Ejemplo n.º 1
0
 public function indexAction()
 {
     trackPage('/');
     if (isset($_COOKIE['rememberme']) && $this->session->userid === null) {
         //save permaLink in order to handle it after login
         if (array_key_exists('p', $_GET)) {
             $this->session->permaLink = $_GET['p'];
         }
         if (APPLICATION_ENV == "production") {
             header('Location: https://' . $_SERVER['HTTP_HOST'] . '/users/login');
         } else {
             header('Location: http://' . $_SERVER['HTTP_HOST'] . '/users/logindev2');
         }
         return;
     }
     /*
      * Check if user is signed in from a different service or browser tab.
      */
     if ($this->session->isLocked()) {
         $this->session->unLock();
     }
     if ($this->session !== null && $this->session->developsession === true) {
         //do nothing. It's local development instance where no SImpleSaml installed
     } else {
         $auth = SamlAuth::isAuthenticated();
         if ($auth === false) {
             //if logged in but not authdicated the clear session
             if (isset($this->session->userid) && is_numeric($this->session->userid)) {
                 SamlAuth::logout($this->session);
                 $this->_helper->layout->disableLayout();
                 $this->_helper->viewRenderer->setNoRender();
                 header('Location: http://' . $_SERVER["HTTP_HOST"]);
                 return;
             }
         } else {
             if (isset($this->session) === false || isset($this->session->userid) === false || is_numeric($this->session->userid) === false) {
                 //if authenticated but not logged in setup user session
                 $this->session = new Zend_Session_Namespace('default');
                 $attributes = $auth->getAttributes();
                 $uid = $attributes['idp:uid'][0];
                 $_SESSION['identity'] = $uid;
                 $_SESSION['logouturl'] = $auth->getLogoutURL();
                 $this->session->samlattrs = $attributes;
                 $this->session->samlauthsource = isset($attributes["idp:sourceIdentifier"]) ? $attributes["idp:sourceIdentifier"][0] : "";
                 SamlAuth::setupSamlAuth($this->session);
                 if ($this->session->isNewUser === true) {
                     header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/newaccount');
                     return;
                 }
                 //Check and redirect if user account is blocked
                 if ($this->session->accountStatus === "blocked") {
                     header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/blockedaccount');
                     return;
                 }
                 //Check and redirect if user is deleted
                 if ($this->session->userDeleted === true) {
                     header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/deletedprofile');
                     return;
                 }
             }
         }
     }
     $this->session->appCriteria = null;
     $this->session->pplCriteria = null;
     $this->session->certLogin = false;
     $this->view->username = $this->session->username;
     if ($this->session->userid !== null) {
         $ppl = new Default_Model_Researchers();
         $ppl->filter->id->equals($this->session->userid);
         $user = $ppl->items[0];
         $this->view->user = $user;
         /* Get count of user requests */
         $urs = new Default_Model_UserRequests();
         $s2 = new Default_Model_PermissionsFilter();
         $s2->actor->equals($this->session->userguid);
         $s3 = new Default_Model_UserRequestStatesFilter();
         $s3->name->equals("submitted");
         $urs->filter->chain($s2->chain($s3, "AND"), "AND");
         $reqsitems = $urs->items;
         $uritems = array_merge($reqsitems);
         //Fetch user requests for NILs
         if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) {
             $nilusers = new Default_Model_UserRequests();
             $s1 = new Default_Model_UserRequestTypesFilter();
             $s1->id->numequals(3);
             $s2 = new Default_Model_ResearchersFilter();
             $s2->countryid->equals($this->session->userCountryID);
             $s3 = new Default_Model_UserRequestStatesFilter();
             $s3->name->equals("submitted");
             $s4 = new Default_Model_ActorGroupsFilter();
             $s4->id->numequals(-3);
             $nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND");
             if (count($nilusers->items) > 0) {
                 $uritems = array_merge($uritems, $nilusers->items);
                 $uritems = array_filter($uritems, 'uniqueDBObjectFilter');
             }
         }
         $this->view->userRequests = count($uritems);
     }
     $p = '';
     if ($this->session->permaLink != '') {
         $p = $this->session->permaLink;
         $this->session->permaLink = '';
     } elseif (array_key_exists('p', $_GET)) {
         $p = $_GET["p"];
     } else {
