Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

first commit

  • Loading branch information...
commit a01175ed7fa13a13aa98f711bb6373c206dd2434 0 parents
@rdavaillaud authored
Showing with 3,231 additions and 0 deletions.
  1. +1 −0  .gitignore
  2. +7 −0 LICENSE
  3. +363 −0 README
  4. +14 −0 config/config.php
  5. +48 −0 config/schema.yml
  6. +26 −0 data/fixtures/fixtures.yml.sample
  7. +19 −0 lib/filter/sfGuardGroupFormFilter.class.php
  8. +16 −0 lib/filter/sfGuardGroupPermissionFormFilter.class.php
  9. +19 −0 lib/filter/sfGuardPermissionFormFilter.class.php
  10. +16 −0 lib/filter/sfGuardRememberKeyFormFilter.class.php
  11. +20 −0 lib/filter/sfGuardUserFormFilter.class.php
  12. +16 −0 lib/filter/sfGuardUserGroupFormFilter.class.php
  13. +16 −0 lib/filter/sfGuardUserPermissionFormFilter.class.php
  14. +23 −0 lib/form/sfGuardFormSignin.class.php
  15. +18 −0 lib/form/sfGuardGroupForm.class.php
  16. +15 −0 lib/form/sfGuardGroupPermissionForm.class.php
  17. +18 −0 lib/form/sfGuardPermissionForm.class.php
  18. +15 −0 lib/form/sfGuardRememberKeyForm.class.php
  19. +120 −0 lib/form/sfGuardUserAdminForm.class.php
  20. +30 −0 lib/form/sfGuardUserForm.class.php
  21. +15 −0 lib/form/sfGuardUserGroupForm.class.php
  22. +15 −0 lib/form/sfGuardUserPermissionForm.class.php
  23. +24 −0 lib/model/plugin/PluginsfGuardGroup.php
  24. +38 −0 lib/model/plugin/PluginsfGuardGroupPeer.php
  25. +20 −0 lib/model/plugin/PluginsfGuardGroupPermission.php
  26. +20 −0 lib/model/plugin/PluginsfGuardGroupPermissionPeer.php
  27. +24 −0 lib/model/plugin/PluginsfGuardPermission.php
  28. +27 −0 lib/model/plugin/PluginsfGuardPermissionPeer.php
  29. +20 −0 lib/model/plugin/PluginsfGuardRememberKey.php
  30. +20 −0 lib/model/plugin/PluginsfGuardRememberKeyPeer.php
  31. +309 −0 lib/model/plugin/PluginsfGuardUser.php
  32. +26 −0 lib/model/plugin/PluginsfGuardUserGroup.php
  33. +20 −0 lib/model/plugin/PluginsfGuardUserGroupPeer.php
  34. +29 −0 lib/model/plugin/PluginsfGuardUserPeer.php
  35. +26 −0 lib/model/plugin/PluginsfGuardUserPermission.php
  36. +20 −0 lib/model/plugin/PluginsfGuardUserPermissionPeer.php
  37. +20 −0 lib/model/sfGuardGroup.php
  38. +20 −0 lib/model/sfGuardGroupPeer.php
  39. +20 −0 lib/model/sfGuardGroupPermission.php
  40. +20 −0 lib/model/sfGuardGroupPermissionPeer.php
  41. +20 −0 lib/model/sfGuardPermission.php
  42. +20 −0 lib/model/sfGuardPermissionPeer.php
  43. +20 −0 lib/model/sfGuardRememberKey.php
  44. +20 −0 lib/model/sfGuardRememberKeyPeer.php
  45. +20 −0 lib/model/sfGuardUser.php
  46. +20 −0 lib/model/sfGuardUserGroup.php
  47. +20 −0 lib/model/sfGuardUserGroupPeer.php
  48. +20 −0 lib/model/sfGuardUserPeer.php
  49. +20 −0 lib/model/sfGuardUserPermission.php
  50. +20 −0 lib/model/sfGuardUserPermissionPeer.php
  51. +70 −0 lib/routing/sfGuardRouting.class.php
  52. +53 −0 lib/sfGuardBasicSecurityFilter.class.php
  53. +55 −0 lib/sfGuardRememberMeFilter.class.php
  54. +67 −0 lib/task/sfGuardAddGroupTask.class.php
  55. +67 −0 lib/task/sfGuardAddPermissionTask.class.php
  56. +66 −0 lib/task/sfGuardChangePasswordTask.class.php
  57. +67 −0 lib/task/sfGuardCreateAdminTask.class.php
  58. +62 −0 lib/task/sfGuardCreateUserTask.class.php
  59. +243 −0 lib/user/sfGuardSecurityUser.class.php
  60. +75 −0 lib/validator/sfGuardValidatorUser.class.php
  61. +22 −0 modules/sfGuardAuth/actions/actions.class.php
  62. +8 −0 modules/sfGuardAuth/config/security.yml
  63. +89 −0 modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php
  64. +3 −0  modules/sfGuardAuth/templates/secureSuccess.php
  65. +7 −0 modules/sfGuardAuth/templates/signinSuccess.php
  66. +15 −0 modules/sfGuardGroup/actions/actions.class.php
  67. +21 −0 modules/sfGuardGroup/config/generator.yml
  68. +16 −0 modules/sfGuardGroup/lib/BasesfGuardGroupActions.class.php
  69. +13 −0 modules/sfGuardGroup/lib/sfGuardGroupGeneratorConfiguration.class.php
  70. +13 −0 modules/sfGuardGroup/lib/sfGuardGroupGeneratorHelper.class.php
  71. +15 −0 modules/sfGuardPermission/actions/actions.class.php
  72. +21 −0 modules/sfGuardPermission/config/generator.yml
  73. +16 −0 modules/sfGuardPermission/lib/BasesfGuardPermissionActions.class.php
  74. +13 −0 modules/sfGuardPermission/lib/sfGuardPermissionGeneratorConfiguration.class.php
  75. +13 −0 modules/sfGuardPermission/lib/sfGuardPermissionGeneratorHelper.class.php
  76. +15 −0 modules/sfGuardUser/actions/actions.class.php
  77. +31 −0 modules/sfGuardUser/config/generator.yml
  78. +16 −0 modules/sfGuardUser/lib/BasesfGuardUserActions.class.php
  79. +13 −0 modules/sfGuardUser/lib/sfGuardUserGeneratorConfiguration.class.php
  80. +13 −0 modules/sfGuardUser/lib/sfGuardUserGeneratorHelper.class.php
  81. +280 −0 package.xml
1  .gitignore
@@ -0,0 +1 @@
+.svn/
7 LICENSE
@@ -0,0 +1,7 @@
+Copyright (c) Fabien Potencier
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
363 README
@@ -0,0 +1,363 @@
+sfGuard plugin
+==============
+
+The `sfGuardPlugin` is a symfony plugin that provides authentication and
+authorization features above the standard security feature of symfony.
+
+It gives you the model (user, group and permission objects) and the modules
+(backend and frontend) to secure your symfony application in a minute in
+a configurable plugin.
+
+Installation
+------------
+
+ * Install the plugin
+
+ $ symfony plugin:install sfGuardPlugin
+
+ * Rebuild your model
+
+ $ symfony propel:build-model
+ $ symfony propel:build-sql
+ $ symfony propel:build-forms
+ $ symfony propel:build-filters
+
+ * Update your database tables by starting from scratch (it will delete all
+ the existing tables, then re-create them):
+
+ $ symfony propel:insert-sql
+
+ or you can just create the new tables by using the generated SQL
+ statements in `data/sql/plugins.sfGuardAuth.lib.model.schema.sql`
+
+ * Enable one or more modules in your `settings.yml` (optional)
+ * For your backend application: sfGuardUser, sfGuardGroup, sfGuardPermission
+ * For your frontend application: sfGuardAuth
+
+ [php]
+ all:
+ .settings:
+ enabled_modules: [default, sfGuardGroup, sfGuardUser, sfGuardPermission]
+
+ * Clear you cache
+
+ $ symfony cc
+
+ * Optionally create a default user:
+
+ $ symfony guard:create-user fabien $ecret
+
+ * Optionally add the "Remember Me" filter to `filters.yml` above the security filter:
+
+ [yml]
+ remember_me:
+ class: sfGuardRememberMeFilter
+
+ security: ~
+
+Secure your application
+-----------------------
+
+To secure a symfony application:
+
+ * Enable the module `sfGuardAuth` in `settings.yml`
+
+ [yml]
+ all:
+ .settings:
+ enabled_modules: [..., sfGuardAuth]
+
+ * Change the default login and secure modules in `settings.yml`
+
+ [yml]
+ login_module: sfGuardAuth
+ login_action: signin
+
+ secure_module: sfGuardAuth
+ secure_action: secure
+
+ * Change the parent class in `myUser.class.php`
+
+ [php]
+ class myUser extends sfGuardSecurityUser
+ {
+ }
+
+ * Optionally add the following routing rules to `routing.yml`
+
+ [yml]
+ sf_guard_signin:
+ url: /login
+ param: { module: sfGuardAuth, action: signin }
+
+ sf_guard_signout:
+ url: /logout
+ param: { module: sfGuardAuth, action: signout }
+
+ sf_guard_password:
+ url: /request_password
+ param: { module: sfGuardAuth, action: password }
+
+ You can customize the `url` parameter of each route.
+ N.B.: You must have a `@homepage` routing rule (used when a user sign out)
+
+ These routes are automatically registered by the plugin if the module `sfGuardAuth`
+ is enabled unless you defined `sf_guard_plugin_routes_register` to false
+ in the `app.yml` configuration file:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ routes_register: false
+
+ * Secure some modules or your entire application in `security.yml`
+
+ [yml]
+ default:
+ is_secure: on
+
+ * You're done. Now, if you try to access a secure page, you will be redirected
+ to the login page.
+ If you have loaded the default fixture file, try to login with `admin` as
+ username and `admin` as password.
+
+Manage your users, permissions and groups
+-----------------------------------------
+
+To be able to manage your users, permissions and groups, `sfGuardPlugin` comes
+with 3 modules that can be integrated in your backend application.
+These modules are auto-generated thanks to the symfony admin generator.
+
+ * Enable the modules in `settings.yml`
+
+ [yml]
+ all:
+ .settings:
+ enabled_modules: [..., sfGuardGroup, sfGuardPermission, sfGuardUser]
+
+ * Access the modules with the default route:
+
+ http://www.example.com/backend.php/sfGuardUser
+
+Customize sfGuardAuth module templates
+--------------------------------------
+
+By default, `sfGuardAuth` module comes with 2 very simple templates:
+
+ * `signinSuccess.php`
+ * `secureSuccess.php`
+
+If you want to customize one of these templates:
+
+ * Create a `sfGuardAuth` module in your application (don't use the
+ `init-module` task, just create a `sfGuardAuth` directory)
+
+ * Create a template with the name of the template you want to customize in
+ the `sfGuardAuth/templates` directory
+
+ * symfony now renders your template instead of the default one
+
+Customize `sfGuardAuth` module actions
+--------------------------------------
+
+If you want to customize or add methods to the sfGuardAuth:
+
+ * Create a `sfGuardAuth` module in your application
+
+ * Create an `actions.class.php` file in your `actions` directory that inherit
+ from `BasesfGuardAuthActions` (don't forget to include the `BasesfGuardAuthActions`
+ as it can't be autoloaded by symfony)
+
+ [php]
+ <?php
+
+ require_once(sfConfig::get('sf_plugins_dir').'/sfGuardPlugin/modules/sfGuardAuth/lib/BasesfGuardAuthActions.class.php');
+
+ class sfGuardAuthActions extends BasesfGuardAuthActions
+ {
+ public function executeNewAction()
+ {
+ return $this->renderText('This is a new sfGuardAuth action.');
+ }
+ }
+
+`sfGuardSecurityUser` class
+---------------------------
+
+This class inherits from the `sfBasicSecurityUser` class from symfony and is
+used for the `user` object in your symfony application.
+(because you changed the `myUser` base class earlier)
+
+So, to access it, you can use the standard `$this->getUser()` in your actions
+or `$sf_user` in your templates.
+
+`sfGuardSecurityUser` adds some methods:
+
+ * `signIn()` and `signOut()` methods
+ * `getGuardUser()` that returns the `sfGuardUser` object
+ * a bunch of proxy methods to access directly the `sfGuardUser` object
+
+For example, to get the current username:
+
+ [php]
+ $this->getUser()->getGuardUser()->getUsername()
+
+ // or via the proxy method
+ $this->getUser()->getUsername()
+
+Super administrator flag
+------------------------
+
+`sfGuardPlugin` has a notion of super administrator. A user that is a super
+administrator bypasses all credential checks.
+
+The super administrator flag cannot be set on the web, you must set the flag
+directly in the database or use the pake task:
+
+ $ symfony guard:promote admin
+
+Validators
+----------
+
+`sfGuardPlugin` comes with a validator that you can use in your modules:
+`sfGuardUserValidator`.
+
+This validator is used by the `sfGuardAuth` module to validate a user and
+password and automatically signin the user.
+
+Customize the `sfGuardUser` model
+---------------------------------
+
+The `sfGuardUser` model is quite simple. There is no `email` or `first_name`
+or `birthday` columns. As you cannot add methods to the class, the `sfAuthPlugin`
+gives you the possibility to define a user profile class.
+
+By default, `sfGuardUser` looks for a `sfGuardUserProfile` class.
+
+Here is a simple example of a `sfGuardProfile` class that you can add to `schema.yml`:
+
+ [yml]
+ sf_guard_user_profile:
+ _attributes: { phpName: sfGuardUserProfile }
+ id:
+ user_id: { type: integer, foreignTable: sf_guard_user, foreignReference: id, required: true, onDelete: cascade }
+ first_name: varchar(20)
+ last_name: varchar(20)
+ birthday: date
+
+You can now access the user profile via the user object:
+
+ [php]
+ $this->getUser()->getGuardUser()->getProfile()->getFirstName()
+
+ // or via the proxy method
+ $this->getUser()->getProfile()->getFirstName()
+
+The `getProfile()` method gets the associated user profile object or creates a
+new one if none already exists.
+
+When you delete a user, the associated profile is also deleted.
+
+You can change the name of the user profile class and the foreign key name in
+`app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ profile_class: sfGuardUserProfile
+ profile_field_name: user_id
+
+Check the user password with an external method
+-----------------------------------------------
+
+If you don't want to store the password in the database because you already
+have a LDAP server, a .htaccess file or if you store your passwords in another
+table, you can provide your own `checkPassword` callable (static method or
+function) in `app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ check_password_callable: [MyLDAPClass, checkPassword]
+
+When symfony will call the `$this->getUser()->checkPassword()` method, it will
+call your method or function. Your function must takes 2 parameters, the first
+one is the username and the second one is the password. It must returns true
+or false. Here is a template for such a function:
+
+ [php]
+ function checkLDAPPassword($username, $password)
+ {
+ $user = LDAP::getUser($username);
+ if ($user->checkPassword($password))
+ {
+ return true;
+ }
+ else
+ {
+ return false;
+ }
+ }
+
+Change the algorithm used to store passwords
+--------------------------------------------
+
+By default, passwords are stored as a `sha1()` hash. But you can change this
+with any callable in `app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ algorithm_callable: [MyCryptoClass, MyCryptoMethod]
+
+or
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ algorithm_callable: md5
+
+As the algorithm is stored for each user, you can change your mind later
+without the need to regenerate all passwords for the current users.
+
+Change the name or expiration period of the "Remember Me" cookie
+----------------------------------------------------------------
+
+By default, the "Remember Me" feature creates a cookie named `sfRemember`
+that will last 15 days. You can change this behavior in `app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ remember_key_expiration_age: 2592000 # 30 days in seconds
+ remember_cookie_name: myAppRememberMe
+
+Customize `sfGuardAuth` redirect handling
+-----------------------------------------
+
+If you want to redirect the user to his profile after a success login or
+define a logout site.
+
+You can change the redirect values in `app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ success_signin_url: @my_route?param=value # the plugin use the referer as default
+ success_signout_url: module/action # the plugin use the referer as default
+
+Configure the signin form
+-------------------------
+
+You can change the signin form used by the `sfGuardAuth` module in `app.yml`:
+
+ [yml]
+ all:
+ sf_guard_plugin:
+ signin_form: sfGuardFormSigninCustom
+
+TODO
+----
+
+ * finish the `getPassword` method
+ * add support for HTTP Basic authentication
14 config/config.php
@@ -0,0 +1,14 @@
+<?php
+
+if (sfConfig::get('app_sf_guard_plugin_routes_register', true) && in_array('sfGuardAuth', sfConfig::get('sf_enabled_modules', array())))
+{
+ $this->dispatcher->connect('routing.load_configuration', array('sfGuardRouting', 'listenToRoutingLoadConfigurationEvent'));
+}
+
+foreach (array('sfGuardUser', 'sfGuardGroup', 'sfGuardPermission') as $module)
+{
+ if (in_array($module, sfConfig::get('sf_enabled_modules')))
+ {
+ $this->dispatcher->connect('routing.load_configuration', array('sfGuardRouting', 'addRouteForAdmin'.str_replace('sfGuard', '', $module)));
+ }
+}
48 config/schema.yml
@@ -0,0 +1,48 @@
+propel:
+ _attributes: { package: plugins.sfGuardPlugin.lib.model }
+
+ sf_guard_group:
+ _attributes: { phpName: sfGuardGroup }
+ id: ~
+ name: { type: varchar, size: 255, required: true, index: unique }
+ description: { type: longvarchar }
+
+ sf_guard_permission:
+ _attributes: { phpName: sfGuardPermission }
+ id: ~
+ name: { type: varchar, size: 255, required: true, index: unique }
+ description: { type: longvarchar }
+
+ sf_guard_group_permission:
+ _attributes: { phpName: sfGuardGroupPermission }
+ group_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_group, foreignReference: id, onDelete: cascade }
+ permission_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_permission, foreignReference: id, onDelete: cascade }
+
+ sf_guard_user:
+ _attributes: { phpName: sfGuardUser }
+ id: ~
+ username: { type: varchar, size: 128, required: true, index: unique }
+ algorithm: { type: varchar, size: 128, required: true, default: sha1 }
+ salt: { type: varchar, size: 128, required: true }
+ password: { type: varchar, size: 128, required: true }
+ created_at: ~
+ last_login: { type: timestamp }
+ is_active: { type: boolean, required: true, default: 1 }
+ is_super_admin: { type: boolean, required: true, default: 0 }
+
+ sf_guard_user_permission:
+ _attributes: { phpName: sfGuardUserPermission }
+ user_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_user, foreignReference: id, onDelete: cascade }
+ permission_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_permission, foreignReference: id, onDelete: cascade }
+
+ sf_guard_user_group:
+ _attributes: { phpName: sfGuardUserGroup }
+ user_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_user, foreignReference: id, onDelete: cascade }
+ group_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_group, foreignReference: id, onDelete: cascade }
+
+ sf_guard_remember_key:
+ _attributes: { phpName: sfGuardRememberKey }
+ user_id: { type: integer, primaryKey: true, required: true, foreignTable: sf_guard_user, foreignReference: id, onDelete: cascade }
+ remember_key: { type: varchar, size: 32 }
+ ip_address: { type: varchar, size: 50, primaryKey: true }
+ created_at: ~
26 data/fixtures/fixtures.yml.sample
@@ -0,0 +1,26 @@
+sfGuardUser:
+ admin:
+ username: admin
+ password: admin
+ is_super_admin: true
+
+sfGuardPermission:
+ admin:
+ name: admin
+ description: Administrator permission
+
+sfGuardGroup:
+ admin:
+ name: admin
+ description: Administrator group
+
+sfGuardGroupPermission:
+ admin:
+ group_id: admin
+ permission_id: admin
+
+sfGuardUserGroup:
+ admin:
+ group_id: admin
+ user_id: admin
+
19 lib/filter/sfGuardGroupFormFilter.class.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * sfGuardGroup filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardGroupFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardGroupFormFilter extends BasesfGuardGroupFormFilter
+{
+ public function configure()
+ {
+ unset($this['sf_guard_user_group_list']);
+
+ $this->widgetSchema['sf_guard_group_permission_list']->setLabel('Permissions');
+ }
+}
16 lib/filter/sfGuardGroupPermissionFormFilter.class.php
@@ -0,0 +1,16 @@
+<?php
+
+/**
+ * sfGuardGroupPermission filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardGroupPermissionFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardGroupPermissionFormFilter extends BasesfGuardGroupPermissionFormFilter
+{
+ public function configure()
+ {
+ }
+}
19 lib/filter/sfGuardPermissionFormFilter.class.php
@@ -0,0 +1,19 @@
+<?php
+
+/**
+ * sfGuardPermission filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardPermissionFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardPermissionFormFilter extends BasesfGuardPermissionFormFilter
+{
+ public function configure()
+ {
+ unset($this['sf_guard_user_permission_list']);
+
+ $this->widgetSchema['sf_guard_group_permission_list']->setLabel('Groups');
+ }
+}
16 lib/filter/sfGuardRememberKeyFormFilter.class.php
@@ -0,0 +1,16 @@
+<?php
+
+/**
+ * sfGuardRememberKey filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardRememberKeyFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardRememberKeyFormFilter extends BasesfGuardRememberKeyFormFilter
+{
+ public function configure()
+ {
+ }
+}
20 lib/filter/sfGuardUserFormFilter.class.php
@@ -0,0 +1,20 @@
+<?php
+
+/**
+ * sfGuardUser filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardUserFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardUserFormFilter extends BasesfGuardUserFormFilter
+{
+ public function configure()
+ {
+ unset($this['algorithm'], $this['salt'], $this['password']);
+
+ $this->widgetSchema['sf_guard_user_group_list']->setLabel('Groups');
+ $this->widgetSchema['sf_guard_user_permission_list']->setLabel('Permissions');
+ }
+}
16 lib/filter/sfGuardUserGroupFormFilter.class.php
@@ -0,0 +1,16 @@
+<?php
+
+/**
+ * sfGuardUserGroup filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardUserGroupFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardUserGroupFormFilter extends BasesfGuardUserGroupFormFilter
+{
+ public function configure()
+ {
+ }
+}
16 lib/filter/sfGuardUserPermissionFormFilter.class.php
@@ -0,0 +1,16 @@
+<?php
+
+/**
+ * sfGuardUserPermission filter form.
