Delete a metadata entry.
| public deleteMetadata ( string $entityId, string $set ) | ||
| $entityId | string | The entityId of the metadata entry. |
| $set | string | The metadata set this metadata entry belongs to. |
/**
* Save metadata for loading with the 'serialize' metadata loader.
*
* @param string $outputDir The directory we should save the metadata to.
*/
public function writeMetadataSerialize($outputDir)
{
assert('is_string($outputDir)');
$metaHandler = new SimpleSAML_Metadata_MetaDataStorageHandlerSerialize(array('directory' => $outputDir));
/* First we add all the metadata entries to the metadata handler. */
foreach ($this->metadata as $set => $elements) {
foreach ($elements as $m) {
$entityId = $m['metadata']['entityid'];
SimpleSAML_Logger::debug('metarefresh: Add metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.');
$metaHandler->saveMetadata($entityId, $set, $m['metadata']);
}
}
/* Then we delete old entries which should no longer exist. */
$ct = time();
foreach ($metaHandler->getMetadataSets() as $set) {
foreach ($metaHandler->getMetadataSet($set) as $entityId => $metadata) {
if (!array_key_exists('expire', $metadata)) {
SimpleSAML_Logger::warning('metarefresh: Metadata entry without expire timestamp: ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '.');
continue;
}
if ($metadata['expire'] > $ct) {
continue;
}
SimpleSAML_Logger::debug('metarefresh: ' . $entityId . ' expired ' . date('l jS \\of F Y h:i:s A', $metadata['expire']));
SimpleSAML_Logger::debug('metarefresh: Delete expired metadata entry ' . var_export($entityId, TRUE) . ' in set ' . var_export($set, TRUE) . '. (' . ($ct - $metadata['expire']) . ' sec)');
$metaHandler->deleteMetadata($entityId, $set);
}
}
}
$xmldata = $_REQUEST['xmlmetadata'];
SimpleSAML_Utilities::validateXMLDocument($xmldata, 'saml-meta');
$entities = SimpleSAML_Metadata_SAMLParser::parseDescriptorsString($xmldata);
$entity = array_pop($entities);
$metadata = $entity->getMetadata20SP();
} else {
$metadata = array('owner' => $userid);
}
$editor = new sspmod_metaedit_MetaEditor();
if (isset($_POST['submit'])) {
$editor->checkForm($_POST);
$metadata = $editor->formToMeta($_POST, array(), array('owner' => $userid));
if (isset($_REQUEST['was-entityid']) && $_REQUEST['was-entityid'] !== $metadata['entityid']) {
$premetadata = $mdh->getMetadata($_REQUEST['was-entityid'], 'saml20-sp-remote');
requireOwnership($premetadata, $userid);
$mdh->deleteMetadata($_REQUEST['was-entityid'], 'saml20-sp-remote');
}
$testmetadata = NULL;
try {
$testmetadata = $mdh->getMetadata($metadata['entityid'], 'saml20-sp-remote');
} catch (Exception $e) {
}
if ($testmetadata) {
requireOwnership($testmetadata, $userid);
}
$mdh->saveMetadata($metadata['entityid'], 'saml20-sp-remote', $metadata);
$template = new SimpleSAML_XHTML_Template($config, 'metaedit:saved.php');
$template->show();
exit;
}
$form = $editor->metaToForm($metadata);
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
function requireOwnership($metadata, $userid)
{
if (!isset($metadata['owner'])) {
throw new Exception('Metadata has no owner. Which means no one is granted access, not even you.');
}
if ($metadata['owner'] !== $userid) {
throw new Exception('Metadata has an owner that is not equal to your userid, hence you are not granted access.');
}
}
if (isset($_REQUEST['delete'])) {
$premetadata = $mdh->getMetadata($_REQUEST['delete'], 'saml20-sp-remote');
requireOwnership($premetadata, $userid);
$mdh->deleteMetadata($_REQUEST['delete'], 'saml20-sp-remote');
}
$list = $mdh->getMetadataSet('saml20-sp-remote');
$slist = array('mine' => array(), 'others' => array());
foreach ($list as $listitem) {
if (array_key_exists('owner', $listitem)) {
if ($listitem['owner'] === $userid) {
$slist['mine'][] = $listitem;
continue;
}
}
$slist['others'][] = $listitem;
}
$template = new SimpleSAML_XHTML_Template($config, 'metaedit:metalist.php');
$template->data['metadata'] = $slist;
$template->data['userid'] = $userid;
