access_url.php 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470
  1. <?php
  2. /* For licensing terms, see /license.txt */
  3. use Chamilo\CoreBundle\Entity\ExtraField as EntityExtraField;
  4. use Chamilo\UserBundle\Entity\User;
  5. /**
  6. * @package chamilo.webservices
  7. */
  8. require_once __DIR__.'/../inc/global.inc.php';
  9. $libpath = api_get_path(LIBRARY_PATH);
  10. $debug = true;
  11. define('WS_ERROR_SECRET_KEY', 1);
  12. define('WS_ERROR_NOT_FOUND_RESULT', 2);
  13. define('WS_ERROR_INVALID_INPUT', 3);
  14. define('WS_ERROR_SETTING', 4);
  15. /**
  16. * @param integer $code
  17. */
  18. function return_error($code)
  19. {
  20. $fault = null;
  21. switch ($code) {
  22. case WS_ERROR_SECRET_KEY:
  23. $fault = new soap_fault('Server', '', 'Secret key is not correct or params are not correctly set');
  24. break;
  25. case WS_ERROR_NOT_FOUND_RESULT:
  26. $fault = new soap_fault('Server', '', 'No result was found for this query');
  27. break;
  28. case WS_ERROR_INVALID_INPUT:
  29. $fault = new soap_fault('Server', '', 'The input variables are invalid o are not correctly set');
  30. break;
  31. case WS_ERROR_SETTING:
  32. $fault = new soap_fault('Server', '', 'Please check the configuration for this webservice');
  33. break;
  34. }
  35. return $fault;
  36. }
  37. /**
  38. * @param array $params
  39. * @return bool
  40. */
  41. function WSHelperVerifyKey($params)
  42. {
  43. global $_configuration, $debug;
  44. if (is_array($params)) {
  45. $secret_key = $params['secret_key'];
  46. } else {
  47. $secret_key = $params;
  48. }
  49. //error_log(print_r($params,1));
  50. $check_ip = false;
  51. $ip_matches = false;
  52. $ip = trim($_SERVER['REMOTE_ADDR']);
  53. // if we are behind a reverse proxy, assume it will send the
  54. // HTTP_X_FORWARDED_FOR header and use this IP instead
  55. if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
  56. list($ip1, $ip2) = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
  57. $ip = trim($ip1);
  58. }
  59. if ($debug) {
  60. error_log("ip: $ip");
  61. }
  62. // Check if a file that limits access from webservices exists and contains
  63. // the restraining check
  64. if (is_file('webservice-auth-ip.conf.php')) {
  65. include 'webservice-auth-ip.conf.php';
  66. if ($debug) {
  67. error_log("webservice-auth-ip.conf.php file included");
  68. }
  69. if (!empty($ws_auth_ip)) {
  70. $check_ip = true;
  71. $ip_matches = api_check_ip_in_range($ip, $ws_auth_ip);
  72. if ($debug) {
  73. error_log("ip_matches: $ip_matches");
  74. }
  75. }
  76. }
  77. if ($debug) {
  78. error_log("checkip ".intval($check_ip));
  79. }
  80. if ($check_ip) {
  81. $security_key = $_configuration['security_key'];
  82. } else {
  83. $security_key = $ip.$_configuration['security_key'];
  84. //error_log($secret_key.'-'.$security_key);
  85. }
  86. $result = api_is_valid_secret_key($secret_key, $security_key);
  87. //error_log($secret_key.'-'.$security_key);
  88. if ($debug) {
  89. error_log('WSHelperVerifyKey result: '.intval($result));
  90. }
  91. return $result;
  92. }
  93. // Create the server instance
  94. $server = new soap_server();
  95. /** @var HookWSRegistration $hook */
  96. $hook = HookWSRegistration::create();
  97. if (!empty($hook)) {
  98. $hook->setEventData(array('server' => $server));
  99. $res = $hook->notifyWSRegistration(HOOK_EVENT_TYPE_PRE);
  100. if (!empty($res['server'])) {
  101. $server = $res['server'];
  102. }
  103. }
  104. $server->soap_defencoding = 'UTF-8';
  105. // Initialize WSDL support
