Skip to content

Commit

Permalink
Adding information about redireced profiles
Browse files Browse the repository at this point in the history
  • Loading branch information
Tomasz Wolniewicz committed Jun 20, 2024
1 parent 034c0dc commit 75d9454
Show file tree
Hide file tree
Showing 5 changed files with 61 additions and 22 deletions.
13 changes: 13 additions & 0 deletions core/AbstractProfile.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -894,6 +894,19 @@ public function getCollapsedAttributes($eap = [])
return $collapsedList;
}

/**
* Is the profile global redirection set?
*
* @return bool
*/
public function isRedirected() {
$result = $this->databaseHandle->exec("SELECT profile_id FROM profile_option WHERE profile_id = ? AND option_name='device-specific:redirect' AND device_id IS NULL", "i", $this->identifier);
if ($result->num_rows == 0) {
return false;
}
return true;
}

/**
* Does the profile contain enough information to generate installers with
* it? Silverbullet will always return TRUE; RADIUS profiles need to do some
Expand Down
25 changes: 20 additions & 5 deletions core/IdP.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,25 +171,40 @@ public function listDeployments(bool $activeOnly = FALSE)
const PROFILES_INCOMPLETE = 0;
const PROFILES_CONFIGURED = 1;
const PROFILES_SHOWTIME = 2;
const PROFILES_REDIRECTED = 3;

const PROFILES_INDEX = [
self::PROFILES_INCOMPLETE => 'PROFILES_INCOMPLETE',
self::PROFILES_CONFIGURED => 'PROFILES_CONFIGURED',
self::PROFILES_SHOWTIME => 'PROFILES_SHOWTIME',
self::PROFILES_REDIRECTED => 'PROFILES_REDIRECTED',
];

/**
* looks through all the profiles of the inst and determines the highest prod-ready level among the profiles
* @return int highest level of completeness of all the profiles of the inst
* @return int highest level of completeness of all the profiles of the inst or PROFILES_REDIRECTED if all profiles are redirected
*/

public function maxProfileStatus()
{
$allProfiles = $this->databaseHandle->exec("SELECT sufficient_config + showtime AS maxlevel FROM profile WHERE inst_id = $this->identifier ORDER BY maxlevel DESC LIMIT 1");
$redirectProfileIds = [];
$allProfileLevels = $this->databaseHandle->exec("SELECT profile_id, sufficient_config + showtime AS maxlevel FROM profile WHERE inst_id = $this->identifier ORDER BY maxlevel DESC");
// SELECT yields a resource, not a boolean
while ($res = mysqli_fetch_object(/** @scrutinizer ignore-type */ $allProfiles)) {
return $res->maxlevel;
if ($allProfileLevels->num_rows == 0 ) {
return self::PROFILES_INCOMPLETE;
}
$allProfilesArray = $allProfileLevels->fetch_all(MYSQLI_ASSOC);
$max_level = $allProfilesArray[0]['maxlevel'];
$redirectProfiles = $this->databaseHandle->exec("SELECT profile.profile_id as profile_id FROM profile JOIN profile_option ON profile.profile_id=profile_option.profile_id WHERE inst_id = $this->identifier AND profile.showtime=1 AND option_name='device-specific:redirect' AND device_id IS NULL");
while ($res = $redirectProfiles->fetch_object()) {
$redirectProfileIds[] = $res->profile_id;
}
foreach ($allProfilesArray as $profile) {
if (!in_array($profile['profile_id'], $redirectProfileIds)) {
return($max_level);
}
}
return self::PROFILES_INCOMPLETE;
return self::PROFILES_REDIRECTED;
}

