static function getMap()
{
if (!count(self::$services)) {
$cacheFilePathArray = array(kConf::get("cache_root_path"), 'api_v3', 'KalturaServicesMap.cache');
$cacheFilePath = implode(DIRECTORY_SEPARATOR, $cacheFilePathArray);
if (!file_exists($cacheFilePath)) {
$servicesPathArray = array(KALTURA_API_PATH, 'services');
$servicesPath = implode(DIRECTORY_SEPARATOR, $servicesPathArray);
self::cacheMap($servicesPath, $cacheFilePath);
if (!file_exists($cacheFilePath)) {
throw new Exception('Failed to save services cached map to [' . $cacheFilePath . ']');
}
}
self::$services = unserialize(file_get_contents($cacheFilePath));
}
return self::$services + self::$extraServices;
}
/**
* Test accessibility for the given partner, secret and server
* @dataProvider accessibilitySuccessProvider
*/
public function testAccessibilitySuccess($partnerId, $secret, $configServiceUrl, $isAdmin, $userId)
{
$testedClient = $this->getClient($partnerId, $secret, $configServiceUrl, $isAdmin, $userId);
$permissions = $this->getPermissionsItems($testedClient, $userId, $partnerId, $isAdmin, $configServiceUrl);
$alwaysAllowedActions = $this->getAlwaysAllowedActions($partnerId);
$serviceMap = KalturaServicesMap::getMap();
$services = array_keys($serviceMap);
// $this->testSingleService("batchcontrol", $testedClient, $permissions, $alwaysAllowedActions);
foreach ($services as $service) {
//We skip the session service
if ($service == "session") {
continue;
}
$serviceReflector = new KalturaServiceReflector($service);
$actions = array_keys($serviceReflector->getActions());
$serviceName = $serviceReflector->getServiceName();
foreach ($actions as $action) {
$params = $this->getActionParams($action, $serviceReflector);
if ($action == "list") {
$action .= "Action";
}
try {
if (method_exists($testedClient->{$serviceName}, $action)) {
call_user_func_array(array($testedClient->{$serviceName}, $action), $params);
//TODO: Handle non exception cases
$this->compareServiceAction($permissions, $alwaysAllowedActions, $serviceName, $action);
} else {
//TODO: handle method doesn't exists...
}
} catch (Exception $ex) {
//Check if the service / action is found in the user permissions
$this->compareServiceAction($permissions, $alwaysAllowedActions, $serviceName, $action, $ex);
}
}
}
}
<?php
require_once "../../bootstrap.php";
KalturaLog::setContext("TESTME");
$service = $_GET["service"];
$action = $_GET["action"];
$bench_start = microtime(true);
KalturaLog::INFO(">------- api_v3 testme [{$service}][{$action}]-------");
function toArrayRecursive(KalturaPropertyInfo $propInfo)
{
return $propInfo->toArray();
}
$serviceMap = KalturaServicesMap::getMap();
$actionInfo = null;
try {
$serviceReflector = $serviceMap[strtolower($service)];
/* @var $serviceReflector KalturaServiceActionItem */
$actionReflector = new KalturaActionReflector($service, $action, $serviceReflector->actionMap[$action]);
$actionParams = $actionReflector->getActionParams();
$actionInfo = $actionReflector->getActionInfo();
$actionInfo = array("actionParams" => array(), "description" => $actionInfo->description);
foreach ($actionParams as $actionParam) {
$actionInfo["actionParams"][] = toArrayRecursive($actionParam);
}
} catch (Exception $ex) {
KalturaLog::ERR("<------- api_v3 testme [{$service}][{$action}\n" . $ex->__toString() . " " . " -------");
}
//echo "<pre>";
//echo print_r($actionInfo);
echo json_encode($actionInfo);
$bench_end = microtime(true);
public function setIncludeOrExcludeList($include, $exclude, $excludePaths = null)
{
$this->initClassMap();
$this->_excludePathList = array();
if ($excludePaths !== null) {
$tempList = explode(",", str_replace(" ", "", $excludePaths));
foreach ($tempList as $item) {
$this->_excludePathList[] = realpath(dirname(__FILE__) . "/../../{$item}");
}
}
// load full list of actions and services
$fullList = array();
$serviceMap = null;
$serviceMap = KalturaServicesMap::getMap();
foreach ($serviceMap as $serviceId => $serviceActionItem) {
/* @var $serviceActionItem KalturaServiceActionItem */
foreach ($serviceActionItem->actionMap as $actionId => $actionCallback) {
list($serviceClass, $actionMethodName) = array_values($actionCallback);
$servicePath = $this->_classMap[$serviceClass];
if ($this->isPathExcluded($servicePath)) {
continue;
}
$fullList[strtolower($serviceId)][strtolower($actionId)] = true;
}
}
$includeList = array();
if ($include !== null) {
$tempList = explode(",", str_replace(" ", "", $include));
foreach ($tempList as $item) {
$service = null;
$action = null;
$item = strtolower($item);
if (strpos($item, ".") !== false) {
list($service, $action) = explode(".", $item);
}
if (!key_exists($service, $includeList)) {
$includeList[$service] = array();
}
if ($action == "*") {
if (!array_key_exists($service, $fullList)) {
throw new Exception("Service [{$service}] not found");
}
$includeList[$service] = $fullList[$service];
} else {
$includeList[$service][$action] = true;
}
}
} else {
if ($exclude !== null) {
$includeList = $fullList;
$tempList = explode(",", str_replace(" ", "", $exclude));
foreach ($tempList as $item) {
$service = null;
$action = null;
$item = strtolower($item);
if (strpos($item, ".") !== false) {
list($service, $action) = explode(".", $item);
}
if ($action == "*") {
// KalturaLog::debug("Excluding service [$service]");
unset($includeList[$service]);
} else {
// KalturaLog::debug("Excluding action [$service.$action]");
unset($includeList[$service][$action]);
}
}
} else {
$includeList = $fullList;
}
}
$this->setIncludeList($includeList);
}
/**
* Save the following attributes into cache
* actionInfo, actionParams, actionClassInfo
*/
protected function cacheReflectionValues()
{
if (!function_exists('apc_store')) {
return;
}
$servicesMapLastModTime = KalturaServicesMap::getServiceMapModificationTime();
$cacheValue = array(KalturaServicesMap::SERVICES_MAP_MODIFICATION_TIME => $servicesMapLastModTime, "actionInfo" => $this->getActionInfo(), "actionParams" => $this->getActionParams(), "actionClassInfo" => $this->getActionClassInfo());
$success = apc_store("{$this->_serviceId}_{$this->_actionId}", $cacheValue);
}
public function dispatch($service, $action, $params = array())
{
$start = microtime(true);
// prevent impersonate to partner zero
$p = isset($params["p"]) && $params["p"] ? $params["p"] : null;
if (!$p) {
$p = isset($params["partnerId"]) && $params["partnerId"] ? $params["partnerId"] : null;
}
$GLOBALS["partnerId"] = $p;
// set for logger
$userId = "";
$ksStr = isset($params["ks"]) ? $params["ks"] : null;
if (!$service) {
throw new KalturaAPIException(KalturaErrors::SERVICE_NOT_SPECIFIED);
}
//strtolower on service - map is indexed according to lower-case service IDs
$service = strtolower($service);
$serviceActionItem = KalturaServicesMap::retrieveServiceActionItem($service, $action);
$action = strtolower($action);
if (!isset($serviceActionItem->actionMap[$action])) {
KalturaLog::crit("Action does not exist!");
throw new KalturaAPIException(KalturaErrors::ACTION_DOES_NOT_EXISTS, $action, $service);
}
try {
$actionReflector = new KalturaActionReflector($service, $action, $serviceActionItem->actionMap[$action]);
} catch (Exception $e) {
throw new Exception("Could not create action reflector for service [{$service}], action [{$action}]. Received error: " . $e->getMessage());
}
$actionParams = $actionReflector->getActionParams();
$actionInfo = $actionReflector->getActionInfo();
// services.ct - check if partner is allowed to access service ...
kCurrentContext::$host = isset($_SERVER["HOSTNAME"]) ? $_SERVER["HOSTNAME"] : gethostname();
kCurrentContext::$user_ip = requestUtils::getRemoteAddress();
kCurrentContext::$ps_vesion = "ps3";
kCurrentContext::$service = $serviceActionItem->serviceInfo->serviceName;
kCurrentContext::$action = $action;
kCurrentContext::$client_lang = isset($params['clientTag']) ? $params['clientTag'] : null;
kCurrentContext::initKsPartnerUser($ksStr, $p, $userId);
// validate it's ok to access this service
$deserializer = new KalturaRequestDeserializer($params);
$this->arguments = $deserializer->buildActionArguments($actionParams);
KalturaLog::debug("Dispatching service [" . $service . "], action [" . $action . "], reqIndex [" . kCurrentContext::$multiRequest_index . "] with params " . print_r($this->arguments, true));
$responseProfile = $deserializer->getResponseProfile();
if ($responseProfile) {
KalturaLog::debug("Response profile: " . print_r($responseProfile, true));
}
kPermissionManager::init(kConf::get('enable_cache'));
kEntitlementUtils::initEntitlementEnforcement();
$disableTags = $actionInfo->disableTags;
if ($disableTags && is_array($disableTags) && count($disableTags)) {
foreach ($disableTags as $disableTag) {
KalturaCriterion::disableTag($disableTag);
}
}
if ($actionInfo->validateUserObjectClass && $actionInfo->validateUserIdParamName && isset($actionParams[$actionInfo->validateUserIdParamName])) {
// // TODO maybe if missing should throw something, maybe a bone?
