<?php
require_once 'Metier/insee/classMInsee.php';
require_once 'Metier/insee/classMSirene.php';
require_once 'Metier/partenaires/classMBilans.php';
require_once 'Metier/partenaires/classMBourse.php';
require_once 'Metier/partenaires/classMLiens.php';
require_once 'Metier/partenaires/classMTva.php';
require_once 'Metier/partenaires/classMMap.php';
require_once 'Metier/partenaires/classMGreffes.php';
require_once 'Metier/partenaires/classMPrivileges.php';
require_once 'Metier/scores/classMFinancier.php';
require_once 'Metier/scores/classMSolvabilite.php';

require_once 'framework/mail/sendMail.php';

class WsScore
{
    /**
     * User information
     * @var array
     */
    protected $tabInfoUser;

    /**
     * Name of Service
     * @var string
     */
	public $serviceName = null;

	/**
	 * Is a customize service
	 * @var boolean
	 */
	public $serviceClient = false;

	/**
	 * Name of Client
	 * @var string
	 */
	public $serviceClientName = null;

	/**
	 * Version of service
	 * @var string
	 */
	public $serviceVersion = null;

	/**
	 * List all application IPs
	 * @var array
	 */
	protected $listApplicationIp = array (
		'88.191.79.121', 	//Extranet
		'78.31.45.206', 	//SDSL RAMBOUILLET
	);

	/**
	 * List all permission
	 * @var array
	 */
	protected $listeDroits = array (

	    //RECHERCHE
	    'RECHCSV'       => "Export des résultats de la recherche",
	    'IPARI'         => "Investigation par l'image IparI&copy;",
	    'HISTOBODACC'	=> "Historique des annonces bodacc",
	    'INVESTIG'		=> "Investigation",
	    'SEARCHENT'     => "Recherche Entreprise",
	    'SEARCHDIR'     => "Recherche Dirigeant",
	    'SEARCHACT'     => "Recherche Actionnaire",

	    //IDENTITE
	    'IDENTITE'       => "Fiche d'identité",
	    'IDPROCOL'		 => 'Fiche procédure collective',
	    'LIENS'          => "Liens inter-entreprise",
	    'ETABLISSEMENTS' => "Liste des établissements",
	    'GROUPE'		 => "Informations et organigramme du groupe",
	    'EVENINSEE'		 => '&Eacute;vènements INSEE',
	    'AVISINSEE'		 => 'Avis de situation INSEE',

	    //DIRIGEANT
	    'DIRIGEANTS'    => "Liste des dirigeants",
	    'DIRIGEANTSOP' 	=> "Liste des dirigeants opérationnels",

	    //FINANCE
	    'SYNTHESE'      => "Synthèse",
	    'RATIOS'        => "Ratios",
	    'FLUX'          => "Flux de trésorerie",
	    'LIASSE'        => "Liasse fiscale",
	    'LIASSEXLS'     => "Export des Liasses au format XLS",
	    'UPLOADBILAN'	=> "Saisie de bilan",
	    'BOURSE'        => "Bourse & cotations",
	    'BANQUE'        => "Relations bancaires",

	    //JURIDIQUE
	    'ANNONCES'      => "Annonces légales",
	    'INFOSREG'      => "Informations réglementée",
	    'COMPETENCES'   => "Compétences territoriales",
	    'CONVENTIONS'   => "Conventions collectives",
	    'MARQUES'		=> "Marques déposées",

	    //EVALUATION
    	'INDISCORE'		=> 'indiScore&copy;',
    	'INDISCORE2'	=> 'Rapport synthetique',
    	'INDISCORE3'	=> 'Rapport complet',
    	'INDISCOREP'	=> 'indiScore+',
    	'INDISCORE2P'	=> 'Rapport synthetique+',
    	'INDISCORE3P'	=> 'Rapport complet+',
    	'SCORECSF'		=> 'Score CSF',
    	'ENQUETEC'		=> 'Enquête commerciale',
    	'AVISCREDIT'	=> 'Avis de crédit personnalisé',

	    //PIECES
    	'KBIS'			=> 'Extrait RCS',
    	'ACTES'			=> 'Pièces officielles',
    	'PRIVILEGES'	=> 'Privilèges',

	    //SURVEILLANCES
    	'SURVANNONCE'	=> 'Surveillance des annonces légales',
    	'SURVINSEE'		=> 'Surveillance des événements INSEE',
    	'SURVBILAN'		=> 'Surveillance des bilans',
    	'SURVSCORE'		=> 'Surveillance des événements sur le score',
    	'SURVACTES'		=> 'Surveillance des actes',
    	'SURVDIRIGEANTS'=> 'Surveillance des dirigeants',
    	'SURVPAIEMENTS'	=> 'Surveillance des paiements',
    	'SURVLIENS'		=> 'Surveillance des liens financiers',
    	'SURVPRIV'		=> 'Surveillance des privilèges',

	    //OPTIONS
	    'MONPROFIL'		=> 'Mon profil',
	    'EDITION'		=> 'Mode Edition',
	    'PORTEFEUILLE' 	=> 'Portefeuille',
	    'SURVLISTE'		=> 'Liste des surveillances',

	    //DIVERS
	    'INTERNATIONAL'	=> 'Recherche Internationale',
	    'BDF'			=> 'Banque de France',
	);

	protected $listeCategory = array(
	    'RECHERCHE' => array(
	        'label' => "Recherche",
	        'droits' => array('RECHCSV', 'IPARI', 'HISTOBODACC', 'INVESTIG', 'SEARCHENT',
	            'SEARCHDIR', 'SEARCHACT'),
	     ),
	    'IDENTITE' => array(
	        'label' => "Identité",
	        'droits' => array('IDENTITE','IDPROCOL', 'LIENS', 'ETABLISSEMENTS', 'GROUPE',
	            'EVENINSEE', 'AVISINSEE'),
	    ),
	    'DIRIGEANT' => array(
	        'label' => "Dirigeant",
	        'droits' => array('DIRIGEANTS','DIRIGEANTSOP'),
	    ),
	    'FINANCE' => array(
	        'label' => 'Elements Financiers',
	        'droits' => array('SYNTHESE','RATIOS','FLUX','LIASSE','LIASSEXLS', 'UPLOADBILAN',
	            'BOURSE','BANQUE'),
	    ),
	    'JURIDIQUE' => array(
	        'label' => 'Elements Juridiques',
	        'droits' => array('ANNONCES','INFOSREG','COMPETENCES','CONVENTIONS','MARQUES'),
	    ),
	    'EVALUATION' => array(
	        'label' => 'Evaluation',
	        'droits' => array('INDISCORE', 'INDISCORE2', 'INDISCORE3', 'INDISCOREP', 'INDISCORE2P',
	            'INDISCORE3P','ENQUETEC','AVISCREDIT'),
	    ),
	    'PIECES' => array(
	        'label' => 'Pièces officielles',
	        'droits' => array('KBIS', 'ACTES', 'PRIVILEGES'),
	    ),
	    'SURVEILLANCES' => array(
	        'label' => 'Surveillances',
	        'droits' => array('SURVANNONCE', 'SURVINSEE', 'SURVBILAN', 'SURVSCORE', 'SURVACTES',
	            'SURVDIRIGEANTS', 'SURVPAIEMENTS', 'SURVLIENS', 'SURVPRIV',
	        ),
	    ),
	    'OPTIONS' => array(
	        'label' => 'Options',
	        'droits' => array('MONPROFIL','SURVLISTE','PORTEFEUILLE','EDITION'),
	    ),
	    'DIVERS' => array(
	        'label' => 'Divers',
	        'droits' => array('INTERNATIONAL', 'BDF'),
	    ),
	);

	/**
	 * List preferences
	 * @var array
	 */
	protected $listePrefs = array(
		'NAF4'			=> "Afficher les anciens NAF",
		'NACE'			=> "Afficher les codes NACES",
		'NEWS'			=> "Afficher les news Google&copy;",
		'MAPPY'			=> "Afficher les fa&ccedil;ades d'immeubles",
		'CARTES'		=> "Afficher les cartes et les plans",
		'VOIRSURV'		=> "Afficher les entités sous surveillances",
		'DEMANDEREF' 	=> "Demande de référence par defaut",
		'RECHREF'		=> "Afficher le formulaire de recherche par référence",
	);

