/** * SSO login action. */ public function ssoAction() { /* Authenticate. */ $saharaAuth = new Sahara_Auth(); /* We may need to pass auth token through. */ $params = array(); if ($this->_getParam('pkey')) { $params['pkey'] = $this->_getParam('pkey'); } if (!$saharaAuth->signon($params)) { $this->_flashMessenger->addMessage('Failed single sign on.'); $this->_redirectTo('index', 'index'); } /* Setup session. */ $saharaAuth->setupSession(); /* Validate and store account. */ $user = Sahara_Soap::getSchedServerPermissionsClient()->getUser(array('userQName' => $this->_config->institution . ':' . $saharaAuth->getUsername())); /* Store the authentication information if the user is authenticated. */ if ($user->persona != Sahara_Acl::UNAUTH) { $storage = $this->_auth->getStorage(); $storage->clear(); $storage->write($user->userQName); } if ($this->_getParam('pkey')) { /* Authorisation key has been specified, so redeem it. */ $ac = new Sahara_AccessKey(); $res = $ac->keyActivate(urldecode($this->_getParam('pkey'))); if (!$res['success']) { $this->_flashMessenger->addMessage('Failed permission redemption: ' . $res['error']); } } /* Redirect to an appropriate page. */ switch ($user->persona) { case Sahara_Acl::USER: $this->_redirectTo('index', 'queue'); break; case Sahara_Acl::RESEARCH: $this->_redirectTo('index', 'research'); break; case Sahara_Acl::ACADEMIC: $this->_redirectTo('index', 'queue'); break; case Sahara_Acl::ADMIN: $this->_redirectTo('index', 'queue'); break; default: $this->_flashMessenger->addMessage("Unknown user '" . $saharaAuth->getUsername() . "'."); $this->_redirectTo('index', 'index'); break; } }
/** * Loads the users role and the appropriate permissions for that role. */ public function loadPermissions() { $this->_userRole = self::UNAUTH; if ($this->_user != null) { /* Attempt to find the user's 'persona' which defines their role. */ $user = Sahara_Soap::getSchedServerPermissionsClient()->getUser(array('userQName' => $this->_user)); $this->_userRole = $user->persona; } else { $this->_userRole = self::UNAUTH; } /* Add role hierarchy. */ $this->addRole(new Zend_Acl_Role(self::UNAUTH)); $this->addRole(new Zend_Acl_Role(self::DEMO), self::UNAUTH); $this->addRole(new Zend_Acl_Role(self::USER), self::DEMO); $this->addRole(new Zend_Acl_Role(self::RESEARCH), self::USER); $this->addRole(new Zend_Acl_Role(self::ACADEMIC), self::RESEARCH); $this->addRole(new Zend_Acl_Role(self::ADMIN), self::ACADEMIC); /* Loads the permissions in a stack with each higher privilege role * inheriting the preceding roles privileges. */ switch ($this->_userRole) { case self::ADMIN: $this->_loadAclAssoc(self::ADMIN, $this->_adminPages); /* Falls through. */ /* Falls through. */ case self::ACADEMIC: $this->_loadAclAssoc(self::ACADEMIC, $this->_academicPages); /* Falls through. */ /* Falls through. */ case self::RESEARCH: $this->_loadAclAssoc(self::RESEARCH, $this->_researchPages); /* Falls through. */ /* Falls through. */ case self::USER: $this->_loadAclAssoc(self::USER, $this->_userPages); /* Falls through. */ /* Falls through. */ case self::DEMO: $this->_loadAclAssoc(self::DEMO, $this->_demoPages); /* Falls through. */ /* Falls through. */ case self::UNAUTH: $this->_loadAclAssoc(self::UNAUTH, $this->_unAuthPages); } }
/** * View to make a booking. */ public function indexAction() { $this->view->headTitle($this->_headPrefix . 'Create Reservations'); if (($pid = $this->_getParam('pid', 0)) == 0) { /* No permission identifier supplied, so back to the queue page. */ $this->_flashMessenger->addMessage('No permission identifier supplied.'); $this->_redirectTo('index', 'queue'); } $permissions = Sahara_Soap::getSchedServerPermissionsClient()->getPermissionsForUser(array('userQName' => $this->_auth->getIdentity())); $permissions = $permissions->permission; if (is_array($permissions)) { /* Multiple permissions. */ foreach ($permissions as $p) { if ($p->permission->permissionID == $pid) { $perm = $p->permission; } } } else { if ($permissions != NULL) { /* Just the one. */ if ($permissions->permission->permissionID == $pid) { $perm = $permissions->permission; } } } /* Make sure the user has the permission. */ if (!isset($perm)) { $this->_logger->warn("Can't book because user " . $this->_auth->getIdentity() . " doesn't have permission " + "with identifier '{$pid}'."); $this->_flashMessenger->addMessage("Doesn't have permissions with identifier '{$pid}'."); $this->_redirectTo('index', 'queue'); } /* Pre-conditions to display a booking page. This should all be handled * by the queue page (i.e. the user should not be allowed to get here, * so give them a forcible redirect. */ if (!$perm->canBook) { $this->_logger->warn("Can't book because permission with identifier '{$pid}' does not allow bookings."); $this->_flashMessenger->addMessage("Permission with identifier '{$pid}' does not allow bookings."); $this->_redirectTo('index', 'queue'); } else { if (Sahara_DateTimeUtil::isBeforeNow($perm->expiry)) { $this->_logger->warn("Can't book because permission with identifier '{$pid}' is expired."); $this->_flashMessenger->addMessage("Permission with identifier '{$pid}' is expired."); $this->_redirectTo('index', 'queue'); } } $this->view->permission = $perm; $this->view->name = $perm->displayName; if (!$this->view->name) { $this->view->name = $perm->resource->resourceName; } /* The start time is which ever of the time horizion or permission start * that comes first. */ $horizon = new DateTime(); if ($perm->timeHorizon > 0) { $horizon->add(new DateInterval('PT' . $perm->timeHorizon . 'S')); } $start = new DateTime($perm->start); if ($start->getTimestamp() < $horizon->getTimestamp()) { $start = $horizon; } $this->view->currentDay = $start->format(self::DATE_FORMAT); $end = new DateTime($perm->expiry); if ($start->getTimestamp() > $end->getTimestamp()) { /* The horizon has moved passed the end of the permission, so no * bookings are allowed. */ $this->view->currentDay = $end->format(self::DATE_FORMAT); $this->view->horizonPassed = true; } $this->view->endDay = $end->format(self::DATE_FORMAT); /* More pre-conditions to display a booking page. However, these aren't * handled by the queue page, so give a *helpful* warning. */ $bookingsResponse = Sahara_Soap::getSchedServerBookingsClient()->getBookings(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'showCancelled' => false, 'showFinished' => false)); $bookings = $bookingsResponse->bookings; /* Make sure the user has not exceeded the number of permission allowed * bookings. Also we want to annotate the interface with existing bookings * so the user may not make concurrent bookings. */ $this->view->userBookings = array(); $numBookings = 0; if (is_array($bookings)) { foreach ($bookings as $b) { if ($b->permissionID->permissionID == $pid) { $numBookings++; } if (strpos($b->startTime, $this->view->currentDay) === 0) { $ss = Sahara_DateTimeUtil::getSlotTimeFromISO8601($b->startTime) - 1; $es = Sahara_DateTimeUtil::getSlotTimeFromISO8601($b->endTime); while (++$ss < $es) { array_push($this->view->userBookings, $ss); } } } } else { if ($bookings != NULL) { if ($bookings->permissionID->permissionID == $pid) { $numBookings++; } if (strpos($bookings->startTime, $this->view->currentDay) === 0) { $ss = Sahara_DateTimeUtil::getSlotTimeFromISO8601($bookings->startTime) - 1; $es = Sahara_DateTimeUtil::getSlotTimeFromISO8601($bookings->endTime); while (++$ss < $es) { array_push($this->view->userBookings, $ss); } } } } $this->view->numBookings = $numBookings; /* Timezone information. */ // TODO Cache timezone results $this->view->tz = Sahara_Soap::getSchedServerBookingsClient()->getTimezoneProfiles(); $tzOff = ($this->view->tz->offsetFromUTC >= 0 ? '+' : '-') . Sahara_DateTimeUtil::zeroPad(floor(abs($this->view->tz->offsetFromUTC) / 3600)) . ':' . Sahara_DateTimeUtil::zeroPad(floor(abs($this->view->tz->offsetFromUTC) % 3600 / 60)); $freeTimes = Sahara_Soap::getSchedServerBookingsClient()->findFreeBookings(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'permissionID' => array('permissionID' => $perm->permissionID), 'period' => array('startTime' => $this->view->currentDay . 'T00:00:00' . $tzOff, 'endTime' => $this->view->currentDay . 'T23:59:59' . $tzOff))); $freeTimes = $freeTimes->bookingSlot; $this->view->slots = array(); $this->view->numSlots = 24 * 60 * 60 / self::SLOT_DURATION; $this->view->midSlot = $this->view->numSlots / 2; if (is_array($freeTimes)) { foreach ($freeTimes as $t) { $this->view->slots[Sahara_DateTimeUtil::getSlotTimeFromISO8601($t->slot->startTime)] = $t->state; } } else { if ($freeTimes != NULL) { $this->view->slots[Sahara_DateTimeUtil::getSlotTimeFromISO8601($freeTimes->slot->startTime)] = $freeTimes->state; } else { /* For some reason the resource free times response didn't actually * provide any times. We will assume we are in a no-permission * range. */ $this->view->slots[0] = 'NOPERMISSION'; } } /* Presentation configuration. */ $this->view->showTzButton = $this->_config->bookings->addTzButton; $this->view->dateFormat = $this->_config->bookings->dateFormat; }
/** * Action that unlocks a permission. */ public function unlockAction() { /* Disable view renderer and layout. */ $this->_helper->viewRenderer->setNoRender(); $this->_helper->layout()->disableLayout(); $params = $this->_request->getParams(); $client = Sahara_Soap::getSchedServerPermissionsClient(); $response = $client->unlockUserLock(array('userID' => array('userQName' => $this->_auth->getIdentity()), 'permissionID' => array('permissionID' => $params['permission']), 'lockKey' => $params['passkey'])); echo $this->view->json(array('successful' => $response->successful)); }