Merge branch 'feature-19172/Abgabetool_digitale_signatur_pruefen'

application/libraries/SignatureLib.php

@@ -0,0 +1,75 @@
+<?php
+/**
+ *  Copyright (C) 2022 fhcomplete.net
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307, USA.
+ *
+ */
+
+require_once(dirname(__FILE__).'/../../vendor/nategood/httpful/bootstrap.php');
+
+/**
+ * Simple client to call the signature server
+ */
+class SignatureLib
+{
+	// -------------------------------------------------------------------------------------------------
+	// Public static methods
+
+	/**
+	 * Returns the list of signature inside the given file
+	 */
+	public static function list($inputFileName)
+	{
+		try
+		{
+			// Get the content of the given file
+			$inputFileContent = file_get_contents($inputFileName);
+			if ($inputFileContent === false) // if failed
+			{
+				error_log('An error occurred while getting the content from: '.$inputFileName);
+			}
+			else
+			{
+				// Posts the given file content + file name and expects a response in JSON format
+				$resultPost = \Httpful\Request::post(SIGNATUR_URL.'/'.SIGNATUR_LIST_API)
+					->sendsJson()
+					->authenticateWith(SIGNATUR_USER, SIGNATUR_PASSWORD)
+					->body('{"filename": "'.basename($inputFileName).'", "content": "'.base64_encode($inputFileContent).'"}')
+					->expectsJson()
+					->send();
+			}
+		}
+		catch(\Httpful\Exception\ConnectionErrorException $cee) // Httpful exception
+		{
+			error_log($cee->getMessage());
+		}
+		catch (Exception $e) // any other exception
+		{
+			error_log($e->getMessage());
+		}
+
+		// If the response is fine
+		if (isset($resultPost->body) && is_object($resultPost->body)
+			&& isset($resultPost->body->retval) && is_array($resultPost->body->retval))
+		{
+			return $resultPost->body->retval;
+		}
+
+		// Otherwise return a null as error
+		return null;
+	}
+}
+

cis/private/lehre/abgabe_lektor_details.php

@@ -37,6 +37,7 @@ require_once('../../../include/phrasen.class.php');
 require_once('../../../include/projektarbeit.class.php');
 require_once('../../../include/projektbetreuer.class.php');
 require_once('../../../include/sancho.inc.php');
+require_once('../../../application/libraries/SignatureLib.php');
 
 if (!$db = new basis_db())
 	$db=false;
@@ -590,7 +591,9 @@ while ($row=@$db->db_fetch_object($result))
 	$htmlstr .= "<input type='hidden' name='betreuerart' value='".$betreuerart."'>\n";
 	$htmlstr .= "<input type='hidden' name='command' value='update'>\n";
 	$htmlstr .= "<tr id='".$row->projektarbeit_id."'>\n";
-	if(!$row->abgabedatum)
+
+	$uploadedDocumentSigned = null;
+	if (!$row->abgabedatum)
 	{
 		if ($row->datum<date('Y-m-d'))
 		{
@@ -626,8 +629,7 @@ while ($row=@$db->db_fetch_object($result))
 			$fcol='#000000';
 		}
 	}
-	//$htmlstr .= "<td><input type='checkbox' name='fixtermin' ".($row->fixtermin=='t'?'checked=\"checked\"':'')." >";
-	//$htmlstr .= "<td><input type='checkbox' name='fixtermin' ".($row->fixtermin=='t'?'checked="checked" style="background-color:#FF0000;"':'')." disabled>";
+
 	if($row->fixtermin=='t')
 	{
 		$htmlstr .= "<td><img src='../../../skin/images/bullet_red.png' alt='J' title='".$p->t('abgabetool/fixerAbgabetermin')."' border=0></td>";
@@ -659,11 +661,12 @@ while ($row=@$db->db_fetch_object($result))
 	$htmlstr .= "		</select></td>\n";
 	$htmlstr .= "		<td><input type='text' name='kurzbz' value='".htmlspecialchars($row->kurzbz,ENT_QUOTES)."' size='60' maxlegth='256'></td>\n";
 	$htmlstr .= "		<td>".($row->abgabedatum==''?'&nbsp;':$datum_obj->formatDatum($row->abgabedatum,'d.m.Y'))."</td>\n";
-	if($user==$row->insertvon && $betreuerart!="Zweitbegutachter")
+
+	if ($user==$row->insertvon && $betreuerart!="Zweitbegutachter")
 	{
 		$htmlstr .= "		<td><input type='submit' name='schick' value='".$p->t('global/speichern')."' title='".$p->t('abgabetool/terminaenderungSpeichern')."'></td>";
 
-		if(!$row->abgabedatum)
+		if (!$row->abgabedatum)
 		{
 			$htmlstr .= "		<td><input type='submit' name='del' value='".$p->t('global/loeschen')."' onclick='return confdel()' title='".$p->t('abgabetool/terminLoeschen')."'></td>";
 		}
@@ -692,6 +695,53 @@ while ($row=@$db->db_fetch_object($result))
 	{
 		$htmlstr .= "		<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>";
 	}
+
+	if (file_exists(PAABGABE_PATH.$row->paabgabe_id.'_'.$uid.'.pdf'))
+	{
+		$signaturVorhanden = false;
+		if ($row->paabgabetyp_kurzbz == 'end')
+		{
+			// Check if the document is signed
+			$signList = SignatureLib::list(PAABGABE_PATH.$row->paabgabe_id.'_'.$uid.'.pdf');
+			if (is_array($signList) && count($signList) > 0)
+			{
+				$signaturVorhanden = true;
+				// The document is signed
+			}
+			elseif ($signList === null)
+			{
+				$uploadedDocumentSigned = 'WARNING: signature server error';
+			}
+			else
+			{
+				$uploadedDocumentSigned = $p->t('abgabetool/uploadedDocumentNotSigned');
+			}
+		}
+		if ($uploadedDocumentSigned != null)
+		{
+			$htmlstr .= '
+					<td>
+						<div style="color: #8a6d3b; background-color: #fcf8e3; border-color: #faebcc; padding: 5px; border: 1px solid; border-radius: 4px; ">
+							<b>'.$uploadedDocumentSigned.'</b>
+						</div>
+					</td>';
+		}
+		elseif($signaturVorhanden)
+		{
+			$htmlstr .= '
+					<td>
+						<div style="color: #198754; background-color: #d1e7dd; border-color: #a3cfbb; padding: 5px; border: 1px solid; border-radius: 4px; ">
+							<b>'.$p->t('abgabetool/uploadedDocumentSigned').'</b>
+						</div>
+					</td>';
+		}
+	}
+	else
+	{
+		$htmlstr .= "		<td>&nbsp;&nbsp;&nbsp;&nbsp;</td>";
+	}
+
+
 	$htmlstr .= "	</tr>\n";
 
 
@@ -710,7 +760,7 @@ $htmlstr .= '<tr id="'.$db->convert_html_chars($projektarbeit_id).'">'."\n";
 //$htmlstr .= "<td><input type='checkbox' name='fixtermin'></td>";
 $htmlstr .= "<td>&nbsp;&nbsp;</td>";
 
-$htmlstr .= "		<td><input  type='text' name='datum' size='10' maxlegth='10' style='font-weight:bold;' ></td>\n";
+$htmlstr .= "		<td><input type='text' name='datum' size='10' maxlegth='10' style='font-weight:bold;' ></td>\n";
 
 $htmlstr .= "		<td><select name='paabgabetyp_kurzbz'>\n";
 $qry_typ = "SELECT * FROM campus.tbl_paabgabetyp WHERE paabgabetyp_kurzbz!='end' AND paabgabetyp_kurzbz!='enda' AND paabgabetyp_kurzbz!='note'";

cis/private/lehre/abgabe_student_details.php

@@ -36,6 +36,7 @@ require_once('../../../include/phrasen.class.php');
 require_once('../../../include/projektarbeit.class.php');
 require_once('../../../include/projektbetreuer.class.php');
 require_once('../../../include/sancho.inc.php');
+require_once('../../../application/libraries/SignatureLib.php');
 
 $anzeigesprache = getSprache();
 $p = new phrasen($anzeigesprache);
@@ -93,6 +94,7 @@ else
 	$abstract = (isset($_POST['abstract'])?$_POST['abstract']:'-1');
 	$abstract_en = (isset($_POST['abstract_en'])?$_POST['abstract_en']:'-1');
 	$seitenanzahl = (isset($_POST['seitenanzahl'])?$_POST['seitenanzahl']:'-1');
+	$signaturVorhanden = (isset($_POST['signaturVorhanden']) && $_POST['signaturVorhanden']=='true'?true:false);
 }
 
 $user = get_uid();
@@ -111,6 +113,7 @@ $titel = $projektarbeit_obj->titel;
 $person = new person();
 $person->load($bid);
 $betreuer = $person->titelpre.' '.$person->vorname.' '.$person->nachname.' '.$person->titelpost;
+$uploadedDocumentSigned = null;
 
 if($uid!=$user)
 {
@@ -258,6 +261,35 @@ if($command=='add')
 				echo "<font color=\"#FF0000\">".$p->t('global/fehleraufgetreten')."</font><br>&nbsp;";
 				$command='';
 			}
+
+			if ($signaturVorhanden === false)
+			{
+				// Mail an Studiengang wenn keine Signatur gefunden wurde
+				$student = new student();
+				if(!$student->load($projektarbeit_obj->student_uid))
+					die($p->t('global/userNichtGefunden'));
+
+				$stg_obj = new studiengang();
+				if(!$stg_obj->load($student->studiengang_kz))
+					die($p->t('global/fehlerBeimLesenAusDatenbank'));
+
+				$subject = 'Abgabe ohne Signatur';
+				$tomail = $stg_obj->email;
+				$data = array(
+					'vorname' => $student->vorname,
+					'nachname' => $student->nachname,
+					'studiengang' => $stg_obj->bezeichnung
+				);
+
+				$mailres = sendSanchoMail(
+					'ParbeitsbeurteilungSiganturFehlt',
+					$data,
+					$tomail,
+					$subject,
+					'sancho_header_min_bw.jpg',
+					'sancho_footer_min_bw.jpg'
+				);
+			}
 		}
 		else
 		{
@@ -280,11 +312,11 @@ if($command=="update" && $error!=true)
 			$extensions = explode(".", $_FILES['datei']['name']);
 			if(strtoupper(end($extensions))=='PDF')
 			{
-				if($paabgabetyp_kurzbz!='end')
+				if ($paabgabetyp_kurzbz != 'end')
 				{
 					//"normaler" Upload
 					move_uploaded_file($_FILES['datei']['tmp_name'], PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf');
-					if(file_exists(PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf'))
+					if (file_exists(PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf'))
 					{
 						exec('chmod 640 "'.PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf'.'"');
 
@@ -299,18 +331,37 @@ if($command=="update" && $error!=true)
 					else
 					{
 						echo $p->t('global/dateiNichtErfolgreichHochgeladen');
-					}
+					}$htmlstr .= '<input type="hidden" name="command" value="add">'."\n";
 				}
-				else
+				else // endupload type
 				{
 					//Upload der Endabgabe - Eingabe der Zusatzdaten
 					$command='add';
-					if(!$error)
+					if (!$error)
 					{
 						move_uploaded_file($_FILES['datei']['tmp_name'], PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf');
 					}
-					if(file_exists(PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf'))
+
+					$signaturVorhanden = true;
+
+					if (file_exists(PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf'))
 					{
+						// Check if the document is signed
+						$signList = SignatureLib::list(PAABGABE_PATH.$paabgabe_id.'_'.$uid.'.pdf');
+						if (is_array($signList) && count($signList) > 0)
+						{$htmlstr .= '<input type="hidden" name="command" value="add">'."\n";
+							// The document is signed
+						}
+						elseif ($signList === null)
+						{
+							$uploadedDocumentSigned = 'WARNING: signature server error';
+						}
+						else
+						{
+							$signaturVorhanden = false;
+							$uploadedDocumentSigned = $p->t('abgabetool/uploadedDocumentNotSignedStudent');
+						}
+
 						/*$qry="UPDATE campus.tbl_paabgabe SET
 							abgabedatum = now(),
 							updatevon = '".$user."',
@@ -339,6 +390,7 @@ if($command=="update" && $error!=true)
 								$htmlstr .= '<input type="hidden" name="betreuer" value="'.$db->convert_html_chars($betreuer).'">'."\n";
 								$htmlstr .= '<input type="hidden" name="bid" value="'.$db->convert_html_chars($bid).'">'."\n";
 								$htmlstr .= '<input type="hidden" name="command" value="add">'."\n";
+								$htmlstr .= '<input type="hidden" name="signaturVorhanden" value="'.($signaturVorhanden?'true':'false').'">'."\n";
 								$htmlstr .= "<tr>\n";
 								$htmlstr .= "<td><b>".$p->t('abgabetool/spracheDerArbeit').":</b></td><td>";
 								$sprache = @$db->db_query("SELECT sprache FROM public.tbl_sprache");
@@ -372,6 +424,21 @@ if($command=="update" && $error!=true)
 								$htmlstr .= '<tr><td><b>'.$p->t('abgabetool/seitenanzahl').':*</b></td>
 											<td><input  type="text" name="seitenanzahl" value="'.$db->convert_html_chars($seitenanzahl).'" size="5" maxlength="4"></td></tr>'."\n";
 								$htmlstr .="<tr><td>&nbsp;</td></tr>\n";
+
+								// If there are info about the signed document
+								if ($uploadedDocumentSigned != null)
+								{
+									$htmlstr .= "<tr>\n";
+									$htmlstr .= "<td colspan='2' style='text-align: center;'>";
+									$htmlstr .= '<div style="color: #8a6d3b; background-color: #fcf8e3; border-color: #faebcc; padding: 15px; border: 1px solid; border-radius: 4px;">
+
+											<b>'.$uploadedDocumentSigned.'</b></td>
+										</div>';
+									$htmlstr .= "</td>";
+									$htmlstr .= "</tr>\n";
+								}
+
+								$htmlstr .="<tr><td>&nbsp;</td></tr>\n";
 								$htmlstr .="<tr><td colspan='2'><p align='justify'>".$p->t('abgabetool/eidesstattlicheErklaerung')."</p></td><td></td></tr>\n";
 								$htmlstr .= "<tr><td><b>".$p->t('abgabetool/gelesenUndAkzeptiert').":* <input type='checkbox' name='eiderklaerung'></b></td></tr>";
 								$htmlstr .="<tr></tr><td>&nbsp;</td><tr><td style='font-size:70%'>* ".$p->t('abgabetool/pflichtfeld')."</td></tr>

config/cis.config-default.inc.php

@@ -207,6 +207,23 @@ define('TABLE_ID','_id');
 define('TABLE_BEGIN','tbl_');
 define('VIEW_BEGIN','vw_');
 
+/**
+ * Signatur
+ * DEFAULT: https://signatur.example.com/api/sign
+ */
+// Generic URL
+define('SIGNATUR_URL', 'https://signatur.dev.technikum-wien.at/api');
+// Sign API
+define('SIGNATUR_SIGN_API', 'sign');
+// List API
+define('SIGNATUR_LIST_API', 'list');
+// User für Zugriff auf Signaturserver
+define('SIGNATUR_USER', 'fhcomplete');
+// Passwort für Zugriff auf Signaturserver
+define('SIGNATUR_PASSWORD', 'supersecretpassword');
+// Signaturprofil das verwendet werden soll
+define('SIGNATUR_DEFAULT_PROFILE', 'FHC_AMT_GROSS_DE');
+
 //Gibt an, ob das Studienbuchblatt im CIS gedruckt werden kann
 define('CIS_DOKUMENTE_STUDIENBUCHLBATT_DRUCKEN',true);
 

config/vilesci.config-default.inc.php

@@ -188,11 +188,16 @@ define('FHC_REST_PASSWORD', 'password');
  * Signatur
  * DEFAULT: https://signatur.example.com/api/sign
  */
-define('SIGNATUR_URL', 'https://signatur.example.com/api/sign');
+// Generic URL
+define('SIGNATUR_URL', 'https://signatur.dev.technikum-wien.at/api');
+// Sign API
+define('SIGNATUR_SIGN_API', 'sign');
+// List API
+define('SIGNATUR_LIST_API', 'list');
 // User für Zugriff auf Signaturserver
-define('SIGNATUR_USER', 'username');
+define('SIGNATUR_USER', 'fhcomplete');
 // Passwort für Zugriff auf Signaturserver
-define('SIGNATUR_PASSWORD', 'password');
+define('SIGNATUR_PASSWORD', 'supersecretpassword');
 // Signaturprofil das verwendet werden soll
 define('SIGNATUR_DEFAULT_PROFILE', 'FHC_AMT_GROSS_DE');
 

include/dokument_export.class.php

@@ -557,7 +557,7 @@ class dokument_export
 
 		$ch = curl_init();
 
-		curl_setopt($ch, CURLOPT_URL, SIGNATUR_URL);
+		curl_setopt($ch, CURLOPT_URL, SIGNATUR_URL.'/'.SIGNATUR_SIGN_API);
 		curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 7);
 		curl_setopt($ch, CURLOPT_USERAGENT, "FH-Complete");
 
@@ -589,18 +589,19 @@ class dokument_export
 			curl_close($ch);
 			$resultdata = json_decode($result);
 
-			if (isset($resultdata->success) && $resultdata->success == 'true')
+			// If it is success
+			if (isset($resultdata->error) && $resultdata->error == 0)
 			{
 				$this->signed_filename = $this->temp_folder .'/signed.pdf';
-				file_put_contents($this->signed_filename, base64_decode($resultdata->document));
+				file_put_contents($this->signed_filename, base64_decode($resultdata->retval));
 				return true;
 			}
-			else
+			else // otherwise if it is an error
 			{
-				if(isset($resultdata->errormsg))
-					$this->errormsg = $resultdata->errormsg;
+				if(isset($resultdata->retval))
+					$this->errormsg = $resultdata->retval;
 				else
-					$this->errormsg = 'Unknown Error:'.print_r($resultdata,true);
+					$this->errormsg = 'Unknown Error:'.print_r($resultdata, true);
 				return false;
 			}
 		}

locale/de-AT/abgabetool.php

@@ -91,6 +91,9 @@ $this->phrasen['abgabetool/projektbeurteilungDownload']='Projektbeurteilung heru
 $this->phrasen['abgabetool/projektbeurteilungErstDownload']='Erst-/Begutachter';
 $this->phrasen['abgabetool/projektbeurteilungZweitDownload']='Zweitbegutachter';
 $this->phrasen['abgabetool/fehlerErmittelnEndabgabeProjektarbeit']='Fehler beim Ermitteln des Enduplaods der Projektarbeit';
+$this->phrasen['abgabetool/uploadedDocumentNotSignedStudent']='Es konnte keine gültige digitale Signatur erkannt werden. Bitte wenden Sie sich an Ihren Studiengang ob Ihre Endabgabe erfolgreich war und die Arbeit zur Benotung vorgelegt werden kann.';
+$this->phrasen['abgabetool/uploadedDocumentNotSigned']='Signatur fehlt';
+$this->phrasen['abgabetool/uploadedDocumentSigned']='Signatur vorhanden';
 $this->phrasen['abgabetool/senatsMitglied']='Mitglied Prüfungssenat';
 $this->phrasen['abgabetool/abgegeben']='Abgegeben, in Beurteilung';
 ?>

locale/en-US/abgabetool.php

@@ -91,6 +91,9 @@ $this->phrasen['abgabetool/projektbeurteilungDownload']='Thesis-Assessment downl
 $this->phrasen['abgabetool/projektbeurteilungErstDownload']='First-/Assessor';
 $this->phrasen['abgabetool/projektbeurteilungZweitDownload']='Second Assessor';
 $this->phrasen['abgabetool/fehlerErmittelnEndabgabeProjektarbeit']='Error when getting endupload of project work';
+$this->phrasen['abgabetool/uploadedDocumentNotSignedStudent']='The document does not contain an electronic signature. Please inform your Dregree Programm to verify the upload';
+$this->phrasen['abgabetool/uploadedDocumentNotSigned']='Signature not found';
+$this->phrasen['abgabetool/uploadedDocumentSigned']='Signature found';
 $this->phrasen['abgabetool/senatsMitglied']='Examiner';
 $this->phrasen['abgabetool/abgegeben']='handed in, in assessment';
 ?>