/** * handler for JSON api requests * * @return JSON */ public function handle() { try { // init server and request first $server = new Zend_Json_Server(); $server->setClass('Setup_Frontend_Json', 'Setup'); $server->setClass('Tinebase_Frontend_Json', 'Tinebase'); $server->setAutoHandleExceptions(false); $server->setAutoEmitResponse(false); $request = new Zend_Json_Server_Request_Http(); Setup_Core::initFramework(); $method = $request->getMethod(); $jsonKey = isset($_SERVER['HTTP_X_TINE20_JSONKEY']) ? $_SERVER['HTTP_X_TINE20_JSONKEY'] : ''; Tinebase_Core::getLogger()->info(__METHOD__ . '::' . __LINE__ . ' is JSON request. method: ' . $method); $anonymnousMethods = array('Setup.getAllRegistryData', 'Setup.login', 'Tinebase.getAvailableTranslations', 'Tinebase.getTranslations', 'Tinebase.setLocale'); if (!Setup_Core::configFileExists()) { $anonymnousMethods = array_merge($anonymnousMethods, array('Setup.envCheck')); } // check json key for all methods but some exceptoins if (!in_array($method, $anonymnousMethods) && Setup_Core::configFileExists() && (empty($jsonKey) || $jsonKey != Setup_Core::get('jsonKey') || !Setup_Core::isRegistered(Setup_Core::USER))) { if (!Setup_Core::isRegistered(Setup_Core::USER)) { Setup_Core::getLogger()->INFO(__METHOD__ . '::' . __LINE__ . ' Attempt to request a privileged Json-API method without authorisation from "' . $_SERVER['REMOTE_ADDR'] . '". (session timeout?)'); throw new Tinebase_Exception_AccessDenied('Not Authorised', 401); } else { Setup_Core::getLogger()->WARN(__METHOD__ . '::' . __LINE__ . ' Fatal: got wrong json key! (' . $jsonKey . ') Possible CSRF attempt!' . ' affected account: ' . print_r(Setup_Core::getUser(), true) . ' request: ' . print_r($_REQUEST, true)); throw new Tinebase_Exception_AccessDenied('Not Authorised', 401); } } $response = $server->handle($request); } catch (Exception $exception) { $response = $this->_handleException($server, $request, $exception); } echo $response; }
/** * download config as config file * * @param array $data */ public function downloadConfig($data) { if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) { $data = Zend_Json::decode($data, Zend_Json::TYPE_ARRAY); $tmpFile = tempnam(Tinebase_Core::getTempDir(), 'tine20_'); Setup_Controller::getInstance()->writeConfigToFile($data, TRUE, $tmpFile); $configData = file_get_contents($tmpFile); unlink($tmpFile); header("Pragma: public"); header("Cache-Control: max-age=0"); header("Content-Disposition: attachment; filename=config.inc.php"); header("Content-Description: PHP File"); header("Content-type: text/plain"); die($configData); } }
/** * nagios monitoring for tine 2.0 database connection * * @return integer * @see http://nagiosplug.sourceforge.net/developer-guidelines.html#PLUGOUTPUT */ public function monitoringCheckDB() { $message = 'DB CONNECTION FAIL'; try { if (!Setup_Core::isRegistered(Setup_Core::CONFIG)) { Setup_Core::setupConfig(); } if (!Setup_Core::isRegistered(Setup_Core::LOGGER)) { Setup_Core::setupLogger(); } $time_start = microtime(true); $dbcheck = Setup_Core::setupDatabaseConnection(); $time = (microtime(true) - $time_start) * 1000; } catch (Exception $e) { $message .= ': ' . $e->getMessage(); $dbcheck = FALSE; } if ($dbcheck) { echo "DB CONNECTION OK | connecttime={$time}ms;;;;\n"; return 0; } echo $message . "\n"; return 2; }
/** * checks if setup is required * * @return boolean */ public function setupRequired() { $result = FALSE; // check if applications table exists / only if db available if (Setup_Core::isRegistered(Setup_Core::DB)) { try { $applicationTable = Setup_Core::getDb()->describeTable(SQL_TABLE_PREFIX . 'applications'); if (empty($applicationTable)) { Setup_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' Applications table empty'); $result = TRUE; } } catch (Zend_Db_Statement_Exception $zdse) { Setup_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' ' . $zdse->getMessage()); $result = TRUE; } catch (Zend_Db_Adapter_Exception $zdae) { Setup_Core::getLogger()->notice(__METHOD__ . '::' . __LINE__ . ' ' . $zdae->getMessage()); $result = TRUE; } } return $result; }
/** * Returns registry data of setup * . * @see Tinebase_Application_Json_Abstract * * @return mixed array 'variable name' => 'data' * * @todo add 'titlePostfix' => Tinebase_Config::getInstance()->getConfig(Tinebase_Config::PAGETITLEPOSTFIX, NULL, '')->value here? */ public function getRegistryData() { // anonymous registry $registryData = array('configExists' => Setup_Core::configFileExists(), 'version' => array('buildType' => TINE20_BUILDTYPE, 'codeName' => TINE20SETUP_CODENAME, 'packageString' => TINE20SETUP_PACKAGESTRING, 'releaseTime' => TINE20SETUP_RELEASETIME), 'authenticationData' => $this->loadAuthenticationData()); // authenticated or non existent config if (!Setup_Core::configFileExists() || Setup_Core::isRegistered(Setup_Core::USER)) { $registryData = array_merge($registryData, $this->checkConfig()); $registryData = array_merge($registryData, array('acceptedTermsVersion' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? Setup_Controller::getInstance()->getAcceptedTerms() : 0, 'setupChecks' => $this->envCheck(), 'configData' => $this->loadConfig(), 'emailData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getEmailConfig() : array(), 'messengerData' => !empty($registryData['checkDB']) && $this->_controller->isInstalled('Tinebase') ? $this->getMessengerConfig() : array())); } // if setup user is logged in if (Setup_Core::isRegistered(Setup_Core::USER)) { $registryData += array('currentAccount' => Setup_Core::getUser()); } return $registryData; }