[Mapbender-commits] r9381 - trunk/mapbender/owsproxy/http

[svn_mapbender at osgeo.org]

Author: armin11
Date: 2016-01-20 07:07:56 -0800 (Wed, 20 Jan 2016)
New Revision: 9381

Modified:
   trunk/mapbender/owsproxy/http/index.php
Log:
Bugfixes and cleaning

Modified: trunk/mapbender/owsproxy/http/index.php
===================================================================
--- trunk/mapbender/owsproxy/http/index.php	2016-01-20 15:07:36 UTC (rev 9380)
+++ trunk/mapbender/owsproxy/http/index.php	2016-01-20 15:07:56 UTC (rev 9381)
@@ -1,7 +1,7 @@
 <?php
 
 # $Id$
-# http://www.mapbender.org/index.php/Owsproxy
+# http://www.mapbender2.org/index.php/Owsproxy
 # Module maintainer Uli
 # Copyright (C) 2002 CCGIS 
 #
@@ -29,23 +29,28 @@
 {
     require_once(dirname(__FILE__) . "/../../conf/excludeproxyurls.conf");
 }
+//database connection
+$con = db_connect(DBSERVER, OWNER, PW);
+db_select_db(DB, $con);
+
 /* * *** conf **** */
 $imageformats = array("image/png", "image/gif", "image/jpeg", "image/jpg");
 $width = 400;
 $height = 400;
 /* * *** conf **** */
 
-$con = db_connect(DBSERVER, OWNER, PW);
-db_select_db(DB, $con);
-
 $postdata = $HTTP_RAW_POST_DATA;
 $owsproxyService = $_REQUEST['wms']; //ToDo: change this to 'service' in the apache url-rewriting
+
 $query = new QueryHandler();
+
 // an array with keys and values toLowerCase -> caseinsensitiv
 $reqParams = $query->getRequestParams();
+
 $e = new mb_notice("incoming request: " . OWSPROXY . "/" . $_REQUEST['sid'] . "/" . $_REQUEST['wms'] . $query->getRequest());
 $e = new mb_notice("owsproxy requested from: " . $_SERVER["REMOTE_ADDR"]);
 $e = new mb_notice("owsproxy requested: " . $query->getRequest());
+
 $sid = $_REQUEST['sid'];
 $serviceId =  $_REQUEST['wms'];
 
@@ -179,6 +184,7 @@
     }
     if (!$found)
         $query->setParam("service", "WMS");
+	$reqParams = $query->getRequestParams();
 }
 //check for kind of service
 switch (strtolower($reqParams['service'])) {
@@ -205,15 +211,16 @@
 	break;
 }
 
+//define $userId from session information
+$userId = $_SESSION['mb_user_id'];
 
-/* * ***********  workflow *********** */
+/* ************ main workflow *********** */
 
