/** * Method called when the module is enabled for the first time. * @param boolean -- returns true on success. false on error. */ public function action_initialize() { //initialize the user tables //initialize the user tables $init = I2CE::getUserAccessInit('DHIS'); if (empty($init)) { $options = array(); } else { $options = json_decode($init, true); if (!is_array($options)) { I2CE::raiseError("Invalid user access initilization string for DHIS"); $options = array(); } } $options = self::ensureDefaultOptions($options); $db = MDB2::singleton(); $qrs = array(); $qrs[] = 'CREATE TABLE IF NOT EXISTS ' . $options['detailTable'] . ' ' . '(userinfoid integer NOT NULL,' . ' surname varchar(160) NOT NULL,' . ' firstname varchar(160) NOT NULL,' . ' email varchar(160),' . ' phonenumber varchar(80),' . ' CONSTRAINT userinfo_pkey PRIMARY KEY (userinfoid)' . ')'; $qrs[] = 'CREATE TABLE IF NOT EXISTS ' . $options['passTable'] . ' ' . '(userid integer NOT NULL,' . ' username varchar(255) NOT NULL,' . ' password varchar(255) NOT NULL,' . ' CONSTRAINT users_pkey PRIMARY KEY (userid),' . ' CONSTRAINT fk6a68e08f19893da FOREIGN KEY (userid)' . ' REFERENCES ' . $options['detailTable'] . ' (userinfoid) MATCH SIMPLE' . ' ON UPDATE NO ACTION ON DELETE NO ACTION,' . ' CONSTRAINT users_username_key UNIQUE (username)' . ')'; $qrs[] = 'CREATE TABLE IF NOT EXISTS ' . $options['accessTable'] . ' ' . '( `user` int(11) NOT NULL,' . ' `role` varchar(255) collate utf8_bin NOT NULL,' . ' PRIMARY KEY (`user`)' . ') ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin'; $qrs[] = 'CREATE TABLE IF NOT EXISTS ' . $options['logTable'] . ' ' . '(`user` int(11) NOT NULL,' . ' `login` datetime NOT NULL,' . ' `logout` datetime default NULL,' . ' `session_id` varchar(50) NOT NULL,' . ' `activity` datetime NOT NULL,' . ' KEY `user` (`user`),' . ' KEY `login` (`login`)' . ') ENGINE=MyISAM DEFAULT CHARSET=utf8'; I2CE::raiseError("Initializing User Table. Users' details table se stored in database {$options['userDB']}"); foreach ($qrs as $qry) { if (I2CE::pearError($db->query($qry), "Cannot create user table")) { I2CE::raiseError("Could not initialize I2CE user tables"); return false; } } return true; }
/** * Create a new instance of a default I2CE table user access mechanism */ public function __construct() { $protocol = substr(get_class($this), 16); if (!$protocol) { $protocol = 'DEFAULT'; } $this->protocol = $protocol; $init = I2CE::getUserAccessInit($protocol); if (empty($init)) { $options = array(); } else { $options = json_decode($init, true); if (!is_array($options)) { I2CE::raiseError("Invalid user access initilization string"); $options = array(); } } if (!array_key_exists('admin_user', $options)) { $options['admin_user'] = '******'; } if (!array_key_exists('admin_pass', $options)) { $options['admin_pass'] = MDB2::singleton()->dsn['password']; } if (!array_key_exists('admin_details', $options) || !is_array($options['admin_details'])) { $options['admin_details'] = array(); } if (!array_key_exists('auto_login', $options)) { $options['auto_login'] = 0; } if (!array_key_exists('auto_login_user', $options)) { $options['auto_login_user'] = false; } $this->options = $this->ensureDefaultOptions($options); }
/** * Ensure that the user table is presnet, if not attempt to create it * @returns boolean */ protected function ensureUserTable() { //initialize the user tables $init = I2CE::getUserAccessInit('DEFAULT'); if (empty($init)) { $options = array(); } else { $options = json_decode($init, true); if (!is_array($options)) { I2CE::raiseError("Invalid user access initilization string for Default"); $options = array(); } } $options = self::ensureDefaultOptions($options); $db = MDB2::singleton(); $qry = 'CREATE TABLE IF NOT EXISTS ' . $options['user_table'] . ' ' . '(`id` int(11) NOT NULL auto_increment,' . ' `username` varchar(20) NOT NULL,' . ' `role` varchar(255) collate utf8_bin NOT NULL,' . ' PRIMARY KEY (`id`),' . ' UNIQUE KEY `username` (`username`)' . ') ENGINE=InnoDB DEFAULT CHARSET=utf8 COLLATE=utf8_bin'; I2CE::raiseError("Initializing LDA-DB User Table. Users' details table se stored in database {$options['userDB']}"); if (I2CE::pearError($db->query($qry), "Cannot create user access table: {$qry}")) { I2CE::raiseError("Could not initialize LDAP-DB user table"); return false; } return true; }
protected function updateAccessTable() { $db = MDB2::singleton(); $options = self::getInitOptions(I2CE::getUserAccessInit('DEFAULT')); $rows = $db->queryAll("SHOW FULL COLUMNS FROM " . $options['accessTable'] . " WHERE Field='role'"); if (substr($rows[0]->type, 0, 3) != 'int') { I2CE::raiseError("NOT doing access table"); return true; } I2CE::raiseError("Altering access table to 3.x format"); return I2CE::runSQLScript('update-access-table.sql'); }
/** * Ensure the organziational entries in the LDAP server for People and Application * @returns boolean. True on success */ protected function ensureOrganizationalEntries() { $init = I2CE::getUserAccessInit('LDAP'); if (empty($init)) { $options = array(); } else { $options = json_decode($init, true); if (!is_array($options)) { I2CE::raiseError("Invalid user access initilization string for LDAP"); $options = array(); } } $options = self::ensureDefaultOptions($options); $ldap = @ldap_connect($options['host'], $options['port']); if (!is_resource($ldap)) { I2CE::raiseError("Could not connect to ldap server on {$options['host']}:{$options['port']}"); return false; } @ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, 3); @ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); if ($options['ldap_user'] && $options['ldap_pass'] && !@ldap_bind($ldap, 'cn=' . $options['ldap_user'] . ',' . $options['dn'], $options['ldap_pass'])) { I2CE::raiseError("Could not bind to ldap server as user {$options['ldap_user']},{$options['dn']} "); @ldap_close($ldap); return false; } $dns = array($options['dn'] => array($options['people'], $options['apps']), 'ou=' . $options['apps'] . ', ' . $options['dn'] => array($options['app']), 'ou=' . $options['app'] . ',ou=' . $options['apps'] . ', ' . $options['dn'] => array($options['roles'], $options['ids'])); foreach ($dns as $base => $ous) { foreach ($ous as $ou) { if (!($r = @ldap_search($ldap, $base, 'ou=' . $ou, array()))) { I2CE::raiseError("Could not access at {$base}"); return false; } $dn = "ou={$ou},{$base}"; if (ldap_count_entries($ldap, $r) > 0) { I2CE::raiseError("{$dn} exists. not creating"); continue; } $entry = array('ou' => $ou, 'objectClass' => 'organizationalUnit'); if (!@ldap_add($ldap, $dn, $entry)) { I2CE::raiseError("Could not add at {$dn}:\n" . print_r($entry, true)); @ldap_close($ldap); return false; } I2CE::raiseError("{$dn} created"); } } @ldap_close($ldap); return true; }