BAOBAB
Public Member Functions | Static Public Member Functions | Public Attributes | Protected Member Functions | Private Member Functions | Private Attributes | List of all members
CO_Cobra Class Reference
Collaboration diagram for CO_Cobra:

Public Member Functions

 get_chameleon_instance ()
 
 get_security_ids ()
 
 set_personal_ids ( $in_login_id, $in_personal_ids=[])
 
 make_standalone_user ()
 
 get_login_instance ( $in_login_id)
 
 get_user_from_login ( $in_login_id=NULL, $in_make_user_if_necessary=false)
 
 create_new_standard_login ( $in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids=0)
 
 create_new_manager_login ( $in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids=0)
 
 convert_login ( $in_login_id, $in_is_login_manager=false)
 
 delete_login ( $in_login_id, $also_delete_user=false)
 
 get_all_logins ( $and_write=false, $in_login_id=NULL, $in_login_integer_id=NULL)
 
 who_can_see ( $in_test_target)
 
 who_can_modify ( $in_test_target, $non_managers_only=false)
 
 make_security_token ()
 

Static Public Member Functions

static make_cobra ($in_chameleon_instance)
 

Public Attributes

 $version
 The version indicator. More...
 

Protected Member Functions

 _convert_login ( $in_login_id, $in_is_login_manager=false)
 
 _create_new_login ( $in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids=0, $in_security_token_ids=NULL, $in_is_login_manager=false)
 

Private Member Functions

 __construct ( $in_chameleon_instance=NULL)
 
 _make_security_token ()
 
 _create_this_many_personal_ids ($in_count)
 

Private Attributes

 $_chameleon_instance = NULL
 This is the CHAMELEON instance that is associated with this COBRA instance. More...
 

Detailed Description

This class implements a "login manager" functionality to The Rift Valley Platform.

This class can only be instantiated by the "God" login, or a login that is a CO_Login_Manager.

You use COBRA to manage other logins, or security tokens.

Definition at line 46 of file co_cobra.class.php.

Constructor & Destructor Documentation

◆ __construct()

CO_Cobra::__construct (   $in_chameleon_instance = NULL)
private

The constructor.

We declare it private to prevent it being instantiated outside the factory.

Parameters
$in_chameleon_instanceThe CHAMELEON instance associated with this COBRA instance.

Definition at line 88 of file co_cobra.class.php.

89  {
90  $this->_chameleon_instance = $in_chameleon_instance;
91  $this->version = __COBRA_VERSION__;
92  }
__COBRA_VERSION__
const __COBRA_VERSION__
Definition: co_cobra.class.php:28

References __COBRA_VERSION__.

Member Function Documentation

◆ _convert_login()

CO_Cobra::_convert_login (   $in_login_id,
  $in_is_login_manager = false 
)
protected

This is the internal function used to convert a login to (or from) a manager, in the security database. This can only be called from a login manager.

Returns
the converted instance.
Parameters
$in_login_idThe login ID as text. This must be for a login that can be managed by the current manager.
$in_is_login_managerIf true, then this is a "promotion" to a a manager. If false (default), then this is a "demotion" to a standard user.

Definition at line 153 of file co_cobra.class.php.

155  {
156  $ret = NULL;
157  $working_login = $this->_chameleon_instance->get_login_item_by_login_string($in_login_id); // This is the login we are changing.
158  $manager = $this->_chameleon_instance->get_login_item(); // This is our current login.
159  // Make sure we are a login manager, first, and that we have write permission on the user.
160  if ($working_login && $working_login->user_can_write() && ($manager instanceof CO_Login_Manager || $manager->is_god())) {
161  // Now, make sure that we're actually making a change.
162  if (($in_is_login_manager && !$working_login->is_manager()) || (!$in_is_login_manager && $working_login->is_manager())) {
163  $className = $in_is_login_manager ? 'CO_Login_Manager' : 'CO_Cobra_Login';
164  $user_object = $this->get_user_from_login($working_login->id()); // Get this, so we can modify it.
165 
166  // Create a new blank instance.
167  $new_login_object = $this->_chameleon_instance->make_new_blank_record($className);
168 
169  if (isset($new_login_object) && ($new_login_object instanceof CO_Cobra_Login)) {
170  $original_login_id = $working_login->id();
171  $original_ids = $working_login->ids();
172  if (!isset($original_ids)) {
173  $original_ids = [];
174  }
175 
176  array_push($original_ids, $original_login_id); // We will add this to the new login's IDs.
177  $original_ids = array_unique($original_ids);
178 
179  asort($original_ids);
180 
181  $new_login_object->login_id = $working_login->login_id;
182  $new_login_object->name = $working_login->name;
183  $new_login_object->context = $working_login->context;
184  $new_login_object->set_ids($original_ids);
185  // OK. At this point, we have a new login that is of the type that we want. It is different from the previous one, and has all the relevant data.
186  // Now, we will delete the old one, and then replace it with the new one.
187  if ($working_login->delete_from_db()) {
188  if ($new_login_object->update_db()) {
189  $new_id = $new_login_object->id();
190  if (method_exists($manager, 'add_new_login_id')) { // We only add the ID, if we are a manager object. God doesn't need this.
191  $manager->add_new_login_id($new_id);
192  }
193  $new_login_object->read_security_id = $new_id;
194  $new_login_object->write_security_id = $new_id;
195  if ($new_login_object->update_db()) {
196  $user_object->write_security_id = $new_id;
197  $user_object->set_login($new_id);
198  if ($user_object->update_db()) {
199  $ret = $new_login_object; // If everything went well, to this point, we update the return.
200  } else {
201  $this->error = $user_object->error;
202  }
203  } else {
204  $this->error = $new_login_object->error;
205  }
206  } else {
207  $this->error = $new_login_object->error;
208  }
209  } else {
210  $this->error = $working_login->error;
211  }
212  }
213  }
214  }
215 
216  return $ret;
217  }
CO_Cobra\get_user_from_login
get_user_from_login( $in_login_id=NULL, $in_make_user_if_necessary=false)
Definition: co_cobra.class.php:448

