Rev 951 | Rev 953 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
635 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
772 | daniel-mar | 5 | * Copyright 2019 - 2022 Daniel Marschall, ViaThinkSoft |
635 | daniel-mar | 6 | * |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
20 | if (!defined('INSIDE_OIDPLUS')) die(); |
||
21 | |||
22 | class OIDplusPagePublicObjects extends OIDplusPagePluginPublic { |
||
23 | |||
24 | private function get_treeicon_root($ot) { |
||
25 | $dirs = glob(OIDplus::localpath().'plugins/'.'*'.'/objectTypes/'.$ot::ns()); |
||
26 | |||
27 | if (count($dirs) == 0) { |
||
28 | $icon = null; |
||
29 | } else { |
||
30 | $dir = $dirs[0]; |
||
805 | daniel-mar | 31 | $icon_name = $ot::treeIconFilename('root'); |
800 | daniel-mar | 32 | if (!$icon_name) return null; |
33 | $icon = $dir.'/'.$icon_name; |
||
34 | if (!file_exists($icon)) return null; |
||
635 | daniel-mar | 35 | $icon = substr($icon, strlen(OIDplus::localpath())); |
36 | } |
||
37 | |||
38 | return $icon; |
||
39 | } |
||
40 | |||
41 | private function ra_change_rec($id, $old_ra, $new_ra) { |
||
42 | if (is_null($old_ra)) $old_ra = ''; |
||
43 | OIDplus::db()->query("update ###objects set ra_email = ?, updated = ".OIDplus::db()->sqlDate()." where id = ? and ".OIDplus::db()->getSlang()->isNullFunction('ra_email',"''")." = ?", array($new_ra, $id, $old_ra)); |
||
44 | |||
45 | $res = OIDplus::db()->query("select id from ###objects where parent = ? and ".OIDplus::db()->getSlang()->isNullFunction('ra_email',"''")." = ?", array($id, $old_ra)); |
||
46 | while ($row = $res->fetch_array()) { |
||
47 | $this->ra_change_rec($row['id'], $old_ra, $new_ra); |
||
48 | } |
||
49 | } |
||
50 | |||
51 | public function action($actionID, $params) { |
||
52 | |||
53 | // Action: Delete |
||
54 | // Method: POST |
||
55 | // Parameters: id |
||
56 | // Outputs: <0 Error, =0 Success |
||
57 | if ($actionID == 'Delete') { |
||
58 | _CheckParamExists($params, 'id'); |
||
59 | $id = $params['id']; |
||
60 | $obj = OIDplusObject::parse($id); |
||
61 | if ($obj === null) throw new OIDplusException(_L('%1 action failed because object "%2" cannot be parsed!','DELETE',$id)); |
||
62 | |||
790 | daniel-mar | 63 | if (!OIDplus::db()->query("select id from ###objects where id = ?", array($id))->any()) { |
635 | daniel-mar | 64 | throw new OIDplusException(_L('Object %1 does not exist',$id)); |
65 | } |
||
66 | |||
67 | // Check if permitted |
||
68 | if (!$obj->userHasParentalWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as the superior RA to delete this OID.')); |
||
69 | |||
70 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
71 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
72 | $plugin->beforeObjectDelete($id); |
||
73 | } |
||
74 | } |
||
75 | |||
76 | OIDplus::logger()->log("[WARN]OID($id)+[?WARN/!OK]SUPOIDRA($id)?/[?INFO/!OK]A?", "Object '$id' (recursively) deleted"); |
||
77 | OIDplus::logger()->log("[CRIT]OIDRA($id)!", "Lost ownership of object '$id' because it was deleted"); |
||
78 | |||
79 | if ($parentObj = $obj->getParent()) { |
||
80 | $parent_oid = $parentObj->nodeId(); |
||
81 | OIDplus::logger()->log("[WARN]OID($parent_oid)", "Object '$id' (recursively) deleted"); |
||
82 | } |
||
83 | |||
84 | // Delete object |
||
85 | OIDplus::db()->query("delete from ###objects where id = ?", array($id)); |
||
86 | |||
87 | // Delete orphan stuff |
||
88 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
89 | do { |
||
90 | $res = OIDplus::db()->query("select tchild.id from ###objects tchild " . |
||
91 | "left join ###objects tparent on tparent.id = tchild.parent " . |
||
92 | "where tchild.parent <> ? and tchild.id like ? and tparent.id is null;", array($ot::root(), $ot::root().'%')); |
||
790 | daniel-mar | 93 | if (!$res->any()) break; |
635 | daniel-mar | 94 | |
95 | while ($row = $res->fetch_array()) { |
||
96 | $id_to_delete = $row['id']; |
||
97 | OIDplus::logger()->log("[CRIT]OIDRA($id_to_delete)!", "Lost ownership of object '$id_to_delete' because one of the superior objects ('$id') was recursively deleted"); |
||
98 | OIDplus::db()->query("delete from ###objects where id = ?", array($id_to_delete)); |
||
99 | } |
||
100 | } while (true); |
||
101 | } |
||
102 | OIDplus::db()->query("delete from ###asn1id where well_known = ? and oid not in (select id from ###objects where id like 'oid:%')", array(false)); |
||
103 | OIDplus::db()->query("delete from ###iri where well_known = ? and oid not in (select id from ###objects where id like 'oid:%')", array(false)); |
||
104 | |||
105 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
106 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
107 | $plugin->afterObjectDelete($id); |
||
108 | } |
||
109 | } |
||
110 | |||
111 | return array("status" => 0); |
||
112 | } |
||
113 | |||
114 | // Action: Update |
||
115 | // Method: POST |
||
116 | // Parameters: id, ra_email, comment, iris, asn1ids, confidential |
||
117 | // Outputs: <0 Error, =0 Success, with following bitfields for further information: |
||
118 | // 1 = RA is not registered |
||
119 | // 2 = RA is not registered, but it cannot be invited |
||
120 | // 4 = OID is a well-known OID, so RA, ASN.1 and IRI identifiers were reset |
||
121 | else if ($actionID == 'Update') { |
||
122 | _CheckParamExists($params, 'id'); |
||
123 | $id = $params['id']; |
||
124 | $obj = OIDplusObject::parse($id); |
||
125 | if ($obj === null) throw new OIDplusException(_L('%1 action failed because object "%2" cannot be parsed!','UPDATE',$id)); |
||
126 | |||
790 | daniel-mar | 127 | if (!OIDplus::db()->query("select id from ###objects where id = ?", array($id))->any()) { |
635 | daniel-mar | 128 | throw new OIDplusException(_L('Object %1 does not exist',$id)); |
129 | } |
||
130 | |||
131 | // Check if permitted |
||
132 | if (!$obj->userHasParentalWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as the superior RA to update this OID.')); |
||
133 | |||
134 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
135 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
136 | $plugin->beforeObjectUpdateSuperior($id, $params); |
||
137 | } |
||
138 | } |
||
139 | |||
140 | // First, do a simulation for ASN.1 IDs and IRIs to check if there are any problems (then an Exception will be thrown) |
||
141 | if ($obj::ns() == 'oid') { |
||
142 | if (!$obj->isWellKnown()) { |
||
143 | if (isset($params['iris'])) { |
||
144 | $ids = ($params['iris'] == '') ? array() : explode(',',$params['iris']); |
||
145 | $ids = array_map('trim',$ids); |
||
146 | $obj->replaceIris($ids, true); |
||
147 | } |
||
148 | |||
149 | if (isset($params['asn1ids'])) { |
||
150 | $ids = ($params['asn1ids'] == '') ? array() : explode(',',$params['asn1ids']); |
||
151 | $ids = array_map('trim',$ids); |
||
152 | $obj->replaceAsn1Ids($ids, true); |
||
153 | } |
||
154 | } |
||
155 | } |
||
156 | |||
157 | // RA E-Mail change |
||
158 | if (isset($params['ra_email'])) { |
||
159 | // Validate RA email address |
||
160 | $new_ra = $params['ra_email']; |
||
161 | if ($obj::ns() == 'oid') { |
||
162 | if ($obj->isWellKnown()) { |
||
163 | $new_ra = ''; |
||
164 | } |
||
165 | } |
||
166 | if (!empty($new_ra) && !OIDplus::mailUtils()->validMailAddress($new_ra)) { |
||
167 | throw new OIDplusException(_L('Invalid RA email address')); |
||
168 | } |
||
169 | |||
