GEANT /
CAT
@@ -98,98 +98,98 @@ |
||
| 98 | 98 | } |
| 99 | 99 | |
| 100 | 100 | switch ($operationMode) { |
| 101 | - case OPERATION_MODE_EDIT: |
|
| 102 | - $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | - // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | - // user back to the popup (append the result of the operation later) |
|
| 105 | - $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | - if (count($validAddresses) == 0) { |
|
| 107 | - header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | - exit(1); |
|
| 109 | - } |
|
| 110 | - // is the user primary admin of this IdP? |
|
| 111 | - $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | - // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | - $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | - // check if he is either one, if not, complain |
|
| 115 | - if (!$is_owner && !$fedadmin) { |
|
| 116 | - echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | - exit(1); |
|
| 118 | - } |
|
| 101 | + case OPERATION_MODE_EDIT: |
|
| 102 | + $idp = $validator->existingIdP($_GET['inst_id']); |
|
| 103 | + // editing IdPs is done from within the popup. When we're done, send the |
|
| 104 | + // user back to the popup (append the result of the operation later) |
|
| 105 | + $redirectDestination = "manageAdmins.inc.php?inst_id=" . $idp->identifier . "&"; |
|
| 106 | + if (count($validAddresses) == 0) { |
|
| 107 | + header("Location: $redirectDestination" . "invitation=INVALIDSYNTAX"); |
|
| 108 | + exit(1); |
|
| 109 | + } |
|
| 110 | + // is the user primary admin of this IdP? |
|
| 111 | + $is_owner = $idp->isPrimaryOwner($_SESSION['user']); |
|
| 112 | + // check if he is (also) federation admin for the federation this IdP is in. His invitations have more blessing then. |
|
| 113 | + $fedadmin = $userObject->isFederationAdmin($idp->federation); |
|
| 114 | + // check if he is either one, if not, complain |
|
| 115 | + if (!$is_owner && !$fedadmin) { |
|
| 116 | + echo "<p>" . sprintf(_("Something's wrong... you are a %s admin, but not for the %s the requested %s belongs to!"), $uiElements->nomenclatureFed, $uiElements->nomenclatureFed, $uiElements->nomenclatureParticipant) . "</p>"; |
|
| 117 | + exit(1); |
|
| 118 | + } |
|
| 119 | 119 | |
| 120 | - $prettyprintname = $idp->name; |
|
| 121 | - $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | - $introtext = "CO-ADMIN"; |
|
| 124 | - $participant_type = $idp->type; |
|
| 125 | - break; |
|
| 126 | - case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | - $redirectDestination = "../overview_federation.php?"; |
|
| 128 | - if (count($validAddresses) == 0) { |
|
| 129 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | - exit(1); |
|
| 131 | - } |
|
| 132 | - // run an input check and conversion of the raw inputs... just in case |
|
| 133 | - $newinstname = $validator->string($_POST['name']); |
|
| 134 | - $newcountry = $validator->string($_POST['country']); |
|
| 135 | - $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 139 | - } |
|
| 140 | - $federation = $validator->existingFederation($newcountry); |
|
| 141 | - $prettyprintname = $newinstname; |
|
| 142 | - $introtext = "NEW-FED"; |
|
| 143 | - // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | - // do the token creation magic |
|
| 145 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | - break; |
|
| 148 | - case OPERATION_MODE_NEWFROMDB: |
|
| 149 | - $redirectDestination = "../overview_federation.php?"; |
|
| 150 | - if (count($validAddresses) == 0) { |
|
| 151 | - header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | - exit(1); |
|
| 153 | - } |
|
| 154 | - // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | - $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | - $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | - $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | - if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | - throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | - } |
|
| 161 | - $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | - $newcountry = $extinfo['country']; |
|
| 163 | - // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | - $prettyprintname = ""; |
|
| 165 | - foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | - if ($lang == $languageInstance->getLang()) { |
|
| 167 | - $prettyprintname = $name; |
|
| 120 | + $prettyprintname = $idp->name; |
|
| 121 | + $newtokens = $mgmt->createTokens($fedadmin, $validAddresses, $idp); |
|
| 122 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP " . $idp->identifier . " - Token created for " . implode(",", $validAddresses)); |
|
| 123 | + $introtext = "CO-ADMIN"; |
|
| 124 | + $participant_type = $idp->type; |
|
| 125 | + break; |
|
| 126 | + case OPERATION_MODE_NEWUNLINKED: |
|
| 127 | + $redirectDestination = "../overview_federation.php?"; |
|
| 128 | + if (count($validAddresses) == 0) { |
|