	/**
	 * List logs for facturation
	 * @var array
	 */
	protected $logs = array(
	    'identite' => array(
	        'label' => "Identité"
	    ),
	    'liens' => array(
	        'label' => "Liens Inter-Entreprise"
	    ),
	    'etablissements' => array(
	        'label' => "Etablissements"
	     ),
	    'dirigeants' => array(
	        'label' => "Dirigeants"
	    ),
	    'annonces' => array(
	        'label' => "Annonces légales",
	    ),
	    'indiscore' => array(
	        'label' => "Indiscore",
	    ),
	    'indiscorep' => array(
	        'label' => "Indiscore+",
	     ),
	    'indiscore2' => array(
	        'label' => "Rapport",
	    ),
	    'indiscore2p' => array(
	        'label' => "Rapport avec suivi",
	    ),
	    'indiscore3' => array(
	        'label' => "Rapport complet",
	    ),
	    'indiscore3p' => array(
	        'label' => "Rapport complet avec suivi",
	    ),
	    'evenements' => array(
	        'label' => "Modifications Insee",
	    ),
	    'tva' => array(
	        'label' => "Modifications Insee",
	    ),
	    'infosreg' => array(
	        'label' => "Informations réglementées",
	    ),
	    'bourse' => array(
	        'label' => "Information boursière"
	    ),
	    'bilan' => array(
	        'label' => "Liasse fiscale",
	    ),
	    'sirenExiste' => array(
	        'label' => "Controle du SIREN",
	    ),
	    'ratios' => array(
	        'label' => "Ratios",
	    ),
	    'rapport1' => array(
	        'label' => "Rapport complet 1",
	    ),
	    'rapport2' => array(
	        'label' => "Rapport complet 2",
	    ),
	    'rapport3' => array(
	        'label' => "Rapport complet 3",
	    ),
	    'banque' => array(
	        'label' => "Relations banquaires",
	     ),
	    'competences' => array(
	        'label' => "Competences territoriales",
	     ),
	    'privdetail' => array(
	        'label' => "Détails des privilèges",
	    ),
	    'privcumul' => array(
	        'label' => "Privilèges cumulés",
	    ),
	    'conventions' => array(
	        'label' => "Conventions collectives",
	    ),
	    'marques' => array(
	        'label' => "Marques déposés",
	    ),
	    'kbis' => array(
	        'label' => "Extrait RCS",
	    ),
	    'dirigeantsop' => array(
	        'label' => "Dirigeants opérationels",
	    ),
	    'groupesarbo' => array(
	        'label' => "Arborescence de groupes",
	    ),
	    'groupeinfos' => array(
	        'label' => "Informations groupe",
	    ),
	);

	/**
	 * List of error code send as SoapFault
	 * @var unknown_type
	 */
	public $listError = array(
		'0900' => "Identifiant ou mot de passe incorrect",
		'0901' => "Accès WS non authorisé pour cet utilisateur",
		'0902' => "Méthode non authorisée dans votre profil",
		'0903' => "Période d'accès au service invalide",
		'0904' => "Adresse IP Invalide",
		'1010' => 'Siren invalide',
		'1011' => 'Identifiant invalide',
		'1020' => 'Siren inexistant',
		'1021' => 'Type d\'identifiant inexistant',
		'1030' => 'Aucun résultat pour ce siren en base',
		'3000' => 'Service disponible',
		'9000' => 'Service S&D indisponible',
		'9001' => 'Service partenaire indisponible',
		'9002' => 'Méthode provisoirement indisponible',
		'9003' => 'Version du service désactivé',
		'9004' => 'Version du service inexistant',
		'9010' => 'Fichier indisponible',
		'9020' => 'Requête incorrecte',
	);

	public function __construct()
	{
		define ('DATETIME',		date('YmdHis'));
		define ('DATE',			substr(DATETIME,0,8));
		define ('TIME',			substr(DATETIME,8,6));
		define ('DATE_LISIBLE',	substr(DATETIME,6,2).'/'.substr(DATETIME,4,2).'/'.substr(DATETIME,0,4));
		define ('TIME_LISIBLE',	substr(DATETIME,8,2).':'.substr(DATETIME,10,2).':'.substr(DATETIME,12,2));
	}

