archives/FHeD
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases 40 Activity

Compare commits

base: archives:v0.1.4
Branches Tags
archives:main archives:bug-117 archives:116
archives:v0.4.24 archives:v0.4.23 archives:v0.4.22 archives:v0.4.21 archives:v0.4.20 archives:v0.4.19 archives:v0.4.18 archives:v0.4.17 archives:v0.4.16 archives:v0.4.15 archives:v0.4.14 archives:v0.4.13 archives:v0.4.12 archives:v0.4.11 archives:v0.4.10 archives:v0.4.9 archives:v0.4.8 archives:v0.4.7 archives:v0.4.6 archives:v0.4.5 archives:v0.4.4 archives:v0.4.3 archives:v0.4.2 archives:v0.4.1 archives:v0.4.0 archives:v0.3.1 archives:v0.3.0 archives:v0.2.2 archives:v0.2.1 archives:v0.2.0 archives:v0.1.9 archives:v0.1.8 archives:v0.1.7 archives:v0.1.6 archives:v0.1.5 archives:v0.1.4 archives:v0.1.3 archives:v0.1.2 archives:v0.1.1 archives:v0.1.0
..
compare: archives:bug-117
Branches Tags
archives:main archives:bug-117 archives:116
archives:v0.4.24 archives:v0.4.23 archives:v0.4.22 archives:v0.4.21 archives:v0.4.20 archives:v0.4.19 archives:v0.4.18 archives:v0.4.17 archives:v0.4.16 archives:v0.4.15 archives:v0.4.14 archives:v0.4.13 archives:v0.4.12 archives:v0.4.11 archives:v0.4.10 archives:v0.4.9 archives:v0.4.8 archives:v0.4.7 archives:v0.4.6 archives:v0.4.5 archives:v0.4.4 archives:v0.4.3 archives:v0.4.2 archives:v0.4.1 archives:v0.4.0 archives:v0.3.1 archives:v0.3.0 archives:v0.2.2 archives:v0.2.1 archives:v0.2.0 archives:v0.1.9 archives:v0.1.8 archives:v0.1.7 archives:v0.1.6 archives:v0.1.5 archives:v0.1.4 archives:v0.1.3 archives:v0.1.2 archives:v0.1.1 archives:v0.1.0

9 Commits
v0.1.4 ... bug-117

Author SHA1 Message Date
restyled-io[bot]
e9f1b8477a Restyle Updates (#135) 
* Restyled by jq

* Restyled by php-cs-fixer

* Restyled by whitespace

Co-authored-by: Restyled.io <commits@restyled.io>
 2020-09-05 16:43:48 +01:00
Luke Tainton
9809b028d4 🐛 Move opening and closing 'main' tags (#132) 
* 🐛 Move opening and closing 'main' tags

Signed-off-by: Luke Tainton <luke@tainton.uk>

* Restyled by php-cs-fixer (#133)

Co-authored-by: Restyled.io <commits@restyled.io>

Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com>
Co-authored-by: Restyled.io <commits@restyled.io>
 2020-08-31 19:16:33 +01:00
Luke Tainton
da5d7ffa53 🚧 Migrate from Sentry to GlitchTip (#129) 
Signed-off-by: Luke Tainton <luke@tainton.uk>
 2020-08-18 20:14:08 +01:00
Luke Tainton
02c397bca2 Add Sentry (#127) 
Signed-off-by: Luke Tainton <luke@tainton.uk>
 2020-08-18 18:32:29 +01:00
Luke Tainton
a4ae987f94 Move break rule in footer (#124) 
* Update footer.php

* Change line break to pipe

* Remove full stop

Co-authored-by: Alexander Davis <alex@adcm.uk>
 2020-08-18 17:58:07 +01:00
Alexander Davis
26c4f801d3 Broken login (#122) 
* Fixing Login Die

* Fix Broken Login 2

* Update footer

* Try Somethin New Today
 2020-08-17 17:04:34 +01:00
Alexander Davis
49581da52c Broken login (#121) 
* Fixing Login Die

* Fix Broken Login 2
 2020-08-17 16:48:13 +01:00
Alexander Davis
57faf21a67 Fixing Login Die 2020-08-17 16:37:41 +01:00
Luke Tainton
5ff90e0d78 🐛 User not added to DB - force die() on error (#118) 
* 🐛 User not added to DB - force die() on error

