Commit 59da0b72 authored by Open Source Developer's avatar Open Source Developer

Merge branch 'develop' of https://git.minedu.gov.gr/itminedu/e-epal into stylesandmenus

parents b197a488 83569662
......@@ -69,8 +69,9 @@ class CASLogin extends ControllerBase
public function loginGo(Request $request)
{
$configRowName = 'casost_sch_sso_config';
try {
$configRowName = 'casost_sch_sso_config';
$configRowId = $request->query->get('config');
if ($configRowId)
$configRowName = $configRowName . '_' . $configRowId;
......@@ -120,11 +121,7 @@ class CASLogin extends ControllerBase
}
phpCAS::handleLogoutRequests();
if (!phpCAS::forceAuthentication()) {
$response = new Response();
$response->setContent('forbidden. cannot force authentication');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->redirectForbidden($configRowName, '5001');
}
$attributes = phpCAS::getAttributes();
/* foreach ($attributes as $attr_key => $attr_value) {
......@@ -178,60 +175,85 @@ class CASLogin extends ControllerBase
return $attributes[$attribute];
};
$exposedRole = 'director';
$internalRole = 'epal';
$CASTitle = preg_replace('/\s+/', '', $filterAttribute('title'));
if ($CASTitle === 'ΠΕΡΙΦΕΡΕΙΑΚΗΔΙΕΥΘΥΝΣΗΕΚΠΑΙΔΕΥΣΗΣ-ΠΔΕ') {
$exposedRole = 'pde';
$internalRole = 'regioneduadmin';
} else if ($CASTitle === 'ΔΙΕΥΘΥΝΣΗΔΕ-ΔIΔΕ') {
$exposedRole = 'dide';
$internalRole = 'eduadmin';
} else if ($CASTitle === 'ΕΠΑΛ') {
$exposedRole = 'director';
$internalRole = 'epal';
} else {
$response = new Response();
$this->logger->warning(t('Access is allowed only to official school accounts or administration'));
$response->setContent(t('Access is allowed only to official school accounts or administration'));
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json;charset=UTF-8');
return $response;
$umdobject = $filterAttribute("umdobject");
$physicaldeliveryofficename = $filterAttribute("physicaldeliveryofficename");
/****** the following is for production ***************************/
/* if (!$umdobject || $umdobject !== "Account") {
return $this->redirectForbidden($configRowName, '5002');
}
if (!$physicaldeliveryofficename || preg_replace('/\s+/', '', $physicaldeliveryofficename) !== 'ΕΠΙΣΗΜΟΣΛΟΓΑΡΙΑΣΜΟΣ') {
return $this->redirectForbidden($configRowName, '5003');
} */
phpCAS::trace($umdobject);
phpCAS::trace($physicaldeliveryofficename);
$gsnunitcodedn = $filterAttribute('edupersonorgunitdn:gsnunitcode:extended');
$gsnunitcode = substr($gsnunitcodedn, strpos($gsnunitcodedn, ";") + 1);
phpCAS::trace($gsnunitcode);
$userAssigned = $this->assignRoleToUser($gsnunitcode);
if (sizeof($userAssigned) === 0) {
return $this->redirectForbidden($configRowName, '5004');
}
// $this->logger->warning('redirecturl=' . $this->redirectUrl);
$epalToken = $this->authenticatePhase2($request, $CASUser, $internalRole, $filterAttribute('cn'));
$epalToken = $this->authenticatePhase2($request, $CASUser, $userAssigned, $filterAttribute('cn'));
if ($epalToken) {
if ('casost_sch_sso_config' === $configRowName) {
/* $cookie = new Cookie('auth_token', $epalToken, 0, '/', null, false, false);
$cookie2 = new Cookie('auth_role', $exposedRole, 0, '/', null, false, false); */
return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $exposedRole, 302, []);
return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
} else {
\Drupal::service('page_cache_kill_switch')->trigger();
return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $exposedRole, 302, []);
return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
}
// $headers = array("auth_token" => $epalToken, "auth_role" => "director");
// return new RedirectResponse($this->redirectUrl, 302, $headers);
} else {
$response = new Response();
$response->setContent('No proper authentication');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->redirectForbidden($configRowName, '5005');
}
} catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
$response->setContent('Unexpected Problem');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->redirectForbidden($configRowName, '6000');
}
}
private function assignRoleToUser($registry_no) {
$schools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('registry_no' => $registry_no));
$school = reset($schools);
if ($school) {
return array("id" => $school->id(), "exposedRole" => "director", "internalRole" => "epal");
}
$eduAdmins = $this->entityTypeManager->getStorage('eepal_admin_area')->loadByProperties(array('registry_no' => $registry_no));
$eduAdmin = reset($eduAdmins);
if ($eduAdmin) {
return array("id" => $eduAdmin->id(), "exposedRole" => "dide", "internalRole" => "eduadmin");
}
$regionAdmins = $this->entityTypeManager->getStorage('eepal_region')->loadByProperties(array('registry_no' => $registry_no));
$regionAdmin = reset($regionAdmins);
if ($regionAdmin) {
return array("id" => $regionAdmin->id(), "exposedRole" => "pde", "internalRole" => "regioneduadmin");
}
return array();
}
private function redirectForbidden($configRowName, $errorCode) {
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
if ('casost_sch_sso_config' === $configRowName) {
return new RedirectResponse($this->redirectUrl.'&error_code=' . $errorCode, 302, []);
} else {
return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
}
}
public function authenticatePhase2($request, $CASUser, $internalRole, $cn)
private function authenticatePhase2($request, $CASUser, $userAssigned, $cn)
{
$trx = $this->connection->startTransaction();
try {
......@@ -260,7 +282,8 @@ class CASLogin extends ControllerBase
$user->setEmail($CASUser);
$user->setUsername($epalToken); //This username must be unique and accept only a-Z,0-9, - _ @ .
$user->activate();
$user->set('init', $cn);
// $user->set('init', $cn);
$user->set('init', $userAssigned["id"]);
//Set Language
$language_interface = \Drupal::languageManager()->getCurrentLanguage();
......@@ -269,7 +292,7 @@ class CASLogin extends ControllerBase
$user->set('preferred_admin_langcode', $language_interface->getId());
//Adding default user role
$user->addRole($internalRole);
$user->addRole($userAssigned["internalRole"]);
$user->save();
}
......
......@@ -60,8 +60,9 @@ class CASLogout extends ControllerBase
public function logoutGo(Request $request)
{
$configRowName = 'casost_sch_sso_config';
try {
$configRowName = 'casost_sch_sso_config';
$configRowId = $request->query->get('config');
if ($configRowId) {
$configRowName = $configRowName.'_'.$configRowId;
......@@ -86,12 +87,7 @@ class CASLogout extends ControllerBase
$this->allowed2 = $CASOSTConfig->allowed2->value;
$this->allowed2Value = $CASOSTConfig->allowed2value->value;
} else {
$response = new Response();
$response->setContent('forbidden. No config');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->redirectForbidden($configRowName, '7001');
}
// Enable debugging
......@@ -111,14 +107,7 @@ class CASLogout extends ControllerBase
$user = reset($users);
if (!$user) {
$this->logger->warning('user not found');
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->redirectForbidden($configRowName, '7002');
}
// phpCAS::handleLogoutRequests();
......@@ -127,6 +116,10 @@ class CASLogout extends ControllerBase
// session_destroy();
$user->setPassword(uniqid('pw'));
$user->save();
$response = new Response();
$response->setContent('logout successful');
$response->setStatusCode(Response::HTTP_OK);
......@@ -145,12 +138,18 @@ class CASLogout extends ControllerBase
return $response;
} catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $this->redirectForbidden($configRowName, '8000');
}
}
return $response;
private function redirectForbidden($configRowName, $errorCode) {
