2012-03-15 15:06:45 +01:00
< ? php
/**
* Application level Controller
*
* This file is application - wide controller file . You can put all
* application - wide controller - related methods here .
*
* PHP 5
*
* CakePHP ( tm ) : Rapid Development Framework ( http :// cakephp . org )
2012-09-25 15:41:58 +02:00
* Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
2012-03-15 15:06:45 +01:00
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice .
*
2012-09-25 15:41:58 +02:00
* @ copyright Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
* @ link http :// cakephp . org CakePHP ( tm ) Project
* @ package app . Controller
* @ since CakePHP ( tm ) v 0.2 . 9
* @ license MIT License ( http :// www . opensource . org / licenses / mit - license . php )
2012-03-15 15:06:45 +01:00
*/
2012-06-08 16:57:10 +02:00
// TODO GPG encryption has issues when keys are expired
2012-03-15 15:06:45 +01:00
App :: uses ( 'Controller' , 'Controller' );
2012-11-14 15:12:19 +01:00
App :: uses ( 'File' , 'Utility' );
2012-03-15 15:06:45 +01:00
/**
* Application Controller
*
* Add your application - wide methods in the class below , your controllers
* will inherit them .
*
2012-09-25 15:41:58 +02:00
* @ package app . Controller
2012-03-15 15:06:45 +01:00
* @ link http :// book . cakephp . org / 2.0 / en / controllers . html #the-app-controller
2012-12-18 17:44:07 +01:00
*
* @ throws ForbiddenException // TODO Exception
2012-03-15 15:06:45 +01:00
*/
class AppController extends Controller {
2012-03-26 19:56:44 +02:00
2013-01-04 16:48:46 +01:00
public $defaultModel = '' ;
2012-12-18 04:50:52 +01:00
public function __construct ( $id = false , $table = null , $ds = null ) {
parent :: __construct ( $id , $table , $ds );
$name = get_class ( $this );
2013-01-04 16:48:46 +01:00
$name = str_replace ( 'sController' , '' , $name );
$name = str_replace ( 'Controller' , '' , $name );
$this -> defaultModel = $name ;
2012-12-18 04:50:52 +01:00
}
2012-09-18 15:30:32 +02:00
public $components = array (
'Session' ,
'Auth' => array (
'className' => 'SecureAuth' ,
'authenticate' => array (
'Form' => array (
'fields' => array ( 'username' => 'email' )
)
),
2013-04-25 14:04:08 +02:00
'authError' => 'Unauthorised access.' ,
2012-09-18 15:30:32 +02:00
'loginRedirect' => array ( 'controller' => 'users' , 'action' => 'routeafterlogin' ),
'logoutRedirect' => array ( 'controller' => 'users' , 'action' => 'login' ),
2013-04-25 14:04:08 +02:00
//'authorize' => array('Controller', // Added this line
//'Actions' => array('actionPath' => 'controllers')) // TODO ACL, 4: tell actionPath
2012-09-24 16:02:01 +02:00
)
2012-09-18 15:30:32 +02:00
);
public function beforeFilter () {
2013-06-12 16:09:03 +02:00
// REST authentication
2012-09-18 15:30:32 +02:00
if ( $this -> _isRest ()) {
// disable CSRF for REST access
if ( array_key_exists ( 'Security' , $this -> components ))
2013-02-06 17:45:43 +01:00
$this -> Security -> csrfCheck = false ;
2012-09-18 15:30:32 +02:00
// Authenticate user with authkey in Authorization HTTP header
if ( ! empty ( $_SERVER [ 'HTTP_AUTHORIZATION' ])) {
2013-04-29 11:22:46 +02:00
$user = $this -> checkAuthUser ( $_SERVER [ 'HTTP_AUTHORIZATION' ]);
2013-05-30 11:14:00 +02:00
if ( $user ) {
// User found in the db, add the user info to the session
$this -> Session -> renew ();
$this -> Session -> write ( AuthComponent :: $sessionKey , $user [ 'User' ]);
2013-02-06 17:45:43 +01:00
}
2013-04-29 11:22:46 +02:00
else {
2013-05-30 11:14:00 +02:00
// User not authenticated correctly
2012-09-18 15:30:32 +02:00
// reset the session information
2013-05-30 11:14:00 +02:00
$this -> Session -> destroy ();
2013-04-29 11:22:46 +02:00
throw new ForbiddenException ( 'The authentication key provided cannot be used for syncing.' );
2012-09-18 15:30:32 +02:00
}
}
}
2013-06-12 16:09:03 +02:00
// user must accept terms
//
