public static function method_getUser($data, &$status) { if (!isset($data["userid"])) { $status = 400; return ''; } $config = SimpleSAML_Configuration::getConfig('module_janus.php'); $user = new sspmod_janus_User($config->getValue('store')); $user->setUserid($data['userid']); $user->load(sspmod_janus_User::USERID_LOAD); $result = array(); $result['uid'] = $user->getUid(); $result['userid'] = $user->getUserid(); $result['active'] = $user->getActive(); $result['type'] = $user->getType(); $result['data'] = $user->getdata(); return $result; }
if ($session->isValid($authsource)) { $attributes = $session->getAttributes(); // Check if userid exists if (!isset($attributes[$useridattr])) { throw new Exception('User ID is missing'); } $userid = $attributes[$useridattr][0]; } else { SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php')); } // Get the user $user = new sspmod_janus_User($janus_config->getValue('store')); $user->setUserid($userid); $user->load(sspmod_janus_User::USERID_LOAD); $et = new SimpleSAML_XHTML_Template($config, 'janus:exportentities.php', 'janus:exportentities'); $et->data['user_type'] = $user->getType(); $et->data['uiguard'] = new sspmod_janus_UIguard($janus_config->getValue('access')); $et->data['types'] = $util->getAllowedTypes(); $et->data['states'] = $janus_config->getArray('workflowstates'); $et->data['external'] = $janus_config->getArray('export.external'); $et->data['header'] = 'JANUS'; if (isset($_GET['msg'])) { $et->data['msg'] = $_GET['msg']; } $et->show(); exit; } $ssp_metadata = '// Metadata for state "' . $export_state . '"'; // Generate metadata try { $maxCache = $janus_config->getValue('maxCache', NULL);
} // Sort metadatafields according to name uasort($et->data['metadatafields'], 'cmp'); $et->data['metadata'] = $entityController->getMetadata(); //sort remote entities for acl based on blocked or not uasort($et->data['metadata'], 'cmp2'); // Sort remote enties based on acl allowed uasort($remote_entities_acl_sorted, 'cmpByAcl'); // Get allowed workflows $allowed_workflow = array(); $allowed_workflow[] = $entity->getWorkflow(); $workflowstates = array(); if (isset($workflow[$entity->getWorkflow()])) { $workflowstates = $janus_config->getValue('workflowstates'); foreach ($workflow[$entity->getWorkflow()] as $k_wf => $v_wf) { $tmp = array_intersect($user->getType(), $v_wf['role']); if (!empty($tmp) || in_array('all', $v_wf['role'])) { $allowed_workflow[] = $k_wf; } } } else { $workflowstates = array($entity->getWorkflow() => array('name' => array('en' => $entity->getWorkflow()), 'description' => array('en' => 'No description available. Workflow state `' . $entity->getWorkflow() . '` is not defined in the configuration file. This is probably an error. Contact your system administrator to get this error fixed.'))); } require __DIR__ . '/editentity/revisions.php'; addRevisionCompare($et, $eid); require __DIR__ . '/editentity/arp.php'; addArpConfiguration($et, $janus_config); $et->data['entity_state'] = $entity->getWorkflow(); $et->data['entity_type'] = $entity->getType(); $et->data['revisionid'] = $entity->getRevisionid(); $et->data['types'] = $janus_config->getValue('types');
/** * Load entities that user has access to * * @return bool True on success and false on error. * @since Method available since Release 1.0.0 * @throws Exception if loading fails */ private function _loadEntities($state = null, $state_exclude = null, $sort = null, $order = null) { $orderBySQL = ';'; $queryData = array(); if ($sort == "created") { $sortfield = 'ENTITY.`created` AS `orderfield`'; } else { if ($sort == 'name') { $sortfield = 'IFNULL(METADATA.`value`, ENTITY.`entityid`) AS `orderfield`'; } else { $sortfield = 'IFNULL(METADATA.`value`, ENTITY.`entityid`) AS `orderfield`'; } } if ($order == "ASC") { $orderfield = 'ASC'; } else { if ($order == 'DESC') { $orderfield = 'DESC'; } else { $orderfield = 'ASC'; } } // Select entity (only last revision) $query = "\n SELECT DISTINCT ENTITY.eid, \n " . $sortfield . "\n FROM " . self::$prefix . "entity AS ENTITY"; $whereClauses[] = "ENTITY.revisionid = (\n SELECT MAX(revisionid)\n FROM " . self::$prefix . "entity\n WHERE eid = ENTITY.eid\n GROUP BY eid\n )"; // Filter out entities that are not allowed $guard = new sspmod_janus_UIguard($this->_config->getArray('access', array())); $allowAllEntities = $guard->hasPermission('allentities', null, $this->_user->getType(), TRUE); if (!$allowAllEntities) { $query .= "\n INNER JOIN janus__hasEntity AS hasentity\n ON hasentity.eid = ENTITY.eid\n AND hasentity.uid = :uid\n "; $queryData['uid'] = $this->_user->getUid(); } // Include given state if (!is_null($state)) { $whereClauses[] = "ENTITY.state = :state "; $queryData['state'] = $state; } // Exclude given state if (!is_null($state_exclude)) { $whereClauses[] = "ENTITY.