"Export des résultats de la recherche", 'IPARI' => "Investigation par l'image IparI©", 'HISTOBODACC' => "Historique des annonces bodacc", 'INVESTIG' => "Investigation", 'SEARCHENT' => "Recherche Entreprise", 'SEARCHDIR' => "Recherche Dirigeant", 'SEARCHACT' => "Recherche Actionnaire", //IDENTITE 'IDENTITE' => "Fiche d'identité", 'IDPROCOL' => 'Fiche procédure collective', 'LIENS' => "Liens inter-entreprise", 'ETABLISSEMENTS' => "Liste des établissements", 'GROUPE' => "Informations et organigramme du groupe", 'EVENINSEE' => 'Évènements INSEE', 'AVISINSEE' => 'Avis de situation INSEE', 'AVISRNCS' => 'Avis de situation RNCS', 'RNVP' => "Normalisation postale", //DIRIGEANT 'DIRIGEANTS' => "Liste des dirigeants", 'DIRIGEANTSOP' => "Liste des dirigeants opérationnels", //FINANCE 'SYNTHESE' => "Synthèse", 'RATIOS' => "Ratios", 'FLUX' => "Flux de trésorerie", 'LIASSE' => "Liasse fiscale", 'LIASSEXLS' => "Export des Liasses au format XLS", 'UPLOADBILAN' => "Saisie de bilan", 'BOURSE' => "Bourse & cotations", 'BANQUE' => "Relations bancaires", //JURIDIQUE 'ANNONCES' => "Annonces légales", 'INFOSREG' => "Informations réglementée", 'COMPETENCES' => "Compétences territoriales", 'CONVENTIONS' => "Conventions collectives", 'MARQUES' => "Marques déposées", //EVALUATION 'INDISCORE' => "indiScore©", 'INDISCORE2' => "Rapport synthetique", 'INDISCORE3' => "Rapport complet", 'INDISCOREP' => "indiScore+", 'INDISCORE2P' => "Rapport synthetique+", 'INDISCORE3P' => "Rapport complet+", 'VALORISATION' => "Valorisation", 'SCORECSF' => "Score CSF", 'ENQUETEC' => "Enquête commerciale", 'AVISCREDIT' => "Avis de crédit personnalisé", //PIECES 'KBIS' => "Extrait RCS", 'ACTES' => "Pièces officielles", 'PRIVILEGES' => "Privilèges", //SURVEILLANCES 'SURVANNONCE' => "Surveillance des annonces légales", 'SURVINSEE' => "Surveillance des événements INSEE", 'SURVBILAN' => "Surveillance des bilans saisies (liasse fiscale)", 'SURVSCORE' => "Surveillance des événements sur le score", 'SURVACTES' => "Surveillance des pieces officielles (comptes annuels, actes)", 'SURVDIRIGEANTS'=> "Surveillance des dirigeants", 'SURVPAIEMENTS' => "Surveillance des paiements", 'SURVLIENS' => "Surveillance des liens financiers", 'SURVPRIV' => "Surveillance des privilèges", //OPTIONS 'MONPROFIL' => "Mon profil", 'EDITION' => "Mode Edition", 'PORTEFEUILLE' => "Portefeuille", 'SURVLISTE' => "Liste des surveillances", //DIVERS 'INTERNATIONAL' => "Recherche Internationale", 'BDF' => "Banque de France", 'WORLDCHECK' => "World-Check Risk Intelligence", ); protected $listeCategory = array( 'RECHERCHE' => array( 'label' => "Recherche", 'droits' => array('RECHCSV', 'IPARI', 'HISTOBODACC', 'INVESTIG', 'SEARCHENT', 'SEARCHDIR', 'SEARCHACT'), ), 'IDENTITE' => array( 'label' => "Identité", 'droits' => array('IDENTITE','IDPROCOL', 'LIENS', 'ETABLISSEMENTS', 'GROUPE', 'EVENINSEE', 'AVISINSEE', 'AVISRNCS', 'RNVP'), ), 'DIRIGEANT' => array( 'label' => "Dirigeant", 'droits' => array('DIRIGEANTS','DIRIGEANTSOP', 'WORLDCHECK'), ), 'FINANCE' => array( 'label' => 'Elements Financiers', 'droits' => array('SYNTHESE','RATIOS','FLUX','LIASSE','LIASSEXLS', 'UPLOADBILAN', 'BOURSE','BANQUE'), ), 'JURIDIQUE' => array( 'label' => 'Elements Juridiques', 'droits' => array('ANNONCES','INFOSREG','COMPETENCES','CONVENTIONS','MARQUES'), ), 'EVALUATION' => array( 'label' => 'Evaluation', 'droits' => array('INDISCORE', 'INDISCORE2', 'INDISCORE3', 'INDISCOREP', 'INDISCORE2P', 'INDISCORE3P','VALORISATION','ENQUETEC','AVISCREDIT'), ), 'PIECES' => array( 'label' => 'Pièces officielles', 'droits' => array('KBIS', 'ACTES', 'PRIVILEGES'), ), 'SURVEILLANCES' => array( 'label' => 'Surveillances', 'droits' => array('SURVANNONCE', 'SURVINSEE', 'SURVBILAN', 'SURVSCORE', 'SURVACTES', 'SURVDIRIGEANTS', 'SURVPAIEMENTS', 'SURVLIENS', 'SURVPRIV', ), ), 'OPTIONS' => array( 'label' => 'Options', 