/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// publicly accessible users
if ($this->mode != "dataset" && $this->mode != "access_user") {
$ws_av = new AuthValidator($this->requester_ip, $this->wsf_graph, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
/** Validate a query to this web service
If a user wants to update information about a dataset on a given structWSF web service endpoint,
he has to have access to the "http://.../wsf/datasets/" graph with Update privileges, or to have
Update privileges on the dataset URI itself. If the users doesn't have these permissions,
then he won't be able to update the description of the dataset on that instance.
By default, the administrators, and the creator of the dataset, have such an access on a structWSF instance.
However a system administrator can choose to make the "http://.../wsf/datasets/" world updatable,
which would mean that anybody could update information about the datasets on the instance.
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// Check if the dataset URI is missing.
if ($this->datasetUri == "") {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_200->name);
$this->conneg->setError($this->errorMessenger->_200->id, $this->errorMessenger->ws, $this->errorMessenger->_200->name, $this->errorMessenger->_200->description, "", $this->errorMessenger->_200->level);
return;
}
// Check if the dataset URI is valid
if (!$this->isValidIRI($this->datasetUri)) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_203->name);
$this->conneg->setError($this->errorMessenger->_203->id, $this->errorMessenger->ws, $this->errorMessenger->_203->name, $this->errorMessenger->_203->description, "", $this->errorMessenger->_203->level);
return;
}
// Check if the dataset is existing
$query .= " select ?dataset \n from <" . $this->wsf_graph . "datasets/>\n where\n {\n <{$this->datasetUri}> a ?dataset .\n }";
$resultset = @$this->db->query($this->db->build_sparql_query(str_replace(array("\n", "\r", "\t"), " ", $query), array("dataset"), FALSE));
if (odbc_error()) {
$this->conneg->setStatus(500);
$this->conneg->setStatusMsg("Internal Error");
$this->conneg->setStatusMsgExt($this->errorMessenger->_201->name);
$this->conneg->setError($this->errorMessenger->_201->id, $this->errorMessenger->ws, $this->errorMessenger->_201->name, $this->errorMessenger->_201->description, odbc_errormsg(), $this->errorMessenger->_201->level);
return;
} elseif (odbc_fetch_row($resultset) === FALSE) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_202->name);
$this->conneg->setError($this->errorMessenger->_202->id, $this->errorMessenger->ws, $this->errorMessenger->_202->name, $this->errorMessenger->_202->description, "", $this->errorMessenger->_202->level);
unset($resultset);
return;
}
unset($resultset);
$contribs = array();
if (strpos($this->contributors, ";") !== FALSE) {
$contribs = explode(";", $this->contributors);
} else {
if ($this->contributors != "") {
array_push($contribs, $this->contributors);
}
}
foreach ($contribs as $contrib) {
if ($contrib != "-delete-" && !$this->isValidIRI($contrib)) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_204->name);
$this->conneg->setError($this->errorMessenger->_204->id, $this->contributors . "--" . $this->errorMessenger->ws, $this->errorMessenger->_204->name, $this->errorMessenger->_204->description, "", $this->errorMessenger->_204->level);
unset($resultset);
return;
}
}
// Check if the requester has access to the main "http://.../wsf/datasets/" graph.
$ws_av = new AuthValidator($this->requester_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->requester_ip, $this->datasetUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
// Check if the requester has access to the main "http://.../wsf/datasets/" graph.
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->registered_ip, $this->datasetUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
}
}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// Validation of the "requester_ip" to make sure the system that is sending the query as the rights.
