/**
* Setup an authenticated AIR user for this request
*
* @param string|Doctrine_Record $user the air user's name, or user object
* @param array $authz (optional) an associative array of organizations and permissions
*/
public function set_user($user, $authz = null)
{
$usr = new AirUser();
if (is_string($user)) {
if ($authz != null) {
$usr->set_authz($authz);
}
$typedef = array('user' => array('type' => 'S'));
// make system user
$tktarr = $usr->get_tkt($user, 1, $typedef);
// 1=fake user ID
} else {
$tktarr = $usr->create_tkt($user, false);
}
foreach ($tktarr as $ckname => $ckval) {
$this->browser->setcookie($ckname, $ckval);
$this->cookies[$ckname] = $ckval;
}
}
/**
* Getting the public responses to display
*
* @return void
* @param unknown $inq_uuid (optional)
*/
public function search($inq_uuid = null)
{
$query_term = $this->input->get('q');
$resp_format = $this->input->get('t');
$api_key = $this->input->get('a');
if (!$resp_format) {
$resp_format = 'JSON';
}
// "view" only used for errors
// otherwise proxy response sets its own headers
// we do not have any HTML view, so if that is detected,
// it was the default. override with our local response format detection.
if ($this->airoutput->view == 'html') {
$this->airoutput->view = strtolower($resp_format);
$this->airoutput->format = $this->router->get_content_type_for_view($this->airoutput->view);
} elseif (!$this->input->get('t')) {
$resp_format = strtoupper($this->airoutput->view);
}
$api_key_rec = null;
if (!strlen($api_key)) {
$this->response(array('success' => false, 'error' => 'API Key Required'), 401);
return;
} else {
$api_key_rec = APIKey::find('APIKey', $api_key);
if (!$api_key_rec || !$api_key_rec->ak_approved) {
$this->response(array('success' => false, 'error' => 'Invalid API Key'), 403);
return;
}
// ok key. log it.
$ip_address = $this->input->server('REMOTE_ADDR');
$api_stat = new APIStat();
$api_stat->APIKey = $api_key_rec;
$api_stat->as_ip_addr = $ip_address;
$api_stat->save();
}
// validity checks
if ($this->method != 'GET') {
header('Allow: GET', true, 405);
$this->response(array('success' => false), 405);
return;
}
if (!strlen($query_term)) {
$this->response(array('success' => false, 'error' => '"q" param required'), 400);
return;
}
if ($inq_uuid) {
$query_term = "(" . $query_term . ") AND inq_uuid={$inq_uuid}";
}
$airuser = new AirUser();
$tkt = $airuser->get_tkt($api_key_rec->ak_email, 0);
$tktname = null;
$tktval = null;
foreach ($tkt as $k => $v) {
$tktname = $k;
$tktval = $v;
}
$opts = array("url" => AIR2_SEARCH_URI . '/public-responses/search', "cookie_name" => $tktname, "params" => array('t' => $resp_format), "tkt" => $tktval, "query" => $query_term, "GET" => true);
$search_proxy = new Search_Proxy($opts);
$response = $search_proxy->response();
$body = $response['json'];
$this->airoutput->format = $response['response']['content_type'];
$this->airoutput->send_headers($response['response']['http_code']);
// if JSONP requested, wrap response
if ($this->input->get('callback')) {
echo $this->input->get('callback') . '(' . $body . ');';
} else {
echo $body;
}
}
* This file is part of AIR2.
*
* AIR2 is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* AIR2 is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with AIR2. If not, see <http://www.gnu.org/licenses/>.
*
*************************************************************************/
require_once realpath(dirname(__FILE__) . '/../app/init.php');
require_once 'AirUser.php';
require_once 'User.php';
require_once 'AIR2_DBManager.php';
AIR2_DBManager::init();
array_shift($argv);
$length = count($argv);
for ($i = 0; $i < $length; $i++) {
$airUser = new AirUser();
// user_username => $username )->load;
$username = $argv[$i];
$user = Doctrine::getTable('User')->findOneBy('user_username', $username);
$tkt = $airUser->get_tkt($user->user_username, $user->user_id);
var_dump($tkt);
}
<html>
<head>
<title>AIR2 auth check</title>
</head>
<body>
<pre>
<?php
require_once realpath(dirname(__FILE__) . '/../app/init.php');
require_once 'AirUser.php';
$air_user = new AirUser();
printf("username=%s\n", $air_user->get_username());
print_r($air_user->get_authz());
?>
</pre>
</body>
</html>
/**
* Add the results of a search (submissions or source) to a bin
*
* @param User $u
* @param Bin $bin
* @param array $params
* @param string $notes
* @return array $counts
*/
public static function add_search($u, $bin, $params, $notes = null)
{
if (!isset($params['i']) || !isset($params['q']) || !isset($params['total'])) {
throw new Exception("Invalid search parameters - req'd: i, q, total");
}
$i = $params['i'];
$q = $params['q'];
$M = isset($params['M']) ? $params['M'] : null;
$total = $params['total'];
// sanity check
$valid_indexes = array('sources', 'active-sources', 'primary-sources', 'responses', 'fuzzy-sources', 'fuzzy-active-sources', 'fuzzy-primary-sources', 'fuzzy-responses', 'strict-sources', 'strict-active-sources', 'strict-primary-sources', 'strict-responses');
if (!in_array($i, $valid_indexes)) {
throw new Exception("Invalid search type '{$i}'");
}
// make sure we have an auth tkt
$tkt = isset($_COOKIE[AIR2_AUTH_TKT_NAME]) ? $_COOKIE[AIR2_AUTH_TKT_NAME] : null;
if (!$tkt) {
$airuser = new AirUser();
$tkt = $airuser->get_tkt($u->user_username, $u->user_id);
$tkt = $tkt[AIR2_AUTH_TKT_NAME];
}
// call the search server
$proxy = new Search_Proxy(array('url' => sprintf("%s/%s/search", AIR2_SEARCH_URI, $i), 'cookie_name' => AIR2_AUTH_TKT_NAME, 'query' => $q, 'params' => array('u' => 1, 'limit' => $total, 'M' => $M), 'tkt' => $tkt, 'GET' => true));
$rsp = $proxy->response();
//error_log(var_export($rsp, 1));
$json = json_decode($rsp['json'], true);
if (!$json['success']) {
throw new Exception("Search server returned error: " . $json['error']);
}
// check the total against the expected total
if ($json['total'] != $total) {
throw new Exception("Search returned unexpected total! Expected " . $json['total'] . ", got {$rsp_total}. Aborting operation!");
}
// add sources or responses
if ($i == 'responses' || $i == 'fuzzy-responses' || $i == 'strict-responses') {
return self::add_submissions($bin, $json['results'], $notes);
} else {
return self::add_sources($bin, $json['results'], $notes);
}
}
