Exemple #1
0
 public static function createVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message, &$output = "")
 {
     $vappliance = VoAdmin::getVAppliance($vappliance);
     $user = VoAdmin::getUser($user);
     $vos = self::normalizeVOs($vos);
     $isvalid = self::validateRequest($user, $vappliance, $notificationtype, $vos, $subject, $message);
     if ($isvalid !== true) {
         return $isvalid;
     }
     $notification = self::getNotificationMessage($user, $vappliance, $notificationtype, $vos, $subject, $message);
     $notification["recipients"] = VoAdmin::getRecipientsPerVO($vos);
     $notification["useremail"] = $user->getPrimaryContact();
     $notification["username"] = $user->firstname . " " . $user->lastname;
     $output = $notification;
     return true;
 }
 public function isloggedinAction()
 {
     if (trim($_SERVER['REQUEST_METHOD']) === "GET") {
         if ($this->session->isLocked()) {
             $this->session->unLock();
         }
         session_write_close();
     }
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
     $res = "0";
     header('Access-Control-Allow-Origin: *');
     if ($this->session && isset($this->session->developsession) && $this->session->developsession === true) {
         if ($this->session->userid) {
             $res = "1";
         }
     }
     if ($res === "0") {
         $source = SamlAuth::isAuthenticated();
     }
     if ($source !== false) {
         $res = "1";
         if (isset($_GET['profile']) && $_GET['profile'] === 'attributes' && $this->isAllowedProfileDataDomain()) {
             header('Content-type: application/json');
             $attrs = $source->getAttributes();
             if ($attrs && count($attrs) > 0) {
                 $sourceIdentifier = false;
                 $uid = false;
                 $userAccount = false;
                 try {
                     if (isset($attrs['idp:sourceIdentifier']) && count($attrs['idp:sourceIdentifier']) === 1) {
                         $sourceIdentifier = $attrs['idp:sourceIdentifier'][0];
                         $sourceIdentifier = str_replace('-sp', '', $sourceIdentifier);
                     }
                     if (isset($attrs['idp:uid']) && count($attrs['idp:uid']) === 1) {
                         $uid = $attrs['idp:uid'][0];
                     }
                     if ($sourceIdentifier && $uid) {
                         $userAccount = SamlAuth::getUserAccount($uid, $sourceIdentifier);
                     }
                     if ($userAccount) {
                         $attrs['entitlements'] = array('vo' => array('memberships' => VoAdmin::getUserMembership($userAccount->researcherid)));
                     }
                 } catch (Exception $ex) {
                 }
             }
             echo json_encode($attrs);
             return;
         }
     }
     echo $res;
 }
 public function contactvosAction()
 {
     $this->_helper->layout->disableLayout();
     $vappid = isset($_GET["id"]) && is_numeric($_GET["id"]) ? trim($_GET["id"]) : 0;
     $isget = $_SERVER['REQUEST_METHOD'] === "GET" ? true : false;
     $ispost = $_SERVER['REQUEST_METHOD'] === "POST" ? true : false;
     $vappliance = VoAdmin::getVAppliance($vappid);
     $vappversion = VoAdmin::getVAppVersion($vappliance);
     $user = VoAdmin::getUser($this->session->userid);
     $canmanagevas = false;
     if ($user !== null && $vappliance !== null) {
         $privs = $user->getPrivs();
         if ($privs !== null && $privs->canManageVAs($vappliance->guid)) {
             $canmanagevas = true;
         }
     }
     if ($vappid <= 0 || $vappliance === null || $user === null || $canmanagevas === false || $isget === false && $ispost === false) {
         $this->_helper->viewRenderer->setNoRender();
         header('HTTP/1.0 404 Not Found');
         header("Status: 404 Not Found");
         return;
     }
     if ($isget === true) {
         $this->view->volist = VoAdmin::getEndorsedVos($vappliance, true);
         return;
     }
     $this->_helper->viewRenderer->setNoRender();
     $notificationtype = isset($_POST["notificationtype"]) ? trim($_POST["notificationtype"]) : "";
     $subject = isset($_POST["subject"]) ? trim($_POST["subject"]) : "";
     $message = isset($_POST["message"]) ? trim($_POST["message"]) : "";
     $vos = isset($_POST["vos"]) ? $_POST["vos"] : "[]";
     $vos = json_decode($vos);
     $preview = isset($_POST["preview"]) ? trim($_POST["preview"]) : "false";
     $preview = $preview === "true" ? true : false;
     $output = array();
     if ($preview === true) {
         $result = VoContact::createVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message, $output);
         if ($result !== true) {
             if ($result === false) {
                 $result = "Could not create notification";
             }
             echo "<response error='" . $result . "' ></response>";
         } else {
             echo "<response success='true'>";
             echo "<message>" . htmlentities($output["message"]) . "</message>";
             echo "<from name='" . htmlentities($output["username"]) . "' email='" . htmlentities($output["useremail"]) . "'></from>";
             if (userIsAdminOrManager($user->id) === true && isset($output["recipients"])) {
                 echo "<vorecipients>";
                 foreach ($output["recipients"] as $rec) {
                     echo "<vo id='" . htmlentities($rec["void"]) . "' name='" . htmlentities($rec["vo"]) . "' >";
                     foreach ($rec["contacts"] as $cont) {
                         echo "<contact name='" . htmlentities($cont["name"]) . "' email='" . htmlentities($cont["email"]) . "' role='" . htmlentities($cont["role"]) . "' ></contact>";
                     }
                     echo "</vo>";
                 }
                 echo "</vorecipients>";
             }
             echo "</response>";
         }
     } else {
         $result = VoContact::sendVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message);
         if ($result === true) {
             echo "<response success='true'></response>";
         } else {
             if ($result === false) {
                 $result = "Could not create notification";
             }
             echo "<response error='" . $result . "' ></response>";
         }
     }
 }
 public function detailsAction()
 {
     $pplID = $this->_getParam("id");
     trackPage('/people/details?id=' . $pplID, $this->_getParam("format"));
     if ($pplID == '') {
         $pplID = $this->session->lastPplID;
     }
     $this->_helper->layout->disableLayout();
     $ppl = new Default_Model_Researchers();
     if ($this->session->userid !== null) {
         if (userIsAdminOrManager($this->session->userid)) {
             $ppl->viewModerated = true;
         }
     }
     if ($this->_getParam("id") == "0") {
         $this->view->entry = new Default_Model_Researcher();
         $this->view->entry->countryID = '0';
     } else {
         if (is_numeric($pplID) === true) {
             $ppl->filter->id->equals($pplID);
         } else {
             if (substr($pplID, 0, 2) === "s:") {
                 $pplCname = substr($pplID, 2);
                 $ppl->filter->cname->ilike($pplCname);
             }
         }
         $ppl->refresh($this->_getParam('format'), $this->_getParam('userid'));
         if (count($ppl->items) > 0) {
             $this->view->entry = $ppl->items[0];
             $pplID = $this->view->entry->id;
         }
         // BEGIN: API logging hack
         $cid = 0;
         // clientID: 0 --> appDB portal
         if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != '') {
             $src = "'" . $_SERVER['REMOTE_ADDR'] . "'";
         } else {
             $src = '';
         }
         if (is_numeric($this->session->userid) && $this->view->entry) {
             // only log if we have a valid userid
             $sql = "INSERT INTO ppl_api_log (pplid, timestamp, researcherid, source, ip) VALUES (" . $pplID . ", NOW(), " . $this->session->userid . ", " . $cid . ", " . $src . ");";
             db()->query($sql)->fetchAll();
         }
         // END: API logging hack
         if (isnull($this->view->entry->image) === false) {
             $this->view->image = "/people/getimage?id=" . $this->view->entry->id . "&req=" . urlencode($this->view->entry->lastUpdated);
         }
     }
     $this->view->dialogCount = $_GET['dc'];
     $this->view->positionTypes = new Default_Model_PositionTypes();
     $this->view->positionTypes->filter->orderBy('ord');
     $this->view->countries = new Default_Model_Countries();
     $this->view->countries->filter->orderBy('name');
     $this->view->contactTypes = new Default_Model_ContactTypes();
     if (isnull($this->_getParam("tab")) == false) {
         $this->view->selectedTab = $this->_getParam("tab");
     }
     $this->view->session = $this->session;
