/**
  * SSO login action.
  */
 public function ssoAction()
 {
     /* Authenticate. */
     $saharaAuth = new Sahara_Auth();
     /* We may need to pass auth token through. */
     $params = array();
     if ($this->_getParam('pkey')) {
         $params['pkey'] = $this->_getParam('pkey');
     }
     if (!$saharaAuth->signon($params)) {
         $this->_flashMessenger->addMessage('Failed single sign on.');
         $this->_redirectTo('index', 'index');
     }
     /* Setup session. */
     $saharaAuth->setupSession();
     /* Validate and store account. */
     $user = Sahara_Soap::getSchedServerPermissionsClient()->getUser(array('userQName' => $this->_config->institution . ':' . $saharaAuth->getUsername()));
     /* Store the authentication information if the user is authenticated. */
     if ($user->persona != Sahara_Acl::UNAUTH) {
         $storage = $this->_auth->getStorage();
         $storage->clear();
         $storage->write($user->userQName);
     }
     if ($this->_getParam('pkey')) {
         /* Authorisation key has been specified, so redeem it. */
         $ac = new Sahara_AccessKey();
         $res = $ac->keyActivate(urldecode($this->_getParam('pkey')));
         if (!$res['success']) {
             $this->_flashMessenger->addMessage('Failed permission redemption: ' . $res['error']);
         }
     }
     /* Redirect to an appropriate page. */
     switch ($user->persona) {
         case Sahara_Acl::USER:
             $this->_redirectTo('index', 'queue');
             break;
         case Sahara_Acl::RESEARCH:
             $this->_redirectTo('index', 'research');
             break;
         case Sahara_Acl::ACADEMIC:
             $this->_redirectTo('index', 'queue');
             break;
         case Sahara_Acl::ADMIN:
             $this->_redirectTo('index', 'queue');
             break;
         default:
             $this->_flashMessenger->addMessage("Unknown user '" . $saharaAuth->getUsername() . "'.");
             $this->_redirectTo('index', 'index');
             break;
     }
 }
Exemple #2
0
 /**
  * Loads the users role and the appropriate permissions for that role.
  */
 public function loadPermissions()
 {
     $this->_userRole = self::UNAUTH;
     if ($this->_user != null) {
         /* Attempt to find the user's 'persona' which defines their role. */
         $user = Sahara_Soap::getSchedServerPermissionsClient()->getUser(array('userQName' => $this->_user));
         $this->_userRole = $user->persona;
     } else {
         $this->_userRole = self::UNAUTH;
     }
     /* Add role hierarchy. */
     $this->addRole(new Zend_Acl_Role(self::UNAUTH));
     $this->addRole(new Zend_Acl_Role(self::DEMO), self::UNAUTH);
     $this->addRole(new Zend_Acl_Role(self::USER), self::DEMO);
     $this->addRole(new Zend_Acl_Role(self::RESEARCH), self::USER);
     $this->addRole(new Zend_Acl_Role(self::ACADEMIC), self::RESEARCH);
     $this->addRole(new Zend_Acl_Role(self::ADMIN), self::ACADEMIC);
     /* Loads the permissions in a stack with each higher privilege role
      * inheriting the preceding roles privileges. */
     switch ($this->_userRole) {
         case self::ADMIN:
             $this->_loadAclAssoc(self::ADMIN, $this->_adminPages);
             /* Falls through. */
         /* Falls through. */
         case self::ACADEMIC:
             $this->_loadAclAssoc(self::ACADEMIC, $this->_academicPages);
             /* Falls through. */
         /* Falls through. */
         case self::RESEARCH:
             $this->_loadAclAssoc(self::RESEARCH, $this->_researchPages);
             /* Falls through. */
         /* Falls through. */
         case self::USER:
             $this->_loadAclAssoc(self::USER, $this->_userPages);
             /* Falls through. */
         /* Falls through. */
         case self::DEMO:
             $this->_loadAclAssoc(self::DEMO, $this->_demoPages);
             /* Falls through. */
         /* Falls through. */
         case self::UNAUTH:
             $this->_loadAclAssoc(self::UNAUTH, $this->_unAuthPages);
     }
 }
 /**
  * View to make a booking.
