public function setup() { $entry = $this->_ldap->search('uid=' . $this->_authType->getUsername())->getFirst(); if (!$entry) { throw new Exception('LDAP entry with uid=' . $this->_authType->getUsername() . ' not found.'); } if (isset($entry['l'])) { /* Having the l attribute can mean a user is in session. */ $qname = Zend_Registry::get('config')->institution . ':' . $this->_authType->getUsername(); $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $qname)); /* If in session, don't play around with Samba passwords, they are probably * already set with batch login passwords. */ if ($session->inSession) { return; } /* Having 'l' and not in session means something f'ed up, so delete it. */ $this->_logger->warn('Account with DN ' . $entry['dn'] . " has 'l' attribute and is not in session. " . 'This attribute will be deleted.'); $entry['l'] = ''; } $lmHash = $this->_smbHash->lmhash($this->_authType->getPassword()); $ntHash = $this->_smbHash->nthash($this->_authType->getPassword()); if ($lmHash == $entry['sambalmpassword'] && $ntHash == $entry['sambantpassword']) { return; } $entry['sambalmpassword'] = $lmHash; $entry['sambantpassword'] = $ntHash; $this->_ldap->save($entry['dn'], $entry); $this->_logger->debug("Restored password of user with DN " . $entry['dn']); }
public function init() { $response = Sahara_Soap::getSchedServerSessionClient()->getSessionInformation(array('userQName' => Zend_Auth::getInstance()->getIdentity())); $home = new Sahara_Home(Sahara_Home::getHomeDirectoryLocation(), time() - $response->time); $home->loadContents(); $this->_view->files = $home->getFlattenedContents(); $this->view->refreshTime = $this->_config->home->sessionrefresh; if (!$this->view->refreshTime) { $this->view->refreshTime = self::DEFAULT_REFRESH_SEC; } }
/** * Terminates a running batch invocation. */ public function abortAction() { $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $response = Sahara_Soap::getSchedServerSessionClient()->getSessionInformation(array('userQName' => $this->_auth->getIdentity())); if (!$response->isInSession) { /* Not in session, so unable to determine the rig clients address. */ $error = array('success' => 'false', 'error' => array('code' => -1, 'operation' => 'Batch abort request', 'reason' => 'not in session')); echo $this->view->json($error); return; } try { list($ns, $name) = explode(':', $this->_auth->getIdentity()); $rigClient = new Sahara_Soap($response->contactURL . '?wsdl'); echo $this->view->json($rigClient->abortBatchControl(array('requestor' => $name))); } catch (Exception $ex) { $this->_logger->error("Soap error calling batch 'abortBatchControl'. Message: " . $ex->getMessage() . ', code: ' . $ex->getCode() . '.'); echo $this->view->json(array('success' => false, 'error' => array('code' => -4, 'operation' => 'Batch abort request', 'reason' => 'Exception aborting batch, message: ' . $ex->getMessage()))); } }
/** * Action to cancel a rig offline period. */ public function cancelofflineAction() { $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $id = $this->_getParam('pid'); if (!$id) { echo $this->view->json(array('successful' => false, 'failureCode' => -1, 'failureReason' => 'Period ID not supplied.')); } echo $this->view->json(Sahara_Soap::getSchedServerRigManagementClient()->cancelRigOffline(array('requestorQName' => $this->_auth->getIdentity(), 'period' => array('id' => $id, 'start' => '2010-02-02T00:00:00+00:00', 'end' => '2010-02-02T00:00:00+00:00', 'reason' => 'dummy')))); }
/** * Action to bridge a primitive call to the in session rigclient. If a * response parameter name is specified, its value is as a file to download. * If no response parameter is specifed, all the response paramters are * returned as a file in the format: * name=value,name=value,... * <br /> * The mandatory parameters are: * <ul> * <li>pc | primitiveController => The name of the primitive controller.</li> * <lI>pa | primitiveAction => The name of the action to run on the specified * controller.</li> * </ul> * The optional parameters are: * <ul> * <li>rp | responseParam => The name of the response pasrameter.</li> * <li>mime => The mime type of returned file.</li> * <li>fn | filename => The name of file (also forces file downlod)</li> * <li>tf | transform => A transform to apply to the code. The transform * options are: * 1) 'base64' - this base64 decodes the return value and should be used * if the response is binary data.</li> * </ul> * Any other provided parameters are used as primitive request parameters. * <br /> * If the called failed 'FAILED' is returned. */ public function fileAction() { $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $mime = $this->_config->primitive->file->mime; $response = Sahara_Soap::getSchedServerSessionClient()->getSessionInformation(array('userQName' => $this->_auth->getIdentity())); if (!$response->isInSession) { /* Not in session, so unable to determine the rig clients address. */ echo 'FAILED'; return; } /* Set up the correct object model. */ list($junk, $allocUser) = explode(':', $this->_auth->getIdentity(), 2); $request = array('requestor' => $allocUser, 'param' => array()); foreach ($this->_request->getParams() as $key => $val) { switch ($key) { case 'pc': case 'primitiveController': $request['controller'] = $val; break; case 'pa': case 'primitiveAction': $request['action'] = $val; break; case 'rp': case 'responseParam': $responseParam = $val; break; /* MIME type of file. */ /* MIME type of file. */ case 'mime': // Mime type $mime = implode('/', explode('-', $val, 2)); break; /* Filename of file (forces download). */ /* Filename of file (forces download). */ case 'fn': case 'downloadedname': $filename = $val; break; /* Transform for string. */ /* Transform for string. */ case 'tf': case 'transform': $transform = $val; break; /* These are Zend request parameters and irrelevant to the * primitive call. */ /* These are Zend request parameters and irrelevant to the * primitive call. */ case 'controller': case 'action': case 'module': break; /* Parameters to provide to primitive call. */ /* Parameters to provide to primitive call. */ default: $param = array('name' => $key, 'value' => $val); array_push($request['param'], $param); break; } } /* Set header about the response. */ header("Content-Type: {$mime}"); if (isset($filename)) { header("Content-disposition: attachment; filename={$filename}"); } try { $rigClient = new Sahara_Soap($response->contactURL . '?wsdl'); $response = $rigClient->performPrimitiveControl($request); if (!$response->success) { echo "FAILED " . $response->error->reason; return; } $response = $response->result; /* Return the specified response. */ if ($responseParam) { if (isset($response->name) && $response->name == $responseParam) { echo $this->_echoWithTransform($response->value, $transform); return; } else { foreach ($response as $r) { if ($r->name == $responseParam) { echo $this->_echoWithTransform($r->value, $transform); return; } } } echo 'FAILED'; return; } /** Return all the response parameters. */ if (isset($response->name)) { echo $this->_echoWithTransform($response->value, $transform); return; } foreach ($response as $r) { $str .= $r->name . '=' . $r->value . ','; } if (isset($str)) { echo $this->_echoWithTransform(substr($str, 0, strlen($str) - 1), $transform); return; } echo 'FAILED'; } catch (Exception $ex) { echo 'FAILED'; } }
/** * Action to bridge a primitive call to the in session rigclient. The * response is returned as a JSON string (either the response object or * a Zend fault). * <br /> * The mandatory parameters are: * <ul> * <li>primitiveController => The name of the primitive controller.</li> * <lI>primitiveAction => The name of the action to run on the specified controller.</li> * </ul> * Any other provided parameters are used as primitive request parameters. */ public function primitivebridgeAction() { $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $response = Sahara_Soap::getSchedServerSessionClient()->getSessionInformation(array('userQName' => $this->_auth->getIdentity())); if (!