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
if ('casost_sch_sso_config' === $configRowName) {
return new RedirectResponse($this->redirectUrl.'&error_code=' . $errorCode, 302, []);
} else {
return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
}
}
}
......@@ -164,6 +164,14 @@ epal.ministry.report-all-stat:
_controller: '\Drupal\epal\Controller\ReportsCreator::makeReportAllStat'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.retrieve-registry-id:
path: '/ministry/retrieve-registry-id'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\ReportsCreator::retrieveUserRegistryNo'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.massive_mail:
path: '/ministry/send-massive-mail'
options:
......@@ -203,4 +211,4 @@ findcapacity:
defaults:
_controller: '\Drupal\epal\Controller\DirectorView::findCapacity'
requirements:
_user_is_logged_in: 'TRUE'
\ No newline at end of file
_user_is_logged_in: 'TRUE'
......@@ -128,7 +128,9 @@ class ApplicationSubmit extends ControllerBase {
//insert records in entity: epal_student_course_field (αφορά μαθητές Γ' Λυκείου)
// or: epal_student_sector_field (αφορά μαθητές Β' Λυκείου)
if ($applicationForm[0][currentclass] === "Γ' Λυκείου") {
//if ($applicationForm[0][currentclass] === "Γ' Λυκείου") {
if ($applicationForm[0][currentclass] === "3") {
//$course = array('name
$course = array(
//'name' => $aitisi[3][name],
......@@ -142,7 +144,8 @@ class ApplicationSubmit extends ControllerBase {
$entity_storage_course->save($entity_object);
}
else if ($applicationForm[0][currentclass] === "Β' Λυκείου") {
//else if ($applicationForm[0][currentclass] === "Β' Λυκείου") {
else if ($applicationForm[0][currentclass] === "2") {
$sector = array(
//'name' => $applicationForm[3][name],
'student_id' => $created_student_id,
......
<?php
/**
* @file
* Contains \Drupal\query_example\Controller\QueryExampleController.
*/
namespace Drupal\epal\Controller;
use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Drupal\Core\Controller\ControllerBase;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\Core\Database\Connection;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
class CreateDemoData extends ControllerBase {
protected $entity_query;
protected $entityTypeManager;
protected $logger;
protected $connection;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
{
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
$this->connection = $connection;
$this->logger = $loggerChannel->get('epal');
}
public static function create(ContainerInterface $container)
{
return new static(
$container->get('entity.manager'),
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
);
}
public function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return $sec + $usec * 1000000;
}
public function UniqueRandNum($min, $max, $quantity) {
$numbers = range($min, $max);
shuffle($numbers);
return array_slice($numbers, 0, $quantity);
}
public function createData() {
$transaction = $this->connection->startTransaction();
try {
//insert demo records in entity: epal_student
$entity_manager = \Drupal::entityTypeManager();
$epaluserid = \Drupal::currentUser()->id();
for ($i = 1; $i <= 1000; $i++) {
//srand($this->make_seed());
$curclass = rand(1,3);
//$curclass = 2;
//$currentepal = rand(137,165);
$currentepal = rand(5,399);
$student = array(
//'epaluser_id' => $aitisi[0][epaluser_id],
'epaluser_id' => $epaluserid,
'name' => "firstname" . $i,
'studentsurname' => "surname" . $i,
//'birthdate' => $aitisi[0][birthdate],
'birthdate' => '01/01/1970',
//'fatherfirstname' => $aitisi[0][fatherfirstname],
'fatherfirstname' => "fatherfirstname" . $i,
//'fathersurname' => $aitisi[0][fathersurname],
'fathersurname' => "fathersurname" . $i,
//'motherfirstname' => $aitisi[0][motherfirstname],
'motherfirstname' => "motherfirstname" . $i,