$ws_av = new AuthValidator($this->requester_ip, $this->dataset, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
unset($ws_av);
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
// Validation of the "registered_ip" to make sure the user of this system has the rights
$ws_av = new AuthValidator($this->registered_ip, $this->dataset, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
$mtime = explode(' ', $mtime);
$mtime = $mtime[1] + $mtime[0];
$starttime = $mtime;
$start_datetime = date("Y-m-d h:i:s");
$requester_ip = "0.0.0.0";
if (isset($_SERVER['REMOTE_ADDR'])) {
$requester_ip = $_SERVER['REMOTE_ADDR'];
}
$parameters = "";
if (isset($_SERVER['REQUEST_URI'])) {
$parameters = $_SERVER['REQUEST_URI'];
$pos = strpos($parameters, "?");
if ($pos !== FALSE) {
$parameters = substr($parameters, $pos, strlen($parameters) - $pos);
}
} elseif (isset($_SERVER['PHP_SELF'])) {
$parameters = $_SERVER['PHP_SELF'];
}
$ws_av = new AuthValidator($ip, $datasets, $ws_uri, $interface, $version);
$ws_av->ws_conneg(isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : "", isset($_SERVER['HTTP_ACCEPT_CHARSET']) ? $_SERVER['HTTP_ACCEPT_CHARSET'] : "", isset($_SERVER['HTTP_ACCEPT_ENCODING']) ? $_SERVER['HTTP_ACCEPT_ENCODING'] : "", isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? $_SERVER['HTTP_ACCEPT_LANGUAGE'] : "");
$ws_av->process();
$ws_av->ws_respond($ws_av->ws_serialize());
$mtime = microtime();
$mtime = explode(" ", $mtime);
$mtime = $mtime[1] + $mtime[0];
$endtime = $mtime;
$totaltime = $endtime - $starttime;
if ($ws_av->isLoggingEnabled()) {
$logger = new Logger("auth_validator", $requester_ip, "?ip=" . $ip . "&datasets=" . $datasets . "&ws_uri=" . $ws_uri, isset($_SERVER['HTTP_ACCEPT']) ? $_SERVER['HTTP_ACCEPT'] : "", $start_datetime, $totaltime, $ws_av->pipeline_getResponseHeaderStatus(), isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : "");
}
//@}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
if ($this->lang != "" && array_search($this->lang, $this->supportedLanguages) === FALSE) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_304->name);
$this->conneg->setError($this->errorMessenger->_304->id, $this->errorMessenger->ws, $this->errorMessenger->_304->name, $this->errorMessenger->_304->description, "", $this->errorMessenger->_304->level);
return;
}
// @TODO Validate the OntologyRead queries such that: (1) if the user is requesting something related to a
// specific ontology, we check if it has the rights. If it is requesting a list of available ontologies
// we list the ones he has access to. That second validation has to happen in these special functions.
if ($this->ontologyUri != "") {
$ws_av = new AuthValidator($this->requester_ip, $this->ontologyUri, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
// Validation of the "registered_ip" to make sure the user of this system has the rights
$ws_av = new AuthValidator($this->registered_ip, $this->ontologyUri, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
$ws_av = new AuthValidator($this->requester_ip, $this->wsf_graph . "ontologies/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->requester_ip, $this->ontologyUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
// Validation of the "registered_ip" to make sure the user of this system has the rights
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph . "ontologies/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->registered_ip, $this->ontologyUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
}
// Check if the URI is defined.
if ($this->ontologyUri == "") {
$this->returnError(400, "Bad Request", "_201");
return;
}
}
/** Validate a query to this web service
If a user wants to delete information about a dataset on a given structWSF web service endpoint,
he has to have access to the "http://.../wsf/datasets/" graph with Delete privileges, or to have
Delete privileges on the dataset URI itself. If the users doesn't have these permissions,
then he won't be able to update the description of the dataset on that instance.
By default, the administrators, and the creator of the dataset, have such an access on a structWSF instance.
However a system administrator can choose to make the "http://.../wsf/datasets/" world deletable,
which would mean that anybody could update information about the datasets on the instance.
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// Check if the requester has access to the main "http://.../wsf/datasets/" graph.
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->requester_ip, $this->datasetUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
// Check if the requester has access to the main "http://.../wsf/datasets/" graph.
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
// If he doesn't, then check if he has access to the dataset itself
$ws_av2 = new AuthValidator($this->registered_ip, $this->datasetUri, $this->uri);
$ws_av2->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av2->process();
if ($ws_av2->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av2->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av2->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av2->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av2->pipeline_getError()->id, $ws_av2->pipeline_getError()->webservice, $ws_av2->pipeline_getError()->name, $ws_av2->pipeline_getError()->description, $ws_av2->pipeline_getError()->debugInfo, $ws_av2->pipeline_getError()->level);
return;
}
}
if ($this->datasetUri == "") {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_200->name);
$this->conneg->setError($this->errorMessenger->_200->id, $this->errorMessenger->ws, $this->errorMessenger->_200->name, $this->errorMessenger->_200->description, "", $this->errorMessenger->_200->level);
return;
}
if (!$this->isValidIRI($this->datasetUri)) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_201->name);
$this->conneg->setError($this->errorMessenger->_201->id, $this->errorMessenger->ws, $this->errorMessenger->_201->name, $this->errorMessenger->_201->description, "", $this->errorMessenger->_201->level);
return;
}
}
}
public function processInterface()
{
// Make sure there was no conneg error prior to this process call
if ($this->ws->conneg->getStatus() == 200) {
$ch = curl_init();
// Normalize the query to remove the return carriers and line feeds
// This is performed to help matching the regular expressions patterns.
$this->query = str_replace(array("\r", "\n"), " ", $this->query);
// remove the possible starting "sparql"
$this->query = preg_replace("/^[\\s\t]*sparql[\\s\t]*/Uim", "", $this->query);
// Check if there is a prolog to this SPARQL query.
// First check if there is a "base" declaration
preg_match("/^[\\s\t]*base[\\s\t]*<.*>/Uim", $this->query, $matches, PREG_OFFSET_CAPTURE);
$baseOffset = -1;
if (count($matches) > 0) {
$baseOffset = $matches[0][1] + strlen($matches[0][0]);
}
// Second check for all possible "prefix" clauses
preg_match_all("/[\\s\t]*prefix[\\s\t]*.*:.*<.*>/Uim", $this->query, $matches, PREG_OFFSET_CAPTURE);
$lastPrefixOffset = -1;
if (count($matches) > 0) {
$lastPrefixOffset = $matches[0][count($matches[0]) - 1][1] + strlen($matches[0][count($matches[0]) - 1][0]);
}
$prologEndOffset = -1;
if ($lastPrefixOffset > -1) {
$prologEndOffset = $lastPrefixOffset;
} elseif ($baseOffset > -1) {
$prologEndOffset = $baseOffset;
}
$noPrologQuery = $this->query;
if ($prologEndOffset != -1) {
$noPrologQuery = substr($this->query, $prologEndOffset);
}
// Now extract prefixes references
$prefixes = array();
preg_match_all("/[\\s\t]*prefix[\\s\t]*(.*):(.*)<(.*)>/Uim", $this->query, $matches, PREG_OFFSET_CAPTURE);
if (count($matches[0]) > 0) {
for ($i = 0; $i < count($matches[1]); $i++) {
$p = str_replace(array(" ", " "), "", $matches[1][$i][0]) . ":" . str_replace(array(" ", " "), "", $matches[2][$i][0]);
$iri = $matches[3][$i][0];
$prefixes[$p] = $iri;
}
}
// Drop any SPARUL queries
// Reference: http://www.w3.org/Submission/SPARQL-Update/
if (preg_match_all("/^[\\s\t]*modify[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*delete[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*insert[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*load[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*clear[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*create[\\s\t]*/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/^[\\s\t]*drop[\\s\t]*/Uim", $noPrologQuery, $matches) > 0) {
$this->ws->conneg->setStatus(400);
$this->ws->conneg->setStatusMsg("Bad Request");
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_203->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_203->id, $this->ws->errorMessenger->ws, $this->ws->errorMessenger->_203->name, $this->ws->errorMessenger->_203->description, "", $this->ws->errorMessenger->_203->level);
return;
}
// Detect any CONSTRUCT clause
$this->isConstructQuery = FALSE;
if (preg_match_all("/^[\\s\t]*construct[\\s\t]*/Uim", $noPrologQuery, $matches) > 0) {
$this->isConstructQuery = TRUE;
/*
$this->ws->conneg->setStatus(400);
$this->ws->conneg->setStatusMsg("Bad Request");
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_204->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_204->id, $this->ws->errorMessenger->ws,
$this->ws->errorMessenger->_204->name, $this->ws->errorMessenger->_204->description, "",
$this->ws->errorMessenger->_204->level);
return;
*/
}
// Drop any SPARQL query with a GRAPH clause which are not bound by one, or a series, of FROM NAMED clauses
if ((preg_match_all("/[\\s\t]*graph[\\s\t]*</Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/[\\s\t]*graph[\\s\t]*\\?/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/[\\s\t]*graph[\\s\t]*\$/Uim", $noPrologQuery, $matches) > 0 || preg_match_all("/[\\s\t]*graph[\\s\t]*[a-zA-Z0-9\\-_]*:/Uim", $noPrologQuery, $matches) > 0) && (preg_match_all("/([\\s\t]*from[\\s\t]*named[\\s\t]*<(.*)>[\\s\t]*)/Uim", $noPrologQuery, $matches) <= 0 && preg_match_all("/[\\s\t]*(from[\\s\t]*named)[\\s\t]*([^\\s\t<]*):(.*)[\\s\t]*/Uim", $noPrologQuery, $matches) <= 0)) {
$this->ws->conneg->setStatus(400);
$this->ws->conneg->setStatusMsg("Bad Request");
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_205->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_205->id, $this->ws->errorMessenger->ws, $this->ws->errorMessenger->_205->name, $this->ws->errorMessenger->_205->description, "", $this->ws->errorMessenger->_205->level);
return;
}
$graphs = array();
// Validate DESCRIBE query.
