public function indexAction() { trackPage('/'); if (isset($_COOKIE['rememberme']) && $this->session->userid === null) { //save permaLink in order to handle it after login if (array_key_exists('p', $_GET)) { $this->session->permaLink = $_GET['p']; } if (APPLICATION_ENV == "production") { header('Location: https://' . $_SERVER['HTTP_HOST'] . '/users/login'); } else { header('Location: http://' . $_SERVER['HTTP_HOST'] . '/users/logindev2'); } return; } /* * Check if user is signed in from a different service or browser tab. */ if ($this->session->isLocked()) { $this->session->unLock(); } if ($this->session !== null && $this->session->developsession === true) { //do nothing. It's local development instance where no SImpleSaml installed } else { $auth = SamlAuth::isAuthenticated(); if ($auth === false) { //if logged in but not authdicated the clear session if (isset($this->session->userid) && is_numeric($this->session->userid)) { SamlAuth::logout($this->session); $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); header('Location: http://' . $_SERVER["HTTP_HOST"]); return; } } else { if (isset($this->session) === false || isset($this->session->userid) === false || is_numeric($this->session->userid) === false) { //if authenticated but not logged in setup user session $this->session = new Zend_Session_Namespace('default'); $attributes = $auth->getAttributes(); $uid = $attributes['idp:uid'][0]; $_SESSION['identity'] = $uid; $_SESSION['logouturl'] = $auth->getLogoutURL(); $this->session->samlattrs = $attributes; $this->session->samlauthsource = isset($attributes["idp:sourceIdentifier"]) ? $attributes["idp:sourceIdentifier"][0] : ""; SamlAuth::setupSamlAuth($this->session); if ($this->session->isNewUser === true) { header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/newaccount'); return; } //Check and redirect if user account is blocked if ($this->session->accountStatus === "blocked") { header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/blockedaccount'); return; } //Check and redirect if user is deleted if ($this->session->userDeleted === true) { header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/deletedprofile'); return; } } } } $this->session->appCriteria = null; $this->session->pplCriteria = null; $this->session->certLogin = false; $this->view->username = $this->session->username; if ($this->session->userid !== null) { $ppl = new Default_Model_Researchers(); $ppl->filter->id->equals($this->session->userid); $user = $ppl->items[0]; $this->view->user = $user; /* Get count of user requests */ $urs = new Default_Model_UserRequests(); $s2 = new Default_Model_PermissionsFilter(); $s2->actor->equals($this->session->userguid); $s3 = new Default_Model_UserRequestStatesFilter(); $s3->name->equals("submitted"); $urs->filter->chain($s2->chain($s3, "AND"), "AND"); $reqsitems = $urs->items; $uritems = array_merge($reqsitems); //Fetch user requests for NILs if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) { $nilusers = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); $s1->id->numequals(3); $s2 = new Default_Model_ResearchersFilter(); $s2->countryid->equals($this->session->userCountryID); $s3 = new Default_Model_UserRequestStatesFilter(); $s3->name->equals("submitted"); $s4 = new Default_Model_ActorGroupsFilter(); $s4->id->numequals(-3); $nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND"); if (count($nilusers->items) > 0) { $uritems = array_merge($uritems, $nilusers->items); $uritems = array_filter($uritems, 'uniqueDBObjectFilter'); } } $this->view->userRequests = count($uritems); } $p = ''; if ($this->session->permaLink != '') { $p = $this->session->permaLink; $this->session->permaLink = ''; } elseif (array_key_exists('p', $_GET)) { $p = $_GET["p"]; } else { //TODO : needs review $p = $_SERVER["QUERY_STRING"]; $pos = strpos($p, "p="); if ($pos === false) { $p = ''; } else { $p = substr($p, 2, strlen($p) - 2); } } if ($p != "") { if ($p == "reports") { $this->view->permaLink = $p; } elseif ($p == "brokenlinks") { $this->view->permaLink = $p; } elseif (substr($p, 0, 6) == "about:") { $this->view->permaLink = $p; } elseif (substr($p, 0, 5) == "apps:") { $this->view->permaLink = $p; } elseif (substr($p, 0, 7) == "people:") { $this->view->permaLink = $p; } else { $pp = base64_decode($p); $pp = mb_convert_encoding($pp, 'UTF-8'); $this->view->permaLink = $pp; } } }
