public function createnewprofileAction()
{
$this->_helper->layout->disableLayout();
if ($this->session->userid !== -1 || $this->session->isNewUser !== true) {
$this->_helper->viewRenderer->setNoRender();
header("HTTP/1.0 404 Not Found");
return;
}
$firstname = isset($_POST["firstName"]) ? trim($_POST["firstName"]) : null;
$lastname = isset($_POST["lastName"]) ? trim($_POST["lastName"]) : null;
$gender = isset($_POST["gender"]) ? trim($_POST["gender"]) : null;
$institution = isset($_POST["institution"]) ? trim($_POST["institution"]) : null;
$countryid = isset($_POST["countryID"]) ? intval($_POST["countryID"]) : null;
$positiontypeid = isset($_POST["positionTypeID"]) ? intval($_POST["positionTypeID"]) : null;
$error = array();
if ($firstname === null) {
array_push($error, "Invalid user first name given");
}
if ($lastname === null) {
array_push($error, "Invalid user last name given");
}
//if( $institution === null ) array_push($error, "Invalid user institute given");
if ($countryid === null) {
array_push($error, "Invalid user country given");
}
if ($positiontypeid === null) {
array_push($error, "Invalid user role given");
}
if (count($error) > 0) {
//todo: Add Error handler
$this->view->error = $error;
return;
}
//Collect user information
$entry = new Default_Model_Researcher();
$entry->lastName = $lastname;
$entry->firstName = $firstname;
$entry->gender = $gender;
$entry->institution = "";
$entry->countryID = $countryid;
$entry->positionTypeID = $positiontypeid;
//Collect user contacts
$conts = array();
foreach ($_POST as $key => $value) {
if (trim($value) === "") {
continue;
}
if (substr($key, 0, 7) === "contact" && substr($key, 0, 11) !== "contactType") {
$cnum = substr($key, 7);
$cont = new Default_Model_Contact();
$cont->data = $value;
$cont->contactTypeID = $_POST['contactType' . $cnum];
if (is_numeric($cont->contactTypeID) === false) {
array_push($error, "Invalid contact type given");
}
if (trim($value) === "") {
array_push($error, "Empty contact value given");
}
if (count($error) > 0) {
continue;
}
array_push($conts, $cont);
}
}
//Collect user relations
$relations = array();
foreach ($_POST as $key => $value) {
if (trim($value) === "") {
continue;
}
if (strtolower(trim($key)) === "organization") {
$data = json_decode($value);
$relations[] = array("id" => trim(strval($data->id)), "targetguid" => trim(strval($data->targetguid)), "parentid" => null);
}
}
if (count($error) > 0) {
//todo: Add error handler
$this->view->error = $error;
return;
}
//Check if user account has been registered in the meanwhile
$uid = $this->session->authUid;
$source = $this->session->authSource;
$useraccounts = new Default_Model_UserAccounts();
$f1 = new Default_Model_UserAccountsFilter();
$f2 = new Default_Model_UserAccountsFilter();
$f1->accountid->equals($uid);
$f2->accounttype->equals($source);
$useraccounts->filter->chain($f1, "AND");
$useraccounts->filter->chain($f2, "AND");
if (count($useraccounts->items) > 0) {
array_push($error, "User account is already registered");
$this->view->error = $error;
return;
}
//Everything is ok. Continue with saving new profile
//Save entry
$entry->save();
//Save entry contacts
for ($i = 0; $i < count($conts); $i += 1) {
$cont = $conts[$i];
$cont->researcherID = $entry->id;
$cont->save();
}
//extract IDP Trace in case it is returned from SAML
$attrs = $this->session->samlattrs;
$idptrace = array();
if (isset($attrs['idp:traceidp']) && is_array($attrs['idp:traceidp'])) {
$idptrace = $attrs['idp:traceidp'];
}
//Save user account
$useraccount = new Default_Model_UserAccount();
$useraccount->researcherid = $entry->id;
$useraccount->accountid = $this->session->authUid;
$useraccount->accounttypeid = str_replace("-sp", "", $this->session->authSource);
$useraccount->IDPTrace = $idptrace;
$useraccount->save();
//Save user relations (organization)
