public function execute() { $email = @$_GET['email']; $screenName = @$_GET['screen_name']; $partner_id = $this->getP('partner_id', null); if ($partner_id === null) { header("Location: /index.php/kmc/varlogin"); die; } sfView::SUCCESS; $this->me = PartnerPeer::retrieveByPK($this->getP('partner_id', null)); if (!$this->me || $this->me->getPartnerGroupType() != PartnerGroupType::VAR_GROUP) { die('You are not an wuthorized VAR. If you are a VAR, Please contact us at support@kaltura.com'); } $ks = kSessionUtils::crackKs($this->getP('ks')); $user = $ks->user; $res = kSessionUtils::validateKSession2(kSessionUtils::REQUIED_TICKET_ADMIN, $partner_id, $user, $this->getP('ks'), $ks); if ($res != ks::OK) { header("Location: /index.php/kmc/varlogin"); die; } $c = new Criteria(); $c->addAnd(PartnerPeer::PARTNER_PARENT_ID, $this->me->getId()); // add extra filtering if required //$c->addAnd(PartnerPeer::STATUS, 1); $partners = PartnerPeer::doSelect($c); $this->partners = array(); $partner_id_param_name = 'pid'; $subpid_param_name = 'subpid'; if ($this->me->getKmcVersion() == 1) { $partner_id_param_name = 'partner_id'; $subpid_param_name = 'subp_id'; } $kmc2Query = '?' . $partner_id_param_name . '=' . $this->me->getId() . '&' . $subpid_param_name . '=' . $this->me->getId() * 100 . '&ks=' . $_GET['ks'] . '&email=' . $email . '&screen_name=' . $screenName; $this->varKmcUrl = 'http://' . kConf::get('www_host') . '/index.php/kmc/kmc' . $this->me->getKmcVersion() . $kmc2Query; foreach ($partners as $partner) { $ks = null; kSessionUtils::createKSessionNoValidations($partner->getId(), $partner->getAdminUserId(), $ks, 30 * 86400, 2, "", "*"); $adminUser_email = $partner->getAdminEmail(); $partner_id_param_name = 'pid'; $subpid_param_name = 'subpid'; if ($partner->getKmcVersion() == 1) { $partner_id_param_name = 'partner_id'; $subpid_param_name = 'subp_id'; } $kmc2Query = '?' . $partner_id_param_name . '=' . $partner->getId() . '&' . $subpid_param_name . '=' . $partner->getId() * 100 . '&ks=' . $ks . '&email=' . $adminUser_email . '&screen_name=varAdmin'; //$kmcLink = url_for('index.php/kmc/kmc2'.$kmc2Query); // $kmcLink = 'http://'.kConf::get('www_host').'/index.php/kmc/kmc'.$partner->getKmcVersion().$kmc2Query; $kmcLink = 'http://' . kConf::get('www_host') . "/index.php/kmc/extlogin?ks={$ks}&partner_id=" . $partner->getId(); $this->partners[$partner->getId()] = array('name' => $partner->getPartnerName(), 'kmcLink' => $kmcLink); } }
public function execute() { $this->ks = $this->getP("ks"); $this->partner_id = $this->getP("partner_id"); if (!$this->ks) { $ks = null; $this->partner_id = 0; kSessionUtils::createKSessionNoValidations($this->partner_id, 0, $ks, 8640000, true, "", ""); $this->ks = $ks; } $this->subp_id = $this->getP("subp_id"); $this->uid = $this->getP("uid"); $this->screen_name = $this->getP("screen_name"); $this->email = $this->getP("email"); $this->beta = $this->getRequestParameter("beta"); sfView::SUCCESS; }
public function executeImpl($partner_id, $subp_id, $puser_id, $partner_prefix, $puser_kuser) { // make sure the secret fits the one in the partner's table $ks_str = ""; $expiry = $this->getP("expiry", 86400); $widget_id = $this->getPM("widget_id"); $widget = widgetPeer::retrieveByPK($widget_id); if (!$widget) { $this->addError(APIErrors::INVALID_WIDGET_ID, $widget_id); return; } $partner_id = $widget->getPartnerId(); $partner = PartnerPeer::retrieveByPK($partner_id); // TODO - see how to decide if the partner has a URL to redirect to // according to the partner's policy and the widget's policy - define the privileges of the ks // TODO - decide !! - for now only view - any kshow $privileges = "view:*,widget:1"; if ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS) { if (!$this->ks) { // the one from the defPartnerservices2Action $this->addException(APIErrors::MISSING_KS); } $ks_str = $this->getP("ks"); $widget_partner_id = $widget->getPartnerId(); $res = kSessionUtils::validateKSession2(1, $widget_partner_id, $puser_id, $ks_str, $this->ks); if (0 >= $res) { // chaned this to be an exception rather than an error $this->addException(APIErrors::INVALID_KS, $ks_str, $res, ks::getErrorStr($res)); } } else { // the session will be for NON admins and privileges of view only $puser_id = 0; $result = kSessionUtils::createKSessionNoValidations($partner_id, $puser_id, $ks_str, $expiry, false, "", $privileges); } if ($result >= 0) { $this->addMsg("ks", $ks_str); $this->addMsg("partner_id", $partner_id); $this->addMsg("subp_id", $widget->getSubpId()); $this->addMsg("uid", "0"); } else { // TODO - see that there is a good error for when the invalid login count exceed s the max $this->addError(APIErrors::START_WIDGET_SESSION_ERROR, $widget_id); } }
