Commit f4f8b5e9 authored by Open Source Developer's avatar Open Source Developer

bug

parents 2679ba6d 2b4cba64
......@@ -12,3 +12,9 @@ casost.log_out_go:
_controller: '\Drupal\casost\Controller\CASLogout::logoutGo'
requirements:
_user_is_logged_in: 'TRUE'
casost.log_out_cas_go:
path: /cas/logoutcas
defaults:
_controller: '\Drupal\casost\Controller\CASLogout::logoutCasGo'
requirements:
_access: 'TRUE'
......@@ -123,7 +123,7 @@ class CASLogin extends ControllerBase
}
$attributes = phpCAS::getAttributes();
/*
/*
$isAllowed = true;
$att1 = $attributes[$this->allowed1];
$att2 = $attributes[$this->allowed2];
......@@ -150,8 +150,8 @@ class CASLogin extends ControllerBase
}
if (!$found1 || !$found2) {
$isAllowed = false;
}
}
if (!$isAllowed) {
$response = new Response();
$response->setContent(t('Access is allowed only to official school accounts'));
......@@ -302,4 +302,4 @@ class CASLogin extends ControllerBase
return false;
}
}
\ No newline at end of file
}
......@@ -10,6 +10,7 @@ use Drupal\user\Entity\User;
use Drupal\Core\Database\Connection;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\JsonResponse;
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
use phpCAS;
......@@ -38,11 +39,12 @@ class CASLogout extends ControllerBase
protected $connection;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
{
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel
) {
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
$this->connection = $connection;
......@@ -56,14 +58,13 @@ class CASLogout extends ControllerBase
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
);
);
}
public function logoutGo(Request $request)
{
$configRowName = 'casost_sch_sso_config';
try {
$configRowId = $request->query->get('config');
if ($configRowId) {
$configRowName = $configRowName.'_'.$configRowId;
......@@ -116,10 +117,15 @@ class CASLogout extends ControllerBase
$user->setPassword(uniqid('pw'));
$user->save();
$response = new Response();
$response->setContent("{\"message\": \"Server logout successful\",\"next\": \"{$this->logoutRedirectUrl}\"}");
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
// $response = new Response();
// $response->setContent("{\"message\": \"Server logout successful\",\"next\": \"{$this->logoutRedirectUrl}\"}");
// $response->setStatusCode(Response::HTTP_OK);
// $response->headers->set('Content-Type', 'application/json');
$response = (new JsonResponse([
"message" => "Server logout successful",
"next" => "{$this->logoutRedirectUrl}"
]))->setStatusCode(Response::HTTP_OK);
session_unset();
session_destroy();
......@@ -136,7 +142,57 @@ class CASLogout extends ControllerBase
}
}
private function redirectForbidden($configRowName, $errorCode) {
public function logoutCasGo(Request $request)
{
$configRowName = 'casost_sch_sso_config';
try {
$configRowId = $request->query->get('config');
if ($configRowId) {
$configRowName = $configRowName.'_'.$configRowId;
}
$CASOSTConfigs = $this->entityTypeManager->getStorage('casost_config')->loadByProperties(array('name' => $configRowName));
$CASOSTConfig = reset($CASOSTConfigs);
if ($CASOSTConfig) {
$this->serverVersion = $CASOSTConfig->serverversion->value;
$this->serverHostname = $CASOSTConfig->serverhostname->value;
$this->serverPort = $CASOSTConfig->serverport->value;
$this->serverUri = $CASOSTConfig->serveruri->value === null ? '' : $CASOSTConfig->serveruri->value;
$this->redirectUrl = $CASOSTConfig->redirecturl->value;
$this->changeSessionId = $CASOSTConfig->changesessionid->value;
$this->logoutRedirectUrl = $CASOSTConfig->logoutredirecturl->value;
$this->CASServerCACert = $CASOSTConfig->casservercacert->value;
$this->CASServerCNValidate = $CASOSTConfig->casservercnvalidate->value;
$this->noCASServerValidation = $CASOSTConfig->nocasservervalidation->value;
$this->proxy = $CASOSTConfig->proxy->value;
$this->handleLogoutRequests = $CASOSTConfig->handlelogoutrequests->value;
$this->CASLang = $CASOSTConfig->caslang->value;
$this->allowed1 = $CASOSTConfig->allowed1->value;
$this->allowed1Value = $CASOSTConfig->allowed1value->value;
$this->allowed2 = $CASOSTConfig->allowed2->value;
$this->allowed2Value = $CASOSTConfig->allowed2value->value;
} else {
return $this->redirectForbidden($configRowName, '7001');
}
$response = new Response();
