/**
* function viewer_guid_conenct
* <pre>
*
* If user has an exisitng intranet login ($new_viewer == false):
* Given GUID and viewer_id, inject GUID into existing viewer
*
* If user never had an intranet login ($new_viewer == true):
* Given a GUID, create new viewer, person, put into access group, etc.
*
* @param $guid [String] [user's GUID]
* @param $viewer [Int] [user's view_id]
* @param $new_viewer [BOO] [true when user never had an intranet login]
* </pre>
* @return [void]
*
*
*/
function viewer_guid_connect($guid, $viewer, $new_viewer)
{
if ($new_viewer) {
// 1. create new viewer
$viewerManager = new RowManager_ViewerManager();
$viewerManager->setGUID($guid);
// GUID
$viewerManager->setLanguageID(1);
// english
// TODO this value should not be hard-coded for the account group
$viewerManager->setAccountGroupID(15);
// the 'unknown' group
$viewerManager->setIsActive(true);
$viewerManager->createNewEntry();
$viewerID = $viewerManager->getID();
// get the ID of the newly created viewer
// 2. put into the 'all' access group
// PART A
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
// add to the 'all' access group
$viewerAccessGroupManager->createNewEntry();
// PART B
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(SPT_APPLICANT_ACCESS_GROUP);
// add to the 'SPT-Student' access group
$viewerAccessGroupManager->createNewEntry();
// 3. create new person (or grab person_id from existing record)
$personManager = new RowManager_PersonManager();
$personManager->setFirstName('');
$personManager->setLastName('');
$personManager->setEmail('');
$personManager->setSortOrder('person_id');
$personManager->setAscDesc('DESC');
// sort by descending person IDs
$personList = $personManager->getListIterator();
$personArray = $personList->getDataList();
//create new entry
$personManager->createNewEntry();
$personID = $personManager->getID();
// get the ID of the newly created person
// 4. create an access table entry for this (viewer,person) combo
$accessManager = new RowManager_AccessManager();
$accessManager->setViewerID($viewerID);
$accessManager->setPersonID($personID);
$accessManager->createNewEntry();
} else {
$viewerManager = new RowManager_ViewerManager($viewer);
//echo ($viewerManager->getID());
$viewerManager->setGUID($guid);
// GUID
$viewerManager->updateDBTable();
}
}
/**
* function __construct
* This is the class constructor for Viewer class
* Initialize a Viewer and determine if they are properly authenticated.
* <pre><code>
* Save the DB connection Info
* If no session ID is set then
* set the Session ID to empty string
* end if
* Get current viewer ID from session ID
* If viewer ID is empty then
* if isDestroySession is set then
* Destroy the Session
* end if
* initialize Empty UnAuthorized Viewer ID
* else
* User Credientials are valid so ...
* Mark as Valid Authentication
*
* Prepare an SQL statement to lookup the viewer info from the DB
* Now load the Data from the DB
* end if
* </pre>
* @param $isDestroySession [BOOL] Should we destroy the session data if not authenticated?
* @param $dbName [STRING] The name of the database the viewer info is stored in
* @param $dbPath [STRING] The path of the database the viewer info is stored in
* @param $dbUser [STRING] The login ID for the database the viewer info is stored in
* @param $dbPassword [STRING] The password of the database the viewer info is stored in
*/
function __construct($isDestroySession = true, $dbName = SITE_DB_NAME, $dbPath = SITE_DB_PATH, $dbUser = SITE_DB_USER, $dbPassword = SITE_DB_PWORD)
{
// if no session ID is set then
if (!isset($_SESSION[SESSION_ID_ID])) {
// set the Session ID to empty string
$_SESSION[SESSION_ID_ID] = '';
}
if ($_SESSION[SESSION_ID_ID] == '') {
$_SESSION[SESSION_ID_ID] = 0;
}
// Get current viewer ID from session ID
$this->viewerID = $_SESSION[SESSION_ID_ID];
// attempt to load a viewerManager object with current viewerID
$this->viewerManager = new RowManager_ViewerManager($this->viewerID);
if ($this->viewerManager->isLoaded()) {
// Update current Session ID with current ViewerID
$_SESSION[SESSION_ID_ID] = $this->viewerID;
if ($this->viewerManager->isActive()) {
$this->isAuthenticated = true;
} else {
$this->isAuthenticated = false;
}
} else {
// Info not stored in session, get from GCX
$this->isAuthenticated = false;
if (CASUser::checkAuth()) {
if (!empty($_SESSION['phpCAS']['guid'])) {
if ($this->validateLogin($_SESSION['phpCAS']['guid'])) {