170 | // Change RA recursively |
||
171 | $res = OIDplus::db()->query("select ra_email from ###objects where id = ?", array($id)); |
||
172 | if ($row = $res->fetch_array()) { |
||
173 | $current_ra = $row['ra_email']; |
||
174 | if ($new_ra != $current_ra) { |
||
175 | OIDplus::logger()->log("[INFO]OID($id)+[?INFO/!OK]SUPOIDRA($id)?/[?INFO/!OK]A?", "RA of object '$id' changed from '$current_ra' to '$new_ra'"); |
||
176 | OIDplus::logger()->log("[WARN]RA($current_ra)!", "Lost ownership of object '$id' due to RA transfer of superior RA / admin."); |
||
177 | OIDplus::logger()->log("[INFO]RA($new_ra)!", "Gained ownership of object '$id' due to RA transfer of superior RA / admin."); |
||
178 | if ($parentObj = $obj->getParent()) { |
||
179 | $parent_oid = $parentObj->nodeId(); |
||
180 | OIDplus::logger()->log("[INFO]OID($parent_oid)", "RA of object '$id' changed from '$current_ra' to '$new_ra'"); |
||
181 | } |
||
182 | $this->ra_change_rec($id, $current_ra, $new_ra); // Recursively change inherited RAs |
||
183 | } |
||
184 | } |
||
185 | } |
||
186 | |||
187 | // Log if confidentially flag was changed |
||
188 | OIDplus::logger()->log("[INFO]OID($id)+[?INFO/!OK]SUPOIDRA($id)?/[?INFO/!OK]A?", "Identifiers/Confidential flag of object '$id' updated"); // TODO: Check if they were ACTUALLY updated! |
||
189 | if ($parentObj = $obj->getParent()) { |
||
190 | $parent_oid = $parentObj->nodeId(); |
||
191 | OIDplus::logger()->log("[INFO]OID($parent_oid)", "Identifiers/Confidential flag of object '$id' updated"); // TODO: Check if they were ACTUALLY updated! |
||
192 | } |
||
193 | |||
194 | // Replace ASN.1 IDs und IRIs |
||
195 | if ($obj::ns() == 'oid') { |
||
196 | if (!$obj->isWellKnown()) { |
||
197 | if (isset($params['iris'])) { |
||
198 | $ids = ($params['iris'] == '') ? array() : explode(',',$params['iris']); |
||
199 | $ids = array_map('trim',$ids); |
||
200 | $obj->replaceIris($ids, false); |
||
201 | } |
||
202 | |||
203 | if (isset($params['asn1ids'])) { |
||
204 | $ids = ($params['asn1ids'] == '') ? array() : explode(',',$params['asn1ids']); |
||
205 | $ids = array_map('trim',$ids); |
||
206 | $obj->replaceAsn1Ids($ids, false); |
||
207 | } |
||
208 | } |
||
209 | |||
210 | // TODO: Check if any identifiers have been actually changed, |
||
211 | // and log it to OID($id), OID($parent), ... (see above) |
||
212 | } |
||
213 | |||
214 | if (isset($params['confidential'])) { |
||
215 | $confidential = $params['confidential'] == 'true'; |
||
216 | OIDplus::db()->query("UPDATE ###objects SET confidential = ? WHERE id = ?", array($confidential, $id)); |
||
217 | } |
||
218 | |||
219 | if (isset($params['comment'])) { |
||
220 | $comment = $params['comment']; |
||
221 | OIDplus::db()->query("UPDATE ###objects SET comment = ? WHERE id = ?", array($comment, $id)); |
||
222 | } |
||
223 | |||
224 | OIDplus::db()->query("UPDATE ###objects SET updated = ".OIDplus::db()->sqlDate()." WHERE id = ?", array($id)); |
||
225 | |||
226 | $status = 0; |
||
227 | |||
228 | if (!empty($new_ra)) { |
||
229 | $res = OIDplus::db()->query("select ra_name from ###ra where email = ?", array($new_ra)); |
||
230 | $invitePlugin = OIDplus::getPluginByOid('1.3.6.1.4.1.37476.2.5.2.4.2.92'); // OIDplusPageRaInvite |
||
790 | daniel-mar | 231 | if (!$res->any()) $status = !is_null($invitePlugin) && OIDplus::config()->getValue('ra_invitation_enabled') ? 1 : 2; |
635 | daniel-mar | 232 | } |
233 | |||
234 | if ($obj::ns() == 'oid') { |
||
235 | if ($obj->isWellKnown()) { |
||
236 | $status += 4; |
||
237 | } |
||
238 | } |
||
239 | |||
240 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
241 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
242 | $plugin->afterObjectUpdateSuperior($id, $params); |
||
243 | } |
||
244 | } |
||
245 | |||
246 | return array("status" => $status); |
||
247 | } |
||
248 | |||
249 | // Action: Update2 |
||
250 | // Method: POST |
||
251 | // Parameters: id, title, description |
||
252 | // Outputs: <0 Error, =0 Success |
||
253 | else if ($actionID == 'Update2') { |
||
254 | _CheckParamExists($params, 'id'); |
||
255 | $id = $params['id']; |
||
256 | $obj = OIDplusObject::parse($id); |
||
257 | if ($obj === null) throw new OIDplusException(_L('%1 action failed because object "%2" cannot be parsed!','UPDATE2',$id)); |
||
258 | |||
790 | daniel-mar | 259 | if (!OIDplus::db()->query("select id from ###objects where id = ?", array($id))->any()) { |
635 | daniel-mar | 260 | throw new OIDplusException(_L('Object %1 does not exist',$id)); |
261 | } |
||
262 | |||
263 | // Check if allowed |
||
264 | if (!$obj->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as the RA to update this OID.')); |
||
265 | |||
266 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
267 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
268 | $plugin->beforeObjectUpdateSelf($id, $params); |
||
269 | } |
||
270 | } |
||
271 | |||
272 | OIDplus::logger()->log("[INFO]OID($id)+[?INFO/!OK]OIDRA($id)?/[?INFO/!OK]A?", "Title/Description of object '$id' updated"); |
||
273 | |||
274 | if (isset($params['title'])) { |
||
275 | $title = $params['title']; |
||
276 | OIDplus::db()->query("UPDATE ###objects SET title = ? WHERE id = ?", array($title, $id)); |
||
277 | } |
||
278 | |||
279 | if (isset($params['description'])) { |
||
280 | $description = $params['description']; |
||
281 | OIDplus::db()->query("UPDATE ###objects SET description = ? WHERE id = ?", array($description, $id)); |
||
282 | } |
||
283 | |||
284 | OIDplus::db()->query("UPDATE ###objects SET updated = ".OIDplus::db()->sqlDate()." WHERE id = ?", array($id)); |
||
285 | |||
286 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
287 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
288 | $plugin->afterObjectUpdateSelf($id, $params); |
||
289 | } |
||
290 | } |
||
291 | |||
292 | return array("status" => 0); |
||
293 | } |
||
294 | |||
295 | // Generate UUID |
||
296 | else if ($actionID == 'generate_uuid') { |
||
297 | $uuid = gen_uuid(); |
||
298 | if (!$uuid) return array("status" => 1); |
||
299 | return array( |
||
300 | "status" => 0, |
||
301 | "uuid" => $uuid, |
||
302 | "intval" => substr(uuid_to_oid($uuid),strlen('2.25.')) |
||
303 | ); |
||
304 | } |
||
305 | |||
306 | // Action: Insert |
||
307 | // Method: POST |
||
308 | // Parameters: parent, id, ra_email, confidential, iris, asn1ids |
||
309 | // Outputs: status=<0 Error, =0 Success, with following bitfields for further information: |
||
310 | // 1 = RA is not registered |
||
311 | // 2 = RA is not registered, but it cannot be invited |
||
312 | // 4 = OID is a well-known OID, so RA, ASN.1 and IRI identifiers were reset |
||
313 | else if ($actionID == 'Insert') { |
||
314 | // Check if you have write rights on the parent (to create a new object) |
||
315 | _CheckParamExists($params, 'parent'); |
||
316 | $objParent = OIDplusObject::parse($params['parent']); |
||
317 | if ($objParent === null) throw new OIDplusException(_L('%1 action failed because parent object "%2" cannot be parsed!','INSERT',$params['parent'])); |
||
318 | |||
790 | daniel-mar | 319 | if (!$objParent->isRoot() && (!OIDplus::db()->query("select id from ###objects where id = ?", array($objParent->nodeId()))->any())) { |
635 | daniel-mar | 320 | throw new OIDplusException(_L('Parent object %1 does not exist','".($objParent->nodeId())."')); |
