Para crear el adaptador para los roles, usaremos como ejemplo la carpeta Auth que se encuentra en el proyecto Klear Interval (web/library/KlearIntervallib/Auth). En la carpeta Auth intentaremos tener la siguiente estructura:
KlearIntervallib/
└── Auth/
├── Adapter.php
├── Model/
│ └── User.php
└── Users.php
Atención
Lo siguiente que viene son los contenidos de cada archivo: Adapter.php, Users.php y User.php. Después de copiarlo, asegurarse que los nombres KlearIntervarlib o KlearInterval se adapte a su proyecto.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 | <?php
class KlearIntervallib_Auth_Adapter implements \Klear_Auth_Adapter_KlearAuthInterface
{
protected $_username;
protected $_password;
protected $_userId;
protected $_userMapper;
/**
*
* @var Klear_Auth_Adapter_Interfaces_BasicUserModel
*/
protected $_user;
public function __construct(Zend_Controller_Request_Abstract $request, Klear_Model_ConfigParser $authConfig = null)
{
$this->_username = $request->getPost('username', '');
$this->_password = $request->getPost('password', '');
$this->_initUserMapper($authConfig);
}
protected function _initUserMapper(Klear_Model_ConfigParser $authConfig = null)
{
if ($authConfig->exists('userMapper')) {
$userMapperName = $authConfig->getProperty('userMapper');
} else {
// TODO: Log auth fallback info message;
$userMapperName = '\Klear_Model_Mapper_Users';
}
$this->_userMapper = new $userMapperName;
if (!$this->_userMapper instanceof Klear_Auth_Adapter_Interfaces_BasicUserMapper) {
throw new \Exception('Auth userMapper must implement Klear_Auth_Adapter_BasicUserInterface');
}
}
public function authenticate()
{
try {
$user = $this->_userMapper->findByLogin($this->_username);
if ($this->_userHasValidCredentials($user) ) {
$this->_user = $user;
$authResult = Zend_Auth_Result::SUCCESS;
$authMessage = array("message"=>"Welcome!");
} else {
$authResult = Zend_Auth_Result::FAILURE_CREDENTIAL_INVALID;
$authMessage = array("message"=>"Usuario o contraseña incorrectos.");
}
return new Zend_Auth_Result($authResult, $this->_username, $authMessage);
} catch (Exception $e) {
$authResult = Zend_Auth_Result::FAILURE_UNCATEGORIZED;
$authMessage['message'] = $e->getMessage();
return new Zend_Auth_Result($authResult, $this->_username, $authMessage);
}
}
protected function _userHasValidCredentials(Klear_Auth_Adapter_Interfaces_BasicUserModel $user = null)
{
if (!is_null($user)) {
$hash = $user->getPassword();
if ($user->isActive() && $this->_checkPassword($this->_password, $hash)) {
return true;
}
}
return false;
}
protected function _checkPassword($clearPass, $hash)
{
$hashParts = explode('$', trim($hash, '$'), 2);
switch ($hashParts[0]) {
case '1': //md5
list(,,$salt,) = explode("$", $hash);
$salt = '$1$' . $salt . '$';
break;
case '5': //sha
list(,,$rounds,$salt,) = explode("$", $hash);
$salt = '$5$' . $rounds . '$' . $salt . '$';
break;
case '2a': //blowfish
$salt = substr($hash, 0, 29);
break;
}
$res = crypt($clearPass, $salt . '$');
return $res == $hash;
}
public function saveStorage()
{
$auth = Zend_Auth::getInstance();
$authStorage = $auth->getStorage();
$this->_user->readWrite = false;
$this->_user->readOnly = false;
$authStorage->write($this->_user);
}
}
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | <?php
use \KlearInterval\Mapper\Sql\KlearUsers as KlearUsersMapper;
class KlearIntervallib_Auth_Users implements Klear_Auth_Adapter_Interfaces_BasicUserMapper
{
protected $_dbTable;
/**
*
* @var \Domoalert\Model\KlearUsers
*/
protected $_atezateUser;
public function __construct()
{
$this->_dbTable = new Klear_Model_DbTable_Users();
}
public function findByLogin($login)
{
$select = $this->_dbTable->select()->where('login = ?', $login);
$row = $this->_dbTable->fetchRow($select);
if ($row) {
$user = new KlearIntervallib_Auth_Model_User();
return $this->_poblateUser($user, $row);
}
return null;
}
protected function _poblateUser(Klear_Model_User $user, Zend_Db_Table_Row $row)
{
$user->setId($row->userId);
$user->setLogin($row->login);
$user->setEmail($row->email);
$user->setPassword($row->pass);
$user->setActive($row->active);
$userMapper = new KlearUsersMapper();
$this->_atezateUser = $userMapper->findOneByField('userId', $row->userId);
$roles = $this->_atezateUser->getKlearUsersRoles();
$aSections = array();
foreach ($roles as $rol) {
$secs = $rol->getKlearRole()->getKlearRolesSections();
foreach ($secs as $sec) {
$aSections[] = $sec->getKlearSection()->getIdentifier();
}
}
array_unique($aSections);
$user->setUserAccessSections($aSections);
if ($user->getId() == '1') {
$user->setAdministrator(true);
}
return $user;
}
}
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 | <?php
class KlearIntervallib_Auth_Model_User extends Klear_Model_User
{
protected $_administrator = false;
protected $_accessSections;
public function setUserAccessSections($data)
{
$this->access = $data;
$this->_accessSections = $data;
return $this;
}
public function getUserAccessSections()
{
return $this->_accessSections;
}
public function setAdministrator($data)
{
$this->_administrator = $data;
return $this;
}
public function getAdministrator()
{
return $this->_administrator;
}
}
|
Añadir en el klear.yaml en la sección Auth. El siguiente código:
auth:
userMapper: KlearIntervallib_Auth_Users
adapter: KlearIntervallib_Auth_Adapter
title: _("Access denied")
description: _("Insert your username")
session:
name: klear_interval
disableChangeName: true