public function execute()
{
$email = @$_GET['email'];
$screenName = @$_GET['screen_name'];
$partner_id = $this->getP('partner_id', null);
if ($partner_id === null) {
header("Location: /index.php/kmc/varlogin");
die;
}
sfView::SUCCESS;
$this->me = PartnerPeer::retrieveByPK($this->getP('partner_id', null));
if (!$this->me || $this->me->getPartnerGroupType() != PartnerGroupType::VAR_GROUP) {
die('You are not an wuthorized VAR. If you are a VAR, Please contact us at support@kaltura.com');
}
$ks = kSessionUtils::crackKs($this->getP('ks'));
$user = $ks->user;
$res = kSessionUtils::validateKSession2(kSessionUtils::REQUIED_TICKET_ADMIN, $partner_id, $user, $this->getP('ks'), $ks);
if ($res != ks::OK) {
header("Location: /index.php/kmc/varlogin");
die;
}
$c = new Criteria();
$c->addAnd(PartnerPeer::PARTNER_PARENT_ID, $this->me->getId());
// add extra filtering if required
//$c->addAnd(PartnerPeer::STATUS, 1);
$partners = PartnerPeer::doSelect($c);
$this->partners = array();
$partner_id_param_name = 'pid';
$subpid_param_name = 'subpid';
if ($this->me->getKmcVersion() == 1) {
$partner_id_param_name = 'partner_id';
$subpid_param_name = 'subp_id';
}
$kmc2Query = '?' . $partner_id_param_name . '=' . $this->me->getId() . '&' . $subpid_param_name . '=' . $this->me->getId() * 100 . '&ks=' . $_GET['ks'] . '&email=' . $email . '&screen_name=' . $screenName;
$this->varKmcUrl = 'http://' . kConf::get('www_host') . '/index.php/kmc/kmc' . $this->me->getKmcVersion() . $kmc2Query;
foreach ($partners as $partner) {
$ks = null;
kSessionUtils::createKSessionNoValidations($partner->getId(), $partner->getAdminUserId(), $ks, 30 * 86400, 2, "", "*");
$adminUser_email = $partner->getAdminEmail();
$partner_id_param_name = 'pid';
$subpid_param_name = 'subpid';
if ($partner->getKmcVersion() == 1) {
$partner_id_param_name = 'partner_id';
$subpid_param_name = 'subp_id';
}
$kmc2Query = '?' . $partner_id_param_name . '=' . $partner->getId() . '&' . $subpid_param_name . '=' . $partner->getId() * 100 . '&ks=' . $ks . '&email=' . $adminUser_email . '&screen_name=varAdmin';
//$kmcLink = url_for('index.php/kmc/kmc2'.$kmc2Query);
// $kmcLink = 'http://'.kConf::get('www_host').'/index.php/kmc/kmc'.$partner->getKmcVersion().$kmc2Query;
$kmcLink = 'http://' . kConf::get('www_host') . "/index.php/kmc/extlogin?ks={$ks}&partner_id=" . $partner->getId();
$this->partners[$partner->getId()] = array('name' => $partner->getPartnerName(), 'kmcLink' => $kmcLink);
}
}
public function execute()
{
$this->ks = $this->getP("ks");
$this->partner_id = $this->getP("partner_id");
if (!$this->ks) {
$ks = null;
$this->partner_id = 0;
kSessionUtils::createKSessionNoValidations($this->partner_id, 0, $ks, 8640000, true, "", "");
$this->ks = $ks;
}
$this->subp_id = $this->getP("subp_id");
$this->uid = $this->getP("uid");
$this->screen_name = $this->getP("screen_name");
$this->email = $this->getP("email");
$this->beta = $this->getRequestParameter("beta");
sfView::SUCCESS;
}
public function executeImpl($partner_id, $subp_id, $puser_id, $partner_prefix, $puser_kuser)
{
// make sure the secret fits the one in the partner's table
$ks_str = "";
$expiry = $this->getP("expiry", 86400);
$widget_id = $this->getPM("widget_id");
$widget = widgetPeer::retrieveByPK($widget_id);
if (!$widget) {
$this->addError(APIErrors::INVALID_WIDGET_ID, $widget_id);
return;
}
$partner_id = $widget->getPartnerId();
$partner = PartnerPeer::retrieveByPK($partner_id);
// TODO - see how to decide if the partner has a URL to redirect to
// according to the partner's policy and the widget's policy - define the privileges of the ks
// TODO - decide !! - for now only view - any kshow
$privileges = "view:*,widget:1";
if ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS) {
if (!$this->ks) {
// the one from the defPartnerservices2Action
$this->addException(APIErrors::MISSING_KS);
}
$ks_str = $this->getP("ks");
$widget_partner_id = $widget->getPartnerId();
$res = kSessionUtils::validateKSession2(1, $widget_partner_id, $puser_id, $ks_str, $this->ks);
if (0 >= $res) {
// chaned this to be an exception rather than an error
$this->addException(APIErrors::INVALID_KS, $ks_str, $res, ks::getErrorStr($res));
}
} else {
// the session will be for NON admins and privileges of view only
$puser_id = 0;
$result = kSessionUtils::createKSessionNoValidations($partner_id, $puser_id, $ks_str, $expiry, false, "", $privileges);
}
if ($result >= 0) {
$this->addMsg("ks", $ks_str);
$this->addMsg("partner_id", $partner_id);
$this->addMsg("subp_id", $widget->getSubpId());
