contributions/usermanagement.hijackaccount/behaviour/commands/users/hijack.cmd.php

Go to the documentation of this file.
00001 <?php
00002 /**
00003  * Command to login as another user
00004  */
00005 class HijackUsersCommand extends CommandComposite {
00006         protected $session_data;
00007         
00008         /**
00009          * Returns title of command.
00010          */
00011         public function get_name() {
00012                 return 'hijack';
00013         }
00014         
00015         /**
00016          * Returns a description of this command
00017          */
00018         public function get_description() {
00019                 $ret = tr(
00020                         'Hijack Account',
00021                         'hijack'
00022                 );
00023                 return $ret;
00024         }
00025         
00026         /**
00027          * Does executing
00028          * 
00029          * @return Status
00030          */
00031         protected function do_execute() {
00032                 $ret = new Status();
00033                 $this->session_data = array_merge(array(), $_SESSION);
00034                 
00035                 Load::commands('generics/massdelete', 'users/loginknown', 'generics/cookie.set');
00036                 // Store session data
00037                 $duration = GyroDate::ONE_DAY;
00038                 $cur_user = Users::get_current_user();
00039                 $saved_session_id = session::get_session_id();
00040                 $params = array('id' => $saved_session_id, 'id_user' => $cur_user->id, 'data' => $_SESSION, 'expirationdate' => time() + $duration);
00041                 $this->append(CommandsFactory::create_command('hijackaccountsavedsessions', 'create', $params));
00042                 // Clear session, but keep current user as fallback
00043                 Session::clear();
00044                 Session::push('current_user', clone($cur_user));
00045                 // Delete expired
00046                 $this->append(new MassDeleteCommand('hijackaccountsavedsessions', new DBCondition('expirationdate', '<', time())));
00047                 // Login as given user
00048                 $user = $this->get_instance();
00049                 $this->append(new LoginknownUsersCommand($user));
00050                 // Notify USer
00051                 if (Load::is_module_loaded('usermanagement.notifications')) {
00052                         $notify = $this->create_notification_command($cur_user, $user);
00053                         if ($notify->can_execute($user)) {
00054                                 $this->append($notify);
00055                         }
00056                 }
00057                 // Set a Cookie
00058                 $this->append(new CookieSetCommand(HijackAccount::COOKIE_NAME, $saved_session_id, 0));
00059                 return $ret;
00060         }
00061         
00062         protected function create_notification_command($hijacker, $hijacked) {
00063                 $view = ViewFactory::create_view(IViewFactory::MESSAGE, 'hijackaccount/notification', false);
00064                 $view->assign('hijacker', $hijacker);
00065                 $cmd = CommandsFactory::create_command(
00066                         $hijacked, 
00067                         'notify', 
00068                         array(
00069                                 'title' => tr('%name logged into your account', 'hijackaccount', array('%name' => $hijacker->name)),
00070                                 'message' => $view->render(),
00071                                 'source' => 'usermanagement.hijackaccount'
00072                         )
00073                 );
00074                 return $cmd;            
00075         }
00076 
00077         /**
00078          * Does undo
00079          */
00080         protected function do_undo() {
00081                 foreach($this->session_data as $key => $data) {
00082                         Session::push($key, $data);
00083                 }
00084                 Session::restart();
00085         }       
00086 }