Esempio n. 1
0
function view_se()
{
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        throw new Exception("An id must be specified");
    }
    $id = $_GET['id'];
    //get user for case that portal is read only and user is admin, so they can still see edit links
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $serv = \Factory::getServiceService();
    $params['authenticated'] = false;
    if ($user != null) {
        $params['authenticated'] = true;
    }
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    $se = $serv->getService($id);
    // Does current viewer have edit permissions over object ?
    $params['ShowEdit'] = false;
    if ($user != null && count($serv->authorizeAction(\Action::EDIT_OBJECT, $se, $user)) >= 1) {
        $params['ShowEdit'] = true;
    }
    $title = $se->getHostName() . " - " . $se->getServiceType()->getName();
    $params['se'] = $se;
    $params['sGroups'] = $se->getServiceGroups();
    $params['Scopes'] = $serv->getScopesWithParentScopeInfo($se);
    // Show upcoming downtimes and downtimes that started within the last thirty days
    $downtimes = $serv->getDowntimes($id, 31);
    $params['Downtimes'] = $downtimes;
    show_view("service/view_service.php", $params, $title);
}
Esempio n. 2
0
function view_ngi()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        throw new Exception("An id must be specified");
    }
    $ngiId = $_GET['id'];
    //get user for case that portal is read only and user is admin, so they can still see edit links
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    $params['UserIsAdmin'] = false;
    if (!is_null($user)) {
        $params['UserIsAdmin'] = $user->isAdmin();
    }
    $params['authenticated'] = false;
    if ($user != null) {
        $params['authenticated'] = true;
    }
    $ngiServ = \Factory::getNgiService();
    $siteServ = \Factory::getSiteService();
    $ngi = $ngiServ->getNgi($ngiId);
    // Does current viewer have edit permissions over NGI ?
    $params['ShowEdit'] = false;
    if (count($ngiServ->authorizeAction(\Action::EDIT_OBJECT, $ngi, $user)) >= 1) {
        $params['ShowEdit'] = true;
    }
    // Add ngi to params
    $params['ngi'] = $ngi;
    // Add all roles over ngi to params
    $allRoles = $ngi->getRoles();
    $roles = array();
    foreach ($allRoles as $role) {
        if ($role->getStatus() == \RoleStatus::GRANTED) {
            $roles[] = $role;
        }
    }
    $params['roles'] = $roles;
    // Add ngi's project to params
    $projects = $ngi->getProjects();
    $params['Projects'] = $projects;
    // Add sites and scopes to params
    $params['SitesAndScopes'] = array();
    foreach ($ngi->getSites() as $site) {
        $params['SitesAndScopes'][] = array('Site' => $site, 'Scopes' => $siteServ->getScopesWithParentScopeInfo($site));
    }
    // Add RoleActionRecords to params
    $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($ngi->getId(), 'ngi');
    show_view('ngi/view_ngi.php', $params, $ngi->getName());
    die;
}
Esempio n. 3
0
function show_all()
{
    //Check the user has permission to see the page, will throw exception
    //if correct permissions are lacking
    checkUserIsAdmin();
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $serviceTypes = \Factory::getServiceTypeService()->getServiceTypes();
    $params['ServiceTypes'] = $serviceTypes;
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view('admin/view_service_types.php', $params, 'Service Types');
}
Esempio n. 4
0
function getSitesServices()
{
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    if (!isset($_REQUEST['site_id']) || !is_numeric($_REQUEST['site_id'])) {
        throw new Exception("A site_id must be specified");
    }
    $site = \Factory::getSiteService()->getSite($_REQUEST['site_id']);
    $services = $site->getServices();
    $params['services'] = $services;
    show_view("downtime/view_services.php", $params, null, true);
}
Esempio n. 5
0
function view()
{
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
        throw new Exception("An id must be specified");
    }
    $downtime = \Factory::getDowntimeService()->getDowntime($_REQUEST['id']);
    if ($downtime == null) {
        throw new Exception('No downtime with id [' . $_REQUEST['id'] . ']');
    }
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    $params['downtime'] = $downtime;
    $title = $downtime->getDescription();
    show_view("downtime/view_downtime.php", $params, $title);
}
Esempio n. 6
0
function view_service_type()
{
    //Check the user has permission to see the page, will throw exception
    //if correct permissions are lacking
    checkUserIsAdmin();
    if (!isset($_REQUEST['id']) || !is_numeric($_REQUEST['id'])) {
        throw new Exception("An id must be specified");
    }
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $serv = \Factory::getServiceTypeService();
    $serviceType = $serv->getServiceType($_REQUEST['id']);
    $params['Name'] = $serviceType->getName();
    $params['Description'] = $serviceType->getDescription();
    $params['ID'] = $serviceType->getId();
    $params['Services'] = $serv->getServices($params['ID']);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view("admin/view_service_type.php", $params, $params['Name']);
}
Esempio n. 7
0
function show_users()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    //Check the user has permission to see the page, will throw exception
    //if correct permissions are lacking
    checkUserIsAdmin();
    //If specified, set parameters
    $surname = null;
    if (!empty($_REQUEST['Surname'])) {
        $surname = $_REQUEST['Surname'];
    }
    $params["Surname"] = $surname;
    $forename = null;
    if (!empty($_REQUEST['Forename'])) {
        $forename = $_REQUEST['Forename'];
    }
    $params["Forename"] = $forename;
    $dn = null;
    if (!empty($_REQUEST['DN'])) {
        $dn = $_REQUEST['DN'];
    }
    $params["DN"] = $dn;
    //Note that the true/false specified must be converted into boolean true/false.
    $isAdmin = null;
    if (!empty($_REQUEST['IsAdmin'])) {
        if ($_REQUEST['IsAdmin'] == "true") {
            $isAdmin = true;
        } elseif ($_REQUEST['IsAdmin'] == "false") {
            $isAdmin = false;
        }
    }
    $params["IsAdmin"] = $isAdmin;
    $currentUserDN = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($currentUserDN);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    //get users
    $params["Users"] = \Factory::getUserService()->getUsers($surname, $forename, $dn, $isAdmin);
    show_view("admin/users.php", $params, "Users");
}
Esempio n. 8
0
function view()
{
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    $timePeriod = 1;
    if (isset($_REQUEST['timePeriod'])) {
        $timePeriod = $_REQUEST['timePeriod'];
    }
    $days = 7 * $timePeriod;
    $windowStart = date("Y-m-d");
    $windowEnd = date_add(date_create(date("Y-m-d")), date_interval_create_from_date_string($days . ' days'));
    $downtimesA = \Factory::getDowntimeService()->getActiveDowntimes();
    $downtimesI = \Factory::getDowntimeService()->getImminentDowntimes($windowStart, $windowEnd);
    $params['timePeriod'] = $timePeriod;
    $params['downtimesActive'] = $downtimesA;
    $params['downtimesImmenent'] = $downtimesI;
    show_view("downtime/downtimes_overview.php", $params);
}
Esempio n. 9
0
function showServiceGroup()
{
    require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php';
    require_once __DIR__ . '/../utils.php';
    if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        throw new Exception("An id must be specified");
    }
    $sGroupId = $_GET['id'];
    $sGroup = \Factory::getServiceGroupService()->getServiceGroup($sGroupId);
    $params['sGroup'] = $sGroup;
    // get downtimes that affect services under this service group
    // 31 = the number of days worth of historical downtimes to show
    $downtimes = \Factory::getServiceGroupService()->getDowntimes($sGroupId, 31);
    $params['downtimes'] = $downtimes;
    //get user for case that portal is read only and user is admin, so they can still see edit links
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    $params['authenticated'] = false;
    if ($user != null) {
        $params['authenticated'] = true;
    }
    $allRoles = $sGroup->getRoles();
    $roles = array();
    foreach ($allRoles as $role) {
        if ($role->getStatus() == \RoleStatus::GRANTED) {
            $roles[] = $role;
        }
    }
    $params['Roles'] = $roles;
    // Does current viewer have edit permissions over object ?
    $params['ShowEdit'] = false;
    if (count(\Factory::getServiceGroupService()->authorizeAction(\Action::EDIT_OBJECT, $sGroup, $user)) >= 1) {
        $params['ShowEdit'] = true;
    }
    // Add RoleActionRecords to params
    $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($sGroup->getId(), 'servicegroup');
    $title = $sGroup->getName();
    show_view("service_group/view_sgroup.php", $params, $title);
}
Esempio n. 10
0
function show_project()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../utils.php';
    require_once __DIR__ . '/../../../../htdocs/web_portal/components/Get_User_Principle.php';
    if (!isset($_GET['id']) || !is_numeric($_GET['id'])) {
        throw new Exception("An id must be specified");
    }
    $projId = $_GET['id'];
    $serv = \Factory::getProjectService();
    $project = $serv->getProject($projId);
    $allRoles = $project->getRoles();
    $roles = array();
    foreach ($allRoles as $role) {
        if ($role->getStatus() == \RoleStatus::GRANTED && $role->getRoleType()->getName() != \RoleTypeName::CIC_STAFF) {
            $roles[] = $role;
        }
    }
    //get user for case that portal is read only and user is admin, so they can still see edit links
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    $params['ShowEdit'] = false;
    if (count($serv->authorizeAction(\Action::EDIT_OBJECT, $project, $user)) >= 1) {
        $params['ShowEdit'] = true;
    }
    $params['authenticated'] = false;
    if ($user != null) {
        $params['authenticated'] = true;
    }
    // Add RoleActionRecords to params
    $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($project->getId(), 'project');
    $params['Name'] = $project->getName();
    $params['Description'] = $project->getDescription();
    $params['ID'] = $project->getId();
    $params['NGIs'] = $project->getNgis();
    $params['Sites'] = $serv->getSites($project);
    $params['Roles'] = $roles;
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view('project/view_project.php', $params, $params['Name']);
}
Esempio n. 11
0
function view_requests()
{
    require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php';
    require_once __DIR__ . '/../../components/Get_User_Principle.php';
    require_once __DIR__ . '/../utils.php';
    $dn = Get_User_Principle();
    $user = \Factory::getUserService()->getUserByPrinciple($dn);
    if ($user == null) {
        throw new Exception("Unregistered users can't view/request roles");
    }
    // Entites is a two-dimensional array that lists both the id and name of
    // OwnedEntities that a user can reqeust a role over (Projects, NGIs, Sites,
    // ServiceGroups). If an inner dimesional array does not contain an Object_ID
    // array key, then it is used as a section title in a pull-down list.
