private function handleMaintText() { if (array_key_exists("nren_maint_msg", $_POST)) { if ($this->person->getNREN()->setMaintMsg($this->person, $_POST['nren_maint_msg'])) { Framework::success_output($this->translateTag("l10n_nren_maint_msg_success", 'portal_config')); } else { Framework::error_output($this->translateTag("l10n_nren_maint_msg_failure", 'portal_config')); } } }
public function pre_process($person) { parent::pre_process($person); $script = file_get_contents('../include/fetch_attr.js'); $this->tpl->assign('rawScript', $script); if (!$person->isNRENAdmin() && !$person->isSubscriberAdmin()) { return; } if (isset($_POST['attributes_operation'])) { switch ($_POST['attributes_operation']) { case 'update_map': $cn = Input::sanitizeText($_POST['cn']); $mail = Input::sanitizeText($_POST['mail']); /* only NREN-admin can change the mapping for * - organization-identifier * - entitlement */ if ($this->person->isNRENAdmin()) { $epodn = Input::sanitizeText($_POST['epodn']); $entitlement = Input::sanitizeText($_POST['entitlement']); if ($this->person->getNREN()->saveMap($this->person->getEPPNKey(), $epodn, $cn, $mail, $entitlement)) { Framework::success_output($this->translateTag('l10n_suc_updmap', 'attributes')); } } else { if ($this->person->isSubscriberAdmin()) { try { $result = $this->person->getSubscriber()->saveMap($this->person->getEPPNKey(), $cn, $mail); } catch (DBQueryException $dbqe) { Framework::error_output($this->translateTag('l10n_err_updmap1', 'attributes') . "<br />" . $this->translateTag('l10n_label_cn', 'attributes') . ": " . htmlentities($cn) . "<br />" . $this->translateTag('l10n_label_mail', 'attributes') . ": " . htmlentities($mail) . "<br />" . $this->translateMessageTag('err_servsaid') . " " . htmlentities($dbqe->getMessage())); Logger::log_event(LOG_NOTICE, __FILE__ . ", " . __LINE__ . ": " . $dbqe->getMessage()); } catch (DBStatementException $dbse) { Framework::error_output("Could not update the subscriber-mapping, probably due to a " . "problem with the server-configuration. Server said: " . htmlentities($dbse->getMessage())); Logger::log_event(LOG_NOTICE, __FILE__ . ", " . __LINE__ . ": " . $dbse->getMessage()); } if ($result === true) { Framework::success_output($this->translateTag('l10n_suc_updmap', 'attributes')); } } } break; default: Framework::error_output("Unknown operation chosen on attributes mask!"); break; } } }
public function pre_process($person) { $res = true; $this->setPerson($person); $this->account = NRENAccount::get($this->person); /* If the caller is not a nren-admin or Confusa is not in online mode, we stop here */ if (!$this->person->isNRENAdmin() || Config::get_config('ca_mode') != CA_COMODO) { return false; } $login_name = false; $password = false; $ap_name = false; if (isset($_POST['account']) && $_POST['account'] === 'edit') { /* We must use POST as we may pass along a password and * we do not want to set that statically in the subject-line. */ if (isset($_POST['login_name'])) { $ln = $_POST['login_name']; $login_name = Input::sanitizeText(htmlspecialchars($ln)); if ($ln === $login_name) { $this->account->setLoginName($login_name); $res = false; } else { /* FIXME: l10n */ Framework::error_output("The new login_name contains illegal characters, dropping new login!"); } } /* Do not sanitize password, we should allow special characters and * stuff, we should url-encode it. If Comodo does not sanitize * their password, it's their business, not ours. */ if (isset($_POST['password']) && $_POST['password'] !