From 2ef386c34e7cd1352f7cb2df211e438bcc627b40 Mon Sep 17 00:00:00 2001 From: Paolo Date: Wed, 12 Jun 2019 17:27:35 +0200 Subject: [PATCH] - Changed system/dbupdate_3.3.php to add oe_kurzbz to table public.tbl_msg_recipient and foreign key fk_tbl_msg_recipient_oe_kurzbz - Removed not used constants for messaging from config/constants.php - Renamed config entry assistent_function to ou_receivers and converted from string to array - Moved controllers/MailJob.php to controllers/jobs/MailJob.php - Controller MailJob now extends CLI_Controller - Added new function parseText to helpers/hlp_common_helper.php - Improved code function generateToken in helpers/hlp_common_helper.php - helpers/hlp_sancho_helper.php now uses parseText function from hlp_common_helper - Removed method parseVorlagetext from PhrasesLib.php - PhrasesLib.php now uses parseText function from hlp_common_helper - Removed method parseVorlagetext from VorlageLib - Improved code of controller controllers/system/Messages.php (uses parseText too) - Controller controllers/system/Vorlage.php now uses parseText --- application/config/constants.php | 37 +++--- application/config/message.php | 2 +- .../controllers/{ => jobs}/MailJob.php | 11 +- application/controllers/system/Messages.php | 121 +++++++++--------- application/controllers/system/Vorlage.php | 2 +- application/helpers/hlp_common_helper.php | 73 +++++++---- application/helpers/hlp_sancho_helper.php | 4 +- application/libraries/PhrasesLib.php | 12 +- application/libraries/VorlageLib.php | 14 -- system/dbupdate_3.3.php | 27 +++- 10 files changed, 161 insertions(+), 142 deletions(-) rename application/controllers/{ => jobs}/MailJob.php (68%) diff --git a/application/config/constants.php b/application/config/constants.php index ac2ecc649..e1c5906c3 100644 --- a/application/config/constants.php +++ b/application/config/constants.php @@ -136,26 +136,19 @@ define('MSG_STATUS_READ', 1); define('MSG_STATUS_ARCHIVED', 2); define('MSG_STATUS_DELETED', 3); -// Priority -define('PRIORITY_LOW', 1); -define('PRIORITY_NORMAL', 2); -define('PRIORITY_HIGH', 3); -define('PRIORITY_URGENT', 4); +// Message priorities +define('MSG_PRIORITY_LOW', 1); +define('MSG_PRIORITY_NORMAL', 2); +define('MSG_PRIORITY_HIGH', 3); +define('MSG_PRIORITY_URGENT', 4); -define('MSG_ERR_SUBJECT_EMPTY', 40); -define('MSG_ERR_BODY_EMPTY', 41); -define('MSG_ERR_TEMPLATE_NOT_FOUND', 42); -define('MSG_ERR_DELIVERY_MESSAGE', 43); -define('MSG_ERR_CONTACT_NOT_FOUND', 44); -define('MSG_ERR_OU_CONTACTS_NOT_FOUND', 45); - -define('MSG_ERR_INVALID_USER_ID', 100); -define('MSG_ERR_INVALID_MSG_ID', 101); -define('MSG_ERR_INVALID_THREAD_ID', 102); -define('MSG_ERR_INVALID_STATUS_ID', 103); -define('MSG_ERR_INVALID_SENDER_ID', 104); -define('MSG_ERR_INVALID_RECIPIENTS', 105); -define('MSG_ERR_INVALID_RECEIVER_ID', 106); -define('MSG_ERR_INVALID_OU', 107); -define('MSG_ERR_INVALID_TEMPLATE', 108); -define('MSG_ERR_INVALID_TOKEN', 109); +// Message error status +define('MSG_ERR_INVALID_SUBJECT', 40); +define('MSG_ERR_INVALID_BODY', 41); +define('MSG_ERR_INVALID_TEMPLATE', 42); +define('MSG_ERR_INVALID_MSG_ID', 43); +define('MSG_ERR_INVALID_STATUS_ID', 44); +define('MSG_ERR_INVALID_SENDER', 45); +define('MSG_ERR_INVALID_RECIPIENTS', 46); +define('MSG_ERR_INVALID_OU', 47); +define('MSG_ERR_INVALID_TOKEN', 48); diff --git a/application/config/message.php b/application/config/message.php index 40d15a07e..30444b0ef 100644 --- a/application/config/message.php +++ b/application/config/message.php @@ -12,7 +12,7 @@ $config['message_html_view_url'] = '/ViewMessage/toHTML/'; // Change this to CIS Server (https://cis.example.com/index.ci.php) if you are sending Messages from Vilesci $config['message_server'] = site_url(); -$config['assistent_function'] = 'ass'; +$config['ou_receivers'] = array('ass'); $config['message_redirect_url'] = array(); $config['message_redirect_url']['fallback'] = site_url('ViewMessage/writeReply'); diff --git a/application/controllers/MailJob.php b/application/controllers/jobs/MailJob.php similarity index 68% rename from application/controllers/MailJob.php rename to application/controllers/jobs/MailJob.php index 2f8b5b92d..cb5ffc032 