protected function GetAttachmentsPosition()
{
return MetaModel::GetModuleSetting('itop-attachments', 'position', 'relations');
}
public function DisplayAttachments($oObject, WebPage $oPage, $bEditMode = false)
{
// Exit here if the class is not allowed
if (!$this->IsTargetObject($oObject)) {
return;
}
$oSearch = DBObjectSearch::FromOQL("SELECT Attachment WHERE item_class = :class AND item_id = :item_id");
$oSet = new DBObjectSet($oSearch, array(), array('class' => get_class($oObject), 'item_id' => $oObject->GetKey()));
if ($this->GetAttachmentsPosition() == 'relations') {
$sTitle = $oSet->Count() > 0 ? Dict::Format('Attachments:TabTitle_Count', $oSet->Count()) : Dict::S('Attachments:EmptyTabTitle');
$oPage->SetCurrentTab($sTitle);
}
$oPage->add_style(<<<EOF
.attachment {
\tdisplay: inline-block;
\ttext-align:center;
\tfloat:left;
\tpadding:5px;\t
}
.attachment:hover {
\tbackground-color: #e0e0e0;
}
.attachment img {
\tborder: 0;
}
.attachment a {
\ttext-decoration: none;
\tcolor: #1C94C4;
}
.btn_hidden {
\tdisplay: none;
}
.drag_in {
\t-webkit-box-shadow:inset 0 0 10px 2px #1C94C4;
\tbox-shadow:inset 0 0 10px 2px #1C94C4;
}
#history .attachment-history-added {
\tpadding: 0;
\tfloat: none;
}
EOF
);
$oPage->add('<fieldset>');
$oPage->add('<legend>' . Dict::S('Attachments:FieldsetTitle') . '</legend>');
if ($bEditMode) {
$sIsDeleteEnabled = $this->m_bDeleteEnabled ? 'true' : 'false';
$iTransactionId = $oPage->GetTransactionId();
$sClass = get_class($oObject);
$sTempId = session_id() . '_' . $iTransactionId;
$sDeleteBtn = Dict::S('Attachments:DeleteBtn');
$oPage->add_script(<<<EOF
\tfunction RemoveAttachment(att_id)
\t{
\t\t\$('#attachment_'+att_id).attr('name', 'removed_attachments[]');
\t\t\$('#display_attachment_'+att_id).hide();
\t\t\$('#attachment_plugin').trigger('remove_attachment', [att_id]);
\t\treturn false; // Do not submit the form !
\t}
EOF
);
$oPage->add('<span id="attachments">');
while ($oAttachment = $oSet->Fetch()) {
$iAttId = $oAttachment->GetKey();
$oDoc = $oAttachment->Get('contents');
$sFileName = $oDoc->GetFileName();
$sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName);
$sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false';
$sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents';
$oPage->add('<div class="attachment" id="display_attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '<input id="attachment_' . $iAttId . '" type="hidden" name="attachments[]" value="' . $iAttId . '"/></a><br/> <input id="btn_remove_' . $iAttId . '" type="button" class="btn_hidden" value="Delete" onClick="RemoveAttachment(' . $iAttId . ');"/> </div>');
}
// Suggested attachments are listed here but treated as temporary
$aDefault = utils::ReadParam('default', array(), false, 'raw_data');
if (array_key_exists('suggested_attachments', $aDefault)) {
$sSuggestedAttachements = $aDefault['suggested_attachments'];
if (is_array($sSuggestedAttachements)) {
$sSuggestedAttachements = implode(',', $sSuggestedAttachements);
}
$oSearch = DBObjectSearch::FromOQL("SELECT Attachment WHERE id IN({$sSuggestedAttachements})");
$oSet = new DBObjectSet($oSearch, array());
if ($oSet->Count() > 0) {
while ($oAttachment = $oSet->Fetch()) {
// Mark the attachments as temporary attachments for the current object/form
$oAttachment->Set('temp_id', $sTempId);
$oAttachment->DBUpdate();
// Display them
$iAttId = $oAttachment->GetKey();
$oDoc = $oAttachment->Get('contents');
$sFileName = $oDoc->GetFileName();
$sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName);
$sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents';
$sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false';
