/**
* Creates an entry in the site archive table, to enable auditing of
* deletion. Authorisation must have already been performed and the values come from
* an existing object and so are assumed to be valid. May not work if unregistered
* users are ever allowed to delete things.
* @param \Site $site
* @param \User $user
*/
public function addSiteToArchive(\Site $site, \User $user)
{
$archievedSite = new \ArchivedSite();
$archievedSite->setCertStatus($site->getCertificationStatus()->getName());
$archievedSite->setCountry($site->getCountry()->getName());
$archievedSite->setDeletedBy($user->getCertificateDn());
$archievedSite->setName($site->getName());
$archievedSite->setOriginalCreationDate($site->getCreationDate());
$archievedSite->setParentNgi($site->getNgi()->getName());
$archievedSite->setScopes($site->getScopeNamesAsString());
$archievedSite->setV4PrimaryKey($site->getPrimaryKey());
$archievedSite->setInfrastructure($site->getInfrastructure()->getName());
$this->em->persist($archievedSite);
}
/**
* Creates an entry in the servicegroup archive table, to enable auditing
* of deletion.
* @param \ServiceGroup $sg
* @param \User $user
*/
public function addServiceGroupToArchive(\ServiceGroup $sg, \User $user)
{
$archievedSG = new \ArchivedServiceGroup();
$archievedSG->setDeletedBy($user->getCertificateDn());
$archievedSG->setName($sg->getName());
$archievedSG->setOriginalCreationDate($sg->getCreationDate());
$archievedSG->setScopes($sg->getScopeNamesAsString());
$serviceNamesAsArray = array();
foreach ($sg->getServices() as $s) {
$serviceNamesAsArray[] = $s->getHostName() . "(" . $s->getServiceType()->getName() . ")";
}
$serviceNamesAsString = implode(", ", $serviceNamesAsArray);
$archievedSG->setServices($serviceNamesAsString);
$this->em->persist($archievedSG);
}
/**
* Creates an entry in the NGI archieve table, to enable auditing of
* deletion. This code is designed to be run from within the try/catch
* block within the single transaction of the delete NGI function.
* Authorisation must have already been performed and the values come from
* an existing object and so are assumed valid. May not work if unregistered
* users are ever allowed to delete things.
* @param \NGI $ngi
* @param \User $user
*/
public function addNGIToArchive(\NGI $ngi, \User $user)
{
$archievedNgi = new \ArchivedNGI();
$archievedNgi->setDeletedBy($user->getCertificateDn());
$archievedNgi->setName($ngi->getName());
$archievedNgi->setOriginalCreationDate($ngi->getCreationDate());
$archievedNgi->setScopes($ngi->getScopeNamesAsString());
$projectNamesAsArray = array();
foreach ($ngi->getProjects() as $p) {
$projectNamesAsArray[] = $p->getName();
}
$projectNamesAsString = implode(", ", $projectNamesAsArray);
$archievedNgi->setParentProjects($projectNamesAsString);
$this->em->persist($archievedNgi);
}
$doctrineUser->setTitle((string) $user->TITLE);
$doctrineUser->setEmail((string) $user->EMAIL);
$doctrineUser->setTelephone((string) $user->TEL);
$doctrineUser->setWorkingHoursStart((string) $user->WORKING_HOURS_START);
$doctrineUser->setWorkingHoursEnd((string) $user->WORKING_HOURS_END);
//$doctrineUser->setCertificateDn((string) $user->CERTDN);
$doctrineUser->setCertificateDn($dn);
$doctrineUser->setAdmin(false);
// echo "DN is " . (string) $doctrineUser->getCertificateDn() . ".\r\n";
// Roughly half of users don't have a home site set
if ($user->HOMESITE != "" && !isBad($user->HOMESITE)) {
// get the home site entity
$dql = "SELECT s from Site s WHERE s.shortName = ?1";
$homeSites = $entityManager->createQuery($dql)->setParameter(1, (string) $user->HOMESITE)->getResult();
/* Error checking: ensure each "home site" refers to exactly
* one home site */
if (count($homeSites) !== 1) {
throw new Exception(count($homeSites) . " sites found with short name: " . $user->HOMESITE . ". user DN is " . $user->CERTDN);
}
foreach ($homeSites as $result) {
$homeSite = $result;
}
$doctrineUser->setHomeSiteDoJoin($homeSite);
}
//Make Dave an admin
if ($doctrineUser->getCertificateDn() == "/C=UK/O=eScience/OU=CLRC/L=DL/CN=david meredith") {
$doctrineUser->setAdmin(true);
}
$entityManager->persist($doctrineUser);
}
$entityManager->flush();
/**
* Update a user's DN
* @param \User $user user to have DN updated
* @param string $dn new DN
* @param \User $currentUser User doing the updating
* @throws \Exception
* @throws \org\gocdb\services\Exception
*/
public function editUserDN(\User $user, $dn, \User $currentUser = null)
{
//Authorisation - only GOCDB Admins shoud be able to change DNs (Throws exception if not)
$this->checkUserIsAdmin($currentUser);
//Check the DN is changed
if ($dn == $user->getCertificateDn()) {
throw new \Exception("The specified certificate DN is the same as the current DN");
}
//Check the DN is unique (if not null)
if (!is_null($this->getUserByPrinciple($dn))) {
throw new \Exception("DN is already registered in GOCDB");
}
//Validate the DN
$dnInAnArray['CERTIFICATE_DN'] = $dn;
$this->validateUser($dnInAnArray);
//Explicity demarcate our tx boundary
$this->em->getConnection()->beginTransaction();
try {
$user->setCertificateDn($dn);
$this->em->merge($user);
$this->em->flush();
$this->em->getConnection()->commit();
} catch (\Exception $e) {
$this->em->getConnection()->rollback();
$this->em->close();
throw $e;
}
}
/**
* Creates an entry in the service archive table, to enable auditing
* of deletion.
* @param \Service $service
* @param \User $user
*/
public function addServiceToArchive(\Service $service, \User $user)
{
$archievedService = new \ArchivedService();
$archievedService->setDeletedBy($user->getCertificateDn());
$archievedService->setHostName($service->getHostName());
$archievedService->setServiceType($service->getServiceType()->getName());
$archievedService->setOriginalCreationDate($service->getCreationDate());
$archievedService->setParentSite($service->getParentSite()->getShortName());
$archievedService->setScopes($service->getScopeNamesAsString());
$archievedService->setMonitored($service->getMonitored());
$archievedService->setBeta($service->getBeta());
$archievedService->setProduction($service->getProduction());
$this->em->persist($archievedService);
}