'droits' => array('MONPROFIL','SURVLISTE','PORTEFEUILLE','EDITION'), ), 'DIVERS' => array( 'label' => 'Divers', 'droits' => array('INTERNATIONAL', 'BDF'), ), ); /** * List preferences * @var array */ protected $listePrefs = array( 'NAF4' => "Afficher les anciens NAF", 'NACE' => "Afficher les codes NACES", 'NEWS' => "Afficher les news Google©", 'MAPPY' => "Afficher les façades d'immeubles", 'CARTES' => "Afficher les cartes et les plans", 'VOIRSURV' => "Afficher les entités sous surveillances", 'DEMANDEREF' => "Demande de référence par defaut", 'RECHREF' => "Afficher le formulaire de recherche par référence", ); /** * List logs for facturation * @var array */ protected $logs = array( 'identite' => array( 'label' => "Identité" ), 'liens' => array( 'label' => "Liens Inter-Entreprise" ), 'etablissements' => array( 'label' => "Etablissements" ), 'dirigeants' => array( 'label' => "Dirigeants" ), 'annonces' => array( 'label' => "Annonces légales", ), 'indiscore' => array( 'label' => "Indiscore", ), 'indiscorep' => array( 'label' => "Indiscore+", ), 'indiscore2' => array( 'label' => "Rapport", ), 'indiscore2p' => array( 'label' => "Rapport avec suivi", ), 'indiscore3' => array( 'label' => "Rapport complet", ), 'indiscore3p' => array( 'label' => "Rapport complet avec suivi", ), 'evenements' => array( 'label' => "Modifications Insee", ), 'tva' => array( 'label' => "Numéro de TVA intracommunautaire", ), 'infosreg' => array( 'label' => "Informations réglementées", ), 'bourse' => array( 'label' => "Information boursière" ), 'bilan' => array( 'label' => "Liasse fiscale", ), 'sirenExiste' => array( 'label' => "Controle du SIREN", ), 'ratios' => array( 'label' => "Ratios", ), 'rapport1' => array( 'label' => "Rapport complet 1", ), 'rapport2' => array( 'label' => "Rapport complet 2", ), 'rapport3' => array( 'label' => "Rapport complet 3", ), 'banque' => array( 'label' => "Relations banquaires", ), 'competences' => array( 'label' => "Competences territoriales", ), 'privdetail' => array( 'label' => "Détails des privilèges", ), 'privcumul' => array( 'label' => "Privilèges cumulés", ), 'conventions' => array( 'label' => "Conventions collectives", ), 'marques' => array( 'label' => "Marques déposés", ), 'kbis' => array( 'label' => "Extrait RCS", ), 'dirigeantsop' => array( 'label' => "Dirigeants opérationels", ), 'groupesarbo' => array( 'label' => "Arborescence de groupes", ), 'groupeinfos' => array( 'label' => "Informations groupe", ), 'valorisation' => array( 'label' => "Valorisation", ), 'rnvp' => array( 'label' => "Normalisation postale", ), ); /** * List of error code send as SoapFault * @var unknown_type */ public $listError = array( '0900' => "Identifiant ou mot de passe incorrect", '0901' => "Accès WS non authorisé pour cet utilisateur", '0902' => "Méthode non authorisée dans votre profil", '0903' => "Période d'accès au service invalide", '0904' => "Adresse IP Invalide", '0905' => "Accès environnement de test non autorisé", '0906' => "Erreur configuration utilisateur", '1010' => "Siren invalide", '1011' => "Identifiant invalide", '1020' => "Siren inexistant", '1021' => "Type d'identifiant inexistant", '1030' => "Aucun résultat pour ce siren en base", '3000' => "Service disponible", '9000' => "Service S&D indisponible", '9001' => "Service partenaire indisponible", '9002' => "Méthode provisoirement indisponible", '9003' => "Version du service désactivé", '9004' => "Version du service inexistant", '9010' => "Fichier indisponible", '9020' => "Requête incorrecte", ); public function __construct() { defined('DATETIME') || define ('DATETIME', date('YmdHis')); defined('DATE') || define ('DATE', substr(DATETIME,0,8)); defined('TIME') || define ('TIME', substr(DATETIME,8,6)); defined('DATE_LISIBLE') || define ('DATE_LISIBLE', substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4)); defined('TIME_LISIBLE') || define ('TIME_LISIBLE', substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2)); } /** * Send SoapFault with code and messade define * @param string $code * @throws SoapFault */ protected function sendError($code) { $message = 'Erreur inconnue'; if (array_key_exists($code, $this->listError)){ $message = $this->listError[$code]; } throw new SoapFault($code,$message); exit; } /** * Enregistre l'appel utilisateur à une méthode * @param $service * @param $siret * @param $ref * @return void */ protected function wsLog($service, $siret='', $ref='') { //Is it a test if ( $this->User->clientTest=='Oui' || $this->User->typeCompte=='TEST' ) { $test=1; } else { $test=0; } $siren = 0; if ( strlen($siret) == 14 ) { $siren = substr($siret,0,9); $nic = substr($siret,9,5); } elseif ( strlen($siret) == 9 ) { $siren = $siret; $nic = ''; } // Set data by default $dataInsert = array( 'login' => $this->User->login, 'page' => $service, 'params' => $ref, 'idClient' => $this->User->idClient, 'test' => $test, 'actifInsee' => 0, 'source' => 0, 'raisonSociale' => '', 'cp' => '', 'ville' => '', 'ipClient' => $this->User->ipConnexion, ); $db = Zend_Db_Table_Abstract::getDefaultAdapter(); $pageRS = array( 'identite', 'greffe_bilans', 'greffe_actes', 'liens', 'dirigeants', 'etablissements', 'dirigeantsOp', 'kbis', 'indiscore', 'indiscore2', 'indiscore3', 'rapport2', 'rapport3' ); if ( intval($siren)!=0 ) { $dataInsert['siren'] = $siren; $dataInsert['nic'] = $nic; } if ( intval($siren)!=0 && in_array($service, $pageRS) ) { $sql = $db->select()->from('jo.etablissements', array('siren', 'nic', 'actif', 'siege', 'raisonSociale', 'adr_cp', 'adr_ville', 'source'))->where('siren=?', $siren); if ( intval($siren)>1000 && intval($nic)>9 ) { $sql->where('nic=?', $nic); } elseif ( intval($siren)==0 && $ref>0 ) { $sql->where('id=?', $ref); } elseif ( intval($siren)>1000 ) { $sql->where('siege=1')->order('actif DESC')->order('nic DESC'); } else { return; } try { $result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ); if ( $result !== null ) { //file_put_contents('lecture.log', print_r($result,1)); $dataInsert['raisonSociale'] = $result->raisonSociale; $dataInsert['cp'] = $result->adr_cp; $dataInsert['ville'] = $result->adr_ville; $dataInsert['source'] = $result->source; if ( $result->actif == 0 ) { $dataInsert['actifInsee'] = 0; } elseif ( intval($siren)>1000 ) { $dataInsert['actifInsee'] = 1; $sql = $db->select()->from('jo.rncs_entrep', 'count(*) AS nb')->where('siren=?', $siren); $result = $db->fetchRow($sql, null, Zend_Db::FETCH_OBJ); if ( $result !== null ) { if ($result->nb>0 ) { $dataInsert['source'] = 5; } } } } } catch(Zend_Db_Exception $e) { //@todo : log exception //file_put_contents('test.log', $e->getMessage()); } } try { //file_put_contents('insert.log', print_r($dataInsert,1)); $db->insert('sdv1.logs', $dataInsert); } catch(Zend_Db_Exception $e) { //@todo : log exception //file_put_contents('test.log', $e->getMessage()); } } /** * Authenticate with SoapHeader, Optional (Authentication could be done by sending HTTP Basic header - see the doc) * @param string $username * @param string $password * @throws SoapFault */ public function authenticate($username = null, $password = null) { if ( $this->authenticated === false ) { if ( empty($username) ) { /** * @todo : Digest auth */ $this->authMethod = 'basic'; $username = $_SERVER['PHP_AUTH_USER']; $password = $_SERVER['PHP_AUTH_PW']; } else { /** * Auth Header in client * $ns = 'auth'; * //Create our Auth Object to pass to the SOAP service with our values * $auth = new StdClass(); * $auth->username = 'yourlogin'; * $auth->password = 'yourpassword'; * $creds = new SoapVar($auth, SOAP_ENC_OBJECT); * * //The 2nd variable, 'authenticate' is a method that exists inside of the SOAP service (you must create it, see next example) * $authenticate = new SoapHeader($ns, 'authenticate', $creds, false); * * $client->__setSoapHeaders($authenticate); * */ $this->authMethod = 'soapheader'; } /** * With proxy get the original IP * $request->getClientIp(true); * Si IP Proxy regarder la valeur HTTP_X_FORWARDED_FOR */ $ip = $_SERVER['REMOTE_ADDR']; if ( isset($_SERVER['HTTP_X_FORWARDED_FOR']) && in_array($ip, $this->listProxyIp)) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } /** * Lors d'une demande d'authentification depuis une application on garde l'IP en mémoire, * c'est donc celle là qu'il faut utiliser. */ if ($this->authIp !== null) { $ip = $this->authIp; } /** * Check authentication from the database */ $this->authenticated = $this->checkAuth($username, $password, $ip); if ( $this->authenticated === false ) { $this->sendError('0900'); } elseif ( is_string($this->authenticated) ) { $this->sendError($this->authenticated); } } } /** * Check permission * @param string $perm */ protected function permission($perm) { if ( !$this->checkPerm($perm) ){ $this->sendError('0902'); } } /** * Check if user has the right to access WebService * @throws SoapFault */ protected function checkAccesWS() { //Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs) $accesWs = $this->User->accesWS; if ($accesWs){ $this->sendError('0901'); } } /** * Check if the user has the right to acces this functionality * @param string $perm * @throws SoapFault */ protected function checkPerm($perm) { $output = false; $droits = $this->User->droits; if ( is_array($droits) ) { if ( in_array($perm, $droits) ){ $output = true; } } else { if ( preg_match('/\b'.$perm.'\b/i', $droits) ){ $output = true; } } return $output; } /** * Check if the user could edit data */ protected function checkEdition() { if ($this->User->idClient==1) return true; if ($this->checkPerm('edition')) return true; return false; } /** * checkAuth * @param string $login * @param string $password * @param string $ipConnexion * @return mixed */ protected function checkAuth($login, $password, $ip) { if (empty($login)) { $this->sendError('0900'); } /** * User information */ $userM = new Application_Model_Sdv1Utilisateurs(); $sql = $userM->select() ->setIntegrityCheck(false) ->from(array('u'=>'utilisateurs'), array( 'u.login', 'u.id', 'u.email', 'u.password', 'u.idClient', 'u.typeCompte', 'u.actif', 'u.filtre_ip', 'u.profil', 'u.civilite', 'u.nom', 'u.prenom', 'u.tel', 'u.fax', 'u.mobile', 'u.pref', 'u.rechRefType', 'u.profil', 'u.nombreConnexions', 'u.dateDerniereConnexion', 'u.droits', 'u.referenceParDefaut', 'u.nbReponses', 'u.lang', 'u.formatMail', 'u.dateDebutCompte', 'u.dateFinCompte', 'u.accesWS', 'u.acceptationCGU')) ->join(array('c'=>'clients'), 'u.idClient = c.id', array( 'c.droits AS droitsClients', 'c.test AS clientTest', 'c.typeScore', 'c.timeout', )) ->joinLeft(array('s'=>'sdv1.utilisateurs_service'), 'u.login=s.login', array('Service AS serviceCode')) ->joinLeft(array('v'=>'sdv1.clients_version'), 'u.idClient=v.clientId', array('version')) ->where('u.actif=?', 1) ->where('u.deleted=?', 0) ->where('c.actif=?','Oui'); /** * Connexion avec login = email */ if (strstr($login, '@') !== false) { $sql->where('u.email=?', $login); } /** * Connexion standard */ else { $sql->where('u.login=?', $login); } $resultId = $userM->fetchAll($sql); /** * No user, deleted or disable */ if ( null === $resultId ) { return false; } /** * Multiple compte */ if ( count($resultId) > 1 ) { return '0906'; } $result = $resultId[0]; /** * Date de debut de compte */ if ( !empty($result->dateDebutCompte) && $result->dateDebutCompte!='0000-00-00' ) { $today = mktime(0, 0, 0, date('m'), date('d'), date('Y')); $dateDebutCompte = mktime(0, 0, 0, substr($result->dateDebutCompte,5,2), substr($result->dateDebutCompte,8,2), substr($result->dateDebutCompte,0,4)); if ( $today < $dateDebutCompte ) { return '0903'; } } /** * Date de fin de compte */ if ( !empty($result->dateFinCompte) && $result->dateFinCompte!