}
if (!empty($_POST) && isset($_POST['apply'])) {
if (!isset($_POST['csrf_token']) || !$csrf_provider->isCsrfTokenValid('import_entity', $_POST['csrf_token'])) {
SimpleSAML_Logger::warning('Janus: [SECURITY] CSRF token not found or invalid');
throw new SimpleSAML_Error_BadRequest('Missing valid csrf token!');
}
// Update entity if updated
if ($update) {
$entityController->saveEntity();
$entityController->loadEntity();
$entity = $entityController->getEntity();
// Notify users who have asked to be updated when
$pm = new sspmod_janus_Postman();
$addresses[] = 'ENTITYUPDATE-' . $entity->getEid();
$editLink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
$pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . htmlspecialchars($editLink) . '">' . htmlspecialchars($editLink) . '</a><br /><br />' . htmlspecialchars($entity->getRevisionnote()) . '<br /><br />' . htmlspecialchars($note), $addresses, $user->getUid());
}
$session->deleteData('string', 'meta_xml');
$session->deleteData('string', 'meta_json');
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/editentity.php'), array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
exit;
}
$et->data['update'] = $update;
$newMetadata = $entityController->getMetaArray();
unset($newMetadata['attributes']);
$newMetadata = $converter->execute($newMetadata);
$et->data['new'] = $newMetadata;
$et->data['newArp'] = $entityController->getArpAttributes();
$et->data['newAcl'] = array('AllowedAll' => $entityController->getAllowedAll(), 'Allowed' => array_map(function ($allowedEntity) use($janusConfig) {
// @todo this is very inefficient for large sets
$controller = sspmod_janus_DiContainer::getInstance()->getEntityController();
}
}
if (isset($_POST['submit'])) {
if (!empty($_POST['entityid'])) {
if (check_uri($_POST['entityid'])) {
if (!isset($_POST['entityid']) || empty($_POST['entitytype'])) {
$msg = 'error_no_type';
$old_entityid = $_POST['entityid'];
$old_entitytype = $_POST['entitytype'];
} else {
$msg = $mcontrol->createNewEntity($_POST['entityid'], $_POST['entitytype']);
if (is_int($msg)) {
$entity = new sspmod_janus_Entity($janus_config);
$pm->subscribe($user->getUid(), 'ENTITYUPDATE-' . $msg);
$directlink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $msg));
$pm->post('New entity created', 'Permalink: <a href="' . $directlink . '">' . $directlink . '</a><br /><br />A new entity has been created.<br />Entityid: ' . $_POST['entityid'] . '<br />Entity type: ' . $_POST['entitytype'], 'ENTITYCREATE', $user->getUid());
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/editentity.php'), array('eid' => $msg));
}
}
} else {
$msg = 'error_entity_not_url';
$old_entityid = $_POST['entityid'];
$old_entitytype = $_POST['entitytype'];
}
} else {
if (!empty($_POST['metadata_xml'])) {
$doc = new DOMDocument();
$doc->loadXML($_POST['metadata_xml']);
$xpath = new DOMXPath($doc);
$xpath->registerNamespace('md', 'urn:oasis:names:tc:SAML:2.0:metadata');
$query = '/md:EntityDescriptor';
exit;
}
$attributes = $as->getAttributes();
// Require that we can get this users id.
if (!isset($attributes[$userIdAttribute])) {
throw new Exception('User ID is missing');
}
/** @var string $userId */
$userId = $attributes[$userIdAttribute][0];
if (isset($_POST['submit'])) {
$csrf_provider = sspmod_janus_DiContainer::getInstance()->getCsrfProvider();
if (!isset($_POST['csrf_token']) || !$csrf_provider->isCsrfTokenValid('add_user', $_POST['csrf_token'])) {
SimpleSAML_Logger::warning('Janus: [SECURITY] CSRF token not found or invalid');
throw new SimpleSAML_Error_BadRequest('Missing valid csrf token!');
}
// Create the user
$user = new sspmod_janus_User($janusConfig->getValue('store'));
$user->setUserid($userId);
$user->setType($defaultUserType);
$user->setActive('yes');
$user->save();
// Trigger an event
$pm = new sspmod_janus_Postman();
$pm->post('New user created', 'A new user has been created with username: '******'USER-NEW', $user->getUid());
}
$template = new SimpleSAML_XHTML_Template($sspConfig, 'janus:newuser.php', 'janus:newuser');
$template->data['userid'] = $userId;
if (isset($user)) {
$template->data['user_created'] = TRUE;
}
$template->show();
/**
* Saves the user data to the database.
