diff --git a/build/api/core/AuthSystemDefault.php b/build/api/core/AuthSystemDefault.php index 21e0540..58b9ece 100644 --- a/build/api/core/AuthSystemDefault.php +++ b/build/api/core/AuthSystemDefault.php @@ -29,24 +29,36 @@ /* (2) Check CAS ---------------------------------------------------------*/ - if( isset($_SESSION['CAS']['login']) && isset($_SESSION['CAS']['ticket']) ){ + if( (!isset($_SESSION["isLogged"]) || !$_SESSION["isLogged"]) && isset($_SESSION['CAS']['login']) && isset($_SESSION['CAS']['ticket']) ){ - /* (1) Get professor repo */ + /* (1) If the user is not logged we try to retrive the list of the linked department*/ /** @var professor $prof_repo */ $prof_repo = Repo::getRepo('professor'); /* (2) Get professor with this login */ - $by_login = $prof_repo->getByLogin($_SESSION['CAS']['login']); + $deps = $prof_repo->getLinkedDepartment($_SESSION['CAS']['login']); + if(is_array($deps)){ + $_SESSION['CurrentDatabase'] = $deps[0]["dbName"]; + $_SESSION['CurrentDepartementId'] = $deps[0]["idDep"]; - /* (3) If found -> store useful information */ - if( is_array($by_login) && isset($by_login['idProfesseur']) && isset($by_login['admin']) ){ + Repo::switchDatabase($_SESSION['CurrentDatabase']); - $_SESSION['CAS']['admin'] = (bool) $by_login['admin']; - $_SESSION['CAS']['id'] = (int) $by_login['idProfesseur']; + $by_login = $prof_repo->getByLogin($_SESSION['CAS']['login']); - /* (4) If no login found -> remove CAS auth */ - }else + /* (3) If found -> store useful information */ + if( is_array($by_login) && isset($by_login['idProfesseur']) && isset($by_login['admin']) ){ + + $_SESSION['CAS']['admin'] = (bool) $by_login['admin']; + $_SESSION['CAS']['id'] = (int) $by_login['idProfesseur']; + $_SESSION["isLogged"] = true; + + /* (4) If no login found -> remove CAS auth */ + }else + $_SESSION['CAS'] = []; + }else{ $_SESSION['CAS'] = []; + } + } diff --git a/build/database/core/DatabaseDriver.php b/build/database/core/DatabaseDriver.php index 080fd09..391e0ed 100755 --- a/build/database/core/DatabaseDriver.php +++ b/build/database/core/DatabaseDriver.php @@ -126,12 +126,14 @@ $conf[$label]['local']['debug'] = false; } - self::$instance[$label] = new DatabaseDriver($conf[$label]['local']['host'], $conf[$label]['local']['dbname'], $conf[$label]['local']['user'], $conf[$label]['local']['password'],$conf[$label]['local']['debug']); - /* (2) If Remote -> instanciates with Remote configuration */ - // else - // self::$instance[$label] = new DatabaseDriver($conf[$label]['remote']['host'], $conf[$label]['remote']['dbname'], $conf[$label]['remote']['user'], $conf[$label]['remote']['password']); + if(isset($_SESSION['CurrentDatabase']) && is_string($_SESSION['CurrentDatabase'])){ + $conf[$label]['local']['dbname'] = $_SESSION['CurrentDatabase']; + } - return true; + self::$instance[$label] = new DatabaseDriver($conf[$label]['local']['host'], $conf[$label]['local']['dbname'], $conf[$label]['local']['user'], $conf[$label]['local']['password'],$conf[$label]['local']['debug']); + + + return true ; }catch(\Exception $e){ diff --git a/build/database/core/Repo.php b/build/database/core/Repo.php index d5d86f3..96fdd2e 100644 --- a/build/database/core/Repo.php +++ b/build/database/core/Repo.php @@ -77,6 +77,10 @@ return static::$driver->isDebugEnabled(); } + public static function switchDatabase(string $dbName){ + return static::$driver->pdo()->prepare("USE $dbName")->execute(); + } + diff --git a/build/database/repo/professor.php b/build/database/repo/professor.php index 98df637..298c246 100644 --- a/build/database/repo/professor.php +++ b/build/database/repo/professor.php @@ -27,7 +27,7 @@ class professor extends Repo_i { * @return prof_id The professor's UID (or -1 on error) * ---------------------------------------------------------*/ - public function create(string $lastName, string $firstName, int $category, $hoursToDo = 0, $initials = "", $isAdmin = false , $casLogin = "" ) : ?int{ + public function create(string $lastName, string $firstName, int $category, int $hoursToDo = 0, ?string $initials = null , bool $isAdmin = false , ?string $casLogin = null ) : ?int{ /* (1) Prepare Statement */ $st = $this->pdo->prepare("INSERT INTO @@ -45,12 +45,30 @@ class professor extends Repo_i { ':cat' => $category ]); + $profId = $this->pdo->lastInsertId(); + + /* (3) synchroize the meta database */ + if(!is_null($casLogin)){ + $st = $this->pdo->prepare("INSERT IGNORE INTO meta_vhost.casUser(casLogin, firstName, lastName) VALUE (:casLogin,:firstName,:lastName)"); + $st->execute([ + "casLogin" => $casLogin, + "firstName" => $firstName, + "lastName" => $lastName + ]); + + $st = $this->pdo->prepare("INSERT INTO meta_vhost.linkedDep(departement_iddepartement, casUser_casLogin) VALUE (:idDep,:casLogin)"); + $st->execute([ + "idDep" => $_SESSION['CurrentDepartementId'], + "casLogin" => $casLogin + ]); + } + /* (3) Manage error */ if( !$success ) return NULL; /* (4) Return inserted ID */ - return $this->pdo->lastInsertId(); + return $profId; } @@ -97,6 +115,37 @@ class professor extends Repo_i { } + public function getLinkedDepartment(string $casLogin) : ?array{ + + /* (1) Prepare Statement */ + $st = $this->pdo->prepare("SELECT d2.iddepartement idDep, d2.label labelDep, d2.databaseName dbName + FROM meta_vhost.casUser + JOIN meta_vhost.linkedDep D ON casUser.casLogin = D.casUser_casLogin + JOIN meta_vhost.departement d2 ON D.departement_iddepartement = d2.iddepartement + WHERE casLogin = :caslogin"); + + /* (2) Check if statement error */ + if( is_bool($st) ) + return NULL; + + /* (3) Bind params and execute statement */ + $success = $st->execute([ ':caslogin' => $casLogin ]); + + /* (4) Manage error */ + if( !$success ) + return NULL; + + /* (5) Get data */ + $fetched = $st->fetchAll(); + + /* (6) Return NULL on no result */ + if( $fetched === false ) + return NULL; + + /* (7) Return data */ + return $fetched; + } + @@ -140,7 +189,31 @@ class professor extends Repo_i { $st = $this->pdo->prepare($sql_rq); /* (5) Return execution success */ - return $st->execute($bind_param); + $success = $st->execute($bind_param); + + $prof = $this->get($id); + if($success && !is_null($prof[0]["casLogin"])){ + //try to get the user + $st = $this->pdo->prepare("SELECT * FROM meta_vhost.casUser WHERE casLogin = :casLogin"); + $st->execute([ + "casLogin" => $prof[0]["casLogin"] + ]); + + //is the user does not already exists, we create it + if(!is_array($st->fetch())){ + $st = $this->pdo->prepare("INSERT INTO meta_vhost.casUser(casLogin, firstName, lastName) + VALUE(:casLogin,:firstName,:lastName)"); + }else{ + $st = $this->pdo->prepare("UPDATE meta_vhost.casUser SET casLogin = :casLogin,firstName = :firstName, lastName = :lastName "); + } + $st->execute([ + "firstName" => $prof[0]["firstName"], + "lastName" => $prof[0]["lastName"], + "casLogin" => $prof[0]["casLogin"] + ]); + } + + return $success; } @@ -358,11 +431,25 @@ class professor extends Repo_i { ---------------------------------------------------------*/ public function delete(int $id) : bool{ + //we have to store the professor to synchronize the meta database later + $prof = $this->get($id); + /* (1) Prepare statement */ $st = $this->pdo->prepare("DELETE FROM `Professeur` WHERE `idProfesseur` = :id"); /* (2) Return the execution status */ - return $st->execute([ ':id' => $id ]); + $success = $st->execute([ ':id' => $id ]); + + if($success){ + //delete the association + $st = $this->pdo->prepare("DELETE FROM meta_vhost.linkedDep WHERE casUser_casLogin = :casLogin AND departement_iddepartement = :idDep"); + $st->execute([ + "casLogin" => $prof[0]["casLogin"], + "idDep" => $_SESSION['CurrentDepartementId'] + ]); + } + + return $success; }