$oPage->add('<div class="attachment" id="display_attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '<input id="attachment_' . $iAttId . '" type="hidden" name="attachments[]" value="' . $iAttId . '"/></a><br/> <input id="btn_remove_' . $iAttId . '" type="button" class="btn_hidden" value="Delete" onClick="RemoveAttachment(' . $iAttId . ');"/> </div>');
$oPage->add_ready_script("\$('#attachment_plugin').trigger('add_attachment', [{$iAttId}, '" . addslashes($sFileName) . "']);");
}
}
}
$oPage->add('</span>');
$oPage->add('<div style="clear:both"></div>');
$sMaxUpload = $this->GetMaxUpload();
$oPage->p(Dict::S('Attachments:AddAttachment') . '<input type="file" name="file" id="file"><span style="display:none;" id="attachment_loading"> <img src="../images/indicator.gif"></span> ' . $sMaxUpload);
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.iframe-transport.js');
$oPage->add_linked_script(utils::GetAbsoluteUrlAppRoot() . 'js/jquery.fileupload.js');
$oPage->add_ready_script(<<<EOF
\$('#file').fileupload({
\t\turl: GetAbsoluteUrlModulesRoot()+'itop-attachments/ajax.attachment.php',
\t\tformData: { operation: 'add', temp_id: '{$sTempId}', obj_class: '{$sClass}' },
dataType: 'json',
\t\tpasteZone: null, // Don't accept files via Chrome's copy/paste
done: function (e, data) {
\t\t\tif(typeof(data.result.error) != 'undefined')
\t\t\t{
\t\t\t\tif(data.result.error != '')
\t\t\t\t{
\t\t\t\t\talert(data.result.error);
\t\t\t\t}
\t\t\t\telse
\t\t\t\t{
\t\t\t\t\tvar sDownloadLink = GetAbsoluteUrlAppRoot()+'pages/ajax.render.php?operation=download_document&class=Attachment&id='+data.result.att_id+'&field=contents';
\t\t\t\t\t\$('#attachments').append('<div class="attachment" id="display_attachment_'+data.result.att_id+'"><a data-preview="'+data.result.preview+'" href="'+sDownloadLink+'"><img src="'+data.result.icon+'"><br/>'+data.result.msg+'<input id="attachment_'+data.result.att_id+'" type="hidden" name="attachments[]" value="'+data.result.att_id+'"/></a><br/><input type="button" class="btn_hidden" value="{$sDeleteBtn}" onClick="RemoveAttachment('+data.result.att_id+');"/></div>');
\t\t\t\t\tif({$sIsDeleteEnabled})
\t\t\t\t\t{
\t\t\t\t\t\t\$('#display_attachment_'+data.result.att_id).hover( function() { \$(this).children(':button').toggleClass('btn_hidden'); } );
\t\t\t\t\t}
\t\t\t\t\t\$('#attachment_plugin').trigger('add_attachment', [data.result.att_id, data.result.msg]);
\t\t\t\t}
\t\t\t}
},
start: function() {
\t\$('#attachment_loading').show();
\t\t},
stop: function() {
\t\$('#attachment_loading').hide();
\t\t}
});
\t\$(document).bind('dragover', function (e) {
\t\tvar bFiles = false;
\t\tif (e.dataTransfer && e.dataTransfer.types)
\t\t{
\t\t\tfor (var i = 0; i < e.dataTransfer.types.length; i++)
\t\t\t{
\t\t\t\tif (e.dataTransfer.types[i] == "application/x-moz-nativeimage")
\t\t\t\t{
\t\t\t\t\tbFiles = false; // mozilla contains "Files" in the types list when dragging images inside the page, but it also contains "application/x-moz-nativeimage" before
\t\t\t\t\tbreak;
\t\t\t\t}
\t\t\t\t
\t\t\t\tif (e.dataTransfer.types[i] == "Files")
\t\t\t\t{
\t\t\t\t\tbFiles = true;
\t\t\t\t\tbreak;
\t\t\t\t}
\t\t\t}
\t\t}
\t
\t\tif (!bFiles) return; // Not dragging files
\t\t
\t\tvar dropZone = \$('#file').closest('fieldset');
\t\tif (!dropZone.is(':visible'))
\t\t{
\t\t\t// Hidden, but inside an inactive tab? Higlight the tab
\t\t\tvar sTabId = dropZone.closest('.ui-tabs-panel').attr('aria-labelledby');
\t\t\tdropZone = \$('#'+sTabId).closest('li');
\t\t}
\t timeout = window.dropZoneTimeout;
\t if (!timeout) {
\t dropZone.addClass('drag_in');
\t } else {
\t clearTimeout(timeout);
\t }
\t window.dropZoneTimeout = setTimeout(function () {
\t window.dropZoneTimeout = null;
\t dropZone.removeClass('drag_in');
\t }, 300);
\t});
EOF
);
$oPage->p('<span style="display:none;" id="attachment_loading">Loading, please wait...</span>');
$oPage->p('<input type="hidden" id="attachment_plugin" name="attachment_plugin"/>');
if ($this->m_bDeleteEnabled) {
$oPage->add_ready_script('$(".attachment").hover( function() {$(this).children(":button").toggleClass("btn_hidden"); } );');
}
} else {
$oPage->add('<span id="attachments">');
if ($oSet->Count() == 0) {
$oPage->add(Dict::S('Attachments:NoAttachment'));
} else {
while ($oAttachment = $oSet->Fetch()) {
$iAttId = $oAttachment->GetKey();
$oDoc = $oAttachment->Get('contents');
$sFileName = $oDoc->GetFileName();
$sIcon = utils::GetAbsoluteUrlAppRoot() . AttachmentPlugIn::GetFileIcon($sFileName);
$sPreview = $oDoc->IsPreviewAvailable() ? 'true' : 'false';
$sDownloadLink = utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.render.php?operation=download_document&class=Attachment&id=' . $iAttId . '&field=contents';
$oPage->add('<div class="attachment" id="attachment_' . $iAttId . '"><a data-preview="' . $sPreview . '" href="' . $sDownloadLink . '"><img src="' . $sIcon . '"><br/>' . $sFileName . '</a><input type="hidden" name="attachments[]" value="' . $iAttId . '"/><br/> </div>');
}
}
$oPage->add('</span>');
}
$oPage->add('</fieldset>');
$sPreviewNotAvailable = addslashes(Dict::S('Attachments:PreviewNotAvailable'));
$iMaxWidth = MetaModel::GetModuleSetting('itop-attachments', 'preview_max_width', 290);
$oPage->add_ready_script("\$(document).tooltip({ items: '.attachment a', position: { my: 'left top', at: 'right top', using: function( position, feedback ) { \$( this ).css( position ); }}, content: function() { if (\$(this).attr('data-preview') == 'true') { return('<img style=\"max-width:{$iMaxWidth}px\" src=\"'+\$(this).attr('href')+'\"></img>');} else { return '{$sPreviewNotAvailable}'; }}});");
}
foreach ($oIterator as $oNode) {
if ($oNode instanceof DisplayableGroupNode) {
$aGroups[] = $oNode->GetObjects();
$oNode->SetProperty('group_index', $iGroupIdx);
$iGroupIdx++;
}
}
$oP->AddTabContainer('Navigator');
$oP->SetCurrentTabContainer('Navigator');
$sFirstTab = MetaModel::GetConfig()->Get('impact_analysis_first_tab');
$sContextKey = "itop-config-mgmt/relation_context/{$sClass}/{$sRelation}/{$sDirection}";
// Check if the current object supports Attachments, similar to AttachmentPlugin::IsTargetObject
$sClassForAttachment = null;
$iIdForAttachment = null;
if (class_exists('Attachment')) {
$aAllowedClasses = MetaModel::GetModuleSetting('itop-attachments', 'allowed_classes', array('Ticket'));
foreach ($aAllowedClasses as $sAllowedClass) {
if ($oObj instanceof $sAllowedClass) {
$iIdForAttachment = $id;
$sClassForAttachment = $sClass;
}
}
}
// Display the tabs
if ($sFirstTab == 'list') {
DisplayNavigatorListTab($oP, $aResults, $sRelation, $oObj);
$oP->SetCurrentTab(Dict::S('UI:RelationshipGraph'));
$oDisplayGraph->Display($oP, $aResults, $sRelation, $oAppContext, array(), $sClassForAttachment, $iIdForAttachment, $sContextKey, array('this' => $oObj));
DisplayNavigatorGroupTab($oP, $aGroups, $sRelation, $oObj);
} else {
$oP->SetCurrentTab(Dict::S('UI:RelationshipGraph'));
/**
* Check the user's password against the LDAP server
* Algorithm:
* 1) Connect to the LDAP server, using a predefined account (or anonymously)
* 2) Search for the specified user, based on a specific search query/pattern
* 3) If exactly one user is found, continue, otherwise return false (wrong user or wrong query configured)
* 3) Bind again to LDAP using the DN of the found user and the password
* 4) If the bind is successful return true, otherwise return false (wrong password)
* @param string $sPassword The user's password to validate against the LDAP server
* @return boolean True if the password is Ok, false otherwise
*/
public function CheckCredentials($sPassword)
{
$sLDAPHost = MetaModel::GetModuleSetting('authent-ldap', 'host', 'localhost');
$iLDAPPort = MetaModel::GetModuleSetting('authent-ldap', 'port', 389);
$sDefaultLDAPUser = MetaModel::GetModuleSetting('authent-ldap', 'default_user', '');
$sDefaultLDAPPwd = MetaModel::GetModuleSetting('authent-ldap', 'default_pwd', '');
$hDS = @ldap_connect($sLDAPHost, $iLDAPPort);
if ($hDS === false) {
$this->LogMessage("ldap_authentication: can not connect to the LDAP server '{$sLDAPHost}' (port: {$iLDAPPort}). Check the configuration file config-itop.php.");
return false;
}
$aOptions = MetaModel::GetModuleSetting('authent-ldap', 'options', array());
foreach ($aOptions as $name => $value) {
ldap_set_option($hDS, $name, $value);
}
if ($bind = @ldap_bind($hDS, $sDefaultLDAPUser, $sDefaultLDAPPwd)) {
// Search for the person, using the specified query expression
$sLDAPUserQuery = MetaModel::GetModuleSetting('authent-ldap', 'user_query', '');
$sBaseDN = MetaModel::GetModuleSetting('authent-ldap', 'base_dn', '');
$sLogin = $this->Get('login');
$iContactId = $this->Get('contactid');
$sFirstName = '';
$sLastName = '';
$sEMail = '';
if ($iContactId > 0) {
$oPerson = MetaModel::GetObject('Person', $iContactId);
if (is_object($oPerson)) {
$sFirstName = $oPerson->Get('first_name');
$sLastName = $oPerson->Get('name');
$sEMail = $oPerson->Get('email');
}
}
// %1$s => login
// %2$s => first name
// %3$s => last name
// %4$s => email
$sQuery = sprintf($sLDAPUserQuery, $sLogin, $sFirstName, $sLastName, $sEMail);
$hSearchResult = @ldap_search($hDS, $sBaseDN, $sQuery);
$iCountEntries = $hSearchResult !== false ? @ldap_count_entries($hDS, $hSearchResult) : 0;
switch ($iCountEntries) {
case 1:
// Exactly one entry found, let's check the password by trying to bind with this user
$aEntry = ldap_get_entries($hDS, $hSearchResult);
$sUserDN = $aEntry[0]['dn'];
$bUserBind = @ldap_bind($hDS, $sUserDN, $sPassword);
if ($bUserBind !== false && !empty($sPassword)) {
ldap_unbind($hDS);
return true;
// Password Ok
}
$this->LogMessage("ldap_authentication: wrong password for user: '******'.");
return false;
// Wrong password
break;
case 0:
// User not found...
$this->LogMessage("ldap_authentication: no entry found with the query '{$sQuery}', base_dn = '{$sBaseDN}'. User not found in LDAP.");
break;
default:
// More than one entry... maybe the query is not specific enough...
$this->LogMessage("ldap_authentication: several (" . ldap_count_entries($hDS, $hSearchResult) . ") entries match the query '{$sQuery}', base_dn = '{$sBaseDN}', check that the query defined in config-itop.php is specific enough.");
}
return false;
} else {
// Trace: invalid default user for LDAP initial binding
$this->LogMessage("ldap_authentication: can not bind to the LDAP server '{$sLDAPHost}' (port: {$iLDAPPort}), user='******', pwd='{$sDefaultLDAPPwd}'. Error: '" . ldap_error($hDS) . "'. Check the configuration file config-itop.php.");
return false;
}
}
protected function LogMessage($sMessage, $aData = array())
{
if (MetaModel::GetModuleSetting('authent-ldap', 'debug', false) && MetaModel::IsLogEnabledIssue()) {
if (MetaModel::IsValidClass('EventIssue')) {
$oLog = new EventIssue();
$oLog->Set('message', $sMessage);
$oLog->Set('userinfo', '');
$oLog->Set('issue', 'LDAP Authentication');
$oLog->Set('impact', 'User login rejected');
$oLog->Set('data', $aData);
$oLog->DBInsertNoReload();
}
IssueLog::Error($sMessage);
}
}
