GEANT /
CAT
@@ -52,6 +52,9 @@ |
||
| 52 | 52 | */ |
| 53 | 53 | const PRODUCTNAME = "Managed IdP"; |
| 54 | 54 | |
| 55 | + /** |
|
| 56 | + * @param integer $length |
|
| 57 | + */ |
|
| 55 | 58 | public static function random_str( |
| 56 | 59 | $length, $keyspace = '23456789abcdefghijkmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ' |
| 57 | 60 | ) { |
@@ -29,7 +29,7 @@ discard block |
||
| 29 | 29 | |
| 30 | 30 | /** |
| 31 | 31 | * |
| 32 | - * @return number |
|
| 32 | + * @return integer |
|
| 33 | 33 | */ |
| 34 | 34 | public function size(){ |
| 35 | 35 | return count($this->rows); |
@@ -53,7 +53,6 @@ discard block |
||
| 53 | 53 | |
| 54 | 54 | /** |
| 55 | 55 | * |
| 56 | - * @param array $row |
|
| 57 | 56 | */ |
| 58 | 57 | public function addRowArray($cells){ |
| 59 | 58 | $this->addRow(new Row($cells)); |
@@ -15,7 +15,7 @@ |
||
| 15 | 15 | * @param unknown $input |
| 16 | 16 | * @param unknown $owner |
| 17 | 17 | * @throws Exception |
| 18 | - * @return mixed |
|
| 18 | + * @return MockInstitution |
|
| 19 | 19 | */ |
| 20 | 20 | private function valid_IdP($input, $owner){ |
| 21 | 21 | if ($input == 1){ |
@@ -97,14 +97,14 @@ |
||
| 97 | 97 | case "SUCCESS": |
| 98 | 98 | $cryptText = ""; |
| 99 | 99 | switch ($_GET['transportsecurity']) { |
| 100 | - case "ENCRYPTED": |
|
| 101 | - $cryptText = _("and <b>encrypted</b> to the mail domain"); |
|
| 102 | - break; |
|
| 103 | - case "CLEAR": |
|
| 104 | - $cryptText = _("but <b>in clear text</b> to the mail domain"); |
|
| 105 | - break; |
|
| 106 | - default: |
|
| 107 | - throw new Exception("Error: unknown encryption status of invitation!?!"); |
|
| 100 | + case "ENCRYPTED": |
|
| 101 | + $cryptText = _("and <b>encrypted</b> to the mail domain"); |
|
| 102 | + break; |
|
| 103 | + case "CLEAR": |
|
| 104 | + $cryptText = _("but <b>in clear text</b> to the mail domain"); |
|
| 105 | + break; |
|
| 106 | + default: |
|
| 107 | + throw new Exception("Error: unknown encryption status of invitation!?!"); |
|
| 108 | 108 | } |
| 109 | 109 | echo $uiElements->boxRemark(sprintf(_("The invitation email was sent successfully %s."), $cryptText), _("The invitation email was sent.")); |
| 110 | 110 | break; |
@@ -120,6 +120,9 @@ |
||
| 120 | 120 | return Telepath::STATUS_GOOD; |
| 121 | 121 | } |
| 122 | 122 | |
| 123 | + /** |
|
| 124 | + * @param string $homeFlr |
|
| 125 | + */ |
|
| 123 | 126 | private function checkNROFlow($visitedFlr, $homeFlr) { |
| 124 | 127 | // TODO: this is a stub, need eduroam OT API to query the current server status |
| 125 | 128 | // APIQueryNRODirect($visitedFlr, $homeFlr); |
@@ -53,7 +53,7 @@ |
||
| 53 | 53 | |
| 54 | 54 | /** |
| 55 | 55 | * |
| 56 | - * @param $silverbulletUser SilverbulletUser |
|
| 56 | + * @param SilverbulletUser|null $silverbulletUser SilverbulletUser |
|
| 57 | 57 | */ |
| 58 | 58 | public function __construct($silverbulletUser) { |
| 59 | 59 | parent::__construct(self::TABLE, self::TYPE_INST); |
@@ -230,7 +230,7 @@ |
||
| 230 | 230 | * @param int $rowid the HTML field base name of the option to be displayed |
| 231 | 231 | * @param string $optionName the name of the option to display |
| 232 | 232 | * @param string $optionValue the value of the option to display |
| 233 | - * @param mixed $optionLang the language of the option to display |
|
| 233 | + * @param null|string $optionLang the language of the option to display |
|
| 234 | 234 | * @param int $locationIndex which n of m locations is this, in case we are displaying a coordinate |
| 235 | 235 | * @param int $allLocationCount how many locations in total exist, in case we are displaying a coordinate |
| 236 | 236 | * @return string HTML code |
@@ -120,6 +120,9 @@ discard block |
||
| 120 | 120 | return $find[0]; |
| 121 | 121 | } |
| 122 | 122 | |
| 123 | + /** |
|
| 124 | + * @param string $input |
|
| 125 | + */ |
|
| 123 | 126 | public function tooltip($input) { |
| 124 | 127 | $descriptions = []; |
| 125 | 128 | if (count(CONFIG_CONFASSISTANT['CONSORTIUM']['ssid']) > 0) { |
@@ -256,6 +259,10 @@ discard block |
||
| 256 | 259 | return $number . " B"; |
| 257 | 260 | } |
| 258 | 261 | |
| 262 | + /** |
|
| 263 | + * @param string $ref |
|
| 264 | + * @param boolean $checkpublic |
|
| 265 | + */ |
|
| 259 | 266 | public static function getBlobFromDB($ref, $checkpublic) { |
| 260 | 267 | $validator = new \web\lib\common\InputValidation(); |
| 261 | 268 | $reference = $validator->databaseReference($ref); |
@@ -402,7 +409,7 @@ discard block |
||
| 402 | 409 | * @param string $text the text to display |
| 403 | 410 | * @param string $caption the caption to display |
| 404 | 411 | * @param bool $omittabletags the output usually has tr/td table tags, this option suppresses them |
| 405 | - * @return type |
|
| 412 | + * @return string |
|
| 406 | 413 | */ |
| 407 | 414 | public function boxOkay(string $text = NULL, string $caption = NULL, bool $omittabletags = FALSE) { |
| 408 | 415 | return $this->boxFlexible(\core\common\Entity::L_OK, $text, $caption, $omittabletags); |
@@ -414,7 +421,7 @@ discard block |
||
| 414 | 421 | * @param string $text the text to display |
| 415 | 422 | * @param string $caption the caption to display |
| 416 | 423 | * @param bool $omittabletags the output usually has tr/td table tags, this option suppresses them |
| 417 | - * @return type |
|
| 424 | + * @return string |
|
| 418 | 425 | */ |
| 419 | 426 | public function boxRemark(string $text = NULL, string $caption = NULL, bool $omittabletags = FALSE) { |
| 420 | 427 | return $this->boxFlexible(\core\common\Entity::L_REMARK, $text, $caption, $omittabletags); |
@@ -426,7 +433,7 @@ discard block |
||
| 426 | 433 | * @param string $text the text to display |
| 427 | 434 | * @param string $caption the caption to display |
| 428 | 435 | * @param bool $omittabletags the output usually has tr/td table tags, this option suppresses them |
| 429 | - * @return type |
|
| 436 | + * @return string |
|
| 430 | 437 | */ |
| 431 | 438 | public function boxWarning(string $text = NULL, string $caption = NULL, bool $omittabletags = FALSE) { |
| 432 | 439 | return $this->boxFlexible(\core\common\Entity::L_WARN, $text, $caption, $omittabletags); |
@@ -438,7 +445,7 @@ discard block |
||
| 438 | 445 | * @param string $text the text to display |
| 439 | 446 | * @param string $caption the caption to display |
| 440 | 447 | * @param bool $omittabletags the output usually has tr/td table tags, this option suppresses them |
| 441 | - * @return type |
|
| 448 | + * @return string |
|
| 442 | 449 | */ |
| 443 | 450 | public function boxError(string $text = NULL, string $caption = NULL, bool $omittabletags = FALSE) { |
| 444 | 451 | return $this->boxFlexible(\core\common\Entity::L_ERROR, $text, $caption, $omittabletags); |
@@ -77,90 +77,90 @@ |
||
| 77 | 77 | } |
| 78 | 78 | |
| 79 | 79 | switch ($operationMode) { |
| 80 | - case OPERATION_MODE_EDIT: |
|
| 81 | - $idp = $validator->IdP($_GET['inst_id']); |
|
| 82 | - // editing IdPs is done from within the popup. When we're done, send the |
|
| 83 | - // user back to the popup (append the result of the operation later) |
|
| 84 | - $redirect_destination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 85 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 86 | - // is the user admin of this IdP? |
|
| 87 | - $is_owner = FALSE; |
|
| 88 | - $owners = $idp->owner(); |
|
| 89 | - foreach ($owners as $oneowner) { |
|
| 90 | - if ($oneowner['ID'] == $_SESSION['user'] && $oneowner['LEVEL'] == "FED") { |
|
| 91 | - $is_owner = TRUE; |
|
| 80 | + case OPERATION_MODE_EDIT: |
|
| 81 | + $idp = $validator->IdP($_GET['inst_id']); |
|
| 82 | + // editing IdPs is done from within the popup. When we're done, send the |
|
| 83 | + // user back to the popup (append the result of the operation later) |
|
| 84 | + $redirect_destination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 85 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 86 | + // is the user admin of this IdP? |
|
| 87 | + $is_owner = FALSE; |
|
| 88 | + $owners = $idp->owner(); |
|
| 89 | + foreach ($owners as $oneowner) { |
|
| 90 | + if ($oneowner['ID'] == $_SESSION['user'] && $oneowner['LEVEL'] == "FED") { |
|
| 91 | + $is_owner = TRUE; |
|
| 92 | + } |
|
| 93 | + } |
|
| 94 | + // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 95 | + $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 96 | + // check if he is either one, if not, complain |
|
| 97 | + if (!$is_owner && !$fedadmin) { |
|
