function view_se()
{
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
throw new Exception("An id must be specified");
}
$id = $_GET['id'];
//get user for case that portal is read only and user is admin, so they can still see edit links
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$serv = \Factory::getServiceService();
$params['authenticated'] = false;
if ($user != null) {
$params['authenticated'] = true;
}
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
$se = $serv->getService($id);
// Does current viewer have edit permissions over object ?
$params['ShowEdit'] = false;
if ($user != null && count($serv->authorizeAction(\Action::EDIT_OBJECT, $se, $user)) >= 1) {
$params['ShowEdit'] = true;
}
$title = $se->getHostName() . " - " . $se->getServiceType()->getName();
$params['se'] = $se;
$params['sGroups'] = $se->getServiceGroups();
$params['Scopes'] = $serv->getScopesWithParentScopeInfo($se);
// Show upcoming downtimes and downtimes that started within the last thirty days
$downtimes = $serv->getDowntimes($id, 31);
$params['Downtimes'] = $downtimes;
show_view("service/view_service.php", $params, $title);
}
function view_ngi()
{
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
throw new Exception("An id must be specified");
}
$ngiId = $_GET['id'];
//get user for case that portal is read only and user is admin, so they can still see edit links
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
$params['UserIsAdmin'] = false;
if (!is_null($user)) {
$params['UserIsAdmin'] = $user->isAdmin();
}
$params['authenticated'] = false;
if ($user != null) {
$params['authenticated'] = true;
}
$ngiServ = \Factory::getNgiService();
$siteServ = \Factory::getSiteService();
$ngi = $ngiServ->getNgi($ngiId);
// Does current viewer have edit permissions over NGI ?
$params['ShowEdit'] = false;
if (count($ngiServ->authorizeAction(\Action::EDIT_OBJECT, $ngi, $user)) >= 1) {
$params['ShowEdit'] = true;
}
// Add ngi to params
$params['ngi'] = $ngi;
// Add all roles over ngi to params
$allRoles = $ngi->getRoles();
$roles = array();
foreach ($allRoles as $role) {
if ($role->getStatus() == \RoleStatus::GRANTED) {
$roles[] = $role;
}
}
$params['roles'] = $roles;
// Add ngi's project to params
$projects = $ngi->getProjects();
$params['Projects'] = $projects;
// Add sites and scopes to params
$params['SitesAndScopes'] = array();
foreach ($ngi->getSites() as $site) {
$params['SitesAndScopes'][] = array('Site' => $site, 'Scopes' => $siteServ->getScopesWithParentScopeInfo($site));
}
// Add RoleActionRecords to params
$params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($ngi->getId(), 'ngi');
show_view('ngi/view_ngi.php', $params, $ngi->getName());
die;
}
function show_all()
{
//Check the user has permission to see the page, will throw exception
//if correct permissions are lacking
checkUserIsAdmin();
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$serviceTypes = \Factory::getServiceTypeService()->getServiceTypes();
$params['ServiceTypes'] = $serviceTypes;
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
show_view('admin/view_service_types.php', $params, 'Service Types');
}
function getSitesServices()
{
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
if (!isset($_REQUEST['site_id']) || !is_numeric($_REQUEST['site_id'])) {
throw new Exception("A site_id must be specified");
}
$site = \Factory::getSiteService()->getSite($_REQUEST['site_id']);
$services = $site->getServices();
$params['services'] = $services;
show_view("downtime/view_services.php", $params, null, true);
}
function view()
{
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
throw new Exception("An id must be specified");
}
$downtime = \Factory::getDowntimeService()->getDowntime($_REQUEST['id']);
if ($downtime == null) {
throw new Exception('No downtime with id [' . $_REQUEST['id'] . ']');
}
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
$params['downtime'] = $downtime;
$title = $downtime->getDescription();
show_view("downtime/view_downtime.php", $params, $title);
}
function view_service_type()
{
//Check the user has permission to see the page, will throw exception
//if correct permissions are lacking
checkUserIsAdmin();
if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
throw new Exception("An id must be specified");
}
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$serv = \Factory::getServiceTypeService();
$serviceType = $serv->getServiceType($_REQUEST['id']);
$params['Name'] = $serviceType->getName();
$params['Description'] = $serviceType->getDescription();
$params['ID'] = $serviceType->getId();
$params['Services'] = $serv->getServices($params['ID']);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
show_view("admin/view_service_type.php", $params, $params['Name']);
}
function show_users()
{
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
//Check the user has permission to see the page, will throw exception
//if correct permissions are lacking
checkUserIsAdmin();
//If specified, set parameters
$surname = null;
if (!empty($_REQUEST['Surname'])) {
$surname = $_REQUEST['Surname'];
}
$params["Surname"] = $surname;
$forename = null;
if (!empty($_REQUEST['Forename'])) {
$forename = $_REQUEST['Forename'];
}
$params["Forename"] = $forename;
$dn = null;
if (!empty($_REQUEST['DN'])) {
$dn = $_REQUEST['DN'];
}
$params["DN"] = $dn;
//Note that the true/false specified must be converted into boolean true/false.
