2012-03-15 15:06:45 +01:00
< ? php
/**
* Application level Controller
*
* This file is application - wide controller file . You can put all
* application - wide controller - related methods here .
*
* PHP 5
*
* CakePHP ( tm ) : Rapid Development Framework ( http :// cakephp . org )
2012-09-25 15:41:58 +02:00
* Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
2012-03-15 15:06:45 +01:00
*
* Licensed under The MIT License
* Redistributions of files must retain the above copyright notice .
*
2012-09-25 15:41:58 +02:00
* @ copyright Copyright 2005 - 2012 , Cake Software Foundation , Inc . ( http :// cakefoundation . org )
* @ link http :// cakephp . org CakePHP ( tm ) Project
* @ package app . Controller
* @ since CakePHP ( tm ) v 0.2 . 9
* @ license MIT License ( http :// www . opensource . org / licenses / mit - license . php )
2012-03-15 15:06:45 +01:00
*/
2012-06-08 16:57:10 +02:00
// TODO GPG encryption has issues when keys are expired
2012-03-15 15:06:45 +01:00
App :: uses ( 'Controller' , 'Controller' );
App :: uses ( 'Sanitize' , 'Utility' );
2012-11-14 15:12:19 +01:00
App :: uses ( 'File' , 'Utility' );
2012-03-15 15:06:45 +01:00
/**
* Application Controller
*
* Add your application - wide methods in the class below , your controllers
* will inherit them .
*
2012-09-25 15:41:58 +02:00
* @ package app . Controller
2012-03-15 15:06:45 +01:00
* @ link http :// book . cakephp . org / 2.0 / en / controllers . html #the-app-controller
2012-12-18 17:44:07 +01:00
*
* @ throws ForbiddenException // TODO Exception
2012-03-15 15:06:45 +01:00
*/
class AppController extends Controller {
2012-03-26 19:56:44 +02:00
2013-01-04 16:48:46 +01:00
public $defaultModel = '' ;
2012-12-18 04:50:52 +01:00
public function __construct ( $id = false , $table = null , $ds = null ) {
parent :: __construct ( $id , $table , $ds );
$name = get_class ( $this );
2013-01-04 16:48:46 +01:00
$name = str_replace ( 'sController' , '' , $name );
$name = str_replace ( 'Controller' , '' , $name );
$this -> defaultModel = $name ;
2012-12-18 04:50:52 +01:00
}
2012-09-18 15:30:32 +02:00
public $components = array (
2013-01-04 16:48:46 +01:00
'Acl' , // TODO ACL, components
2012-09-18 15:30:32 +02:00
'Session' ,
'Auth' => array (
'className' => 'SecureAuth' ,
'authenticate' => array (
'Form' => array (
'fields' => array ( 'username' => 'email' )
)
),
'authError' => 'Did you really think you are allowed to see that?' ,
'loginRedirect' => array ( 'controller' => 'users' , 'action' => 'routeafterlogin' ),
'logoutRedirect' => array ( 'controller' => 'users' , 'action' => 'login' ),
2012-09-24 16:02:01 +02:00
'authorize' => array ( 'Controller' , // Added this line
'Actions' => array ( 'actionPath' => 'controllers' )) // TODO ACL, 4: tell actionPath
)
2012-09-18 15:30:32 +02:00
);
public function isAuthorized ( $user ) {
if ( self :: _isAdmin ()) {
return true ; // admin can access every action on every controller
}
return false ; // The rest don't
}
public function beforeFilter () {
2012-11-14 10:52:53 +01:00
// user must accept terms
2013-01-24 11:35:59 +01:00
//
// TODO $this->Session->check('Auth.User') (16:32:45) andras.iklody@gmail.com: think this was documented as check('Auth')
2012-12-17 15:51:30 +01:00
