Skip to content
Snippets Groups Projects
Commit 4a9d24b4 authored by Sonia Zorba's avatar Sonia Zorba
Browse files

Bugfix on search users query, added audit logging (to be improved), various

parent e9d62827
No related branches found
No related tags found
No related merge requests found
...@@ -3,3 +3,4 @@ composer.lock ...@@ -3,3 +3,4 @@ composer.lock
nbproject nbproject
logs logs
config.php config.php
test
...@@ -96,5 +96,6 @@ if ($user === null) { ...@@ -96,5 +96,6 @@ if ($user === null) {
$userHandler->saveUser($user); $userHandler->saveUser($user);
} }
$auditLog->info("LOGIN,Facebook," . $user->id);
$callbackHandler->manageLoginRedirect($user, $session); $callbackHandler->manageLoginRedirect($user, $session);
?> ?>
...@@ -90,6 +90,7 @@ if ($client->getAccessToken()) { ...@@ -90,6 +90,7 @@ if ($client->getAccessToken()) {
$userHandler->saveUser($user); $userHandler->saveUser($user);
} }
$auditLog->info("LOGIN,Google," . $user->id);
$callbackHandler->manageLoginRedirect($user, $session); $callbackHandler->manageLoginRedirect($user, $session);
die(); die();
......
...@@ -116,6 +116,7 @@ if ($info2['http_code'] === 200) { ...@@ -116,6 +116,7 @@ if ($info2['http_code'] === 200) {
$userHandler->saveUser($user); $userHandler->saveUser($user);
} }
$auditLog->info("LOGIN,LinkedIn," . $user->id);
$callbackHandler->manageLoginRedirect($user, $session); $callbackHandler->manageLoginRedirect($user, $session);
} else { } else {
//show information regarding the error //show information regarding the error
......
...@@ -47,6 +47,7 @@ if (isset($_SERVER['Shib-Session-ID'])) { ...@@ -47,6 +47,7 @@ if (isset($_SERVER['Shib-Session-ID'])) {
$userHandler->saveUser($user); $userHandler->saveUser($user);
} }
$auditLog->info("LOGIN,eduGAIN," . $user->id);
$callbackHandler->manageLoginRedirect($user, $session); $callbackHandler->manageLoginRedirect($user, $session);
} else { } else {
http_response_code(500); http_response_code(500);
......
...@@ -77,4 +77,5 @@ if ($session->x509DataToRegister !== null && $session->x509DataToRegister->name ...@@ -77,4 +77,5 @@ if ($session->x509DataToRegister !== null && $session->x509DataToRegister->name
} }
} }
$auditLog->info("LOGIN,X.509," . $user->id);
$callbackHandler->manageLoginRedirect($user, $session); $callbackHandler->manageLoginRedirect($user, $session);
...@@ -208,9 +208,11 @@ class MySQLDAO implements DAO { ...@@ -208,9 +208,11 @@ class MySQLDAO implements DAO {
. " i.`id`, `type`, `typed_id`, `email`, `name`, `surname`, `institution`, `eppn`" . " i.`id`, `type`, `typed_id`, `email`, `name`, `surname`, `institution`, `eppn`"
. " FROM identity i" . " FROM identity i"
. " JOIN `user` u on u.id = i.user_id" . " JOIN `user` u on u.id = i.user_id"
. " WHERE i.user_id IN"
. " (SELECT user_id FROM identity"
. " WHERE `email` LIKE :email OR `email` LIKE :emailPart" . " WHERE `email` LIKE :email OR `email` LIKE :emailPart"
. " OR `name` LIKE :name OR `surname` LIKE :surname" . " OR `name` LIKE :name OR `surname` LIKE :surname"
. " OR CONCAT(`name`,' ',`surname`) LIKE :namesurname"; . " OR CONCAT(`name`,' ',`surname`) LIKE :namesurname)";
$stmt = $dbh->prepare($query); $stmt = $dbh->prepare($query);
......
