/**
* handler for JSON api requests
*
* @return JSON
*/
public function handle()
{
try {
// init server and request first
$server = new Zend_Json_Server();
$server->setClass('Setup_Frontend_Json', 'Setup');
$server->setClass('Tinebase_Frontend_Json', 'Tinebase');
$server->setAutoHandleExceptions(false);
$server->setAutoEmitResponse(false);
$request = new Zend_Json_Server_Request_Http();
Setup_Core::initFramework();
$method = $request->getMethod();
$jsonKey = isset($_SERVER['HTTP_X_TINE20_JSONKEY']) ? $_SERVER['HTTP_X_TINE20_JSONKEY'] : '';
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is JSON request. method: ' . $method);
$anonymnousMethods = array('Setup.getAllRegistryData', 'Setup.login', 'Tinebase.getAvailableTranslations', 'Tinebase.getTranslations', 'Tinebase.setLocale');
if (!Setup_Core::configFileExists()) {
$anonymnousMethods = array_merge($anonymnousMethods, array('Setup.envCheck'));
}
// check json key for all methods but some exceptoins
if (!in_array($method, $anonymnousMethods) && Setup_Core::configFileExists() && (empty($jsonKey) || $jsonKey != Setup_Core::get('jsonKey') || !Setup_Core::isRegistered(Setup_Core::USER))) {
if (!Setup_Core::isRegistered(Setup_Core::USER)) {
Setup_Core::getLogger()->INFO(__METHOD__ . '::' . __LINE__ . ' Attempt to request a privileged Json-API method without authorisation from "' . $_SERVER['REMOTE_ADDR'] . '". (session timeout?)');
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
} else {
Setup_Core::getLogger()->WARN(__METHOD__ . '::' . __LINE__ . ' Fatal: got wrong json key! (' . $jsonKey . ') Possible CSRF attempt!' . ' affected account: ' . print_r(Setup_Core::getUser(), true) . ' request: ' . print_r($_REQUEST, true));
throw new Tinebase_Exception_AccessDenied('Not Authorised', 401);
}
}
$response = $server->handle($request);
} catch (Exception $exception) {
$response = $this->_handleException($server, $request, $exception);
}
echo $response;
}
/**
* download config as config file
*
* @param array $data
*/
public function downloadConfig($data)
{
if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) {
$data = Zend_Json::decode($data, Zend_Json::TYPE_ARRAY);
$tmpFile = tempnam(Tinebase_Core::getTempDir(), 'tine20_');
Setup_Controller::getInstance()->writeConfigToFile($data, TRUE, $tmpFile);
$configData = file_get_contents($tmpFile);
unlink($tmpFile);
header("Pragma: public");
header("Cache-Control: max-age=0");
header("Content-Disposition: attachment; filename=config.inc.php");
header("Content-Description: PHP File");
header("Content-type: text/plain");
die($configData);
}
}
/**
* checks the environment
*
* @return array with success/failure values for the given attributes
*
*/
private function _check()
{
foreach ($this->values as $key => $value) {
if ($value['tag'] == 'ENVIROMENT') {
switch ($value['attributes']['NAME']) {
case 'Zend':
$required = $value['attributes']['VERSION'];
$zend = Zend_Version::VERSION;
$operator = $value['attributes']['OPERATOR'] == 'biggerThan' ? '>' : '<';
$text = $value['attributes']['NAME'] . ' ' . $operator . ' ' . $required;
if (version_compare($zend, $required, $operator)) {
$data[] = array($text, 'SUCCESS');
} else {
$data[] = array($text . ' (version is ' . $zend . ')', 'FAILURE');
}
break;
case 'PHP':
if (version_compare($value['attributes']['VERSION'], phpversion(), '<=')) {
$data[] = array($value['attributes']['NAME'], 'SUCCESS');
} else {
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' PHP version incompatible: ' . phpversion() . ' < ' . $value['attributes']['VERSION']);
$data[] = array($value['attributes']['NAME'], 'FAILURE');
}
break;
case 'MySQL':
// get setup controller for database connection
if (Setup_Core::configFileExists()) {
$dbConfig = Tinebase_Core::getConfig()->database;
$hostnameWithPort = isset($dbConfig->port) ? $dbConfig->host . ':' . $dbConfig->port : $dbConfig->host;
$link = @mysql_connect($hostnameWithPort, $dbConfig->username, $dbConfig->password);
if (!$link) {
//die('Could not connect to mysql database: ' . mysql_error());
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . 'Could not connect to mysql database: ' . mysql_error());
Setup_Core::set(Setup_Core::CHECKDB, FALSE);
}
$mysqlVersion = @mysql_get_server_info();
} else {
$mysqlVersion = @mysql_get_client_info();
}
// some version strings have more than just the version
preg_match('/\\d+\\.\\d+\\.\\d+/', $mysqlVersion, $matches);
$mysqlVersion = is_array($matches) ? $matches[0] : $mysqlVersion;
$text = $value['attributes']['NAME'];
if (version_compare($value['attributes']['VERSION'], $mysqlVersion, '<=')) {
$data[] = array($text, 'SUCCESS');
} else {
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' MySQL version incompatible: ' . $mysqlVersion . ' < ' . $value['attributes']['VERSION']);
$data[] = array($text, 'FAILURE');
}
break;
case 'PgSQL':
$pgsqlVersion = '0.0.0';
// get setup controller for database connection