// if(!isset($actionParams[$actionInfo->validateUserIdParamName]))
// throw new KalturaAPIException(KalturaErrors::MISSING_MANDATORY_PARAMETER, $actionInfo->validateUserIdParamName);
KalturaLog::debug("validateUserIdParamName: " . $actionInfo->validateUserIdParamName);
$objectId = $params[$actionInfo->validateUserIdParamName];
$this->validateUser($actionInfo->validateUserObjectClass, $objectId, $actionInfo->validateUserPrivilege, $actionInfo->validateOptions);
}
// initialize the service before invoking the action on it
// action reflector will init the service to maintain the pluginable action transparency
$actionReflector->initService($responseProfile);
$invokeStart = microtime(true);
KalturaLog::debug("Invoke start");
try {
$res = $actionReflector->invoke($this->arguments);
} catch (KalturaAPIException $e) {
if ($actionInfo->returnType != 'file') {
throw $e;
}
KalturaResponseCacher::adjustApiCacheForException($e);
$res = new kRendererDieError($e->getCode(), $e->getMessage());
}
kEventsManager::flushEvents();
KalturaLog::debug("Invoke took - " . (microtime(true) - $invokeStart) . " seconds");
KalturaLog::debug("Dispatch took - " . (microtime(true) - $start) . " seconds, memory: " . memory_get_peak_usage(true));
return $res;
}
public function isServiceExists($serviceId)
{
if (array_key_exists($serviceId, $this->_servicesMap)) {
return true;
}
if (strpos($serviceId, '_') <= 0) {
return false;
}
$serviceId = strtolower($serviceId);
list($servicePlugin, $serviceName) = explode('_', $serviceId);
$pluginInstances = KalturaPluginManager::getPluginInstances('IKalturaServices');
if (!isset($pluginInstances[$servicePlugin])) {
return false;
}
$pluginInstance = $pluginInstances[$servicePlugin];
$servicesMap = $pluginInstance->getServicesMap();
KalturaLog::debug(print_r($servicesMap, true));
foreach ($servicesMap as $name => $class) {
if (strtolower($name) == $serviceName) {
$class = $servicesMap[$name];
KalturaServicesMap::addService($serviceId, $class);
$this->_servicesMap = KalturaServicesMap::getMap();
return true;
}
}
return false;
}
$serviceConfig->setServiceName($serviceActionName);
$serviceSplit = explode('.', $serviceActionName);
$serviceName = $serviceSplit[0];
$actionName = $serviceSplit[1];
$ticketTypes = explode(',', $serviceConfig->getTicketType());
$serviceId = $serviceName;
$pluginName = getPluginNameFromServicesCtPath($ctPath);
if ($pluginName) {
$serviceId = strtolower($pluginName) . '_' . $serviceId;
}
$serviceClass = KalturaServicesMap::getService($serviceId);
if (!$serviceClass) {
$tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
if ($tmpServiceIds && count($tmpServiceIds) == 1) {
$serviceId = reset($tmpServiceIds);
$serviceClass = KalturaServicesMap::getService($serviceId);
}
}
if (!$serviceClass) {
$msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
// skip action if set with ticket type N (blocked)
if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
$msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
KalturaLog::notice($msg);
echo $msg . PHP_EOL;
continue;
}
public function setIncludeOrExcludeList($include, $exclude)
{
// load full list of actions and services
$fullList = array();
$serviceMap = KalturaServicesMap::getMap();
$services = array_keys($serviceMap);
foreach ($services as $service) {
$serviceReflector = new KalturaServiceReflector($service);
$actions = $serviceReflector->getActions();
foreach ($actions as &$action) {
// we need only the keys
$action = true;
}
$fullList[$service] = $actions;
}
$includeList = array();
if ($include !== null) {
$tempList = explode(",", str_replace(" ", "", $include));
foreach ($tempList as $item) {
$service = null;
$action = null;
$item = strtolower($item);
if (strpos($item, ".") !== false) {
list($service, $action) = explode(".", $item);
}
if (!key_exists($service, $includeList)) {
$includeList[$service] = array();
}
if ($action == "*") {
if (!array_key_exists($service, $fullList)) {
throw new Exception("Service [{$service}] not found");
}
$includeList[$service] = $fullList[$service];
} else {
$includeList[$service][$action] = true;
}
}
} else {
if ($exclude !== null) {
$includeList = $fullList;
$tempList = explode(",", str_replace(" ", "", $exclude));
foreach ($tempList as $item) {
$service = null;
$action = null;
$item = strtolower($item);
if (strpos($item, ".") !== false) {