*
* Method for saving the user data to the database. If the user data has not
* been modified the methos just returns true. If an error occures and the
* data is not saved the method returns false.
*
* @return bool true if data is saved end false if data is not saved.
* @throws \Exception
*/
public function save()
{
// If the user is not modified, just return
if (!$this->_modified) {
return true;
}
$entityManager = $this->getEntityManager();
$this->validateUserTypes($this->_type);
// uid is empty. This is a new user
if (empty($this->_uid)) {
// Test if username already exists
$existingUser = $entityManager->getRepository('Janus\\ServiceRegistry\\Entity\\User')->findOneBy(array('username' => $this->_userid));
if ($existingUser instanceof User) {
return false;
}
// Create new user
$user = new User($this->_userid, $this->_type, $this->_email, $this->_active === 'yes');
$entityManager->persist($user);
$entityManager->flush();
// Get new uid
$this->_uid = $user->getId();
$pm = new sspmod_janus_Postman();
$pm->subscribe($this->_uid, 'USER-' . $this->_uid);
$pm->post('New user created', 'A new user have been created. User ID: ' . htmlspecialchars($this->_userid) . ' Uid: ' . htmlspecialchars($this->_uid), 'USERCREATE', htmlspecialchars($this->_uid));
unset($pm);
} else {
// Update existing user
$existingUser = $this->getUserService()->findById($this->_uid);
if (!$existingUser instanceof User) {
throw new \Exception("User '{$this->_uid}' does not exist");
}
$existingUser->update($this->_userid, $this->_type, $this->_email, $this->_active === 'yes', $this->_data, $this->_secret);
$entityManager->persist($existingUser);
$entityManager->flush();
}
$this->_modified = false;
return true;
}
$authsource = $janus_config->getValue('auth', 'login-admin');
$useridattr = $janus_config->getValue('useridattr', 'eduPersonPrincipalName');
if ($session->isValid($authsource)) {
$attributes = $session->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
$econtroller = new sspmod_janus_UserController($janus_config);
$usertypes = $janus_config->getValue('usertypes');
$et = new SimpleSAML_XHTML_Template($config, 'janus:newuser.php', 'janus:newuser');
if (isset($_POST['submit'])) {
$user = new sspmod_janus_User($janus_config->getValue('store'));
$user->setUserid($_POST['userid']);
$user->setType($_POST['type']);
$user->setActive('yes');
$user->save();
$et->data['user_created'] = TRUE;
$pm = new sspmod_janus_Postman();
$pm->post('New user created', 'A new user has been created with username: '******'USER-NEW', $user->getUid());
}
if (isset($_GET['userid'])) {
$et->data['userid'] = $_GET['userid'];
}
$et->data['users'] = $econtroller->getUsers();
$et->data['usertypes'] = $usertypes;
$et->show();
/**
* Saves the user data to the database.
*
* Method for saving the user data to the database. If the user data has not
* been modified the methos just returns true. If an error occures and the
* data is not saved the method returns false.
*
* @return bool true if data is saved end false if data is not saved.
