Ciantic/django_session.php

## django_session.php
<?PHP
/*
  DjangoUser object to Joomla in PHP.
  (Can be adapted easily to other PHP frameworks)

  Usage::

    $user =& DjangoUser::getUser();

    if ($user && $user->hasPerm("polls.can_vote")) {
       echo "I can vote!";
    }
*/

class DjangoUser {
	static $instance = NULL;
	function __construct($userid) {
		$this->id = $userid;

		if ($userid)
			$this->fetchFromDB();
	}

	private function fetchFromDB() {

		$db =& \JFactory::getDBO();
		$sql = <<<SQL
			SELECT
				usr.*,
				GROUP_CONCAT( DISTINCT CONCAT_WS(".", dcon.app_label, per.codename) ) AS perms
			FROM auth_user as usr
			LEFT JOIN auth_user_user_permissions AS usrprms ON usrprms.user_id = usr.id
			LEFT JOIN auth_user_groups as usrgrp ON usr.id = usrgrp.user_id
			LEFT JOIN auth_group as grp ON usrgrp.group_id = grp.id
			LEFT JOIN auth_group_permissions as grpper ON grpper.group_id = grp.id
			LEFT JOIN auth_permission as per ON per.id = grpper.permission_id OR per.id = usrprms.permission_id
			LEFT JOIN django_content_type as dcon ON dcon.id = per.content_type_id
			WHERE usr.id = {$db->Quote($this->id)}
			GROUP BY usr.id
SQL;
		$db->setQuery($sql);

		if ($userdb = $db->loadObject()) {

			$this->username = $userdb->username;
			$this->first_name = $userdb->first_name;
			$this->last_name = $userdb->last_name;
			$this->email = $userdb->email;
			$this->is_staff = $userdb->is_staff;
			$this->is_active = $userdb->is_active;
			$this->is_superuser = $userdb->is_superuser;
			$this->last_login = $userdb->last_login;
			$this->date_joined = $userdb->date_joined;
			$this->perms = array();

			$perms = explode(",", $userdb->perms);

			foreach ($perms as $perm) {
				if ($perm) {
					list($app, $perm) = explode(".", $perm);

					if (!isset($this->perms[$app]))
						$this->perms[$app] = array();

					$this->perms[$app][] = $perm;
				}
			}
		}
	}

	public function hasPerm($appPerm, $object=NULL) {
		if ($this->is_superuser)
			return true;

		list($app, $perm) = explode(".", $appPerm);

		if (isset($this->perms[$app]) && in_array($perm, $this->perms[$app]))
			return true;

		return false;
	}

	public function hasPerms($appPerms, $object=NULL) {
		if ($this->is_superuser)
			return true;

		foreach ($appPerms as $appPerm)
			if (!$this->hasPerm($appPerm, $object))
				return false;

		return true;
	}

	public function hasAnyPerm($appPerms, $object=NULL) {
		if ($this->is_superuser)
			return true;

		foreach ($appPerms as $appPerm) {
			if ($this->hasPerm($appPerm, $object))
				return true;
		}

		return false;
	}

	public function hasModulePerms($appLabel) {
		if ($this->is_superuser)
			return true;

		if (isset($this->perms[$appLabel]))
			return true;

		return false;
	}

	private static function _fromSession() {
		$sid = \JRequest::getString("sessionid", "", "COOKIE");

		if (!$sid)
			return new DjangoUser();

		$db =& \JFactory::getDBO();
		$db->setQuery("SELECT "
			."* FROM django_session "
			."WHERE session_key = {$db->Quote($sid)} "
		."");

		$session_table = $db->loadObject();

		if (!$session_table)
			return new DjangoUser();

		$session_json = substr($session_table->session_data, 0, -32);
		$session_data = json_decode($session_json);

		if (isset($session_data->_auth_user_id))
			return new DjangoUser($session_data->_auth_user_id);
	}

	public static function getUser() {
		if (self::$instance !== NULL)
			return self::$instance;
		self::$instance = &DjangoUser::_fromSession();
		return self::$instance;
	}
}
	<?PHP
	/*
	DjangoUser object to Joomla in PHP.
	(Can be adapted easily to other PHP frameworks)

