/** * Processes an edit site request from a web request * return null * @param \User $user current user */ function submit(\User $user = null) { // TODO use validate service $reason = $_REQUEST['COMMENT']; if (empty($reason)) { throw new Exception('A reason is required'); } if (strlen($reason) > 300) { throw new Exception('Invalid reason - 300 char max'); } try { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; try { $site = \Factory::getSiteService()->getSite($_REQUEST['SITEID']); $certStatus = \Factory::getCertStatusService()->getCertificationStatus($_REQUEST['CERTSTATUSID']); \Factory::getCertStatusService()->editCertificationStatus($site, $certStatus, $user, $reason); } catch (\Exception $e) { show_view('error.php', $e->getMessage()); die; } $params = array('site' => $site); show_view('site/cert_status_edited.php', $params); } catch (Exception $e) { show_view('error.php', $e->getMessage()); die; } }
function show_xml() { try { $xml = Factory::getSiteService()->getGoogleMapXMLString(); } catch (Exception $e) { show_view('error.php', $e->getMessage(), "Error"); } $params['XML'] = $xml; show_view('sitesForGoogleMapXML.php', $params, null, true); }
function site_downtimes() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; $serv = \Factory::getSiteService(); $site = $serv->getSite($_REQUEST['id']); $downtimes = $serv->getDowntimes($_REQUEST['id'], null); $params['site'] = $site; $params['downtimes'] = $downtimes; $title = "{$site} downtimes"; show_view('site/site_downtimes.php', $params, $title); return; }
function view_ngi() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; if (!isset($_GET['id']) || !is_numeric($_GET['id'])) { throw new Exception("An id must be specified"); } $ngiId = $_GET['id']; //get user for case that portal is read only and user is admin, so they can still see edit links $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); $params['UserIsAdmin'] = false; if (!is_null($user)) { $params['UserIsAdmin'] = $user->isAdmin(); } $params['authenticated'] = false; if ($user != null) { $params['authenticated'] = true; } $ngiServ = \Factory::getNgiService(); $siteServ = \Factory::getSiteService(); $ngi = $ngiServ->getNgi($ngiId); // Does current viewer have edit permissions over NGI ? $params['ShowEdit'] = false; if (count($ngiServ->authorizeAction(\Action::EDIT_OBJECT, $ngi, $user)) >= 1) { $params['ShowEdit'] = true; } // Add ngi to params $params['ngi'] = $ngi; // Add all roles over ngi to params $allRoles = $ngi->getRoles(); $roles = array(); foreach ($allRoles as $role) { if ($role->getStatus() == \RoleStatus::GRANTED) { $roles[] = $role; } } $params['roles'] = $roles; // Add ngi's project to params $projects = $ngi->getProjects(); $params['Projects'] = $projects; // Add sites and scopes to params $params['SitesAndScopes'] = array(); foreach ($ngi->getSites() as $site) { $params['SitesAndScopes'][] = array('Site' => $site, 'Scopes' => $siteServ->getScopesWithParentScopeInfo($site)); } // Add RoleActionRecords to params $params['RoleActionRecords'] = \Factory::getRoleService()->getRoleActionRecordsById_Type($ngi->getId(), 'ngi'); show_view('ngi/view_ngi.php', $params, $ngi->getName()); die; }
/** * Draws a form to add a new site property * @param \User $user current user * @return null */ function draw(\User $user = null) { if (is_null($user)) { throw new Exception("Unregistered users can't add a site property."); } $serv = \Factory::getSiteService(); $site = $serv->getSite($_REQUEST['site']); //Check user has permissions to add site property $serv->validatePropertyActions($user, $site); $params = array('site' => $site); show_view("site/add_site_property.php", $params); }
function submit(\SiteProperty $property, \User $user = null, \Site $site) { $params['prop'] = $property; $params['site'] = $site; //remove site property try { $serv = \Factory::getSiteService(); $serv->deleteSiteProperty($site, $user, $property); } catch (\Exception $e) { show_view('error.php', $e->getMessage()); die; } show_view('/site/deleted_site_property.php', $params); }
function submit(\Site $site, \User $user = null) { //Only administrators can delete sites, double check user is an administrator checkUserIsAdmin(); //save name to display later $params['Name'] = $site->getName(); //remove Site try { \Factory::getSiteService()->deleteSite($site, $user); } catch (\Exception $e) { show_view('error.php', $e->getMessage()); die; } show_view('/site/deleted_site.php', $params); }
function getSitesServices() { require_once __DIR__ . '/../utils.php'; require_once __DIR__ . '/../../../web_portal/components/Get_User_Principle.php'; $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); if (!isset($_REQUEST['site_id']) || !is_numeric($_REQUEST['site_id'])) { throw new Exception("A site_id must be specified"); } $site = \Factory::getSiteService()->getSite($_REQUEST['site_id']); $services = $site->getServices(); $params['services'] = $services; show_view("downtime/view_services.php", $params, null, true); }
/** * Draws a form to add a new site * @param \User $user current user * @return null */ function draw(\User $user = null) { if (is_null($user)) { throw new Exception("Unregistered users can't add a new site"); } $siteService = \Factory::getSiteService(); //try { $siteService->addAuthorization($user); //} catch(Exception $e) { show_view('error.php', $e->getMessage()); die(); } if ($user->isAdmin()) { // if user is admin, then get all NGIs $userNGIs = \Factory::getNgiService()->getNGIs(); } else { // otherwise, get only the NGIs the non-admin user has roles over that support add_site $userNGIs = \Factory::getNgiService()->getNGIsBySupportedAction(Action::NGI_ADD_SITE, $user); if (count($userNGIs) == 0) { show_view('error.php', "You do not have permission to add a new site." . " To add a new site you require a managing role over an NGI"); die; } } $countries = $siteService->getCountries(); //$timezones = $siteService->getTimezones(); // Deprecated - don't use the lookup values in the GocDB $timezones = DateTimeZone::listIdentifiers(); $prodStatuses = $siteService->getProdStatuses(); //Remove SC and PPS infrastructures from drop down list. TODO: Delete this block once they no longer exist $SCInfrastructure = $siteService->getProdStatusByName('SC'); $PPSInfrastructure = $siteService->getProdStatusByName('PPS'); $hackprodStatuses = array(); foreach ($prodStatuses as $ps) { if ($ps != $SCInfrastructure and $ps != $PPSInfrastructure) { $hackprodStatuses[] = $ps; } } $prodStatuses = $hackprodStatuses; //delete up to here once pps and sc infrastructures have been removed from database $certStatuses = $siteService->getCertStatuses(); $scopes = \Factory::getScopeService()->getDefaultScopesSelectedArray(); $numberOfScopesRequired = \Factory::getConfigService()->getMinimumScopesRequired('site'); //$dDashNgis = \Factory::getUserService()->getDDashNgis($user); $params = array('ngis' => $userNGIs, 'countries' => $countries, 'timezones' => $timezones, 'prodStatuses' => $prodStatuses, 'certStatuses' => $certStatuses, 'scopes' => $scopes, 'numberOfScopesRequired' => $numberOfScopesRequired); //Check that there is at least one NGI available before allowing an add site. if ($params['ngis'] == null) { show_view('error.php', "GocDB requires one or more NGI's to be able to add a site."); } show_view("site/add_site.php", $params); die; }
/** * Processes an edit site property request from a web request * @param \User $user current user * return null */ function submit(\User $user = null) { try { $newValues = getSpDataFromWeb(); $siteID = $newValues['SITEPROPERTIES']['SITE']; $propID = $newValues['SITEPROPERTIES']['PROP']; if ($newValues['SITEPROPERTIES']['NAME'] == null || $newValues['SITEPROPERTIES']['VALUE'] == null) { show_view('error.php', "A property name and value must be provided."); die; } $property = \Factory::getSiteService()->getProperty($propID); $site = \Factory::getSiteService()->getSite($siteID); $site = \Factory::getSiteService()->editSiteProperty($site, $user, $property, $newValues); $params['siteid'] = $siteID; show_view('site/site_property_updated.php', $params); } catch (Exception $e) { show_view('error.php', $e->getMessage()); die; } }
