authIp = $ipUtilisateur; // --- Authenticate $this->authenticate(); // --- Profil administrateur $isAdmin = false; if ( in_array($this->User->profil, array('Administrateur', 'SuperAdministrateur')) ) { $isAdmin = true; } // --- Consultation des infos d'un login $isOtherUser = false; if ( !empty($login) && !in_array($login, array($this->User->login, $this->User->email)) ) { $isOtherUser = true; } $error = new ErrorType(); $result = new InfosLogin(); if ( $isOtherUser && $isAdmin ) { // --- Récupération des informations login try { $qb = $this->conn->createQueryBuilder(); $qb->select('u.login', 'u.id', 'u.email', 'u.password', 'u.idClient', 'u.typeCompte', 'u.actif', 'u.filtre_ip', 'u.profil', 'u.civilite', 'u.nom', 'u.prenom', 'u.tel', 'u.fax', 'u.mobile', 'u.pref', 'u.rechRefType', 'u.profil', 'u.nombreConnexions', 'u.dateDerniereConnexion', 'u.droits', 'u.referenceParDefaut', 'u.nbReponses', 'u.lang', 'u.formatMail', 'u.dateDebutCompte', 'u.dateFinCompte', 'u.accesWS', 'u.acceptationCGU', 'c.droits AS droitsClients', 'c.test AS clientTest', 'c.typeScore', 'c.timeout', 's.Service AS serviceCode', 'v.version') ->from('sdv1.utilisateurs', 'u') ->join('u', 'sdv1.clients', 'c', 'u.idClient = c.id') ->leftJoin('u', 'sdv1.utilisateurs_service', 's', 'u.login=s.login') ->leftJoin('u', 'sdv1.clients_version', 'v', 'u.idClient=v.clientId') ->where('u.deleted = 0')->andWhere('c.actif = "Oui"') ->andWhere('u.login = :login'); $qb->setParameter('login', $login); $stmt = $qb->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($stmt->rowCount() == 0) { throw new SoapFault('ERR', "Utilisateur inexistant !"); } else { $resultUser = $stmt->fetch(\PDO::FETCH_OBJ); $timeOutSec = $resultUser->timeout; if ($timeOutSec==0) $timeOutSec = 1800; $result->login = $resultUser->login; $result->id = $resultUser->id; $result->email = $resultUser->email; $result->typeCompte = $resultUser->typeCompte; $result->idClient = $resultUser->idClient; $result->filtre_ip = $resultUser->filtre_ip; $result->civilite = $resultUser->civilite; $result->nom = $resultUser->nom; $result->prenom = $resultUser->prenom; $result->raisonSociale = ''; $result->siret = ''; $result->adrNum = ''; $result->adrIndRep = ''; $result->adrTypeVoie = ''; $result->adrLibVoie = ''; $result->adrCp = ''; $result->adrVille = ''; $result->adrComp = ''; $result->tel = $resultUser->tel; $result->fax = $resultUser->fax; $result->mobile = $resultUser->mobile; $result->pref = $resultUser->pref; $result->profil = $resultUser->profil; $result->dateInscription = ''; $result->dateValidation = ''; $result->nombreConnexions = $resultUser->nombreConnexions; $result->dateDerniereConnexion = $resultUser->dateDerniereConnexion; $result->droits = $resultUser->droits; $result->droitsClients = $resultUser->droitsClients; $result->timeout = $timeOutSec; $result->clientTest = $resultUser->clientTest; $result->typeScore = $resultUser->typeScore; $result->nbReponses = $resultUser->nbReponses; $result->lang = $resultUser->lang; $result->formatMail = $resultUser->formatMail; $result->reference = $resultUser->referenceParDefaut; $result->dateDebutCompte = $resultUser->dateDebutCompte; $result->dateFinCompte = $resultUser->dateFinCompte; $result->maxFicheId = ''; } } // --- Récupération des données utilisateurs inscrite dans le server else { $result->login = $this->User->login; $result->id = $this->User->id; $result->idClient = $this->User->idClient; $result->email = $this->User->email; $result->typeCompte = $this->User->typeCompte; $result->filtre_ip = $this->User->filtre_ip; $result->ipPasserelle = $this->User->ipConnexion; $result->ipConnexion = $ipUtilisateur; $result->civilite = $this->User->civilite; $result->nom = $this->User->nom; $result->prenom = $this->User->prenom; $result->raisonSociale = ''; $result->siret = ''; $result->adrNum = ''; $result->adrIndRep = ''; $result->adrTypeVoie = ''; $result->adrLibVoie = ''; $result->adrCp = ''; $result->adrVille = ''; $result->adrComp = ''; $result->tel = $this->User->tel; $result->fax = $this->User->fax; $result->mobile = $this->User->mobile; $result->pref = $this->User->pref; $result->profil = $this->User->profil; $result->dateInscription = $this->User->dateInscription; $result->dateValidation = $this->User->dateValidation; $result->nombreConnexions = $this->User->nombreConnexions; $result->dateDerniereConnexion = $this->User->dateDerniereConnexion; // v2 auth return an array if ( is_array($this->User->droits) ) { $result->droits = join(' ', $this->User->droits); } else { $result->droits = $this->User->droits; } $result->droitsClients = $this->User->droitsClients; $result->timeout = $this->User->timeout; $result->clientTest = $this->User->clientTest; $result->typeScore = $this->User->typeScore; $result->nbReponses = $this->User->nbReponses; $result->lang = $this->User->lang; $result->formatMail = $this->User->formatMail; $result->reference = $this->User->referenceParDefaut; $result->dateDebutCompte = $this->User->dateDebutCompte; $result->dateFinCompte = $this->User->dateFinCompte; $result->maxFicheId = ''; $result->typeScore = $this->User->typeScore; $result->acceptationCGU = $this->User->acceptationCGU; // --- On log l'accès à l'authentification if ($from == 'auth') { $dateConnexion = date('YmdHis'); $data = array( 'login' => $this->User->login, 'authenticate' => 'OK', 'ip' => $ipUtilisateur, 'dateInsert' => $dateConnexion, ); try { $this->conn->insert('sdv1.utilisateurs_auth_log', $data); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } // --- Date de dernière connexion try { $this->conn->update('sdv1.utilisateurs', array('dateDerniereConnexion'=> $dateConnexion), array('id' => $this->User->id)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } } } // --- Retour $output = new InfosLoginReturn(); $output->error = $error; $output->result = $result; return $output; } /** * Recherche de login * @param string $idClient * @param string $query * @return string */ public function searchLogin($idClient, $query) { $this->authenticate(); $sql = "SELECT id, login, actif, deleted FROM sdv1.utilisateurs WHERE idClient = :clientId AND login LIKE ':q%' LIMIT, 0,20"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('clientId', $idClient); $stmt->bindValue('q', $query); $stmt->execute(); if ($stmt->rowCount() > 0) { return json_encode($stmt->fetchAll(\PDO::FETCH_ASSOC)); } return false; } /** * Mise à jour des informations du profil connecté * @param string $login * @param string $action (delete|enable|disable|changepwd|new|update) * @param string $infos * @return boolean */ public function setInfosLogin($login, $action, $infos = null) { $this->authenticate(); //Initialisation $result = false; $infos = json_decode($infos, true); //Get user infos try { $sql = "SELECT * FROM sdv1.utilisateurs WHERE login = :login"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('login', $login); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } //isExist if ($stmt->rowCount() > 0) { $row = $stmt->fetch(\PDO::FETCH_OBJ); //isEditable if ($row->accesWS == 1 && !in_array($this->User->profil, array('Administrateur', 'SuperAdministrateur')) ) { throw new SoapFault('MSG', "User not editable"); } } //Make action switch($action) { case 'delete': if ($this->User->profil=='Administrateur' || $this->User->profil=='SuperAdministrateur') { $tabUpdate = array( 'deleted' => 1, 'dateUpdate' => date('Y-m-d H:i:s') ); try { $nb = $this->conn->update('sdv1.utilisateurs', $tabUpdate, array('login' => $login)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($nb){ $result = true; } } break; case 'enable': case 'disable': if ($this->User->profil=='Administrateur' || $this->User->profil=='SuperAdministrateur') { $actif = 1; if ($action=='disable') { $actif = 0; } $tabUpdate = array( 'actif' => $actif, 'dateUpdate' => date('YmdHis') ); try { $nb = $this->conn->update('sdv1.utilisateurs', $tabUpdate, array('login' => $login)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($nb){ $result = true; } } break; case 'changepwd': $tabUpdate = array( 'password' => stripslashes($infos['password']), 'dateUpdate' => date('Y-m-d H:i:s') ); try { $nb = $this->conn->update('sdv1.utilisateurs', $tabUpdate, array('login' => $login)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($nb){ $result = true; } break; case 'new': if ( $this->User->profil=='Administrateur' || $this->User->profil=='SuperAdministrateur') { if ($row !== null) { $message = "Utilisateur existant dans le référentiel"; if ($row->deleted == 1) { $message.=" (supprimé)"; } throw new SoapFault('ERR', $message); } $tabUpdate = array(); $idClient = $this->User->idClient; if ( $this->User->profil=='SuperAdministrateur' && $infos['idClient']!=''){ $idClient = $infos['idClient']; } $tabUpdate['idClient'] = $idClient; $tabUpdate['login'] = $login; $tabUpdate['email'] = strtolower(stripslashes($infos['email'])); $tabUpdate['password'] = stripslashes($infos['password']); $tabUpdate['actif'] = 0; $tabUpdate['deleted'] = 0; $typeCompte = 'PROD'; if ( $this->User->profil=='SuperAdministrateur' && $infos['typeCompte']=='TEST'){ $typeCompte = 'TEST'; } $tabUpdate['typeCompte'] = $typeCompte; //@todo : See issue #0001209 //$tabUpdate['civilite'] = 'M'; $tabUpdate['nom'] = stripslashes($infos['nom']); $tabUpdate['prenom'] = stripslashes($infos['prenom']); //$tabUpdate['raisonSociale'] = ''; //$tabUpdate['siret'] = 00000000; //adrNum //adrIndRep //adrTypeVoie //adrLibVoie //adrCp //adrVille //adrComp $tabUpdate['tel'] = stripslashes($infos['tel_fix']); $tabUpdate['fax'] = stripslashes($infos['tel_fax']); $tabUpdate['mobile'] = stripslashes($infos['tel_mob']); $tabUpdate['pref'] = (implode(' ', $infos['pref']) === null) ? '' : implode(' ', $infos['pref']); $tabUpdate['profil'] = (isset($infos['profil']) || !in_array($infos->profil, array('SuperAdministrateur','Administrateur', 'Utilisateur')) ) ? $infos['profil'] : 'Utilisateur'; //dateInscription //dateValidation //nombreConnexions 0 //dateDerniereConnexion $tabUpdate['droits'] = implode(' ', $infos['droits']); $tabUpdate['referenceParDefaut'] = stripslashes($infos['reference']); $tabUpdate['nbReponses'] = $infos['nbReponses']; $tabUpdate['lang'] = $infos['lang']; $tabUpdate['formatMail'] = ($infos['formatMail'] === null) ? '' : $infos['formatMail']; $tabUpdate['lienExtranetMail'] = ($infos['lienExtranetMail'] === null) ? '' : $infos['lienExtranetMail']; $tabUpdate['listeEven'] = ($infos['listeEven'] === null) ? '' : $infos['listeEven']; $tabUpdate['dateDebutCompte'] = ($infos['dateDebutCompte'] === null) ? '' : $infos['dateDebutCompte']; $tabUpdate['dateFinCompte'] = ($infos['dateFinCompte'] === null) ? '' : $infos['dateFinCompte']; $tabUpdate['accesWS'] = ($infos['accesWS'] === null) ? '' : $infos['accesWS']; $tabUpdate['rechRefType'] = ($infos['rechRefType'] === null) ? '' : $infos['rechRefType']; //lienSurvFic //idSurvFic //loginCptSurvFic $tabUpdate['dateInsert'] = date('YmdHis'); //dateUpdate => MySql automatic update try { $nb = $this->conn->insert('sdv1.utilisateurs', $tabUpdate); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($nb){ $result = true; } } break; case 'update': //Don't update password if nothing is send if (!empty($infos['password'])){ $tabUpdate['password'] = stripslashes($infos['password']); } //Only this data could be updated by the user himself $tabUpdate['email'] = stripslashes($infos['email']); $tabUpdate['tel'] = stripslashes($infos['tel_fix']); $tabUpdate['fax'] = stripslashes($infos['tel_fax']); $tabUpdate['mobile'] = stripslashes($infos['tel_mb']); $tabUpdate['nbReponses'] = $infos['nbReponses']; if (!empty($infos['lang'])) { $tabUpdate['lang'] = $infos['lang']; } $tabUpdate['pref'] = implode(' ',$infos['pref']); //User with Administrateur or SuperAdministrateur can update these data if ($this->User->profil=='Administrateur' || $this->User->profil=='SuperAdministrateur') { $tabUpdate['droits'] = implode(' ', $infos['droits']); $tabUpdate['nom'] = stripslashes($infos['nom']); $tabUpdate['prenom'] = stripslashes($infos['prenom']); $tabUpdate['referenceParDefaut'] = stripslashes($infos['reference']); $tabUpdate['profil'] = isset($infos['profil']) ? $infos['profil'] : 'Utilisateur'; } //Only update as SuperAdministrateur if ($this->User->profil=='SuperAdministrateur') { $typeCompte = 'PROD'; if ( $this->User->profil=='SuperAdministrateur' && $infos['typeCompte']=='TEST'){ $typeCompte = 'TEST'; } $tabUpdate['typeCompte'] = $typeCompte; $formatMail = 'txt1'; if ( !empty($infos['formatMail']) ) { $formatMail = $infos['formatMail']; } $tabUpdate['formatMail'] = $formatMail; if (array_key_exists('lienExtranetMail', $infos) && !empty($infos['lienExtranetMail'])) { $tabUpdate['lienExtranetMail'] = $infos['lienExtranetMail']; } if (array_key_exists('listeEven', $infos) && !empty($infos['listeEven'])) { $tabUpdate['listeEven'] = $infos['listeEven']; } if (array_key_exists('dateDebutCompte', $infos) && !empty($infos['dateDebutCompte'])) { $tabUpdate['dateDebutCompte'] = $infos['dateDebutCompte']; } if (array_key_exists('dateFinCompte', $infos) && !empty($infos['dateFinCompte'])) { $tabUpdate['dateFinCompte'] = $infos['dateFinCompte']; } if (array_key_exists('accesWS', $infos) && !empty($infos['accesWS'])) { $tabUpdate['accesWS'] = $infos['accesWS']; } $rechRefType = 'UTI'; if (array_key_exists('rechRefType', $infos) && !empty($infos['rechRefType'])) { $rechRefType = $infos['rechRefType']; } $tabUpdate['rechRefType'] = $rechRefType; } $tabUpdate['dateUpdate'] = date('YmdHis'); try { $nb = $this->conn->update('sdv1.utilisateurs', $tabUpdate, array('login' => $login)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($nb){ $result = true; } break; default: $result = false; break; } return $result; } /** * Obtention automatique d'un nouveau login pour un client * @param int idClient * @return NextLoginReturn */ public function getNextLogin( $idClient ) { $this->authenticate(); //Initialisation $error = new ErrorType(); if ($this->User->profil == 'Administrateur' || $this->User->profil == 'SuperAdministrateur') { /** Un administrateur veut créer un nouveau login **/ try { $sql = "SELECT racineLogin, droits FROM sdv1.clients WHERE id = :id"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('id', $idClient); $stmt->execute(); $client = $stmt->fetch(\PDO::FETCH_ASSOC); $racine = $client['racineLogin']; $droitsClients = $client['droits']; } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } try { $sql = "SELECT COUNT(login) AS nb FROM sdv1.utilisateurs WHERE idClient = :id"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('id', $idClient); $stmt->execute(); $result = $stmt->fetch(\PDO::FETCH_OBJ); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($result->nb == 0) { $racine.= '1'; } else { $last_i = $result->nb; $cpt = 1; while (true) { $racine.= $last_i + $cpt; try { $sql = "SELECT login AS nb FROM sdv1.utilisateurs WHERE idClient=:id AND login=:racine"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('id', $idClient); $stmt->bindValue('racine', $racine); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } } if ($stmt->rowCount() == 0) { break; } $cpt++; } } $result = new NextLoginResult(); $result->racine = $racine; $result->idClient = $idClient; $result->droitsClients = $droitsClients; } else { $error->errnum = 0; $error->errmsg = 'Acces non authorisé!'; } $output = new NextLoginReturn(); $output->error = $error; $output->result = $result; return $output; } /** * Récupère la liste des clients ou les informations d'un client * @param integer|boolean $idClient * @param ClientFiltre $filtre * @return ListeClientsReturn */ public function getListeClients($idClient=false, $filtre=null) { $this->authenticate(); //Initialisation $error = new ErrorType(); if (empty($idClient)) $idClient = false; $isAuthorized = false; if ($this->User->profil == 'Administrateur' && ($idClient == 'false' || $idClient == $this->User->idClient)){ $idClient = $this->User->idClient; $isAuthorized = true; } if ($this->User->profil != 'SuperAdministrateur'){ $error->errnum = 1; $error->errmsg = 'Profil non administrateur'; } else { $isAuthorized = true; } if ($isAuthorized) { $strClient = ''; if (is_numeric($idClient)) { $strClient.= " AND id=$idClient"; } $sql = "SELECT id, nom, actif, test, racineLogin, siren, nic, tva, editerFacture, fact_detail, fac_dest, fac_adr1, fac_adr2, fac_adr3, fac_email, fac_tel, fact_rib, liv_dest, liv_adr1, liv_adr2, liv_adr3, liv_email, liv_tel, droits, filtres_ip, dateInsert, dateUpdate, respComSD, typeContrat, dateSignature, typeAcces, typeScore, timeout, accesPieces, accesKbis, accesInvestigations, accesInternationnal, accesEnquetes, miseSousSurveillance, forfaitExtranetPeriode, forfaitExtranetMontant, reconductionAuto, remarque, forfaitPiecesNb, forfaitPiecesMt, forfaitPiecesDep, forfaitInvestigNb, forfaitInvestigMt, forfaitInvestigDep, tarifIndiscore FROM sdv1.clients WHERE 1 $strClient"; $stmt = $this->conn->executeQuery($sql); $tabRet = array(); while($uti = $stmt->fetch(\PDO::FETCH_ASSOC)); { $client = new Client(); $client->idClient = $uti['id']; $client->nom = $uti['nom']; $client->actif = $uti['actif']; $client->test = $uti['test']; $client->racineLogin = $uti['racineLogin']; $client->siren = $uti['siren']; $client->nic = $uti['nic']; $client->tva = $uti['tva']; $client->editerFacture = $uti['editerFacture']; $client->fact_detail = $uti['fact_detail']; $client->fac_dest = $uti['fac_dest']; $client->fac_adr1 = $uti['fac_adr1']; $client->fac_adr2 = $uti['fac_adr2']; $client->fac_adr3 = $uti['fac_adr3']; $client->fac_email = $uti['fac_email']; $client->fac_tel = $uti['fac_tel']; $client->fact_rib = $uti['fact_rib']; $client->liv_dest = $uti['liv_dest']; $client->liv_adr1 = $uti['liv_adr1']; $client->liv_adr2 = $uti['liv_adr2']; $client->liv_adr3 = $uti['liv_adr3']; $client->liv_email = $uti['liv_email']; $client->liv_tel = $uti['liv_tel']; $client->droits = strtolower($uti['droits']); $client->timeout = $uti['timeout']; $client->filtres_ip = $uti['filtres_ip']; $client->dateInsert = $uti['dateInsert']; $client->dateUpdate = $uti['dateUpdate']; $client->respComSD = $uti['respComSD']; $client->typeContrat = $uti['typeContrat']; $client->dateSignature = $uti['dateSignature']; $client->typeAcces = $uti['typeAcces']; $client->typeScore = $uti['typeScore']; $client->accesPieces = $uti['accesPieces']; $client->accesKbis = $uti['accesKbis']; $client->accesInvestigations = $uti['accesInvestigations']; $client->accesInternationnal = $uti['accesInternationnal']; $client->accesEnquetes = $uti['accesEnquetes']; $client->miseSousSurveillance = $uti['miseSousSurveillance']; $client->forfaitExtranetPeriode = $uti['forfaitExtranetPeriode']; $client->forfaitExtranetMontant = $uti['forfaitExtranetMontant']; $client->reconductionAuto = $uti['reconductionAuto']; $client->remarque = $uti['remarque']; $client->forfaitPiecesNb = $uti['forfaitPiecesNb']; $client->forfaitPiecesMt = $uti['forfaitPiecesMt']; $client->forfaitPiecesDep = $uti['forfaitPiecesDep']; $client->forfaitInvestigNb = $uti['forfaitInvestigNb']; $client->forfaitInvestigMt = $uti['forfaitInvestigMt']; $client->forfaitInvestigDep = $uti['forfaitInvestigDep']; $client->tarifIndiscore = $uti['tarifIndiscore']; $tabRet[] = $client; } } $output = new ListeClientsReturn(); $output->error = $error; $output->result = $tabRet; return $output; } /** * Retourne la liste des droits * @return ListeDroitsReturn[] */ public function getListeDroits() { $tabRet = array(); foreach($this->listeDroits as $code => $desc){ $droit = new ListeDroitsReturn(); $droit->code = $code; $droit->desc = $desc; $tabRet[] = $droit; } return $tabRet; } /** * Catégorie des accès * @param string $code * @return ListCategoryReturn[] */ public function getCategory($code = null) { $tabRet = array(); foreach($this->listeCategory as $code => $desc){ $c = new ListCategoryReturn(); $c->code = $code; $c->desc = $desc['label']; $c->droits = $desc['droits']; $tabRet[] = $c; } return $tabRet; } /** * Retourne la liste des préférences * @return ListePrefsReturn[] */ public function getListePrefs() { $tabRet = array(); foreach ( $this->listePrefs as $code => $desc ) { $pref = new ListePrefsReturn(); $pref->code = $code; $pref->desc = $desc; $tabRet[] = $pref; } return $tabRet; } /** * Retourne la liste des logs * @return ListeLogsReturn[] */ public function getLogs() { $tabRet = array(); foreach ( $this->logs as $code => $desc ) { $log = new ListeLogsReturn(); $log->code = $code; $log->desc = $desc['label']; $tabRet[] = $log; } return $tabRet; } /** * Récupère les informations du profil connecté * @param string $login * @param int $idClient * @return ListeUtilisateursReturn */ public function getListeUtilisateurs($login, $idClient=null) { $this->authenticate(); //Initialisation $error = new ErrorType(); $tabRet = array(); if ($this->User->profil != 'Administrateur' && $this->User->profil != 'SuperAdministrateur') { $error->errnum = 1; $error->errmsg = 'Profil non administrateur'; } else { if (!isset($idClient)) { $sql = "SELECT idClient FROM sdv1.utilisateurs WHERE login='$login'"; $stmt = $this->conn->executeQuery($sql); $result = $stmt->fetch(\PDO::FETCH_OBJ); $idClient = $result->idClient; } if ($idClient == -1) { $error->errnum = 1; $error->errmsg = 'idClient=0'; } else { $sql = "SELECT id, idClient, login, email, actif, nom, prenom, referenceParDefaut FROM sdv1.utilisateurs WHERE idClient=$idClient AND deleted=0 ORDER BY login ASC"; $stmt = $this->conn->executeQuery($sql); while($uti = $stmt->fetch(\PDO::FETCH_ASSOC)) { $utilisateur = new Utilisateur(); $utilisateur->idUti = $uti['id']; $utilisateur->idClient= $uti['idClient']; $utilisateur->login = $uti['login']; $utilisateur->email = $uti['email']; $utilisateur->actif= $uti['actif']; $utilisateur->nom = $uti['nom']; $utilisateur->prenom = $uti['prenom']; $utilisateur->reference = $uti['referenceParDefaut']; $tabRet[]= $utilisateur; } } } $output = new ListeUtilisateursReturn(); $output->error = $error; $output->result = $tabRet; return $output; } /** * getLogsClients * @param string $mois (Format : AAAA-MM ou AAAA/MM) * @param int $detail * @param int $idClient * @param string $login * @param int $all * @return LogsClientsReturn */ public function getLogsClients($mois, $detail=0, $idClient=0, $login='', $all=0) { $this->authenticate(); // Initialisation $error = new ErrorType(); if (empty($detail)) { $detail = 0; } if (empty($idClient)) { $idClient = 0; } if (empty($login)) { $login = ''; } if (empty($all)) { $all = 0; } $strDetail = $strClient = $strLogin=''; // Vue détaillée ou uniquement les infos payantes if ($detail == 0) { $detail = 'Non'; $strDetail = ' AND ( '; $pages = array('greffe_actes', 'greffe_bilans', 'kbis', 'indiscore', 'indiscore2', 'indiscore3', 'rapport2', 'rapport3', 'privileges', 'privcumul'); $totalPages = count($pages); $i=0; foreach( $pages as $page ) { switch($page) { case 'greffe_actes': case 'greffe_bilans': $strDetail.= "(l.page = '".