| 129 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 130 | + exit(1); |
|
| 168 | 131 | } |
| 169 | - } |
|
| 170 | - if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | - $prettyprintname = $extinfo['names']['en']; |
|
| 172 | - } |
|
| 173 | - if ($prettyprintname == "") { |
|
| 174 | - foreach ($extinfo['names'] as $name) { |
|
| 175 | - $prettyprintname = $name; |
|
| 132 | + // run an input check and conversion of the raw inputs... just in case |
|
| 133 | + $newinstname = $validator->string($_POST['name']); |
|
| 134 | + $newcountry = $validator->string($_POST['country']); |
|
| 135 | + $participant_type = $validator->partType($_POST['participant_type']); |
|
| 136 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($newcountry); |
|
| 137 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 138 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 176 | 139 | } |
| 177 | - } |
|
| 178 | - $participant_type = $extinfo['type']; |
|
| 179 | - // fill the rest of the text |
|
| 180 | - $introtext = "EXISTING-FED"; |
|
| 181 | - // do the token creation magic |
|
| 182 | - $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | - $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | - break; |
|
| 185 | - default: // includes OPERATION_MODE_INVALID |
|
| 186 | - // second param is TRUE, so the variable *will* contain a string |
|
| 187 | - // i.e. ignore Scrutinizer type warning later |
|
| 188 | - $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | - echo "<pre>Wrong parameters in POST: |
|
| 140 | + $federation = $validator->existingFederation($newcountry); |
|
| 141 | + $prettyprintname = $newinstname; |
|
| 142 | + $introtext = "NEW-FED"; |
|
| 143 | + // send the user back to his federation overview page, append the result of the operation later |
|
| 144 | + // do the token creation magic |
|
| 145 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $newinstname, 0, $newcountry, $participant_type); |
|
| 146 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "ORG FUTURE - Token created for $participant_type " . implode(",", $validAddresses)); |
|
| 147 | + break; |
|
| 148 | + case OPERATION_MODE_NEWFROMDB: |
|
| 149 | + $redirectDestination = "../overview_federation.php?"; |
|
| 150 | + if (count($validAddresses) == 0) { |
|
| 151 | + header("Location: $redirectDestination"."invitation=INVALIDSYNTAX"); |
|
| 152 | + exit(1); |
|
| 153 | + } |
|
| 154 | + // a real external DB entry was submitted and all the required parameters are there |
|
| 155 | + $newexternalid = $validator->string($_POST['externals']); |
|
| 156 | + $extinfo = $catInstance->getExternalDBEntityDetails($newexternalid); |
|
| 157 | + $new_idp_authorized_fedadmin = $userObject->isFederationAdmin($extinfo['country']); |
|
| 158 | + if ($new_idp_authorized_fedadmin !== TRUE) { |
|
| 159 | + throw new Exception("Something's wrong... you want to create a new " . $uiElements->nomenclatureParticipant . ", but are not a " . $uiElements->nomenclatureFed . " admin for the " . $uiElements->nomenclatureFed . " it should be in!"); |
|
| 160 | + } |
|
| 161 | + $federation = $validator->existingFederation($extinfo['country']); |
|
| 162 | + $newcountry = $extinfo['country']; |
|
| 163 | + // see if the inst name is defined in the currently set language; if not, pick its English name; if N/A, pick the last in the list |
|
| 164 | + $prettyprintname = ""; |
|
| 165 | + foreach ($extinfo['names'] as $lang => $name) { |
|
| 166 | + if ($lang == $languageInstance->getLang()) { |
|
| 167 | + $prettyprintname = $name; |
|
| 168 | + } |
|
| 169 | + } |
|
| 170 | + if ($prettyprintname == "" && isset($extinfo['names']['en'])) { |
|
| 171 | + $prettyprintname = $extinfo['names']['en']; |
|
| 172 | + } |
|
| 173 | + if ($prettyprintname == "") { |
|
| 174 | + foreach ($extinfo['names'] as $name) { |
|
| 175 | + $prettyprintname = $name; |
|
| 176 | + } |
|
| 177 | + } |
|
| 178 | + $participant_type = $extinfo['type']; |
|
| 179 | + // fill the rest of the text |
|
| 180 | + $introtext = "EXISTING-FED"; |
|
| 181 | + // do the token creation magic |
|
| 182 | + $newtokens = $mgmt->createTokens(TRUE, $validAddresses, $prettyprintname, $newexternalid); |
|
| 183 | + $loggerInstance->writeAudit($_SESSION['user'], "NEW", "IdP FUTURE - Token created for " . implode(",", $validAddresses)); |
|
| 184 | + break; |
|
| 185 | + default: // includes OPERATION_MODE_INVALID |
|
| 186 | + // second param is TRUE, so the variable *will* contain a string |
|
| 187 | + // i.e. ignore Scrutinizer type warning later |
|
| 188 | + $wrongcontent = print_r($_POST, TRUE); |
|
| 189 | + echo "<pre>Wrong parameters in POST: |
|
| 190 | 190 | " . htmlspecialchars(/** @scrutinizer ignore-type */ $wrongcontent) . " |
| 191 | 191 | </pre>"; |
| 192 | - exit(1); |
|
| 192 | + exit(1); |
|
| 193 | 193 | } |
| 194 | 194 | |
| 195 | 195 | // send, and invalidate the token immediately if the mail could not be sent! |