+ *
+ * @package ##PROJECT_NAME##
+ * @subpackage filter
+ * @author ##AUTHOR_NAME##
+ * @version SVN: $Id: sfGuardUserPermissionFormFilter.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardUserPermissionFormFilter extends BasesfGuardUserPermissionFormFilter
+{
+ public function configure()
+ {
+ }
+}
23 lib/form/sfGuardFormSignin.class.php
@@ -0,0 +1,23 @@
+<?php
+
+class sfGuardFormSignin extends sfForm
+{
+ public function configure()
+ {
+ $this->setWidgets(array(
+ 'username' => new sfWidgetFormInput(),
+ 'password' => new sfWidgetFormInput(array('type' => 'password')),
+ 'remember' => new sfWidgetFormInputCheckbox(),
+ ));
+
+ $this->setValidators(array(
+ 'username' => new sfValidatorString(),
+ 'password' => new sfValidatorString(),
+ 'remember' => new sfValidatorBoolean(),
+ ));
+
+ $this->validatorSchema->setPostValidator(new sfGuardValidatorUser());
+
+ $this->widgetSchema->setNameFormat('signin[%s]');
+ }
+}
18 lib/form/sfGuardGroupForm.class.php
@@ -0,0 +1,18 @@
+<?php
+
+/**
+ * sfGuardGroup form.
+ *
+ * @package form
+ * @subpackage sf_guard_group
+ * @version SVN: $Id: sfGuardGroupForm.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardGroupForm extends BasesfGuardGroupForm
+{
+ public function configure()
+ {
+ unset($this['sf_guard_user_group_list']);
+
+ $this->widgetSchema['sf_guard_group_permission_list']->setLabel('Permissions');
+ }
+}
15 lib/form/sfGuardGroupPermissionForm.class.php
@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * sfGuardGroupPermission form.
+ *
+ * @package form
+ * @subpackage sf_guard_group_permission
+ * @version SVN: $Id: sfGuardGroupPermissionForm.class.php 7745 2008-03-05 11:05:33Z fabien $
+ */
+class sfGuardGroupPermissionForm extends BasesfGuardGroupPermissionForm
+{
+ public function configure()
+ {
+ }
+}
18 lib/form/sfGuardPermissionForm.class.php
@@ -0,0 +1,18 @@
+<?php
+
+/**
+ * sfGuardPermission form.
+ *
+ * @package form
+ * @subpackage sf_guard_permission
+ * @version SVN: $Id: sfGuardPermissionForm.class.php 12896 2008-11-10 19:02:34Z fabien $
+ */
+class sfGuardPermissionForm extends BasesfGuardPermissionForm
+{
+ public function configure()
+ {
+ unset($this['sf_guard_user_permission_list']);
+
+ $this->widgetSchema['sf_guard_group_permission_list']->setLabel('Groups');
+ }
+}
15 lib/form/sfGuardRememberKeyForm.class.php
@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * sfGuardRememberKey form.
+ *
+ * @package form
+ * @subpackage sf_guard_remember_key
+ * @version SVN: $Id: sfGuardRememberKeyForm.class.php 7745 2008-03-05 11:05:33Z fabien $
+ */
+class sfGuardRememberKeyForm extends BasesfGuardRememberKeyForm
+{
+ public function configure()
+ {
+ }
+}
120 lib/form/sfGuardUserAdminForm.class.php
@@ -0,0 +1,120 @@
+<?php
+
+/**
+ * sfGuardUser form for admin.
+ *
+ * @package form
+ * @subpackage sf_guard_user
+ * @version SVN: $Id: sfGuardUserAdminForm.class.php 13000 2008-11-14 10:44:57Z noel $
+ */
+class sfGuardUserAdminForm extends BasesfGuardUserForm
+{
+ protected
+ $pkName = null;
+
+ public function configure()
+ {
+ unset(
+ $this['last_login'],
+ $this['created_at'],
+ $this['salt'],
+ $this['algorithm']
+ );
+
+ $this->widgetSchema['sf_guard_user_group_list']->setLabel('Groups');
+ $this->widgetSchema['sf_guard_user_permission_list']->setLabel('Permissions');
+
+ $this->widgetSchema['password'] = new sfWidgetFormInputPassword();
+ $this->validatorSchema['password']->setOption('required', false);
+ $this->widgetSchema['password_again'] = new sfWidgetFormInputPassword();
+ $this->validatorSchema['password_again'] = clone $this->validatorSchema['password'];
+
+ $this->widgetSchema->moveField('password_again', 'after', 'password');
+
+ $this->mergePostValidator(new sfValidatorSchemaCompare('password', sfValidatorSchemaCompare::EQUAL, 'password_again', array(), array('invalid' => 'The two passwords must be the same.')));
+
+ // profile form?
