1222 lines
36 KiB
PHP
Raw Normal View History

2014-05-22 14:48:08 +00:00
<?php
2014-05-29 20:13:58 +00:00
require_once __DIR__ . '/Types.php';
2014-05-22 14:48:08 +00:00
2014-05-29 20:13:58 +00:00
class Gestion extends Scores_Ws_Server
2014-05-22 14:48:08 +00:00
{
2014-07-18 15:03:49 +00:00
/**
* Authentication
* @param string $app
2014-10-30 16:53:52 +00:00
* Application name (extranet | odea | starlinks)
2014-07-18 15:03:49 +00:00
* @param string $ip
2014-10-30 16:53:52 +00:00
* IPv4 ou IPv6
2014-07-18 15:03:49 +00:00
* @param string $browser
2014-10-30 16:53:52 +00:00
* User agent string
2014-07-18 15:03:49 +00:00
*/
2014-05-22 14:48:08 +00:00
public function loginAuthenticate($app, $ip = null, $browser = null)
{
2014-10-30 16:53:52 +00:00
switch ($app) {
case 'extranet':
2014-11-06 14:12:59 +00:00
$this->authApp = 'extranet';
$this->authIp = $ip;
2014-10-30 16:53:52 +00:00
break;
case 'odea':
2014-11-06 14:12:59 +00:00
$this->authApp = 'odea';
$this->authIp = $ip;
2014-10-30 16:53:52 +00:00
break;
2014-12-01 09:16:15 +00:00
case 'starlinks':
$this->authApp = 'starlinks';
$this->authIp = $ip;
break;
2014-10-30 16:53:52 +00:00
}
2014-11-06 14:12:59 +00:00
//Authentification des applications par login
$this->authenticate();
2014-07-18 15:03:49 +00:00
2014-11-06 14:12:59 +00:00
//Check App authorization - Find Service parameters
$serviceM = new Application_Model_Sdv1ClientsServices();
$sql = $serviceM->select()
->where('IdClient=?', $this->User->idClient)
->where('Code=?', $this->User->serviceCode);
$serviceParams = $serviceM->fetchRow($sql);
2014-10-30 16:53:52 +00:00
//Save information in database
2014-11-06 14:12:59 +00:00
//id, clientId, userId, login, ip, userAgent, dateLogin
2014-10-30 16:53:52 +00:00
2014-07-18 15:03:49 +00:00
//Retourne un minimum d'information pour les applications
2014-11-06 14:12:59 +00:00
//login
//civilite
//nom
//prenom
//email
//profil
//pref
//droits
//typeScore
//acceptationCGU
2014-10-30 16:53:52 +00:00
2014-05-22 14:48:08 +00:00
}
2014-11-12 15:14:03 +00:00
/**
* Authentication by key
* @param string $app
*/
protected function keyAuthenticate($app)
2014-05-22 14:48:08 +00:00
{
//Authentification par clé - @define
2014-11-12 15:14:03 +00:00
$this->authApp = 'extranet';
//Reception du login
//Reception de la clé (key:md5(login + '|' + key))
//Vérification nécessaire : application - enable - date debut - date fin
2014-05-22 14:48:08 +00:00
}
2014-12-01 09:16:15 +00:00
/**
* Authentication by SSO
* @param int $client
* @param string $login
* @param string $token
* @param AuthParam[] $params
* @throws SoapFault
* @return mixed
* Retourne FALSE or HASH to connect
2014-12-01 09:16:15 +00:00
*/
public function ssoAuthenticate($client, $login, $token, $params)
{
/**
* login ?
* nom@mon.tld => extract nom
*/
$part = strstr($login, '@', true);
if ($part !== false) {
$login = $part;
}
/**
2014-12-01 09:16:15 +00:00
* Extract login from database
*/
try {
$userM = new Application_Model_Sdv1Utilisateurs();
$sql = $userM->select()
->setIntegrityCheck(false)
->from(array('u'=>'utilisateurs'), array('u.login', 'u.idClient', 'u.actif',))
->join(array('c'=>'clients'), 'u.idClient = c.id', array('c.actif AS clientActif'))
->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service AS serviceCode'))
->where('u.login=?', $login)
->where('c.id=?', $client);
$result = $userM->fetchRow($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient==1) {
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
2014-12-01 09:16:15 +00:00
/**
* Client disable
*/
if ( $result !== null && $result->clientActif == 'Non') {
throw new SoapFault('SSO', 'Compte client inactif'); //Client désactivé
}
/**
* No user
*/
if ( null === $result ) {
return false; //Utilisateur inexistant
}
/**
* User not activated
*/
if ( $result->actif == 0) {
throw new SoapFault('SSO', 'Utilisateur non activé'); //Utilisateur non activé
}
/**
* Process token - uniquement compatible In Extenso
2014-12-01 09:16:15 +00:00
*/
$key = 'rh5s4z';
$maxTime = time() + (15 * 60);
foreach ($params as $param) {
if ($param->label == 'time') {
$time = $params->value;
}
}
/**
* Limite de temps
*/
if ($time > $maxTime) {