References get_user_from_login(), and CO_Security_Login\is_god().

Referenced by convert_login().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ _create_new_login()

CO_Cobra::_create_new_login (   $in_login_id,
  $in_cleartext_password,
  $in_create_this_many_personal_ids = 0,
  $in_security_token_ids = NULL,
  $in_is_login_manager = false 
)
protected

This is the internal function used to create a new login in the security database. This can only be called from a login manager.

Returns
the new CO_Cobra_Login instance (or CO_Login_Manager instance).
Parameters
$in_login_idThe login ID as text. It needs to be unique, within the Security database, and this will fail, if it is not.
$in_cleartext_passwordThe password to set (in cleartext). It will be stored as a hashed password.
$in_create_this_many_personal_idsThis is how many Personal tokens should be created and assigned. Default is 0.
$in_security_token_idsAn array of integers. These are security token IDs for the login (default is NULL). If NULL, then no IDs will be set. These IDs must be selected from those available to the currently logged-in manager.
$in_is_login_managertrue, if we want a CO_Login_Manager instance, instead of a CO_Cobra_Login instance. Default is false.

Definition at line 226 of file co_cobra.class.php.

231  {
232  $ret = NULL;
233 
234  if (isset($in_login_id) && !$this->_chameleon_instance->check_login_exists_by_login_string($in_login_id)) {
235  $manager = $this->_chameleon_instance->get_login_item();
236  if ($manager instanceof CO_Login_Manager || $manager->is_god()) { // Make sure we are a login manager, first.
237  $use_these_ids = Array();
238  // Next, see if they provided IDs. If so, we remove any that we don't own.
239  if (isset($in_security_token_ids) && is_array($in_security_token_ids) && count($in_security_token_ids)) {
240  $my_ids = $this->get_security_ids();
241 
242  foreach ($in_security_token_ids as $id) {
243  if (in_array($id, $my_ids)) {
244  array_push($use_these_ids, $id);
245  }
246  }
247  // At this point, only IDs that we have available are in the array.
248  }
249 
250  $className = $in_is_login_manager ? 'CO_Login_Manager' : 'CO_Cobra_Login';
251 
252  $new_login_object = $this->_chameleon_instance->make_new_blank_record($className);
253 
254  if (isset($new_login_object) && ($new_login_object instanceof CO_Cobra_Login)) {
255  $new_login_object->login_id = $in_login_id;
256  if (strlen($in_cleartext_password) >= CO_Config::$min_pw_len) {
257  $new_login_object->context['hashed_password'] = password_hash($in_cleartext_password, PASSWORD_DEFAULT);
258 
259  if (!$new_login_object->update_db()) {
260  $this->error = $new_login_object->error;
261  $new_login_object->delete_from_db();
262  $new_login_object = NULL;
263  } else {
264  $new_id = $new_login_object->id();
265  if (method_exists($manager, 'add_new_login_id')) {
266  $manager->add_new_login_id($new_id);
267  }
268  if ($new_login_object->set_read_security_id($new_id)) {
269  if ($new_login_object->set_write_security_id($new_id)) {
270  $new_ids = [];
271  foreach ($use_these_ids as $id) {
272  if (in_array($id, $my_ids) && ($id != $new_id)) {
273  array_push($new_ids, $id);
274  }
275  }
276 
277  if ($new_login_object->set_ids($new_ids)) {
278  if (CO_Config::use_personal_tokens() && (0 < $in_create_this_many_personal_ids)) {
279  $new_personal_ids = $this->_create_this_many_personal_ids($in_create_this_many_personal_ids);
280  $new_login_object->set_personal_ids($new_personal_ids);
281  if (!$new_login_object->error) {
282  $ret = $new_login_object;
283  } else {
284  $this->error = $new_login_object->error;
285  $new_login_object->delete_from_db();
286  $new_login_object = NULL;
287  }
288  }
289 
290  $ret = $new_login_object;
291  } else {
292  $this->error = $new_login_object->error;
293  $new_login_object->delete_from_db();
294  $new_login_object = NULL;
295  }
296  } else {
297  $this->error = $new_login_object->error;
298  $new_login_object->delete_from_db();
299  $new_login_object = NULL;
300  }
301  } else {
302  $this->error = $new_login_object->error;
303  $new_login_object->delete_from_db();
304  $new_login_object = NULL;
305  }
306  }
307  } else {
308  $new_login_object->delete_from_db();
309  $new_login_object = NULL;
310  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_password_too_short,
311  CO_COBRA_Lang::$cobra_error_name_password_too_short,
312  CO_COBRA_Lang::$cobra_error_desc_password_too_short);
313  }
314  } else {
315  if (isset($this->_chameleon_instance->error)) {
316  $this->error = $this->_chameleon_instance->error;
317  } else {
318  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_instance_failed_to_initialize,
319  CO_COBRA_Lang::$cobra_error_name_instance_failed_to_initialize,
320  CO_COBRA_Lang::$cobra_error_desc_instance_failed_to_initialize);
321  }
322  }
323 
324  } else {
325  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
326  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
327  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized);
328  }
329  } elseif (isset($in_login_id)) {
330  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_already_exists,
331  CO_COBRA_Lang::$cobra_error_name_user_already_exists,
332  CO_COBRA_Lang::$cobra_error_desc_user_already_exists);
333  } else {
334  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_login_error,
335  CO_COBRA_Lang::$cobra_error_name_login_error,
336  CO_COBRA_Lang::$cobra_error_desc_login_error);
337  }
338 
339  return $ret;
340  }
CO_Cobra\_create_this_many_personal_ids
_create_this_many_personal_ids($in_count)
Definition: co_cobra.class.php:135
CO_COBRA_Lang_Common\$cobra_error_code_user_already_exists
static $cobra_error_code_user_already_exists
Definition: common.inc.php:50
CO_COBRA_Lang_Common\$cobra_error_code_login_error
static $cobra_error_code_login_error
Definition: common.inc.php:52
CO_COBRA_Lang_Common\$cobra_error_code_instance_failed_to_initialize
static $cobra_error_code_instance_failed_to_initialize
Definition: common.inc.php:48
CO_COBRA_Lang_Common\$cobra_error_code_password_too_short
static $cobra_error_code_password_too_short
Definition: common.inc.php:55
CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized
static $cobra_error_code_user_not_authorized
Definition: common.inc.php:47
CO_COBRA_Lang\$cobra_error_desc_user_not_authorized
static $cobra_error_desc_user_not_authorized
Definition: en.php:36
CO_COBRA_Lang\$cobra_error_name_login_error
static $cobra_error_name_login_error
Definition: en.php:43
CO_COBRA_Lang\$cobra_error_name_user_not_authorized
static $cobra_error_name_user_not_authorized
Definition: en.php:34
CO_COBRA_Lang\$cobra_error_name_user_already_exists
static $cobra_error_name_user_already_exists
Definition: en.php:39
CO_COBRA_Lang\$cobra_error_name_password_too_short
static $cobra_error_name_password_too_short
Definition: en.php:49
CO_COBRA_Lang\$cobra_error_desc_instance_failed_to_initialize
static $cobra_error_desc_instance_failed_to_initialize
Definition: en.php:38
CO_COBRA_Lang\$cobra_error_desc_password_too_short
static $cobra_error_desc_password_too_short
Definition: en.php:50
CO_COBRA_Lang\$cobra_error_name_instance_failed_to_initialize
static $cobra_error_name_instance_failed_to_initialize
Definition: en.php:37
CO_COBRA_Lang\$cobra_error_desc_user_already_exists
static $cobra_error_desc_user_already_exists
Definition: en.php:40
CO_COBRA_Lang\$cobra_error_desc_login_error
static $cobra_error_desc_login_error
Definition: en.php:44
LGV_Error
This class provides a general error report, with file, method and error information.
Definition: error.class.php:32

References CO_COBRA_Lang_Common\$cobra_error_code_instance_failed_to_initialize, CO_COBRA_Lang_Common\$cobra_error_code_login_error, CO_COBRA_Lang_Common\$cobra_error_code_password_too_short, CO_COBRA_Lang_Common\$cobra_error_code_user_already_exists, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_desc_login_error, CO_COBRA_Lang\$cobra_error_desc_password_too_short, CO_COBRA_Lang\$cobra_error_desc_user_already_exists, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized, CO_COBRA_Lang\$cobra_error_name_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_name_login_error, CO_COBRA_Lang\$cobra_error_name_password_too_short, CO_COBRA_Lang\$cobra_error_name_user_already_exists, CO_COBRA_Lang\$cobra_error_name_user_not_authorized, _create_this_many_personal_ids(), get_security_ids(), and CO_Security_Login\is_god().

Referenced by create_new_manager_login(), and create_new_standard_login().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ _create_this_many_personal_ids()

CO_Cobra::_create_this_many_personal_ids (   $in_count)
private

Create new security IDs to be used as personal tokens.

Returns
an Integer Array, with the new security IDs to use as personal tokens.
Parameters
$in_countThe number of personal IDs to create.

Definition at line 135 of file co_cobra.class.php.

136  {
137  $ret = [];
138 
139  for ($index = 0; $index < $in_count; $index++) {
140  $ret[] = $this->_make_security_token();
141  }
142 
143  return $ret;
144  }
CO_Cobra\_make_security_token
_make_security_token()
Definition: co_cobra.class.php:102

References _make_security_token().

Referenced by _create_new_login().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ _make_security_token()

CO_Cobra::_make_security_token ( )
private

This simply generates a new security token instance, to be used for a personal token.

Security tokens are "the gift that keeps on giving." Once created, they can't easily be deleted. Only the God admin can delete them. They are permanent placeholders.

Returns
an integer, with the new ID, or 0, if the method failed (check error).

