/**
  * Run a merge using the AIR2Merge library.
  *
  * @param array   $response_data
  */
 protected function run($response_data = array())
 {
     // turn off logging during the merge
     $was_logging_enabled = AIR2Logger::$ENABLE_LOGGING;
     AIR2Logger::$ENABLE_LOGGING = false;
     // run the merge and reset logging
     $type = $this->my_type;
     $errs = AIR2Merge::merge($this->prime, $this->merge, $this->ops, $this->commit_on_success);
     $result = AIR2Merge::get_result();
     AIR2Logger::$ENABLE_LOGGING = $was_logging_enabled;
     // what happened?
     $status = 200;
     if ($errs === true) {
         $response_data['success'] = true;
         $response_data['message'] = "Successfully merged {$type}s";
         // attach the "merged" object to data
         $response_data['ResultSource'] = $result['result'];
         air2_clean_radix($response_data['ResultSource'], $this->radix_whitelist);
         // attach ops used
         $response_data['op_prime'] = $result['prime'];
         $response_data['op_merge'] = $result['merge'];
         // log the merge
         if ($this->commit_on_success) {
             $this->log_activity($result, $response_data);
         }
     } elseif (is_string($errs)) {
         $response_data['success'] = false;
         $response_data['message'] = $errs;
         $status = 500;
     } else {
         $response_data['success'] = false;
         $response_data['message'] = "Unable to merge {$type}s";
         $response_data['errors'] = $errs;
         $status = 400;
         // attach ops used
         $response_data['op_prime'] = $result['prime'];
         $response_data['op_merge'] = $result['merge'];
     }
     // attach fact data
     $rs = AIR2_DBManager::get_connection()->fetchAll('select * from fact');
     $response_data['facts'] = array();
     foreach ($rs as $row) {
         $response_data['facts'][$row['fact_id']] = $row;
     }
     // respond with data
     $this->response($response_data, $status);
 }
 /**
  * initialize security for this controller
  *
  * This function determines what (if any) security the user has and
  * encapsulates it in the $AIR2User class variable.  Will return a
  * login page and exit if the user cannot be authenticated.
  *
  * @access private
  * @return void
  */
 private function _init_security()
 {
     // check if the credentials were good
     if (!$this->airuser->has_valid_tkt() || !$this->airuser->get_user()) {
         // user not authenticated
         $this_uri = current_url() . '?' . $this->input->server('QUERY_STRING');
         //Carper::carp("Permission denied for $this_uri");
         $uri = $this->uri_for('login', array('back' => $this_uri));
         //echo "Location: $uri\n";
         redirect($uri);
         exit(0);
     }
     // ok credentials. does the user have min authz?
     $air2_user = $this->airuser->get_user();
     // skip authz check if SYSTEM or TEST user
     // TODO the TEST type really ought to be tested here as well
     // but that will require audit of existing unit tests.
     if ($air2_user['user_type'] != 'S' && $air2_user['user_type'] != 'T') {
         $cum_authz = 0;
         foreach ($air2_user->get_authz() as $org_id => $bitmask) {
             $cum_authz += $bitmask;
         }
         if ($cum_authz == 0) {
             Carper::carp("authn ok for " . $air2_user->user_username . " type=" . $air2_user['user_type'] . " but no authz");
             show_error('Insufficient authz', 403);
         }
     }
     //set global remote user ID and TYPE (for upd/cre user stamps)
     define('AIR2_REMOTE_USER_ID', $this->airuser->get_id());
     define('AIR2_REMOTE_USER_TYPE', $air2_user['user_type']);
     // enable activity logging
     // TODO: where else can this go? Would it be better to default to true?
     AIR2Logger::$ENABLE_LOGGING = true;
     // authn ok
     return true;
 }