summaryrefslogtreecommitdiffstats
path: root/application/controllers/AuthController.php
blob: 0ba50275514ae191e1a0d330cb379fd64e5e6ab5 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
<?php
/*
 * Copyright (c) 2011 - OpenSLX GmbH, RZ Uni Freiburg
 * This program is free software distributed under the GPL version 2.
 * See http://gpl.openslx.org/
 *
 * If you have any feedback please consult http://feedback.openslx.org/ and
 * send your suggestions, praise, or complaints to feedback@openslx.org
 *
 * General information about OpenSLX can be found at http://openslx.org/
 */

class AuthController extends Zend_Controller_Action
{
	protected $config = null;
	protected $pbs2host = null;
	protected $userIDsNamespace = null;
	protected $acl = null;

	public function init()
	{
		$bootstrap = $this->getInvokeArg('bootstrap');
		$this->config = $bootstrap->getOptions();
		$this->pbs2host = $this->config['pbs2']['host'];
		$this->userIDsNamespace = Zend_Session::namespaceGet('userIDs');
		if(isset($this->userIDsNamespace['apikey'])) {
			$this->acl = new Poolctrl_Acl($this->pbs2host, $this->config['pbs2']['checkright'] . $this->userIDsNamespace['apikey'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
		}
	}

	public function indexAction()
	{
		$this->_helper->redirector('login', 'auth');
	}

	public function loginAction()
	{
		if (Zend_Auth::getInstance()->hasIdentity()) {
			$this->_redirect('/');
		} else {
			if (!isset($_POST["login"])){
				$loginForm = new Application_Form_Login();
			} else {
				$loginForm = new Application_Form_Login($_POST);

				if ($loginForm->isValid($_POST)) {
					$loginquery = "email=" . $loginForm->getValue('email') . "&password=" . $loginForm->getValue('password');
					$loginApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['login'], 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', $loginquery);
					$loginXMLString = $loginApiResult['http-body'];
					if(strlen($loginXMLString) > 0) {
						$loginXML = new SimpleXMLElement($loginXMLString);
						$login = $loginXML->login;
						$success = sprintf("%s", $login->success);
						if ($success === "true") {
							$membershipSession = new Zend_Session_Namespace('memberships');
							$count = 0;
							foreach($login->membershiplist->membership as $membershipXML)
							{
								$membership = new Application_Model_Membership();
								$membership->setID(sprintf("%s", $membershipXML->id));
								$membership->setPersonID(sprintf("%s", $membershipXML->personid));
								$membership->setGroupID(sprintf("%s", $membershipXML->groupid));
								$membership->setRoleID(sprintf("%s", $membershipXML->roleid));
								$membership->setApikey(sprintf("%s", $membershipXML->apikey));
								$membership->setSuspend(sprintf("%s", $membershipXML->suspend));
								$membershipID = $membership->getID();
								$membershipSession->$membershipID = $membership;
								if($count == 0) {
									$apikey = sprintf("%s", $membershipXML->apikey);
								}
								$count++;
							}

							$personApiResult = PostToHost($this->pbs2host, $this->config['pbs2']['getperson'] . $apikey, 'http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], 'poolctrl', '');
							$personXMLString = $personApiResult['http-body'];
							if(strlen($personXMLString) > 0) {
								$personXML = new SimpleXMLElement($personXMLString);
								$person = new Application_Model_Person();
								$person->setID(sprintf("%s", $personXML->person->id));
								$person->setCity(sprintf("%s", $personXML->person->city));
								$person->setEmail(sprintf("%s", $personXML->person->email));
								$person->setFirstname(sprintf("%s", $personXML->person->firstname));
								$person->setHousenumber(sprintf("%s", $personXML->person->housenumber));
								$person->setLogin(sprintf("%s", $personXML->person->login));
								$person->setLogindate(sprintf("%s", $personXML->person->logindate));
								$person->setName(sprintf("%s", $personXML->person->name));
								$person->setPostalcode(sprintf("%s", $personXML->person->postalcode));
								$person->setRegisterdate(sprintf("%s", $personXML->person->registerdate));
								$person->setStreet(sprintf("%s", $personXML->person->street));
								$person->setSuspend(sprintf("%s", $personXML->person->suspend));
								$person->setTitle(sprintf("%s", $personXML->person->title));
								$personSession = new Zend_Session_Namespace('persons');
								$personName = sprintf("%s", $login->personid);
								$personSession->$personName = $person;
							}

							$userSession = new Zend_Session_Namespace('userIDs');
							$userSession->personID = sprintf("%s", $login->personid);

							$authSession = new Zend_Session_Namespace('auth');
							$authSession->storage = $loginForm->getValue('email');

							$this->_helper->redirector('selectmembership', 'person');
							return;
						} else {
							$error = sprintf("%s", $login->error);
							if($error == "wrong email or password") {
								$poolctrlNotifier = new Poolctrl_Notifier();
								$this->view->notification = $poolctrlNotifier->notify('Wrong Email or Password', 'error');
							} else if($error == "person suspended") {
								$poolctrlNotifier = new Poolctrl_Notifier();
								$this->view->notification = $poolctrlNotifier->notify('Your Account is suspended', 'error');
							}
						}
					}
				}
			}
			$this->view->loginForm = $loginForm;
		}
	}

	public function logoutAction()
	{
		$this->_helper-> viewRenderer-> setNoRender();
		$auth = Zend_Auth::getInstance();
		$auth->clearIdentity();
		Zend_Session::namespaceUnset('userIDs');
		Zend_Session::namespaceUnset('memberships');
		Zend_Session::namespaceUnset('persons');
		Zend_Session::namespaceUnset('groups');
		Zend_Session::namespaceUnset('roles');
		Zend_Session::forgetMe();
		$this->_helper->redirector('login', 'auth');
		return;
	}
}