diff --git a/ktapi/ktapi.inc.php b/ktapi/ktapi.inc.php index f308a73..c2e8fe4 100644 --- a/ktapi/ktapi.inc.php +++ b/ktapi/ktapi.inc.php @@ -60,6 +60,10 @@ require_once(KTAPI_DIR .'/KTAPIAcl.inc.php'); require_once(KTAPI_DIR .'/KTAPICollection.inc.php'); require_once(KTAPI_DIR .'/KTAPIBulkActions.inc.php'); +//$dir = dirname(__FILE__) . DIRECTORY_SEPARATOR . '..'; +//$dir = realpath($dir).DIRECTORY_SEPARATOR; +//require_once($dir . 'plugins/wintools/baobabkeyutil.inc.php'); +//require_once($dir . 'plugins/electronic-signatures/Esignature.inc.php'); /** * This class defines functions that MUST exist in the inheriting class @@ -171,6 +175,13 @@ class KTAPI protected $version = 3; + private $esig_enabled; + + public function KTAPI() + { + $this->esig_enabled = $this->electronic_sig_enabled(); + } + /** * This returns the current session. * @@ -349,7 +360,12 @@ class KTAPI * @param int * */ - public function add_folder_user_permissions($username, $folder_id, $namespace) { + public function add_folder_user_permissions($username, $folder_id, $namespace, $sig_username = '', $sig_password = '', $reason = '') + { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.permissions_change'); + if ($response['status_code'] == 1) return $response; + if (is_null($this->session)) { return array( @@ -417,7 +433,12 @@ class KTAPI * @param int * */ - public function add_folder_role_permissions($role, $folder_id, $namespace) { + public function add_folder_role_permissions($role, $folder_id, $namespace, $sig_username = '', $sig_password = '', $reason = '') + { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.permissions_change'); + if ($response['status_code'] == 1) return $response; + if (is_null($this->session)) { return array( @@ -478,7 +499,12 @@ class KTAPI * @param int * */ - public function add_folder_group_permissions($group, $folder_id, $namespace) { + public function add_folder_group_permissions($group, $folder_id, $namespace, $sig_username = '', $sig_password = '', $reason = '') + { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.permissions_change'); + if ($response['status_code'] == 1) return $response; + if (is_null($this->session)) { return array( @@ -530,9 +556,6 @@ class KTAPI $permissions->save(); } - - - /** * This checks if a user can access an object with a certain permission. * @@ -711,7 +734,6 @@ class KTAPI return $session; } - /** * start a root session. * @@ -738,8 +760,6 @@ class KTAPI return $session; } - - /** * Starts an anonymous session. * @@ -1048,7 +1068,6 @@ class KTAPI return $results; } - /** * Returns an array of username/name combinations or an error object. * @@ -1213,8 +1232,13 @@ class KTAPI * @param integer $target_folder_id The id of the target folder if required - copy and move require this. * @return array The response array. On success response['results'] will be empty | contain an array of failed items. */ - public function performBulkAction($action, $items, $reason = '', $target_folder_id = null) + public function performBulkAction($action, $items, $reason = '', $target_folder_id = null, + $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($target_folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.permissions_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; if(!is_array($items)){ @@ -1474,8 +1498,12 @@ class KTAPI * @param integer $user_id The id of the user to be added * @return array Response */ - public function add_user_to_role_on_folder($folder_id, $role_id, $user_id) + public function add_user_to_role_on_folder($folder_id, $role_id, $user_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; if(!is_numeric($user_id)){ $response['message'] = _kt('User id must be numeric.'); @@ -1496,8 +1524,12 @@ class KTAPI * @param integer $group_id The id of the group to be added * @return array Response */ - public function add_group_to_role_on_folder($folder_id, $role_id, $group_id) + public function add_group_to_role_on_folder($folder_id, $role_id, $group_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; if(!is_numeric($group_id)){ $response['message'] = _kt('Group id must be numeric.'); @@ -1518,8 +1550,12 @@ class KTAPI * @param integer $user_id The id of the user to be removed * @return array Response */ - public function remove_user_from_role_on_folder($folder_id, $role_id, $user_id) + public function remove_user_from_role_on_folder($folder_id, $role_id, $user_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; if(!is_numeric($user_id)){ $response['message'] = _kt('User id must be numeric.'); @@ -1540,8 +1576,12 @@ class KTAPI * @param integer $group_id The id of the group to be removied * @return array Response */ - public function remove_group_from_role_on_folder($folder_id, $role_id, $group_id) + public function remove_group_from_role_on_folder($folder_id, $role_id, $group_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; if(!is_numeric($group_id)){ $response['message'] = _kt('Group id must be numeric.'); @@ -1593,8 +1633,13 @@ class KTAPI * @param string $update The type of modification - add | remove * @return array Response */ - private function update_members_on_role_on_folder($folder_id, $role_id, $members, $update = 'add') + private function update_members_on_role_on_folder($folder_id, $role_id, $members, $update = 'add', + $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + // Check input information $response['status_code'] = 1; if(!is_numeric($folder_id)){ @@ -1740,8 +1785,12 @@ class KTAPI * @param integer $role_id Optional. The id of the role being reset. * @return array Response */ - public function remove_all_role_allocation_from_folder($folder_id, $role_id = null) + public function remove_all_role_allocation_from_folder($folder_id, $role_id = null, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; // Get folder and role objects @@ -1778,8 +1827,12 @@ class KTAPI * @param integer $folder_id The folder id * @return array Response */ - public function override_role_allocation_on_folder($folder_id) + public function override_role_allocation_on_folder($folder_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.role_allocations_change'); + if ($response['status_code'] == 1) return $response; + $response['status_code'] = 1; // Get folder object @@ -1829,7 +1882,6 @@ class KTAPI /* *** Refactored web services functions *** */ - /** * Creates a new anonymous session. * @@ -2022,8 +2074,12 @@ class KTAPI * @param string $folder_name The name of the new folder * @return array Response 'results' contains kt_folder_detail | 'message' contains error message on failure */ - function create_folder($folder_id, $folder_name) + function create_folder($folder_id, $folder_name, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.add'); + if ($response['status_code'] == 1) return $response; + $folder = &$this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { @@ -2047,8 +2103,12 @@ class KTAPI * @param integer $source_folder_id Id of the folder to which the shortcut will point. * @return array Response 'results' contains kt_shortcut_detail | 'message' contains error message on failure */ - function create_folder_shortcut($target_folder_id, $source_folder_id) + function create_folder_shortcut($target_folder_id, $source_folder_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.create_shortcut'); + if ($response['status_code'] == 1) return $response; + $folder = &$this->get_folder_by_id($target_folder_id); if (PEAR::isError($folder)) { @@ -2088,8 +2148,12 @@ class KTAPI * @param integer $source_document_id Id of the document to which the shortcut will point * @return array Response 'results' contains kt_document_detail | 'message' contains error message on failure */ - function create_document_shortcut($target_folder_id, $source_document_id) + function create_document_shortcut($target_folder_id, $source_document_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.create_shortcut'); + if ($response['status_code'] == 1) return $response; + $folder = &$this->get_folder_by_id($target_folder_id); if (PEAR::isError($folder)) { @@ -2129,8 +2193,12 @@ class KTAPI * @param string $reason The reason for performing the deletion * @return array Response | 'message' contains error message on failure */ - function delete_folder($folder_id, $reason) + function delete_folder($folder_id, $reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.delete'); + if ($response['status_code'] == 1) return $response; + $folder = &$this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { @@ -2160,8 +2228,12 @@ class KTAPI * @param string $newname The new name of the folder * @return array Response | 'message' contains error message on failure */ - function rename_folder($folder_id, $newname) + function rename_folder($folder_id, $newname, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($folder_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.rename'); + if ($response['status_code'] == 1) return $response; + $folder = &$this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { @@ -2191,8 +2263,12 @@ class KTAPI * @param string $reason The reason for performing the copy * @return array Response | 'message' contains error message on failure */ - function copy_folder($source_id, $target_id, $reason) + function copy_folder($source_id, $target_id, $reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($source_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.copy'); + if ($response['status_code'] == 1) return $response; + $src_folder = &$this->get_folder_by_id($source_id); if (PEAR::isError($src_folder)) { @@ -2216,7 +2292,7 @@ class KTAPI $response['message']= $result->getMessage(); return $response; } - + $response['status_code'] = 0; if($this->version >= 2){ @@ -2240,8 +2316,12 @@ class KTAPI * @param string $reason The reason