public static function isSignatureValid(sspmod_janus_REST_Request $request)
{
if (is_null($request->getKey())) {
return false;
}
$config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($request->getKey());
if (!$user->load(sspmod_janus_User::USERID_LOAD)) {
return false;
}
sspmod_janus_DiContainer::preAuthenticate($user->getUserid(), 'RESTv1');
$shared_secret = $user->getSecret();
$data = $request->getRequestVars();
// Sort params
ksort($data);
$concat_string = '';
// Concat all params with values
foreach ($data as $key => $value) {
$concat_string .= $key . $value;
}
// Prepend shared secret
$prepend_secret = $shared_secret . $concat_string;
// Hash the string to the signature
$calculated_signature = hash('sha512', $prepend_secret);
return $request->getSignature() == $calculated_signature;
}
public function send(array $data)
{
$user = new sspmod_janus_User($this->_config);
$user->setUid($data['uid']);
$user->load();
$to = $user->getEmail();
$subject = '[JANUS] ' . $data['subject'];
$body = $data['message'];
if (!mail($to, $subject, $body, $this->_headers)) {
throw new Exception('Could not send mail - ' . var_export($data, true));
}
return true;
}
/**
* Retrive all entities from database
*
* The method retrives all entities from the database together with the
* newest revision id.
*
* @param string $subject The message title
* @param string $message The mesage body
* @param arrayt|string $address Address for which the messege is sent to
* @param int $from Uid of user responsible for sending the message
*
* @return false|array All entities from the database
*/
public function post($subject, $message, $address, $from)
{
$external_messengers = $this->_config->getArray('messenger.external', array());
// Grab the user who send the message
$user = new sspmod_janus_User($this->_config);
$user->setUid($from);
$user->load();
// and prepend the userid to the message
$message = 'User: '******'<br />' . $message;
$addresses = array();
if (!is_array($address)) {
$addresses[] = $address;
} else {
$addresses = $address;
}
foreach ($addresses as $ad) {
$subscripers = $this->_getSubscripers($ad);
$subscripers[] = array('uid' => '0', 'type' => 'INBOX');
foreach ($subscripers as $subscriper) {
$st = self::execute('INSERT INTO `' . self::$prefix . 'message`
(
`uid`,
`subject`,
`message`,
`from`,
`subscription`,
`created`,
`ip`
) VALUES (?, ?, ?, ?, ?, ?, ?);', array($subscriper['uid'], $subject, $message, $from, $ad, date('c'), $_SERVER['REMOTE_ADDR']));
if ($st === false) {
SimpleSAML_Logger::error('JANUS: Error fetching all entities');
return false;
}
if (array_key_exists($subscriper['type'], $external_messengers)) {
$externalconfig = $external_messengers[$subscriper['type']];
try {
$messenger = sspmod_janus_Messenger::getInstance($externalconfig['class'], $externalconfig['option']);
$messenger->send(array('uid' => $subscriper['uid'], 'subject' => $subject, 'message' => $message, 'from' => $from, 'address' => $ad));
} catch (Exception $e) {
SimpleSAML_Logger::error('JANUS: Error sending external message. ' . var_export($messenger, true));
}
}
}
}
return true;
}
public static function method_getUser($data, &$status)
{
if (!isset($data["userid"])) {
$status = 400;
return '';
}
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$user = new sspmod_janus_User($config->getValue('store'));
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
/**
* Get User information
*
* @access protected (see isProtected)
* @static
* @param array $data Request parameters for getUser method, supports:
* - string $data['userid']: UserID (login name) to get data for
* @param int $statusCode HTTP Status code to use in response
* @return array|string User information
*/
public static function method_getUser($data, &$statusCode)
{
if (!isset($data["userid"])) {
$statusCode = 400;
return '';
}
$config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
public static function isSignatureValid(sspmod_janus_REST_Request $request)
{
if (is_null($request->getKey())) {
return false;
}
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$user = new sspmod_janus_User($config->getValue('store'));
$user->setUserid($request->getKey());
$user->load(sspmod_janus_User::USERID_LOAD);
$shared_secret = $user->getSecret();
$data = $request->getRequestVars();
// Sort params
ksort($data);
$concat_string = '';
// Concat all params with values
