public static function createVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message, &$output = "")
{
$vappliance = VoAdmin::getVAppliance($vappliance);
$user = VoAdmin::getUser($user);
$vos = self::normalizeVOs($vos);
$isvalid = self::validateRequest($user, $vappliance, $notificationtype, $vos, $subject, $message);
if ($isvalid !== true) {
return $isvalid;
}
$notification = self::getNotificationMessage($user, $vappliance, $notificationtype, $vos, $subject, $message);
$notification["recipients"] = VoAdmin::getRecipientsPerVO($vos);
$notification["useremail"] = $user->getPrimaryContact();
$notification["username"] = $user->firstname . " " . $user->lastname;
$output = $notification;
return true;
}
public function isloggedinAction()
{
if (trim($_SERVER['REQUEST_METHOD']) === "GET") {
if ($this->session->isLocked()) {
$this->session->unLock();
}
session_write_close();
}
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$res = "0";
header('Access-Control-Allow-Origin: *');
if ($this->session && isset($this->session->developsession) && $this->session->developsession === true) {
if ($this->session->userid) {
$res = "1";
}
}
if ($res === "0") {
$source = SamlAuth::isAuthenticated();
}
if ($source !== false) {
$res = "1";
if (isset($_GET['profile']) && $_GET['profile'] === 'attributes' && $this->isAllowedProfileDataDomain()) {
header('Content-type: application/json');
$attrs = $source->getAttributes();
if ($attrs && count($attrs) > 0) {
$sourceIdentifier = false;
$uid = false;
$userAccount = false;
try {
if (isset($attrs['idp:sourceIdentifier']) && count($attrs['idp:sourceIdentifier']) === 1) {
$sourceIdentifier = $attrs['idp:sourceIdentifier'][0];
$sourceIdentifier = str_replace('-sp', '', $sourceIdentifier);
}
if (isset($attrs['idp:uid']) && count($attrs['idp:uid']) === 1) {
$uid = $attrs['idp:uid'][0];
}
if ($sourceIdentifier && $uid) {
$userAccount = SamlAuth::getUserAccount($uid, $sourceIdentifier);
}
if ($userAccount) {
$attrs['entitlements'] = array('vo' => array('memberships' => VoAdmin::getUserMembership($userAccount->researcherid)));
}
} catch (Exception $ex) {
}
}
echo json_encode($attrs);
return;
}
}
echo $res;
}
public function contactvosAction()
{
$this->_helper->layout->disableLayout();
$vappid = isset($_GET["id"]) && is_numeric($_GET["id"]) ? trim($_GET["id"]) : 0;
$isget = $_SERVER['REQUEST_METHOD'] === "GET" ? true : false;
$ispost = $_SERVER['REQUEST_METHOD'] === "POST" ? true : false;
$vappliance = VoAdmin::getVAppliance($vappid);
$vappversion = VoAdmin::getVAppVersion($vappliance);
$user = VoAdmin::getUser($this->session->userid);
$canmanagevas = false;
if ($user !== null && $vappliance !== null) {
$privs = $user->getPrivs();
if ($privs !== null && $privs->canManageVAs($vappliance->guid)) {
$canmanagevas = true;
}
}
if ($vappid <= 0 || $vappliance === null || $user === null || $canmanagevas === false || $isget === false && $ispost === false) {
$this->_helper->viewRenderer->setNoRender();
header('HTTP/1.0 404 Not Found');
header("Status: 404 Not Found");
return;
}
if ($isget === true) {
$this->view->volist = VoAdmin::getEndorsedVos($vappliance, true);
return;
}
$this->_helper->viewRenderer->setNoRender();
$notificationtype = isset($_POST["notificationtype"]) ? trim($_POST["notificationtype"]) : "";
$subject = isset($_POST["subject"]) ? trim($_POST["subject"]) : "";
$message = isset($_POST["message"]) ? trim($_POST["message"]) : "";
$vos = isset($_POST["vos"]) ? $_POST["vos"] : "[]";
$vos = json_decode($vos);
$preview = isset($_POST["preview"]) ? trim($_POST["preview"]) : "false";
$preview = $preview === "true" ? true : false;
$output = array();
if ($preview === true) {
$result = VoContact::createVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message, $output);
if ($result !== true) {
if ($result === false) {
$result = "Could not create notification";
}
echo "<response error='" . $result . "' ></response>";
} else {
echo "<response success='true'>";
echo "<message>" . htmlentities($output["message"]) . "</message>";
echo "<from name='" . htmlentities($output["username"]) . "' email='" . htmlentities($output["useremail"]) . "'></from>";
if (userIsAdminOrManager($user->id) === true && isset($output["recipients"])) {
echo "<vorecipients>";
foreach ($output["recipients"] as $rec) {
echo "<vo id='" . htmlentities($rec["void"]) . "' name='" . htmlentities($rec["vo"]) . "' >";
foreach ($rec["contacts"] as $cont) {
echo "<contact name='" . htmlentities($cont["name"]) . "' email='" . htmlentities($cont["email"]) . "' role='" . htmlentities($cont["role"]) . "' ></contact>";
}
echo "</vo>";
}
echo "</vorecipients>";
}
echo "</response>";
}
} else {
$result = VoContact::sendVONotification($user, $vappliance, $notificationtype, $vos, $subject, $message);
if ($result === true) {
echo "<response success='true'></response>";
} else {
if ($result === false) {
$result = "Could not create notification";
}
echo "<response error='" . $result . "' ></response>";
}
}
}
public function detailsAction()
{
$pplID = $this->_getParam("id");
trackPage('/people/details?id=' . $pplID, $this->_getParam("format"));
if ($pplID == '') {
$pplID = $this->session->lastPplID;
}
$this->_helper->layout->disableLayout();
