function view_se() { require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { throw new Exception("An id must be specified"); } $id = $_GET['id']; //get user for case that portal is read only and user is admin, so they can still see edit links $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $serv = \Factory::getServiceService(); $params['authenticated'] = false; if ($user != null) { $params['authenticated'] = true; } $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $se = $serv->getService($id); // Does current viewer have edit permissions over object ? $params['ShowEdit'] = false; if ($user != null && count($serv->authorizeAction(\Action::EDIT_OBJECT, $se, $user)) >= 1) { $params['ShowEdit'] = true; } $title = $se->getHostName() . " - " . $se->getServiceType()->getName(); $params['se'] = $se; $params['sGroups'] = $se->getServiceGroups(); $params['Scopes'] = $serv->getScopesWithParentScopeInfo($se); // Show upcoming downtimes and downtimes that started within the last thirty days $downtimes = $serv->getDowntimes($id, 31); $params['Downtimes'] = $downtimes; show_view("service/view_service.php", $params, $title); }
function view_ngi() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { throw new Exception("An id must be specified"); } $ngiId = $_GET['id']; //get user for case that portal is read only and user is admin, so they can still see edit links $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $params['UserIsAdmin'] = false; if (!is_null($user)) { $params['UserIsAdmin'] = $user->isAdmin(); } $params['authenticated'] = false; if ($user != null) { $params['authenticated'] = true; } $ngiServ = \Factory::getNgiService(); $siteServ = \Factory::getSiteService(); $ngi = $ngiServ->getNgi($ngiId); // Does current viewer have edit permissions over NGI ? $params['ShowEdit'] = false; if (count($ngiServ->authorizeAction(\Action::EDIT_OBJECT, $ngi, $user)) >= 1) { $params['ShowEdit'] = true; } // Add ngi to params $params['ngi'] = $ngi; // Add all roles over ngi to params $allRoles = $ngi->getRoles(); $roles = array(); foreach ($allRoles as $role) { if ($role->getStatus() == \RoleStatus::GRANTED) { $roles[] = $role; } } $params['roles'] = $roles; // Add ngi's project to params $projects = $ngi->getProjects(); $params['Projects'] = $projects; // Add sites and scopes to params $params['SitesAndScopes'] = array(); foreach ($ngi->getSites() as $site) { $params['SitesAndScopes'][] = array('Site' => $site, 'Scopes' => $siteServ->getScopesWithParentScopeInfo($site)); } // Add RoleActionRecords to params $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($ngi->getId(), 'ngi'); show_view('ngi/view_ngi.php', $params, $ngi->getName()); die; }
function show_all() { //Check the user has permission to see the page, will throw exception //if correct permissions are lacking checkUserIsAdmin(); $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $serviceTypes = \Factory::getServiceTypeService()->getServiceTypes(); $params['ServiceTypes'] = $serviceTypes; $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); show_view('admin/view_service_types.php', $params, 'Service Types'); }
function getSitesServices() { require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); if (!isset($_REQUEST['site_id']) || !is_numeric($_REQUEST['site_id'])) { throw new Exception("A site_id must be specified"); } $site = \Factory::getSiteService()->getSite($_REQUEST['site_id']); $services = $site->getServices(); $params['services'] = $services; show_view("downtime/view_services.php", $params, null, true); }
function view() { require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) { throw new Exception("An id must be specified"); } $downtime = \Factory::getDowntimeService()->getDowntime($_REQUEST['id']); if ($downtime == null) { throw new Exception('No downtime with id [' . $_REQUEST['id'] . ']'); } $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $params['downtime'] = $downtime; $title = $downtime->getDescription(); show_view("downtime/view_downtime.php", $params, $title); }
function view_service_type() { //Check the user has permission to see the page, will throw exception //if correct permissions are lacking checkUserIsAdmin(); if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) { throw new Exception("An id must be specified"); } $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $serv = \Factory::getServiceTypeService(); $serviceType = $serv->getServiceType($_REQUEST['id']); $params['Name'] = $serviceType->getName(); $params['Description'] = $serviceType->getDescription(); $params['ID'] = $serviceType->getId(); $params['Services'] = $serv->getServices($params['ID']); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); show_view("admin/view_service_type.php", $params, $params['Name']); }
function show_users() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; //Check the user has permission to see the page, will throw exception //if correct permissions are lacking checkUserIsAdmin(); //If specified, set parameters $surname = null; if (!empty($_REQUEST['Surname'])) { $surname = $_REQUEST['Surname']; } $params["Surname"] = $surname; $forename = null; if (!empty($_REQUEST['Forename'])) { $forename = $_REQUEST['Forename']; } $params["Forename"] = $forename; $dn = null; if (!empty($_REQUEST['DN'])) { $dn = $_REQUEST['DN']; } $params["DN"] = $dn; //Note that the true/false specified must be converted into boolean true/false. $isAdmin = null; if (!empty($_REQUEST['IsAdmin'])) { if ($_REQUEST['IsAdmin'] == "true") { $isAdmin = true; } elseif ($_REQUEST['IsAdmin'] == "false") { $isAdmin = false; } } $params["IsAdmin"] = $isAdmin; $currentUserDN = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($currentUserDN); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); //get users $params["Users"] = \Factory::getUserService()->getUsers($surname, $forename, $dn, $isAdmin); show_view("admin/users.php", $params, "Users"); }
function view() { require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $timePeriod = 1; if (isset($_REQUEST['timePeriod'])) { $timePeriod = $_REQUEST['timePeriod']; } $days = 7 * $timePeriod; $windowStart = date("Y-m-d"); $windowEnd = date_add(date_create(date("Y-m-d")), date_interval_create_from_date_string($days . ' days')); $downtimesA = \Factory::getDowntimeService()->getActiveDowntimes(); $downtimesI = \Factory::getDowntimeService()->getImminentDowntimes($windowStart, $windowEnd); $params['timePeriod'] = $timePeriod; $params['downtimesActive'] = $downtimesA; $params['downtimesImmenent'] = $downtimesI; show_view("downtime/downtimes_overview.php", $params); }
function showServiceGroup() { require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; require_once __DIR__ . '/../utils.php'; if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { throw new Exception("An id must be specified"); } $sGroupId = $_GET['id']; $sGroup = \Factory::getServiceGroupService()->getServiceGroup($sGroupId); $params['sGroup'] = $sGroup; // get downtimes that affect services under this service group // 31 = the number of days worth of historical downtimes to show $downtimes = \Factory::getServiceGroupService()->getDowntimes($sGroupId, 31); $params['downtimes'] = $downtimes; //get user for case that portal is read only and user is admin, so they can still see edit links $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $params['authenticated'] = false; if ($user != null) { $params['authenticated'] = true; } $allRoles = $sGroup->getRoles(); $roles = array(); foreach ($allRoles as $role) { if ($role->getStatus() == \RoleStatus::GRANTED) { $roles[] = $role; } } $params['Roles'] = $roles; // Does current viewer have edit permissions over object ? $params['ShowEdit'] = false; if (count(\Factory::getServiceGroupService()->authorizeAction(\Action::EDIT_OBJECT, $sGroup, $user)) >= 1) { $params['ShowEdit'] = true; } // Add RoleActionRecords to params $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($sGroup->getId(), 'servicegroup'); $title = $sGroup->getName(); show_view("service_group/view_sgroup.php", $params, $title); }
function show_project() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php'; if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { throw new Exception("An id must be specified"); } $projId = $_GET['id']; $serv = \Factory::getProjectService(); $project = $serv->getProject($projId); $allRoles = $project->getRoles(); $roles = array(); foreach ($allRoles as $role) { if ($role->getStatus() == \RoleStatus::GRANTED && $role->getRoleType()->getName() != \RoleTypeName::CIC_STAFF) { $roles[] = $role; } } //get user for case that portal is read only and user is admin, so they can still see edit links $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['ShowEdit'] = false; if (count($serv->authorizeAction(\Action::EDIT_OBJECT, $project, $user)) >= 1) { $params['ShowEdit'] = true; } $params['authenticated'] = false; if ($user != null) { $params['authenticated'] = true; } // Add RoleActionRecords to params $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($project->getId(), 'project'); $params['Name'] = $project->getName(); $params['Description'] = $project->getDescription(); $params['ID'] = $project->getId(); $params['NGIs'] = $project->getNgis(); $params['Sites'] = $serv->getSites($project); $params['Roles'] = $roles; $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); show_view('project/view_project.php', $params, $params['Name']); }
function view_requests() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../../components/Get_User_Principle.php'; require_once __DIR__ . '/../utils.php'; $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); if ($user == null) { throw new Exception("Unregistered users can't view/request roles"); } // Entites is a two-dimensional array that lists both the id and name of // OwnedEntities that a user can reqeust a role over (Projects, NGIs, Sites, // ServiceGroups). If an inner dimesional array does not contain an Object_ID // array key, then it is used as a section title in a pull-down list. $entities = array(); $entities[] = array('Name' => 'Projects'); $allProjects = \Factory::getProjectService()->getProjects(); foreach ($allProjects as $proj) { $entities[] = array('Object_ID' => $proj->getId(), 'Name' => $proj->getName()); } $entities[] = array('Name' => 'NGIs'); $allNGIs = \Factory::getNgiService()->getNGIs(); foreach ($allNGIs as $ngi) { $entities[] = array('Object_ID' => $ngi->getId(), 'Name' => $ngi->getName()); } $entities[] = array('Name' => 'Sites'); $allSites = \Factory::getSiteService()->getSitesBy(); foreach ($allSites as $site) { $entities[] = array('Object_ID' => $site->getId(), 'Name' => $site->getShortName()); } $entities[] = array('Name' => 'ServiceGroups'); $allSGs = \Factory::getServiceGroupService()->getServiceGroups(); foreach ($allSGs as $sg) { $entities[] = array('Object_ID' => $sg->getId(), 'Name' => $sg->getName()); } // Current user's own pending roles $myPendingRoleRequests = \Factory::getRoleService()->getUserRoles($user, \RoleStatus::PENDING); // foreach role, lookup corresponding RoleActionRecord (if any) and populate // the role.decoratorObject with the roleActionRecord for subsequent display // foreach($myPendingRoleRequests as $role){ // $rar = \Factory::getRoleService()->getRoleActionRecordByRoleId($role->getId()); // $role->setDecoratorObject($rar); // } // Other roles current user can approve $otherRolesUserCanApprove = \Factory::getRoleService()->getPendingRolesUserCanApprove($user); // can the calling user grant or reject each role? foreach ($otherRolesUserCanApprove as $r) { $grantRejectRoleNamesArray = array(); $grantRejectRoleNamesArray['grant'] = ''; $grantRejectRoleNamesArray['deny'] = ''; // get list of roles that allows user to to grant the role request $grantRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::GRANT_ROLE, $r->getOwnedEntity(), $user); if (count($grantRoleAuthorisingRoleNames) >= 1) { $allAuthorisingRoleNames = ''; foreach ($grantRoleAuthorisingRoleNames as $arName) { $allAuthorisingRoleNames .= $arName . ', '; } $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2); $grantRejectRoleNamesArray['grant'] = '[' . $allAuthorisingRoleNames . ']'; } // get list of roles that allows user to reject the role request $denyRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::REJECT_ROLE, $r->getOwnedEntity(), $user); if (count($denyRoleAuthorisingRoleNames) >= 1) { $allAuthorisingRoleNames = ''; foreach ($denyRoleAuthorisingRoleNames as $arName) { $allAuthorisingRoleNames .= $arName . ', '; } $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2); $grantRejectRoleNamesArray['deny'] = '[' . $allAuthorisingRoleNames . ']'; } // store array of role names in decorator object $r->setDecoratorObject($grantRejectRoleNamesArray); } $params = array(); $params['entities'] = $entities; $params['myRequests'] = $myPendingRoleRequests; $params['allRequests'] = $otherRolesUserCanApprove; $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); show_view("political_role/view_requests.php", $params, "Role Requests"); die; }
/** * Checks with the config service if the portal is in read only mode and if * it is throws an exception (except when the user is a GOCDB admin) * * @throws \Exception */ function checkPortalIsNotReadOnlyOrUserIsAdmin(\User $user = null) { if (portalIsReadOnlyAndUserIsNotAdmin($user)) { throw new \Exception("The portal is currently in read only mode, changes can not be made."); } }