foreach ($data as $key => $value) {
$concat_string .= $key . $value;
}
// Prepend shared secret
$prepend_secret = $shared_secret . $concat_string;
// Hash the string to the signature
$calculated_signature = hash('sha512', $prepend_secret);
return $request->getSignature() == $calculated_signature;
}
$attributes = $as->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
echo $et->t('error_no_access');
exit;
}
// Get Entity controller
$mcontroller = sspmod_janus_DiContainer::getInstance()->getEntityController();
// Get the user
$user = new sspmod_janus_User();
$user->setUserid($userid);
$user->load(sspmod_janus_User::USERID_LOAD);
$eid = $_GET['eid'];
$currentRevisionId = $_GET['currentRevisionId'];
$historyTab = $_GET['historyTab'];
if (!($entity = $mcontroller->setEntity($eid))) {
throw new SimpleSAML_Error_Exception('Error in setEntity');
}
$workflowstates = $janus_config->getValue('workflowstates');
// load entity
$mcontroller->loadEntity();
// Check if user is allowed to se entity
$allowedUsers = $mcontroller->getUsers();
$output = '';
$securityContext = sspmod_janus_DiContainer::getInstance()->getSecurityContext();
if ((array_key_exists($userid, $allowedUsers) || $securityContext->isGranted('allentities')) && $securityContext->isGranted('entityhistory', $entity)) {
$history_size = $mcontroller->getHistorySize();
function addUserToEntity($params)
{
if (!isset($params['eid']) || !isset($params['uid'])) {
return FALSE;
}
$eid = $params['eid'];
$uid = $params['uid'];
# security hack - uid is actually userid ie. user@example.com - convert it to a janus uid as expected for further processing
$janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($uid);
if ($user->load(sspmod_janus_User::USERID_LOAD) === false) {
echo json_encode(array('status' => 'Unknown user'));
exit;
}
$actual_uid = $user->getUid();
$util = new sspmod_janus_AdminUtil();
try {
if (!($userid = $util->addUserToEntity($eid, $actual_uid))) {
return FALSE;
}
} catch (Exception $e) {
echo json_encode(array('status' => 'An unspecified error occurred'));
exit;
}
return array('eid' => $eid, 'uid' => $actual_uid, 'userid' => $userid);
}
}
return FALSE;
}
$mcontrol = new sspmod_janus_UserController($janus_config);
$pm = new sspmod_janus_Postman();
if (!($user = $mcontrol->setUser($userid))) {
throw new SimpleSAML_Error_Exception('Error in setUser');
}
$selectedtab = isset($_REQUEST['selectedtab']) ? $_REQUEST['selectedtab'] : 1;
if (isset($_POST['add_usersubmit'])) {
if (empty($_POST['userid']) || empty($_POST['type'])) {
$msg = 'error_user_not_created_due_params';
} else {
$check_user = new sspmod_janus_User($janus_config->getValue('store'));
$check_user->setUserid($_POST['userid']);
if ($check_user->load(sspmod_janus_User::USERID_LOAD) != FALSE) {
$msg = 'error_user_already_exists';
} else {
$new_user = new sspmod_janus_User($janus_config->getValue('store'));
$new_user->setUserid($_POST['userid']);
$new_user->setType($_POST['type']);
if (isset($_POST['active']) && $_POST['active'] == 'on') {
$active = 'yes';
} else {
$active = 'no';
}
$new_user->setActive($active);
$new_user->setData($_POST['userdata']);
if (!$new_user->save()) {
$msg = 'error_user_not_created';
} else {
echo ' <a id="edit_subscription_link_' . $subscription['sid'] . '" class="janus_button" onclick="editSubscription(' . $this->data['user']->getUid() . ', ' . $subscription['sid'] . ');">' . $this->t('admin_edit') . '</a>';
}
echo '</td></tr>';
}
echo '</tbody></table>';
if ($this->data['security.context']->isGranted('addsubscriptions')) {
echo '<h2>' . $this->t('text_subscription_add_header') . '</h2>';
echo '<select name="subscriptions" id="subscriptions_select">';
echo '<option> -- ' . $this->t('tab_edit_entity_select') . ' --</option>';
foreach ($this->data['subscriptionList'] as $subscription) {
$tmp = explode("-", $subscription);
if ($tmp[0] == 'USER') {
if (isset($tmp[1]) && ctype_digit((string) $tmp[1])) {
$user = new sspmod_janus_User($janus_config);
$user->setUid($tmp[1]);
$user->load();
$name = $tmp[0] . ' - ' . $user->getUserid();
} else {
if (isset($tmp[1]) && $tmp[1] == 'NEW') {
$name = $tmp[0] . ' - ' . 'NEW';
} else {
$name = $tmp[0];
}
}
} else {
if ($tmp[0] == 'ENTITYUPDATE') {
if (isset($tmp[1]) && ctype_digit((string) $tmp[1])) {
$entity = new sspmod_janus_Entity($janus_config);
$entity->setEid($tmp[1]);
try {
$entity->load();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
$returnURL = $session->getData('string', 'refURL');
if (is_null($returnURL)) {
$returnURL = SimpleSAML_Utilities::selfURL();
} else {
$session->deleteData('string', 'refURL');
}
SimpleSAML_Auth_Default::initLogin($authsource, $returnURL, NULL, $_GET);
}
$user = new sspmod_janus_User();
$user->setUserid($userid);
if (!$user->load(sspmod_janus_User::USERID_LOAD)) {
$autocreatenewuser = $janus_config->getValue('user.autocreate', false);
if ($autocreatenewuser) {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/newUser.php'), array('userid' => $userid));
} else {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/noNewUser.php'), array('userid' => $userid));
}
} else {
if ($user->getActive() === 'yes') {
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/dashboard.php/entities'));
} else {
$session->doLogout();
SimpleSAML_Utilities::redirectTrustedUrl(SimpleSAML_Module::getModuleURL('janus/index.php?error=error_index_user_inactive'));
}
}
/**
* Add the specified users to the entity
*
* @param string $eid The entity
* @param string $uid The user to be added to the entity
*
* @return bool True on success and false on error
* @since Method available since Release 1.0.0
* @TODO Rename to addPermission or similar
*/
public function addUserToEntity($eid, $uid)
{
$st = self::execute('INSERT INTO `' . self::$prefix . 'hasEntity`
(`uid`, `eid`, `created`, `ip`)
VALUES
(?, ?, ?, ?);', array($uid, $eid, date('c'), $_SERVER['REMOTE_ADDR']));
if ($st === false) {
SimpleSAML_Logger::error('JANUS: Error fetching all entities');
return false;
}
$user = new sspmod_janus_User($this->_config->getValue('store'));
$user->setUid($uid);
$user->load();
$userid = $user->getUserid();
return $userid;
}
/**
* Retrive all users in the system
*
* The method will retrive all users in the system. NOTE this method will be
* moved/rewritten in the future.
*
* @return array All users in the system
*/
public function getUsers()
{
$st = $this->execute('SELECT * FROM ' . self::$prefix . 'user;');
$rs = $st->fetchAll(PDO::FETCH_ASSOC);
$users = array();
foreach ($rs as $row) {
$user = new sspmod_janus_User($this->_config->getValue('store'));
$user->setUid($row['uid']);
$user->load();
$users[] = $user;
}
return $users;
}
$wstates = $janus_config->getArray('workflowstates');
if (isset($current['name'][$this->getLanguage()])) {
$curLang = $this->getLanguage();
} else {
$curLang = 'en';
}
foreach ($history as $data) {
echo '<a href="?eid=' . $data->getEid() . '&revisionid=' . $data->getRevisionid() . '">' . $this->t('tab_edit_entity_connection_revision') . ' ' . $data->getRevisionid() . '</a>';
if (strlen($data->getRevisionnote()) > 80) {
echo ' - ' . substr($data->getRevisionnote(), 0, 79) . '...';
} else {
echo ' - ' . $data->getRevisionnote();
}
// Show edit user if present
$user->setUid($data->getUser());
if ($user->load()) {
echo ' - ' . $user->getUserid();
}
echo ' - ' . date('Y-m-d H:i', strtotime($data->getCreated()));
if (isset($wstates[$data->getWorkflow()]['name'][$curLang])) {
echo ' - ' . $wstates[$data->getWorkflow()]['name'][$curLang];
} else {
echo ' - ' . $data->getWorkflow();
}
echo '<br />';
}
echo '<div id="historycontainer"><p>';
echo $this->t('tab_edit_entity_loading_revisions');
echo '</p></div>';
}
} else {
function editUser($params)
{
if (empty($params['uid']) || empty($params['userid']) || !isset($params['active']) || empty($params['type'])) {
return array('status' => 'missing_param');
}
$janus_config = SimpleSAML_Configuration::getConfig('module_janus.php');
$uid = $params['uid'];
$user = new sspmod_janus_User($janus_config->getValue('store'));
$user->setUid($uid);
$user->load(sspmod_janus_User::UID_LOAD);
$user->setActive($params['active']);
$user->setUserid($params['userid']);
$user->setType($params['type']);
$user->save();
return array('uid' => $uid);
}
/**
* Retrive all users in the system
*
* The method will retrive all users in the system. NOTE this method will be
* moved/rewritten in the future.
*
* @return array All users in the system
*/
public function getUsers()
{
$st = $this->execute('SELECT * FROM ' . $this->getTablePrefix() . 'user ORDER BY `userid`;');
$rs = $st->fetchAll(PDO::FETCH_ASSOC);
$users = array();
foreach ($rs as $row) {
$user = new sspmod_janus_User();
$user->setUid($row['uid']);
$user->load();
$users[] = $user;
}
return $users;
}
