public function setup()
 {
     $entry = $this->_ldap->search('uid=' . $this->_authType->getUsername())->getFirst();
     if (!$entry) {
         throw new Exception('LDAP entry with uid=' . $this->_authType->getUsername() . ' not found.');
     }
     if (isset($entry['l'])) {
         /* Having the l attribute can mean a user is in session. */
         $qname = Zend_Registry::get('config')->institution . ':' . $this->_authType->getUsername();
         $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $qname));
         /* If in session, don't play around with Samba passwords, they are probably
          * already set with batch login passwords. */
         if ($session->inSession) {
             return;
         }
         /* Having 'l' and not in session means something f'ed up, so delete it. */
         $this->_logger->warn('Account with DN ' . $entry['dn'] . " has 'l' attribute and is not in session. " . 'This attribute will be deleted.');
         $entry['l'] = '';
     }
     $lmHash = $this->_smbHash->lmhash($this->_authType->getPassword());
     $ntHash = $this->_smbHash->nthash($this->_authType->getPassword());
     if ($lmHash == $entry['sambalmpassword'] && $ntHash == $entry['sambantpassword']) {
         return;
     }
     $entry['sambalmpassword'] = $lmHash;
     $entry['sambantpassword'] = $ntHash;
     $this->_ldap->save($entry['dn'], $entry);
     $this->_logger->debug("Restored password of user with DN " . $entry['dn']);
 }
예제 #2
0
 /**
  * Receives a support request.
  */
 public function supportAction()
 {
     /* Disable view renderer and layout. */
     $this->_helper->viewRenderer->setNoRender();
     $this->_helper->layout()->disableLayout();
     $params = $this->_request->getParams();
     /* Try to detect bots auto-submitting the form. Two methods are currently
      * employed, making sure the user agent starts with 'Mozilla' & making sure
      * the honeypot field is not set. */
     if (isset($params['botsfu']) && $params['botsfu'] != '' || (!isset($params['useragent']) || $params['useragent'] == '' || strpos(trim($params['useragent']), 'Mozilla/') !== 0)) {
         $this->_logger->warn('Rejecting support message from IP: ' . $this->_getRemoteIP() . ', name: ' . $params['name'] . ', email: ' . $params['email']);
         echo $this->view->json(array('success' => 'false'));
         return;
     }
     /* Make sure the fields are populated. */
     if (!(isset($params['name']) && isset($params['email']) && isset($params['type']) && isset($params['purpose']) && isset($params['feedback']))) {
         echo $this->view->json(array('success' => 'false'));
         return;
     }
     $this->_logger->info('Received feedback email from ' . $params['name'] . ' (' . $params['email'] . '). ' . 'Feedback type: ' . $params['type'] . '. Purpose of user: '******'purpose'] . '. Feedback: ' . $params['feedback'] . '.');
     $mail = new Sahara_Mail();
     $mail->setFrom($params['email'], $params['name']);
     $mail->setSubject('Sahara feedback from ' . $params['name']);
     /* Feedback email body. */
     $body = "#################################################################\n";
     $body .= "## Sahara Feedback Received\n";
     $body .= "#################################################################\n\n";
     $body .= "Time: " . date('r') . "\n\n";
     if ($cred = $this->_auth->getIdentity()) {
         $body .= "## Session Details\n";
         $body .= "Credential: {$cred}\n";
         try {
             $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $this->_auth->getIdentity()));
             $body .= "In Queue: " . ($session->inQueue ? 'true' : 'false') . "\n";
             $body .= "In Session: " . ($session->inSession ? 'true' : 'false') . "\n";
             if ($session->inQueue) {
                 $body .= "Queued resource ID: " . $session->queuedResouce->resourceID . "\n";
                 $body .= "Queued resource name: " . $session->queuedResouce->resourceName . "\n";
                 $body .= "Queued resource type: " . $session->queuedResouce->type . "\n";
             }
             if ($session->inSession) {
                 $body .= "Session resource ID: " . $session->assignedResource->resourceID . "\n";
                 $body .= "Session resource name: " . $session->assignedResource->resourceName . "\n";
                 $body .= "Session resource type: " . $session->assignedResource->type . "\n";
             }
         } catch (Exception $ex) {
             $body .= "Exception when attempting to determine session status with message '" . $ex->getMessage() . "'.\n";
         }
         $body .= "\n";
     }
     $body .= "## Feedback Details\n";
     $body .= "From: " . $params['name'] . " <" . $params['email'] . ">\n";
     $body .= "Type: " . $params['type'] . "\n";
     $body .= "Purpose: " . $params['purpose'] . "\n\n";
     $body .= "Feedback:\n ";
     $body .= $params['feedback'] . "\n\n";
     $body .= "## Diagnostics:\n";
     $body .= "IP: " . $this->_getRemoteIP() . "\n";
     $body .= "User Agent: " . urldecode($params['useragent']) . "\n";