/**
Expand Down
8 changes: 6 additions & 2 deletions web/admin/overview_federation.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -346,10 +346,14 @@
$idp_instance = $idps[$index]['instance'];
// get max profile status
$profileClass = '';
if ($idp_instance->maxProfileStatus() >= \core\IdP::PROFILES_SHOWTIME) {
$maxProfileStatus = $idp_instance->maxProfileStatus();
if ($maxProfileStatus == \core\IdP::PROFILES_REDIRECTED) {
$status = \core\IdP::PROFILES_REDIRECTED;
$profileClass = 'profileredirected';
} elseif ($maxProfileStatus >= \core\IdP::PROFILES_SHOWTIME) {
$status = \core\IdP::PROFILES_SHOWTIME;
$profileClass = 'profileok';
} elseif ($idp_instance->maxProfileStatus() >= \core\IdP::PROFILES_CONFIGURED) {
} elseif ($maxProfileStatus >= \core\IdP::PROFILES_CONFIGURED) {
$status = \core\IdP::PROFILES_CONFIGURED;
$profileClass = 'profilewarn';
} else {
Expand Down
36 changes: 21 additions & 15 deletions web/admin/overview_org.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,21 +144,27 @@ function displayRadiusPropertyWidget(&$theProfile, $readonly, &$uiElements, $edi
case core\AbstractProfile::READINESS_LEVEL_SUFFICIENTCONFIG:
$buffer_headline .= $uiElements->boxWarning("", sprintf(_("This profile is NOT shown on the user download interface, even though we have enough information to show. To enable the profile, add the attribute \"%s\" and tick the corresponding box."), $uiElements->displayName("profile:production")), TRUE);
}
$certStatus = $theProfile->certificateStatus();
switch ($certStatus) {
case core\AbstractProfile::CERT_STATUS_OK:
$iconData = $uiElements->iconData('CERT_STATUS_OK');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
case core\AbstractProfile::CERT_STATUS_WARN:
$iconData = $uiElements->iconData('CERT_STATUS_WARN');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
case core\AbstractProfile::CERT_STATUS_ERROR:
$iconData = $uiElements->iconData('CERT_STATUS_ERROR');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
}
if ($theProfile->isRedirected()) {
$iconData = $uiElements->iconData('PROFILES_REDIRECTED');
$iconData['text'] = _("Profile redirected");
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
} else {
$certStatus = $theProfile->certificateStatus();
switch ($certStatus) {
case core\AbstractProfile::CERT_STATUS_OK:
$iconData = $uiElements->iconData('CERT_STATUS_OK');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
case core\AbstractProfile::CERT_STATUS_WARN:
$iconData = $uiElements->iconData('CERT_STATUS_WARN');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
case core\AbstractProfile::CERT_STATUS_ERROR:
$iconData = $uiElements->iconData('CERT_STATUS_ERROR');
$buffer_headline .= "<br/>" . $uiElements->catIcon(($iconData));
break;
}
}
$buffer_headline .= "</div>";

echo $buffer_headline;
Expand Down
1 change: 1 addition & 0 deletions web/lib/admin/UIElements.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -691,6 +691,7 @@ public function iconData($index) {
'PROFILES_SHOWTIME' => ['img' => 'Tabler/checks-green.svg', 'text' => _("At least one profile is fully configured and visible in the user interface")],
'PROFILES_CONFIGURED' => ['img' => 'Tabler/check-green.svg', 'text' => _("At least one profile is fully configured but none are set as production-ready therefore the institution is not visible in the user interface")],
'PROFILES_INCOMPLETE' => ['img' => 'Tabler/access-point-off-red.svg', 'text' => _("No configured profiles")],
'PROFILES_REDIRECTED' => ['img' => 'Tabler/external-link.svg', 'text' => _("All active profiles redirected")],
'IDP_LINKED' => ['img' => 'Tabler/database-green.svg', 'text' => _("Linked")],
'IDP_NOT_LINKED' => ['img' => 'Tabler/database-off-red.svg', 'text' => _("NOT linked")],
'CERTS_NOT_SHOWN' => ['img' => 'Tabler/question-mark-blue.svg', 'text' => _("Not showing cert info if no profiles are visible")],
Expand Down

0 comments on commit 75d9454

Please sign in to comment.