321 | } |
||
322 | |||
323 | if (!$objParent->userHasWriteRights()) throw new OIDplusException(_L('Authentication error. Please log in as the correct RA to insert an OID at this arc.')); |
||
324 | |||
325 | // Check if the ID is valid |
||
326 | _CheckParamExists($params, 'id'); |
||
327 | if ($params['id'] == '') throw new OIDplusException(_L('ID may not be empty')); |
||
328 | |||
772 | daniel-mar | 329 | // For the root objects, let the user also enter a WEID |
330 | if ($objParent::ns() == 'oid') { |
||
331 | if (strtolower(substr(trim($params['id']),0,5)) === 'weid:') { |
||
332 | if ($objParent->isRoot()) { |
||
333 | $params['id'] = WeidOidConverter::weid2oid($params['id']); |
||
334 | if ($params['id'] === false) { |
||
335 | throw new OIDplusException(_L('Invalid WEID')); |
||
336 | } |
||
337 | } else { |
||
338 | throw new OIDplusException(_L('You can use the WEID syntax only at your object tree root.')); |
||
339 | } |
||
340 | } |
||
341 | } |
||
342 | |||
635 | daniel-mar | 343 | // Determine absolute OID name |
344 | // Note: At addString() and parse(), the syntax of the ID will be checked |
||
345 | $id = $objParent->addString($params['id']); |
||
346 | |||
347 | // Check, if the OID exists |
||
348 | $test = OIDplus::db()->query("select id from ###objects where id = ?", array($id)); |
||
790 | daniel-mar | 349 | if ($test->any()) { |
635 | daniel-mar | 350 | throw new OIDplusException(_L('Object %1 already exists!',$id)); |
351 | } |
||
352 | |||
353 | $obj = OIDplusObject::parse($id); |
||
354 | if ($obj === null) throw new OIDplusException(_L('%1 action failed because object "%2" cannot be parsed!','INSERT',$id)); |
||
355 | |||
356 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
357 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
358 | $plugin->beforeObjectInsert($id, $params); |
||
359 | } |
||
360 | } |
||
361 | |||
362 | // First simulate if there are any problems of ASN.1 IDs und IRIs |
||
363 | if ($obj::ns() == 'oid') { |
||
364 | if (!$obj->isWellKnown()) { |
||
365 | if (isset($params['iris'])) { |
||
366 | $ids = ($params['iris'] == '') ? array() : explode(',',$params['iris']); |
||
367 | $ids = array_map('trim',$ids); |
||
368 | $obj->replaceIris($ids, true); |
||
369 | } |
||
370 | |||
371 | if (isset($params['asn1ids'])) { |
||
372 | $ids = ($params['asn1ids'] == '') ? array() : explode(',',$params['asn1ids']); |
||
373 | $ids = array_map('trim',$ids); |
||
374 | $obj->replaceAsn1Ids($ids, true); |
||
375 | } |
||
376 | } |
||
377 | } |
||
378 | |||
379 | // Apply superior RA change |
||
380 | $parent = $params['parent']; |
||
381 | $ra_email = isset($params['ra_email']) ? $params['ra_email'] : ''; |
||
382 | if ($obj::ns() == 'oid') { |
||
383 | if ($obj->isWellKnown()) { |
||
384 | $ra_email = ''; |
||
385 | } |
||
386 | } |
||
387 | if (!empty($ra_email) && !OIDplus::mailUtils()->validMailAddress($ra_email)) { |
||
388 | throw new OIDplusException(_L('Invalid RA email address')); |
||
389 | } |
||
390 | |||
391 | OIDplus::logger()->log("[INFO]OID($parent)+[INFO]OID($id)+[?INFO/!OK]OIDRA($parent)?/[?INFO/!OK]A?", "Object '$id' created, ".(empty($ra_email) ? "without defined RA" : "given to RA '$ra_email'")).", superior object is '$parent'"; |
||
392 | if (!empty($ra_email)) { |
||
393 | OIDplus::logger()->log("[INFO]RA($ra_email)!", "Gained ownership of newly created object '$id'"); |
||
394 | } |
||
395 | |||
396 | $confidential = isset($params['confidential']) ? ($params['confidential'] == 'true') : false; |
||
397 | $comment = isset($params['comment']) ? $params['comment'] : ''; |
||
398 | $title = ''; |
||
399 | $description = ''; |
||
400 | |||
401 | if (strlen($id) > OIDplus::baseConfig()->getValue('LIMITS_MAX_ID_LENGTH')) { |
||
402 | $maxlen = OIDplus::baseConfig()->getValue('LIMITS_MAX_ID_LENGTH'); |
||
403 | throw new OIDplusException(_L('The identifier %1 is too long (max allowed length: %2)',$id,$maxlen)); |
||
404 | } |
||
405 | |||
406 | OIDplus::db()->query("INSERT INTO ###objects (id, parent, ra_email, confidential, comment, created, title, description) VALUES (?, ?, ?, ?, ?, ".OIDplus::db()->sqlDate().", ?, ?)", array($id, $parent, $ra_email, $confidential, $comment, $title, $description)); |
||
407 | |||
408 | // Set ASN.1 IDs und IRIs |
||
409 | if ($obj::ns() == 'oid') { |
||
410 | if (!$obj->isWellKnown()) { |
||
411 | if (isset($params['iris'])) { |
||
412 | $ids = ($params['iris'] == '') ? array() : explode(',',$params['iris']); |
||
413 | $ids = array_map('trim',$ids); |
||
414 | $obj->replaceIris($ids, false); |
||
415 | } |
||
416 | |||
417 | if (isset($params['asn1ids'])) { |
||
418 | $ids = ($params['asn1ids'] == '') ? array() : explode(',',$params['asn1ids']); |
||
419 | $ids = array_map('trim',$ids); |
||
420 | $obj->replaceAsn1Ids($ids, false); |
||
421 | } |
||
422 | } |
||
423 | } |
||
424 | |||
425 | $status = 0; |
||
426 | |||
427 | if (!empty($ra_email)) { |
||
428 | // Do we need to notify that the RA does not exist? |
||
429 | $res = OIDplus::db()->query("select ra_name from ###ra where email = ?", array($ra_email)); |
||
430 | $invitePlugin = OIDplus::getPluginByOid('1.3.6.1.4.1.37476.2.5.2.4.2.92'); // OIDplusPageRaInvite |
||
790 | daniel-mar | 431 | if (!$res->any()) $status = !is_null($invitePlugin) && OIDplus::config()->getValue('ra_invitation_enabled') ? 1 : 2; |
635 | daniel-mar | 432 | } |
433 | |||
434 | if ($obj::ns() == 'oid') { |
||
435 | if ($obj->isWellKnown()) { |
||
436 | $status += 4; |
||
437 | } |
||
438 | } |
||
439 | |||
440 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
441 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.3')) { |
||
442 | $plugin->afterObjectInsert($id, $params); |
||
443 | } |
||
444 | } |
||
445 | |||
446 | return array( |
||
447 | "status" => $status, |
||
448 | "inserted_id" => $id |
||
449 | ); |
||
450 | } else { |
||
451 | throw new OIDplusException(_L('Unknown action ID')); |
||
452 | } |
||
453 | } |
||
454 | |||
455 | public function init($html=true) { |
||
456 | OIDplus::config()->prepareConfigKey('oobe_objects_done', '"Out Of Box Experience" wizard for OIDplusPagePublicObjects done once?', '0', OIDplusConfig::PROTECTION_HIDDEN, function($value) {}); |
||
693 | daniel-mar | 457 | OIDplus::config()->prepareConfigKey('oid_grid_show_weid', 'Show WEID/Base36 column in CRUD grid of OIDs?', '1', OIDplusConfig::PROTECTION_EDITABLE, function($value) { |
458 | if (!is_numeric($value) || ($value < 0) || ($value > 1)) { |
||
459 | throw new OIDplusException(_L('Please enter a valid value (0=no, 1=yes).')); |
||
460 | } |
||
461 | }); |
||
635 | daniel-mar | 462 | } |
463 | |||
951 | daniel-mar | 464 | private function tryObject($id, &$out) { |
465 | $parent = null; |
||
466 | $res = null; |
||
467 | $row = null; |
||
468 | $matches_any_registered_type = false; |
||
469 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
470 | if ($obj = $ot::parse($id)) { |
||
471 | $matches_any_registered_type = true; |
||
472 | if ($obj->isRoot()) { |
||
473 | $obj->getContentPage($out['title'], $out['text'], $out['icon']); |
||
474 | $parent = null; // $obj->getParent(); |
||
475 | break; |
||
476 | } else { |
||
477 | $res = OIDplus::db()->query("select * from ###objects where id = ?", array($obj->nodeId())); |
||
478 | if (!$res->any()) { |
||