$this->addMsg("uid", "0");
} else {
// TODO - see that there is a good error for when the invalid login count exceed s the max
$this->addError(APIErrors::START_WIDGET_SESSION_ERROR, $widget_id);
}
}
/**
* Will forward to the regular swf player according to the widget_id
*/
public function execute()
{
$uv_cookie = @$_COOKIE['uv'];
if (strlen($uv_cookie) != 35) {
$uv_cookie = "uv_" . md5(uniqid(rand(), true));
}
setrawcookie('uv', $uv_cookie, time() + 3600 * 24 * 365, '/');
// check if this is a request for the kdp without a wrapper
// in case of an application loading the kdp (e.g. kmc)
$nowrapper = $this->getRequestParameter("nowrapper", false);
// allow caching if either the cache start time (cache_st) parameter
// wasn't specified or if it is past the specified time
$cache_st = $this->getRequestParameter("cache_st");
$allowCache = !$cache_st || $cache_st < time();
$referer = @$_SERVER['HTTP_REFERER'];
$externalInterfaceDisabled = strstr($referer, "bebo.com") === false && strstr($referer, "myspace.com") === false && strstr($referer, "current.com") === false && strstr($referer, "myyearbook.com") === false && strstr($referer, "facebook.com") === false && strstr($referer, "friendster.com") === false ? "" : "&externalInterfaceDisabled=1";
// if there is no wrapper the loader is responsible for setting extra params to the kdp
$noncached_params = "";
if (!$nowrapper) {
$noncached_params = $externalInterfaceDisabled . "&referer=" . urlencode($referer);
}
$protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? "https" : "http";
$requestKey = $protocol . $_SERVER["REQUEST_URI"];
// check if we cached the redirect url
$cache = new myCache("kwidget", 10 * 60);
// 10 minutes
$cachedResponse = $cache->get($requestKey);
if ($allowCache && $cachedResponse) {
header("X-Kaltura:cached-action");
header("Expires: Sun, 19 Nov 2000 08:52:00 GMT");
header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0");
header("Pragma: no-cache");
header("Location:{$cachedResponse}" . $noncached_params);
die;
}
// check if we cached the patched swf with flashvars
$cache_swfdata = new myCache("kwidgetswf", 10 * 60);
// 10 minutes
$cachedResponse = $cache_swfdata->get($requestKey);
if ($allowCache && $cachedResponse) {
header("X-Kaltura:cached-action");
requestUtils::sendCdnHeaders("swf", strlen($cachedResponse), 60 * 10);
echo $cachedResponse;
die;
}
$widget_id = $this->getRequestParameter("wid");
$show_version = $this->getRequestParameter("v");
$debug_kdp = $this->getRequestParameter("debug_kdp", false);
$widget = widgetPeer::retrieveByPK($widget_id);
if (!$widget) {
die;
}
// because of the routing rule - the entry_id & kmedia_type WILL exist. be sure to ignore them if smaller than 0
$kshow_id = $widget->getKshowId();
$entry_id = $widget->getEntryId();
$gallery_widget = !$kshow_id && !$entry_id;
if (!$entry_id) {
$entry_id = -1;
}
if ($widget->getSecurityType() != widget::WIDGET_SECURITY_TYPE_TIMEHASH) {
// try eid - if failed entry_id
$eid = $this->getRequestParameter("eid", $this->getRequestParameter("entry_id"));
// try kid - if failed kshow_id
$kid = $this->getRequestParameter("kid", $this->getRequestParameter("kshow_id"));
if ($eid != null) {
$entry_id = $eid;
} elseif ($kid != null) {
$kshow_id = $kid;
}
}
if ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_MATCH_IP) {
$allowCache = false;
// here we'll attemp to match the ip of the request with that from the customData of the widget
$custom_data = $widget->getCustomData();
$valid_country = false;
if ($custom_data) {
// in this case the custom_data should be of format:
// valid_county_1,valid_country_2,...,valid_country_n;falback_entry_id
$arr = explode(";", $custom_data);
$countries_str = $arr[0];
$fallback_entry_id = isset($arr[1]) ? $arr[1] : null;
$fallback_kshow_id = isset($arr[2]) ? $arr[2] : null;
$current_country = "";
$valid_country = requestUtils::matchIpCountry($countries_str, $current_country);
if (!$valid_country) {
KalturaLog::log("kwidgetAction: Attempting to access widget [{$widget_id}] and entry [{$entry_id}] from country [{$current_country}]. Retrning entry_id: [{$fallback_entry_id}] kshow_id [{$fallback_kshow_id}]");
$entry_id = $fallback_entry_id;
$kshow_id = $fallback_kshow_id;
}
}
} elseif ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS) {
}
$kmedia_type = -1;
// support either uiconf_id or ui_conf_id
$uiconf_id = $this->getRequestParameter("uiconf_id");
if (!$uiconf_id) {
$uiconf_id = $this->getRequestParameter("ui_conf_id");
}
if ($uiconf_id) {