+ $profileFormClass = sfConfig::get('app_sf_guard_plugin_profile_class', 'sfGuardUserProfile').'Form';
+ if (class_exists($profileFormClass))
+ {
+ $profileForm = new $profileFormClass();
+ unset($profileForm[$this->getPrimaryKey()]);
+ unset($profileForm[sfConfig::get('app_sf_guard_plugin_profile_field_name', 'user_id')]);
+
+ $this->mergeForm($profileForm);
+ }
+ }
+
+ public function updateObject($values = null)
+ {
+ parent::updateObject($values);
+
+ // update defaults for profile
+ if (!is_null($profile = $this->getProfile()))
+ {
+ $values = $this->getValues();
+ unset($values[$this->getPrimaryKey()]);
+
+ $profile->fromArray($values, BasePeer::TYPE_FIELDNAME);
+ $profile->save();
+ }
+
+ return $this->object;
+ }
+
+ public function updateDefaultsFromObject()
+ {
+ parent::updateDefaultsFromObject();
+
+ // update defaults for profile
+ if (!is_null($profile = $this->getProfile()))
+ {
+ $values = $profile->toArray(BasePeer::TYPE_FIELDNAME);
+ unset($values[$this->getPrimaryKey()]);
+
+ // update defaults for the main object
+ if ($this->isNew)
+ {
+ $this->setDefaults(array_merge($values, $this->getDefaults()));
+ }
+ else
+ {
+ $this->setDefaults(array_merge($this->getDefaults(), $values));
+ }
+ }
+ }
+
+ protected function getProfile()
+ {
+ try
+ {
+ return $this->object->getProfile();
+ }
+ catch (sfException $e)
+ {
+ // no profile
+ return null;
+ }
+ }
+
+ protected function getPrimaryKey()
+ {
+ if (!is_null($this->pkName))
+ {
+ return $this->pkName;
+ }
+
+ $profileClass = sfConfig::get('app_sf_guard_plugin_profile_class', 'sfGuardUserProfile');
+ if (class_exists($profileClass))
+ {
+ $tableMap = call_user_func(array($profileClass.'Peer', 'getTableMap'));
+ foreach ($tableMap->getColumns() as $column)
+ {
+ if ($column->isPrimaryKey())
+ {
+ return $this->pkName = call_user_func(array($profileClass.'Peer', 'translateFieldname'), $column->getPhpName(), BasePeer::TYPE_PHPNAME, BasePeer::TYPE_FIELDNAME);
+ }
+ }
+ }
+ }
+}
30 lib/form/sfGuardUserForm.class.php
@@ -0,0 +1,30 @@
+<?php
+
+/**
+ * sfGuardUser form.
+ *
+ * @package form
+ * @subpackage sf_guard_user
+ * @version SVN: $Id: sfGuardUserForm.class.php 13001 2008-11-14 10:45:32Z noel $
+ */
+class sfGuardUserForm extends sfGuardUserAdminForm
+{
+ protected
+ $pkName = null;
+
+ public function configure()
+ {
+ parent::configure();
+
+ unset(
+ $this['last_login'],
+ $this['created_at'],
+ $this['salt'],
+ $this['algorithm'],
+ $this['is_active'],
+ $this['is_super_admin'],
+ $this['sf_guard_user_group_list'],
+ $this['sf_guard_user_permission_list']
+ );
+ }
+}
15 lib/form/sfGuardUserGroupForm.class.php
@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * sfGuardUserGroup form.
+ *
+ * @package form
+ * @subpackage sf_guard_user_group
+ * @version SVN: $Id: sfGuardUserGroupForm.class.php 7745 2008-03-05 11:05:33Z fabien $
+ */
+class sfGuardUserGroupForm extends BasesfGuardUserGroupForm
+{
+ public function configure()
+ {
+ }
+}
15 lib/form/sfGuardUserPermissionForm.class.php
@@ -0,0 +1,15 @@
+<?php
+
+/**
+ * sfGuardUserPermission form.
+ *
+ * @package form
+ * @subpackage sf_guard_user_permission
+ * @version SVN: $Id: sfGuardUserPermissionForm.class.php 7745 2008-03-05 11:05:33Z fabien $
+ */
+class sfGuardUserPermissionForm extends BasesfGuardUserPermissionForm
+{
+ public function configure()
+ {
+ }
+}
24 lib/model/plugin/PluginsfGuardGroup.php
@@ -0,0 +1,24 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardGroup.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardGroup extends BasesfGuardGroup
+{
+ public function __toString()
+ {
+ return $this->getName();
+ }
+}
38 lib/model/plugin/PluginsfGuardGroupPeer.php
@@ -0,0 +1,38 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardGroupPeer.php 12075 2008-10-08 16:15:03Z noel $
+ */
+class PluginsfGuardGroupPeer extends BasesfGuardGroupPeer
+{
+ public static function retrieveByName($name)
+ {
+ $c = new Criteria();
+ $c->add(self::NAME, $name);
+
+ return self::doSelectOne($c);
+ }
+
+ // TBB (tom@punkave.com): we implement our own criteria for the
+ // groups filter. But the admin generator still has nonfunctional code
+ // for it in the base class, code that wants to see a GROUPS constant here.
+ // We prevent that code from actually executing by temporarily unsetting
+ // $filter['groups'], and in PHP 5.2.x, that is sufficient. However,
+ // a future version of PHP might refuse to compile code that refers to a
+ // nonexistent constant at all, even if it never runs. So let's be thorough
+ // and define the GROUPS constant that the base class code is looking for.
+
+ const GROUPS = 'dummy';
+}
20 lib/model/plugin/PluginsfGuardGroupPermission.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardGroupPermission.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardGroupPermission extends BasesfGuardGroupPermission
+{
+}
20 lib/model/plugin/PluginsfGuardGroupPermissionPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardGroupPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardGroupPermissionPeer extends BasesfGuardGroupPermissionPeer
+{
+}
24 lib/model/plugin/PluginsfGuardPermission.php
@@ -0,0 +1,24 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardPermission.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardPermission extends BasesfGuardPermission
+{
+ public function __toString()
+ {
+ return $this->getName();
+ }
+}
27 lib/model/plugin/PluginsfGuardPermissionPeer.php
@@ -0,0 +1,27 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardPermissionPeer extends BasesfGuardPermissionPeer
+{
+ public static function retrieveByName($name)
+ {
+ $c = new Criteria();
+ $c->add(self::NAME, $name);
+
+ return self::doSelectOne($c);
+ }
+}
20 lib/model/plugin/PluginsfGuardRememberKey.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardRememberKey.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardRememberKey extends BasesfGuardRememberKey
+{
+}
20 lib/model/plugin/PluginsfGuardRememberKeyPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardRememberKeyPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardRememberKeyPeer extends BasesfGuardRememberKeyPeer
+{
+}
309 lib/model/plugin/PluginsfGuardUser.php
@@ -0,0 +1,309 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUser.php 12075 2008-10-08 16:15:03Z noel $
+ */
+class PluginsfGuardUser extends BasesfGuardUser
+{
+ protected
+ $profile = null,
+ $groups = null,
+ $permissions = null,
+ $allPermissions = null;
+
+ public function __toString()
+ {
+ return $this->getUsername();