  */
 public function indexAction()
 {
     $this->view->headTitle($this->_headPrefix . 'Create Reservations');
     if (($pid = $this->_getParam('pid', 0)) == 0) {
         /* No permission identifier supplied, so back to the queue page. */
         $this->_flashMessenger->addMessage('No permission identifier supplied.');
         $this->_redirectTo('index', 'queue');
     }
     $permissions = Sahara_Soap::getSchedServerPermissionsClient()->getPermissionsForUser(array('userQName' => $this->_auth->getIdentity()));
     $permissions = $permissions->permission;
     if (is_array($permissions)) {
         /* Multiple permissions. */
         foreach ($permissions as $p) {
             if ($p->permission->permissionID == $pid) {
                 $perm = $p->permission;
             }
         }
     } else {
         if ($permissions != NULL) {
             /* Just the one. */
             if ($permissions->permission->permissionID == $pid) {
                 $perm = $permissions->permission;
             }
         }
     }
     /* Make sure the user has the permission. */
     if (!isset($perm)) {
         $this->_logger->warn("Can't book because user " . $this->_auth->getIdentity() . " doesn't have permission " + "with identifier '{$pid}'.");
         $this->_flashMessenger->addMessage("Doesn't have permissions with identifier '{$pid}'.");
         $this->_redirectTo('index', 'queue');
     }
     /* Pre-conditions to display a booking page. This should all be handled
      * by the queue page (i.e. the user should not be allowed to get here,
      * so give them a forcible redirect. */
     if (!$perm->canBook) {
         $this->_logger->warn("Can't book because permission with identifier '{$pid}' does not allow bookings.");
         $this->_flashMessenger->addMessage("Permission with identifier '{$pid}' does not allow bookings.");
         $this->_redirectTo('index', 'queue');
     } else {
         if (Sahara_DateTimeUtil::isBeforeNow($perm->expiry)) {
             $this->_logger->warn("Can't book because permission with identifier '{$pid}' is expired.");
             $this->_flashMessenger->addMessage("Permission with identifier '{$pid}' is expired.");
             $this->_redirectTo('index', 'queue');
         }
     }
     $this->view->permission = $perm;
     $this->view->name = $perm->displayName;
     if (!$this->view->name) {
         $this->view->name = $perm->resource->resourceName;
     }
     /* The start time is which ever of the time horizion or permission start
      * that comes first. */
     $horizon = new DateTime();
     if ($perm->timeHorizon > 0) {
         $horizon->add(new DateInterval('PT' . $perm->timeHorizon . 'S'));
     }
     $start = new DateTime($perm->start);
     if ($start->getTimestamp() < $horizon->getTimestamp()) {
         $start = $horizon;
     }
     $this->view->currentDay = $start->format(self::DATE_FORMAT);
     $end = new DateTime($perm->expiry);
     if ($start->getTimestamp() > $end->getTimestamp()) {
         /* The horizon has moved passed the end of the permission, so no
          * bookings are allowed. */
         $this->view->currentDay = $end->format(self::DATE_FORMAT);
         $this->view->horizonPassed = true;
     }
     $this->view->endDay = $end->format(self::DATE_FORMAT);
     /* More pre-conditions to display a booking page. However, these aren't
      * handled by the queue page, so give a *helpful* warning. */
     $bookingsResponse = Sahara_Soap::getSchedServerBookingsClient()->getBookings(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'showCancelled' => false, 'showFinished' => false));
     $bookings = $bookingsResponse->bookings;
     /* Make sure the user has not exceeded the number of permission allowed
      * bookings. Also we want to annotate the interface with existing bookings
      * so the user may not make concurrent bookings. */
     $this->view->userBookings = array();
     $numBookings = 0;
     if (is_array($bookings)) {
         foreach ($bookings as $b) {
             if ($b->permissionID->permissionID == $pid) {
                 $numBookings++;
             }
             if (strpos($b->startTime, $this->view->currentDay) === 0) {
                 $ss = Sahara_DateTimeUtil::getSlotTimeFromISO8601($b->startTime) - 1;
                 $es = Sahara_DateTimeUtil::getSlotTimeFromISO8601($b->endTime);
                 while (++$ss < $es) {
                     array_push($this->view->userBookings, $ss);
                 }
             }
         }
     } else {
         if ($bookings != NULL) {
             if ($bookings->permissionID->permissionID == $pid) {
                 $numBookings++;
             }
             if (strpos($bookings->startTime, $this->view->currentDay) === 0) {
                 $ss = Sahara_DateTimeUtil::getSlotTimeFromISO8601($bookings->startTime) - 1;
                 $es = Sahara_DateTimeUtil::getSlotTimeFromISO8601($bookings->endTime);
                 while (++$ss < $es) {
                     array_push($this->view->userBookings, $ss);
                 }
             }
         }
     }
     $this->view->numBookings = $numBookings;
     /* Timezone information. */
     // TODO Cache timezone results
     $this->view->tz = Sahara_Soap::getSchedServerBookingsClient()->getTimezoneProfiles();
     $tzOff = ($this->view->tz->offsetFromUTC >= 0 ? '+' : '-') . Sahara_DateTimeUtil::zeroPad(floor(abs($this->view->tz->offsetFromUTC) / 3600)) . ':' . Sahara_DateTimeUtil::zeroPad(floor(abs($this->view->tz->offsetFromUTC) % 3600 / 60));
     $freeTimes = Sahara_Soap::getSchedServerBookingsClient()->findFreeBookings(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'permissionID' => array('permissionID' => $perm->permissionID), 'period' => array('startTime' => $this->view->currentDay . 'T00:00:00' . $tzOff, 'endTime' => $this->view->currentDay . 'T23:59:59' . $tzOff)));
     $freeTimes = $freeTimes->bookingSlot;
     $this->view->slots = array();
     $this->view->numSlots = 24 * 60 * 60 / self::SLOT_DURATION;
     $this->view->midSlot = $this->view->numSlots / 2;
     if (is_array($freeTimes)) {
         foreach ($freeTimes as $t) {
             $this->view->slots[Sahara_DateTimeUtil::getSlotTimeFromISO8601($t->slot->startTime)] = $t->state;
         }
     } else {
         if ($freeTimes != NULL) {
             $this->view->slots[Sahara_DateTimeUtil::getSlotTimeFromISO8601($freeTimes->slot->startTime)] = $freeTimes->state;
         } else {
             /* For some reason the resource free times response didn't actually
              * provide any times. We will assume we are in a no-permission
              * range. */
             $this->view->slots[0] = 'NOPERMISSION';
         }
     }
     /* Presentation configuration. */
     $this->view->showTzButton = $this->_config->bookings->addTzButton;
     $this->view->dateFormat = $this->_config->bookings->dateFormat;
 }
 /**
  * Action that unlocks a permission.
  */
 public function unlockAction()
 {
     /* Disable view renderer and layout. */
     $this->_helper->viewRenderer->setNoRender();
     $this->_helper->layout()->disableLayout();
     $params = $this->_request->getParams();
     $client = Sahara_Soap::getSchedServerPermissionsClient();
     $response = $client->unlockUserLock(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'permissionID' => array('permissionID' => $params['permission']), 'lockKey' => $params['passkey']));
     echo $this->view->json(array('successful' => $response->successful));
 }