/** * Will forward to the regular swf player according to the widget_id */ public function execute() { $uv_cookie = @$_COOKIE['uv']; if (strlen($uv_cookie) != 35) { $uv_cookie = "uv_" . md5(uniqid(rand(), true)); } setrawcookie('uv', $uv_cookie, time() + 3600 * 24 * 365, '/'); // check if this is a request for the kdp without a wrapper // in case of an application loading the kdp (e.g. kmc) $nowrapper = $this->getRequestParameter("nowrapper", false); // allow caching if either the cache start time (cache_st) parameter // wasn't specified or if it is past the specified time $cache_st = $this->getRequestParameter("cache_st"); $allowCache = !$cache_st || $cache_st < time(); $referer = @$_SERVER['HTTP_REFERER']; $externalInterfaceDisabled = strstr($referer, "bebo.com") === false && strstr($referer, "myspace.com") === false && strstr($referer, "current.com") === false && strstr($referer, "myyearbook.com") === false && strstr($referer, "facebook.com") === false && strstr($referer, "friendster.com") === false ? "" : "&externalInterfaceDisabled=1"; // if there is no wrapper the loader is responsible for setting extra params to the kdp $noncached_params = ""; if (!$nowrapper) { $noncached_params = $externalInterfaceDisabled . "&referer=" . urlencode($referer); } $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? "https" : "http"; $requestKey = $protocol . $_SERVER["REQUEST_URI"]; // check if we cached the redirect url $cache = new myCache("kwidget", 10 * 60); // 10 minutes $cachedResponse = $cache->get($requestKey); if ($allowCache && $cachedResponse) { header("X-Kaltura:cached-action"); header("Expires: Sun, 19 Nov 2000 08:52:00 GMT"); header("Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0"); header("Pragma: no-cache"); header("Location:{$cachedResponse}" . $noncached_params); die; } // check if we cached the patched swf with flashvars $cache_swfdata = new myCache("kwidgetswf", 10 * 60); // 10 minutes $cachedResponse = $cache_swfdata->get($requestKey); if ($allowCache && $cachedResponse) { header("X-Kaltura:cached-action"); requestUtils::sendCdnHeaders("swf", strlen($cachedResponse), 60 * 10); echo $cachedResponse; die; } $widget_id = $this->getRequestParameter("wid"); $show_version = $this->getRequestParameter("v"); $debug_kdp = $this->getRequestParameter("debug_kdp", false); $widget = widgetPeer::retrieveByPK($widget_id); if (!$widget) { die; } // because of the routing rule - the entry_id & kmedia_type WILL exist. be sure to ignore them if smaller than 0 $kshow_id = $widget->getKshowId(); $entry_id = $widget->getEntryId(); $gallery_widget = !$kshow_id && !$entry_id; if (!$entry_id) { $entry_id = -1; } if ($widget->getSecurityType() != widget::WIDGET_SECURITY_TYPE_TIMEHASH) { // try eid - if failed entry_id $eid = $this->getRequestParameter("eid", $this->getRequestParameter("entry_id")); // try kid - if failed kshow_id $kid = $this->getRequestParameter("kid", $this->getRequestParameter("kshow_id")); if ($eid != null) { $entry_id = $eid; } elseif ($kid != null) { $kshow_id = $kid; } } if ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_MATCH_IP) { $allowCache = false; // here we'll attemp to match the ip of the request with that from the customData of the widget $custom_data = $widget->getCustomData(); $valid_country = false; if ($custom_data) { // in this case the custom_data should be of format: // valid_county_1,valid_country_2,...,valid_country_n;falback_entry_id $arr = explode(";", $custom_data); $countries_str = $arr[0]; $fallback_entry_id = isset($arr[1]) ? $arr[1] : null; $fallback_kshow_id = isset($arr[2]) ? $arr[2] : null; $current_country = ""; $valid_country = requestUtils::matchIpCountry($countries_str, $current_country); if (!$valid_country) { KalturaLog::log("kwidgetAction: Attempting to access widget [{$widget_id}] and entry [{$entry_id}] from country [{$current_country}]. Retrning entry_id: [{$fallback_entry_id}] kshow_id [{$fallback_kshow_id}]"); $entry_id = $fallback_entry_id; $kshow_id = $fallback_kshow_id; } } } elseif ($widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS) { } $kmedia_type = -1; // support either uiconf_id or ui_conf_id $uiconf_id = $this->getRequestParameter("uiconf_id"); if (!