Merge pull request #401 from GOCDB/hotfix-5.10-access_test

Add an access_test method to API to master
GOCDB · Dec 6, 2022 · fc2d676 · fc2d676
2 parents ddda6b5 + e99f18d
commit fc2d676
Show file tree

Hide file tree

Showing 4 changed files with 53 additions and 5 deletions.
diff --git a/htdocs/PI/index.php b/htdocs/PI/index.php
@@ -141,6 +141,11 @@ function getXml() {
             $em = \Factory::getEntityManager();
 
             switch ($this->method) {
+                case "access_test":
+                    require_once($directory . 'AccessTest.php');
+                    $this->authByIdentifier(true);
+                    $xml = (new AccessTest())->getRenderingOutput();
+                    break;
                 case "get_site":
                     require_once($directory . 'GetSite.php');
                     $this->authByIdentifier();
@@ -367,9 +372,14 @@ function getXml() {
         return $xml;
     }
 
-    /* Authorize a request based on the supplied identifier */
+    /*
+     * Authorize a request based on the supplied identifier
+     * @param boolean $forceStrictForHosts If true, restriction of
+     *                                     personal data is forced
+     *                                     for hosts.
+     */
 
-    function authByIdentifier() {
+    function authByIdentifier($forceStrictForHosts = false) {
         require_once __DIR__.'/../web_portal/controllers/utils.php';
         require_once __DIR__.'/../../lib/Doctrine/entities/APIAuthentication.php';
 
@@ -395,7 +405,7 @@ function authByIdentifier() {
                 $authenticated = true;
             }
 
-            if (!\Factory::getConfigService()->isRestrictPDByRole()) {
+            if (!\Factory::getConfigService()->isRestrictPDByRole($forceStrictForHosts)) {
                 // Only a 'valid' identifier is needed.
                 $authenticated = true;
             }

diff --git a/htdocs/web_portal/static_html/goc5_logo.html b/htdocs/web_portal/static_html/goc5_logo.html
@@ -4,7 +4,7 @@
 <!--	<img src="img/Logo-1.6.png" class="logo_image" height="39" style="vertical-align: middle;"/>-->
   <h3    class="Logo_Text Small_Bottom_Margin Standard_Padding"
          style="vertical-align: middle; margin-left: 0.2em;">
-         GOCDB 5.10.1
+         GOCDB 5.10.2
      </h3>
 
 </a>

diff --git a/lib/Gocdb_Services/Config.php b/lib/Gocdb_Services/Config.php
@@ -334,9 +334,15 @@ public function GetPortalURL() {
     /**
      * How Personal Data is restricted;
      * See description in local_info.xml but in brief:
+     * @param boolean $forceStrict If true, restriction of personal data
+     *                             is forced.
      * @returns false for legacy behaviour, true for role-based personal data restriction
      */
-    public function isRestrictPDByRole() {
+    public function isRestrictPDByRole($forceStrict = false)
+    {
+        if ($forceStrict === true)
+            return true;
+
         $localInfo = $this->GetLocalInfoXML();
         $value = $localInfo->restrict_personal_data;
         if((string) $value == "true") {

diff --git a/lib/Gocdb_Services/PI/AccessTest.php b/lib/Gocdb_Services/PI/AccessTest.php
@@ -0,0 +1,32 @@
+<?php
+
+/**
+ * Class to manage output of the Access Test result
+ */
+
+namespace org\gocdb\services;
+
+use SimpleXMLElement;
+
+class AccessTest
+{
+    /**
+     * @return  string  XML used to signal successful authorization return
+     */
+    public function getRenderingOutput()
+    {
+        $xmlElem = new SimpleXMLElement("<results />");
+        $xmlElem->addAttribute('identifier', Get_User_Principle_PI());
+        $xmlElem->addChild('authorized', 'true');
+
+        $domSxe = dom_import_simplexml($xmlElem);
+
+        $dom = new \DOMDocument('1.0');
+        $dom->encoding = 'UTF-8';
+        $domSxe = $dom->importNode($domSxe, true);
+        $domSxe = $dom->appendChild($domSxe);
+        $dom->formatOutput = true;
+
+        return $dom->saveXML();
+    }
+}