+ }
+
+ public function setPassword($password)
+ {
+ if (!$password && 0 == strlen($password))
+ {
+ return;
+ }
+
+ if (!$salt = $this->getSalt())
+ {
+ $salt = md5(rand(100000, 999999).$this->getUsername());
+ $this->setSalt($salt);
+ }
+ $algorithm = sfConfig::get('app_sf_guard_plugin_algorithm_callable', 'sha1');
+ $algorithmAsStr = is_array($algorithm) ? $algorithm[0].'::'.$algorithm[1] : $algorithm;
+ if (!is_callable($algorithm))
+ {
+ throw new sfException(sprintf('The algorithm callable "%s" is not callable.', $algorithmAsStr));
+ }
+ $this->setAlgorithm($algorithmAsStr);
+
+ parent::setPassword(call_user_func_array($algorithm, array($salt.$password)));
+ }
+
+ public function setPasswordBis($password)
+ {
+ }
+
+ public function checkPassword($password)
+ {
+ try
+ {
+ $profile = $this->getProfile();
+ }
+ catch (Exception $e)
+ {
+ $profile = null;
+ }
+
+ if (!is_null($profile) && method_exists($profile, 'checkPassword'))
+ {
+ return $profile->checkPassword($this->getUsername(), $password, $this);
+ }
+ else if ($callable = sfConfig::get('app_sf_guard_plugin_check_password_callable'))
+ {
+ return call_user_func_array($callable, array($this->getUsername(), $password, $this));
+ }
+ else
+ {
+ return $this->checkPasswordByGuard($password);
+ }
+ }
+
+ public function checkPasswordByGuard($password)
+ {
+ $algorithm = $this->getAlgorithm();
+ if (false !== $pos = strpos($algorithm, '::'))
+ {
+ $algorithm = array(substr($algorithm, 0, $pos), substr($algorithm, $pos + 2));
+ }
+ if (!is_callable($algorithm))
+ {
+ throw new sfException(sprintf('The algorithm callable "%s" is not callable.', $algorithm));
+ }
+
+ return $this->getPassword() == call_user_func_array($algorithm, array($this->getSalt().$password));
+ }
+
+ public function getProfile()
+ {
+ if (!is_null($this->profile))
+ {
+ return $this->profile;
+ }
+
+ $profileClass = sfConfig::get('app_sf_guard_plugin_profile_class', 'sfGuardUserProfile');
+ if (!class_exists($profileClass))
+ {
+ throw new sfException(sprintf('The user profile class "%s" does not exist.', $profileClass));
+ }
+
+ $fieldName = sfConfig::get('app_sf_guard_plugin_profile_field_name', 'user_id');
+ $profilePeerClass = $profileClass.'Peer';
+
+ // to avoid php segmentation fault
+ class_exists($profilePeerClass);
+
+ $foreignKeyColumn = call_user_func_array(array($profilePeerClass, 'translateFieldName'), array($fieldName, BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_COLNAME));
+
+ if (!$foreignKeyColumn)
+ {
+ throw new sfException(sprintf('The user profile class "%s" does not contain a "%s" column.', $profileClass, $fieldName));
+ }
+
+ $c = new Criteria();
+ $c->add($foreignKeyColumn, $this->getId());
+
+ $this->profile = call_user_func_array(array($profileClass.'Peer', 'doSelectOne'), array($c));
+
+ if (!$this->profile)
+ {
+ $this->profile = new $profileClass();
+ if (method_exists($this->profile, 'setsfGuardUser'))
+ {
+ $this->profile->setsfGuardUser($this);
+ }
+ else
+ {
+ $method = 'set'.call_user_func_array(array($profilePeerClass, 'translateFieldName'), array($fieldName, BasePeer::TYPE_FIELDNAME, BasePeer::TYPE_PHPNAME));
+ $this->profile->$method($this->getId());
+ }
+ }
+
+ return $this->profile;
+ }
+
+ public function addGroupByName($name, $con = null)
+ {
+ $group = sfGuardGroupPeer::retrieveByName($name);
+ if (!$group)
+ {
+ throw new Exception(sprintf('The group "%s" does not exist.', $name));
+ }
+
+ $ug = new sfGuardUserGroup();
+ $ug->setsfGuardUser($this);
+ $ug->setGroupId($group->getId());
+
+ $ug->save($con);
+ }
+
+ public function addPermissionByName($name, $con = null)
+ {
+ $permission = sfGuardPermissionPeer::retrieveByName($name);
+ if (!$permission)
+ {
+ throw new Exception(sprintf('The permission "%s" does not exist.', $name));
+ }
+
+ $up = new sfGuardUserPermission();
+ $up->setsfGuardUser($this);
+ $up->setPermissionId($permission->getId());
+
+ $up->save($con);
+ }
+
+ public function hasGroup($name)
+ {
+ if (!$this->groups)
+ {
+ $this->getGroups();
+ }
+
+ return isset($this->groups[$name]);
+ }
+
+ public function getGroups()
+ {
+ if (!$this->groups)
+ {
+ $this->groups = array();
+
+ $c = new Criteria();
+ $c->add(sfGuardUserGroupPeer::USER_ID, $this->getId());
+ $ugs = sfGuardUserGroupPeer::doSelectJoinsfGuardGroup($c);
+
+ foreach ($ugs as $ug)
+ {
+ $group = $ug->getsfGuardGroup();
+ $this->groups[$group->getName()] = $group;
+ }
+ }
+
+ return $this->groups;
+ }
+
+ public function getGroupNames()
+ {
+ return array_keys($this->getGroups());
+ }
+
+ public function hasPermission($name)
+ {
+ if (!$this->permissions)
+ {
+ $this->getPermissions();
+ }
+
+ return isset($this->permissions[$name]);
+ }
+
+ public function getPermissions()
+ {
+ if (!$this->permissions)
+ {
+ $this->permissions = array();
+
+ $c = new Criteria();
+ $c->add(sfGuardUserPermissionPeer::USER_ID, $this->getId());
+ $ups = sfGuardUserPermissionPeer::doSelectJoinsfGuardPermission($c);
+
+ foreach ($ups as $up)
+ {
+ $permission = $up->getsfGuardPermission();
+ $this->permissions[$permission->getName()] = $permission;
+ }
+ }
+
+ return $this->permissions;
+ }
+
+ public function getPermissionNames()
+ {
+ return array_keys($this->getPermissions());
+ }
+
+ // merge of permission in a group + permissions
+ public function getAllPermissions()
+ {
+ if (!$this->allPermissions)
+ {
+ $this->allPermissions = $this->getPermissions();
+
+ foreach ($this->getGroups() as $group)
+ {
+ foreach ($group->getsfGuardGroupPermissionsJoinsfGuardPermission() as $gp)
+ {
+ $permission = $gp->getsfGuardPermission();
+
+ $this->allPermissions[$permission->getName()] = $permission;
+ }
+ }
+ }
+
+ return $this->allPermissions;
+ }
+
+ public function getAllPermissionNames()
+ {
+ return array_keys($this->getAllPermissions());
+ }
+
+ public function reloadGroupsAndPermissions()
+ {
+ $this->groups = null;
+ $this->permissions = null;
+ $this->allPermissions = null;
+ }
+
+ public function delete(PropelPDO $con = null)
+ {
+ // delete profile if available
+ try
+ {
+ if ($profile = $this->getProfile())
+ {
+ $profile->delete($con);
+ }
+ }
+ catch (sfException $e)
+ {
+ }
+
+ return parent::delete($con);
+ }
+
+ public function setPasswordHash($v)
+ {
+ if (!is_null($v) && !is_string($v))
+ {
+ $v = (string) $v;
+ }
+
+ if ($this->password !== $v)
+ {
+ $this->password = $v;
+ $this->modifiedColumns[] = sfGuardUserPeer::PASSWORD;
+ }
+ }
+}
26 lib/model/plugin/PluginsfGuardUserGroup.php