$uiconf_id) { $uiconf_id = $this->getRequestParameter("ui_conf_id"); } if ($uiconf_id) { $widget_type = $uiconf_id; $uiconf_id_str = "&uiconf_id={$uiconf_id}"; } else { $widget_type = $widget->getUiConfId(); $uiconf_id_str = ""; } if (empty($widget_type)) { $widget_type = 3; } $kdata = $widget->getCustomData(); $partner_host = myPartnerUtils::getHost($widget->getPartnerId()); $partner_cdnHost = myPartnerUtils::getCdnHost($widget->getPartnerId()); $host = $partner_host; if ($widget_type == 10) { $swf_url = $host . "/swf/weplay.swf"; } else { $swf_url = $host . "/swf/kplayer.swf"; } $partner_id = $widget->getPartnerId(); $subp_id = $widget->getSubpId(); if (!$subp_id) { $subp_id = 0; } $uiConf = uiConfPeer::retrieveByPK($widget_type); // new ui_confs which are deleted should stop the script // the check for >100000 is for supporting very old mediawiki and such players if (!$uiConf && $widget_type > 100000) { die; } if ($uiConf) { $ui_conf_swf_url = $uiConf->getSwfUrl(); if (kString::beginsWith($ui_conf_swf_url, "http")) { $swf_url = $ui_conf_swf_url; // absolute URL } else { $use_cdn = $uiConf->getUseCdn(); $host = $use_cdn ? $partner_cdnHost : $partner_host; $swf_url = $host . myPartnerUtils::getUrlForPartner($partner_id, $subp_id) . $ui_conf_swf_url; } if ($debug_kdp) { $swf_url = str_replace("/kdp/", "/kdp_debug/", $swf_url); } } if ($show_version < 0) { $show_version = null; } $ip = requestUtils::getRemoteAddress(); // to convert back, use long2ip // the widget log should change to reflect the new data, but for now - i used $widget_id instead of the widgget_type // WidgetLog::createWidgetLog( $referer , $ip , $kshow_id , $entry_id , $kmedia_type , $widget_id ); if ($entry_id == -1) { $entry_id = null; } $kdp3 = false; $base_wrapper_swf = myContentStorage::getFSFlashRootPath() . "/kdpwrapper/" . kConf::get('kdp_wrapper_version') . "/kdpwrapper.swf"; $widgetIdStr = "widget_id={$widget_id}"; $partnerIdStr = "partner_id={$partner_id}&subp_id={$subp_id}"; if ($uiConf) { $ks_flashvars = ""; $conf_vars = $uiConf->getConfVars(); if ($conf_vars) { $conf_vars = "&" . $conf_vars; } $wrapper_swf = $base_wrapper_swf; $partner = PartnerPeer::retrieveByPK($partner_id); if ($partner) { $partner_type = $partner->getType(); } if (version_compare($uiConf->getSwfUrlVersion(), "3.0", ">=")) { $kdp3 = true; // further in the code, $wrapper_swf is being used and not $base_wrapper_swf $wrapper_swf = $base_wrapper_swf = myContentStorage::getFSFlashRootPath() . '/kdp3wrapper/' . kConf::get('kdp3_wrapper_version') . '/kdp3wrapper.swf'; $widgetIdStr = "widgetId={$widget_id}"; $uiconf_id_str = "&uiConfId={$uiconf_id}"; $partnerIdStr = "partnerId={$partner_id}&subpId={$subp_id}"; } // if we are loaded without a wrapper (directly in flex) // 1. dont create the ks - keep url the same for caching // 2. dont patch the uiconf - patching is done only to wrapper anyway if ($nowrapper) { $dynamic_date = $widgetIdStr . "&host=" . str_replace("http://", "", str_replace("https://", "", $partner_host)) . "&cdnHost=" . str_replace("http://", "", str_replace("https://", "", $partner_cdnHost)) . $uiconf_id_str . $conf_vars; $url = "{$swf_url}?{$dynamic_date}"; } else { // if kdp version >= 2.5 if (version_compare($uiConf->getSwfUrlVersion(), "2.5", ">=")) { // create an anonymous session $ks = ""; $result = kSessionUtils::createKSessionNoValidations($partner_id, 0, $ks, 86400, false, "", "view:*"); $ks_flashvars = "&{$partnerIdStr}&uid=0&ts=" . microtime(true); if ($widget->getSecurityType() != widget::WIDGET_SECURITY_TYPE_FORCE_KS) { $ks_flashvars = "&ks={$ks}" . $ks_flashvars; } // patch kdpwrapper with getwidget and getuiconf $root = myContentStorage::getFSContentRootPath(); $confFile_mtime = $uiConf->getUpdatedAt(null); $new_swf_path = "widget_{$widget_id}_{$widget_type}_{$confFile_mtime}_" . md5($base_wrapper_swf . $swf_url) . ".swf"; $md5 = md5($new_swf_path); $new_swf_path = "content/cacheswf/" . substr($md5, 0, 2) . "/" . substr($md5, 2, 2) . "/" . $new_swf_path; $cached_swf = "{$root}/{$new_swf_path}"; if (!file_exists($cached_swf) || filemtime($cached_swf) < $confFile_mtime) { kFile::fullMkdir($cached_swf); require_once SF_ROOT_DIR . DIRECTORY_SEPARATOR . ".." . DIRECTORY_SEPARATOR . "api_v3" . DIRECTORY_SEPARATOR . "bootstrap.php"; $dispatcher = KalturaDispatcher::getInstance(); try { $widget_result = $dispatcher->dispatch("widget", "get", array("ks" => $ks, "id" => $widget_id)); $ui_conf_result = $dispatcher->dispatch("uiConf", "get", array("ks" => $ks, "id" => $widget_type)); } catch (Exception $ex) { die; } $serializer = new KalturaXmlSerializer(false); $serializer->serialize($widget_result); $widget_xml = $serializer->getSerializedData(); $serializer = new KalturaXmlSerializer(false); $serializer->serialize($ui_conf_result); $ui_conf_xml = $serializer->getSerializedData(); $patcher = new kPatchSwf($root . $base_wrapper_swf); $result = "<xml><result>{$widget_xml}</result><result>{$ui_conf_xml}</result></xml>"; $patcher->patch($result, $cached_swf); } if (file_exists($cached_swf)) { $wrapper_swf = $new_swf_path; } } $kdp_version_2 = strpos($swf_url, "kdp/v2.") > 0; if ($partner_host == "http://www.kaltura.com" && !