if (Setup_Core::configFileExists()) {
$dbConfig = Tinebase_Core::getConfig()->database;
$hostname = $dbConfig->host;
$port = isset($dbConfig->port) ? $dbConfig->port : '5432';
$user = $dbConfig->username;
$password = $dbConfig->password;
$link = @pg_connect("host={$hostname} port={$port} user={$user} password={$password}");
if (PGSQL_CONNECTION_BAD === pg_connection_status($link)) {
//die('Could not connect to postgresql database: ' . pg_errormessage());
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . 'Could not connect to postgresql database: ' . pg_errormessage());
Setup_Core::set(Setup_Core::CHECKDB, FALSE);
} else {
$pgsqlVersion = @pg_version($link);
$pgsqlVersion = $pgsqlVersion['server'];
}
}
$text = $value['attributes']['NAME'];
if (version_compare($value['attributes']['VERSION'], $pgsqlVersion, '<=')) {
$data[] = array($text, 'SUCCESS');
} else {
Setup_Core::getLogger()->warn(__METHOD__ . '::' . __LINE__ . ' PostgreSQL version incompatible: ' . $pgsqlVersion . ' < ' . $value['attributes']['VERSION']);
$data[] = array($text, 'FAILURE');
}
break;
default:
$data[] = array($value['attributes']['NAME'], 'FAILURE');
break;
}
} else {
if ($value['tag'] == 'EXTENSION') {
//print_r($this->loadedExtensions);
foreach ($value as $extensionArray) {
if (is_array($extensionArray)) {
$succeeded = false;
if (in_array($extensionArray['NAME'], $this->loadedExtensions)) {
$passed[] = true;
if ($this->values[$key + 1]['tag'] == 'INISET') {
$iniSettings = ini_get_all($extensionArray['NAME']);
//print_r($iniSettings);
$i = 1;
while ($values[$key + $i]['tag'] == 'INISET') {
switch ($values[$key + $i]['attributes']['OPERATOR']) {
case '<=':
if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] <= $values[$key + $i]['attributes']['VALUE']) {
$passed[] = false;
}
break;
case '==':
if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] == $values[$key + $i]['attributes']['VALUE']) {
$passed[] = false;
}
break;
case '>=':
if (!$iniSettings[$values[$key + $i]['attributes']['NAME']][$values[$key + $i]['attributes']['SCOPE']] >= $values[$key + $i]['attributes']['VALUE']) {
$passed[] = false;
}
break;
default:
break;
}
$i++;
}
}
// end INISET
if (!in_array(false, $passed)) {
$succeeded = true;
}
unset($passed);
unset($iniSettings);
}
if ($succeeded) {
$data[] = array($extensionArray['NAME'], 'SUCCESS');
} else {
$data[] = array($extensionArray['NAME'], 'FAILURE');
}
}
}
}
}
// end EXTENSION
}
// end foreach
return $data;
}
public function testConfigFilesExists()
{
$this->assertTrue(Setup_Core::configFileExists());
}
/**
* save data to config file
*
* @param array $_data
* @param boolean $_merge
*/
public function saveConfigData($_data, $_merge = TRUE)
{
if (!empty($_data['setupuser']['password']) && !Setup_Auth::isMd5($_data['setupuser']['password'])) {
$password = $_data['setupuser']['password'];
$_data['setupuser']['password'] = md5($_data['setupuser']['password']);
}
if (Setup_Core::configFileExists() && !Setup_Core::configFileWritable()) {
throw new Setup_Exception('Config File is not writeable.');
}
if (Setup_Core::configFileExists()) {
$doLogin = FALSE;
$filename = Setup_Core::getConfigFilePath();
} else {
$doLogin = TRUE;
$filename = dirname(__FILE__) . '/../config.inc.php';
}
$config = $this->writeConfigToFile($_data, $_merge, $filename);
Setup_Core::set(Setup_Core::CONFIG, $config);
Setup_Core::setupLogger();
if ($doLogin && isset($password)) {
Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' Create session for setup user ' . $_data['setupuser']['username']);
$this->login($_data['setupuser']['username'], $password);
}
}
/**
* Returns registry data of setup
* .
* @see Tinebase_Application_Json_Abstract
*
* @return mixed array 'variable name' => 'data'
*
* @todo add 'titlePostfix' => Tinebase_Config::getInstance()->getConfig(Tinebase_Config::PAGETITLEPOSTFIX, NULL, '')->value here?
*/
public function getRegistryData()
{
// anonymous registry
$registryData = array('configExists' => Setup_Core::configFileExists(), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'authenticationData' => $this->loadAuthenticationData());
// authenticated or non existent config
if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) {
$registryData = array_merge($registryData, $this->checkConfig());
$registryData = array_merge($registryData, array('acceptedTermsVersion' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? Setup_Controller::getInstance()->getAcceptedTerms() : 0, 'setupChecks' => $this->envCheck(), 'configData' => $this->loadConfig(), 'emailData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getEmailConfig() : array(), 'messengerData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getMessengerConfig() : array()));
}
// if setup user is logged in
if (Setup_Core::isRegistered(Setup_Core::USER)) {
$registryData += array('currentAccount' => Setup_Core::getUser());
}
return $registryData;
}