throw new SoapFault('SSO', 'Délai dépassé pour la connexion'); //Limite de temps dépassé pour la connexion
}
/**
* Check token
*/
$data = $login . '/' . $time . '/' . $key;
$internalToken = hash('sha256', $data);
if ($internalToken == $token) {
//Generate random password
$hash = password_hash ( uniqid() , PASSWORD_BCRYPT );
$userM->update(array('password' => $hash), 'id='.$result->id);
return $hash;
}
throw new SoapFault('SSO', 'Token invalide'); //Token invalide
}
/**
* Liste des clients
* @throws SoapFault
* @return Client[]
*/
public function getClients()
{
$this->authenticate();
if ( $this->User->idClient != 1 ) {
throw new SoapFault('ERR', 'Accès non authorisé');
}
$clientM = new Application_Model_Sdv1Clients();
$sql = $clientM->select(true)->columns(array(
'nom AS Nom',
'LPAD(siren,9,0) AS Siren',
'LPAD(nic,5,0) AS Nic',
'IF(actif="Oui",1,0) AS Actif',
'IF(test="Oui",1,0) AS Test'
))->where('actif=?', 'Oui');
$result = $clientM->fetchAll($sql);
if ( count($result) > 0 ) {
foreach ( $result as $item ) {
$client = new Client();
$client->Nom = $item->Nom;
$client->Siren = $item->Siren;
$client->Nic = $item->Nic;
$client->Actif = $item->Actif;
$client->Test = $item->Test;
$clients[] = $client;
}
}
return $clients;
}
2014-07-18 15:03:49 +00:00
/**
* Information client
2014-10-30 16:53:52 +00:00
* @param int $id
* ID du client
2014-07-18 15:03:49 +00:00
* @throws SoapFault
* @return Client
*/
public function getClient($id = null)
2014-05-22 14:48:08 +00:00
{
2014-07-18 15:03:49 +00:00
$this->authenticate();
2014-05-29 20:13:58 +00:00
if ( $id === null || $this->User->idClient != 1 ) {
$id = $this->User->idClient;
2014-07-18 15:03:49 +00:00
}
2014-05-29 20:13:58 +00:00
2014-07-18 15:03:49 +00:00
$clientM = new Application_Model_Sdv1Clients();
$sql = $clientM->select(true)->columns(array(
'nom AS Nom',
'LPAD(siren,9,0) AS Siren',
'LPAD(nic,5,0) AS Nic',
'IF(actif="Oui",1,0) AS Actif',
'IF(test="Oui",1,0) AS Test'
))->where('id=?', $id);
$result = $clientM->fetchRow($sql);
2014-05-29 20:13:58 +00:00
2014-07-18 15:03:49 +00:00
if ( $result === null ) {
throw new SoapFault('ERR', 'Information client introuvable.');
}
2014-05-22 14:48:08 +00:00
2014-07-18 15:03:49 +00:00
$client = new Client();
$client->Nom = $result->Nom;
$client->Siren = $result->Siren;
$client->Nic = $result->Nic;
$client->Actif = $result->Actif;
$client->Test = $result->Test;
return $client;
2014-05-22 14:48:08 +00:00
}
2014-10-30 16:53:52 +00:00
/**
* Information client avec la liste des services
* @param int $id
* ID du client
* @throws SoapFault
* @return ClientServices
*/
public function getClientServices($id = null)
{
$this->authenticate();
if ( $id === null || $this->User->idClient != 1 ) {
$id = $this->User->idClient;
}
$clientM = new Application_Model_Sdv1Clients();
2014-11-06 14:12:59 +00:00
$sql = $clientM->select()->from($clientM, array(
2014-10-30 16:53:52 +00:00
'nom AS Nom',
'LPAD(siren,9,0) AS Siren',
'LPAD(nic,5,0) AS Nic',
'IF(actif="Oui",1,0) AS Actif',
'IF(test="Oui",1,0) AS Test'
))->where('id=?', $id);
$result = $clientM->fetchRow($sql);
if ( $result === null ) {
throw new SoapFault('ERR', 'Information client introuvable.');
}
2014-11-06 14:12:59 +00:00
$client = new ClientServices();
2014-10-30 16:53:52 +00:00
$client->Nom = $result->Nom;
$client->Siren = $result->Siren;
$client->Nic = $result->Nic;
$client->Actif = $result->Actif;
$client->Test = $result->Test;
//Get Services
$serviceM = new Application_Model_Sdv1ClientsServices();
2014-11-06 14:12:59 +00:00
$sql = $serviceM->select()
->from($serviceM, array('id', 'Code', 'Label', 'Editable', 'Active'))
2014-10-30 16:53:52 +00:00
->where('Deleted=?', 0)
2014-11-06 14:12:59 +00:00
->where('IdClient=?', $id);
2014-10-30 16:53:52 +00:00
$result = $serviceM->fetchAll($sql);
$services = array();
if (count($result) > 0) {
foreach ($result as $item) {
$clientService = new ClientServicesList();
2014-11-06 14:12:59 +00:00
$clientService->id = $item->id;
$clientService->Code = $item->Code;
$clientService->Label = $item->Label;
$clientService->Editable = $item->Editable;
$clientService->Active = $item->Active;
2014-10-30 16:53:52 +00:00
$services[] = $clientService;
}
}
$client->Services = $services;
return $client;
}
2014-07-18 15:03:49 +00:00
protected function getContrats()
2014-05-22 14:48:08 +00:00
{
//Liste des contrats, par service résumé
2014-06-04 15:49:06 +00:00
//Vérification des droits d'utilisation
if ( $this->User->profil != 'Administrateur' ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-05-22 14:48:08 +00:00
}
2014-07-18 15:03:49 +00:00
protected function getContrat($id)
2014-05-22 14:48:08 +00:00
{
//Détail d'un contrat
2014-06-04 15:49:06 +00:00
//Vérification des droits d'utilisation
if ( $this->User->profil != 'Administrateur' ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-05-22 14:48:08 +00:00
}
2014-06-04 15:49:06 +00:00
/**
* Liste des services
* @param string $client
* Id client
* @return ServiceList[]
*/
2014-05-22 14:48:08 +00:00
public function getServices($client = null)
{
//Liste des services
$this->authenticate();
if ( $client === null ) {
$client = $this->User->idClient;
2014-05-22 14:48:08 +00:00
}
2014-06-04 15:49:06 +00:00
//Uniquement si l'utilisateur est administrateur et dans le service DEFAULT
if ( $this->User->profil != 'Administrateur' ) {
2014-07-18 15:03:49 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-06-04 15:49:06 +00:00
2014-05-22 14:48:08 +00:00
$serviceM = new Application_Model_Sdv1ClientsServices();
2014-05-29 20:13:58 +00:00
$sql = $serviceM->select()
->where('IdClient=?', $client)
->where('Deleted=0');
$result = $serviceM->fetchAll($sql);
$services = array();
2014-06-04 15:49:06 +00:00
if ( count($result) > 0 ) {
2014-07-18 15:03:49 +00:00
foreach ( $result as $item ) {
$service = new ServiceList();
$service->id = $item->id;
$service->IdClient = $item->IdClient;
$service->Code = $item->Code;
$service->Label = $item->Label;
$service->TypeCompte = $item->TypeCompte;
$service->TypeAcces = $item->TypeAcces;
$service->TypeScore = $item->TypeScore;
$service->Timeout = $item->Timeout;
$service->Editable = $item->Editable;
$service->Active = $item->Active;
$service->DateInsert = $item->DateInsert;
$service->DateUpdate = $item->DateUpdate;
$services[] = $service;
}
2014-05-22 14:48:08 +00:00
}
2014-05-29 20:13:58 +00:00
return $services;
2014-05-22 14:48:08 +00:00
}
2014-06-04 15:49:06 +00:00
/**
* Détail d'un service
* @param int $id
* @throws SoapFault
* @return Service
*/
2014-05-22 14:48:08 +00:00
public function getService($id)
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
$client = $this->User->idClient;
2014-06-04 15:49:06 +00:00
2014-05-22 14:48:08 +00:00
//Détail d'un service
2014-06-04 15:49:06 +00:00
$serviceM = new Application_Model_Sdv1ClientsServices();
$sql = $serviceM->select()
2014-12-01 09:16:15 +00:00
->where('IdClient=?', $client)
->where('Deleted=?', 0)
->where('id=?', $id);
2014-06-04 15:49:06 +00:00
$result = $serviceM->fetchRow($sql);
if ( $result === null ) {
throw new SoapFault('ERR', 'Service introuvable.');
}
$output = new Service();
2014-07-18 15:03:49 +00:00
$output->id = $result->id;
$output->Code = $result->Code;
$output->Label = $result->Label;
$output->TypeCompte = $result->TypeCompte;
$output->TypeAcess = $result->TypeAcess;
$output->TypeScore = $result->TypeScore;
$output->Timeout = $result->Timeout;
$output->Editable = $result->Editable;
$output->Active = $result->Active;
$output->DateInsert = $result->DateInsert;
$output->DateUpdate = $result->DateUpdate;
2014-06-04 15:49:06 +00:00
//Droits
$output->Acces = array();
$serviceDroitsM = new Application_Model_Sdv1ClientsServicesDroits();
$sql = $serviceDroitsM->select()
->where('IdClient=?', $client)
->where('Service=?', $serviceCode);
$result = $serviceDroitsM->fetchAll($sql);
if ( count($result)>0 ) {
foreach ( $result as $item ) {
2014-07-18 15:03:49 +00:00
$acces = new AccesDetails();
$acces->Code = $item->Acces;
$acces->Label = $this->listeDroits[$item->Acces];
$output->Acces[] = $acces;
2014-06-04 15:49:06 +00:00
}
}
//IP
$output->IP = array();
$serviceIPM = new Application_Model_Sdv1ClientsServicesIP();
$sql = $serviceIPM->select()
->where('IdClient=?', $client)
->where('Service=?', $serviceCode);
$result = $serviceDroitsM->fetchAll($sql);
if ( count($result)>0 ) {
foreach ( $result as $item ) {
$output->IP[] = $item->IP;
}
}
return $output;
2014-05-22 14:48:08 +00:00
}
2014-07-18 15:03:49 +00:00