  106. $server->configureWSDL('WSAccessUrl', 'urn:WSAccessUrl');
  107. $server->wsdl->addComplexType(
  108. 'portalItem',
  109. 'complexType',
  110. 'struct',
  111. 'all',
  112. '',
  113. array(
  114. 'id' => array('name' => 'id', 'type' => 'xsd:string'),
  115. 'url' => array('name' => 'url', 'type' => 'xsd:string')
  116. )
  117. );
  118. $server->wsdl->addComplexType(
  119. 'portalList',
  120. 'complexType',
  121. 'array',
  122. '',
  123. 'SOAP-ENC:Array',
  124. array(),
  125. array(
  126. array(
  127. 'ref' => 'SOAP-ENC:arrayType',
  128. 'wsdl:arrayType' => 'tns:portalItem[]',
  129. ),
  130. ),
  131. 'tns:portalItem'
  132. );
  133. $server->wsdl->addComplexType(
  134. 'getPortals',
  135. 'complexType',
  136. 'struct',
  137. 'all',
  138. '',
  139. array(
  140. 'secret_key' => array('name' => 'secret_key', 'type' => 'xsd:string')
  141. )
  142. );
  143. // Register the method to expose
  144. $server->register('WSGetPortals', // method name
  145. array('getPortals' => 'tns:getPortals'), // input parameters
  146. array('return' => 'tns:portalList'), // output parameters
  147. 'urn:WSAccessUrl', // namespace
  148. 'urn:WSAccessUrl#WSGetPortals', // soapaction
  149. 'rpc', // style
  150. 'encoded', // use
  151. 'This service adds a user to portal' // documentation
  152. );
  153. // Define the method WSAddUserToPortal
  154. function WSGetPortals($params)
  155. {
  156. global $debug;
  157. if (!WSHelperVerifyKey($params['secret_key'])) {
  158. return return_error(WS_ERROR_SECRET_KEY);
  159. }
  160. $urlData = UrlManager::get_url_data();
  161. $return = [];
  162. foreach ($urlData as $data) {
  163. $return[] = [
  164. 'id' => $data['id'],
  165. 'url' => $data['url'],
  166. ];
  167. }
  168. if ($debug) {
  169. error_log(print_r($return, 1));
  170. }
  171. return $return;
  172. }
  173. $server->wsdl->addComplexType(
  174. 'AddUserToPortal',
  175. 'complexType',
  176. 'struct',
  177. 'all',
  178. '',
  179. array(
  180. 'secret_key' => array('name' => 'secret_key', 'type' => 'xsd:string'),
  181. 'user_id' => array('name' => 'user_id', 'type' => 'xsd:string'),
  182. 'portal_id' => array('name' => 'portal_id', 'type' => 'xsd:string')
  183. )
  184. );
  185. // Register the method to expose
  186. $server->register(
  187. 'WSAddUserToPortal', // method name
  188. array('addUserToPortal' => 'tns:AddUserToPortal'), // input parameters
  189. array('return' => 'xsd:string'), // output parameters
  190. 'urn:WSAccessUrl', // namespace
  191. 'urn:WSAccessUrl#WSAddUserToPortal', // soapaction
  192. 'rpc', // style
  193. 'encoded', // use
  194. 'This service adds a user to portal' // documentation
  195. );
  196. // Define the method WSAddUserToPortal
  197. function WSAddUserToPortal($params)
  198. {
  199. if (!WSHelperVerifyKey($params['secret_key'])) {
  200. return return_error(WS_ERROR_SECRET_KEY);
  201. }
  202. $userId = $params['user_id'];
  203. $portalId = $params['portal_id'];
  204. UrlManager::add_user_to_url($userId, $portalId);
  205. $result = UrlManager::relation_url_user_exist($userId, $portalId);
  206. if (!empty($result)) {
  207. return 1;
  208. }
  209. return 0;
  210. }
  211. // Register the method to expose
  212. $server->register(
  213. 'WSRemoveUserFromPortal', // method name
  214. array('removeUserFromPortal' => 'tns:AddUserToPortal'), // input parameters
  215. array('return' => 'xsd:string'), // output parameters
  216. 'urn:WSAccessUrl', // namespace
  217. 'urn:WSAccessUrl#WSRemoveUserFromPortal', // soapaction
  218. 'rpc', // style
  219. 'encoded', // use
