projects / Pman.Core / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
DataObjects/I18n.php
[Pman.Core] / DataObjects / Person.php
diff --git a/DataObjects/Person.php b/DataObjects/Person.php
index 8d3a809..a595cf8 100644 (file)
--- a/DataObjects/Person.php
+++ b/DataObjects/Person.php
@@ -240,7 +240,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
             // force a logout - without a check on the isAuth - as this is called from there..
             $db = $this->getDatabaseConnection();
             $sesPrefix = $ff->appNameShort .'-'.get_class($this) .'-'.$db->dsn['database'] ;
-            $_SESSION[__CLASS__][$sesPrefix .'-auth'] = "";
+            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
             return false;
             
             $ff->page->jerr("Login not permited to outside companies");
@@ -253,6 +253,10 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
     //   ---------------- authentication / passwords and keys stuff  ----------------
     function isAuth()
     {
+        
+        @session_start();
+       
+        
         $db = $this->getDatabaseConnection();
         // we combine db + project names,
         // otherwise if projects use different 'auth' objects
@@ -261,31 +265,35 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         $sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
         
         
-        @session_start();
          
-        if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) {
+        if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
             // in session...
-            $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+            $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
-            $u = DB_DataObject::factory('Person');
-            if ($u->get($a->id)) { //&& strlen($u->passwd)) {
+            
+            $u = DB_DataObject::factory($this->tableName());
+            if ($a->id && $u->get($a->id)) { //&& strlen($u->passwd)) {
               
                 return $u->verifyAuth();
                 
-   
-                return true;
+    
             }
             
-            unset($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+            unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
         }
+        if (!$this->canInitializeSystem()) {
+            return false;
+        }
+        
+        
         // local auth - 
         $default_admin = false;
         if (!empty($ff->Pman['local_autoauth']) && 
             ($ff->Pman['local_autoauth'] === true) &&
             (!empty($_SERVER['SERVER_ADDR'])) &&
             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
-            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')
+            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  
         ) {
             $group = DB_DataObject::factory('Groups');
             $group->get('name', 'Administrators');
@@ -310,10 +318,10 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         if (!empty($ff->Pman['local_autoauth']) && 
             (!empty($_SERVER['SERVER_ADDR'])) &&
             ($_SERVER['SERVER_ADDR'] == '127.0.0.1') &&
-            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1') &&
+            ($_SERVER['REMOTE_ADDR'] == '127.0.0.1')  &&
             ($default_admin ||  $u->get('email', $ff->Pman['local_autoauth']))
         ) {
-            $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
+            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($default_admin ? $default_admin : $u);
             return true;
         }
            
@@ -328,7 +336,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
             &&
             $u->checkPassword($_SERVER['PHP_AUTH_PW'])
            ) {
-            $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($u);
+            $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize($u);
             return true; 
         }
         //var_dump(session_id());
@@ -342,7 +350,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         $u = DB_DataObject::factory('Person');
         $u->whereAdd(' LENGTH(passwd) > 0');
         $n = $u->count();
-        $_SESSION[__CLASS__][$sesPrefix .'-empty']  = $n;
+        $_SESSION[get_class($this)][$sesPrefix .'-empty']  = $n;
         $error =  PEAR::getStaticProperty('DB_DataObject','lastError');
         if ($error) {
             die($error->toString()); // not really a good thing to do...
@@ -354,6 +362,12 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         return false;
         
     }
+    
+    function canInitializeSystem()
+    {
+        return !strcasecmp(get_class($this) , __CLASS__);
+    }
+    
     function getAuthUser()
     {
         if (!$this->isAuth()) {
@@ -363,27 +377,38 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         
         $ff= HTML_FlexyFramework::get();
         $sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
         
         
-        if (!empty($_SESSION[__CLASS__][$sesPrefix .'-auth'])) {
-            $a = unserialize($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+        //var_dump(array(get_class($this),$sesPrefix .'-auth'));
+       
+        if (!empty($_SESSION[get_class($this)][$sesPrefix .'-auth'])) {
+            $a = unserialize($_SESSION[get_class($this)][$sesPrefix .'-auth']);
             