	/**
	 * Send SoapFault with code and messade define
	 * @param string $code
	 * @throws SoapFault
	 */
	protected function sendError($code)
	{
		$message = 'Erreur inconnue';
		if (array_key_exists($code, $this->listError)){
			$message = $this->listError[$code];
		}
		throw new SoapFault($code,$message);
		exit;
	}

	/**
	 * Enregistre l'appel utilisateur à une méthode
	 * @param $service
	 * @param $siret
	 * @param $ref
	 * @return void
	 */
	protected function wsLog($service, $siret='', $ref='')
	{
		$iDbCrm = new WDB('sdv1');

		//Is it a test
		if ($this->tabInfoUser['clientTest']=='Oui' || $this->tabInfoUser['typeCompte']=='TEST') {
			$test=1;
		} else {
			$test=0;
		}

		//Get login service
		$sql = "SELECT * FROM utilisateurs_service WHERE login='".$this->tabInfoUser['login']."'";
		$result = $iDbCrm->query($sql);
		if ( mysql_num_rows($result) == 0 ) {
		    $loginService = 'default';
		} else {
		    $row = mysql_fetch_assoc($result);
		    $loginService = $row['serviceCode'];
		}

		//Update count access to a service
		$sql = "UPDATE logsCount SET conso=conso+1 WHERE jour=CURDATE() AND idClient=".$this->tabInfoUser['idClient'].
		    " AND service='".$loginService."' AND log='".$service."'";
		$iDbCrm->query($sql);
		$updateOk = $iDbCrm->getAffectedRows();
		//If not insert
		if ($updateOk==0) {
		    $sql = "INSERT INTO logsCount (jour, idClient, service, log, conso) ".
		            "VALUES (NOW(), ".$this->tabInfoUser['idClient'].", '".$loginService."', '".$service."', 1) ";
		    $iDbCrm->query($sql);
		}

		if (strlen($siret)==14) {
		    $siren = substr($siret,0,9);
		    $nic = substr($siret,9,5);
		} elseif (strlen($siret)==9) {
		    $siren=$siret;
		    $nic='';
		}

		$rs = '';
		$cp = '';
		$vil = '';

		$tabRdvInsee = array();
		if (in_array($service, array(
				'identite',
				'greffe_bilans',
				'greffe_actes',
				'liens',
				'dirigeants',
				'etablissements',
				'dirigeantsOp',
				'kbis',
				'indiscore', 'indiscore2', 'indiscore3', 'rapport2', 'rapport3'))
		) {
			if 		(intval($siren)>1000 && intval($nic)>9)	$strNic=" AND nic=$nic ";
			elseif 	(intval($siren)==0 && $ref>0)	$strNic=" AND id=$ref ";
			elseif 	(intval($siren)>1000)			$strNic=" AND siege=1 ORDER BY actif DESC, nic DESC ";
			else	return;
			$rep = $iDbCrm->select('jo.etablissements',
				'siren, nic, actif, siege, raisonSociale, adr_cp, adr_ville, source',
				"siren=$siren $strNic", false, MYSQL_ASSOC);
			$tabRep = $rep[0];
			$rs = $tabRep['raisonSociale'];
			$cp = $tabRep['adr_cp'];
			$vil = $tabRep['adr_ville'];
			$tabRdvInsee['source']=$tabRep['source'];
			if ($tabRep['actif']==0)
				$tabRdvInsee['actifInsee']=0;
			elseif (intval($siren)>1000) {
				$tabRdvInsee['actifInsee']=1;
				$rep=$iDbCrm->select('jo.rncs_entrep', 'count(*) AS nb', "siren=$siren", false, MYSQL_ASSOC);
				$tabRep=$rep[0];
				if ($tabRep['nb']>0)	$tabRdvInsee['source']=5;
			}
		}
		$tabInsert = array(
			'login'			=> $this->tabInfoUser['login'],
			'idClient'		=> $this->tabInfoUser['idClient'],
			'page'			=> $service,
			'siren'			=> $siren,
			'nic'			=> $nic,
			'params'		=> $ref,
			'test'			=> $test,
			'raisonSociale'	=> $rs,
			'cp'			=> $cp,
			'ville'			=> $vil,
			'ipClient'		=> $this->tabInfoUser['ipConnexion'],
		);
		$rep = $iDbCrm->insert('logs', array_merge($tabInsert,$tabRdvInsee), false, true);
	}

