/** * Postdelete hook for transactional activity logging. * * @param Doctrine_Event $event */ public function postDelete($event) { AIR2Logger::log($this, 'delete'); parent::postDelete($event); }
/** * Run a merge using the AIR2Merge library. * * @param array $response_data */ protected function run($response_data = array()) { // turn off logging during the merge $was_logging_enabled = AIR2Logger::$ENABLE_LOGGING; AIR2Logger::$ENABLE_LOGGING = false; // run the merge and reset logging $type = $this->my_type; $errs = AIR2Merge::merge($this->prime, $this->merge, $this->ops, $this->commit_on_success); $result = AIR2Merge::get_result(); AIR2Logger::$ENABLE_LOGGING = $was_logging_enabled; // what happened? $status = 200; if ($errs === true) { $response_data['success'] = true; $response_data['message'] = "Successfully merged {$type}s"; // attach the "merged" object to data $response_data['ResultSource'] = $result['result']; air2_clean_radix($response_data['ResultSource'], $this->radix_whitelist); // attach ops used $response_data['op_prime'] = $result['prime']; $response_data['op_merge'] = $result['merge']; // log the merge if ($this->commit_on_success) { $this->log_activity($result, $response_data); } } elseif (is_string($errs)) { $response_data['success'] = false; $response_data['message'] = $errs; $status = 500; } else { $response_data['success'] = false; $response_data['message'] = "Unable to merge {$type}s"; $response_data['errors'] = $errs; $status = 400; // attach ops used $response_data['op_prime'] = $result['prime']; $response_data['op_merge'] = $result['merge']; } // attach fact data $rs = AIR2_DBManager::get_connection()->fetchAll('select * from fact'); $response_data['facts'] = array(); foreach ($rs as $row) { $response_data['facts'][$row['fact_id']] = $row; } // respond with data $this->response($response_data, $status); }
/** * initialize security for this controller * * This function determines what (if any) security the user has and * encapsulates it in the $AIR2User class variable. Will return a * login page and exit if the user cannot be authenticated. * * @access private * @return void */ private function _init_security() { // check if the credentials were good if (!$this->airuser->has_valid_tkt() || !$this->airuser->get_user()) { // user not authenticated $this_uri = current_url() . '?' . $this->input->server('QUERY_STRING'); //Carper::carp("Permission denied for $this_uri"); $uri = $this->uri_for('login', array('back' => $this_uri)); //echo "Location: $uri\n"; redirect($uri); exit(0); } // ok credentials. does the user have min authz? $air2_user = $this->airuser->get_user(); // skip authz check if SYSTEM or TEST user // TODO the TEST type really ought to be tested here as well // but that will require audit of existing unit tests. if ($air2_user['user_type'] != 'S' && $air2_user['user_type'] != 'T') { $cum_authz = 0; foreach ($air2_user->get_authz() as $org_id => $bitmask) { $cum_authz += $bitmask; } if ($cum_authz == 0) { Carper::carp("authn ok for " . $air2_user->user_username . " type=" . $air2_user['user_type'] . " but no authz"); show_error('Insufficient authz', 403); } } //set global remote user ID and TYPE (for upd/cre user stamps) define('AIR2_REMOTE_USER_ID', $this->airuser->get_id()); define('AIR2_REMOTE_USER_TYPE', $air2_user['user_type']); // enable activity logging // TODO: where else can this go? Would it be better to default to true? AIR2Logger::$ENABLE_LOGGING = true; // authn ok return true; }