$widget_type = $uiconf_id;
$uiconf_id_str = "&uiconf_id={$uiconf_id}";
} else {
$widget_type = $widget->getUiConfId();
$uiconf_id_str = "";
}
if (empty($widget_type)) {
$widget_type = 3;
}
$kdata = $widget->getCustomData();
$partner_host = myPartnerUtils::getHost($widget->getPartnerId());
$partner_cdnHost = myPartnerUtils::getCdnHost($widget->getPartnerId());
$host = $partner_host;
if ($widget_type == 10) {
$swf_url = $host . "/swf/weplay.swf";
} else {
$swf_url = $host . "/swf/kplayer.swf";
}
$partner_id = $widget->getPartnerId();
$subp_id = $widget->getSubpId();
if (!$subp_id) {
$subp_id = 0;
}
$uiConf = uiConfPeer::retrieveByPK($widget_type);
// new ui_confs which are deleted should stop the script
// the check for >100000 is for supporting very old mediawiki and such players
if (!$uiConf && $widget_type > 100000) {
die;
}
if ($uiConf) {
$ui_conf_swf_url = $uiConf->getSwfUrl();
if (kString::beginsWith($ui_conf_swf_url, "http")) {
$swf_url = $ui_conf_swf_url;
// absolute URL
} else {
$use_cdn = $uiConf->getUseCdn();
$host = $use_cdn ? $partner_cdnHost : $partner_host;
$swf_url = $host . myPartnerUtils::getUrlForPartner($partner_id, $subp_id) . $ui_conf_swf_url;
}
if ($debug_kdp) {
$swf_url = str_replace("/kdp/", "/kdp_debug/", $swf_url);
}
}
if ($show_version < 0) {
$show_version = null;
}
$ip = requestUtils::getRemoteAddress();
// to convert back, use long2ip
// the widget log should change to reflect the new data, but for now - i used $widget_id instead of the widgget_type
// WidgetLog::createWidgetLog( $referer , $ip , $kshow_id , $entry_id , $kmedia_type , $widget_id );
if ($entry_id == -1) {
$entry_id = null;
}
$kdp3 = false;
$base_wrapper_swf = myContentStorage::getFSFlashRootPath() . "/kdpwrapper/" . kConf::get('kdp_wrapper_version') . "/kdpwrapper.swf";
$widgetIdStr = "widget_id={$widget_id}";
$partnerIdStr = "partner_id={$partner_id}&subp_id={$subp_id}";
if ($uiConf) {
$ks_flashvars = "";
$conf_vars = $uiConf->getConfVars();
if ($conf_vars) {
$conf_vars = "&" . $conf_vars;
}
$wrapper_swf = $base_wrapper_swf;
$partner = PartnerPeer::retrieveByPK($partner_id);
if ($partner) {
$partner_type = $partner->getType();
}
if (version_compare($uiConf->getSwfUrlVersion(), "3.0", ">=")) {
$kdp3 = true;
// further in the code, $wrapper_swf is being used and not $base_wrapper_swf
$wrapper_swf = $base_wrapper_swf = myContentStorage::getFSFlashRootPath() . '/kdp3wrapper/' . kConf::get('kdp3_wrapper_version') . '/kdp3wrapper.swf';
$widgetIdStr = "widgetId={$widget_id}";
$uiconf_id_str = "&uiConfId={$uiconf_id}";
$partnerIdStr = "partnerId={$partner_id}&subpId={$subp_id}";
}
// if we are loaded without a wrapper (directly in flex)
// 1. dont create the ks - keep url the same for caching
// 2. dont patch the uiconf - patching is done only to wrapper anyway
if ($nowrapper) {
$dynamic_date = $widgetIdStr . "&host=" . str_replace("http://", "", str_replace("https://", "", $partner_host)) . "&cdnHost=" . str_replace("http://", "", str_replace("https://", "", $partner_cdnHost)) . $uiconf_id_str . $conf_vars;
$url = "{$swf_url}?{$dynamic_date}";
} else {
// if kdp version >= 2.5
if (version_compare($uiConf->getSwfUrlVersion(), "2.5", ">=")) {
// create an anonymous session
$ks = "";
$result = kSessionUtils::createKSessionNoValidations($partner_id, 0, $ks, 86400, false, "", "view:*");
$ks_flashvars = "&{$partnerIdStr}&uid=0&ts=" . microtime(true);
if ($widget->getSecurityType() != widget::WIDGET_SECURITY_TYPE_FORCE_KS) {
$ks_flashvars = "&ks={$ks}" . $ks_flashvars;
}
// patch kdpwrapper with getwidget and getuiconf
$root = myContentStorage::getFSContentRootPath();
$confFile_mtime = $uiConf->getUpdatedAt(null);
$new_swf_path = "widget_{$widget_id}_{$widget_type}_{$confFile_mtime}_" . md5($base_wrapper_swf . $swf_url) . ".swf";
$md5 = md5($new_swf_path);
$new_swf_path = "content/cacheswf/" . substr($md5, 0, 2) . "/" . substr($md5, 2, 2) . "/" . $new_swf_path;
$cached_swf = "{$root}/{$new_swf_path}";
if (!file_exists($cached_swf) || filemtime($cached_swf) < $confFile_mtime) {
kFile::fullMkdir($cached_swf);
require_once SF_ROOT_DIR . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . "api_v3" . DIRECTORY_SEPARATOR . "bootstrap.php";
$dispatcher = KalturaDispatcher::getInstance();
try {
$widget_result = $dispatcher->dispatch("widget", "get", array("ks" => $ks, "id" => $widget_id));
$ui_conf_result = $dispatcher->dispatch("uiConf", "get", array("ks" => $ks, "id" => $widget_type));
} catch (Exception $ex) {
die;
}
