|
<?php |
|
|
|
// Enrico Simonetti |
|
// enricosimonetti.com |
|
|
|
// custom/logichooks/modules/Users/afterLoginUsers.php |
|
|
|
class afterLoginUsers |
|
{ |
|
public function callAfterLogin($bean, $event, $args) |
|
{ |
|
// check if there are roles for this user |
|
$bean->load_relationship('aclroles'); |
|
$roles = $bean->aclroles->getBeans(); |
|
if(!empty($roles)) { |
|
$roles_output = array(); |
|
foreach($roles as $role_id => $role_obj) { |
|
$roles_output[$role_id] = $role_obj->name; |
|
} |
|
|
|
$GLOBALS['log']->debug('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in successfully and is part of the following roles: "'.implode($roles_output, '", "').'"'); |
|
} |
|
|
|
// force logout if no roles are related to the user for security purposes and if not an admin |
|
if(!$bean->isAdmin() && empty($roles)) { |
|
$GLOBALS['log']->security('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in without a valid Role provisioned. Forcing logout.'); |
|
$this->forceLogout(); |
|
} |
|
} |
|
|
|
protected function forceLogout() |
|
{ |
|
// start - from logout.php |
|
foreach($_SESSION as $key => $val) { |
|
$_SESSION[$key] = ''; |
|
} |
|
if(isset($_COOKIE[session_name()])) { |
|
setcookie(session_name(), '', time()-42000, '/'); |
|
} |
|
|
|
SugarApplication::endSession(); |
|
|
|
LogicHook::initialize(); |
|
$GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout'); |
|
|
|
//$authController = AuthenticationController::getInstance(); |
|
//$authController->authController->logout(); |
|
// end - from logout.php |
|
} |
|
} |
