Ejemplo n.º 1
0
 /**
  * Get an array of Role names granted to the user that permit the requested 
  * action on the given OwnedEntity. If the user has no roles that 
  * permit the requested action, then return an empty array. 
  * <p>
  * Supported actions: EDIT_OBJECT, NGI_ADD_SITE, GRANT_ROLE, REJECT_ROLE, REVOKE_ROLE 
  * 
  * @param string $action
  * @param \OwnedEntity $entity
  * @param \User $callingUser
  * @return array of RoleName values 
  * @throws LogicException If unsupported enitity type or action is passed
  */
 public function authorizeAction($action, \OwnedEntity $entity, \User $callingUser)
 {
     $siteService = new \org\gocdb\services\Site();
     $siteService->setEntityManager($this->em);
     $ngiService = new \org\gocdb\services\NGI();
     $ngiService->setEntityManager($this->em);
     $sgService = new \org\gocdb\services\ServiceGroup();
     $sgService->setEntityManager($this->em);
     $projectService = new \org\gocdb\services\Project();
     $projectService->setEntityManager($this->em);
     if ($entity instanceof \NGI) {
         $grantingRoles = $ngiService->authorizeAction($action, $entity, $callingUser);
     } else {
         if ($entity instanceof \Site) {
             $grantingRoles = $siteService->authorizeAction($action, $entity, $callingUser);
         } else {
             if ($entity instanceof \Project) {
                 $grantingRoles = $projectService->authorizeAction($action, $entity, $callingUser);
             } else {
                 if ($entity instanceof \ServiceGroup) {
                     $grantingRoles = $sgService->authorizeAction($action, $entity, $callingUser);
                 } else {
                     throw new \LogicException('Unsuppored OwnedEntity type');
                 }
             }
         }
     }
     return $grantingRoles;
 }
Ejemplo n.º 2
0
 /**
  * Test the NGI service deleteNGI() method which recursively deletes child 
  * sites and services, roles etc.  
  */
 public function testNgiService_deleteNgi()
 {
     print __METHOD__ . "\n";
     include __DIR__ . '/resources/sampleFixtureData1.php';
     // create an admin user (required to call the NGI service)
     $adminUser = TestUtil::createSampleUser('some', 'admin', '/some/admin');
     $adminUser->setAdmin(TRUE);
     $this->em->persist($adminUser);
     // Now delete the ngi using the NGI service.
     $ngiService = new org\gocdb\services\NGI();
     $ngiService->setEntityManager($this->em);
     $ngiService->deleteNgi($ngi, $adminUser, FALSE);
     // since we deleted the NGI, we expect an empty DB !
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM Roles");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM NGIs");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM Sites");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM Services");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM Downtimes");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM EndpointLocations");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $testConn->createQueryTable('results_table', "SELECT * FROM CertificationStatusLogs");
     $this->assertTrue($result->getRowCount() == 0);
 }
Ejemplo n.º 3
0
 public function testNgiService_removeNgi()
 {
     print __METHOD__ . "\n";
     include __DIR__ . '/resources/sampleFixtureData1.php';
     $adminUser = TestUtil::createSampleUser('some', 'admin', '/some/admin');
     $adminUser->setAdmin(TRUE);
     $this->em->persist($adminUser);
     $ngiService = new org\gocdb\services\NGI();
     $ngiService->setEntityManager($this->em);
     $ngiService->deleteNgi($ngi, $adminUser, FALSE);
 }
 /**
  * Delete the parent NGI and ensure all sites, servcies, endponts and downtimes  
  * are deleted leaving only the orphan dowmtime. 
  */
 public function testNgiService_removeNgi()
 {
     print __METHOD__ . "\n";
     include __DIR__ . '/resources/sampleFixtureData4.php';
     $adminUser = TestUtil::createSampleUser('some', 'admin', '/some/admin');
     $adminUser->setAdmin(TRUE);
     $this->em->persist($adminUser);
     $ngiService = new org\gocdb\services\NGI();
     $ngiService->setEntityManager($this->em);
     $ngiService->deleteNgi($ngi, $adminUser, FALSE);
     // use DB connection to check data has been deleted
     $con = $this->getConnection();
     $result = $con->createQueryTable('results_table', "SELECT * FROM EndpointLocations");
     $this->assertTrue($result->getRowCount() == 0);
     $result = $con->createQueryTable('results_table', "SELECT * FROM Downtimes");
     $this->assertTrue($result->getRowCount() == 1);
     // orphanDT
     $result = $con->createQueryTable('results_table', "SELECT * FROM Sites");
     $this->assertTrue($result->getRowCount() == 0);
     // site2
 }
Ejemplo n.º 5
0
 /**
  * Adds a site. $values is in the following format:
  * Array
  * (
  *     [Scope] => 2
  *     [Country] => 6
  *     [Timezone] => 1
  *     [ProductionStatus] => 1
  *     [NGI] => 11
  *     [Certification_Status] => 1
  *     [Site] => Array
  *     (
  *                 [SHORT_NAME] => MyTestSite
  *                 [OFFICIAL_NAME] => TestSite
  *                 [HOME_URL] => https://test.host.com
  *                 [GIIS_URL] => ldap://giis_url:234
  *                 [IP_RANGE] => 0.0.0.0/255.255.255.234
  *                 [IP_V6_RANGE] => 0000:0000:0000:0000:0000:0000:0000:0000[/int]
  *                 [LOCATION] => Britain
  *                 [LATITUDE] => 234
  *                 [LONGITUDE] => 234
  *                 [DESCRIPTION] => Test
  *                 [EMAIL] => lcg@rl.ac.uk
  *                 [CONTACTTEL] => +44 01925 603762, +44 01235 44 5010234
  *                 [EMERGENCYTEL] => +44 01925 603762, +44 01235 44 5010, +44 01925 603513234
  *                 [CSIRTEMAIL] => gocdb-admins@mailtalk.ac.uk
  *                 [CSIRTTEL] => +44 01925 603762, +44 01235 44 5010, +44 01925 603513234
  *                 [EMERGENCYEMAIL] => jcasson@234.com
  *                 [HELPDESKEMAIL] => gocdb-admins@mailtalk.ac.uk
  *                 [DOMAIN] => Test.com
  *     )
  * )
  * @param array $values New Site Values
  * @param \User $user User making the request
  */
 public function addSite($values, \User $user = null)
 {
     //Check the portal is not in read only mode, throws exception if it is
     $this->checkPortalIsNotReadOnlyOrUserIsAdmin($user);
     if (is_null($user)) {
         throw new Exception("Unregistered users may not add new sites");
     }
     if (!$user->isAdmin()) {
         $ngiService = new \org\gocdb\services\NGI();
         $ngiService->setEntityManager($this->em);
         $usersNGIs = $ngiService->getNGIsBySupportedAction(\Action::NGI_ADD_SITE, $user);
         if (count($usersNGIs) == 0) {
             throw new \Exception("You do not have permission to add a new site." . " To add a new site you require a managing role over an NGI");
         }
     }
     // do as much validation before starting a new db tx
     // check the site object data is valid
     $this->validate($values['Site'], 'site');
     //check there are the required number of scopes specified
     $this->checkNumberOfScopes($values['Scope_ids']);
     $this->uniqueCheck($values['Site']['SHORT_NAME']);
     // Populate the entity
     try {
         /* Create a PK for this site
          * This is persisted/flushed (but not committed) before the site 
          * so the PK is set by the database.
          * If the site insertion fails the PK can still be rolled back.  
          */
         $this->em->getConnection()->beginTransaction();
         $pk = new \PrimaryKey();
         $this->em->persist($pk);
         // flush synchronizes the in-memory state of managed objects with the database
         // but we can still rollback
         $this->em->flush();
         //$this->em->getConnection()->commit();
         //$this->em->getConnection()->beginTransaction();
         $site = new \Site();
         $site->setPrimaryKey($pk->getId() . "G0");
         $site->setOfficialName($values['Site']['OFFICIAL_NAME']);
         $site->setShortName($values['Site']['SHORT_NAME']);
         $site->setDescription($values['Site']['DESCRIPTION']);
         $site->setHomeUrl($values['Site']['HOME_URL']);
         $site->setEmail($values['Site']['EMAIL']);
         $site->setTelephone($values['Site']['CONTACTTEL']);
         $site->setGiisUrl($values['Site']['GIIS_URL']);
         $site->setLatitude($values['Site']['LATITUDE']);
         $site->setLongitude($values['Site']['LONGITUDE']);
         $site->setCsirtEmail($values['Site']['CSIRTEMAIL']);
         $site->setIpRange($values['Site']['IP_RANGE']);
         $site->setIpV6Range($values['Site']['IP_V6_RANGE']);
         $site->setDomain($values['Site']['DOMAIN']);
         $site->setLocation($values['Site']['LOCATION']);
         $site->setCsirtTel($values['Site']['CSIRTTEL']);
         $site->setEmergencyTel($values['Site']['EMERGENCYTEL']);
         $site->setEmergencyEmail($values['Site']['EMERGENCYEMAIL']);
         $site->setHelpdeskEmail($values['Site']['HELPDESKEMAIL']);
         $site->setTimezoneId($values['Site']['TIMEZONE']);
         // get the parent NGI entity
         $dql = "SELECT n FROM NGI n WHERE n.id = :id";
         $parentNgi = $this->em->createQuery($dql)->setParameter('id', $values['NGI'])->getSingleResult();
         $site->setNgiDoJoin($parentNgi);
         // get the target infrastructure
         $dql = "SELECT i FROM Infrastructure i WHERE i.id = :id";
         $inf = $this->em->createQuery($dql)->setParameter('id', $values['ProductionStatus'])->getSingleResult();
         $site->setInfrastructure($inf);
         // get the cert status
         if (!isset($values['Certification_Status']) || $values['Certification_Status'] == null || $values['Certification_Status'] == '') {
             throw new \LogicException("Missing seed data - No certification status values in the DB (required data)");
         }
         $dql = "SELECT c FROM CertificationStatus c WHERE c.id = :id";
         $certStatus = $this->em->createQuery($dql)->setParameter('id', $values['Certification_Status'])->getSingleResult();
         $site->setCertificationStatus($certStatus);
         $now = new \DateTime('now', new \DateTimeZone('UTC'));
         $site->setCertificationStatusChangeDate($now);
         // create a new CertStatusLog
         $certLog = new \CertificationStatusLog();
         $certLog->setAddedBy($user->getCertificateDn());
         $certLog->setNewStatus($certStatus->getName());
         $certLog->setOldStatus(null);
         $certLog->setAddedDate($now);
         $certLog->setReason('Initial creation');
         $this->em->persist($certLog);
         $site->addCertificationStatusLog($certLog);
         // Set the scopes
         foreach ($values['Scope_ids'] as $scopeId) {
             $dql = "SELECT s FROM Scope s WHERE s.id = :id";
             $scope = $this->em->createQuery($dql)->setParameter('id', $scopeId)->getSingleResult();
             $site->addScope($scope);
         }
         // get the country
         $dql = "SELECT c FROM Country c WHERE c.id = :id";
         $country = $this->em->createQuery($dql)->setParameter('id', $values['Country'])->getSingleResult();
         $site->setCountry($country);
         // deprecated - don't use the lookup DB entity
         //	    	$dql = "SELECT t FROM Timezone t WHERE t.id = :id";
         //	    	$timezone = $this->em->createQuery($dql)
         //	    		->setParameter('id', $values['Timezone'])
         //	    		->getSingleResult();
         //	    	$site->setTimezone($timezone);
         $this->em->persist($site);
         $this->em->flush();
         $this->em->getConnection()->commit();
     } catch (\Exception $ex) {
         $this->em->getConnection()->rollback();
         //$this->em->remove($pk);
         //$this->em->flush();
         $this->em->close();
         throw $ex;
     }
     return $site;
 }