100644 --- a/application/controllers/MailJob.php +++ b/application/controllers/jobs/MailJob.php @@ -14,22 +14,25 @@ if (!defined("BASEPATH")) exit("No direct script access allowed"); -class MailJob extends Auth_Controller +class MailJob extends CLI_Controller { /** * API constructor */ public function __construct() { - // An empty array as parameter will ensure that this controller is ONLY callable from command line - parent::__construct(array()); + parent::__construct(); // Loads MessageLib $this->load->library('MessageLib'); } + /** + * Send all not sent messages + * Parameters are used to overrride messages and mail configuration + */ public function sendMessages($numberToSent = null, $numberPerTimeRange = null, $email_time_range = null, $email_from_system = null) { - $this->messagelib->sendAll($numberToSent, $numberPerTimeRange, $email_time_range, $email_from_system); + $this->messagelib->sendAllNotices($numberToSent, $numberPerTimeRange, $email_time_range, $email_from_system); } } diff --git a/application/controllers/system/Messages.php b/application/controllers/system/Messages.php index ec630da1e..744eb880e 100644 --- a/application/controllers/system/Messages.php +++ b/application/controllers/system/Messages.php @@ -5,7 +5,7 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); class Messages extends Auth_Controller { /** - * + * MessageLib is loaded by CLMessagesModel */ public function __construct() { @@ -20,9 +20,6 @@ class Messages extends Auth_Controller ) ); - // Loads the message library - $this->load->library('MessageLib'); - // Loads the widget library $this->load->library('WidgetLib'); @@ -38,30 +35,26 @@ class Messages extends Auth_Controller } // ----------------------------------------------------------------------------------------------------------------- - // Public methods + // Public methods - HTML output /** - * Write a new message + * Initialize all the parameters used by view system/messages/messageWrite + * to build a GUI used to write a messate to user/s */ public function write() { - $person_id = $this->input->post('person_id'); - $sender_id = null; + $persons = $this->input->post('person_id'); $authUser = $this->CLMessagesModel->getAuthUser(); - if (isError($authUser)) - { - show_error(getData($authUser)); - } - else - { - $sender_id = getData($authUser)[0]->person_id; - } + if (isError($authUser)) show_error(getData($authUser)); - $msgVarsData = $this->MessageModel->getMsgVarsDataByPersonId($person_id); + $sender_id = getData($authUser)[0]->person_id; + + // Retrieves person information + $msgVarsData = $this->MessageModel->getMsgVarsDataByPersonId($persons); if (isError($msgVarsData)) show_error(getData($msgVarsData)); - // Retrieves message vars for a person from view view vw_msg_vars_person + // Retrieves message vars from view vw_msg_vars_person $variables = $this->messagelib->getMessageVarsPerson(); if (isError($variables)) show_error(getData($variables)); @@ -73,33 +66,43 @@ class Messages extends Auth_Controller $isAdmin = $this->messagelib->getIsAdmin($sender_id); if (isError($isAdmin)) show_error(getData($isAdmin)); - $data = array ( - 'recipients' => getData($msgVarsData), - 'variables' => getData($variables), - 'oe_kurzbz' => getData($oe_kurzbz), // used to get the templates - 'isAdmin' => getData($isAdmin) + $this->load->view( + 'system/messages/messageWrite', + array ( + 'recipients' => getData($msgVarsData), // recipients data + 'variables' => getData($variables), // message vars + 'oe_kurzbz' => getData($oe_kurzbz), // used to get the templates + 'isAdmin' => getData($isAdmin) // is admin? + ) ); - - $this->load->view('system/messages/messageWrite', $data); } /** - * Send message + * Send a new message or reply to user/s + * If a relationmessage_id this message is a reply to another one */ public function send() { $persons = $this->input->post('persons'); $relationmessage_id = $this->input->post('relationmessage_id'); + // Retrieves message vars data for the fiven user/s $msgVarsData = $this->MessageModel->getMsgVarsDataByPersonId($persons); + // Send the message $send = $this->CLMessagesModel->send($msgVarsData, $relationmessage_id); $this->load->view('system/messages/messageSent', array('success' => isSuccess($send))); } + // ----------------------------------------------------------------------------------------------------------------- + // Public methods - JSON output + /** - * Send message, response is in JSON format + * Send a new message + * - The recipients are prestudents + * - An email template with message var may be provided + * - A global organisation unit may be provided, otherwise is used the prestudent one */ public function sendJson() { @@ -120,23 +123,19 @@ class Messages extends Auth_Controller } $send = $this->CLMessagesModel->send($msgVarsData, null, $oe_kurzbz, $vorlage_kurzbz, $msgVars); - if (isError($send)) - { - $this->outputJsonError(getData($send)); - } - else - { - $this->outputJsonSuccess(getData($send)); - } + + $this->outputJson(getData($send)); } /** - * getVorlage + * Returns an object that represent a template store in database + * If no templates are found with the given parameter or the given parameter is an empty string, + * then an error is returned */ public function getVorlage() { $vorlage_kurzbz = $this->input->get('vorlage_kurzbz'); - $result = null; + $result = error('The given vorlage_kurzbz is not valid'); if (!isEmptyString($vorlage_kurzbz)) { @@ -145,10 +144,6 @@ class Messages extends Auth_Controller $result = $this->VorlagestudiengangModel->loadWhere(array('vorlage_kurzbz' => $vorlage_kurzbz)); } - else - { - $result = error('The given vorlage_kurzbz is not valid'); - } if (isError($result) || !hasData($result)) { @@ -161,40 +156,37 @@ class Messages extends Auth_Controller } /** - * parseMessageText + * Parse the given given text using data from the given user + * Use the CI parser which performs simple text substitution for pseudo-variable */ public function parseMessageText() { $person_id = $this->input->get('person_id'); $text = $this->input->get('text'); - $parsedText = ''; - $data = null; + $msgVarsData = error('The given person_id is not a valid number'); if (is_numeric($person_id)) { - $data = $this->MessageModel->getMsgVarsDataByPersonId($person_id); + $msgVarsData = $this->MessageModel->getMsgVarsDataByPersonId($person_id); + } + + if (isError($msgVarsData) || !hasData($msgVarsData)) + { + $this->outputJsonError(getData($msgVarsData)); } else { - $data = error('The given person_id is not a valid number'); - } - - if (isError($data) || !hasData($data)) - { - $this->outputJsonError(getData($data)); - } - else - { - $parsedText = $this->messagelib->parseMessageText($text, $this->CLMessagesModel->replaceKeys((array)getData($data)[0])); - - $this->outputJsonSuccess($parsedText); + $this->outputJsonSuccess( + parseText( + $text, + $this->CLMessagesModel->replaceKeys((array)getData($msgVarsData)[0]) + ) + ); } } /** * Outputs message data for a message (identified my msg id and receiver id) in JSON format - * @param $msg_id - * @param $receiver_id */ public function getMessageFromIds() { @@ -203,8 +195,13 @@ class Messages extends Auth_Controller $msg = $this->messagelib->getMessage($msg_id, $receiver_id); - $this->output - ->set_content_type('application/json') - ->set_output(json_encode(array(getData($msg)[0]))); + if (isError($msg) || !hasData($msg)) + { + $this->outputJson(array()); + } + else + { + $this->outputJson(array(getData($msg)[0])); + } } } diff --git a/application/controllers/system/Vorlage.php b/application/controllers/system/Vorlage.php index 4712d0e68..22513970e 100644 --- a/application/controllers/system/Vorlage.php +++ b/application/controllers/system/Vorlage.php @@ -269,7 +269,7 @@ class Vorlage extends Auth_Controller show_error($vorlagetext->retval); $data = array( - 'text' => $this->vorlagelib->parseVorlagetext($vorlagetext->retval[0]->text, $jsonDecodedForm) + 'text' => parseText($vorlagetext->retval[0]->text, $jsonDecodedForm) ); $this->load->view('system/vorlage/templatetextPreview', $data); diff --git a/application/helpers/hlp_common_helper.php b/application/helpers/hlp_common_helper.php index bc09cd32c..45a36914c 100644 --- a/application/helpers/hlp_common_helper.php +++ b/application/helpers/hlp_common_helper.php @@ -24,39 +24,54 @@ if (! defined('BASEPATH')) exit('No