| 98 | + echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclature_fed, $uiElements->nomenclature_fed, $uiElements->nomenclature_inst) . "</p>"; |
|
| 99 | + exit(1); |
|
| 92 | 100 | } |
| 93 | - } |
|
| 94 | - // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 95 | - $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 96 | - // check if he is either one, if not, complain |
|
| 97 | - if (!$is_owner && !$fedadmin) { |
|
| 98 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclature_fed, $uiElements->nomenclature_fed, $uiElements->nomenclature_inst) . "</p>"; |
|
| 99 | - exit(1); |
|
| 100 | - } |
|
| 101 | 101 | |
| 102 | - $prettyprintname = $idp->name; |
|
| 103 | - $newtoken = $mgmt->createToken($fedadmin, $mailaddress, $idp); |
|
| 104 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . $mailaddress); |
|
| 105 | - $introtext = sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), $uiElements->nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_inst, $prettyprintname, $uiElements->nomenclature_inst) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 106 | - break; |
|
| 107 | - case OPERATION_MODE_NEWUNLINKED: |
|
| 108 | - $redirect_destination = "../overview_federation.php?"; |
|
| 109 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 110 | - // run an input check and conversion of the raw inputs... just in case |
|
| 111 | - $newinstname = $validator->string($_POST['name']); |
|
| 112 | - $newcountry = $validator->string($_POST['country']); |
|
| 113 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 114 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 115 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 116 | - } |
|
| 117 | - $federation = $validator->Federation($newcountry); |
|
| 118 | - $prettyprintname = $newinstname; |
|
| 119 | - $introtext = sprintf(_("a %s %s has invited you to manage the future %s \"%s\" (%s)."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname, $newcountry) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 120 | - // send the user back to his federation overview page, append the result of the operation later |
|
| 121 | - // do the token creation magic |
|
| 122 | - $newtoken = $mgmt->createToken(TRUE, $mailaddress, $newinstname, 0, $newcountry); |
|
| 123 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 124 | - break; |
|
| 125 | - case OPERATION_MODE_NEWFROMDB: |
|
| 126 | - $redirect_destination = "../overview_federation.php?"; |
|
| 127 | - $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 128 | - // a real external DB entry was submitted and all the required parameters are there |
|
| 129 | - $newexternalid = $validator->string($_POST['externals']); |
|
| 130 | - $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 131 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 132 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 133 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 134 | - } |
|
| 135 | - $federation = $validator->Federation($extinfo['country']); |
|
| 136 | - $newcountry = $extinfo['country']; |
|
| 137 | - // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 138 | - $prettyprintname = ""; |
|
| 139 | - foreach ($extinfo['names'] as $lang => $name) { |
|
| 140 | - if ($lang == $languageInstance->getLang()) { |
|
| 141 | - $prettyprintname = $name; |
|
| 102 | + $prettyprintname = $idp->name; |
|
| 103 | + $newtoken = $mgmt->createToken($fedadmin, $mailaddress, $idp); |
|
| 104 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . $mailaddress); |
|
| 105 | + $introtext = sprintf(_("a %s of the %s %s \"%s\" has invited you to manage the %s together with him."), $uiElements->nomenclature_fed, CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_inst, $prettyprintname, $uiElements->nomenclature_inst) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 106 | + break; |
|
| 107 | + case OPERATION_MODE_NEWUNLINKED: |
|
| 108 | + $redirect_destination = "../overview_federation.php?"; |
|
| 109 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 110 | + // run an input check and conversion of the raw inputs... just in case |
|
| 111 | + $newinstname = $validator->string($_POST['name']); |
|
| 112 | + $newcountry = $validator->string($_POST['country']); |