function showAllSites() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; $exServ = \Factory::getExtensionsService(); // Do we really need to validate the URL parameter values, as the query // to the DB always uses bind variables to protect against injection? require_once __DIR__ . '/../../../../lib/Gocdb_Services/Validate.php'; $validatorService = new \org\gocdb\services\Validate(); $ngi = '%%'; if (!empty($_GET['NGI'])) { $ngi = $_GET['NGI']; if (!$validatorService->validate('ngi', 'NAME', $ngi)) { throw new Exception("Invalid NGI parameter value"); } } $prodStatus = '%%'; if (!empty($_GET['prodStatus'])) { $prodStatus = $_GET['prodStatus']; } //must be done before the if certstatus in the block that sets $certStatus $showClosed = false; if (isset($_GET['showClosed'])) { $showClosed = true; } $certStatus = '%%'; if (!empty($_GET['certStatus'])) { $certStatus = $_GET['certStatus']; //set show closed as true if production status selected is 'closed' - otherwise // there will be no results if ($certStatus == 'Closed') { $showClosed = true; } } // Site extension property key name $siteKeyNames = ""; if (isset($_GET['siteKeyNames'])) { $siteKeyNames = $_GET['siteKeyNames']; } // Site extension property key value $siteKeyValues = ""; if (isset($_GET['selectedSiteKeyValue'])) { $siteKeyValues = $_GET['selectedSiteKeyValue']; } $scope = '%%'; if (!empty($_GET['scope'])) { $scope = $_GET['scope']; } $serv = \Factory::getSiteService(); $params['scopes'] = \Factory::getScopeService()->getScopes(); $params['sites'] = $serv->getSitesBy($ngi, $prodStatus, $certStatus, $scope, $showClosed, null, $siteKeyNames, $siteKeyValues); $params['NGIs'] = $serv->getNGIs(); $params['prodStatuses'] = $serv->getProdStatuses(); //Remove SC and PPS infrastructures from drop down list. TODO: Delete this block once they no longer exist $SCInfrastructure = $serv->getProdStatusByName('SC'); $PPSInfrastructure = $serv->getProdStatusByName('PPS'); $productionStatuses = array(); foreach ($params['prodStatuses'] as $ps) { if ($ps != $SCInfrastructure and $ps != $PPSInfrastructure) { $productionStatuses[] = $ps; } } $params['prodStatuses'] = $productionStatuses; //delete up to here once pps and sc infrastructures have been removed from database /* Doctrine will provide keynames that are the same even when selecting distinct becase the object * is distinct even though the name is not unique. To avoid showing the same name repeatdly in the filter * we will load all the keynames into an array before making it unique */ $keynames = array(); foreach ($exServ->getSiteExtensionsKeyNames() as $extension) { $keynames[] = $extension->getKeyName(); } $keynames = array_unique($keynames); $params['selectedNgi'] = $ngi; $params['certStatuses'] = $serv->getCertStatuses(); $params['selectedProdStatus'] = $prodStatus; $params['selectedCertStatus'] = $certStatus; $params['selectedScope'] = $scope; $params['showClosed'] = $showClosed; $params['siteKeyNames'] = $keynames; $params['selectedSiteKeyNames'] = $siteKeyNames; $params['selectedSiteKeyValue'] = $siteKeyValues; show_view("site/view_all.php", $params, "Sites"); }
function drawSEs() { define("RECORDS_PER_PAGE", 30); require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; $seServ = \Factory::getServiceService(); $exServ = \Factory::getExtensionsService(); $startRecord = 1; if (isset($_REQUEST['record'])) { $startRecord = $_REQUEST['record']; } // Validation, ensure start record >= 1 if ($startRecord < 1) { $startRecord = 1; } $searchTerm = ""; if (!empty($_REQUEST['searchTerm'])) { $searchTerm = $_REQUEST['searchTerm']; } //strip leading and trailing whitespace off search term $searchTerm = strip_tags(trim($searchTerm)); if (1 === preg_match("/[';\"]/", $searchTerm)) { throw new Exception("Invalid char in search term"); } $serviceType = ""; if (isset($_REQUEST['serviceType'])) { $serviceType = $_REQUEST['serviceType']; } $production = ""; if (isset($_REQUEST['production'])) { $production = $_REQUEST['production']; } $monitored = ""; if (isset($_REQUEST['monitored'])) { $monitored = $_REQUEST['monitored']; } $scope = ""; if (isset($_REQUEST['scope'])) { $scope = $_REQUEST['scope']; } $ngi = ""; if (isset($_REQUEST['ngi'])) { $ngi = $_REQUEST['ngi']; } //must be done before