@@ -0,0 +1,26 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUserGroup.php 11426 2008-09-10 06:34:47Z fabien $
+ */
+class PluginsfGuardUserGroup extends BasesfGuardUserGroup
+{
+ public function save(PropelPDO $con = null)
+ {
+ parent::save($con);
+
+ $this->getsfGuardUser($con)->reloadGroupsAndPermissions();
+ }
+}
20 lib/model/plugin/PluginsfGuardUserGroupPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUserGroupPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardUserGroupPeer extends BasesfGuardUserGroupPeer
+{
+}
29 lib/model/plugin/PluginsfGuardUserPeer.php
@@ -0,0 +1,29 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUserPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardUserPeer extends BasesfGuardUserPeer
+{
+ public static function retrieveByUsername($username, $isActive = true)
+ {
+ $c = new Criteria();
+ $c->add(self::USERNAME, $username);
+ $c->add(self::IS_ACTIVE, $isActive);
+
+ return self::doSelectOne($c);
+ }
+
+}
26 lib/model/plugin/PluginsfGuardUserPermission.php
@@ -0,0 +1,26 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUserPermission.php 11426 2008-09-10 06:34:47Z fabien $
+ */
+class PluginsfGuardUserPermission extends BasesfGuardUserPermission
+{
+ public function save(PropelPDO $con = null)
+ {
+ parent::save($con);
+
+ $this->getsfGuardUser($con)->reloadGroupsAndPermissions();
+ }
+}
20 lib/model/plugin/PluginsfGuardUserPermissionPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: PluginsfGuardUserPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class PluginsfGuardUserPermissionPeer extends BasesfGuardUserPermissionPeer
+{
+}
20 lib/model/sfGuardGroup.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardGroup.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardGroup extends PluginsfGuardGroup
+{
+}
20 lib/model/sfGuardGroupPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardGroupPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardGroupPeer extends PluginsfGuardGroupPeer
+{
+}
20 lib/model/sfGuardGroupPermission.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardGroupPermission.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardGroupPermission extends PluginsfGuardGroupPermission
+{
+}
20 lib/model/sfGuardGroupPermissionPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardGroupPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardGroupPermissionPeer extends PluginsfGuardGroupPermissionPeer
+{
+}
20 lib/model/sfGuardPermission.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardPermission.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardPermission extends PluginsfGuardPermission
+{
+}
20 lib/model/sfGuardPermissionPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardPermissionPeer extends PluginsfGuardPermissionPeer
+{
+}
20 lib/model/sfGuardRememberKey.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardRememberKey.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardRememberKey extends PluginsfGuardRememberKey
+{
+}
20 lib/model/sfGuardRememberKeyPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardRememberKeyPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardRememberKeyPeer extends PluginsfGuardRememberKeyPeer
+{
+}
20 lib/model/sfGuardUser.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUser.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUser extends PluginsfGuardUser
+{
+}
20 lib/model/sfGuardUserGroup.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUserGroup.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUserGroup extends PluginsfGuardUserGroup
+{
+}
20 lib/model/sfGuardUserGroupPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUserGroupPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUserGroupPeer extends PluginsfGuardUserGroupPeer
+{
+}
20 lib/model/sfGuardUserPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUserPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUserPeer extends PluginsfGuardUserPeer
+{
+}
20 lib/model/sfGuardUserPermission.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUserPermission.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUserPermission extends PluginsfGuardUserPermission
+{
+}
20 lib/model/sfGuardUserPermissionPeer.php
@@ -0,0 +1,20 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) 2004-2006 Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardUserPermissionPeer.php 7634 2008-02-27 18:01:40Z fabien $
+ */
+class sfGuardUserPermissionPeer extends PluginsfGuardUserPermissionPeer
+{
+}
70 lib/routing/sfGuardRouting.class.php
@@ -0,0 +1,70 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardRouting.class.php 15757 2009-02-24 21:15:40Z Kris.Wallsmith $
+ */
+class sfGuardRouting
+{
+ /**
+ * Listens to the routing.load_configuration event.
+ *
+ * @param sfEvent An sfEvent instance
+ */
+ static public function listenToRoutingLoadConfigurationEvent(sfEvent $event)
+ {
+ $r = $event->getSubject();
+
+ // preprend our routes
+ $r->prependRoute('sf_guard_signin', new sfRoute('/login', array('module' => 'sfGuardAuth', 'action' => 'signin')));
+ $r->prependRoute('sf_guard_signout', new sfRoute('/logout', array('module' => 'sfGuardAuth', 'action' => 'signout')));
+ $r->prependRoute('sf_guard_password', new sfRoute('/request_password', array('module' => 'sfGuardAuth', 'action' => 'password')));
+ }
+
+ static public function addRouteForAdminUser(sfEvent $event)
+ {
+ $event->getSubject()->prependRoute('sf_guard_user', new sfPropelRouteCollection(array(
+ 'name' => 'sf_guard_user',
+ 'model' => 'sfGuardUser',
+ 'module' => 'sfGuardUser',
+ 'prefix_path' => 'sf_guard_user',
+ 'with_wildcard_routes' => true,
+ 'requirements' => array(),
+ )));
+ }
+
+ static public function addRouteForAdminGroup(sfEvent $event)
+ {
+ $event->getSubject()->prependRoute('sf_guard_group', new sfPropelRouteCollection(array(
+ 'name' => 'sf_guard_group',
+ 'model' => 'sfGuardGroup',
+ 'module' => 'sfGuardGroup',
+ 'prefix_path' => 'sf_guard_group',
+ 'with_wildcard_routes' => true,
+ 'requirements' => array(),
+ )));
+ }
+
+ static public function addRouteForAdminPermission(sfEvent $event)
+ {
+ $event->getSubject()->prependRoute('sf_guard_permission', new sfPropelRouteCollection(array(
+ 'name' => 'sf_guard_permission',
+ 'model' => 'sfGuardPermission',
+ 'module' => 'sfGuardPermission',
+ 'prefix_path' => 'sf_guard_permission',
+ 'with_wildcard_routes' => true,
+ 'requirements' => array(),
+ )));
+ }
+}
53 lib/sfGuardBasicSecurityFilter.class.php
@@ -0,0 +1,53 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Processes the "remember me" cookie.
