public function updateCache() { // update the liaison Logger::debug('main', 'UsersGroup_dynamic_cached::updateCache for ID=' . $this->getUniqueID()); $logins = parent::usersLogin(); $liaisons = Abstract_Liaison::load('UsersGroupCached', NULL, $this->getUniqueID()); foreach ($liaisons as $a_liaison) { if (!in_array($a_liaison->element, $logins)) { Abstract_Liaison::delete('UsersGroupCached', $a_liaison->element, $a_liaison->group); } } foreach ($logins as $a_login) { if (!isset($liaisons[$a_login])) { Abstract_Liaison::save('UsersGroupCached', $a_login, $this->getUniqueID()); } } }
function do_auto_clean_db($new_prefs) { $prefs = Preferences::getInstance(); $old_profile = getProfileMode($prefs); $new_profile = getProfileMode($new_prefs); $old_u = $prefs->get('UserDB', 'enable'); $new_u = $new_prefs->get('UserDB', 'enable'); $old_ugrp = $prefs->get('UserGroupDB', 'enable'); $new_ugrp = $new_prefs->get('UserGroupDB', 'enable'); $has_changed_u = False; $has_changed_ug = False; $userGroupDB = UserGroupDB::getInstance(); if ($old_profile == $new_profile) { $p = new $new_profile(); list($has_changed_u, $has_changed_ug) = $p->has_change($prefs, $new_prefs); } // If UserDB module change if (($old_u != $new_u || $has_changed_u) && $userGroupDB->isWriteable()) { // Remove Users from user groups Abstract_Liaison::delete('UsersGroup', NULL, NULL) or popup_error('Unable to remove Users from UserGroups'); // check if profile must become orphan $mods_enable = $prefs->get('general', 'module_enable'); $new_mods_enable = $new_prefs->get('general', 'module_enable'); if (in_array('ProfileDB', $mods_enable) || in_array('ProfileDB', $new_mods_enable)) { Abstract_Liaison::delete('UserProfile', NULL, NULL); } } // If UserGroupDB module change if ($old_ugrp != $new_ugrp || $has_changed_ug) { // Remove Publications Abstract_Liaison::delete('UsersGroupApplicationsGroup', NULL, NULL) or popup_error('Unable to remove Publications'); // Unset default usersgroup $new_prefs->set('general', 'user_default_group', NULL); // check if sharedfolder must become orphan $mods_enable = $prefs->get('general', 'module_enable'); $new_mods_enable = $new_prefs->get('general', 'module_enable'); if (in_array('SharedFolderDB', $mods_enable) || in_array('SharedFolderDB', $new_mods_enable)) { Abstract_Liaison::delete('UserGroupSharedFolder', NULL, NULL); } } }
public function remove($usergroup_) { Logger::debug('main', 'UserGroupDBDynamic::internal::remove'); // first we delete liaisons $sql2 = SQL::getInstance(); $liaisons = Abstract_Liaison::load('UsersGroupApplicationsGroup', $usergroup_->id, NULL); foreach ($liaisons as $liaison) { Abstract_Liaison::delete('UsersGroupApplicationsGroup', $liaison->element, $liaison->group); } foreach ($liaisons as $liaison) { Abstract_Liaison::delete('UsersGroup', NULL, $usergroup_->getUniqueID()); } // second we delete the group $res = $sql2->DoQuery('DELETE FROM #1 WHERE @2 = %3', self::table, 'id', $usergroup_->id); if ($res === false) { Logger::error('main', 'UserGroupDBDynamic::internal::remove Failed to remove group from SQL DB'); return false; } // third we delete the rules $rules = UserGroup_Rules::getByUserGroupId($usergroup_->getUniqueID()); foreach ($rules as $a_rule) { if (Abstract_UserGroup_Rule::delete($a_rule->id) === false) { Logger::error('main', 'UserGroupDBDynamic::internal::remove Failed to remove rule from SQL DB'); return false; } } return true; }
public function delUserGroupToSharedFolder($usergroup_, $sharedfolder_) { if (!is_object($usergroup_)) { Logger::error('main', "SharedFolderDB::internal::delUserGroupToSharedFolder, parameter 'usergroup' is not correct, usergroup: " . serialize($usergroup_)); return false; } if (!is_object($sharedfolder_)) { Logger::error('main', "SharedFolderDB::internal::delUserGroupToSharedFolder, parameter 'sharedfolder' is not correct, networkfolder_: " . serialize($sharedfolder_)); return false; } return Abstract_Liaison::delete('UserGroupSharedFolder', $usergroup_->getUniqueID(), $sharedfolder_->id); }
public function remove($user_) { Logger::debug('main', 'UserDB::sql::remove'); if (is_object($user_) && $user_->hasAttribute('login')) { $SQL = SQL::getInstance(); // first we delete all liaisons $liaisons = Abstract_Liaison::load('UsersGroup', $user_->getAttribute('login'), NULL); foreach ($liaisons as $liaison) { Abstract_Liaison::delete('UsersGroup', $liaison->element, $liaison->group); } // second we delete the user return $SQL->DoQuery('DELETE FROM @1 WHERE @2 = %3', $this->table, 'login', $user_->getAttribute('login')); } else { Logger::debug('main', 'UserDB::sql::remove failed (user not ok)'); return false; } }
public function delete($group_) { Logger::debug('main', "Abstract_ServersGroup::delete({$group_})"); if (!is_object($group_)) { Logger::error('main', "Abstract_ServersGroup::delete({$group_}) the parameter is not a object"); return false; } if (array_key_exists($group_->id, self::$cache)) { unset(self::$cache[$group_->id]); } // first we delete liaison Abstract_Liaison::delete('UsersGroupServersGroup', NULL, $group_->id); Abstract_Liaison::delete('ServersGroup', NULL, $group_->id); // second we delete the group $SQL = SQL::getInstance(); $res = $SQL->DoQuery('DELETE FROM #1 WHERE @2 = %3', self::table, 'id', $group_->id); return $res !== false; }
public function update($a) { if (array_key_exists($a->getAttribute('id'), $this->cache)) { unset($this->cache[$a->getAttribute('id')]); } if ($this->isOK($a)) { $query = 'UPDATE#1 SET '; $attributes = $a->getAttributesList(); foreach ($attributes as $key) { $query .= '`' . $key . '` = \'' . mysql_escape_string($a->getAttribute($key)) . '\' , '; } $query = substr($query, 0, -2); // del the last , $query .= ' WHERE `id` =\'' . $a->getAttribute('id') . '\''; $sql2 = SQL::getInstance(); $res = $sql2->DoQuery($query, self::table); if ($res === false) { return false; } Abstract_Liaison::delete('ApplicationMimeType', $a->getAttribute('id'), NULL); foreach ($a->getMimeTypes() as $mimetype) { if (!is_object(Abstract_Liaison::load('ApplicationMimeType', $a->getAttribute('id'), $mimetype))) { $ret = Abstract_Liaison::save('ApplicationMimeType', $a->getAttribute('id'), $mimetype); if ($ret === false) { return $ret; } } } return true; } return false; }
public static function removeRole($fqdn_, $role_) { Logger::debug('main', "Starting Abstract_Server::removeRole for '{$fqdn_}' removing '{$role_}'"); if (substr($fqdn_, -1) == '.') { $fqdn_ = substr($fqdn_, 0, strlen($fqdn_) - 1); } $a_server = Abstract_Server::load($fqdn_); if (is_object($a_server) == false) { Logger::error('main', "Starting Abstract_Server::removeRole error failed to load server '{$fqdn_}'"); return false; } $roles = $a_server->getAttribute('roles'); if (is_array($roles) == false) { return false; } if (in_array($role_, $roles) == false) { return false; } switch ($role_) { case Server::SERVER_ROLE_APS: $prefs = Preferences::getInstance(); if (!$prefs) { die_error('get Preferences failed', __FILE__, __LINE__); } $slave_server_settings = $prefs->get('general', 'slave_server_settings'); $remove_orphan = (bool) $slave_server_settings['remove_orphan']; Abstract_Liaison::delete('ApplicationServer', NULL, $fqdn_); if ($remove_orphan) { $apps = $a_server->getApplications(); $applicationDB = ApplicationDB::getInstance(); // remove the orphan applications if (is_array($apps)) { foreach ($apps as $an_application) { if ($an_application->isOrphan()) { Logger::debug('main', "Abstract_Server::delete {$an_application} is orphan"); $applicationDB->remove($an_application); } } } } $tm = new Tasks_Manager(); $tm->load_from_server($fqdn_); foreach ($tm->tasks as $a_task) { $tm->remove($a_task->id); } break; case Server::SERVER_ROLE_FS: if (Preferences::moduleIsEnabled('ProfileDB')) { $profiledb = ProfileDB::getInstance(); $folders = $profiledb->importFromServer($fqdn_); foreach ($folders as $a_folder) { $profiledb->remove($a_folder->id); } } if (Preferences::moduleIsEnabled('SharedFolderDB')) { $sharedfolderdb = SharedFolderDB::getInstance(); $folders = $sharedfolderdb->importFromServer($fqdn_); foreach ($folders as $a_folder) { $profiledb->remove($a_folder->id); } } break; // case Server::SERVER_ROLE_GATEWAY: // break; } return true; }