$serializer = new KalturaXmlSerializer(false);
$serializer->serialize($widget_result);
$widget_xml = $serializer->getSerializedData();
$serializer = new KalturaXmlSerializer(false);
$serializer->serialize($ui_conf_result);
$ui_conf_xml = $serializer->getSerializedData();
$patcher = new kPatchSwf($root . $base_wrapper_swf);
$result = "<xml><result>{$widget_xml}</result><result>{$ui_conf_xml}</result></xml>";
$patcher->patch($result, $cached_swf);
}
if (file_exists($cached_swf)) {
$wrapper_swf = $new_swf_path;
}
}
$kdp_version_2 = strpos($swf_url, "kdp/v2.") > 0;
if ($partner_host == "http://www.kaltura.com" && !$kdp_version_2 && !$kdp3) {
$partner_host = 1;
// otherwise the kdp will try going to cdnwww.kaltura.com
}
$track_wrapper = '';
if (kConf::get('track_kdpwrapper') && kConf::get('kdpwrapper_track_url')) {
$track_wrapper = "&wrapper_tracker_url=" . urlencode(kConf::get('kdpwrapper_track_url') . "?activation_key=" . kConf::get('kaltura_activation_key') . "&package_version=" . kConf::get('kaltura_version'));
}
$dynamic_date = $widgetIdStr . $track_wrapper . "&kdpUrl=" . urlencode($swf_url) . "&host=" . str_replace("http://", "", str_replace("https://", "", $partner_host)) . "&cdnHost=" . str_replace("http://", "", str_replace("https://", "", $partner_cdnHost)) . ($show_version ? "&entryVersion={$show_version}" : "") . ($kshow_id ? "&kshowId={$kshow_id}" : "") . ($entry_id ? "&entryId={$entry_id}" : "") . $uiconf_id_str . $ks_flashvars . ($cache_st ? "&clientTag=cache_st:{$cache_st}" : "") . $conf_vars;
// for now changed back to $host since kdp version prior to 1.0.15 didnt support loading by external domain kdpwrapper
$url = $host . myPartnerUtils::getUrlForPartner($partner_id, $subp_id) . "/{$wrapper_swf}?{$dynamic_date}";
// patch wrapper with flashvars and dump to browser
if (version_compare($uiConf->getSwfUrlVersion(), "2.6.6", ">=")) {
$patcher = new kPatchSwf($root . $wrapper_swf, "KALTURA_FLASHVARS_DATA");
ob_start();
$patcher->patch($dynamic_date . "&referer=" . urlencode($referer));
$wrapper_data = ob_get_contents();
ob_end_clean();
requestUtils::sendCdnHeaders("swf", strlen($wrapper_data), $allowCache ? 60 * 10 : 0);
echo $wrapper_data;
if ($allowCache) {
$cache_swfdata->put($requestKey, $wrapper_data);
}
die;
}
}
} else {
$dynamic_date = "kshowId={$kshow_id}" . "&host=" . requestUtils::getRequestHostId() . ($show_version ? "&entryVersion={$show_version}" : "") . ($entry_id ? "&entryId={$entry_id}" : "") . ($entry_id ? "&KmediaType={$kmedia_type}" : "");
$dynamic_date .= "&isWidget={$widget_type}&referer=" . urlencode($referer);
$dynamic_date .= "&kdata={$kdata}";
$url = "{$swf_url}?{$dynamic_date}";
}
// if referer has a query string an IE bug will prevent out flashvars to propagate
// when nowrapper is true we cant use /swfparams either as there isnt a kdpwrapper
if (!$nowrapper && $uiConf && version_compare($uiConf->getSwfUrlVersion(), "2.6.6", ">=")) {
// apart from the /swfparam/ format, add .swf suffix to the end of the stream in case
// a corporate firewall looks at the file suffix
$pos = strpos($url, "?");
$url = substr($url, 0, $pos) . "/swfparams/" . urlencode(substr($url, $pos + 1)) . ".swf";
}
if ($allowCache) {
$cache->put($requestKey, $url);
}
if (strpos($url, "/swfparams/") > 0) {
$url = substr($url, 0, -4) . urlencode($noncached_params) . ".swf";
} else {
$url .= $noncached_params;
}
$this->redirect($url);
}
/**
* Retrieve partner secret and admin secret
*
* @action getSecrets
* @param int $partnerId
* @param string $adminEmail
* @param string $cmsPassword
* @return KalturaPartner
*
*
* @throws APIErrors::ADMIN_KUSER_NOT_FOUND
*/
public function getSecretsAction($partnerId, $adminEmail, $cmsPassword)
{
KalturaResponseCacher::disableCache();
$adminKuser = null;
try {
$adminKuser = UserLoginDataPeer::userLoginByEmail($adminEmail, $cmsPassword, $partnerId);
} catch (kUserException $e) {
throw new KalturaAPIException(APIErrors::ADMIN_KUSER_NOT_FOUND, "The data you entered is invalid");
}
if (!$adminKuser || !$adminKuser->getIsAdmin()) {
throw new KalturaAPIException(APIErrors::ADMIN_KUSER_NOT_FOUND, "The data you entered is invalid");
}
KalturaLog::log("Admin Kuser found, going to validate password", KalturaLog::INFO);
// user logged in - need to re-init kPermissionManager in order to determine current user's permissions
$ks = null;
kSessionUtils::createKSessionNoValidations($partnerId, $adminKuser->getPuserId(), $ks, 86400, $adminKuser->getIsAdmin(), "", '*');
kCurrentContext::initKsPartnerUser($ks);
