• Home
  • sspmod_consent_Consent_Store_Database

PHP Class sspmod_consent_Consent_Store_Database, simplesamlphp

This class implements a consent store which stores the consent information in a database. It is tested, and should work against MySQL, PostgreSQL and SQLite. It has the following options: - dsn: The DSN which should be used to connect to the database server. See PHP Manual for supported drivers and DSN formats. - username: The username used for database connection. - password: The password used for database connection. - table: The name of the table used. Optional, defaults to 'consent'.
Author: Olav Morken ([email protected])
Inheritance: extends sspmod_consent_Store
Show file Open project: simplesamlphp/simplesamlphp

Public Methods

Method Description
__construct ( array $config ) Parse configuration.
__sleep ( ) : array Called before serialization.
deleteAllConsents ( string $userId ) : integer Delete all consents.
deleteConsent ( string $userId, string $destinationId ) : integer Delete consent.
getConsents ( string $userId ) : array Retrieve consents.
getStatistics ( ) : array Get statistics from the database
hasConsent ( string $userId, string $destinationId, string $attributeSet ) : boolean Check for consent.
saveConsent ( string $userId, string $destinationId, string $attributeSet ) : void | true Save consent.
selftest ( ) : boolean A quick selftest of the consent database.

Private Methods

Method Description
_createTable ( ) : True Create consent table.
_execute ( string $statement, array $parameters ) : PDOStatement | false Prepare and execute statement.
_formatError ( array $error ) : string Format PDO error.
_getDB ( ) : PDO | false Get database handle.

Method Details

__construct() public method

This constructor parses the configuration.
public __construct ( array $config )
$config array Configuration for database consent store.

__sleep() public method

Called before serialization.
public __sleep ( ) : array
return array The variables which should be serialized.

deleteAllConsents() public method

Delete all consents.
public deleteAllConsents ( string $userId ) : integer
$userId string The hash identifying the user at an IdP.
return integer Number of consents deleted

deleteConsent() public method

Called when a user revokes consent for a given destination.
public deleteConsent ( string $userId, string $destinationId ) : integer
$userId string The hash identifying the user at an IdP.
$destinationId string A string which identifies the destination.
return integer Number of consents deleted

getConsents() public method

This function should return a list of consents the user has saved.
public getConsents ( string $userId ) : array
$userId string The hash identifying the user at an IdP.
return array Array of all destination ids the user has given consent for.

getStatistics() public method

The returned array contains 3 entries - total: The total number of consents - users: Total number of uses that have given consent ' services: Total number of services that has been given consent to
public getStatistics ( ) : array
return array Array containing the statistics

hasConsent() public method

This function checks whether a given user has authorized the release of the attributes identified by $attributeSet from $source to $destination.
public hasConsent ( string $userId, string $destinationId, string $attributeSet ) : boolean
$userId string The hash identifying the user at an IdP.
$destinationId string A string which identifies the destination.
$attributeSet string A hash which identifies the attributes.
return boolean True if the user has given consent earlier, false if not (or on error).

saveConsent() public method

Called when the user asks for the consent to be saved. If consent information for the given user and destination already exists, it should be overwritten.
public saveConsent ( string $userId, string $destinationId, string $attributeSet ) : void | true
$userId string The hash identifying the user at an IdP.
$destinationId string A string which identifies the destination.
$attributeSet string A hash which identifies the attributes.
return void | true True if consent is deleted.

selftest() public method

A quick selftest of the consent database.
public selftest ( ) : boolean
return boolean True if OK, false if not. Will throw an exception on connection errors.