the if certstatus in the block that sets $certStatus $showClosed = false; if (isset($_REQUEST['showClosed'])) { $showClosed = true; } $servKeyNames = ""; if (isset($_REQUEST['servKeyNames'])) { $servKeyNames = $_REQUEST['servKeyNames']; } $servKeyValues = ""; if (isset($_REQUEST['selectedServKeyValue'])) { $servKeyValues = $_REQUEST['selectedServKeyValue']; } $certStatus = ""; if (!empty($_REQUEST['certificationStatus'])) { $certStatus = $_REQUEST['certificationStatus']; //set show closed as true if production status selected is 'closed' - otherwise // there will be no results if ($certStatus == 'Closed') { $showClosed = true; } } $thisPage = 'index.php?Page_Type=Services'; if ($serviceType != "") { $thisPage .= '&serviceType=' . $serviceType; } if ($searchTerm != "") { $thisPage .= '&searchTerm=' . $searchTerm; } if ($production != "") { $thisPage .= '&production=' . $production; } if ($monitored != "") { $thisPage .= '&monitored=' . $monitored; } if ($scope != "") { $thisPage .= '&scope=' . $scope; } if ($ngi != "") { $thisPage .= '&ngi=' . $ngi; } if ($certStatus != "") { $thisPage .= '&certStatus=' . $certStatus; } if ($showClosed != "") { $thisPage .= '&showClosed=' . $showClosed; } if ($servKeyNames != "") { $thisPage .= '&servKeyNames=' . $servKeyNames; } if ($servKeyValues != "") { $thisPage .= '&servKeyValues=' . $servKeyValues; } if ($searchTerm != null || $searchTerm != "") { if (substr($searchTerm, 0, 1) != '%') { $searchTerm = '%' . $searchTerm; } if (substr($searchTerm, -1) != '%') { $searchTerm = $searchTerm . '%'; } } $numResults = $seServ->getSesCount($searchTerm, $serviceType, $production, $monitored, $scope, $ngi, $certStatus, $showClosed, $servKeyNames, $servKeyValues, null, null, false); $firstLink = $thisPage . "&record=1"; // Set the "previous" link if ($startRecord > RECORDS_PER_PAGE) { // Not showing the first page of results so enable the previous link $previousLink = $thisPage . "&record=" . ($startRecord - RECORDS_PER_PAGE); } else { // First page of results, disable previous button $previousLink = $thisPage . "&record=" . 0; } // Set the "Next" link // not the last page of results, normal next link if ($numResults - $startRecord > RECORDS_PER_PAGE) { $nextLink = $thisPage . "&record=" . ($startRecord + RECORDS_PER_PAGE); } else { // last page of results, disable next link $nextLink = $thisPage . '&record=' . ($numResults - RECORDS_PER_PAGE + 1); } $lastLink = $thisPage . "&record=" . ($numResults + 1 - RECORDS_PER_PAGE); // $startRecord + RECORDS_PER_PAGE "-1" because record 1 in the web portal == record 0 from DB $ses = $seServ->getSes($searchTerm, $serviceType, $production, $monitored, $scope, $ngi, $certStatus, $showClosed, $servKeyNames, $servKeyValues, $startRecord - 1, RECORDS_PER_PAGE, false); $endRecord = $startRecord + RECORDS_PER_PAGE - 1; /* Due to differences in counting, startRecord is still set to 1 * even if there are zero results. If this is the case it's * zero here to display accurately in the portal. */ if (count($ses) == 0) { $startRecord = 0; } /* Doctrine will provide keynames that are the same even when selecting distinct becase the object * is distinct even though the name is not unique. To avoid showing the same name repeatdly in the filter * we will load all the keynames into an array before making it unique */ $keynames = array(); foreach ($exServ->getServiceExtensionsKeyNames() as $extension) { $keynames[] = $extension->getKeyName(); } $keynames = array_unique($keynames); $serv = \Factory::getSiteService(); $params['scopes'] = \Factory::getScopeService()->getScopes(); $params['serviceTypes'] = $seServ->getServiceTypes(); $params['servKeyNames'] = $keynames; $params['selectedServiceType'] = $serviceType; $params['searchTerm'] = $searchTerm; $params['services'] = $ses; $params['totalServices'] = $numResults; $params['startRecord'] = $startRecord; $params['endRecord'] = $endRecord; $params['firstLink'] = $firstLink; $params['previousLink'] = $previousLink; $params['nextLink'] = $nextLink; $params['lastLink'] = $lastLink; $params['ngis'] = \Factory::getNgiService()->getNGIs(); $params['certStatuses'] = $serv->getCertStatuses(); $params['showClosed'] = $showClosed; $params['selectedProduction'] = $production; $params['selectedMonitored'] = $monitored; $params['selectedScope'] = $scope; $params['selectedNgi'] = $ngi; $params['selectedClosed'] = $showClosed; $params['selectedCertStatus'] = $certStatus; $params['selectedServKeyNames'] = $servKeyNames; $params['selectedServKeyValue'] = $servKeyValues; show_view("service/view_all.php", $params, "Services"); }
