/**    
 * function viewer_guid_conenct
 * <pre>
 * 
 * If user has an exisitng intranet login ($new_viewer == false):
 * Given GUID and viewer_id, inject GUID into existing viewer
 *
 * If user never had an intranet login ($new_viewer == true):
 * Given a GUID, create new viewer, person, put into access group, etc.
 *
 * @param $guid [String] [user's GUID]
 * @param $viewer [Int] [user's view_id]
 * @param $new_viewer [BOO] [true when user never had an intranet login]
 * </pre>
 * @return [void]
 *
 *
 */
function viewer_guid_connect($guid, $viewer, $new_viewer)
{
    if ($new_viewer) {
        // 1. create new viewer
        $viewerManager = new RowManager_ViewerManager();
        $viewerManager->setGUID($guid);
        // GUID
        $viewerManager->setLanguageID(1);
        // english
        // TODO this value should not be hard-coded for the account group
        $viewerManager->setAccountGroupID(15);
        // the 'unknown' group
        $viewerManager->setIsActive(true);
        $viewerManager->createNewEntry();
        $viewerID = $viewerManager->getID();
        // get the ID of the newly created viewer
        // 2. put into the 'all' access group
        // PART A
        $viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
        $viewerAccessGroupManager->setViewerID($viewerID);
        $viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
        // add to the 'all' access group
        $viewerAccessGroupManager->createNewEntry();
        // PART B
        $viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
        $viewerAccessGroupManager->setViewerID($viewerID);
        $viewerAccessGroupManager->setAccessGroupID(SPT_APPLICANT_ACCESS_GROUP);
        // add to the 'SPT-Student' access group
        $viewerAccessGroupManager->createNewEntry();
        // 3. create new person (or grab person_id from existing record)
        $personManager = new RowManager_PersonManager();
        $personManager->setFirstName('');
        $personManager->setLastName('');
        $personManager->setEmail('');
        $personManager->setSortOrder('person_id');
        $personManager->setAscDesc('DESC');
        // sort by descending person IDs
        $personList = $personManager->getListIterator();
        $personArray = $personList->getDataList();
        //create new entry
        $personManager->createNewEntry();
        $personID = $personManager->getID();
        // get the ID of the newly created person
        // 4. create an access table entry for this (viewer,person) combo
        $accessManager = new RowManager_AccessManager();
        $accessManager->setViewerID($viewerID);
        $accessManager->setPersonID($personID);
        $accessManager->createNewEntry();
    } else {
        $viewerManager = new RowManager_ViewerManager($viewer);
        //echo ($viewerManager->getID());
        $viewerManager->setGUID($guid);
        // GUID
        $viewerManager->updateDBTable();
    }
}
Beispiel #2
0
 /** 
  * function __construct
  * This is the class constructor for Viewer class
  * Initialize a Viewer and determine if they are properly authenticated. 	
  * <pre><code>
  * Save the DB connection Info
  * If no session ID is set then
  *    set the Session ID to empty string
  * end if
  * Get current viewer ID from session ID
  * If viewer ID is empty then
  *    if isDestroySession is set then
  *        Destroy the Session
  *    end if
  *    initialize Empty UnAuthorized Viewer ID
  * else 
  *     User Credientials are valid so ...
  *	 Mark as Valid Authentication	
  *     
  *	 Prepare an SQL statement to lookup the viewer info from the DB
  *	 Now load the Data from the DB
  * end if
  * </pre>
  * @param $isDestroySession [BOOL] Should we destroy the session data if not authenticated?
  * @param $dbName [STRING] The name of the database the viewer info is stored in
  * @param $dbPath [STRING] The path of the database the viewer info is stored in
  * @param $dbUser [STRING] The login ID for the database the viewer info is stored in
  * @param $dbPassword [STRING] The password of the database the viewer info is stored in
  */
 function __construct($isDestroySession = true, $dbName = SITE_DB_NAME, $dbPath = SITE_DB_PATH, $dbUser = SITE_DB_USER, $dbPassword = SITE_DB_PWORD)
 {
     // if no session ID is set then
     if (!isset($_SESSION[SESSION_ID_ID])) {
         // set the Session ID to empty string
         $_SESSION[SESSION_ID_ID] = '';
     }
     if ($_SESSION[SESSION_ID_ID] == '') {
         $_SESSION[SESSION_ID_ID] = 0;
     }
     // Get current viewer ID from session ID
     $this->viewerID = $_SESSION[SESSION_ID_ID];
     // attempt to load a viewerManager object with current viewerID
     $this->viewerManager = new RowManager_ViewerManager($this->viewerID);
     if ($this->viewerManager->isLoaded()) {
         // Update current Session ID with current ViewerID
         $_SESSION[SESSION_ID_ID] = $this->viewerID;
         if ($this->viewerManager->isActive()) {
             $this->isAuthenticated = true;
         } else {
             $this->isAuthenticated = false;
         }
     } else {
         // Info not stored in session, get from GCX
         $this->isAuthenticated = false;
         if (CASUser::checkAuth()) {
             if (!empty($_SESSION['phpCAS']['guid'])) {
                 if ($this->validateLogin($_SESSION['phpCAS']['guid'])) {
                     // a user with this GUID exists in our system
                     $this->isAuthenticated = true;
                 } else {
                     // code added by Russ September 11, 2009
                     // a user with this GUID does not exist in our system - create them
                     $guid = $_SESSION['phpCAS']['guid'];
                     // echo "The GUID[".$guid."]<br/>";
                     $gcxUsername = $_SESSION['phpCAS']['user'];
                     // echo "The gcxUsername[".$gcxUsername."]<br/>";
                     // the gcxUsername is (supposed to be) an email
                     // check to see if there is a cim_hrdb_person record with this email