public function remove($usergroup_) { Logger::debug('main', "USERGROUPDB::remove({$usergroup_})"); if (array_key_exists($usergroup_->id, $this->cache)) { unset($this->cache[$usergroup_->id]); } // first we delete liaisons $sql2 = SQL::getInstance(); Abstract_Liaison::delete('UsersGroupApplicationsGroup', $usergroup_->getUniqueID(), NULL); Abstract_Liaison::delete('UsersGroup', NULL, $usergroup_->getUniqueID()); // second we delete sharedfolder acls for the group if (Preferences::moduleIsEnabled('SharedFolderDB')) { $sharedfolderdb = SharedFolderDB::getInstance(); $networkfolders = $sharedfolderdb->importFromUsergroup($usergroup_->getUniqueID()); if (is_array($networkfolders) && count($networkfolders) > 0) { foreach ($networkfolders as $networkfolder) { $networkfolder->delUserGroup($usergroup_); } } } // third remove the preferences if it is default if ($usergroup_->isDefault()) { // unset the default usergroup $prefs = new Preferences_admin(); $mods_enable = $prefs->set('general', 'user_default_group', ''); $prefs->backup(); } // fourth we delete the group $res = $sql2->DoQuery('DELETE FROM @1 WHERE @2 = %3', $this->table, 'id', $usergroup_->id); return $res !== false; }
public function updateApplications() { Logger::debug('main', 'Server::updateApplications'); if (!is_array($this->roles) || !array_key_exists(Server::SERVER_ROLE_APS, $this->roles)) { Logger::critical('main', 'SERVER::updateApplications - Not an ApS'); return false; } if (!$this->isOnline()) { Logger::debug('main', 'Server::updateApplications server "' . $this->fqdn . ':' . $this->web_port . '" is not online'); return false; } $applicationDB = ApplicationDB::getInstance(); $xml = query_url($this->getBaseURL() . '/aps/applications'); if (!$xml) { $this->isUnreachable(); Logger::error('main', 'Server::updateApplications server \'' . $this->fqdn . '\' is unreachable'); return false; } if (!is_string($xml)) { Logger::error('main', 'Server::updateApplications invalid xml1'); return false; } if (substr($xml, 0, 5) == 'ERROR') { $this->returnedError(); Logger::error('main', 'Server::updateApplications invalid xml2'); return false; } if ($xml == '') { Logger::error('main', 'Server::updateApplications invalid xml3'); return false; } $dom = new DomDocument('1.0', 'utf-8'); @$dom->loadXML($xml); $root = $dom->documentElement; // before adding application, we remove all previous applications $previous_liaison = Abstract_Liaison::load('ApplicationServer', NULL, $this->fqdn); // see end of function $current_liaison_key = array(); $application_node = $dom->getElementsByTagName("application"); $sync_apps = array(); foreach ($application_node as $app_node) { $app_name = ''; $app_description = ''; $app_path_exe = ''; $app_path_args = NULL; $app_package = NULL; $app_desktopfile = NULL; if ($app_node->hasAttribute("name")) { $app_name = $app_node->getAttribute("name"); } if ($app_node->hasAttribute("description")) { $app_description = $app_node->getAttribute("description"); } if ($app_node->hasAttribute("package")) { $app_package = $app_node->getAttribute("package"); } if ($app_node->hasAttribute("desktopfile")) { $app_desktopfile = $app_node->getAttribute("desktopfile"); } $local_id = $app_node->getAttribute("id"); $exe_node = $app_node->getElementsByTagName('executable')->item(0); if ($exe_node->hasAttribute("command")) { $command = $exe_node->getAttribute("command"); $command = str_replace(array("%U", "%u", "%c", "%i", "%f", "%m"), "", $command); $app_path_exe = trim($command); } $mimetypes = array(); $mime_nodes = $app_node->getElementsByTagName('mime'); foreach ($mime_nodes as $mime_node) { if (!