static function getMap() { if (!count(self::$services)) { $cacheFilePathArray = array(kConf::get("cache_root_path"), 'api_v3', 'KalturaServicesMap.cache'); $cacheFilePath = implode(DIRECTORY_SEPARATOR, $cacheFilePathArray); if (!file_exists($cacheFilePath)) { $servicesPathArray = array(KALTURA_API_PATH, 'services'); $servicesPath = implode(DIRECTORY_SEPARATOR, $servicesPathArray); self::cacheMap($servicesPath, $cacheFilePath); if (!file_exists($cacheFilePath)) { throw new Exception('Failed to save services cached map to [' . $cacheFilePath . ']'); } } self::$services = unserialize(file_get_contents($cacheFilePath)); } return self::$services + self::$extraServices; }
/** * Test accessibility for the given partner, secret and server * @dataProvider accessibilitySuccessProvider */ public function testAccessibilitySuccess($partnerId, $secret, $configServiceUrl, $isAdmin, $userId) { $testedClient = $this->getClient($partnerId, $secret, $configServiceUrl, $isAdmin, $userId); $permissions = $this->getPermissionsItems($testedClient, $userId, $partnerId, $isAdmin, $configServiceUrl); $alwaysAllowedActions = $this->getAlwaysAllowedActions($partnerId); $serviceMap = KalturaServicesMap::getMap(); $services = array_keys($serviceMap); // $this->testSingleService("batchcontrol", $testedClient, $permissions, $alwaysAllowedActions); foreach ($services as $service) { //We skip the session service if ($service == "session") { continue; } $serviceReflector = new KalturaServiceReflector($service); $actions = array_keys($serviceReflector->getActions()); $serviceName = $serviceReflector->getServiceName(); foreach ($actions as $action) { $params = $this->getActionParams($action, $serviceReflector); if ($action == "list") { $action .= "Action"; } try { if (method_exists($testedClient->{$serviceName}, $action)) { call_user_func_array(array($testedClient->{$serviceName}, $action), $params); //TODO: Handle non exception cases $this->compareServiceAction($permissions, $alwaysAllowedActions, $serviceName, $action); } else { //TODO: handle method doesn't exists... } } catch (Exception $ex) { //Check if the service / action is found in the user permissions $this->compareServiceAction($permissions, $alwaysAllowedActions, $serviceName, $action, $ex); } } } }
<?php require_once "../../bootstrap.php"; KalturaLog::setContext("TESTME"); $service = $_GET["service"]; $action = $_GET["action"]; $bench_start = microtime(true); KalturaLog::INFO(">------- api_v3 testme [{$service}][{$action}]-------"); function toArrayRecursive(KalturaPropertyInfo $propInfo) { return $propInfo->toArray(); } $serviceMap = KalturaServicesMap::getMap(); $actionInfo = null; try { $serviceReflector = $serviceMap[strtolower($service)]; /* @var $serviceReflector KalturaServiceActionItem */ $actionReflector = new KalturaActionReflector($service, $action, $serviceReflector->actionMap[$action]); $actionParams = $actionReflector->getActionParams(); $actionInfo = $actionReflector->getActionInfo(); $actionInfo = array("actionParams" => array(), "description" => $actionInfo->description); foreach ($actionParams as $actionParam) { $actionInfo["actionParams"][] = toArrayRecursive($actionParam); } } catch (Exception $ex) { KalturaLog::ERR("<------- api_v3 testme [{$service}][{$action}\n" . $ex->__toString() . " " . " -------"); } //echo "<pre>"; //echo print_r($actionInfo); echo json_encode($actionInfo); $bench_end = microtime(true);
public function setIncludeOrExcludeList($include, $exclude, $excludePaths = null) { $this->initClassMap(); $this->_excludePathList = array(); if ($excludePaths !== null) { $tempList = explode(",", str_replace(" ", "", $excludePaths)); foreach ($tempList as $item) { $this->_excludePathList[] = realpath(dirname(__FILE__) . "/../../{$item}"); } } // load full list of actions and services $fullList = array(); $serviceMap = null; $serviceMap = KalturaServicesMap::getMap(); foreach ($serviceMap as $serviceId => $serviceActionItem) { /* @var $serviceActionItem KalturaServiceActionItem */ foreach ($serviceActionItem->actionMap as $actionId => $actionCallback) { list($serviceClass, $actionMethodName) = array_values($actionCallback); $servicePath = $this->_classMap[$serviceClass]; if ($this->isPathExcluded($servicePath)) { continue; } $fullList[strtolower($serviceId)][strtolower($actionId)] = true; } } $includeList = array(); if ($include !