public function doGet(\Innomatic\Webapp\WebAppRequest $req, \Innomatic\Webapp\WebAppResponse $res) { // Identify the requested resource path $path = $this->getRelativePath($req); // Bootstraps Innomatic $container = \Innomatic\Webapp\WebAppContainer::instance('\\Innomatic\\Webapp\\WebAppContainer'); $home = $container->getCurrentWebApp()->getHome(); $innomatic = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer'); $innomatic->bootstrap($home, $home . 'core/conf/innomatic.ini'); $innomatic->setMode(\Innomatic\Core\InnomaticContainer::MODE_ROOT); $innomatic->setInterface(\Innomatic\Core\InnomaticContainer::INTERFACE_WEBSERVICES); if ($innomatic->getState() == \Innomatic\Core\InnomaticContainer::STATE_SETUP) { $innomatic->abort('Setup phase'); } $xuser = new WebServicesUser($innomatic->getDataAccess()); if ($xuser->setByAccount($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $container = $innomatic; $container->setWebServicesUser($_SERVER['PHP_AUTH_USER']); $container->setWebServicesProfile($xuser->mProfileId); if ($xuser->mDomainId) { $domain_query = $innomatic->getDataAccess()->execute('SELECT domainid FROM domains WHERE id=' . $xuser->mDomainId); if ($domain_query->getNumberRows()) { $innomatic = $innomatic; $innomatic->startDomain($domain_query->getFields('domainid')); } } $xprofile = new WebServicesProfile($innomatic->getDataAccess(), $container->getWebServicesProfile()); $container->setWebServicesMethods($xprofile->AvailableMethods()); } else { if ($innomatic->getConfig()->Value('SecurityAlertOnWrongWebServicesLogin') == '1') { $innomatic_security = new \Innomatic\Security\SecurityManager(); $innomatic_security->sendAlert('Wrong web services login for user ' . $_SERVER['PHP_AUTH_USER'] . ' from remote address ' . $_SERVER['REMOTE_ADDR']); unset($innomatic_security); } } $structure = array(); $methods = $innomatic->getWebServicesMethods(); while (list(, $tmpdata) = each($methods)) { if ($tmpdata['handler'] and $tmpdata['name'] and $tmpdata['function']) { // TODO Fixare gestione handler servizi remoti if (!defined(strtoupper($tmpdata['handler']) . '_XMLRPCMETHOD')) { require_once $innomatic->getHome() . 'core/classes/shared/webservices/' . ucfirst($tmpdata['handler']) . 'WebServicesHandler.php'; } $structure[$tmpdata['name']]['function'] = $tmpdata['function']; if (isset($tmpdata['signature'])) { $structure[$tmpdata['name']]['signature'] = $tmpdata['signature']; } if (isset($tmpdata['docstring'])) { $structure[$tmpdata['name']]['docstring'] = $tmpdata['docstring']; } } } $xs = new \Innomatic\Webservices\Xmlrpc\XmlRpcServer($structure); }
public function disable($domainid) { $result = false; $hook = new \Innomatic\Process\Hook($this->rootda, 'innomatic', 'application.disable'); if ($hook->callHooks('calltime', $this, array('domainserial' => $domainid, 'modserial' => $this->serial)) == \Innomatic\Process\Hook::RESULT_OK) { if ($this->serial) { // Checks if the application exists in applications table // $modquery = $this->rootda->execute('SELECT * FROM applications WHERE id=' . (int) $this->serial); if ($modquery->getNumberRows() == 1) { $appdata = $modquery->getFields(); if ($appdata['onlyextension'] != $this->rootda->fmttrue) { // Checks if the structure file still exists // if (file_exists($this->container->getHome() . 'core/applications/' . $appdata['appid'] . '/application.xml')) { $this->appname = $appdata['appid']; $domainquery = $this->rootda->execute('SELECT * FROM domains WHERE id=' . $this->rootda->formatText((int) $domainid)); $domaindata = $domainquery->getFields(); if ($this->container->getEdition() == \Innomatic\Core\InnomaticContainer::EDITION_MULTITENANT) { $args['dbtype'] = $domaindata['dataaccesstype']; $args['dbname'] = $domaindata['domaindaname']; $args['dbhost'] = $domaindata['dataaccesshost']; $args['dbport'] = $domaindata['dataaccessport']; $args['dbuser'] = $domaindata['dataaccessuser']; $args['dbpass'] = $domaindata['dataaccesspassword']; $args['dblog'] = $this->container->getHome() . 'core/domains/' . $domaindata['domainid'] . '/log/dataaccess.log'; $dasnString = $args['dbtype'] . '://' . $args['dbuser'] . ':' . $args['dbpass'] . '@' . $args['dbhost'] . ':' . $args['dbport'] . '/' . $args['dbname'] . '?' . 'logfile=' . $args['dblog']; $this->domainda = \Innomatic\Dataaccess\DataAccessFactory::getDataAccess(new \Innomatic\Dataaccess\DataAccessSourceName($dasnString)); $this->domainda->Connect(); } else { $this->domainda = $this->rootda; } // Dependencies check // $this->unmetdeps = array(); $this->unmetsuggs = array(); $appdeps = new ApplicationDependencies(); $pendingdeps = $appdeps->checkDomainDependingApplications($this->appname, $domaindata['domainid'], false); $modenabled = $appdeps->isEnabled($this->appname, $domaindata['domainid']); // If dependencies are ok, go on // if ($pendingdeps == false and $modenabled == true) { $result = $this->HandleStructure($this->container->getHome() . 'core/applications/' . $appdata['appid'] . '/application.xml', Application::INSTALL_MODE_DISABLE, $this->container->getHome() . 'core/applications/' . $appdata['appid'] . '/', $domainid); $modquery = $this->rootda->execute('SELECT id FROM applications WHERE appid=' . $this->rootda->formatText($this->appname)); $this->rootda->execute('DELETE FROM applications_enabled WHERE applicationid=' . (int) $this->serial . ' AND domainid=' . $this->rootda->formatText($domainid)); $this->rootda->execute('DELETE FROM applications_options_disabled WHERE applicationid=' . (int) $this->serial . ' AND domainid=' . (int) $domainid); if ($this->container->getConfig()->Value('SecurityAlertOnApplicationDomainOperation') == '1') { $innomaticSecurity = new \Innomatic\Security\SecurityManager(); $innomaticSecurity->sendAlert('Application ' . $appdata['appid'] . ' has been disabled from domain ' . $domaindata['domainid']); unset($innomaticSecurity); } if ($hook->callHooks('applicationdisabled', $this, array('domainserial' => $domainid, 'modserial' => $this->serial)) != \Innomatic\Process\Hook::RESULT_OK) { $result = false; } } elseif ($modenabled == false) { } else { $this->unmetdeps = $pendingdeps; } //if ( $result == true ) $this->mLog->logEvent( // 'Innomatic', // 'Uninstalled application '.$this->appname, // \Innomatic\Logging\Logger::NOTICE //); $domainquery->free(); } else { $log = $this->container->getLogger(); $log->logEvent('innomatic.applications.applications.disable', 'Structure file ' . $this->container->getHome() . 'core/applications/' . $appdata['appid'] . '/application.xml' . ' for application ' . $appdata['appid'] . ' was not found', \Innomatic\Logging\Logger::ERROR); } } else { $log = $this->container->getLogger(); $log->logEvent('innomatic.applications.applications.disable', 'Tried to disable application ' . $appdata['appid'] . ', but it is an extension only application', \Innomatic\Logging\Logger::ERROR); } } else { $log = $this->container->getLogger(); $log->logEvent('innomatic.applications.applications.disable', 'A application with serial ' . $this->serial . ' was not found in applications table', \Innomatic\Logging\Logger::ERROR); } $modquery->free(); } else { $log = $this->container->getLogger(); $log->logEvent('innomatic.applications.applications.disable', 'Empty application serial', \Innomatic\Logging\Logger::ERROR); } } return $result; }
public static function doAuth($wrong = false, $reason = '') { $container = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer'); $innomatic_locale = new \Innomatic\Locale\LocaleCatalog('innomatic::authentication', $container->getLanguage()); $innomatic = \Innomatic\Core\InnomaticContainer::instance('\\Innomatic\\Core\\InnomaticContainer'); $wui = \Innomatic\Wui\Wui::instance('\\Innomatic\\Wui\\Wui'); $wui->loadWidget('button'); $wui->loadWidget('empty'); $wui->loadWidget('formarg'); $wui->loadWidget('form'); $wui->loadWidget('grid'); $wui->loadWidget('horizbar'); $wui->loadWidget('horizframe'); $wui->loadWidget('horizgroup'); $wui->loadWidget('image'); $wui->loadWidget('label'); $wui->loadWidget('link'); $wui->loadWidget('page'); $wui->loadWidget('sessionkey'); $wui->loadWidget('statusbar'); $wui->loadWidget('string'); $wui->loadWidget('submit'); $wui->loadWidget('titlebar'); $wui->loadWidget('vertframe'); $wui->loadWidget('vertgroup'); $wui_page = new WuiPage('loginpage', array('title' => $innomatic_locale->getStr('rootlogin'), 'border' => 'false', 'align' => 'center', 'valign' => 'middle')); $wui_topgroup = new WuiVertgroup('topgroup', array('align' => 'center', 'groupalign' => 'center', 'groupvalign' => 'middle', 'height' => '100%', 'width' => '0%')); $wui_maingroup = new WuiVertgroup('maingroup', array('align' => 'center')); $wui_titlebar = new WuiTitleBar('titlebar', array('title' => $innomatic_locale->getStr('rootlogin'))); $wui_mainbframe = new WuiVertframe('vframe', array('align' => 'center')); $wui_mainframe = new WuiHorizgroup('horizframe'); $wui_mainstatus = new WuiStatusBar('mainstatusbar'); // Main frame // $wui_grid = new WuiGrid('grid', array('rows' => '2', 'cols' => '2')); $wui_grid->addChild(new WuiLabel('usernamelabel', array('label' => $innomatic_locale->getStr('username'))), 0, 0); $wui_grid->addChild(new WuiString('username', array('disp' => 'login')), 0, 1); $wui_grid->addChild(new WuiLabel('passwordlabel', array('label' => $innomatic_locale->getStr('password'))), 1, 0); $wui_grid->addChild(new WuiString('password', array('disp' => 'login', 'password' => 'true')), 1, 1); $wui_vgroup = new WuiVertgroup('vertgroup', array('align' => 'center')); // $wui_vgroup->addChild( new WuiLabel( 'titlelabel', array( 'label' => $innomatic_locale->getStr( 'rootlogin' ) ) ) ); $wui_vgroup->addChild($wui_grid); $wui_vgroup->addChild(new WuiSubmit('submit', array('caption' => $innomatic_locale->getStr('enter')))); $form_events_call = new \Innomatic\Wui\Dispatch\WuiEventsCall(); $form_events_call->addEvent(new \Innomatic\Wui\Dispatch\WuiEvent('login', 'login', '')); $form_events_call->addEvent(new \Innomatic\Wui\Dispatch\WuiEvent('view', 'default', '')); $wui_form = new WuiForm('form', array('action' => $form_events_call->getEventsCallString())); $wui_hgroup = new WuiHorizgroup('horizgroup', array('align' => 'middle')); $wui_hgroup->addChild(new WuiButton('password', array('themeimage' => 'keyhole', 'themeimagetype' => 'big', 'action' => $innomatic->getBaseUrl() . '/', 'highlight' => false))); $wui_hgroup->addChild($wui_vgroup); $wui_form->addChild($wui_hgroup); $wui_mainframe->addChild($wui_form); // Wrong account check // $session = \Innomatic\Desktop\Controller\DesktopFrontController::instance('\\Innomatic\\Desktop\\Controller\\DesktopFrontController')->session; if ($wrong) { if ($innomatic->getConfig()->Value('SecurityAlertOnWrongLocalRootLogin') == '1') { $innomatic_security = new \Innomatic\Security\SecurityManager(); $innomatic_security->sendAlert('Wrong root local login from remote address ' . $_SERVER['REMOTE_ADDR']); $innomatic_security->logFailedAccess('', true, $_SERVER['REMOTE_ADDR']); unset($innomatic_security); } $sleep_time = $innomatic->getConfig()->Value('WrongLoginDelay'); if (!strlen($sleep_time)) { $sleep_time = 1; } $max_attempts = $innomatic->getConfig()->Value('MaxWrongLogins'); if (!strlen($max_attempts)) { $max_attempts = 3; } sleep($sleep_time); if ($session->isValid('root_login_attempts')) { $session->put('root_login_attempts', $session->get('root_login_attempts') + 1); if ($session->get('root_login_attempts') >= $max_attempts) { $innomatic->abort($innomatic_locale->getStr('wrongpwd')); } } else { $session->put('root_login_attempts', 1); } if ($reason) { $wui_mainstatus->mArgs['status'] = $innomatic_locale->getStr($reason); } else { $wui_mainstatus->mArgs['status'] = $innomatic_locale->getStr('wrongpwd'); } } else { $session->put('domain_login_attempts', 0); } // Page render // $wui_maingroup->addChild($wui_titlebar); // $wui_maingroup->addChild( new WuiButton( 'innomaticlogo', array( 'image' => $innomatic->getBaseUrl(false).'