     $body .= "Java enabled: " . $params['javaenabled'] . "\n";
     $body .= "UTC Offset: " . $params['utcoffset'] . "\n";
     if (array_key_exists('navplugins', $params)) {
         $body .= "Plugins:\n";
         $plugins = explode(';', urldecode($params['navplugins']));
         foreach ($plugins as $p) {
             if (strpos($p, '=') === false) {
                 continue;
             }
             list($name, $ver) = explode('=', $p, 2);
             $body .= "  * {$name} => {$ver}\n";
         }
     }
     $body .= "\n#################################################################\n";
     $mail->setBody($body);
     $addresses = $this->_config->feedback->address;
     if ($addresses instanceof Zend_Config) {
         foreach ($addresses as $addr) {
             $mail->addTo($addr);
         }
     } else {
         $mail->addTo($addresses);
     }
     try {
         $mail->send();
     } catch (Exception $ex) {
         $this->_logger->error('Failed to send feedback email. Error message: ' . $ex->getMessage() . ". Message body: {$body}");
     }
     /* Tells validation engine that submission succeeded. */
     echo $this->view->json(array('success' => 'true'));
 }
예제 #3
0
 /**
  * Loads up permissions and authorisation. If the user is authorized to view
  * the current page they are redirected to the login page.
  */
 public function preDispatch()
 {
     $this->_acl->loadPermissions();
     $controller = $this->getRequest()->getControllerName();
     $action = $this->getRequest()->getActionName();
     /* Check if the user has permission for the requested resource. */
     if (!$this->_acl->hasPermission($controller, $action)) {
         $this->_flashMessenger->addMessage("Your session has timed out.");
         $this->_redirectTo('index', 'index');
     }
     /* Set up some information for the navigation menu. */
     $this->view->userRole = $this->_acl->getUserRole();
     $this->view->controller = $controller;
     $this->view->action = $action;
     $page = $controller . $action;
     /* Check if the user has a pending request and should be in the queue
      * or on a experiment page. */
     if ($this->_acl->getUserRole() != Sahara_Acl::UNAUTH) {
         $status = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => $this->_auth->getIdentity()));
         /* Force a user to be specific places depending on where they are in session. */
         if ($status->inQueue && $page != 'queuequeuing' && !in_array($page, $this->_noRedirectPages)) {
             /* User in queue but not on queueing page. */
             $this->_redirectTo('queuing', 'queue');
         } else {
             if ($status->inQueue) {
                 $this->view->userRole = self::PSEUDO_ROLE_QUEUE;
             } else {
                 if ($status->inSession && $page != 'sessionindex' && !in_array($page, $this->_noRedirectPages)) {
                     /* User in session but not on session page. */
                     $this->_redirectTo('index', 'session');
                 } else {
                     if ($status->inSession) {
                         $this->view->userRole = self::PSEUDO_ROLE_SESSION;
                     } else {
                         if ($status->inBooking && $page != 'bookingswaiting' && !in_array($page, $this->_noRedirectPages)) {
                             $this->_redirectTo('waiting', 'bookings', array('bid' => $status->bookingID));
                         } else {
                             if ($status->inBooking) {
                                 $this->view->userRole = self::PSEUDO_ROLE_BOOKING;
                             } else {
                                 if ($page == 'queuequeuing' || $page == 'sessionindex' || $page == "indexindex") {
                                     /* Was in queue or in session, but that is finished so redirect
                                      * them back home. */
                                     switch ($this->_acl->getUserRole()) {
                                         case Sahara_Acl::USER:
                                             $this->_redirectTo('index', 'queue');
                                             break;
                                         case Sahara_Acl::RESEARCH:
                                             $this->_redirectTo('index', 'research');
                                             break;
                                         case Sahara_Acl::ACADEMIC:
                                             $this->_redirectTo('index', 'queue');
                                             break;
                                         case Sahara_Acl::ADMIN:
                                             $this->_redirectTo('index', 'admin');
                                             break;
                                         default:
                                             $this->view->messages = array("Unknown user \"{$qName}\".");
                                             break;
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
 }
예제 #4
0
 /**
  * Send error email to configured error handling reciepts.
  *
  * @param array $errors error details
  */
 private function _sendErrorEmail($errors)
 {
     if ($this->_config->error->disableMessages) {
         return;
     }
     $request = $errors->request;
     $exception = $errors->exception;
     $mail = new Sahara_Mail();
     $mail->setFrom($this->_config->email->from->address, $this->_config->email->from->name);
     $mail->setSubject('Sahara WI fatal error occurred at ' . date('r'));
     $body = "#################################################################\n";
     $body .= "## Sahara Fatal Error\n";
     $body .= "#################################################################\n\n";
     $body .= "Time: " . date('r') . "\n";
     $body .= "Request: " . $request->getRequestUri() . "\n";
     $body .= "Params: ";
     foreach ($request->getParams() as $p => $v) {
         /* Don't provide the clear text credential. */
         $len = strlen($v);
         if ($p == 'password') {
             $v = '';
             for ($i = 0; $i < $len; $i++) {
                 $v .= '*';
             }
         }
         $body .= "{$p}={$v} ";
     }
     $body .= "\n\n";
     /* ---- Error Information ---------------------------------------------*/
     $body .= "#################################################################\n";
     $body .= "## Error information\n";
     $body .= "Type: " . $errors->type . "\n";
     $body .= "Exception: " . get_class($exception) . "\n";
     $body .= "Message: " . $exception->getMessage() . "\n";
     $body .= "Code: " . $exception->getCode() . "\n";
     $body .= "File: " . $exception->getFile() . "\n";
     $body .= "Line: " . $exception->getLine() . "\n";
     $body .= "Trace: \n";
     $body .= $exception->getTraceAsString() . "\n\n";
     /* ---- Session Information -------------------------------------------*/
     if ($cred = Zend_Auth::getInstance()->getIdentity()) {
         $body .= "#################################################################\n";
         $body .= "## Session information\n";
         $body .= "Credential: {$cred}\n";
         try {
             $session = Sahara_Soap::getSchedServerQueuerClient()->isUserInQueue(array('userQName' => Zend_Auth::getInstance()->getIdentity()));
             $body .= "In Queue: " . ($session->inQueue ? 'true' : 'false') . "\n";
             $body .= "In Session: " . ($session->inSession ? 'true' : 'false') . "\n";
             if ($session->inQueue) {
                 $body .= "Queued resource ID: " . $session->queuedResouce->resourceID . "\n";
                 $body .= "Queued resource name: " . $session->queuedResouce->resourceName . "\n";
                 $body .= "Queued resource type: " . $session->queuedResouce->type . "\n";
             }
             if ($session->inSession) {
                 $body .= "Session resource ID: " . $session->assignedResource->resourceID . "\n";
                 $body .= "Session resource name: " . $session->assignedResource->resourceName . "\n";
                 $body .= "Session resource type: " . $session->assignedResource->type . "\n";
             }
         } catch (Exception $ex) {
             $body .= "Exception when attempting to determine session status with message '" . $ex->getMessage() . "', code " . $ex->getCode() . ".\n";
         }
     } else {
         $body .= "#################################################################\n";
         $body .= "## No session information\n";
     }
     $body .= "#################################################################\n\n";
     $mail->setBody($body);
     $addresses = $this->_config->error->address;
     if ($addresses instanceof Zend_Config) {
         foreach ($addresses as $addr) {
             $mail->addTo($addr);
         }
     } else {
         $mail->addTo($addresses);
     }
     try {
         $mail->send();
     } catch (Exception $ex) {
         /* Nothing much more we can do. */
     }
 }
예제 #5
0
 /**
  * Action that removes a user from the queue.
  */
 public function cancelAction()
 {
     $this->_helper->viewRenderer->setNoRender();
     $this->_helper->layout()->disableLayout();
     $response = Sahara_Soap::getSchedServerQueuerClient()->removeUserFromQueue(array('userQName' => $this->_auth->getIdentity()));
     echo $this->view->json($response);
 }