479 | return false; |
||
480 | } else { |
||
481 | $row = $res->fetch_array(); // will be used further down the code |
||
482 | $obj->getContentPage($out['title'], $out['text'], $out['icon']); |
||
483 | if (empty($out['title'])) $out['title'] = explode(':',$obj->nodeId(),2)[1]; |
||
484 | $parent = $obj->getParent(); |
||
485 | break; |
||
486 | } |
||
487 | } |
||
488 | } |
||
489 | } |
||
490 | if (!$matches_any_registered_type) return false; |
||
491 | return array($parent, $res, $row); |
||
492 | } |
||
493 | |||
952 | daniel-mar | 494 | private static function getAlternativesForQuery($id) { |
951 | daniel-mar | 495 | // e.g. used for "Reverse Alt Id" |
496 | $alternatives = array(); |
||
497 | foreach (array_merge(OIDplus::getPagePlugins(),OIDplus::getObjectTypePlugins()) as $plugin) { |
||
498 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.7')) { |
||
499 | $tmp = $plugin->getAlternativesForQuery($id); |
||
500 | if (is_array($tmp)) { |
||
501 | $alternatives = array_merge($tmp, $alternatives); |
||
502 | } |
||
503 | } |
||
504 | } |
||
505 | $alternatives = array_unique($alternatives); |
||
506 | return $alternatives; |
||
507 | } |
||
508 | |||
635 | daniel-mar | 509 | public function gui($id, &$out, &$handled) { |
510 | if ($id === 'oidplus:system') { |
||
511 | $handled = true; |
||
512 | |||
513 | $out['title'] = OIDplus::config()->getValue('system_title'); |
||
801 | daniel-mar | 514 | $out['icon'] = OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon.png'; |
635 | daniel-mar | 515 | |
516 | if (file_exists(OIDplus::localpath() . 'userdata/welcome/welcome$'.OIDplus::getCurrentLang().'.html')) { |
||
517 | $cont = file_get_contents(OIDplus::localpath() . 'userdata/welcome/welcome$'.OIDplus::getCurrentLang().'.html'); |
||
518 | } else if (file_exists(OIDplus::localpath() . 'userdata/welcome/welcome.html')) { |
||
519 | $cont = file_get_contents(OIDplus::localpath() . 'userdata/welcome/welcome.html'); |
||
520 | } else if (file_exists(__DIR__ . '/welcome$'.OIDplus::getCurrentLang().'.html')) { |
||
521 | $cont = file_get_contents(__DIR__ . '/welcome$'.OIDplus::getCurrentLang().'.html'); |
||
522 | } else if (file_exists(__DIR__ . '/welcome.html')) { |
||
523 | $cont = file_get_contents(__DIR__ . '/welcome.html'); |
||
524 | } else { |
||
525 | $cont = ''; |
||
526 | } |
||
527 | |||
528 | list($html, $js, $css) = extractHtmlContents($cont); |
||
529 | $cont = ''; |
||
530 | if (!empty($js)) $cont .= "<script>\n$js\n</script>"; |
||
531 | if (!empty($css)) $cont .= "<style>\n$css\n</style>"; |
||
821 | daniel-mar | 532 | $cont .= stripHtmlComments($html); |
635 | daniel-mar | 533 | |
534 | $out['text'] = $cont; |
||
535 | |||
536 | if (strpos($out['text'], '%%OBJECT_TYPE_LIST%%') !== false) { |
||
537 | $tmp = '<ul>'; |
||
538 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
539 | $tmp .= '<li><a '.OIDplus::gui()->link($ot::root()).'>'.htmlentities($ot::objectTypeTitle()).'</a></li>'; |
||
540 | } |
||
541 | $tmp .= '</ul>'; |
||
542 | $out['text'] = str_replace('%%OBJECT_TYPE_LIST%%', $tmp, $out['text']); |
||
543 | } |
||
544 | |||
545 | return; |
||
546 | } |
||
547 | |||
548 | try { |
||
549 | $obj = OIDplusObject::parse($id); |
||
550 | } catch (Exception $e) { |
||
551 | $obj = null; |
||
552 | } |
||
553 | |||
554 | if (!is_null($obj)) { |
||
555 | $handled = true; |
||
556 | |||
557 | if (!$obj->userHasReadRights()) { |
||
843 | daniel-mar | 558 | if (isset($_SERVER['SCRIPT_FILENAME']) && (strtolower(basename($_SERVER['SCRIPT_FILENAME'])) !== 'ajax.php')) { // don't send HTTP error codes in ajax.php, because we want a page and not a JavaScript alert box, when someone enters an invalid OID in the GoTo-Box |
559 | http_response_code(403); |
||
560 | } |
||
635 | daniel-mar | 561 | $out['title'] = _L('Access denied'); |
800 | daniel-mar | 562 | $out['icon'] = 'img/error.png'; |
635 | daniel-mar | 563 | $out['text'] = '<p>'._L('Please <a %1>log in</a> to receive information about this object.',OIDplus::gui()->link('oidplus:login')).'</p>'; |
564 | return; |
||
565 | } |
||
566 | |||
951 | daniel-mar | 567 | // --- |
568 | |||
569 | $test = $this->tryObject($id, $out); |
||
570 | if ($test === false) { |
||
952 | daniel-mar | 571 | $alternatives = $this->getAlternativesForQuery($id); |
951 | daniel-mar | 572 | foreach ($alternatives as $alternative) { |
573 | $test = $this->tryObject($alternative, $out); |
||
574 | if ($test !== false) break; |
||
635 | daniel-mar | 575 | } |
576 | } |
||
951 | daniel-mar | 577 | if ($test === false) { |
843 | daniel-mar | 578 | if (isset($_SERVER['SCRIPT_FILENAME']) && (strtolower(basename($_SERVER['SCRIPT_FILENAME'])) !== 'ajax.php')) { // don't send HTTP error codes in ajax.php, because we want a page and not a JavaScript alert box, when someone enters an invalid OID in the GoTo-Box |
579 | http_response_code(404); |
||
580 | } |
||
635 | daniel-mar | 581 | $out['title'] = _L('Object not found'); |
800 | daniel-mar | 582 | $out['icon'] = 'img/error.png'; |
635 | daniel-mar | 583 | $out['text'] = _L('The object %1 was not found in this database.','<code>'.htmlentities($id).'</code>'); |
584 | return; |
||
951 | daniel-mar | 585 | } else { |
586 | list($parent, $res, $row) = $test; |
||
635 | daniel-mar | 587 | } |
588 | |||
951 | daniel-mar | 589 | unset($test); |
590 | |||
635 | daniel-mar | 591 | // --- |
592 | |||
593 | if ($parent) { |
||
594 | if ($parent->isRoot()) { |
||
595 | |||
596 | $parent_link_text = $parent->objectTypeTitle(); |
||
597 | $out['text'] = '<p><a '.OIDplus::gui()->link($parent->root()).'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '._L('Parent node: %1',htmlentities($parent_link_text)).'</a></p>' . $out['text']; |
||
598 | |||
599 | } else { |
||
600 | $res_ = OIDplus::db()->query("select * from ###objects where id = ?", array($parent->nodeId())); |
||
790 | daniel-mar | 601 | if ($res_->any()) { |
635 | daniel-mar | 602 | $row_ = $res_->fetch_array(); |
603 | |||
604 | $parent_title = $row_['title']; |
||
605 | if (empty($parent_title) && ($parent->ns() == 'oid')) { |
||
606 | // If not title is available, then use an ASN.1 identifier |
||
607 | $res_ = OIDplus::db()->query("select name from ###asn1id where oid = ?", array($parent->nodeId())); |
||
790 | daniel-mar | 608 | if ($res_->any()) { |
635 | daniel-mar | 609 | $row_ = $res_->fetch_array(); |
610 | $parent_title = $row_['name']; // TODO: multiple ASN1 ids? |
||
611 | } |
||
612 | } |
||
613 | |||
614 | $parent_link_text = empty($parent_title) ? explode(':',$parent->nodeId())[1] : $parent_title.' ('.explode(':',$parent->nodeId())[1].')'; |
||
615 | |||
616 | $out['text'] = '<p><a '.OIDplus::gui()->link($parent->nodeId()).'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '._L('Parent node: %1',htmlentities($parent_link_text)).'</a></p>' . $out['text']; |
||
617 | } else { |
||
618 | $out['text'] = ''; |
||
619 | } |
||
620 | } |
||
621 | } else { |
||
622 | $parent_link_text = _L('Go back to front page'); |
||
623 | $out['text'] = '<p><a '.OIDplus::gui()->link('oidplus:system').'><img src="img/arrow_back.png" width="16" alt="'._L('Go back').'"> '.htmlentities($parent_link_text).'</a></p>' . $out['text']; |
||
624 | } |
||
625 | |||
626 | // --- |
||
627 | |||
783 | daniel-mar | 628 | // DM 16.03.2022 commented out isset() because Oracle does not set 'description' if it is NULL?! |