$page."' AND l.params<>'' AND (l.params NOT LIKE '%erreur%' OR l.params LIKE '%erreur 17%'))"; break; case 'kbis': $strDetail.= "(l.page = '".$page."' AND l.params<>'' AND l.params<>'1/1/0//' AND l.params<>'0/1/0//')"; break; default: $strDetail.= "(l.page = '".$page."')"; break; } $i++; if ($i < $totalPages) { $strDetail.= ' OR '; } } $strDetail.= ' ) '; } elseif($detail == 1) { $detail='Oui'; } // On veut uniquement le client précis if ($all && $this->User->profil=='SuperAdministrateur') { $all = 'Oui'; } else { $all = 'Non'; } // Pas d'idClient mentionné ou tentative sur autre client et non SAD if ($idClient == 0 || ($idClient != $this->User->idClient && $this->User->profil != 'SuperAdministrateur') ){ $idClient = $this->User->idClient; } $strClient = " AND u.idClient=$idClient "; // On veut uniquement le login précis if ($login != '') { $strLogin = " AND l.login='$login' "; } else { $login = 'Non'; } // Dates de début et de fin $mois = strtr($mois, array('-'=>'','/'=>'')); $annee = substr($mois,0,4); $mois = substr($mois,4,2); $dateDeb = date('Y-m-d', mktime(0,0,0,$mois,1,$annee)); $dateFin = date('Y-m-t', mktime(0,0,0,$mois,15,$annee)); $c = Zend_Registry::get('config'); $fichierCsv=$c->profil->path->shared."/files/logs-$annee-$mois-$detail-$idClient-$login-$all.csv"; if (file_exists($fichierCsv) && date('Ymd', filemtime($fichierCsv)) == date('Ymd') && filesize($fichierCsv)>60 ) { $size = filesize($fichierCsv); $erreur = false; $tabNom = array(); $cache = 1; } else { $sql = "SELECT LOWER(l.login) as loginUti, page, l.siren, l.nic, l.params, l.dateHeure, u.idClient, c.nom, u.referenceParDefaut AS refUti FROM sdv1.logs l, sdv1.utilisateurs u, sdv1.clients c WHERE 1 $strDetail $strClient $strLogin AND dateHeure BETWEEN '$dateDeb 00:00:00' AND '$dateFin 23:59:59' AND l.login=u.login AND u.idClient=c.id ORDER BY l.login ASC, l.dateHeure ASC"; file_put_contents($c->profil->path->shared."/files/logs-$annee-$mois-$detail-$idClient-$login-$all.sql", $sql); exec("php ".APPLICATION_PATH."/../scripts/jobs/sql2csv.php --sqlfile ".$c->profil->path->shared."/files/logs-$annee-$mois-$detail-$idClient-$login-$all.sql --csvfile $fichierCsv > /dev/null &"); $size = $cache = 0; } $hostname = 'http://'.$_SERVER['SERVER_NAME']; if ($_SERVER['SERVER_PORT']!='80'){ $hostname.= ':'.$_SERVER['SERVER_PORT']; } $result = new LogsClients(); $result->Url = $hostname."/fichier/logs/logs-$annee-$mois-$detail-$idClient-$login-$all.csv"; $result->Taille = $size; $result->Cache = $cache; $output = new LogsClientsReturn(); $output->error = $error; $output->result = $result; return $output; } /** * Création/Modification d'un client * @param string $infos * @return ClientReturn */ public function setClient($infos) { $this->authenticate(); $result = false; $nb = 0; //Pas SuperAdministrateur if ($this->User->profil!='SuperAdministrateur') { throw new SoapFault(1, 'Profil insuffisant pour cette méthode'); } else { $infos = json_decode($infos); /** * - Protéger les chaines de caractères * - Gérer les champs select */ $idClient = null; $tabInfos = array(); foreach($infos as $nom => $value) { switch($nom) { case 'idClient': $idClient = $value; break; case 'nom': $tabInfos['nom'] = $value; break; case 'actif': $tabInfos['actif'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'test': $tabInfos['test'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'racineLogin': $tabInfos['racineLogin'] = $infos->racineLogin; break; case 'siren': $tabInfos['siren'] = (int) $value; break; case 'nic': $tabInfos['nic'] = (int) $value; break; case 'tva': $tabInfos['tva'] = $value; break; case 'idClientFacture': $tabInfos['idClientFacture'] = $value; break; case 'editerFacture': $tabInfos['editerFacture'] = ($value=='Non') ? 'Non' : 'Oui'; break; case 'fact_detail': $tabInfos['fact_detail'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'fac_dest': $tabInfos['fac_dest'] = $value; break; case 'fac_adr1': $tabInfos['fac_adr1'] = $value; break; case 'fac_adr2': $tabInfos['fac_adr2'] = $value; break; case 'fac_adr3': $tabInfos['fac_adr3'] = $value; break; case 'fac_email': $tabInfos['fac_email'] = $value; break; case 'fac_tel': $tabInfos['fac_tel'] = $value; break; case 'fact_rib': if (in_array($value, array('BPOSTALE','CCOOP', 'CDNORD'))){ $tabInfos['fact_rib'] = $value; } break; case 'liv_dest': $tabInfos['liv_dest'] = $value; break; case 'liv_adr1': $tabInfos['liv_adr1'] = $value; break; case 'liv_adr2': $tabInfos['liv_adr2'] = $value; break; case 'liv_adr3': $tabInfos['liv_adr3'] = $value; break; case 'liv_email': $tabInfos['liv_email'] = $value; break; case 'liv_tel': $tabInfos['liv_tel'] = $value; break; case 'droits': if (count($value)>0){ $tabInfos['droits'] = strtolower(implode(' ',$value)); } else { $tabInfos['droits'] = array(); } break; case 'filtres_ip': $tabInfos['filtres_ip'] = trim($value, ';'); break; case 'typeContrat': if (in_array($value, array('Contrat','Marché'))){ $tabInfos['typeContrat'] = $value; } break; case 'typeAcces': if (in_array($value, array('userPassword','userPasswordIP', 'IP'))){ $tabInfos['typeAcces'] = $value; } break; case 'typeScore': if (in_array($value, array('20','100'))){ $tabInfos['typeScore'] = $value; } break; case 'timeout': if (!empty($value)){ $tabInfos['timeout'] = $value; } break; case 'accesPieces': $tabInfos['accesPieces'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'accesKbis': $tabInfos['accesKbis'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'accesInvestigations': $tabInfos['value'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'accesInternationnal': $tabInfos['accesInternationnal'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'accesEnquetes': $tabInfos['accesEnquetes'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'miseSousSurveillance': $tabInfos['miseSousSurveillance'] = ($value=='Oui') ? 