$kdp_version_2 && !$kdp3) { $partner_host = 1; // otherwise the kdp will try going to cdnwww.kaltura.com } $track_wrapper = ''; if (kConf::get('track_kdpwrapper') && kConf::get('kdpwrapper_track_url')) { $track_wrapper = "&wrapper_tracker_url=" . urlencode(kConf::get('kdpwrapper_track_url') . "?activation_key=" . kConf::get('kaltura_activation_key') . "&package_version=" . kConf::get('kaltura_version')); } $dynamic_date = $widgetIdStr . $track_wrapper . "&kdpUrl=" . urlencode($swf_url) . "&host=" . str_replace("http://", "", str_replace("https://", "", $partner_host)) . "&cdnHost=" . str_replace("http://", "", str_replace("https://", "", $partner_cdnHost)) . ($show_version ? "&entryVersion={$show_version}" : "") . ($kshow_id ? "&kshowId={$kshow_id}" : "") . ($entry_id ? "&entryId={$entry_id}" : "") . $uiconf_id_str . $ks_flashvars . ($cache_st ? "&clientTag=cache_st:{$cache_st}" : "") . $conf_vars; // for now changed back to $host since kdp version prior to 1.0.15 didnt support loading by external domain kdpwrapper $url = $host . myPartnerUtils::getUrlForPartner($partner_id, $subp_id) . "/{$wrapper_swf}?{$dynamic_date}"; // patch wrapper with flashvars and dump to browser if (version_compare($uiConf->getSwfUrlVersion(), "2.6.6", ">=")) { $patcher = new kPatchSwf($root . $wrapper_swf, "KALTURA_FLASHVARS_DATA"); ob_start(); $patcher->patch($dynamic_date . "&referer=" . urlencode($referer)); $wrapper_data = ob_get_contents(); ob_end_clean(); requestUtils::sendCdnHeaders("swf", strlen($wrapper_data), $allowCache ? 60 * 10 : 0); echo $wrapper_data; if ($allowCache) { $cache_swfdata->put($requestKey, $wrapper_data); } die; } } } else { $dynamic_date = "kshowId={$kshow_id}" . "&host=" . requestUtils::getRequestHostId() . ($show_version ? "&entryVersion={$show_version}" : "") . ($entry_id ? "&entryId={$entry_id}" : "") . ($entry_id ? "&KmediaType={$kmedia_type}" : ""); $dynamic_date .= "&isWidget={$widget_type}&referer=" . urlencode($referer); $dynamic_date .= "&kdata={$kdata}"; $url = "{$swf_url}?{$dynamic_date}"; } // if referer has a query string an IE bug will prevent out flashvars to propagate // when nowrapper is true we cant use /swfparams either as there isnt a kdpwrapper if (!$nowrapper && $uiConf && version_compare($uiConf->getSwfUrlVersion(), "2.6.6", ">=")) { // apart from the /swfparam/ format, add .swf suffix to the end of the stream in case // a corporate firewall looks at the file suffix $pos = strpos($url, "?"); $url = substr($url, 0, $pos) . "/swfparams/" . urlencode(substr($url, $pos + 1)) . ".swf"; } if ($allowCache) { $cache->put($requestKey, $url); } if (strpos($url, "/swfparams/") > 0) { $url = substr($url, 0, -4) . urlencode($noncached_params) . ".swf"; } else { $url .= $noncached_params; } $this->redirect($url); }
/** * Retrieve partner secret and admin secret * * @action getSecrets * @param int $partnerId * @param string $adminEmail * @param string $cmsPassword * @return KalturaPartner * * * @throws APIErrors::ADMIN_KUSER_NOT_FOUND */ public function getSecretsAction($partnerId, $adminEmail, $cmsPassword) { KalturaResponseCacher::disableCache(); $adminKuser = null; try { $adminKuser = UserLoginDataPeer::userLoginByEmail($adminEmail, $cmsPassword, $partnerId); } catch (kUserException $e) { throw new KalturaAPIException(APIErrors::ADMIN_KUSER_NOT_FOUND, "The data you entered is invalid"); } if (!$adminKuser || !$adminKuser->getIsAdmin()) { throw new KalturaAPIException(APIErrors::ADMIN_KUSER_NOT_FOUND, "The data you entered is invalid"); } KalturaLog::log("Admin Kuser found, going to validate password", KalturaLog::INFO); // user logged in - need to re-init kPermissionManager in order to determine current user's permissions $ks = null; kSessionUtils::createKSessionNoValidations($partnerId, $adminKuser->getPuserId(), $ks, 86400, $adminKuser->getIsAdmin(), "", '*'); kCurrentContext::initKsPartnerUser($ks); kPermissionManager::init(); $dbPartner = PartnerPeer::retrieveByPK($partnerId); $partner = new KalturaPartner(); $partner->fromPartner($dbPartner); $partner->cmsPassword = $cmsPassword; return $partner; }
/** * Start a session for Kaltura's flash widgets * * @action startWidgetSession * @param string $widgetId * @param int $expiry * * @throws APIErrors::INVALID_WIDGET_ID * @throws APIErrors::MISSING_KS * @throws APIErrors::INVALID_KS * @throws APIErrors::START_WIDGET_SESSION_ERROR * @return KalturaStartWidgetSessionResponse */ function startWidgetSession($widgetId, $expiry = 86400) { // make sure the secret fits the one in the partner's table $ksStr = ""; $widget = widgetPeer::retrieveByPK($widgetId); if (!$widget) { throw new KalturaAPIException(APIErrors::INVALID_WIDGET_ID, $widgetId); } $partnerId = $widget->getPartnerId(); //$partner = PartnerPeer::retrieveByPK( $partner_id ); // TODO - see how to decide if the partner has a URL to redirect to // according to the partner's policy and the widget's policy - define the privileges of the ks // TODO - decide !! - for now only view - any kshow $privileges = "view:*,widget:1"; if (PermissionPeer::isValidForPartner(PermissionName::FEATURE_ENTITLEMENT, $partnerId) && !$widget->getEnforceEntitlement() && $widget->getEntryId()) { $privileges .= ',' . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT_FOR_ENTRY . ':' . $widget->getEntryId(); } if (PermissionPeer::isValidForPartner(PermissionName::FEATURE_ENTITLEMENT, $partnerId) && !is_null($widget->getPrivacyContext()) && $widget->getPrivacyContext() != '') { $privileges .= ',' . kSessionBase::PRIVILEGE_PRIVACY_CONTEXT . ':' . $widget->getPrivacyContext(); } $userId = 0; /*if ( $widget->getSecurityType() == widget::WIDGET_SECURITY_TYPE_FORCE_KS ) { $user = $this->getKuser(); if ( ! $this->getKS() )// the one from the base class throw new KalturaAPIException ( APIErrors::MISSING_KS ); $widget_partner_id = $widget->getPartnerId(); $res = kSessionUtils::validateKSession2 ( 1 ,$widget_partner_id , $user->getId() , $ks_str , $this->ks ); if ( 0 >= $res ) { // chaned this to be an exception rather than an error throw new KalturaAPIException ( APIErrors::INVALID_KS , $ks_str , $res , ks::getErrorStr( $res )); } } else {*/ // the session will be for NON admins and privileges of view only $result = kSessionUtils::createKSessionNoValidations($partnerId, $userId, $ksStr, $expiry, false, "", $privileges); //} if ($result >= 0) { $response = new KalturaStartWidgetSessionResponse(); $response->partnerId = $partnerId; $response->ks = $ksStr; $response->userId = $userId; return $response; } else { // TODO - see that there is a good error for when the invalid login count exceed s the max throw new KalturaAPIException(APIErrors::START_WIDGET_SESSION_ERROR, $widgetId); } }
/** * @action getAdminSession * @param int $partnerId * @param string $userId * @return string */ public function getAdminSessionAction($partnerId, $userId = null) { $dbPartner = PartnerPeer::retrieveByPK($partnerId); if (!$dbPartner) { throw new KalturaAPIException(KalturaErrors::UNKNOWN_PARTNER_ID, $partnerId); } if (!$userId) { $userId = $dbPartner->getAdminUserId(); } $kuser = kuserPeer::getKuserByPartnerAndUid($partnerId, $userId); if (!$kuser) { throw new KalturaAPIException(KalturaErrors::INVALID_USER_ID, $userId); } if (!$kuser->getIsAdmin()) { throw new KalturaAPIException(KalturaErrors::USER_NOT_ADMIN, $userId); } $ks = ""; kSessionUtils::createKSessionNoValidations($dbPartner->getId(), $userId, $ks, 86400, 2, "", "*"); return $ks; }
/** * Get a session using user email and password * * @param string $puserId * @param string $loginEmail * @param string $password * @param int $partnerId * @param int $expiry * @param string $privileges * * @return string KS * * @throws KalturaErrors::USER_NOT_FOUND * @thrown KalturaErrors::LOGIN_RETRIES_EXCEEDED * @thrown KalturaErrors::LOGIN_BLOCKED * @thrown KalturaErrors::PASSWORD_EXPIRED * @thrown KalturaErrors::INVALID_PARTNER_ID * @thrown KalturaErrors::INTERNAL_SERVERL_ERROR * @throws KalturaErrors::USER_IS_BLOCKED */ protected function loginImpl($puserId, $loginEmail, $password, $partnerId = null, $expiry = 86400, $privileges = '*') { KalturaResponseCacher::disableCache(); myPartnerUtils::resetPartnerFilter('kuser'); kuserPeer::setUseCriteriaFilter(true); // if a KS of a specific partner is used, don't allow logging in to a different partner if ($this->getPartnerId() && $partnerId && $this->getPartnerId() != $partnerId) { throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $partnerId); } if ($loginEmail && !