-
 switch (strtolower($reqParams['request'])) {
     case 'getcapabilities':
 	switch (strtolower($reqParams['service'])) {
 		case 'wfs':
-			$arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), false);
+			$arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), false, $userId);
         		$query->setOnlineResource($arrayOnlineresources['wfs_getcapabilities']);
         		$request = $query->getRequest();  
 			$request = str_replace('?&','?',$request);
@@ -224,7 +231,7 @@
         		}		
 		break;
 		case 'wms':
-        		$arrayOnlineresources = checkWmsPermission($query->getOwsproxyServiceId());
+        		$arrayOnlineresources = checkWmsPermission($query->getOwsproxyServiceId(), $userId);
         		$query->setOnlineResource($arrayOnlineresources['wms_getcapabilities']);
         		$request = $query->getRequest();
         		if (isset($auth)) {
@@ -237,7 +244,7 @@
 	}
         break;
     case 'getfeatureinfo':
-        $arrayOnlineresources = checkWmsPermission($query->getOwsproxyServiceId());
+        $arrayOnlineresources = checkWmsPermission($query->getOwsproxyServiceId(), $userId);
         $query->setOnlineResource($arrayOnlineresources['wms_getfeatureinfo']);
         $request = $query->getRequest();
         //Ergaenzungen secured UMN Requests
@@ -246,7 +253,7 @@
             #do log to db
             #get price out of db
             $price = intval($n->getWmsfiPrice($arrayOnlineresources['wms_id']));
-            $log_id = $n->logWmsGFIProxyRequest($arrayOnlineresources['wms_id'], $_SESSION['mb_user_id'], $request,
+            $log_id = $n->logWmsGFIProxyRequest($arrayOnlineresources['wms_id'], $userId, $request,
                 $price);
         }
         if (isset($auth)) {
@@ -256,9 +263,9 @@
         }
         break;
     case 'getmap':
-        $arrayOnlineresources = checkWmsPermission($owsproxyService);
+        $arrayOnlineresources = checkWmsPermission($owsproxyService, $userId);
         $query->setOnlineResource($arrayOnlineresources['wms_getmap']);
-        $layers = checkLayerPermission($arrayOnlineresources['wms_id'], $reqParams['layers']);
+        $layers = checkLayerPermission($arrayOnlineresources['wms_id'], $reqParams['layers'], $userId);
         if ($layers === "") {
             throwE("Permission denied");
             die();
@@ -277,13 +284,12 @@
         } else {
             $request = $query->getRequest();
         }
-        //$request = $query->getRequest();
         // Ergaenzungen secured UMN Requests
         //log proxy requests
         if ($n->getWmsLogTag($arrayOnlineresources['wms_id']) == 1) {#do log to db
             #get price out of db
             $price = intval($n->getWmsPrice($arrayOnlineresources['wms_id']));
-            $log_id = $n->logFullWmsProxyRequest($arrayOnlineresources['wms_id'], $_SESSION['mb_user_id'], $request,
+            $log_id = $n->logFullWmsProxyRequest($arrayOnlineresources['wms_id'], $userId, $request,
                 $price);
         }
         if (isset($auth)) {
@@ -293,9 +299,9 @@
         }
         break;
     case 'map':
-        $arrayOnlineresources = checkWmsPermission($owsproxyService);
+        $arrayOnlineresources = checkWmsPermission($owsproxyService, $userId);
         $query->setOnlineResource($arrayOnlineresources['wms_getmap']);
-        $layers = checkLayerPermission($arrayOnlineresources['wms_id'], $reqParams['layers']);
+        $layers = checkLayerPermission($arrayOnlineresources['wms_id'], $reqParams['layers'], $userId);
         if ($layers === "") {
             throwE("Permission denied");
             die();
@@ -312,7 +318,7 @@
         $url = getLegendUrl($query->getOwsproxyServiceId());
         if (isset($reqParams['sld']) && $reqParams['sld'] != "") {
             $url = $url . getConjunctionCharacter($url) . "SLD=" . $reqParams['sld'];
-        }
+        }	
         if (isset($auth)) {
             getImage(false, $url, $auth);
         } else {
@@ -324,14 +330,14 @@
         break;
     case 'getfeature':
         $arrayFeatures = array($reqParams['typename']);
-        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures);
+        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures, $userId);
         $query->setOnlineResource($arrayOnlineresources['wfs_getfeature']);
         $request = $query->getRequest();
         $request = stripslashes($request);
 	if ($n->getWfsLogTag($arrayOnlineresources['wfs_id']) == 1) {
             //get price out of db
             $price = intval($n->getWfsPrice($arrayOnlineresources['wfs_id']));
-            $log_id = $n->logWfsProxyRequest($arrayOnlineresources['wfs_id'], $_SESSION['mb_user_id'], $request,
+            $log_id = $n->logWfsProxyRequest($arrayOnlineresources['wfs_id'], $userId, $request,
                 $price, 0, $reqParams['typename']);
         } else {
 		$log_id = false;
@@ -344,7 +350,7 @@
         break;
     case 'describefeaturetype':
         $arrayFeatures = array($reqParams['typename']);
-        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures);
+        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures, $userId);
         $query->setOnlineResource($arrayOnlineresources['wfs_describefeaturetype']);
         $request = $query->getRequest();
         $request = stripslashes($request);
@@ -357,7 +363,7 @@
     // case wfs transaction (because of raw POST the request param is empty)
     case '':
         $arrayFeatures = getWfsFeaturesFromTransaction($HTTP_RAW_POST_DATA);
-        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures);
+        $arrayOnlineresources = checkWfsPermission($query->getOwsproxyServiceId(), $arrayFeatures, $userId);
         $query->setOnlineResource($arrayOnlineresources['wfs_transaction']);
         $request = $query->getRequest();
         doTransaction($request, $HTTP_RAW_POST_DATA);
@@ -372,9 +378,8 @@
     Mapbender::session()->storageDestroy($tmpSession);
 }
 