'Oui' : 'Non' ; break; case 'forfaitExtranetPeriode': if (in_array($value, array('Mensuel','Trimestriel','Semestriel', 'Annuel'))){ $tabInfos['forfaitExtranetPeriode'] = $value; } break; case 'forfaitExtranetMontant': $tabInfos['forfaitExtranetMontant'] = $value; break; case 'reconductionAuto': if ($value=='Non') { $tabInfos['reconductionAuto'] = 'Non'; } break; case 'remarque': $tabInfos['remarque'] = $value; break; case 'forfaitPiecesNb': $tabInfos['forfaitPiecesNb'] = $value; break; case 'forfaitPiecesMt': $tabInfos['forfaitPiecesMt'] = $value; break; case 'forfaitPiecesDep': $tabInfos['forfaitPiecesDep'] = $value; break; case 'forfaitInvestigNb': $tabInfos['forfaitInvestigNb'] = $value; break; case 'forfaitInvestigMt': $tabInfos['forfaitInvestigMt'] = $value; break; case 'forfaitInvestigDep': $tabInfos['forfaitInvestigDep'] = $value; break; case 'tarifIndiscore': $tabInfos['tarifIndiscore'] = $value; break; case 'InterSudLogin': $tabInfos['InterSudLogin'] = $value; break; case 'InterSudPass': $tabInfos['InterSudPass'] = $value; break; } } if (empty($idClient)) { // --- Ajout $tabInfos['dateInsert'] = date('Y-m-d H:i:s'); try { $nb = $this->conn->insert('sdv1.clients', $tabInfos); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Création impossible"); } } } else { // --- Droits client actuel avant modification if (isset($tabInfos['droits'])) { try { $stmt = $this->conn->prepare("SELECT droits FROM sdv1.clients WHERE id=:id"); $stmt->bindValue('id', $idClient); $stmt->execute(); $result = $stmt->fetch(\PDO::FETCH_OBJ); } catch (\Doctrine\DBAL\DBALException $e) { } $droitsPre = explode(' ', $result->droits); $droitsSui = explode(' ', $tabInfos['droits']); //Détection suppression d'un droit client if (count($droitsSui) < count($droitsPre)) { $droitsDiff = array_diff($droitsPre, $droitsSui); //Modification sur les droits utilisateurs if (count($droitsDiff) > 0) { $this->_deleteAccess($droitsDiff, $idClient); } } } // --- Modification $tabInfos['dateUpdate'] = date('Y-m-d H:i:s'); try { $nb = $this->conn->update('sdv1.clients', $tabInfos, array('id' => $idClient)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Création impossible"); } } } } if ($nb) { $result = true; } $output = new ClientReturn(); $output->error = $error; $output->result = $result; return $output; } /** * Get all user params (only for admin) * @param string $login * @return string */ public function getUser($login) { $this->authenticate(); if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0901'); } try { $sql = "SELECT * FROM sdv1.utilisateurs WHERE login = :login"; $stmt = $this->conn->executeQuery($sql); $user = $stmt->fetch(\PDO::FETCH_ASSOC); return json_encode($user); } catch (\Doctrine\DBAL\DBALException $e) { throw new SoapFault('Database',$e->getMessage()); } } /** * Enregistre l'acceptation des CGU pour une application * @param string $application Nom de l'outil utilisé * @return boolean */ public function setCGU($application = null) { $this->authenticate(); $idUser = $this->User->id; try { $data = array('acceptationCGU' => date('YmdHis')); $result = $this->conn->update('sdv1.utilisateurs', $data, array('id' => $idUser)); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } if ( 1 == $result ) { return true; } return false; } /** * Liste des prestations pour un client * @param int $idClient * @return ClientPrestation[] * @throws SoapFault */ public function getPrestations($idClient) { $this->authenticate(); // Read prestations try { $sql = "SELECT id, typeprestation, datemiseenplace , datefinprestation, identifiantPrestation, prestationactive FROM sdv1.prestations WHERE idClient = :id"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('id', $idClient); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } $output = array(); if ($stmt->rowCount() > 0) { while ($item = $stmt->fetch(\PDO::FETCH_OBJ)) { $clientprestation = new ClientPrestation(); $clientprestation->id = $item->id; $clientprestation->type = $item->typeprestation; $clientprestation->identifiant = $item->identifiantPrestation; $clientprestation->active = $item->prestationactive; $clientprestation->dateDebut = $item->datemiseenplace; $clientprestation->dateFin = $item->datefinprestation; $output[] = $clientprestation; } } return $output; } /** * Liste des paramètres d'une prestation * @param int $id * @return string * @throws SoapFault */ public function getPrestation($id) { $this->authenticate(); // Read prestation try { $sql = "SELECT id, typeprestation, datemiseenplace , datefinprestation, identifiantPrestation, prestationactive FROM sdv1.prestations WHERE id = :id"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('id', $id); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } if ($stmt->rowCount()) { return json_encode($stmt->fetch(\PDO::FETCH_ASSOC)); } return ''; } /** * Define a Service in Client * @param int $idClient * @param string $infos * @throws SoapFault * @return int */ public function setService($idClient, $infos=null) { $this->authenticate(); if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0902'); } try { $dataIn = json_decode($infos, true); $code = $dataIn['code']; $label = $dataIn['label']; $droits = $dataIn['droits']; //Check if code exist in idClient $sql = "SELECT * FROM sdv1.clients_services WHERE idClient = :idClient AND code = :code"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->bindValue('code', $code); $stmt->execute(); if ($stmt->rowCount() > 0) { $row = $stmt->fetch(\PDO::FETCH_OBJ); $data = array( 'label' => $label, 'droits' => $droits ); $result = $this->conn->update('sdv1.clients_services', $data, array( 'idClient' => $idClient, 'code' => $code, )); // Delete if ( isset($row->droits) ) { $droitsPre = explode(' ', $row->droits); $droitsSui = explode(' ', $droits); //Détection suppression d'un droit client if (count($droitsSui) < count($droitsPre)) { $droitsDiff = array_diff($droitsPre, $droitsSui); //Modification sur les droits utilisateurs if (count($droitsDiff) > 0){ $this->_deleteAccess($droitsDiff, $idClient, $code); } } } } else { $data = array( 'code' => $code, 'label' => $label, 'droits' => $droits, 'idClient' => $idClient ); $result = $this->conn->insert('sdv1.clients_services', $data); } } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } return $result; } /** * Set a User in a Service * @param string $login * @param string $code * @throws SoapFault * @return int */ public function setUserService($login, $code) { $this->authenticate(); if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0902'); } try { // Check if a login exist $sql = "SELECT * FROM sdv1.utilisateurs_service WHERE login = :login"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('login', $login); $stmt->execute(); if ($stmt->rowCount() > 0) { $data = array('serviceCode' => $code); $result = $this->conn->update('sdv1.utilisateurs_service', $data, array('login' => $login)); } else { $data = array('login' => $login, 'serviceCode' => $code); $result = $this->conn->insert('sdv1.utilisateurs_service', $data); } } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } // Override login right access - always $sql = "SELECT * FROM sdv1.clients_services WHERE code = :code"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('code', $code); if ($stmt->rowCount() > 0) { $result = $stmt->fetch(\PDO::FETCH_OBJ); $this->conn->update('sdv1.utilisateurs', array('droits'=>$result->droits), array('login' => $login)); } return $result; } /** * List Services * @param int $idClient * @throws SoapFault * @return Service[] */ public function getServices($idClient) { $this->authenticate(); if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0902'); } try { $sql = "SELECT * FROM sdv1.clients_services WHERE idClient = :idClient ORDER BY LABEL ASC"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } $output = array(); if ($stmt->rowCount() > 0) { while ($item = $stmt->fetch(\PDO::FETCH_OBJ)) { $service = new Service(); $service->code = $item->code; $service->label = $item->label; $output[] = $service; } } return $output; } /** * Get service parameters * @param int $idClient * @param string $code * @throws SoapFault * @return string|boolean */ public function getService($idClient, $code) { $this->authenticate(); if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0902'); } try { $sql = "SELECT * FROM sdv1.clients_services WHERE idClient = :idClient AND serviceCode = :code"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->bindValue('code', $code); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } if ($stmt->rowCount() > 0) { return json_encode($stmt->fetch(\PDO::FETCH_ASSOC)); } return false; } /** * Retourne la liste des utilisateurs par service * @param int $idClient * @param string $serviceCode * @throws SoapFault * @return Utilisateur[] */ public function getServiceUsers($idClient, $serviceCode=null) { $this->authenticate(); if ( null === $serviceCode ) { $serviceCode = 'DEFAULT'; } if ($this->User->profil!='SuperAdministrateur') { $this->sendError('0902'); } $output = array(); // Login by service if ($serviceCode != 'DEFAULT') { //Check if service exist try { $sql = "SELECT code FROM sdv1.clients_services WHERE idClient = :idClient"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->execute(); if ($stmt->rowCount() == 0) { throw new SoapFault('ERR', 'Service inexistant'); } } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient==1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } // List login try { $sql = "SELECT * FROM sdv1.utilisateurs_service WHERE serviceCode = :code ORDER BY login ASC"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('code', $serviceCode); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } // Get login informations if ($stmt->rowCount() > 0) { while($login = $stmt->fetch(\PDO::FETCH_OBJ)) { $sql = "SELECT * FROM sdv1.utilisateurs WHERE login = :login AND deleted=0"; $userStmt = $this->conn->prepare($sql); $userStmt->bindValue('login', $login); $userStmt->execute(); $result = $userStmt->fetch(\PDO::FETCH_OBJ); $utilisateur = new Utilisateur(); $utilisateur->idUti = $result->id; $utilisateur->login = $result->login; $utilisateur->actif = $result->actif; $utilisateur->nom = $result->nom; $utilisateur->prenom = $result->prenom; $utilisateur->email = $result->email; $utilisateur->reference = $result->reference; $output[] = $utilisateur; } } } //Select all logins which have service to display only login without service else { $codes = array(); $notlogins = array(); $sql = "SELECT code FROM sdv1.clients_services WHERE idClient = :client"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('client', $idClient); $stmt->execute(); if ($stmt->rowCount() > 0) { while ($item = $stmt->fetch(\PDO::FETCH_OBJ)) { $codes[] = $item->code; } } if (count($codes) > 0) { try { $sql = "SELECT * FROM sdv1.utilisateurs_service WHERE serviceCode IN ('".join("','",$codes)."')"; $stmt = $this->conn->executeQuery($sql); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient==1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } if ($stmt->rowCount() > 0) { while ($item = $stmt->fetch(\PDO::FETCH_OBJ)) { $notlogins[] = $item->login; } } } if (count($notlogins) > 0) { $sql = "SELECT id, login, actif, nom, prenom, email, referenceParDefaut FROM sdv1.utilisateurs WHERE login NOT IN('".join("','",$notlogins)."') AND idClient = :idClient AND deleted = 0 ORDER BY login ASC"; } else { $sql = "SELECT