	/**
	 * Retourne une erreur soap lors d'une mauvaise authentification
	 * @throws SoapFault
	 */
	protected function authenticate()
	{
		$auth = $this->checkAuth($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'], $_SERVER['REMOTE_ADDR']);
		if ( $auth === false ) {
			$this->sendError('0900');
		} elseif ( $auth !== true ) {
			$this->sendError($auth);
		}
	}

	protected function permission($perm)
	{
		if ( !$this->checkPerm($perm) ){
			$this->sendError('0902');
		}
	}


	protected function checkLimit($log)
	{
	    //Get login service
	    $sql = "SELECT * FROM utilisateurs_service WHERE login='".$this->tabInfoUser['login']."'";
	    $result = $iDbCrm->query($sql);
	    if ( mysql_num_rows($result) == 0 ) {
	        $loginService = 'default';
	    } else {
	        $row = mysql_fetch_assoc($result);
	        $loginService = $row['serviceCode'];
	    }

	    //Read if client has pricing for this service
	    $pricing = $iDbCrm->select('clients_tarifs', 'login, service',
	            "log='".$log."' AND idClient=" . $this->tabInfoUser['idClient'] .
	            " AND service='".$loginService."'" .
	            " ORDER BY dateDebut DESC LIMIT 1");

	    if ( count($pricing)>0 ) {
	        //Limit
	    }
	}

	/**
	 * Check if user has the right to access WebService
	 * @throws SoapFault
	 */
	protected function checkAccesWS()
	{
		//Vérifier que l'utilisateur à le droit accesWS (clients/utilisateurs)
		$accesWs = $this->tabInfoUser['accesWS'];
		if ($accesWs){
			$this->sendError('0901');
		}
	}

	/**
	 * Check if the user has the right to acces this functionality
	 * @param string $perm
	 * @throws SoapFault
	 */
	protected function checkPerm($perm)
	{
		$droits = $this->tabInfoUser['droits'];
		$output = false;
		if ( preg_match('/\b'.$perm.'\b/i', $droits) ){
			$output = true;
		}
		return $output;
	}

	/**
	 * Check if the user could edit data
	 */
	protected function checkEdition()
	{
	    if ($this->tabInfoUser['idClient']==1)
	        return true;

	    if ($this->checkPerm('edition'))
	        return true;

	    return false;
	}


	/**
	 * checkAuth
	 * @param string $login
	 * @param string $password
	 * @param string $ipConnexion
	 * @return mixed
	 */
	protected function checkAuth($login, $password, $ipConnexion)
	{
	    $userM = new Application_Model_Sdv1Utilisateurs();
	    $sql = $userM->select()
    	    ->setIntegrityCheck(false)
    	    ->from(array('u'=>'utilisateurs'), array(
    	        'u.login', 'u.id', 'u.email', 'u.password', 'u.idClient', 'u.typeCompte', 'u.actif',
    	        'u.filtre_ip', 'u.profil', 'u.civilite', 'u.nom', 'u.prenom', 'u.tel', 'u.fax',
    	        'u.mobile', 'u.pref', 'u.rechRefType', 'u.profil', 'u.nombreConnexions',
    	        'u.dateDerniereConnexion', 'u.droits', 'u.referenceParDefaut', 'u.nbReponses', 'u.lang',
    	        'u.formatMail', 'u.dateDebutCompte', 'u.dateFinCompte', 'u.accesWS', 'u.acceptationCGU'))
    	    ->join(array('c'=>'clients'), 'u.idClient = c.id', array(
    	        'c.droits AS droitsClients', 'c.test AS clientTest', 'c.typeScore', 'c.timeout',
    	        ))
    	    ->where('u.login=?', $login)
    	    ->where('u.actif=?', 1)
    	    ->where('u.deleted=?', 0)
    	    ->where('c.actif=?','Oui');

	    $result = $userM->fetchRow($sql);

	    if ( null === $result ) {
	        debugLog('W',"CheckAuth $login/$password inexistant ou inactif (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
	        return false;
	    }