//'mothersurname' => $aitisi[0][mothersurname],
'mothersurname' => "mothersurname" . $i,
//'studentamka' => $aitisi[0][studentamka],
//'regionaddress' => $aitisi[0][regionaddress],
'regionaddress' => "regionaddress" . $i,
//'regionarea' => $aitisi[0][regionarea],
'regionarea' => "regionarea" . $i,
//'regiontk' => $aitisi[0][regiontk],
'regiontk' => "tk" . $i,
//'certificatetype' => $aitisi[0][certificatetype],
'certificatetype' => 'Απολυτήριο Γυμνασίου',
//'lastam' => $aitisi[0][lastam],
'currentclass' => $curclass,
'currentepal' => $currentepal,
//'currentsector' => $aitisi[0][currentsector],
//'relationtostudent' => $aitisi[0][relationtostudent],
'relationtostudent' => 'Μαθητής',
//'telnum' => $aitisi[0][telnum],
'telnum' => '6944123456',
'points' => rand(0,20)
);
$entity_storage_student = $entity_manager->getStorage('epal_student');
$entity_object = $entity_storage_student->create($student);
$entity_storage_student->save($entity_object);
$created_student_id = $entity_object->id();
//insert records in entity: epal_student_course_field (αφορά μαθητές Γ' Λυκείου)
// or: epal_student_sector_field (αφορά μαθητές Β' Λυκείου)
$availableSchools = array();
if ($curclass === 3) {
do {
$coursefield_id = rand(1,54);
$course = array(
'student_id' => $created_student_id,
'coursefield_id' => $coursefield_id
);
$entity_storage_course = $entity_manager->getStorage('epal_student_course_field');
$entity_object = $entity_storage_course->create($course);
//$entity_storage_course->save($entity_object);
//εύρεση ΕΠΑΛ που διαθέτουν την αντίστοιχη ειδικότητα
print_r("<br> EIDIKOTHTA: " . $coursefield_id);
$eepalSpecialtiesInEpal_storage = $this->entityTypeManager->getStorage('eepal_specialties_in_epal');
//$eepalSpecialtiesInEpal = $eepalSpecialtiesInEpal_storage->loadByProperties(array('specialty_id' => $coursefield_id) );
$ids = $eepalSpecialtiesInEpal_storage->getQuery()
->condition('specialty_id', $coursefield_id, "=")
//->condition('epal_id', 137, ">=")
//->condition('epal_id', 165, "<=")
->execute();
$eepalSpecialtiesInEpal = $eepalSpecialtiesInEpal_storage->loadMultiple($ids);
print_r("<br> NUM_SCHOOLS: " . sizeof($eepalSpecialtiesInEpal));
foreach ($eepalSpecialtiesInEpal as $eepalSpecialInEp) {
array_push($availableSchools, $eepalSpecialInEp->epal_id->getString());
}
if (sizeof($availableSchools) != 0)
$entity_storage_course->save($entity_object);
} //end do
while (sizeof($availableSchools) == 0);
$entity_storage_course->resetCache();
$eepalSpecialtiesInEpal_storage->resetCache();
}
else if ($curclass === 2) {
do {
$sectorfield_id = rand(1,9);
$sector = array(
'student_id' => $created_student_id,
'sectorfield_id' => $sectorfield_id
);
$entity_storage_sector = $entity_manager->getStorage('epal_student_sector_field');
$entity_object = $entity_storage_sector->create($sector);
//$entity_storage_sector->save($entity_object);
//εύρεση ΕΠΑΛ που διαθέτουν τον αντίστοιχο τομέα
print_r("<br> TOMEAS: " . $sectorfield_id);
$eepalSectorsInEpal_storage = $this->entityTypeManager->getStorage('eepal_sectors_in_epal');
$ids = $eepalSectorsInEpal_storage->getQuery()
->condition('sector_id', $sectorfield_id, "=")
//->condition('epal_id', 137, ">=")
//->condition('epal_id', 165, "<=")
->execute();
$eepalSectorsInEpal = $eepalSectorsInEpal_storage->loadMultiple($ids);
print_r("<br> NUM_SCHOOLS: " . sizeof($eepalSectorsInEpal));
foreach ($eepalSectorsInEpal as $eepalSecInEp) {
array_push($availableSchools, $eepalSecInEp->epal_id->getString());
}
if (sizeof($availableSchools) != 0)
$entity_storage_sector->save($entity_object);
} //end do
while (sizeof($availableSchools) == 0);
$entity_storage_sector->resetCache();
$eepalSectorsInEpal_storage->resetCache();
}
else if ($curclass === 1) {
print_r("<br> CLASS A: ");
//$school_id_start = 137;
$school_id_start = 5;
//for ($l=0; $l < 29; $l++)
