2014-05-23 10:27:00 +00:00
|
|
|
<?php
|
|
|
|
|
class Scores_Ws_Server
|
|
|
|
|
{
|
|
|
|
|
/**
|
|
|
|
|
* User information
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
2014-08-06 20:27:01 +00:00
|
|
|
protected $User;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Is user authenticated
|
|
|
|
|
* @var boolean
|
|
|
|
|
*/
|
|
|
|
|
protected $authenticated = false;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Authenticated method (Basic, SoapHeader)
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
protected $authMethod = null;
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2014-10-13 09:45:43 +00:00
|
|
|
/**
|
|
|
|
|
* Nom de l'application d'ou provient la demande d'authentification
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
protected $authApp = null;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* IP du client
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
protected $authIp = null;
|
|
|
|
|
|
2014-05-23 10:27:00 +00:00
|
|
|
/**
|
|
|
|
|
* Name of Service
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
public $serviceName = null;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Is a customize service
|
|
|
|
|
* @var boolean
|
|
|
|
|
*/
|
|
|
|
|
public $serviceClient = false;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Name of Client
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
public $serviceClientName = null;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Version of service
|
|
|
|
|
* @var string
|
|
|
|
|
*/
|
|
|
|
|
public $serviceVersion = null;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* List all application IPs
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
|
|
|
|
protected $listApplicationIp = array (
|
|
|
|
|
'195.154.174.221', //Extranet - sd-46528
|
2014-10-06 18:39:52 +00:00
|
|
|
'91.121.157.194', //Extranet - ns359466
|
2014-05-23 10:27:00 +00:00
|
|
|
'78.31.45.206', //SDSL RAMBOUILLET
|
2014-10-16 06:13:47 +00:00
|
|
|
'127.0.0.1',
|
2015-07-06 14:03:16 +00:00
|
|
|
'192.168.33.10',
|
2014-05-23 10:27:00 +00:00
|
|
|
);
|
2015-05-22 07:50:37 +00:00
|
|
|
|
2015-02-06 11:18:03 +00:00
|
|
|
protected $listProxyIp = array(
|
|
|
|
|
'62.210.222.34',
|
|
|
|
|
);
|
2014-05-23 10:27:00 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* List all permission
|
|
|
|
|
* @var array
|
2014-10-06 18:39:52 +00:00
|
|
|
*
|
|
|
|
|
* category
|
|
|
|
|
*
|
|
|
|
|
* acces
|
|
|
|
|
* code | label | category
|
|
|
|
|
*
|
2014-05-23 10:27:00 +00:00
|
|
|
*/
|
|
|
|
|
protected $listeDroits = array (
|
|
|
|
|
|
|
|
|
|
//RECHERCHE
|
|
|
|
|
'RECHCSV' => "Export des résultats de la recherche",
|
|
|
|
|
'IPARI' => "Investigation par l'image IparI©",
|
|
|
|
|
'HISTOBODACC' => "Historique des annonces bodacc",
|
|
|
|
|
'INVESTIG' => "Investigation",
|
|
|
|
|
'SEARCHENT' => "Recherche Entreprise",
|
|
|
|
|
'SEARCHDIR' => "Recherche Dirigeant",
|
|
|
|
|
'SEARCHACT' => "Recherche Actionnaire",
|
|
|
|
|
|
|
|
|
|
//IDENTITE
|
|
|
|
|
'IDENTITE' => "Fiche d'identité",
|
|
|
|
|
'IDPROCOL' => 'Fiche procédure collective',
|
|
|
|
|
'LIENS' => "Liens inter-entreprise",
|
|
|
|
|
'ETABLISSEMENTS' => "Liste des établissements",
|
|
|
|
|
'GROUPE' => "Informations et organigramme du groupe",
|
|
|
|
|
'EVENINSEE' => 'Évènements INSEE',
|
|
|
|
|
'AVISINSEE' => 'Avis de situation INSEE',
|
2015-01-08 14:12:05 +00:00
|
|
|
'AVISRNCS' => 'Avis de situation RNCS',
|
2015-07-03 13:28:52 +00:00
|
|
|
'RNVP' => "Normalisation postale",
|
2014-05-23 10:27:00 +00:00
|
|
|
|
|
|
|
|
//DIRIGEANT
|
|
|
|
|
'DIRIGEANTS' => "Liste des dirigeants",
|
|
|
|
|
'DIRIGEANTSOP' => "Liste des dirigeants opérationnels",
|
|
|
|
|
|
|
|
|
|
//FINANCE
|
|
|
|
|
'SYNTHESE' => "Synthèse",
|
|
|
|
|
'RATIOS' => "Ratios",
|
|
|
|
|
'FLUX' => "Flux de trésorerie",
|
|
|
|
|
'LIASSE' => "Liasse fiscale",
|
|
|
|
|
'LIASSEXLS' => "Export des Liasses au format XLS",
|
|
|
|
|
'UPLOADBILAN' => "Saisie de bilan",
|
|
|
|
|
'BOURSE' => "Bourse & cotations",
|
|
|
|
|
'BANQUE' => "Relations bancaires",
|
|
|
|
|
|
|
|
|
|
//JURIDIQUE
|
|
|
|
|
'ANNONCES' => "Annonces légales",
|
|
|
|
|
'INFOSREG' => "Informations réglementée",
|
|
|
|
|
'COMPETENCES' => "Compétences territoriales",
|
|
|
|
|
'CONVENTIONS' => "Conventions collectives",
|
|
|
|
|
'MARQUES' => "Marques déposées",
|
|
|
|
|
|
|
|
|
|
//EVALUATION
|
|
|
|
|
'INDISCORE' => "indiScore©",
|
|
|
|
|
'INDISCORE2' => "Rapport synthetique",
|
|
|
|
|
'INDISCORE3' => "Rapport complet",
|
|
|
|
|
'INDISCOREP' => "indiScore+",
|
|
|
|
|
'INDISCORE2P' => "Rapport synthetique+",
|
|
|
|
|
'INDISCORE3P' => "Rapport complet+",
|
|
|
|
|
'VALORISATION' => "Valorisation",
|
|
|
|
|
'SCORECSF' => "Score CSF",
|
|
|
|
|
'ENQUETEC' => "Enquête commerciale",
|
|
|
|
|
'AVISCREDIT' => "Avis de crédit personnalisé",
|
|
|
|
|
|
|
|
|
|
//PIECES
|
|
|
|
|
'KBIS' => "Extrait RCS",
|
|
|
|
|
'ACTES' => "Pièces officielles",
|
|
|
|
|
'PRIVILEGES' => "Privilèges",
|
|
|
|
|
|
|
|
|
|
//SURVEILLANCES
|
|
|
|
|
'SURVANNONCE' => "Surveillance des annonces légales",
|
|
|
|
|
'SURVINSEE' => "Surveillance des événements INSEE",
|
|
|
|
|
'SURVBILAN' => "Surveillance des bilans saisies (liasse fiscale)",
|
|
|
|
|
'SURVSCORE' => "Surveillance des événements sur le score",
|
|
|
|
|
'SURVACTES' => "Surveillance des pieces officielles (comptes annuels, actes)",
|
|
|
|
|
'SURVDIRIGEANTS'=> "Surveillance des dirigeants",
|
|
|
|
|
'SURVPAIEMENTS' => "Surveillance des paiements",
|
|
|
|
|
'SURVLIENS' => "Surveillance des liens financiers",
|
|
|
|
|
'SURVPRIV' => "Surveillance des privilèges",
|
|
|
|
|
|
|
|
|
|
//OPTIONS
|
|
|
|
|
'MONPROFIL' => "Mon profil",
|
|
|
|
|
'EDITION' => "Mode Edition",
|
|
|
|
|
'PORTEFEUILLE' => "Portefeuille",
|
|
|
|
|
'SURVLISTE' => "Liste des surveillances",
|
|
|
|
|
|
|
|
|
|
//DIVERS
|
|
|
|
|
'INTERNATIONAL' => "Recherche Internationale",
|
|
|
|
|
'BDF' => "Banque de France",
|
|
|
|
|
'WORLDCHECK' => "World-Check Risk Intelligence",
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
protected $listeCategory = array(
|
|
|
|
|
'RECHERCHE' => array(
|
|
|
|
|
'label' => "Recherche",
|
|
|
|
|
'droits' => array('RECHCSV', 'IPARI', 'HISTOBODACC', 'INVESTIG', 'SEARCHENT',
|
|
|
|
|
'SEARCHDIR', 'SEARCHACT'),
|
|
|
|
|
),
|
|
|
|
|
'IDENTITE' => array(
|
|
|
|
|
'label' => "Identité",
|
|
|
|
|
'droits' => array('IDENTITE','IDPROCOL', 'LIENS', 'ETABLISSEMENTS', 'GROUPE',
|
2015-07-03 13:28:52 +00:00
|
|
|
'EVENINSEE', 'AVISINSEE', 'AVISRNCS', 'RNVP'),
|
2014-05-23 10:27:00 +00:00
|
|
|
),
|
|
|
|
|
'DIRIGEANT' => array(
|
|
|
|
|
'label' => "Dirigeant",
|
|
|
|
|
'droits' => array('DIRIGEANTS','DIRIGEANTSOP', 'WORLDCHECK'),
|
|
|
|
|
),
|
|
|
|
|
'FINANCE' => array(
|
|
|
|
|
'label' => 'Elements Financiers',
|
|
|
|
|
'droits' => array('SYNTHESE','RATIOS','FLUX','LIASSE','LIASSEXLS', 'UPLOADBILAN',
|
|
|
|
|
'BOURSE','BANQUE'),
|
|
|
|
|
),
|
|
|
|
|
'JURIDIQUE' => array(
|
|
|
|
|
'label' => 'Elements Juridiques',
|
|
|
|
|
'droits' => array('ANNONCES','INFOSREG','COMPETENCES','CONVENTIONS','MARQUES'),
|
|
|
|
|
),
|
|
|
|
|
'EVALUATION' => array(
|
|
|
|
|
'label' => 'Evaluation',
|
|
|
|
|
'droits' => array('INDISCORE', 'INDISCORE2', 'INDISCORE3', 'INDISCOREP', 'INDISCORE2P',
|
|
|
|
|
'INDISCORE3P','VALORISATION','ENQUETEC','AVISCREDIT'),
|
|
|
|
|
),
|
|
|
|
|
'PIECES' => array(
|
|
|
|
|
'label' => 'Pièces officielles',
|
|
|
|
|
'droits' => array('KBIS', 'ACTES', 'PRIVILEGES'),
|
|
|
|
|
),
|
|
|
|
|
'SURVEILLANCES' => array(
|
|
|
|
|
'label' => 'Surveillances',
|
|
|
|
|
'droits' => array('SURVANNONCE', 'SURVINSEE', 'SURVBILAN', 'SURVSCORE', 'SURVACTES',
|
|
|
|
|
'SURVDIRIGEANTS', 'SURVPAIEMENTS', 'SURVLIENS', 'SURVPRIV',
|
|
|
|
|
),
|
|
|
|
|
),
|
|
|
|
|
'OPTIONS' => array(
|
|
|
|
|
'label' => 'Options',
|
|
|
|
|
'droits' => array('MONPROFIL','SURVLISTE','PORTEFEUILLE','EDITION'),
|
|
|
|
|
),
|
|
|
|
|
'DIVERS' => array(
|
|
|
|
|
'label' => 'Divers',
|
|
|
|
|
'droits' => array('INTERNATIONAL', 'BDF'),
|
|
|
|
|
),
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* List preferences
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
|
|
|
|
protected $listePrefs = array(
|
|
|
|
|
'NAF4' => "Afficher les anciens NAF",
|
|
|
|
|
'NACE' => "Afficher les codes NACES",
|
|
|
|
|
'NEWS' => "Afficher les news Google©",
|
|
|
|
|
'MAPPY' => "Afficher les façades d'immeubles",
|
|
|
|
|
'CARTES' => "Afficher les cartes et les plans",
|
|
|
|
|
'VOIRSURV' => "Afficher les entités sous surveillances",
|
|
|
|
|
'DEMANDEREF' => "Demande de référence par defaut",
|
|
|
|
|
'RECHREF' => "Afficher le formulaire de recherche par référence",
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* List logs for facturation
|
|
|
|
|
* @var array
|
|
|
|
|
*/
|
|
|
|
|
protected $logs = array(
|
|
|
|
|
'identite' => array(
|
|
|
|
|
'label' => "Identité"
|
|
|
|
|
),
|
|
|
|
|
'liens' => array(
|
|
|
|
|
'label' => "Liens Inter-Entreprise"
|
|
|
|
|
),
|
|
|
|
|
'etablissements' => array(
|
|
|
|
|
'label' => "Etablissements"
|
|
|
|
|
),
|
|
|
|
|
'dirigeants' => array(
|
|
|
|
|
'label' => "Dirigeants"
|
|
|
|
|
),
|
|
|
|
|
'annonces' => array(
|
|
|
|
|
'label' => "Annonces légales",
|
|
|
|
|
),
|
|
|
|
|
'indiscore' => array(
|
|
|
|
|
'label' => "Indiscore",
|
|
|
|
|
),
|
|
|
|
|
'indiscorep' => array(
|
|
|
|
|
'label' => "Indiscore+",
|
|
|
|
|
),
|
|
|
|
|
'indiscore2' => array(
|
|
|
|
|
'label' => "Rapport",
|
|
|
|
|
),
|
|
|
|
|
'indiscore2p' => array(
|
|
|
|
|
'label' => "Rapport avec suivi",
|
|
|
|
|
),
|
|
|
|
|
'indiscore3' => array(
|
|
|
|
|
'label' => "Rapport complet",
|
|
|
|
|
),
|
|
|
|
|
'indiscore3p' => array(
|
|
|
|
|
'label' => "Rapport complet avec suivi",
|
|
|
|
|
),
|
|
|
|
|
'evenements' => array(
|
|
|
|
|
'label' => "Modifications Insee",
|
|
|
|
|
),
|
|
|
|
|
'tva' => array(
|
2014-06-17 12:11:01 +00:00
|
|
|
'label' => "Numéro de TVA intracommunautaire",
|
2014-05-23 10:27:00 +00:00
|
|
|
),
|
|
|
|
|
'infosreg' => array(
|
|
|
|
|
'label' => "Informations réglementées",
|
|
|
|
|
),
|
|
|
|
|
'bourse' => array(
|
|
|
|
|
'label' => "Information boursière"
|
|
|
|
|
),
|
|
|
|
|
'bilan' => array(
|
|
|
|
|
'label' => "Liasse fiscale",
|
|
|
|
|
),
|
|
|
|
|
'sirenExiste' => array(
|
|
|
|
|
'label' => "Controle du SIREN",
|
|
|
|
|
),
|
|
|
|
|
'ratios' => array(
|
|
|
|
|
'label' => "Ratios",
|
|
|
|
|
),
|
|
|
|
|
'rapport1' => array(
|
|
|
|
|
'label' => "Rapport complet 1",
|
|
|
|
|
),
|
|
|
|
|
'rapport2' => array(
|
|
|
|
|
'label' => "Rapport complet 2",
|
|
|
|
|
),
|
|
|
|
|
'rapport3' => array(
|
|
|
|
|
'label' => "Rapport complet 3",
|
|
|
|
|
),
|
|
|
|
|
'banque' => array(
|
|
|
|
|
'label' => "Relations banquaires",
|
|
|
|
|
),
|
|
|
|
|
'competences' => array(
|
|
|
|
|
'label' => "Competences territoriales",
|
|
|
|
|
),
|
|
|
|
|
'privdetail' => array(
|
|
|
|
|
'label' => "Détails des privilèges",
|
|
|
|
|
),
|
|
|
|
|
'privcumul' => array(
|
|
|
|
|
'label' => "Privilèges cumulés",
|
|
|
|
|
),
|
|
|
|
|
'conventions' => array(
|
|
|
|
|
'label' => "Conventions collectives",
|
|
|
|
|
),
|
|
|
|
|
'marques' => array(
|
|
|
|
|
'label' => "Marques déposés",
|
|
|
|
|
),
|
|
|
|
|
'kbis' => array(
|
|
|
|
|
'label' => "Extrait RCS",
|
|
|
|
|
),
|
|
|
|
|
'dirigeantsop' => array(
|
|
|
|
|
'label' => "Dirigeants opérationels",
|
|
|
|
|
),
|
|
|
|
|
'groupesarbo' => array(
|
|
|
|
|
'label' => "Arborescence de groupes",
|
|
|
|
|
),
|
|
|
|
|
'groupeinfos' => array(
|
|
|
|
|
'label' => "Informations groupe",
|
|
|
|
|
),
|
|
|
|
|
'valorisation' => array(
|
|
|
|
|
'label' => "Valorisation",
|
|
|
|
|
),
|
2015-07-03 13:28:52 +00:00
|
|
|
'rnvp' => array(
|
|
|
|
|
'label' => "Normalisation postale",
|
|
|
|
|
),
|
2014-05-23 10:27:00 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* List of error code send as SoapFault
|
|
|
|
|
* @var unknown_type
|
|
|
|
|
*/
|
|
|
|
|
public $listError = array(
|
|
|
|
|
'0900' => "Identifiant ou mot de passe incorrect",
|
|
|
|
|
'0901' => "Accès WS non authorisé pour cet utilisateur",
|
|
|
|
|
'0902' => "Méthode non authorisée dans votre profil",
|
|
|
|
|
'0903' => "Période d'accès au service invalide",
|
|
|
|
|
'0904' => "Adresse IP Invalide",
|
|
|
|
|
'0905' => "Accès environnement de test non autorisé",
|
2014-11-07 08:37:08 +00:00
|
|
|
'0906' => "Erreur configuration utilisateur",
|
|
|
|
|
'1010' => "Siren invalide",
|
|
|
|
|
'1011' => "Identifiant invalide",
|
|
|
|
|
'1020' => "Siren inexistant",
|
|
|
|
|
'1021' => "Type d'identifiant inexistant",
|
|
|
|
|
'1030' => "Aucun résultat pour ce siren en base",
|
|
|
|
|
'3000' => "Service disponible",
|
|
|
|
|
'9000' => "Service S&D indisponible",
|
|
|
|
|
'9001' => "Service partenaire indisponible",
|
|
|
|
|
'9002' => "Méthode provisoirement indisponible",
|
|
|
|
|
'9003' => "Version du service désactivé",
|
|
|
|
|
'9004' => "Version du service inexistant",
|
|
|
|
|
'9010' => "Fichier indisponible",
|
|
|
|
|
'9020' => "Requête incorrecte",
|
2014-05-23 10:27:00 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
public function __construct()
|
|
|
|
|
{
|
|
|
|
|
defined('DATETIME')
|
|
|
|
|
|| define ('DATETIME', date('YmdHis'));
|
|
|
|
|
|
|
|
|
|
defined('DATE')
|
|
|
|
|
|| define ('DATE', substr(DATETIME,0,8));
|
|
|
|
|
|
|
|
|
|
defined('TIME')
|
|
|
|
|
|| define ('TIME', substr(DATETIME,8,6));
|
|
|
|
|
|
|
|
|
|
defined('DATE_LISIBLE')
|
|
|
|
|
|| define ('DATE_LISIBLE', substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
|
|
|
|
|
|
|
|
|
|
defined('TIME_LISIBLE')
|
|
|
|
|
|| define ('TIME_LISIBLE', substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Send SoapFault with code and messade define
|
|
|
|
|
* @param string $code
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function sendError($code)
|
|
|
|
|
{
|
|
|
|
|
$message = 'Erreur inconnue';
|
|
|
|
|
if (array_key_exists($code, $this->listError)){
|
|
|
|
|
$message = $this->listError[$code];
|
|
|
|
|
}
|
|
|
|
|
throw new SoapFault($code,$message);
|
|
|
|
|
exit;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Enregistre l'appel utilisateur à une méthode
|
|
|
|
|
* @param $service
|
|
|
|
|
* @param $siret
|
|
|
|
|
* @param $ref
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
protected function wsLog($service, $siret='', $ref='')
|
|
|
|
|
{
|
|
|
|
|
//Is it a test
|
2014-08-06 20:27:01 +00:00
|
|
|
if ( $this->User->clientTest=='Oui' || $this->User->typeCompte=='TEST' ) {
|
2014-05-23 10:27:00 +00:00
|
|
|
$test=1;
|
|
|
|
|
} else {
|
|
|
|
|
$test=0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-03 13:28:52 +00:00
|
|
|
$siren = 0;
|
2014-05-23 10:27:00 +00:00
|
|
|
if ( strlen($siret) == 14 ) {
|
|
|
|
|
$siren = substr($siret,0,9);
|
|
|
|
|
$nic = substr($siret,9,5);
|
|
|
|
|
} elseif ( strlen($siret) == 9 ) {
|
2014-08-06 14:07:08 +00:00
|
|
|
$siren = $siret;
|
|
|
|
|
$nic = '';
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
|
|
|
|
|
2014-07-29 12:54:48 +00:00
|
|
|
// Set data by default
|
2014-05-24 16:57:17 +00:00
|
|
|
$dataInsert = array(
|
2014-08-06 20:27:01 +00:00
|
|
|
'login' => $this->User->login,
|
2014-05-24 16:57:17 +00:00
|
|
|
'page' => $service,
|
|
|
|
|
'params' => $ref,
|
2014-08-06 20:27:01 +00:00
|
|
|
'idClient' => $this->User->idClient,
|
2014-05-24 16:57:17 +00:00
|
|
|
'test' => $test,
|
2014-07-29 12:54:48 +00:00
|
|
|
'actifInsee' => 0,
|
|
|
|
|
'source' => 0,
|
|
|
|
|
'raisonSociale' => '',
|
|
|
|
|
'cp' => '',
|
|
|
|
|
'ville' => '',
|
2014-08-06 20:27:01 +00:00
|
|
|
'ipClient' => $this->User->ipConnexion,
|
2014-05-24 16:57:17 +00:00
|
|
|
);
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2014-05-24 16:57:17 +00:00
|
|
|
$db = Zend_Db_Table_Abstract::getDefaultAdapter();
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2015-05-22 07:50:37 +00:00
|
|
|