	    // Check password with database informations
	    if ( $result->password == $password    //password sent in clear
	            || md5($result->password) == $password     //password sent with md5
	            || md5($result->login.'|'.$result->password) == $password //password sent concat with login and crypt by md5
	            // Block access with IPs
	            || ( substr($password,0,7)=='iponly:'
	                    && !empty($result->filtre_ip)
	                    && checkPlagesIp($result->filtre_ip, substr($password,7))) ) {

	        $timeout = $result->timeout;
	        if ($timeout==0) $timeout = 1800;
	        $this->tabInfoUser = array(
	            'login'					=> $result->login,
	            'id'					=> $result->id,
	            'civilite'				=> $result->civilite,
	            'nom'					=> $result->nom,
	            'prenom'				=> $result->prenom,
	            'tel'					=> $result->tel,
	            'fax'					=> $result->fax,
	            'mobile'				=> $result->mobile,
	            'email'					=> $result->email,
	            'typeCompte'			=> $result->typeCompte,
	            'idClient'				=> $result->idClient,
	            'filtre_ip'				=> $result->filtre_ip,
	            'ipConnexion'			=> $ipConnexion,
	            'pref'					=> $result->pref,
	            'rechRefType'			=> $result->rechRefType,
	            'profil'				=> $result->profil,
	            'nombreConnexions'		=> $result->nombreConnexions,
	            'dateDerniereConnexion'	=> $result->dateDerniereConnexion,
	            'droits'				=> $result->droits,
	            'droitsClients'			=> $result->droitsClients,
	            'timeout'				=> $timeout,
	            'clientTest'			=> $result->clientTest,
	            'typeScore'				=> $result->typeScore,
	            'nbReponses'			=> $result->nbReponses,
	            'lang'                  => $result->lang,
	            'formatMail'			=> $result->formatMail,
	            'referenceParDefaut'	=> $result->referenceParDefaut,
	            'dateDebutCompte'		=> $result->dateDebutCompte,
	            'dateFinCompte'			=> $result->dateFinCompte,
	            'acceptationCGU'		=> $result->acceptationCGU
	        );
	        debugLog('W',"CheckAuth $login/$password OK", __LINE__,__FILE__, __FUNCTION__, __CLASS__);

	        /**
	         * Date de debut de compte
	         */
	        if ( !empty($result->dateDebutCompte) && $result->dateDebutCompte!='0000-00-00' ) {
	            $today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
	            $dateDebutCompte = mktime(0, 0, 0, substr($result->dateDebutCompte,5,2), substr(dateDebutCompte,8,2), substr($result->dateDebutCompte,0,4));
	            if ( $today < $dateDebutCompte ) {
	                return '0903';
	            }
	        }

	        /**
	         * Date de fin de compte
	         */
	        if ( !empty($result->dateFinCompte) && $result->dateFinCompte!='0000-00-00' ) {
	            $today = mktime(0, 0, 0, date('m'), date('d'), date('Y'));
	            $dateFinCompte = mktime(0, 0, 0, substr($result->dateFinCompte,5,2), substr($result->dateFinCompte,8,2), substr($result->dateFinCompte,0,4));
	            if ( $today > $dateFinCompte) {
	                return '0903';
	            }
	        }

	        /**
	         * Acces WS, block access to other apps
	         */
	        if ($result->accesWS==1 && $result->idClient!=1) {

	            // Webservice user don't need access to others apps
	            if ( in_array($ipConnexion, $this->listApplicationIp) && $tabRep['idClient']!=1 ) {

	                return '0901';

	            } elseif ($ipConnexion!='127.0.0.1') {

	                // For customized version, check user is in the good service
	                $clients = include APPLICATION_PATH . '/../library/WsScore/Clients/ClientsConfig.php';
	                foreach( $clients as $section => $params ){
	                    if ($params['actif']) {
	                        $wsClients[$params['idClient']] = $section;
	                    }
	                }
	                if ( array_key_exists($this->tabInfoUser['idClient'], $wsClients)
	                        && ( $this->serviceClient == false
	                        || strtolower($this->serviceClientName)!=$wsClients[$this->tabInfoUser['idClient']] ) ){
	                    return '0901';
	                }

	            }
	        }
	        return true;

	    }
	    debugLog('W',"CheckAuth $login/$password incorrect (IP=$ipConnexion)", __LINE__,__FILE__, __FUNCTION__, __CLASS__);
	    return false;
	}
}