public function managerAction() { if ($_SERVER["Repository_Enabled"] !== 'true') { $this->_helper->viewRenderer->setNoRender(); header("Status: 404 Not Found"); return; } $swid = $this->_getParam("id"); $dtype = $this->_getParam("datatype"); if (trim($dtype) != "") { $this->_helper->viewRenderer->setNoRender(); $dtype = strtolower($dtype); switch ($dtype) { case "basereleases": $res = Repository::getProductBaseRelease($swid); echo '<?xml version="1.0" encoding="UTF-16" standalone="yes"?>'; echo "<repository swid='" . $swid . "' datatype='release' datasubtype='base' >"; for ($i = 0; $i < count($res); $i++) { echo "<release id='" . $res[$i]["id"] . "' displayversion='" . $res[$i]["displayVersion"] . "' repositoryarea='" . $res[$i]["repoAreaName"] . "' />\n"; } echo '</repository>'; return; default: echo '<?xml version="1.0" encoding="UTF-16" standalone="yes"?><response error="Unknown request">'; return; } } else { $this->view->id = 0; $this->view->session = null; $this->view->releases = array(); $this->view->hasReleases = count($this->view->releases) === 0 ? false : true; $this->view->targets = array(); $this->view->canManageRelease = false; $this->view->hasPendingRequest = false; if (is_numeric($swid)) { $this->view->id = $swid; $this->view->session = $this->session; $this->view->canManageRelease = Repository::canManageRelease($swid, $this->session->userid); try { $this->view->releases = Repository::getProductReleaseList($swid); $this->view->hasReleases = count($this->view->releases) === 0 ? false : true; } catch (Exception $e) { $this->view->sqlerror = "Could not retrieve releases information."; $this->view->sqlerrordescription = $e->getMessage(); } //Check if user has requested for release manager permissions if ($this->session->userid && $this->view->canManageRelease == false) { //Get current user GUID $ps = new Default_Model_Researchers(); $ps->filter->id->equals($this->session->userid); if (count($ps->items) > 0) { $user = $ps->items[0]; $uguid = $user->guid; $apps = new Default_Model_Applications(); $apps->filter->id->equals($swid); if (count($apps->items) > 0) { //Get current software id $app = $apps->items[0]; $urs = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); $s1->name->equals("releasemanager"); $s2 = new Default_Model_UserRequestsFilter(); $s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid)); $s4 = new Default_Model_UserRequestStatesFilter(); $s4->id->equals(1); $urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND"); if (count($urs->items) > 0) { $this->view->hasPendingRequest = true; } } } } } } }
public function userrequestsAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); $guid = $this->session->userguid; $uid = $this->session->userid; header("Content-Type:text/xml"); echo "<?xml version='1.0'?" . ">"; if (is_null($guid)) { echo "<response error='Must be logged in'>unauthorized</response>"; return; } if (isset($_GET["state"]) && isset($_GET["id"])) { $this->setUserRequestToState($_GET["id"], $_GET["state"]); return; } $urs = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); //$s1->name->equals("joinapplication"); $s2 = new Default_Model_PermissionsFilter(); $s2->actor->equals($guid); $s3 = new Default_Model_UserRequestStatesFilter(); $s3->name->equals("submitted"); $urs->filter->chain($s1->chain($s2->chain($s3, "AND"), "AND"), "AND"); $reqsitems = $urs->items; $items = array_merge($reqsitems); //Fetch user requests for NILs if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) { $nilusers = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); $s1->id->numequals(3); $s2 = new Default_Model_ResearchersFilter(); $s2->countryid->equals($this->session->userCountryID); $s3 = new Default_Model_UserRequestStatesFilter(); $s3->name->equals("submitted"); $s4 = new Default_Model_ActorGroupsFilter(); $s4->id->numequals(-3); $nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND"); if (count($nilusers->items) > 0) { $items = array_merge($items, $nilusers->items); $items = array_filter($items, 'uniqueDBObjectFilter'); } } $count = count($items); if ($count === 0) { echo "<response count='0'></response>"; return; } $res = ""; foreach ($items as $r) { $users = new Default_Model_Researchers(); $users->filter->guid->equals($r->userguid); $u = $users->items[0]; if ($r->typeid !== 3) { $app = new Default_Model_Applications(); $app->filter->guid->equals($r->targetguid); $a = $app->items[0]; //In case of if ($r->typeid == 2) { if ($a->ownerid != $uid && $a->addedby != $uid && !userIsAdminOrManager($uid)) { $count = $count - 1; continue; } } $primarycategory = $a->getPrimaryCategory(); $isvappliance = "false"; if (trim($primarycategory->id) === "34") { $isvappliance = "true"; } } //error_log("USER COUNTRY: " . var_export($u->country,true)); $res .