scores/webservice
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge from branch 2.7

Browse Source
This commit is contained in:
Michael RICOIS 2014-10-14 07:48:51 +00:00
commit c5d2d359d3
3 changed files with 41 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
library/Metier/partenaires/classMLiens2.php
View File

@ -63,7 +63,7 @@ class MLiens2
if ( $type == 'siren' ) { if ( $type == 'siren' ) {
$this->siren = $id; $this->siren = $id;
$refM = new Application_Model_JoLiensRef(); $refM = new Application_Model_JoLiensRef();
$sql = $refM->select()->where('siren=?', $id); $sql = $refM->select()->where('siren=?', $id)->where('dateSuppr=0');
$result = $refM->fetchRow($sql); $result = $refM->fetchRow($sql);
if ( $result !== null ) { if ( $result !== null ) {
$this->idRef = $result->id; $this->idRef = $result->id;

37
library/Scores/Ws/Server.php
View File

@ -19,6 +19,18 @@ class Scores_Ws_Server
*/ */
protected $authMethod = null; protected $authMethod = null;
/**
* Nom de l'application d'ou provient la demande d'authentification
* @var string
*/
protected $authApp = null;
/**
* IP du client
* @var string
*/
protected $authIp = null;
/** /**
* Name of Service * Name of Service
* @var string * @var string
@ -508,8 +520,15 @@ class Scores_Ws_Server
* @todo : with proxy get the original IP * @todo : with proxy get the original IP
* $request->getClientIp(true); * $request->getClientIp(true);
*/ */
$ip = $_SERVER['REMOTE_ADDR'];
if ($this->authIp !== null) {
$ip = $this->authIp;
}
$this->authenticated = $this->checkAuth($username, $password, $_SERVER['REMOTE_ADDR']); /**
* Check authentication from the database
*/
$this->authenticated = $this->checkAuth($username, $password, $ip);
if ( $this->authenticated === false ) { if ( $this->authenticated === false ) {
$this->sendError('0900'); $this->sendError('0900');
} elseif ( $this->authenticated !== true ) { } elseif ( $this->authenticated !== true ) {
@ -614,9 +633,11 @@ class Scores_Ws_Server
* Get an array of IP and IP range * Get an array of IP and IP range
* 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10 * 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10
*/ */
if ( !empty($result->filtre_ip) ) { if ( !empty($result->filtre_ip) )
$filtreIp = explode(';', $result->filtre_ip); {
if ( count($filtreIp)>0 ) { $filtreIp = explode(';', trim($result->filtre_ip, ';'));
if ( count($filtreIp)>0 )
{
// Extranet // Extranet
if ( substr($password,0,7)=='iponly:' ) { if ( substr($password,0,7)=='iponly:' ) {
$ipToValidate = substr($password,7); $ipToValidate = substr($password,7);
@ -625,12 +646,13 @@ class Scores_Ws_Server
else { else {
$ipToValidate = $ipConnexion; $ipToValidate = $ipConnexion;
} }
//Validation
$overallIpValidate = false; $overallIpValidate = false;
foreach ( $filtreIp as $filtre ) { foreach ( $filtreIp as $filtre )
{
if ( strpos($filtre, '*') ) { if ( strpos($filtre, '*') ) {
$filtre = str_replace('*', '0', $filtre) . '-' . str_replace('*', '255', $filtre); $filtre = str_replace('*', '0', $filtre) . '-' . str_replace('*', '255', $filtre);
} }
// Is it a range ? // Is it a range ?
if ( strpos($filtre, '-') ) { if ( strpos($filtre, '-') ) {
$validateIp = new Scores_Validate_IpInNetwork(); $validateIp = new Scores_Validate_IpInNetwork();
@ -667,7 +689,8 @@ class Scores_Ws_Server
if ( $result->password == $password //password sent in clear if ( $result->password == $password //password sent in clear
|| md5($result->password) == $password //password sent with md5 || md5($result->password) == $password //password sent with md5
|| md5($result->login.'|'.$result->password) == $password //password sent concat with login and crypt by md5 || md5($result->login.'|'.$result->password) == $password //password sent concat with login and crypt by md5
) { || substr($password,0,7)=='iponly:'
) {
//Timeout //Timeout
$timeout = $result->timeout; $timeout = $result->timeout;

16
library/WsScore/Gestion/v0.3/Gestion.php
View File

@ -24,10 +24,15 @@ class Gestion extends Scores_Ws_Server
*/ */
public function getInfosLogin($login, $ipUtilisateur = '') public function getInfosLogin($login, $ipUtilisateur = '')
{ {
//Get User Ip
if (empty($ipUtilisateur)) {
$ipUtilisateur = $_SERVER['REMOTE_ADDR'];
}
$this->authIp = $ipUtilisateur;
//Authenticate
$this->authenticate(); $this->authenticate();
//Initialisation
if (empty($ipUtilisateur)) $ipUtilisateur = $_SERVER['REMOTE_ADDR'];
$error = new ErrorType(); $error = new ErrorType();
$result = new InfosLogin(); $result = new InfosLogin();
@ -41,10 +46,9 @@ class Gestion extends Scores_Ws_Server
debugLog('I',"getInfosLogin pour $login (IP=$ipUtilisateur)",__LINE__,__FILE__, __FUNCTION__, __CLASS__); debugLog('I',"getInfosLogin pour $login (IP=$ipUtilisateur)",__LINE__,__FILE__, __FUNCTION__, __CLASS__);
//L'utilisateur qui demande les informations est différent //L'utilisateur qui demande les informations est différent
if ( $this->User->login<>$login if ($this->User->login!=$login && in_array($this->User->profil, array('Administrateur', 'SuperAdministrateur')))
&& in_array($this->User->profil, array('Administrateur', 'SuperAdministrateur') ) {
) { /** Un administrateur veut il des infos sur un login ? **/
/** Un administrateur veut il des infos sur un login ? **/
$iDbCrm = new WDB('sdv1'); $iDbCrm = new WDB('sdv1');
$rep = $iDbCrm->select( $rep = $iDbCrm->select(
'utilisateurs u, clients c', 'utilisateurs u, clients c',