$response->isInSession) { /* Not in session, so unable to determine the rig clients address. */ $error = array('success' => 'false', 'error' => array('code' => -1, 'operation' => 'Primitive bridge request', 'reason' => 'not in session')); echo $this->view->json($error); return; } /* Set up the correct object model. */ list($junk, $allocUser) = explode(':', $this->_auth->getIdentity(), 2); $request = array('requestor' => $allocUser, 'param' => array()); foreach ($this->_request->getParams() as $key => $val) { switch ($key) { case 'primitiveController': $request['controller'] = $val; break; case 'primitiveAction': $request['action'] = $val; break; case 'controller': case 'action': case 'module': /* These are Zend request parameters and irrelevant to the * primitive call. */ break; default: $param = array('name' => $key, 'value' => $val); array_push($request['param'], $param); break; } } try { $rigClient = new Sahara_Soap($response->contactURL . '?wsdl'); echo $this->view->json($rigClient->performPrimitiveControl($request)); } catch (Exception $ex) { echo $this->view->json($ex); } }
/** * Receives a support request. */ public function supportAction() { /* Disable view renderer and layout. */ $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $params = $this->_request->getParams(); /* Try to detect bots auto-submitting the form. Two methods are currently * employed, making sure the user agent starts with 'Mozilla' & making sure * the honeypot field is not set. */ if (isset($params['botsfu']) && $params['botsfu'] != '' || (!isset($params['useragent']) || $params['useragent'] == '' || strpos(trim($params['useragent']), 'Mozilla/') !== 0)) { $this->_logger->warn('Rejecting support message from IP: ' . $this->_getRemoteIP() . ', name: ' . $params['name'] . ', email: ' . $params['email']); echo $this->view->json(array('success' => 'false')); return; } /* Make sure the fields are populated. */ if (!(isset($params['name']) && isset($params['email']) && isset($params['type']) && isset($params['purpose']) && isset($params['feedback']))) { echo $this->view->json(array('success' => 'false')); return; } $this->_logger->info('Received feedback email from ' . $params['name'] . ' (' . $params['email'] . '). ' . 'Feedback type: ' . $params['type'] . '. Purpose of user: '******'purpose'] . '. Feedback: ' . $params['feedback'] . '.'); $mail = new Sahara_Mail(); $mail->setFrom($params['email'], $params['name']); $mail->setSubject('Sahara feedback from ' . $params['name']); /* Feedback email body. */ $body = "#################################################################\n"; $body .= "## Sahara Feedback Received\n"; $body .= "#################################################################\n\n"; $body .= "Time: " . date('r') . "\n\n"; if ($cred = $this->_auth->getIdentity()) { $body .= "## Session Details\n"; $body .= "Credential: {$cred}\n"; try { $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $this->_auth->getIdentity())); $body .= "In Queue: " . ($session->inQueue ? 'true' : 'false') . "\n"; $body .= "In Session: " . ($session->inSession ? 'true' : 'false') . "\n"; if ($session->inQueue) { $body .= "Queued resource ID: " . $session->queuedResouce->resourceID . "\n"; $body .= "Queued resource name: " . $session->queuedResouce->resourceName . "\n"; $body .= "Queued resource type: " . $session->queuedResouce->type . "\n"; } if ($session->inSession) { $body .= "Session resource ID: " . $session->assignedResource->resourceID . "\n"; $body .= "Session resource name: " . $session->assignedResource->resourceName . "\n"; $body .= "Session resource type: " . $session->assignedResource->type . "\n"; } } catch (Exception $ex) { $body .= "Exception when attempting to determine session status with message '" . $ex->getMessage() . "'.\n"; } $body .= "\n"; } $body .= "## Feedback Details\n"; $body .= "From: " . $params['name'] . " <" . $params['email'] . ">\n"; $body .= "Type: " . $params['type'] . "\n"; $body .= "Purpose: " . $params['purpose'] . "\n\n"; $body .= "Feedback:\n "; $body .= $params['feedback'] . "\n\n"; $body .= "## Diagnostics:\n"; $body .= "IP: " . $this->_getRemoteIP() . "\n"; $body .= "User Agent: " . urldecode($params['useragent']) . "\n"; $body .= "Java enabled: " . $params['javaenabled'] . "\n"; $body .= "UTC Offset: " . $params['utcoffset'] . "\n"; if (array_key_exists('navplugins', $params)) { $body .= "Plugins:\n"; $plugins = explode(';', urldecode($params['navplugins'])); foreach ($plugins as $p) { if (strpos($p, '=') === false) { continue; } list($name, $ver) = explode('=', $p, 2); $body .= " * {$name} => {$ver}\n"; } } $body .= "\n#################################################################\n"; $mail->setBody($body); $addresses = $this->_config->feedback->address; if ($addresses instanceof Zend_Config) { foreach ($addresses as $addr) { $mail->addTo($addr); } } else { $mail->addTo($addresses); } try { $mail->send(); } catch (Exception $ex) { $this->_logger->error('Failed to send feedback email. Error message: ' . $ex->getMessage() . ". Message body: {$body}"); } /* Tells validation engine that submission succeeded. */ echo $this->view->json(array('success' => 'true')); }
/** * View for a booking that is about to start. */ public function waitingAction() { $this->view->headTitle($this->_headPrefix . 'Reservation'); $this->view->bid = $this->_request->getParam('bid'); if (!$this->view->bid) { $this->_redirectTo('index', 'queue'); } $booking = Sahara_Soap::getSchedServerBookingsClient()->getBooking(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'bookingID' => array('bookingID' => $this->view->bid))); $this->view->displayName = $booking->displayName; $this->view->time = Sahara_DateTimeUtil::getTsFromISO8601($booking->startTime) - time(); }
/** * Loads up permissions and authorisation. If the user is authorized to view * the current page they are redirected to the login page. */ public function preDispatch() { $this->_acl->loadPermissions(); $controller = $this->getRequest()->getControllerName(); $action = $this->getRequest()->getActionName(); /* Check if the user has permission for the requested resource. */ if (!$this->_acl->hasPermission($controller, $action)) { $this->_flashMessenger->addMessage("Your session has timed out."); $this->_redirectTo('index', 'index'); } /* Set up some information for the navigation menu. */ $this->view->userRole = $this->_acl->getUserRole(); $this->view->controller = $controller; $this->view->action = $action; $page = $controller . $action; /* Check if the user has a pending request and should be in the queue * or on a experiment page. */ if ($this->_acl->getUserRole() != Sahara_Acl::UNAUTH) { $status = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $this->_auth->getIdentity())); /* Force a user to be specific places depending on where they are in session. */ if ($status->inQueue && $page != 'queuequeuing' && !in_array($page, $this->_noRedirectPages)) { /* User in queue but not on queueing page. */ $this->_redirectTo('queuing', 'queue'); } else { if ($status->inQueue) { $this->view->userRole = self::PSEUDO_ROLE_QUEUE; } else { if ($status->inSession && $page != 'sessionindex' && !in_array($page, $this->_noRedirectPages)) { /* User in session but not on session page. */ $this->_redirectTo('index', 'session'); } else { if ($status->inSession) { $this->view->userRole = self::PSEUDO_ROLE_SESSION; } else { if ($status->inBooking && $page != 'bookingswaiting' && !in_array($page, $this->_noRedirectPages)) { $this->_redirectTo('waiting', 'bookings', array('bid' => $status->bookingID)); } else { if ($status->inBooking) { $this->view->userRole = self::PSEUDO_ROLE_BOOKING; } else { if ($page == 'queuequeuing' || $page == 'sessionindex' || $page == "indexindex") { /* Was in queue or in session, but that is finished so redirect * them back home. */ switch ($this->_acl->getUserRole()) { case Sahara_Acl::USER: $this->_redirectTo('index', 'queue'); break; case Sahara_Acl::RESEARCH: $this->_redirectTo('index', 'research'); break; case Sahara_Acl::ACADEMIC: $this->_redirectTo('index', 'queue'); break; case Sahara_Acl::ADMIN: $this->_redirectTo('index', 'admin'); break; default: $this->view->messages = array("Unknown user \"{$qName}\"."); break; } } } } } } } } } }