protected function getServiceConso($id){}
protected function getServiceLogByFile(){}
2014-06-04 15:49:06 +00:00
/**
* Modification des éléments d'un service par un administrateur
* @param string $code Element à modifier (label | active | delete)
* @param mixed $value Valeur
* @param string $id Id du service
* @throws SoapFault
* @return boolean
*/
2014-07-18 15:03:49 +00:00
public function setService($code, $value, $id)
2014-05-22 14:48:08 +00:00
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
//Vérification des droits d'utilisation
if ( $this->User->profil != 'Administrateur' ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
$client = $this->User->idClient;
2014-06-04 15:49:06 +00:00
2014-05-22 14:48:08 +00:00
//Définir les éléments du service
2014-06-04 15:49:06 +00:00
$serviceM = new Application_Model_Sdv1ClientsServices();
$sql = $serviceM->select()
->where('IdClient=?', $client)
->where('Deleted=?', 0)
->where('id=?', $id);
$result = $serviceM->fetchRow($sql);
if ( $result === null ) {
throw new SoapFault('ERR', 'Service introuvable.');
}
if ( $result->Editable == 0) {
throw new SoapFault('MSG', "Impossible d'éditer le service");
}
$data = json_decode($data);
$dataToUpdate = array();
//Suppression d'un service
if ( $code == 'delete' && $value==1 ) {
$dataToUpdate = array('Deleted'=>1);
}
if ( $code == 'active' && in_array($value,array(0,1)) ) {
$dataToUpdate = array('Active'=>$value);
}
if ( $code == 'label' && is_string($value) ) {
$dataToUpdate = array('Label'=>$value);
}
if ( count($dataToUpdate) > 0 ) {
$dataToUpdate['DateUpdate'] = date('Y-m-d H:i:s');
try {
$serviceM->update($dataToUpdate, 'id='.$id);
return true;
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient==1) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
}
return false;
2014-05-22 14:48:08 +00:00
}
2014-06-04 15:49:06 +00:00
/**
* Définit les paramètres d'un service
* @param string $type
* @param string $value
* @param string $id
* @throws SoapFault
* @return boolean
*/
2014-07-18 15:03:49 +00:00
public function setServiceParam($type, $value, $id, $delete = false)
2014-05-22 14:48:08 +00:00
{
//Définir un paramètre du service
2014-06-04 15:49:06 +00:00
$this->authenticate();
//Vérification des droits d'utilisation
if ( $this->User->profil != 'Administrateur' ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
$client = $this->User->idClient;
2014-06-04 15:49:06 +00:00
$serviceM = new Application_Model_Sdv1ClientsServices();
$sql = $serviceM->select()
->where('IdClient=?', $client)
->where('Deleted=?', 0)
->where('id=?', $id);
$result = $serviceM->fetchRow($sql);
if ( $result === null ) {
throw new SoapFault('ERR', 'Service introuvable.');
}
if ( $result->Editable == 0) {
throw new SoapFault('MSG', "Impossible d'éditer le service");
}
2014-07-18 15:03:49 +00:00
//Acces
2014-06-04 15:49:06 +00:00
if ( $type == 'acces' ) {
if ( in_array($value, $this->listeDroits) ) {
}
}
2014-07-18 15:03:49 +00:00
//IP
2014-06-04 15:49:06 +00:00
if ( $type == 'ip' ) {
2014-07-18 15:03:49 +00:00
if ( $delete ) {
2014-06-04 15:49:06 +00:00
2014-07-18 15:03:49 +00:00
} else {
//Control de la plage IP ou de l'IP
$validate = new Zend_Validate_Ip();
2014-10-30 16:53:52 +00:00
if ( $validate->isValid($value) ) {
2014-07-18 15:03:49 +00:00
}
}
2014-06-04 15:49:06 +00:00
}
return false;
2014-05-22 14:48:08 +00:00
}
2014-06-04 15:49:06 +00:00
/**
* Liste des utilisateurs
* @param int $actif (0|1)
* @param string $service Code du service
* @param string $client Id du client
* @return UserList[]
*/
2014-05-29 20:13:58 +00:00
public function getUsers($actif = null, $service = null, $client = null)
2014-05-22 14:48:08 +00:00
{
//Liste des utilisateurs - filtre au service
$this->authenticate();
2014-05-29 20:13:58 +00:00
if ( $client === null ) {
$client = $this->User->idClient;
2014-05-29 20:13:58 +00:00
}
2014-07-18 15:03:49 +00:00
//Administrateur
2014-11-12 15:14:03 +00:00
if ( !in_array($this->User->profil, array('Administrateur', 'SuperAdministrateur')) ) {
2014-07-18 15:03:49 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
//Administrateur d'un service
if ( $this->User->Service != '' && $this->User->Service !== null && $this->User->Service !== 'DEFAULT' ) {