Definition at line 102 of file co_cobra.class.php.

102  {
103  $ret = 0;
104 
105  $manager = $this->_chameleon_instance->get_login_item();
106  if ($this->_chameleon_instance->god_mode() || ($manager instanceof CO_Login_Manager)) {
107  $new_token = $this->_chameleon_instance->make_new_blank_record('CO_Security_ID');
108  if (isset($new_token) && ($new_token instanceof CO_Security_ID)) {
109  $new_id = $new_token->id();
110  if (!$this->_chameleon_instance->error) {
111  $ret = $new_id;
112  } else { // We were unable to create the token.
113  $this->error = $this->_chameleon_instance->error;
114  }
115  } else { // Token object did not get instantiated.
116  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_token_instance_failed_to_initialize,
117  CO_COBRA_Lang::$cobra_error_name_token_instance_failed_to_initialize,
118  CO_COBRA_Lang::$cobra_error_desc_token_instance_failed_to_initialize);
119  }
120  } else { // Should never happen, but what the hell...
121  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
122  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
123  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized);
124  }
125 
126  return $ret;
127  }
CO_COBRA_Lang_Common\$cobra_error_code_token_instance_failed_to_initialize
static $cobra_error_code_token_instance_failed_to_initialize
Definition: common.inc.php:53
CO_COBRA_Lang\$cobra_error_name_token_instance_failed_to_initialize
static $cobra_error_name_token_instance_failed_to_initialize
Definition: en.php:45
CO_COBRA_Lang\$cobra_error_desc_token_instance_failed_to_initialize
static $cobra_error_desc_token_instance_failed_to_initialize
Definition: en.php:46

References CO_COBRA_Lang_Common\$cobra_error_code_token_instance_failed_to_initialize, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_token_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized, CO_COBRA_Lang\$cobra_error_name_token_instance_failed_to_initialize, and CO_COBRA_Lang\$cobra_error_name_user_not_authorized.

Referenced by _create_this_many_personal_ids().

Here is the caller graph for this function:

◆ convert_login()

CO_Cobra::convert_login (   $in_login_id,
  $in_is_login_manager = false 
)

This is the public function used to convert a login to (or from) a manager, in the security database. This can only be called from a login manager. The user is not affected, and the login IDs (tokens) are also left "as is."

Returns
the converted instance.
Parameters
$in_login_idThe login ID as text. This must be for a login that can be managed by the current manager.
$in_is_login_managerIf true, then this is a "promotion" to a a manager. If false (default), then this is a "demotion" to a standard user.

Definition at line 543 of file co_cobra.class.php.

545  {
546  return $this->_convert_login($in_login_id, $in_is_login_manager);
547  }
CO_Cobra\_convert_login
_convert_login( $in_login_id, $in_is_login_manager=false)
Definition: co_cobra.class.php:153

References _convert_login().

Here is the call graph for this function:

◆ create_new_manager_login()

CO_Cobra::create_new_manager_login (   $in_login_id,
  $in_cleartext_password,
  $in_create_this_many_personal_ids = 0 
)

This is the public function used to create a new login manager login in the security database. This can only be called from a login manager.

Returns
the new CO_Login_Manager instance.
Parameters
$in_login_idThe login ID as text. It needs to be unique, within the Security database, and this will fail, if it is not.
$in_cleartext_passwordThe password to set (in cleartext). It will be stored as a hashed password.
$in_create_this_many_personal_idsThis is how many Personal tokens should be created and assigned. Default is 0.

Definition at line 528 of file co_cobra.class.php.

531  {
532  return $this->_create_new_login($in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids, NULL, true);
533  }
CO_Cobra\_create_new_login
_create_new_login( $in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids=0, $in_security_token_ids=NULL, $in_is_login_manager=false)
Definition: co_cobra.class.php:226

References _create_new_login().

Here is the call graph for this function:

◆ create_new_standard_login()

CO_Cobra::create_new_standard_login (   $in_login_id,
  $in_cleartext_password,
  $in_create_this_many_personal_ids = 0 
)

This is the public function used to create a new standard login in the security database. This can only be called from a login manager.

Returns
the new CO_Cobra_Login instance.
Parameters
$in_login_idThe login ID as text. It needs to be unique, within the Security database, and this will fail, if it is not.
$in_cleartext_passwordThe password to set (in cleartext). It will be stored as a hashed password.
$in_create_this_many_personal_idsThis is how many Personal tokens should be created and assigned. Default is 0.

Definition at line 514 of file co_cobra.class.php.

517  {
518  return $this->_create_new_login($in_login_id, $in_cleartext_password, $in_create_this_many_personal_ids);
519  }

References _create_new_login().

Here is the call graph for this function:

◆ delete_login()

CO_Cobra::delete_login (   $in_login_id,
  $also_delete_user = false 
)

This deletes a login, given the login ID. When we delete a login, it actually gets changed into a security ID instance (to reserve the ID slot), however, the user object is actually removed. It should be noted that deleting a (user) collection does not delete everything in the collection; only the collection object, itself.

Returns
true, if the operation (or operations) succeeded.
Parameters
$in_login_idThe login ID as text.
$also_delete_userIf true (Default is false), then we will also delete the user record associated with this login.

Definition at line 557 of file co_cobra.class.php.

559  {
560  $ret = false;
561 
562  $cobra_login_instance = $this->get_login_instance($in_login_id);
563 
564  if ($cobra_login_instance) {
565  $cobra_user_instance = NULL;
566 
567  if ($also_delete_user) {
568  $cobra_user_instance = $this->get_user_from_login($cobra_login_instance->id());
569  }
570 
571  $ret = $cobra_login_instance->delete_from_db();
572 
573  if ($ret && $cobra_user_instance) {
574  $ret = $cobra_user_instance->delete_from_db();
575  }
576  }
577 
578  return $ret;
579  }
CO_Cobra\get_login_instance
get_login_instance( $in_login_id)
Definition: co_cobra.class.php:427

References get_login_instance(), and get_user_from_login().

Here is the call graph for this function:

◆ get_all_logins()

CO_Cobra::get_all_logins (   $and_write = false,
  $in_login_id = NULL,
  $in_login_integer_id = NULL 
)
Returns
an array of instances of all the logins that are visible to the current user (or a supplied user, if in "God" mode).
Parameters
$and_writeIf true, then we only want ones we have write access to.
$in_login_idThis is ignored, unless this is the God login. If We are logged in as God, then we can select a login via its string login ID, and see what logins are available to it.
$in_login_integer_idThis is ignored, unless this is the God login and $in_login_id is not specified. If We are logged in as God, then we can select a login via its integer login ID, and see what logins are available to it.

Definition at line 585 of file co_cobra.class.php.

588  {
589  if (!$this->_chameleon_instance->god_mode()) { // Definitely won't look at this unless we are God.
590  $in_login_id = NULL;
591  $in_login_integer_id = 0;
592  } else {
593  $in_login_id = trim(strval($in_login_id));
594 
595  if (!$in_login_id) { // String login ID trumps integer.
596  $in_login_integer_id = intval($in_login_integer_id);
597  } else {
598  $item = $this->_chameleon_instance->get_login_item_by_login_string($in_login_id);
599  $in_login_id = NULL;
600  $in_login_integer_id = $item->id();
601  }
602  }
603 
604  // If both $in_login_id and $in_login_integer_id are unspecified, then we'll find every login we can see.
605  // If they are specified (which means we're God), then we filter for only the
606  $id_list = Array();
607  $results = $this->_chameleon_instance->get_all_login_objects($and_write);
608  if (isset($results) && is_array($results) && count($results)) {
609  foreach ($results as $result) {
610  if (!$in_login_integer_id || ($in_login_integer_id == $result->id())) {
611  $id_list[] = $result->id();
612  foreach ($result->ids() as $id) {
613  if (($id != CO_Config::god_mode_id()) || (($id == CO_Config::god_mode_id()) && ($in_login_integer_id == CO_Config::god_mode_id()))) {
614  $id_list[] = $id;
615  }
616  }
617  }
618  }
619  }
620 
621  $id_list = array_unique($id_list);
622  $ret = Array();
623  foreach ($id_list as $id) {
624  $object = $this->_chameleon_instance->get_single_security_record_by_id($id);
625  if ($object instanceof CO_Security_Login) {
626  $ret[] = $object;
627  }
628  }
629  if (1 < count($ret)) {
630  // Sort the results by ID.
631  usort($ret, function ($a, $b) {
632  if ($a->id() == $b->id()) {
633  return 0;
634  }
635 
636  if ($a->id() < $b->id()) {
637  return -1;
638  }
639 
640  return 1;
641  });
642  }
643 
644  return $ret;
645  }
if
if(!defined( 'LGV_LANG_CATCHER'))
Definition: co_cobra.class.php:32

References if.

◆ get_chameleon_instance()

CO_Cobra::get_chameleon_instance ( )
Returns
the CHAMELEON instance for this instance.

Definition at line 346 of file co_cobra.class.php.

346  {
347  return $this->_chameleon_instance;
348  }
CO_Cobra\$_chameleon_instance
$_chameleon_instance
This is the CHAMELEON instance that is associated with this COBRA instance.
Definition: co_cobra.class.php:47

References $_chameleon_instance.

◆ get_login_instance()

CO_Cobra::get_login_instance (   $in_login_id)

This returns the login instance for the given ID string.

This is scurity-vetted. The current login needs to be able to see the item.

Returns
the Login Item. NULL if unable to fetch the item.
Parameters
$in_login_idThe string login ID that we are referencing.

Definition at line 427 of file co_cobra.class.php.

428  {
429  $ret = NULL;
430 
431  if (isset($in_login_id) && $in_login_id) {
432  $ret = $this->_chameleon_instance->get_login_item_by_login_string($in_login_id);
433 
434  $this->error = $this->_chameleon_instance->error;
435  }
436 
437  return $ret;
438  }

Referenced by delete_login().

Here is the caller graph for this function:

◆ get_security_ids()

CO_Cobra::get_security_ids ( )
Returns
an array of integers, with each one representing a special security token for editing security items.

Definition at line 354 of file co_cobra.class.php.

354  {
355  return $this->_chameleon_instance->get_security_ids();
356  }

Referenced by _create_new_login().

Here is the caller graph for this function:

◆ get_user_from_login()

CO_Cobra::get_user_from_login (   $in_login_id = NULL,
  $in_make_user_if_necessary = false 
)

This fetches a user from a given login ID.

The user may be created, if the current login is a Login Manager, and the second parameter is set to true.

Returns
an instance of a user collection. If new, it will be blank.
Parameters
$in_login_idThe integer login ID that is associated with the user collection. If NULL, then the current login is used.
$in_make_user_if_necessaryIf true (Default is false), then the user will be created if it does not already exist. Ignored, if we are not a Login Manager.

Definition at line 448 of file co_cobra.class.php.

450  {
451  $user = $this->_chameleon_instance->get_user_from_login($in_login_id); // First, see if it's already a thing.
452  if (!$user && $in_make_user_if_necessary && ($this->_chameleon_instance->god_mode() || ($this->_chameleon_instance->get_login_item() instanceof CO_Login_Manager))) { // If not, we will create a new one, based on the given login. We must be a manager.
453  if (isset($in_login_id) && (0 < intval($in_login_id))) { // See if they seek a different login.
454  $login_id = intval($in_login_id);
455  }
456  // Assuming all is well, we need to create a new user. We have to be a login manager to do this.
457  if (isset($in_login_id) && (0 < intval($in_login_id))) {
458  $login_item = $this->_chameleon_instance->get_login_item($in_login_id);
459 
460  if (isset($login_item) && ($login_item instanceof CO_Security_Login)) {
461  if (!$this->_chameleon_instance->check_user_exists($in_login_id)) {
462  $user = $this->make_standalone_user();
463 
464  if ($user) {
465  $user->set_login($in_login_id); // We set the user's login instance to the login instance we're using as the basis.
466  if (isset($user->error)) {
467  $this->error = $user->error;
468  $user->delete_from_db();
469  $user = NULL;
470  } else {
471  $user->set_write_security_id($in_login_id); // Make sure the user can modify their own record.
472  if (isset($user->error)) {
473  $this->error = $user->error;
474  $user->delete_from_db();
475  $user = NULL;
476  }
477  }
478  } else {
479  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_instance_failed_to_initialize,
480  CO_COBRA_Lang::$cobra_error_name_instance_failed_to_initialize,
481  CO_COBRA_Lang::$cobra_error_desc_instance_failed_to_initialize);
482  }
483  } else {
484  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_already_exists,
485  CO_COBRA_Lang::$cobra_error_name_user_already_exists,
486  CO_COBRA_Lang::$cobra_error_desc_user_already_exists);
487  }
488  } else {
489  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_login_unavailable,
490  CO_COBRA_Lang::$cobra_error_name_login_unavailable,
491  CO_COBRA_Lang::$cobra_error_desc_login_unavailable);
492  }
493  } else {
494  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_login_unavailable,
495  CO_COBRA_Lang::$cobra_error_name_login_unavailable,
496  CO_COBRA_Lang::$cobra_error_desc_login_unavailable);
497  }
498  } elseif (!($this->_chameleon_instance->get_login_item() instanceof CO_Login_Manager)) {
499  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
500  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
501  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized);
502  }
503 
504  return $user;
505  }
CO_Cobra\make_standalone_user
make_standalone_user()
Definition: co_cobra.class.php:385
CO_COBRA_Lang_Common\$cobra_error_code_login_unavailable
static $cobra_error_code_login_unavailable
Definition: common.inc.php:51
CO_COBRA_Lang\$cobra_error_name_login_unavailable
static $cobra_error_name_login_unavailable
Definition: en.php:41
CO_COBRA_Lang\$cobra_error_desc_login_unavailable
static $cobra_error_desc_login_unavailable
Definition: en.php:42

References CO_COBRA_Lang_Common\$cobra_error_code_instance_failed_to_initialize, CO_COBRA_Lang_Common\$cobra_error_code_login_unavailable, CO_COBRA_Lang_Common\$cobra_error_code_user_already_exists, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_desc_login_unavailable, CO_COBRA_Lang\$cobra_error_desc_user_already_exists, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized, CO_COBRA_Lang\$cobra_error_name_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_name_login_unavailable, CO_COBRA_Lang\$cobra_error_name_user_already_exists, CO_COBRA_Lang\$cobra_error_name_user_not_authorized, and make_standalone_user().

Referenced by _convert_login(), and delete_login().

Here is the call graph for this function:
Here is the caller graph for this function:

◆ make_cobra()

static CO_Cobra::make_cobra (   $in_chameleon_instance)
static

Factory Function.

This vets the CHAMELEON instance, and makes sure that it's valid before returning a constructed COBRA.

Returns
an instance of CO_Cobra upon success. If there was an error set by COBRA (or CHAMELEON), or the vetting failed, that is returned instead of a COBRA instance.

Definition at line 59 of file co_cobra.class.php.

59  {
60  $ret = NULL;
61 
62  // We must have a valid CHAMELEON instance that is logged in. The login user must be a COBRA Manager user (the standard logins cannot use COBRA).
63  if (isset($in_chameleon_instance)
64  && ($in_chameleon_instance instanceof CO_Chameleon)
65  && $in_chameleon_instance->security_db_available()
66  && ($in_chameleon_instance->god_mode() || ($in_chameleon_instance->get_login_item() instanceof CO_Login_Manager))) {
67  $ret = new CO_Cobra($in_chameleon_instance);
68  } elseif (isset($in_chameleon_instance) && ($in_chameleon_instance instanceof CO_Chameleon)) {
69  $ret = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
70  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
71  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized_instance);
72  } else {
73  $ret = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_invalid_chameleon,
74  CO_COBRA_Lang::$cobra_error_name_invalid_chameleon,
75  CO_COBRA_Lang::$cobra_error_desc_invalid_chameleon);
76  }
77 
78  return $ret;
79  }
CO_COBRA_Lang_Common\$cobra_error_code_invalid_chameleon
static $cobra_error_code_invalid_chameleon
Definition: common.inc.php:49
CO_COBRA_Lang\$cobra_error_desc_invalid_chameleon
static $cobra_error_desc_invalid_chameleon
Definition: en.php:33
CO_COBRA_Lang\$cobra_error_desc_user_not_authorized_instance
static $cobra_error_desc_user_not_authorized_instance
Definition: en.php:35
CO_COBRA_Lang\$cobra_error_name_invalid_chameleon
static $cobra_error_name_invalid_chameleon
Definition: en.php:32

References CO_COBRA_Lang_Common\$cobra_error_code_invalid_chameleon, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_invalid_chameleon, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized_instance, CO_COBRA_Lang\$cobra_error_name_invalid_chameleon, and CO_COBRA_Lang\$cobra_error_name_user_not_authorized.

Referenced by CO_Andisol\__construct().

Here is the caller graph for this function:

◆ make_security_token()

CO_Cobra::make_security_token ( )

This simply generates a new security token instance.

Security tokens are "the gift that keeps on giving." Once created, they can't easily be deleted. Only the God admin can delete them. They are permanent placeholders.

Returns
an integer, with the new ID, or 0, if the method failed (check error).

Definition at line 730 of file co_cobra.class.php.

730  {
731  $ret = 0;
732 
733  $manager = $this->_chameleon_instance->get_login_item();
734  if ($this->_chameleon_instance->god_mode() || ($manager instanceof CO_Login_Manager)) {
735  $new_token = $this->_chameleon_instance->make_new_blank_record('CO_Security_ID');
736  if (isset($new_token) && ($new_token instanceof CO_Security_ID)) {
737  $new_id = $new_token->id();
738  if ($this->_chameleon_instance->god_mode() || $manager->add_new_login_id($new_id)) { // We need to do the "special excemption" add of the ID to the manager.
739  $ret = $new_id;
740  } else { // We were unable to set the new token ID to the manager.
741  $new_token->delete_from_db();
742  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_token_id_not_set,
743  CO_COBRA_Lang::$cobra_error_name_token_id_not_set,
744  CO_COBRA_Lang::$cobra_error_desc_token_id_not_set);
745  }
746  } else { // Token object did not get instantiated.
747  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_token_instance_failed_to_initialize,
748  CO_COBRA_Lang::$cobra_error_name_token_instance_failed_to_initialize,
749  CO_COBRA_Lang::$cobra_error_desc_token_instance_failed_to_initialize);
750  }
751  } else { // Should never happen, but what the hell...
752  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
753  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
754  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized);
755  }
756 
757  return $ret;
758  }
CO_COBRA_Lang_Common\$cobra_error_code_token_id_not_set
static $cobra_error_code_token_id_not_set
Definition: common.inc.php:54
CO_COBRA_Lang\$cobra_error_name_token_id_not_set
static $cobra_error_name_token_id_not_set
Definition: en.php:47
CO_COBRA_Lang\$cobra_error_desc_token_id_not_set
static $cobra_error_desc_token_id_not_set
Definition: en.php:48

References CO_COBRA_Lang_Common\$cobra_error_code_token_id_not_set, CO_COBRA_Lang_Common\$cobra_error_code_token_instance_failed_to_initialize, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_token_id_not_set, CO_COBRA_Lang\$cobra_error_desc_token_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized, CO_COBRA_Lang\$cobra_error_name_token_id_not_set, CO_COBRA_Lang\$cobra_error_name_token_instance_failed_to_initialize, and CO_COBRA_Lang\$cobra_error_name_user_not_authorized.

◆ make_standalone_user()

CO_Cobra::make_standalone_user ( )

Creates a new "standalone" user that has no associated login instance.

Returns
the new user record.

Definition at line 385 of file co_cobra.class.php.

385  {
386  $user = NULL;
387 
388  if ($this->_chameleon_instance->god_mode() || ($this->_chameleon_instance->get_login_item() instanceof CO_Login_Manager)) { // We have to be a manager to create a user.
389  $user = $this->_chameleon_instance->make_new_blank_record('CO_User_Collection');
390 
391  if ($user) {
392  if (!isset($user->error)) {
393  $user->set_read_security_id(1); // Users default to 1 (only logged-in users can see).
394  $user->set_write_security_id($this->_chameleon_instance->get_login_item()->id()); // Make sure that only we can modify this record.
395  if (isset($user->error)) {
396  $this->error = $user->error;
397  $user->delete_from_db();
398  $user = NULL;
399  }
400  } else {
401  $this->error = $user->error;
402  $user->delete_from_db();
403  $user = NULL;
404  }
405  } else {
406  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_instance_failed_to_initialize,
407  CO_COBRA_Lang::$cobra_error_name_instance_failed_to_initialize,
408  CO_COBRA_Lang::$cobra_error_desc_instance_failed_to_initialize);
409  }
410  } elseif (!($this->_chameleon_instance->get_login_item() instanceof CO_Login_Manager)) {
411  $this->error = new LGV_Error( CO_COBRA_Lang_Common::$cobra_error_code_user_not_authorized,
412  CO_COBRA_Lang::$cobra_error_name_user_not_authorized,
413  CO_COBRA_Lang::$cobra_error_desc_user_not_authorized);
414  }
415 
416  return $user;
417  }

References CO_COBRA_Lang_Common\$cobra_error_code_instance_failed_to_initialize, CO_COBRA_Lang_Common\$cobra_error_code_user_not_authorized, CO_COBRA_Lang\$cobra_error_desc_instance_failed_to_initialize, CO_COBRA_Lang\$cobra_error_desc_user_not_authorized, CO_COBRA_Lang\$cobra_error_name_instance_failed_to_initialize, and CO_COBRA_Lang\$cobra_error_name_user_not_authorized.

Referenced by get_user_from_login().

Here is the caller graph for this function:

◆ set_personal_ids()

CO_Cobra::set_personal_ids (   $in_login_id,
  $in_personal_ids = [] 
)

This sets just the "personal" IDs for the given ID.

This should only be called by the "God" admin, and will fail, otherwise (returns empty array).

This is not an atomic operation. If any of the given IDs are also in the regular ID list, they will be removed from the personal IDs.

Returns
an array of integers, with the new personal security IDs (usually a copy of the input Array). It will be empty, if the procedure fails.
Parameters
$in_login_idThe ID of the login we want to modify.
$in_personal_idsAn Array of Integers, with the new personal IDs. This replaces any previous ones. If empty, then the IDs are removed.

Definition at line 368 of file co_cobra.class.php.

370  {
371  $target = $this->_chameleon_instance->get_login_item($in_login_id);
372  if (CO_Config::use_personal_tokens() && ($target instanceof CO_Security_Login) && $this->_chameleon_instance->god_mode()) {
373  return $target->set_personal_ids($in_personal_ids);
374  }
375 
376  return [];
377  }

◆ who_can_modify()

CO_Cobra::who_can_modify (   $in_test_target,
  $non_managers_only = false 
)

Test an item to see which logins can modify it.

This is security-limited.

Returns
an array of instances of CO_Security_Login (Security Database login) items that can modify the given item. If the write ID is 0 (open), then the function simply returns true. If nothing can modify the item, then false is returned.
Parameters
$in_test_targetThis is a subclass of A_CO_DB_Table_Base (General Database Record).
$non_managers_onlyIgnored if the target is not an instance (or subclass) of CO_Security_Login. If true (default is false), then only login manager objects will be returned. If you supply a login object as the target, this is a quick way to see if any non-manager objects can modify it. In reality, there should be no non-manager objects that can modify a login, besides the login, itself.

Definition at line 683 of file co_cobra.class.php.

689  {
690  $ret = false;
691 
692  if (isset($in_test_target) && ($in_test_target instanceof A_CO_DB_Table_Base)) {
693  $id = intval($in_test_target->write_security_id);
694 
695  if (0 < $id) {
696  $ret = $this->_chameleon_instance->get_all_login_objects_with_access($id, true);
697  // Check to see if any non-manager objects can modify the login (should never be).
698  if (($in_test_target instanceof CO_Security_Login) && isset($ret) && is_array($ret) && $non_managers_only) {
699  $ret_temp = Array();
700  foreach ($ret as $login) {
701  if (!($login instanceof CO_Login_Manager)) {
702  $ret_temp[] = $login;
703  }
704  }
705 
706  if (count($ret_temp)) {
707  $ret = $ret_temp;
708  } else {
709  $ret = false;
710  }
711  } elseif (!isset($ret) || !is_array($ret) || !count($ret)) {
712  $ret = false;
713  }
714  } elseif (0 == $id) {
715  $ret = true;
716  }
717  }
718 
719  return $ret;
720  }

◆ who_can_see()

CO_Cobra::who_can_see (   $in_test_target)

Test an item to see which logins can access it.

This is security-limited.

Returns
an array of instances of CO_Security_Login (Security Database login) items that can read/see the given item. If the read ID is 0 (open), then the function simply returns true. If nothing can see the item, then false is returned.
Parameters
$in_test_targetThis is a subclass of A_CO_DB_Table_Base (General Database Record).

Definition at line 655 of file co_cobra.class.php.

656  {
657  $ret = false;
658 
659  if (isset($in_test_target) && ($in_test_target instanceof A_CO_DB_Table_Base)) {
660  $id = intval($in_test_target->read_security_id);
661 
662  if (0 < $id) {
663  $ret = $this->_chameleon_instance->get_all_login_objects_with_access($id);
664  if (!isset($ret) || !is_array($ret) || !count($ret)) {
665  $ret = false;
666  }
667  } elseif (0 == $id) {
668  $ret = true;
669  }
670  }
671 
672  return $ret;
673  }

Member Data Documentation

◆ $_chameleon_instance

CO_Cobra::$_chameleon_instance = NULL
private

This is the CHAMELEON instance that is associated with this COBRA instance.

Definition at line 47 of file co_cobra.class.php.

Referenced by get_chameleon_instance().

◆ $version

CO_Cobra::$version

The version indicator.

Definition at line 49 of file co_cobra.class.php.