From: konrad <konrad@6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33>
Date: Sun, 23 Jan 2011 20:34:33 +0000 (+0000)
Subject: web session: add _web user;
X-Git-Url: http://git.silmor.de/gitweb/?a=commitdiff_plain;h=55b31b81b224f34acd7817f5691170778ad1f5f9;p=web%2Fkonrad%2Fsmoke.git

web session: add _web user;
align user name regexp with old version


git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@716 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33
---

diff --git a/www/inc/machine/muser.php b/www/inc/machine/muser.php
index 5601424..41255ab 100644
--- a/www/inc/machine/muser.php
+++ b/www/inc/machine/muser.php
@@ -19,7 +19,7 @@ class MachineUser
 			return;
 		}
 		//verify syntax
-		if(!preg_match("/^[a-zA-Z]([a-zA-Z_\\.-]*)$/",$trans->getusername())){
+		if(!preg_match("/^[a-zA-Z]([a-zA-Z_\\.,:-]*)$/",$trans->getusername())){
 			$trans->abortWithError(tr("Username is invalid."));
 			return;
 		}
diff --git a/www/inc/machine/session.php b/www/inc/machine/session.php
index 9117733..d1215e5 100644
--- a/www/inc/machine/session.php
+++ b/www/inc/machine/session.php
@@ -14,24 +14,20 @@ class Session
 {
 	protected $sessid="";
 	protected $user="";
-	protected $roles;
-	protected $rights;
-	protected $flags;
+	protected $roles=array();
+	protected $rights=array();
+	protected $flags=array();
 	
 	/**construct the session object, check validity*/
 	public function __construct($trans)
 	{
 		global $db,$session;
-		$this->roles=array();
-		$this->rights=array();
-		$this->flags=array();
 		$sid=$trans->getHeader("SessionId");
 		$res=$db->select("session","sessionid,uname","sessionid=".$db->escapeString($sid));
 		if(count($res)>0){
 			$this->sessid=$sid;
 			$this->user=$res[0]["uname"];
 			$this->initRights();
-			$this->initFlags();
 		}
 		$session=$this;
 	}
@@ -59,38 +55,32 @@ class Session
 		$session=new DummyWebSession;
 	}
 	
-	/**internal: retrieve and remember the rights of this user*/
+	/**internal: retrieve and remember the rights, roles, and flags of this user*/
 	protected function initRights()
 	{
 		global $db;
+		//get roles
 		$res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
 		for($i=0;$i<count($res);$i++){
 			$this->roles[]=$res[$i][0];
-			$res2=$db->select("roleright","rightname","rolename=".$db->escapeString($res[$i][0]));
-			for($j=0;$j<count($res2);$j++)
-				$this->rights[]=$res2[$j][0];
 		}
-	}
-	
-	/**internal: retrieve and remember the flags of this user*/
-	protected function initFlags()
-	{
-		global $db;
-		#user flags
-		$this->flags=array();
+		//get rights
+		$res=$db->select("roleright","rightname","rolename IN ".$db->escapeStringList($this->roles));
+		for($j=0;$j<count($res);$j++)
+			$this->rights[]=$res[$j][0];
+		//get flags
+		//user flags
 		$res=$db->select("user","uname,flags","uname=".$db->escapeString($this->user));
 		if(count($res)>0)
-			$this->flags=explode(" ",$res[0]['flags']);
-		#role flags
-		$res=$db->select("userrole","role","uname=".$db->escapeString($this->user));
-		for($i=0;$i<count($res);$i++){
-			$res2=$db->select("role","flags","rolename=".$db->escapeString($res[$i][0]));
-			if(count($res2)>0){
-				foreach(explode(" ",$res2[0][0]) as $f)
-					if(!in_array($f,$this->flags))
-						$this->flags[]=$f;
-			}
-		}
+			foreach(explode(" ",$res[0]['flags']) as $f)
+				if(!in_array($f,$this->flags))
+					$this->flags[]=$f;
+		//role flags
+		$res=$db->select("role","flags","rolename IN ".$db->escapeStringList($this->roles));
+		for($j=0;$j<count($res);$j++)
+			foreach(explode(" ",$res[$j][0]) as $f)
+				if(!in_array($f,$this->flags))
+					$this->flags[]=$f;
 	}
 	
 	/**returns all rights of this user*/
@@ -266,24 +256,16 @@ class DummyWebSession extends Session
 {
 	public function __construct()
 	{
+		//DO NOT call parent constructor:
+		// it would try to verify the session and deny us access
 		global $db;
-		//there is no real user for web (so far)
-		$this->user="(web)";
-		//fake web role, web pages check for it
-		$this->roles=array("_web");
-		$this->flags=array("_web");
-		//get rights
-		$this->rights=array();
-		$res2=$db->select("roleright","rightname","rolename='_web'");
-		for($j=0;$j<count($res2);$j++)
-			$this->rights[]=$res2[$j][0];
-		//get flags
-		$res2=$db->select("role","flags","rolename='_web'");
-		if(count($res2)>0){
-			foreach(explode(" ",$res2[0][0]) as $f)
-				if(!in_array($f,$this->flags))
-					$this->flags[]=$f;
-		}
+		//there is often no real user for web (so we enforce it)
+		$this->user="_web";
+		//fake web role and flag, some objects check for it
+		$this->roles[]="_web";
+		$this->flags[]="_web";
+		//load rights, roles, etc.
+		$this->initRights();
 	}
 }