  220. 'This service remove a user from a portal' // documentation
  221. );
  222. // Define the method WSDeleteUserFromGroup
  223. function WSRemoveUserFromPortal($params)
  224. {
  225. if (!WSHelperVerifyKey($params['secret_key'])) {
  226. return return_error(WS_ERROR_SECRET_KEY);
  227. }
  228. $userId = $params['user_id'];
  229. $portalId = $params['portal_id'];
  230. UrlManager::delete_url_rel_user($userId, $portalId);
  231. $result = UrlManager::relation_url_user_exist($userId, $portalId);
  232. if (empty($result)) {
  233. return 1;
  234. }
  235. return 0;
  236. }
  237. $server->wsdl->addComplexType(
  238. 'getPortalListFromUser',
  239. 'complexType',
  240. 'struct',
  241. 'all',
  242. '',
  243. array(
  244. 'secret_key' => array('name' => 'secret_key', 'type' => 'xsd:string'),
  245. 'user_id' => array('name' => 'user_id', 'type' => 'xsd:string'),
  246. )
  247. );
  248. // Register the method to expose
  249. $server->register(
  250. 'WSGetPortalListFromUser', // method name
  251. array('getPortalListFromUser' => 'tns:getPortalListFromUser'), // input parameters
  252. array('return' => 'tns:portalList'), // output parameters
  253. 'urn:WSAccessUrl', // namespace
  254. 'urn:WSAccessUrl#WSGetPortalListFromUser', // soapaction
  255. 'rpc', // style
  256. 'encoded', // use
  257. 'This service remove a user from a portal' // documentation
  258. );
  259. // Define the method WSDeleteUserFromGroup
  260. function WSGetPortalListFromUser($params)
  261. {
  262. if (!WSHelperVerifyKey($params['secret_key'])) {
  263. return return_error(WS_ERROR_SECRET_KEY);
  264. }
  265. $userId = $params['user_id'];
  266. $result = UrlManager::get_access_url_from_user($userId);
  267. if (!empty($result)) {
  268. foreach ($result as &$data) {
  269. $data['id'] = $data['access_url_id'];
  270. }
  271. }
  272. return $result;
  273. }
  274. // Course ws
  275. $server->wsdl->addComplexType(
  276. 'getPortalListFromCourse',
  277. 'complexType',
  278. 'struct',
  279. 'all',
  280. '',
  281. array(
  282. 'secret_key' => array('name' => 'secret_key', 'type' => 'xsd:string'),
  283. 'original_course_id_name' => array('name' => 'original_course_id_name', 'type' => 'xsd:string'),
  284. 'original_course_id_value' => array('name' => 'original_course_id_value', 'type' => 'xsd:string')
  285. )
  286. );
  287. // Register the method to expose
  288. $server->register(
  289. 'WSGetPortalListFromCourse', // method name
  290. array('getPortalListFromCourse' => 'tns:getPortalListFromCourse'), // input parameters
  291. array('return' => 'tns:portalList'), // output parameters
  292. 'urn:WSAccessUrl', // namespace
  293. 'urn:WSAccessUrl#getPortalListFromCourse', // soapaction
  294. 'rpc', // style
  295. 'encoded', // use
  296. 'This service remove a user from a portal' // documentation
  297. );
  298. // Define the method WSDeleteUserFromGroup
  299. function WSGetPortalListFromCourse($params)
  300. {
  301. if (!WSHelperVerifyKey($params['secret_key'])) {
  302. return return_error(WS_ERROR_SECRET_KEY);
  303. }
  304. $courseInfo = CourseManager::getCourseInfoFromOriginalId(
  305. $params['original_course_id_value'],
  306. $params['original_course_id_name']
  307. );
  308. $courseId = $courseInfo['real_id'];
  309. $result = UrlManager::get_access_url_from_course($courseId);
  310. if (!empty($result)) {
  311. foreach ($result as &$data) {
  312. $data['id'] = $data['access_url_id'];
  313. }
  314. }
  315. return $result;
  316. }
  317. $server->wsdl->addComplexType(
  318. 'addCourseToPortal',
  319. 'complexType',