if ($entry && count($relations) > 0) {
//ensure permissions are built
$try_counter = 0;
while ($try_counter < 25) {
$try_counter += 1;
$confs = db()->query("select data from config where var = 'permissions_cache_dirty';")->fetchAll();
if (count($confs) > 0) {
$conf = $confs[0];
if (isset($conf["data"]) && trim($conf["data"]) === '0') {
break;
}
}
sleep(1);
}
//Refetch entry (user) to retrieve guid
$us = new Default_Model_Researchers();
$us->filter->id->numequals($entry->id);
if (count($us->items) > 0) {
$u = $us->items[0];
EntityRelations::syncRelations($u->guid, $u->id, $relations);
}
}
//Setup new session
if ($entry) {
//ensure race condition
$try_counter = 0;
while ($try_counter < 10) {
$try_counter += 1;
$ppl = new Default_Model_Researchers();
$ppl->filter->id->equals($entry->id);
if (count($ppl->items) > 0) {
break;
}
sleep(1);
}
unset($this->session->isNewUser);
$this->session->userid = $entry->id;
SamlAuth::setupSamlAuth($this->session);
}
$this->view->session = $this->session;
$this->view->error = array();
}
public function authenticationAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$uid = $this->session->userid;
header("Content-Type:text/xml");
echo "<" . "?xml version='1.0'?" . ">";
//Check if user is logged in
if ($_SERVER['HTTPS'] != "on") {
header("HTTP/1.0 403 Forbidden");
return;
}
if ($uid == null) {
header("HTTP/1.0 403 Forbidden");
echo "<apikeys error='Not logged in' ></apikeys>";
return;
}
if ($_SERVER['REQUEST_METHOD'] == 'DELETE') {
header("HTTP/1.0 400 Bad Request");
return;
}
if ($_SERVER['REQUEST_METHOD'] == "PUT") {
parse_str(file_get_contents("php://input"), $post_vars);
$keyid = null;
$passwd = null;
$displayname = null;
if (isset($post_vars["key"])) {
$keyid = $post_vars["key"];
}
if (isset($post_vars["pwd"])) {
$passwd = $post_vars["pwd"];
}
if (isset($post_vars["name"])) {
$displayname = $post_vars["name"];
}
if ($keyid === null) {
header("HTTP/1.0 400 Bad Request");
return;
}
if ($passwd === null) {
header("HTTP/1.0 400 Bad Request");
return;
}
if ($displayname === null) {
header("HTTP/1.0 400 Bad Request");
return;
}
$apikeys = new Default_Model_APIKeys();
$apikeys->filter->id->equals($keyid)->and($apikeys->filter->ownerid->equals($uid));
if (count($apikeys->items) == 0) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Could not retrieve key' ></apikeys>";
return;
}
$apikey = $apikeys->items[0];
if ($apikey->ownerid != $uid) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Could not retrieve key for user' ></apikeys>";
return;
}
if ($apikey->sysaccountid != null) {
header("HTTP/1.0 405 Method Not Allowed");
echo "<apikeys error='Api key is already associated with a system user account' ></apikeys>";
return;
}
$users = new Default_Model_Researchers();
$users->filter->id->equals($uid);
if (count($users->items) == 0) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Session user not found' ></apikeys>";
return;
}
$usercountryid = $users->items[0]->countryid;
$user = new Default_Model_Researcher();
$uname = "appdb-" . generate_uuid_v4();
$user->firstname = "";
$user->lastname = $displayname;
$user->institution = "";
$user->username = $uname;
$user->password = md5($passwd);
$user->accountType = 1;
$user->countryid = $usercountryid;
$user->positionTypeId = 4;
$user->save();
$apikeys = new Default_Model_APIKeys();
$apikeys->filter->id->equals($keyid);
$apikeys = $apikeys->items[0];
$apikeys->sysaccountid = $user->id;
$apikeys->authmethods = 2;
$apikeys->save();
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$data = json_decode($_POST["data"]);
$keyid = $data->keyid;
//Check if api key exists
$apikeys = new Default_Model_APIKeys();
$apikeys->filter->id->equals($keyid)->and($apikeys->filter->ownerid->equals($uid));
if (count($apikeys->items) == 0) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Could not retrieve key' ></apikeys>";