    $entities = array();
    $entities[] = array('Name' => 'Projects');
    $allProjects = \Factory::getProjectService()->getProjects();
    foreach ($allProjects as $proj) {
        $entities[] = array('Object_ID' => $proj->getId(), 'Name' => $proj->getName());
    }
    $entities[] = array('Name' => 'NGIs');
    $allNGIs = \Factory::getNgiService()->getNGIs();
    foreach ($allNGIs as $ngi) {
        $entities[] = array('Object_ID' => $ngi->getId(), 'Name' => $ngi->getName());
    }
    $entities[] = array('Name' => 'Sites');
    $allSites = \Factory::getSiteService()->getSitesBy();
    foreach ($allSites as $site) {
        $entities[] = array('Object_ID' => $site->getId(), 'Name' => $site->getShortName());
    }
    $entities[] = array('Name' => 'ServiceGroups');
    $allSGs = \Factory::getServiceGroupService()->getServiceGroups();
    foreach ($allSGs as $sg) {
        $entities[] = array('Object_ID' => $sg->getId(), 'Name' => $sg->getName());
    }
    // Current user's own pending roles
    $myPendingRoleRequests = \Factory::getRoleService()->getUserRoles($user, \RoleStatus::PENDING);
    // foreach role, lookup corresponding RoleActionRecord (if any) and populate
    // the role.decoratorObject with the roleActionRecord for subsequent display
    //    foreach($myPendingRoleRequests as $role){
    //       $rar = \Factory::getRoleService()->getRoleActionRecordByRoleId($role->getId());
    //       $role->setDecoratorObject($rar);
    //    }
    // Other roles current user can approve
    $otherRolesUserCanApprove = \Factory::getRoleService()->getPendingRolesUserCanApprove($user);
    // can the calling user grant or reject each role?
    foreach ($otherRolesUserCanApprove as $r) {
        $grantRejectRoleNamesArray = array();
        $grantRejectRoleNamesArray['grant'] = '';
        $grantRejectRoleNamesArray['deny'] = '';
        // get list of roles that allows user to to grant the role request
        $grantRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::GRANT_ROLE, $r->getOwnedEntity(), $user);
        if (count($grantRoleAuthorisingRoleNames) >= 1) {
            $allAuthorisingRoleNames = '';
            foreach ($grantRoleAuthorisingRoleNames as $arName) {
                $allAuthorisingRoleNames .= $arName . ', ';
            }
            $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
            $grantRejectRoleNamesArray['grant'] = '[' . $allAuthorisingRoleNames . ']';
        }
        // get list of roles that allows user to reject the role request
        $denyRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::REJECT_ROLE, $r->getOwnedEntity(), $user);
        if (count($denyRoleAuthorisingRoleNames) >= 1) {
            $allAuthorisingRoleNames = '';
            foreach ($denyRoleAuthorisingRoleNames as $arName) {
                $allAuthorisingRoleNames .= $arName . ', ';
            }
            $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2);
            $grantRejectRoleNamesArray['deny'] = '[' . $allAuthorisingRoleNames . ']';
        }
        // store array of role names in decorator object
        $r->setDecoratorObject($grantRejectRoleNamesArray);
    }
    $params = array();
    $params['entities'] = $entities;
    $params['myRequests'] = $myPendingRoleRequests;
    $params['allRequests'] = $otherRolesUserCanApprove;
    $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user);
    show_view("political_role/view_requests.php", $params, "Role Requests");
    die;
}
Esempio n. 12
0
/**
 * Checks with the config service if the portal is in read only mode and if
 * it is throws an exception (except when the user is a GOCDB admin)
 *
 * @throws \Exception
 */
function checkPortalIsNotReadOnlyOrUserIsAdmin(\User $user = null)
{
    if (portalIsReadOnlyAndUserIsNotAdmin($user)) {
        throw new \Exception("The portal is currently in read only mode, changes can not be made.");
    }
}