$service = $this->User->Service;
2014-07-18 15:03:49 +00:00
}
2014-11-12 15:14:03 +00:00
try {
$userM = new Application_Model_Sdv1Utilisateurs();
$sql = $userM->select()
->setIntegrityCheck(false)
->from(array('u'=>'sdv1.utilisateurs'), array('id','idClient','login','email','civilite','nom','prenom','actif','deleted'))
->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service'))
->joinLeft(array('sd'=>'sdv1.clients_services'), 'sd.Code=s.Service', array('Label'))
->where('u.idClient=?',$client);
2014-05-22 14:48:08 +00:00
2014-11-12 15:14:03 +00:00
if ( $actif !== null && in_array($actif, array(0,1)) ) {
$sql->where('u.actif=?', $actif);
}
$sql->where('u.deleted=?',0);
2014-05-22 14:48:08 +00:00
2014-11-12 15:14:03 +00:00
if ($service == 'DEFAULT') {
$sql->where('(s.Service IS NULL AND u.idClient='.$client.') OR (s.Service IS NOT NULL AND u.idClient='.$client.' AND u.idClient='.$client.' AND sd.idClient='.$client.') OR sd.Code="'.$service.'"');
} else if ( $service !== null ) {
$sql->where('s.Service=?', $service);
}
$result = $userM->fetchAll($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient == 1) {
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
2014-05-29 20:13:58 +00:00
$users = array();
2014-11-12 15:14:03 +00:00
if (count($result) > 0) {
foreach ($result as $item) {
2014-05-29 20:13:58 +00:00
$user = new UserList();
2014-06-04 15:49:06 +00:00
$user->id = $item->id;
2014-05-29 20:13:58 +00:00
$user->IdClient = $item->idClient;
$user->ServiceCode = $item->Service;
$user->ServiceLabel = $item->Label;
$user->Login = $item->login;
$user->Email = $item->email;
$user->Civilite = $item->civilite;
$user->Nom = $item->nom;
$user->Prenom = $item->prenom;
$user->Enable = $item->actif;
$user->Delete = $item->deleted;
$users[] = $user;
2014-11-12 15:14:03 +00:00
2014-05-29 20:13:58 +00:00
}
}
2014-05-22 14:48:08 +00:00
2014-05-29 20:13:58 +00:00
return $users;
2014-05-22 14:48:08 +00:00
}
2014-07-18 15:03:49 +00:00
protected function getUsersByFile($actif = null, $service = null, $client = null)
{
}
/**
* Information Utilisateur
* @param string $id
2014-10-30 16:53:52 +00:00
* ID de l'utilisateur
2014-07-18 15:03:49 +00:00
* @throws SoapFault
* @return User
*/
2014-05-22 14:48:08 +00:00
public function getUser($id = null)
{
//Détail d'un utilisateur
$this->authenticate();
$idClient = $this->User->idClient;
2014-05-22 14:48:08 +00:00
if ( $id === null ) {
$id = $this->User->id;
2014-05-22 14:48:08 +00:00
}
// Get Data
try {
$userM = new Application_Model_Sdv1Utilisateurs();
$sql = $userM->select()->from(array('u'=>'utilisateurs'))
->setIntegrityCheck(false)
->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service'))
->joinLeft(array('sd'=>'sdv1.clients_services'), 'sd.Code=s.Service', array('Label AS ServiceLabel'))
->where('u.id=?', $id);
$user = $userM->fetchRow($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient == 1) {
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
2014-05-22 14:48:08 +00:00
if ( $user === null ) {
2014-05-22 14:48:08 +00:00
throw new SoapFault('ERR', 'Utilisateur inexistant !');
}
2014-07-18 15:03:49 +00:00
// Service
2014-12-01 09:16:15 +00:00
$serviceCode = 'DEFAULT';
$serviceLabel = 'Standard';
if ( $user->Service !== null ) {
$serviceCode = $user->Service;
$serviceLabel = $user->ServiceLabel;
2014-07-18 15:03:49 +00:00
}
$output = new User();
$output->id = $user->id;
$output->IdClient = $user->idClient;
2014-12-01 09:16:15 +00:00
$output->ServiceCode = $serviceCode;
$output->ServiceLabel = $serviceLabel;
2014-07-18 15:03:49 +00:00
$output->Login = $user->login;
$output->Email = $user->email;
$output->Civilite = $user->civilite;
$output->Nom = $user->nom;
$output->Prenom = $user->prenom;
$output->Enable = $user->actif;
$output->Delete = $user->deleted;
2014-07-18 15:03:49 +00:00
// Service - Droits
$acces = array();
try {
$droitsM = new Application_Model_Sdv1ClientsServicesDroits();
2014-12-01 09:16:15 +00:00
$sql = $droitsM->select()->where('IdClient=?', $idClient)->where('Service=?', $serviceCode);
$droits = $droitsM->fetchAll($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient == 1) {
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