|
| 113 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 114 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 115 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 142 | 116 | } |
| 143 | - } |
|
| 144 | - if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 145 | - $prettyprintname = $extinfo['names']['en']; |
|
| 146 | - } |
|
| 147 | - if ($prettyprintname == "") { |
|
| 148 | - foreach ($extinfo['names'] as $name) { |
|
| 149 | - $prettyprintname = $name; |
|
| 117 | + $federation = $validator->Federation($newcountry); |
|
| 118 | + $prettyprintname = $newinstname; |
|
| 119 | + $introtext = sprintf(_("a %s %s has invited you to manage the future %s \"%s\" (%s)."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname, $newcountry) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 120 | + // send the user back to his federation overview page, append the result of the operation later |
|
| 121 | + // do the token creation magic |
|
| 122 | + $newtoken = $mgmt->createToken(TRUE, $mailaddress, $newinstname, 0, $newcountry); |
|
| 123 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 124 | + break; |
|
| 125 | + case OPERATION_MODE_NEWFROMDB: |
|
| 126 | + $redirect_destination = "../overview_federation.php?"; |
|
| 127 | + $mailaddress = abortOnBogusMail($newmailaddress, $redirect_destination); |
|
| 128 | + // a real external DB entry was submitted and all the required parameters are there |
|
| 129 | + $newexternalid = $validator->string($_POST['externals']); |
|
| 130 | + $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 131 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 132 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 133 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclature_inst . ", but are not a " . $uiElements->nomenclature_fed . " admin for the " . $uiElements->nomenclature_fed . " it should be in!"); |
|
| 150 | 134 | } |
| 151 | - } |
|
| 152 | - // fill the rest of the text |
|
| 153 | - $introtext = sprintf(_("a %s %s has invited you to manage the %s \"%s\"."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 154 | - // do the token creation magic |
|
| 155 | - $newtoken = $mgmt->createToken(TRUE, $mailaddress, $prettyprintname, $newexternalid); |
|
| 156 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 157 | - break; |
|
| 158 | - default: // includes OPERATION_MODE_INVALID |
|
| 159 | - $wrongcontent = print_r($_POST, TRUE); |
|
| 160 | - echo "<pre>Wrong parameters in POST: |
|
| 135 | + $federation = $validator->Federation($extinfo['country']); |
|
| 136 | + $newcountry = $extinfo['country']; |
|
| 137 | + // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 138 | + $prettyprintname = ""; |
|
| 139 | + foreach ($extinfo['names'] as $lang => $name) { |
|
| 140 | + if ($lang == $languageInstance->getLang()) { |
|
| 141 | + $prettyprintname = $name; |
|
| 142 | + } |
|
| 143 | + } |
|
| 144 | + if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 145 | + $prettyprintname = $extinfo['names']['en']; |
|
| 146 | + } |
|
| 147 | + if ($prettyprintname == "") { |
|
| 148 | + foreach ($extinfo['names'] as $name) { |
|
| 149 | + $prettyprintname = $name; |
|
| 150 | + } |
|
| 151 | + } |
|
| 152 | + // fill the rest of the text |
|
| 153 | + $introtext = sprintf(_("a %s %s has invited you to manage the %s \"%s\"."), CONFIG_CONFASSISTANT['CONSORTIUM']['display_name'], $uiElements->nomenclature_fed, $uiElements->nomenclature_inst, $prettyprintname) . " " . sprintf(_("This invitation is valid for 24 hours from now, i.e. until %s."), strftime("%x %X", time() + 86400)); |
|
| 154 | + // do the token creation magic |
|
| 155 | + $newtoken = $mgmt->createToken(TRUE, $mailaddress, $prettyprintname, $newexternalid); |
|
| 156 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . $mailaddress); |
|
| 157 | + break; |
|
| 158 | + default: // includes OPERATION_MODE_INVALID |
|
| 159 | + $wrongcontent = print_r($_POST, TRUE); |
|
| 160 | + echo "<pre>Wrong parameters in POST: |
|
| 161 | 161 | " . htmlspecialchars($wrongcontent) . " |
| 162 | 162 | </pre>"; |
| 163 | - exit(1); |
|
| 163 | + exit(1); |
|
| 164 | 164 | } |
| 165 | 165 | // are we on https? |
| 166 | 166 | $proto = "http://"; |