$ppl = new Default_Model_Researchers();
if ($this->session->userid !== null) {
if (userIsAdminOrManager($this->session->userid)) {
$ppl->viewModerated = true;
}
}
if ($this->_getParam("id") == "0") {
$this->view->entry = new Default_Model_Researcher();
$this->view->entry->countryID = '0';
} else {
if (is_numeric($pplID) === true) {
$ppl->filter->id->equals($pplID);
} else {
if (substr($pplID, 0, 2) === "s:") {
$pplCname = substr($pplID, 2);
$ppl->filter->cname->ilike($pplCname);
}
}
$ppl->refresh($this->_getParam('format'), $this->_getParam('userid'));
if (count($ppl->items) > 0) {
$this->view->entry = $ppl->items[0];
$pplID = $this->view->entry->id;
}
// BEGIN: API logging hack
$cid = 0;
// clientID: 0 --> appDB portal
if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] != '') {
$src = "'" . $_SERVER['REMOTE_ADDR'] . "'";
} else {
$src = '';
}
if (is_numeric($this->session->userid) && $this->view->entry) {
// only log if we have a valid userid
$sql = "INSERT INTO ppl_api_log (pplid, timestamp, researcherid, source, ip) VALUES (" . $pplID . ", NOW(), " . $this->session->userid . ", " . $cid . ", " . $src . ");";
db()->query($sql)->fetchAll();
}
// END: API logging hack
if (isnull($this->view->entry->image) === false) {
$this->view->image = "/people/getimage?id=" . $this->view->entry->id . "&req=" . urlencode($this->view->entry->lastUpdated);
}
}
$this->view->dialogCount = $_GET['dc'];
$this->view->positionTypes = new Default_Model_PositionTypes();
$this->view->positionTypes->filter->orderBy('ord');
$this->view->countries = new Default_Model_Countries();
$this->view->countries->filter->orderBy('name');
$this->view->contactTypes = new Default_Model_ContactTypes();
if (isnull($this->_getParam("tab")) == false) {
$this->view->selectedTab = $this->_getParam("tab");
}
$this->view->session = $this->session;
if ($this->session->username !== null && $this->session->userid !== null) {
$users = new Default_Model_Researchers();
$users->filter->id->equals($this->session->userid);
$this->view->user = $users->items[0];
} else {
$this->view->user = null;
}
//Setup vo membership data
$this->view->entryVoMemberShip = "[]";
$this->view->entryRelationsXml = EntityRelations::relationsToXml($this->view->entry->guid);
if (is_null($this->view->entry) === false && is_numeric($this->view->entry->id) && intval($this->view->entry->id) > 0) {
$this->view->entryVoMemberShip = html_entity_decode(VoAdmin::getUserMembership($this->view->entry, true));
}
}
public function voimageAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$format = $this->getRequest()->getParam("format");
$guid = trim($this->getRequest()->getParam("guid"));
$accesstoken = trim($this->getRequest()->getParam("accesstoken"));
$strict = isset($_GET["strict"]) ? true : false;
if ($format === null || $format === "json") {
header('Content-type: application/json');
} else {
if ($format === "xml") {
header('Content-type: application/xml');
}
}
if ($guid !== "") {
$imageid = null;
if (strpos($guid, ":") !== false) {
$tmp = explode(":", $guid);
if (count($tmp) > 1) {
$guid = $tmp[0];
$imageid = $tmp[1];
}
}
if ($imageid !== null) {
$result = VoAdmin::getImageInfoById($imageid, $guid, $strict);
} else {
$result = VoAdmin::getImageInfoByIdentifier($guid);
}
$canaccessvadata = false;
if ($result !== null) {
$result["isprivateimage"] = false;
$result["canaccessprivate"] = true;
$vapp = $result["va"];
if ($vapp->imglstprivate) {
$result["isprivateimage"] = true;
$result["canaccessprivate"] = false;
$vapp = $result["va"];
$app = $vapp->getApplication();
if ($privs !== null) {
$canaccessvadata = $privs->canAccessVAPrivateData($app->guid);
}
$result["canaccessprivate"] = $canaccessvadata;
}
}
if ($result !== null && isset($result['image'])) {
$im = $result['image'];
$result['sites'] = VMCaster::getSitesByVMI($im->guid, $im->id);
}
if ($result !== null && $format == null) {
//UI call
$result["result"] = "success";
$va = $result["va"];
$app = $va->getApplication();
$version = $result["version"];
$image = $result["image"];
$vo = $result["vo"];
$voimage = $result["voimage"];
$voimagelist = $result["voimagelist"];
$result["app"] = array("id" => $app->id, "name" => $app->name, "cname" => $app->cname);
$result["va"] = array("id" => $va->id);
$result["version"] = array("id" => $version->id, "version" => $version->version, "published" => $version->published, "archived" => $version->archived, "enabled" => $version->enabled);
$result["image"] = array("id" => $image->id, "identifier" => $voimage->guid, "baseidentifier" => $image->guid);
$result["vo"] = array("id" => $vo->id, "name" => $vo->name, "domain" => $vo->domain->name);
$result["voimagelist"] = array("id" => $voimagelist->id, "state" => $voimagelist->state);
$result["voimage"] = array("id" => $voimage->id, "state" => $voimage->state);
echo json_encode($result, JSON_HEX_TAG | JSON_NUMERIC_CHECK);
return;
} else {
if ($format !== null) {
if ($result !== null) {
$result = VMCaster::convertImage($result, $format);
}
if ($result !== null) {
echo $result;
} else {
header('HTTP/1.0 404 Not Found');
header("Status: 404 Not Found");
}
return;
}
}
}
echo json_encode(array("result" => "error", "message" => "Image not found"));
}