18 protected bool $ignore_access =
false;
22 protected bool $show_disabled_entities =
false;
24 protected bool $show_deleted_entities =
false;
52 return $this->ignore_access;
63 $prev = $this->ignore_access;
64 $this->ignore_access = $ignore;
75 return $this->show_disabled_entities;
86 $prev = $this->show_disabled_entities;
87 $this->show_disabled_entities = $show;
99 return $this->show_deleted_entities;
111 $prev = $this->show_deleted_entities;
112 $this->show_deleted_entities = $show;
129 $user = $this->getLoggedInUser();
136 $this->session->set(
'__user_token', $this->generateUserToken(
$user));
149 $session_token = $this->session->get(
'__user_token');
150 $user_token = $this->generateUserToken(
$user);
152 if ($session_token !== $user_token) {
169 ],
'sha256',
$user->password_hash);
171 return $hmac->getToken();
186 throw new LoginException($this->translator->translate(
'LoginException:BannedUser'));
190 $first_login = empty(
$user->last_login);
193 if (!
$user->isEnabled()) {
197 $this->setLoggedInUser(
$user,
true);
198 $this->setUserToken(
$user);
201 $this->translator->registerTranslations(\
Elgg\Project\
Paths::elgg() .
'languages/');
205 $this->persistent_login->makeLoginPersistent(
$user);
209 $this->session->migrate();
211 $user->setLastLogin();
218 if (!
$user->isEnabled()) {
219 $this->removeLoggedInUser();
221 throw new LoginException($this->translator->translate(
'LoginException:DisabledUser'));
226 throw new LoginException($this->translator->translate(
'LoginException:Unknown'));
230 $this->events->trigger(
'login:first',
'user',
$user);
231 $user->first_login = time();
242 $user = $this->getLoggedInUser();
247 if (!$this->events->triggerBefore(
'logout',
'user',
$user)) {
251 $this->persistent_login->removePersistentLogin();
254 $old_msg = $this->session->get(SystemMessagesService::SESSION_KEY, []);
255 $this->session->invalidate();
257 $this->logged_in_user =
null;
259 $this->session->set(SystemMessagesService::SESSION_KEY, $old_msg);
261 $this->events->triggerAfter(
'logout',
'user',
$user);
276 $current_user = $this->getLoggedInUser();
277 if ($current_user !=
$user) {
278 if (!isset($migrate)) {
283 $this->session->migrate(
true);
286 $this->session->set(
'guid',
$user->guid);
287 $this->logged_in_user =
$user;
288 $this->access_cache->clear();
289 $this->entity_cache->save(
$user->guid,
$user);
290 $this->translator->setCurrentLanguage(
$user->language);
302 return $this->logged_in_user;
311 $user = $this->getLoggedInUser();
321 $user = $this->getLoggedInUser();
332 return (bool) $this->getLoggedInUser();
342 $this->logged_in_user = null;
343 $this->session->remove(
'guid');
344 $this->access_cache->clear();
if(empty($entity_guid)||empty($recipient)||empty($muted_settings)||empty($hmac_token)) $hmac
return[ 'admin/delete_admin_notices'=>['access'=> 'admin'], 'admin/menu/save'=>['access'=> 'admin'], 'admin/plugins/activate'=>['access'=> 'admin'], 'admin/plugins/activate_all'=>['access'=> 'admin'], 'admin/plugins/deactivate'=>['access'=> 'admin'], 'admin/plugins/deactivate_all'=>['access'=> 'admin'], 'admin/plugins/set_priority'=>['access'=> 'admin'], 'admin/security/security_txt'=>['access'=> 'admin'], 'admin/security/settings'=>['access'=> 'admin'], 'admin/security/regenerate_site_secret'=>['access'=> 'admin'], 'admin/site/cache/invalidate'=>['access'=> 'admin'], 'admin/site/flush_cache'=>['access'=> 'admin'], 'admin/site/icons'=>['access'=> 'admin'], 'admin/site/set_maintenance_mode'=>['access'=> 'admin'], 'admin/site/set_robots'=>['access'=> 'admin'], 'admin/site/theme'=>['access'=> 'admin'], 'admin/site/unlock_upgrade'=>['access'=> 'admin'], 'admin/site/settings'=>['access'=> 'admin'], 'admin/upgrade'=>['access'=> 'admin'], 'admin/upgrade/reset'=>['access'=> 'admin'], 'admin/user/ban'=>['access'=> 'admin'], 'admin/user/bulk/ban'=>['access'=> 'admin'], 'admin/user/bulk/delete'=>['access'=> 'admin'], 'admin/user/bulk/unban'=>['access'=> 'admin'], 'admin/user/bulk/validate'=>['access'=> 'admin'], 'admin/user/change_email'=>['access'=> 'admin'], 'admin/user/delete'=>['access'=> 'admin'], 'admin/user/login_as'=>['access'=> 'admin'], 'admin/user/logout_as'=>[], 'admin/user/makeadmin'=>['access'=> 'admin'], 'admin/user/resetpassword'=>['access'=> 'admin'], 'admin/user/removeadmin'=>['access'=> 'admin'], 'admin/user/unban'=>['access'=> 'admin'], 'admin/user/validate'=>['access'=> 'admin'], 'annotation/delete'=>[], 'avatar/upload'=>[], 'comment/save'=>[], 'diagnostics/download'=>['access'=> 'admin'], 'entity/chooserestoredestination'=>[], 'entity/delete'=>[], 'entity/mute'=>[], 'entity/restore'=>[], 'entity/subscribe'=>[], 'entity/trash'=>[], 'entity/unmute'=>[], 'entity/unsubscribe'=>[], 'login'=>['access'=> 'logged_out'], 'logout'=>[], 'notifications/mute'=>['access'=> 'public'], 'plugins/settings/remove'=>['access'=> 'admin'], 'plugins/settings/save'=>['access'=> 'admin'], 'plugins/usersettings/save'=>[], 'register'=>['access'=> 'logged_out', 'middleware'=>[\Elgg\Router\Middleware\RegistrationAllowedGatekeeper::class,],], 'river/delete'=>[], 'settings/notifications'=>[], 'settings/notifications/subscriptions'=>[], 'user/changepassword'=>['access'=> 'public'], 'user/requestnewpassword'=>['access'=> 'public'], 'useradd'=>['access'=> 'admin'], 'usersettings/save'=>[], 'widgets/add'=>[], 'widgets/delete'=>[], 'widgets/move'=>[], 'widgets/save'=>[],]
static isCli()
Is application running in CLI.
Volatile cache for entities.
Generic parent class for login exceptions.
Throw when a Security Exception occurs.
\Elgg\PersistentLoginService
getDeletedEntityVisibility()
Are deleted entities shown?
validateUserToken(\ElggUser $user)
Validate the user token stored in the session.
setDisabledEntityVisibility(bool $show=true)
Include disabled entities in queries.
getDisabledEntityVisibility()
Are disabled entities shown?
getLoggedInUserGuid()
Return the current logged-in user by guid.
getIgnoreAccess()
Get current ignore access setting.
login(\ElggUser $user, bool $persistent=false)
Log in a user.
__construct(protected \ElggSession $session, protected EventsService $events, protected Translator $translator, protected PersistentLoginService $persistent_login, protected AccessCache $access_cache, protected EntityCache $entity_cache)
Constructor.
generateUserToken(\ElggUser $user)
Generate a token for a specific user.
removeLoggedInUser()
Remove the logged-in user.
getLoggedInUser()
Gets the logged-in user.
isAdminLoggedIn()
Returns whether the viewer is currently logged-in and an admin user.
setUserToken(?\ElggUser $user=null)
Set a user specific token in the session for the currently logged-in user.
logout()
Log the current user out.
setDeletedEntityVisibility(bool $show=true)
Include deleted entities in queries.
isLoggedIn()
Returns whether the user is currently logged-in.
setLoggedInUser(\ElggUser $user, ?bool $migrate=null)
Sets the logged-in user.
setIgnoreAccess(bool $ignore=true)
Set ignore access.
elgg()
Bootstrapping and helper procedural code available for use in Elgg core and plugins.
_elgg_services()
Get the global service provider.
if(isset($_COOKIE['elggperm'])) $session
if(parse_url(elgg_get_site_url(), PHP_URL_PATH) !=='/') if(file_exists(elgg_get_root_path() . 'robots.txt'))
Set robots.txt.
elgg_is_logged_in()
Returns whether or not the user is currently logged in.