public function indexAction()
{
trackPage('/');
if (isset($_COOKIE['rememberme']) && $this->session->userid === null) {
//save permaLink in order to handle it after login
if (array_key_exists('p', $_GET)) {
$this->session->permaLink = $_GET['p'];
}
if (APPLICATION_ENV == "production") {
header('Location: https://' . $_SERVER['HTTP_HOST'] . '/users/login');
} else {
header('Location: http://' . $_SERVER['HTTP_HOST'] . '/users/logindev2');
}
return;
}
/*
* Check if user is signed in from a different service or browser tab.
*/
if ($this->session->isLocked()) {
$this->session->unLock();
}
if ($this->session !== null && $this->session->developsession === true) {
//do nothing. It's local development instance where no SImpleSaml installed
} else {
$auth = SamlAuth::isAuthenticated();
if ($auth === false) {
//if logged in but not authdicated the clear session
if (isset($this->session->userid) && is_numeric($this->session->userid)) {
SamlAuth::logout($this->session);
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
header('Location: http://' . $_SERVER["HTTP_HOST"]);
return;
}
} else {
if (isset($this->session) === false || isset($this->session->userid) === false || is_numeric($this->session->userid) === false) {
//if authenticated but not logged in setup user session
$this->session = new Zend_Session_Namespace('default');
$attributes = $auth->getAttributes();
$uid = $attributes['idp:uid'][0];
$_SESSION['identity'] = $uid;
$_SESSION['logouturl'] = $auth->getLogoutURL();
$this->session->samlattrs = $attributes;
$this->session->samlauthsource = isset($attributes["idp:sourceIdentifier"]) ? $attributes["idp:sourceIdentifier"][0] : "";
SamlAuth::setupSamlAuth($this->session);
if ($this->session->isNewUser === true) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/newaccount');
return;
}
//Check and redirect if user account is blocked
if ($this->session->accountStatus === "blocked") {
header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/blockedaccount');
return;
}
//Check and redirect if user is deleted
if ($this->session->userDeleted === true) {
header('Location: https://' . $_SERVER['HTTP_HOST'] . '/saml/deletedprofile');
return;
}
}
}
}
$this->session->appCriteria = null;
$this->session->pplCriteria = null;
$this->session->certLogin = false;
$this->view->username = $this->session->username;
if ($this->session->userid !== null) {
$ppl = new Default_Model_Researchers();
$ppl->filter->id->equals($this->session->userid);
$user = $ppl->items[0];
$this->view->user = $user;
/* Get count of user requests */
$urs = new Default_Model_UserRequests();
$s2 = new Default_Model_PermissionsFilter();
$s2->actor->equals($this->session->userguid);
$s3 = new Default_Model_UserRequestStatesFilter();
$s3->name->equals("submitted");
$urs->filter->chain($s2->chain($s3, "AND"), "AND");
$reqsitems = $urs->items;
$uritems = array_merge($reqsitems);
//Fetch user requests for NILs
if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) {
$nilusers = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
$s1->id->numequals(3);
$s2 = new Default_Model_ResearchersFilter();
$s2->countryid->equals($this->session->userCountryID);
$s3 = new Default_Model_UserRequestStatesFilter();
$s3->name->equals("submitted");
$s4 = new Default_Model_ActorGroupsFilter();
$s4->id->numequals(-3);
$nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND");
if (count($nilusers->items) > 0) {
$uritems = array_merge($uritems, $nilusers->items);
$uritems = array_filter($uritems, 'uniqueDBObjectFilter');
}
}
$this->view->userRequests = count($uritems);
}
$p = '';
if ($this->session->permaLink != '') {
$p = $this->session->permaLink;
$this->session->permaLink = '';
} elseif (array_key_exists('p', $_GET)) {
$p = $_GET["p"];
} else {
//TODO : needs review
$p = $_SERVER["QUERY_STRING"];
$pos = strpos($p, "p=");
if ($pos === false) {
$p = '';
} else {
$p = substr($p, 2, strlen($p) - 2);
}
}
if ($p != "") {
if ($p == "reports") {
$this->view->permaLink = $p;
} elseif ($p == "brokenlinks") {
$this->view->permaLink = $p;
} elseif (substr($p, 0, 6) == "about:") {
$this->view->permaLink = $p;
} elseif (substr($p, 0, 5) == "apps:") {
$this->view->permaLink = $p;
} elseif (substr($p, 0, 7) == "people:") {
$this->view->permaLink = $p;
} else {
$pp = base64_decode($p);
$pp = mb_convert_encoding($pp, 'UTF-8');
$this->view->permaLink = $pp;
}
}
}
public function managerAction()
{
if ($_SERVER["Repository_Enabled"] !== 'true') {
$this->_helper->viewRenderer->setNoRender();
header("Status: 404 Not Found");
return;
}
$swid = $this->_getParam("id");