/** * Processes an edit site request from a web request * @param \User $user current user * return null */ function submit(\User $user = null) { try { $newValues = getSiteDataFromWeb(); $siteId = \Factory::getSiteService()->getSite($newValues['ID']); $site = \Factory::getSiteService()->editSite($siteId, $newValues, $user); $params = array('site' => $site); show_view('site/site_updated.php', $params); } catch (Exception $e) { show_view('error.php', $e->getMessage()); die; } }
function view_requests() { require_once __DIR__ . '/../../../../lib/Gocdb_Services/Factory.php'; require_once __DIR__ . '/../../components/Get_User_Principle.php'; require_once __DIR__ . '/../utils.php'; $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); if ($user == null) { throw new Exception("Unregistered users can't view/request roles"); } // Entites is a two-dimensional array that lists both the id and name of // OwnedEntities that a user can reqeust a role over (Projects, NGIs, Sites, // ServiceGroups). If an inner dimesional array does not contain an Object_ID // array key, then it is used as a section title in a pull-down list. $entities = array(); $entities[] = array('Name' => 'Projects'); $allProjects = \Factory::getProjectService()->getProjects(); foreach ($allProjects as $proj) { $entities[] = array('Object_ID' => $proj->getId(), 'Name' => $proj->getName()); } $entities[] = array('Name' => 'NGIs'); $allNGIs = \Factory::getNgiService()->getNGIs(); foreach ($allNGIs as $ngi) { $entities[] = array('Object_ID' => $ngi->getId(), 'Name' => $ngi->getName()); } $entities[] = array('Name' => 'Sites'); $allSites = \Factory::getSiteService()->getSitesBy(); foreach ($allSites as $site) { $entities[] = array('Object_ID' => $site->getId(), 'Name' => $site->getShortName()); } $entities[] = array('Name' => 'ServiceGroups'); $allSGs = \Factory::getServiceGroupService()->getServiceGroups(); foreach ($allSGs as $sg) { $entities[] = array('Object_ID' => $sg->getId(), 'Name' => $sg->getName()); } // Current user's own pending roles $myPendingRoleRequests = \Factory::getRoleService()->getUserRoles($user, \RoleStatus::PENDING); // foreach role, lookup corresponding RoleActionRecord (if any) and populate // the role.decoratorObject with the roleActionRecord for subsequent display // foreach($myPendingRoleRequests as $role){ // $rar = \Factory::getRoleService()->getRoleActionRecordByRoleId($role->getId()); // $role->setDecoratorObject($rar); // } // Other roles current user can approve $otherRolesUserCanApprove = \Factory::getRoleService()->getPendingRolesUserCanApprove($user); // can the calling user grant or reject each role? foreach ($otherRolesUserCanApprove as $r) { $grantRejectRoleNamesArray = array(); $grantRejectRoleNamesArray['grant'] = ''; $grantRejectRoleNamesArray['deny'] = ''; // get list of roles that allows user to to grant the role request $grantRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::GRANT_ROLE, $r->getOwnedEntity(), $user); if (count($grantRoleAuthorisingRoleNames) >= 1) { $allAuthorisingRoleNames = ''; foreach ($grantRoleAuthorisingRoleNames as $arName) { $allAuthorisingRoleNames .= $arName . ', '; } $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2); $grantRejectRoleNamesArray['grant'] = '[' . $allAuthorisingRoleNames . ']'; } // get list of roles that allows user to reject the role request $denyRoleAuthorisingRoleNames = \Factory::getRoleService()->authorizeAction(\Action::REJECT_ROLE, $r->getOwnedEntity(), $user); if (count($denyRoleAuthorisingRoleNames) >= 1) { $allAuthorisingRoleNames = ''; foreach ($denyRoleAuthorisingRoleNames as $arName) { $allAuthorisingRoleNames .= $arName . ', '; } $allAuthorisingRoleNames = substr($allAuthorisingRoleNames, 0, strlen($allAuthorisingRoleNames) - 2); $grantRejectRoleNamesArray['deny'] = '[' . $allAuthorisingRoleNames . ']'; } // store array of role names in decorator object $r->setDecoratorObject($grantRejectRoleNamesArray); } $params = array(); $params['entities'] = $entities; $params['myRequests'] = $myPendingRoleRequests; $params['allRequests'] = $otherRolesUserCanApprove; $params['portalIsReadOnly'] = portalIsReadOnlyAndUserIsNotAdmin($user); show_view("political_role/view_requests.php", $params, "Role Requests"); die; }