* @todo Clean up
* @todo Remove exceptions, return true/false
*/
public function save()
{
// If the user is not modified, just return
if (!$this->_modified) {
return true;
}
// uid is empty. This is a new user
if (empty($this->_uid)) {
// Test if email address already exists
$st = $this->execute('SELECT count(*) AS `count`
FROM ' . self::$prefix . 'user
WHERE `userid` = ?;', array($this->_userid));
if ($st === false) {
throw new SimpleSAML_Error_Exception('JANUS:User:save - Error executing statement : ' . self::formatError($st->errorInfo()));
}
$row = $st->fetchAll(PDO::FETCH_ASSOC);
if ($row[0]['count'] > 0) {
return false;
}
// Create new User
$st = $this->execute('INSERT INTO ' . self::$prefix . 'user
(`uid`,
`userid`,
`type`,
`email`,
`active`,
`update`,
`created`,
`ip`)
VALUES
(null, ?, ?, ?, ?, ?, ?, ?)', array($this->_userid, serialize($this->_type), $this->_email, $this->_active, date('c'), date('c'), $_SERVER['REMOTE_ADDR']));
// Get new uid
$this->_uid = self::$db->lastInsertId();
$pm = new sspmod_janus_Postman();
$pm->subscribe($this->_uid, 'USER-' . $this->_uid);
$pm->post('New user created', 'A new user have been created. User ID: ' . $this->_userid . ' Uid: ' . $this->_uid, 'USERCREATE', $this->_uid);
unset($pm);
} else {
// Update existing user
$st = $this->execute('UPDATE ' . self::$prefix . 'user set
`userid` = ?,
`type` = ?,
`email` = ?,
`active` = ?,
`update` = ?,
`ip` = ?,
`data` = ?,
`secret` = ?
WHERE
`uid` = ?;', array($this->_userid, serialize($this->_type), $this->_email, $this->_active, date('c'), $_SERVER['REMOTE_ADDR'], $this->_data, $this->_secret, $this->_uid));
}
if ($st === false) {
throw new SimpleSAML_Error_Exception('JANUS:User:save - Error executing statement : ' . self::$db->errorInfo());
}
$this->_modified = false;
return true;
}
if (array_key_exists($language, $norevision)) {
$entity->setRevisionnote($norevision[$language]);
} else {
$entity->setRevisionnote($norevision['en']);
}
} else {
$entity->setRevisionnote($_POST['revisionnote']);
}
// Update entity if updated
if ($update) {
$mcontroller->saveEntity();
$mcontroller->loadEntity();
$pm = new sspmod_janus_Postman();
$addresses[] = 'ENTITYUPDATE-' . $eid;
$directlink = SimpleSAML_Module::getModuleURL('janus/editentity.php', array('eid' => $entity->getEid(), 'revisionid' => $entity->getRevisionid()));
$pm->post('Entity updated - ' . $entity->getEntityid(), 'Permalink: <a href="' . $directlink . '">' . $directlink . '</a><br /><br />' . $entity->getRevisionnote() . '<br /><br />' . $note, $addresses, $user->getUid());
}
SimpleSAML_Utilities::redirect(SimpleSAML_Utilities::selfURLNoQuery(), array('eid' => $eid, 'msg' => $msg));
}
// Get remote entities
if ($entity->getType() == 'saml20-sp') {
$loaded_entities = array_merge($autil->getEntitiesByStateType(null, 'saml20-idp'), $autil->getEntitiesByStateType(null, 'shib13-idp'));
} else {
if ($entity->getType() == 'saml20-idp') {
$loaded_entities = array_merge($autil->getEntitiesByStateType(null, 'saml20-sp'), $autil->getEntitiesByStateType(null, 'shib13-sp'));
} else {
if ($entity->getType() == 'shib13-sp') {
$loaded_entities = array_merge($autil->getEntitiesByStateType(null, 'saml20-idp'), $autil->getEntitiesByStateType(null, 'shib13-idp'));
} else {
if ($entity->getType() == 'shib13-idp') {
$loaded_entities = array_merge($autil->getEntitiesByStateType(null, 'saml20-sp'), $autil->getEntitiesByStateType(null, 'shib13-sp'));