         //TODO : needs review
         $p = $_SERVER["QUERY_STRING"];
         $pos = strpos($p, "p=");
         if ($pos === false) {
             $p = '';
         } else {
             $p = substr($p, 2, strlen($p) - 2);
         }
     }
     if ($p != "") {
         if ($p == "reports") {
             $this->view->permaLink = $p;
         } elseif ($p == "brokenlinks") {
             $this->view->permaLink = $p;
         } elseif (substr($p, 0, 6) == "about:") {
             $this->view->permaLink = $p;
         } elseif (substr($p, 0, 5) == "apps:") {
             $this->view->permaLink = $p;
         } elseif (substr($p, 0, 7) == "people:") {
             $this->view->permaLink = $p;
         } else {
             $pp = base64_decode($p);
             $pp = mb_convert_encoding($pp, 'UTF-8');
             $this->view->permaLink = $pp;
         }
     }
 }
Ejemplo n.º 2
0
 public function userrequestsAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
     $guid = $this->session->userguid;
     $uid = $this->session->userid;
     header("Content-Type:text/xml");
     echo "<?xml version='1.0'?" . ">";
     if (is_null($guid)) {
         echo "<response error='Must be logged in'>unauthorized</response>";
         return;
     }
     if (isset($_GET["state"]) && isset($_GET["id"])) {
         $this->setUserRequestToState($_GET["id"], $_GET["state"]);
         return;
     }
     $urs = new Default_Model_UserRequests();
     $s1 = new Default_Model_UserRequestTypesFilter();
     //$s1->name->equals("joinapplication");
     $s2 = new Default_Model_PermissionsFilter();
     $s2->actor->equals($guid);
     $s3 = new Default_Model_UserRequestStatesFilter();
     $s3->name->equals("submitted");
     $urs->filter->chain($s1->chain($s2->chain($s3, "AND"), "AND"), "AND");
     $reqsitems = $urs->items;
     $items = array_merge($reqsitems);
     //Fetch user requests for NILs
     if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) {
         $nilusers = new Default_Model_UserRequests();
         $s1 = new Default_Model_UserRequestTypesFilter();
         $s1->id->numequals(3);
         $s2 = new Default_Model_ResearchersFilter();
         $s2->countryid->equals($this->session->userCountryID);
         $s3 = new Default_Model_UserRequestStatesFilter();
         $s3->name->equals("submitted");
         $s4 = new Default_Model_ActorGroupsFilter();
         $s4->id->numequals(-3);
         $nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND");
         if (count($nilusers->items) > 0) {
             $items = array_merge($items, $nilusers->items);
             $items = array_filter($items, 'uniqueDBObjectFilter');
         }
     }
     $count = count($items);
     if ($count === 0) {
         echo "<response count='0'></response>";
         return;
     }
     $res = "";
     foreach ($items as $r) {
         $users = new Default_Model_Researchers();
         $users->filter->guid->equals($r->userguid);
         $u = $users->items[0];
         if ($r->typeid !== 3) {
             $app = new Default_Model_Applications();
             $app->filter->guid->equals($r->targetguid);
             $a = $app->items[0];
             //In case of
             if ($r->typeid == 2) {
                 if ($a->ownerid != $uid && $a->addedby != $uid && !userIsAdminOrManager($uid)) {
                     $count = $count - 1;
                     continue;
                 }
             }
             $primarycategory = $a->getPrimaryCategory();
             $isvappliance = "false";
             if (trim($primarycategory->id) === "34") {
                 $isvappliance = "true";
             }
         }
         //error_log("USER COUNTRY: " . var_export($u->country,true));
         $res .= "<userrequest id='" . $r->id . "' created='" . date("c", strtotime($r->created)) . ($r->lastupdated ? "' lastupdated='" . date("c", strtotime($r->lastupdated)) : "") . "' targetguid='" . $r->targetguid . "'>";
         $res .= "<type id='" . $r->requestType->id . "'>" . $r->requestType->name . "</type>";
         if ($r->typeid !== 3) {
             $res .= "<application id='" . $a->id . "' cname='" . $a->cname . "' isvirtualappliance='" . $isvappliance . "'>" . $a->name . "</application>";
         }
         $res .= "<user id='" . $u->id . "' >";
         $res .= "<name>" . $u->firstName . " " . $u->lastName . "</name>";
         $res .= "<cname>" . $u->cname . "</cname>";
         $res .= "<role>" . $u->positionType->description . "</role>";
         $res .= "<institution>" . $u->institution . "</institution>";
         $res .= "<country id='" . $u->countryid . "' isocode='" . $u->country->ISOcode . "' >" . $u->country->name . "</country>";
         $res .= "<message>" . $r->userdata . "</message>";
         $res .= "</user>";
         $res .= "<state id='" . $r->requestState->id . "'>" . $r->requestState->name . "</state>";
         $res .= "</userrequest>";
     }
     echo "<response count='" . $count . "'>";
     echo $res;
     echo "</response>";
 }