2014-07-18 15:03:49 +00:00
}
if ( count($droits) > 0 ) {
2014-07-18 15:03:49 +00:00
foreach ($droits as $item) {
$acces = new Acces();
2014-07-18 15:03:49 +00:00
$acces->Code = $item->Acces;
$acces->Label = $this->listeDroits[$item->Acces];
$output->Acces[] = $acces;
}
}
// Si l'utilisateur a pour Service = DEFAULT et pas de service DEFAULT alors droits de l'utilisateur
if ( count($droits) == 0 ) {
$droits = explode(' ', $user->droits);
foreach ($droits as $item) {
$acces = new Acces();
$acces->Code = $item;
$acces->Label = $this->listeDroits[strtoupper($item)];
$output->Acces[] = $acces;
}
}
2014-07-18 15:03:49 +00:00
// Service - IP
try {
$ipM = new Application_Model_Sdv1ClientsServicesIP();
2014-12-01 09:16:15 +00:00
$sql = $ipM->select()->where('IdClient=?', $idClient)->where('Service=?', $serviceCode);
$ips = $ipM->fetchAll($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient == 1) {
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
2014-07-18 15:03:49 +00:00
if ( count($ips) > 0 ) {
foreach ($ips as $item) {
$output->IP[] = $item;
2014-07-18 15:03:49 +00:00
}
}
2014-05-22 14:48:08 +00:00
2014-07-18 15:03:49 +00:00
return $output;
2014-05-22 14:48:08 +00:00
}
2014-07-18 15:03:49 +00:00
protected function getUserActivity($id = null)
2014-05-22 14:48:08 +00:00
{
//Retourner la liste des dernières connexions
}
2014-07-18 15:03:49 +00:00
/**
* Emails secondaires
* @param int $id
* @throws SoapFault
* @return string[]
*/
2014-05-22 14:48:08 +00:00
public function getUserEmail($id)
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
$idClient = $this->User->idClient;
2014-06-04 15:49:06 +00:00
try {
$emailsM = new Application_Model_Sdv1UtilisateursEmails();
$sql = $emailsM->select()
->where('id=?', $id)
->where('idClient=?', $idClient);
$result = $emailsM->fetchAll($sql);
} catch (Zend_Db_Exception $e) {
if ($this->User->idClient==1) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', $e->getMessage());
} else {
throw new SoapFault('ERR', "Application error");
}
}
$emails = array();
if ( count($result)>0 ) {
foreach ( $result as $item ) {
$email = new Email();
$email->id = $item->id;
$email->value = $item->email;
$emails[] = $email;
}
}
return $emails;
2014-05-22 14:48:08 +00:00
}
2014-10-30 16:53:52 +00:00
protected function getUserLogByFile($id){}
2014-07-18 15:03:49 +00:00
2014-12-01 14:19:08 +00:00
/**
* Définition d'un utilisateur
* @param string $data
* @param int $id
* @throws SoapFault
* @return boolean
*/
public function setUser($data, $id = null)
2014-05-22 14:48:08 +00:00
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
//Vérification des droits de création d'utilisateur
2014-12-01 14:19:08 +00:00
if ( $this->User->id != $id || !in_array($this->User->profil, array('SuperAdministrateur', 'Administrateur')) ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-12-01 14:19:08 +00:00
$infos = json_decode($data);
2014-06-04 15:49:06 +00:00
2014-12-01 14:19:08 +00:00
$userM = new Application_Model_Sdv1Utilisateurs();
2014-06-04 15:49:06 +00:00
2014-12-01 14:19:08 +00:00
$userData = array(
'idClient',
'login',
'email',
'password' => '',
'actif' => 0,
'deleted' => 0,
'typeCompte' => 'PROD',
'filtre_ip' => '',
'civilite' => 'M',
'nom' => '',
'prenom' => '',
'raisonSociale' => '',
'siret' => '000000000',
'adrNum' => null,
'adrIndRep' => null,
'adrTypeVoie' => null,
'adrLibVoie' => '',
'adrCp' => null,
`adrVille` => null,
`adrComp` => '',
'tel' => '',
'fax' => null,
'mobile' => null,
'pref' => '',
'profil' => 'Utilisateur',
'dateInscription' => '0000-00-00 00:00:00',
'dateValidation' => '0000-00-00 00:00:00',
'nombreConnexions' => '0',
'dateDerniereConnexion' => '0000-00-00 00:00:00',
'droits' => '',
'referenceParDefaut' => '',
'nbReponses' => '020',
'lang' => null,
'formatMail' => 'txt1',
'lienExtranetMail' => 0,
'lienSurvFic' => 0,
'idSurvFic' => '',
'loginCptSurvFic' => '',
'listeEven' => '',
'dateDebutCompte' => null,
'dateFinCompte' => null,
'maxFicheId' => null,
'accesWS' => '0',
'rechRefType' => 'UTI',
'acceptationCGU' => null,
);
if ( $id === null ) {
$sql = $userM->select()->where('login=?', $infos->login);
$row = $userM->fetchRow($sql);
//Utilisateur existant
if ( null !== $row ) {