/shared/styles/cleantheme/innomatic_big_asp.png', 'action' => $innomatic->getBaseUrl().'/' ) ) ); $wui_mainbframe->addChild($wui_mainframe); $wui_mainbframe->addChild(new WuiHorizBar('hb')); $wui_mainbframe->addChild(new WuiLink('copyright', array('label' => $innomatic_locale->getStr('auth_copyright.label'), 'link' => 'http://www.innomatic.io/', 'target' => '_blank'))); $wui_maingroup->addChild($wui_mainbframe); $wui_maingroup->addChild($wui_mainstatus); $wui_topgroup->addChild($wui_maingroup); $wui_page->addChild($wui_topgroup); $wui->addChild($wui_page); $wui->render(); $innomatic->halt(); }
public function remove() { $result = false; $hook = new \Innomatic\Process\Hook($this->rootda, 'innomatic', 'domain.remove'); if ($hook->callHooks('calltime', $this, '') == \Innomatic\Process\Hook::RESULT_OK) { $query = $this->rootda->execute('SELECT * FROM domains WHERE id=' . (int) $this->domainserial); $data = $query->getFields(); // Set the current domain object so that any component relying on // the InnomaticContainer current domain does not fail $this->container->setCurrentDomain($this); // Removes domain users. // They must be removed before disabling applications // and dropping the database. $this->removeAllUsers(); // Disables all applications. $this->disableAllApplications($this->domainserial); if ($this->container->getEdition() == \Innomatic\Core\InnomaticContainer::EDITION_MULTITENANT) { $args['dbname'] = $data['domaindaname']; $args['dbhost'] = $data['dataaccesshost']; $args['dbport'] = $data['dataaccessport']; $args['dbuser'] = $data['dataaccessuser']; $args['dbpass'] = $data['domaindapass']; $args['dbtype'] = $data['dataaccesstype']; $args['dblog'] = $this->container->getHome() . 'core/domains/' . $data['domainid'] . '/log/dataaccess.log'; $this->dataAccess->close(); $this->dataAccess->dropDB($args); } // Removes cached items. $cache_gc = new \Innomatic\Datatransfer\Cache\CacheGarbageCollector(); $cache_gc->removeDomainItems((int) $data['id']); // Removes domain from root database. $this->rootda->execute('DELETE FROM domains WHERE id=' . (int) $data['id']); $this->rootda->execute('DELETE FROM applications_options_disabled WHERE domainid=' . $this->domainserial); $log = $this->container->getLogger(); $log->logEvent($data['domainid'], 'Removed domain ' . $data['domainid'], \Innomatic\Logging\Logger::NOTICE); if (!empty($data['domainid']) and !in_array($data['domainid'], $this->reservedNames)) { if (!\Innomatic\Security\SecurityManager::isAboveBasePath($this->container->getHome() . 'core/domains/' . $data['domainid'], $this->container->getHome() . 'core/domains/')) { // Removes domain directory inside Innomatic webapp \Innomatic\Io\Filesystem\DirectoryUtils::unlinkTree($this->container->getHome() . 'core/domains/' . $data['domainid']); } // Removes domain webapp \Innomatic\Webapp\WebAppContainer::eraseWebApp($data['domainid']); } if ($hook->callHooks('domainremoved', $this, '') == \Innomatic\Process\Hook::RESULT_OK) { $result = true; } // Tells the security manager that the domain has been removed. if ($this->container->getConfig()->Value('SecurityAlertOnDomainOperation') == '1') { $innomatic_security = new \Innomatic\Security\SecurityManager(); $innomatic_security->sendAlert('Domain ' . $data['domainid'] . ' has been removed'); unset($innomatic_security); } } return $result; }