$isAdmin = null;
if (!empty($_REQUEST['IsAdmin'])) {
if ($_REQUEST['IsAdmin'] == "true") {
$isAdmin = true;
} elseif ($_REQUEST['IsAdmin'] == "false") {
$isAdmin = false;
}
}
$params["IsAdmin"] = $isAdmin;
$currentUserDN = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($currentUserDN);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
//get users
$params["Users"] = \Factory::getUserService()->getUsers($surname, $forename, $dn, $isAdmin);
show_view("admin/users.php", $params, "Users");
}
function view()
{
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
$timePeriod = 1;
if (isset($_REQUEST['timePeriod'])) {
$timePeriod = $_REQUEST['timePeriod'];
}
$days = 7 * $timePeriod;
$windowStart = date("Y-m-d");
$windowEnd = date_add(date_create(date("Y-m-d")), date_interval_create_from_date_string($days . ' days'));
$downtimesA = \Factory::getDowntimeService()->getActiveDowntimes();
$downtimesI = \Factory::getDowntimeService()->getImminentDowntimes($windowStart, $windowEnd);
$params['timePeriod'] = $timePeriod;
$params['downtimesActive'] = $downtimesA;
$params['downtimesImmenent'] = $downtimesI;
show_view("downtime/downtimes_overview.php", $params);
}
function showServiceGroup()
{
require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
require_once __DIR__ . '/../utils.php';
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
throw new Exception("An id must be specified");
}
$sGroupId = $_GET['id'];
$sGroup = \Factory::getServiceGroupService()->getServiceGroup($sGroupId);
$params['sGroup'] = $sGroup;
// get downtimes that affect services under this service group
// 31 = the number of days worth of historical downtimes to show
$downtimes = \Factory::getServiceGroupService()->getDowntimes($sGroupId, 31);
$params['downtimes'] = $downtimes;
//get user for case that portal is read only and user is admin, so they can still see edit links
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
$params['authenticated'] = false;
if ($user != null) {
$params['authenticated'] = true;
}
$allRoles = $sGroup->getRoles();
$roles = array();
foreach ($allRoles as $role) {
if ($role->getStatus() == \RoleStatus::GRANTED) {
$roles[] = $role;
}
}
$params['Roles'] = $roles;
// Does current viewer have edit permissions over object ?
$params['ShowEdit'] = false;
if (count(\Factory::getServiceGroupService()->authorizeAction(\Action::EDIT_OBJECT, $sGroup, $user)) >= 1) {
$params['ShowEdit'] = true;
}
// Add RoleActionRecords to params
$params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($sGroup->getId(), 'servicegroup');
$title = $sGroup->getName();
show_view("service_group/view_sgroup.php", $params, $title);
}
function show_project()
{
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__ . '/../utils.php';
require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
throw new Exception("An id must be specified");
}
$projId = $_GET['id'];
$serv = \Factory::getProjectService();
$project = $serv->getProject($projId);
$allRoles = $project->getRoles();
$roles = array();
foreach ($allRoles as $role) {
if ($role->getStatus() == \RoleStatus::GRANTED && $role->getRoleType()->getName() != \RoleTypeName::CIC_STAFF) {
$roles[] = $role;
}
}
//get user for case that portal is read only and user is admin, so they can still see edit links
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
$params['ShowEdit'] = false;
if (count($serv->authorizeAction(\Action::EDIT_OBJECT, $project, $user)) >= 1) {
$params['ShowEdit'] = true;
}
$params['authenticated'] = false;
if ($user != null) {
$params['authenticated'] = true;
}
// Add RoleActionRecords to params
$params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($project->getId(), 'project');
$params['Name'] = $project->getName();
$params['Description'] = $project->getDescription();
$params['ID'] = $project->getId();
$params['NGIs'] = $project->getNgis();
$params['Sites'] = $serv->getSites($project);
$params['Roles'] = $roles;
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
show_view('project/view_project.php', $params, $params['Name']);
}
function view_requests()
{
require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
require_once __DIR__ . '/../../components/Get_User_Principle.php';
require_once __DIR__ . '/../utils.php';
$dn = Get_User_Principle();
$user = \Factory::getUserService()->getUserByPrinciple($dn);
if ($user == null) {
throw new Exception("Unregistered users can't view/request roles");
}
// Entites is a two-dimensional array that lists both the id and name of
// OwnedEntities that a user can reqeust a role over (Projects, NGIs, Sites,
// ServiceGroups). If an inner dimesional array does not contain an Object_ID
// array key, then it is used as a section title in a pull-down list.
$entities = array();
$entities[] = array('Name' => 'Projects');
$allProjects = \Factory::getProjectService()->getProjects();
foreach ($allProjects as $proj) {
$entities[] = array('Object_ID' => $proj->getId(), 'Name' => $proj->getName());
}
$entities[] = array('Name' => 'NGIs');
$allNGIs = \Factory::getNgiService()->getNGIs();
foreach ($allNGIs as $ngi) {
$entities[] = array('Object_ID' => $ngi->getId(), 'Name' => $ngi->getName());
}
$entities[] = array('Name' => 'Sites');
$allSites = \Factory::getSiteService()->getSitesBy();
foreach ($allSites as $site) {
$entities[] = array('Object_ID' => $site->getId(), 'Name' => $site->getShortName());
}
$entities[] = array('Name' => 'ServiceGroups');
$allSGs = \Factory::getServiceGroupService()->getServiceGroups();
foreach ($allSGs as $sg) {
$entities[] = array('Object_ID' => $sg->getId(), 'Name' => $sg->getName());
}
// Current user's own pending roles
$myPendingRoleRequests = \Factory::getRoleService()->getUserRoles($user, \RoleStatus::PENDING);
// foreach role, lookup corresponding RoleActionRecord (if any) and populate
// the role.decoratorObject with the roleActionRecord for subsequent display
// foreach($myPendingRoleRequests as $role){
// $rar = \Factory::getRoleService()->getRoleActionRecordByRoleId($role->getId());
// $role->setDecoratorObject($rar);
// }
// Other roles current user can approve
$otherRolesUserCanApprove = \Factory::getRoleService()->getPendingRolesUserCanApprove($user);
// can the calling user grant or reject each role?
foreach ($otherRolesUserCanApprove as $r) {
$grantRejectRoleNamesArray = array();
$grantRejectRoleNamesArray['grant'] = '';
$grantRejectRoleNamesArray['deny'] = '';
// get list of roles that allows user to to grant the role request
$grantRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::GRANT_ROLE, $r->getOwnedEntity(), $user);
if (count($grantRoleAuthorisingRoleNames) >= 1) {
$allAuthorisingRoleNames = '';
foreach ($grantRoleAuthorisingRoleNames as $arName) {
$allAuthorisingRoleNames .= $arName . ', ';
}
$allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
$grantRejectRoleNamesArray['grant'] = '[' . $allAuthorisingRoleNames . ']';
}
// get list of roles that allows user to reject the role request
$denyRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::REJECT_ROLE, $r->getOwnedEntity(), $user);
if (count($denyRoleAuthorisingRoleNames) >= 1) {
$allAuthorisingRoleNames = '';
foreach ($denyRoleAuthorisingRoleNames as $arName) {
$allAuthorisingRoleNames .= $arName . ', ';
}
$allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
$grantRejectRoleNamesArray['deny'] = '[' . $allAuthorisingRoleNames . ']';
}
// store array of role names in decorator object
$r->setDecoratorObject($grantRejectRoleNamesArray);
}
$params = array();
$params['entities'] = $entities;
$params['myRequests'] = $myPendingRoleRequests;
$params['allRequests'] = $otherRolesUserCanApprove;
$params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
show_view("political_role/view_requests.php", $params, "Role Requests");
die;
}
/**
* Checks with the config service if the portal is in read only mode and if
* it is throws an exception (except when the user is a GOCDB admin)
*
* @throws \Exception
*/
function checkPortalIsNotReadOnlyOrUserIsAdmin(\User $user = null)
{
if (portalIsReadOnlyAndUserIsNotAdmin($user)) {
throw new \Exception("The portal is currently in read only mode, changes can not be made.");
}
}