	Usage::

	$user =& DjangoUser::getUser();

	if ($user && $user->hasPerm("polls.can_vote")) {
	echo "I can vote!";
	}
	*/

	class DjangoUser {
	static $instance = NULL;
	function __construct($userid) {
	$this->id = $userid;

	if ($userid)
	$this->fetchFromDB();
	}

	private function fetchFromDB() {

	$db =& \JFactory::getDBO();
	$sql = <<<SQL
	SELECT
	usr.*,
	GROUP_CONCAT( DISTINCT CONCAT_WS(".", dcon.app_label, per.codename) ) AS perms
	FROM auth_user as usr
	LEFT JOIN auth_user_user_permissions AS usrprms ON usrprms.user_id = usr.id
	LEFT JOIN auth_user_groups as usrgrp ON usr.id = usrgrp.user_id
	LEFT JOIN auth_group as grp ON usrgrp.group_id = grp.id
	LEFT JOIN auth_group_permissions as grpper ON grpper.group_id = grp.id
	LEFT JOIN auth_permission as per ON per.id = grpper.permission_id OR per.id = usrprms.permission_id
	LEFT JOIN django_content_type as dcon ON dcon.id = per.content_type_id
	WHERE usr.id = {$db->Quote($this->id)}
	GROUP BY usr.id
	SQL;
	$db->setQuery($sql);

	if ($userdb = $db->loadObject()) {

	$this->username = $userdb->username;
	$this->first_name = $userdb->first_name;
	$this->last_name = $userdb->last_name;
	$this->email = $userdb->email;
	$this->is_staff = $userdb->is_staff;
	$this->is_active = $userdb->is_active;
	$this->is_superuser = $userdb->is_superuser;
	$this->last_login = $userdb->last_login;
	$this->date_joined = $userdb->date_joined;
	$this->perms = array();

	$perms = explode(",", $userdb->perms);

	foreach ($perms as $perm) {
	if ($perm) {
	list($app, $perm) = explode(".", $perm);

	if (!isset($this->perms[$app]))
	$this->perms[$app] = array();

	$this->perms[$app][] = $perm;
	}
	}
	}
	}

	public function hasPerm($appPerm, $object=NULL) {
	if ($this->is_superuser)
	return true;

	list($app, $perm) = explode(".", $appPerm);

	if (isset($this->perms[$app]) && in_array($perm, $this->perms[$app]))
	return true;

	return false;
	}

	public function hasPerms($appPerms, $object=NULL) {
	if ($this->is_superuser)
	return true;

	foreach ($appPerms as $appPerm)
	if (!$this->hasPerm($appPerm, $object))
	return false;

	return true;
	}

	public function hasAnyPerm($appPerms, $object=NULL) {
	if ($this->is_superuser)
	return true;

	foreach ($appPerms as $appPerm) {
	if ($this->hasPerm($appPerm, $object))
	return true;
	}

	return false;
	}

	public function hasModulePerms($appLabel) {
	if ($this->is_superuser)
	return true;

	if (isset($this->perms[$appLabel]))
	return true;

	return false;
	}

	private static function _fromSession() {
	$sid = \JRequest::getString("sessionid", "", "COOKIE");

	if (!$sid)
	return new DjangoUser();

	$db =& \JFactory::getDBO();
	$db->setQuery("SELECT "
	."* FROM django_session "
	."WHERE session_key = {$db->Quote($sid)} "
	."");

	$session_table = $db->loadObject();

	if (!$session_table)
	return new DjangoUser();

	$session_json = substr($session_table->session_data, 0, -32);
	$session_data = json_decode($session_json);

	if (isset($session_data->_auth_user_id))
	return new DjangoUser($session_data->_auth_user_id);
	}

	public static function getUser() {
	if (self::$instance !== NULL)
	return self::$instance;
	self::$instance = &DjangoUser::_fromSession();
	return self::$instance;
	}
	}