for performing the move * @return array Response | 'message' contains error message on failure */ - function move_folder($source_id, $target_id, $reason) + function move_folder($source_id, $target_id, $reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($source_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.move'); + if ($response['status_code'] == 1) return $response; + $src_folder = &$this->get_folder_by_id($source_id); if (PEAR::isError($src_folder)) { @@ -2636,8 +2716,13 @@ class KTAPI * @param string $tempfilename * @return kt_document_detail. */ - public function add_document($folder_id, $title, $filename, $documenttype, $tempfilename) + public function add_document($folder_id, $title, $filename, $documenttype, $tempfilename, + $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.add'); + if ($response['status_code'] == 1) return $response; + // we need to add some security to ensure that people don't frig the checkin process to access restricted files. // possibly should change 'tempfilename' to be a hash or id of some sort if this is troublesome. $upload_manager = new KTUploadManager(); @@ -2682,7 +2767,7 @@ class KTAPI $update_result = $this->update_document_metadata($document_id, $metadata, $sysdata); if($update_result['status_code'] != 0){ - $this->delete_document($document_id, 'Rollback because metadata could not be added'); + $this->delete_document($document_id, 'Rollback because metadata could not be added', false); return $update_result; } @@ -2713,7 +2798,7 @@ class KTAPI $update_result = $this->update_document_metadata($document_id, $metadata, $sysdata); if($update_result['status_code'] != 0){ - $this->delete_document($document_id, 'Rollback because metadata could not be added'); + $this->delete_document($document_id, 'Rollback because metadata could not be added', false); return $update_result; } @@ -2827,8 +2912,13 @@ class KTAPI * @param string $tempfilename * @return kt_document_detail. status_code can be KTWS_ERR_INVALID_SESSION, KTWS_ERR_INVALID_FOLDER, KTWS_ERR_INVALID_DOCUMENT or KTWS_SUCCESS */ - public function checkin_document($document_id, $filename, $reason, $tempfilename, $major_update ) + public function checkin_document($document_id, $filename, $reason, $tempfilename, $major_update, + $sig_username = '', $sig_password = '' ) { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_in'); + if ($response['status_code'] == 1) return $response; + // we need to add some security to ensure that people don't frig the checkin process to access restricted files. // possibly should change 'tempfilename' to be a hash or id of some sort if this is troublesome. $upload_manager = new KTUploadManager(); @@ -2860,8 +2950,13 @@ class KTAPI return $this->get_document_detail($document_id); } - public function checkin_small_document_with_metadata($document_id, $filename, $reason, $base64, $major_update, $metadata, $sysdata) + public function checkin_small_document_with_metadata($document_id, $filename, $reason, $base64, $major_update, + $metadata, $sysdata, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_in'); + if ($response['status_code'] == 1) return $response; + $add_result = $this->checkin_small_document($document_id, $filename, $reason, $base64, $major_update); if($add_result['status_code'] != 0){ @@ -2889,8 +2984,13 @@ class KTAPI return $update_result; } - public function checkin_document_with_metadata($document_id, $filename, $reason, $tempfilename, $major_update, $metadata, $sysdata) + public function checkin_document_with_metadata($document_id, $filename, $reason, $tempfilename, $major_update, + $metadata, $sysdata, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_in'); + if ($response['status_code'] == 1) return $response; + $add_result = $this->checkin_document($document_id, $filename, $reason, $tempfilename, $major_update); if($add_result['status_code'] != 0){ @@ -2917,7 +3017,6 @@ class KTAPI return $update_result; } - /** * Does a document checkin. * @@ -2930,8 +3029,12 @@ class KTAPI * @param boolean $major_update * @return kt_document_detail. */ - public function checkin_small_document($document_id, $filename, $reason, $base64, $major_update ) + public function checkin_small_document($document_id, $filename, $reason, $base64, $major_update, $sig_username = '', $sig_password = '' ) { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_in'); + if ($response['status_code'] == 1) return $response; + $upload_manager = new KTUploadManager(); $tempfilename = $upload_manager->store_base64_file($base64, 'su_'); if (PEAR::isError($tempfilename)) @@ -2973,8 +3076,12 @@ class KTAPI * @param string $reason * @return kt_document_detail. */ - public function checkout_document($document_id, $reason, $download=true) + public function checkout_document($document_id, $reason, $download=true, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_out'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3028,8 +3135,12 @@ class KTAPI * @param boolean $download * @return kt_document_detail */ - public function checkout_small_document($document_id, $reason, $download) + public function checkout_small_document($document_id, $reason, $download, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.check_out'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3088,8 +3199,12 @@ class KTAPI * @param string $reason * @return kt_document_detail. */ - public function undo_document_checkout($document_id, $reason) + public function undo_document_checkout($document_id, $reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.force_checkin'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3213,8 +3328,15 @@ class KTAPI * @param string $reason * @return kt_response */ - public function delete_document($document_id, $reason) + public function delete_document($document_id, $reason, $sig_username = '', $sig_password = '', $auth_sig = true) { + if ($auth_sig) + { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.delete'); + if ($response['status_code'] == 1) return $response; + } + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3245,8 +3367,12 @@ class KTAPI * @param string $documenttype * @return array */ - public function change_document_type($document_id, $documenttype) + public function change_document_type($document_id, $documenttype, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.document_type_change'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3279,8 +3405,12 @@ class KTAPI * @param string $newfilename * @return array */ - public function copy_document($document_id,$folder_id,$reason,$newtitle=null,$newfilename=null) + public function copy_document($document_id,$folder_id,$reason,$newtitle=null,$newfilename=null, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.copy'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3311,7 +3441,7 @@ class KTAPI } /** - * Move a folder to another location. + * Move a document to another location. * * @author KnowledgeTree Team * @access public @@ -3322,8 +3452,12 @@ class KTAPI * @param string $newfilename * @return array */ - public function move_document($document_id,$folder_id,$reason,$newtitle=null,$newfilename=null) + public function move_document($document_id,$folder_id,$reason,$newtitle=null,$newfilename=null, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.move'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3368,8 +3502,12 @@ class KTAPI * @param string $newtitle * @return arry */ - public function rename_document_title($document_id,$newtitle) + public function rename_document_title($document_id,$newtitle, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.rename'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3400,8 +3538,12 @@ class KTAPI * @param string $newfilename * @return array */ - public function rename_document_filename($document_id,$newfilename) + public function rename_document_filename($document_id,$newfilename, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.rename'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3432,8 +3574,12 @@ class KTAPI * @param string $reason * @return array */ - public function change_document_owner($document_id, $username, $reason) + public function change_document_owner($document_id, $username, $reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.document_owner_change'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3465,8 +3611,12 @@ class KTAPI * @param string $workflow * @return array */ - public function start_document_workflow($document_id,$workflow) + public function start_document_workflow($document_id,$workflow, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.workflow_state_transition'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3495,8 +3645,12 @@ class KTAPI * @param int $document_id * @return array */ - public function delete_document_workflow($document_id) + public function delete_document_workflow($document_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.workflow_state_transition'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3527,8 +3681,12 @@ class KTAPI * @param string $reason * @return array */ - public function perform_document_workflow_transition($document_id,$transition,$reason) + public function perform_document_workflow_transition($document_id,$transition,$reason, $sig_username = '', $sig_password = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.workflow_state_transition'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3546,11 +3704,8 @@ class KTAPI } return $this->get_document_detail($document_id); - } - - /** * Returns the metadata on a document. * @@ -3607,8 +3762,11 @@ class KTAPI * @param array $metadata * @return array */ - public function update_document_metadata($document_id,$metadata, $sysdata=null) + public function