`state` <> :state_exclude"; $queryData['state_exclude'] = $state_exclude; } // Find default value for sort field so it can be excluded $sortFieldName = $this->_config->getString('entity.prettyname', NULL); $queryData['default_value'] = ''; if ($sortFieldDefaultValue = $this->_config->getArray('metadatafields.saml20-idp', FALSE)) { if (isset($sortFieldDefaultValue[$sortFieldName])) { $queryData['default_value'] = $sortFieldDefaultValue[$sortFieldName]['default']; } } else { if ($sortFieldDefaultValue = $this->_config->getArray('metadatafields.saml20-sp', FALSE)) { if (isset($sortFieldDefaultValue[$sortFieldName])) { $queryData['default_value'] = $sortFieldDefaultValue[$sortFieldName]['default']; } } } // Try to sort results by pretty name from metadata if ($sortFieldName) { $query .= "\n LEFT JOIN " . self::$prefix . "metadata AS METADATA\n ON METADATA.key = :metadata_key\n AND METADATA.eid = ENTITY.eid\n AND METADATA.revisionid = ENTITY.revisionid\n AND METADATA.value != :default_value"; $queryData['metadata_key'] = $sortFieldName; $orderBySQL = "\nORDER BY `orderfield` " . $orderfield . ";"; } $query .= " WHERE " . implode("\nAND ", $whereClauses); $query .= $orderBySQL; $st = $this->execute($query, $queryData); if ($st === false) { throw new exception('Entities could not be loaded'); } $this->_entities = array(); $rs = $st->fetchAll(PDO::FETCH_ASSOC); foreach ($rs as $row) { $entity = new sspmod_janus_Entity($this->_config); $entity->setEid($row['eid']); if (!is_null($state)) { $entity->setWorkflow($state); } if ($entity->load()) { $this->_entities[] = $entity; } else { SimpleSAML_Logger::error('JANUS:UserController:_loadEntities - Entity could not be loaded: ' . var_export($row, true)); } } return true; }
if ($revisionid > -1) { if (!($entity = $mcontroller->setEntity($eid, $revisionid))) { throw new SimpleSAML_Error_Exception('Error in setEntity'); } } else { // Revision not set, get latest if (!($entity = $mcontroller->setEntity($eid))) { throw new SimpleSAML_Error_Exception('Error in setEntity'); } } // load entity $mcontroller->loadEntity(); // Check if user is allowed to se entity $guard = new sspmod_janus_UIguard($janus_config->getArray('access', array())); $allowedUsers = $mcontroller->getUsers(); if (!(array_key_exists($userid, $allowedUsers) || $guard->hasPermission('allentities', null, $user->getType(), TRUE))) { SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php')); } $et = new SimpleSAML_XHTML_Template($config, 'janus:editentity.php', 'janus:editentity'); $language = $et->getLanguage(); $update = FALSE; $note = ''; if (!empty($_POST)) { // Array for collecting addresses to notify $addresses = array(); // Change entityID if (isset($_POST['entityid']) && $guard->hasPermission('changeentityid', $entity->getWorkflow(), $user->getType())) { if (check_uri($_POST['entityid']) || true) { # HACK: For SURFnetGuests : https://espee-test.surfnet.nl/federate/metadata/saml20/SURFnetGuests $entityIdNeedsUpdating = $_POST['entityid'] != $entity->getEntityid(); if ($entityIdNeedsUpdating) {
$user->setUserid($userid); $user->load(sspmod_janus_User::USERID_LOAD); // Get the correct entity $eid = $_GET['eid']; if (!($entity = $mcontroller->setEntity($eid))) { throw new SimpleSAML_Error_Exception('Error in setEntity'); } $workflowstates = $janus_config->getValue('workflowstates'); // load entity $mcontroller->loadEntity(); // Check if user is allowed to se entity $allowedUsers = $mcontroller->getUsers(); $uiguard = new sspmod_janus_UIguard($janus_config->getValue('access')); $output = ''; $wfstate = $entity->getWorkflow(); if ((array_key_exists($userid, $allowedUsers) || $uiguard->hasPermission('allentities', null, $user->getType(), true)) && $uiguard->hasPermission('entityhistory', $wfstate, $user->getType())) { $history_size = $mcontroller->getHistorySize(); $history = $mcontroller->getHistory(10, $history_size); foreach ($history as $data) { $rid = $data->getRevisionid(); $rnote = $data->getRevisionnote(); $output .= '<a href="?eid=' . $data->getEid() . '&revisionid=' . $rid . '">' . $et->t('tab_edit_entity_connection_revision') . ' ' . $rid . '</a>'; $output .= strlen($rnote) > 80 ? ' - ' . substr($rnote, 0, 79) . '...' : ' - ' . $rnote; // Show edit user if present $user->setUid($data->getUser()); if ($user->load()) { $output .= ' - ' . $user->getUserid(); } $output .= ' - ' . date('Y-m-d H:i', strtotime($data->getCreated())); if (isset($workflowstates[$data->getWorkflow()]['name'][$et->getLanguage()])) { $curLang = $et->getLanguage();
/** * Get User information * * @access protected (see isProtected) * @static * @param array $data Request parameters for getUser method, supports: * - string $data['userid']: UserID (login name) to get data for * @param int $statusCode HTTP Status code to use in response * @return array|string User information */ public static function method_getUser($data, &$statusCode) { if (!isset($data["userid"])) { $statusCode = 400; return ''; } $config = sspmod_janus_DiContainer::getInstance()->getConfig(); $user = new sspmod_janus_User(); $user->setUserid($data['userid']); $user->load(sspmod_janus_User::USERID_LOAD); $result = array(); $result['uid'] = $user->getUid(); $result['userid'] = $user->getUserid(); $result['active'] = $user->getActive(); $result['type'] = $user->getType(); $result['data'] = $user->getdata(); return $result; }