Application $app, databox &$databox, $log_id) { + $this->app = $app; $this->databox = $databox; $this->id = (int) $log_id; @@ -89,18 +93,17 @@ class Session_Logger /** * * @param databox $databox - * @param Session_Phrasea $session * @param User_Adapter $user * @param Browser $browser * @return Session_Logger */ - public static function create(databox &$databox, Browser &$browser, Session_Handler $session, User_Adapter &$user = null) + public static function create(Application $app, databox &$databox, Browser &$browser) { $colls = array(); - $registry = registry::get_instance(); + $registry = $app['phraseanet.registry']; - if ($user) { - $bases = $user->ACL()->get_granted_base(array(), array($databox->get_sbas_id())); + if ($app['phraseanet.user']) { + $bases = $app['phraseanet.user']->ACL()->get_granted_base(array(), array($databox->get_sbas_id())); foreach ($bases as $collection) { $colls[] = $collection->get_coll_id(); } @@ -116,10 +119,10 @@ class Session_Logger , :user_agent, :appli, :fonction, :company, :activity, :country)"; $params = array( - ':ses_id' => $session->get_ses_id(), - ':usr_login' => $user ? $user->get_login() : null, - ':site_id' => $registry->get('GV_sit'), - ':usr_id' => $user ? $user->get_id() : null, + ':ses_id' => $app['session']->get('phrasea_session_id'), + ':usr_login' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_login() : null, + ':site_id' => $app['phraseanet.registry']->get('GV_sit'), + ':usr_id' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_id() : null, ':coll_list' => implode(',', $colls), ':browser' => $browser->getBrowser(), ':browser_version' => $browser->getExtendedVersion(), @@ -128,10 +131,10 @@ class Session_Logger ':ip' => $browser->getIP(), ':user_agent' => $browser->getUserAgent(), ':appli' => serialize(array()), - ':fonction' => $user ? $user->get_job() : null, - ':company' => $user ? $user->get_company() : null, - ':activity' => $user ? $user->get_position() : null, - ':country' => $user ? $user->get_country() : null + ':fonction' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_job() : null, + ':company' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_company() : null, + ':activity' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_position() : null, + ':country' => $app['phraseanet.user'] ? $app['phraseanet.user']->get_country() : null ); $stmt = $databox->get_connection()->prepare($sql); @@ -140,12 +143,12 @@ class Session_Logger $log_id = $databox->get_connection()->lastInsertId(); $stmt->closeCursor(); - return new Session_Logger($databox, $log_id); + return new Session_Logger($app, $databox, $log_id); } - public static function load(databox $databox, Session_Handler $session) + public static function load(Application $app, databox $databox) { - if ( ! $session->is_authenticated()) { + if ( ! $app->isAuthenticated()) { throw new Exception_Session_LoggerNotFound('Not authenticated'); } @@ -154,7 +157,7 @@ class Session_Logger $params = array( ':site' => $databox->get_registry()->get('GV_sit') - , ':ses_id' => $session->get_ses_id() + , ':ses_id' => $app['session']->get('phrasea_session_id') ); $stmt = $databox->get_connection()->prepare($sql); @@ -165,6 +168,6 @@ class Session_Logger if ( ! $row) throw new Exception_Session_LoggerNotFound('Logger not found'); - return new self($databox, $row['id']); + return new self($app, $databox, $row['id']); } } diff --git a/lib/classes/Session/Phrasea.class.php b/lib/classes/Session/Phrasea.class.php deleted file mode 100644 index 460bafac73..0000000000 --- a/lib/classes/Session/Phrasea.class.php +++ /dev/null @@ -1,181 +0,0 @@ -clear_sessions(); - $this->appbox = $appbox; - $this->user = $user; - $this->ses_id = $ses_id; - - return $this; - } - - /** - * - * @return int - */ - public function get_id() - { - return $this->ses_id; - } - - /** - * - * @param Browser $browser - * @return Session_Phrasea - */ - public function create(Browser &$browser) - { - if ($this->ses_id) - throw new Exception_Session_AlreadyCreated(); - if ( ! $this->user) - throw new Exception_Session_Closed('You have to create a new Phrasea session with the new user'); - - if (($ses_id = phrasea_create_session($this->user->get_id())) === false) - throw new Exception_InternalServerError(); - - $this->ses_id = $ses_id; - - $this->update_informations($this->appbox, $browser); - - return $this; - } - - /** - * - * @param appbox $appbox - * @param Browser $browser - * @param Array $logs - */ - protected function update_informations(appbox &$appbox, Browser &$browser) - { - $sql = "UPDATE cache SET - user_agent = :user_agent, ip = :ip, platform = :platform, - browser = :browser, - screen = :screen, browser_version = :browser_version - WHERE session_id = :ses_id"; - $stmt = $appbox->get_connection()->prepare($sql); - $stmt->execute( - array( - ':user_agent' => $browser->getUserAgent(), - ':ip' => $browser->getIP(), - ':platform' => $browser->getPlatform(), - ':browser' => $browser->getBrowser(), - ':screen' => $browser->getScreenSize(), - ':browser_version' => $browser->getExtendedVersion(), - ':ses_id' => $this->ses_id - ) - ); - $stmt->closeCursor(); - } - - /** - * - * @return Session_Phrasea - */ - public function open() - { - if ( ! $this->user instanceof User_Adapter) - throw new Exception_Session_Closed(); - if ( ! phrasea_open_session($this->ses_id, $this->user->get_id())) - throw new Exception_Session_Closed(); - - return $this; - } - - /** - * - * @return Session_Phrasea - */ - public function close() - { - phrasea_close_session($this->ses_id); - $this->ses_id = null; - $this->user = null; - - return $this; - } -// /** -// * -// * @param type $usr_id -// */ -// public static function get_actives_by_usr_id($usr_id) -// { -// -// } -// -// public static function get_actives() -// { -// -// } - - /** - * - * @return Session_Phrasea - */ - protected function clear_sessions() - { - - $conn = connection::getPDOConnection(); - $registry = registry::get_instance(); - - $sql = "SELECT session_id FROM cache - WHERE (lastaccess < DATE_SUB(NOW(), INTERVAL 1 MONTH) AND token IS NOT NULL) - OR (lastaccess < DATE_SUB(NOW(), INTERVAL 30 MINUTE) AND token IS NULL)"; - - $stmt = $conn->prepare($sql); - $stmt->execute(); - $rs = $stmt->fetchAll(PDO::FETCH_ASSOC); - $stmt->closeCursor(); - - foreach ($rs as $row) { - phrasea_close_session($row['session_id']); - } - - $date_two_day = new DateTime('+' . (int) $registry->get('GV_validation_reminder') . ' days'); - - return $this; - } -} diff --git a/lib/classes/Session/Storage/Abstract.class.php b/lib/classes/Session/Storage/Abstract.class.php deleted file mode 100644 index ff588e3b8e..0000000000 --- a/lib/classes/Session/Storage/Abstract.class.php +++ /dev/null @@ -1,48 +0,0 @@ -open = false; - - return $this; - } - - /** - * - * @return Session_Storage_Abstract - */ - protected function require_open_storage() - { - if ( ! $this->open) - throw new Exception_Session_StorageClosed (); - - return $this; - } -} diff --git a/lib/classes/Session/Storage/CommandLine.class.php b/lib/classes/Session/Storage/CommandLine.class.php deleted file mode 100644 index d78801b63f..0000000000 --- a/lib/classes/Session/Storage/CommandLine.class.php +++ /dev/null @@ -1,150 +0,0 @@ -require_open_storage(); - - return self::$_cli_storage[self::$_name][$key] = $value; - } - - /** - * - * @param string $key - * @return boolean - */ - public function remove($key) - { - $retval = null; - $this->require_open_storage(); - - if (isset(self::$_cli_storage[self::$_name][$key])) { - $retval = self::$_cli_storage[self::$_name][$key]; - unset(self::$_cli_storage[self::$_name][$key]); - } - - return $retval; - } - - /** - * Return PHP session name - * - * @return string - */ - public function getName() - { - return 'commandLine'; - } - - /** - * Return PHP session Id - * - * @return string - */ - public function getId() - { - return 'commandLine'; - } - - public function reset() - { - self::$_cli_storage[self::$_name] = array(); - - return; - } - - /** - * - * @return Void - */ - public function destroy() - { - unset(self::$_cli_storage[self::$_name]); - - return; - } -} diff --git a/lib/classes/Session/Storage/Interface.class.php b/lib/classes/Session/Storage/Interface.class.php deleted file mode 100644 index b9fbcd46af..0000000000 --- a/lib/classes/Session/Storage/Interface.class.php +++ /dev/null @@ -1,55 +0,0 @@ -name = $session_name; - $this->start(); - - return $this; - } - - /** - * - * @return Session_Storage_PHPSession - */ - protected function start() - { - session_cache_limiter(''); - session_name($this->name); - session_start(); - - $this->open = true; - - return $this; - } - - /** - * - * @return Session_Storage_PHPSession - */ - public function close() - { - if ($this->open) { - session_write_close(); - } - parent::close(); - - return $this; - } - - /** - * - * @param string $key - * @return mixed - */ - public function has($key) - { - return isset($_SESSION[$key]); - } - - /** - * - * @param string $key - * @return mixed - */ - public function get($key, $default_value = null) - { - return isset($_SESSION[$key]) ? $_SESSION[$key] : $default_value; - } - - public function set($key, $value) - { - $this->require_open_storage(); - $_SESSION[$key] = $value; - - return $this; - } - - public function remove($key) - { - $this->require_open_storage(); - if (isset($_SESSION[$key])) - unset($_SESSION[$key]); - - return $this; - } - - /** - * Return PHP session name - * - * @return string - */ - public function getName() - { - return session_name(); - } - - /** - * Return PHP session Id - * - * @return - */ - public function getId() - { - return session_id(); - } - - public function reset() - { - $_SESSION = array(); - - return $this; - } - - /** - * - * @return Void - */ - public function destroy() - { - session_destroy(); - $this->open = false; - - return; - } -}