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardBasicSecurityFilter.class.php 15757 2009-02-24 21:15:40Z Kris.Wallsmith $
+ *
+ * @deprecated Use {@link sfGuardRememberMeFilter} instead
+ */
+class sfGuardBasicSecurityFilter extends sfBasicSecurityFilter
+{
+ /**
+ * @see sfFilter
+ */
+ public function execute($filterChain)
+ {
+ $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
+
+ if ($this->isFirstCall())
+ {
+ // deprecated notice
+ $this->context->getEventDispatcher()->notify(new sfEvent($this, 'application.log', array(sprintf('The filter "%s" is deprecated. Use "sfGuardRememberMeFilter" instead.', __CLASS__), 'priority' => sfLogger::NOTICE)));
+
+ if (
+ $this->context->getUser()->isAnonymous()
+ &&
+ $cookie = $this->context->getRequest()->getCookie($cookieName)
+ )
+ {
+ $criteria = new Criteria();
+ $criteria->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie);
+
+ if ($rk = sfGuardRememberKeyPeer::doSelectOne($criteria))
+ {
+ $this->context->getUser()->signIn($rk->getsfGuardUser());
+ }
+ }
+ }
+
+ parent::execute($filterChain);
+ }
+}
55 lib/sfGuardRememberMeFilter.class.php
@@ -0,0 +1,55 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Processes the "remember me" cookie.
+ *
+ * This filter should be added to the application filters.yml file **above**
+ * the security filter:
+ *
+ * remember_me:
+ * class: sfGuardRememberMeFilter
+ *
+ * security: ~
+ *
+ * @package symfony
+ * @subpackage plugin
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardRememberMeFilter.class.php 15757 2009-02-24 21:15:40Z Kris.Wallsmith $
+ */
+class sfGuardRememberMeFilter extends sfFilter
+{
+ /**
+ * @see sfFilter
+ */
+ public function execute($filterChain)
+ {
+ $cookieName = sfConfig::get('app_sf_guard_plugin_remember_cookie_name', 'sfRemember');
+
+ if (
+ $this->isFirstCall()
+ &&
+ $this->context->getUser()->isAnonymous()
+ &&
+ $cookie = $this->context->getRequest()->getCookie($cookieName)
+ )
+ {
+ $criteria = new Criteria();
+ $criteria->add(sfGuardRememberKeyPeer::REMEMBER_KEY, $cookie);
+
+ if ($rk = sfGuardRememberKeyPeer::doSelectOne($criteria))
+ {
+ $this->context->getUser()->signIn($rk->getsfGuardUser());
+ }
+ }
+
+ $filterChain->execute();
+ }
+}
67 lib/task/sfGuardAddGroupTask.class.php
@@ -0,0 +1,67 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Add a group to a user.
+ *
+ * @package symfony
+ * @subpackage task
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardAddGroupTask.class.php 13761 2008-12-05 10:14:51Z fabien $
+ */
+class sfGuardAddGroupTask extends sfPropelBaseTask
+{
+ /**
+ * @see sfTask
+ */
+ protected function configure()
+ {
+ $this->addArguments(array(
+ new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'),
+ new sfCommandArgument('group', sfCommandArgument::REQUIRED, 'The group name'),
+ ));
+
+ $this->addOptions(array(
+ new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null),
+ new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'),
+ new sfCommandOption('connection', null, sfCommandOption::PARAMETER_REQUIRED, 'The connection name', 'propel'),
+ ));
+
+ $this->namespace = 'guard';
+ $this->name = 'add-group';
+ $this->briefDescription = 'Adds a group to a user';
+
+ $this->detailedDescription = <<<EOF
+The [guard:add-group|INFO] task adds a group to a user:
+
+ [./symfony guard:add-group fabien admin|INFO]
+
+The user and the group must exist in the database.
+EOF;
+ }
+
+ /**
+ * @see sfTask
+ */
+ protected function execute($arguments = array(), $options = array())
+ {
+ $databaseManager = new sfDatabaseManager($this->configuration);
+
+ $user = sfGuardUserPeer::retrieveByUsername($arguments['username']);
+ if (!$user)
+ {
+ throw new sfCommandException(sprintf('User "%s" does not exist.', $arguments['username']));
+ }
+
+ $user->addGroupByName($arguments['group']);
+
+ $this->logSection('guard', sprintf('Add group %s to user %s', $arguments['group'], $arguments['username']));
+ }
+}
67 lib/task/sfGuardAddPermissionTask.class.php
@@ -0,0 +1,67 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Add a permission to a user.
+ *
+ * @package symfony
+ * @subpackage task
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardAddPermissionTask.class.php 13761 2008-12-05 10:14:51Z fabien $
+ */
+class sfGuardAddPermissionTask extends sfPropelBaseTask
+{
+ /**
+ * @see sfTask
+ */
+ protected function configure()
+ {
+ $this->addArguments(array(
+ new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'),
+ new sfCommandArgument('permission', sfCommandArgument::REQUIRED, 'The permission name'),
+ ));
+
+ $this->addOptions(array(
+ new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null),
+ new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'),
+ new sfCommandOption('connection', null, sfCommandOption::PARAMETER_REQUIRED, 'The connection name', 'propel'),
+ ));
+
+ $this->namespace = 'guard';
+ $this->name = 'add-permission';
+ $this->briefDescription = 'Adds a permission to a user';
+
+ $this->detailedDescription = <<<EOF
+The [guard:add-permission|INFO] task adds a permission to a user:
+
+ [./symfony guard:add-permission fabien admin|INFO]
+
+The user and the permission must exist in the database.
+EOF;
+ }
+
+ /**
+ * @see sfTask
+ */
+ protected function execute($arguments = array(), $options = array())
+ {
+ $databaseManager = new sfDatabaseManager($this->configuration);
+
+ $user = sfGuardUserPeer::retrieveByUsername($arguments['username']);
+ if (!$user)
+ {
+ throw new sfCommandException(sprintf('User "%s" does not exist.', $arguments['username']));
+ }
+
+ $user->addPermissionByName($arguments['permission']);
+
+ $this->logSection('guard', sprintf('Add permission %s to user %s', $arguments['permission'], $arguments['username']));
+ }
+}
66 lib/task/sfGuardChangePasswordTask.class.php
@@ -0,0 +1,66 @@
+<?php
+
+/*
+ * This file is part of the symfony package.
+ * (c) Fabien Potencier <fabien.potencier@symfony-project.com>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+/**
+ * Changes the password of a user.
+ *
+ * @package symfony
+ * @subpackage task
+ * @author Fabien Potencier <fabien.potencier@symfony-project.com>
+ * @version SVN: $Id: sfGuardCreateUserTask.class.php 13761 2008-12-05 10:14:51Z fabien $
+ */
+class sfGuardChangePasswordTask extends sfPropelBaseTask
+{
+ /**
+ * @see sfTask
+ */
+ protected function configure()
+ {
+ $this->addArguments(array(
+ new sfCommandArgument('username', sfCommandArgument::REQUIRED, 'The user name'),
+ new sfCommandArgument('password', sfCommandArgument::REQUIRED, 'The password'),
+ ));
+
+ $this->addOptions(array(
+ new sfCommandOption('application', null, sfCommandOption::PARAMETER_OPTIONAL, 'The application name', null),
+ new sfCommandOption('env', null, sfCommandOption::PARAMETER_REQUIRED, 'The environment', 'dev'),
+ new sfCommandOption('connection', null, sfCommandOption::PARAMETER_REQUIRED, 'The connection name', 'propel'),
+ ));
+
+ $this->namespace = 'guard';
+ $this->name = 'change-password';
+ $this->briefDescription = 'Changes the password of a user';