Removed User model from $_SESSION.
This commit is contained in:
parent
597a20deea
commit
f26726c6e9
|
@ -32,11 +32,8 @@ class Application extends b8\Application
|
|||
$user = b8\Store\Factory::getStore('User')->getByPrimaryKey($_SESSION['php-censor-user-id']);
|
||||
|
||||
if ($user) {
|
||||
$_SESSION['php-censor-user'] = $user;
|
||||
return true;
|
||||
}
|
||||
|
||||
unset($_SESSION['php-censor-user-id']);
|
||||
}
|
||||
|
||||
return false;
|
||||
|
@ -158,11 +155,9 @@ class Application extends b8\Application
|
|||
$defaultUserId = (integer)$config->get('php-censor.security.default_user_id', 1);
|
||||
|
||||
if ($disableAuth && $defaultUserId) {
|
||||
$user = b8\Store\Factory::getStore('User')
|
||||
->getByPrimaryKey($defaultUserId);
|
||||
$user = b8\Store\Factory::getStore('User')->getByPrimaryKey($defaultUserId);
|
||||
|
||||
if ($user) {
|
||||
$_SESSION['php-censor-user'] = $user;
|
||||
return true;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -6,6 +6,9 @@ use b8\Config;
|
|||
use b8\Exception\HttpException\ForbiddenException;
|
||||
use b8\Http\Request;
|
||||
use b8\Http\Response;
|
||||
use b8\Store\Factory;
|
||||
use PHPCensor\Model\User;
|
||||
use PHPCensor\Store\UserStore;
|
||||
|
||||
class Controller extends \b8\Controller
|
||||
{
|
||||
|
@ -49,6 +52,8 @@ class Controller extends \b8\Controller
|
|||
$class = explode('\\', get_class($this));
|
||||
$this->className = substr(array_pop($class), 0, -10);
|
||||
$this->setControllerView();
|
||||
|
||||
unset($_SESSION['php-censor-user']);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -122,6 +127,26 @@ class Controller extends \b8\Controller
|
|||
*/
|
||||
protected function currentUserIsAdmin()
|
||||
{
|
||||
return $_SESSION['php-censor-user']->getIsAdmin();
|
||||
$user = $this->getUser();
|
||||
if (!$user) {
|
||||
return false;
|
||||
}
|
||||
|
||||
return $this->getUser()->getIsAdmin();
|
||||
}
|
||||
|
||||
/**
|
||||
* @return User|null
|
||||
*/
|
||||
protected function getUser()
|
||||
{
|
||||
if (empty($_SESSION['php-censor-user-id'])) {
|
||||
return null;
|
||||
}
|
||||
|
||||
/** @var UserStore $userStore */
|
||||
$userStore = Factory::getStore('User');
|
||||
|
||||
return $userStore->getById($_SESSION['php-censor-user-id']);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -73,7 +73,7 @@ class BuildController extends Controller
|
|||
}
|
||||
|
||||
/** @var User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
$perPage = $user->getFinalPerPage();
|
||||
$data = $this->getBuildData($build, $plugin, $severity, $isNew, (($page - 1) * $perPage), $perPage);
|
||||
$pages = ($data['errors'] === 0)
|
||||
|
|
|
@ -74,7 +74,7 @@ class GroupController extends Controller
|
|||
$group->setTitle($this->getParam('title'));
|
||||
if (is_null($groupId)) {
|
||||
/** @var User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
|
||||
$group->setCreateDate(new \DateTime());
|
||||
$group->setUserId($user->getId());
|
||||
|
|
|
@ -96,7 +96,7 @@ class ProjectController extends PHPCensor\Controller
|
|||
}
|
||||
|
||||
/** @var PHPCensor\Model\User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
$perPage = $user->getFinalPerPage();
|
||||
$builds = $this->getLatestBuildsHtml($projectId, $branch, $environment, (($page - 1) * $perPage), $perPage);
|
||||
$pages = ($builds[1] === 0)
|
||||
|
@ -209,7 +209,7 @@ class ProjectController extends PHPCensor\Controller
|
|||
}
|
||||
|
||||
/** @var PHPCensor\Model\User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
$build = $this->buildService->createBuild(
|
||||
$project,
|
||||
$environment,
|
||||
|
@ -337,7 +337,7 @@ class ProjectController extends PHPCensor\Controller
|
|||
];
|
||||
|
||||
/** @var PHPCensor\Model\User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
$project = $this->projectService->createProject($title, $type, $reference, $user->getId(), $options);
|
||||
|
||||
$response = new RedirectResponse();
|
||||
|
|
|
@ -11,7 +11,7 @@ use PHPCensor\Store\UserStore;
|
|||
|
||||
/**
|
||||
* Session Controller - Handles user login / logout.
