vendor/contao/core-bundle/src/Resources/contao/classes/FrontendUser.php line 81

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of Contao.
  5. *
  6. * (c) Leo Feyer
  7. *
  8. * @license LGPL-3.0-or-later
  9. */
  11. namespace Contao;
  13. use Contao\CoreBundle\Security\ContaoCorePermissions;
  15. /**
  16. * Provide methods to manage front end users.
  17. *
  18. * @property array $allGroups
  19. * @property string $loginPage
  20. */
  21. class FrontendUser extends User
  22. {
  23. /**
  24. * Symfony Security session key
  25. * @deprecated Deprecated since Contao 4.8, to be removed in Contao 5.0
  26. */
  27. const SECURITY_SESSION_KEY = '_security_contao_frontend';
  29. /**
  30. * Current object instance (do not remove)
  31. * @var FrontendUser
  32. */
  33. protected static $objInstance;
  35. /**
  36. * Name of the corresponding table
  37. * @var string
  38. */
  39. protected $strTable = 'tl_member';
  41. /**
  42. * Name of the current cookie
  43. * @var string
  44. */
  45. protected $strCookie = 'FE_USER_AUTH';
  47. /**
  48. * Group login page
  49. * @var string
  50. */
  51. protected $strLoginPage;
  53. /**
  54. * Groups
  55. * @var array
  56. */
  57. protected $arrGroups;
  59. /**
  60. * Symfony security roles
  61. * @var array
  62. */
  63. protected $roles = array('ROLE_MEMBER');
  65. /**
  66. * Initialize the object
  67. */
  68. protected function __construct()
  69. {
  70. parent::__construct();
  72. $this->strIp = Environment::get('ip');
  73. $this->strHash = Input::cookie($this->strCookie);
  74. }
  76. /**
  77. * Instantiate a new user object
  78. *
  79. * @return static|User The object instance
  80. */
  81. public static function getInstance()
  82. {
  83. if (static::$objInstance !== null)
  84. {
  85. return static::$objInstance;
  86. }
  88. $objToken = System::getContainer()->get('security.token_storage')->getToken();
  90. // Load the user from the security storage
  91. if ($objToken !== null && is_a($objToken->getUser(), static::class))
  92. {
  93. return $objToken->getUser();
  94. }
  96. // Check for an authenticated user in the session
  97. $strUser = System::getContainer()->get('contao.security.token_checker')->getFrontendUsername();
  99. if ($strUser !== null)
  100. {
  101. static::$objInstance = static::loadUserByIdentifier($strUser);
  103. return static::$objInstance;
  104. }
  106. return parent::getInstance();
  107. }
  109. /**
  110. * Extend parent setter class and modify some parameters
  111. *
  112. * @param string $strKey
  113. * @param mixed $varValue
  114. */
  115. public function __set($strKey, $varValue)
  116. {
  117. if ($strKey == 'allGroups')
  118. {
  119. $this->arrGroups = $varValue;
  120. }
  121. else
  122. {
  123. parent::__set($strKey, $varValue);
  124. }
  125. }
  127. /**
  128. * Extend parent getter class and modify some parameters
  129. *
  130. * @param string $strKey
  131. *
  132. * @return mixed
  133. */
  134. public function __get($strKey)
  135. {
  136. switch ($strKey)
  137. {
  138. case 'allGroups':
  139. return $this->arrGroups;
  141. case 'loginPage':
  142. return $this->strLoginPage;
  143. }
  145. return parent::__get($strKey);
  146. }
  148. /**
  149. * Authenticate a user
  150. *
  151. * @return boolean
  152. *
  153. * @deprecated Deprecated since Contao 4.5, to be removed in Contao 5.0.
  154. * Use Symfony security instead.
  155. */
  156. public function authenticate()
  157. {
  158. trigger_deprecation('contao/core-bundle', '4.5', 'Using "Contao\FrontendUser::authenticate()" has been deprecated and will no longer work in Contao 5.0. Use Symfony security instead.');
  160. return System::getContainer()->get('contao.security.token_checker')->hasFrontendUser();
  161. }
  163. /**
  164. * Try to log in the current user
  165. *
  166. * @return boolean True if the user could be logged in
  167. *
  168. * @deprecated Deprecated since Contao 4.5, to be removed in Contao 5.0.
  169. * Use Symfony security instead.
  170. */
  171. public function login()
  172. {
  173. trigger_deprecation('contao/core-bundle', '4.5', 'Using "Contao\FrontendUser::login()" has been deprecated and will no longer work in Contao 5.0. Use Symfony security instead.');
  175. return System::getContainer()->get('contao.security.token_checker')->hasFrontendUser();
  176. }
  178. /**
  179. * Save the original group membership
  180. *
  181. * @param string $strColumn
  182. * @param mixed $varValue
  183. *
  184. * @return boolean
  185. */
  186. public function findBy($strColumn, $varValue)
  187. {
  188. if (parent::findBy($strColumn, $varValue) === false)
  189. {
  190. return false;
  191. }
  193. $this->arrGroups = $this->groups;
  195. return true;
  196. }
  198. /**
  199. * Restore the original group membership
  200. */
  201. public function save()
  202. {
  203. $groups = $this->groups;
  204. $this->arrData['groups'] = $this->arrGroups;
  205. parent::save();
  206. $this->groups = $groups;
  207. }
  209. /**
  210. * Set all user properties from a database record
  211. */
  212. protected function setUserFromDb()
  213. {
  214. $this->intId = $this->id;
  216. // Unserialize values
  217. foreach ($this->arrData as $k=>$v)
  218. {
  219. if (!is_numeric($v))
  220. {
  221. $this->arrData[$k] = StringUtil::deserialize($v);
  222. }
  223. }
  225. $GLOBALS['TL_USERNAME'] = $this->username;
  227. // Make sure that groups is an array
  228. if (!\is_array($this->groups))
  229. {
  230. $this->groups = $this->groups ? array($this->groups) : array();
  231. }
  233. // Skip inactive groups
  234. if (($objGroups = MemberGroupModel::findAllActive()) !== null)
  235. {
  236. $this->groups = array_intersect($this->groups, $objGroups->fetchEach('id'));
  237. }
  239. // Get the group login page
  240. if (($this->groups[0] ?? 0) > 0)
  241. {
  242. $objGroup = MemberGroupModel::findPublishedById($this->groups[0]);
  244. if ($objGroup !== null && $objGroup->redirect && $objGroup->jumpTo)
  245. {
  246. $this->strLoginPage = $objGroup->jumpTo;
  247. }
  248. }
  249. }
  251. /**
  252. * Return true if the user is member of a particular group
  253. *
  254. * @param mixed $ids A single group ID or an array of group IDs
  255. *
  256. * @return boolean True if the user is a member of the group
  257. *
  258. * @deprecated Deprecated since Contao 4.12, to be removed in Contao 5.0;
  259. * use Symfony security instead
  260. */
  261. public function isMemberOf($ids)
  262. {
  263. $security = System::getContainer()->get('security.helper');
  265. if ($security->getUser() === $this)
  266. {
  267. trigger_deprecation('contao/core-bundle', '4.12', 'Using "Contao\FrontendUser::isMemberOf()" has been deprecated and will no longer work in Contao 5.0. Use Symfony security instead.');
  269. return $security->isGranted(ContaoCorePermissions::MEMBER_IN_GROUPS, $ids);
  270. }
  272. return parent::isMemberOf($ids);
  273. }
  275. /**
  276. * {@inheritdoc}
  277. */
  278. public function getRoles()
  279. {
  280. return $this->roles;
  281. }
  282. }
  284. class_alias(FrontendUser::class, 'FrontendUser');