public function loginAction()
{
/* Check whether the user is already logged in */
if ($this->session->userid !== null) {
if (!$this->handle_actions()) {
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
header('Location: https://' . $_SERVER['HTTP_HOST'] . '/');
}
return;
}
$this->view->session = $this->session;
$ldap = ApplicationConfiguration::service('egi.ldap.host');
if (array_key_exists('username', $_POST)) {
$this->view->username = $_POST['username'];
$username = "******" . $_POST['username'] . ",ou=People,dc=egi,dc=eu";
$password = $_POST['password'];
$ds = $this->initLDAP(true, $username, $password);
if (is_resource($ds)) {
@ldap_close($ds);
$username = $_POST['username'];
$this->session->username = $username;
$users = new Default_Model_Researchers();
$users->viewModerated = true;
$users->filter->username->equals($username);
if ($users->count() == 1) {
if (!$users->items[0]->deleted) {
$this->session->userid = $users->items[0]->Id;
$this->session->userRole = $users->items[0]->positionTypeID;
$this->session->userCountryID = $users->items[0]->countryID;
$this->session->userCountryName = $users->items[0]->country->name;
$this->session->user = $users->items[0];
$this->session->fullName = $users->items[0]->firstName . " " . $users->items[0]->lastName;
$this->session->cname = $users->items[0]->cname;
setAuthCookies($username, md5($password));
$user = $users->items[0];
$user->lastLogin = time();
$user->password = md5($password);
// TODO: remove this when SAML has been implemented
$user->save();
$this->saveUserCredentials($user->id, md5($password));
// TODO: replace with SAML Auth token
$this->handle_actions();
} else {
$this->view->accountDeleted = true;
error_log(var_export($users->items[0]->delInfo, true));
$this->view->accountDeleter = $users->items[0]->delInfo->deleter->name;
$this->view->accountDeleterID = $users->items[0]->delInfo->deleter->id;
$this->view->accountDeletedOn = $users->items[0]->delInfo->deletedOn;
}
} else {
$this->session->claimPassword = md5($password);
$ds = $this->initLDAP(true);
// no rdn/pwd: root connection
if ($ds !== false) {
$users2 = new Default_Model_Contacts();
$sr = ldap_search($ds, "ou=people,dc=egi,dc=eu", "(uid=" . $_POST['username'] . ")");
$info = ldap_get_entries($ds, $sr);
ldap_close($ds);
if ($info["count"] > 0) {
$this->session->fullName = $info[0]['cn'][0];
$users2->filter->data->ilike($info[0]['mail'][0]);
if ($users2->refresh()->count() != 0) {
// Found existing profiles
$ids = array();
for ($i = 0; $i < $users2->count(); $i++) {
$ids[] = $users2->items[$i]->researcherid;
}
$users->viewModerated = false;
$users->filter->id->in($ids);
$users->refresh();
$entries = array();
$canClaim = array();
for ($i = 0; $i < $users->count(); $i++) {
$entries[] = $users->items[$i];
$canClaim[] = $users->items[$i]->id;
}
$this->view->entries = $entries;
$this->session->canClaim = $canClaim;
} else {
// Create a new profile
$roleTypeID = 3;
if (array_key_exists('usercertificatesubject', $info[0])) {
$sub = explode('/', $info[0]['usercertificatesubject'][0]);
foreach ($sub as $s) {
if (substr($s, 0, 2) == 'C=') {
$country = substr($s, 2);
$cs = new Default_Model_Countries();
$cs->filter->isocode->equals($country);
if ($cs->count() > 0) {
$this->view->country = $cs->items[0]->name;
}
break;
}
}
}
if (array_key_exists('sn', $info[0])) {
$this->view->lastname = $info[0]['sn'][0];
$this->view->firstname = str_replace($info[0]['sn'][0], "", $info[0]['cn'][0]);
}
if (array_key_exists('destinationindicator', $info[0])) {
$this->view->gender = $info[0]['destinationindicator'][0];
}
if (array_key_exists('ou', $info[0])) {
$this->view->institute = $info[0]['ou']['0'];
}
if (array_key_exists('employeetype', $info[0])) {
if ($info[0]['employeetype'][0] == "Experienced researcher" || $info[0]['employeetype'][0] == "Management") {
$roleTypeID = 2;
} else {
if ($info[0]['employeetype'][0] == "Technical Support" || $info[0]['employeetype'][0] == "PhD Student") {
$roleTypeID = 3;
} else {
$roleTypeID = 4;
}
}
}
if (array_key_exists('mail', $info[0])) {
$this->view->SSOmail = $info[0]['mail'][0];
}
$pts = new Default_Model_PositionTypes();
$pts->filter->id->equals($roleTypeID);
$this->view->roleType = $pts->items[0]->description;
$contactTypes = new Default_Model_ContactTypes();