if ( $this -> Session -> check ( 'Auth.User' ) && ! $this -> Auth -> user ( 'termsaccepted' ) && ( ! in_array ( $this -> request -> here , array ( '/users/terms' , '/users/logout' , '/users/login' )))) {
2013-01-04 16:48:46 +01:00
$this -> redirect ( array ( 'controller' => 'users' , 'action' => 'terms' , 'admin' => false ));
2012-11-14 10:52:53 +01:00
}
2012-12-17 15:51:30 +01:00
if ( $this -> Session -> check ( 'Auth.User' ) && $this -> Auth -> user ( 'change_pw' ) && ( ! in_array ( $this -> request -> here , array ( '/users/terms' , '/users/change_pw' , '/users/logout' , '/users/login' )))) {
2013-01-04 16:48:46 +01:00
$this -> redirect ( array ( 'controller' => 'users' , 'action' => 'change_pw' , 'admin' => false ));
2012-12-17 15:51:30 +01:00
}
2012-11-14 10:52:53 +01:00
2012-09-18 15:30:32 +02:00
// REST things
if ( $this -> _isRest ()) {
// disable CSRF for REST access
if ( array_key_exists ( 'Security' , $this -> components ))
2013-02-06 17:45:43 +01:00
$this -> Security -> csrfCheck = false ;
2012-09-18 15:30:32 +02:00
// Authenticate user with authkey in Authorization HTTP header
if ( ! empty ( $_SERVER [ 'HTTP_AUTHORIZATION' ])) {
2013-02-06 17:45:43 +01:00
//Sanitize the authkey
$authkey = Sanitize :: clean ( $_SERVER [ 'HTTP_AUTHORIZATION' ]);
if ( ! $this -> checkAuthUser ( $authkey )) {
throw new ForbiddenException ( 'The authentication key provided cannot be used for syncing.' );
}
2012-09-18 15:30:32 +02:00
$this -> loadModel ( 'User' );
$params = array (
'conditions' => array ( 'User.authkey' => $authkey ),
'recursive' => 0 ,
);
$user = $this -> User -> find ( 'first' , $params );
if ( $user ) {
// User found in the db, add the user info to the session
$this -> Session -> renew ();
$this -> Session -> write ( AuthComponent :: $sessionKey , $user [ 'User' ]);
} else {
// User not authenticated correctly
// reset the session information
$this -> Session -> destroy ();
throw new ForbiddenException ( 'Incorrect authentication key' );
}
}
2012-10-17 13:00:50 +02:00
} else {
2012-10-24 17:16:12 +02:00
//$this->Security->blackHoleCallback = 'blackhole'; // TODO needs more investigation
2012-09-18 15:30:32 +02:00
}
// These variables are required for every view
2012-12-12 14:01:00 +01:00
$this -> set ( 'me' , Sanitize :: clean ( $this -> Auth -> user ()));
2012-09-18 15:30:32 +02:00
$this -> set ( 'isAdmin' , $this -> _isAdmin ());
2013-02-21 17:24:41 +01:00
$this -> set ( 'isSiteAdmin' , $this -> _isSiteAdmin ());
2012-09-24 16:02:01 +02:00
2012-06-28 17:24:12 +02:00
// TODO ACL: 5: from Controller to Views
2012-09-24 16:02:01 +02:00
$this -> set ( 'isAclAdd' , $this -> checkAcl ( 'add' ));
$this -> set ( 'isAclModify' , $this -> checkAcl ( 'edit' ));
2012-12-12 16:15:01 +01:00
$this -> set ( 'isAclModifyOrg' , $this -> checkRole ());
2012-09-24 16:02:01 +02:00
$this -> set ( 'isAclPublish' , $this -> checkAcl ( 'publish' ));
2013-02-04 17:55:35 +01:00
$this -> set ( 'isAclAdd2' , $this -> checkAction ( 'perm_add' ));
2012-12-11 17:40:57 +01:00
$this -> set ( 'isAclSync' , $this -> checkAction ( 'perm_sync' ));
$this -> set ( 'isAclAdmin' , $this -> checkAction ( 'perm_admin' ));
$this -> set ( 'isAclAudit' , $this -> checkAction ( 'perm_audit' ));
2013-02-06 17:45:43 +01:00
$this -> set ( 'isAclAuth' , $this -> checkAction ( 'perm_auth' ));
2012-09-18 15:30:32 +02:00
}
2012-10-25 15:16:19 +02:00
//public function blackhole($type) {
// // handle errors.
// throw new Exception(__d('cake_dev', 'The request has been black-holed'));
// //throw new BadRequestException(__d('cake_dev', 'The request has been black-holed'));
//}
2012-10-17 13:00:50 +02:00
2012-09-18 15:30:32 +02:00
protected function _isRest () {
return ( isset ( $this -> RequestHandler ) && $this -> RequestHandler -> isXml ());
}
/**
* Convert an array to the same array but with the values also as index instead of an interface_exists
*/
2012-09-24 09:02:09 +02:00
protected function _arrayToValuesIndexArray ( $oldArray ) {
2012-09-19 11:05:10 +02:00
$newArray = Array ();
foreach ( $oldArray as $value )
$newArray [ $value ] = $value ;
return $newArray ;
2012-09-18 15:30:32 +02:00
}
/**
* checks if the currently logged user is an administrator
*/
2012-09-24 09:02:09 +02:00
protected function _isAdmin () {
2012-09-18 15:30:32 +02:00
$org = $this -> Auth -> user ( 'org' );
2013-01-24 11:35:59 +01:00
if (( isset ( $org ) && $org === 'ADMIN' ) || $this -> checkAction ( 'perm_admin' )) {
2012-09-18 15:30:32 +02:00
return true ;
}
return false ;
}
2013-02-19 15:37:35 +01:00
/**
* checks if the currently logged user is a site administrator
*/
2013-02-04 17:55:35 +01:00
protected function _isSiteAdmin () {
$org = $this -> Auth -> user ( 'org' );
if ( isset ( $org ) && $org === 'ADMIN' ) {
return true ;
}
return false ;
}
2013-02-19 15:37:35 +01:00
protected function _checkOrg () {
return $this -> Auth -> user ( 'org' );
}
2012-09-18 15:30:32 +02:00
/**
* Refreshes the Auth session with new / updated data
* @ return void
*/
2012-09-24 09:02:09 +02:00
protected function _refreshAuth () {
2012-03-15 15:06:45 +01:00
if ( isset ( $this -> User )) {
2012-09-18 15:30:32 +02:00
$user = $this -> User -> read ( false , $this -> Auth -> user ( 'id' ));
2012-03-15 15:06:45 +01:00
} else {
2012-09-18 15:30:32 +02:00
$user = ClassRegistry :: init ( 'User' ) -> findById ( $this -> Auth -> user ( 'id' ));
2012-03-15 15:06:45 +01:00
}
$this -> Auth -> login ( $user [ 'User' ]);
2012-09-18 15:30:32 +02:00
}
/**
* Updates the missing fields from v0 . 1 to v0 . 2 of CyDefSIG
* First you will need to manually update the database to the new schema .
* Log in as admin user and
* Then run this function by setting debug = 1 ( or more ) and call / events / migrate01to02
*
2012-12-18 17:44:07 +01:00
* @ throws NotFoundException // TODO Exception
2012-09-18 15:30:32 +02:00
*/
public function migrate01to02 () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
// generate uuids for events who have no uuid
$this -> loadModel ( 'Event' );
$params = array (
'conditions' => array ( 'Event.uuid' => '' ),
'recursive' => 0 ,
'fields' => array ( 'Event.id' ),
);
$events = $this -> Event -> find ( 'all' , $params );
echo '<p>Generating UUID for events: ' ;
foreach ( $events as $event ) {
$this -> Event -> id = $event [ 'Event' ][ 'id' ];
$this -> Event -> saveField ( 'uuid' , String :: uuid ());
echo $event [ 'Event' ][ 'id' ] . ' ' ;
}
echo " </p> " ;
// generate uuids for attributes who have no uuid
$this -> loadModel ( 'Attribute' );
$params = array (
'conditions' => array ( 'Attribute.uuid' => '' ),
'recursive' => 0 ,
'fields' => array ( 'Attribute.id' ),
);
$attributes = $this -> Attribute -> find ( 'all' , $params );
echo '<p>Generating UUID for attributes: ' ;
foreach ( $attributes as $attribute ) {
$this -> Attribute -> id = $attribute [ 'Attribute' ][ 'id' ];
$this -> Attribute -> saveField ( 'uuid' , String :: uuid ());
echo $attribute [ 'Attribute' ][ 'id' ] . ' ' ;
}
echo " </p> " ;
}
/**
* Updates the missing fields from v0 . 2 to v0 . 2.1 of CyDefSIG
* First you will need to manually update the database to the new schema .
