219 lines
5.6 KiB
PHP
219 lines
5.6 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of the Symfony package.
|
|
*
|
|
* (c) Fabien Potencier <fabien@symfony.com>
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Symfony\Component\Security\Core\User;
|
|
|
|
/**
|
|
* User is the user implementation used by the in-memory user provider.
|
|
*
|
|
* This should not be used for anything else.
|
|
*
|
|
* @author Fabien Potencier <fabien@symfony.com>
|
|
*
|
|
* @deprecated since Symfony 5.3, use {@link InMemoryUser} instead
|
|
*/
|
|
class User implements UserInterface, PasswordAuthenticatedUserInterface, EquatableInterface
|
|
{
|
|
private $username;
|
|
private $password;
|
|
private $enabled;
|
|
private $accountNonExpired;
|
|
private $credentialsNonExpired;
|
|
private $accountNonLocked;
|
|
private $roles;
|
|
private $extraFields;
|
|
|
|
public function __construct(?string $username, ?string $password, array $roles = [], bool $enabled = true, bool $userNonExpired = true, bool $credentialsNonExpired = true, bool $userNonLocked = true, array $extraFields = [])
|
|
{
|
|
if (InMemoryUser::class !== static::class) {
|
|
trigger_deprecation('symfony/security-core', '5.3', 'The "%s" class is deprecated, use "%s" instead.', self::class, InMemoryUser::class);
|
|
}
|
|
|
|
if ('' === $username || null === $username) {
|
|
throw new \InvalidArgumentException('The username cannot be empty.');
|
|
}
|
|
|
|
$this->username = $username;
|
|
$this->password = $password;
|
|
$this->enabled = $enabled;
|
|
$this->accountNonExpired = $userNonExpired;
|
|
$this->credentialsNonExpired = $credentialsNonExpired;
|
|
$this->accountNonLocked = $userNonLocked;
|
|
$this->roles = $roles;
|
|
$this->extraFields = $extraFields;
|
|
}
|
|
|
|
public function __toString(): string
|
|
{
|
|
return $this->getUserIdentifier();
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getRoles(): array
|
|
{
|
|
return $this->roles;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getPassword(): ?string
|
|
{
|
|
return $this->password;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getSalt(): ?string
|
|
{
|
|
return null;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function getUsername(): string
|
|
{
|
|
trigger_deprecation('symfony/security-core', '5.3', 'Method "%s()" is deprecated, use getUserIdentifier() instead.', __METHOD__);
|
|
|
|
return $this->username;
|
|
}
|
|
|
|
/**
|
|
* Returns the identifier for this user (e.g. its username or email address).
|
|
*/
|
|
public function getUserIdentifier(): string
|
|
{
|
|
return $this->username;
|
|
}
|
|
|
|
/**
|
|
* Checks whether the user's account has expired.
|
|
*
|
|
* Internally, if this method returns false, the authentication system
|
|
* will throw an AccountExpiredException and prevent login.
|
|
*
|
|
* @see AccountExpiredException
|
|
*/
|
|
public function isAccountNonExpired(): bool
|
|
{
|
|
return $this->accountNonExpired;
|
|
}
|
|
|
|
/**
|
|
* Checks whether the user is locked.
|
|
*
|
|
* Internally, if this method returns false, the authentication system
|
|
* will throw a LockedException and prevent login.
|
|
*
|
|
* @see LockedException
|
|
*/
|
|
public function isAccountNonLocked(): bool
|
|
{
|
|
return $this->accountNonLocked;
|
|
}
|
|
|
|
/**
|
|
* Checks whether the user's credentials (password) has expired.
|
|
*
|
|
* Internally, if this method returns false, the authentication system
|
|
* will throw a CredentialsExpiredException and prevent login.
|
|
*
|
|
* @see CredentialsExpiredException
|
|
*/
|
|
public function isCredentialsNonExpired(): bool
|
|
{
|
|
return $this->credentialsNonExpired;
|
|
}
|
|
|
|
/**
|
|
* Checks whether the user is enabled.
|
|
*
|
|
* Internally, if this method returns false, the authentication system
|
|
* will throw a DisabledException and prevent login.
|
|
*
|
|
* @see DisabledException
|
|
*/
|
|
public function isEnabled(): bool
|
|
{
|
|
return $this->enabled;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function eraseCredentials()
|
|
{
|
|
}
|
|
|
|
public function getExtraFields(): array
|
|
{
|
|
return $this->extraFields;
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
public function isEqualTo(UserInterface $user): bool
|
|
{
|
|
if (!$user instanceof self) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->getPassword() !== $user->getPassword()) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->getSalt() !== $user->getSalt()) {
|
|
return false;
|
|
}
|
|
|
|
$currentRoles = array_map('strval', (array) $this->getRoles());
|
|
$newRoles = array_map('strval', (array) $user->getRoles());
|
|
$rolesChanged = \count($currentRoles) !== \count($newRoles) || \count($currentRoles) !== \count(array_intersect($currentRoles, $newRoles));
|
|
if ($rolesChanged) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->getUserIdentifier() !== $user->getUserIdentifier()) {
|
|
return false;
|
|
}
|
|
|
|
if (self::class === static::class) {
|
|
if ($this->isAccountNonExpired() !== $user->isAccountNonExpired()) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->isAccountNonLocked() !== $user->isAccountNonLocked()) {
|
|
return false;
|
|
}
|
|
|
|
if ($this->isCredentialsNonExpired() !== $user->isCredentialsNonExpired()) {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if ($this->isEnabled() !== $user->isEnabled()) {
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
public function setPassword(string $password)
|
|
{
|
|
$this->password = $password;
|
|
}
|
|
}
|