$dtype = $this->_getParam("datatype");
if (trim($dtype) != "") {
$this->_helper->viewRenderer->setNoRender();
$dtype = strtolower($dtype);
switch ($dtype) {
case "basereleases":
$res = Repository::getProductBaseRelease($swid);
echo '<?xml version="1.0" encoding="UTF-16" standalone="yes"?>';
echo "<repository swid='" . $swid . "' datatype='release' datasubtype='base' >";
for ($i = 0; $i < count($res); $i++) {
echo "<release id='" . $res[$i]["id"] . "' displayversion='" . $res[$i]["displayVersion"] . "' repositoryarea='" . $res[$i]["repoAreaName"] . "' />\n";
}
echo '</repository>';
return;
default:
echo '<?xml version="1.0" encoding="UTF-16" standalone="yes"?><response error="Unknown request">';
return;
}
} else {
$this->view->id = 0;
$this->view->session = null;
$this->view->releases = array();
$this->view->hasReleases = count($this->view->releases) === 0 ? false : true;
$this->view->targets = array();
$this->view->canManageRelease = false;
$this->view->hasPendingRequest = false;
if (is_numeric($swid)) {
$this->view->id = $swid;
$this->view->session = $this->session;
$this->view->canManageRelease = Repository::canManageRelease($swid, $this->session->userid);
try {
$this->view->releases = Repository::getProductReleaseList($swid);
$this->view->hasReleases = count($this->view->releases) === 0 ? false : true;
} catch (Exception $e) {
$this->view->sqlerror = "Could not retrieve releases information.";
$this->view->sqlerrordescription = $e->getMessage();
}
//Check if user has requested for release manager permissions
if ($this->session->userid && $this->view->canManageRelease == false) {
//Get current user GUID
$ps = new Default_Model_Researchers();
$ps->filter->id->equals($this->session->userid);
if (count($ps->items) > 0) {
$user = $ps->items[0];
$uguid = $user->guid;
$apps = new Default_Model_Applications();
$apps->filter->id->equals($swid);
if (count($apps->items) > 0) {
//Get current software id
$app = $apps->items[0];
$urs = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
$s1->name->equals("releasemanager");
$s2 = new Default_Model_UserRequestsFilter();
$s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid));
$s4 = new Default_Model_UserRequestStatesFilter();
$s4->id->equals(1);
$urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND");
if (count($urs->items) > 0) {
$this->view->hasPendingRequest = true;
}
}
}
}
}
}
}
public function userrequestsAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
$guid = $this->session->userguid;
$uid = $this->session->userid;
header("Content-Type:text/xml");
echo "<?xml version='1.0'?" . ">";
if (is_null($guid)) {
echo "<response error='Must be logged in'>unauthorized</response>";
return;
}
if (isset($_GET["state"]) && isset($_GET["id"])) {
$this->setUserRequestToState($_GET["id"], $_GET["state"]);
return;
}
$urs = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
//$s1->name->equals("joinapplication");
$s2 = new Default_Model_PermissionsFilter();
$s2->actor->equals($guid);
$s3 = new Default_Model_UserRequestStatesFilter();
$s3->name->equals("submitted");
$urs->filter->chain($s1->chain($s2->chain($s3, "AND"), "AND"), "AND");
$reqsitems = $urs->items;
$items = array_merge($reqsitems);
//Fetch user requests for NILs
if (userIsAdminOrManager($this->session->userid) === false && userIsNIL($this->session->userid) === true) {
$nilusers = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
$s1->id->numequals(3);
$s2 = new Default_Model_ResearchersFilter();
$s2->countryid->equals($this->session->userCountryID);
$s3 = new Default_Model_UserRequestStatesFilter();
$s3->name->equals("submitted");
$s4 = new Default_Model_ActorGroupsFilter();
$s4->id->numequals(-3);
$nilusers->filter->chain($s1->chain($s2->chain($s3->chain($s4, "AND"), "AND"), "AND"), "AND");
if (count($nilusers->items) > 0) {
$items = array_merge($items, $nilusers->items);
$items = array_filter($items, 'uniqueDBObjectFilter');
}
}
$count = count($items);
if ($count === 0) {
echo "<response count='0'></response>";
return;
}
$res = "";
foreach ($items as $r) {
$users = new Default_Model_Researchers();
$users->filter->guid->equals($r->userguid);
$u = $users->items[0];
if ($r->typeid !== 3) {
$app = new Default_Model_Applications();
$app->filter->guid->equals($r->targetguid);
$a = $app->items[0];
//In case of
if ($r->typeid == 2) {
if ($a->ownerid != $uid && $a->addedby != $uid && !userIsAdminOrManager($uid)) {
$count = $count - 1;
continue;
}
}
$primarycategory = $a->getPrimaryCategory();
$isvappliance = "false";
if (trim($primarycategory->id) === "34") {