kPermissionManager::init();
$dbPartner = PartnerPeer::retrieveByPK($partnerId);
$partner = new KalturaPartner();
$partner->fromPartner($dbPartner);
$partner->cmsPassword = $cmsPassword;
return $partner;
}
/**
* Start a session for Kaltura's flash widgets
*
* @action startWidgetSession
* @param string $widgetId
* @param int $expiry
*
* @throws APIErrors::INVALID_WIDGET_ID
* @throws APIErrors::MISSING_KS
* @throws APIErrors::INVALID_KS
* @throws APIErrors::START_WIDGET_SESSION_ERROR
* @return KalturaStartWidgetSessionResponse
*/
function startWidgetSession($widgetId, $expiry = 86400)
{
// make sure the secret fits the one in the partner's table
$ksStr = "";
$widget = widgetPeer::retrieveByPK($widgetId);
if (!$widget) {
throw new KalturaAPIException(APIErrors::INVALID_WIDGET_ID, $widgetId);
}
$partnerId = $widget->getPartnerId();
//$partner = PartnerPeer::retrieveByPK( $partner_id );
// TODO - see how to decide if the partner has a URL to redirect to
// according to the partner's policy and the widget's policy - define the privileges of the ks
// TODO - decide !! - for now only view - any kshow
$privileges = "view:*,widget:1";
if (PermissionPeer::isValidForPartner(PermissionName::FEATURE_ENTITLEMENT, $partnerId) && !$widget->getEnforceEntitlement() && $widget->getEntryId()) {
$privileges .= ',' . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT_FOR_ENTRY . ':' . $widget->getEntryId();
}
if (PermissionPeer::isValidForPartner(PermissionName::FEATURE_ENTITLEMENT, $partnerId) && !is_null($widget->getPrivacyContext()) && $widget->getPrivacyContext() != '') {
$privileges .= ',' . kSessionBase::PRIVILEGE_PRIVACY_CONTEXT . ':' . $widget->getPrivacyContext();
}
$userId = 0;
/*if ( $widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS )
{
$user = $this->getKuser();
if ( ! $this->getKS() )// the one from the base class
throw new KalturaAPIException ( APIErrors::MISSING_KS );
$widget_partner_id = $widget->getPartnerId();
$res = kSessionUtils::validateKSession2 ( 1 ,$widget_partner_id , $user->getId() , $ks_str , $this->ks );
if ( 0 >= $res )
{
// chaned this to be an exception rather than an error
throw new KalturaAPIException ( APIErrors::INVALID_KS , $ks_str , $res , ks::getErrorStr( $res ));
}
}
else
{*/
// the session will be for NON admins and privileges of view only
$result = kSessionUtils::createKSessionNoValidations($partnerId, $userId, $ksStr, $expiry, false, "", $privileges);
//}
if ($result >= 0) {
$response = new KalturaStartWidgetSessionResponse();
$response->partnerId = $partnerId;
$response->ks = $ksStr;
$response->userId = $userId;
return $response;
} else {
// TODO - see that there is a good error for when the invalid login count exceed s the max
throw new KalturaAPIException(APIErrors::START_WIDGET_SESSION_ERROR, $widgetId);
}
}
/**
* @action getAdminSession
* @param int $partnerId
* @param string $userId
* @return string
*/
public function getAdminSessionAction($partnerId, $userId = null)
{
$dbPartner = PartnerPeer::retrieveByPK($partnerId);
if (!$dbPartner) {
throw new KalturaAPIException(KalturaErrors::UNKNOWN_PARTNER_ID, $partnerId);
}
if (!$userId) {
$userId = $dbPartner->getAdminUserId();
}
$kuser = kuserPeer::getKuserByPartnerAndUid($partnerId, $userId);
if (!$kuser) {
throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $userId);
}
if (!$kuser->getIsAdmin()) {
throw new KalturaAPIException(KalturaErrors::USER_NOT_ADMIN, $userId);
}
$ks = "";
kSessionUtils::createKSessionNoValidations($dbPartner->getId(), $userId, $ks, 86400, 2, "", "*");
return $ks;
}
/**
* Get a session using user email and password
*
* @param string $puserId
* @param string $loginEmail
* @param string $password
* @param int $partnerId
* @param int $expiry
* @param string $privileges
*
* @return string KS
*
* @throws KalturaErrors::USER_NOT_FOUND
* @thrown KalturaErrors::LOGIN_RETRIES_EXCEEDED
* @thrown KalturaErrors::LOGIN_BLOCKED
* @thrown KalturaErrors::PASSWORD_EXPIRED
* @thrown KalturaErrors::INVALID_PARTNER_ID
* @thrown KalturaErrors::INTERNAL_SERVERL_ERROR
* @throws KalturaErrors::USER_IS_BLOCKED
*/
protected function loginImpl($puserId, $loginEmail, $password, $partnerId = null, $expiry = 86400, $privileges = '*')
{
KalturaResponseCacher::disableCache();
myPartnerUtils::resetPartnerFilter('kuser');
kuserPeer::setUseCriteriaFilter(true);
// if a KS of a specific partner is used, don't allow logging in to a different partner
if ($this->getPartnerId() && $partnerId && $this->getPartnerId() != $partnerId) {
throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $partnerId);
}
if ($loginEmail && !$partnerId) {
$this->validateApiAccessControlByEmail($loginEmail);
}
try {
if ($loginEmail) {
$user = UserLoginDataPeer::userLoginByEmail($loginEmail, $password, $partnerId);
} else {
$user = kuserPeer::userLogin($puserId, $password, $partnerId);
}
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND);
}
if ($code == kUserException::USER_NOT_FOUND) {
throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND);
} else {
if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) {
throw new KalturaAPIException(KalturaErrors::LOGIN_RETRIES_EXCEEDED);
} else {
if ($code == kUserException::LOGIN_BLOCKED) {
throw new KalturaAPIException(KalturaErrors::LOGIN_BLOCKED);
} else {
if ($code == kUserException::PASSWORD_EXPIRED) {
throw new KalturaAPIException(KalturaErrors::PASSWORD_EXPIRED);
} else {
if ($code == kUserException::WRONG_PASSWORD) {
throw new KalturaAPIException(KalturaErrors::USER_WRONG_PASSWORD);
} else {
if ($code == kUserException::USER_IS_BLOCKED) {
throw new KalturaAPIException(KalturaErrors::USER_IS_BLOCKED);
}
}
}
}
}
}
throw new $e();
}
if (!$user) {
throw new KalturaAPIException(KalturaErrors::LOGIN_DATA_NOT_FOUND);
}
if ($partnerId && $user->getPartnerId() != $partnerId || $this->getPartnerId() && !$partnerId && $user->getPartnerId() != $this->getPartnerId()) {
throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $partnerId);
}
$partner = PartnerPeer::retrieveByPK($user->getPartnerId());
if (!$partner || $partner->getStatus() == Partner::PARTNER_STATUS_FULL_BLOCK) {
throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $user->getPartnerId());
}
$ks = null;
$admin = $user->getIsAdmin() ? KalturaSessionType::ADMIN : KalturaSessionType::USER;
// create a ks for this admin_kuser as if entered the admin_secret using the API
kSessionUtils::createKSessionNoValidations($partner->getId(), $user->getPuserId(), $ks, $expiry, $admin, "", $privileges);
return $ks;
}
public function execute()
{
$ks = $this->getP("ks");
if (!$ks) {
$this->dieOnError(APIErrors::MISSING_KS);
}
$requestedPartnerId = $this->getP("partner_id");
$expired = $this->getP("exp");
$ksObj = kSessionUtils::crackKs($ks);
$ksPartnerId = $ksObj->partner_id;
if (!$requestedPartnerId) {
$requestedPartnerId = $ksPartnerId;
}
try {
$adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true);
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::USER_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) {
$this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED);
} else {
if ($code == kUserException::LOGIN_BLOCKED) {
$this->dieOnError(APIErrors::LOGIN_BLOCKED);
} else {
if ($code == kUserException::PASSWORD_EXPIRED) {
$this->dieOnError(APIErrors::PASSWORD_EXPIRED);
} else {
if ($code == kUserException::WRONG_PASSWORD) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::USER_IS_BLOCKED) {
$this->dieOnError(APIErrors::USER_IS_BLOCKED);
}
}
}
}
}
}
$this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR);
}
if (!$adminKuser || !$adminKuser->getIsAdmin()) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($requestedPartnerId != $adminKuser->getPartnerId()) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
$partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId());
if (!$partner) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
if (!$partner->validateApiAccessControl()) {
$this->dieOnError(APIErrors::SERVICE_ACCESS_CONTROL_RESTRICTED);
}
$partner_id = $partner->getId();
$subp_id = $partner->getSubpId();
$admin_puser_id = $adminKuser->getPuserId();
$exp = isset($expired) && is_numeric($expired) ? time() + $expired : 0;
$noUserInKs = is_null($ksObj->user) || $ksObj->user === '';
if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) {
$ks = null;
$sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER;
kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*," . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT);
}
$path = "/";
$domain = null;
$force_ssl = PermissionPeer::isValidForPartner(PermissionName::FEATURE_KMC_ENFORCE_HTTPS, $partner_id);
$secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' && $force_ssl ? true : false;
$http_only = true;
$this->getResponse()->setCookie("pid", $partner_id, $exp, $path, $domain, $secure, $http_only);
$this->getResponse()->setCookie("subpid", $subp_id, $exp, $path, $domain, $secure, $http_only);
$this->getResponse()->setCookie("kmcks", $ks, $exp, $path, $domain, $secure, $http_only);
$redirect_url = $force_ssl ? 'https' : 'http';