$pageRS = array(
|
|
|
|
|
'identite',
|
|
|
|
|
'greffe_bilans',
|
|
|
|
|
'greffe_actes',
|
|
|
|
|
'liens',
|
|
|
|
|
'dirigeants',
|
|
|
|
|
'etablissements',
|
|
|
|
|
'dirigeantsOp',
|
|
|
|
|
'kbis',
|
|
|
|
|
'indiscore',
|
|
|
|
|
'indiscore2',
|
|
|
|
|
'indiscore3',
|
|
|
|
|
'rapport2',
|
|
|
|
|
'rapport3'
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if ( intval($siren)!=0 ) {
|
|
|
|
|
$dataInsert['siren'] = $siren;
|
|
|
|
|
$dataInsert['nic'] = $nic;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if ( intval($siren)!=0 && in_array($service, $pageRS) ) {
|
2014-05-23 10:27:00 +00:00
|
|
|
|
|
|
|
|
$sql = $db->select()->from('jo.etablissements', array('siren', 'nic', 'actif', 'siege', 'raisonSociale',
|
|
|
|
|
'adr_cp', 'adr_ville', 'source'))->where('siren=?', $siren);
|
|
|
|
|
|
|
|
|
|
if ( intval($siren)>1000 && intval($nic)>9 ) {
|
|
|
|
|
$sql->where('nic=?', $nic);
|
|
|
|
|
} elseif ( intval($siren)==0 && $ref>0 ) {
|
|
|
|
|
$sql->where('id=?', $ref);
|
|
|
|
|
} elseif ( intval($siren)>1000 ) {
|
|
|
|
|
$sql->where('siege=1')->order('actif DESC')->order('nic DESC');
|
|
|
|
|
} else {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-24 16:57:17 +00:00
|
|
|
try {
|
|
|
|
|
$result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ);
|
2014-11-14 08:45:56 +00:00
|
|
|
if ( $result !== null ) {
|
|
|
|
|
//file_put_contents('lecture.log', print_r($result,1));
|
|
|
|
|
$dataInsert['raisonSociale'] = $result->raisonSociale;
|
|
|
|
|
$dataInsert['cp'] = $result->adr_cp;
|
|
|
|
|
$dataInsert['ville'] = $result->adr_ville;
|
|
|
|
|
$dataInsert['source'] = $result->source;
|
|
|
|
|
if ( $result->actif == 0 ) {
|
|
|
|
|
$dataInsert['actifInsee'] = 0;
|
|
|
|
|
} elseif ( intval($siren)>1000 ) {
|
|
|
|
|
$dataInsert['actifInsee'] = 1;
|
|
|
|
|
$sql = $db->select()->from('jo.rncs_entrep', 'count(*) AS nb')->where('siren=?', $siren);
|
|
|
|
|
$result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ);
|
|
|
|
|
if ( $result !== null ) {
|
|
|
|
|
if ($result->nb>0 ) {
|
|
|
|
|
$dataInsert['source'] = 5;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-05-24 16:57:17 +00:00
|
|
|
} catch(Zend_Db_Exception $e) {
|
|
|
|
|
//@todo : log exception
|
|
|
|
|
//file_put_contents('test.log', $e->getMessage());
|
|
|
|
|
}
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
try {
|
2014-05-24 16:57:17 +00:00
|
|
|
//file_put_contents('insert.log', print_r($dataInsert,1));
|
|
|
|
|
$db->insert('sdv1.logs', $dataInsert);
|
|
|
|
|
} catch(Zend_Db_Exception $e) {
|
|
|
|
|
//@todo : log exception
|
|
|
|
|
//file_put_contents('test.log', $e->getMessage());
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2014-08-06 20:27:01 +00:00
|
|
|
/**
|
2014-08-07 15:11:55 +00:00
|
|
|
* Authenticate with SoapHeader, Optional (Authentication could be done by sending HTTP Basic header - see the doc)
|
|
|
|
|
* @param string $username
|
|
|
|
|
* @param string $password
|
|
|
|
|
* @throws SoapFault
|
2014-08-06 20:27:01 +00:00
|
|
|
*/
|
2014-08-07 15:05:36 +00:00
|
|
|
public function authenticate($username = null, $password = null)
|
2014-05-23 10:27:00 +00:00
|
|
|
{
|
2014-11-07 08:37:08 +00:00
|
|
|
if ( $this->authenticated === false )
|
|
|
|
|
{
|
|
|
|
|
if ( empty($username) )
|
|
|
|
|
{
|
2014-08-06 20:27:01 +00:00
|
|
|
/**
|
|
|
|
|
* @todo : Digest auth
|
|
|
|
|
*/
|
|
|
|
|
$this->authMethod = 'basic';
|
|
|
|
|
$username = $_SERVER['PHP_AUTH_USER'];
|
|
|
|
|
$password = $_SERVER['PHP_AUTH_PW'];
|
2014-11-07 08:37:08 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2014-08-06 20:27:01 +00:00
|
|
|
/**
|
|
|
|
|
* Auth Header in client
|
2014-08-07 15:05:36 +00:00
|
|
|
* $ns = 'auth';
|
2014-08-06 20:27:01 +00:00
|
|
|
* //Create our Auth Object to pass to the SOAP service with our values
|
2014-08-07 15:05:36 +00:00
|
|
|
* $auth = new StdClass();
|
2014-08-06 20:27:01 +00:00
|
|
|
* $auth->username = 'yourlogin';
|
|
|
|
|
* $auth->password = 'yourpassword';
|
|
|
|
|
* $creds = new SoapVar($auth, SOAP_ENC_OBJECT);
|
|
|
|
|
*
|
|
|
|
|
* //The 2nd variable, 'authenticate' is a method that exists inside of the SOAP service (you must create it, see next example)
|
|
|
|
|
* $authenticate = new SoapHeader($ns, 'authenticate', $creds, false);
|
|
|
|
|
*
|
2014-08-07 15:05:36 +00:00
|
|
|
* $client->__setSoapHeaders($authenticate);
|
2014-08-06 20:27:01 +00:00
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
$this->authMethod = 'soapheader';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2015-02-06 11:18:03 +00:00
|
|
|
* With proxy get the original IP
|
2014-08-06 20:27:01 +00:00
|
|
|
* $request->getClientIp(true);
|
2015-02-06 11:18:03 +00:00
|
|
|
* Si IP Proxy regarder la valeur HTTP_X_FORWARDED_FOR
|
2014-08-06 20:27:01 +00:00
|
|
|
*/
|
2014-10-13 09:45:43 +00:00
|
|
|
$ip = $_SERVER['REMOTE_ADDR'];
|
2015-02-06 11:18:03 +00:00
|
|
|
if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && in_array($ip, $this->listProxyIp)) {
|
|
|
|
|
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
|
|
|
|
|
}
|
2015-05-22 07:50:37 +00:00
|
|
|
|
2015-02-06 11:18:03 +00:00
|
|
|
/**
|
|
|
|
|
* Lors d'une demande d'authentification depuis une application on garde l'IP en mémoire,
|
|
|
|
|
* c'est donc celle là qu'il faut utiliser.