+/*********************************************************/
 
-/* * ****************************************************** */
-
 function throwE($e)
 {
     global $reqParams, $imageformats;
@@ -519,8 +524,6 @@
     $content = getDocumentContent(false, $url, "Content-Type: application/xml", $auth);
 }
 
-
-
 /**
  * simulates a post request to host
  * 
@@ -769,6 +772,7 @@
     header("Content-Type: application/xml");
     echo $r;
 }
+
 /**
  * gets the original url of the requested legend graphic
  * 
@@ -786,6 +790,7 @@
     if ($row = db_fetch_array($res)) {
         $wmsid = $row["wms_id"];
         $getLegendUrl = $row["wms_getlegendurl"];
+	//$e = new mb_exception("found : ".$getLegendUrl); //empty
     } else {
         throwE(array("No wms data available."));
         die();
@@ -807,7 +812,6 @@
     $res = db_prep_query($sql, $v, $t);
     if ($row = db_fetch_array($res)) {
         if (strpos($row["legendurl"], 'http') !== 0) {
-            $e = new mb_notice("combine legendurls!");
             return $getLegendUrl . $row["legendurl"];
         }
         return $row["legendurl"];
@@ -823,13 +827,13 @@
  * @param string OWSPROXY md5
  * @return array array with detailed information about requested wms
  */
-function checkWmsPermission($wms)
+function checkWmsPermission($wmsOws, $userId)
 {
     global $con, $n;
-    $myguis = $n->getGuisByPermission($_SESSION["mb_user_id"], true);
+    $myguis = $n->getGuisByPermission($userId, true);
     $mywms = $n->getWmsByOwnGuis($myguis);
     $sql = "SELECT * FROM wms WHERE wms_owsproxy = $1";
-    $v = array($wms);
+    $v = array($wmsOws);
     $t = array("s");
     $res = db_prep_query($sql, $v, $t);
     $service = array();
@@ -862,10 +866,10 @@
  * @param array array of requested featuretype names
  * @return array array with detailed information on reqested wfs
  */
-function checkWfsPermission($wfsOws, $features)
+function checkWfsPermission($wfsOws, $features, $userId)
 {
     global $con, $n;
-    $myconfs = $n->getWfsConfByPermission($_SESSION["mb_user_id"]);
+    $myconfs = $n->getWfsConfByPermission($userId);
     if ($features !== false) {
 	//check if we know the features requested
 	if (count($features) == 0) {
@@ -921,14 +925,13 @@
     return $service;
 }
 
-function checkLayerPermission($wms_id, $l)
+function checkLayerPermission($wms_id, $l, $userId)
 {
     global $n, $owsproxyService;
-//	$notice = new mb_exception("owsproxy: checkLayerpermission: wms: ".$wms_id.", layer: ".$l);
     $myl = explode(",", $l);
     $r = array();
     foreach ($myl as $mysl) {
-        if ($n->getLayerPermission($wms_id, $mysl, $_SESSION["mb_user_id"]) === true) {
+        if ($n->getLayerPermission($wms_id, $mysl, $userId) === true) {
             array_push($r, $mysl);
         }
     }
@@ -949,7 +952,7 @@
     }
     $content = $d->file;
     $endTime = microtime();
-    $e = new mb_exception("owsproxy/http/index.php: Time for getting remote resource: ".(string)($endTime - $startTime));
+    //$e = new mb_exception("owsproxy/http/index.php: Time for getting remote resource: ".(string)($endTime - $startTime));
     if (strtoupper($reqParams["request"]) == "GETMAP") { // getmap
         $pattern_exc = '~EXCEPTION~i';
         preg_match($pattern_exc, $content, $exception);