From dfdbc1db85946c7e87576d92ea961f6576661e5d Mon Sep 17 00:00:00 2001 From: Kijin Sung Date: Fri, 10 Feb 2017 20:50:38 +0900 Subject: [PATCH] Add session helper class and move remainder of session validation logic to Session class --- classes/context/Context.class.php | 16 +--- common/framework/helpers/sessionhelper.php | 101 +++++++++++++++++++++ common/framework/session.php | 27 +++--- modules/member/member.controller.php | 17 +--- modules/member/member.model.php | 41 ++------- 5 files changed, 130 insertions(+), 72 deletions(-) create mode 100644 common/framework/helpers/sessionhelper.php diff --git a/classes/context/Context.class.php b/classes/context/Context.class.php index 449bf7edc..5a5b13820 100644 --- a/classes/context/Context.class.php +++ b/classes/context/Context.class.php @@ -347,24 +347,14 @@ class Context ob_start(); // set authentication information in Context and session - if(self::isInstalled()) + if (self::isInstalled()) { $oModuleModel = getModel('module'); $oModuleModel->loadModuleExtends(); - $oMemberModel = getModel('member'); - $oMemberController = getController('member'); - - if($oMemberController && $oMemberModel) + if (Rhymix\Framework\Session::getMemberSrl()) { - // if signed in, validate it. - if(Rhymix\Framework\Session::getMemberSrl()) - { - $oMemberController->setSessionInfo(); - } - - self::set('is_logged', $oMemberModel->isLogged()); - self::set('logged_info', $oMemberModel->getLoggedInfo()); + getController('member')->setSessionInfo(); } } diff --git a/common/framework/helpers/sessionhelper.php b/common/framework/helpers/sessionhelper.php new file mode 100644 index 000000000..901c2f59d --- /dev/null +++ b/common/framework/helpers/sessionhelper.php @@ -0,0 +1,101 @@ +getMemberInfoByMemberSrl($member_srl); + if (intval($member_info->member_srl) === $member_srl) + { + foreach (get_object_vars($member_info) as $key => $value) + { + $this->{$key} = $value; + } + $this->member_srl = $member_srl; + $this->group_list = $oMemberModel->getMemberGroups($member_srl); + } + } + } + + /** + * Check if this user is a member. + * + * @return bool + */ + public static function isMember() + { + return $this->member_srl > 0; + } + + /** + * Check if this user is an administrator. + * + * @return bool + */ + public static function isAdmin() + { + return $this->is_admin === 'Y'; + } + + /** + * Check if this user is an administrator of a module. + * + * @param int $module_srl (optional) + * @return bool + */ + public static function isModuleAdmin($module_srl = null) + { + return $this->is_admin === 'Y' || getModel('module')->isModuleAdmin($this, $module_srl); + } + + /** + * Check if this user is valid (not denied or limited). + * + * @return bool + */ + public static function isValid() + { + if ($this->denied === 'N' && (!$this->limit_date || substr($this->limit_date, 0, 8) < date('Ymd'))) + { + return true; + } + else + { + return false; + } + } + + /** + * Get the list of groups that this user belongs to. + * + * @return array + */ + public static function getGroups() + { + return $this->group_list; + } +} diff --git a/common/framework/session.php b/common/framework/session.php index de67c1999..e52df455b 100644 --- a/common/framework/session.php +++ b/common/framework/session.php @@ -585,7 +585,7 @@ class Session $member_srl = intval($member_srl) ?: (isset($_SESSION['RHYMIX']['login']) ? $_SESSION['RHYMIX']['login'] : 0); if (!$member_srl) { - return true; + return false; } // Get the invalidation timestamp. @@ -601,10 +601,20 @@ class Session { return false; } - else + + // Check member information to see if denied or limited. + $member_info = getModel('member')->getMemberInfoByMemberSrl($member_srl); + if ($member_info->denied === 'Y') { - return true; + return false; } + if ($member_info->limit_date && substr($member_info->limit_date, 0, 8) >= date('Ymd')) + { + return false; + } + + // Return true if all checks have passed. + return true; } /** @@ -638,18 +648,11 @@ class Session // Create a member info object. if (!self::$_member_info || self::$_member_info->member_srl != $member_srl) { - self::$_member_info = getModel('member')->getMemberInfoByMemberSrl($member_srl); + self::$_member_info = new Helpers\SessionHelper($member_srl); } // Return the member info object. - if (self::$_member_info == new \stdClass) - { - return false; - } - else - { - return self::$_member_info; - } + return self::$_member_info->member_srl ? self::$_member_info : false; } /** diff --git a/modules/member/member.controller.php b/modules/member/member.controller.php index b1d375380..85eba2d78 100644 --- a/modules/member/member.controller.php +++ b/modules/member/member.controller.php @@ -1914,22 +1914,11 @@ class memberController extends member { $oMemberModel = getModel('member'); $config = $oMemberModel->getMemberConfig(); + // If your information came through the current session information to extract information from the users - if(!$this->memberInfo && $member_srl = Rhymix\Framework\Session::getMemberSrl()) + if(!$this->memberInfo && Rhymix\Framework\Session::getMemberSrl()) { - $this->memberInfo = $oMemberModel->getMemberInfoByMemberSrl($member_srl); - // If you do not destroy the session Profile - if($this->memberInfo->member_srl != $member_srl) - { - $this->destroySessionInfo(); - return; - } - } - // Stop using the session id is destroyed - if($this->memberInfo->denied=='Y') - { - $this->destroySessionInfo(); - return; + $this->memberInfo = Rhymix\Framework\Session::getMemberInfo(); } // Log in for treatment sessions set diff --git a/modules/member/member.model.php b/modules/member/member.model.php index 7e470a087..f29729411 100644 --- a/modules/member/member.model.php +++ b/modules/member/member.model.php @@ -241,39 +241,7 @@ class memberModel extends member */ function getLoggedInfo() { - // Return session info if session info is requested and the user is logged-in - if(Rhymix\Framework\Session::getMemberSrl()) - { - $logged_info = Context::get('logged_info'); - // Admin/Group list defined depending on site_module_info - $site_module_info = Context::get('site_module_info'); - if($site_module_info->site_srl) - { - $logged_info->group_list = $this->getMemberGroups($logged_info->member_srl, $site_module_info->site_srl); - // Add is_site_admin bool variable into logged_info if site_administrator is - $oModuleModel = getModel('module'); - if($oModuleModel->isSiteAdmin($logged_info)) $logged_info->is_site_admin = true; - else $logged_info->is_site_admin = false; - } - else - { - // Register a default group if the site doesn't have a member group - if(count($logged_info->group_list) === 0) - { - $default_group = $this->getDefaultGroup(0); - $oMemberController = getController('member'); - $oMemberController->addMemberToGroup($logged_info->member_srl, $default_group->group_srl, 0); - $groups[$default_group->group_srl] = $default_group->title; - $logged_info->group_list = $groups; - } - - $logged_info->is_site_admin = false; - } - Context::set('logged_info', $logged_info); - - return $logged_info; - } - return new stdClass; + return Context::get('logged_info'); } /** @@ -371,6 +339,7 @@ class memberModel extends member } $info->signature = $this->getSignature($info->member_srl); $info->group_list = $this->getMemberGroups($info->member_srl, $site_srl); + $info->is_site_admin = $oModuleModel->isSiteAdmin($info) ? true : false; $extra_vars = unserialize($info->extra_vars); unset($info->extra_vars); @@ -499,6 +468,12 @@ class memberModel extends member $args->site_srl = $site_srl; $output = executeQueryArray('member.getMemberGroups', $args); $group_list = $output->data; + if (!count($group_list)) + { + $default_group = $this->getDefaultGroup($site_srl); + getController('member')->addMemberToGroup($member_srl, $default_group->group_srl, $site_srl); + $group_list[$default_group->group_srl] = $default_group->title; + } //insert in cache Rhymix\Framework\Cache::set($cache_key, $group_list, 0, true); }