/** * Log errors to system_logs table. * * @param string $method The method name * @param string $message The error message * @param string $trace The unique trace key * * @return void */ protected function logError(string $method, string $message, string $trace) { ServiceRequestContainer::perform()->Database->insertiNetRecordLog(ServiceRequestContainer::perform()->Session->getPassport('email'), sprintf('-- SFTP Error: %s - [ %s ] [ %s ]', $method, $message, $trace)); }
/** * Constructor. * * @param AssetInterface $asset The AssetInterface * @param DatabaseInterface $dbh The DatabaseInterface * @param SessionInterface $session The SessionInterface * @param ConfigurationInterface $config The ConfigurationInterface * * @api */ public function __construct(AssetInterface $asset, DatabaseInterface $dbh, SessionInterface $session, ConfigurationInterface $config) { $this->setProperty('dbh', $dbh)->setProperty('asset', $asset)->setProperty('config', $config)->setProperty('session', $session)->setProperty('benchmark', ServiceRequestContainer::perform()->Benchmark)->setUserPassport()->setDynamicSettings()->setDesignConstants()->setTemplateHeadConstants()->setTemplateFooterConstants()->setTwigConfiguration()->setPreferredTemplates(); }
/** * Set the user Passport and Application Controls. * * @return DatabaseInterface The current instance * * @api */ protected function setUserAccountApplicationControl() : DatabaseInterface { $this->resultDataSet['record']['settings'] = ServiceRequestContainer::perform()->Yaml->deserialize($this->getRecord()['user_settings'])['settings']['passport']; $this->resultDataSet['record']['is_intranet_access_enabled'] = $this->resultDataSet['record']['settings']['is_intranet_access_enabled']; $this->resultDataSet['record']['application_control'] = join(',', array_keys($this->resultDataSet['record']['settings']['application_control'])); return $this; }
/** * Application Turn-Key. * * @notes Application Turn-key * A destination requested before authenticating relays * user to desired URL/destination (this by-passes Panel). * * Sometimes a user has requested a destination before * authenticating on the system. This checks to see if * a destination was set and will relay to the URL once * authentication has been completed. * * To use prior to authenticating, assign the full * application URL to $session->setPassport('destination_relay'). * Once authenticated, the /Login/index.php will relay * to the destination. * * @return bool */ public function runApplicationTurnKey() : bool { $session = ServiceRequestContainer::perform()->Session; if (!ServiceRequestContainer::perform()->Passport->has('token')) { $session->setPassport('destination_relay', $this->getProperty('relRootApp')); $this->requestRoute($this->getProperty('redirectLogout') . '/php-token-missing/'); } else { $this->turnKeyValidate($session, $this->dbh->isSessionTokenAvailable($session->getPassport('token'))->getRecords()); } return true; }
/** * Check Database persistence condition. * * @param array $data The database provided user data * * @return bool * * @api */ public function validUserAccount(array $data) : bool { $persist = ServiceRequestContainer::perform()->Persistence; /* Does user exist? */ if (1 !== $data['record_count']) { $persist->createSystemLog(sprintf('-- Error [ Switched-account ] [ admin: %s ]: No database User record found in personnel.', $this->getPassport('role_adusername'))); return false; } /* Check user access */ if (false === $data['is_intranet_access_enabled']) { $persist->createSystemLog(sprintf('-- Error [ Switched-account ] [ admin: %s ]: Database says user not allow entry.', $this->getPassport('role_adusername'))); return false; } if (null === $data['is_intranet_access_enabled']) { $persist->createSystemLog(sprintf('-- Error [ Switched-account ] [ admin: %s ]: Database says system down for maintenance.', $this->getPassport('role_adusername'))); return false; } return true; }
/** * Create a database session. * * @param string $seed The unique crypt key string * * @return DatabaseInterface The current instance * * @api */ public function createDatabaseSession(string $seed = null) : DatabaseInterface { $session = ServiceRequestContainer::perform()->Session; $cryptKey = null === $seed ? $this->getSha512() : $this->getSha512($seed); /* Process Order */ $order = ['method' => 'REPLACE', 'table' => 'system_sessions', 'set' => ['email' => $session->getPassport('email'), 'created_at' => $session->getPassport('time_created'), 'updated_at' => date(static::MYSQL_DATE_FORMAT), 'token' => $session->getPassport('token'), 'crypt_key' => $cryptKey, 'storage' => 'None', 'remote_addr' => sprintf('%u', ip2long($this->server->get('REMOTE_ADDR')))], 'types' => ['s', 's', 's', 's', 's', 's', 's']]; return $this->process($order); }
/** * Get user items for Passport. * * @param array $data The list of items from the database * @param array $passportType The check for switch-user * * @return array */ public function getPassportAdminRole(array $data, string $passportType = 'switchUserPassport') : array { $configVault = new ConfigurationVault(ServiceRequestContainer::perform()->Filesystem, ServiceRequestContainer::perform()->Yaml); $configVault->openVaultFile('administrator'); $sendGeneralUser = ['role_user' => in_array($data['adusername'], array_keys($configVault->getRecords()['administrator']['superuser'])) ? 'SUPER_ADMIN_ROLE' : 'USER_ROLE', 'role_uuid' => $this->sanitizeString($data['uuid'], 36, 36), 'role_adusername' => $this->sanitizeString($data['adusername'], 3, 30), 'role_masquerade_enabled' => false]; $sendSwitchUser = ['role_masquerade_enabled' => $data['adusername'] === $this->getPassport('role_adusername') ? false : true]; return 'switchUserPassport' === $passportType ? $sendSwitchUser : $sendGeneralUser; }