* Log in as admin user and
* Then run this function by setting debug = 1 ( or more ) and call / events / migrate02to021
2012-12-18 17:44:07 +01:00
*
* @ throws NotFoundException // TODO Exception
2012-09-18 15:30:32 +02:00
*/
2012-09-24 09:02:09 +02:00
private function __explodeValueToValues () {
2012-09-18 15:30:32 +02:00
// search for composite value1 fields and explode it to value1 and value2
$this -> loadModel ( 'Attribute' );
$params = array (
'conditions' => array (
'OR' => array (
'Attribute.type' => $this -> Attribute -> getCompositeTypes ()
)
),
'recursive' => 0 ,
'fields' => array ( 'Attribute.id' , 'Attribute.value1' ),
);
$attributes = $this -> Attribute -> find ( 'all' , $params );
echo '<h2>Exploding composite fields in 2 columns: </h2><ul>' ;
foreach ( $attributes as $attribute ) {
$pieces = explode ( '|' , $attribute [ 'Attribute' ][ 'value1' ]);
if ( 2 != count ( $pieces )) continue ; // do nothing if not 2 pieces
$this -> Attribute -> id = $attribute [ 'Attribute' ][ 'id' ];
echo '<li>' . $attribute [ 'Attribute' ][ 'id' ] . ' --> ' . $attribute [ 'Attribute' ][ 'value1' ] . ' --> ' . $pieces [ 0 ] . ' --> ' . $pieces [ 1 ] . '</li> ' ;
$this -> Attribute -> saveField ( 'value1' , $pieces [ 0 ]);
$this -> Attribute -> id = $attribute [ 'Attribute' ][ 'id' ];
$this -> Attribute -> saveField ( 'value2' , $pieces [ 1 ]);
}
echo " </ul> DONE. " ;
}
public function migrate02to021 () {
if ( ! self :: _isAdmin ()) {
throw new NotFoundException ();
}
// search for composite value1 fields and explode it to value1 and value2
2012-09-24 09:02:09 +02:00
$this -> __explodeValueToValues ();
2012-09-18 15:30:32 +02:00
}
public function migrate021to022 () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
// replace description by comment
// replace empty category
// not easy as we have to guess the category from the type
//$this->loadModel('Attribute');
// $params = array(
// 'conditions' => array('Attribute.type' => ''),
// 'recursive' => 0,
// 'fields' => array('Attribute.id'),
// );
// $attributes = $this->Attribute->find('all', $params);
// echo '<p>Replacing empty categories by OtherExploding composite fields in 2 columns: </p><ul>';
// foreach ($attributes as $attribute) {
// $pieces = explode('|', $attribute['Attribute']['value1']);
// if (2 != sizeof($pieces)) continue; // do nothing if not 2 pieces
// $this->Attribute->id = $attribute['Attribute']['id'];
// echo '<li>'.$attribute['Attribute']['id'].' --> '.$attribute['Attribute']['value1'].' --> '.$pieces[0].' --> '.$pieces[1].'</li> ';
// $this->Attribute->saveField('value1', $pieces[0]);
// $this->Attribute->id = $attribute['Attribute']['id'];
// $this->Attribute->saveField('value2', $pieces[1]);
// }
// echo "</ul> DONE</p>";
// search for incompatible combination of category / type
}
public function migratemisp02to10 () {
if ( ! self :: _isAdmin ()) {
throw new NotFoundException ();
}
// add missing columns, rename other columns
$queries = array (
// ATTRIBUTES
// rename value to value1
2013-02-04 17:55:35 +01:00
" ALTER TABLE `attributes` CHANGE `value` `value1` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL "
2012-09-18 15:30:32 +02:00
// add value2
, " ALTER TABLE `attributes` ADD `value2` TEXT CHARACTER SET utf8 COLLATE utf8_unicode_ci NOT NULL AFTER `value1` "
// fix the keys
, " ALTER TABLE `attributes` DROP INDEX `uuid`; "
, " ALTER TABLE `attributes` ADD INDEX `value1_key` ( `value1` ( 5 ) ) ; "
, " ALTER TABLE `attributes` ADD INDEX `value2_key` ( `value2` ( 5 ) ) ; "
// EVENTS
// remove useless things
, " ALTER TABLE `events` DROP `user_id` "
, " ALTER TABLE `events` DROP `alerted` "
, " ALTER TABLE `events` ADD `revision` INT( 10 ) NOT NULL DEFAULT '0' AFTER `uuid` "
// fix the keys
, " ALTER TABLE events DROP INDEX uuid "
, " ALTER TABLE events DROP INDEX info "
// SERVERS
// rename lastfetchedid to lastpushedid
, " ALTER TABLE `servers` CHANGE `lastfetchedid` `lastpushedid` INT( 11 ) NOT NULL "
// add lastpulledid
, " ALTER TABLE `servers` ADD `lastpulledid` INT( 11 ) NOT NULL AFTER `lastpushedid` "
// USERS
// fix keys
, " ALTER TABLE `users` DROP INDEX `username` "
, " ALTER TABLE `users` ADD INDEX `email` ( `email` ) "
);
// execute the queries
foreach ( $queries as & $query ) {
$result = $this -> { $this -> modelClass } -> query ( $query );
}
}
public function migratemisp10to11 () {
if ( ! self :: _isAdmin ()) {
throw new NotFoundException ();
}
// add missing columns, rename other columns
$queries = array (
// EVENTS
// bring user_id back in
" ALTER TABLE `events` ADD `user_id` INT( 11 ) NOT NULL AFTER `info` "
);
// execute the queries
foreach ( $queries as & $query ) {
$result = $this -> { $this -> modelClass } -> query ( $query );
}
}
2012-11-28 14:30:29 +01:00
public function migratemisp11to2 ( $yourOrg = 'NCIRC' ) {
2012-11-15 15:53:07 +01:00
if ( ! self :: _isAdmin ()) {
throw new NotFoundException ();
}
2013-02-27 17:15:09 +01:00
// Deprecated - generate Private sets the values for the 3 distribution fields on migration - however the new SQL scheme sets cluster + communitie
// to false, which means that private will become org only and non-private will become all communities - which is desired behaviour.
