public function getPrettyname()
{
if (isset($this->_prettyname)) {
return $this->_prettyname;
}
/** @var string $fieldName */
$fieldName = $this->_config->getString('entity.prettyname', NULL);
$mb = new sspmod_janus_MetadataFieldBuilder($this->_config->getArray('metadatafields.' . $this->_type));
$metadataFields = $mb->getMetadataFields();
if (!is_null($fieldName)) {
$rows = $this->loadPrettyNameFromCache($fieldName);
if (empty($rows)) {
$this->_prettyname = $this->_entityid;
} else {
if (isset($metadataFields[$fieldName]->default) && $metadataFields[$fieldName]->default == $rows[0]['value']) {
$this->_prettyname = $this->_entityid;
} else {
$this->_prettyname = $rows[0]['value'];
}
}
} else {
$this->_prettyname = $this->_entityid;
}
return $this->_prettyname;
}
}
}
}
$remoteEntities = array();
foreach ($remoteTypes as $remoteType) {
$remoteEntities = array_merge($remoteEntities, $adminUtil->getEntitiesByStateType(null, $remoteType));
}
if ($securityContext->isGranted('allentities')) {
$userEntities = $remoteEntities;
} else {
$userEntities = $adminUtil->getEntitiesFromUser($user->getUid());
}
$reverseBlockedEntities = $adminUtil->getReverseBlockedEntities($entity, $userEntities);
// Get metadatafields
$mfc = $janus_config->getArray('metadatafields.' . $entity->getType());
$mb = new sspmod_janus_MetadataFieldBuilder($mfc);
$et->data['metadatafields'] = $mb->getMetadataFields();
$remote_entities = array();
$remote_entities_acl_sorted = array();
// Only parse name and description in current language
foreach ($remoteEntities as $remoteEntityRow) {
$remoteEntity = new sspmod_janus_Entity($janus_config);
$remoteEntity->setEid($remoteEntityRow["eid"]);
$remoteEntity->setRevisionid($remoteEntityRow["revisionid"]);
$remoteEntity->load();
$remoteEntityFormatted = array('eid' => $remoteEntity->getEid(), 'revisionid' => $remoteEntity->getRevisionid(), 'type' => $remoteEntity->getType(), 'notes' => $remoteEntity->getNotes());
// Format the name for the remote entity
$remoteEntityName = $remoteEntity->getPrettyName();
if (isset($remoteEntityName)) {
if (is_array($remoteEntityName)) {
if (array_key_exists($language, $remoteEntityName)) {
private static function getMetadata($eid, $revision, $type = null, array $option = null)
{
assert('ctype_digit($eid)');
assert('ctype_digit($revision)');
$janus_config = sspmod_janus_DiContainer::getInstance()->getConfig();
$entityController = sspmod_janus_DiContainer::getInstance()->getEntityController();
if (!($entity = $entityController->setEntity($eid, $revision))) {
self::$_error = array('Entity could not be loaded - Eid: ' . $eid . ' Revisionid: ' . $revision);
return false;
}
$metadata_raw = $entityController->getMetadata();
// Get metadata fields
$nm_mb = new sspmod_janus_MetadataFieldBuilder($janus_config->getArray('metadatafields.' . $entity->getType()));
$metadatafields_required = $nm_mb->getMetadataFields();
// Get required metadata fields
$required = array();
foreach ($metadatafields_required as $mf) {
if (isset($mf->required) && $mf->required === true) {
$required[] = $mf->name;
}
}
// Get metadata to me tested
$metadata = array();
foreach ($metadata_raw as $k => $v) {
// Metadata field not defined
if (!isset($metadatafields_required[$v->getKey()])) {
continue;
}
// Value not set for metadata
if (is_string($v->getValue()) && $v->getValue() == '') {
continue;
}
// Compute is the default values is allowed
$default_allow = false;
if (isset($metadatafields_required[$v->getKey()]->default_allow) && is_bool($metadatafields_required[$v->getKey()]->default_allow)) {
$default_allow = $metadatafields_required[$v->getKey()]->default_allow;
}
/*
* Do not include metadata if value is set to default and default
* is not allowed.
*/
if (!$default_allow && (isset($metadatafields_required[$v->getKey()]->default) && $v->getValue() == $metadatafields_required[$v->getKey()]->default)) {
continue;
}
$metadata[] = $v->getKey();
}
// Compute missing metadata that is required
$missing_required = array_diff($required, $metadata);
$entityId = $entity->getEntityid();
if (!empty($missing_required)) {
SimpleSAML_Logger::error('JANUS - Missing required metadata fields. Entity_id:' . $entityId);
self::$_error = $missing_required;
return false;
}
try {
$metaArray = $entityController->getMetaArray();
$metaArray['eid'] = $eid;
$blockedEntities = $entityController->getBlockedEntities();
$allowedEntities = $entityController->getAllowedEntities();
$disabledConsent = $entityController->getDisableConsent();
$metaFlat = '// Revision: ' . $entity->getRevisionid() . "\n";
$metaFlat .= var_export($entityId, TRUE) . ' => ' . var_export($metaArray, TRUE) . ',';
// Add authproc filter to block blocked entities
if (!empty($blockedEntities) || !empty($allowedEntities)) {
$metaFlat = substr($metaFlat, 0, -2);
if (!empty($allowedEntities)) {
$metaFlat .= " 'allowed' => array(\n";
$metaArray['allowed'] = array();
foreach ($allowedEntities as $allowedEntity) {
$metaFlat .= " '" . $allowedEntity['remoteentityid'] . "',\n";
$metaArray['allowed'][] = $allowedEntity['remoteentityid'];
}
$metaFlat .= " ),\n";
}
if (!empty($blockedEntities)) {
$metaFlat .= " 'blocked' => array(\n";
$metaArray['blocked'] = array();
foreach ($blockedEntities as $blockedEntity) {
$metaFlat .= " '" . $blockedEntity['remoteentityid'] . "',\n";
$metaArray['blocked'][] = $blockedEntity['remoteentityid'];
}
$metaFlat .= " ),\n";
}
$metaFlat .= '),';
}
// Add disable consent
if (!empty($disabledConsent)) {
$metaFlat = substr($metaFlat, 0, -2);
$metaFlat .= " 'consent.disable' => array(\n";
foreach ($disabledConsent as $key => $value) {
$metaFlat .= " '" . $key . "',\n";
}
$metaFlat .= " ),\n";
$metaFlat .= '),';
}
$maxCache = isset($option['maxCache']) ? $option['maxCache'] : null;
$maxDuration = isset($option['maxDuration']) ? $option['maxDuration'] : null;
try {
$metaBuilder = new SimpleSAML_Metadata_SAMLBuilder($entityId, $maxCache, $maxDuration);
$metaBuilder->addMetadata($metaArray['metadata-set'], $metaArray);
} catch (Exception $e) {
SimpleSAML_Logger::error('JANUS - Entity_id:' . $entityId . ' - Error generating XML metadata - ' . var_export($e, true));
self::$_error = array('Error generating XML metadata - ' . $e->getMessage());
return false;
}
// Add organization info
if (!empty($metaArray['OrganizationName']) && !empty($metaArray['OrganizationDisplayName']) && !empty($metaArray['OrganizationURL'])) {
$metaBuilder->addOrganizationInfo(array('OrganizationName' => $metaArray['OrganizationName'], 'OrganizationDisplayName' => $metaArray['OrganizationDisplayName'], 'OrganizationURL' => $metaArray['OrganizationURL']));
}
// Add contact info
if (!empty($metaArray['contact'])) {
$metaBuilder->addContact('technical', $metaArray['contact']);
}
switch ($type) {
case self::XML:
return $metaBuilder->getEntityDescriptor();
case self::XMLREADABLE:
return $metaBuilder->getEntityDescriptorText();
case self::PHPARRAY:
return $metaArray;
case self::FLATFILE:
default:
return $metaFlat;
}
} catch (Exception $exception) {
$session = SimpleSAML_Session::getInstance();
SimpleSAML_Utilities::fatalError($session->getTrackID(), 'JANUS - Metadatageneration', $exception);
return false;
}
}
/**
* Add metadata.