$response->setContent("{\"message\": \"Server logout continue\",\"next\": \"{$this->logoutRedirectUrl}\"}");
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
session_start();
return $response;
} catch (\Exception $e) {
$this->logger->warning($e->getMessage());
return $this->redirectForbidden($configRowName, '8000');
}
}
private function redirectForbidden($configRowName, $errorCode)
{
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
......@@ -146,4 +202,4 @@ class CASLogout extends ControllerBase
return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
}
}
}
\ No newline at end of file
}
......@@ -199,7 +199,7 @@ epal.ministry.retrievesettings:
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.storesettings:
path: '/ministry/store-settings/{capacityDisabled}/{directorViewDisabled}/{applicantsLoginDisabled}'
path: '/ministry/store-settings/{capacityDisabled}/{directorViewDisabled}/{applicantsLoginDisabled}/{applicantsResultsDisabled}'
options:
_auth: [ 'basic_auth' ]
defaults:
......@@ -268,5 +268,11 @@ epal.findcapacityperschool:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\DirectorView::FindCapacityPerSchool'
epal.applicant.creationpdf:
path: '/epal/pdf-application'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\PdfCreator::createApplicantPDF'
requirements:
_user_is_logged_in: 'TRUE'
......@@ -68,6 +68,7 @@ class ApplicationSubmit extends ControllerBase {
], Response::HTTP_FORBIDDEN);
}
$student = array(
'langcode' => 'el',
'student_record_id' => 0,
......@@ -94,9 +95,10 @@ class ApplicationSubmit extends ControllerBase {
'certificatetype' => $applicationForm[0]['certificatetype'],
'graduation_year' => $applicationForm[0]['graduation_year'],
'lastschool_registrynumber' => $applicationForm[0]['lastschool_registrynumber'],
'lastschool_unittypeid' => $applicationForm[0]['lastschool_unittypeid'],
'lastschool_schoolname' => $applicationForm[0]['lastschool_schoolname'],
'lastschool_schoolyear' => $applicationForm[0]['lastschool_schoolyear'],
'lastschool_class' => $applicationForm[0]['lastschool_class'],
'currentepal' => $applicationForm[0]['currentepal'],
'currentclass' => $applicationForm[0]['currentclass'],
'guardian_name' => $applicationForm[0]['cu_name'],
'guardian_surname' => $applicationForm[0]['cu_surname'],
......@@ -111,6 +113,22 @@ class ApplicationSubmit extends ControllerBase {
return $this->respondWithStatus([
"error_code" => $errorCode ], Response::HTTP_OK);
}
$lastSchoolRegistryNumber = $student['lastschool_registrynumber'];
$lastSchoolYear = (int)(substr($student['lastschool_schoolyear'], -4));
if ((int)date("Y") === $lastSchoolYear && (int)$student['lastschool_unittypeid'] === 5) {
$epalSchools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('registry_no' => $lastSchoolRegistryNumber));
$epalSchool = reset($epalSchools);
if (!$epalSchool){
return $this->respondWithStatus([
"error_code" => 4004
], Response::HTTP_FORBIDDEN);
} else {
$student['currentepal'] = $epalSchool->id();
}
} else {
$student['currentepal'] = 0;
}
$entity_storage_student = $this->entityTypeManager->getStorage('epal_student');
$entity_object = $entity_storage_student->create($student);
$entity_storage_student->save($entity_object);
......@@ -176,6 +194,9 @@ class ApplicationSubmit extends ControllerBase {
if(!$student["agreement"]) {
return 1001;
}
if(!$student["lastschool_schoolyear"] || strlen($student["lastschool_schoolyear"]) !== 9) {
return 1002;
}
return 0;
}
}
......@@ -94,7 +94,8 @@ class InformUnlocatedStudents extends ControllerBase {
// εύρεση μαθητών που η αίτησή τους ΔΕΝ ικανοποιήθηκε
$sCon = $this->connection->select('epal_student_class', 'eStudent')
->fields('eStudent', array('student_id'));
->fields('eStudent', array('student_id'))
->condition('eStudent.finalized', 0 , '=');
$epalStudents = $sCon->execute()->fetchAll(\PDO::FETCH_OBJ);
$studentIds = array();
......@@ -224,7 +225,8 @@ class InformUnlocatedStudents extends ControllerBase {
// εύρεση μαθητών που η αίτησή τους ΙΚΑΝΟΠΟΙΗΘΗΚΕ
$sCon = $this->connection->select('epal_student_class', 'eStudent')
->fields('eStudent', array('student_id', 'epal_id'));
->fields('eStudent', array('student_id', 'epal_id'))
->condition('eStudent.finalized', 1 , '=');
$epalStudents = $sCon->execute()->fetchAll(\PDO::FETCH_OBJ);
$studentIds = array();
......