$redirect_url .= '://' . $_SERVER["HTTP_HOST"] . '/index.php/kmc/kmc2';
$this->redirect($redirect_url);
}
public function executeImpl($partner_id, $subp_id, $puser_id, $partner_prefix, $puser_kuser)
{
defPartnerservices2baseAction::disableCache();
kuserPeer::setUseCriteriaFilter(false);
$email = trim($this->getPM("email"));
$password = trim($this->getPM("password"));
$loginData = UserLoginDataPeer::getByEmail($email);
// be sure to return the same error if there are no admins in the list and when there are none matched -
// so no hint about existing admin will leak
if (!$loginData) {
$this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND);
return;
}
try {
$adminKuser = UserLoginDataPeer::userLoginByEmail($email, $password, $partner_id);
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::USER_NOT_FOUND) {
$this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND);
return null;
}
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
$this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND);
return null;
} else {
if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) {
$this->addError(APIErrors::LOGIN_RETRIES_EXCEEDED);
return null;
} else {
if ($code == kUserException::LOGIN_BLOCKED) {
$this->addError(APIErrors::LOGIN_BLOCKED);
return null;
} else {
if ($code == kUserException::PASSWORD_EXPIRED) {
$this->addError(APIErrors::PASSWORD_EXPIRED);
return null;
} else {
if ($code == kUserException::WRONG_PASSWORD) {
$this->addError(APIErrors::USER_WRONG_PASSWORD);
return null;
} else {
if ($code == kUserException::USER_IS_BLOCKED) {
$this->addError(APIErrors::USER_IS_BLOCKED);
return null;
} else {
$this->addError(APIErrors::INTERNAL_SERVERL_ERROR);
return null;
}
}
}
}
}
}
}
if (!$adminKuser || !$adminKuser->getIsAdmin()) {
$this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND);
return null;
}
if ($partner_id && $partner_id != $adminKuser->getPartnerId()) {
$this->addError(APIErrors::UNKNOWN_PARTNER_ID);
return;
}
$partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId());
if (!$partner) {
$this->addError(APIErrors::UNKNOWN_PARTNER_ID);
return;
}
$partner_id = $partner->getId();
$subp_id = $partner->getSubpId();
$admin_puser_id = $adminKuser->getPuserId();
// get the puser_kuser for this admin if exists, if not - creae it and return it - create a kuser too
$puser_kuser = PuserKuserPeer::createPuserKuser($partner_id, $subp_id, $admin_puser_id, $adminKuser->getScreenName(), $adminKuser->getScreenName(), true);
$uid = $puser_kuser->getPuserId();
$ks = null;
// create a ks for this admin_kuser as if entered the admin_secret using the API
// ALLOW A KS FOR 30 DAYS
kSessionUtils::createKSessionNoValidations($partner_id, $uid, $ks, 30 * 86400, 2, "", "*");
$this->addMsg("partner_id", $partner_id);
$this->addMsg("subp_id", $subp_id);
$this->addMsg("uid", $uid);
$this->addMsg("ks", $ks);
$this->addMsg("screenName", $adminKuser->getFullName());
$this->addMsg("fullName", $adminKuser->getFullName());
$this->addMsg("email", $adminKuser->getEmail());
}
$threeMonthsAgo = $now - 60 * 60 * 24 * 30 * 3;
$ks = null;
$distributionProfiles = DistributionProfilePeer::doSelect($criteria);
while ($distributionProfiles) {
$lastId = 0;
foreach ($distributionProfiles as $distributionProfile) {
/* @var $distributionProfile YoutubeApiDistributionProfile */
$lastId = $distributionProfile->getId();
$currentPartnerId = $distributionProfile->getPartnerId();
$url = $distributionProfile->getApiAuthorizeUrl();
$authenticated = 'No';
if (is_null($url)) {
$authenticated = 'Yes';
$url = '';
} else {
kSessionUtils::createKSessionNoValidations($currentPartnerId, null, $ks, 2592000, SessionType::ADMIN);
$url .= "?ks={$ks}";
}
$lastDistributionDate = 'Never';
$lastDistributionDaysAgo = 'Never';
$entryDistributionCriteria = new Criteria();
$entryDistributionCriteria->add(EntryDistributionPeer::PARTNER_ID, $currentPartnerId);
$entryDistributionCriteria->add(EntryDistributionPeer::STATUS, EntryDistributionStatus::READY);
$entryDistributionCriteria->add(EntryDistributionPeer::DISTRIBUTION_PROFILE_ID, $lastId);
$entryDistributionCriteria->addDescendingOrderByColumn(EntryDistributionPeer::CREATED_AT);
$entryDistribution = EntryDistributionPeer::doSelectOne($entryDistributionCriteria);
if ($entryDistribution) {
$lastDistributionDate = $entryDistribution->getCreatedAt();
$lastDistributionDaysAgo = floor(($now - $entryDistribution->getCreatedAt(null)) / 86400);
}
// if(!$partnerId)
public function execute()
{
$ks = $this->getP("ks");