Signed-off-by: Luke Tainton <luke@tainton.uk>

* Restyled by php-cs-fixer (#119)

Co-authored-by: Restyled.io <commits@restyled.io>

Co-authored-by: restyled-io[bot] <32688539+restyled-io[bot]@users.noreply.github.com>
Co-authored-by: Restyled.io <commits@restyled.io>
 2020-08-17 16:17:06 +01:00
9 changed files with 1919 additions and 102 deletions
Expand all files Collapse all files

2
app/.env.sample
View File

@@ -13,3 +13,5 @@ OIDC_HOST = ""
OIDC_CLIENT_ID = "" OIDC_CLIENT_ID = ""
OIDC_CLIENT_SECRET = "" OIDC_CLIENT_SECRET = ""
OIDC_DISABLE_SSL = "" OIDC_DISABLE_SSL = ""
SENTRY_ENVIRONMENT = ""

11
app/composer.json
View File

@@ -1,7 +1,8 @@
{ {
"require": { "require": {
"ramsey/uuid": "^4.0", "ramsey/uuid": "^4.0",
"vlucas/phpdotenv": "^5.0", "vlucas/phpdotenv": "^5.0",
"jumbojett/openid-connect-php": "^0.9.0" "jumbojett/openid-connect-php": "^0.9.0",
} "sentry/sdk": "^2.1"
}
} }

1785
app/composer.lock generated
View File

File diff suppressed because it is too large Load Diff

44
app/includes/app_functions.php
View File

@@ -6,6 +6,44 @@
return $version; return $version;
} }
function oidc_set_vars($sub, $uid, $fname, $lname, $email)
{
$_SESSION['uuid'] = $sub;
$_SESSION['username'] = $uid;
$_SESSION['given_name'] = $fname;
$_SESSION['family_name'] = $lname;
$_SESSION['full_name'] = $fname . " " . $lname;
$_SESSION['email'] = $email;
}
function is_signed_in()
{
if (isset($_SESSION['is_signed_in'])) {
return true;
} else {
return false;
}
}
function user_exists($db, $uuid)
{
try {
$sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid");
$sql->bindParam(':uuid', $uuid);
$sql->execute();
$sql->setFetchMode(PDO::FETCH_ASSOC);
$result = $sql->fetchAll();
} catch (PDOException $e) {
throw new Exception("Error in user_exists(): " . $e->getMessage());
die();
}
if (empty($result)) {
return false;
} else {
return true;
}
}
function get_all_users($db) function get_all_users($db)
{ {
try { try {
@@ -15,7 +53,8 @@
$sql->setFetchMode(PDO::FETCH_ASSOC); $sql->setFetchMode(PDO::FETCH_ASSOC);
$result = $sql->fetchAll(); $result = $sql->fetchAll();
} catch (PDOException $e) { } catch (PDOException $e) {
echo("Error: " . $e->getMessage()); throw new Exception("Error in get_all_users(): " . $e->getMessage());
die();
} }
return $result; return $result;
} }
@@ -31,7 +70,8 @@
$result = $sql->fetchAll(); $result = $sql->fetchAll();
$usr = $result[0]['given_name'] . " " . $result[0]['family_name']; $usr = $result[0]['given_name'] . " " . $result[0]['family_name'];
} catch (PDOException $e) { } catch (PDOException $e) {
echo("Error: " . $e->getMessage()); throw new Exception("Error in get_user_name(): " . $e->getMessage());
die();
} }
return $usr; return $usr;
} }

3
app/includes/footer.php
View File

@@ -1,9 +1,10 @@
</main>
<footer class="footer mt-auto py-3"> <footer class="footer mt-auto py-3">
<div class="text-center text-muted"> <div class="text-center text-muted">
<?php <?php
echo($_ENV['APP_NAME'] . " " . get_version()); echo($_ENV['APP_NAME'] . " " . get_version());
if ($_ENV['APP_NAME'] != "FHeD") { if ($_ENV['APP_NAME'] != "FHeD") {
echo(", powered by FHeD"); echo("| Powered by FHeD");
}; };
?><br> ?><br>
<?php if (is_signed_in()) { <?php if (is_signed_in()) {

