public static function method_getUser($data, &$status)
{
if (!isset($data["userid"])) {
$status = 400;
return '';
}
$config = SimpleSAML_Configuration::getConfig('module_janus.php');
$user = new sspmod_janus_User($config->getValue('store'));
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
if ($session->isValid($authsource)) {
$attributes = $session->getAttributes();
// Check if userid exists
if (!isset($attributes[$useridattr])) {
throw new Exception('User ID is missing');
}
$userid = $attributes[$useridattr][0];
} else {
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
// Get the user
$user = new sspmod_janus_User($janus_config->getValue('store'));
$user->setUserid($userid);
$user->load(sspmod_janus_User::USERID_LOAD);
$et = new SimpleSAML_XHTML_Template($config, 'janus:exportentities.php', 'janus:exportentities');
$et->data['user_type'] = $user->getType();
$et->data['uiguard'] = new sspmod_janus_UIguard($janus_config->getValue('access'));
$et->data['types'] = $util->getAllowedTypes();
$et->data['states'] = $janus_config->getArray('workflowstates');
$et->data['external'] = $janus_config->getArray('export.external');
$et->data['header'] = 'JANUS';
if (isset($_GET['msg'])) {
$et->data['msg'] = $_GET['msg'];
}
$et->show();
exit;
}
$ssp_metadata = '// Metadata for state "' . $export_state . '"';
// Generate metadata
try {
$maxCache = $janus_config->getValue('maxCache', NULL);
}
// Sort metadatafields according to name
uasort($et->data['metadatafields'], 'cmp');
$et->data['metadata'] = $entityController->getMetadata();
//sort remote entities for acl based on blocked or not
uasort($et->data['metadata'], 'cmp2');
// Sort remote enties based on acl allowed
uasort($remote_entities_acl_sorted, 'cmpByAcl');
// Get allowed workflows
$allowed_workflow = array();
$allowed_workflow[] = $entity->getWorkflow();
$workflowstates = array();
if (isset($workflow[$entity->getWorkflow()])) {
$workflowstates = $janus_config->getValue('workflowstates');
foreach ($workflow[$entity->getWorkflow()] as $k_wf => $v_wf) {
$tmp = array_intersect($user->getType(), $v_wf['role']);
if (!empty($tmp) || in_array('all', $v_wf['role'])) {
$allowed_workflow[] = $k_wf;
}
}
} else {
$workflowstates = array($entity->getWorkflow() => array('name' => array('en' => $entity->getWorkflow()), 'description' => array('en' => 'No description available. Workflow state `' . $entity->getWorkflow() . '` is not defined in the configuration file. This is probably an error. Contact your system administrator to get this error fixed.')));
}
require __DIR__ . '/editentity/revisions.php';
addRevisionCompare($et, $eid);
require __DIR__ . '/editentity/arp.php';
addArpConfiguration($et, $janus_config);
$et->data['entity_state'] = $entity->getWorkflow();
$et->data['entity_type'] = $entity->getType();
$et->data['revisionid'] = $entity->getRevisionid();
$et->data['types'] = $janus_config->getValue('types');
/**
* Load entities that user has access to
*
* @return bool True on success and false on error.
* @since Method available since Release 1.0.0
* @throws Exception if loading fails
*/
private function _loadEntities($state = null, $state_exclude = null, $sort = null, $order = null)
{
$orderBySQL = ';';
$queryData = array();
if ($sort == "created") {
$sortfield = 'ENTITY.`created` AS `orderfield`';
} else {
if ($sort == 'name') {
$sortfield = 'IFNULL(METADATA.`value`, ENTITY.`entityid`) AS `orderfield`';
} else {
$sortfield = 'IFNULL(METADATA.`value`, ENTITY.`entityid`) AS `orderfield`';
}
}
if ($order == "ASC") {
$orderfield = 'ASC';
} else {
if ($order == 'DESC') {
$orderfield = 'DESC';
} else {
$orderfield = 'ASC';
}
}
// Select entity (only last revision)
$query = "\n SELECT DISTINCT ENTITY.eid, \n " . $sortfield . "\n FROM " . self::$prefix . "entity AS ENTITY";
$whereClauses[] = "ENTITY.revisionid = (\n SELECT MAX(revisionid)\n FROM " . self::$prefix . "entity\n WHERE eid = ENTITY.eid\n GROUP BY eid\n )";
// Filter out entities that are not allowed
$guard = new sspmod_janus_UIguard($this->_config->getArray('access', array()));
$allowAllEntities = $guard->hasPermission('allentities', null, $this->_user->getType(), TRUE);
if (!$allowAllEntities) {
$query .= "\n INNER JOIN janus__hasEntity AS hasentity\n ON hasentity.eid = ENTITY.eid\n AND hasentity.uid = :uid\n ";
$queryData['uid'] = $this->_user->getUid();
}
// Include given state
if (!is_null($state)) {
$whereClauses[] = "ENTITY.state = :state ";
$queryData['state'] = $state;
}
// Exclude given state
if (!is_null($state_exclude)) {
$whereClauses[] = "ENTITY.`state` <> :state_exclude";
$queryData['state_exclude'] = $state_exclude;
}
// Find default value for sort field so it can be excluded
$sortFieldName = $this->_config->getString('entity.prettyname', NULL);
$queryData['default_value'] = '';
if ($sortFieldDefaultValue = $this->_config->getArray('metadatafields.saml20-idp', FALSE)) {
if (isset($sortFieldDefaultValue[$sortFieldName])) {