/** * Action to delete a file. */ public function deletesessionAction() { $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $path = $homePath = Sahara_Home::getHomeDirectoryLocation(); $reqPath = $this->_getParam('path'); if ($reqPath) { $reqPath = implode('/', explode(':', $reqPath)); } $reqFile = $this->_getParam('file'); list($junk, $user) = explode(':', $this->_auth->getIdentity(), 2); if ($reqPath && !($path = realpath($path . '/' . $reqPath))) { $this->_logger->warn("Unable to delete {$reqFile} because path {$path} does not exist in home directory " . "{$homeDir}."); echo "FAILED: Path {$reqPath} does not exist."; return; } if (strpos($path, $user) === false) { $this->_logger->warn("Unable to delete {$reqFile} because path {$path} does not contain user name {$user}."); echo "FAILED: Path does not include name {$user}."; return; } $file = $path . '/' . $reqFile; if (!is_file($file)) { $this->_logger->warn("Unable to delete {$reqFile} because it does not exist."); echo "FAILED: File {$reqFile} does not exist."; return; } if (!unlink($file)) { echo 'FAILED: Permission denied.'; return; } $response = Sahara_Soap::getSchedServerSessionClient()->getSessionInformation(array('userQName' => $this->_auth->getIdentity())); $home = new Sahara_Home($homePath, time() - $response->time); $home->loadContents(); echo $this->view->json($home->getFlattenedContents()); }
/** * Send error email to configured error handling reciepts. * * @param array $errors error details */ private function _sendErrorEmail($errors) { if ($this->_config->error->disableMessages) { return; } $request = $errors->request; $exception = $errors->exception; $mail = new Sahara_Mail(); $mail->setFrom($this->_config->email->from->address, $this->_config->email->from->name); $mail->setSubject('Sahara WI fatal error occurred at ' . date('r')); $body = "#################################################################\n"; $body .= "## Sahara Fatal Error\n"; $body .= "#################################################################\n\n"; $body .= "Time: " . date('r') . "\n"; $body .= "Request: " . $request->getRequestUri() . "\n"; $body .= "Params: "; foreach ($request->getParams() as $p => $v) { /* Don't provide the clear text credential. */ $len = strlen($v); if ($p == 'password') { $v = ''; for ($i = 0; $i < $len; $i++) { $v .= '*'; } } $body .= "{$p}={$v} "; } $body .= "\n\n"; /* ---- Error Information ---------------------------------------------*/ $body .= "#################################################################\n"; $body .= "## Error information\n"; $body .= "Type: " . $errors->type . "\n"; $body .= "Exception: " . get_class($exception) . "\n"; $body .= "Message: " . $exception->getMessage() . "\n"; $body .= "Code: " . $exception->getCode() . "\n"; $body .= "File: " . $exception->getFile() . "\n"; $body .= "Line: " . $exception->getLine() . "\n"; $body .= "Trace: \n"; $body .= $exception->getTraceAsString() . "\n\n"; /* ---- Session Information -------------------------------------------*/ if ($cred = Zend_Auth::getInstance()->getIdentity()) { $body .= "#################################################################\n"; $body .= "## Session information\n"; $body .= "Credential: {$cred}\n"; try { $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => Zend_Auth::getInstance()->getIdentity())); $body .= "In Queue: " . ($session->inQueue ? 'true' : 'false') . "\n"; $body .= "In Session: " . ($session->inSession ? 'true' : 'false') . "\n"; if ($session->inQueue) { $body .= "Queued resource ID: " . $session->queuedResouce->resourceID . "\n"; $body .= "Queued resource name: " . $session->queuedResouce->resourceName . "\n"; $body .= "Queued resource type: " . $session->queuedResouce->type . "\n"; } if ($session->inSession) { $body .= "Session resource ID: " . $session->assignedResource->resourceID . "\n"; $body .= "Session resource name: " . $session->assignedResource->resourceName . "\n"; $body .= "Session resource type: " . $session->assignedResource->type . "\n"; } } catch (Exception $ex) { $body .= "Exception when attempting to determine session status with message '" . $ex->getMessage() . "', code " . $ex->getCode() . ".\n"; } } else { $body .= "#################################################################\n"; $body .= "## No session information\n"; } $body .= "#################################################################\n\n"; $mail->setBody($body); $addresses = $this->_config->error->address; if ($addresses instanceof Zend_Config) { foreach ($addresses as $addr) { $mail->addTo($addr); } } else { $mail->addTo($addresses); } try { $mail->send(); } catch (Exception $ex) { /* Nothing much more we can do. */ } }