== null) { $tempList = explode(",", str_replace(" ", "", $include)); foreach ($tempList as $item) { $service = null; $action = null; $item = strtolower($item); if (strpos($item, ".") !== false) { list($service, $action) = explode(".", $item); } if (!key_exists($service, $includeList)) { $includeList[$service] = array(); } if ($action == "*") { if (!array_key_exists($service, $fullList)) { throw new Exception("Service [{$service}] not found"); } $includeList[$service] = $fullList[$service]; } else { $includeList[$service][$action] = true; } } } else { if ($exclude !== null) { $includeList = $fullList; $tempList = explode(",", str_replace(" ", "", $exclude)); foreach ($tempList as $item) { $service = null; $action = null; $item = strtolower($item); if (strpos($item, ".") !== false) { list($service, $action) = explode(".", $item); } if ($action == "*") { // KalturaLog::debug("Excluding service [$service]"); unset($includeList[$service]); } else { // KalturaLog::debug("Excluding action [$service.$action]"); unset($includeList[$service][$action]); } } } else { $includeList = $fullList; } } $this->setIncludeList($includeList); }
/** * Save the following attributes into cache * actionInfo, actionParams, actionClassInfo */ protected function cacheReflectionValues() { if (!function_exists('apc_store')) { return; } $servicesMapLastModTime = KalturaServicesMap::getServiceMapModificationTime(); $cacheValue = array(KalturaServicesMap::SERVICES_MAP_MODIFICATION_TIME => $servicesMapLastModTime, "actionInfo" => $this->getActionInfo(), "actionParams" => $this->getActionParams(), "actionClassInfo" => $this->getActionClassInfo()); $success = apc_store("{$this->_serviceId}_{$this->_actionId}", $cacheValue); }
public function dispatch($service, $action, $params = array()) { $start = microtime(true); // prevent impersonate to partner zero $p = isset($params["p"]) && $params["p"] ? $params["p"] : null; if (!$p) { $p = isset($params["partnerId"]) && $params["partnerId"] ? $params["partnerId"] : null; } $GLOBALS["partnerId"] = $p; // set for logger $userId = ""; $ksStr = isset($params["ks"]) ? $params["ks"] : null; if (!$service) { throw new KalturaAPIException(KalturaErrors::SERVICE_NOT_SPECIFIED); } //strtolower on service - map is indexed according to lower-case service IDs $service = strtolower($service); $serviceActionItem = KalturaServicesMap::retrieveServiceActionItem($service, $action); $action = strtolower($action); if (!isset($serviceActionItem->actionMap[$action])) { KalturaLog::crit("Action does not exist!"); throw new KalturaAPIException(KalturaErrors::ACTION_DOES_NOT_EXISTS, $action, $service); } try { $actionReflector = new KalturaActionReflector($service, $action, $serviceActionItem->actionMap[$action]); } catch (Exception $e) { throw new Exception("Could not create action reflector for service [{$service}], action [{$action}]. Received error: " . $e->getMessage()); } $actionParams = $actionReflector->getActionParams(); $actionInfo = $actionReflector->getActionInfo(); // services.ct - check if partner is allowed to access service ... kCurrentContext::$host = isset($_SERVER["HOSTNAME"]) ? $_SERVER["HOSTNAME"] : gethostname(); kCurrentContext::$user_ip = requestUtils::getRemoteAddress(); kCurrentContext::$ps_vesion = "ps3"; kCurrentContext::$service = $serviceActionItem->serviceInfo->serviceName; kCurrentContext::$action = $action; kCurrentContext::$client_lang = isset($params['clientTag']) ? $params['clientTag'] : null; kCurrentContext::initKsPartnerUser($ksStr, $p, $userId); // validate it's ok to access this service $deserializer = new KalturaRequestDeserializer($params); $this->arguments = $deserializer->buildActionArguments($actionParams); KalturaLog::debug("Dispatching service [" . $service . "], action [" . $action . "], reqIndex [" . kCurrentContext::$multiRequest_index . "] with params " . print_r($this->arguments, true)); $responseProfile = $deserializer->getResponseProfile(); if ($responseProfile) { KalturaLog::debug("Response profile: " . print_r($responseProfile, true)); } kPermissionManager::init(kConf::get('enable_cache')); kEntitlementUtils::initEntitlementEnforcement(); $disableTags = $actionInfo->disableTags; if ($disableTags && is_array($disableTags) && count($disableTags)) { foreach ($disableTags as $disableTag) { KalturaCriterion::disableTag($disableTag); } } if ($actionInfo->validateUserObjectClass && $actionInfo->validateUserIdParamName && isset($actionParams[$actionInfo->validateUserIdParamName])) { // // TODO maybe if missing should throw something, maybe a bone? // if(!isset($actionParams[$actionInfo->validateUserIdParamName])) // throw new KalturaAPIException(KalturaErrors::MISSING_MANDATORY_PARAMETER, $actionInfo->validateUserIdParamName); KalturaLog::debug("validateUserIdParamName: " . $actionInfo->validateUserIdParamName); $objectId = $params[$actionInfo->validateUserIdParamName]; $this->validateUser($actionInfo->validateUserObjectClass, $objectId, $actionInfo->validateUserPrivilege, $actionInfo->validateOptions); } // initialize the service before invoking the action on it // action reflector will init the service to maintain the pluginable action transparency $actionReflector->initService($responseProfile); $invokeStart = microtime(true); KalturaLog::debug("Invoke start"); try { $res = $actionReflector->invoke($this->arguments); } catch (KalturaAPIException $e) { if ($actionInfo->returnType != 'file') { throw $e; } KalturaResponseCacher::adjustApiCacheForException($e); $res = new kRendererDieError($e->getCode(), $e->getMessage()); } kEventsManager::flushEvents(); KalturaLog::debug("Invoke took - " . (microtime(true) - $invokeStart) . " seconds"); KalturaLog::debug("Dispatch took - " . (microtime(true) - $start) . " seconds, memory: " . memory_get_peak_usage(true)); return $res; }
public function isServiceExists($serviceId) { if (array_key_exists($serviceId, $this->_servicesMap)) { return true; } if (strpos($serviceId, '_') <= 0) { return false; } $serviceId = strtolower($serviceId); list($servicePlugin, $serviceName) = explode('_', $serviceId); $pluginInstances = KalturaPluginManager::getPluginInstances('IKalturaServices'); if (!isset($pluginInstances[$servicePlugin])) { return false; } $pluginInstance = $pluginInstances[$servicePlugin]; $servicesMap = $pluginInstance->getServicesMap(); KalturaLog::debug(print_r($servicesMap, true)); foreach ($servicesMap as $name => $class) { if (strtolower($name) == $serviceName) { $class = $servicesMap[$name]; KalturaServicesMap::addService($serviceId, $class); $this->_servicesMap = KalturaServicesMap::getMap(); return true; } } return false; }
$serviceConfig->setServiceName($serviceActionName); $serviceSplit = explode('.', $serviceActionName); $serviceName = $serviceSplit[0]; $actionName = $serviceSplit[1]; $ticketTypes = explode(',', $serviceConfig->getTicketType()); $serviceId = $serviceName; $pluginName = getPluginNameFromServicesCtPath($ctPath); if ($pluginName) { $serviceId = strtolower($pluginName) . '_' . $serviceId; } $serviceClass = KalturaServicesMap::getService($serviceId); if (!$serviceClass) { $tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName); if ($tmpServiceIds && count($tmpServiceIds) == 1) { $serviceId = reset($tmpServiceIds); $serviceClass = KalturaServicesMap::getService($serviceId); } } if (!$serviceClass) { $msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } // skip action if set with ticket type N (blocked) if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) { $msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!'; KalturaLog::notice($msg); echo $msg . PHP_EOL; continue; }
public function setIncludeOrExcludeList($include, $exclude) { // load full list of actions and services $fullList = array(); $serviceMap = KalturaServicesMap::getMap(); $services = array_keys($serviceMap); foreach ($services as $service) { $serviceReflector = new KalturaServiceReflector($service); $actions = $serviceReflector->getActions(); foreach ($actions as &$action) { // we need only the keys $action = true; } $fullList[$service] = $actions; } $includeList = array(); if ($include !== null) { $tempList = explode(",", str_replace(" ", "", $include)); foreach ($tempList as $item) { $service = null; $action = null; $item = strtolower($item); if (strpos($item, ".") !