Commit 59da0b72 authored by Open Source Developer's avatar Open Source Developer

Merge branch 'develop' of https://git.minedu.gov.gr/itminedu/e-epal into stylesandmenus

parents b197a488 83569662
...@@ -69,8 +69,9 @@ class CASLogin extends ControllerBase ...@@ -69,8 +69,9 @@ class CASLogin extends ControllerBase
public function loginGo(Request $request) public function loginGo(Request $request)
{ {
$configRowName = 'casost_sch_sso_config';
try { try {
$configRowName = 'casost_sch_sso_config';
$configRowId = $request->query->get('config'); $configRowId = $request->query->get('config');
if ($configRowId) if ($configRowId)
$configRowName = $configRowName . '_' . $configRowId; $configRowName = $configRowName . '_' . $configRowId;
...@@ -120,11 +121,7 @@ class CASLogin extends ControllerBase ...@@ -120,11 +121,7 @@ class CASLogin extends ControllerBase
} }
phpCAS::handleLogoutRequests(); phpCAS::handleLogoutRequests();
if (!phpCAS::forceAuthentication()) { if (!phpCAS::forceAuthentication()) {
$response = new Response(); return $this->redirectForbidden($configRowName, '5001');
$response->setContent('forbidden. cannot force authentication');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
} }
$attributes = phpCAS::getAttributes(); $attributes = phpCAS::getAttributes();
/* foreach ($attributes as $attr_key => $attr_value) { /* foreach ($attributes as $attr_key => $attr_value) {
...@@ -178,60 +175,85 @@ class CASLogin extends ControllerBase ...@@ -178,60 +175,85 @@ class CASLogin extends ControllerBase
return $attributes[$attribute]; return $attributes[$attribute];
}; };
$exposedRole = 'director'; $umdobject = $filterAttribute("umdobject");
$internalRole = 'epal'; $physicaldeliveryofficename = $filterAttribute("physicaldeliveryofficename");
$CASTitle = preg_replace('/\s+/', '', $filterAttribute('title'));
if ($CASTitle === 'ΠΕΡΙΦΕΡΕΙΑΚΗΔΙΕΥΘΥΝΣΗΕΚΠΑΙΔΕΥΣΗΣ-ΠΔΕ') {
$exposedRole = 'pde'; /****** the following is for production ***************************/
$internalRole = 'regioneduadmin';
} else if ($CASTitle === 'ΔΙΕΥΘΥΝΣΗΔΕ-ΔIΔΕ') { /* if (!$umdobject || $umdobject !== "Account") {
$exposedRole = 'dide'; return $this->redirectForbidden($configRowName, '5002');
$internalRole = 'eduadmin'; }
} else if ($CASTitle === 'ΕΠΑΛ') { if (!$physicaldeliveryofficename || preg_replace('/\s+/', '', $physicaldeliveryofficename) !== 'ΕΠΙΣΗΜΟΣΛΟΓΑΡΙΑΣΜΟΣ') {
$exposedRole = 'director'; return $this->redirectForbidden($configRowName, '5003');
$internalRole = 'epal'; } */
} else {
$response = new Response(); phpCAS::trace($umdobject);
$this->logger->warning(t('Access is allowed only to official school accounts or administration')); phpCAS::trace($physicaldeliveryofficename);
$response->setContent(t('Access is allowed only to official school accounts or administration')); $gsnunitcodedn = $filterAttribute('edupersonorgunitdn:gsnunitcode:extended');
$response->setStatusCode(Response::HTTP_FORBIDDEN); $gsnunitcode = substr($gsnunitcodedn, strpos($gsnunitcodedn, ";") + 1);
$response->headers->set('Content-Type', 'application/json;charset=UTF-8'); phpCAS::trace($gsnunitcode);
return $response; $userAssigned = $this->assignRoleToUser($gsnunitcode);
if (sizeof($userAssigned) === 0) {
return $this->redirectForbidden($configRowName, '5004');
} }
// $this->logger->warning('redirecturl=' . $this->redirectUrl); // $this->logger->warning('redirecturl=' . $this->redirectUrl);
$epalToken = $this->authenticatePhase2($request, $CASUser, $internalRole, $filterAttribute('cn')); $epalToken = $this->authenticatePhase2($request, $CASUser, $userAssigned, $filterAttribute('cn'));
if ($epalToken) { if ($epalToken) {
if ('casost_sch_sso_config' === $configRowName) { if ('casost_sch_sso_config' === $configRowName) {
/* $cookie = new Cookie('auth_token', $epalToken, 0, '/', null, false, false); /* $cookie = new Cookie('auth_token', $epalToken, 0, '/', null, false, false);
$cookie2 = new Cookie('auth_role', $exposedRole, 0, '/', null, false, false); */ $cookie2 = new Cookie('auth_role', $exposedRole, 0, '/', null, false, false); */
return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $exposedRole, 302, []); return new RedirectResponse($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
} else { } else {
\Drupal::service('page_cache_kill_switch')->trigger(); \Drupal::service('page_cache_kill_switch')->trigger();
return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $exposedRole, 302, []); return new RedirectResponseWithCookieExt($this->redirectUrl . $epalToken.'&auth_role=' . $userAssigned["exposedRole"], 302, []);
} }
// $headers = array("auth_token" => $epalToken, "auth_role" => "director"); // $headers = array("auth_token" => $epalToken, "auth_role" => "director");
// return new RedirectResponse($this->redirectUrl, 302, $headers); // return new RedirectResponse($this->redirectUrl, 302, $headers);
} else { } else {
$response = new Response(); return $this->redirectForbidden($configRowName, '5005');
$response->setContent('No proper authentication');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
} }
} catch (\Exception $e) { } catch (\Exception $e) {
$this->logger->warning($e->getMessage()); $this->logger->warning($e->getMessage());
$response = new Response(); return $this->redirectForbidden($configRowName, '6000');
$response->setContent('Unexpected Problem'); }
$response->setStatusCode(Response::HTTP_FORBIDDEN); }
$response->headers->set('Content-Type', 'application/json');
return $response; private function assignRoleToUser($registry_no) {
$schools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('registry_no' => $registry_no));
$school = reset($schools);
if ($school) {
return array("id" => $school->id(), "exposedRole" => "director", "internalRole" => "epal");
}
$eduAdmins = $this->entityTypeManager->getStorage('eepal_admin_area')->loadByProperties(array('registry_no' => $registry_no));
$eduAdmin = reset($eduAdmins);
if ($eduAdmin) {
return array("id" => $eduAdmin->id(), "exposedRole" => "dide", "internalRole" => "eduadmin");
}
$regionAdmins = $this->entityTypeManager->getStorage('eepal_region')->loadByProperties(array('registry_no' => $registry_no));
$regionAdmin = reset($regionAdmins);
if ($regionAdmin) {
return array("id" => $regionAdmin->id(), "exposedRole" => "pde", "internalRole" => "regioneduadmin");
}
return array();
}
private function redirectForbidden($configRowName, $errorCode) {
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
if ('casost_sch_sso_config' === $configRowName) {
return new RedirectResponse($this->redirectUrl.'&error_code=' . $errorCode, 302, []);
} else {
return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
} }
} }
public function authenticatePhase2($request, $CASUser, $internalRole, $cn) private function authenticatePhase2($request, $CASUser, $userAssigned, $cn)
{ {
$trx = $this->connection->startTransaction(); $trx = $this->connection->startTransaction();
try { try {
...@@ -260,7 +282,8 @@ class CASLogin extends ControllerBase ...@@ -260,7 +282,8 @@ class CASLogin extends ControllerBase
$user->setEmail($CASUser); $user->setEmail($CASUser);
$user->setUsername($epalToken); //This username must be unique and accept only a-Z,0-9, - _ @ . $user->setUsername($epalToken); //This username must be unique and accept only a-Z,0-9, - _ @ .
$user->activate(); $user->activate();
$user->set('init', $cn); // $user->set('init', $cn);
$user->set('init', $userAssigned["id"]);
//Set Language //Set Language
$language_interface = \Drupal::languageManager()->getCurrentLanguage(); $language_interface = \Drupal::languageManager()->getCurrentLanguage();
...@@ -269,7 +292,7 @@ class CASLogin extends ControllerBase ...@@ -269,7 +292,7 @@ class CASLogin extends ControllerBase
$user->set('preferred_admin_langcode', $language_interface->getId()); $user->set('preferred_admin_langcode', $language_interface->getId());
//Adding default user role //Adding default user role
$user->addRole($internalRole); $user->addRole($userAssigned["internalRole"]);
$user->save(); $user->save();
} }
......
...@@ -60,8 +60,9 @@ class CASLogout extends ControllerBase ...@@ -60,8 +60,9 @@ class CASLogout extends ControllerBase
public function logoutGo(Request $request) public function logoutGo(Request $request)
{ {
$configRowName = 'casost_sch_sso_config';
try { try {
$configRowName = 'casost_sch_sso_config';
$configRowId = $request->query->get('config'); $configRowId = $request->query->get('config');
if ($configRowId) { if ($configRowId) {
$configRowName = $configRowName.'_'.$configRowId; $configRowName = $configRowName.'_'.$configRowId;
...@@ -86,12 +87,7 @@ class CASLogout extends ControllerBase ...@@ -86,12 +87,7 @@ class CASLogout extends ControllerBase
$this->allowed2 = $CASOSTConfig->allowed2->value; $this->allowed2 = $CASOSTConfig->allowed2->value;
$this->allowed2Value = $CASOSTConfig->allowed2value->value; $this->allowed2Value = $CASOSTConfig->allowed2value->value;
} else { } else {
$response = new Response(); return $this->redirectForbidden($configRowName, '7001');
$response->setContent('forbidden. No config');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
} }
// Enable debugging // Enable debugging
...@@ -111,14 +107,7 @@ class CASLogout extends ControllerBase ...@@ -111,14 +107,7 @@ class CASLogout extends ControllerBase
$user = reset($users); $user = reset($users);
if (!$user) { if (!$user) {
$this->logger->warning('user not found'); return $this->redirectForbidden($configRowName, '7002');
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
} }
// phpCAS::handleLogoutRequests(); // phpCAS::handleLogoutRequests();
...@@ -127,6 +116,10 @@ class CASLogout extends ControllerBase ...@@ -127,6 +116,10 @@ class CASLogout extends ControllerBase
// session_destroy(); // session_destroy();
$user->setPassword(uniqid('pw')); $user->setPassword(uniqid('pw'));
$user->save(); $user->save();
$response = new Response(); $response = new Response();
$response->setContent('logout successful'); $response->setContent('logout successful');
$response->setStatusCode(Response::HTTP_OK); $response->setStatusCode(Response::HTTP_OK);
...@@ -145,12 +138,18 @@ class CASLogout extends ControllerBase ...@@ -145,12 +138,18 @@ class CASLogout extends ControllerBase
return $response; return $response;
} catch (\Exception $e) { } catch (\Exception $e) {
$this->logger->warning($e->getMessage()); $this->logger->warning($e->getMessage());
$response = new Response(); return $this->redirectForbidden($configRowName, '8000');
$response->setContent('forbidden'); }
$response->setStatusCode(Response::HTTP_FORBIDDEN); }
$response->headers->set('Content-Type', 'application/json');
return $response; private function redirectForbidden($configRowName, $errorCode) {
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
if ('casost_sch_sso_config' === $configRowName) {
return new RedirectResponse($this->redirectUrl.'&error_code=' . $errorCode, 302, []);
} else {
return new RedirectResponseWithCookieExt($this->redirectUrl .'&error_code=' . $errorCode, 302, []);
} }
} }
} }
...@@ -164,6 +164,14 @@ epal.ministry.report-all-stat: ...@@ -164,6 +164,14 @@ epal.ministry.report-all-stat:
_controller: '\Drupal\epal\Controller\ReportsCreator::makeReportAllStat' _controller: '\Drupal\epal\Controller\ReportsCreator::makeReportAllStat'
requirements: requirements:
_user_is_logged_in: 'TRUE' _user_is_logged_in: 'TRUE'
epal.ministry.retrieve-registry-id:
path: '/ministry/retrieve-registry-id'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\ReportsCreator::retrieveUserRegistryNo'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.massive_mail: epal.ministry.massive_mail:
path: '/ministry/send-massive-mail' path: '/ministry/send-massive-mail'
options: options:
...@@ -203,4 +211,4 @@ findcapacity: ...@@ -203,4 +211,4 @@ findcapacity:
defaults: defaults:
_controller: '\Drupal\epal\Controller\DirectorView::findCapacity' _controller: '\Drupal\epal\Controller\DirectorView::findCapacity'
requirements: requirements:
_user_is_logged_in: 'TRUE' _user_is_logged_in: 'TRUE'
\ No newline at end of file
...@@ -128,7 +128,9 @@ class ApplicationSubmit extends ControllerBase { ...@@ -128,7 +128,9 @@ class ApplicationSubmit extends ControllerBase {
//insert records in entity: epal_student_course_field (αφορά μαθητές Γ' Λυκείου) //insert records in entity: epal_student_course_field (αφορά μαθητές Γ' Λυκείου)
// or: epal_student_sector_field (αφορά μαθητές Β' Λυκείου) // or: epal_student_sector_field (αφορά μαθητές Β' Λυκείου)
if ($applicationForm[0][currentclass] === "Γ' Λυκείου") {
//if ($applicationForm[0][currentclass] === "Γ' Λυκείου") {
if ($applicationForm[0][currentclass] === "3") {
//$course = array('name //$course = array('name
$course = array( $course = array(
//'name' => $aitisi[3][name], //'name' => $aitisi[3][name],
...@@ -142,7 +144,8 @@ class ApplicationSubmit extends ControllerBase { ...@@ -142,7 +144,8 @@ class ApplicationSubmit extends ControllerBase {
$entity_storage_course->save($entity_object); $entity_storage_course->save($entity_object);
} }
else if ($applicationForm[0][currentclass] === "Β' Λυκείου") { //else if ($applicationForm[0][currentclass] === "Β' Λυκείου") {
else if ($applicationForm[0][currentclass] === "2") {
$sector = array( $sector = array(
//'name' => $applicationForm[3][name], //'name' => $applicationForm[3][name],
'student_id' => $created_student_id, 'student_id' => $created_student_id,
......
<?php
/**
* @file
* Contains \Drupal\query_example\Controller\QueryExampleController.
*/
namespace Drupal\epal\Controller;
use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\JsonResponse;
use Drupal\Core\Controller\ControllerBase;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Drupal\Core\Database\Connection;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Drupal\Core\Logger\LoggerChannelFactoryInterface;
class CreateDemoData extends ControllerBase {
protected $entity_query;
protected $entityTypeManager;
protected $logger;
protected $connection;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
{
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
$this->connection = $connection;
$this->logger = $loggerChannel->get('epal');
}
public static function create(ContainerInterface $container)
{
return new static(
$container->get('entity.manager'),
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
);
}
public function make_seed() {
list($usec, $sec) = explode(' ', microtime());
return $sec + $usec * 1000000;
}
public function UniqueRandNum($min, $max, $quantity) {
$numbers = range($min, $max);
shuffle($numbers);
return array_slice($numbers, 0, $quantity);
}
public function createData() {
$transaction = $this->connection->startTransaction();
try {
//insert demo records in entity: epal_student
$entity_manager = \Drupal::entityTypeManager();
$epaluserid = \Drupal::currentUser()->id();
for ($i = 1; $i <= 1000; $i++) {
//srand($this->make_seed());
$curclass = rand(1,3);
//$curclass = 2;
//$currentepal = rand(137,165);
$currentepal = rand(5,399);
$student = array(
//'epaluser_id' => $aitisi[0][epaluser_id],
'epaluser_id' => $epaluserid,
'name' => "firstname" . $i,
'studentsurname' => "surname" . $i,
//'birthdate' => $aitisi[0][birthdate],
'birthdate' => '01/01/1970',
//'fatherfirstname' => $aitisi[0][fatherfirstname],
'fatherfirstname' => "fatherfirstname" . $i,
//'fathersurname' => $aitisi[0][fathersurname],
'fathersurname' => "fathersurname" . $i,
//'motherfirstname' => $aitisi[0][motherfirstname],
'motherfirstname' => "motherfirstname" . $i,
//'mothersurname' => $aitisi[0][mothersurname],
'mothersurname' => "mothersurname" . $i,
//'studentamka' => $aitisi[0][studentamka],
//'regionaddress' => $aitisi[0][regionaddress],
'regionaddress' => "regionaddress" . $i,
//'regionarea' => $aitisi[0][regionarea],
'regionarea' => "regionarea" . $i,
//'regiontk' => $aitisi[0][regiontk],
'regiontk' => "tk" . $i,
//'certificatetype' => $aitisi[0][certificatetype],
'certificatetype' => 'Απολυτήριο Γυμνασίου',
//'lastam' => $aitisi[0][lastam],
'currentclass' => $curclass,
'currentepal' => $currentepal,
//'currentsector' => $aitisi[0][currentsector],
//'relationtostudent' => $aitisi[0][relationtostudent],
'relationtostudent' => 'Μαθητής',
//'telnum' => $aitisi[0][telnum],
'telnum' => '6944123456',
'points' => rand(0,20)
);
$entity_storage_student = $entity_manager->getStorage('epal_student');
$entity_object = $entity_storage_student->create($student);
$entity_storage_student->save($entity_object);
$created_student_id = $entity_object->id();
//insert records in entity: epal_student_course_field (αφορά μαθητές Γ' Λυκείου)
// or: epal_student_sector_field (αφορά μαθητές Β' Λυκείου)
$availableSchools = array();
if ($curclass === 3) {
do {
$coursefield_id = rand(1,54);
$course = array(
'student_id' => $created_student_id,
'coursefield_id' => $coursefield_id
);
$entity_storage_course = $entity_manager->getStorage('epal_student_course_field');
$entity_object = $entity_storage_course->create($course);
//$entity_storage_course->save($entity_object);
//εύρεση ΕΠΑΛ που διαθέτουν την αντίστοιχη ειδικότητα
print_r("<br> EIDIKOTHTA: " . $coursefield_id);
$eepalSpecialtiesInEpal_storage = $this->entityTypeManager->getStorage('eepal_specialties_in_epal');
//$eepalSpecialtiesInEpal = $eepalSpecialtiesInEpal_storage->loadByProperties(array('specialty_id' => $coursefield_id) );
$ids = $eepalSpecialtiesInEpal_storage->getQuery()
->condition('specialty_id', $coursefield_id, "=")
//->condition('epal_id', 137, ">=")
//->condition('epal_id', 165, "<=")
->execute();
$eepalSpecialtiesInEpal = $eepalSpecialtiesInEpal_storage->loadMultiple($ids);
print_r("<br> NUM_SCHOOLS: " . sizeof($eepalSpecialtiesInEpal));
foreach ($eepalSpecialtiesInEpal as $eepalSpecialInEp) {
array_push($availableSchools, $eepalSpecialInEp->epal_id->getString());
}
if (sizeof($availableSchools) != 0)
$entity_storage_course->save($entity_object);
} //end do
while (sizeof($availableSchools) == 0);
$entity_storage_course->resetCache();
$eepalSpecialtiesInEpal_storage->resetCache();
}
else if ($curclass === 2) {
do {
$sectorfield_id = rand(1,9);
$sector = array(
'student_id' => $created_student_id,
'sectorfield_id' => $sectorfield_id
);
$entity_storage_sector = $entity_manager->getStorage('epal_student_sector_field');
$entity_object = $entity_storage_sector->create($sector);
//$entity_storage_sector->save($entity_object);
//εύρεση ΕΠΑΛ που διαθέτουν τον αντίστοιχο τομέα
print_r("<br> TOMEAS: " . $sectorfield_id);
$eepalSectorsInEpal_storage = $this->entityTypeManager->getStorage('eepal_sectors_in_epal');
$ids = $eepalSectorsInEpal_storage->getQuery()
->condition('sector_id', $sectorfield_id, "=")
//->condition('epal_id', 137, ">=")
//->condition('epal_id', 165, "<=")
->execute();
$eepalSectorsInEpal = $eepalSectorsInEpal_storage->loadMultiple($ids);
print_r("<br> NUM_SCHOOLS: " . sizeof($eepalSectorsInEpal));
foreach ($eepalSectorsInEpal as $eepalSecInEp) {
array_push($availableSchools, $eepalSecInEp->epal_id->getString());
}
if (sizeof($availableSchools) != 0)
$entity_storage_sector->save($entity_object);
} //end do
while (sizeof($availableSchools) == 0);
$entity_storage_sector->resetCache();
$eepalSectorsInEpal_storage->resetCache();
}
else if ($curclass === 1) {
print_r("<br> CLASS A: ");
//$school_id_start = 137;
$school_id_start = 5;
//for ($l=0; $l < 29; $l++)
for ($l=0; $l < 395; $l++)
array_push($availableSchools, $school_id_start + $l);
}
$numEpalsChosen = rand(1,3);
if ($numEpalsChosen > sizeof($availableSchools))
$numEpalsChosen = sizeof($availableSchools);
print_r("<br> NUM_EPAL_CHOSEN " . $numEpalsChosen);
$epal_id_index = $this->UniqueRandNum(0,sizeof($availableSchools)-1,$numEpalsChosen);
for ($j=0; $j < $numEpalsChosen; $j++) {
print_r("<br> EPAL_CHOSEN_ID: " . $epal_id_index[$j]);
print_r("<br> EPAL_CHOSEN_REAL_ID: " . $availableSchools[$epal_id_index[$j]]);
}
for ($j = 0; $j < $numEpalsChosen ; $j++) {
$epalchosen = array(
'student_id' => $created_student_id,
'epal_id' => $availableSchools[$epal_id_index[$j]],
'choice_no' => $j+1
);
$entity_storage_epalchosen = $entity_manager->getStorage('epal_student_epal_chosen');
$entity_object = $entity_storage_epalchosen->create($epalchosen);
$entity_storage_epalchosen->save($entity_object);
}