From 55b31b81b224f34acd7817f5691170778ad1f5f9 Mon Sep 17 00:00:00 2001 From: konrad Date: Sun, 23 Jan 2011 20:34:33 +0000 Subject: [PATCH] web session: add _web user; align user name regexp with old version git-svn-id: https://silmor.de/svn/softmagic/smoke/trunk@716 6e3c4bff-ac9f-4ac1-96c5-d2ea494d3e33 --- www/inc/machine/muser.php | 2 +- www/inc/machine/session.php | 76 ++++++++++++++++-------------------------- 2 files changed, 30 insertions(+), 48 deletions(-) diff --git a/www/inc/machine/muser.php b/www/inc/machine/muser.php index 5601424..41255ab 100644 --- a/www/inc/machine/muser.php +++ b/www/inc/machine/muser.php @@ -19,7 +19,7 @@ class MachineUser return; } //verify syntax - if(!preg_match("/^[a-zA-Z]([a-zA-Z_\\.-]*)$/",$trans->getusername())){ + if(!preg_match("/^[a-zA-Z]([a-zA-Z_\\.,:-]*)$/",$trans->getusername())){ $trans->abortWithError(tr("Username is invalid.")); return; } diff --git a/www/inc/machine/session.php b/www/inc/machine/session.php index 9117733..d1215e5 100644 --- a/www/inc/machine/session.php +++ b/www/inc/machine/session.php @@ -14,24 +14,20 @@ class Session { protected $sessid=""; protected $user=""; - protected $roles; - protected $rights; - protected $flags; + protected $roles=array(); + protected $rights=array(); + protected $flags=array(); /**construct the session object, check validity*/ public function __construct($trans) { global $db,$session; - $this->roles=array(); - $this->rights=array(); - $this->flags=array(); $sid=$trans->getHeader("SessionId"); $res=$db->select("session","sessionid,uname","sessionid=".$db->escapeString($sid)); if(count($res)>0){ $this->sessid=$sid; $this->user=$res[0]["uname"]; $this->initRights(); - $this->initFlags(); } $session=$this; } @@ -59,38 +55,32 @@ class Session $session=new DummyWebSession; } - /**internal: retrieve and remember the rights of this user*/ + /**internal: retrieve and remember the rights, roles, and flags of this user*/ protected function initRights() { global $db; + //get roles $res=$db->select("userrole","role","uname=".$db->escapeString($this->user)); for($i=0;$iroles[]=$res[$i][0]; - $res2=$db->select("roleright","rightname","rolename=".$db->escapeString($res[$i][0])); - for($j=0;$jrights[]=$res2[$j][0]; } - } - - /**internal: retrieve and remember the flags of this user*/ - protected function initFlags() - { - global $db; - #user flags - $this->flags=array(); + //get rights + $res=$db->select("roleright","rightname","rolename IN ".$db->escapeStringList($this->roles)); + for($j=0;$jrights[]=$res[$j][0]; + //get flags + //user flags $res=$db->select("user","uname,flags","uname=".$db->escapeString($this->user)); if(count($res)>0) - $this->flags=explode(" ",$res[0]['flags']); - #role flags - $res=$db->select("userrole","role","uname=".$db->escapeString($this->user)); - for($i=0;$iselect("role","flags","rolename=".$db->escapeString($res[$i][0])); - if(count($res2)>0){ - foreach(explode(" ",$res2[0][0]) as $f) - if(!in_array($f,$this->flags)) - $this->flags[]=$f; - } - } + foreach(explode(" ",$res[0]['flags']) as $f) + if(!in_array($f,$this->flags)) + $this->flags[]=$f; + //role flags + $res=$db->select("role","flags","rolename IN ".$db->escapeStringList($this->roles)); + for($j=0;$jflags)) + $this->flags[]=$f; } /**returns all rights of this user*/ @@ -266,24 +256,16 @@ class DummyWebSession extends Session { public function __construct() { + //DO NOT call parent constructor: + // it would try to verify the session and deny us access global $db; - //there is no real user for web (so far) - $this->user="(web)"; - //fake web role, web pages check for it - $this->roles=array("_web"); - $this->flags=array("_web"); - //get rights - $this->rights=array(); - $res2=$db->select("roleright","rightname","rolename='_web'"); - for($j=0;$jrights[]=$res2[$j][0]; - //get flags - $res2=$db->select("role","flags","rolename='_web'"); - if(count($res2)>0){ - foreach(explode(" ",$res2[0][0]) as $f) - if(!in_array($f,$this->flags)) - $this->flags[]=$f; - } + //there is often no real user for web (so we enforce it) + $this->user="_web"; + //fake web role and flag, some objects check for it + $this->roles[]="_web"; + $this->flags[]="_web"; + //load rights, roles, etc. + $this->initRights(); } } -- 1.7.2.5