$partnerId) { $this->validateApiAccessControlByEmail($loginEmail); } try { if ($loginEmail) { $user = UserLoginDataPeer::userLoginByEmail($loginEmail, $password, $partnerId); } else { $user = kuserPeer::userLogin($puserId, $password, $partnerId); } } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND); } if ($code == kUserException::USER_NOT_FOUND) { throw new KalturaAPIException(KalturaErrors::USER_NOT_FOUND); } else { if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) { throw new KalturaAPIException(KalturaErrors::LOGIN_RETRIES_EXCEEDED); } else { if ($code == kUserException::LOGIN_BLOCKED) { throw new KalturaAPIException(KalturaErrors::LOGIN_BLOCKED); } else { if ($code == kUserException::PASSWORD_EXPIRED) { throw new KalturaAPIException(KalturaErrors::PASSWORD_EXPIRED); } else { if ($code == kUserException::WRONG_PASSWORD) { throw new KalturaAPIException(KalturaErrors::USER_WRONG_PASSWORD); } else { if ($code == kUserException::USER_IS_BLOCKED) { throw new KalturaAPIException(KalturaErrors::USER_IS_BLOCKED); } } } } } } throw new $e(); } if (!$user) { throw new KalturaAPIException(KalturaErrors::LOGIN_DATA_NOT_FOUND); } if ($partnerId && $user->getPartnerId() != $partnerId || $this->getPartnerId() && !$partnerId && $user->getPartnerId() != $this->getPartnerId()) { throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $partnerId); } $partner = PartnerPeer::retrieveByPK($user->getPartnerId()); if (!$partner || $partner->getStatus() == Partner::PARTNER_STATUS_FULL_BLOCK) { throw new KalturaAPIException(KalturaErrors::INVALID_PARTNER_ID, $user->getPartnerId()); } $ks = null; $admin = $user->getIsAdmin() ? KalturaSessionType::ADMIN : KalturaSessionType::USER; // create a ks for this admin_kuser as if entered the admin_secret using the API kSessionUtils::createKSessionNoValidations($partner->getId(), $user->getPuserId(), $ks, $expiry, $admin, "", $privileges); return $ks; }
public function execute() { $ks = $this->getP("ks"); if (!$ks) { $this->dieOnError(APIErrors::MISSING_KS); } $requestedPartnerId = $this->getP("partner_id"); $expired = $this->getP("exp"); $ksObj = kSessionUtils::crackKs($ks); $ksPartnerId = $ksObj->partner_id; if (!$requestedPartnerId) { $requestedPartnerId = $ksPartnerId; } try { $adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true); } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::USER_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) { $this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED); } else { if ($code == kUserException::LOGIN_BLOCKED) { $this->dieOnError(APIErrors::LOGIN_BLOCKED); } else { if ($code == kUserException::PASSWORD_EXPIRED) { $this->dieOnError(APIErrors::PASSWORD_EXPIRED); } else { if ($code == kUserException::WRONG_PASSWORD) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::USER_IS_BLOCKED) { $this->dieOnError(APIErrors::USER_IS_BLOCKED); } } } } } } $this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR); } if (!$adminKuser || !$adminKuser->getIsAdmin()) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($requestedPartnerId != $adminKuser->getPartnerId()) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } $partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId()); if (!$partner) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } if (!$partner->validateApiAccessControl()) { $this->dieOnError(APIErrors::SERVICE_ACCESS_CONTROL_RESTRICTED); } $partner_id = $partner->getId(); $subp_id = $partner->getSubpId(); $admin_puser_id = $adminKuser->getPuserId(); $exp = isset($expired) && is_numeric($expired) ? time() + $expired : 0; $noUserInKs = is_null($ksObj->user) || $ksObj->user === ''; if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) { $ks = null; $sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER; kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*," . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT); } $path = "/"; $domain = null; $force_ssl = PermissionPeer::isValidForPartner(PermissionName::FEATURE_KMC_ENFORCE_HTTPS, $partner_id); $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' && $force_ssl ? true : false; $http_only = true; $this->getResponse()->setCookie("pid", $partner_id, $exp, $path, $domain, $secure, $http_only); $this->getResponse()->setCookie("subpid", $subp_id, $exp, $path, $domain, $secure, $http_only); $this->getResponse()->setCookie("kmcks", $ks, $exp, $path, $domain, $secure, $http_only); $redirect_url = $force_ssl ? 'https' : 'http'; $redirect_url .= '://' . $_SERVER["HTTP_HOST"] . '/index.php/kmc/kmc2'; $this->redirect($redirect_url); }