// $this->generatePrivate();
2012-11-15 15:53:07 +01:00
$this -> generateCorrelation (); // TODO
$this -> generateCount ();
2013-02-22 14:42:22 +01:00
// Deprecated - hop unused currently, also, it would generate hop count 1 for all local events created by other hosted orgs.
// $this->generateHop($yourOrg);
$this -> generateArosAcos ();
2012-11-15 15:53:07 +01:00
}
2013-02-05 17:22:37 +01:00
public function generateArosAcos () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
$this -> loadModel ( 'Role' );
$roles = $this -> Role -> find ( 'all' , array ( 'recursive' => 0 ));
foreach ( $roles as $role ) {
$this -> generateACL ( $role );
}
exit ;
}
public function generateACL ( $inc ) {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
2013-02-21 17:24:41 +01:00
if ( $inc [ 'Role' ][ 'permission' ] == null ) $inc [ 'Role' ][ 'permission' ] = 0 ;
2013-02-05 17:22:37 +01:00
switch ( $inc [ 'Role' ][ 'permission' ]) {
case '0' :
$permAdd = false ;
$permModify = false ;
$PermModifyOrg = false ;
$permPublish = false ;
break ;
case '1' :
$permAdd = true ;
$permModify = true ;
$PermModifyOrg = false ;
$permPublish = false ;
break ;
case '2' :
$permAdd = true ;
$permModify = true ;
$PermModifyOrg = true ;
$permPublish = false ;
break ;
case '3' :
$permAdd = true ;
$permModify = true ;
$PermModifyOrg = true ;
$permPublish = true ;
break ;
default :
break ;
}
2013-02-27 15:24:38 +01:00
//$this->Acl->allow($inc, 'controllers/Events/add');
2013-02-05 17:22:37 +01:00
if ( $permAdd ) {
$this -> Acl -> allow ( $inc , 'controllers/Events/add' );
$this -> Acl -> allow ( $inc , 'controllers/Attributes/add' );
} else {
$this -> Acl -> deny ( $inc , 'controllers/Events/add' );
$this -> Acl -> deny ( $inc , 'controllers/Attributes/add' );
}
if ( $permModify ) {
$this -> Acl -> allow ( $inc , 'controllers/Events/edit' );
$this -> Acl -> allow ( $inc , 'controllers/Attributes/edit' );
} else {
$this -> Acl -> deny ( $inc , 'controllers/Events/edit' );
$this -> Acl -> deny ( $inc , 'controllers/Attributes/edit' );
}
if ( $permPublish ) {
$this -> Acl -> allow ( $inc , 'controllers/Events/publish' );
} else {
$this -> Acl -> deny ( $inc , 'controllers/Events/publish' );
}
if ( isset ( $inc [ 'Role' ][ 'perm_sync' ])) {
if ( $inc [ 'Role' ][ 'perm_sync' ]) {
$this -> Acl -> allow ( $inc , 'controllers/Servers' );
}
} else {
$this -> Acl -> deny ( $inc , 'controllers/Servers' );
}
if ( isset ( $inc [ 'Role' ][ 'perm_audit' ])) {
if ( $inc [ 'Role' ][ 'perm_audit' ]) {
$this -> Acl -> allow ( $inc , 'controllers/Logs' );
}
} else {
$this -> Acl -> deny ( $inc , 'controllers/Logs' );
}
2013-02-27 15:24:38 +01:00
if ( isset ( $inc [ 'Role' ][ 'perm_admin' ]) && $inc [ 'Role' ][ 'perm_admin' ]) {
2013-02-05 17:22:37 +01:00
//$this->Acl->allow($inc, 'controllers/Logs');
} else {
$this -> Acl -> deny ( $inc , 'controllers/Roles' );
2013-02-27 15:24:38 +01:00
//$this->Acl->deny($inc, 'controllers');
2013-02-05 17:22:37 +01:00
}
2013-02-06 17:45:43 +01:00
if ( isset ( $inc [ 'Role' ][ 'perm_auth' ])) {
if ( $inc [ 'Role' ][ 'perm_auth' ]) {
}
} else {
$this -> Acl -> deny ( $inc , 'controllers/Events/export' );
}
2013-02-05 17:22:37 +01:00
}
2012-09-18 15:30:32 +02:00
public function generateCorrelation () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
2012-08-03 12:00:16 +02:00
$this -> loadModel ( 'Correlation' );
2012-11-13 14:13:38 +01:00
$this -> Correlation -> deleteAll ( array ( 'id !=' => '' ), false );
2012-09-18 15:30:32 +02:00
$this -> loadModel ( 'Attribute' );
2012-11-13 14:13:38 +01:00
$fields = array ( 'Attribute.id' , 'Attribute.event_id' , 'Attribute.private' , 'Attribute.cluster' , 'Event.date' , 'Event.org' );
2012-08-03 12:00:16 +02:00
// get all attributes..