return;
}
//Check if sys account exists
$apikey = $apikeys->items[0];
$sysid = $apikey->sysaccountid;
$rs = new Default_Model_Researchers();
$rs->filter->id->equals($sysid);
if (count($rs->items) == 0) {
header("HTTP/1.0 404 Not Found");
echo "<apikeys error='Could not retrieve system user account.' ></apikeys>";
return;
}
//Check request type
if (isset($data->sysdisplayname)) {
//update system user name
if (trim($data->sysdisplayname) == "") {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='Empty names are not allowed.' ></apikeys>";
return;
}
$s = $rs->items[0];
$s->firstname = "";
$s->lastname = $data->sysdisplayname;
$s->save();
} else {
if (isset($data->old)) {
//change password
$s = $rs->items[0];
if (!$data->new || trim($data->new) == "") {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='Empty value for the new password is not allowed.' ></apikeys>";
return;
}
if ($s->password != md5($data->old)) {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='The provided value for the old password is incorrect.' ></apikeys>";
return;
}
$s->password = md5($data->new);
$s->save();
} else {
if (isset($data->msg)) {
$msg = base64_decode($data->msg);
if (trim($msg) == '') {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='Empty message is not allowed' ></apikeys>";
return;
}
$res = APIKeyRequests::sendPermissionsRequest($uid, $keyid, $msg);
if ($res !== true && trim($res) !== '') {
header("HTTP/1.0 400 Bad Request");
echo "<apikeys error='" . $res . "' ></apikeys>";
return;
}
} else {
header("HTTP/1.0 400 Bad Request");
return;
}
}
}
}
}
//Return xml representation of API keys for the current user
$apikeys = new Default_Model_APIKeys();
$apikeys->filter->ownerid->equals($uid)->and($apikeys->filter->authmethods->notequals(0));
$apikeys = $apikeys->items;
echo "<apikeys count='" . count($apikeys) . "' >";
if (count($apikeys) > 0) {
foreach ($apikeys as $apikey) {
echo "<apikey id='" . $apikey->id . "' key='" . $apikey->key . "' ownerid='" . $apikey->ownerid . "' createdon='" . $apikey->createdon . "' authmethods='" . $apikey->authmethods . "' ";
if ($apikey->sysaccountid != null) {
echo "sysaccount='" . $apikey->sysaccountid . "' ";
$rscs = new Default_Model_Researchers();
$rscs->filter->id->equals($apikey->sysaccountid);
if (count($rscs->items) > 0) {
echo "sysusername='******' ";
echo "sysdisplayname='" . $rscs->items[0]->lastname . "' ";
}
}
$netfilters = new Default_Model_APIKeyNetfilters();
$netfilters->filter->keyid->equals($apikey->id);
$netfilters = $netfilters->items;
if (count($netfilters) > 0) {
echo "netfilters='" . count($netfilters) . "' >";
foreach ($netfilters as $netfilter) {
echo "<netfilter value='" . $netfilter->netfilter . "' ></netfilter>";
}
} else {
echo "netfilters='0'>";
}
echo "</apikey>";
}
}
echo "</apikeys>";
}
/**
* implementation of abstract parse() operation from RestXMLParser.
*
* @xml SimpleXMLElement the root element of the application XML representation
*
* @return Default_Model_Researcher
* @access public
*/
public function parse($xml)
{
if (!is_null($this->_user)) {
$person = new Default_Model_Researcher();
try {
$xml = new SimpleXMLElement($xml);
} catch (Exception $e) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = $e->getMessage();
return $person;
}
$xmli = $xml->xpath('//person:person');
if (count($xmli) === 0) {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
return $person;
}
$xml = $xmli[0];
if ($this->_parent->getMethod() === RestMethodEnum::RM_POST) {
if ($xml->attributes()->id) {
$person->id = strval($xml->attributes()->id);
} else {
$this->_error = RestErrorEnum::RE_INVALID_REPRESENTATION;
$this->_extError = 'Resource ID missing';
return $person;
}
}
if ($xml->attributes()->nodissemination) {
$person->noDissemination = strval($xml->attributes()->nodissemination) === "true" ? true : false;
}