// The only thing we have to check here, is to get the graph IRI if the DESCRIBE is immediately using
// IRIRef clause. Possibilities are:
// "DESCRIBE <test>" -- IRI_REF
// "DESCRIBE a:" -- PrefixedName
$this->isDescribeQuery = FALSE;
if (preg_match("/^[\\s\t]*describe[\\s\t]*/Uim", $noPrologQuery, $matches) > 0) {
$this->isDescribeQuery = TRUE;
}
preg_match_all("/^[\\s\t]*describe[\\s\t]*<(.*)>/Uim", $noPrologQuery, $matches);
if (count($matches[0]) > 0) {
array_push($graphs, $matches[1][0]);
}
preg_match_all("/^[\\s\t]*describe[\\s\t]*([^<\\s\t]*):(.*)[\\s\t]*/Uim", $noPrologQuery, $matches);
if (count($matches[0]) > 0) {
for ($i = 0; $i < count($matches[0]); $i++) {
$p = $matches[1][$i] . ":";
if (isset($prefixes[$p])) {
$d = $prefixes[$p] . $matches[2][$i];
array_push($graphs, $d);
}
}
}
// Get all the "from" and "from named" clauses so that we validate if the user has access to them.
// Check for the clauses that uses direct IRI_REF
preg_match_all("/([\\s\t]*from[\\s\t]*<(.*)>[\\s\t]*)/Uim", $noPrologQuery, $matches);
foreach ($matches[2] as $match) {
array_push($graphs, $match);
}
preg_match_all("/([\\s\t]*from[\\s\t]*named[\\s\t]*<(.*)>[\\s\t]*)/Uim", $noPrologQuery, $matches);
foreach ($matches[2] as $match) {
array_push($graphs, $match);
}
// Check for the clauses that uses PrefixedName
preg_match_all("/[\\s\t]*(from|from[\\s\t]*named)[\\s\t]*([^\\s\t<]*):(.*)[\\s\t]*/Uim", $noPrologQuery, $matches);
if (count($matches[0]) > 0) {
for ($i = 0; $i < count($matches[0]); $i++) {
$p = $matches[2][$i] . ":";
if (isset($prefixes[$p])) {
$d = $prefixes[$p] . $matches[3][$i];
array_push($graphs, $d);
}
}
}
if ($this->ws->dataset == "" && count($graphs) <= 0) {
$this->ws->conneg->setStatus(400);
$this->ws->conneg->setStatusMsg("Bad Request");
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_201->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_201->id, $this->ws->errorMessenger->ws, $this->ws->errorMessenger->_201->name, $this->ws->errorMessenger->_201->description, "", $this->ws->errorMessenger->_201->level);
return;
}
// Validate all graphs of the query for the IP of the requester of this query.
// If one of the graph is not accessible to the user, we just return
// an error for this SPARQL query.
foreach ($graphs as $graph) {
if (substr($graph, strlen($graph) - 12, 12) == "reification/") {
$graph = substr($graph, 0, strlen($graph) - 12);
}
$ws_av = new AuthValidator($this->ws->requester_ip, $graph, $this->ws->uri);
$ws_av->pipeline_conneg("*/*", $this->ws->conneg->getAcceptCharset(), $this->ws->conneg->getAcceptEncoding(), $this->ws->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->ws->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->ws->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->ws->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->ws->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
/*
if registered_ip != requester_ip, this means that the query is sent by a registered system
on the behalf of someone else. In this case, we want to make sure that that system
(the one that send the actual query) has access to the same datasets. Otherwise, it means that
it tries to personificate that registered_ip user.
Validate all graphs of the query. If one of the graph is not accessible to the system, we just return
and error for this SPARQL query.
*/
if ($this->ws->registered_ip != $this->ws->requester_ip) {
foreach ($graphs as $graph) {
if (substr($graph, strlen($graph) - 12, 12) == "reification/") {
$graph = substr($graph, 0, strlen($graph) - 12);
}
$ws_av = new AuthValidator($this->ws->registered_ip, $graph, $this->ws->uri);
$ws_av->pipeline_conneg("*/*", $this->ws->conneg->getAcceptCharset(), $this->ws->conneg->getAcceptEncoding(), $this->ws->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->ws->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->ws->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->ws->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->ws->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
// Determine the query format
$queryFormat = "";
if ($this->ws->conneg->getMime() == "application/sparql-results+json" || $this->ws->conneg->getMime() == "application/sparql-results+xml" || $this->ws->conneg->getMime() == "text/html" || $this->isDescribeQuery === TRUE || $this->isConstructQuery === TRUE) {
$queryFormat = $this->ws->conneg->getMime();
} elseif ($this->ws->conneg->getMime() == "text/xml" || $this->ws->conneg->getMime() == "application/json" || $this->ws->conneg->getMime() == "application/rdf+xml" || $this->ws->conneg->getMime() == "application/rdf+n3" || $this->ws->conneg->getMime() == "application/iron+json" || $this->ws->conneg->getMime() == "application/iron+csv") {
$queryFormat = "application/sparql-results+xml";
}
// Add a limit to the query
// Disable limits and offset for now until we figure out what to do (not limit on triples, but resources)
// $this->query .= " limit ".$this->ws->limit." offset ".$this->ws->offset;
curl_setopt($ch, CURLOPT_URL, $this->ws->db_host . ":" . $this->ws->triplestore_port . "/sparql?default-graph-uri=" . urlencode($this->ws->dataset) . "&query=" . urlencode($this->query) . "&format=" . urlencode($queryFormat));
//curl_setopt($ch, CURLOPT_HTTPHEADER, array( "Accept: " . $queryFormat ));
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, TRUE);
$xml_data = curl_exec($ch);
$header = substr($xml_data, 0, strpos($xml_data, "\r\n\r\n"));
$data = substr($xml_data, strpos($xml_data, "\r\n\r\n") + 4, strlen($xml_data) - (strpos($xml_data, "\r\n\r\n") - 4));
curl_close($ch);
// check returned message
$httpMsgNum = substr($header, 9, 3);
$httpMsg = substr($header, 13, strpos($header, "\r\n") - 13);
if ($httpMsgNum == "200") {
$this->ws->sparqlContent = $data;
} else {
$this->ws->conneg->setStatus($httpMsgNum);
$this->ws->conneg->setStatusMsg($httpMsg);
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_300->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_300->id, $this->ws->errorMessenger->ws, $this->ws->errorMessenger->_300 > name, $this->ws->errorMessenger->_300->description, $data, $this->ws->errorMessenger->_300->level);
$this->ws->sparqlContent = "";
return;
}
// If a DESCRIBE query as been requested by the user, then we simply returns what is returned by
// the triple store. We don't have any convertion to do here.
if ($this->isDescribeQuery === TRUE) {
return;
}
// If a CONSTRUCT query as been requested by the user, then we simply returns what is returned by
// the triple store. We don't have any convertion to do here.
if ($this->isConstructQuery === TRUE) {
return;
}
if ($this->ws->conneg->getMime() == "text/xml" || $this->ws->conneg->getMime() == "application/rdf+n3" || $this->ws->conneg->getMime() == "application/rdf+xml" || $this->ws->conneg->getMime() == "application/json" || $this->ws->conneg->getMime() == "application/iron+json" || $this->ws->conneg->getMime() == "application/iron+csv") {
// Read the XML file and populate the recordInstances variables
$xml = $this->xml2ary($this->ws->sparqlContent);
if (isset($xml["sparql"]["_c"]["results"]["_c"]["result"])) {
$currentSubjectUri = "";
$subject = null;
$sourceDataset = "";
$isPartOfFound = FALSE;
$g;
foreach ($xml["sparql"]["_c"]["results"]["_c"]["result"] as $result) {
$s = "";
$p = "";
$o = "";
$g = "";
$valueBoundType = "";
foreach ($result["_c"]["binding"] as $binding) {
$boundVariable = $binding["_a"]["name"];
$keys = array_keys($binding["_c"]);
$boundType = $keys[0];
$boundValue = $binding["_c"][$boundType]["_v"];
switch ($boundVariable) {
case "s":
$s = $boundValue;
break;
case "p":
$p = $boundValue;
if ($p == Namespaces::$dcterms . "isPartOf") {
$isPartOfFound = TRUE;
}
break;
case "o":
$o = $boundValue;
$valueBoundType = $boundType;
break;
case "g":
$g = $boundValue;
break;
}
}
if ($currentSubject != $s) {
if ($subject != null) {
if ($g != "" && $isPartOfFound === FALSE) {
$subject->setObjectAttribute(Namespaces::$dcterms . "isPartOf", $g);
$isPartOfFound = FALSE;
}
$this->ws->rset->addSubject($subject);
}
$subject = new Subject($s);
$currentSubject = $s;
}
// process URI
if ($valueBoundType == "uri" || $valueBoundType == "bnode") {
if ($p == Namespaces::$rdf . "type") {
$subject->setType($o);
} else {
$subject->setObjectAttribute($p, $o);
}
}
// Process Literal
if ($valueBoundType == "literal") {
$subject->setDataAttribute($p, $o);
}
}
// Add the last subject to the resultset.
if ($subject != null) {
if ($g != "" && $isPartOfFound === FALSE) {
$subject->setObjectAttribute(Namespaces::$dcterms . "isPartOf", $g);
$isPartOfFound = FALSE;
}
$this->ws->rset->addSubject($subject);
}
}
if (count($this->ws->rset->getResultset()) <= 0) {
$this->ws->conneg->setStatus(400);
$this->ws->conneg->setStatusMsg("Bad Request");
$this->ws->conneg->setStatusMsgExt($this->ws->errorMessenger->_301->name);
$this->ws->conneg->setError($this->ws->errorMessenger->_301->id, $this->ws->errorMessenger->ws, $this->ws->errorMessenger->_301->name, $this->ws->errorMessenger->_301->description, "", $this->ws->errorMessenger->_301->level);
}
}
}
}
/** Validate a query to this web service
If a user wants to create a new dataset on a given structWSF web service endpoint,
he has to have access to the "http://.../wsf/datasets/" graph with Create privileges. If
the users doesn't have these permissions, then he won't be able to create a new dataset
on the instance.
By default, only the administrators have such an access on a structWSF instance. However
a system administrator can choose to make the "http://.../wsf/datasets/" world creatable,
which would mean that anybody could create new datasets on the instance. Additionally
an administrator could setup these permissions for a single user too. This user could create
new datasets, but he won't be able to delete the ones from others, etc.
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// Only users that have "Create" access to the "http://.../wsf/datasets/" graph can create new dataset
// in the structWSF instance.
$ws_av = new AuthValidator($this->requester_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph . "datasets/", $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
if ($this->datasetUri == "") {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_200->name);
$this->conneg->setError($this->errorMessenger->_200->id, $this->errorMessenger->ws, $this->errorMessenger->_200->name, $this->errorMessenger->_200->description, "", $this->errorMessenger->_200->level);
return;
}
if (!$this->isValidIRI($this->datasetUri)) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_203->name);
$this->conneg->setError($this->errorMessenger->_203->id, $this->errorMessenger->ws, $this->errorMessenger->_203->name, $this->errorMessenger->_203->description, "", $this->errorMessenger->_203->level);
return;
}
if ($this->creator != "" && !$this->isValidIRI($this->creator)) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_204->name);
$this->conneg->setError($this->errorMessenger->_204->id, $this->errorMessenger->ws, $this->errorMessenger->_204->name, $this->errorMessenger->_204->description, "", $this->errorMessenger->_204->level);
return;
}
}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
// Validating the access of the dataset specified as input parameter if defined.