12
app/includes/header.php
View File

@@ -10,7 +10,7 @@
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no"> <meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="theme-color" content="#563d7c"> <meta name="theme-color" content="#563d7c">
<link rel="icon" type="image/png" href="/favicon.png"> <link rel="icon" type="image/png" href="/favicon.png">
<title><?php echo( $PAGE_TITLE ); ?></title> <title><?php echo($PAGE_TITLE); ?></title>
<!-- Bootstrap core CSS --> <!-- Bootstrap core CSS -->
<link rel="stylesheet" href="/css/bootstrap.min.css"> <link rel="stylesheet" href="/css/bootstrap.min.css">
@@ -19,6 +19,8 @@
</head> </head>
<body class="d-flex flex-column h-100"> <body class="d-flex flex-column h-100">
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<header> <header>
<!-- Fixed navbar --> <!-- Fixed navbar -->
<nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark"> <nav class="navbar navbar-expand-md navbar-dark fixed-top bg-dark">
@@ -32,10 +34,14 @@
<a class="nav-link" href="/">Home</a> <a class="nav-link" href="/">Home</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/new">New request</a> <a class="nav-link <?php if (!is_signed_in()) {
echo(' disabled');
} ?>" href="/new">New request</a>
</li> </li>
<li class="nav-item"> <li class="nav-item">
<a class="nav-link <?php if (!is_signed_in()) {echo(' disabled');} ?>" href="/existing">Existing requests</a> <a class="nav-link <?php if (!is_signed_in()) {
echo(' disabled');
} ?>" href="/existing">Existing requests</a>
</li> </li>
</ul> </ul>
<div class="mt-2 mt-md-0"> <div class="mt-2 mt-md-0">

49
app/includes/prereqs.php
View File

@@ -7,17 +7,27 @@ require_once __DIR__ . "/../vendor/autoload.php";
$dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/.."); $dotenv = Dotenv\Dotenv::createImmutable(__DIR__ . "/..");
$dotenv->load(); $dotenv->load();
// Custom functions
require_once __DIR__ . "/app_functions.php";
// Sentry
Sentry\init([
'dsn' => 'https://7c4607ed5e804d08926cc0bbc0d3fbe9@app.glitchtip.com/59',
'release' => get_version(),
]);
// Database auto-generation // Database auto-generation
if (file_exists("/../includes/install.php")) { if (file_exists("/../includes/install.php")) {
return; return;
add_action('run_db_populate'); add_action('run_db_populate');
} }
function run_db_populate() { function run_db_populate()
{
// all my glorious one-time-magic. // all my glorious one-time-magic.
include( "/../includes/install.php" ); include("/../includes/install.php");
// after all execution rename your file; // after all execution rename your file;
rename( "/../includes/install.php", "/../includes/install-backup.php"); rename("/../includes/install.php", "/../includes/install-backup.php");
} }
// Session // Session
@@ -29,30 +39,9 @@ $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// OpenID Connect // OpenID Connect
use Jumbojett\OpenIDConnectClient; use Jumbojett\OpenIDConnectClient;
$oidc = new OpenIDConnectClient($_ENV['OIDC_HOST'], $_ENV['OIDC_CLIENT_ID'], $_ENV['OIDC_CLIENT_SECRET']); $oidc = new OpenIDConnectClient($_ENV['OIDC_HOST'], $_ENV['OIDC_CLIENT_ID'], $_ENV['OIDC_CLIENT_SECRET']);
if ($_ENV['OIDC_DISABLE_SSL'] == "true") { if ($_ENV['OIDC_DISABLE_SSL'] == "true") {
$oidc->setVerifyHost(false); $oidc->setVerifyHost(false);
$oidc->setVerifyPeer(false); $oidc->setVerifyPeer(false);
}
// Custom functions
require_once __DIR__ . "/app_functions.php";
function oidc_set_vars($sub, $uid, $fname, $lname, $email) {
$_SESSION['uuid'] = $sub;
$_SESSION['username'] = $uid;
$_SESSION['given_name'] = $fname;
$_SESSION['family_name'] = $lname;
$_SESSION['full_name'] = $fname . " " . $lname;
$_SESSION['email'] = $email;
}
function is_signed_in() {
if (isset($_SESSION['is_signed_in'])) {
return true;
} else {
return false;
}
} }