if ($xml->attributes()->cname) {
$person->cname = strval($xml->attributes()->cname);
}
$firstname = $this->el($xml, "person:firstname");
if (!is_null($firstname) && trim(strval($firstname)) !== "") {
$person->firstName = trim(strval($firstname));
}
$lastname = $this->el($xml, "person:lastname");
if (!is_null($lastname) && trim(strval($lastname)) !== "") {
$person->lastName = trim(strval($lastname));
}
$gender = $this->el($xml, "person:gender");
if (!is_null($gender)) {
if (trim(strval($gender->attributes(RestAPIHelper::XMLNS_XSI())->nil)) === "true") {
$person->gender = 'n/a';
} elseif (trim(strval($gender)) !== "") {
if (trim(strtolower(strval($gender))) === "male") {
$person->gender = "male";
} elseif (trim(strtolower(strval($gender))) === "female") {
$person->gender = "female";
}
}
}
if ($this->_parent->getMethod() === RestMethodEnum::RM_PUT) {
$person->dateInclusion = date("Y-m-d");
$person->addedByID = $this->_parent->getUser()->id;
}
$person->lastUpdated = date('Y-m-d');
$institute = trim(strval($this->el($xml, "person:institute")));
if (!is_null($institute)) {
$person->institution = trim(strval($institute));
}
$country = $this->el($xml, "regional:country");
if (!is_null($country) && trim(strval($country->attributes()->id)) !== "") {
$person->countryID = trim(strval($country->attributes()->id));
}
$role = $this->el($xml, "person:role");
if (!is_null($role) && trim(strval($role->attributes()->id)) !== "") {
$person->positionTypeID = trim(strval($role->attributes()->id));
}
$image = $this->el($xml, "person:image");
$removeImageCache = false;
if (!is_null($image)) {
if (trim(strval($image->attributes(RestAPIHelper::XMLNS_XSI())->nil)) === "true") {
$person->clearImage();
$removeImageCache = true;
} else {
if (!is_null($image->attributes()->type) && trim(strval($image->attributes()->type)) === "base64") {
// image is given as byte64 encoded string
if (trim(strval($image)) != '') {
$person->image = pg_escape_bytea(trim(strval($image)));
$removeImageCache = true;
}
} else {
// image is given as URL
if (trim(parse_url(strval($image), PHP_URL_SCHEME)) == '') {
// no URL scheme present; assume uploaded file though
// portal's uploadimage action in AppsController
if (trim(strval($image)) != '') {
try {
$person->image = pg_escape_bytea(base64_encode(file_get_contents(APPLICATION_PATH . "/../public/" . trim(strval($image)))));
$removeImageCache = true;
} catch (Exception $e) {
$this->_error = RestErrorEnum::RE_BACKEND_ERROR;
$this->_extError = $e->getMessage();
return $person;
}
}
} else {
// URL scheme present; assume remote file
if (trim(strval($image)) != '') {
try {
$person->image = pg_escape_bytea(base64_encode(file_get_contents(trim(strval($image)))));
$removeImageCache = true;
} catch (Exception $e) {
$this->_error = RestErrorEnum::RE_BACKEND_ERROR;
$this->_extError = $e->getMessage();
return $person;
}
}
}
}
}
}
if ($removeImageCache === true) {
if ($person->id != '' && file_exists(APPLICATION_PATH . "/../cache/ppl-image-" . $person->id . ".png")) {
unlink(APPLICATION_PATH . "/../cache/ppl-image-" . $person->id . ".png");
}
}
$person->save();
if ($this->_parent->getMethod() === RestMethodEnum::RM_POST) {
//remove existing contact info
$conts = new Default_Model_Contacts();
$conts->filter->researcherid->equals($person->id);
$conts->refresh();
for ($i = count($conts->items) - 1; $i >= 0; $i--) {
$conts->remove($conts->items[$i]);
}
}
//add new contact info
$cts = new Default_Model_ContactTypes();
$cts->refresh();
$xmli = $xml->xpath("//person:contact");
$conts2 = new Default_Model_Contacts();
foreach ($xmli as $x) {
if (trim(strval($x)) !== '') {
$cont = new Default_Model_Contact();
$cont->researcherID = $person->id;
$ct = trim(strval($x->attributes()->type));
$ctid = null;
for ($i = 0; $i < count($cts->items); $i++) {
if (strtolower($ct) == strtolower($cts->items[$i]->description)) {