......@@ -98,6 +98,7 @@ class MinisterSettings extends ControllerBase {
$capacityDisabled = $epalConfig->lock_school_capacity->getString();
$directorViewDisabled = $epalConfig->lock_school_students_view->getString();
$applicantsLoginDisabled = $epalConfig->lock_application->getString();
$applicantsResultsDisabled = $epalConfig->lock_results->getString();
}
$config_storage->resetCache();
......@@ -107,6 +108,7 @@ class MinisterSettings extends ControllerBase {
'capacityDisabled' => $capacityDisabled,
'directorViewDisabled' => $directorViewDisabled,
'applicantsLoginDisabled' => $applicantsLoginDisabled,
'applicantsResultsDisabled' => $applicantsResultsDisabled,
], Response::HTTP_OK);
} //end try
......@@ -123,7 +125,7 @@ class MinisterSettings extends ControllerBase {
}
public function storeSettings(Request $request, $capacityDisabled, $directorViewDisabled, $applicantsLoginDisabled ) {
public function storeSettings(Request $request, $capacityDisabled, $directorViewDisabled, $applicantsLoginDisabled, $applicantsResultsDisabled ) {
try {
if (!$request->isMethod('GET')) {
......@@ -168,6 +170,7 @@ public function storeSettings(Request $request, $capacityDisabled, $directorView
$epalConfig->set('lock_school_capacity', $capacityDisabled);
$epalConfig->set('lock_school_students_view', $directorViewDisabled);
$epalConfig->set('lock_application', $applicantsLoginDisabled);
$epalConfig->set('lock_results', $applicantsResultsDisabled);
$epalConfig->save();
}
$config_storage->resetCache();
......@@ -178,6 +181,7 @@ public function storeSettings(Request $request, $capacityDisabled, $directorView
'capacityDisabled' => $capacityDisabled,
'directorViewDisabled' => $directorViewDisabled,
'applicantsLoginDisabled' => $applicantsLoginDisabled,
'applicantsResultsDisabled' => $applicantsResultsDisabled,
], Response::HTTP_OK);
} //end try
......
......@@ -21,19 +21,18 @@ class MinistryLogin extends ControllerBase
//protected $connection;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
//QueryFactory $entity_query,
// $connection,
LoggerChannelFactoryInterface $loggerChannel)
{
EntityTypeManagerInterface $entityTypeManager,
//QueryFactory $entity_query,
// $connection,
LoggerChannelFactoryInterface $loggerChannel
) {
$this->entityTypeManager = $entityTypeManager;
//$this->entity_query = $entity_query;
//$this->connection = $connection;
$this->logger = $loggerChannel->get('epal');
}
public static function create(ContainerInterface $container)
{
return new static(
......@@ -41,142 +40,127 @@ class MinistryLogin extends ControllerBase
//$container->get('entity.query'),
//$container->get('database'),
$container->get('logger.factory')
);
);
}
public function loginGo(Request $request)
{
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
}
//user role validation
//$user = \Drupal\user\Entity\User::load($user->id());
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "ministry") {
$validRole = true;
break;
}
if (!$validRole) {
return $this->respondWithStatus([
//user role validation
//$user = \Drupal\user\Entity\User::load($user->id());
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role) {
if ($role === "ministry") {
$validRole = true;
break;
}
}
if (!$validRole) {
return $this->respondWithStatus([
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
$currentRoleName = "supervisor";
}
$currentRoleName = "supervisor";
$postData = null;
if ($content = $request->getContent()) {
$postData = json_decode($content);
//return new RedirectResponse("/drupal-8.2.6/eepal/dist/" . '?auth_token=' . $postData->username .'&auth_role=supervisor', 302, []);
return $this->respondWithStatus([
$postData = null;
if ($content = $request->getContent()) {
$postData = json_decode($content);
//return new RedirectResponse("/drupal-8.2.6/eepal/dist/" . '?auth_token=' . $postData->username .'&auth_role=supervisor', 302, []);
return $this->respondWithStatus([
//'auth_token' => $postData->username,
//'userpassword' => $postData->userpassword,
//'auth_role' => $currentRoleName,
], Response::HTTP_OK);
}
else {
return $this->respondWithStatus([
'message' => t("post with no data"),
], Response::HTTP_BAD_REQUEST);
}
], Response::HTTP_OK);
} else {
return $this->respondWithStatus([
'message' => t("post with no data"),
], Response::HTTP_BAD_REQUEST);
}
} //end try
catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->respondWithStatus([
'message' => 'forbidden',
], Response::HTTP_FORBIDDEN);
}
}
public function logoutGo(Request $request)
{
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
try {
if (!$request->isMethod('POST')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
}
//user validation
//Note: $authToken = $postData->username
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
//user role validation
//$user = \Drupal\user\Entity\User::load($user->id());
/*
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
}
//user role validation
//$user = \Drupal\user\Entity\User::load($user->id());
/*
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "ministry") {
$validRole = true;
break;
}
if (!$validRole) {
if (!$validRole) {
return $this->respondWithStatus([
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
*/
session_unset();
session_destroy();
}
*/
$response = new Response();
$response->setContent('logout successful');
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
return $response;
session_unset();
session_destroy();
return $this->respondWithStatus([
'message' => 'logout successful',
], Response::HTTP_OK);
} //end try
catch (\Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
return $this->respondWithStatus([
'message' => t("forbidden"),
], Response::HTTP_FORBIDDEN);
}
}
private function respondWithStatus($arr, $s) {
$res = new JsonResponse($arr);
$res->setStatusCode($s);
return $res;
private function respondWithStatus($arr, $s)
{
return (new JsonResponse($arr))
->setStatusCode($s);
}
}
<?php
/**
* @file
* Contains \Drupal\query_example\Controller\QueryExampleController.
*/
namespace Drupal\epal\Controller;
use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Drupal\Core\Controller\ControllerBase;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\Core\Database\Database;
use Drupal\Core\Database\Connection;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
use Drupal\Core\TypedData\Plugin\DataType\TimeStamp;
use Drupal\Core\Language\LanguageManagerInterface;
//require_once('fpdf.php');
//require('C:\wamp64\bin\php\php5.6.25\fpdf16/fpdf.php');
use FPDF;
class PDFCreator extends ControllerBase {
protected $entity_query;
protected $entityTypeManager;
protected $logger;
protected $connection;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
{
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
$connection = Database::getConnection();
$this->connection = $connection;
$this->logger = $loggerChannel->get('epal');
}
public static function create(ContainerInterface $container)
{
return new static(
$container->get('entity_type.manager'),
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
);
}
public function createApplicantPDF(Request $request) {
try {
if (!$request->isMethod('GET')) {
return $this->respondWithStatus([
"message" => t("Method Not Allowed")
], Response::HTTP_METHOD_NOT_ALLOWED);
}
/*
$authToken = $request->headers->get('PHP_AUTH_USER');
$epalUsers = $this->entityTypeManager->getStorage('epal_users')->loadByProperties(array('authtoken' => $authToken));
$epalUser = reset($epalUsers);
if ($epalUser) {
//$userid = $epalUser -> id();
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
}
*/
//user validation
/*
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
return $this->respondWithStatus([
'message' => t("User:") . $authToken,
], Response::HTTP_FORBIDDEN);
if (!$user) {
return $this->respondWithStatus([
'message' => t("User not found"),
], Response::HTTP_FORBIDDEN);
}
//user role validation
$roles = $user->getRoles();
$validRole = false;
foreach ($roles as $role)
if ($role === "applicant") {
$validRole = true;
break;
}
return $this->respondWithStatus([
'message' => t("User Role:") . $role,
], Response::HTTP_FORBIDDEN);
if (!$validRole) {
return $this->respondWithStatus([
'message' => t("User Invalid Role"),
], Response::HTTP_FORBIDDEN);
}
*/
//$user->id()
$pdf=new FPDF();
$pdf->AddPage();
$pdf->SetFont('Arial','B',16);
$pdf->Cell(40,10,'Hello World! This is a funny day!!!!Hello World! This is a funny day!!!!Hello World! This is a funny day!!!!');
ob_end_clean();
//$s = $pdf->Output("c:\BACKUP\myFile2.pdf", "D");
$s = $pdf->Output("c:\BACKUP\myFile2.pdf", "S");
$s = utf8_encode($s);
$pdf->Close();
//ob_end_flush();
//$s = file_get_contents("c:/BACKUP/test.pdf");
//$s = utf8_encode($s);
//file_put_contents("c:/BACKUP/test2.pdf",$s);
return $this->respondWithStatus([
'pdfString' => $s,