$queryData['default_value'] = $sortFieldDefaultValue[$sortFieldName]['default'];
}
} else {
if ($sortFieldDefaultValue = $this->_config->getArray('metadatafields.saml20-sp', FALSE)) {
if (isset($sortFieldDefaultValue[$sortFieldName])) {
$queryData['default_value'] = $sortFieldDefaultValue[$sortFieldName]['default'];
}
}
}
// Try to sort results by pretty name from metadata
if ($sortFieldName) {
$query .= "\n LEFT JOIN " . self::$prefix . "metadata AS METADATA\n ON METADATA.key = :metadata_key\n AND METADATA.eid = ENTITY.eid\n AND METADATA.revisionid = ENTITY.revisionid\n AND METADATA.value != :default_value";
$queryData['metadata_key'] = $sortFieldName;
$orderBySQL = "\nORDER BY `orderfield` " . $orderfield . ";";
}
$query .= " WHERE " . implode("\nAND ", $whereClauses);
$query .= $orderBySQL;
$st = $this->execute($query, $queryData);
if ($st === false) {
throw new exception('Entities could not be loaded');
}
$this->_entities = array();
$rs = $st->fetchAll(PDO::FETCH_ASSOC);
foreach ($rs as $row) {
$entity = new sspmod_janus_Entity($this->_config);
$entity->setEid($row['eid']);
if (!is_null($state)) {
$entity->setWorkflow($state);
}
if ($entity->load()) {
$this->_entities[] = $entity;
} else {
SimpleSAML_Logger::error('JANUS:UserController:_loadEntities - Entity could not be
loaded: ' . var_export($row, true));
}
}
return true;
}
if ($revisionid > -1) {
if (!($entity = $mcontroller->setEntity($eid, $revisionid))) {
throw new SimpleSAML_Error_Exception('Error in setEntity');
}
} else {
// Revision not set, get latest
if (!($entity = $mcontroller->setEntity($eid))) {
throw new SimpleSAML_Error_Exception('Error in setEntity');
}
}
// load entity
$mcontroller->loadEntity();
// Check if user is allowed to se entity
$guard = new sspmod_janus_UIguard($janus_config->getArray('access', array()));
$allowedUsers = $mcontroller->getUsers();
if (!(array_key_exists($userid, $allowedUsers) || $guard->hasPermission('allentities', null, $user->getType(), TRUE))) {
SimpleSAML_Utilities::redirect(SimpleSAML_Module::getModuleURL('janus/index.php'));
}
$et = new SimpleSAML_XHTML_Template($config, 'janus:editentity.php', 'janus:editentity');
$language = $et->getLanguage();
$update = FALSE;
$note = '';
if (!empty($_POST)) {
// Array for collecting addresses to notify
$addresses = array();
// Change entityID
if (isset($_POST['entityid']) && $guard->hasPermission('changeentityid', $entity->getWorkflow(), $user->getType())) {
if (check_uri($_POST['entityid']) || true) {
# HACK: For SURFnetGuests : https://espee-test.surfnet.nl/federate/metadata/saml20/SURFnetGuests
$entityIdNeedsUpdating = $_POST['entityid'] != $entity->getEntityid();
if ($entityIdNeedsUpdating) {
$user->setUserid($userid);
$user->load(sspmod_janus_User::USERID_LOAD);
// Get the correct entity
$eid = $_GET['eid'];
if (!($entity = $mcontroller->setEntity($eid))) {
throw new SimpleSAML_Error_Exception('Error in setEntity');
}
$workflowstates = $janus_config->getValue('workflowstates');
// load entity
$mcontroller->loadEntity();
// Check if user is allowed to se entity
$allowedUsers = $mcontroller->getUsers();
$uiguard = new sspmod_janus_UIguard($janus_config->getValue('access'));
$output = '';
$wfstate = $entity->getWorkflow();
if ((array_key_exists($userid, $allowedUsers) || $uiguard->hasPermission('allentities', null, $user->getType(), true)) && $uiguard->hasPermission('entityhistory', $wfstate, $user->getType())) {
$history_size = $mcontroller->getHistorySize();
$history = $mcontroller->getHistory(10, $history_size);
foreach ($history as $data) {
$rid = $data->getRevisionid();
$rnote = $data->getRevisionnote();
$output .= '<a href="?eid=' . $data->getEid() . '&revisionid=' . $rid . '">' . $et->t('tab_edit_entity_connection_revision') . ' ' . $rid . '</a>';
$output .= strlen($rnote) > 80 ? ' - ' . substr($rnote, 0, 79) . '...' : ' - ' . $rnote;
// Show edit user if present
$user->setUid($data->getUser());
if ($user->load()) {
$output .= ' - ' . $user->getUserid();
}
$output .= ' - ' . date('Y-m-d H:i', strtotime($data->getCreated()));
if (isset($workflowstates[$data->getWorkflow()]['name'][$et->getLanguage()])) {
$curLang = $et->getLanguage();
/**
* Get User information
*
* @access protected (see isProtected)
* @static
* @param array $data Request parameters for getUser method, supports:
* - string $data['userid']: UserID (login name) to get data for
* @param int $statusCode HTTP Status code to use in response
* @return array|string User information
*/
public static function method_getUser($data, &$statusCode)
{
if (!isset($data["userid"])) {
$statusCode = 400;
return '';
}
$config = sspmod_janus_DiContainer::getInstance()->getConfig();
$user = new sspmod_janus_User();
$user->setUserid($data['userid']);
$user->load(sspmod_janus_User::USERID_LOAD);
$result = array();
$result['uid'] = $user->getUid();
$result['userid'] = $user->getUserid();
$result['active'] = $user->getActive();
$result['type'] = $user->getType();
$result['data'] = $user->getdata();
return $result;
}
