BAOBAB
Public Member Functions | Protected Attributes | List of all members
CO_Cobra_Login Class Reference
Inheritance diagram for CO_Cobra_Login:
Collaboration diagram for CO_Cobra_Login:

Public Member Functions

 __construct ( $in_login_id=NULL, $in_hashed_password=NULL, $in_raw_password=NULL)
 
 set_personal_ids ( $in_personal_ids=[])
 
 load_from_db ($in_db_result)
 
 security_exemption ()
 
- Public Member Functions inherited from CO_Security_Login
 __construct ( $in_db_object=NULL, $in_db_result=NULL, $in_login_id=NULL, $in_ids=NULL, $in_personal_ids=NULL)
 
 set_ids ( $in_ids_array)
 
 add_id ( $in_id)
 
 remove_id ( $in_id)
 
 ids ()
 
 user_can_edit_ids ()
 
 personal_ids ()
 
 get_crypted_password ( $in_password_to_crypt=NULL)
 
 is_login_valid ( $in_login_id, $in_hashed_password=NULL, $in_raw_password=NULL, $in_dont_create_new_api_key=false)
 
 i_am_a_god ()
 
 is_god ()
 
 is_manager ()
 
 get_lang ()
 
 set_lang ( $in_lang_id=NULL)
 
 get_user_object ()
 
 set_password_from_cleartext ( $in_cleartext_password)
 
 is_api_key_valid ( $in_api_key)
 
 get_remaining_time ()
 
 get_api_key ()
 
 get_api_key_age_in_seconds ()
 
 clear_api_key ()
 
 add_personal_token_from_current_login ( $in_id)
 
 remove_personal_token_from_this_login ( $in_id)
 
 get_logins_that_have_any_of_my_ids ()
 
 user_can_write ()
 
 delete_from_db ()
 
- Public Member Functions inherited from CO_Security_Node
 __construct ( $in_db_object=NULL, $in_db_result=NULL)
 
- Public Member Functions inherited from A_CO_DB_Table_Base
 set_batch_mode ()
 
 clear_batch_mode ()
 
 id ()
 
 lock ()
 
 locked ()
 
 danger_will_robinson_danger_clear_id ()
 
 user_can_read ()
 
 set_read_security_id ($in_new_id)
 
 set_write_security_id ($in_new_id)
 
 set_name ($in_new_value)
 
 update_db ()
 
 reload_from_db ()
 
 get_access_object ()
 

Protected Attributes

 $_special_first_time_security_exemption
 
- Protected Attributes inherited from CO_Security_Login
 $_api_key
 This is an API key for REST. More...
 
 $_personal_ids
 These are personal IDs (special IDs, unique to the login). More...
 
 $_ids
 These are security tokens, available to this ID. More...
 
- Protected Attributes inherited from CO_Security_Node
 $_ids
 
- Protected Attributes inherited from A_CO_DB_Table_Base
 $_db_object
 This is the actual database object that "owns" this instance. It should not be exposed beyond this class or subclasses, thereof. More...
 
 $_id
 This is the within-table unique ID of this record. More...
 
 $_batch_mode
 If this is true, then the write_record call will not be made in update_db. It will be done when clear_batch_mode() is called, instead. More...
 

Additional Inherited Members

- Public Attributes inherited from CO_Security_Login
 $login_id
 
- Public Attributes inherited from A_CO_DB_Table_Base
 $class_description
 This is a description of the class (not the instance). More...
 
 $instance_description
 This is a description that describes the instance. More...
 
 $last_access
 This is a UNIX epoch date that describes the last modification. The default is UNIX Day Two (in case of UTC timezone issues). More...
 
 $name
 This is the "object_name" string field. More...
 
 $read_security_id
 This is a single integer, defining the security ID required to view the record. If it is 0, then it is "open.". More...
 
 $write_security_id
 This is a single integer, defining the required security token to modify the record. If it is 0, then any logged-in user can modify. More...
 
 $context
 This is a mixed associative array, containing fields for the object. More...
 
 $error
 If there is an error, it is contained here, in a LGV_Error instance. More...
 
- Protected Member Functions inherited from CO_Security_Login
 _set_up_api_key ( $key_length)
 
 _default_setup ()
 
 _build_parameter_array ()
 
- Protected Member Functions inherited from A_CO_DB_Table_Base
 _badger_serialize ( $in_data)
 
 _badger_unserialize ( $in_data)
 
 _write_to_db ()
 
 _seppuku ()
 
- Static Protected Member Functions inherited from CO_Security_Login
static _random_str ($length, $keyspace='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
 

Detailed Description

Definition at line 34 of file co_cobra_login.class.php.

Constructor & Destructor Documentation

◆ __construct()

CO_Cobra_Login::__construct (   $in_login_id = NULL,
  $in_hashed_password = NULL,
  $in_raw_password = NULL 
)

The constructor.

Parameters
$in_login_idThe login ID
$in_hashed_passwordThe password, crypt-hashed
$in_raw_passwordThe password, cleartext.

Definition at line 42 of file co_cobra_login.class.php.