if ( $this -> Session -> check ( 'Auth.User' ) && ! $this -> Auth -> user ( 'termsaccepted' ) && ( ! in_array ( $this -> request -> here , array ( '/users/terms' , '/users/logout' , '/users/login' )))) {
$this -> redirect ( array ( 'controller' => 'users' , 'action' => 'terms' , 'admin' => false ));
}
if ( $this -> Session -> check ( 'Auth.User' ) && $this -> Auth -> user ( 'change_pw' ) && ( ! in_array ( $this -> request -> here , array ( '/users/terms' , '/users/change_pw' , '/users/logout' , '/users/login' )))) {
$this -> redirect ( array ( 'controller' => 'users' , 'action' => 'change_pw' , 'admin' => false ));
}
2012-09-18 15:30:32 +02:00
2013-04-25 14:04:08 +02:00
// We don't want to run these role checks before the user is logged in, but we want them available for every view once the user is logged on
// instead of using checkAction(), like we normally do from controllers when trying to find out about a permission flag, we can use getActions()
// getActions returns all the flags in a single SQL query
if ( $this -> Auth -> user ()) {
$role = $this -> getActions ();
$this -> set ( 'me' , $this -> Auth -> user ());
$this -> set ( 'isAdmin' , $role [ 'perm_admin' ]);
$this -> set ( 'isSiteAdmin' , $this -> _isSiteAdmin ());
$this -> set ( 'isAclAdd' , $role [ 'perm_add' ]);
$this -> set ( 'isAclModify' , $role [ 'perm_modify' ]);
$this -> set ( 'isAclModifyOrg' , $role [ 'perm_modify_org' ]);
$this -> set ( 'isAclPublish' , $role [ 'perm_publish' ]);
$this -> set ( 'isAclSync' , $role [ 'perm_sync' ]);
$this -> set ( 'isAclAdmin' , $role [ 'perm_admin' ]);
$this -> set ( 'isAclAudit' , $role [ 'perm_audit' ]);
$this -> set ( 'isAclAuth' , $role [ 'perm_auth' ]);
2013-06-10 17:33:03 +02:00
$this -> userRole = $role ;
2013-05-30 11:14:00 +02:00
} else {
2013-06-03 16:37:13 +02:00
$this -> set ( 'me' , false );
2013-05-30 11:14:00 +02:00
$this -> set ( 'isAdmin' , false );
$this -> set ( 'isSiteAdmin' , false );
$this -> set ( 'isAclAdd' , false );
$this -> set ( 'isAclModify' , false );
$this -> set ( 'isAclModifyOrg' , false );
$this -> set ( 'isAclPublish' , false );
$this -> set ( 'isAclSync' , false );
$this -> set ( 'isAclAdmin' , false );
$this -> set ( 'isAclAudit' , false );
$this -> set ( 'isAclAuth' , false );
2013-04-25 14:04:08 +02:00
}
2012-09-18 15:30:32 +02:00
}
2013-06-10 17:33:03 +02:00
public $userRole = null ;
2012-10-25 15:16:19 +02:00
//public function blackhole($type) {
// // handle errors.
// throw new Exception(__d('cake_dev', 'The request has been black-holed'));
// //throw new BadRequestException(__d('cake_dev', 'The request has been black-holed'));
//}
2012-10-17 13:00:50 +02:00
2012-09-18 15:30:32 +02:00
protected function _isRest () {
return ( isset ( $this -> RequestHandler ) && $this -> RequestHandler -> isXml ());
}
/**
* Convert an array to the same array but with the values also as index instead of an interface_exists
*/
2012-09-24 09:02:09 +02:00
protected function _arrayToValuesIndexArray ( $oldArray ) {
2012-09-19 11:05:10 +02:00
$newArray = Array ();
foreach ( $oldArray as $value )
$newArray [ $value ] = $value ;
return $newArray ;
2012-09-18 15:30:32 +02:00
}
/**
2013-04-22 14:44:55 +02:00
* checks if the currently logged user is an administrator ( an admin that can manage the users and events of his own organisation )
2012-09-18 15:30:32 +02:00
*/
2012-09-24 09:02:09 +02:00
protected function _isAdmin () {
2012-09-18 15:30:32 +02:00
$org = $this -> Auth -> user ( 'org' );
2013-01-24 11:35:59 +01:00
if (( isset ( $org ) && $org === 'ADMIN' ) || $this -> checkAction ( 'perm_admin' )) {
2012-09-18 15:30:32 +02:00
return true ;
}
return false ;
}
2013-02-19 15:37:35 +01:00
/**
2013-04-16 15:55:33 +02:00
* checks if the currently logged user is a site administrator ( an admin that can manage any user or event on the instance and create / edit the roles ) .
2013-02-19 15:37:35 +01:00
*/
2013-02-04 17:55:35 +01:00
protected function _isSiteAdmin () {
$org = $this -> Auth -> user ( 'org' );
if ( isset ( $org ) && $org === 'ADMIN' ) {
return true ;
}
return false ;
}
2013-02-19 15:37:35 +01:00
protected function _checkOrg () {
return $this -> Auth -> user ( 'org' );
}
2012-09-18 15:30:32 +02:00
/**
* Refreshes the Auth session with new / updated data
* @ return void
*/
2012-09-24 09:02:09 +02:00
protected function _refreshAuth () {
2013-06-08 11:31:22 +02:00
$this -> loadModel ( 'User' );
$this -> User -> recursive = - 1 ;
$user = $this -> User -> findById ( $this -> Auth -> user ( 'id' ));
2012-03-15 15:06:45 +01:00
$this -> Auth -> login ( $user [ 'User' ]);
2012-09-18 15:30:32 +02:00
}
public function generateCorrelation () {
2013-03-05 15:19:58 +01:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2012-09-18 15:30:32 +02:00
2012-08-03 12:00:16 +02:00
$this -> loadModel ( 'Correlation' );
2012-11-13 14:13:38 +01:00
$this -> Correlation -> deleteAll ( array ( 'id !=' => '' ), false );
2012-09-18 15:30:32 +02:00
$this -> loadModel ( 'Attribute' );
2012-11-13 14:13:38 +01:00
$fields = array ( 'Attribute.id' , 'Attribute.event_id' , 'Attribute.private' , 'Attribute.cluster' , 'Event.date' , 'Event.org' );
2012-08-03 12:00:16 +02:00
// get all attributes..
2013-06-24 15:18:16 +02:00
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => - 1 ));
2012-09-18 15:30:32 +02:00
// for all attributes..
foreach ( $attributes as $attribute ) {
2013-04-22 10:59:55 +02:00
$this -> Attribute -> __afterSaveCorrelation ( $attribute [ 'Attribute' ]);
2012-09-18 15:30:32 +02:00
}
2013-03-13 11:42:24 +01:00
$this -> Session -> setFlash ( __ ( 'All done.' ));
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'index' , 'admin' => false ));
2012-09-18 15:30:32 +02:00
}
2012-09-24 16:02:01 +02:00
/**
2013-04-25 14:04:08 +02:00
*
* @ param $action
* @ return boolean
2012-09-24 16:02:01 +02:00
*/
2013-04-25 14:04:08 +02:00
// pass an action to this method for it to check the active user's access to the action
public function checkAction ( $action = 'perm_sync' ) {
$this -> loadModel ( 'Role' );
$this -> Role -> recursive = - 1 ;
$role = $this -> Role -> findById ( $this -> Auth -> user ( 'role_id' ));
if ( $role [ 'Role' ][ $action ]) return true ;
return false ;
2012-11-08 14:09:52 +01:00
}
2013-04-25 14:04:08 +02:00
// returns the role of the currently authenticated user as an array, used to set the permission variables for views in the AppController's beforeFilter() method
public function getActions () {
$this -> loadModel ( 'Role' );
$this -> Role -> recursive = - 1 ;
$role = $this -> Role -> findById ( $this -> Auth -> user ( 'role_id' ));
return $role [ 'Role' ];
2012-12-07 15:00:40 +01:00
}
2013-02-06 17:45:43 +01:00
/**
*
* @ param unknown $authkey
2013-04-29 11:22:46 +02:00
* @ return boolean or user array
2013-02-06 17:45:43 +01:00
*/
public function checkAuthUser ( $authkey ) {
2013-04-22 14:44:55 +02:00
$this -> loadModel ( 'User' );
$this -> User -> recursive = - 1 ;
$user = $this -> User -> findByAuthkey ( $authkey );
2013-02-06 17:45:43 +01:00
if ( isset ( $user [ 'User' ])) {
2013-04-22 14:44:55 +02:00
$this -> loadModel ( 'Role' );
$this -> Role -> recursive = - 1 ;
$role = $this -> Role -> findById ( $user [ 'User' ][ 'role_id' ]);
2013-02-06 17:45:43 +01:00
if ( $role [ 'Role' ][ 'perm_auth' ]) {
2013-04-29 11:22:46 +02:00
return $user ;
2013-02-06 17:45:43 +01:00
}
}
2013-04-29 11:22:46 +02:00
return false ;
2013-02-06 17:45:43 +01:00
}
2012-10-18 11:40:12 +02:00
public function generatePrivate () {
2012-11-29 15:10:18 +01:00
$this -> generatePrivateForAttributes ();
$this -> generatePrivateForEvents ();
}