= "<userrequest id='" . $r->id . "' created='" . date("c", strtotime($r->created)) . ($r->lastupdated ? "' lastupdated='" . date("c", strtotime($r->lastupdated)) : "") . "' targetguid='" . $r->targetguid . "'>"; $res .= "<type id='" . $r->requestType->id . "'>" . $r->requestType->name . "</type>"; if ($r->typeid !== 3) { $res .= "<application id='" . $a->id . "' cname='" . $a->cname . "' isvirtualappliance='" . $isvappliance . "'>" . $a->name . "</application>"; } $res .= "<user id='" . $u->id . "' >"; $res .= "<name>" . $u->firstName . " " . $u->lastName . "</name>"; $res .= "<cname>" . $u->cname . "</cname>"; $res .= "<role>" . $u->positionType->description . "</role>"; $res .= "<institution>" . $u->institution . "</institution>"; $res .= "<country id='" . $u->countryid . "' isocode='" . $u->country->ISOcode . "' >" . $u->country->name . "</country>"; $res .= "<message>" . $r->userdata . "</message>"; $res .= "</user>"; $res .= "<state id='" . $r->requestState->id . "'>" . $r->requestState->name . "</state>"; $res .= "</userrequest>"; } echo "<response count='" . $count . "'>"; echo $res; echo "</response>"; }
public function requestreleasemanagerAction() { $this->_helper->layout->disableLayout(); $this->_helper->viewRenderer->setNoRender(); header('Content-type: text/xml'); $appid = -1; $app = null; //Validate user input data $err = ""; $uid = $this->session->userid; //Get current user GUID $ps = new Default_Model_Researchers(); $ps->filter->id->equals($uid); $user = $ps->items[0]; $uguid = $user->guid; //Various validations if (is_null($uid)) { $err = 'Must be logged in'; } else { if (isset($_GET["id"]) == false) { $err = 'Software id is required'; } else { if (is_numeric($_GET["id"]) == false) { $err = 'Software id is not valid'; } else { $appid = $_GET["id"]; $apps = new Default_Model_Applications(); $apps->filter->appid->equals($appid); if (count($apps->items) === 0) { $err = "Software not found"; } } } } if ($err === "") { $app = $apps->items[0]; $appguid = $app->guid; $perms = new Default_Model_Permissions(); $perms->filter->researcherid->equals($uid)->and($perms->filter->actionid->equals(30)->and($perms->filter->uuid->equals($appguid))); if (count($perms->items) > 0) { $err = "Already have permissions to manage releases"; } } //Check if requestor is associated with the application if ($err === "") { $app = $apps->items[0]; $rs = $app->getResearchers(); $found = false; if (count($rs) > 0) { foreach ($rs as $r) { if ($r->id == $uid) { $found = true; break; } } } if ($found == false) { $err = "User must be associated to the software item as a contact."; } } //Check if any error occured during validations if ($err !== "") { echo "<response error='" . $err . "'></response>"; return; } //User only checks the state of request if (isset($_GET["state"])) { $urs = new Default_Model_UserRequests(); $s1 = new Default_Model_UserRequestTypesFilter(); $s1->name->equals("releasemanager"); $s2 = new Default_Model_UserRequestsFilter(); $s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid)); $s4 = new Default_Model_UserRequestStatesFilter(); $s4->id->equals(1); $urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND"); if ($urs->count() > 0) { echo "<response>pending</response>"; } else { echo "<response>false</response>"; } return; } //Validation is OK, continue to user request submition db()->beginTransaction(); try { $msg = isset($_GET["m"]) ? $_GET["m"] : ""; //If not in base64 format it will crash if ($msg !== "") { //do nothing } //Check inclusion list. This receiver will get the notification even if he is not allowed. if (isset($_GET["r"])) { //TODO } //Check exclution list. This receivers won't get the mail notification. if (isset($_GET["e"])) { //TODO } //save request $ur = new Default_Model_UserRequest(); $ur->typeid = 2; //releasemanager $ur->userguid = $uguid; $ur->userdata = $msg; $ur->targetguid = $app->guid; $ur->stateid = 1; //submitted; $ur->save(); db()->commit(); } catch (Exception $e) { db()->rollBack(); echo "<response error='Could not save request' >" . $e->getMessage() . "</response>"; return; } // Send E-Mail notifications to receivers try { UserRequests::sendEmailRequestNotifications($user, $app, $msg, "releasemanager"); } catch (Exception $e) { error_log("EMAIL ERROR:Could not send email notification about user request to join software.Details:" . $e->getMessage()); } //respond OK echo "<response>ok</response>"; }