-            $u = DB_DataObject::factory('Person');
-            if ($u->get($a->id)) { /// && strlen($u->passwd)) {
+            
+            $u = DB_DataObject::factory($this->tableName()); // allow extending this ...
+            $u->autoJoin();
+            if ($u->get($a->id)) { /// && strlen($u->passwd)) {  // should work out the pid .. really..
                 return clone($u);
             }
-            unset($_SESSION[__CLASS__][$sesPrefix .'-auth']);
+            unset($_SESSION[get_class($this)][$sesPrefix .'-auth']);
         }
         
-        if (empty(   $_SESSION[__CLASS__][$sesPrefix .'-empty'] )) {
+        
+        
+        if (!$this->canInitializeSystem()) {
+            return false;
+        }
+        
+        
+        
+        if (empty(   $_SESSION[get_class($this)][$sesPrefix .'-empty'] )) {
             $u = DB_DataObject::factory('Person');
             $u->whereAdd(' LENGTH(passwd) > 0');
-            $_SESSION[__CLASS__][$sesPrefix .'-empty']  = $u->count();
+            $_SESSION[get_class($this)][$sesPrefix .'-empty']  = $u->count();
         }
                 
              
-        if (isset(   $_SESSION[__CLASS__][$sesPrefix .'-empty'] ) && $_SESSION[__CLASS__][$sesPrefix .'-empty']  < 1) {
+        if (isset(   $_SESSION[get_class($this)][$sesPrefix .'-empty'] ) && $_SESSION[get_class($this)][$sesPrefix .'-empty']  < 1) {
             
             // fake person - open system..
             //$ce = DB_DataObject::factory('core_enum');
@@ -408,7 +433,7 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
     function login()
     {
         $this->isAuth(); // force session start..
-        if (!$this->verifyAuth()) {
+        if (!$this->verifyAuth()) { // check for company valid..
             return false;
         }
         $db = $this->getDatabaseConnection();
@@ -432,8 +457,16 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         $ff= HTML_FlexyFramework::get();
         $sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
 
-
-        $_SESSION[__CLASS__][$sesPrefix .'-auth'] = serialize($this);
+        
+        // we should not store the whole data in the session - otherwise it get's huge.
+        $p = DB_DAtaObject::Factory($this->tableName());
+        $p->get($this->pid());
+        
+        //var_dump(array(get_class($this),$sesPrefix .'-auth'));
+        $_SESSION[get_class($this)][$sesPrefix .'-auth'] = serialize((object)$p->toArray());
+        // ensure it's written so that ajax calls can fetch it..
+        
+        
         
     }
     function logout()
@@ -442,12 +475,11 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         $db = $this->getDatabaseConnection();
         $ff= HTML_FlexyFramework::get();
         $sesPrefix = $ff->appNameShort .'-' .get_class($this) .'-'.$db->dsn['database'] ;
-
-        $_SESSION[__CLASS__][$sesPrefix .'-auth'] = "";
-       
         
+         $_SESSION[get_class($this)][$sesPrefix .'-auth'] = "";
        
         
+        
     }    
     function genPassKey ($t) 
     {
@@ -463,11 +495,13 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
     {
         
         if (substr($this->passwd,0,1) == '$') {
+            
             return crypt($val,$this->passwd) == $this->passwd ;
         }
         // old style md5 passwords...- cant be used with courier....
         return md5($val) == $this->passwd;
     }
+    
     function setPassword($value) 
     {
         $salt='';
@@ -962,6 +996,22 @@ class Pman_Core_DataObjects_Person extends DB_DataObject
         return false;
     }
     
+    function beforeInsert($req, $roo)
+    {
+        $p = DB_DataObject::factory('person');
+        if ($roo->authUser->id > -1 ||  $p->count() > 1) {
+            return;
+        }
+        $c = DB_DAtaObject::Factory('Companies');
+        $tc =$c->count();
+        if (!$tc || $tc> 1) {
+            $roo->jerr("can not create initial user as multiple companies already exist");
+        }
+        $c->find(true);
+        $this->company_id = $c->id;
+        
+    }
+    
     function onInsert($req, $roo)
     {
          
Pman Core