public function generatePrivateForAttributes () {
2013-03-05 15:19:58 +01:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2012-10-18 11:40:12 +02:00
$this -> loadModel ( 'Attribute' );
2012-12-19 11:30:10 +01:00
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => 0 ));
2012-10-18 11:40:12 +02:00
foreach ( $attributes as $attribute ) {
if ( $attribute [ 'Attribute' ][ 'private' ]) {
2012-11-28 16:34:36 +01:00
$attribute [ 'Attribute' ][ 'private' ] = true ;
$attribute [ 'Attribute' ][ 'cluster' ] = false ;
$attribute [ 'Attribute' ][ 'communitie' ] = false ;
2013-02-22 14:42:22 +01:00
} else {
$attribute [ 'Attribute' ][ 'private' ] = false ;
2013-02-27 17:15:09 +01:00
$attribute [ 'Attribute' ][ 'cluster' ] = false ;
2013-02-22 14:42:22 +01:00
$attribute [ 'Attribute' ][ 'communitie' ] = false ;
2012-10-18 11:40:12 +02:00
}
$this -> Attribute -> save ( $attribute );
}
2012-11-29 15:10:18 +01:00
}
public function generatePrivateForEvents () {
2013-03-05 15:19:58 +01:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2012-10-18 11:40:12 +02:00
$this -> loadModel ( 'Event' );
2012-12-19 11:30:10 +01:00
$events = $this -> Event -> find ( 'all' , array ( 'recursive' => 0 ));
2012-10-18 11:40:12 +02:00
foreach ( $events as $event ) {
if ( $event [ 'Event' ][ 'private' ]) {
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'private' ] = true ;
$event [ 'Event' ][ 'cluster' ] = false ;
$event [ 'Event' ][ 'communitie' ] = false ;
} else {
$event [ 'Event' ][ 'private' ] = false ;
2013-02-27 17:15:09 +01:00
$event [ 'Event' ][ 'cluster' ] = false ;
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'communitie' ] = false ;
2012-10-18 11:40:12 +02:00
}
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'orgc' ] = $event [ 'Event' ][ 'org' ];
$event [ 'Event' ][ 'dist_change' ] = 0 ;
$event [ 'Event' ][ 'analysis' ] = 2 ;
2012-10-18 11:40:12 +02:00
$this -> Event -> save ( $event );
}
}
2012-11-14 15:12:19 +01:00
2012-11-14 16:14:04 +01:00
public function generateCount () {
2013-03-05 15:19:58 +01:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2013-03-12 12:00:49 +01:00
$this -> loadModel ( 'Event' );
$events = $this -> Event -> find ( 'all' , array ( 'recursive' => 1 ));
foreach ( $events as $event ) {
$event [ 'Event' ][ 'attribute_count' ] = sizeof ( $event [ 'Attribute' ]);
$this -> Event -> save ( $event );
2012-11-14 16:14:04 +01:00
}
2013-03-13 11:42:24 +01:00
$this -> Session -> setFlash ( __ ( 'All done.' ));
$this -> redirect ( array ( 'controller' => 'events' , 'action' => 'index' , 'admin' => false ));
2012-11-14 16:14:04 +01:00
}
2012-11-14 17:16:36 +01:00
/**
* CakePHP returns false if filesize is 0 at lib / cake / Utility / File . php : 384
*/
2012-11-14 15:12:19 +01:00
public function checkEmpty ( $fileP = '/var/www/cydefsig/app/files/test' ) {
// Check if there were problems with the file upload
// only keep the last part of the filename, this should prevent directory attacks
$filename = basename ( $fileP );
$tmpfile = new File ( $fileP );
debug ( $fileP );
debug ( $tmpfile );
debug ( $tmpfile -> size ());
debug ( $tmpfile -> md5 ());
debug ( md5_file ( $fileP ));
$md5 = ! $tmpfile -> size () ? md5_file ( $fileP ) : $tmpfile -> md5 ();
debug ( $md5 );
}
2012-12-18 04:50:52 +01:00
/**
* generateAllFor < FieldName >
2012-12-18 17:44:07 +01:00
*
* @ throws NotFoundException // TODO Exception
2012-12-18 04:50:52 +01:00
**/
public function generateAllFor ( $field ) {
2013-03-05 15:19:58 +01:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2012-12-18 04:50:52 +01:00
// contain the newValue and oldValue
2012-12-18 17:44:07 +01:00
$methodArgs = $this -> params [ 'pass' ];
2012-12-18 04:50:52 +01:00
// use call_user_func_array() to pass the newValue and oldValue
