public function edit()
{
$request = $this->getPageRequest();
$view = $this->getView();
$manager = \Core\user()->checkAccess('p:/package_repository/licenses/manager');
if (!$manager) {
return View::ERROR_ACCESSDENIED;
}
$model = PackageRepositoryLicenseModel::Construct($request->getParameter(0));
if (!$model->exists()) {
return View::ERROR_NOTFOUND;
}
$form = new Form();
$form->set('callsmethod', 'PackageRepositoryLicenseController::_SaveLicense');
$form->addModel($model);
$form->addElement('submit', ['value' => 'Update License']);
$view->title = 'Edit License';
$view->assign('form', $form);
}
/**
* Check permissions on the user and system and return either blank or a string containing the error.
*
* @param string $step
*
* @return array|null
*/
private function _checkPermissions($step)
{
$error = null;
if (!\ConfigHandler::Get('/package_repository/base_directory')) {
// Check if the config is even set, can't proceed if it's not.
trigger_error('The package repository does not appear to be setup yet. Please browse to Configuration and the appropriate options.');
return ['status' => View::ERROR_SERVERERROR, 'message' => 'The package repository is not setup on this server.'];
}
$dir = Factory::Directory(\ConfigHandler::Get('/package_repository/base_directory'));
if (!$dir->exists()) {
trigger_error($dir->getPath() . ' does not appear to exist! Unable to browse repo.xml without it.');
return ['status' => View::ERROR_SERVERERROR, 'message' => $dir->getPath() . ' does not seem to exist!'];
} elseif (!$dir->isReadable()) {
trigger_error($dir->getPath() . ' does not appear to be readable! Unable to browse repo.xml without it.');
return ['status' => View::ERROR_SERVERERROR, 'message' => $dir->getPath() . ' does not seem to be readable!'];
}
if (ConfigHandler::Get('/package_repository/is_private')) {
// Lookup this license key, (or request one if not present).
$valid = false;
$autherror = 'Access to ' . SITENAME . ' (Package Repository) requires a license key and password.';
if (isset($_SERVER['PHP_AUTH_PW']) && isset($_SERVER['PHP_AUTH_USER'])) {
$user = $_SERVER['PHP_AUTH_USER'];
$pw = $_SERVER['PHP_AUTH_PW'];
} else {
$user = $pw = null;
}
if ($user && $pw) {
/** @var PackageRepositoryLicenseModel $license */
$license = PackageRepositoryLicenseModel::Construct($user);
$licvalid = $license->isValid($pw);
if ($licvalid == 0) {
// Lock this license to the remote IP, if requested by the admin.
if (ConfigHandler::Get('/package_repository/auto_ip_restrict') && !$license->get('ip_restriction')) {
$license->set('ip_restriction', REMOTE_IP);
$license->save();
}
SystemLogModel::LogInfoEvent('/packagerepository/' . $step, '[' . $user . '] accessed repository successfully');
return null;
} else {
if (($licvalid & PackageRepositoryLicenseModel::VALID_PASSWORD) == PackageRepositoryLicenseModel::VALID_PASSWORD) {
$autherror = '[' . $user . '] Invalid license password';
$status = View::ERROR_ACCESSDENIED;
SystemLogModel::LogSecurityEvent('/packagerepository/password_failure', $autherror);
}
if (($licvalid & PackageRepositoryLicenseModel::VALID_ACCESS) == PackageRepositoryLicenseModel::VALID_ACCESS) {
$autherror = '[' . $user . '] IP address not authorized';
$status = View::ERROR_ACCESSDENIED;
SystemLogModel::LogSecurityEvent('/packagerepository/ip_restriction', $autherror);
}
if (($licvalid & PackageRepositoryLicenseModel::VALID_EXPIRED) == PackageRepositoryLicenseModel::VALID_EXPIRED) {
$autherror = '[' . $user . '] License provided has expired, please request a new one.';
$status = View::ERROR_GONE;
SystemLogModel::LogSecurityEvent('/packagerepository/expired_license', $autherror);
}
if (($licvalid & PackageRepositoryLicenseModel::VALID_INVALID) == PackageRepositoryLicenseModel::VALID_INVALID) {
$autherror = '[' . $user . '] License does not exist';
$status = View::ERROR_EXPECTATIONFAILED;
SystemLogModel::LogSecurityEvent('/packagerepository/invalid_license', $autherror);
}
return ['status' => $status, 'message' => $autherror];
}
}
if (!$valid) {
header('WWW-Authenticate: Basic realm="' . SITENAME . ' (Package Repository)"');
header('HTTP/1.0 401 Unauthorized');
echo $autherror;
exit;
}
} else {
SystemLogModel::LogInfoEvent('/packagerepository/' . $step, '[anonymous connection] accessed repository successfully');
return null;
}
}