     if ($this->session->username !== null && $this->session->userid !== null) {
         $users = new Default_Model_Researchers();
         $users->filter->id->equals($this->session->userid);
         $this->view->user = $users->items[0];
     } else {
         $this->view->user = null;
     }
     //Setup vo membership data
     $this->view->entryVoMemberShip = "[]";
     $this->view->entryRelationsXml = EntityRelations::relationsToXml($this->view->entry->guid);
     if (is_null($this->view->entry) === false && is_numeric($this->view->entry->id) && intval($this->view->entry->id) > 0) {
         $this->view->entryVoMemberShip = html_entity_decode(VoAdmin::getUserMembership($this->view->entry, true));
     }
 }
Exemple #5
0
 public function voimageAction()
 {
     $this->_helper->layout->disableLayout();
     $this->_helper->viewRenderer->setNoRender();
     $format = $this->getRequest()->getParam("format");
     $guid = trim($this->getRequest()->getParam("guid"));
     $accesstoken = trim($this->getRequest()->getParam("accesstoken"));
     $strict = isset($_GET["strict"]) ? true : false;
     if ($format === null || $format === "json") {
         header('Content-type: application/json');
     } else {
         if ($format === "xml") {
             header('Content-type: application/xml');
         }
     }
     if ($guid !== "") {
         $imageid = null;
         if (strpos($guid, ":") !== false) {
             $tmp = explode(":", $guid);
             if (count($tmp) > 1) {
                 $guid = $tmp[0];
                 $imageid = $tmp[1];
             }
         }
         if ($imageid !== null) {
             $result = VoAdmin::getImageInfoById($imageid, $guid, $strict);
         } else {
             $result = VoAdmin::getImageInfoByIdentifier($guid);
         }
         $canaccessvadata = false;
         if ($result !== null) {
             $result["isprivateimage"] = false;
             $result["canaccessprivate"] = true;
             $vapp = $result["va"];
             if ($vapp->imglstprivate) {
                 $result["isprivateimage"] = true;
                 $result["canaccessprivate"] = false;
                 $vapp = $result["va"];
                 $app = $vapp->getApplication();
                 if ($privs !== null) {
                     $canaccessvadata = $privs->canAccessVAPrivateData($app->guid);
                 }
                 $result["canaccessprivate"] = $canaccessvadata;
             }
         }
         if ($result !== null && isset($result['image'])) {
             $im = $result['image'];
             $result['sites'] = VMCaster::getSitesByVMI($im->guid, $im->id);
         }
         if ($result !== null && $format == null) {
             //UI call
             $result["result"] = "success";
             $va = $result["va"];
             $app = $va->getApplication();
             $version = $result["version"];
             $image = $result["image"];
             $vo = $result["vo"];
             $voimage = $result["voimage"];
             $voimagelist = $result["voimagelist"];
             $result["app"] = array("id" => $app->id, "name" => $app->name, "cname" => $app->cname);
             $result["va"] = array("id" => $va->id);
             $result["version"] = array("id" => $version->id, "version" => $version->version, "published" => $version->published, "archived" => $version->archived, "enabled" => $version->enabled);
             $result["image"] = array("id" => $image->id, "identifier" => $voimage->guid, "baseidentifier" => $image->guid);
             $result["vo"] = array("id" => $vo->id, "name" => $vo->name, "domain" => $vo->domain->name);
             $result["voimagelist"] = array("id" => $voimagelist->id, "state" => $voimagelist->state);
             $result["voimage"] = array("id" => $voimage->id, "state" => $voimage->state);
             echo json_encode($result, JSON_HEX_TAG | JSON_NUMERIC_CHECK);
             return;
         } else {
             if ($format !== null) {
                 if ($result !== null) {
                     $result = VMCaster::convertImage($result, $format);
                 }
                 if ($result !== null) {
                     echo $result;
                 } else {
                     header('HTTP/1.0 404 Not Found');
                     header("Status: 404 Not Found");
                 }
                 return;
             }
         }
     }
     echo json_encode(array("result" => "error", "message" => "Image not found"));
 }