*
* Add a new matadata entry to the entity.
*
* @param string $key The metadata key
* @param string $value The metadata value
*
* @return sspmod_janus_Metadata The metadata.
* @todo Make independent of type (make generic, support for more types than
* sp and idp)
*/
public function addMetadata($key, $value)
{
if ($value === null || $value === '') {
return false;
}
assert('is_string($key);');
assert('$this->_entity instanceof Sspmod_Janus_Entity');
$mb = new sspmod_janus_MetadataFieldBuilder($this->_config->getArray('metadatafields.' . $this->_entity->getType()));
$fieldDefinitions = $mb->getMetadataFields();
// Check if metadata is allowed
if (!array_key_exists($key, $fieldDefinitions)) {
SimpleSAML_Logger::info(__CLASS__ . ':addMetadata - Metadata key \'' . $key . ' not allowed');
return false;
}
$fieldDefinition = $fieldDefinitions[$key];
if (empty($this->_metadata)) {
if (!$this->loadEntity()) {
return false;
}
}
$st = $this->execute('SELECT count(*) AS count
FROM ' . $this->getTablePrefix() . 'metadata
WHERE `connectionRevisionId` = ? AND `key` = ?;', array($this->_entity->getId(), $key));
if ($st === false) {
SimpleSAML_Logger::error(__CLASS__ . ':addMetadata - Count check failed');
return false;
}
$row = $st->fetchAll(PDO::FETCH_ASSOC);
if ($row[0]['count'] > 0) {
SimpleSAML_Logger::error(__CLASS__ . ':addMetadata - Metadata already exists');
return false;
}
if ($fieldDefinition->getType() === 'select') {
$allowedSelectValues = $fieldDefinition->getSelectValues();
if (!in_array($value, $allowedSelectValues)) {
SimpleSAML_Logger::error(__CLASS__ . ':addMetadata - Value: ' . $value . ' not allowed for field ' . $key);
return false;
}
}
$metadata = new sspmod_janus_Metadata($fieldDefinition, $key, $value);
$metadata->setConnectionRevisionId($this->_entity->getId());
$this->_metadata[] = $metadata;
$this->_modified = true;
// The metadata is not saved, since it is not part of the current
// entity with current revision id
return $metadata;
}
/**
* Create new entity with parsed entityid
*
* Create a new entity and give the user access to the entity.
*
* @param string $entityid Entity id for the new entity
* @param string $type Entity type
* @param string $metadataUrl The -optional- metadata url for the new entity
*
* @return sspmod_janus_Entity|bool Returns the entity or false on error.
* @since Method available since Release 1.0.0
*/
public function createNewEntity($entityid, $type, $metadataUrl = null)
{
assert('is_string($entityid)');
assert('is_string($type)');
if ($this->isEntityIdInUse($entityid, $errorMessage)) {
return $errorMessage;
}
$startstate = $this->_config->getString('workflowstate.default');
// Instantiate a new entity
$entity = new sspmod_janus_Entity($this->_config, true);
$entity->setEntityid($entityid);
$entity->setWorkflow($startstate);
$entity->setType($type);
$entity->setUser($this->_user->getUid());
$entity->setRevisionnote('Entity created.');
if ($metadataUrl) {
$entity->setMetadataURL($metadataUrl);
}
$entity->save(array());
$adminUtil = new sspmod_janus_AdminUtil();
$adminUtil->addUserToEntity($entity->getEid(), $this->_user->getUid());
$ec = sspmod_janus_DiContainer::getInstance()->getEntityController();
$ec->setEntity($entity);
$update = false;
// Get metadatafields for new type
$nm_mb = new sspmod_janus_MetadataFieldBuilder($this->_config->getArray('metadatafields.' . $type));
$metadatafields = $nm_mb->getMetadataFields();
// Add all required fileds
foreach ($metadatafields as $mf) {
if (isset($mf->required) && $mf->required === true) {
$ec->addMetadata($mf->name, $mf->default);
$update = true;
}
}
if ($update === true) {
$ec->saveEntity();
}
// Reset list of entities
$this->_entities = null;
$this->_loadEntities();
return $entity->getEid();
}