if ($this->dataset != "") {
$ws_av = new AuthValidator($this->registered_ip, $this->dataset, $this->uri);
$ws_av->pipeline_conneg("*/*", $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
$ws_av = new AuthValidator($this->requester_ip, $this->wsf_graph, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
}
// If the system send a query on the behalf of another user, we validate that other user as well
if ($this->registered_ip != $this->requester_ip) {
$ws_av = new AuthValidator($this->registered_ip, $this->wsf_graph, $this->uri);
$ws_av->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
}
}
}
/** Validate a query to this web service
@return TRUE if valid; FALSE otherwise
@note This function is not used by the authentication validator web service
@author Frederick Giasson, Structured Dynamics LLC.
*/
public function validateQuery()
{
if (array_search($this->lang, $this->supportedLanguages) === FALSE && $this->lang != "") {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_308->name);
$this->conneg->setError($this->errorMessenger->_308->id, $this->errorMessenger->ws, $this->errorMessenger->_308->name, $this->errorMessenger->_308->description, "", $this->errorMessenger->_308->level);
return;
}
/*
Check if dataset(s) URI(s) have been defined for this request. If not, then we query the
AuthLister web service endpoint to get the list of datasets accessible by this user to see
if the URI he wants to read is defined in one of these accessible dataset.
*/
if ($this->globalDataset === TRUE) {
$ws_al = new AuthLister("access_user", "", $this->registered_ip, $this->wsf_local_ip, "none");
$ws_al->pipeline_conneg($this->conneg->getAccept(), $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_al->process();
$xml = new ProcessorXML();
$xml->loadXML($ws_al->pipeline_getResultset());
$accesses = $xml->getSubjectsByType("wsf:Access");
$accessibleDatasets = array();
foreach ($accesses as $access) {
$predicates = $xml->getPredicatesByType($access, "wsf:datasetAccess");
$objects = $xml->getObjects($predicates->item(0));
$datasetUri = $xml->getURI($objects->item(0));
$predicates = $xml->getPredicatesByType($access, "wsf:read");
$objects = $xml->getObjects($predicates->item(0));
$read = $xml->getContent($objects->item(0));
if (strtolower($read) == "true") {
$this->dataset .= "{$datasetUri};";
array_push($accessibleDatasets, $datasetUri);
}
}
if (count($accessibleDatasets) <= 0) {
$this->conneg->setStatus(400);
$this->conneg->setStatusMsg("Bad Request");
$this->conneg->setStatusMsgExt($this->errorMessenger->_202->name);
$this->conneg->setError($this->errorMessenger->_202->id, $this->errorMessenger->ws, $this->errorMessenger->_202->name, $this->errorMessenger->_202->description, "", $this->errorMessenger->_202->level);
return;
}
unset($ws_al);
$this->dataset = rtrim($this->dataset, ";");
} else {
$datasets = explode(";", $this->dataset);
$datasets = array_unique($datasets);
// Validate for each requested records of each dataset
foreach ($datasets as $dataset) {
// Validation of the "requester_ip" to make sure the system that is sending the query as the rights.
$ws_av = new AuthValidator($this->requester_ip, $dataset, $this->uri);
$ws_av->pipeline_conneg("text/xml", $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
unset($ws_av);
// Validation of the "registered_ip" to make sure the user of this system has the rights
$ws_av = new AuthValidator($this->registered_ip, $dataset, $this->uri);
$ws_av->pipeline_conneg("text/xml", $this->conneg->getAcceptCharset(), $this->conneg->getAcceptEncoding(), $this->conneg->getAcceptLanguage());
$ws_av->process();
if ($ws_av->pipeline_getResponseHeaderStatus() != 200) {
$this->conneg->setStatus($ws_av->pipeline_getResponseHeaderStatus());
$this->conneg->setStatusMsg($ws_av->pipeline_getResponseHeaderStatusMsg());
$this->conneg->setStatusMsgExt($ws_av->pipeline_getResponseHeaderStatusMsgExt());
$this->conneg->setError($ws_av->pipeline_getError()->id, $ws_av->pipeline_getError()->webservice, $ws_av->pipeline_getError()->name, $ws_av->pipeline_getError()->description, $ws_av->pipeline_getError()->debugInfo, $ws_av->pipeline_getError()->level);
return;
}
}
}
}
