public function __construct()
{
parent::__construct();
$rules = $this->_config->session->ldappermission->rule;
if (!$rules) {
throw new Exception("No LDAP permission rules defined.", 105);
}
$this->_filterRules = array();
foreach ($rules->toArray() as $r) {
array_push($this->_filterRules, new Sahara_Auth_Session_LdapPermission_Rule($r));
}
$this->_db = Sahara_Database::getDatabase();
}
public function __construct()
{
parent::__construct();
$this->_db = Sahara_Database::getDatabase();
$ud = $this->_config->userdetails;
if (!$ud || !$ud->firstname || !$ud->lastname || !$ud->email) {
$this->_logger->error('User details session setup class not properly configured.');
throw new Exception('User details session setup class not properly configured.');
}
$this->_fnFields = array();
foreach (explode(',', $ud->firstname) as $f) {
array_push($this->_fnFields, trim($f));
}
$this->_snFields = array();
foreach (explode(',', $ud->lastname) as $f) {
array_push($this->_snFields, trim($f));
}
$this->_emailFields = array();
foreach (explode(',', $ud->email) as $f) {
array_push($this->_emailFields, trim($f));
}
}
public function __construct()
{
parent::__construct();
Sahara_Database::getDatabase();
}
/**
* Action create perm keys.
*/
public function permkeyAction()
{
/* This should only be enabled if the permission key system is enabled. */
if (!$this->_config->permkey->enable) {
$this->_logger->warn('Tried to load permission key creation interface when the permission activation feature is disabled.');
$this->_redirectTo('index');
}
$this->view->headTitle($this->_headPrefix . 'Permission Keys');
$db = Sahara_Database::getDatabase();
$this->view->classes = $db->fetchAll($db->select()->from('user_class'));
if ($this->_request->isPost()) {
$this->view->keys = array();
$params = $this->_request->getParams();
for ($i = 0; $i < $params['num']; $i++) {
/* Generate key. */
$key = '';
for ($k = 0; $k < 25; $k++) {
switch (rand(0, 3)) {
case 0:
$key .= chr(rand(0, 24) + 97);
break;
case 1:
$key .= chr(rand(0, 24) + 65);
break;
case 2:
$key .= chr(rand(0, 10) + 48);
break;
}
}
array_push($this->view->keys, $key);
$row = array('redeemkey' => $key, 'user_class_id' => $params['class'], 'remaining_uses' => $params['uses']);
if ($params['home']) {
$row['home_org'] = $params['home'];
}
if ($params['aff']) {
$row['affliation'] = $params['aff'];
}
$db->insert('user_association_redeem_keys', $row);
}
}
}
/**
* (non-PHPdoc)
* @see models/Sahara/Auth/Sahara_Auth_Session::setup()
*/
public function setup()
{
/* Check the user actually came from Moodle, if not it is a
* configuration error, so an error will be thrown to get the
* admin to fix this. */
if (!$this->_authType instanceof Sahara_Auth_Type_Moodle) {
$this->_logger->error('Moodle authorise session setup can only be used with accounts authenticated ' . 'off Moodle. This is a configuration error.');
throw new Exception('Unable to use Moodle authorise if a user\'s account has not been authenticated off ' . 'Moodle');
}
/* Load the user's Moodle enrolment. */
$enrolment = $this->_authType->getMoodleDatabaseConn()->fetchAll('SELECT co.shortname, co.fullname, co.idnumber, co.category FROM ' . $this->_tblPrefix . 'course AS co JOIN ' . $this->_tblPrefix . 'enrol AS e ON co.id = e.courseid ' . 'JOIN ' . $this->_tblPrefix . 'user_enrolments AS ue ON e.id = ue.enrolid ' . 'JOIN ' . $this->_tblPrefix . 'user AS u ON u.id = ue.userid ' . 'WHERE u.username = ? ' . 'AND e.status = 0 ' . 'AND ue.status = 0 ' . 'AND ue.timestart < ' . time() . ' AND (ue.timeend > ' . time() . ' OR ue.timeend = 0)', $this->_authType->getMoodleUsername());
/* Determine the list of classes the user should be a member of. */
$memberOf = array();
foreach ($enrolment as $e) {
if (count($classes = $this->_matchEnrolment($e))) {
$memberOf = array_merge($memberOf, $classes);
}
}
/* In case a multiple rules put the user in the same user class. */
$memberOf = array_unique($memberOf);
/* Determine what classes the user is already a member of. */
$db = Sahara_Database::getDatabase();
$ucRecords = $db->fetchAll('SELECT uc.name, uc.id AS classid, us.id AS userid FROM user_class AS uc ' . 'JOIN user_association AS ua ON uc.id = ua.user_class_id ' . 'JOIN users AS us ON us.id = ua.users_id ' . 'WHERE us.name = ?', $this->_authType->getUsername());
foreach ($ucRecords as $r) {
if (in_array($r['name'], $memberOf)) {
/* User is a member of the class they should be a member of. */
unset($memberOf[array_search($r['name'], $memberOf)]);
} else {
/* User has additional membership that should be removed. */
$db->query('DELETE FROM user_association WHERE users_id = ? AND user_class_id = ?', array($r['userid'], $r['classid']));
}
}
/* For the remaining memeberships, the user needs to be added. */
foreach ($memberOf as $m) {
try {
$db->query('INSERT INTO user_association (users_id, user_class_id) VALUES (' . '(SELECT id FROM users WHERE name = ?),' . '(SELECT id FROM user_class WHERE name = ?)' . ')', array($this->_authType->getUsername(), $m));
} catch (Zend_Db_Statement_Exception $ex) {
if ($ex->getCode() == '23000') {
/* User class (probably) doesn't exist. */
$this->_logger->warn('Failed adding association for user \'' . $this->_authType->getUsername() . '\' to class \'' . $m . '\'. Check the class actually exists.');
} else {
throw $ex;
}
// Some other error, propogate to error handling.