|
||||
*
|
||||
*
|
||||
* @author Dan Cryer <dan@block8.co.uk>
|
||||
*/
|
||||
class SessionController extends Controller
|
||||
|
@ -53,7 +53,7 @@ class SessionController extends Controller
|
|||
return $response;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
$isLoginFailure = false;
|
||||
|
||||
if ($this->request->getMethod() == 'POST') {
|
||||
|
@ -92,7 +92,7 @@ class SessionController extends Controller
|
|||
|
||||
if ($rememberMe) {
|
||||
$rememberKey = md5(microtime(true));
|
||||
|
||||
|
||||
$user->setRememberKey($rememberKey);
|
||||
$this->userStore->save($user);
|
||||
|
||||
|
@ -161,7 +161,6 @@ class SessionController extends Controller
|
|||
*/
|
||||
public function logout()
|
||||
{
|
||||
unset($_SESSION['php-censor-user']);
|
||||
unset($_SESSION['php-censor-user-id']);
|
||||
|
||||
session_destroy();
|
||||
|
@ -233,7 +232,8 @@ class SessionController extends Controller
|
|||
$hash = password_hash($this->getParam('password'), PASSWORD_DEFAULT);
|
||||
$user->setHash($hash);
|
||||
|
||||
$_SESSION['php-censor-user'] = $this->userStore->save($user);
|
||||
$this->userStore->save($user);
|
||||
|
||||
$_SESSION['php-censor-user-id'] = $user->getId();
|
||||
|
||||
$response = new b8\Http\Response\RedirectResponse();
|
||||
|
|
|
@ -56,7 +56,7 @@ class UserController extends Controller
|
|||
public function profile()
|
||||
{
|
||||
/** @var User $user */
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
|
||||
if ($this->request->getMethod() == 'POST') {
|
||||
$name = $this->getParam('name', null);
|
||||
|
@ -73,8 +73,7 @@ class UserController extends Controller
|
|||
$perPage = null;
|
||||
}
|
||||
|
||||
$_SESSION['php-censor-user'] = $this->userService->updateUser($user, $name, $email, $password, null, $language, $perPage);
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->userService->updateUser($user, $name, $email, $password, null, $language, $perPage);
|
||||
|
||||
$this->view->updated = 1;
|
||||
}
|
||||
|
|
|
@ -3,7 +3,9 @@
|
|||
namespace PHPCensor\Helper;
|
||||
|
||||
use b8\Config;
|
||||
use b8\Store\Factory;
|
||||
use PHPCensor\Model\User;
|
||||
use PHPCensor\Store\UserStore;
|
||||
|
||||
/**
|
||||
* Languages Helper Class - Handles loading strings files and the strings within them.
|
||||
|
@ -11,7 +13,7 @@ use PHPCensor\Model\User;
|
|||
class Lang
|
||||
{
|
||||
const DEFAULT_LANGUAGE = 'en';
|
||||
|
||||
|
||||
/**
|
||||
* @var string
|
||||
*/
|
||||
|
@ -99,7 +101,7 @@ class Lang
|
|||
$languages = [];
|
||||
foreach (self::$languages as $language) {
|
||||
$strings = include(SRC_DIR . 'Languages' . DIRECTORY_SEPARATOR . 'lang.' . $language . '.php');
|
||||
$languages[$language] = !empty($strings['language_name'])
|
||||
$languages[$language] = !empty($strings['language_name'])
|
||||
? $strings['language_name'] . ' (' . $language . ')'
|
||||
: $language;
|
||||
}
|
||||
|
@ -132,11 +134,11 @@ class Lang
|
|||
return;
|
||||
}
|
||||
|
||||
/** @var User $user */
|
||||
$user = !empty($_SESSION['php-censor-user']) ? $_SESSION['php-censor-user'] : null;
|
||||
|
||||
if ((!is_object($user) || get_class($user) == '__PHP_Incomplete_Class') && gettype($user) == 'object') {
|
||||
$user = unserialize(serialize($_SESSION['php-censor-user']));
|
||||
$user = null;
|
||||
if (!empty($_SESSION['php-censor-user-id'])) {
|
||||
/** @var UserStore $userStore */
|
||||
$userStore = Factory::getStore('User');
|
||||
$user = $userStore->getById($_SESSION['php-censor-user-id']);
|
||||
}
|
||||
|
||||
if ($user) {
|
||||
|
@ -173,7 +175,7 @@ class Lang
|
|||
if (is_null($strings) || !is_array($strings) || !count($strings)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
return $strings;
|
||||
}
|
||||
|
||||
|
|
|
@ -1,32 +0,0 @@
|
|||
<?php
|
||||
|
||||
namespace PHPCensor\Helper;
|
||||
|
||||
/**
|
||||
* User Helper - Provides access to logged in user information in views.
|
||||
*
|
||||
* @author Dan Cryer <dan@block8.co.uk>
|
||||
*/
|
||||
class User
|
||||
{
|
||||
/**
|
||||
* Proxies method calls through to the current active user model.