$mime_node->hasAttribute("type")) { continue; } $mimetypes[] = $mime_node->getAttribute("type"); } $a = new Application(NULL, $app_name, $app_description, $this->getAttribute('type'), $app_path_exe, $app_package, true, $app_desktopfile); $a->setMimeTypes($mimetypes); $a_search = $applicationDB->search($app_name, $app_description, $this->getAttribute('type'), $app_path_exe); if (is_object($a_search)) { //already in DB // echo $app_name." already in DB\n"; $a = $a_search; } else { // echo $app_name." NOT in DB\n"; if ($applicationDB->isWriteable() == false) { Logger::debug('main', 'Server::updateApplications applicationDB is not writeable'); } else { if ($applicationDB->add($a) == false) { //echo 'app '.$app_name." not insert<br>\n"; return false; } } } if ($applicationDB->isWriteable() == true) { if ($applicationDB->isOK($a) == true) { // we add the app to the server if (!is_object(Abstract_Liaison::load('ApplicationServer', $a->getAttribute('id'), $this->fqdn))) { $ret = Abstract_Liaison::save('ApplicationServer', $a->getAttribute('id'), $this->fqdn); if ($ret === false) { Logger::error('main', 'Server::updateApplications failed to save application'); return $ret; } } $current_liaison_key[] = $a->getAttribute('id'); } else { //echo "Application not ok<br>\n"; } } $sync_apps[$local_id] = $a->getAttribute('id'); } $previous_liaison_key = array_keys($previous_liaison); foreach ($previous_liaison_key as $key) { if (in_array($key, $current_liaison_key) == false) { $a = $applicationDB->import($key); if (is_null($a) || $a->getAttribute('static') == false) { Abstract_Liaison::delete('ApplicationServer', $key, $this->fqdn); } } } if (count($sync_apps) > 0) { $dom = new DomDocument('1.0', 'utf-8'); $applications_node = $dom->createElement('applications'); foreach ($sync_apps as $local_id => $id) { $application_node = $dom->createElement('application'); $application_node->setAttribute('id', $id); $application_node->setAttribute('local_id', $local_id); $applications_node->appendChild($application_node); } $dom->appendChild($applications_node); $xml = $dom->saveXML(); query_url_post_xml($this->getBaseURL() . '/aps/applications/ids', $xml); foreach ($sync_apps as $local_id => $id) { $a = $applicationDB->import($id); if (!is_object($a)) { continue; } if (!file_exists($a->getIconPathRW())) { $this->getApplicationIcon($a->getAttribute('id')); } } } return true; }
public function remove($profile_id_) { Logger::debug('main', "ProfileDB::internal::remove({$profile_id_})"); $profile = $this->import($profile_id_); if (is_object($profile) == false) { Logger::error('main', "ProfileDB::internal::remove({$profile_id_}) failed, unable to import profile"); return false; } Abstract_Liaison::delete('UserProfile', NULL, $profile->id); $SQL = SQL::getInstance(); $SQL->DoQuery('DELETE FROM @1 WHERE @2 = %3 LIMIT 1', $SQL->prefix . self::$table, 'id', $profile->id); $server = Abstract_Server::load($profile->server); if (is_object($server)) { $server->deleteNetworkFolder($profile->id, true); } return true; }
function cleanup_liaison($type_, $element_, $group_) { if (checkup_liaison($type_, $element_, $group_) !== true) { Abstract_Liaison::delete($type_, $element_, $group_); return true; } return false; }