}
}
}
/**
* Does first time setup of the user.
*
* @param String sid Either the shared token or targeted ID of the user
*/
private function _firstTimeSetup($sid)
{
/* Generate user name. */
$useSid = false;
list($homeOrg, $junk) = explode('.', $this->_attrs->getOrginisation());
if (!$homeOrg) {
$this->_logger->info("Home orginisation was not found, so not using it in Sahara user name generation.");
}
$fname = $this->_attrs->getFirstname();
$lname = $this->_attrs->getSurname();
if (!$fname || !$lname) {
$this->_logger->info("First name ({$fname}) and last name ({$lname}) combination was not valid for " . 'Sahara user name generation. Falling back to common name.');
list($fname, $lname) = explode(' ', $this->_attrs->getCommonName());
if (!$fname || !$lname) {
$this->_logger->info("First name ({$fname}) and last name ({$lname}) determination from 'Common Name' was " . 'not valid for Sahara user name generation. Falling back to display name.');
if ($this->_attrs->getDisplayName()) {
list($fname, $lname) = explode(' ', $this->_attrs->getDisplayName(), 2);
}
if (!$fname || !$lname) {
$this->logger->info('Display name (' . $this->_attrs->getDisplayName() . ') was not valid for ' . "Sahara user name generation. Falling back to token ({$sid}).");
$useSid = true;
}
}
}
if ($useSid) {
$name = $sid;
} else {
$name = ($homeOrg ? substr($homeOrg, 0, 3) . '.' : '') . substr(strtolower($fname), 0, 2) . '.' . substr(strtolower($lname), 0, 8);
}
/* Fix max length. */
if (strlen($name) > self::NAME_LENGTH) {
$name = substr($name, 0, self::NAME_LENGTH);
}
/* Sanitise special characters. */
$chrs = str_split($name);
$name = '';
foreach ($chrs as $c) {
if (ctype_alnum($c) || $c == '.') {
$name .= $c;
}
}
/* Make sure it is unique. */
$db = Sahara_Database::getDatabase();
$ns = $db->quote($this->_config->institution);
$num = (int) $db->fetchOne("SELECT count(id) FROM users WHERE namespace={$ns} AND name=" . $db->quote($name));
if ($num > 0) {
$suf = 0;
while ($num > 0) {
$num = (int) $db->fetchOne("SELECT count(id) FROM users WHERE namespace={$ns} AND name=" . $db->quote($name . ++$suf));
}
$name .= $suf;
}
$this->_mapping = $this->_mappingTable->createRow(array('sid' => $sid, 'user_name' => $name));
/* Add other attrs. */
if ($this->_attrs->getOrginisation()) {
$this->_mapping->home_org = $this->_attrs->getOrginisation();
}
if ($this->_attrs->getAffliation()) {
$this->_mapping->affliation = $this->_attrs->getAffliation();
}
$this->_mapping->save();
}
public function Sahara_AccessKey()
{
$this->_db = Sahara_Database::getDatabase();
$this->_config = Zend_Registry::get('config');
$this->_logger = Sahara_Logger::getInstance();
}
/**
* Attempt recovery of database errors using fail over to another database
* server.
*
* @return bool true if successfully recovered
*/
private function _tryDatabaseRecovery()
{
/* Only run failover if failover is actually configured and enabled. */
if (!(isset($this->_config->database->failover) && $this->_config->database->failover->enabled)) {
return false;
}
/* If no database configuration is stored, there probably aren't any
* suitable database servers to connect to. */
if (!file_exists($this->_config->database->failover->file)) {
return false;
}
$this->_logger->info('Previously chosen database server not longer appears to be online. Attempting to fail ' . 'over to another database server.');
/* If the error type is a database error, we may be able to fail-over
* the connection to another database server. */
if (Sahara_Database::performFailover()) {
$this->_logger->warn('Database error occurred, was able to fail over to another database server.');
return true;
}
}
public function __construct($data = array())
{
/* Instead of using Zend_Db to interface we are using PDO directory.
* This is part of a plan to migrate away from the Zend framework
* eventually. */
$this->_db = Sahara_Database::getDatabase()->getConnection();
/* The record data maybe supplied from things like relation loads. */
$this->_data = $data;
foreach ($this->_data as $col => $val) {
$this->_data[$col] = self::_convertFromSQL($val);
}
/* We are persistant if we have a primary key. */
$this->_isPersistant = array_key_exists($this->_idColumn, $this->_data);
}