|
|
|
|
|
*/
|
2014-10-13 09:45:43 +00:00
|
|
|
if ($this->authIp !== null) {
|
|
|
|
|
$ip = $this->authIp;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check authentication from the database
|
|
|
|
|
*/
|
|
|
|
|
$this->authenticated = $this->checkAuth($username, $password, $ip);
|
2014-08-06 20:27:01 +00:00
|
|
|
if ( $this->authenticated === false ) {
|
|
|
|
|
$this->sendError('0900');
|
2015-04-24 15:37:51 +00:00
|
|
|
} elseif ( is_string($this->authenticated) ) {
|
2014-08-07 15:05:36 +00:00
|
|
|
$this->sendError($this->authenticated);
|
2014-08-06 20:27:01 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check permission
|
|
|
|
|
* @param string $perm
|
|
|
|
|
*/
|
|
|
|
|
protected function permission($perm)
|
|
|
|
|
{
|
|
|
|
|
if ( !$this->checkPerm($perm) ){
|
|
|
|
|
$this->sendError('0902');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check if user has the right to access WebService
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function checkAccesWS()
|
|
|
|
|
{
|
|
|
|
|
//Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs)
|
2014-08-06 20:27:01 +00:00
|
|
|
$accesWs = $this->User->accesWS;
|
2014-05-23 10:27:00 +00:00
|
|
|
if ($accesWs){
|
|
|
|
|
$this->sendError('0901');
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check if the user has the right to acces this functionality
|
|
|
|
|
* @param string $perm
|
|
|
|
|
* @throws SoapFault
|
|
|
|
|
*/
|
|
|
|
|
protected function checkPerm($perm)
|
|
|
|
|
{
|
|
|
|
|
$output = false;
|
2015-01-19 09:14:03 +00:00
|
|
|
$droits = $this->User->droits;
|
|
|
|
|
if ( is_array($droits) ) {
|
|
|
|
|
if ( in_array($perm, $droits) ){
|
|
|
|
|
$output = true;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
if ( preg_match('/\b'.$perm.'\b/i', $droits) ){
|
|
|
|
|
$output = true;
|
|
|
|
|
}
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
2015-05-22 07:50:37 +00:00
|
|
|
|
2014-05-23 10:27:00 +00:00
|
|
|
return $output;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Check if the user could edit data
|
|
|
|
|
*/
|
|
|
|
|
protected function checkEdition()
|
|
|
|
|
{
|
2014-08-06 20:27:01 +00:00
|
|
|
if ($this->User->idClient==1)
|
2014-05-23 10:27:00 +00:00
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
if ($this->checkPerm('edition'))
|
|
|
|
|
return true;
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* checkAuth
|
|
|
|
|
* @param string $login
|
|
|
|
|
* @param string $password
|
|
|
|
|
* @param string $ipConnexion
|
|
|
|
|
* @return mixed
|
|
|
|
|
*/
|
2014-10-30 13:49:29 +00:00
|
|
|
protected function checkAuth($login, $password, $ip)
|
2014-05-23 10:27:00 +00:00
|
|
|
{
|
2014-12-08 13:43:35 +00:00
|
|
|
if (empty($login)) {
|
|
|
|
|
$this->sendError('0900');
|
|
|
|
|
}
|
|
|
|
|
|
2014-09-12 14:57:26 +00:00
|
|
|
/**
|
2014-11-07 08:37:08 +00:00
|
|
|
* User information
|
2014-09-12 14:57:26 +00:00
|
|
|
*/
|
2014-05-23 10:27:00 +00:00
|
|
|
$userM = new Application_Model_Sdv1Utilisateurs();
|
|
|
|
|
$sql = $userM->select()
|
2014-10-30 13:06:00 +00:00
|
|
|
->setIntegrityCheck(false)
|
|
|
|
|
->from(array('u'=>'utilisateurs'), array(
|
|
|
|
|
'u.login', 'u.id', 'u.email', 'u.password', 'u.idClient', 'u.typeCompte', 'u.actif',
|
|
|
|
|
'u.filtre_ip', 'u.profil', 'u.civilite', 'u.nom', 'u.prenom', 'u.tel', 'u.fax',
|
|
|
|
|
'u.mobile', 'u.pref', 'u.rechRefType', 'u.profil', 'u.nombreConnexions',
|
|
|
|
|
'u.dateDerniereConnexion', 'u.droits', 'u.referenceParDefaut', 'u.nbReponses', 'u.lang',
|
|
|
|
|
'u.formatMail', 'u.dateDebutCompte', 'u.dateFinCompte', 'u.accesWS', 'u.acceptationCGU'))
|
|
|
|
|
->join(array('c'=>'clients'), 'u.idClient = c.id', array(
|
|
|
|
|
'c.droits AS droitsClients', 'c.test AS clientTest', 'c.typeScore', 'c.timeout',
|
|
|
|
|
))
|
|
|
|
|
->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service AS serviceCode'))
|
|
|
|
|
->joinLeft(array('v'=>'sdv1.clients_version'), 'u.idClient=v.clientId', array('version'))
|
|
|
|
|
->where('u.actif=?', 1)
|
|
|
|
|
->where('u.deleted=?', 0)
|
|
|
|
|
->where('c.actif=?','Oui');
|
2015-07-03 13:28:52 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Connexion avec login = email
|
|
|
|
|
*/
|
|
|
|
|
if (strstr($login, '@') !== false) {
|
|
|
|
|
$sql->where('u.email=?', $login);
|
|
|
|
|
}
|
|
|
|
|
/**
|
|
|
|
|
* Connexion standard
|
|
|
|
|
*/
|
|
|
|
|
else {
|
|
|
|
|
$sql->where('u.login=?', $login);
|
|
|
|
|
}
|
|
|
|
|
$resultId = $userM->fetchAll($sql);
|
2014-10-30 13:06:00 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* No user, deleted or disable
|
|
|
|
|
*/
|
2015-07-03 13:28:52 +00:00
|
|
|
if ( null === $resultId ) {
|
2014-10-30 13:06:00 +00:00
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-03 13:28:52 +00:00
|
|
|
/**
|
|
|
|
|
* Multiple compte
|
|
|
|
|
*/
|
|
|
|
|
if ( count($resultId) > 1 ) {
|
|
|
|
|
return '0906';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$result = $resultId[0];
|
|
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Date de debut de compte
|
|
|
|
|
*/
|
|
|
|
|
if ( !empty($result->dateDebutCompte) && $result->dateDebutCompte!='0000-00-00' ) {
|
|
|
|
|
$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
|
|
|
|
|
$dateDebutCompte = mktime(0, 0, 0, substr($result->dateDebutCompte,5,2), substr($result->dateDebutCompte,8,2), substr($result->dateDebutCompte,0,4));
|
|
|
|
|
if ( $today < $dateDebutCompte ) {
|
|
|
|
|
return '0903';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Date de fin de compte
|
|
|
|
|
*/
|
|
|
|
|
if ( !empty($result->dateFinCompte) && $result->dateFinCompte!='0000-00-00' ) {
|
|
|
|
|
$today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
|
|
|
|
|
$dateFinCompte = mktime(0, 0, 0, substr($result->dateFinCompte,5,2), substr($result->dateFinCompte,8,2), substr($result->dateFinCompte,0,4));
|
|
|
|
|
if ( $today > $dateFinCompte) {
|
|
|
|
|
return '0903';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2015-07-03 13:28:52 +00:00
|
|
|
/**
|
|
|
|
|
* Service fallback
|
|
|
|
|
*/
|
2014-11-07 08:37:08 +00:00
|
|
|
if ($result->serviceCode === null) {
|
|
|
|
|
$result->serviceCode = 'DEFAULT';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Select authentication version
|
|
|
|
|
*/
|
2014-12-17 07:37:41 +00:00
|
|
|
if ($result->version == 2) {
|
|
|
|
|
$authResult = $this->authV2($result, $password, $ip);
|
|
|
|
|
} else {
|
|
|
|
|
$authResult = $this->authV1($result, $password, $ip);
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
2014-12-15 16:08:55 +00:00
|
|
|
|
2015-07-03 13:28:52 +00:00
|
|
|
$this->authLog($result->login, $authResult, $ip);
|
2015-05-22 07:50:37 +00:00
|
|
|
|
2014-12-15 16:08:55 +00:00
|
|
|
return $authResult;
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Authentification v1
|
|
|
|
|
* @param object $userInfos
|
|
|
|
|
* @param string $password
|
|
|
|
|
* @param string $ip
|
|
|
|
|
* @return string|boolean
|
|
|
|
|
*/
|
2014-10-30 13:49:29 +00:00
|
|
|
protected function authV1($userInfos, $password, $ip)
|
2014-10-30 13:06:00 +00:00
|
|
|
{
|
2014-10-29 08:31:27 +00:00
|
|
|
/**
|
2014-10-30 13:06:00 +00:00
|
|
|
* Acces WS, block access to other apps
|
2014-10-29 08:31:27 +00:00
|
|
|
*/
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($userInfos->accesWS == 1 && $userInfos->idClient != 1) {
|
|
|
|
|
// --- Webservice user don't need access to others apps
|
2014-11-28 07:13:55 +00:00
|
|
|
if ( in_array($ip, $this->listApplicationIp) ) {
|
2014-10-29 08:31:27 +00:00
|
|
|
|
2014-10-30 13:06:00 +00:00
|
|
|
return '0901';
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2014-10-30 13:49:29 +00:00
|
|
|
} elseif ($ip != '127.0.0.1') {
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2015-07-06 14:03:16 +00:00
|
|
|
// --- For customized version, check user is in the good service
|
2014-10-30 13:06:00 +00:00
|
|
|
$clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
|
2015-01-16 10:49:42 +00:00
|
|
|
$wsClients = array();
|
2014-10-30 13:06:00 +00:00
|
|
|
foreach( $clients as $section => $params ){
|
|
|
|
|
if ($params['actif']) {
|
2015-07-06 14:03:16 +00:00
|
|
|
if (count($params['idClient']) > 0) {
|
|
|
|
|
foreach ($params['idClient'] as $idClient) {
|
|
|
|
|
$wsClients[$idClient] = $section;
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
2015-07-06 14:03:16 +00:00
|
|
|
if ( array_key_exists($userInfos->idClient, $wsClients) && ( $this->serviceClient === false
|
2014-10-30 13:06:00 +00:00
|
|
|
|| strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){
|
|
|
|
|
return '0901';
|
|
|
|
|
}
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-10-16 06:13:47 +00:00
|
|
|
|
2014-10-30 13:06:00 +00:00
|
|
|
/**
|
|
|
|
|
* Protect staging environment
|
|
|
|
|
* - No webservice access
|
|
|
|
|
* - Not in production
|
|
|
|
|
* - Not idClient 1 or 147
|
|
|
|
|
*/
|
2015-07-03 13:28:52 +00:00
|
|
|
if ( APPLICATION_ENV=='staging' && !in_array($userInfos->idClient, array(1,147)) && $userInfos->accesWS==0 ) {
|
2014-12-15 16:08:55 +00:00
|
|
|
return '0905';
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
2014-10-16 06:13:47 +00:00
|
|
|
|
2014-10-30 13:06:00 +00:00
|
|
|
/**
|
|
|
|
|
* IP Validation
|
|
|
|
|
* Get an array of IP and IP range
|
|
|
|
|
* 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10
|
|
|
|
|
*/
|
2015-07-06 14:03:16 +00:00
|
|
|
|
|
|
|
|
if ( !in_array($ip, $this->listApplicationIp) ) {
|
|
|
|
|
if ( !empty($userInfos->filtre_ip) ) {
|
|
|
|
|
$filtreIp = explode(';', trim($userInfos->filtre_ip, ';'));
|
|
|
|
|
if ( count($filtreIp)>0 ) {
|
|
|
|
|
|
|
|
|
|
// Extranet
|
|
|
|
|
if ( substr($password,0,7)=='iponly:' ) {
|
|
|
|
|
$ipToValidate = substr($password,7);
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
2015-07-06 14:03:16 +00:00
|
|
|
// WebService
|
2014-10-30 13:06:00 +00:00
|
|
|
else {
|
2015-07-06 14:03:16 +00:00
|
|
|
$ipToValidate = $ip;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Validation
|
|
|
|
|
$overallIpValidate = false;
|
|
|
|
|
foreach ( $filtreIp as $filtre ) {
|
|
|
|
|
if ( strpos($filtre, '*') ) {
|
|
|
|
|
$filtre = str_replace('*', '0', $filtre) . '-' . str_replace('*', '255', $filtre);
|
|
|
|
|
}
|
|
|
|
|
// Is it a range ?