direct script access allowed'); // ------------------------------------------------------------------------ /** - * generateToken() - generates a new token for diffent use - * - reading Messages from external - * - forgotten Password - * - * @return string + * Generates a new token for diffent use cases. Default token length is 64 + * - Reading messages + * - Forgotten password + * - etc + * Returns null on failure */ function generateToken($length = 64) { + $token = null; + $firstGeneratedToken = null; + // For PHP 7 you can use random_bytes() if (function_exists('random_bytes')) { - $token = base64_encode(random_bytes($length)); - //base64 is about 33% longer, so we need to truncate the result - return strtr(substr($token, 0, $length), '+/=', '-_,'); + try + { + $firstGeneratedToken = random_bytes($length); // try to generates cryptographically secure pseudo-random bytes... + } + catch (Exception $e) { $firstGeneratedToken = null; } // if fails $firstGeneratedToken is set to null } - - // for PHP >=5.3 and <7 - if (function_exists('openssl_random_pseudo_bytes')) + // For PHP >= 5.3 and < 7 and openssl is available + elseif (function_exists('openssl_random_pseudo_bytes')) { - $token = base64_encode(openssl_random_pseudo_bytes($length, $strong)); - // is the token strong enough? - if($strong == true) - return strtr(substr($token, 0, $length), '+/=', '-_,'); + $firstGeneratedToken = openssl_random_pseudo_bytes($length, $strong); + // If the token generation ended with errors OR the generated token is NOT strong enough + if ($firstGeneratedToken == false || $strong == false) $firstGeneratedToken = null; // $firstGeneratedToken is set to null } - //fallback to mt_rand if php < 5.3 or no openssl available - $characters = '0123456789'; - $characters .= 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz/+'; - $charactersLength = strlen($characters)-1; - $token = ''; - //select some random characters - for ($i = 0; $i < $length; $i++) - $token .= $characters[mt_rand(0, $charactersLength)]; + if ($firstGeneratedToken != null) // If everything was fine + { + // base64 is about 33% longer, so we need to truncate the result + $token = strtr(substr(base64_encode($firstGeneratedToken), 0, $length), '+/=', '-_,'); + } + + // Fallback to mt_rand if: + // php < 5.3 + // OR no openssl is available + // OR openssl_random_pseudo_bytes used an algorithm that is cryptographically NOT strong + // OR one of the previous methods failed + if ($token == null) + { + $token = ''; // set $token as an empty string + $characters = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz/+'; + $charactersLength = strlen($characters) - 1; + + // Select some random characters + for ($i = 0; $i < $length; $i++) $token .= $characters[mt_rand(0, $charactersLength)]; + } return $token; } @@ -224,3 +239,15 @@ function isDateWorkingDay($date, $days = null) return true; } } + +/** + * Parse the given given text using the given data parameter + * Use the CI parser which performs simple text substitution for pseudo-variable + */ +function parseText($text, $data) +{ + $ci =& get_instance(); // get CI instance + $ci->load->library('parser'); // Loads CI parser library + + return $ci->parser->parse_string($text, $data, true); +} diff --git a/application/helpers/hlp_sancho_helper.php b/application/helpers/hlp_sancho_helper.php index 6f5ef8c24..5d2d9f1f1 100644 --- a/application/helpers/hlp_sancho_helper.php +++ b/application/helpers/hlp_sancho_helper.php @@ -98,9 +98,7 @@ function _parseMailContent($vorlage_kurzbz, $vorlage_data) !isEmptyString($result->retval[0]->text)) { // Parses template text - $parsedText = $ci->vorlagelib->parseVorlagetext($result->retval[0]->text, $vorlage_data); - - return $parsedText; + return parseText($result->retval[0]->text, $vorlage_data); } } } diff --git a/application/libraries/PhrasesLib.php b/application/libraries/PhrasesLib.php index af642fe9e..7d0d6859f 100644 --- a/application/libraries/PhrasesLib.php +++ b/application/libraries/PhrasesLib.php @@ -165,16 +165,6 @@ class PhrasesLib } /** - * parseVorlagetext() - will parse a Vorlagetext. - */ - public function parseVorlagetext($text, $data = array()) - { - if (isEmptyString($text)) return error('Not a valid text'); - - return $this->_ci->parser->parse_string($text, $data, true); - } - - /** * Retrieves a phrases from the the property _phrases with the given parameters * It also replace parameters inside the phrase if they are provided * @param string $category Category name which is used to categorize the phrase. @@ -201,7 +191,7 @@ class PhrasesLib { if (!is_array($parameters)) $parameters = array(); // if params is not an array - return $this->_ci->parser->parse_string($_phrase->text, $parameters, true); // parsing + return parseText($_phrase->text, $parameters); // parsing } } } diff --git a/application/libraries/VorlageLib.php b/application/libraries/VorlageLib.php index d6c9d6a98..9679dff1c 100644 --- a/application/libraries/VorlageLib.php +++ b/application/libraries/VorlageLib.php @@ -188,18 +188,4 @@ class VorlageLib $vorlagetext = $this->ci->VorlageStudiengangModel->update($vorlagestudiengang_id, $data); return $vorlagetext; } - - /** - * parseVorlagetext() - will parse a Vorlagetext. - * - * @param string $text REQUIRED - * @param array $data REQUIRED - * @return string - */ - public function parseVorlagetext($text, $data = array()) - { - if (isEmptyString($text)) return error('Not a valid text'); - - return $this->ci->parser->parse_string($text, $data, true); - } } diff --git a/system/dbupdate_3.3.php b/system/dbupdate_3.3.php index ac5f5fdba..b76d994ee 100644 --- a/system/dbupdate_3.3.php +++ b/system/dbupdate_3.3.php @@ -2938,6 +2938,31 @@ if(!$result = @$db->db_query("SELECT bezeichnung_mehrsprachig FROM bis.tbl_orgfo } } +// Add column oe_kurzbz to public.tbl_msg_recipient +if(!$result = @$db->db_query("SELECT oe_kurzbz FROM public.tbl_msg_recipient LIMIT 1")) +{ + $qry = 'ALTER TABLE public.tbl_msg_recipient ADD COLUMN oe_kurzbz character varying(32);'; + if(!$db->db_query($qry)) + echo 'public.tbl_msg_recipient: '.$db->db_last_error().'
'; + else + echo '
Added column oe_kurzbz to table public.tbl_msg_recipient'; + + // FOREIGN KEY fk_tbl_msg_recipient_oe_kurzbz: public.tbl_msg_recipient.oe_kurzbz references public.tbl_organisationseinheit.oe_kurzbz + if ($result = @$db->db_query("SELECT conname FROM pg_constraint WHERE conname = 'fk_tbl_msg_recipient_oe_kurzbz'")) + { + if ($db->db_num_rows($result) == 0) + { + $qry = "ALTER TABLE public.tbl_msg_recipient ADD CONSTRAINT fk_tbl_msg_recipient_oe_kurzbz FOREIGN KEY (oe_kurzbz) + REFERENCES public.tbl_organisationseinheit(oe_kurzbz) ON UPDATE CASCADE ON DELETE RESTRICT;"; + + if (!$db->db_query($qry)) + echo 'public.tbl_msg_recipient: '.$db->db_last_error().'
'; + else + echo '
public.tbl_msg_recipient: added foreign key on column oe_kurzbz referenced to public.tbl_organisationseinheit(oe_kurzbz)'; + } + } +} + // *** Pruefung und hinzufuegen der neuen Attribute und Tabellen echo '

Pruefe Tabellen und Attribute!

'; @@ -3121,7 +3146,7 @@ $tabellen=array( "public.tbl_mitarbeiter" => array("mitarbeiter_uid","personalnummer","telefonklappe","kurzbz","lektor","fixangestellt","bismelden","stundensatz","ausbildungcode","ort_kurzbz","standort_id","anmerkung","insertamum","insertvon","updateamum","updatevon","ext_id","kleriker"), "public.tbl_msg_attachment" => array("attachment_id","message_id","name","filename"), "public.tbl_msg_message" => array("message_id","person_id","subject","body","priority","relationmessage_id","oe_kurzbz","insertamum","insertvon"), - "public.tbl_msg_recipient" => array("message_id","person_id","token","sent","sentinfo","insertamum","insertvon"), + "public.tbl_msg_recipient" => array("message_id","person_id","token","sent","sentinfo","insertamum","insertvon","oe_kurzbz"), "public.tbl_msg_status" => array("message_id","person_id","status","statusinfo","insertamum","insertvon","updateamum","updatevon"), "public.tbl_notiz" => array("notiz_id","titel","text","verfasser_uid","bearbeiter_uid","start","ende","erledigt","insertamum","insertvon","updateamum","updatevon","ext_id"), "public.tbl_notizzuordnung" => array("notizzuordnung_id","notiz_id","projekt_kurzbz","projektphase_id","projekttask_id","uid","person_id","prestudent_id","bestellung_id","lehreinheit_id","ext_id","anrechnung_id"),