76
app/public/actions/login.php
View File

@@ -4,9 +4,9 @@
// Perform the OIDC authentication // Perform the OIDC authentication
try { try {
$oidc->authenticate(); $oidc->authenticate();
$_SESSION['access_token'] = $oidc->requestClientCredentialsToken()->access_token; $_SESSION['access_token'] = $oidc->requestClientCredentialsToken()->access_token;
$oidc_user = array( $oidc_user = array(
'sub' => $oidc->requestUserInfo('sub'), 'sub' => $oidc->requestUserInfo('sub'),
'username' => $oidc->requestUserInfo('preferred_username'), 'username' => $oidc->requestUserInfo('preferred_username'),
'given_name' => $oidc->requestUserInfo('given_name'), 'given_name' => $oidc->requestUserInfo('given_name'),
@@ -14,46 +14,41 @@
'email' => $oidc->requestUserInfo('email'), 'email' => $oidc->requestUserInfo('email'),
); );
} catch (Jumbojett\OpenIDConnectClientException $e) { } catch (Jumbojett\OpenIDConnectClientException $e) {
$alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage()); $alert = array("danger", "Error during OpenID Connect authentication: " . $e->getMessage());
} }
// Check if the user already exists if (user_exists($db, $oidc_user['sub']) == false) {
try { // User doesn't already exist
$user_exist_sql = $db->prepare("SELECT uuid FROM users WHERE uuid=:uuid"); try {
$user_exist_sql->bindParam(':uuid', $oidc_user['sub']); $stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)";
$user_exist_sql->execute(); $sql = $db->prepare($stmt);
} catch (PDOException $e) { $sql->bindParam(':sub', $oidc_user['sub']);
$alert = array("danger", "Error during check for user record: " . $e->getMessage()); $sql->bindParam(':username', $oidc_user['username']);
} $sql->bindParam(':given', $oidc_user['given_name']);
$sql->bindParam(':family', $oidc_user['family_name']);
if (empty($user_exist_sql)) { $sql->bindParam(':email', $oidc_user['email']);
// User doesn't already exist $sql->execute();
try { } catch (PDOException $e) {
$stmt = "INSERT INTO users (uuid, uid, given_name, family_name, email) VALUES (:sub, :username, :given, :family, :email)"; echo("Error during creation of new user record: " . $e->getMessage());
$sql = $db->prepare($stmt); die();
$sql->bindParam(':sub', $oidc_user['sub']); $alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
$sql->bindParam(':username', $oidc_user['username']); }
$sql->bindParam(':given', $oidc_user['given_name']);
$sql->bindParam(':family', $oidc_user['family_name']);
$sql->bindParam(':email', $oidc_user['email']);
$sql->execute();
} catch (Jumbojett\PDOException $e) {
$alert = array("danger", "Error during creation of new user record: " . $e->getMessage());
}
} else { } else {
// User already exists // User already exists
try { try {
$stmt = "UPDATE users SET uid=:username, given_name=:given, family_name=:family, email=:email WHERE uuid=:sub"; $stmt = "UPDATE users SET uid=:username, given_name=:given, family_name=:family, email=:email WHERE uuid=:sub";
$sql = $db->prepare($stmt); $sql = $db->prepare($stmt);
$sql->bindParam(':sub', $oidc_user['sub']); $sql->bindParam(':sub', $oidc_user['sub']);
$sql->bindParam(':username', $oidc_user['username']); $sql->bindParam(':username', $oidc_user['username']);
$sql->bindParam(':given', $oidc_user['given_name']); $sql->bindParam(':given', $oidc_user['given_name']);
$sql->bindParam(':family', $oidc_user['family_name']); $sql->bindParam(':family', $oidc_user['family_name']);
$sql->bindParam(':email', $oidc_user['email']); $sql->bindParam(':email', $oidc_user['email']);
$sql->execute(); $sql->execute();
} catch (Jumbojett\PDOException $e) { } catch (PDOException $e) {
$alert = array("danger", "Error during existing user record update: " . $e->getMessage()); echo("Error during existing user record update: " . $e->getMessage());
} die();
$alert = array("danger", "Error during existing user record update: " . $e->getMessage());
}
} }
oidc_set_vars($oidc_user['sub'], $oidc_user['username'], $oidc_user['given_name'], $oidc_user['family_name'], $oidc_user['email']); oidc_set_vars($oidc_user['sub'], $oidc_user['username'], $oidc_user['given_name'], $oidc_user['family_name'], $oidc_user['email']);
@@ -62,4 +57,3 @@
$_SESSION['is_signed_in'] = "true"; $_SESSION['is_signed_in'] = "true";
header('Location: /'); header('Location: /');
?>

39
app/public/index.php
View File

@@ -3,21 +3,17 @@
require_once __DIR__ . "/../includes/header.php"; require_once __DIR__ . "/../includes/header.php";
if (is_signed_in()) { if (is_signed_in()) {
$requests = get_my_open_requests($db); $requests = get_my_open_requests($db);
$subscriptions = get_open_subscribed_requests($db); $subscriptions = get_open_subscribed_requests($db);
} }
?> ?>
<!-- Begin page content -->
<main role="main" class="flex-shrink-0">
<section> <section>
<?php <?php
if(isset($alert)) { if (isset($alert)) {
echo(" echo("
<div class='container'> <div class='container'>
<div class='alert alert-" . $alert[0] . " alert-dismissible fade show' role='alert'> <div class='alert alert-" . $alert[0] . " alert-dismissible fade show' role='alert'>
" . $alert[1] . " " . $alert[1] . "
@@ -27,7 +23,7 @@
</div> </div>
</div> </div>
"); ");
unset($alert); unset($alert);
} }
?> ?>
</section> </section>
@@ -37,7 +33,11 @@
<h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1> <h1>Welcome to <?php echo($_ENV['APP_NAME']); ?></h1>
<p class="lead text-muted"> <p class="lead text-muted">
<?php <?php
if ($_ENV['APP_NAME'] == "FHeD") {echo("The Free HelpDesk");} else {echo($_ENV['APP_NAME']);}; if ($_ENV['APP_NAME'] == "FHeD") {
echo("The Free HelpDesk");
} else {
echo($_ENV['APP_NAME']);
};
?> ?>
is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request. is the one-stop shop for all of your IT-related needs. Let us know how we can help you by opening a request.
</p> </p>
@@ -63,10 +63,10 @@
<ul class="list-group list-group-flush"> <ul class="list-group list-group-flush">
<?php <?php
if (count($requests) == 0) { if (count($requests) == 0) {
echo("<center><b>No open tickets</b></center>"); echo("<center><b>No open tickets</b></center>");
} else { } else {
foreach($requests as $tkt) { foreach ($requests as $tkt) {
?> ?>
<li class="list-group-item"> <li class="list-group-item">
<div class="container"> <div class="container">
<div class="row"> <div class="row">
@@ -80,7 +80,9 @@
</div> </div>
</div> </div>
</li> </li>
<?php } } ?> <?php
}
} ?>
</ul> </ul>
</div> </div>
</div> </div>
@@ -93,9 +95,9 @@
<ul class="list-group list-group-flush"> <ul class="list-group list-group-flush">
<?php <?php
if (count($subscriptions) == 0) { if (count($subscriptions) == 0) {
echo("<center><b>No subscribed tickets</b></center>"); echo("<center><b>No subscribed tickets</b></center>");
} else { } else {
foreach($subscriptions as $sub) { ?> foreach ($subscriptions as $sub) { ?>
<li class="list-group-item"> <li class="list-group-item">
<div class="container"> <div class="container">
<div class="row"> <div class="row">
@@ -109,7 +111,8 @@
</div> </div>
</div> </div>
</li> </li>
<?php } } ?> <?php }
} ?>
</ul> </ul>
</div> </div>
</section> </section>
@@ -118,8 +121,6 @@
</div> </div>
<?php } ?> <?php } ?>
</main>
<?php <?php
require_once __DIR__ . "/../includes/footer.php"; require_once __DIR__ . "/../includes/footer.php";
?> ?>