$requestedPartnerId = $this->getP("partner_id");
$ksObj = kSessionUtils::crackKs($ks);
$ksPartnerId = $ksObj->partner_id;
if (!$requestedPartnerId) {
$requestedPartnerId = $ksPartnerId;
}
try {
$adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true);
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::USER_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) {
$this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED);
} else {
if ($code == kUserException::LOGIN_BLOCKED) {
$this->dieOnError(APIErrors::LOGIN_BLOCKED);
} else {
if ($code == kUserException::PASSWORD_EXPIRED) {
$this->dieOnError(APIErrors::PASSWORD_EXPIRED);
} else {
if ($code == kUserException::WRONG_PASSWORD) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::USER_IS_BLOCKED) {
$this->dieOnError(APIErrors::USER_IS_BLOCKED);
}
}
}
}
}
}
$this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR);
}
if (!$adminKuser || !$adminKuser->getIsAdmin()) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($requestedPartnerId != $adminKuser->getPartnerId()) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
$partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId());
if (!$partner) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
$partner_id = $partner->getId();
$subp_id = $partner->getSubpId();
$admin_puser_id = $adminKuser->getPuserId();
$screen_name = $adminKuser->getScreenName();
if (!$screen_name) {
// for backward compatibility
$screen_name = $this->getP("screen_name");
}
$noUserInKs = is_null($ksObj->user) || $ksObj->user === '';
if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) {
$ks = null;
$sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER;
kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*");
}
$exp = 0;
$path = "/";
$this->getResponse()->setCookie("pid", $partner_id, $exp, $path);
$this->getResponse()->setCookie("subpid", $subp_id, $exp, $path);
$this->getResponse()->setCookie("uid", $admin_puser_id, $exp, $path);
$this->getResponse()->setCookie("kmcks", $ks, $exp, $path);
$this->getResponse()->setCookie("screen_name", $screen_name, $exp, $path);
$this->redirect('kmc/kmc2');
}
public function execute()
{
$ks = $this->getP("ks");
$requestedPartnerId = $this->getP("partner_id");
$expired = $this->getP("exp");
$ksObj = kSessionUtils::crackKs($ks);
$ksPartnerId = $ksObj->partner_id;
if (!$requestedPartnerId) {
$requestedPartnerId = $ksPartnerId;
}
try {
$adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true);
} catch (kUserException $e) {
$code = $e->getCode();
if ($code == kUserException::USER_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($code == kUserException::LOGIN_DATA_NOT_FOUND) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) {
$this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED);
} else {
if ($code == kUserException::LOGIN_BLOCKED) {
$this->dieOnError(APIErrors::LOGIN_BLOCKED);
} else {
if ($code == kUserException::PASSWORD_EXPIRED) {
$this->dieOnError(APIErrors::PASSWORD_EXPIRED);
} else {
if ($code == kUserException::WRONG_PASSWORD) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
} else {
if ($code == kUserException::USER_IS_BLOCKED) {
$this->dieOnError(APIErrors::USER_IS_BLOCKED);
}
}
}
}
}
}
$this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR);
}
if (!$adminKuser || !$adminKuser->getIsAdmin()) {
$this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND);
}
if ($requestedPartnerId != $adminKuser->getPartnerId()) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
$partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId());
if (!$partner) {
$this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID);
}
$partner_id = $partner->getId();
$subp_id = $partner->getSubpId();
$admin_puser_id = $adminKuser->getPuserId();
$exp = isset($expired) && is_numeric($expired) ? time() + $expired : 0;
$noUserInKs = is_null($ksObj->user) || $ksObj->user === '';
if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) {
$ks = null;
$sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER;
kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*," . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT);
}
$path = "/";
$domain = null;
$secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? true : false;
$this->getResponse()->setCookie("pid", $partner_id, $exp, $path, $domain, $secure);
$this->getResponse()->setCookie("subpid", $subp_id, $exp, $path, $domain, $secure);
$this->getResponse()->setCookie("kmcks", $ks, $exp, $path, $domain, $secure);
$this->redirect('kmc/kmc2');
}