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => 0 ));
2012-09-18 15:30:32 +02:00
// for all attributes..
foreach ( $attributes as $attribute ) {
2012-11-15 15:53:07 +01:00
$this -> Attribute -> setInitialRelatedAttributes ( $attribute [ 'Attribute' ], $fields = array ());
2012-09-18 15:30:32 +02:00
//// i want to keep this in repo for a moment
//$relatedAttributes = $this->Attribute->getRelatedAttributes($attribute['Attribute'], $fields);
//if ($relatedAttributes) {
// foreach ($relatedAttributes as $relatedAttribute) {
// // and store into table
// $this->Correlation->create();
// $this->Correlation->save(array('Correlation' => array(
// '1_event_id' => $attribute['Attribute']['event_id'], '1_attribute_id' => $attribute['Attribute']['id'],
// 'event_id' => $relatedAttribute['Attribute']['event_id'], 'attribute_id' => $relatedAttribute['Attribute']['id'],
// 'date' => $relatedAttribute['Event']['date'])));
// }
//}
}
}
2012-09-24 16:02:01 +02:00
/**
2012-12-12 16:15:01 +01:00
* TODO ACL , 6 b : check on Role and per Model ( not used )
2012-09-24 16:02:01 +02:00
*/
public function checkAccess () {
2012-06-28 17:24:12 +02:00
$aco = ucfirst ( $this -> params [ 'controller' ]);
$user = ClassRegistry :: init ( 'User' ) -> findById ( $this -> Auth -> user ( 'id' ));
2012-09-24 16:02:01 +02:00
return $this -> Acl -> check ( $user , 'controllers/' . $aco , '*' );
2012-06-28 17:24:12 +02:00
}
2012-09-24 16:02:01 +02:00
2012-11-08 14:09:52 +01:00
/**
* TODO ACL , EXTRA : mixed in Org !!
*/
2012-12-12 16:15:01 +01:00
public function checkRole () {
$modifyRole = false ;
2012-11-08 15:12:20 +01:00
$user = ClassRegistry :: init ( 'User' ) -> findById ( $this -> Auth -> user ( 'id' ));
2012-11-08 15:28:21 +01:00
if ( isset ( $user [ 'User' ])) {
2012-12-12 16:15:01 +01:00
$role = ClassRegistry :: init ( 'Role' ) -> findById ( $user [ 'User' ][ 'role_id' ]);
if ( $role [ 'Role' ][ 'perm_modify_org' ]) {
$modifyRole = true ;
2012-11-08 15:12:20 +01:00
}
2012-11-08 14:09:52 +01:00
}
2012-12-12 16:15:01 +01:00
return $modifyRole ;
2012-11-08 14:09:52 +01:00
}
2012-12-07 15:00:40 +01:00
/**
* TODO ACL , EXTRA : mixed in Sync !!
*/
2012-12-11 17:40:57 +01:00
public function checkAction ( $action = 'perm_sync' ) {
2012-12-07 15:00:40 +01:00
$maySync = false ;
$user = ClassRegistry :: init ( 'User' ) -> findById ( $this -> Auth -> user ( 'id' ));
if ( isset ( $user [ 'User' ])) {
2012-12-12 16:15:01 +01:00
$role = ClassRegistry :: init ( 'Role' ) -> findById ( $user [ 'User' ][ 'role_id' ]);
if ( $role [ 'Role' ][ $action ]) {
2012-12-07 15:00:40 +01:00
$maySync = true ;
}
}
return $maySync ;
}
2013-02-06 17:45:43 +01:00
/**
*
* @ param unknown $authkey
* @ return boolean
*/
public function checkAuthUser ( $authkey ) {
$result = false ;
$user = ClassRegistry :: init ( 'User' ) -> findByAuthkey ( $authkey );
if ( isset ( $user [ 'User' ])) {
$role = ClassRegistry :: init ( 'Role' ) -> findById ( $user [ 'User' ][ 'role_id' ]);
if ( $role [ 'Role' ][ 'perm_auth' ]) {
$result = true ;
}
}
return $result ;
}
2012-09-24 16:02:01 +02:00
/**
2012-12-12 16:15:01 +01:00
* TODO ACL , 6 : check on Role and any Model
2012-12-18 17:44:07 +01:00
*
* @ throws NotFoundException // TODO Exception
2012-09-24 16:02:01 +02:00
*/
public function checkAcl ( $action ) {
$aco = 'Events' ; // TODO ACL was 'Attributes'
2012-06-28 17:24:12 +02:00
$user = ClassRegistry :: init ( 'User' ) -> findById ( $this -> Auth -> user ( 'id' ));
2012-09-24 16:02:01 +02:00
// TODO ACL, CHECK, below if indicates some wrong: Fatal error: Call to a member function check() on a non-object in /var/www/cydefsig/app/Controller/AppController.php on line 289
if ( $this -> Acl ) {
return $this -> Acl -> check ( $user , 'controllers/' . $aco . '/' . $action , '*' );
} else {
return true ;
}
2012-06-28 17:24:12 +02:00
}
2012-10-18 11:40:12 +02:00
public function generatePrivate () {
2012-11-29 15:10:18 +01:00
$this -> generatePrivateForAttributes ();
$this -> generatePrivateForEvents ();
}
public function generatePrivateForAttributes () {
2012-10-18 11:40:12 +02:00
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
$this -> loadModel ( 'Attribute' );
2012-12-19 11:30:10 +01:00
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => 0 ));
2012-10-18 11:40:12 +02:00
foreach ( $attributes as $attribute ) {
if ( $attribute [ 'Attribute' ][ 'private' ]) {
2012-11-28 16:34:36 +01:00
$attribute [ 'Attribute' ][ 'private' ] = true ;
$attribute [ 'Attribute' ][ 'cluster' ] = false ;
$attribute [ 'Attribute' ][ 'communitie' ] = false ;
2013-02-22 14:42:22 +01:00
} else {
$attribute [ 'Attribute' ][ 'private' ] = false ;
2013-02-27 17:15:09 +01:00
$attribute [ 'Attribute' ][ 'cluster' ] = false ;
2013-02-22 14:42:22 +01:00
$attribute [ 'Attribute' ][ 'communitie' ] = false ;
2012-10-18 11:40:12 +02:00
}
$this -> Attribute -> save ( $attribute );
}
2012-11-29 15:10:18 +01:00
}
public function generatePrivateForEvents () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
2012-10-18 11:40:12 +02:00
$this -> loadModel ( 'Event' );
2012-12-19 11:30:10 +01:00
$events = $this -> Event -> find ( 'all' , array ( 'recursive' => 0 ));
2012-10-18 11:40:12 +02:00
foreach ( $events as $event ) {
if ( $event [ 'Event' ][ 'private' ]) {
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'private' ] = true ;
$event [ 'Event' ][ 'cluster' ] = false ;
$event [ 'Event' ][ 'communitie' ] = false ;
} else {
$event [ 'Event' ][ 'private' ] = false ;
2013-02-27 17:15:09 +01:00
$event [ 'Event' ][ 'cluster' ] = false ;
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'communitie' ] = false ;
2012-10-18 11:40:12 +02:00
}
2013-02-22 14:42:22 +01:00
$event [ 'Event' ][ 'orgc' ] = $event [ 'Event' ][ 'org' ];
$event [ 'Event' ][ 'dist_change' ] = 0 ;
$event [ 'Event' ][ 'analysis' ] = 2 ;
$event [ 'Event' ][ 'hop_count' ] = 0 ;
2012-10-18 11:40:12 +02:00
$this -> Event -> save ( $event );
}
}
2012-11-14 15:12:19 +01:00
2012-11-14 16:14:04 +01:00
public function generateCount () {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
$this -> loadModel ( 'Attribute' );
$attributes = $this -> Attribute -> find ( 'all' , array ( 'recursive' => 0 ));
// for all attributes..
foreach ( $attributes as $attribute ) {
$this -> Attribute -> save ( $attribute );
}
}
2012-11-28 13:19:20 +01:00
/**
* generate Hop count
* 0 : orig
* + 1 : one step downstream
*
2012-12-04 09:07:33 +01:00
* @ throws NotFoundException
*
2012-11-28 13:19:20 +01:00
* @ param unknown_type $yourOrg being f . i . 'NCIRC' or 'MIL.be'
*/
public function generateHop ( $yourOrg = 'NCIRC' ) {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
$this -> loadModel ( 'Event' );
$events = $this -> Event -> find ( 'all' , array ( 'recursive' => 0 ));
// for all attributes..
foreach ( $events as $event ) {
$event [ 'Event' ][ 'hop_count' ] = $event [ 'Event' ][ 'org' ] == $yourOrg ? '0' : '1' ;
$this -> Event -> save ( $event );
}
}
2012-11-14 17:16:36 +01:00
/**
* CakePHP returns false if filesize is 0 at lib / cake / Utility / File . php : 384
*/
2012-11-14 15:12:19 +01:00
public function checkEmpty ( $fileP = '/var/www/cydefsig/app/files/test' ) {
// Check if there were problems with the file upload
// only keep the last part of the filename, this should prevent directory attacks
$filename = basename ( $fileP );
$tmpfile = new File ( $fileP );
debug ( $fileP );
debug ( $tmpfile );
debug ( $tmpfile -> size ());
debug ( $tmpfile -> md5 ());
debug ( md5_file ( $fileP ));
$md5 = ! $tmpfile -> size () ? md5_file ( $fileP ) : $tmpfile -> md5 ();
debug ( $md5 );
}
2012-12-18 04:50:52 +01:00
/**
* generateAllFor < FieldName >
2012-12-18 17:44:07 +01:00
*
* @ throws NotFoundException // TODO Exception
2012-12-18 04:50:52 +01:00
**/
public function generateAllFor ( $field ) {
if ( ! self :: _isAdmin ()) throw new NotFoundException ();
// contain the newValue and oldValue
2012-12-18 17:44:07 +01:00
$methodArgs = $this -> params [ 'pass' ];
2012-12-18 04:50:52 +01:00
// use call_user_func_array() to pass the newValue and oldValue
2012-12-18 17:44:07 +01:00
$success = call_user_func_array ( array ( $this -> { $this -> defaultModel }, 'generateAllFor' . $field ), $methodArgs );
2012-12-18 04:50:52 +01:00
// give feedback
$this -> set ( 'succes' , $success );
$this -> render ( 'succes' );
}
public function call ( $method , $dummySecond ) {
$this -> __call ( $method , $dummySecond );
}
2012-12-18 17:44:07 +01:00
2012-12-18 04:50:52 +01:00
public function __call ( $method , $dummySecond ) {
$args = $this -> params [ 'pass' ]; // TODO this is naughty
if ( strpos ( $method , 'generateAllFor' ) === 0 ) {
// massage the args
2012-12-18 17:44:07 +01:00
$methodArgs = $args ;
$methodArgs [ 0 ] = str_replace ( 'generateAllFor' , '' , $method ); // TODO
//array_unshift($methodArgs, str_replace('generateAllFor', '', $method));
2012-12-18 04:50:52 +01:00
// do the actual call
2012-12-18 17:44:07 +01:00
return call_user_func_array ( array ( $this , 'generateAllFor' ), $methodArgs );
2012-12-18 04:50:52 +01:00
}
2012-12-19 11:30:10 +01:00
//if (strpos($method, 'findBy') === 0) {
// //debug(true);debug(tru);
//}
2012-12-18 04:50:52 +01:00
return false ;
}
2012-12-19 13:42:38 +01:00
2012-12-19 16:28:31 +01:00
public $reservedTags = array ( // TODO custom Tags like <Random>
array ( '<Random>' , '[RaDdom]' )
);
public function beforeSanitizeClean ( $str ) {
// TODO custom Tags like <Random>
foreach ( $this -> reservedTags as $reservedTagset ) {
$str = str_replace ( $reservedTagset [ 0 ], $reservedTagset [ 1 ], $str );
}
return $str ;
}
2012-12-19 13:42:38 +01:00
public function counterSanitizeClean ( $str ) {
2012-12-19 16:28:31 +01:00
// TODO custom Tags like <Random>
foreach ( $this -> reservedTags as $reservedTagset ) {
$str = str_replace ( $reservedTagset [ 1 ], $reservedTagset [ 0 ], $str );
}
2012-12-19 13:42:38 +01:00
2012-12-19 16:28:31 +01:00
// TODO standard HTML 'markup'
2012-12-19 13:42:38 +01:00
$str = str_replace ( '\n' , chr ( 10 ), $str );
$str = str_replace ( '\\\\' , '\\' , $str );
$str = str_replace ( '&' , '&' , $str );
2012-12-19 13:56:42 +01:00
$str = str_replace ( '"' , '"' , $str );
2012-12-19 13:42:38 +01:00
return $str ;
}
2012-11-14 15:12:19 +01:00
}