/afterLoginUsers.php
Last active Apr 26, 2017
The code implements an after_login logic hook that invalidates the login for any standard user without at least a Role. The sample code purposely does not apply to Administrators as Roles do not apply to them in any case. The code below works on the current version 7.7.2.0.
| <?php | |
| // Enrico Simonetti | |
| // enricosimonetti.com | |
| // custom/logichooks/modules/Users/afterLoginUsers.php | |
| class afterLoginUsers | |
| { | |
| public function callAfterLogin($bean, $event, $args) | |
| { | |
| // check if there are roles for this user | |
| $bean->load_relationship('aclroles'); | |
| $roles = $bean->aclroles->getBeans(); | |
| if(!empty($roles)) { | |
| $roles_output = array(); | |
| foreach($roles as $role_id => $role_obj) { | |
| $roles_output[$role_id] = $role_obj->name; | |
| } | |
| $GLOBALS['log']->debug('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in successfully and is part of the following roles: "'.implode($roles_output, '", "').'"'); | |
| } | |
| // force logout if no roles are related to the user for security purposes and if not an admin | |
| if(!$bean->isAdmin() && empty($roles)) { | |
| $GLOBALS['log']->security('User with user_name: '.$bean->user_name.' and id: '.$bean->id.' logged in without a valid Role provisioned. Forcing logout.'); | |
| $this->forceLogout(); | |
| } | |
| } | |
| protected function forceLogout() | |
| { | |
| // start - from logout.php | |
| foreach($_SESSION as $key => $val) { | |
| $_SESSION[$key] = ''; | |
| } | |
| if(isset($_COOKIE[session_name()])) { | |
| setcookie(session_name(), '', time()-42000, '/'); | |
| } | |
| SugarApplication::endSession(); | |
| LogicHook::initialize(); | |
| $GLOBALS['logic_hook']->call_custom_logic('Users', 'after_logout'); | |
| //$authController = AuthenticationController::getInstance(); | |
| //$authController->authController->logout(); | |
| // end - from logout.php | |
| } | |
| } |
| <?php | |
| // Enrico Simonetti | |
| // enricosimonetti.com | |
| // custom/Extension/modules/Users/Ext/LogicHooks/install.afterLogin.php | |
| $hook_array['after_login'][] = array( | |
| 1, | |
| 'after_login check for Roles', | |
| 'custom/logichooks/modules/Users/afterLoginUsers.php', | |
| 'afterLoginUsers', | |
| 'callAfterLogin' | |
| ); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment