conflict resolution. Role checking in DirectorView controller

parents e4897f30 cc188496
......@@ -46,10 +46,15 @@ function epal_mail($key, &$message, $params) {
$message['subject'] = t('Σύστημα υποβολής αιτήσεων εγγραφής σε ΕΠΑΛ: Επιβεβαίωση e-mail', $options);
$message['body'][] = $params['message'];
break;
case 'massive_mail':
case 'massive_mail_unallocated':
$message['from'] = \Drupal::config('system.site')->get('mail');
$message['subject'] = t('Μη ικανοποίηση ηλεκτρονικής αίτησης για εγγραφή σε ΕΠΑΛ', $options);
$message['body'][] = $params['message'];
break;
case 'massive_mail_located':
$message['from'] = \Drupal::config('system.site')->get('mail');
$message['subject'] = t('Ικανοποίηση ηλεκτρονικής αίτησης για εγγραφή σε ΕΠΑΛ', $options);
$message['body'][] = $params['message'];
break;
}
}
......@@ -151,7 +151,7 @@ epal.ministry.report-completeness:
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.report-all-stat:
path: '/ministry/report-all-stat/{regionId}/{adminId}/{schId}/{classId}/{sectorId}/{courseId}'
path: '/ministry/report-all-stat/{regionId}/{adminId}/{schId}/{classId}/{sectorId}/{courseId}/{finalized}'
options:
_auth: [ 'basic_auth' ]
defaults:
......@@ -174,12 +174,20 @@ epal.ministry.retrieve-registry-id:
_controller: '\Drupal\epal\Controller\ReportsCreator::retrieveUserRegistryNo'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.massive_mail:
path: '/ministry/send-massive-mail'
epal.ministry.massive_mail_unallocated:
path: '/ministry/send-unallocated-massive-mail'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\InformUnlocatedStudents::sendMailToStudents'
_controller: '\Drupal\epal\Controller\InformUnlocatedStudents::sendMailToUnallocatedStudents'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.massive_mail_located:
path: '/ministry/send-located-massive-mail'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\InformUnlocatedStudents::sendMailToLocatedStudents'
requirements:
_user_is_logged_in: 'TRUE'
epal.ministry.retrievesettings:
......@@ -203,7 +211,7 @@ epal.perfectureschools:
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\DirectorView::getSchoolsPerPerfecture'
_controller: '\Drupal\epal\Controller\DirectorView::getSchools'
requirements:
_user_is_logged_in: 'TRUE'
epal.coursesperschools:
......@@ -246,3 +254,11 @@ epal.gettypeofschool:
_controller: '\Drupal\epal\Controller\DirectorView::gettypeofschool'
requirements:
_user_is_logged_in: 'TRUE'
getlimitspercourse:
path: '/epal/getlimitsperCourse/{classid}'
options:
_auth: [ 'basic_auth' ]
defaults:
_controller: '\Drupal\epal\Controller\DirectorView::getlimitsperCourse'
requirements:
_user_is_logged_in: 'TRUE'
......@@ -426,8 +426,7 @@ public function SaveCapacity(Request $request,$taxi,$tomeas,$specialit)
}
public function getSchoolsPerPerfecture(Request $request)
public function getSchools(Request $request)
{
$authToken = $request->headers->get('PHP_AUTH_USER');
......@@ -436,14 +435,32 @@ public function SaveCapacity(Request $request,$taxi,$tomeas,$specialit)
$user = reset($users);
if ($user)
{
$perfectureId = $user -> init -> value;
$schools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('region_edu_admin_id'=> $perfectureId ));
$selectionId = $user -> init -> value;
$userRoles = $user->getRoles();
$userRole = '';
foreach ($userRoles as $tmpRole) {
if (($tmpRole === 'epal') || ($tmpRole === 'regioneduadmin') || ($tmpRole === 'eduadmin')) {
$userRole = $tmpRole;
}
}
if ($userRole === '') {
return $this->respondWithStatus([
'error_code' => 4003,
], Response::HTTP_FORBIDDEN);
}
else if ($userRole === 'regioneduadmin') {
$schools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('region_edu_admin_id'=> $selectionId ));
}
else if ($userRole === 'eduadmin') {
$schools = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('edu_admin_id'=> $selectionId ));
}
if ($schools)
{
$list = array();
foreach ($schools as $object) {
$status = $this->returnstatus(147);
$status = $this->returnstatus($object -> id());
$list[] = array(
'id' =>$object -> id(),
'name' => $object -> name ->value,
......@@ -595,10 +612,74 @@ public function SaveCapacity(Request $request,$taxi,$tomeas,$specialit)
public function returnstatus($id)
{
if ($id == 147)
return true ;
$schoolid = $id;
$SchoolCats = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('id'=> $schoolid ));
$SchoolCat = reset($SchoolCats);
if ($SchoolCat){
$categ = $SchoolCat-> metathesis_region -> value;
}
$CourseA = $this->entityTypeManager->getStorage('epal_student')->loadByProperties(array('id'=> $schoolid ));
if ($CourseA)
{
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 1, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
$studentPerSchool = $this->entityTypeManager->getStorage('epal_student_class')->loadByProperties(array('currentepal'=> $schoolid, 'specialization_id' => -1, 'currentclass' => 1 ));
//foreach ($CourseA as $object) {
if (sizeof($studentPerSchool) < $limit){
return false;
// exit;
}
} // }
$CourseB = $this->entityTypeManager->getStorage('eepal_sectors_in_epal')->loadByProperties(array('epal_id' => $schoolid ));
if ($CourseB)
{
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 2, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
foreach ($CourseB as $object) {
$sectorid = $object -> sector_id -> entity -> id();
$studentPerSchool = $this->entityTypeManager->getStorage('epal_student_class')->loadByProperties(array('currentepal'=> $schoolid, 'specialization_id' => $sectorid, 'currentclass' => 2 ));
if (sizeof($studentPerSchool) < $limit){
return false;
exit;
}
}
}
$CourseC = $this->entityTypeManager->getStorage('eepal_specialties_in_epal')->loadByProperties(array('epal_id' => $schoolid ));
if ($CourseC)
{
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 3, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
foreach ($CourseC as $object) {
$specialityid = $object -> specialty_id -> entity -> id() ;
$studentPerSchool = $this->entityTypeManager->getStorage('epal_student_class')->loadByProperties(array('currentepal'=> $schoolid, 'specialization_id' => $specialityid, 'currentclass' => 3 ));
if (sizeof($studentPerSchool) < $limit){
return false;
exit;
}
}
}
return true;
// exit;
}
......@@ -784,6 +865,115 @@ public function gettypeofschool(Request $request)
}
public function getlimitsperCourse(Request $request, $classid)
{
$authToken = $request->headers->get('PHP_AUTH_USER');
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('name' => $authToken));
$user = reset($users);
if ($user)
{
$schoolid = $user -> init -> value;
$list= array();
$SchoolCats = $this->entityTypeManager->getStorage('eepal_school')->loadByProperties(array('id'=> $schoolid ));
$SchoolCat = reset($SchoolCats);
if ($SchoolCat){
$categ = $SchoolCat-> metathesis_region -> value;
$list = array();
if ($classid == 1)
{
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 1, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
$list[] = array(
'id' => '1',
'name' => 'Α Λυκείου',
'categ' => $categ,
'classes' => 1,
'limitdown' => $limit,
);
}
if ($classid == 2){
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 2, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
$list[] = array(
'name' => 'Β Λυκείου ',
'categ' => $categ,
'classes' => 2,
'limitdown' => $limit,
);
}
if ($classid == 3){
$limit_down = $this->entityTypeManager->getStorage('epal_class_limits')->loadByProperties(array('name'=> 3, 'category' => $categ ));
$limitdown = reset($limit_down);
if ($limitdown)
{
$limit = $limitdown -> limit_down -> value;
}
$list[] = array(
'categ' => $categ,
'classes' => 3,
'limitdown' => $limit,
);
}
return $this->respondWithStatus(
$list
, Response::HTTP_OK);
}
else
{
return $this->respondWithStatus([
'message' => t("Perfecture not found!"),
], Response::HTTP_FORBIDDEN);
}
}
else
{
return $this->respondWithStatus([
'message' => t("User not found!"),
], Response::HTTP_FORBIDDEN);
}
}
private function respondWithStatus($arr, $s) {
$res = new JsonResponse($arr);
$res->setStatusCode($s);
......
......@@ -87,7 +87,7 @@ class MinisterSettings extends ControllerBase {
//minister settings retrieve
$config_storage = $this->entityTypeManager->getStorage('epal_config');
$epalConfigs = $config_storage->loadByProperties(array('id' => 1));
$epalConfigs = $config_storage->loadByProperties(array('name' => 'epal_config'));
$epalConfig = reset($epalConfigs);
if (!$epalConfig) {
return $this->respondWithStatus([
......@@ -157,7 +157,7 @@ public function storeSettings(Request $request, $capacityDisabled, $directorView
}
$config_storage = $this->entityTypeManager->getStorage('epal_config');
$epalConfigs = $config_storage->loadByProperties(array('id' => 1));
$epalConfigs = $config_storage->loadByProperties(array('name' => 'epal_config'));
$epalConfig = reset($epalConfigs);
if (!$epalConfig) {
return $this->respondWithStatus([
......
......@@ -149,8 +149,6 @@ class CBController extends ControllerBase
if ($epalUser) {
$user = $this->entityTypeManager->getStorage('user')->load($epalUser->user_id->target_id);
if ($user) {
// $user->setPassword('harispass');
// $user->setUsername('harisp');
$user->setPassword($epalToken);
$user->setUsername($epalToken);
$user->save();
......@@ -189,14 +187,12 @@ class CBController extends ControllerBase
$user->addRole('applicant');
$user->save();
$users = $this->entityTypeManager->getStorage('user')->loadByProperties(array('mail' => $unique_id));
$user = reset($users);
if ($user) {
$this->logger->warning('userid 190='.$user->id().'*** name='.$user->name->value);
$epalUser = $this->entityTypeManager()->getStorage('epal_users')->create(array(
// 'langcode' => $language_interface->getId(),
'langcode' => 'el',
'user_id' => $user->id(),
'drupaluser_id' => $user->id(),
......@@ -225,8 +221,7 @@ class CBController extends ControllerBase
}
$this->oauthostSession->set('authtoken', $epalToken);
$this->oauthostSession->save();
// $this->oauthostSession->delete();
// $this->oauthostSession->delete();
return $epalToken;
} catch (OAuthException $e) {
......
<?php
namespace Drupal\oauthost\Controller;
<?php namespace Drupal\oauthost\Controller;
use Drupal\Core\Entity\Query\QueryFactory;
use Drupal\Core\Entity\EntityTypeManagerInterface;
......@@ -16,11 +14,11 @@ use Symfony\Component\HttpFoundation\RedirectResponse;
class OAuthLogout extends ControllerBase
{
protected $entity_query;
protected $entityTypeManager;
protected $logger;
protected $connection;
protected $consumer_key = '';
protected $consumer_secret = '';
protected $request_token_url;
......@@ -33,10 +31,7 @@ class OAuthLogout extends ControllerBase
protected $redirect_url;
public function __construct(
EntityTypeManagerInterface $entityTypeManager,
QueryFactory $entity_query,
Connection $connection,
LoggerChannelFactoryInterface $loggerChannel)
EntityTypeManagerInterface $entityTypeManager, QueryFactory $entity_query, Connection $connection, LoggerChannelFactoryInterface $loggerChannel)
{
$this->entityTypeManager = $entityTypeManager;
$this->entity_query = $entity_query;
......@@ -47,17 +42,14 @@ class OAuthLogout extends ControllerBase
public static function create(ContainerInterface $container)
{
return new static(
$container->get('entity.manager'),
$container->get('entity.query'),
$container->get('database'),
$container->get('logger.factory')
$container->get('entity.manager'), $container->get('entity.query'), $container->get('database'), $container->get('logger.factory')
);
}
public function logoutGo(Request $request)
{
$trx = $this->connection->startTransaction();
try {
$user = null;
$username = $request->headers->get('PHP_AUTH_USER');
......@@ -67,12 +59,15 @@ class OAuthLogout extends ControllerBase
if ($this->oauthostSession) {
$configRowName = $this->oauthostSession->configrowname->value;
} else {
$trx->rollback();
$this->logger->warning("oauthostSession for [{$username}] not set");
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
$response->headers->set('Content-Type', 'application/json');
return $response;
}
$ostauthConfigs = $this->entityTypeManager->getStorage('oauthost_config')->loadByProperties(array('name' => $configRowName));
$ostauthConfig = reset($ostauthConfigs);
if ($ostauthConfig) {
......@@ -87,6 +82,8 @@ class OAuthLogout extends ControllerBase
$this->logout_url = $ostauthConfig->logout_url->value;
$this->redirect_url = $ostauthConfig->redirect_url->value;
} else {
$trx->rollback();
$this->logger->warning("ostauthConfig [{$configRowName}]not found");
$response = new Response();
$response->setContent('forbidden');
$response->setStatusCode(Response::HTTP_FORBIDDEN);
......@@ -94,39 +91,31 @@ class OAuthLogout extends ControllerBase
return $response;
}
$epalUsers = $this->entityTypeManager->getStorage('epal_users')->loadByProperties(array('authtoken' => $username));
$epalUsers = $this->entityTypeManager
->getStorage('epal_users')
->loadByProperties(array('authtoken' => $username));
$epalUser = reset($epalUsers);
$foundUser = true;
$foundUser = false;
if ($epalUser) {
$user = $this->entityTypeManager->getStorage('user')->load($epalUser->user_id->target_id);
$user = $this->entityTypeManager
->getStorage('user')
->load($epalUser->user_id->target_id);
$logout_token = $epalUser->getRequesttoken();
if ($user) {
$res = \Drupal::httpClient()->get($this->logout_url . $username, array('headers' => array('Accept' => 'text/plain')));
/* $resData = (string) $res->getBody();
if (empty($resData)) {
return FALSE;
} */
// if ($res->getStatusCode() === "200")
$user->setPassword(uniqid('pw'));
$user->save();
$epalUser->set('accesstoken', '-');
$epalUser->set('accesstoken_secret', '-');
$epalUser->set('authtoken','-');
$epalUser->set('requesttoken','-');
$epalUser->set('authtoken', '-');
$epalUser->set('requesttoken', '-');
$epalUser->set('requesttoken_secret', '-');
$epalUser->save();
} else {
$foundUser = false;
$foundUser = true;
}
} else {
$foundUser = false;
}
if (!$foundUser) {
$trx->rollback();
$this->logger->warning("user not found");
$response = new Response();
$response->setContent('forbidden');
......@@ -134,18 +123,34 @@ class OAuthLogout extends ControllerBase
$response->headers->set('Content-Type', 'application/json');
return $response;
}
// logout from remote host
$logout_call_url = "{$this->logout_url}{$logout_token}";
if (($ch = curl_init()) !== false) {
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $logout_call_url);
$remote_logout_result = curl_exec($ch);
if ($remote_logout_result === false) {
// record failure
$this->logger->warning("OAUTH remote logout call to [{$logout_call_url}] fail: " . curl_error($ch));
}
curl_close($ch);
} else {
$this->logger->warning("OAUTH remote logout to [{$logout_call_url}] not called");
}
session_unset();
session_destroy();
\Drupal::service('page_cache_kill_switch')->trigger();
$this->oauthostSession->delete();
$this->logger->info("OAUTH remote logout success for [{$username}]");
$response = new Response();
$response->setContent('logout successful');
$response->setContent("{\"message\": \"Server logout successful\",\"next\": \"{$this->redirect_url}\"}");
$response->setStatusCode(Response::HTTP_OK);
$response->headers->set('Content-Type', 'application/json');
$this->oauthostSession->delete();
return $response;
// return new RedirectResponse($this->redirect_url . '&auth_role=', 302, []);
return $response;
} catch (Exception $e) {
$this->logger->warning($e->getMessage());
$response = new Response();
......@@ -156,5 +161,4 @@ class OAuthLogout extends ControllerBase
return $response;
}
}
}
<?php
namespace Drupal\oauthost\Entity;
<?php namespace Drupal\oauthost\Entity;
use Drupal\Core\Entity\EntityStorageInterface;
use Drupal\Core\Field\BaseFieldDefinition;
......@@ -55,6 +53,7 @@ use Drupal\user\UserInterface;
*/
class OAuthOSTConfig extends ContentEntityBase implements OAuthOSTConfigInterface
{
use EntityChangedTrait;
/**
......
......@@ -56,6 +56,27 @@ import {
</form>
</div>
<div id="checksaved" (onHidden)="onHidden('#checksaved')"
class="modal fade" tabindex="-1" role="dialog" aria-hidden="true">
<div class="modal-dialog modal-lg">
<div class="modal-content">
<div class="modal-header modal-header-danger">
<h3 class="modal-title pull-left"><i class="fa fa-check-square-o"></i>&nbsp;&nbsp;Πρέπει να συπληρώσετε όλα τα πεδία</h3>
<button type="button" class="close pull-right" aria-label="Close" (click)="hideModal('#checksaved')">
<span aria-hidden="true"><i class="fa fa-times"></i></span>
</button>
</div>
<div class="modal-body">
<p>Η αποθήκευση δε μπορεί να γίνει αν δεν συμπληρώσετε όλα τα στοιχεία της φόρμας!</p>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default pull-left" data-dismiss="modal">Κλείσιμο</button>
</div>
</div>
</div>
</div>
<div id="capacitysaved" (onHidden)="onHidden('#capacitysaved')"
class="modal fade" tabindex="-1" role="dialog" aria-hidden="true">
<div class="modal-dialog modal-lg">
......@@ -77,6 +98,9 @@ import {
</div>
`
})
......@@ -98,6 +122,9 @@ import {
private classCapacity$: BehaviorSubject<any>;
private classCapacitySub: Subscription;
private retrievedStudent: BehaviorSubject<boolean>;
private modalTitle: BehaviorSubject<string>;
private modalText: BehaviorSubject<string>;
private modalHeader: BehaviorSubject<string>;
......@@ -114,6 +141,9 @@ import {
this.selectionCClass = new BehaviorSubject(false);
this.retrievedStudent = new BehaviorSubject(false);
this.School$ = new BehaviorSubject([{}]);
this.modalTitle = new BehaviorSubject("");
this.modalText = new BehaviorSubject("");
this.modalHeader = new BehaviorSubject("");
this.formGroup = this.fb.group({
tomeas: ['', []],
taxi: ['', []],
......@@ -155,6 +185,7 @@ import {
ngOnInit() {
(<any>$('#capacitysaved')).appendTo("body");
(<any>$('#checksaved')).appendTo("body");
this.retrievedStudent.next(false);