== "") { $this->account->setPassword($_POST['password']); } if (isset($_POST['ap_name'])) { $ap = $_POST['ap_name']; $ap_name = Input::sanitizeText(htmlspecialchars($ap)); if ($ap === $ap_name) { $this->account->setAPName($ap_name); } else { /* FIXME: l10n */ Framework::error_output("Cleaned ap-name and it contains illegal characters, dropping new name!"); $res = false; } } /* should we validate? */ try { $validate = false; if (isset($_POST['verify_ca_cred']) && $_POST['verify_ca_cred'] === "yes") { $validate = true; } if ($this->account->save($validate)) { /* FIXME: l10n */ Framework::success_output("CA Account details successfully updated!"); } else { Framework::message_output("No changes to account-details, not updating."); } } catch (ConfusaGenException $cge) { /* FIXME: l10n */ Framework::error_output("Could not update account-data: " . $cge->getMessage()); } } parent::pre_process($person); return $res; }
private function deleteAdmin($admin, $level) { /* does the current user have the rights? */ try { $query = "SELECT a.* FROM admins a LEFT JOIN nrens n on n.nren_id = a.nren"; $query .= " WHERE (a.admin=? OR a.admin=?) AND n.name=?"; $res = MDB2Wrapper::execute($query, array('text', 'text', 'text'), array($admin, $this->person->getEPPN(), $this->person->getNREN())); switch (count($res)) { case 0: Framework::error_output("Did not find neither the admin to delete or the current admin in the database. Cannot continue."); return; case 1: if ($res[0]['admin'] != $admin) { Framework::error_output("Cannot find the admin to delete in the admins-table. Cannot continue."); return; } break; case 2: $id = 0; if ($res[1]['admin'] == $admin) { $id = 1; } $nrenID = $res[$id]['nren']; $subscriberID = $res[$id]['subscriber']; break; default: Framework::error_output("Too many hits in the database. Cannot decide where to go from here."); return; } } catch (DBStatementException $dbse) { $msg = "Cannot find id-values in the database due to server problems. Server said: " . htmlentities($dbse->getMessage()); Framework::error_output($msg); return; } catch (DBQueryException $dbqe) { $msg = "Cannot find id-values due to data inconsistency. Server said: " . htmlentities($dbqe->getMessage()); Framework::error_output($msg); return; } /* Find the admin-level of both admins and make sure that the * enforcer (the admin performing the deletion) has the rights * to do so. */ if ($res[0]['admin'] == $admin) { $targetLevel = (int) $res[0]['admin_level']; $enforcerLevel = (int) $res[1]['admin_level']; } else { $targetLevel = (int) $res[1]['admin_level']; $enforcerLevel = (int) $res[0]['admin_level']; } if ($enforcerLevel < $targetLevel) { Framework::error_output("Cannot delete admin with higher admin-level."); return; } if ($targetLevel == NREN_ADMIN) { $query = "DELETE FROM admins WHERE admin=? AND nren=?"; $params = array('text', 'text'); $data = array($admin, $nrenID); } else { $query = "DELETE FROM admins WHERE admin=? AND nren=? AND subscriber=?"; $params = array('text', 'text', 'text'); $data = array($admin, $nrenID, $subscriberID); } try { MDB2Wrapper::update($query, $params, $data); Logger::log_event(LOG_INFO, "Successfully deleted admin {$admin} with level {$targetLevel}"); } catch (DBStatementException $dbse) { Framework::error_output("Could not delete the admin because the statement was bad " . "Please contact an administrator. Server said " . htmlentities($dbse->getMessage())); Logger::log_event(LOG_NOTICE, __FILE__ . ":" . __LINE__ . ": Problem occured when trying to delete " . "admin {$admin} with level {$level}: " . $dbse->getMessage()); } catch (DBQueryException $dbqe) { Framework::error_output("Could not delete the admin because of problems with the " . "received data. Server said " . htmlentities($dbqe->getMessage())); Logger::log_event(LOG_INFO, __FILE__ . ":" . __LINE__ . ": Problem occured when tyring to delete " . "admin {$admin} with level {$level}: " . $dbqe->getMessage()); } Framework::success_output($this->translateTag('l10n_suc_deleteadm1', 'admin') . " " . htmlentities($admin)); }
private function mailCert($authKey) { try { $cert = $this->ca->getCert($authKey); if (isset($cert)) { $mm = new MailManager($this->person, Config::get_config('sys_from_address'), Config::get_config('system_name'), Config::get_config('sys_header_from_address')); $mm->setSubject($this->translateTag('l10n_mail_subject', 'download')); $mm->setBody($this->translateTag('l10n_mail_body', 'download')); $mm->addAttachment($cert, 'usercert.pem'); if (!$mm->sendMail()) { Framework::error_output($this->translateMessageTag('downl_err_sendmail')); return false; } } else { return false; } } catch (ConfusaGenException $e) { Framework::error_output($this->translateMessageTag('downl_err_sendmail2') . " " . htmlentities($e->getMessage())); return false; } Framework::success_output($this->translateMessageTag('downl_suc_mail')); }
/** * delSubscriber - remove the subscriber from the NREN and Confusa. * * This will remove the subscriber *permanently* along with all it's * affiliated subscriber admins (this is handled by the database-schema * with the 'ON DELETE CASCADE'. * * @param id String|integer the ID of the institution/subscriber in the database. * */ private function delSubscriber($id) { if (!isset($id) || $id === "") { Framework::error_output("Cannot delete subscriber with unknown id!"); } $nren = $this->person->getNREN(); /* * Make sure that we are deleting a subscriber from the current NREN. */ try { $query = "SELECT nren_id, subscriber FROM nren_subscriber_view "; $query .= "WHERE nren=? AND subscriber_id=?"; $res = MDB2Wrapper::execute($query, array('text', 'text'), array($this->person->getNREN(), $id)); } catch (DBQueryException $dbqe) { $errorTag = PW::create(); $msg = "Could not delete subscriber with ID {$id} from DB."; Logger::logEvent(LOG_NOTICE, "NRENAdmin", "delSubscriber()", $msg, __LINE__, $errorTag); Framework::message_output($msg . "<br />[{$errorTag}] Server said: " . htmlentities($dbqe->getMessage())); return false; } catch (DBStatementException $dbse) { $errorTag = PW::create(); $msg = "Could not delete subsriber with ID {$id} from DB, due to problems with the " . "statement. Probably this is a configuration error. Server said: " . $dbse->getMessage(); Logger::logEvent(LOG_NOTICE, "NRENAdmin", "delSubscriber()", $msg, __LINE__, $errorTag); Framework::message_output("[{$errorTag}]" . htmlentities($msg)); return false; } if (count($res) != 1) { Framework::error_output("Could not find a unique NREN/subscriber pair for subscriber with id " . htmlentities($id)); return false; } $nren_id = $res[0]['nren_id']; $subscriberName = $res[0]['subscriber']; if (!isset($nren_id) || $nren_id == "") { Framework::error_output("Could not get the NREN-ID for subscriber " . htmlentities($id) . "Will not delete subscriber (" . htmlentites($id) . ")."); return false; } /* * Revoke all certificates for subscriber */ $ca = CAHandler::getCA($this->person); $list = $ca->getCertListForPersons("", $subscriberName); $count = 0; foreach ($list as $key => $value) { try { if (isset($value['auth_key'])) { echo "<pre>\n"; print_r($value); echo "</pre>\n"; if ($ca->revokeCert($value['auth_key'], "privilegeWithdrawn")) { $count = $count + 1; } } } catch (CGE_KeyRevokeException $kre) { echo $kre->getMessage() . "<br />\n"; } Logger::logEvent(LOG_INFO, "NRENAdmin", "delSubscriber()", "Deleting subscriber, revoked {$count} issued certificates " . "for subscriber {$subscriberName}."); } MDB2Wrapper::update("DELETE FROM subscribers WHERE subscriber_id = ? AND nren_id = ?", array('text', 'text'), array($id, $nren_id)); Logger::logEvent(LOG_INFO, "NRENAdmin", "delSubscriber()", "Deleted subscriber with ID {$id}.\n"); $msg = $this->translateTag('l10n_suc_deletesubs1', 'nrenadmin') . htmlentities($subscriberName) . $this->translateTag('l10n_suc_deletesubs2', 'nrenadmin') . " " . htmlentities($id) . ". " . $this->translateTag('l10n_suc_deletesubs3', 'nrenadmin') . " " . $count . " " . $this->translateTag('l10n_suc_deletesubs4', 'nrenadmin'); Framework::success_output($msg); }
/** * deleteCertificate() - remove a certificate associated with the * subscriber from the database. * * @param String $serial the serial-number of the certificate. * @return Boolean the result. */ private function deleteCertificate($serial) { $cert = $this->getRobotCert($serial); if (isset($cert)) { try { MDB2Wrapper::update("DELETE FROM robot_certs WHERE id=?", array('text'), array($cert['id'])); Framework::success_output($this->translateTag('l10n_suc_deletecert1', 'robot') . htmlentities($serial) . $this->translateTag('l10n_suc_deletecert2', 'robot')); Logger::log_event(LOG_NOTICE, "[RI] " . $this->person->getEPPN() . " from " . $this->person->getSubscriber()->getOrgName() . " deleted certificate {$serial} from the database"); return true; } catch (Exception $e) { Framework::error_output(htmlentities($e->getMessage())); return false; } } else { Framework::error_output("Could not find certificate (" . htmlentities($serial) . ") in database."); return false; } /* Unreachable, but nevertheless */ return false; }
/** * Delete the NREN logo for the given position within Confusa. This will * really delete the physical file containing the logo. * * @param $position string a position from * ConfusaConstants::$ALLOWED_IMG_POSITIONS * @param $nren string the name of the NREN, whose custom-logo should be * removed * @return void */ private function deleteLogo($position, $nren) { $basepath = Config::get_config('custom_logo') . $nren . "/custom_"; $basepath .= $position . "."; $result = FALSE; foreach (ConfusaConstants::$ALLOWED_IMG_SUFFIXES as $sfx) { $logoName = $basepath . $sfx; if (file_exists($logoName)) { $result = unlink($logoName); break; } } if ($result === FALSE) { Framework::error_output($this->translateTag('l10n_error_delete_logo', 'stylist')); Logger::log_event(LOG_INFO, "[nadm] Error when trying to delete " . "NREN logo {$logoName}, for NREN {$nren}."); } else { Framework::success_output($this->translateTag('l10n_success_delete_logo', 'stylist')); } }
/** * Update the contact information for a subscriber to a new value * * @param $contact_email string A general subscriber-mail address * @param $contact_phone string The (main) phone number of the subscriber * @param $resp_name string The name of a responsible person at the subscr. * @param $resp_email string e-mail address of a responsible person * @param $help_url string URL of the subscriber's helpdesk * @param $help_email string e-mail address of the subscriber's helpdesk * @param $language string the language code for the subscriber's preferred * language */ private function updateSubscriberContact($language) { $subscriber = $this->person->getSubscriber(); $subscriber->setEmail($contact_email); $subscriber->setPhone($contact_phone); $subscriber->setRespName($resp_name); $subscriber->setRespEmail($resp_email); $subscriber->setHelpURL($help_url); $subscriber->setHelpEmail($help_email); $subscriber->setLanguage($language); try { $subscriber->save(); } catch (ConfusaGenException $cge) { Framework::error_output($this->translateTag('l10n_err_updatesubscr', 'contactinfo') . " " . htmlentities($cge->getMessage())); Logger::log_event(LOG_INFO, "[sadm] Could not update " . "contact of subscriber {$subscriber}: " . $cge->getMessage()); } Framework::success_output($this->translateTag('l10n_suc_updatesubscr', 'contactinfo') . " " . htmlentities($subscriber->getIdPName()) . "."); Logger::log_event(LOG_DEBUG, "[sadm] Updated contact for subscriber {$subscriber}."); }