throw new SoapFault('ERR', "User exist");
}
//Prepare data to insert
foreach ($infos as $key => $value) {
if (array_key_exists($key, $userData)) {
$userData[$key] = $value;
}
}
$userData['dateInsert'] = date('YmdHis');
try {
$userM->insert($userData);
} catch (Zend_Db_Exception $e) {
return false;
}
//Définition du service
$serviceM = new Application_Model_Sdv1UtilisateursService();
try {
$serviceM->insert(array(
'login' => $infos->login,
'idClient'=> $infos->idClient,
'Service'=> $infos->Service
));
} catch (Zend_Db_Exception $e) {
return false;
}
return true;
} else {
$sql = $userM->select()->where('id=?', $id);
$row = $userM->fetchRow($sql);
if ( null === $row ) {
throw new SoapFault('ERR', "User doesn't exist");
}
//Prepare data to update
foreach ($row as $key => $value) {
if (array_key_exists($key, $userData)) {
$userData[$key] = $value;
}
}
foreach ($infos as $key => $value) {
if (array_key_exists($key, $userData)) {
$userData[$key] = $value;
}
}
2014-06-04 15:49:06 +00:00
2014-12-01 14:19:08 +00:00
try {
$userM->update($userData, 'id='.$id);
} catch (Zend_Db_Exception $e) {
return false;
}
2014-06-04 15:49:06 +00:00
2014-12-01 14:19:08 +00:00
return true;
}
2014-05-22 14:48:08 +00:00
}
2014-12-01 14:19:08 +00:00
/**
* Création de compte client partenaire
* @param string $data
2014-12-01 14:19:08 +00:00
* @return boolean
*/
public function setUserSSO ( $data )
2014-12-01 09:16:15 +00:00
{
//Check IP application
$ip = $_SERVER['REMOTE_ADDR'];
if ( !in_array($ip, $this->listApplicationIp) ) {
$this->sendError('0901');
}
//Decodage
$infos = json_decode($data);
2014-12-01 14:19:08 +00:00
$userData = array(
'idClient',
'login',
'email',
'password' => '',
2014-12-01 09:16:15 +00:00
'actif' => 0,
2014-12-01 14:19:08 +00:00
'deleted' => 0,
'typeCompte' => 'PROD',
'filtre_ip' => '',
'civilite' => 'M',
'nom' => '',
'prenom' => '',
'raisonSociale' => '',
'siret' => '000000000',
'adrNum' => null,
'adrIndRep' => null,
'adrTypeVoie' => null,
'adrLibVoie' => '',
'adrCp' => null,
`adrVille` => null,
`adrComp` => '',
2014-12-01 09:16:15 +00:00
'tel' => '',
2014-12-01 14:19:08 +00:00
'fax' => null,
'mobile' => null,
'pref' => '',
'profil' => 'Utilisateur',
'dateInscription' => '0000-00-00 00:00:00',
'dateValidation' => '0000-00-00 00:00:00',
'nombreConnexions' => '0',
'dateDerniereConnexion' => '0000-00-00 00:00:00',
'droits' => '',
'referenceParDefaut' => '',
'nbReponses' => '020',
'lang' => null,
'formatMail' => 'txt1',
'lienExtranetMail' => 0,
'lienSurvFic' => 0,
'idSurvFic' => '',
'loginCptSurvFic' => '',
'listeEven' => '',
'dateDebutCompte' => null,
'dateFinCompte' => null,
'maxFicheId' => null,
'accesWS' => '0',
'rechRefType' => 'UTI',
'acceptationCGU' => null,
2014-12-01 09:16:15 +00:00
);
2014-12-01 14:19:08 +00:00
//Prepare data to insert
foreach ($infos as $key => $value) {
if (array_key_exists($key, $userData)) {
$userData[$key] = $value;
}
}
$userData['password'] = password_hash ( uniqid() , PASSWORD_BCRYPT );
2014-12-01 14:19:08 +00:00
$userData['dateInsert'] = date('YmdHis');
2014-12-01 09:16:15 +00:00
//Insertion dans la base de données
try {
$userM = new Application_Model_Sdv1Utilisateurs();
2014-12-01 14:19:08 +00:00
$userM->insert($userData);
2014-12-01 09:16:15 +00:00
} catch ( Zend_Db_Exception $e ) {
2014-12-01 14:19:08 +00:00
return false;
2014-12-01 09:16:15 +00:00
}
2014-12-01 14:19:08 +00:00
//Définition du service
$serviceM = new Application_Model_Sdv1UtilisateursService();
try {
$serviceM->insert(array(
'login' => $infos->login,
'idClient'=> $infos->idClient,
'Service'=> $infos->Service
));
} catch (Zend_Db_Exception $e) {
return false;
}
2014-12-01 09:16:15 +00:00
2014-12-01 14:19:08 +00:00
return true;
2014-12-01 09:16:15 +00:00
}
2014-07-18 15:03:49 +00:00
protected function setUserService($service, $id)
2014-05-22 14:48:08 +00:00
{
2014-06-04 15:49:06 +00:00
//Déplacer un utilisateur de service - ne pas activer tout de suite
2014-05-22 14:48:08 +00:00
}
2014-10-30 16:53:52 +00:00
public function setUserEmail($id, $email, $op = null)
2014-05-22 14:48:08 +00:00
{
2014-10-30 16:53:52 +00:00
//Which operation
switch ( $op ) {
//Ajouter un email secondaire
case null:
case 'add':
break;