update_document_metadata($document_id,$metadata, $sysdata=null, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.metadata_update'); + if ($response['status_code'] == 1) return $response; $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) @@ -3649,7 +3807,6 @@ class KTAPI */ public function get_document_workflow_transitions($document_id) { - $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3712,7 +3869,6 @@ class KTAPI */ public function get_document_transaction_history($document_id) { - $document = &$this->get_document_by_id($document_id); if (PEAR::isError($document)) { @@ -3744,7 +3900,6 @@ class KTAPI */ public function get_folder_transaction_history($folder_id) { - $folder = &$this->get_folder_by_id($folder_id); if (PEAR::isError($folder)) { @@ -3840,8 +3995,12 @@ class KTAPI * @param int $child_document_id * @return kt_response */ - public function unlink_documents($parent_document_id, $child_document_id) + public function unlink_documents($parent_document_id, $child_document_id, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($parent_document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.unlink'); + if ($response['status_code'] == 1) return $response; + $document = &$this->get_document_by_id($parent_document_id); if (PEAR::isError($document)) { @@ -3880,8 +4039,11 @@ class KTAPI * @param string $type * @return boolean */ - public function link_documents($parent_document_id, $child_document_id, $type) + public function link_documents($parent_document_id, $child_document_id, $type, $sig_username = '', $sig_password = '', $reason = '') { + $response = $this->_check_electronic_signature($parent_document_id, $sig_username, $sig_password, $reason, $reason, + 'ktcore.transactions.link'); + if ($response['status_code'] == 1) return $response; $document = &$this->get_document_by_id($parent_document_id); if (PEAR::isError($document)) @@ -4490,6 +4652,67 @@ class KTAPI return $response; } + + /** + * Method to check whether electronic signatures are enabled + * + * @author KnowledgeTree Team + * @access public + * @return bool $enabled true or false + */ + public function electronic_sig_enabled() + { + // Check config for api signatures enabled + $oConfig =& KTConfig::getSingleton(); + $enabled = $oConfig->get('e_signatures/enableApiSignatures', false); + // Check that the license is valid + $enabled = (BaobabKeyUtil::getLicenseCount() >= MIN_LICENSES) & $enabled; + + return $enabled; + } + + /** + * Attempts authentication of the signature + * + * @author KnowledgeTree Team + * @access private + * @param string $username The users username. + * @param string $password The users password. + * @param string $comment A comment on the action performed. + * @param string $action The action performed. + * @param string $details Details about the action performed. + * @return bool True if authenticated | False if rejected + */ + private function _authenticateSignature($username, $password, $comment, $action, $details) + { + $eSignature = new ESignature('api'); + $result = $eSignature->sign($username, $password, $comment, $action, $details); + if(!$result){ + $this->esig_error = $eSignature->getError(); + } + + return $result; + } + + /** + * Method to execute electronic signature checks on action + */ + private function _check_electronic_signature($item_id, $username, $password, $comment, $details, $action) + { + $response = array(); + $response['status_code'] = 0; + + // check electronic signature authentication, if on + if ($this->esig_enabled && !$this->_authenticateSignature($username, $password, $comment, $action, $item_id)) + { + $response['status_code'] = 1; + $response['message'] = $this->esig_error; + + return $response; + } + + return $response; + } } diff --git a/tests/api/testApi.php b/tests/api/testApi.php index 1d6f2ef..95994a0 100644 --- a/tests/api/testApi.php +++ b/tests/api/testApi.php @@ -117,7 +117,7 @@ class APITestCase extends KTUnitTestCase { // create the document object $randomFile = $this->createRandomFile(); - $document = $this->root->add_document('title_1.txt', 'name_1.txt', 'Default', $randomFile); + $document = $this->root->add_document('title_1.txt', 'name_1.txt', 'Default', $randomFile, 'admin', 'admin', 'Testing API'); @unlink($randomFile); $internalDocObject = $document->getObject(); @@ -132,7 +132,8 @@ class APITestCase extends KTUnitTestCase { // create the document object $randomFile = $this->createRandomFile(); - $document2 = $this->root->add_document('title_2.txt', 'name_2.txt', 'Default', $randomFile); + $document2 = $this->root->add_document('title_2.txt', 'name_2.txt', 'Default', $randomFile, 'admin', 'admin', 'Testing API'); + @unlink($randomFile); $internalDocObject2 = $document2->getObject(); @@ -301,7 +302,7 @@ class APITestCase extends KTUnitTestCase { { // create the document object $randomFile = $this->createRandomFile(); - $document = $this->root->add_document('title_5.txt', 