/** * This class will take an entity of either site, service group, NGI or Project. * It will then get the roles from the entity * and then get the users for each of those roles. Then using the authorizeAction function for the correct entity type it will * ascertain if a given user has the permission to grant a role. If they do there email address is added to an array. This array * of email addresses will then be sent a notification that they have a pending role request they can approve. * * If a site or NGI has no users with roles attached to it due to being newly created then this method will get the parent NGI and * send an email to those users to approve. It does this by passing the parent entity back into this method recursively. * * * @param Site/ServiceGroup/NGI/Project $entity */ public function roleRequest($entity) { $project = null; $emails = null; $projectIds = null; // Get the roles from the entity foreach ($entity->getRoles() as $role) { $roles[] = $role; } // Now for each role get the user foreach ($roles as $role) { // Call the correct authorize action service for the type of entity if ($entity instanceof \Site) { $enablingRoles = \Factory::getSiteService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser()); // If the site has no site adminstrators to approve the role request then send an email to the parent NGI users to approve the request if ($roles == null) { $this->roleRequest($entity->getNgi()); // Recursivly call this function to send email to the NGI users } } else { if ($entity instanceof \ServiceGroup) { $enablingRoles = \Factory::getServiceGroupService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser()); } else { if ($entity instanceof \Project) { $enablingRoles = \Factory::getProjectService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser()); } else { if ($entity instanceof \NGI) { $enablingRoles = \Factory::getNgiService()->authorizeAction(\Action::GRANT_ROLE, $entity, $role->getUser()); $projects = $entity->getProjects(); // set project with the NGI's parent project and later recurse with this // Only send emails to Project users if there are no users with grant_roles over the NGI if ($roles == null) { // Get the ID's of each project so we can remove duplicates foreach ($projects as $project) { $projectIds[] = $project->getId(); } $projectIds = array_unique($projectIds); } } } } } // remove admin from enabling roles $position = array_search('GOCDB_ADMIN', $enablingRoles); if ($position != null) { unset($enablingRoles[$position]); } // Get the users email and add it to the array if they have an enabling role if (count($enablingRoles) > 0) { $emails[] = $role->getUser()->getEmail(); } } /* * No users are able to grant the role or there are no users over this entity. In this case we will email the parent entity for approval */ if ($emails == null || count($emails) == 0) { if ($entity instanceof \Site) { $this->roleRequest($entity->getNgi()); // Recursivly call this function to send email to the NGI users } else { if ($entity instanceof \NGI) { /* * It is important to remove duplicate projects here otherwise we will spam the same addresses as we recursively call this method. */ $projects = $entity->getProjects(); // set project with the NGI's parent project and later recurse with this $projectIds = array(); // Get the ID's of each project so we can remove duplicates foreach ($projects as $project) { $projectIds[] = $project->getId(); } $projectIds = array_unique($projectIds); } } } else { // If the entity has valid users who can approve the role then send the email notification. // Remove duplicate emails from array $emails = array_unique($emails); // Get the PortalURL to create an accurate link to the role approval view $localInfoLocation = __DIR__ . "/../../config/local_info.xml"; $localInfoXML = simplexml_load_file($localInfoLocation); $webPortalURL = $localInfoXML->local_info->web_portal_url; // Email content $headers = "From: no-reply@goc.egi.eu"; $subject = "GocDB: A Role request requires attention"; $body = "Dear GOCDB User,\n\n" . "A user has requested a role that requires attention.\n\n" . "You can approve or deny this request here:\n\n" . $webPortalURL . "/index.php?Page_Type=Role_Requests\n\n" . "Note: This role may already have been approved or denied by another GocDB User"; $sendMail = TRUE; // Send email to all users who can approve this role request if ($emails != null) { foreach ($emails as $email) { if ($sendMail) { mail($email, $subject, $body, $headers); } else { echo "Email: " . $email . "<br>"; echo "Subject: " . $subject . "<br>"; echo "Body: " . $body . "<br>"; } } } } /** * For each project ID get the entity and run this function again for each entity so * that for each NGI the email notification is sent to all users who hold roles over the parent * NGI(s). */ if ($projectIds != null) { foreach ($projectIds as $pid) { $project = \Factory::getOwnedEntityService()->getOwnedEntityById($pid); if (sendMail) { $this->roleRequest($project); } else { echo $project->getName() . "<br>"; } } } }
/** * Draw the add service form * @param \User $user current user * @return null */ function draw($user) { if (is_null($user)) { throw new Exception("Unregistered users can't add a service ."); } /* Optional site parameter is set if a user clicked * "add SE to this site" on the view site page */ $site = null; if (isset($_REQUEST['siteId'])) { $site = \Factory::getSiteService()->getSite($_REQUEST['siteId']); if ($site == null) { throw new Exception('Invalid site'); } if (count(\Factory::getSiteService()->authorizeAction(\Action::SITE_ADD_SERVICE, $site, $user)) == 0) { throw new Exception('You do not have permission to add a service to this site'); } } // Add sites which user has required action permission to array. $allUserSites = \Factory::getUserService()->getSitesFromRoles($user); $sites = array(); foreach ($allUserSites as $s) { if (count(\Factory::getSiteService()->authorizeAction(\Action::SITE_ADD_SERVICE, $s, $user)) != 0) { $sites[] = $s; } } //For admin users, return all sites instead. if ($user->isAdmin()) { $sites = \Factory::getSiteService()->getSitesBy(); } if (count($sites) == 0 and !$user->isAdmin()) { throw new Exception("You need at least one NGI or Site level role to add a new service."); } $serviceTypes = \Factory::getServiceService()->getServiceTypes(); //If a site has been specified get scopes wit that sites scopes selected, otherwise get the default if (!is_null($serviceTypes) && $site instanceof \Site) { $scopes = \Factory::getScopeService()->getScopesSelectedArray($site->getScopes()); } else { $scopes = \Factory::getScopeService()->getDefaultScopesSelectedArray(); } //get the number of scopes that we require $numberScopesRequired = \Factory::getConfigService()->getMinimumScopesRequired('service'); // remove the deprecated CE type (temp hack) foreach ($serviceTypes as $key => $st) { if ($st->getName() == "CE") { unset($serviceTypes[$key]); } } $params = array('sites' => $sites, 'serviceTypes' => $serviceTypes, 'scopes' => $scopes, 'site' => $site, 'numberOfScopesRequired' => $numberScopesRequired); //Check that there is at least one Site available before allowing a user to add a service. if ($params['sites'] == null) { show_view('error.php', "GocDB requires one or more Sites to be able to add a service."); } show_view("service/add_service.php", $params); }
