/**
* Run a merge using the AIR2Merge library.
*
* @param array $response_data
*/
protected function run($response_data = array())
{
// turn off logging during the merge
$was_logging_enabled = AIR2Logger::$ENABLE_LOGGING;
AIR2Logger::$ENABLE_LOGGING = false;
// run the merge and reset logging
$type = $this->my_type;
$errs = AIR2Merge::merge($this->prime, $this->merge, $this->ops, $this->commit_on_success);
$result = AIR2Merge::get_result();
AIR2Logger::$ENABLE_LOGGING = $was_logging_enabled;
// what happened?
$status = 200;
if ($errs === true) {
$response_data['success'] = true;
$response_data['message'] = "Successfully merged {$type}s";
// attach the "merged" object to data
$response_data['ResultSource'] = $result['result'];
air2_clean_radix($response_data['ResultSource'], $this->radix_whitelist);
// attach ops used
$response_data['op_prime'] = $result['prime'];
$response_data['op_merge'] = $result['merge'];
// log the merge
if ($this->commit_on_success) {
$this->log_activity($result, $response_data);
}
} elseif (is_string($errs)) {
$response_data['success'] = false;
$response_data['message'] = $errs;
$status = 500;
} else {
$response_data['success'] = false;
$response_data['message'] = "Unable to merge {$type}s";
$response_data['errors'] = $errs;
$status = 400;
// attach ops used
$response_data['op_prime'] = $result['prime'];
$response_data['op_merge'] = $result['merge'];
}
// attach fact data
$rs = AIR2_DBManager::get_connection()->fetchAll('select * from fact');
$response_data['facts'] = array();
foreach ($rs as $row) {
$response_data['facts'][$row['fact_id']] = $row;
}
// respond with data
$this->response($response_data, $status);
}
/**
* initialize security for this controller
*
* This function determines what (if any) security the user has and
* encapsulates it in the $AIR2User class variable. Will return a
* login page and exit if the user cannot be authenticated.
*
* @access private
* @return void
*/
private function _init_security()
{
// check if the credentials were good
if (!$this->airuser->has_valid_tkt() || !$this->airuser->get_user()) {
// user not authenticated
$this_uri = current_url() . '?' . $this->input->server('QUERY_STRING');
//Carper::carp("Permission denied for $this_uri");
$uri = $this->uri_for('login', array('back' => $this_uri));
//echo "Location: $uri\n";
redirect($uri);
exit(0);
}
// ok credentials. does the user have min authz?
$air2_user = $this->airuser->get_user();
// skip authz check if SYSTEM or TEST user
// TODO the TEST type really ought to be tested here as well
// but that will require audit of existing unit tests.
if ($air2_user['user_type'] != 'S' && $air2_user['user_type'] != 'T') {
$cum_authz = 0;
foreach ($air2_user->get_authz() as $org_id => $bitmask) {
$cum_authz += $bitmask;
}
if ($cum_authz == 0) {
Carper::carp("authn ok for " . $air2_user->user_username . " type=" . $air2_user['user_type'] . " but no authz");
show_error('Insufficient authz', 403);
}
}
//set global remote user ID and TYPE (for upd/cre user stamps)
define('AIR2_REMOTE_USER_ID', $this->airuser->get_id());
define('AIR2_REMOTE_USER_TYPE', $air2_user['user_type']);
// enable activity logging
// TODO: where else can this go? Would it be better to default to true?
AIR2Logger::$ENABLE_LOGGING = true;
// authn ok
return true;
}