                     // the comparison needs to be case insensitive (since mysql is insensitive by default, no special doctoring is needed)
                     // search for person record
                     $personManager = new RowManager_PersonManager();
                     $foundPerson = $personManager->loadByEmail($gcxUsername);
                     // get the personID of the person that was searched
                     $personID = $personManager->getID();
                     // if record does not exist
                     // create one
                     // update the personID
                     if (!$foundPerson) {
                         // create a new person record
                         $newpersonManager = new RowManager_PersonManager();
                         $newpersonManager->setEmail($gcxUsername);
                         $newpersonManager->createNewEntry();
                         $personID = $newpersonManager->getID();
                     }
                     // link the personID to the GUID/viewer in the cim_hrdb_access table
                     // first, check to see if any entry already exists in the access table
                     // if foundPerson is true above, it's possible (may have been linked to old viewer/username but not promoted to GCX account yet)
                     $accessManager = new RowManager_AccessManager();
                     $accessEntryFound = $accessManager->loadByPersonID($personID);
                     $viewerID = -1;
                     $createNewViewer = true;
                     if ($accessEntryFound) {
                         $viewerID = $accessManager->getViewerID();
                         $viewerManager = new RowManager_ViewerManager($viewerID);
                         // double check to make sure the viewer referenced in the access table actually exists
                         $viewerAlreadyExists = $viewerManager->isLoaded();
                         if ($viewerAlreadyExists) {
                             // no need to create a new viewer
                             $createNewViewer = false;
                             // update the existing viewer with the GUID and gcxUsername
                             $viewerManager->setGUID($guid);
                             $viewerManager->setUserID($gcxUsername);
                             $viewerManager->setLastLogin();
                             $viewerManager->updateDBTable();
                         }
                         // viewerAlreadyExists
                     }
                     // accessEntryFound
                     if ($createNewViewer) {
                         // create new viewer (user)
                         $newviewerManager = new RowManager_ViewerManager();
                         $newviewerManager->setPassWord('xxx');
                         $newviewerManager->setUserID($gcxUsername);
                         $newviewerManager->setLanguageID(1);
                         // english
                         // TODO this value should not be hard-coded for the account group
                         $newviewerManager->setAccountGroupID(15);
                         // the 'unknown' group
                         $newviewerManager->setIsActive(true);
                         $newviewerManager->setGUID($guid);
                         $newviewerManager->setLastLogin();
                         $newviewerManager->createNewEntry();
                         $viewerID = $newviewerManager->getID();
                         // get the ID of the newly created viewer
                         if ($accessEntryFound) {
                             // update the access table to reference the newly created viewer for the persoa
                             // this is the case where an access table entry may have been orphaned due to the deletion of a viewer
                             $accessManager->setViewerID($viewerID);
                             $accessManager->updateDBTable();
                         } else {
                             // create an access table entry
                             $newaccessManager = new RowManager_AccessManager();
                             $newaccessManager->setViewerID($viewerID);
                             $newaccessManager->setPersonID($personID);
                             $newaccessManager->createNewEntry();
                         }
                     }
                     // put into the 'all' access group
                     $viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
                     $viewerAccessGroupManager->setViewerID($viewerID);
                     $viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
                     // add to the 'all' access group
                     $viewerAccessGroupManager->createNewEntry();
                     // Debugging code added by Russ Martin
                     // echo "validate login failed<br/>";
                     // echo "<pre>".print_r($_SESSION,true)."</pre>";
                     // try again to see if everything updated correctly
                     if ($this->validateLogin($guid)) {
                         // a user/viewer with this GUID now exists in our system
                         $this->isAuthenticated = true;
                     } else {
                         echo "Something has gone wrong: gcxUsername[" . $gcxUsername . "], guid[" . $guid . "]<br/>";
                     }
                 }
             } else {
                 // Debugging code added by Russ Martin
                 // echo "session variable for storing GUID is empty<br/>";
             }
         } else {
             // Debugging code added by Russ Martin
             // echo "CASUser::checkAuth() failed<br/>";
         }
     }
     // set hasSession
     $this->hasSession = $this->viewerID != '';
     // if no session
     if (!$this->hasSession) {
         // User Credentials are invalid so
         // if they want me to destroy the session then
         if ($isDestroySession == true) {
             // Remove session
             // session_destroy();
         }
     }
 }