//Supprimer un email secondaire
case 'del':
break;
}
2014-05-22 14:48:08 +00:00
}
/**
* Change password
* @param string $password
* @param int $id
* @throws SoapFault
* @return boolean
*/
public function setUserPassword($password, $id = null)
2014-05-22 14:48:08 +00:00
{
$this->authenticate();
if ( $id === null ) {
$id = $this->User->id;
} elseif ( $id !== null && $this->User->profil != 'Administrateur' ) {
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-12-01 14:19:08 +00:00
//@todo : Prise en compte de la version
//Changer le mot de passe
$userM = new Application_Model_Sdv1Utilisateurs();
$result = $userM->update(array('password'=>$password), 'id='.$id);
if ( $result == 1 ) {
return true;
}
return false;
2014-05-22 14:48:08 +00:00
}
2014-07-18 15:03:49 +00:00
public function getCategory()
{
$output = array();
foreach ( $this->listeCategory as $code => $desc ) {
$c = new AccesCategory();
$c->Code = $code;
$c->Label = $desc['label'];
$c->Acces = $desc['droits'];
2014-07-18 15:03:49 +00:00
$output[] = $c;
}
return $output;
}
2014-05-22 14:48:08 +00:00
2014-07-18 15:03:49 +00:00
protected function getAccess()
2014-05-22 14:48:08 +00:00
{
//Liste des accès - Code, Label, Category, Description,
}
2014-07-18 15:03:49 +00:00
protected function getPref()
2014-05-22 14:48:08 +00:00
{
//Liste des préférences - Code, Label, Description, Values
}
protected function setPref(){}
2014-07-18 15:03:49 +00:00
/**
* Acceptation des CGUs
* @param string $app
* @throws SoapFault
* @return boolean
*/
public function setCGU($app = null)
2014-05-22 14:48:08 +00:00
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
2014-07-18 15:03:49 +00:00
$id = $this->User->id;
2014-07-18 15:03:49 +00:00
try {
$userM = new Application_Model_Sdv1Utilisateurs();
$data = array('acceptationCGU' => date('YmdHis'));
$result = $userM->update($data, 'id='.$idUser);
} catch (Zend_Db_Exception $e) {
throw new SoapFault('Erreur', $e->getMessage());
} catch (Zend_Exception $e) {
throw new SoapFault('Erreur', $e->getMessage());
}
if ( 1 == $result ) {
return true;
}
return false;
2014-06-04 15:49:06 +00:00
}
2014-07-18 15:03:49 +00:00
protected function setUserEnable($id)
2014-06-04 15:49:06 +00:00
{
2014-10-30 16:53:52 +00:00
//Un administrateur force l'activation d'un utilisateur ?
$userM = new Application_Model_Sdv1Utilisateurs();
2014-10-30 16:53:52 +00:00
//actif = 1
/**
* L'utilisateur n'a pas reçu ou a perdu l'email avec son mot de passe, vous pouvez activez sont compte
* (attention son email ne sera pas validé, et certaines prestations nécessitant un email valide ne peuvent fonctionner)
*/
2014-06-04 15:49:06 +00:00
}
protected function setLinkValidation()
{
//Génération d'un hash pour la validation email
//Database : utilisateurs_validationh [id, ]
//utilisateurs_email => dateValidation + surveillance
//Envoi email avec lien de validation
}
2014-07-18 15:03:49 +00:00
protected function setUserValidation($id)
2014-06-04 15:49:06 +00:00
{
2014-10-30 16:53:52 +00:00
//Un utilisateur valide son compte pour la première connexion et déclenche l'envoi de validation de l'email
//Doit-on demander un nouveau mot de passe ? Est ce que le mot de passe a été générer et envoyé par email .
$userM = new Application_Model_Sdv1Utilisateurs();
//actif = 0
2014-10-30 16:53:52 +00:00
//dateValidation pour email
//Envoi email de validation
//lien + email + login + date + hash ('sha256', string ) => string {idClient}{login}{email}{AAAAMMJJ}
}
protected function setUserEmailValidation($id)
{
//Validation d'un email
//Email secondaire ajouté marqueur dateValidation
2014-05-22 14:48:08 +00:00
}
/**
2014-10-30 16:53:52 +00:00
* Un SuperAdministrateur devenir un utilisateur (pour les tests)
* @param int $id
* @throws SoapFault
*/
2014-07-18 15:03:49 +00:00
protected function setAdminAs($id)
2014-05-22 14:48:08 +00:00
{
2014-06-04 15:49:06 +00:00
$this->authenticate();
//Vérification des droits d'utilisation
if ( $this->User->profil != 'SuperAdministrateur' ) {
2014-06-04 15:49:06 +00:00
throw new SoapFault('ERR', 'Accès non authorisé');
}
2014-05-22 14:48:08 +00:00
// Pour les SuperAdministrateur, voir l'application comme un login (id)
2014-06-04 15:49:06 +00:00
2014-05-22 14:48:08 +00:00
}
}