// a user with this GUID exists in our system
$this->isAuthenticated = true;
} else {
// code added by Russ September 11, 2009
// a user with this GUID does not exist in our system - create them
$guid = $_SESSION['phpCAS']['guid'];
// echo "The GUID[".$guid."]<br/>";
$gcxUsername = $_SESSION['phpCAS']['user'];
// echo "The gcxUsername[".$gcxUsername."]<br/>";
// the gcxUsername is (supposed to be) an email
// check to see if there is a cim_hrdb_person record with this email
// the comparison needs to be case insensitive (since mysql is insensitive by default, no special doctoring is needed)
// search for person record
$personManager = new RowManager_PersonManager();
$foundPerson = $personManager->loadByEmail($gcxUsername);
// get the personID of the person that was searched
$personID = $personManager->getID();
// if record does not exist
// create one
// update the personID
if (!$foundPerson) {
// create a new person record
$newpersonManager = new RowManager_PersonManager();
$newpersonManager->setEmail($gcxUsername);
$newpersonManager->createNewEntry();
$personID = $newpersonManager->getID();
}
// link the personID to the GUID/viewer in the cim_hrdb_access table
// first, check to see if any entry already exists in the access table
// if foundPerson is true above, it's possible (may have been linked to old viewer/username but not promoted to GCX account yet)
$accessManager = new RowManager_AccessManager();
$accessEntryFound = $accessManager->loadByPersonID($personID);
$viewerID = -1;
$createNewViewer = true;
if ($accessEntryFound) {
$viewerID = $accessManager->getViewerID();
$viewerManager = new RowManager_ViewerManager($viewerID);
// double check to make sure the viewer referenced in the access table actually exists
$viewerAlreadyExists = $viewerManager->isLoaded();
if ($viewerAlreadyExists) {
// no need to create a new viewer
$createNewViewer = false;
// update the existing viewer with the GUID and gcxUsername
$viewerManager->setGUID($guid);
$viewerManager->setUserID($gcxUsername);
$viewerManager->setLastLogin();
$viewerManager->updateDBTable();
}
// viewerAlreadyExists
}
// accessEntryFound
if ($createNewViewer) {
// create new viewer (user)
$newviewerManager = new RowManager_ViewerManager();
$newviewerManager->setPassWord('xxx');
$newviewerManager->setUserID($gcxUsername);
$newviewerManager->setLanguageID(1);
// english
// TODO this value should not be hard-coded for the account group
$newviewerManager->setAccountGroupID(15);
// the 'unknown' group
$newviewerManager->setIsActive(true);
$newviewerManager->setGUID($guid);
$newviewerManager->setLastLogin();
$newviewerManager->createNewEntry();
$viewerID = $newviewerManager->getID();
// get the ID of the newly created viewer
if ($accessEntryFound) {
// update the access table to reference the newly created viewer for the persoa
// this is the case where an access table entry may have been orphaned due to the deletion of a viewer
$accessManager->setViewerID($viewerID);
$accessManager->updateDBTable();
} else {
// create an access table entry
$newaccessManager = new RowManager_AccessManager();
$newaccessManager->setViewerID($viewerID);
$newaccessManager->setPersonID($personID);
$newaccessManager->createNewEntry();
}
}
// put into the 'all' access group
$viewerAccessGroupManager = new RowManager_ViewerAccessGroupManager();
$viewerAccessGroupManager->setViewerID($viewerID);
$viewerAccessGroupManager->setAccessGroupID(ALL_ACCESS_GROUP);
// add to the 'all' access group
$viewerAccessGroupManager->createNewEntry();
// Debugging code added by Russ Martin
// echo "validate login failed<br/>";
// echo "<pre>".print_r($_SESSION,true)."</pre>";
// try again to see if everything updated correctly
if ($this->validateLogin($guid)) {
// a user/viewer with this GUID now exists in our system
$this->isAuthenticated = true;
} else {
echo "Something has gone wrong: gcxUsername[" . $gcxUsername . "], guid[" . $guid . "]<br/>";
}
}
} else {
// Debugging code added by Russ Martin
// echo "session variable for storing GUID is empty<br/>";
}
} else {
// Debugging code added by Russ Martin
// echo "CASUser::checkAuth() failed<br/>";
}
}
// set hasSession
$this->hasSession = $this->viewerID != '';
// if no session
if (!$this->hasSession) {
// User Credentials are invalid so
// if they want me to destroy the session then
if ($isDestroySession == true) {
// Remove session
// session_destroy();
}
}
}