Example #1
0
 function handler_remote($page)
 {
     global $globals, $platal;
     if (!(Env::has('timestamp') && Env::has('site') && Env::has('hash') && Env::has('request'))) {
         $page->trigError("Requête non valide");
         return;
     }
     // Read request
     $timestamp = Env::s('timestamp');
     if (abs($timestamp - time()) > $globals->remote->lag) {
         $page->trigError("Delai d'attente dépassé");
         return;
     }
     $site = Env::s('site');
     $request = Env::s('request');
     // Load remote information
     try {
         $remote = Remote::from(Env::s('site'));
         $remote->select(RemoteSelect::groups());
     } catch (ItemNotFoundException $e) {
         $page->trigError("Ton site n'est pas renseigné dans la base de données");
         return;
     }
     // Check request
     if (md5($timestamp . $site . $remote->privkey() . $request) != Env::s('hash')) {
         $page->trigError("Erreur de validation de la requête d'authentification");
         return;
     }
     $request = json_decode($request, true);
     // Force login
     $user = Platal::session()->doAuthWithoutStart(AUTH_COOKIE);
     if (empty($user)) {
         $page->assign('remote_site', $remote->label());
         $platal->force_login($page);
         return PL_FORBIDDEN;
     }
     // Build response
     $response = array('uid' => $user->id());
     if ($remote->hasRight('names') && in_array('names', $request)) {
         $response['hruid'] = $user->login();
         $response['firstname'] = $user->firstname();
         $response['lastname'] = $user->lastname();
         $response['nickname'] = $user->nickname();
     }
     if ($remote->hasRight('email') && in_array('email', $request)) {
         $response['email'] = $user->email();
     }
     if ($remote->hasRight('rights') && in_array('rights', $request)) {
         $r = array();
         foreach ($remote->groups() as $g) {
             $r[$g->name()] = array_map(function ($r) {
                 return (string) $r;
             }, $user->rights($g));
         }
         if (!empty($r)) {
             $response['rights'] = $r;
         }
     }
     if ($remote->hasRight('sport') && in_array('sport', $request)) {
         $groups = $user->castes()->groups();
         $group = $groups->filter('ns', Group::NS_SPORT)->first();
         if ($group) {
             $response['sport'] = $group->label();
         }
     }
     if ($remote->hasRight('promo') && in_array('promo', $request)) {
         $groups = $user->castes()->groups()->filter('ns', Group::NS_PROMO);
         $groups = $groups->remove(Group::from('on_platal'));
         // Extract promos from group labels
         // For backward compatibility, compute the minimal promo year
         $promo = 0;
         $promos = array();
         foreach ($groups as $g) {
             $matches = array();
             if (preg_match('/^promo_([a-z_]+)([1-9][0-9]{3})$/', $g->name(), $matches)) {
                 $promos[] = $matches[1] . $matches[2];
                 $year = (int) $matches[2];
                 if (!$promo || $year < $promo) {
                     $promo = $year;
                 }
             }
         }
         if ($promo) {
             $response['promo'] = $promo;
             $response['promos'] = $promos;
         }
     }
     if ($remote->hasRight('photo') && in_array('photo', $request)) {
         $img = $user->photo();
         if ($img === false) {
             $img = $user->original();
         }
         if ($img !== false) {
             $response['photo'] = $globals->baseurl . '/' . $img->src('full');
         }
     }
     if ($remote->hasRight('binets_admin') && in_array('binets_admin', $request)) {
         $gf = new GroupFilter(new PFC_And(new GFC_User($user, Rights::admin()), new GFC_Namespace('binet')));
         $gs = $gf->get();
         if ($gs->count() > 0) {
             $gs->select(GroupSelect::base());
             $r = array();
             foreach ($gs as $g) {
                 $r[$g->name()] = $g->label();
             }
             if (!empty($r)) {
                 $response['binets_admin'] = $r;
             }
         }
     }
     // Send response
     $response = json_encode($response);
     $location = Env::s('location');
     header('Location: ' . $site . '?location=' . $location . '&timestamp=' . $timestamp . '&response=' . $response . '&hash=' . md5($timestamp . $remote->privkey() . $response));
 }