for ($l=0; $l < 395; $l++)
array_push($availableSchools, $school_id_start + $l);
}
$numEpalsChosen = rand(1,3);
if ($numEpalsChosen > sizeof($availableSchools))
$numEpalsChosen = sizeof($availableSchools);
print_r("<br> NUM_EPAL_CHOSEN " . $numEpalsChosen);
$epal_id_index = $this->UniqueRandNum(0,sizeof($availableSchools)-1,$numEpalsChosen);
for ($j=0; $j < $numEpalsChosen; $j++) {
print_r("<br> EPAL_CHOSEN_ID: " . $epal_id_index[$j]);
print_r("<br> EPAL_CHOSEN_REAL_ID: " . $availableSchools[$epal_id_index[$j]]);
}
for ($j = 0; $j < $numEpalsChosen ; $j++) {
$epalchosen = array(
'student_id' => $created_student_id,
'epal_id' => $availableSchools[$epal_id_index[$j]],
'choice_no' => $j+1
);
$entity_storage_epalchosen = $entity_manager->getStorage('epal_student_epal_chosen');
$entity_object = $entity_storage_epalchosen->create($epalchosen);
$entity_storage_epalchosen->save($entity_object);
}
$entity_storage_epalchosen->resetCache();
$entity_storage_student->resetCache();
/*
//TO BE CONSIDERED
if ($curclass === 2 || $curclass === 3) {
//33% των μαθητών της Β' και Γ' Λυκείου δηλώνουν προτίμηση στο σχολείο που ήδη φοιτούν
if (rand(1,3) === 1) {
$epal_id[0] = $currentepal;
}
}
*/
}
}
catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$returnmsg = "Αποτυχία καταχώρησης demo data!";
$response = new JsonResponse([$returnmsg]);
// $transaction->rollback();
return $response;
}
$response = new JsonResponse(['hello' => 'world']);
$response->headers->set('X-AUTH-TOKEN', 'HELLOTOKEN');
return $response;
}
}
......@@ -163,7 +163,7 @@ class ReportsCreator extends ControllerBase {
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "ministry") {
if ($role === "ministry" || $role === "regioneduadmin" || $role === "eduadmin") {
$validRole = true;
break;
}
......@@ -172,6 +172,12 @@ class ReportsCreator extends ControllerBase {
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
/*
if ($role === "regioneduadmin") {
//ΑΝΑΚΤΗΣΗ ID της ΠΔΕ
$regionId = 1;
}
*/
$list = array();
......@@ -310,7 +316,7 @@ class ReportsCreator extends ControllerBase {
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "ministry") {
if ($role === "ministry" || $role === "regioneduadmin" || $role === "eduadmin") {
$validRole = true;
break;
}
......@@ -519,6 +525,57 @@ class ReportsCreator extends ControllerBase {
}
public function retrieveUserRegistryNo(Request $request) {
try {
if (!$request->isMethod('GET')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
//user validation
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
//user role validation
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ( $role === "regioneduadmin") {
$validRole = true;
break;
}
if (!$validRole) {
return $this->respondWithStatus([
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
return $this->respondWithStatus([
'message' => t("retrieve ID successful"),
'id' => $user->init->value,
], Response::HTTP_OK);
}
catch (\Exception $e) {
$this->logger->warning($e->getMessage());
return $this->respondWithStatus([
"message" => t("An unexpected problem occured in retrievePDEId Method")
], Response::HTTP_INTERNAL_SERVER_ERROR);
}
}
public function retrieveUpLimit() {
//βρες ανώτατο επιτρεπόμενο όριο μαθητών
......@@ -548,4 +605,6 @@ class ReportsCreator extends ControllerBase {
}
CREATE UNIQUE INDEX uidx_region_regno ON eepal_region_field_data(registry_no);
CREATE UNIQUE INDEX uidx_adminarea_regno ON eepal_admin_area_field_data(registry_no);
\ No newline at end of file
......@@ -41,6 +41,7 @@ use Drupal\user\UserInterface;
* entity_keys = {
* "id" = "id",
* "label" = "name",
* "registry_no" = "registry_no",
* "uuid" = "uuid",
* "uid" = "user_id",
* "langcode" = "langcode",
......@@ -85,6 +86,21 @@ class EepalAdminArea extends ContentEntityBase implements EepalAdminAreaInterfac