public static function connectAccountToProfile($profileid, $id, $type, $name = null, $idptrace = array())
{
//Check if this user account is already connected to a profile
$user = SamlAuth::getUserByAccountValues($id, $type);
if ($user !== null) {
return;
}
$uaccount = new Default_Model_UserAccount();
$uaccount->researcherID = $profileid;
$uaccount->accountID = $id;
$uaccount->accountTypeID = $type;
$uaccount->accountName = $name;
$uaccount->IDPTrace = $idptrace;
$uaccount->save();
$try_count = 0;
while ($try_count < 10) {
$uaccounts = new Default_Model_UserAccounts();
$uaccounts->filter->id->equals($uaccount->id);
if (count($uaccounts->items) > 0) {
break;
}
$try_count += 1;
sleep(1);
}
}
public static function harvestSamlData($session, $user)
{
$attrs = $session->samlattrs;
$egiuid = isset($attrs["idp:egiuid"]) == true && count($attrs["idp:egiuid"]) > 0 ? $attrs["idp:egiuid"][0] : "";
$ucert = isset($attrs["idp:userCertificateSubject"]) == true && count($attrs["idp:userCertificateSubject"]) > 0 ? $attrs["idp:userCertificateSubject"][0] : "";
//collect egi sso ldap user account (possibly from x509 user account)
if (trim($egiuid) !== "") {
$uacs = new Default_Model_UserAccounts();
$f1 = new Default_Model_UserAccountsFilter();
$f2 = new Default_Model_UserAccountsFilter();
$f3 = new Default_Model_UserAccountsFilter();
$f1->researcherid->equals($user->id);
$f2->account_type->equals("egi-sso-ldap");
$f3->accountid->_escape_seq = "";
$f3->accountid->equals($egiuid);
$uacs->filter->chain($f1, "AND");
$uacs->filter->chain($f2, "AND");
$uacs->filter->chain($f3, "AND");
if (count($uacs->items) === 0) {
$uacc = new Default_Model_UserAccount();
$uacc->researcherid = $user->id;
$uacc->accountid = $egiuid;
$uacc->accounttypeid = "egi-sso-ldap";
$uacc->save();
}
}
//collect x509 user account (possibly from egi sso user account)
if (trim($ucert) !== "") {
$uacs = new Default_Model_UserAccounts();
$f1 = new Default_Model_UserAccountsFilter();
$f2 = new Default_Model_UserAccountsFilter();
$f3 = new Default_Model_UserAccountsFilter();
$f1->researcherid->equals($user->id);
$f2->account_type->equals("x509");
$f3->accountid->_escape_seq = "";
$f3->accountid->equals($ucert);
$uacs->filter->chain($f1, "AND");
$uacs->filter->chain($f2, "AND");
$uacs->filter->chain($f3, "AND");
if (count($uacs->items) === 0) {
$uacc = new Default_Model_UserAccount();
$uacc->researcherid = $user->id;
$uacc->accountid = $ucert;
$uacc->accounttypeid = "x509";
$uacc->save();
}
}
}
public function createnewprofileAction()
{
$this->_helper->layout->disableLayout();
if ($this->session->userid !== -1 || $this->session->isNewUser !== true) {
$this->_helper->viewRenderer->setNoRender();
header("HTTP/1.0 404 Not Found");
return;
}
$firstname = isset($_POST["firstName"]) ? trim($_POST["firstName"]) : null;
$lastname = isset($_POST["lastName"]) ? trim($_POST["lastName"]) : null;
$gender = isset($_POST["gender"]) ? trim($_POST["gender"]) : null;
$institution = isset($_POST["institution"]) ? trim($_POST["institution"]) : null;
$countryid = isset($_POST["countryID"]) ? intval($_POST["countryID"]) : null;
$positiontypeid = isset($_POST["positionTypeID"]) ? intval($_POST["positionTypeID"]) : null;
$error = array();
if ($firstname === null) {
array_push($error, "Invalid user first name given");
}
if ($lastname === null) {
array_push($error, "Invalid user last name given");
}
//if( $institution === null ) array_push($error, "Invalid user institute given");
if ($countryid === null) {
array_push($error, "Invalid user country given");
}
if ($positiontypeid === null) {
array_push($error, "Invalid user role given");
}
if (count($error) > 0) {
//todo: Add Error handler
$this->view->error = $error;
return;
}
//Collect user information
$entry = new Default_Model_Researcher();
$entry->lastName = $lastname;
$entry->firstName = $firstname;
$entry->gender = $gender;
$entry->institution = "";
$entry->countryID = $countryid;
$entry->positionTypeID = $positiontypeid;
//Collect user contacts
$conts = array();
foreach ($_POST as $key => $value) {
if (trim($value) === "") {
continue;
}
if (substr($key, 0, 7) === "contact" && substr($key, 0, 11) !== "contactType") {
$cnum = substr($key, 7);
$cont = new Default_Model_Contact();
$cont->data = $value;
$cont->contactTypeID = $_POST['contactType' . $cnum];
if (is_numeric($cont->contactTypeID) === false) {
array_push($error, "Invalid contact type given");
}
if (trim($value) === "") {
array_push($error, "Empty contact value given");
}
if (count($error) > 0) {
continue;
}
array_push($conts, $cont);
}
}
//Collect user relations
$relations = array();
foreach ($_POST as $key => $value) {
if (trim($value) === "") {
continue;
}
if (strtolower(trim($key)) === "organization") {
$data = json_decode($value);
$relations[] = array("id" => trim(strval($data->id)), "targetguid" => trim(strval($data->targetguid)), "parentid" => null);
}
}
if (count($error) > 0) {
//todo: Add error handler
$this->view->error = $error;
return;
}
//Check if user account has been registered in the meanwhile
$uid = $this->session->authUid;
$source = $this->session->authSource;
$useraccounts = new Default_Model_UserAccounts();
$f1 = new Default_Model_UserAccountsFilter();
$f2 = new Default_Model_UserAccountsFilter();
$f1->accountid->equals($uid);
$f2->accounttype->equals($source);
$useraccounts->filter->chain($f1, "AND");
$useraccounts->filter->chain($f2, "AND");
if (count($useraccounts->items) > 0) {
array_push($error, "User account is already registered");
$this->view->error = $error;
return;
}
//Everything is ok. Continue with saving new profile
//Save entry
$entry->save();
//Save entry contacts
for ($i = 0; $i < count($conts); $i += 1) {
$cont = $conts[$i];
$cont->researcherID = $entry->id;
$cont->save();
}
//extract IDP Trace in case it is returned from SAML
$attrs = $this->session->samlattrs;
$idptrace = array();
if (isset($attrs['idp:traceidp']) && is_array($attrs['idp:traceidp'])) {
$idptrace = $attrs['idp:traceidp'];
}
//Save user account
$useraccount = new Default_Model_UserAccount();
$useraccount->researcherid = $entry->id;
$useraccount->accountid = $this->session->authUid;
$useraccount->accounttypeid = str_replace("-sp", "", $this->session->authSource);
$useraccount->IDPTrace = $idptrace;
$useraccount->save();
//Save user relations (organization)
if ($entry && count($relations) > 0) {
//ensure permissions are built
$try_counter = 0;
while ($try_counter < 25) {
$try_counter += 1;
$confs = db()->query("select data from config where var = 'permissions_cache_dirty';")->fetchAll();
if (count($confs) > 0) {
$conf = $confs[0];
if (isset($conf["data"]) && trim($conf["data"]) === '0') {
break;
}
}
sleep(1);
}
//Refetch entry (user) to retrieve guid
$us = new Default_Model_Researchers();
$us->filter->id->numequals($entry->id);
if (count($us->items) > 0) {
$u = $us->items[0];
EntityRelations::syncRelations($u->guid, $u->id, $relations);
}
}
//Setup new session
if ($entry) {
//ensure race condition
$try_counter = 0;
while ($try_counter < 10) {
$try_counter += 1;
$ppl = new Default_Model_Researchers();
$ppl->filter->id->equals($entry->id);
if (count($ppl->items) > 0) {
break;
}
sleep(1);
}
unset($this->session->isNewUser);
$this->session->userid = $entry->id;
SamlAuth::setupSamlAuth($this->session);
}
$this->view->session = $this->session;
$this->view->error = array();
}
public function save(Default_Model_UserAccount $value)
{
global $application;
$data = array();
if (!isnull($value->getId())) {
$data['id'] = $value->getId();
}
if (!isnull($value->getResearcherID())) {
$data['researcherid'] = $value->getResearcherID();
}
if (!isnull($value->getAccountID())) {
$data['accountid'] = $value->getAccountID();
}
if (!isnull($value->getAccountTypeID())) {
$data['account_type'] = $value->getAccountTypeID();
}
if (!isnull($value->getAccountname())) {
$data['accountname'] = $value->getAccountname();
}
if (!isnull($value->getStateID())) {
$data['stateid'] = $value->getStateID();
}
if (!isnull($value->getIDPTrace())) {
$data['idptrace'] = $value->getIDPTrace();
}
$q1 = 'id = ?';
$q2 = $value->id;
if (null === ($id = $value->id)) {
unset($data['id']);
$value->id = $this->getDbTable()->insert($data);
} else {
$s = $this->getDbTable()->getAdapter()->quoteInto($q1, $q2);
$this->getDbTable()->update($data, $s);
}
}