2012-12-18 17:44:07 +01:00
$success = call_user_func_array ( array ( $this -> { $this -> defaultModel }, 'generateAllFor' . $field ), $methodArgs );
2012-12-18 04:50:52 +01:00
// give feedback
$this -> set ( 'succes' , $success );
$this -> render ( 'succes' );
}
public function call ( $method , $dummySecond ) {
$this -> __call ( $method , $dummySecond );
}
2012-12-18 17:44:07 +01:00
2012-12-18 04:50:52 +01:00
public function __call ( $method , $dummySecond ) {
$args = $this -> params [ 'pass' ]; // TODO this is naughty
if ( strpos ( $method , 'generateAllFor' ) === 0 ) {
// massage the args
2012-12-18 17:44:07 +01:00
$methodArgs = $args ;
$methodArgs [ 0 ] = str_replace ( 'generateAllFor' , '' , $method ); // TODO
//array_unshift($methodArgs, str_replace('generateAllFor', '', $method));
2012-12-18 04:50:52 +01:00
// do the actual call
2012-12-18 17:44:07 +01:00
return call_user_func_array ( array ( $this , 'generateAllFor' ), $methodArgs );
2012-12-18 04:50:52 +01:00
}
2012-12-19 11:30:10 +01:00
//if (strpos($method, 'findBy') === 0) {
// //debug(true);debug(tru);
//}
2012-12-18 04:50:52 +01:00
return false ;
}
2013-06-19 12:28:55 +02:00
public function reportValidationIssuesEvents () {
// search for validation problems in the events
2013-06-20 08:53:47 +02:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2013-06-19 12:28:55 +02:00
print ( " <h2>Listing invalid event validations</h2> " );
$this -> loadModel ( 'Event' );
2013-06-19 14:51:58 +02:00
// first remove executing some Behaviors because of Noud's crappy code
$this -> Event -> Behaviors -> detach ( 'Regexp' );
$this -> Event -> Behaviors -> detach ( 'Blacklist' );
2013-06-19 12:28:55 +02:00
// get all events..
2013-06-19 14:51:58 +02:00
$events = $this -> Event -> find ( 'all' , array ( 'recursive' => - 1 ));
2013-06-19 12:28:55 +02:00
// for all events..
foreach ( $events as $event ) {
$this -> Event -> set ( $event );
if ( $this -> Event -> validates ()) {
// validates
} else {
$errors = $this -> Event -> validationErrors ;
print ( " <h3>Validation errors for event: " . $event [ 'Event' ][ 'id' ] . " </h3><pre> " );
print_r ( $errors );
print ( " </pre><p>Event details:</p><pre> " );
print_r ( $event );
print ( " </pre><br/> " );
}
}
}
public function reportValidationIssuesAttributes () {
2013-06-19 14:51:58 +02:00
// TODO improve performance of this function by eliminating the additional SQL query per attribute
2013-06-19 12:28:55 +02:00
// search for validation problems in the attributes
2013-06-20 08:53:47 +02:00
if ( ! self :: _isSiteAdmin ()) throw new NotFoundException ();
2013-06-19 12:28:55 +02:00
print ( " <h2>Listing invalid attribute validations</h2> " );
$this -> loadModel ( 'Attribute' );
2013-06-19 14:51:58 +02:00
// first remove executing some Behaviors because of Noud's crappy code
$this -> Attribute -> Behaviors -> detach ( 'Regexp' );
$this -> Attribute -> Behaviors -> detach ( 'Blacklist' );
// for efficiency reasons remove the unique requirement
$this -> Attribute -> validator () -> remove ( 'value' , 'unique' );
2013-06-19 12:28:55 +02:00
// get all attributes..
2013-06-19 14:51:58 +02:00
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => - 1 ));
2013-06-19 12:28:55 +02:00
// for all attributes..
foreach ( $attributes as $attribute ) {
$this -> Attribute -> set ( $attribute );
if ( $this -> Attribute -> validates ()) {
// validates
} else {
$errors = $this -> Attribute -> validationErrors ;
print ( " <h3>Validation errors for attribute: " . $attribute [ 'Attribute' ][ 'id' ] . " </h3><pre> " );
print_r ( $errors );
print ( " </pre><p>Attribute details:</p><pre> " );
print_r ( $attribute );
print ( " </pre><br/> " );
}
}
}
2012-11-14 15:12:19 +01:00
}