  320. 'struct',
  321. 'all',
  322. '',
  323. array(
  324. 'secret_key' => array('name' => 'secret_key', 'type' => 'xsd:string'),
  325. 'portal_id' => array('name' => 'portal_id', 'type' => 'xsd:string'),
  326. 'original_course_id_name' => array('name' => 'original_course_id_name', 'type' => 'xsd:string'),
  327. 'original_course_id_value' => array('name' => 'original_course_id_value', 'type' => 'xsd:string')
  328. )
  329. );
  330. // Register the method to expose
  331. $server->register('WSAddCourseToPortal', // method name
  332. array('addCourseToPortal' => 'tns:addCourseToPortal'), // input parameters
  333. array('return' => 'xsd:string'), // output parameters
  334. 'urn:WSAccessUrl', // namespace
  335. 'urn:WSAccessUrl#WSAddCourseToPortal', // soapaction
  336. 'rpc', // style
  337. 'encoded', // use
  338. 'This service adds a course to portal' // documentation
  339. );
  340. // Define the method WSAddUserToPortal
  341. function WSAddCourseToPortal($params)
  342. {
  343. if (!WSHelperVerifyKey($params['secret_key'])) {
  344. return return_error(WS_ERROR_SECRET_KEY);
  345. }
  346. $courseInfo = CourseManager::getCourseInfoFromOriginalId(
  347. $params['original_course_id_value'],
  348. $params['original_course_id_name']
  349. );
  350. $courseId = $courseInfo['real_id'];
  351. $portalId = $params['portal_id'];
  352. UrlManager::add_course_to_url($courseId, $portalId);
  353. $result = UrlManager::relation_url_course_exist($courseId, $portalId);
  354. return intval($result);
  355. }
  356. // Register the method to expose
  357. $server->register('WSRemoveCourseFromPortal', // method name
  358. array('removeCourseFromPortal' => 'tns:addCourseToPortal'), // input parameters
  359. array('return' => 'xsd:string'), // output parameters
  360. 'urn:WSAccessUrl', // namespace
  361. 'urn:WSAccessUrl#WSRemoveCourseFromPortal', // soapaction
  362. 'rpc', // style
  363. 'encoded', // use
  364. 'This service remove a course from a portal' // documentation
  365. );
  366. // Define the method WSDeleteUserFromGroup
  367. function WSRemoveCourseFromPortal($params)
  368. {
  369. if (!WSHelperVerifyKey($params['secret_key'])) {
  370. return return_error(WS_ERROR_SECRET_KEY);
  371. }
  372. $courseInfo = CourseManager::getCourseInfoFromOriginalId(
  373. $params['original_course_id_value'],
  374. $params['original_course_id_name']
  375. );
  376. $courseId = $courseInfo['real_id'];
  377. $portalId = $params['portal_id'];
  378. UrlManager::delete_url_rel_course($courseId, $portalId);
  379. $result = UrlManager::relation_url_course_exist($courseId, $portalId);
  380. if (empty($result)) {
  381. return true;
  382. }
  383. return false;
  384. }
  385. /* Delete user from group Web Service end */
  386. // Add more webservices through hooks from plugins
  387. if (!empty($hook)) {
  388. $hook->setEventData(array('server' => $server));
  389. $res = $hook->notifyWSRegistration(HOOK_EVENT_TYPE_POST);
  390. if (!empty($res['server'])) {
  391. $server = $res['server'];
  392. }
  393. }
  394. // Use the request to (try to) invoke the service
  395. $GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents('php://input');
  396. $HTTP_RAW_POST_DATA = isset($HTTP_RAW_POST_DATA) ? $HTTP_RAW_POST_DATA : '';
  397. // If you send your data in utf8 then this value must be false.
  398. $decodeUTF8 = api_get_setting('registration.soap.php.decode_utf8');
  399. if ($decodeUTF8 === 'true') {
  400. $server->decode_utf8 = true;
  401. } else {
  402. $server->decode_utf8 = false;
  403. }
  404. $server->service($HTTP_RAW_POST_DATA);