diff --git a/htdocs/PI/index.php b/htdocs/PI/index.php index e4672afbb..3c90c59e7 100644 --- a/htdocs/PI/index.php +++ b/htdocs/PI/index.php @@ -141,6 +141,11 @@ function getXml() { $em = \Factory::getEntityManager(); switch ($this->method) { + case "access_test": + require_once($directory . 'AccessTest.php'); + $this->authByIdentifier(true); + $xml = (new AccessTest())->getRenderingOutput(); + break; case "get_site": require_once($directory . 'GetSite.php'); $this->authByIdentifier(); @@ -367,9 +372,14 @@ function getXml() { return $xml; } - /* Authorize a request based on the supplied identifier */ + /* + * Authorize a request based on the supplied identifier + * @param boolean $forceStrictForHosts If true, restriction of + * personal data is forced + * for hosts. + */ - function authByIdentifier() { + function authByIdentifier($forceStrictForHosts = false) { require_once __DIR__.'/../web_portal/controllers/utils.php'; require_once __DIR__.'/../../lib/Doctrine/entities/APIAuthentication.php'; @@ -395,7 +405,7 @@ function authByIdentifier() { $authenticated = true; } - if (!\Factory::getConfigService()->isRestrictPDByRole()) { + if (!\Factory::getConfigService()->isRestrictPDByRole($forceStrictForHosts)) { // Only a 'valid' identifier is needed. $authenticated = true; } diff --git a/htdocs/web_portal/static_html/goc5_logo.html b/htdocs/web_portal/static_html/goc5_logo.html index 03c802df8..4d96abe9f 100644 --- a/htdocs/web_portal/static_html/goc5_logo.html +++ b/htdocs/web_portal/static_html/goc5_logo.html @@ -4,7 +4,7 @@

- GOCDB 5.10.1 + GOCDB 5.10.2

diff --git a/lib/Gocdb_Services/Config.php b/lib/Gocdb_Services/Config.php index 19e350b15..11a7e7e83 100644 --- a/lib/Gocdb_Services/Config.php +++ b/lib/Gocdb_Services/Config.php @@ -334,9 +334,15 @@ public function GetPortalURL() { /** * How Personal Data is restricted; * See description in local_info.xml but in brief: + * @param boolean $forceStrict If true, restriction of personal data + * is forced. * @returns false for legacy behaviour, true for role-based personal data restriction */ - public function isRestrictPDByRole() { + public function isRestrictPDByRole($forceStrict = false) + { + if ($forceStrict === true) + return true; + $localInfo = $this->GetLocalInfoXML(); $value = $localInfo->restrict_personal_data; if((string) $value == "true") { diff --git a/lib/Gocdb_Services/PI/AccessTest.php b/lib/Gocdb_Services/PI/AccessTest.php new file mode 100644 index 000000000..a6e5d7aa1 --- /dev/null +++ b/lib/Gocdb_Services/PI/AccessTest.php @@ -0,0 +1,32 @@ +"); + $xmlElem->addAttribute('identifier', Get_User_Principle_PI()); + $xmlElem->addChild('authorized', 'true'); + + $domSxe = dom_import_simplexml($xmlElem); + + $dom = new \DOMDocument('1.0'); + $dom->encoding = 'UTF-8'; + $domSxe = $dom->importNode($domSxe, true); + $domSxe = $dom->appendChild($domSxe); + $dom->formatOutput = true; + + return $dom->saveXML(); + } +}