'name_5.txt', 'Default', $randomFile); + $document = $this->root->add_document('title_5.txt', 'name_5.txt', 'Default', $randomFile, 'admin', 'admin', 'reason'); @unlink($randomFile); $documentID = $document->get_documentid(); @@ -432,7 +433,7 @@ class APITestCase extends KTUnitTestCase { { // Create a document and subscribe to it $randomFile = $this->createRandomFile(); - $document = $this->root->add_document('test title 1', 'testfile1.txt', 'Default', $randomFile); + $document = $this->root->add_document('test title 1', 'testfile1.txt', 'Default', $randomFile, 'admin', 'admin', 'Testing API'); @unlink($randomFile); $this->assertEntity($document, 'KTAPI_Document'); @@ -458,18 +459,18 @@ class APITestCase extends KTUnitTestCase { public function testFolderApiFunctions() { // check for a negative result - $result = $this->ktapi->create_folder(0, 'New test error api folder'); + $result = $this->ktapi->create_folder(0, 'New test error api folder', 'admin', 'admin', 'Testing API'); $this->assertNotEqual($result['status_code'], 0); // Create a folder - $result1 = $this->ktapi->create_folder(1, 'New test api folder'); + $result1 = $this->ktapi->create_folder(1, 'New test api folder', 'admin', 'admin', 'Testing API'); $folder_id = $result1['results']['id']; $this->assertEqual($result1['status_code'], 0); $this->assertTrue($result1['results']['parent_id'] == 1); // Create a sub folder - $result2 = $this->ktapi->create_folder($folder_id, 'New test api sub-folder'); + $result2 = $this->ktapi->create_folder($folder_id, 'New test api sub-folder', 'admin', 'admin', 'Testing API'); $folder_id2 = $result2['results']['id']; $this->assertEqual($result2['status_code'], 0); @@ -477,8 +478,10 @@ class APITestCase extends KTUnitTestCase { global $default; $dir = $default->uploadDirectory; $tempfilename = $this->createRandomFile('some text', $dir); - $doc = $this->ktapi->add_document($folder_id, 'New API test doc', 'testdoc1.txt', 'Default', $tempfilename); + $doc = $this->ktapi->add_document($folder_id, 'New API test doc', 'testdoc1.txt', 'Default', + $tempfilename, 'admin', 'admin', 'Testing API'); + $this->assertEqual($doc['status_code'], 0); $this->assertEqual($doc['results']['title'], 'New API test doc'); @@ -492,7 +495,7 @@ class APITestCase extends KTUnitTestCase { $this->assertTrue($detail['results']['parent_id'] == $folder_id); // Create a shortcut to the subfolder from the root folder - $shortcut = $this->ktapi->create_folder_shortcut(1, $folder_id2); + $shortcut = $this->ktapi->create_folder_shortcut(1, $folder_id2, 'admin', 'admin', 'Testing API'); $this->assertEqual($shortcut['status_code'], 0); $this->assertEqual($shortcut['results']['folder_name'], 'New test api sub-folder'); $this->assertEqual($shortcut['results']['parent_id'], 1); @@ -502,7 +505,7 @@ class APITestCase extends KTUnitTestCase { $this->assertEqual(count($shortcut_list['results']), 1); // Rename the folder - $renamed = $this->ktapi->rename_folder($folder_id, 'Renamed test folder'); + $renamed = $this->ktapi->rename_folder($folder_id, 'Renamed test folder', 'admin', 'admin', 'Testing API'); $this->assertEqual($renamed['status_code'], 0); $renamed_detail = $this->ktapi->get_folder_detail_by_name('Renamed test folder'); @@ -512,9 +515,9 @@ class APITestCase extends KTUnitTestCase { // $this->ktapi->copy_folder($source_id, $target_id, $reason); // $this->ktapi->move_folder($source_id, $target_id, $reason); - // Clean up - delete the folder - $this->ktapi->delete_folder($folder_id, 'Testing API'); + $this->ktapi->delete_folder($folder_id, 'Testing API', 'admin', 'admin'); + $detail2 = $this->ktapi->get_folder_detail($folder_id); $this->assertNotEqual($detail2['status_code'], 0); } @@ -525,12 +528,12 @@ class APITestCase extends KTUnitTestCase { public function testDocumentApiFunctions() { // Create a folder - $result1 = $this->ktapi->create_folder(1, 'New test api folder'); + $result1 = $this->ktapi->create_folder(1, 'New test api folder', 'admin', 'admin', 'Testing API'); $folder_id = $result1['results']['id']; $this->assertEqual($result1['status_code'], 0); // Create a sub folder - $result2 = $this->ktapi->create_folder($folder_id, 'New test api sub-folder'); + $result2 = $this->ktapi->create_folder($folder_id, 'New test api sub-folder', 'admin', 'admin', 'Testing API'); $folder_id2 = $result2['results']['id']; $this->assertEqual($result2['status_code'], 0); @@ -538,8 +541,9 @@ class APITestCase extends KTUnitTestCase { global $default; $dir = $default->uploadDirectory; $tempfilename = $this->createRandomFile('some text', $dir); - $doc = $this->ktapi->add_document($folder_id, 'New API test doc', 'testdoc1.txt', 'Default', $tempfilename); - + $doc = $this->ktapi->add_document($folder_id, 'New API test doc', 'testdoc1.txt', 'Default', $tempfilename, + 'admin', 'admin', 'Testing API'); + $doc_id = $doc['results']['document_id']; $this->assertEqual($doc['status_code'], 