|
|
|
|
|
if ( strpos($filtre, '-') ) {
|
|
|
|
|
$validateIp = new Scores_Validate_IpInNetwork();
|
|
|
|
|
$validateIp->setNetworkNotation($filtre);
|
|
|
|
|
$overallIpValidate = $validateIp->isValid($ipToValidate);
|
|
|
|
|
}
|
|
|
|
|
// Ip only
|
|
|
|
|
else {
|
|
|
|
|
if ( $filtre === $ipToValidate ) {
|
|
|
|
|
$overallIpValidate = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Break foreach
|
|
|
|
|
if ( $overallIpValidate === true ) {
|
|
|
|
|
break;
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
2015-07-06 14:03:16 +00:00
|
|
|
|
|
|
|
|
// Exit with error
|
|
|
|
|
if ( $overallIpValidate === false ) {
|
|
|
|
|
return '0904';
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-09-12 14:57:26 +00:00
|
|
|
|
2014-10-30 13:06:00 +00:00
|
|
|
// Check password with database informations
|
2014-11-07 08:37:08 +00:00
|
|
|
if ( $userInfos->password == $password //password sent in clear
|
|
|
|
|
|| md5($userInfos->password) == $password //password sent with md5
|
|
|
|
|
|| md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5
|
2014-10-30 13:06:00 +00:00
|
|
|
|| substr($password,0,7) == 'iponly:'
|
|
|
|
|
) {
|
|
|
|
|
|
|
|
|
|
//Timeout
|
|
|
|
|
$timeout = $userInfos->timeout;
|
|
|
|
|
if ($timeout==0) $timeout = 1800;
|
|
|
|
|
|
|
|
|
|
//Infos utilisateur
|
|
|
|
|
$this->User = new stdClass();
|
|
|
|
|
$this->User->login = $userInfos->login;
|
|
|
|
|
$this->User->id = $userInfos->id;
|
|
|
|
|
$this->User->civilite = $userInfos->civilite;
|
|
|
|
|
$this->User->nom = $userInfos->nom;
|
|
|
|
|
$this->User->prenom = $userInfos->prenom;
|
|
|
|
|
$this->User->tel = $userInfos->tel;
|
|
|
|
|
$this->User->fax = $userInfos->fax;
|
|
|
|
|
$this->User->mobile = $userInfos->mobile;
|
|
|
|
|
$this->User->email = $userInfos->email;
|
|
|
|
|
$this->User->typeCompte = $userInfos->typeCompte;
|
|
|
|
|
$this->User->idClient = $userInfos->idClient;
|
2014-11-07 08:37:08 +00:00
|
|
|
$this->User->serviceCode = $userInfos->serviceCode;
|
2014-10-30 13:06:00 +00:00
|
|
|
$this->User->filtre_ip = $userInfos->filtre_ip;
|
2014-11-07 08:37:08 +00:00
|
|
|
$this->User->ipConnexion = $ip;
|
2014-10-30 13:06:00 +00:00
|
|
|
$this->User->pref = $userInfos->pref;
|
|
|
|
|
$this->User->rechRefType = $userInfos->rechRefType;
|
|
|
|
|
$this->User->profil = $userInfos->profil;
|
|
|
|
|
$this->User->nombreConnexions = $userInfos->nombreConnexions;
|
|
|
|
|
$this->User->dateDerniereConnexion = $userInfos->dateDerniereConnexion;
|
|
|
|
|
$this->User->droits = $userInfos->droits;
|
|
|
|
|
$this->User->droitsClients = $userInfos->droitsClients;
|
2014-08-06 20:27:01 +00:00
|
|
|
$this->User->timeout = $timeout;
|
2014-10-30 13:06:00 +00:00
|
|
|
$this->User->clientTest = $userInfos->clientTest;
|
|
|
|
|
$this->User->typeScore = $userInfos->typeScore;
|
|
|
|
|
$this->User->nbReponses = $userInfos->nbReponses;
|
|
|
|
|
$this->User->lang = $userInfos->lang;
|
|
|
|
|
$this->User->formatMail = $userInfos->formatMail;
|
|
|
|
|
$this->User->referenceParDefaut = $userInfos->referenceParDefaut;
|
|
|
|
|
$this->User->dateDebutCompte = $userInfos->dateDebutCompte;
|
|
|
|
|
$this->User->dateFinCompte = $userInfos->dateFinCompte;
|
|
|
|
|
$this->User->acceptationCGU = $userInfos->acceptationCGU;
|
2014-11-07 08:37:08 +00:00
|
|
|
$this->User->version = $userInfos->version;
|
2014-05-23 10:27:00 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Authentification v2
|
|
|
|
|
* @param object $userInfos
|
|
|
|
|
* @param string $credential
|
|
|
|
|
* @param string $ip
|
|
|
|
|
* @return string|boolean
|
|
|
|
|
*/
|
|
|
|
|
protected function authV2($userInfos, $credential, $ip)
|
|
|
|
|
{
|
|
|
|
|
$serviceM = new Application_Model_Sdv1ClientsServices();
|
|
|
|
|
$sql = $serviceM->select()
|
|
|
|
|
->where('IdClient=?', $userInfos->idClient)
|
|
|
|
|
->where('Code=?', $userInfos->serviceCode);
|
|
|
|
|
$result = $serviceM->fetchRow($sql);
|
|
|
|
|
|
|
|
|
|
// Aucun service
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($result === null) {
|
2014-11-07 08:37:08 +00:00
|
|
|
return '0906';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Service inactif
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($result->Active == 0) {
|
2014-11-07 08:37:08 +00:00
|
|
|
return '0906';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Block WebService User on Apps
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($result->AppWebservice == 1 && $this->authApp !== null && $userInfos->idClient != 1) {
|
2014-11-07 08:37:08 +00:00
|
|
|
return '0901';
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// WebService customize version
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($result->AppWebservice == 1) {
|
2014-11-07 08:37:08 +00:00
|
|
|
// For customized version, check user is in the good service
|
|
|
|
|
$clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
|
|
|
|
|
foreach( $clients as $section => $params ){
|
|
|
|
|
if ($params['actif']) {
|
|
|
|
|
$wsClients[$params['idClient']] = $section;
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
|
|
|
|
}
|
2014-11-07 08:37:08 +00:00
|
|
|
if ( array_key_exists($userInfos->idClient, $wsClients)
|
|
|
|
|
&& ( $this->serviceClient == false
|
|
|
|
|
|| strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){
|
|
|
|
|
return '0901';
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-09-12 14:57:26 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
//Infos utilisateur
|
|
|
|
|
$this->User = new stdClass();
|
|
|
|
|
$this->User->login = $userInfos->login;
|
|
|
|
|
$this->User->id = $userInfos->id;
|
|
|
|
|
$this->User->civilite = $userInfos->civilite;
|
|
|
|
|
$this->User->nom = $userInfos->nom;
|
|
|
|
|
$this->User->prenom = $userInfos->prenom;
|
|
|
|
|
$this->User->tel = $userInfos->tel;
|
|
|
|
|
$this->User->fax = $userInfos->fax;
|
|
|
|
|
$this->User->mobile = $userInfos->mobile;
|
|
|
|
|
$this->User->email = $userInfos->email;
|
|
|
|
|
$this->User->typeCompte = $userInfos->typeCompte;
|
|
|
|
|
$this->User->idClient = $userInfos->idClient;
|
|
|
|
|
$this->User->serviceCode = $userInfos->serviceCode;
|
|
|
|
|
$this->User->ipConnexion = $ip;
|
|
|
|
|
$this->User->pref = $userInfos->pref;
|
|
|
|
|
$this->User->rechRefType = $userInfos->rechRefType;
|
|
|
|
|
$this->User->profil = $userInfos->profil;
|
|
|
|
|
$this->User->droits = $userInfos->droits;
|
|
|
|
|
$this->User->clientTest = $userInfos->clientTest;
|
|
|
|
|
$this->User->typeScore = $userInfos->typeScore;
|
|
|
|
|
$this->User->nbReponses = $userInfos->nbReponses;
|
|
|
|
|
$this->User->lang = $userInfos->lang;
|
|
|
|
|
$this->User->formatMail = $userInfos->formatMail;
|
|
|
|
|
$this->User->referenceParDefaut = $userInfos->referenceParDefaut;
|
|
|
|
|
$this->User->dateDebutCompte = $userInfos->dateDebutCompte;
|
|
|
|
|
$this->User->dateFinCompte = $userInfos->dateFinCompte;
|
|
|
|
|
$this->User->acceptationCGU = $userInfos->acceptationCGU;
|
|
|
|
|
$this->User->version = $userInfos->version;
|
|
|
|
|
|
|
|
|
|
//Add Service Parameter to user definition
|
|
|
|
|
$this->User->typeScore = $result->TypeScore;
|
|
|
|
|
$this->User->timeout = $result->Timeout;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Type de connexion
|
|
|
|
|
* userPassword => Vérifier le mot de passe
|
|
|
|
|
* userPasswordCrypt => Vérifier le mot de passe crypté
|
|
|
|
|
* userIP => Vérifier uniquement l'utilisateur et son IP de connexion
|
|
|
|
|
*/
|
2015-07-03 13:28:52 +00:00
|
|
|
switch($result->TypeAcces) {
|
2014-11-07 08:37:08 +00:00
|
|
|
case 'userPassword':
|
|
|
|
|
if ($this->authIP($ip) === false) {
|
|
|
|
|
return '0904';
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
2014-11-07 08:37:08 +00:00
|
|
|
if ($this->authPassword($userInfos, $credential) === true) {
|
|
|
|
|
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'userPasswordCrypt':
|
|
|
|
|
if ($this->authIP($ip) === false) {
|
|
|
|
|
return '0904';
|
|
|
|
|
}
|
|
|
|
|
if ($this->authPasswordCrypt($userInfos, $credential) === true) {
|
|
|
|
|
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
case 'userIP':
|
|
|
|
|
if (substr($credential,0,7) == 'iponly:') {
|
|
|
|
|
$ip = substr($credential,7);
|
|
|
|
|
if ($this->authIP($ip) === true) {
|
|
|
|
|
$this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode);
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2014-10-30 13:06:00 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Check password
|
|
|
|
|
* @todo :
|
|
|
|
|
* Check how password is check
|
|
|
|
|
* md5 => standard method md5 ( login | password )
|
|
|
|
|
* key => get associated key with crypt method
|
|
|
|
|
* cert => get associated certificat
|
|
|
|
|
* @param unknown $userInfos
|
|
|
|
|
* @param unknown $password
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
protected function authPassword($userInfos, $password)
|
|
|
|
|
{
|
|
|
|
|
if ( $userInfos->password == $password //password sent in clear
|
|
|
|
|
|| md5($userInfos->password) == $password //password sent with md5
|
|
|
|
|
|| md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5
|
|
|
|
|
) {
|
2014-10-30 13:06:00 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Check password
|
|
|
|
|
* @param object $userInfos
|
|
|
|
|
* @param string $password
|
|
|
|
|
*/
|
2014-12-01 09:52:00 +00:00
|
|
|
protected function authPasswordCrypt($userInfos, $password)
|
|
|
|
|
{
|
2015-01-13 20:30:40 +00:00
|
|
|
if ( substr($password, 0, 4) == '$2y$' && strlen($password) == 60 && $password == $userInfos->password ) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
elseif ( password_verify($password, $userInfos->password) === true ) {
|
2014-12-01 09:52:00 +00:00
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2014-10-30 13:06:00 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Check ip
|
|
|
|
|
* @param string $ip
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
protected function authIP($ip)
|
|
|
|
|
{
|
|
|
|
|
//Check IP
|
2015-07-03 13:28:52 +00:00
|
|
|
if (!in_array($ip, $this->listApplicationIp)) {
|
2014-11-07 08:37:08 +00:00
|
|
|
$serviceIPM = new Application_Model_Sdv1ClientsServicesIP();
|
|
|
|
|
$sql = $serviceIPM->select(true)->columns('IP')
|
2015-01-13 20:30:40 +00:00
|
|
|
->where('IdClient=?', $this->User->idClient)
|
|
|
|
|
->where('Service=?', $this->User->serviceCode);
|
2014-11-07 08:37:08 +00:00
|
|
|
$ipResult = $serviceIPM->fetchAll($sql);
|
|
|
|
|
if (count($ipResult) > 0) {
|
|
|
|
|
//Validation
|
|
|
|
|
$overallIpValidate = false;
|
|
|
|
|
foreach ($ipResult->IP as $filtre) {
|
|
|
|
|
if (trim($filtre) != '') {
|
|
|
|
|
// Is it a range ?
|
|
|
|
|
if ( strpos($filtre, '-') ) {
|
|
|
|
|
$validateIp = new Scores_Validate_IpInNetwork();
|
|
|
|
|
$validateIp->setNetworkNotation($filtre);
|
|
|
|
|
$overallIpValidate = $validateIp->isValid($ip);
|
|
|
|
|
}
|
|
|
|
|
// Ip only
|
|
|
|
|
else {
|
|
|
|
|
if ( $filtre === $ip ) {
|
|
|
|
|
$overallIpValidate = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Break foreach
|
|
|
|
|
if ( $overallIpValidate === true ) {
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
// Exit with error
|
|
|
|
|
if ( $overallIpValidate === false ) {
|
|
|
|
|
return '0904';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-10-30 13:49:29 +00:00
|
|
|
|
2014-12-15 16:08:55 +00:00
|
|
|
/**
|
|
|
|
|
* Log les erreurs d'authentification
|
|
|
|
|
* @param mixed $result
|
|
|
|
|
* @param string $ip
|
|
|
|
|
* @return void
|
|
|
|
|
*/
|
|
|
|
|
protected function authLog($login, $result, $ip)
|
|
|
|
|
{
|
|
|
|
|
$authenticate = null;
|
|
|
|
|
if ($result === false) {
|
|
|
|
|
$authenticate = 'KO';
|
|
|
|
|
} else if (is_string($result)) {
|
|
|
|
|
$authenticate = $result;
|
|
|
|
|
}
|
2015-07-03 13:28:52 +00:00
|
|
|
if ($authenticate !== null) {
|
|
|
|
|
$data = array(
|
|
|
|
|
'login' => $login,
|
|
|
|
|
'authenticate' => $authenticate,
|
|
|
|
|
'ip' => $ip,
|
|
|
|
|
);
|
|
|
|
|
try {
|
|
|
|
|
$authLogM = new Application_Model_Sdv1UtilisateursAuthLog();
|
|
|
|
|
$authLogM->insert($data);
|
|
|
|
|
} catch (Zend_Db_Exception $e) {}
|
|
|
|
|
}
|
2014-12-17 07:37:41 +00:00
|
|
|
}
|
2015-05-22 07:50:37 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
/**
|
|
|
|
|
* Get Service Access List
|
|
|
|
|
* @param int $clientId
|
|
|
|
|
* @param string $serviceCode
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
protected function getAccessList($clientId, $serviceCode)
|
|
|
|
|
{
|
|
|
|
|
$accesM = new Application_Model_Sdv1ClientsServicesDroits();
|
2015-01-13 20:30:40 +00:00
|
|
|
$sql = $accesM->select(true)->columns(array('Acces'))
|
|
|
|
|
->where('IdClient=?', $this->User->idClient)
|
|
|
|
|
->where('Service=?', $this->User->serviceCode);
|
|
|
|
|
try {
|
|
|
|
|
$accesResult = $accesM->fetchAll($sql);
|
|
|
|
|
} catch ( Zend_Db_Exception $e ) {
|
|
|
|
|
}
|
2014-11-07 08:37:08 +00:00
|
|
|
|
|
|
|
|
$list = array();
|
|
|
|
|
if (count($accesResult) > 0 ) {
|
|
|
|
|
foreach ($accesResult as $row) {
|
|
|
|
|
$list[] = $row->Acces;
|
|
|
|
|
}
|
|
|
|
|
}
|
2014-10-30 13:49:29 +00:00
|
|
|
|
2014-11-07 08:37:08 +00:00
|
|
|
return $list;
|
2014-10-30 13:06:00 +00:00
|
|
|
}
|
2014-06-17 12:11:01 +00:00
|
|
|
|
|
|
|
|
protected function trigger($event, $args)
|
|
|
|
|
{
|
|
|
|
|
//Est ce que l'utilisateur à un trigger
|
|
|
|
|
|
|
|
|
|
//Pour chaque trigger - Executer l'action
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2014-05-23 10:27:00 +00:00
|
|
|
}
|
