--- app/Controller/AppController.php.orig 2012-09-01 10:28:02.000000000 +0200 +++ app/Controller/AppController.php 2012-09-25 13:49:19.670674039 +0200 @@ -20,7 +20,10 @@ * @license MIT License (http://www.opensource.org/licenses/mit-license.php) */ +// TODO GPG encryption has issues when keys are expired + App::uses('Controller', 'Controller'); +App::uses('Sanitize', 'Utility'); /** * Application Controller @@ -32,4 +35,300 @@ * @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller */ class AppController extends Controller { + + public $components = array( + 'Session', + 'Auth' => array( + 'className' => 'SecureAuth', + 'authenticate' => array( + 'Form' => array( + 'fields' => array('username' => 'email') + ) + ), + 'authError' => 'Did you really think you are allowed to see that?', + 'loginRedirect' => array('controller' => 'users', 'action' => 'routeafterlogin'), + 'logoutRedirect' => array('controller' => 'users', 'action' => 'login'), + 'authorize' => array('Controller') // Added this line + ) + ); + + public function isAuthorized($user) { + if (self::_isAdmin()) { + return true; // admin can access every action on every controller + } + return false; // The rest don't + } + + public function beforeFilter() { + // REST things + if ($this->_isRest()) { + // disable CSRF for REST access + if (array_key_exists('Security', $this->components)) + $this->Security->csrfCheck = false; + + // Authenticate user with authkey in Authorization HTTP header + if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { + $authkey = $_SERVER['HTTP_AUTHORIZATION']; + $this->loadModel('User'); + $params = array( + 'conditions' => array('User.authkey' => $authkey), + 'recursive' => 0, + ); + $user = $this->User->find('first', $params); + + if ($user) { + // User found in the db, add the user info to the session + $this->Session->renew(); + $this->Session->write(AuthComponent::$sessionKey, $user['User']); + } else { + // User not authenticated correctly + // reset the session information + $this->Session->destroy(); + throw new ForbiddenException('Incorrect authentication key'); + } + } + } + + // These variables are required for every view + $this->set('me', $this->Auth->user()); + $this->set('isAdmin', $this->_isAdmin()); + } + + protected function _isRest() { + return (isset($this->RequestHandler) && $this->RequestHandler->isXml()); + } + +/** + * Convert an array to the same array but with the values also as index instead of an interface_exists + */ + protected function _arrayToValuesIndexArray($oldArray) { + $newArray = Array(); + foreach ($oldArray as $value) + $newArray[$value] = $value; + return $newArray; + } + +/** + * checks if the currently logged user is an administrator + */ + protected function _isAdmin() { + $org = $this->Auth->user('org'); + if (isset($org) && $org === 'ADMIN') { + return true; + } + return false; + } + +/** + * Refreshes the Auth session with new/updated data + * @return void + */ + protected function _refreshAuth() { + if (isset($this->User)) { + $user = $this->User->read(false, $this->Auth->user('id')); + } else { + $user = ClassRegistry::init('User')->findById($this->Auth->user('id')); + } + $this->Auth->login($user['User']); + } + +/** + * Updates the missing fields from v0.1 to v0.2 of CyDefSIG + * First you will need to manually update the database to the new schema. + * Log in as admin user and + * Then run this function by setting debug = 1 (or more) and call /events/migrate01to02 + * + * @throws NotFoundException + */ + public function migrate01to02() { + if (!self::_isAdmin()) throw new NotFoundException(); + + // generate uuids for events who have no uuid + $this->loadModel('Event'); + $params = array( + 'conditions' => array('Event.uuid' => ''), + 'recursive' => 0, + 'fields' => array('Event.id'), + ); + $events = $this->Event->find('all', $params); + + echo '
Generating UUID for events: '; + foreach ($events as $event) { + $this->Event->id = $event['Event']['id']; + $this->Event->saveField('uuid', String::uuid()); + echo $event['Event']['id'] . ' '; + } + echo "
"; + // generate uuids for attributes who have no uuid + $this->loadModel('Attribute'); + $params = array( + 'conditions' => array('Attribute.uuid' => ''), + 'recursive' => 0, + 'fields' => array('Attribute.id'), + ); + $attributes = $this->Attribute->find('all', $params); + echo 'Generating UUID for attributes: '; + foreach ($attributes as $attribute) { + $this->Attribute->id = $attribute['Attribute']['id']; + $this->Attribute->saveField('uuid', String::uuid()); + echo $attribute['Attribute']['id'] . ' '; + } + echo "
"; + } + +/** + * Updates the missing fields from v0.2 to v0.2.1 of CyDefSIG + * First you will need to manually update the database to the new schema. + * Log in as admin user and + * Then run this function by setting debug = 1 (or more) and call /events/migrate02to021 + */ + private function __explodeValueToValues() { + // search for composite value1 fields and explode it to value1 and value2 + $this->loadModel('Attribute'); + $params = array( + 'conditions' => array( + 'OR' => array( + 'Attribute.type' => $this->Attribute->getCompositeTypes() + ) + ), + 'recursive' => 0, + 'fields' => array('Attribute.id', 'Attribute.value1'), + ); + $attributes = $this->Attribute->find('all', $params); + echo 'Replacing empty categories by OtherExploding composite fields in 2 columns: