/**
* validates the access permission by getting the appropriate wfs_conf
* to each feature requested and check the wfs_conf permission
*
* @param string owsproxy md5
* @param array array of requested featuretype names
* @return array array with detailed information on reqested wfs
*/
function checkWfsPermission($wfsOws, $features)
{
global $con, $n;
$myconfs = $n->getWfsConfByPermission($_SESSION["mb_user_id"]);
//check if we know the features requested
if (count($features) == 0) {
throwE(array("No wfs_feature data available."));
die;
}
//get wfs
$sql = "SELECT * FROM wfs WHERE wfs_owsproxy = \$1";
$v = array($wfsOws);
$t = array("s");
$res = db_prep_query($sql, $v, $t);
$service = array();
if ($row = db_fetch_array($res)) {
$service["wfs_id"] = $row["wfs_id"];
$service["wfs_getcapabilities"] = $row["wfs_getcapabilities"];
$service["wfs_getfeature"] = $row["wfs_getfeature"];
$service["wfs_describefeaturetype"] = $row["wfs_describefeaturetype"];
$service["wfs_transaction"] = $row["wfs_transaction"];
$service["wfs_getcapabilities_doc"] = $row["wfs_getcapabilities_doc"];
} else {
throwE(array("No wfs data available."));
die;
}
foreach ($features as $feature) {
//get appropriate wfs_conf
$sql = "SELECT wfs_conf.wfs_conf_id FROM wfs_conf ";
$sql .= "JOIN wfs_featuretype ";
$sql .= "ON wfs_featuretype.featuretype_id = wfs_conf.fkey_featuretype_id ";
$sql .= "WHERE wfs_featuretype.featuretype_name = \$2 ";
$sql .= "AND wfs_featuretype.fkey_wfs_id = \$1";
$v = array($service["wfs_id"], $feature);
$t = array("i", "s");
$res = db_prep_query($sql, $v, $t);
if (!($row = db_fetch_array($res))) {
$notice = new mb_notice("Permissioncheck failed no wfs conf for wfs " . $service["wfs_id"] . " with feturetype " . $feature);
throwE(array("No wfs_conf data for featuretype " . $feature));
die;
}
$conf_id = $row["wfs_conf_id"];
//check permission
if (!in_array($conf_id, $myconfs)) {
$notice = new mb_notice("Permissioncheck failed:" . $conf_id . " not in " . implode(",", $myconfs));
throwE(array("Permission denied.", " -> " . $conf_id, implode(",", $myconfs)));
die;
}
}
return $service;
}
$e = new mb_notice("portal search: " . $t . "!");
}
isset($_SERVER["argv"][1]) ? $userId = $_SERVER["argv"][1] : throwE('userId lacks ...');
isset($_SERVER["argv"][2]) ? $searchId = $_SERVER["argv"][2] : throwE('searchId lacks ...');
isset($_SERVER["argv"][3]) ? $searchText = $_SERVER["argv"][3] : throwE('searchText lacks ...');
isset($_SERVER["argv"][4]) ? $searchEPSG = $_SERVER["argv"][4] : throwE('searchEPSG lacks ...');
isset($_SERVER["argv"][5]) ? $registratingDepartments = $_SERVER["argv"][5] : throwE('registratingDepartments lacks ...');
isset($_SERVER["argv"][6]) ? $isoCategories = $_SERVER["argv"][6] : throwE('isoCategories lacks ...');
isset($_SERVER["argv"][7]) ? $regTimeBegin = $_SERVER["argv"][7] : throwE('regTimeBegin lacks ...');
isset($_SERVER["argv"][8]) ? $regTimeEnd = $_SERVER["argv"][8] : throwE('regTimeEnd lacks ...');
isset($_SERVER["argv"][9]) ? $searchBbox = $_SERVER["argv"][9] : throwE('searchBbox lacks ...');
isset($_SERVER["argv"][10]) ? $searchTypeBbox = $_SERVER["argv"][10] : throwE('searchTypeBbox lacks ...');
isset($_SERVER["argv"][11]) ? $searchResources = $_SERVER["argv"][11] : throwE('searchResources lacks ...');
isset($_SERVER["argv"][12]) ? $timeBegin = $_SERVER["argv"][12] : throwE('timeBegin lacks ...');
isset($_SERVER["argv"][13]) ? $timeEnd = $_SERVER["argv"][13] : throwE('timeEnd lacks ...');
isset($_SERVER["argv"][14]) ? $orderBy = $_SERVER["argv"][14] : throwE('orderBy lacks ...');
//define standard searchEPSG if the client has not yet been initialized - therefor the needed EPSG is not known
if (!isset($searchEPSG) || ($searchEPSG = '' || empty($searchEPSG))) {
$searchEPSG = "EPSG:31466";
} else {
$searchEPSG = $_SERVER["argv"][4];
}
//if the searchText has more than one element the commas has to be exchanged by plus -> opensearch!
$searchTextOS = str_replace(",", "+", $searchText);
if ($searchTextOS === 'false' || $searchTextOS === '*') {
$searchTextOS = '1';
}
$openSearchFilter = "";
//generate portalu search filter:
//needed filter criteria:
//1. searchText - anyText Field
/**
* validated access permission on requested wms
*
* @param wmsId integer, userId - integer
* @return array array with detailed information about requested wms
*/
function checkWmsPermission($wmsId, $userId)
{
global $con, $n;
$myguis = $n->getGuisByPermission($userId, true);
$mywms = $n->getWmsByOwnGuis($myguis);
$sql = "SELECT * FROM wms WHERE wms_id = \$1";
$v = array($wmsId);
$t = array("s");
$res = db_prep_query($sql, $v, $t);
$service = array();
if ($row = db_fetch_array($res)) {
$service["wms_id"] = $row["wms_id"];
$service["wms_getcapabilities"] = $row["wms_getcapabilities"];
$service["wms_getmap"] = $row["wms_getmap"];
$service["wms_getfeatureinfo"] = $row["wms_getfeatureinfo"];
$service["wms_getcapabilities_doc"] = $row["wms_getcapabilities_doc"];
}
if (!$row || count($mywms) == 0) {
throwE(array("No wms data available."));
die;
}
if (!in_array($service["wms_id"], $mywms)) {
throwE(array("Permission denied.", " -> " . $service["wms_id"], implode(",", $mywms)));
die;
}
return $service;
}