public function executeImpl($partner_id, $subp_id, $puser_id, $partner_prefix, $puser_kuser) { defPartnerservices2baseAction::disableCache(); kuserPeer::setUseCriteriaFilter(false); $email = trim($this->getPM("email")); $password = trim($this->getPM("password")); $loginData = UserLoginDataPeer::getByEmail($email); // be sure to return the same error if there are no admins in the list and when there are none matched - // so no hint about existing admin will leak if (!$loginData) { $this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND); return; } try { $adminKuser = UserLoginDataPeer::userLoginByEmail($email, $password, $partner_id); } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::USER_NOT_FOUND) { $this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND); return null; } if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { $this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND); return null; } else { if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) { $this->addError(APIErrors::LOGIN_RETRIES_EXCEEDED); return null; } else { if ($code == kUserException::LOGIN_BLOCKED) { $this->addError(APIErrors::LOGIN_BLOCKED); return null; } else { if ($code == kUserException::PASSWORD_EXPIRED) { $this->addError(APIErrors::PASSWORD_EXPIRED); return null; } else { if ($code == kUserException::WRONG_PASSWORD) { $this->addError(APIErrors::USER_WRONG_PASSWORD); return null; } else { if ($code == kUserException::USER_IS_BLOCKED) { $this->addError(APIErrors::USER_IS_BLOCKED); return null; } else { $this->addError(APIErrors::INTERNAL_SERVERL_ERROR); return null; } } } } } } } if (!$adminKuser || !$adminKuser->getIsAdmin()) { $this->addError(APIErrors::ADMIN_KUSER_NOT_FOUND); return null; } if ($partner_id && $partner_id != $adminKuser->getPartnerId()) { $this->addError(APIErrors::UNKNOWN_PARTNER_ID); return; } $partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId()); if (!$partner) { $this->addError(APIErrors::UNKNOWN_PARTNER_ID); return; } $partner_id = $partner->getId(); $subp_id = $partner->getSubpId(); $admin_puser_id = $adminKuser->getPuserId(); // get the puser_kuser for this admin if exists, if not - creae it and return it - create a kuser too $puser_kuser = PuserKuserPeer::createPuserKuser($partner_id, $subp_id, $admin_puser_id, $adminKuser->getScreenName(), $adminKuser->getScreenName(), true); $uid = $puser_kuser->getPuserId(); $ks = null; // create a ks for this admin_kuser as if entered the admin_secret using the API // ALLOW A KS FOR 30 DAYS kSessionUtils::createKSessionNoValidations($partner_id, $uid, $ks, 30 * 86400, 2, "", "*"); $this->addMsg("partner_id", $partner_id); $this->addMsg("subp_id", $subp_id); $this->addMsg("uid", $uid); $this->addMsg("ks", $ks); $this->addMsg("screenName", $adminKuser->getFullName()); $this->addMsg("fullName", $adminKuser->getFullName()); $this->addMsg("email", $adminKuser->getEmail()); }
$threeMonthsAgo = $now - 60 * 60 * 24 * 30 * 3; $ks = null; $distributionProfiles = DistributionProfilePeer::doSelect($criteria); while ($distributionProfiles) { $lastId = 0; foreach ($distributionProfiles as $distributionProfile) { /* @var $distributionProfile YoutubeApiDistributionProfile */ $lastId = $distributionProfile->getId(); $currentPartnerId = $distributionProfile->getPartnerId(); $url = $distributionProfile->getApiAuthorizeUrl(); $authenticated = 'No'; if (is_null($url)) { $authenticated = 'Yes'; $url = ''; } else { kSessionUtils::createKSessionNoValidations($currentPartnerId, null, $ks, 2592000, SessionType::ADMIN); $url .= "?ks={$ks}"; } $lastDistributionDate = 'Never'; $lastDistributionDaysAgo = 'Never'; $entryDistributionCriteria = new Criteria(); $entryDistributionCriteria->add(EntryDistributionPeer::PARTNER_ID, $currentPartnerId); $entryDistributionCriteria->add(EntryDistributionPeer::STATUS, EntryDistributionStatus::READY); $entryDistributionCriteria->add(EntryDistributionPeer::DISTRIBUTION_PROFILE_ID, $lastId); $entryDistributionCriteria->addDescendingOrderByColumn(EntryDistributionPeer::CREATED_AT); $entryDistribution = EntryDistributionPeer::doSelectOne($entryDistributionCriteria); if ($entryDistribution) { $lastDistributionDate = $entryDistribution->getCreatedAt(); $lastDistributionDaysAgo = floor(($now - $entryDistribution->getCreatedAt(null)) / 86400); } // if(!$partnerId)
public function execute() { $ks = $this->getP("ks"); $requestedPartnerId = $this->getP("partner_id"); $ksObj = kSessionUtils::crackKs($ks); $ksPartnerId = $ksObj->partner_id; if (!$requestedPartnerId) { $requestedPartnerId = $ksPartnerId; } try { $adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true); } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::USER_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) { $this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED); } else { if ($code == kUserException::LOGIN_BLOCKED) { $this->dieOnError(APIErrors::LOGIN_BLOCKED); } else { if ($code == kUserException::PASSWORD_EXPIRED) { $this->dieOnError(APIErrors::PASSWORD_EXPIRED); } else { if ($code == kUserException::WRONG_PASSWORD) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::USER_IS_BLOCKED) { $this->dieOnError(APIErrors::USER_IS_BLOCKED); } } } } } } $this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR); } if (!$adminKuser || !$adminKuser->getIsAdmin()) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($requestedPartnerId != $adminKuser->getPartnerId()) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } $partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId()); if (!$partner) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } $partner_id = $partner->getId(); $subp_id = $partner->getSubpId(); $admin_puser_id = $adminKuser->getPuserId(); $screen_name = $adminKuser->getScreenName(); if (!$screen_name) { // for backward compatibility $screen_name = $this->getP("screen_name"); } $noUserInKs = is_null($ksObj->user) || $ksObj->user === ''; if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) { $ks = null; $sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER; kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*"); } $exp = 0; $path = "/"; $this->getResponse()->setCookie("pid", $partner_id, $exp, $path); $this->getResponse()->setCookie("subpid", $subp_id, $exp, $path); $this->getResponse()->setCookie("uid", $admin_puser_id, $exp, $path); $this->getResponse()->setCookie("kmcks", $ks, $exp, $path); $this->getResponse()->setCookie("screen_name", $screen_name, $exp, $path); $this->redirect('kmc/kmc2'); }
public function execute() { $ks = $this->getP("ks"); $requestedPartnerId = $this->getP("partner_id"); $expired = $this->getP("exp"); $ksObj = kSessionUtils::crackKs($ks); $ksPartnerId = $ksObj->partner_id; if (!$requestedPartnerId) { $requestedPartnerId = $ksPartnerId; } try { $adminKuser = UserLoginDataPeer::userLoginByKs($ks, $requestedPartnerId, true); } catch (kUserException $e) { $code = $e->getCode(); if ($code == kUserException::USER_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($code == kUserException::LOGIN_DATA_NOT_FOUND) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::LOGIN_RETRIES_EXCEEDED) { $this->dieOnError(APIErrors::LOGIN_RETRIES_EXCEEDED); } else { if ($code == kUserException::LOGIN_BLOCKED) { $this->dieOnError(APIErrors::LOGIN_BLOCKED); } else { if ($code == kUserException::PASSWORD_EXPIRED) { $this->dieOnError(APIErrors::PASSWORD_EXPIRED); } else { if ($code == kUserException::WRONG_PASSWORD) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } else { if ($code == kUserException::USER_IS_BLOCKED) { $this->dieOnError(APIErrors::USER_IS_BLOCKED); } } } } } } $this->dieOnError(APIErrors::INTERNAL_SERVERL_ERROR); } if (!$adminKuser || !$adminKuser->getIsAdmin()) { $this->dieOnError(APIErrors::ADMIN_KUSER_NOT_FOUND); } if ($requestedPartnerId != $adminKuser->getPartnerId()) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } $partner = PartnerPeer::retrieveByPK($adminKuser->getPartnerId()); if (!$partner) { $this->dieOnError(APIErrors::UNKNOWN_PARTNER_ID); } $partner_id = $partner->getId(); $subp_id = $partner->getSubpId(); $admin_puser_id = $adminKuser->getPuserId(); $exp = isset($expired) && is_numeric($expired) ? time() + $expired : 0; $noUserInKs = is_null($ksObj->user) || $ksObj->user === ''; if ($ksPartnerId != $partner_id || $partner->getKmcVersion() >= 4 && $noUserInKs) { $ks = null; $sessionType = $adminKuser->getIsAdmin() ? SessionType::ADMIN : SessionType::USER; kSessionUtils::createKSessionNoValidations($partner_id, $admin_puser_id, $ks, 30 * 86400, $sessionType, "", "*," . kSessionBase::PRIVILEGE_DISABLE_ENTITLEMENT); } $path = "/"; $domain = null; $secure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? true : false; $this->getResponse()->setCookie("pid", $partner_id, $exp, $path, $domain, $secure); $this->getResponse()->setCookie("subpid", $subp_id, $exp, $path, $domain, $secure); $this->getResponse()->setCookie("kmcks", $ks, $exp, $path, $domain, $secure); $this->redirect('kmc/kmc2'); }