...@@ -29,6 +29,7 @@ $PROTOCOL = stripos($_SERVER['SERVER_PROTOCOL'], 'https') ? 'https://' : 'http:/ ...@@ -29,6 +29,7 @@ $PROTOCOL = stripos($_SERVER['SERVER_PROTOCOL'], 'https') ? 'https://' : 'http:/
$BASE_PATH = $PROTOCOL . $_SERVER['HTTP_HOST'] . $CONTEXT_ROOT; $BASE_PATH = $PROTOCOL . $_SERVER['HTTP_HOST'] . $CONTEXT_ROOT;
$LOG_PATH = ROOT . "/logs/rap-service.log"; $LOG_PATH = ROOT . "/logs/rap-service.log";
$AUDIT_LOG_PATH = ROOT . "/logs/rap-audit.log";
$LOG_LEVEL = Monolog\Logger::DEBUG; $LOG_LEVEL = Monolog\Logger::DEBUG;
$CALLBACKS = [ $CALLBACKS = [
...@@ -48,25 +49,25 @@ $DATABASE = array( ...@@ -48,25 +49,25 @@ $DATABASE = array(
'dbtype' => 'MySQL', 'dbtype' => 'MySQL',
'hostname' => 'localhost', 'hostname' => 'localhost',
'port' => 3306, 'port' => 3306,
'username' => 'rap', 'username' => 'XXXXXX',
'password' => '***REMOVED***', 'password' => 'XXXXXX',
'dbname' => 'rap' 'dbname' => 'rap'
); );
$AUTHENTICATION_METHODS = array( $AUTHENTICATION_METHODS = array(
'eduGAIN' => array(), 'eduGAIN' => array(),
'Google' => array( 'Google' => array(
'id' => "***REMOVED***.apps.googleusercontent.com", 'id' => "XXXXXX",
'secret' => "***REMOVED***", 'secret' => "XXXXXX",
'callback' => $BASE_PATH . "/auth/oauth2/google_token.php"), 'callback' => $BASE_PATH . "/auth/oauth2/google_token.php"),
'Facebook' => array( 'Facebook' => array(
'id' => "***REMOVED***", 'id' => "XXXXXX",
'secret' => "***REMOVED***", 'secret' => "XXXXXX",
'version' => "v2.2", 'version' => "v2.2",
'callback' => $BASE_PATH . "/auth/oauth2/facebook_token.php"), 'callback' => $BASE_PATH . "/auth/oauth2/facebook_token.php"),
'LinkedIn' => array( 'LinkedIn' => array(
'id' => '***REMOVED***', 'id' => 'XXXXXX',
'secret' => '***REMOVED***', 'secret' => 'XXXXXX',
'callback' => $BASE_PATH . '/auth/oauth2/linkedin_token.php' 'callback' => $BASE_PATH . '/auth/oauth2/linkedin_token.php'
), ),
'X.509' => array(), 'X.509' => array(),
...@@ -79,12 +80,7 @@ $AUTHENTICATION_METHODS = array( ...@@ -79,12 +80,7 @@ $AUTHENTICATION_METHODS = array(
); );
$GROUPER = array( $GROUPER = array(
'wsURL' => 'http://localhost:8087/grouper-ws/', 'wsURL' => 'http://hostname/grouper-ws/',
'user' => 'GrouperSystem', 'user' => 'XXXXXX',
'password' => '***REMOVED***' 'password' => 'XXXXXX'
); );
/*$GROUPER = array(
'wsURL' => 'https://sso.ia2.inaf.it/grouper-ws/',
'user' => 'GrouperSystem',
'password' => '***REMOVED***321'
);*/
...@@ -99,7 +99,7 @@ Flight::route('GET /confirm-join', function() { ...@@ -99,7 +99,7 @@ Flight::route('GET /confirm-join', function() {
Flight::route('POST /confirm-join', function() { Flight::route('POST /confirm-join', function() {
global $dao, $userHandler; global $dao, $userHandler, $auditLog;
$token = Flight::request()->data['token']; $token = Flight::request()->data['token'];
...@@ -114,6 +114,8 @@ Flight::route('POST /confirm-join', function() { ...@@ -114,6 +114,8 @@ Flight::route('POST /confirm-join', function() {
die("Invalid token"); die("Invalid token");
} }
$auditLog->info("JOIN," . $userIds[0] . "," . $userIds[1]);
$userHandler->joinUsers($userIds[0], $userIds[1]); $userHandler->joinUsers($userIds[0], $userIds[1]);
$dao->deleteJoinRequest($token); $dao->deleteJoinRequest($token);
......
...@@ -44,6 +44,8 @@ include ROOT . '/config.php'; ...@@ -44,6 +44,8 @@ include ROOT . '/config.php';
date_default_timezone_set("Europe/Rome"); date_default_timezone_set("Europe/Rome");
$log = new Monolog\Logger('mainLogger'); $log = new Monolog\Logger('mainLogger');
$log->pushHandler(new Monolog\Handler\StreamHandler($LOG_PATH, $LOG_LEVEL)); $log->pushHandler(new Monolog\Handler\StreamHandler($LOG_PATH, $LOG_LEVEL));
$auditLog = new Monolog\Logger('auditLogger');
$auditLog->pushHandler(new Monolog\Handler\StreamHandler($AUDIT_LOG_PATH, $LOG_LEVEL));
switch ($DATABASE['dbtype']) { switch ($DATABASE['dbtype']) {
case 'MySQL': case 'MySQL':
......
DELIMITER //
CREATE PROCEDURE delete_user (userId INT)
BEGIN
UPDATE user SET primary_identity = NULL WHERE id = userId;
DELETE FROM identity WHERE user_id = userId;
DELETE FROM user WHERE id = userId;
END; //
DELIMITER ;
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment