MDL-16094 File storage conversion Quiz and Questions
[moodle.git] / mnet / lib.php
CommitLineData
1d422980 1<?php
71558f85 2/**
3 * Library functions for mnet
4 *
5 * @author Donal McMullan donal@catalyst.net.nz
6 * @version 0.0.1
7 * @license http://www.gnu.org/copyleft/gpl.html GNU Public License
8 * @package mnet
9 */
10require_once $CFG->dirroot.'/mnet/xmlrpc/xmlparser.php';
11require_once $CFG->dirroot.'/mnet/peer.php';
12require_once $CFG->dirroot.'/mnet/environment.php';
13
14/// CONSTANTS ///////////////////////////////////////////////////////////
15
16define('RPC_OK', 0);
17define('RPC_NOSUCHFILE', 1);
18define('RPC_NOSUCHCLASS', 2);
19define('RPC_NOSUCHFUNCTION', 3);
20define('RPC_FORBIDDENFUNCTION', 4);
21define('RPC_NOSUCHMETHOD', 5);
22define('RPC_FORBIDDENMETHOD', 6);
23
71558f85 24/**
25 * Strip extraneous detail from a URL or URI and return the hostname
26 *
27 * @param string $uri The URI of a file on the remote computer, optionally
28 * including its http:// prefix like
29 * http://www.example.com/index.html
30 * @return string Just the hostname
31 */
32function mnet_get_hostname_from_uri($uri = null) {
33 $count = preg_match("@^(?:http[s]?://)?([A-Z0-9\-\.]+).*@i", $uri, $matches);
34 if ($count > 0) return $matches[1];
35 return false;
36}
37
38/**
39 * Get the remote machine's SSL Cert
40 *
41 * @param string $uri The URI of a file on the remote computer, including
42 * its http:// or https:// prefix
71558f85 43 * @return string A PEM formatted SSL Certificate.
44 */
25202581 45function mnet_get_public_key($uri, $application=null) {
287efec6
PL
46 global $CFG, $DB;
47 $mnet = get_mnet_environment();
71558f85 48 // The key may be cached in the mnet_set_public_key function...
49 // check this first
50 $key = mnet_set_public_key($uri);
51 if ($key != false) {
52 return $key;
53 }
54
25202581 55 if (empty($application)) {
cc38ff5d 56 $application = $DB->get_record('mnet_application', array('name'=>'moodle'));
25202581 57 }
58
287efec6 59 $rq = xmlrpc_encode_request('system/keyswap', array($CFG->wwwroot, $mnet->public_key, $application->name), array("encoding" => "utf-8"));
25202581 60 $ch = curl_init($uri . $application->xmlrpc_server_url);
71558f85 61
62 curl_setopt($ch, CURLOPT_TIMEOUT, 60);
63 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
64 curl_setopt($ch, CURLOPT_POST, true);
65 curl_setopt($ch, CURLOPT_USERAGENT, 'Moodle');
66 curl_setopt($ch, CURLOPT_POSTFIELDS, $rq);
67 curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml charset=UTF-8"));
6bed4299 68 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
69 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
71558f85 70
2e34d3f9 71 // check for proxy
15c31560 72 if (!empty($CFG->proxyhost) and !is_proxybypass($uri)) {
2e34d3f9 73 // SOCKS supported in PHP5 only
74 if (!empty($CFG->proxytype) and ($CFG->proxytype == 'SOCKS5')) {
75 if (defined('CURLPROXY_SOCKS5')) {
76 curl_setopt($ch, CURLOPT_PROXYTYPE, CURLPROXY_SOCKS5);
77 } else {
78 curl_close($ch);
79 print_error( 'socksnotsupported','mnet' );
80 }
81 }
82
83 curl_setopt($ch, CURLOPT_HTTPPROXYTUNNEL, false);
84
85 if (empty($CFG->proxyport)) {
86 curl_setopt($ch, CURLOPT_PROXY, $CFG->proxyhost);
87 } else {
88 curl_setopt($ch, CURLOPT_PROXY, $CFG->proxyhost.':'.$CFG->proxyport);
89 }
90
91 if (!empty($CFG->proxyuser) and !empty($CFG->proxypassword)) {
92 curl_setopt($ch, CURLOPT_PROXYUSERPWD, $CFG->proxyuser.':'.$CFG->proxypassword);
93 if (defined('CURLOPT_PROXYAUTH')) {
94 // any proxy authentication if PHP 5.1
95 curl_setopt($ch, CURLOPT_PROXYAUTH, CURLAUTH_BASIC | CURLAUTH_NTLM);
96 }
97 }
98 }
99
71558f85 100 $res = xmlrpc_decode(curl_exec($ch));
90715d7a 101
102 // check for curl errors
103 $curlerrno = curl_errno($ch);
104 if ($curlerrno!=0) {
105 debugging("Request for $uri failed with curl error $curlerrno");
1d422980 106 }
90715d7a 107
108 // check HTTP error code
109 $info = curl_getinfo($ch);
110 if (!empty($info['http_code']) and ($info['http_code'] != 200)) {
111 debugging("Request for $uri failed with HTTP code ".$info['http_code']);
112 }
113
71558f85 114 curl_close($ch);
115
116 if (!is_array($res)) { // ! error
117 $public_certificate = $res;
118 $credentials=array();
119 if (strlen(trim($public_certificate))) {
120 $credentials = openssl_x509_parse($public_certificate);
121 $host = $credentials['subject']['CN'];
77ba5810 122 if (array_key_exists( 'subjectAltName', $credentials['subject'])) {
123 $host = $credentials['subject']['subjectAltName'];
124 }
71558f85 125 if (strpos($uri, $host) !== false) {
126 mnet_set_public_key($uri, $public_certificate);
127 return $public_certificate;
128 }
90715d7a 129 else {
130 debugging("Request for $uri returned public key for different URI - $host");
131 }
132 }
133 else {
134 debugging("Request for $uri returned empty response");
71558f85 135 }
136 }
90715d7a 137 else {
138 debugging( "Request for $uri returned unexpected result");
139 }
71558f85 140 return false;
141}
142
143/**
144 * Store a URI's public key in a static variable, or retrieve the key for a URI
145 *
146 * @param string $uri The URI of a file on the remote computer, including its
147 * https:// prefix
148 * @param mixed $key A public key to store in the array OR null. If the key
149 * is null, the function will return the previously stored
150 * key for the supplied URI, should it exist.
151 * @return mixed A public key OR true/false.
152 */
153function mnet_set_public_key($uri, $key = null) {
154 static $keyarray = array();
155 if (isset($keyarray[$uri]) && empty($key)) {
156 return $keyarray[$uri];
157 } elseif (!empty($key)) {
158 $keyarray[$uri] = $key;
159 return true;
160 }
161 return false;
162}
163
164/**
165 * Sign a message and return it in an XML-Signature document
166 *
167 * This function can sign any content, but it was written to provide a system of
168 * signing XML-RPC request and response messages. The message will be base64
169 * encoded, so it does not need to be text.
170 *
171 * We compute the SHA1 digest of the message.
172 * We compute a signature on that digest with our private key.
173 * We link to the public key that can be used to verify our signature.
174 * We base64 the message data.
175 * We identify our wwwroot - this must match our certificate's CN
176 *
177 * The XML-RPC document will be parceled inside an XML-SIG document, which holds
178 * the base64_encoded XML as an object, the SHA1 digest of that document, and a
179 * signature of that document using the local private key. This signature will
180 * uniquely identify the RPC document as having come from this server.
181 *
182 * See the {@Link http://www.w3.org/TR/xmldsig-core/ XML-DSig spec} at the W3c
183 * site
184 *
185 * @param string $message The data you want to sign
09f0abb2 186 * @param resource $privatekey The private key to sign the response with
71558f85 187 * @return string An XML-DSig document
188 */
09f0abb2 189function mnet_sign_message($message, $privatekey = null) {
287efec6 190 global $CFG;
71558f85 191 $digest = sha1($message);
09f0abb2 192
287efec6 193 $mnet = get_mnet_environment();
09f0abb2 194 // If the user hasn't supplied a private key (for example, one of our older,
195 // expired private keys, we get the current default private key and use that.
196 if ($privatekey == null) {
287efec6 197 $privatekey = $mnet->get_private_key();
09f0abb2 198 }
199
200 // The '$sig' value below is returned by reference.
201 // We initialize it first to stop my IDE from complaining.
202 $sig = '';
203 $bool = openssl_sign($message, $sig, $privatekey); // TODO: On failure?
71558f85 204
205 $message = '<?xml version="1.0" encoding="iso-8859-1"?>
206 <signedMessage>
207 <Signature Id="MoodleSignature" xmlns="http://www.w3.org/2000/09/xmldsig#">
208 <SignedInfo>
209 <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
47c18e9b 210 <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
71558f85 211 <Reference URI="#XMLRPC-MSG">
212 <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
213 <DigestValue>'.$digest.'</DigestValue>
214 </Reference>
215 </SignedInfo>
216 <SignatureValue>'.base64_encode($sig).'</SignatureValue>
217 <KeyInfo>
218 <RetrievalMethod URI="'.$CFG->wwwroot.'/mnet/publickey.php"/>
219 </KeyInfo>
220 </Signature>
221 <object ID="XMLRPC-MSG">'.base64_encode($message).'</object>
287efec6 222 <wwwroot>'.$mnet->wwwroot.'</wwwroot>
13c9d7e0 223 <timestamp>'.time().'</timestamp>
71558f85 224 </signedMessage>';
225 return $message;
226}
227
228/**
229 * Encrypt a message and return it in an XML-Encrypted document
230 *
231 * This function can encrypt any content, but it was written to provide a system
232 * of encrypting XML-RPC request and response messages. The message will be
233 * base64 encoded, so it does not need to be text - binary data should work.
234 *
235 * We compute the SHA1 digest of the message.
236 * We compute a signature on that digest with our private key.
237 * We link to the public key that can be used to verify our signature.
238 * We base64 the message data.
239 * We identify our wwwroot - this must match our certificate's CN
240 *
241 * The XML-RPC document will be parceled inside an XML-SIG document, which holds
242 * the base64_encoded XML as an object, the SHA1 digest of that document, and a
243 * signature of that document using the local private key. This signature will
244 * uniquely identify the RPC document as having come from this server.
245 *
246 * See the {@Link http://www.w3.org/TR/xmlenc-core/ XML-ENC spec} at the W3c
247 * site
248 *
249 * @param string $message The data you want to sign
250 * @param string $remote_certificate Peer's certificate in PEM format
251 * @return string An XML-ENC document
252 */
253function mnet_encrypt_message($message, $remote_certificate) {
287efec6 254 $mnet = get_mnet_environment();
71558f85 255
256 // Generate a key resource from the remote_certificate text string
257 $publickey = openssl_get_publickey($remote_certificate);
258
259 if ( gettype($publickey) != 'resource' ) {
260 // Remote certificate is faulty.
261 return false;
262 }
263
264 // Initialize vars
265 $encryptedstring = '';
266 $symmetric_keys = array();
267
268 // passed by ref -> &$encryptedstring &$symmetric_keys
269 $bool = openssl_seal($message, $encryptedstring, $symmetric_keys, array($publickey));
270 $message = $encryptedstring;
271 $symmetrickey = array_pop($symmetric_keys);
272
273 $message = '<?xml version="1.0" encoding="iso-8859-1"?>
274 <encryptedMessage>
275 <EncryptedData Id="ED" xmlns="http://www.w3.org/2001/04/xmlenc#">
276 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#arcfour"/>
277 <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
278 <ds:RetrievalMethod URI="#EK" Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
279 <ds:KeyName>XMLENC</ds:KeyName>
280 </ds:KeyInfo>
281 <CipherData>
282 <CipherValue>'.base64_encode($message).'</CipherValue>
283 </CipherData>
284 </EncryptedData>
285 <EncryptedKey Id="EK" xmlns="http://www.w3.org/2001/04/xmlenc#">
286 <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
287 <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
288 <ds:KeyName>SSLKEY</ds:KeyName>
289 </ds:KeyInfo>
290 <CipherData>
291 <CipherValue>'.base64_encode($symmetrickey).'</CipherValue>
292 </CipherData>
293 <ReferenceList>
294 <DataReference URI="#ED"/>
295 </ReferenceList>
296 <CarriedKeyName>XMLENC</CarriedKeyName>
297 </EncryptedKey>
287efec6 298 <wwwroot>'.$mnet->wwwroot.'</wwwroot>
71558f85 299 </encryptedMessage>';
300 return $message;
301}
302
303/**
304 * Get your SSL keys from the database, or create them (if they don't exist yet)
305 *
306 * Get your SSL keys from the database, or (if they don't exist yet) call
307 * mnet_generate_keypair to create them
308 *
309 * @param string $string The text you want to sign
310 * @return string The signature over that text
311 */
312function mnet_get_keypair() {
a5d424df 313 global $CFG, $DB;;
71558f85 314 static $keypair = null;
315 if (!is_null($keypair)) return $keypair;
bac44e6d 316 if ($result = get_config('mnet', 'openssl')) {
e945004f 317 list($keypair['certificate'], $keypair['keypair_PEM']) = explode('@@@@@@@@', $result);
71558f85 318 $keypair['privatekey'] = openssl_pkey_get_private($keypair['keypair_PEM']);
319 $keypair['publickey'] = openssl_pkey_get_public($keypair['certificate']);
320 return $keypair;
321 } else {
322 $keypair = mnet_generate_keypair();
323 return $keypair;
324 }
325}
326
327/**
328 * Generate public/private keys and store in the config table
329 *
330 * Use the distinguished name provided to create a CSR, and then sign that CSR
331 * with the same credentials. Store the keypair you create in the config table.
332 * If a distinguished name is not provided, create one using the fullname of
333 * 'the course with ID 1' as your organization name, and your hostname (as
334 * detailed in $CFG->wwwroot).
335 *
336 * @param array $dn The distinguished name of the server
337 * @return string The signature over that text
338 */
735c7beb 339function mnet_generate_keypair($dn = null, $days=28) {
cc38ff5d 340 global $CFG, $USER, $DB;
38612df8 341
342 // check if lifetime has been overriden
343 if (!empty($CFG->mnetkeylifetime)) {
344 $days = $CFG->mnetkeylifetime;
345 }
346
71558f85 347 $host = strtolower($CFG->wwwroot);
6dbcacee 348 $host = preg_replace("~^http(s)?://~",'',$host);
71558f85 349 $break = strpos($host.'/' , '/');
350 $host = substr($host, 0, $break);
351
1caea91e 352 $site = get_site();
353 $organization = $site->fullname;
71558f85 354
355 $keypair = array();
13c9d7e0 356
357 $country = 'NZ';
358 $province = 'Wellington';
359 $locality = 'Wellington';
1caea91e 360 $email = !empty($CFG->noreplyaddress) ? $CFG->noreplyaddress : 'noreply@'.$_SERVER['HTTP_HOST'];
13c9d7e0 361
362 if(!empty($USER->country)) {
363 $country = $USER->country;
364 }
365 if(!empty($USER->city)) {
366 $province = $USER->city;
367 $locality = $USER->city;
368 }
369 if(!empty($USER->email)) {
370 $email = $USER->email;
371 }
71558f85 372
373 if (is_null($dn)) {
374 $dn = array(
13c9d7e0 375 "countryName" => $country,
376 "stateOrProvinceName" => $province,
377 "localityName" => $locality,
71558f85 378 "organizationName" => $organization,
379 "organizationalUnitName" => 'Moodle',
77ba5810 380 "commonName" => substr($CFG->wwwroot, 0, 64),
381 "subjectAltName" => $CFG->wwwroot,
13c9d7e0 382 "emailAddress" => $email
71558f85 383 );
384 }
385
fd197249
PL
386 $dnlimits = array(
387 'countryName' => 2,
388 'stateOrProvinceName' => 128,
389 'localityName' => 128,
390 'organizationName' => 64,
391 'organizationalUnitName' => 64,
392 'commonName' => 64,
393 'emailAddress' => 128
394 );
395
396 foreach ($dnlimits as $key => $length) {
397 $dn[$key] = substr($dn[$key], 0, $length);
398 }
399
a4d967a4 400 // ensure we remove trailing slashes
401 $dn["commonName"] = preg_replace(':/$:', '', $dn["commonName"]);
45e4294d 402 if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
403 $new_key = openssl_pkey_new(array("config" => $CFG->opensslcnf));
404 } else {
405 $new_key = openssl_pkey_new();
406 }
eb7f89bc 407 if ($new_key === false) {
408 // can not generate keys - missing openssl.cnf??
409 return null;
410 }
45e4294d 411 if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
412 $csr_rsc = openssl_csr_new($dn, $new_key, array("config" => $CFG->opensslcnf));
413 $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days, array("config" => $CFG->opensslcnf));
414 } else {
415 $csr_rsc = openssl_csr_new($dn, $new_key, array('private_key_bits',2048));
416 $selfSignedCert = openssl_csr_sign($csr_rsc, null, $new_key, $days);
417 }
71558f85 418 unset($csr_rsc); // Free up the resource
419
13c9d7e0 420 // We export our self-signed certificate to a string.
71558f85 421 openssl_x509_export($selfSignedCert, $keypair['certificate']);
422 openssl_x509_free($selfSignedCert);
423
424 // Export your public/private key pair as a PEM encoded string. You
425 // can protect it with an optional passphrase if you wish.
45e4294d 426 if (!empty($CFG->opensslcnf)) { //allow specification of openssl.cnf especially for Windows installs
427 $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'], null, array("config" => $CFG->opensslcnf));
428 } else {
429 $export = openssl_pkey_export($new_key, $keypair['keypair_PEM'] /* , $passphrase */);
430 }
71558f85 431 openssl_pkey_free($new_key);
432 unset($new_key); // Free up the resource
433
71558f85 434 return $keypair;
435}
436
71558f85 437
cdf22329 438function mnet_update_sso_access_control($username, $mnet_host_id, $accessctrl) {
cc38ff5d 439 global $DB;
440
441 $mnethost = $DB->get_record('mnet_host', array('id'=>$mnet_host_id));
442 if ($aclrecord = $DB->get_record('mnet_sso_access_control', array('username'=>$username, 'mnet_host_id'=>$mnet_host_id))) {
71558f85 443 // update
cdf22329 444 $aclrecord->accessctrl = $accessctrl;
cc38ff5d 445 if ($DB->update_record('mnet_sso_access_control', $aclrecord)) {
71558f85 446 add_to_log(SITEID, 'admin/mnet', 'update', 'admin/mnet/access_control.php',
c80934aa 447 "SSO ACL: $accessctrl user '$username' from {$mnethost->name}");
71558f85 448 } else {
2e34d3f9 449 print_error('failedaclwrite', 'mnet', '', $username);
71558f85 450 return false;
451 }
452 } else {
453 // insert
454 $aclrecord->username = $username;
cdf22329 455 $aclrecord->accessctrl = $accessctrl;
71558f85 456 $aclrecord->mnet_host_id = $mnet_host_id;
cc38ff5d 457 if ($id = $DB->insert_record('mnet_sso_access_control', $aclrecord)) {
71558f85 458 add_to_log(SITEID, 'admin/mnet', 'add', 'admin/mnet/access_control.php',
c80934aa 459 "SSO ACL: $accessctrl user '$username' from {$mnethost->name}");
71558f85 460 } else {
2e34d3f9 461 print_error('failedaclwrite', 'mnet', '', $username);
71558f85 462 return false;
463 }
464 }
465 return true;
466}
1ce2da58 467
468function mnet_get_peer_host ($mnethostid) {
469 global $DB;
470 static $hosts;
471 if (!isset($hosts[$mnethostid])) {
472 $host = $DB->get_record('mnet_host', array('id' => $mnethostid));
473 $hosts[$mnethostid] = $host;
474 }
475 return $hosts[$mnethostid];
476}
477
478/**
479 * Inline function to modify a url string so that mnet users are requested to
480 * log in at their mnet identity provider (if they are not already logged in)
481 * before ultimately being directed to the original url.
482 *
287efec6
PL
483 * @param string $jumpurl the url which user should initially be directed to.
484 * This is a URL associated with a moodle networking peer when it
baed22bb 485 * is fulfiling a role as an identity provider (IDP). Different urls for
486 * different peers, the jumpurl is formed partly from the IDP's webroot, and
487 * partly from a predefined local path within that webwroot.
287efec6 488 * The result of the user hitting this jump url is that they will be asked
baed22bb 489 * to login (at their identity provider (if they aren't already)), mnet
490 * will prepare the necessary authentication information, then redirect
491 * them back to somewhere at the content provider(CP) moodle (this moodle)
1ce2da58 492 * @param array $url array with 2 elements
493 * 0 - context the url was taken from, possibly just the url, possibly href="url"
494 * 1 - the destination url
495 * @return string the url the remote user should be supplied with.
496 */
287efec6
PL
497function mnet_sso_apply_indirection ($jumpurl, $url) {
498 global $USER, $CFG;
1ce2da58 499
500 $localpart='';
501 $urlparts = parse_url($url[1]);
502 if($urlparts) {
503 if (isset($urlparts['path'])) {
078c1134 504 $path = $urlparts['path'];
505 // if our wwwroot has a path component, need to strip that path from beginning of the
506 // 'localpart' to make it relative to moodle's wwwroot
507 $wwwrootpath = parse_url($CFG->wwwroot, PHP_URL_PATH);
508 if (!empty($wwwrootpath) and strpos($path, $wwwrootpath) === 0) {
509 $path = substr($path, strlen($wwwrootpath));
510 }
511 $localpart .= $path;
1ce2da58 512 }
513 if (isset($urlparts['query'])) {
514 $localpart .= '?'.$urlparts['query'];
515 }
516 if (isset($urlparts['fragment'])) {
517 $localpart .= '#'.$urlparts['fragment'];
518 }
519 }
287efec6 520 $indirecturl = $jumpurl . urlencode($localpart);
1ce2da58 521 //If we matched on more than just a url (ie an html link), return the url to an href format
522 if ($url[0] != $url[1]) {
523 $indirecturl = 'href="'.$indirecturl.'"';
524 }
525 return $indirecturl;
526}
527
528function mnet_get_app_jumppath ($applicationid) {
529 global $DB;
530 static $appjumppaths;
531 if (!isset($appjumppaths[$applicationid])) {
532 $ssojumpurl = $DB->get_field('mnet_application', 'sso_jump_url', array('id' => $applicationid));
533 $appjumppaths[$applicationid] = $ssojumpurl;
534 }
535 return $appjumppaths[$applicationid];
536}
939ea0bc 537
71f61c41 538
f867d2aa
PL
539/**
540 * Output debug information about mnet. this will go to the <b>error_log</b>.
541 *
542 * @param mixed $debugdata this can be a string, or array or object.
543 * @param int $debuglevel optional , defaults to 1. bump up for very noisy debug info
544 */
71f61c41
PL
545function mnet_debug($debugdata, $debuglevel=1) {
546 global $CFG;
fc363065
PL
547 $setlevel = get_config('', 'mnet_rpcdebug');
548 if (empty($setlevel) || $setlevel < $debuglevel) {
71f61c41
PL
549 return;
550 }
551 if (is_object($debugdata)) {
552 $debugdata = (array)$debugdata;
553 }
554 if (is_array($debugdata)) {
555 mnet_debug('DUMPING ARRAY');
556 foreach ($debugdata as $key => $value) {
557 mnet_debug("$key: $value");
558 }
559 mnet_debug('END DUMPING ARRAY');
560 return;
561 }
562 $prefix = 'MNET DEBUG ';
563 if (defined('MNET_SERVER')) {
564 $prefix .= " (server $CFG->wwwroot";
565 if ($peer = get_mnet_remote_client() && !empty($peer->wwwroot)) {
566 $prefix .= ", remote peer " . $peer->wwwroot;
567 }
568 $prefix .= ')';
569 } else {
570 $prefix .= " (client $CFG->wwwroot) ";
571 }
572 error_log("$prefix $debugdata");
573}
96bd2921
PL
574
575/**
576 * Return an array of information about all moodle's profile fields
577 * which ones are optional, which ones are forced.
578 * This is used as the basis of providing lists of profile fields to the administrator
579 * to pick which fields to import/export over MNET
580 *
581 * @return array(forced => array, optional => array)
582 */
583function mnet_profile_field_options() {
584 global $DB;
585 static $info;
586 if (!empty($info)) {
587 return $info;
588 }
589
590 $excludes = array(
591 'id', // makes no sense
592 'mnethostid', // makes no sense
593 'timecreated', // will be set to relative to the host anyway
594 'timemodified', // will be set to relative to the host anyway
595 'auth', // going to be set to 'mnet'
596 'deleted', // we should never get deleted users sent over, but don't send this anyway
597 'password', // no password for mnet users
598 'theme', // handled separately
599 'lastip', // will be set to relative to the host anyway
600 );
601
602 // these are the ones that user_not_fully_set_up will complain about
61506902 603 // and also special case ones
96bd2921
PL
604 $forced = array(
605 'username',
606 'email',
607 'firstname',
608 'lastname',
61506902
PL
609 'auth',
610 'wwwroot',
611 'session.gc_lifetime',
96bd2921
PL
612 );
613
614 // these are the ones we used to send/receive (pre 2.0)
615 $legacy = array(
616 'username',
617 'email',
618 'auth',
619 'confirmed',
620 'deleted',
621 'firstname',
622 'lastname',
623 'city',
624 'country',
625 'lang',
626 'timezone',
627 'description',
628 'mailformat',
629 'maildigest',
630 'maildisplay',
631 'htmleditor',
632 'wwwroot',
633 'picture',
634 );
635
4378e6a2
DM
636 // get a random user record from the database to pull the fields off
637 $randomuser = $DB->get_record('user', array(), '*', IGNORE_MULTIPLE);
96bd2921
PL
638 foreach ($randomuser as $key => $discard) {
639 if (in_array($key, $excludes) || in_array($key, $forced)) {
640 continue;
641 }
642 $fields[$key] = $key;
643 }
644 $info = array(
645 'forced' => $forced,
646 'optional' => $fields,
647 'legacy' => $legacy,
648 );
649 return $info;
650}
651
652
d36fa815
PL
653/**
654 * Return information about all the current hosts
655 * This is basically just a resultset.
656 *
657 * @return array
658 */
96bd2921
PL
659function mnet_get_hosts() {
660 global $CFG, $DB;
661 return $DB->get_records_sql(' SELECT
662 h.id,
663 h.wwwroot,
664 h.ip_address,
665 h.name,
666 h.public_key,
667 h.public_key_expires,
668 h.transport,
669 h.portno,
670 h.last_connect_time,
671 h.last_log_id,
672 h.applicationid,
673 a.name as app_name,
674 a.display_name as app_display_name,
675 a.xmlrpc_server_url
676 FROM
677 {mnet_host} h,
678 {mnet_application} a
679 WHERE
680 h.id <> ? AND
681 h.deleted = 0 AND
682 h.applicationid=a.id',
d36fa815
PL
683 array($CFG->mnet_localhost_id));
684}
685
686
687/**
688 * return an array information about services enabled for the given peer.
689 * in two modes, fulldata or very basic data.
690 *
691 * @param mnet_peer $mnet_peer the peer to get information abut
692 * @param boolean $fulldata whether to just return which services are published/subscribed, or more information (defaults to full)
693 *
694 * @return array If $fulldata is false, an array is returned like:
695 * publish => array(
696 * serviceid => boolean,
697 * serviceid => boolean,
698 * ),
699 * subscribe => array(
700 * serviceid => boolean,
701 * serviceid => boolean,
702 * )
703 * If $fulldata is true, an array is returned like:
704 * servicename => array(
705 * apiversion => array(
706 * name => string
707 * offer => boolean
708 * apiversion => int
709 * plugintype => string
710 * pluginname => string
711 * hostsubscribes => boolean
712 * hostpublishes => boolean
713 * ),
714 * )
715 */
716function mnet_get_service_info(mnet_peer $mnet_peer, $fulldata=true) {
717 global $CFG, $DB;
718
719 $requestkey = (!empty($fulldata) ? 'fulldata' : 'mydata');
720
721 static $cache = array();
722 if (array_key_exists($mnet_peer->id, $cache)) {
723 return $cache[$mnet_peer->id][$requestkey];
724 }
725
726 $id_list = $mnet_peer->id;
727 if (!empty($CFG->mnet_all_hosts_id)) {
728 $id_list .= ', '.$CFG->mnet_all_hosts_id;
729 }
730
731 $concat = $DB->sql_concat('COALESCE(h2s.id,0) ', ' \'-\' ', ' svc.id', '\'-\'', 'r.plugintype', '\'-\'', 'r.pluginname');
732
733 $query = "
734 SELECT DISTINCT
735 $concat as id,
736 svc.id as serviceid,
737 svc.name,
738 svc.offer,
739 svc.apiversion,
740 r.plugintype,
741 r.pluginname,
742 h2s.hostid,
743 h2s.publish,
744 h2s.subscribe
745 FROM
746 {mnet_service2rpc} s2r,
747 {mnet_rpc} r,
748 {mnet_service} svc
749 LEFT JOIN
750 {mnet_host2service} h2s
751 ON
752 h2s.hostid in ($id_list) AND
753 h2s.serviceid = svc.id
754 WHERE
755 svc.offer = '1' AND
756 s2r.serviceid = svc.id AND
757 s2r.rpcid = r.id
758 ORDER BY
759 svc.name ASC";
760
761 $resultset = $DB->get_records_sql($query);
762
763 if (is_array($resultset)) {
764 $resultset = array_values($resultset);
765 } else {
766 $resultset = array();
767 }
768
769 require_once $CFG->dirroot.'/mnet/xmlrpc/client.php';
770
771 $remoteservices = array();
772 if ($mnet_peer->id != $CFG->mnet_all_hosts_id) {
773 // Create a new request object
774 $mnet_request = new mnet_xmlrpc_client();
775
776 // Tell it the path to the method that we want to execute
777 $mnet_request->set_method('system/listServices');
778 $mnet_request->send($mnet_peer);
779 if (is_array($mnet_request->response)) {
780 foreach($mnet_request->response as $service) {
781 $remoteservices[$service['name']][$service['apiversion']] = $service;
782 }
783 }
784 }
785
786 $myservices = array();
787 $mydata = array();
788 foreach($resultset as $result) {
789 $result->hostpublishes = false;
790 $result->hostsubscribes = false;
791 if (isset($remoteservices[$result->name][$result->apiversion])) {
792 if ($remoteservices[$result->name][$result->apiversion]['publish'] == 1) {
793 $result->hostpublishes = true;
794 }
795 if ($remoteservices[$result->name][$result->apiversion]['subscribe'] == 1) {
796 $result->hostsubscribes = true;
797 }
798 }
799
800 if (empty($myservices[$result->name][$result->apiversion])) {
801 $myservices[$result->name][$result->apiversion] = array('serviceid' => $result->serviceid,
802 'name' => $result->name,
803 'offer' => $result->offer,
804 'apiversion' => $result->apiversion,
805 'plugintype' => $result->plugintype,
806 'pluginname' => $result->pluginname,
807 'hostsubscribes' => $result->hostsubscribes,
808 'hostpublishes' => $result->hostpublishes
809 );
810 }
811
812 // allhosts_publish allows us to tell the admin that even though he
813 // is disabling a service, it's still available to the host because
814 // he's also publishing it to 'all hosts'
815 if ($result->hostid == $CFG->mnet_all_hosts_id && $CFG->mnet_all_hosts_id != $mnet_peer->id) {
816 $myservices[$result->name][$result->apiversion]['allhosts_publish'] = $result->publish;
817 $myservices[$result->name][$result->apiversion]['allhosts_subscribe'] = $result->subscribe;
818 } elseif (!empty($result->hostid)) {
819 $myservices[$result->name][$result->apiversion]['I_publish'] = $result->publish;
820 $myservices[$result->name][$result->apiversion]['I_subscribe'] = $result->subscribe;
821 }
822 $mydata['publish'][$result->serviceid] = $result->publish;
823 $mydata['subscribe'][$result->serviceid] = $result->subscribe;
824
825 }
826
827 $cache[$mnet_peer->id]['fulldata'] = $myservices;
828 $cache[$mnet_peer->id]['mydata'] = $mydata;
829
830 return $cache[$mnet_peer->id][$requestkey];
96bd2921 831}
61506902
PL
832
833/**
834 * return an array of the profile fields to send
835 * with user information to the given mnet host.
836 *
837 * @param mnet_peer $peer the peer to send the information to
838 *
839 * @return array (like 'username', 'firstname', etc)
840 */
841function mnet_fields_to_send(mnet_peer $peer) {
842 return _mnet_field_helper($peer, 'export');
843}
844
845/**
846 * return an array of the profile fields to import
847 * from the given host, when creating/updating user accounts
848 *
849 * @param mnet_peer $peer the peer we're getting the information from
850 *
851 * @return array (like 'username', 'firstname', etc)
852 */
853function mnet_fields_to_import(mnet_peer $peer) {
854 return _mnet_field_helper($peer, 'import');
855}
856
857/**
858 * helper for {@see mnet_fields_to_import} and {@mnet_fields_to_send}
859 *
860 * @access private
861 *
862 * @param mnet_peer $peer the peer object
863 * @param string $key 'import' or 'export'
864 *
865 * @return array (like 'username', 'firstname', etc)
866 */
867function _mnet_field_helper(mnet_peer $peer, $key) {
868 $tmp = mnet_profile_field_options();
2c0b7ba2 869 $defaults = explode(',', get_config('moodle', 'mnetprofile' . $key . 'fields'));
61506902
PL
870 if (1 === get_config('mnet', 'host' . $peer->id . $key . 'default')) {
871 return array_merge($tmp['forced'], $defaults);
872 }
873 $hostsettings = get_config('mnet', 'host' . $peer->id . $key . 'fields');
874 if (false === $hostsettings) {
875 return array_merge($tmp['forced'], $defaults);
876 }
877 return array_merge($tmp['forced'], explode(',', $hostsettings));
878}
879
880
881/**
882 * given a user object (or array) and a list of allowed fields,
883 * strip out all the fields that should not be included.
884 * This can be used both for outgoing data and incoming data.
885 *
886 * @param mixed $user array or object representing a database record
887 * @param array $fields an array of allowed fields (usually from mnet_fields_to_{send,import}
888 *
889 * @return mixed array or object, depending what type of $user object was passed (datatype is respected)
890 */
891function mnet_strip_user($user, $fields) {
892 if (is_object($user)) {
893 $user = (array)$user;
894 $wasobject = true; // so we can cast back before we return
895 }
896
897 foreach ($user as $key => $value) {
898 if (!in_array($key, $fields)) {
899 unset($user[$key]);
900 }
901 }
902 if (!empty($wasobject)) {
903 $user = (object)$user;
904 }
905 return $user;
906}