== false) { list($service, $action) = explode(".", $item); } if (!key_exists($service, $includeList)) { $includeList[$service] = array(); } if ($action == "*") { if (!array_key_exists($service, $fullList)) { throw new Exception("Service [{$service}] not found"); } $includeList[$service] = $fullList[$service]; } else { $includeList[$service][$action] = true; } } } else { if ($exclude !== null) { $includeList = $fullList; $tempList = explode(",", str_replace(" ", "", $exclude)); foreach ($tempList as $item) { $service = null; $action = null; $item = strtolower($item); if (strpos($item, ".") !== false) { list($service, $action) = explode(".", $item); } if ($action == "*") { // KalturaLog::debug("Excluding service [$service]"); unset($includeList[$service]); } else { // KalturaLog::debug("Excluding action [$service.$action]"); unset($includeList[$service][$action]); } } } else { $includeList = $fullList; } } $this->setIncludeList($includeList); }
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId) { // get list of services defined in the services.ct files $servicesTable = $serviceConfig->getAllServicesByCt(); // for each defined service.action foreach ($servicesTable as $ctPath => $services) { foreach ($services as $serviceActionName) { $serviceConfig->setServiceName($serviceActionName); $serviceSplit = explode('.', $serviceActionName); $serviceName = $serviceSplit[0]; $actionName = $serviceSplit[1]; $ticketTypes = explode(',', $serviceConfig->getTicketType()); $serviceId = $serviceName; $pluginName = getPluginNameFromServicesCtPath($ctPath); if ($pluginName) { $serviceId = strtolower($pluginName) . '_' . $serviceId; } $serviceClass = KalturaServicesMap::getService($serviceId); if (!$serviceClass) { $tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName); if ($tmpServiceIds && count($tmpServiceIds) == 1) { $serviceId = reset($tmpServiceIds); $serviceClass = KalturaServicesMap::getService($serviceId); } } if (!$serviceClass) { $msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } // skip action if set with ticket type N (blocked) if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) { $msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!'; KalturaLog::notice($msg); echo $msg . PHP_EOL; continue; } // check if a permission item for the current action already exists $c = new Criteria(); $c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL); $c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL); $c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN); $permissionItem = PermissionItemPeer::doSelectOne($c); if ($permissionItem) { $msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; } else { // create a new api action permission item and save it $permissionItem = new kApiActionPermissionItem(); $permissionItem->setService($serviceId); $permissionItem->setAction($actionName); $permissionItem->setPartnerId($partnerId); $permissionItem->save(); } // get the defined permission names from the tags section of the services.ct file $permissionNames = $serviceConfig->getTags(); $permissionNames = explode(',', $permissionNames); $anyPermissionSet = false; // was any permission set to include the current permission item or not foreach ($permissionNames as $permissionName) { if (!$permissionName) { continue; } // add the permission item to all its defined permission objects $c = new Criteria(); $c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL); $c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL); //$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN); $permission = PermissionPeer::doSelectOne($c); if (!$permission) { $msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; continue; } $permission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } // add permission item to the basic NO_KS and USER_KS permissions according to its ticket type // (partner admin role already contains all other permissions) if ($setBaseSystemPermissions) { if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) { $noKsPermission->addPermissionItem($permissionItem->getId(), true); $userSessionPermission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } else { if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) { $userSessionPermission->addPermissionItem($permissionItem->getId(), true); $anyPermissionSet = true; } } } if (!$anyPermissionSet) { $msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']'; KalturaLog::alert($msg); echo $msg . PHP_EOL; } } } }