0); @@ -565,15 +569,15 @@ class APITestCase extends KTUnitTestCase { $this->assertEqual($detail4['results']['title'], 'New API test doc'); // Checkout the document - $result1 = $this->ktapi->checkout_document($doc_id, 'Testing API', true); + $result1 = $this->ktapi->checkout_document($doc_id, 'Testing API', true, 'admin', 'admin'); $this->assertEqual($result1['status_code'], 0); $this->assertTrue(!empty($result1['results'])); // Checkin the document $dir = $default->uploadDirectory; $tempfilename = $this->createRandomFile('some text', $dir); - $result2 = $this->ktapi->checkin_document($doc_id, 'testdoc1.txt', 'Testing API', $tempfilename, false); - + $result2 = $this->ktapi->checkin_document($doc_id, 'testdoc1.txt', 'Testing API', $tempfilename, false, 'admin', 'admin'); + $this->assertEqual($result2['status_code'], 0); $this->assertEqual($result2['results']['document_id'], $doc_id); @@ -584,11 +588,12 @@ class APITestCase extends KTUnitTestCase { $this->assertEqual($shortcut['results']['folder_id'], $folder_id); // Delete the document - $result3 = $this->ktapi->delete_document($doc_id, 'Testing API'); + $result3 = $this->ktapi->delete_document($doc_id, 'Testing API', 'admin', 'admin', true); $this->assertEqual($result3['status_code'], 0); // Clean up - delete the folder - $this->ktapi->delete_folder($folder_id, 'Testing API'); + $this->ktapi->delete_folder($folder_id, 'Testing API', 'admin', 'admin'); + $detail2 = $this->ktapi->get_folder_detail($folder_id); $this->assertNotEqual($detail2['status_code'], 0); } @@ -606,7 +611,7 @@ class APITestCase extends KTUnitTestCase { $randomFile = $this->createRandomFile(); $this->assertTrue(is_file($randomFile)); - $document = $folder->add_document($title, $filename, 'Default', $randomFile); + $document = $folder->add_document($title, $filename, 'Default', $randomFile, 'admin', 'admin', 'Testing API'); $this->assertNotError($document); @unlink($randomFile); diff --git a/tests/api/testAuto.php b/tests/api/testAuto.php index 1015d23..d9c14cf 100644 --- a/tests/api/testAuto.php +++ b/tests/api/testAuto.php @@ -22,7 +22,7 @@ class APIAutoTestCase extends KTUnitTestCase { * @var object $root The KT folder object */ var $root; - + /** * This method sets up the KT session * @@ -42,8 +42,6 @@ class APIAutoTestCase extends KTUnitTestCase { $this->session->logout(); } - - function testJunkanonymous_login() { $result = $this->ktapi->anonymous_login(null); $this->assertIsA($result, 'array'); @@ -92,31 +90,29 @@ class APIAutoTestCase extends KTUnitTestCase { - function tesRealdelete_folder() { - $result = $this->ktapi->delete_folder($folder_id, $reason); - $this->assertIsA($result, 'array'); + function tesRealdelete_folder() { + $result = $this->ktapi->delete_folder($folder_id, $reason, 'admin', 'admin'); + $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealrename_folder() { - $result = $this->ktapi->rename_folder($folder_id, $newname); - $this->assertIsA($result, 'array'); + $result = $this->ktapi->rename_folder($folder_id, $newname, 'admin', 'admin', 'Testing API'); + $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } function tesRealcopy_folder() { - $result = $this->ktapi->copy_folder($source_id, $target_id, $reason); - $this->assertIsA($result, 'array'); + $result = $this->ktapi->copy_folder($source_id, $target_id, $reason, 'admin', 'admin'); + $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } function tesRealmove_folder() { - $result = $this->ktapi->move_folder($source_id, $target_id, $reason); - $this->assertIsA($result, 'array'); + $result = $this->ktapi->move_folder($source_id, $target_id, $reason, 'admin', 'admin'); + $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } @@ -132,7 +128,7 @@ class APIAutoTestCase extends KTUnitTestCase { $this->assertEqual($result['status_code'], 0); } - function testJunkget_document_detail_by_filename() { + function testJunkget_document_detail_by_filename() { $result = $this->ktapi->get_document_detail_by_filename(null, null, null); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 1); @@ -168,27 +164,25 @@ class APIAutoTestCase extends KTUnitTestCase { $this->assertEqual($result['status_code'], 0); } - - function tesRealget_document_shortcuts() { + function tesRealget_document_shortcuts() { $result = $this->ktapi->get_document_shortcuts($document_id); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function testJunkadd_document() { - $result = $this->ktapi->add_document(null, null, null, null, null); + function testJunkadd_document() { + $result = $this->ktapi->add_document(null, null, null, null, null, 'admin', 'admin', 'Testing API'); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 1); } function tesRealadd_document() { - $result = $this->ktapi->add_document($folder_id, $title, $filename, $documenttype, $tempfilename); + $result = $this->ktapi->add_document($folder_id, $title, $filename, $documenttype, $tempfilename, + 'admin', 'admin', 'Testing API'); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealadd_small_document_with_metadata() { $result = $this->ktapi->add_small_document_with_metadata($folder_id, $title, $filename, $documenttype, $base64, $metadata, $sysdata); $this->assertIsA($result, 'array'); @@ -214,18 +208,17 @@ class APIAutoTestCase extends KTUnitTestCase { } function testJunkcheckin_document() { - $result = $this->ktapi->checkin_document(null, null, null, null, null); + $result = $this->ktapi->checkin_document(null, null, null, null, null, 'admin', 'admin'); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 1); } function tesRealcheckin_document() { - $result = $this->ktapi->checkin_document($document_id, $filename, $reason, $tempfilename, $major_update); + $result = $this->ktapi->checkin_document($document_id, $filename, $reason, $tempfilename, $major_update, 'admin', 'admin'); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealcheckin_small_document_with_metadata() { $result = $this->ktapi->checkin_small_document_with_metadata($document_id, $filename, $reason, $base64, $major_update, $metadata, $sysdata); $this->assertIsA($result, 'array'); @@ -238,62 +231,48 @@ class APIAutoTestCase extends KTUnitTestCase { $this->assertEqual($result['status_code'], 0); } - - function tesRealcheckin_small_document() { $result = $this->ktapi->checkin_small_document($document_id, $filename, $reason, $base64, $major_update); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealcheckout_document() { $result = $this->ktapi->checkout_document($document_id, $reason, $download); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealcheckout_small_document() { $result = $this->ktapi->checkout_small_document($document_id, $reason, $download); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealundo_document_checkout() { - $result = $this->ktapi->undo_document_checkout($document_id, $reason); + $result = $this->ktapi->undo_document_checkout($document_id, $reason, 'admin', 'admin'); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealdownload_document() { $result = $this->ktapi->download_document($document_id, $version); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealdownload_small_document() { $result = $this->ktapi->download_small_document($document_id, $version); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealdelete_document() { $result = $this->ktapi->delete_document($document_id, $reason); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealchange_document_type() { $result = $this->ktapi->change_document_type($document_id, $documenttype); $this->assertIsA($result, 'array'); @@ -306,86 +285,72 @@ class APIAutoTestCase extends KTUnitTestCase { $this->assertEqual($result['status_code'], 0); } - - function tesRealrename_document_title() { $result = $this->ktapi->rename_document_title($document_id, $newtitle); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - - function tesRealrename_document_filename() { $result = $this->ktapi->rename_document_filename($document_id, $newfilename); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealchange_document_owner() { $result = $this->ktapi->change_document_owner($document_id, $username, $reason); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealstart_document_workflow() { $result = $this->ktapi->start_document_workflow($document_id, $workflow); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealdelete_document_workflow() { - $result = $this->ktapi->delete_document_workflow($document_id); + $result = $this->ktapi->delete_document_workflow($document_id, 'Testing API', 'admin', 'admin', true); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealperform_document_workflow_transition() { $result = $this->ktapi->perform_document_workflow_transition($document_id, $transition, $reason); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealget_document_metadata() { $result = $this->ktapi->get_document_metadata($document_id); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealupdate_document_metadata() { $result = $this->ktapi->update_document_metadata($document_id, $metadata, $sysdata); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealget_document_workflow_state() { $result = $this->ktapi->get_document_workflow_state($document_id); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealget_document_transaction_history() { $result = $this->ktapi->get_document_transaction_history($document_id); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealget_document_version_history() { $result = $this->ktapi->get_document_version_history($document_id); $this->assertIsA($result, 'array'); $this->assertEqual($result['status_code'], 0); } - function tesRealget_document_links() { $result = $this->ktapi->get_document_links($document_id); $this->assertIsA($result, 'array');