/** * Loads the users role and the appropriate permissions for that role. */ public function loadPermissions() { $this->_userRole = self::UNAUTH; if ($this->_user != null) { /* Attempt to find the user's 'persona' which defines their role. */ $user = Sahara_Soap::getSchedServerPermissionsClient()->getUser(array('userQName' => $this->_user)); $this->_userRole = $user->persona; } else { $this->_userRole = self::UNAUTH; } /* Add role hierarchy. */ $this->addRole(new Zend_Acl_Role(self::UNAUTH)); $this->addRole(new Zend_Acl_Role(self::DEMO), self::UNAUTH); $this->addRole(new Zend_Acl_Role(self::USER), self::DEMO); $this->addRole(new Zend_Acl_Role(self::RESEARCH), self::USER); $this->addRole(new Zend_Acl_Role(self::ACADEMIC), self::RESEARCH); $this->addRole(new Zend_Acl_Role(self::ADMIN), self::ACADEMIC); /* Loads the permissions in a stack with each higher privilege role * inheriting the preceding roles privileges. */ switch ($this->_userRole) { case self::ADMIN: $this->_loadAclAssoc(self::ADMIN, $this->_adminPages); /* Falls through. */ /* Falls through. */ case self::ACADEMIC: $this->_loadAclAssoc(self::ACADEMIC, $this->_academicPages); /* Falls through. */ /* Falls through. */ case self::RESEARCH: $this->_loadAclAssoc(self::RESEARCH, $this->_researchPages); /* Falls through. */ /* Falls through. */ case self::USER: $this->_loadAclAssoc(self::USER, $this->_userPages); /* Falls through. */ /* Falls through. */ case self::DEMO: $this->_loadAclAssoc(self::DEMO, $this->_demoPages); /* Falls through. */ /* Falls through. */ case self::UNAUTH: $this->_loadAclAssoc(self::UNAUTH, $this->_unAuthPages); } }
/** * Action that unlocks a permission. */ public function unlockAction() { /* Disable view renderer and layout. */ $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $params = $this->_request->getParams(); $client = Sahara_Soap::getSchedServerPermissionsClient(); $response = $client->unlockUserLock(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'permissionID' => array('permissionID' => $params['permission']), 'lockKey' => $params['passkey'])); echo $this->view->json(array('successful' => $response->successful)); }
public function sessionreportAction() { $this->view->headTitle($this->_headPrefix . 'Session Report'); /* Get Parameter */ $params = $this->_request->getParams(); //TODO account for pages $pageNum = array_key_exists("pageNumber", $params) ? $params['pageNumber'] : 1; /* check group value */ switch ($params['sessiongroup']) { case "RIG": case "RIG_TYPE": case "USER": case "USER_CLASS": $req = Sahara_Soap::getSchedServerReportsClient(); if (array_key_exists("pageNumber", $params) && array_key_exists("pageLength", $params)) { $result = $req->querySessionReport(array('requestor' => array('userQName' => $this->_auth->getIdentity()), 'querySelect' => array('operator' => $this->OPERATOR, 'typeForQuery' => $params['sessiongroup'], 'queryLike' => $params['sessionvalue']), 'startTime' => strtotime($params['reportfrom']), 'endTime' => strtotime($params['reportto']), 'pagination' => array('numberOfPages' => 1, 'pageNumber' => $params['pageNumber'], 'pageLength' => $params['pageLength']))); } else { $result = $req->querySessionReport(array('requestor' => array('userQName' => $this->_auth->getIdentity()), 'querySelect' => array('operator' => $this->OPERATOR, 'typeForQuery' => $params['sessiongroup'], 'queryLike' => $params['sessionvalue']), 'startTime' => strtotime($params['reportfrom']), 'endTime' => strtotime($params['reportto']))); } break; default: $result = "There are no results"; } $this->view->results = $result; $this->view->search = $params; }