id, login, actif, nom, prenom, email, referenceParDefaut FROM sdv1.utilisateurs WHERE idClient = :idClient AND deleted = 0 ORDER BY login ASC"; } $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->execute(); if ($stmt->rowCount() > 0) { while($result = $stmt->fetch(\PDO::FETCH_OBJ)) { $utilisateur = new Utilisateur(); $utilisateur->idUti = $result->id; $utilisateur->login = $result->login; $utilisateur->actif = $result->actif; $utilisateur->nom = $result->nom; $utilisateur->prenom = $result->prenom; $utilisateur->email = $result->email; $utilisateur->reference = $result->referenceParDefaut; $output[] = $utilisateur; } } } return $output; } /** * Override user params * @param string $element * @param int $idClient * @param string $service * @param string $login * @throws SoapFault * @return boolean */ public function setParam($element, $idClient, $service, $login=null) { $this->authenticate(); $element = strtoupper($element); if ( !in_array($element, array('IP', 'ACCESS')) ) { throw new SoapFault('ERR', 'Invalid parameters'); } switch ($element) { case 'IP': break; case 'ACCESS': $logins = $this->_serviceLogins($idClient, $service); if ( $login !== null ) { if ( !in_array($login,$logins) ) { throw new SoapFault('ERR', "Login not found"); } else { $logins = array($login); } } if ( count($logins)>0 ) { // Get access if ($service == 'DEFAULT') { $sql = "SELECT droits FROM sdv1.clients WHERE idClient = :idClient"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('idClient', $idClient); $stmt->execute(); $result = $stmt->fetch(\PDO::FETCH_OBJ); $droits = $result->droits; } else { $sql = "SELECT droits FROM sdv1.clients_services WHERE code = :code"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('code', $service); $stmt->execute(); $result = $stmt->fetch(\PDO::FETCH_OBJ); $droits = $result->droits; } // Override access $result = $this->conn->executeUpdate("UPDATE sdv1.utilisateurs SET droits = $droits WHERE login IN ('.join(',',$logins).')"); } break; } if (empty($result)) { return false; } return true; } /** * Override email(s) in surveillances * @param string $login * @param string $email * @throws SoapFault * @return int */ public function setSurveillancesMail($login, $email) { $this->authenticate(); try { $sql = "UPDATE IGNORE jo.surveillances_site SET email = :email AND login = :login"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('email', $email); $stmt->bindValue('login', $login); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } return $stmt->rowCount(); } /** * Set secondary email * @param string $email * @param string $login * @param string $id Id pour edition (set) ou suppression (del) * @param string $action (set|del) * @throws SoapFault * @return int */ public function setEmail($email, $login, $id = null, $action = 'set') { $this->authenticate(); $idClient = $this->User->idClient; if ($action == 'set') { if ($id === null) { try { $data = array( 'email' => $email, 'login' => $login, 'idClient' => $idClient, ); $result = $this->conn->insert('sdv1.utilisateurs_emails', $data); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } } else { try { $data = array( 'email' => $email, ); $result = $this->conn->update('sdv1.utilisateurs_emails', $data, array( 'login' => $login, 'idClient' => $idClient, 'id' => $id, )); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } } } elseif ($action == 'del') { try { $result = $this->conn->delete('sdv1.utilisateurs_emails', array( 'login' => $login, 'idClient' => $idClient, 'id' => $id, )); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } } return $result; } /** * Secondary Emails * @param string $login * @param int $id * @throws SoapFault * @return Email[] */ public function getEmail($login, $id = null) { $this->authenticate(); $idClient = $this->User->idClient; try { $sql = "SELECT id, email FROM sdv1.utilisateurs_emails WHERE login = :login AND idClient = :id"; $stmt = $this->conn->prepare($sql); $stmt->bindValue('login', $login); $stmt->bindValue('id', $idClient); $stmt->execute(); } catch (\Doctrine\DBAL\DBALException $e) { if ($this->User->idClient == 1) { throw new SoapFault('ERR', $e->getMessage()); } else { throw new SoapFault('ERR', "Application error"); } } $emails = array(); if ($stmt->rowCount() > 0) { while ($item = $stmt->fetch(\PDO::FETCH_OBJ)) { $email = new Email(); $email->id = $item->id; $email->value = $item->email; $emails[] = $email; } } return $emails; } /** * Remove access to the children * @param array $toDelete * @param int $idClient * @param string $service */ protected function _deleteAccess($toDelete, $idClient, $service=null) { $strLogin = ''; if (null !== $service) { //Récupération des logins utilisateurs du service $logins = $this->_serviceLogins($idClient, $service); if (count($logins) > 0) { $strLogin = ' AND login IN('.join(',',$logins->toArray()).')'; } } //Modification sur les droits utilisateurs if (count(toDelete ) > 0) { foreach ($toDelete as $droit) { $query = "UPDATE sdv1.utilisateurs set droits=TRIM(REPLACE(droits, ' $droit ', ' ')) WHERE idClient='$idClient'"; $query.= $strLogin; $this->conn->executeQuery($query); } } } /** * Give a list of logins in a service * @param int $idClient * @param string $serviceCode * @return array */ protected function _serviceLogins($idClient, $serviceCode) { $serviceCode = strtoupper($serviceCode); $qb = $this->conn->createQueryBuilder(); $qb->select('login')->from('sdv1.utilisateurs', 'u') ->join('u', 'sdv1.utilisateurs_service', 's', 'u.login=s.login'); if ($serviceCode == 'DEFAULT') { $qb->where('s.serviceCode = NULL'); } else { $qb->where('s.serviceCode = :serviceCode')->setParameter('serviceCode', $serviceCode); } $stmt = $qb->execute(); $logins = $stmt->fetchAll(\PDO::FETCH_ASSOC); return $logins; } }