629 | if (!is_null($row)/* && isset($row['description'])*/) { |
||
635 | daniel-mar | 630 | if (empty($row['description'])) { |
631 | if (empty($row['title'])) { |
||
632 | $desc = '<p><i>'._L('No description for this object available').'</i></p>'; |
||
633 | } else { |
||
634 | $desc = $row['title']; |
||
635 | } |
||
636 | } else { |
||
637 | $desc = self::objDescription($row['description']); |
||
638 | } |
||
639 | |||
640 | if ($obj->userHasWriteRights()) { |
||
641 | $rand = ++self::$crudCounter; |
||
642 | $desc = '<noscript><p><b>'._L('You need to enable JavaScript to edit title or description of this object.').'</b></p>'.$desc.'</noscript>'; |
||
643 | $desc .= '<div class="container box" style="display:none" id="descbox_'.$rand.'">'; |
||
644 | $desc .= _L('Title').': <input type="text" name="title" id="titleedit" value="'.htmlentities($row['title']).'"><br><br>'._L('Description').':<br>'; |
||
645 | $desc .= self::showMCE('description', $row['description']); |
||
646 | $desc .= '<button type="button" name="update_desc" id="update_desc" class="btn btn-success btn-xs update" onclick="OIDplusPagePublicObjects.updateDesc()">'._L('Update description').'</button>'; |
||
647 | $desc .= '</div>'; |
||
648 | $desc .= '<script>$("#descbox_'.$rand.'")[0].style.display = "block";</script>'; |
||
649 | } |
||
650 | } else { |
||
651 | $desc = ''; |
||
652 | } |
||
653 | |||
654 | // --- |
||
655 | |||
656 | if (strpos($out['text'], '%%DESC%%') !== false) |
||
657 | $out['text'] = str_replace('%%DESC%%', $desc, $out['text']); |
||
658 | if (strpos($out['text'], '%%CRUD%%') !== false) |
||
856 | daniel-mar | 659 | $out['text'] = str_replace('%%CRUD%%', self::showCrud($obj->nodeId()), $out['text']); |
635 | daniel-mar | 660 | if (strpos($out['text'], '%%RA_INFO%%') !== false) |
661 | $out['text'] = str_replace('%%RA_INFO%%', OIDplusPagePublicRaInfo::showRaInfo($row['ra_email']), $out['text']); |
||
662 | |||
663 | $alt_ids = $obj->getAltIds(); |
||
664 | if (count($alt_ids) > 0) { |
||
665 | $out['text'] .= '<h2>'._L('Alternative Identifiers').'</h2>'; |
||
666 | foreach ($alt_ids as $alt_id) { |
||
667 | $ns = $alt_id->getNamespace(); |
||
668 | $aid = $alt_id->getId(); |
||
669 | $aiddesc = $alt_id->getDescription(); |
||
945 | daniel-mar | 670 | $suffix = $alt_id->getSuffix(); |
671 | $out['text'] .= "$aiddesc: <code>$ns:$aid</code>$suffix<br>"; |
||
635 | daniel-mar | 672 | } |
673 | } |
||
674 | |||
675 | foreach (OIDplus::getPagePlugins() as $plugin) { |
||
676 | if ($plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.2')) { |
||
856 | daniel-mar | 677 | $plugin->modifyContent($obj->nodeId(), $out['title'], $out['icon'], $out['text']); |
635 | daniel-mar | 678 | } |
679 | } |
||
680 | } |
||
681 | } |
||
682 | |||
683 | private function publicSitemap_rec($json, &$out) { |
||
684 | foreach ($json as $x) { |
||
685 | if (isset($x['id']) && $x['id']) { |
||
686 | $out[] = $x['id']; |
||
687 | } |
||
688 | if (isset($x['children'])) { |
||
689 | $this->publicSitemap_rec($x['children'], $out); |
||
690 | } |
||
691 | } |
||
692 | } |
||
693 | |||
694 | public function publicSitemap(&$out) { |
||
695 | $json = array(); |
||
696 | $this->tree($json, null/*RA EMail*/, false/*HTML tree algorithm*/, true/*display all*/); |
||
697 | $this->publicSitemap_rec($json, $out); |
||
698 | } |
||
699 | |||
700 | public function tree(&$json, $ra_email=null, $nonjs=false, $req_goto='') { |
||
701 | if ($nonjs) { |
||
702 | $json[] = array( |
||
703 | 'id' => 'oidplus:system', |
||
801 | daniel-mar | 704 | 'icon' => OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png', |
635 | daniel-mar | 705 | 'text' => _L('System') |
706 | ); |
||
707 | |||
708 | $parent = ''; |
||
709 | $res = OIDplus::db()->query("select parent from ###objects where id = ?", array($req_goto)); |
||
710 | while ($row = $res->fetch_object()) { |
||
711 | $parent = $row->parent; |
||
712 | } |
||
713 | |||
714 | $objTypesChildren = array(); |
||
715 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
716 | $icon = $this->get_treeicon_root($ot); |
||
717 | |||
718 | $json[] = array( |
||
719 | 'id' => $ot::root(), |
||
720 | 'icon' => $icon, |
||
721 | 'text' => $ot::objectTypeTitle() |
||
722 | ); |
||
723 | |||
724 | try { |
||
725 | $tmp = OIDplusObject::parse($req_goto); |
||
726 | } catch (Exception $e) { |
||
727 | $tmp = null; |
||
728 | } |
||
729 | if (!is_null($tmp) && ($ot == get_class($tmp))) { |
||
730 | // TODO: Instead of just having 3 levels (parent, this and children), it would be better if we'd had a full tree of all parents |
||
731 | // on the other hand, for giving search engines content, this is good enough |
||
732 | if (empty($parent)) { |
||
733 | $res = OIDplus::db()->query("select * from ###objects where " . |
||
734 | "parent = ? or " . |
||
735 | "id = ? " . |
||
736 | "order by ".OIDplus::db()->natOrder('id'), array($req_goto, $req_goto)); |
||
737 | } else { |
||
738 | $res = OIDplus::db()->query("select * from ###objects where " . |
||
739 | "parent = ? or " . |
||
740 | "id = ? or " . |
||
741 | "id = ? ". |
||
742 | "order by ".OIDplus::db()->natOrder('id'), array($req_goto, $req_goto, $parent)); |
||
743 | } |
||
744 | |||
745 | $z_used = 0; |
||
746 | $y_used = 0; |
||
747 | $x_used = 0; |
||
748 | $stufe = 0; |
||
749 | $menu_entries = array(); |
||
750 | $stufen = array(); |
||
751 | while ($row = $res->fetch_object()) { |
||
752 | $obj = OIDplusObject::parse($row->id); |
||
753 | if (is_null($obj)) continue; // might happen if the objectType is not available/loaded |
||
754 | if (!$obj->userHasReadRights()) continue; |
||
755 | $txt = $row->title == '' ? '' : ' -- '.htmlentities($row->title); |
||
756 | |||
757 | if ($row->id == $parent) { $stufe=0; $z_used++; } |
||
758 | if ($row->id == $req_goto) { $stufe=1; $y_used++; } |
||
759 | if ($row->parent == $req_goto) { $stufe=2; $x_used++; } |
||
760 | |||
761 | $menu_entry = array('id' => $row->id, 'icon' => '', 'text' => $txt, 'indent' => 0); |
||
762 | $menu_entries[] = $menu_entry; |
||
763 | $stufen[] = $stufe; |
||
764 | } |
||
765 | if ($x_used) foreach ($menu_entries as $i => &$menu_entry) if ($stufen[$i] >= 2) $menu_entry['indent'] += 1; |
||
766 | if ($y_used) foreach ($menu_entries as $i => &$menu_entry) if ($stufen[$i] >= 1) $menu_entry['indent'] += 1; |
||
767 | if ($z_used) foreach ($menu_entries as $i => &$menu_entry) if ($stufen[$i] >= 0) $menu_entry['indent'] += 1; |
||
768 | $json = array_merge($json, $menu_entries); |
||
769 | } |
||
770 | } |
||
771 | |||
772 | return true; |
||
773 | } else { |
||
774 | if ($req_goto === true) { |
||
775 | $goto_path = true; // display everything recursively |
||
776 | } else if (isset($req_goto)) { |
||
777 | $goto = $req_goto; |
||
778 | $path = array(); |
||
779 | while (true) { |
||
780 | $path[] = $goto; |
||
781 | $res = OIDplus::db()->query("select parent from ###objects where id = ?", array($goto)); |
||
790 | daniel-mar | 782 | if (!$res->any()) break; |
635 | daniel-mar | 783 | $row = $res->fetch_array(); |
784 | $goto = $row['parent']; |
||
785 | if ($goto == '') continue; |
||
786 | } |
||
787 | |||
788 | $goto_path = array_reverse($path); |
||
789 | } else { |
||
790 | $goto_path = null; |
||
791 | } |
||
792 | |||
793 | $objTypesChildren = array(); |
||
794 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
795 | $icon = $this->get_treeicon_root($ot); |
||
796 | |||
797 | $child = array('id' => $ot::root(), |
||
798 | 'text' => $ot::objectTypeTitle(), |
||
799 | 'state' => array("opened" => true), |
||
800 | 'icon' => $icon, |
||
801 | 'children' => OIDplus::menuUtils()->tree_populate($ot::root(), $goto_path) |
||
802 | ); |
||
803 | if (!file_exists($child['icon'])) $child['icon'] = null; // default icon (folder) |
||
804 | $objTypesChildren[] = $child; |
||
805 | } |
||
806 | |||
807 | $json[] = array( |
||
808 | 'id' => "oidplus:system", |
||
809 | 'text' => _L('Objects'), |
||
810 | 'state' => array( |
||
811 | "opened" => true, |
||
812 | // "selected" => true) // "selected" is buggy: |
||
813 | // 1) The select-event will not be triggered upon loading |
||
814 | // 2) The nodes directly blow cannot be opened (loading infinite time) |
||
815 | ), |
||
801 | daniel-mar | 816 | 'icon' => OIDplus::webpath(__DIR__,OIDplus::PATH_RELATIVE).'img/main_icon16.png', |
635 | daniel-mar | 817 | 'children' => $objTypesChildren |
818 | ); |
||
819 | |||
820 | return true; |
||
821 | } |
||
822 | } |
||
823 | |||
824 | public function tree_search($request) { |
||
825 | $ary = array(); |
||
951 | daniel-mar | 826 | $found_leaf = false; |
635 | daniel-mar | 827 | if ($obj = OIDplusObject::parse($request)) { |
951 | daniel-mar | 828 | $found_leaf = OIDplusObject::exists($request); |
829 | do { |
||
830 | if ($obj->userHasReadRights()) { |
||
635 | daniel-mar | 831 | $ary[] = $obj->nodeId(); |
951 | daniel-mar | 832 | } |
833 | } while ($obj = $obj->getParent()); |
||
834 | $ary = array_reverse($ary); |
||
835 | } |
||
836 | if (!$found_leaf) { |
||
952 | daniel-mar | 837 | $alternatives = $this->getAlternativesForQuery($request); |
951 | daniel-mar | 838 | foreach ($alternatives as $alternative) { |
839 | $ary_ = array(); |
||
840 | if ($obj = OIDplusObject::parse($alternative)) { |
||
841 | if ($obj->userHasReadRights() && OIDplusObject::exists($alternative)) { |
||
842 | do { |
||
843 | $ary_[] = $obj->nodeId(); |
||
844 | } while ($obj = $obj->getParent()); |
||
845 | $ary_ = array_reverse($ary_); |
||
846 | } |
||
847 | } |
||
848 | if (!empty($ary_)) { |
||
849 | $ary = $ary_; |
||
850 | break; |
||
851 | } |
||
635 | daniel-mar | 852 | } |
853 | } |
||
854 | return $ary; |
||
855 | } |
||
856 | |||
857 | private static $crudCounter = 0; |
||
858 | |||
859 | protected static function showCrud($parent='oid:') { |
||
860 | $items_total = 0; |
||
861 | $items_hidden = 0; |
||
862 | |||
863 | $objParent = OIDplusObject::parse($parent); |
||
864 | $parentNS = $objParent::ns(); |
||
865 | |||
866 | // http://www.oid-info.com/cgi-bin/display?a=list-by-category&category=Not%20allocating%20identifiers |
||
867 | $no_asn1 = array( |
||
868 | 'oid:1.3.6.1.4.1', |
||
869 | 'oid:1.3.6.1.4.1.37476.9000', |
||
870 | 'oid:1.3.6.1.4.1.37553.8.8', |
||
871 | 'oid:2.16.276.1', |
||
719 | daniel-mar | 872 | //'oid:2.25', // according to Olivier, it is OK that UUID owners define their own ASN.1 ID, since the ASN.1 ID is not required to be unique |
873 | //'oid:1.2.840.113556.1.8000.2554' // Adhoc (GUID/UUID-based) customer use. It is probably the same case as the UUID OIDs, after all, these are UUIDs, too. |
||
635 | daniel-mar | 874 | ); |
875 | |||
876 | // http://www.oid-info.com/cgi-bin/display?a=list-by-category&category=Not%20allocating%20Unicode%20labels |
||
877 | $no_iri = array( |
||
878 | 'oid:1.2.250.1', |
||
879 | 'oid:1.3.6.1.4.1', |
||
880 | 'oid:1.3.6.1.4.1.37476.9000', |
||
881 | 'oid:1.3.6.1.4.1.37553.8.8', |
||
882 | 'oid:2.16.276.1', |
||
883 | 'oid:2.25' |
||
884 | ); |
||
885 | |||
886 | $accepts_asn1 = ($parentNS == 'oid') && (!in_array($objParent->nodeId(), $no_asn1)) && (!is_uuid_oid($objParent->nodeId(),true)); |
||
887 | $accepts_iri = ($parentNS == 'oid') && (!in_array($objParent->nodeId(), $no_iri)) && (!is_uuid_oid($objParent->nodeId(),true)); |
||
888 | |||
889 | $result = OIDplus::db()->query("select o.*, r.ra_name " . |
||
890 | "from ###objects o " . |
||
891 | "left join ###ra r on r.email = o.ra_email " . |
||
892 | "where parent = ? " . |
||
893 | "order by ".OIDplus::db()->natOrder('id'), array($parent)); |
||
894 | |||
693 | daniel-mar | 895 | $rows = array(); |
896 | while ($row = $result->fetch_object()) { |
||
897 | $obj = OIDplusObject::parse($row->id); |
||
898 | $rows[] = array($obj,$row); |
||
899 | } |
||
900 | |||
901 | $enable_weid_presentation = OIDplus::config()->getValue('oid_grid_show_weid'); |
||
902 | |||
635 | daniel-mar | 903 | $output = ''; |
904 | $output .= '<div class="container box"><div id="suboid_table" class="table-responsive">'; |
||
905 | $output .= '<table class="table table-bordered table-striped">'; |
||
906 | $output .= ' <tr>'; |
||
907 | $output .= ' <th>'._L('ID').(($parentNS == 'gs1') ? ' '._L('(without check digit)') : '').'</th>'; |
||
692 | daniel-mar | 908 | if ($enable_weid_presentation && ($parentNS == 'oid') && !$objParent->isRoot()) { |
693 | daniel-mar | 909 | $output .= ' <th><abbr title="'._L('Binary-to-text encoding used for WEIDs').'">'._L('Base36').'</abbr></th>'; |
910 | } |
||
635 | daniel-mar | 911 | if ($parentNS == 'oid') { |
912 | if ($accepts_asn1) $output .= ' <th>'._L('ASN.1 IDs (comma sep.)').'</th>'; |
||
913 | if ($accepts_iri) $output .= ' <th>'._L('IRI IDs (comma sep.)').'</th>'; |
||
914 | } |
||
915 | $output .= ' <th>'._L('RA').'</th>'; |
||
916 | $output .= ' <th>'._L('Comment').'</th>'; |
||
917 | if ($objParent->userHasWriteRights()) { |
||
918 | $output .= ' <th>'._L('Hide').'</th>'; |
||
919 | $output .= ' <th>'._L('Update').'</th>'; |
||
920 | $output .= ' <th>'._L('Delete').'</th>'; |
||
921 | } |
||
922 | $output .= ' <th>'._L('Created').'</th>'; |
||
923 | $output .= ' <th>'._L('Updated').'</th>'; |
||
924 | $output .= ' </tr>'; |
||
925 | |||
926 | foreach ($rows as list($obj,$row)) { |
||
927 | $items_total++; |
||
928 | if (!$obj->userHasReadRights()) { |
||
929 | $items_hidden++; |
||
930 | continue; |
||
931 | } |
||
932 | |||
933 | $show_id = $obj->crudShowId($objParent); |
||
934 | |||
935 | $asn1ids = array(); |
||
936 | $res2 = OIDplus::db()->query("select name from ###asn1id where oid = ? order by lfd", array($row->id)); |
||
937 | while ($row2 = $res2->fetch_array()) { |
||
938 | $asn1ids[] = $row2['name']; |
||
939 | } |
||
940 | |||
941 | $iris = array(); |
||
942 | $res2 = OIDplus::db()->query("select name from ###iri where oid = ? order by lfd", array($row->id)); |
||
943 | while ($row2 = $res2->fetch_array()) { |
||
944 | $iris[] = $row2['name']; |
||
945 | } |
||
946 | |||
947 | $date_created = explode(' ', $row->created)[0] == '0000-00-00' ? '' : explode(' ', $row->created)[0]; |
||
948 | $date_updated = explode(' ', $row->updated)[0] == '0000-00-00' ? '' : explode(' ', $row->updated)[0]; |
||
949 | |||
950 | $output .= '<tr>'; |
||
693 | daniel-mar | 951 | $output .= ' <td><a href="?goto='.urlencode($row->id).'" onclick="openAndSelectNode('.js_escape($row->id).', '.js_escape($parent).'); return false;">'.htmlentities($show_id).'</a>'; |
952 | if ($enable_weid_presentation && ($parentNS == 'oid') && $objParent->isRoot()) { |
||
953 | // To save space horizontal space, the WEIDs were written below the OIDs |
||
954 | $output .= '<br>'.$obj->getWeidNotation(true); |