45  {
46  parent::__construct($in_login_id, $in_hashed_password, $in_raw_password);
47 
48  $this->_special_first_time_security_exemption = true;
49  if (intval($this->id()) == intval(CO_Config::god_mode_id())) {
50  // God Mode is always forced to use the config password.
51  $this->context['hashed_password'] = bin2hex(openssl_random_pseudo_bytes(4)); // Just create a randomish junk password. It will never be used.
52  $this->instance_description = 'GOD MODE: '.(isset($this->name) && $this->name ? "$this->name (".$this->login_id.")" : "Unnamed Standard Login Node (".$this->login_id.")");
53  } else {
54  $this->instance_description = isset($this->name) && $this->name ? "$this->name (".$this->login_id.")" : "Unnamed Standard Login Node (".$this->login_id.")";
55  }
56  }

Member Function Documentation

◆ load_from_db()

CO_Cobra_Login::load_from_db (   $in_db_result)

This function sets up this instance, according to the DB-formatted associative array passed in.

Returns
true, if the instance was able to set itself up to the provided array.

Reimplemented from CO_Security_Login.

Reimplemented in CO_Login_Manager.

Definition at line 103 of file co_cobra_login.class.php.

103  {
104  $ret = parent::load_from_db($in_db_result);
105 
106  if ($ret) {
107  $this->class_description = 'This is a security class for standard logins.';
108  if (intval($this->id()) == intval(CO_Config::god_mode_id())) {
109  // God Mode is always forced to use the config password.
110  $this->context['hashed_password'] = bin2hex(openssl_random_pseudo_bytes(4)); // Just create a randomish junk password. It will never be used.
111  $this->instance_description = 'GOD MODE: '.(isset($this->name) && $this->name ? "$this->name (".$this->login_id.")" : "Unnamed Standard Login Node (".$this->login_id.")");
112  } else {
113  $this->instance_description = isset($this->name) && $this->name ? "$this->name (".$this->login_id.")" : "Unnamed Standard Login Node (".$this->login_id.")";
114  }
115  }
116 
117  return $ret;
118  }

◆ security_exemption()

CO_Cobra_Login::security_exemption ( )

This weird little function allows a creator to once -and only once- add an ID to itself, as long as that ID is for this object. This is a "Heisenberg" query. Once it's called, the security exemption is gone.

returns true, if the security exemption was on.

Definition at line 127 of file co_cobra_login.class.php.

127  {
128  $ret = $this->_special_first_time_security_exemption;
129  $this->_special_first_time_security_exemption = false;
130 
131  return $ret;
132  }

◆ set_personal_ids()

CO_Cobra_Login::set_personal_ids (   $in_personal_ids = [])

This sets just the "personal" IDs for object. Unlike the one in the initial login class, this can be called by non-God admins.

This only sets the IDs, if the member property is NULL (just created).

This is not an atomic operation. If any of the given IDs are also in the regular ID list, they will be removed from the personal IDs.

Returns
an array of integers, with the new personal security IDs (usually a copy of the input Array). It will be empty, if the procedure fails.
Parameters
$in_personal_idsAn Array of Integers, with the new personal IDs. This replaces any previous ones. If empty, then the IDs are removed.

Reimplemented from CO_Security_Login.

Definition at line 68 of file co_cobra_login.class.php.

69  {
70  $personal_ids_temp = array_unique(array_map('intval', $in_personal_ids));
71  if (CO_Config::use_personal_tokens() && (NULL == $this->_personal_ids) && is_array($personal_ids_temp) && count($personal_ids_temp)) {
72  $personal_ids = [];
73  $my_ids = $this->_ids;
74  // None of the ids can be in the regular IDs, and will be removed from the set, if so.
75  // They also cannot be anyone else's personal ID, or anyone's login ID. Personal IDs can ONLY be regular (non-login) security objects.
76  foreach($personal_ids_temp as $id) {
77  // Make sure that we don't have this personal token in our regular ID array.
78  if (($key = array_search($id, $my_ids)) !== false) {
79  unset($my_ids[$key]);
80  }
81  if (!$this->get_access_object()->is_this_a_login_id($id) && (!$this->get_access_object()->is_this_a_personal_id($id) || in_array($id, $this->_personal_ids))) {
82  array_push($personal_ids, $id);
83  }
84  }
85  $this->_ids = $my_ids;
86  sort($personal_ids);
87  $this->_personal_ids = $personal_ids;
88 
89  $this->update_db();
90  } else { // If we are not NULL, then we kick the can down the road.
91  parent::set_personal_ids($in_personal_ids);
92  }
93 
94  return $this->_personal_ids;
95  }
CO_Security_Login\$_personal_ids
$_personal_ids
These are personal IDs (special IDs, unique to the login).
Definition: co_security_login.class.php:41
CO_Security_Login\$_ids
$_ids
These are security tokens, available to this ID.
Definition: co_security_login.class.php:42

Member Data Documentation

◆ $_special_first_time_security_exemption

CO_Cobra_Login::$_special_first_time_security_exemption
protected

Definition at line 35 of file co_cobra_login.class.php.