list($service, $action) = explode(".", $item);
}
if ($action == "*") {
// KalturaLog::debug("Excluding service [$service]");
unset($includeList[$service]);
} else {
// KalturaLog::debug("Excluding action [$service.$action]");
unset($includeList[$service][$action]);
}
}
} else {
$includeList = $fullList;
}
}
$this->setIncludeList($includeList);
}
function setPermissions($serviceConfig, $setBaseSystemPermissions, $userSessionPermission, $noKsPermission, $partnerId)
{
// get list of services defined in the services.ct files
$servicesTable = $serviceConfig->getAllServicesByCt();
// for each defined service.action
foreach ($servicesTable as $ctPath => $services) {
foreach ($services as $serviceActionName) {
$serviceConfig->setServiceName($serviceActionName);
$serviceSplit = explode('.', $serviceActionName);
$serviceName = $serviceSplit[0];
$actionName = $serviceSplit[1];
$ticketTypes = explode(',', $serviceConfig->getTicketType());
$serviceId = $serviceName;
$pluginName = getPluginNameFromServicesCtPath($ctPath);
if ($pluginName) {
$serviceId = strtolower($pluginName) . '_' . $serviceId;
}
$serviceClass = KalturaServicesMap::getService($serviceId);
if (!$serviceClass) {
$tmpServiceIds = KalturaServicesMap::getServiceIdsFromName($serviceName);
if ($tmpServiceIds && count($tmpServiceIds) == 1) {
$serviceId = reset($tmpServiceIds);
$serviceClass = KalturaServicesMap::getService($serviceId);
}
}
if (!$serviceClass) {
$msg = '***** ERROR - service id [' . $serviceId . '] not found in services map!';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
// skip action if set with ticket type N (blocked)
if (in_array(BLOCKED_TICKET_TYPE, $ticketTypes)) {
$msg = '***** NOTICE - Action [' . $serviceActionName . '] is set with ticket type N (blocked) -> skipping!';
KalturaLog::notice($msg);
echo $msg . PHP_EOL;
continue;
}
// check if a permission item for the current action already exists
$c = new Criteria();
$c->addAnd(kApiActionPermissionItem::SERVICE_COLUMN_NAME, $serviceId, Criteria::EQUAL);
$c->addAnd(kApiActionPermissionItem::ACTION_COLUMN_NAME, $actionName, Criteria::EQUAL);
$c->addAnd(PermissionItemPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permissionItem = PermissionItemPeer::doSelectOne($c);
if ($permissionItem) {
$msg = '***** NOTICE - Permission item for [' . $serviceActionName . '] already exists with id [' . $permissionItem->getId() . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
} else {
// create a new api action permission item and save it
$permissionItem = new kApiActionPermissionItem();
$permissionItem->setService($serviceId);
$permissionItem->setAction($actionName);
$permissionItem->setPartnerId($partnerId);
$permissionItem->save();
}
// get the defined permission names from the tags section of the services.ct file
$permissionNames = $serviceConfig->getTags();
$permissionNames = explode(',', $permissionNames);
$anyPermissionSet = false;
// was any permission set to include the current permission item or not
foreach ($permissionNames as $permissionName) {
if (!$permissionName) {
continue;
}
// add the permission item to all its defined permission objects
$c = new Criteria();
$c->addAnd(PermissionPeer::NAME, $permissionName, Criteria::EQUAL);
$c->addAnd(PermissionPeer::TYPE, PermissionType::NORMAL, Criteria::EQUAL);
//$c->addAnd(PermissionPeer::PARTNER_ID, array(PartnerPeer::GLOBAL_PARTNER, $partnerId), Criteria::IN);
$permission = PermissionPeer::doSelectOne($c);
if (!$permission) {
$msg = '***** ERROR - Permission [' . $permissionName . '] not found in DB although set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
continue;
}
$permission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
// add permission item to the basic NO_KS and USER_KS permissions according to its ticket type
// (partner admin role already contains all other permissions)
if ($setBaseSystemPermissions) {
if (in_array(NO_KS_TICKET_TYPE, $ticketTypes)) {
$noKsPermission->addPermissionItem($permissionItem->getId(), true);
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
} else {
if (in_array(USER_KS_TICKET_TYPE, $ticketTypes)) {
$userSessionPermission->addPermissionItem($permissionItem->getId(), true);
$anyPermissionSet = true;
}
}
}
if (!$anyPermissionSet) {
$msg = '***** ERROR - No permission was set for [' . $serviceActionName . ']';
KalturaLog::alert($msg);
echo $msg . PHP_EOL;
}
}
}
}