||
955 | } |
||
956 | $output .= '</td>'; |
||
957 | if ($enable_weid_presentation && ($parentNS == 'oid') && !$objParent->isRoot()) { |
||
958 | $output .= ' <td>'.htmlentities($obj->weidArc()).'</td>'; |
||
959 | } |
||
635 | daniel-mar | 960 | if ($objParent->userHasWriteRights()) { |
961 | if ($parentNS == 'oid') { |
||
962 | if ($accepts_asn1) $output .= ' <td><input type="text" id="asn1ids_'.$row->id.'" value="'.implode(', ', $asn1ids).'"></td>'; |
||
963 | if ($accepts_iri) $output .= ' <td><input type="text" id="iris_'.$row->id.'" value="'.implode(', ', $iris).'"></td>'; |
||
964 | } |
||
965 | $output .= ' <td><input type="text" id="ra_email_'.$row->id.'" value="'.htmlentities($row->ra_email).'"></td>'; |
||
966 | $output .= ' <td><input type="text" id="comment_'.$row->id.'" value="'.htmlentities($row->comment).'"></td>'; |
||
967 | $output .= ' <td><input type="checkbox" id="hide_'.$row->id.'" '.($row->confidential ? 'checked' : '').'></td>'; |
||
968 | $output .= ' <td><button type="button" name="update_'.$row->id.'" id="update_'.$row->id.'" class="btn btn-success btn-xs update" onclick="OIDplusPagePublicObjects.crudActionUpdate('.js_escape($row->id).', '.js_escape($parent).')">'._L('Update').'</button></td>'; |
||
969 | $output .= ' <td><button type="button" name="delete_'.$row->id.'" id="delete_'.$row->id.'" class="btn btn-danger btn-xs delete" onclick="OIDplusPagePublicObjects.crudActionDelete('.js_escape($row->id).', '.js_escape($parent).')">'._L('Delete').'</button></td>'; |
||
970 | $output .= ' <td>'.$date_created.'</td>'; |
||
971 | $output .= ' <td>'.$date_updated.'</td>'; |
||
972 | } else { |
||
973 | if ($parentNS == 'oid') { |
||
693 | daniel-mar | 974 | if ($asn1ids == '') $asn1ids = '<i>'._L('(none)').'</i>'; |
975 | if ($iris == '') $iris = '<i>'._L('(none)').'</i>'; |
||
635 | daniel-mar | 976 | $asn1ids_ext = array(); |
977 | foreach ($asn1ids as $asn1id) { |
||
978 | $asn1ids_ext[] = '<a href="?goto='.urlencode($row->id).'" onclick="openAndSelectNode('.js_escape($row->id).', '.js_escape($parent).'); return false;">'.$asn1id.'</a>'; |
||
979 | } |
||
980 | if ($accepts_asn1) $output .= ' <td>'.implode(', ', $asn1ids_ext).'</td>'; |
||
981 | if ($accepts_iri) $output .= ' <td>'.implode(', ', $iris).'</td>'; |
||
982 | } |
||
983 | $output .= ' <td><a '.OIDplus::gui()->link('oidplus:rainfo$'.str_replace('@','&',$row->ra_email)).'>'.htmlentities(empty($row->ra_name) ? str_replace('@','&',$row->ra_email) : $row->ra_name).'</a></td>'; |
||
984 | $output .= ' <td>'.htmlentities($row->comment).'</td>'; |
||
985 | $output .= ' <td>'.$date_created.'</td>'; |
||
986 | $output .= ' <td>'.$date_updated.'</td>'; |
||
987 | } |
||
988 | $output .= '</tr>'; |
||
989 | } |
||
990 | |||
991 | $result = OIDplus::db()->query("select * from ###objects where id = ?", array($parent)); |
||
790 | daniel-mar | 992 | $parent_ra_email = $result->any() ? $result->fetch_object()->ra_email : ''; |
693 | daniel-mar | 993 | |
692 | daniel-mar | 994 | // "Create OID" row |
635 | daniel-mar | 995 | if ($objParent->userHasWriteRights()) { |
996 | $output .= '<tr>'; |
||
997 | $prefix = is_null($objParent) ? '' : $objParent->crudInsertPrefix(); |
||
693 | daniel-mar | 998 | |
707 | daniel-mar | 999 | $suffix = is_null($objParent) ? '' : $objParent->crudInsertSuffix(); |
693 | daniel-mar | 1000 | foreach (OIDplus::getObjectTypePlugins() as $plugin) { |
1001 | if (($plugin::getObjectTypeClassName()::ns() == $parentNS) && $plugin->implementsFeature('1.3.6.1.4.1.37476.2.5.2.3.6')) { |
||
695 | daniel-mar | 1002 | $suffix .= $plugin->gridGeneratorLinks($objParent); |
693 | daniel-mar | 1003 | } |
1004 | } |
||
1005 | |||
1006 | if ($parentNS == 'guid') { |
||
695 | daniel-mar | 1007 | $output .= ' <td>'.$prefix.' <input type="text" id="id" value="" style="width:100%;min-width:275px">'.$suffix.'</td>'; |
693 | daniel-mar | 1008 | } else if ($parentNS == 'oid') { |
635 | daniel-mar | 1009 | // TODO: Idea: Give a class name, e.g. "OID" and then with a oid-specific CSS make the width individual. So, every plugin has more control over the appearance and widths of the input fields |
693 | daniel-mar | 1010 | if ($objParent->nodeId() === 'oid:2.25') { |
695 | daniel-mar | 1011 | $output .= ' <td>'.$prefix.' <input type="text" id="id" value="" style="width:100%;min-width:345px">'.$suffix.'</td>'; |
693 | daniel-mar | 1012 | if ($enable_weid_presentation) $output .= ' <td> </td>'; // For UUID-OIDs, you must generate a valid one. Don't be tempted to create one using the Base36 input! |
1013 | } else if ($objParent->isRoot()) { |
||
695 | daniel-mar | 1014 | $output .= ' <td>'.$prefix.' <input type="text" id="id" value="" style="width:100%;min-width:345px">'.$suffix.'</td>'; |
693 | daniel-mar | 1015 | if ($enable_weid_presentation) $output .= ''; // WEID-editor not available for root nodes at the moment. For the moment you need to enter the OID (TODO: Create JavaScript WEID encoder/decoder) |
635 | daniel-mar | 1016 | } else { |
693 | daniel-mar | 1017 | if ($enable_weid_presentation) { |
695 | daniel-mar | 1018 | $output .= ' <td>'.$prefix.' <input oninput="OIDplusPagePublicObjects.frdl_oidid_change()" type="text" id="id" value="" style="width:100%;min-width:100px">'.$suffix.'</td>'; |
693 | daniel-mar | 1019 | $output .= ' <td><input type="text" name="weid" id="weid" value="" oninput="OIDplusPagePublicObjects.frdl_weid_change()" style="width:100%;min-width:100px"></td>'; |
1020 | } else { |
||
695 | daniel-mar | 1021 | $output .= ' <td>'.$prefix.' <input type="text" id="id" value="" style="width:100%;min-width:100px">'.$suffix.'</td>'; |
693 | daniel-mar | 1022 | } |
635 | daniel-mar | 1023 | } |
1024 | } else { |
||
695 | daniel-mar | 1025 | $output .= ' <td>'.$prefix.' <input type="text" id="id" value="" style="width:100%;min-width:100px">'.$suffix.'</td>'; |
635 | daniel-mar | 1026 | } |
1027 | if ($accepts_asn1) $output .= ' <td><input type="text" id="asn1ids" value=""></td>'; |
||
1028 | if ($accepts_iri) $output .= ' <td><input type="text" id="iris" value=""></td>'; |
||
1029 | $output .= ' <td><input type="text" id="ra_email" value="'.htmlentities($parent_ra_email).'"></td>'; |
||
1030 | $output .= ' <td><input type="text" id="comment" value=""></td>'; |
||
1031 | $output .= ' <td><input type="checkbox" id="hide"></td>'; |
||
1032 | $output .= ' <td><button type="button" name="insert" id="insert" class="btn btn-success btn-xs update" onclick="OIDplusPagePublicObjects.crudActionInsert('.js_escape($parent).')">'._L('Insert').'</button></td>'; |
||
1033 | $output .= ' <td></td>'; |
||
1034 | $output .= ' <td></td>'; |
||
1035 | $output .= ' <td></td>'; |
||
1036 | $output .= '</tr>'; |
||
1037 | } else { |
||
1038 | if ($items_total-$items_hidden == 0) { |
||
1039 | $cols = ($parentNS == 'oid') ? 7 : 5; |
||
692 | daniel-mar | 1040 | if ($enable_weid_presentation && ($parentNS == 'oid') && !$objParent->isRoot()) { |
1041 | $cols++; |
||
693 | daniel-mar | 1042 | } |
635 | daniel-mar | 1043 | $output .= '<tr><td colspan="'.$cols.'">'._L('No items available').'</td></tr>'; |
1044 | } |
||
1045 | } |
||
1046 | |||
1047 | $output .= '</table>'; |
||
1048 | $output .= '</div></div>'; |
||
1049 | |||
1050 | if ($items_hidden == 1) { |
||