='0000-00-00' ) { $today = mktime(0, 0, 0, date('m'), date('d'), date('Y')); $dateFinCompte = mktime(0, 0, 0, substr($result->dateFinCompte,5,2), substr($result->dateFinCompte,8,2), substr($result->dateFinCompte,0,4)); if ( $today > $dateFinCompte) { return '0903'; } } /** * Service fallback */ if ($result->serviceCode === null) { $result->serviceCode = 'DEFAULT'; } /** * Select authentication version */ if ($result->version == 2) { $authResult = $this->authV2($result, $password, $ip); } else { $authResult = $this->authV1($result, $password, $ip); } $this->authLog($result->login, $authResult, $ip); return $authResult; } /** * Authentification v1 * @param object $userInfos * @param string $password * @param string $ip * @return string|boolean */ protected function authV1($userInfos, $password, $ip) { /** * Acces WS, block access to other apps */ if ($userInfos->accesWS == 1 && $userInfos->idClient != 1) { // --- Webservice user don't need access to others apps if ( in_array($ip, $this->listApplicationIp) ) { return '0901'; } elseif ($ip != '127.0.0.1') { // --- For customized version, check user is in the good service $clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php'; $wsClients = array(); foreach( $clients as $section => $params ){ if ($params['actif']) { if (count($params['idClient']) > 0) { foreach ($params['idClient'] as $idClient) { $wsClients[$idClient] = $section; } } } } if ( array_key_exists($userInfos->idClient, $wsClients) && ( $this->serviceClient === false || strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){ return '0901'; } } } /** * Protect staging environment * - No webservice access * - Not in production * - Not idClient 1 or 147 */ if ( APPLICATION_ENV=='staging' && !in_array($userInfos->idClient, array(1,147)) && $userInfos->accesWS==0 ) { return '0905'; } /** * IP Validation * Get an array of IP and IP range * 192.168.3.5-192.68.3.10;192.168.3.*;192.168.3.10 */ if ( !in_array($ip, $this->listApplicationIp) ) { if ( !empty($userInfos->filtre_ip) ) { $filtreIp = explode(';', trim($userInfos->filtre_ip, ';')); if ( count($filtreIp)>0 ) { // Extranet if ( substr($password,0,7)=='iponly:' ) { $ipToValidate = substr($password,7); } // WebService else { $ipToValidate = $ip; } //Validation $overallIpValidate = false; foreach ( $filtreIp as $filtre ) { if ( strpos($filtre, '*') ) { $filtre = str_replace('*', '0', $filtre) . '-' . str_replace('*', '255', $filtre); } // Is it a range ? if ( strpos($filtre, '-') ) { $validateIp = new Scores_Validate_IpInNetwork(); $validateIp->setNetworkNotation($filtre); $overallIpValidate = $validateIp->isValid($ipToValidate); } // Ip only else { if ( $filtre === $ipToValidate ) { $overallIpValidate = true; } } // Break foreach if ( $overallIpValidate === true ) { break; } } // Exit with error if ( $overallIpValidate === false ) { return '0904'; } } } } // Check password with database informations if ( $userInfos->password == $password //password sent in clear || md5($userInfos->password) == $password //password sent with md5 || md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5 || substr($password,0,7) == 'iponly:' ) { //Timeout $timeout = $userInfos->timeout; if ($timeout==0) $timeout = 1800; //Infos utilisateur $this->User = new stdClass(); $this->User->login = $userInfos->login; $this->User->id = $userInfos->id; $this->User->civilite = $userInfos->civilite; $this->User->nom = $userInfos->nom; $this->User->prenom = $userInfos->prenom; $this->User->tel = $userInfos->tel; $this->User->fax = $userInfos->fax; $this->User->mobile = $userInfos->mobile; $this->User->email = $userInfos->email; $this->User->typeCompte = $userInfos->typeCompte; $this->User->idClient = $userInfos->idClient; $this->User->serviceCode = $userInfos->serviceCode; $this->User->filtre_ip = $userInfos->filtre_ip; $this->User->ipConnexion = $ip; $this->User->pref = $userInfos->pref; $this->User->rechRefType = $userInfos->rechRefType; $this->User->profil = $userInfos->profil; $this->User->nombreConnexions = $userInfos->nombreConnexions; $this->User->dateDerniereConnexion = $userInfos->dateDerniereConnexion; $this->User->droits = $userInfos->droits; $this->User->droitsClients = $userInfos->droitsClients; $this->User->timeout = $timeout; $this->User->clientTest = $userInfos->clientTest; $this->User->typeScore = $userInfos->typeScore; $this->User->nbReponses = $userInfos->nbReponses; $this->User->lang = $userInfos->lang; $this->User->formatMail = $userInfos->formatMail; $this->User->referenceParDefaut = $userInfos->referenceParDefaut; $this->User->dateDebutCompte = $userInfos->dateDebutCompte; $this->User->dateFinCompte = $userInfos->dateFinCompte; $this->User->acceptationCGU = $userInfos->acceptationCGU; $this->User->version = $userInfos->version; return true; } return false; } /** * Authentification v2 * @param object $userInfos * @param string $credential * @param string $ip * @return string|boolean */ protected function authV2($userInfos, $credential, $ip) { $serviceM = new Application_Model_Sdv1ClientsServices(); $sql = $serviceM->select() ->where('IdClient=?', $userInfos->idClient) ->where('Code=?', $userInfos->serviceCode); $result = $serviceM->fetchRow($sql); // Aucun service if ($result === null) { return '0906'; } // Service inactif if ($result->Active == 0) { return '0906'; } // Block WebService User on Apps if ($result->AppWebservice == 1 && $this->authApp !== null && $userInfos->idClient != 1) { return '0901'; } // WebService customize version if ($result->AppWebservice == 1) { // For customized version, check user is in the good service $clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php'; foreach( $clients as $section => $params ){ if ($params['actif']) { $wsClients[$params['idClient']] = $section; } } if ( array_key_exists($userInfos->idClient, $wsClients) && ( $this->serviceClient == false || strtolower($this->serviceClientName) != $wsClients[$userInfos->idClient] ) ){ return '0901'; } } //Infos utilisateur $this->User = new stdClass(); $this->User->login = $userInfos->login; $this->User->id = $userInfos->id; $this->User->civilite = $userInfos->civilite; $this->User->nom = $userInfos->nom; $this->User->prenom = $userInfos->prenom; $this->User->tel = $userInfos->tel; $this->User->fax = $userInfos->fax; $this->User->mobile = $userInfos->mobile; $this->User->email = $userInfos->email; $this->User->typeCompte = $userInfos->typeCompte; $this->User->idClient = $userInfos->idClient; $this->User->serviceCode = $userInfos->serviceCode; $this->User->ipConnexion = $ip; $this->User->pref = $userInfos->pref; $this->User->rechRefType = $userInfos->rechRefType; $this->User->profil = $userInfos->profil; $this->User->droits = $userInfos->droits; $this->User->clientTest = $userInfos->clientTest; $this->User->typeScore = $userInfos->typeScore; $this->User->nbReponses = $userInfos->nbReponses; $this->User->lang = $userInfos->lang; $this->User->formatMail = $userInfos->formatMail; $this->User->referenceParDefaut = $userInfos->referenceParDefaut; $this->User->dateDebutCompte = $userInfos->dateDebutCompte; $this->User->dateFinCompte = $userInfos->dateFinCompte; $this->User->acceptationCGU = $userInfos->acceptationCGU; $this->User->version = $userInfos->version; //Add Service Parameter to user definition $this->User->typeScore = $result->TypeScore; $this->User->timeout = $result->Timeout; /** * Type de connexion * userPassword => Vérifier le mot de passe * userPasswordCrypt => Vérifier le mot de passe crypté * userIP => Vérifier uniquement l'utilisateur et son IP de connexion */ switch($result->TypeAcces) { case 