$isvappliance = "true";
}
}
//error_log("USER COUNTRY: " . var_export($u->country,true));
$res .= "<userrequest id='" . $r->id . "' created='" . date("c", strtotime($r->created)) . ($r->lastupdated ? "' lastupdated='" . date("c", strtotime($r->lastupdated)) : "") . "' targetguid='" . $r->targetguid . "'>";
$res .= "<type id='" . $r->requestType->id . "'>" . $r->requestType->name . "</type>";
if ($r->typeid !== 3) {
$res .= "<application id='" . $a->id . "' cname='" . $a->cname . "' isvirtualappliance='" . $isvappliance . "'>" . $a->name . "</application>";
}
$res .= "<user id='" . $u->id . "' >";
$res .= "<name>" . $u->firstName . " " . $u->lastName . "</name>";
$res .= "<cname>" . $u->cname . "</cname>";
$res .= "<role>" . $u->positionType->description . "</role>";
$res .= "<institution>" . $u->institution . "</institution>";
$res .= "<country id='" . $u->countryid . "' isocode='" . $u->country->ISOcode . "' >" . $u->country->name . "</country>";
$res .= "<message>" . $r->userdata . "</message>";
$res .= "</user>";
$res .= "<state id='" . $r->requestState->id . "'>" . $r->requestState->name . "</state>";
$res .= "</userrequest>";
}
echo "<response count='" . $count . "'>";
echo $res;
echo "</response>";
}
public function requestreleasemanagerAction()
{
$this->_helper->layout->disableLayout();
$this->_helper->viewRenderer->setNoRender();
header('Content-type: text/xml');
$appid = -1;
$app = null;
//Validate user input data
$err = "";
$uid = $this->session->userid;
//Get current user GUID
$ps = new Default_Model_Researchers();
$ps->filter->id->equals($uid);
$user = $ps->items[0];
$uguid = $user->guid;
//Various validations
if (is_null($uid)) {
$err = 'Must be logged in';
} else {
if (isset($_GET["id"]) == false) {
$err = 'Software id is required';
} else {
if (is_numeric($_GET["id"]) == false) {
$err = 'Software id is not valid';
} else {
$appid = $_GET["id"];
$apps = new Default_Model_Applications();
$apps->filter->appid->equals($appid);
if (count($apps->items) === 0) {
$err = "Software not found";
}
}
}
}
if ($err === "") {
$app = $apps->items[0];
$appguid = $app->guid;
$perms = new Default_Model_Permissions();
$perms->filter->researcherid->equals($uid)->and($perms->filter->actionid->equals(30)->and($perms->filter->uuid->equals($appguid)));
if (count($perms->items) > 0) {
$err = "Already have permissions to manage releases";
}
}
//Check if requestor is associated with the application
if ($err === "") {
$app = $apps->items[0];
$rs = $app->getResearchers();
$found = false;
if (count($rs) > 0) {
foreach ($rs as $r) {
if ($r->id == $uid) {
$found = true;
break;
}
}
}
if ($found == false) {
$err = "User must be associated to the software item as a contact.";
}
}
//Check if any error occured during validations
if ($err !== "") {
echo "<response error='" . $err . "'></response>";
return;
}
//User only checks the state of request
if (isset($_GET["state"])) {
$urs = new Default_Model_UserRequests();
$s1 = new Default_Model_UserRequestTypesFilter();
$s1->name->equals("releasemanager");
$s2 = new Default_Model_UserRequestsFilter();
$s2->targetguid->equals($app->guid)->and($s2->userguid->equals($uguid));
$s4 = new Default_Model_UserRequestStatesFilter();
$s4->id->equals(1);
$urs->filter->chain($s1->chain($s2->chain($s4, "AND"), "AND"), "AND");
if ($urs->count() > 0) {
echo "<response>pending</response>";
} else {
echo "<response>false</response>";
}
return;
}
//Validation is OK, continue to user request submition
db()->beginTransaction();
try {
$msg = isset($_GET["m"]) ? $_GET["m"] : "";
//If not in base64 format it will crash
if ($msg !== "") {
//do nothing
}
//Check inclusion list. This receiver will get the notification even if he is not allowed.
if (isset($_GET["r"])) {
//TODO
}
//Check exclution list. This receivers won't get the mail notification.
if (isset($_GET["e"])) {
//TODO
}
//save request
$ur = new Default_Model_UserRequest();
$ur->typeid = 2;
//releasemanager
$ur->userguid = $uguid;
$ur->userdata = $msg;
$ur->targetguid = $app->guid;
$ur->stateid = 1;
//submitted;
$ur->save();
db()->commit();
} catch (Exception $e) {
db()->rollBack();
echo "<response error='Could not save request' >" . $e->getMessage() . "</response>";
return;
}
// Send E-Mail notifications to receivers
try {
UserRequests::sendEmailRequestNotifications($user, $app, $msg, "releasemanager");
} catch (Exception $e) {
error_log("EMAIL ERROR:Could not send email notification about user request to join software.Details:" . $e->getMessage());
}
//respond OK
echo "<response>ok</response>";
}