$ctid = $cts->items[$i]->id;
break;
}
}
if (!is_null($ctid)) {
$cont->contactTypeID = $ctid;
} else {
$cont->contactTypeID = 7;
//e-mail by default
}
$cont->data = trim(strval($x));
if (strval($x->attributes()->primary) === "true") {
$cont->isPrimary = true;
}
$conts2->filter->data->equals($cont->data)->and($conts2->filter->contacttypeid->equals(7))->and($conts2->filter->researcherid->notequals($person->id));
$conts2->refresh("xml");
if (count($conts2->items) == 0) {
$cont->save();
} else {
$this->_error = RestErrorEnum::RE_BACKEND_ERROR;
$this->_extError = "e-mail address `" . $cont->data . "' already exists";
return $person;
}
}
}
if ($this->_parent->getMethod() === RestMethodEnum::RM_POST || $this->_parent->getMethod() === RestMethodEnum::RM_PUT) {
$xrels = $xml->xpath("person:relation");
$ps = new Default_Model_Researchers();
$ps->filter->id->equals($person->id);
$p = null;
if (count($ps->items) > 0) {
$p = $ps->items[0];
}
if ($p !== null) {
$rels = array();
if (count($xml->xpath('person:relation[@xsi:nil="true"]')) === 0) {
foreach ($xrels as $x) {
$targuid = trim(strval($x->attributes()->targetguid));
$subguid = trim(strval($x->attributes()->subjectguid));
$rel = array("id" => trim(strval($x->attributes()->id)), "parentid" => trim(strval($x->attributes()->parentid)));
if ($targuid === "") {
$rel["subjectguid"] = $subguid;
} else {
if ($subguid === "") {
$rel["targetguid"] = $targuid;
}
}
if ($rel["parentid"] === "") {
$rel["parentid"] = null;
}
$rels[] = $rel;
}
}
try {
$res = PersonRelations::syncRelations($p->guid, $this->_user->id, $rels);
} catch (Exception $ex) {
$res = $ex->getMessage();
}
if (is_string($res)) {
$this->_error = RestErrorEnum::RE_BACKEND_ERROR;
$this->_extError = $res;
return $p;
}
}
}
}
$this->_error = RestErrorEnum::RE_OK;
return $person;
}
public function save(Default_Model_Researcher $value)
{
global $application;
$data = array();
if (!isnull($value->getId())) {
$data['id'] = $value->getId();
}
if (!isnull($value->getFirstName())) {
$data['firstname'] = $value->getFirstName();
}
if (!isnull($value->getLastName())) {
$data['lastname'] = $value->getLastName();
}
if (!isnull($value->getDateInclusion())) {
$data['dateinclusion'] = $value->getDateInclusion();
}
if (!isnull($value->getInstitution())) {
$data['institution'] = $value->getInstitution();
}
if (!isnull($value->getCountryID())) {
$data['countryid'] = $value->getCountryID();
}
if (!isnull($value->getPositionTypeID())) {
$data['positiontypeid'] = $value->getPositionTypeID();
}
if (!isnull($value->getGuid())) {
$data['guid'] = $value->getGuid();
}
if (!isnull($value->getGender())) {
$data['gender'] = $value->getGender();
}
if (!isnull($value->getLastUpdated())) {
$data['lastupdated'] = $value->getLastUpdated();
}
if (!isnull($value->getName())) {
$data['name'] = $value->getName();
}
if (!isnull($value->getMailUnsubscribePwd())) {
$data['mail_unsubscribe_pwd'] = $value->getMailUnsubscribePwd();
}
if (!isnull($value->getLastLogin())) {
$data['lastlogin'] = $value->getLastLogin();
}
if (!isnull($value->getNoDissemination())) {
$data['nodissemination'] = $this->pgBool($value->getNoDissemination());
}
if (!isnull($value->getAccountType())) {
$data['accounttype'] = $value->getAccountType();
}
if (!isnull($value->getDeleted())) {
$data['deleted'] = $this->pgBool($value->getDeleted());
}
if (!isnull($value->getHitcount())) {
$data['hitcount'] = $value->getHitcount();
}
if (!isnull($value->getCname())) {
$data['cname'] = $value->getCname();
}
if (!isnull($value->getAddedByID())) {
$data['addedby'] = $value->getAddedByID();
}
$q1 = 'id = ?';
$q2 = $value->id;
if (null === ($id = $value->id)) {
unset($data['id']);
$value->id = $this->getDbTable()->insert($data);
} else {
$s = $this->getDbTable()->getAdapter()->quoteInto($q1, $q2);
$this->getDbTable()->update($data, $s);
}
}