$this->view->contactTypes = $contactTypes->refresh();
}
}
} else {
error_log($this->view->ldapError);
}
}
} else {
error_log($this->view->ldapError);
}
}
}
public function updateAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$hasEditRights = false;
$entries = new Default_Model_Researchers();
if ($this->session->userid !== null) {
// there is a user logged in
$users = new Default_Model_Researchers();
$users->filter->id->equals($this->session->userid);
$user = $users->items[0];
if ($_POST['id'] == '') {
// logged in user registering another user (e.g. a manager registering someone else)
if (userIsAdminOrManager($this->session->userid)) {
$entry = new Default_Model_Researcher();
//prepare new entry
$entry->dateInclusion = date("Y-m-d");
$entry->addedBy = $this->session->userid;
$hasEditRights = true;
} else {
$hasEditRights = false;
}
// logged in user has no permission to register other users
} else {
$entry = $entries->item($_POST['id']);
// this is an update, get existing data
$hasEditRights = $user->privs->canEditPersonProfile($entry);
}
} else {
if ($this->session->username !== null) {
// no user logged in, but new user registering own self
$entry = new Default_Model_Researcher();
//prepare new entry
$entry->dateInclusion = date("Y-m-d");
$entry->username = $this->session->username;
$entry->lastLogin = time();
$entry->password = $this->session->claimPassword;
setAuthCookies($this->session->username, $this->session->claimPassword);
$this->session->claimPassword = null;
$hasEditRights = true;
}
}
if ($hasEditRights) {
$entry->lastName = $_POST['lastName'];
$entry->firstName = $_POST['firstName'];
$entry->gender = $_POST['gender'];
$entry->institution = $_POST['institution'];
$oldCountryID = $entry->countryID;
$entry->countryID = $_POST['countryID'];
$oldRoleID = $entry->positionTypeID;
$entry->positionTypeID = $_POST['positionTypeID'];
if ($_POST['newimage'] !== "") {
$imgfile = APPLICATION_PATH . "/../public/" . $_POST['newimage'];
if (file_exists(APPLICATION_PATH . "/../cache/ppl-image-" . $entry->id . ".png")) {
unlink(APPLICATION_PATH . "/../cache/ppl-image-" . $entry->id . ".png");
}
$entry->image = pg_escape_bytea(base64_encode(file_get_contents($imgfile)));
}
if ($this->session->userid === null) {
$entries->add($entry);
$this->session->userid = $entry->id;
$this->session->user = $entry;
$this->session->fullname = $entry->firstname . " " . $entry->lastname;
} else {
if ($_POST['id'] == '') {
$entries->add($entry);
$this->session->lastPplID = $entry->id;
} else {
$entry->save();
}
}
$entries->filter->id->equals($entry->id);
$found_new_entry = false;
$search_new_entry_count = 0;
while (!$found_new_entry || $search_new_entry_count > 10) {
$entries->refresh();
$found_new_entry = count($entries->items) > 0;
if (!$found_new_entry) {
sleep(1);
}
$search_new_entry_count = $search_new_entry_count + 1;
}
if (!$found_new_entry) {
error_log("Could not find new user entry in DB after 10 tries... This should not happen (userid: " . $entry->id . ")");
return;
}
$entry = $entries->items[0];
$ant = 'his/her';
if (!isnull($entry->gender)) {
if ($entry->gender == 'male') {
$ant = 'his';
}
if ($entry->gender == 'female') {
$ant = 'her';
}
}
$conts = new Default_Model_Contacts();
$conts->refresh();
for ($i = count($entry->contacts) - 1; $i >= 0; $i--) {
$conts->remove($entry->contacts[$i]);
}
foreach ($_POST as $key => $value) {
if (substr($key, 0, 7) === "contact" && substr($key, 0, 11) !== "contactType") {
$cnum = substr($key, 7);
$cont = new Default_Model_Contact();
$cont->researcherID = $entry->id;
$cont->data = $value;
$cont->contactTypeID = $_POST['contactType' . $cnum];
$conts->add($cont);
}
}
}
if ($entry && ($this->session->userid == null || $this->session->userid == $entry->id)) {
$this->session->userid = $entry->id;
//Reload session data in case of claim or save new account
$ppl = new Default_Model_Researchers();
$ppl->filter->id->equals($this->session->userid);
$user = $ppl->items[0];
$this->session->user = $user;
$this->session->fullname = $user->firstname . " " . $user->lastname;
$this->session->userRole = $user->positionTypeID;
$this->session->userCountryID = $user->countryID;
$this->session->userCountryName = $user->country->name;
$this->session->cname = $user->cname;
}
}
