diff --git a/application/controllers/manage/Attribute_policyajax.php b/application/controllers/manage/Attribute_policyajax.php
index 15258a461..440c6b78c 100644
--- a/application/controllers/manage/Attribute_policyajax.php
+++ b/application/controllers/manage/Attribute_policyajax.php
@@ -25,161 +25,6 @@ public function __construct() {
}
- public function retrieveattrpath($idpid=null)
- {
- if(!$this->input->is_ajax_request() || (empty($idpid) || !is_numeric($idpid)))
- {
- show_error('method not allowed',403);
- }
- $loggedin = $this->j_auth->logged_in();
- if (!$loggedin) {
- set_status_header(403);
- echo 'lost session';
- return;
- }
- $this->load->library('zacl');
- $tmp_arps = new models\AttributeReleasePolicies;
- $langdrop = array('0'=>lang('dropnever'),'1'=> lang('dropokreq'),'2'=>lang('dropokreqdes'),'100'=>lang('dropnotset'));
-
-
-
- $idp = $this->em->getRepository("models\Provider")->findOneBy(array('id'=>$idpid,'type'=>array('IDP','BOTH')));
- if(empty($idp))
- {
- set_status_header(404);
- echo 'idp not found';
- return;
- }
- $has_write_access = $this->zacl->check_acl($idpid, 'write', 'entity', '');
- if(!$has_write_access)
- {
- set_status_header(403);
- echo 'no permission';
- return;
- }
-
- $requester = $this->input->post('requester');
- $attrname = $this->input->post('attribute');
-
- if(empty($requester) || empty($attrname))
- {
- set_status_header(403);
- echo 'missing params';
- return;
- }
-
- $attribute = $this->em->getRepository("models\Attribute")->findOneBy(array('name'=>$attrname));
- if(empty($attribute))
- {
- set_status_header(403);
- echo 'missing attr';
- return;
- }
- $sp = $this->em->getRepository("models\Provider")->findOneBy(array('entityid'=>$requester,'type'=>array('SP','BOTH')));
- if(empty($sp))
- {
- set_status_header(403);
- echo 'missing sp';
- return;
- }
- $result = array('status'=>'ok','requester'=>$requester,'attributename'=>$attrname);
- $result['details'] = array();
- $supportedAttr = $this->em->getRepository("models\AttributeReleasePolicy")->findOneBy(array('attribute'=>$attribute,'idp'=>$idp,'type'=>'supported'));
- $supported = false;
- if(!empty($supportedAttr))
- {
- $result['supported'] = true;
- $result['details'][] = array('name'=>'','value'=>lang('rr_supported'));
- $supported = true;
- }
- else
- {
- $result['supported'] = false;
- $result['details'][] = array('name'=>'','value'=>lang('attrnotsupported'));
- }
- $globalPolicy = $this->em->getRepository("models\AttributeReleasePolicy")->findOneBy(array('attribute'=>$attribute,'idp'=>$idp,'type'=>'global'));
- $global = 0;
- if(empty($globalPolicy))
- {
- $result['global'] = null;
- $val = ''.$langdrop['100'].' => deny';
- $result['details'][] = array('name'=>lang('rr_defaultarp'),'value'=>$val);
- }
- else
- {
- $result['global'] = $globalPolicy->getPolicy();
- $result['details'][] = array('name'=>lang('rr_default'),'value'=>$langdrop[$globalPolicy->getPolicy()]);
- }
- $idpfeds = $idp->getFederations();
- $spfeds = $sp->getFederations();
- $attrfed = null;
- $fedsmerged = array();
- foreach($spfeds as $s)
- {
- if($idpfeds->contains($s))
- {
- $tmpattrfed = $tmp_arps->getOneFedPolicyAttribute($idp,$s,$attribute->getId());
- if(!empty($tmpattrfed))
- {
- $tmpattrfedPolicy = $tmpattrfed->getPolicy();
- if($tmpattrfedPolicy !== null && $tmpattrfedPolicy >= $attrfed)
- {
- $attrfed = $tmpattrfedPolicy;
- $fedsmerged[] = $sp->getName();
- }
- }
- }
- }
- if($attrfed === null)
- {
- $result['details'][] = array('name'=>'federation','value'=>$langdrop['100'] .' => '.lang('rr_inheritfromparent'));
- }
- else
- {
- $fedsuffix = '';
- if(count($fedsmerged)>1)
- {
- $fedsuffix = '
'.lang('rr_merged').':
';
- $fedsuffix .= implode('
',$fedsmerged);
- }
- $result['details'][] = array('name'=>lang('rr_federation'),'value'=>$langdrop[''.$attrfed.''].$fedsuffix);
- }
-
- $specificPolicy = $tmp_arps->getOneSPPolicy($idp->getId(), $attribute->getId(), $sp->getId());
- $customPolicy = $tmp_arps->getOneSPCustomPolicy($idp->getId(), $attribute->getId(), $sp->getId());
- if(empty($specificPolicy))
- {
- $result['details'][] = array('name'=>lang('rr_requester'),'value'=>$langdrop['100'] .' => '.lang('rr_inheritfromparent'));
- }
- else
- {
- $result['details'][] = array('name'=>lang('rr_requester'),'value'=>$langdrop[$specificPolicy->getPolicy()] );
- }
- if(!empty($customPolicy))
- {
- $rawdata = $customPolicy->getRawdata();
- if(is_array($rawdata))
- {
- $suffix = '';
- if(isset($rawdata['permit']) && is_array($rawdata['permit']))
- {
- $suffix = '
'.lang('rr_permvalues').':
';
- $suffix .= implode('
',$rawdata['permit']);
- }
- elseif(isset($rawdata['deny']) && is_array($rawdata['deny']))
- {
- $suffix = '
'.lang('rr_denvalues').':
';
- $suffix .= implode('
',$rawdata['deny']);
-
- }
- $result['details'][] = array('name'=>lang('custompolicy'),'value'=>''.lang('customappliedifpermited').''.$suffix);
- }
- }
- $this->output->set_content_type('application/json');
- echo json_encode($result);
-
-
- }
public function getattrpath($idpid,$spid,$attrid)
{
if(!$this->input->is_ajax_request())
@@ -245,7 +90,6 @@ public function getattrpath($idpid,$spid,$attrid)
{
$result['supported'] = true;
$result['details'][] = array('name'=>'','value'=>lang('rr_supported'));
- $supported = true;
}
else
{
@@ -253,7 +97,6 @@ public function getattrpath($idpid,$spid,$attrid)
$result['details'][] = array('name'=>'','value'=>lang('attrnotsupported'));
}
$globalPolicy = $this->em->getRepository("models\AttributeReleasePolicy")->findOneBy(array('attribute'=>$attribute,'idp'=>$idp,'type'=>'global'));
- $global = 0;
if(empty($globalPolicy))
{
$result['global'] = null;
diff --git a/application/controllers/reports/Idpmatrix.php b/application/controllers/reports/Idpmatrix.php
index 9951cfc19..9bda65874 100644
--- a/application/controllers/reports/Idpmatrix.php
+++ b/application/controllers/reports/Idpmatrix.php
@@ -21,7 +21,6 @@ class Idpmatrix extends MY_Controller
{
private $tmp_providers;
- private $logo_url;
function __construct()
{
@@ -40,11 +39,6 @@ function __construct()
$this->logo_url = $this->logo_baseurl . $this->logo_basepath;
}
- private function _get_members($idp)
- {
- $members = $this->tmp_providers->getCircleMembersLight($idp);
- return $members;
- }
public function getArpData($idpid)
{
@@ -86,7 +80,6 @@ public function getArpData($idpid)
$returnArray = TRUE;
$arparray['policies'] = $this->arp_generator->arpToXML($idp, $returnArray);
- //$attrdedsCopy = array();
foreach($arparray['policies'] as $p)
{
foreach($p['attributes'] as $k => $v)
@@ -154,7 +147,6 @@ public function show($idpid)
$extends = $idp->getExtendMetadata();
if (count($extends) > 0)
{
- $is_logo = false;
foreach ($extends as $ex)
{
$el = $ex->getElement();
diff --git a/application/models/Providers.php b/application/models/Providers.php
index 5adcace35..fce657761 100644
--- a/application/models/Providers.php
+++ b/application/models/Providers.php
@@ -66,10 +66,9 @@ public function getTrustedActiveFeds(Provider $provider)
}
return $feds;
}
-
public function getSPsForArp(Provider $provider)
{
- $query1 = $this->em->createQuery("SELECT m,f FROM models\FederationMembers m JOIN m.federation f WHERE m.provider = ?1 AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND f.is_active = '1'");
+ $query1 = $this->em->createQuery("SELECT partial m.{id, federation},partial f.{id} FROM models\FederationMembers m JOIN m.federation f WHERE m.provider = ?1 AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND f.is_active = '1'");
$query1->setParameter(1, $provider->getId());
$query1->setHint(\Doctrine\ORM\Query::HINT_FORCE_PARTIAL_LOAD, true);
$result1 = $query1->getResult();
@@ -82,9 +81,8 @@ public function getSPsForArp(Provider $provider)
{
return array();
}
- $query = $this->em->createQuery("SELECT p,e,m,f FROM models\Provider p LEFT JOIN p.membership m LEFT JOIN m.federation f LEFT JOIN p.extend e WHERE m.federation IN (:feds) AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND p.id != ?2 AND p.is_active = '1' AND p.is_approved = '1' AND p.type IN ('SP','BOTH')");
+ $query = $this->em->createQuery("SELECT partial p.{id, entityid,type,ldisplayname,displayname,lname, name},e,partial m.{id, provider, federation},partial f.{id} FROM models\Provider p LEFT JOIN p.membership m LEFT JOIN m.federation f LEFT JOIN p.extend e WHERE m.federation IN (:feds) AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND p.type IN ('SP','BOTH') AND p.is_active = '1' AND p.is_approved = '1'");
$query->setParameter('feds', $feds);
- $query->setParameter(2, $provider->getId());
$query->setHint(\Doctrine\ORM\Query::HINT_FORCE_PARTIAL_LOAD, true);
$result = $query->getResult();
$r2 = new \Doctrine\Common\Collections\ArrayCollection;
@@ -113,7 +111,7 @@ public function getIdPsForWayf(Provider $provider)
return array();
}
$currentTime = new \DateTime("now", new \DateTimeZone('UTC'));
- $query = $this->em->createQuery("SELECT partial p.{id, entityid,type,ldisplayname,lname,validfrom, validto},e, partial m.{id} FROM models\Provider p LEFT JOIN p.extend e LEFT JOIN p.membership m LEFT JOIN m.federation f WHERE m.federation IN (:feds) AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND p.id != ?2 AND p.is_active = '1' AND p.is_approved = '1' AND (p.validto is null OR p.validto >= :now) AND (p.validfrom is null OR p.validfrom <= :now) AND p.type IN ('IDP','BOTH')");
+ $query = $this->em->createQuery("SELECT partial p.{id,entityid,type,ldisplayname,lname,name,displayname},e, partial m.{id} FROM models\Provider p LEFT JOIN p.extend e LEFT JOIN p.membership m LEFT JOIN m.federation f WHERE m.federation IN (:feds) AND m.joinstate != '2' AND m.isDisabled = '0' AND m.isBanned='0' AND p.id != ?2 AND p.is_active = '1' AND p.is_approved = '1' AND (p.validto is null OR p.validto >= :now) AND (p.validfrom is null OR p.validfrom <= :now) AND p.type IN ('IDP','BOTH')");
$query->setParameter('feds', $feds);
$query->setParameter(2, $spid);
$query->setParameter('now', $currentTime);
diff --git a/application/views/reports/idpmatrix_show_view.php b/application/views/reports/idpmatrix_show_view.php
index 2ef434f65..bd1288bba 100644
--- a/application/views/reports/idpmatrix_show_view.php
+++ b/application/views/reports/idpmatrix_show_view.php
@@ -70,7 +70,6 @@
' . lang('confirmupdpolicy') . '