public function get_login() { Logger::debug('main', 'AuthMethod_SAML2::get_login()'); $my_settings = $this->prefs->get('AuthMethod', 'SAML2'); $saml_node = $this->user_node_request->getElementsByTagname('saml_ticket')->item(0); if (is_null($saml_node)) { Logger::error('main', 'Authentication SAML2: No incoming SAML ticket'); return NULL; } $saml_response_ticket = NULL; for ($child = $saml_node->firstChild; $child != NULL; $child = $child->nextSibling) { if ($child->nodeType != XML_TEXT_NODE) { Logger::error('main', 'Authentication SAML2: node is not text'); continue; } $saml_response_ticket = $child->wholeText; } if (is_null($saml_response_ticket)) { Logger::error('main', 'Authentication SAML2: No incoming SAML ticket (bad protocol)'); return NULL; } $settings = $this->build_saml_settings($my_settings['idp_url'], $my_settings['idp_fingerprint'], $my_settings['idp_cert']); try { $response = new OneLogin_Saml2_Response($settings, $saml_response_ticket); ob_start(); // Catch debug messages if (!$response->isValid()) { Logger::error('main', 'Authentication SAML2: the SAML response is not valid ' . ob_get_contents()); ob_end_clean(); return NULL; } ob_end_clean(); $sessionExpiration = $response->getSessionNotOnOrAfter(); if (!empty($sessionExpiration) && $sessionExpiration <= time() || !$response->validateTimestamps()) { Logger::error('main', 'Authentication SAML2: Session expired'); return NULL; } } catch (Exception $e) { Logger::error('main', 'Authentication SAML2: ' . $e->getMessage()); return NULL; } $attributes = $response->getAttributes(); $user = $this->userDB->import($response->getNameId()); if ($user == NULL) { Logger::error('main', 'Authentication SAML2: user not found'); throw new Exception(); } $login = $user->getAttribute('login'); // we recognize following attributes: // * ovd.group_member: for user group matching // * ovd.setting.*: for settings if (array_key_exists("ovd.group_member", $attributes) && is_array($attributes["ovd.group_member"])) { $userGroupDB = UserGroupDB::getInstance(); $to_delete = array(); $current_groups = array_keys(Abstract_Liaison::loadGroups('UsersGroup', $login)); foreach ($attributes["ovd.group_member"] as $group_name) { $found = false; list($groups, $sizelimit_exceeded) = $userGroupDB->getGroupsContains($group_name, array('name')); foreach ($groups as $group) { if ($group->name == $group_name) { $found = True; if (!in_array($group->getUniqueID(), $current_groups)) { Logger::info('main', 'Authentication SAML2: Add user "' . $login . '" to group "' . $group->name . '"'); $ret = Abstract_Liaison::save('UsersGroup', $login, $group->getUniqueID()); if ($ret !== true) { Logger::error('main', 'Authentication SAML2: Unable to add user "' . $login . '" to group "' . $group->name . '"'); throw new Exception(); } } else { unset($current_groups[array_search($group->getUniqueID(), $current_groups)]); } } } if (!$found) { Logger::error('main', 'Authentication SAML2: group "' . $group_name . '" not found'); throw new Exception(); } } foreach ($current_groups as $group) { Logger::info('main', 'Authentication SAML2: remove group "' . $group . '" from ' . $login); Abstract_Liaison::delete('UsersGroup', $login, $group); } } $prefs = Preferences::getInstance(); foreach ($attributes as $attribute => $value) { if (is_array($value) && count($value) == 1) { $value = $value[0]; } if (substr($attribute, 0, 12) == 'ovd.setting.') { $attribute = explode('.', $attribute); if (count($attribute) != 4) { Logger::error('main', 'Authentication SAML2: incorrect setting : "' . implode('.', $attribute) . '"'); throw new Exception(); } $container = $attribute[2]; $setting = $attribute[3]; $session_settings_defaults = $prefs->getElements('general', $container); if (!array_key_exists($setting, $session_settings_defaults)) { Logger::error('main', 'Authentication SAML2: setting "' . implode('.', $attribute) . '" does not exists'); throw new Exception(); } $config_element = clone $session_settings_defaults[$setting]; $ugp = new User_Preferences($login, 'general', $container, $setting, $config_element->content); Logger::info('main', 'Authentication SAML2: set setting "' . implode('.', $attribute) . '" to ' . str_replace("\n", "", print_r($value, true))); $ugp->value = $value; Abstract_User_Preferences::delete($login, 'general', $container, $setting); $ret = Abstract_User_Preferences::save($ugp); if (!$ret) { Logger::error('main', 'Authentication SAML2: impossible to save setting "' . implode('.', $attribute) . '"'); throw new Exception(); } } } // return true or false.. No redirection to any IdP. We must have a valid ticket at this point. No artifact method return $response->getNameId(); }
public function cleanup_liaisons() { $this->check_authorized('manageConfiguration'); foreach (self::get_liaisons_types() as $liaisons_type) { $liaisons = Abstract_Liaison::load($liaisons_type, NULL, NULL); if (is_null($liaisons)) { continue; } foreach ($liaisons as $k => $liaison) { if (self::checkup_liaison($liaisons_type, $liaison->element, $liaison->group) === true) { continue; } Abstract_Liaison::delete($liaisons_type, $liaison->element, $liaison->group); } } $this->log_action('cleanup_liaisons'); return true; }
public function remove($group_) { Logger::debug('main', "ApplicationsGroupDB::sql::remove({$group_})"); if (!is_object($group_)) { Logger::error('main', "ApplicationsGroupDB::sql::remove({$group_}) the parameter is not a object"); return false; } if (array_key_exists($group_->id, $this->cache)) { unset($this->cache[$group_->id]); } // first we delete liaison Abstract_Liaison::delete('UsersGroupApplicationsGroup', NULL, $group_->id); Abstract_Liaison::delete('AppsGroup', NULL, $group_->id); // second we delete the group $sql2 = SQL::getInstance(); $res = $sql2->DoQuery('DELETE FROM @1 WHERE @2 = %3', $this->table, 'id', $group_->id); return $res !== false; }
public static function delete($id_) { Logger::debug('main', 'Starting Abstract_Session::delete for \'' . $id_ . '\''); $SQL = SQL::getInstance(); $id = $id_; $SQL->DoQuery('SELECT 1 FROM @1 WHERE @2 = %3 LIMIT 1', $SQL->prefix . 'sessions', 'id', $id); $total = $SQL->NumRows(); if ($total == 0) { Logger::error('main', "Abstract_Session::delete({$id_}) session does not exist (NumRows == 0)"); return false; } $SQL->DoQuery('DELETE FROM @1 WHERE @2 = %3 LIMIT 1', $SQL->prefix . 'sessions', 'id', $id); Abstract_Liaison::delete('ServerSession', NULL, $id_); $tokens = Abstract_Token::load_by_session($id_); foreach ($tokens as $token) { Abstract_Token::delete($token->id); } return true; }
public function invalidate($profile_id_) { Logger::debug('main', "ProfileDB::internal::invalidate({$profile_id_})"); Abstract_Liaison::delete('UserProfile', NULL, $profile_id_); $SQL = SQL::getInstance(); $SQL->DoQuery('DELETE FROM #1 WHERE @2 = %3 LIMIT 1', self::$table, 'id', $profile_id_); return true; }
public function updatePolicy($new_policy_) { $old_policy = $this->getPolicy(); Abstract_Liaison::delete('ACL', $this->getUniqueID(), NULL); foreach ($new_policy_ as $a_policy => $allow) { if ($allow) { Abstract_Liaison::save('ACL', $this->getUniqueID(), $a_policy); } } }
$l = Abstract_Liaison::load('UsersGroupApplicationsGroup', $_REQUEST['group_u'], $_REQUEST['group_a']); if (is_null($l)) { $ret = Abstract_Liaison::save('UsersGroupApplicationsGroup', $_REQUEST['group_u'], $_REQUEST['group_a']); if ($ret === true) { popup_info(_('Publication successfully added')); } else { popup_error(_('Unable to save the publication')); } } else { popup_error(_('This publication already exists')); } } if ($_REQUEST['action'] == 'del') { $l = Abstract_Liaison::load('UsersGroupApplicationsGroup', $_REQUEST['group_u'], $_REQUEST['group_a']); if (!is_null($l)) { $ret = Abstract_Liaison::delete('UsersGroupApplicationsGroup', $_REQUEST['group_u'], $_REQUEST['group_a']); if ($ret === true) { popup_info(_('Publication successfully deleted')); } else { popup_error(_('Unable to delete the publication')); } } else { popup_error(_('This publication does not exist')); } } } if ($_REQUEST['name'] == 'UserGroup') { if (!checkAuthorization('manageUsersGroups')) { redirect(); } $userGroupDB = UserGroupDB::getInstance();