183 lines
5.1 KiB
PHP
183 lines
5.1 KiB
PHP
<?php
|
|
|
|
namespace KupShop\AdminBundle\Util;
|
|
|
|
use KupShop\KupShopBundle\Config;
|
|
use Query\Operator;
|
|
use Symfony\Component\HttpFoundation\Session\SessionInterface;
|
|
|
|
// TODO: Dej me pryc, je to kvůli findRight
|
|
global $cfg;
|
|
require_once $cfg['Path']['shared_version'].'admin/functions.admin.php';
|
|
|
|
class LegacyAdminCredentials
|
|
{
|
|
/** @var SessionInterface */
|
|
private $session;
|
|
|
|
public function __construct(SessionInterface $session)
|
|
{
|
|
$this->session = $session;
|
|
}
|
|
|
|
public static function getAdminById(int $id): ?array
|
|
{
|
|
if ($id > 0) {
|
|
$SQL = sqlQueryBuilder()->select('id, name, login, email, privilege, data, date_check_error, date_check_changelog, date_login, language')
|
|
->from('admins')
|
|
->where(Operator::equals(['id' => $id, 'active' => 'Y']))
|
|
->execute();
|
|
$user = sqlFetchArray($SQL);
|
|
$user['data'] = json_decode($user['data'], true);
|
|
} else {
|
|
$cfg = Config::get();
|
|
$user = $cfg['Admin']['settings'];
|
|
}
|
|
|
|
if (!$user) {
|
|
return null;
|
|
}
|
|
|
|
return $user;
|
|
}
|
|
|
|
public function setAdminGlobalVars(?callable $onLogout = null)
|
|
{
|
|
$cfg = Config::get();
|
|
global $adminName, $adminMail, $adminID, $adminRights, $ctrlStr;
|
|
|
|
$ctrlStr = $this->getCtrlString();
|
|
|
|
// zkontrolovani platnosti SESSION
|
|
if ($this->isLogged()) {
|
|
$_adminID = $this->getAdminID();
|
|
// normalni prihlaseny administrator
|
|
$Row = static::getAdminById($_adminID);
|
|
$found = 0;
|
|
if ($Row) {
|
|
$found = 1;
|
|
}
|
|
|
|
if ($found == 1) {
|
|
$adminName = $Row['login'];
|
|
$adminMail = $Row['email'];
|
|
$adminID = $Row['id'];
|
|
$adminRights = $Row['privilege'];
|
|
unset($Row);
|
|
|
|
$limit = (!isset($cfg['Admin']['Login']['Timeout'])) ? 18000 : $cfg['Admin']['Login']['Timeout'];
|
|
$this->session->set('_expiry', time() + $limit);
|
|
unset($limit);
|
|
} else {
|
|
$this->unsetLoginSession();
|
|
if ($onLogout) {
|
|
$onLogout();
|
|
}
|
|
}
|
|
} else {
|
|
$this->unsetLoginSession();
|
|
if ($onLogout) {
|
|
$onLogout();
|
|
}
|
|
}
|
|
}
|
|
|
|
public function getAdminID(): int
|
|
{
|
|
return (int) $this->session->get('_adminID', 0);
|
|
}
|
|
|
|
public function getAdminName(): ?string
|
|
{
|
|
global $adminName;
|
|
|
|
return $adminName;
|
|
}
|
|
|
|
public function isLogged(): bool
|
|
{
|
|
$cfg = Config::get();
|
|
|
|
return (bool) ($this->session->get('_logged', false) && $this->session->get('_expiry') >= time()
|
|
&& $this->session->get('_eshopID') == $cfg['Program']['licence']['ID']
|
|
&& $this->session->get('_ctrlString') == $this->getCtrlString());
|
|
}
|
|
|
|
public function setLoginSession($adminID): void
|
|
{
|
|
$cfg = Config::get();
|
|
|
|
$this->session->set('_logged', true);
|
|
$this->session->set('_ctrlString', $this->getCtrlString());
|
|
$this->session->set('_expiry', ceil(time() + 120));
|
|
$this->session->set('_adminID', $adminID);
|
|
$this->session->set('_eshopID', $cfg['Program']['licence']['ID']);
|
|
|
|
$this->clearAdminUserCache();
|
|
}
|
|
|
|
public function loginByHash($loginHash)
|
|
{
|
|
$admin = sqlQueryBuilder()
|
|
->select('id, login, email, privilege')
|
|
->from('admins')
|
|
->where(Operator::like(['token' => $loginHash]))
|
|
->andWhere(Operator::equals(['active' => 'Y']))
|
|
->execute()->fetch();
|
|
|
|
if (!$admin) {
|
|
return false;
|
|
}
|
|
|
|
if (isDevelopment()) {
|
|
$admin['login'] .= ' (dev)';
|
|
}
|
|
$admin['rights'] = [];
|
|
|
|
if (findModule(\Modules::WAREHOUSE)) {
|
|
if (findRight('WAR_INV', $admin['privilege'])) {
|
|
$admin['rights']['inventory'] = true;
|
|
}
|
|
|
|
if (findRight('WAR_EAN', $admin['privilege'])) {
|
|
$admin['rights']['skip_ean'] = true;
|
|
}
|
|
|
|
if (findRight('WAR_TTS', $admin['privilege'])) {
|
|
$admin['rights']['tts'] = true;
|
|
}
|
|
}
|
|
|
|
$this->setLoginSession($admin['id']);
|
|
|
|
return $admin;
|
|
}
|
|
|
|
public function unsetLoginSession(): void
|
|
{
|
|
$this->session->set('_logged', false);
|
|
$this->session->remove('_adminID');
|
|
$this->session->remove('_ctrlString');
|
|
$this->session->remove('_expiry');
|
|
$this->session->remove('_eshopID');
|
|
|
|
$this->clearAdminUserCache();
|
|
}
|
|
|
|
private function getCtrlString(): string
|
|
{
|
|
// Kvůli roamingu a IPv6 nekontrolujeme IP adresu
|
|
return md5(getShopUniqueName()/* .':'.getIP() */);
|
|
}
|
|
|
|
/**
|
|
* Kvůli static cache přihlášenýho admina, bez tohohle by tam zůstal první přihlášenej admin pro všechny testy.
|
|
*/
|
|
private function clearAdminUserCache(): void
|
|
{
|
|
if (isFunctionalTests()) {
|
|
getAdminUser(true);
|
|
}
|
|
}
|
|
}
|