'userPassword': if ($this->authIP($ip) === false) { return '0904'; } if ($this->authPassword($userInfos, $credential) === true) { $this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode); return true; } break; case 'userPasswordCrypt': if ($this->authIP($ip) === false) { return '0904'; } if ($this->authPasswordCrypt($userInfos, $credential) === true) { $this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode); return true; } break; case 'userIP': if (substr($credential,0,7) == 'iponly:') { $ip = substr($credential,7); if ($this->authIP($ip) === true) { $this->User->droits = $this->getAccessList($userInfos->idClient, $userInfos->serviceCode); return true; } } break; } return false; } /** * Check password * @todo : * Check how password is check * md5 => standard method md5 ( login | password ) * key => get associated key with crypt method * cert => get associated certificat * @param unknown $userInfos * @param unknown $password * @return boolean */ protected function authPassword($userInfos, $password) { if ( $userInfos->password == $password //password sent in clear || md5($userInfos->password) == $password //password sent with md5 || md5($userInfos->login.'|'.$userInfos->password) == $password //password sent concat with login and crypt by md5 ) { return true; } return false; } /** * Check password * @param object $userInfos * @param string $password */ protected function authPasswordCrypt($userInfos, $password) { if ( substr($password, 0, 4) == '$2y$' && strlen($password) == 60 && $password == $userInfos->password ) { return true; } elseif ( password_verify($password, $userInfos->password) === true ) { return true; } return false; } /** * Check ip * @param string $ip * @return string */ protected function authIP($ip) { //Check IP if (!in_array($ip, $this->listApplicationIp)) { $serviceIPM = new Application_Model_Sdv1ClientsServicesIP(); $sql = $serviceIPM->select(true)->columns('IP') ->where('IdClient=?', $this->User->idClient) ->where('Service=?', $this->User->serviceCode); $ipResult = $serviceIPM->fetchAll($sql); if (count($ipResult) > 0) { //Validation $overallIpValidate = false; foreach ($ipResult->IP as $filtre) { if (trim($filtre) != '') { // Is it a range ? if ( strpos($filtre, '-') ) { $validateIp = new Scores_Validate_IpInNetwork(); $validateIp->setNetworkNotation($filtre); $overallIpValidate = $validateIp->isValid($ip); } // Ip only else { if ( $filtre === $ip ) { $overallIpValidate = true; } } // Break foreach if ( $overallIpValidate === true ) { break; } } } // Exit with error if ( $overallIpValidate === false ) { return '0904'; } } } } /** * Log les erreurs d'authentification * @param mixed $result * @param string $ip * @return void */ protected function authLog($login, $result, $ip) { $authenticate = null; if ($result === false) { $authenticate = 'KO'; } else if (is_string($result)) { $authenticate = $result; } if ($authenticate !== null) { $data = array( 'login' => $login, 'authenticate' => $authenticate, 'ip' => $ip, ); try { $authLogM = new Application_Model_Sdv1UtilisateursAuthLog(); $authLogM->insert($data); } catch (Zend_Db_Exception $e) {} } } /** * Get Service Access List * @param int $clientId * @param string $serviceCode * @return array */ protected function getAccessList($clientId, $serviceCode) { $accesM = new Application_Model_Sdv1ClientsServicesDroits(); $sql = $accesM->select(true)->columns(array('Acces')) ->where('IdClient=?', $this->User->idClient) ->where('Service=?', $this->User->serviceCode); try { $accesResult = $accesM->fetchAll($sql); } catch ( Zend_Db_Exception $e ) { } $list = array(); if (count($accesResult) > 0 ) { foreach ($accesResult as $row) { $list[] = $row->Acces; } } return $list; } protected function trigger($event, $args) { //Est ce que l'utilisateur à un trigger //Pour chaque trigger - Executer l'action } }