1051 | $output .= '<p>'._L('One item is hidden. Please <a %1>log in</a> to see it.',$items_hidden,OIDplus::gui()->link('oidplus:login')).'</p>'; |
||
1052 | } else if ($items_hidden > 1) { |
||
1053 | $output .= '<p>'._L('%1 items are hidden. Please <a %2>log in</a> to see them.',$items_hidden,OIDplus::gui()->link('oidplus:login')).'</p>'; |
||
1054 | } |
||
1055 | |||
1056 | return $output; |
||
1057 | } |
||
1058 | |||
1059 | protected static function objDescription($html) { |
||
1060 | // We allow HTML, but no hacking |
||
1061 | $html = anti_xss($html); |
||
1062 | |||
1063 | return trim_br($html); |
||
1064 | } |
||
1065 | |||
1066 | // 'quickbars' added 11 July 2019: Disabled because of two problems: |
||
1067 | // 1. When you load TinyMCE via AJAX using the left menu, the quickbar is immediately shown, even if TinyMCE does not have the focus |
||
1068 | // 2. When you load a page without TinyMCE using the left menu, the quickbar is still visible, although there is no edit |
||
1069 | // 'colorpicker', 'textcolor' and 'contextmenu' added in 07 April 2020, because it is built in in the core. |
||
1070 | // 'importcss' added 17 September 2020, because it breaks the "Format/Style" dropdown box ("styleselect" toolbar) |
||
753 | daniel-mar | 1071 | // 'legacyoutput' added 24 September 2021, because it is declared as deprecated |
1072 | // 'spellchecker' added 6 October 2021, because it is declared as deprecated and marked for removal in TinyMCE 6.0 |
||
1073 | // 'imagetools' and 'toc' added 23 February 2022, because they are declared as deprecated and marked for removal in TinyMCE 6.0 ("moving to premium") |
||
1074 | public static $exclude_tinymce_plugins = array('fullpage', 'bbcode', 'quickbars', 'colorpicker', 'textcolor', 'contextmenu', 'importcss', 'legacyoutput', 'spellchecker', 'imagetools', 'toc'); |
||
635 | daniel-mar | 1075 | |
1076 | protected static function showMCE($name, $content) { |
||
1077 | $mce_plugins = array(); |
||
1078 | foreach (glob(OIDplus::localpath().'vendor/tinymce/tinymce/plugins/*') as $m) { // */ |
||
1079 | $mce_plugins[] = basename($m); |
||
1080 | } |
||
1081 | |||
1082 | foreach (self::$exclude_tinymce_plugins as $exclude) { |
||
1083 | $index = array_search($exclude, $mce_plugins); |
||
1084 | if ($index !== false) unset($mce_plugins[$index]); |
||
1085 | } |
||
1086 | |||
1087 | $oidplusLang = OIDplus::getCurrentLang(); |
||
1088 | |||
1089 | $langCandidates = array( |
||
1090 | strtolower(substr($oidplusLang,0,2)).'_'.strtoupper(substr($oidplusLang,2,2)), // de_DE |
||
1091 | strtolower(substr($oidplusLang,0,2)) // de |
||
1092 | ); |
||
1093 | $tinyMCELang = ''; |
||
1094 | foreach ($langCandidates as $candidate) { |
||
1095 | if (file_exists(OIDplus::localpath().'vendor/tweeb/tinymce-i18n/langs/'.$candidate.'.js')) { |
||
1096 | $tinyMCELang = $candidate; |
||
1097 | break; |
||
1098 | } |
||
1099 | } |
||
1100 | |||
1101 | $out = '<script> |
||
1102 | tinymce.EditorManager.baseURL = "vendor/tinymce/tinymce"; |
||
1103 | tinymce.init({ |
||
801 | daniel-mar | 1104 | document_base_url: "'.OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL).'", |
635 | daniel-mar | 1105 | selector: "#'.$name.'", |
1106 | height: 200, |
||
1107 | statusbar: false, |
||
1108 | // menubar:false, |
||
1109 | // toolbar: "undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | table | fontsizeselect", |
||
1110 | toolbar: "undo redo | styleselect | bold italic underline forecolor | bullist numlist | outdent indent | table | fontsizeselect", |
||
1111 | plugins: "'.implode(' ', $mce_plugins).'", |
||
1112 | mobile: { |
||
1113 | theme: "mobile", |
||
1114 | toolbar: "undo redo | styleselect | bold italic underline forecolor | bullist numlist | outdent indent | table | fontsizeselect", |
||
1115 | plugins: "'.implode(' ', $mce_plugins).'" |
||
1116 | } |
||
1117 | '.($tinyMCELang == '' ? '' : ', language : "'.$tinyMCELang.'"').' |
||
801 | daniel-mar | 1118 | '.($tinyMCELang == '' ? '' : ', language_url : "'.OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE_CANONICAL).'vendor/tweeb/tinymce-i18n/langs/'.$tinyMCELang.'.js"').' |
635 | daniel-mar | 1119 | }); |
1120 | |||
1121 | pageChangeRequestCallbacks.push([OIDplusPagePublicObjects.cbQueryTinyMCE, "#'.$name.'"]); |
||
1122 | pageChangeCallbacks.push([OIDplusPagePublicObjects.cbRemoveTinyMCE, "#'.$name.'"]); |
||
1123 | </script>'; |
||
1124 | |||
1125 | $content = htmlentities($content); // For some reason, if we want to display the text "<xyz>" in TinyMCE, we need to double-encode things! < will not be accepted, we need &lt; ... why? |
||
1126 | |||
1127 | $out .= '<textarea name="'.htmlentities($name).'" id="'.htmlentities($name).'">'.trim($content).'</textarea><br>'; |
||
1128 | |||
1129 | return $out; |
||
1130 | } |
||
1131 | |||
1132 | public function implementsFeature($id) { |
||
1133 | if (strtolower($id) == '1.3.6.1.4.1.37476.2.5.2.3.1') return true; // oobeEntry, oobeRequested() |
||
952 | daniel-mar | 1134 | // Important: Do NOT 1.3.6.1.4.1.37476.2.5.2.3.7 because our getAlternativesForQuery() is the one that calls others! |
635 | daniel-mar | 1135 | return false; |
1136 | } |
||
1137 | |||
1138 | public function oobeRequested(): bool { |
||
1139 | // Interface 1.3.6.1.4.1.37476.2.5.2.3.1 |
||
1140 | |||
1141 | return OIDplus::config()->getValue('oobe_objects_done') == '0'; |
||
1142 | } |
||
1143 | |||
1144 | public function oobeEntry($step, $do_edits, &$errors_happened)/*: void*/ { |
||
1145 | // Interface 1.3.6.1.4.1.37476.2.5.2.3.1 |
||
1146 | |||
1147 | echo '<p><u>'._L('Step %1: Enable/Disable object type plugins',$step).'</u></p>'; |
||
1148 | echo '<p>'._L('Which object types do you want to manage using OIDplus?').'</p>'; |
||
1149 | |||
1150 | $enabled_ary = array(); |
||
1151 | |||
1152 | foreach (OIDplus::getEnabledObjectTypes() as $ot) { |
||
1153 | echo '<input type="checkbox" name="enable_ot_'.$ot::ns().'" id="enable_ot_'.$ot::ns().'"'; |
||
1154 | if (isset($_REQUEST['sent'])) { |
||
1155 | if (isset($_REQUEST['enable_ot_'.$ot::ns()])) { |
||
1156 | echo ' checked'; |
||
1157 | $enabled_ary[] = $ot::ns(); |
||
1158 | } |
||
1159 | } else { |
||
1160 | echo ' checked'; |
||
1161 | } |
||
1162 | echo '> <label for="enable_ot_'.$ot::ns().'">'.htmlentities($ot::objectTypeTitle()).'</label><br>'; |
||
1163 | } |
||
1164 | |||
1165 | foreach (OIDplus::getDisabledObjectTypes() as $ot) { |
||
1166 | echo '<input type="checkbox" name="enable_ot_'.$ot::ns().'" id="enable_ot_'.$ot::ns().'"'; |
||
1167 | if (isset($_REQUEST['sent'])) { |
||
1168 | if (isset($_REQUEST['enable_ot_'.$ot::ns()])) { |
||
1169 | echo ' checked'; |
||
1170 | $enabled_ary[] = $ot::ns(); |
||
1171 | } |
||
1172 | } else { |
||
1173 | echo ''; // <-- difference |
||
1174 | } |
||
1175 | echo '> <label for="enable_ot_'.$ot::ns().'">'.htmlentities($ot::objectTypeTitle()).'</label><br>'; |
||
1176 | } |
||
1177 | |||
1178 | $msg = ''; |
||
1179 | if ($do_edits) { |
||
1180 | try { |
||
1181 | OIDplus::config()->setValue('objecttypes_enabled', implode(';', $enabled_ary)); |
||
1182 | OIDplus::config()->setValue('oobe_objects_done', '1'); |
||
1183 | } catch (Exception $e) { |
||
1184 | $msg = $e->getMessage(); |
||
1185 | $errors_happened = true; |
||
1186 | } |
||
1187 | } |
||
1188 | |||
1189 | echo ' <font color="red"><b>'.$msg.'</b></font>'; |
||
1190 | } |
||
1191 | |||
693 | daniel-mar | 1192 | } |