/**
* Start an impersonated session with Kaltura's server.
* The result KS is the session key that you should pass to all services that requires a ticket.
*
* @action impersonate
* @param string $secret Remember to provide the correct secret according to the sessionType you want
* @param int $impersonatedPartnerId
* @param string $userId
* @param KalturaSessionType $type Regular session or Admin session
* @param int $partnerId
* @param int $expiry KS expiry time in seconds
* @param string $privileges
* @return string
*
* @throws APIErrors::START_SESSION_ERROR
*/
function impersonateAction($secret, $impersonatedPartnerId, $userId = "", $type = 0, $partnerId = null, $expiry = 86400, $privileges = null)
{
KalturaResponseCacher::disableCache();
// verify that partnerId exists and is in correspondence with given secret
$result = myPartnerUtils::isValidSecret($partnerId, $secret, "", $expiry, $type);
if ($result !== true) {
throw new KalturaAPIException(APIErrors::START_SESSION_ERROR, $partnerId);
}
// verify partner is allowed to start session for another partner
if (!myPartnerUtils::allowPartnerAccessPartner($partnerId, $this->partnerGroup(), $impersonatedPartnerId)) {
throw new KalturaAPIException(APIErrors::START_SESSION_ERROR, $partnerId);
}
// get impersonated partner
$impersonatedPartner = PartnerPeer::retrieveByPK($impersonatedPartnerId);
if (!$impersonatedPartner) {
// impersonated partner could not be fetched from the DB
throw new KalturaAPIException(APIErrors::START_SESSION_ERROR, $partnerId);
}
// set the correct secret according to required session type
if ($type == KalturaSessionType::ADMIN) {
$impersonatedSecret = $impersonatedPartner->getAdminSecret();
} else {
$impersonatedSecret = $impersonatedPartner->getSecret();
}
// make sure the secret fits the one in the partner's table
$ks = "";
$result = kSessionUtils::startKSession($impersonatedPartner->getId(), $impersonatedSecret, $userId, $ks, $expiry, $type, "", $privileges, $partnerId);
if ($result >= 0) {
return $ks;
} else {
throw new KalturaAPIException(APIErrors::START_SESSION_ERROR, $partnerId);
}
}
public static function startKSession($partner_id, $partner_secret, $puser_id, &$ks_str, $desired_expiry_in_seconds = 86400, $admin = false, $partner_key = "", $privileges = "", $master_partner_id = null, $additional_data = null)
{
$ks_max_expiry_in_seconds = "";
// see if we want to use the generic setting of the partner
$result = myPartnerUtils::isValidSecret($partner_id, $partner_secret, $partner_key, $ks_max_expiry_in_seconds, $admin);
if ($result >= 0) {
if ($ks_max_expiry_in_seconds && $ks_max_expiry_in_seconds < $desired_expiry_in_seconds) {
$desired_expiry_in_seconds = $ks_max_expiry_in_seconds;
}
// echo "startKSession: from DB: $ks_max_expiry_in_seconds | desired: $desired_expiry_in_seconds " ;
$ks = new ks();
$ks->valid_until = time() + $desired_expiry_in_seconds;
// store in milliseconds to make comparison easier at validation time
// $ks->type = $admin ? ks::TYPE_KAS : ks::TYPE_KS;
if ($admin == false) {
$ks->type = ks::TYPE_KS;
} else {
$ks->type = $admin;
}
// if the admin > 1 - use it rather than automatially setting it to be 2
$ks->partner_id = $partner_id;
$ks->master_partner_id = $master_partner_id;
$ks->partner_pattern = $partner_id;
$ks->error = 0;
$ks->rand = microtime(true);
$ks->user = $puser_id;
$ks->privileges = $privileges;
$ks->additional_data = $additional_data;
$ks_str = $ks->toSecureString();
return 0;
} else {
return $result;
}
}
public static function startKSession($partner_id, $partner_secret, $puser_id, &$ks_str, $desired_expiry_in_seconds = 86400, $admin = false, $partner_key = "", $privileges = "", $master_partner_id = null, $additional_data = null)
{
$ks_max_expiry_in_seconds = "";
// see if we want to use the generic setting of the partner
ks::validatePrivileges($privileges, $partner_id);
$result = myPartnerUtils::isValidSecret($partner_id, $partner_secret, $partner_key, $ks_max_expiry_in_seconds, $admin);
if ($result >= 0) {
if ($ks_max_expiry_in_seconds && $ks_max_expiry_in_seconds < $desired_expiry_in_seconds) {
$desired_expiry_in_seconds = $ks_max_expiry_in_seconds;
}
// echo "startKSession: from DB: $ks_max_expiry_in_seconds | desired: $desired_expiry_in_seconds " ;
$ks_type = ks::TYPE_KS;
if ($admin) {
$ks_type = $admin;
}
// if the admin > 1 - use it rather than automatially setting it to be 2
$ks = self::createKSession($partner_id, $partner_secret, $puser_id, $desired_expiry_in_seconds, $ks_type, $privileges, $additional_data, $master_partner_id);
$ks_str = $ks->toSecureString();
return 0;
} else {
return $result;
}
}