|
||||
* @param $method
|
||||
* @param array $params
|
||||
* @return mixed|null
|
||||
*/
|
||||
public function __call($method, $params = [])
|
||||
{
|
||||
if (empty($_SESSION['php-censor-user'])) {
|
||||
return null;
|
||||
}
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
|
||||
if (!is_object($user)) {
|
||||
return null;
|
||||
}
|
||||
|
||||
return call_user_func_array([$user, $method], $params);
|
||||
}
|
||||
}
|
|
@ -3,7 +3,9 @@
|
|||
namespace PHPCensor;
|
||||
|
||||
use b8\Config;
|
||||
use b8\Store\Factory;
|
||||
use PHPCensor\Model\User;
|
||||
use PHPCensor\Store\UserStore;
|
||||
|
||||
class View
|
||||
{
|
||||
|
@ -85,4 +87,19 @@ class View
|
|||
|
||||
return $disableAuth;
|
||||
}
|
||||
|
||||
/**
|
||||
* @return User|null
|
||||
*/
|
||||
protected function getUser()
|
||||
{
|
||||
if (empty($_SESSION['php-censor-user-id'])) {
|
||||
return null;
|
||||
}
|
||||
|
||||
/** @var UserStore $userStore */
|
||||
$userStore = Factory::getStore('User');
|
||||
|
||||
return $userStore->getById($_SESSION['php-censor-user-id']);
|
||||
}
|
||||
}
|
||||
|
|
|
@ -2,8 +2,6 @@
|
|||
|
||||
use PHPCensor\Helper\Lang;
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
|
||||
?>
|
||||
<div class="clearfix" style="margin-bottom: 20px;">
|
||||
<a class="btn btn-success pull-right" href="<?php print APP_URL . 'group/edit'; ?>">
|
||||
|
@ -28,7 +26,7 @@ $user = $_SESSION['php-censor-user'];
|
|||
<td>
|
||||
<div class="btn-group btn-group-right">
|
||||
<a class="btn btn-default btn-sm" href="<?php echo APP_URL ?>group/edit/<?php print $group['id']; ?>"><?php Lang::out('group_edit'); ?></a>
|
||||
<?php if($user->getIsAdmin() && (!count($group['projects']))): ?>
|
||||
<?php if($this->getUser()->getIsAdmin() && (!count($group['projects']))): ?>
|
||||
<button class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown">
|
||||
<span class="caret"></span>
|
||||
</button>
|
||||
|
|
|
@ -6,8 +6,6 @@
|
|||
|
||||
use PHPCensor\Helper\Lang;
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
|
||||
?>
|
||||
|
||||
<?php if(empty($builds) || !count($builds)): ?>
|
||||
|
@ -94,7 +92,7 @@ $branches = $build->getExtra('branches');
|
|||
<td>
|
||||
<div class="btn-group btn-group-right">
|
||||
<a class="btn btn-default btn-sm" href="<?php echo APP_URL ?>build/view/<?php print $build->getId(); ?>"><?php Lang::out('view'); ?></a>
|
||||
<?php if($user->getIsAdmin()): ?>
|
||||
<?php if($this->getUser()->getIsAdmin()): ?>
|
||||
<button class="btn btn-default btn-sm dropdown-toggle" data-toggle="dropdown">
|
||||
<span class="caret"></span>
|
||||
</button>
|
||||
|
|
|
@ -6,8 +6,6 @@
|
|||
|
||||
use PHPCensor\Helper\Lang;
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
|
||||
?>
|
||||
<script>
|
||||
var PROJECT_ID = <?= $project->getId(); ?>;
|
||||
|
@ -31,7 +29,7 @@ $user = $_SESSION['php-censor-user'];
|
|||
?>
|
||||
<div class="pull-right btn-group">
|
||||
<?php if (!$project->getArchived()): ?>
|
||||
<?php if ($user->getIsAdmin()): ?>
|
||||
<?php if ($this->getUser()->getIsAdmin()): ?>
|
||||
<?php if (!empty($environment)): ?>
|
||||
<a class="btn btn-danger" href="<?= $build_url . '?' . http_build_query(['type' => 'environment', 'id' => $environment, 'debug' => 1]); ?>">
|
||||
<?php Lang::out('build_now_debug'); ?>
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
use PHPCensor\Helper\Lang;
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
|
||||
?>
|
||||
<div class="clearfix" style="margin-bottom: 20px;">
|
||||
|
|
|
@ -4,15 +4,13 @@
|
|||
* @var $exception \Exception
|
||||
*/
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
|
||||
?>
|
||||
<div class="panel panel-danger">
|
||||
<div class="box-header">
|
||||
<h2 class="box-title">Sorry, there was a problem</h2>
|
||||
</div>
|
||||
|
||||
<?php if ($user->getIsAdmin()): ?>
|
||||
<?php if ($this->getUser()->getIsAdmin()): ?>
|
||||
<div class="box-body">
|
||||
<strong>Message</strong>: <?= $exception->getMessage(); ?><br />
|
||||
<strong>File</strong>: <?= $exception->getFile(); ?><br />
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
use PHPCensor\Helper\Lang;
|
||||
|
||||
$user = $_SESSION['php-censor-user'];
|
||||
$user = $this->getUser();
|
||||
|
||||
?>
|
||||
<!DOCTYPE html>
|
||||
|
|
Loading…
Reference in a new issue