/** * Draws a form to add a new downtime * @param \User $user current user * @return null */ function draw(\User $user = null) { if (is_null($user)) { throw new Exception("Unregistered users can't add a downtime."); } $nowUtcDateTime = new \DateTime(null, new \DateTimeZone("UTC")); //$twoDaysAgoUtcDateTime = $nowUtcDateTime->sub(\DateInterval::createFromDateString('2 days')); //$twoDaysAgoUtc = $twoDaysAgoUtcDateTime->format('d/m/Y H:i'); //e.g. 02/10/2013 13:20 // URL mapping // Return the specified site's timezone label and the offset from now in UTC // Used in ajax requests for display purposes if (isset($_GET['siteid_timezone']) && is_numeric($_GET['siteid_timezone'])) { $site = \Factory::getSiteService()->getSite($_GET['siteid_timezone']); if ($site != null) { $siteTzId = $site->getTimeZoneId(); if (!empty($siteTzId)) { $nowInTargetTz = new \DateTime(null, new \DateTimeZone($siteTzId)); $offsetInSecsFromUtc = $nowInTargetTz->getOffset(); } else { $siteTzId = 'UTC'; $offsetInSecsFromUtc = 0; // assume 0 (no offset from UTC) } $timezoneId_Offset = array($siteTzId, $offsetInSecsFromUtc); die(json_encode($timezoneId_Offset)); } die(json_encode(array('UTC', 0))); } else { if (isset($_GET['site'])) { $site = \Factory::getSiteService()->getSite($_GET['site']); //old way: \Factory::getSiteService()->edit Authorization($site, $user); if (count(\Factory::getSiteService()->authorizeAction(\Action::EDIT_OBJECT, $site, $user)) == 0) { throw new \Exception("You don't have permission over {$site}"); } $ses = $site->getServices(); $params = array('ses' => $ses, 'nowUtc' => $nowUtcDateTime->format('H:i T'), 'selectAll' => true); show_view("downtime/add_downtime.php", $params); die; } else { if (isset($_GET['se'])) { $se = \Factory::getServiceService()->getService($_GET['se']); $site = \Factory::getSiteService()->getSite($se->getParentSite()->getId()); if (count(\Factory::getServiceService()->authorizeAction(\Action::EDIT_OBJECT, $se, $user)) == 0) { throw new \Exception("You do not have permission over {$se}."); } //$ses = array($se); $ses = $site->getServices(); $params = array('ses' => $ses, 'nowUtc' => $nowUtcDateTime->format('H:i T'), 'selectAll' => true); show_view("downtime/add_downtime.php", $params); die; } else { $ses = array(); if ($user->isAdmin()) { //If a user is an admin, return all SEs instead $ses = \Factory::getServiceService()->getAllSesJoinParentSites(); } else { //$allSites = \Factory::getUserService()->getSitesFromRoles($user); // Get all ses where the user has a GRANTED role over one of its // parent OwnedObjects (includes Site and NGI but not currently Project) $sesAll = \Factory::getRoleService()->getReachableServicesFromOwnedObjectRoles($user); // drop the ses where the user does not have edit permissions over foreach ($sesAll as $se) { if (count(\Factory::getServiceService()->authorizeAction(\Action::EDIT_OBJECT, $se, $user)) > 0) { $ses[] = $se; } } } if (empty($ses)) { throw new Exception("You don't hold a role over a NGI " . "or site with child services."); } $params = array('ses' => $ses, 'nowUtc' => $nowUtcDateTime->format('H:i T')); show_view("downtime/add_downtime.php", $params); die; } } } }
/** * Moves the service to the new site and then display the success view * @param type $movementDetails array containing the SEP and the site it is to be moved to * @return null */ function submitMoveSEP($movementDetails) { //Check that some services have been specified if (!array_key_exists('Services', $movementDetails)) { throw new Exception('Please select one or more Services to move.'); } //Get submitted data $newSite_id = $movementDetails['NewSite']; $service_ids = $movementDetails['Services']; //Convert Site id into Site object $newSite = \Factory::getSiteService()->getSite($newSite_id); //Get the users details $dn = Get_User_Principle(); $user = \Factory::getUserService()->getUserByPrinciple($dn); $serv = \Factory::getServiceService(); //create an array for the SEPs we can use to display the results // of the site move to the user $services = new ArrayCollection(); //If services have been subitted, move them. Else throw exception // try { foreach ($service_ids as $service_id) { $serviceInstance = $serv->getService($service_id); $serv->moveService($serviceInstance, $newSite, $user); $services[] = $serviceInstance; } } catch (\Exception $e) { show_view('error.php', $e->getMessage()); die; } //show success view $params['NewSite'] = $newSite; $params['Services'] = $services; show_view("admin/moved_service_end_point.php", $params); }