Skip to content
Snippets Groups Projects
Commit a23a4fc8 authored by Tim van Dijen's avatar Tim van Dijen
Browse files

Move logic away from templates

parent 25ab0a28
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
modules/consent/templates/consentform.php
+ 15
186
View file @ a23a4fc8
......@@ -3,119 +3,49 @@
* Template form for giving consent.
*
* Parameters:
* - 'srcMetadata': Metadata/configuration for the source.
* - 'dstMetadata': Metadata/configuration for the destination.
* - 'yesTarget': Target URL for the yes-button. This URL will receive a POST request.
* - 'yesData': Parameters which should be included in the yes-request.
* - 'noTarget': Target URL for the no-button. This URL will receive a GET request.
* - 'noData': Parameters which should be included in the no-request.
* - 'attributes': The attributes which are about to be released.
* - 'sppp': URL to the privacy policy of the destination, or FALSE.
*
* @package SimpleSAMLphp
*/
assert(is_array($this->data['srcMetadata']));
assert(is_array($this->data['dstMetadata']));
assert(is_string($this->data['yesTarget']));
assert(is_array($this->data['yesData']));
assert(is_string($this->data['noTarget']));
assert(is_array($this->data['noData']));
assert(is_array($this->data['attributes']));
assert(is_array($this->data['hiddenAttributes']));
assert($this->data['sppp'] === false || is_string($this->data['sppp']));
// Parse parameters
if (array_key_exists('name', $this->data['srcMetadata'])) {
$srcName = $this->data['srcMetadata']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $this->data['srcMetadata'])) {
$srcName = $this->data['srcMetadata']['OrganizationDisplayName'];
} else {
$srcName = $this->data['srcMetadata']['entityid'];
}
if (is_array($srcName)) {
$srcName = $this->t($srcName);
}
if (array_key_exists('name', $this->data['dstMetadata'])) {
$dstName = $this->data['dstMetadata']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) {
$dstName = $this->data['dstMetadata']['OrganizationDisplayName'];
} else {
$dstName = $this->data['dstMetadata']['entityid'];
}
if (is_array($dstName)) {
$dstName = $this->t($dstName);
}
$srcName = htmlspecialchars($srcName);
$dstName = htmlspecialchars($dstName);
$attributes = $this->data['attributes'];
$dstName = $this->data['dstName'];
$this->data['header'] = $this->t('{consent:consent:consent_header}');
$this->data['head'] = '<link rel="stylesheet" type="text/css" href="/' .
$this->data['baseurlpath'] . 'module.php/consent/style.css" />' . "\n";
$this->data['head'] = '<link rel="stylesheet" type="text/css" href="' .
SimpleSAML\Module::getModuleURL("consent/style.css") . '" />' . "\n";
$this->includeAtTemplateBase('includes/header.php');
?>
<p>
<?php
echo $this->t(
'{consent:consent:consent_accept}',
array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName)
);
<p><?php echo $this->data['consent_accept']; ?></p>
if (array_key_exists('descr_purpose', $this->data['dstMetadata'])) {
echo '</p><p>' . $this->t(
'{consent:consent:consent_purpose}',
array(
'SPNAME' => $dstName,
'SPDESC' => $this->getTranslator()->getPreferredTranslation(
SimpleSAML\Utils\Arrays::arrayize(
$this->data['dstMetadata']['descr_purpose'],
'en'
)
),
)
);
<?php
if (isSet($this->data['consent_purpose'])) {
echo '<p>' . $this->data['consent_purpose'] . '</p>';
}
?>
</p>
<form style="display: inline; margin: 0px; padding: 0px"
action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>">
<p style="margin: 1em">
<form id="consent_yes" action="<?php echo htmlspecialchars($this->data['yesTarget']); ?>">
<?php
if ($this->data['usestorage']) {
$checked = ($this->data['checked'] ? 'checked="checked"' : '');
echo '<input type="checkbox" name="saveconsent" ' . $checked .
' value="1" /> ' . $this->t('{consent:consent:remember}');
}
// Embed hidden fields...
foreach ($this->data['yesData'] as $name => $value) {
echo '<input type="hidden" name="' . htmlspecialchars($name) .
'" value="' . htmlspecialchars($value) . '" />';
}
} // Embed hidden fields...
?>
</p>
<input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" />
<button type="submit" name="yes" class="btn" id="yesbutton">
<?php echo htmlspecialchars($this->t('{consent:consent:yes}')) ?>
</button>
</form>
<form style="display: inline; margin-left: .5em;" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>"
method="get">
<?php
foreach ($this->data['noData'] as $name => $value) {
echo('<input type="hidden" name="' . htmlspecialchars($name) .
'" value="' . htmlspecialchars($value) . '" />');
}
?>
<form id="consent_no" action="<?php echo htmlspecialchars($this->data['noTarget']); ?>">
<input type="hidden" name="StateId" value="<?php echo htmlspecialchars($this->data['stateId']); ?>" />
<button type="submit" class="btn" name="no" id="nobutton">
<?php echo htmlspecialchars($this->t('{consent:consent:no}')) ?>
</button>
......@@ -123,113 +53,12 @@ foreach ($this->data['noData'] as $name => $value) {
<?php
if ($this->data['sppp'] !== false) {
echo "<p>" . htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}')) . " ";
echo "<p>" . htmlspecialchars($this->t('{consent:consent:consent_privacypolicy}'));
echo "<a target='_blank' href='" . htmlspecialchars($this->data['sppp']) . "'>" . $dstName . "</a>";
echo "</p>";
}
/**
* Recursive attribute array listing function
*
* @param SimpleSAML_XHTML_Template $t Template object
* @param array $attributes Attributes to be presented
* @param string $nameParent Name of parent element
*
* @return string HTML representation of the attributes
*/
function present_attributes($t, $attributes, $nameParent)
{
$translator = $t->getTranslator();
$alternate = array('odd', 'even');
$i = 0;
$summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"';
if (strlen($nameParent) > 0) {
$parentStr = strtolower($nameParent) . '_';
$str = '<table class="attributes" ' . $summary . '>';
} else {
$parentStr = '';
$str = '<table id="table_with_attributes" class="attributes" '. $summary .'>';
$str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') .
'</caption>';
}
foreach ($attributes as $name => $value) {
$nameraw = $name;
$name = $translator->getAttributeTranslation($parentStr . $nameraw);
if (preg_match('/^child_/', $nameraw)) {
// insert child table
$parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) {
$str .= "\n" . '<tr class="odd"><td style="padding: 2em">' .
present_attributes($t, $child, $parentName) . '</td></tr>';
}
} else {
// insert values directly
$str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] .
'"><td><span class="attrname">' . htmlspecialchars($name) . '</span>';
$isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
if ($isHidden) {
$hiddenId = SimpleSAML\Utils\Random::generateID();
$str .= '<div class="attrvalue" style="display: none;" id="hidden_' . $hiddenId . '">';
} else {
$str .= '<div class="attrvalue">';
}
if (sizeof($value) > 1) {
// we hawe several values
$str .= '<ul>';
foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' .
htmlspecialchars($listitem) .
'" alt="User photo" /></li>';
} else {
$str .= '<li>' . htmlspecialchars($listitem) . '</li>';
}
}
$str .= '</ul>';
} elseif (isset($value[0])) {
// we hawe only one value
if ($nameraw === 'jpegPhoto') {
$str .= '<img src="data:image/jpeg;base64,' .
htmlspecialchars($value[0]) .
'" alt="User photo" />';
} else {
$str .= htmlspecialchars($value[0]);
}
} // end of if multivalue
$str .= '</div>';
if ($isHidden) {
$str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">';
$str .= '... ';
$str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId;
$str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">';
$str .= $t->t('{consent:consent:show_attribute}');
$str .= '</a>';
$str .= '</div>';
}
$str .= '</td></tr>';
} // end else: not child table
} // end foreach
$str .= isset($attributes)? '</table>':'';
return $str;
}
echo '<h3 id="attributeheader">' .
$this->t(
'{consent:consent:consent_attributes_header}',
array( 'SPNAME' => $dstName, 'IDPNAME' => $srcName)
) .
'</h3>';
echo present_attributes($this, $attributes, '');
echo '<h3 id="attributeheader">' . $this->data['consent_attributes_header'] . '</h3>';
echo $this->data['attributes_html'];
$this->includeAtTemplateBase('includes/footer.php');
modules/consent/templates/noconsent.php
+ 2
14
View file @ a23a4fc8
<?php
if (array_key_exists('name', $this->data['dstMetadata'])) {
$dstName = $this->data['dstMetadata']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $this->data['dstMetadata'])) {
$dstName = $this->data['dstMetadata']['OrganizationDisplayName'];
} else {
$dstName = $this->data['dstMetadata']['entityid'];
}
if (is_array($dstName)) {
$dstName = $this->t($dstName);
}
$dstName = htmlspecialchars($dstName);
$this->data['header'] = $this->t('{consent:consent:noconsent_title}');;
$this->includeAtTemplateBase('includes/header.php');
echo '<h2>' . $this->data['header'] . '</h2>';
echo '<p>' . $this->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName)) . '</p>';
echo '<p>' . $this->data['noconsent_text'] . '</p>';
if ($this->data['resumeFrom']) {
echo('<p><a href="' . htmlspecialchars($this->data['resumeFrom']) . '">');
......@@ -31,6 +19,6 @@ if ($this->data['aboutService']) {
echo('</a></p>');
}
echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->t('{consent:consent:abort}', array('SPNAME' => $dstName)) . '</a></p>');
echo('<p><a href="' . htmlspecialchars($this->data['logoutLink']) . '">' . $this->data['noconsent_abort'] . '</a></p>');
$this->includeAtTemplateBase('includes/footer.php');
modules/consent/www/getconsent.php
+ 149
12
View file @ a23a4fc8
......@@ -29,8 +29,7 @@ if (!array_key_exists('StateId', $_REQUEST)) {
);
}
$id = $_REQUEST['StateId'];
$state = SimpleSAML_Auth_State::loadState($id, 'consent:request');
$state = SimpleSAML_Auth_State::loadState($_REQUEST['StateId'], 'consent:request');
if (array_key_exists('core:SP', $state)) {
$spentityid = $state['core:SP'];
......@@ -98,17 +97,61 @@ $para = array(
// Reorder attributes according to attributepresentation hooks
SimpleSAML\Module::callHooks('attributepresentation', $para);
// Parse parameters
if (array_key_exists('name', $state['Source'])) {
$srcName = $state['Source']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $state['Source'])) {
$srcName = $state['Source']['OrganizationDisplayName'];
} else {
$srcName = $state['Source']['entityid'];
}
if (array_key_exists('name', $state['Destination'])) {
$dstName = $state['Destination']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
$dstName = $state['Destination']['OrganizationDisplayName'];
} else {
$dstName = $state['Destination']['entityid'];
}
// Make, populate and layout consent form
$t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:consentform.php');
$t->data['srcMetadata'] = $state['Source'];
$t->data['dstMetadata'] = $state['Destination'];
$t->data['yesTarget'] = SimpleSAML\Module::getModuleURL('consent/getconsent.php');
$t->data['yesData'] = array('StateId' => $id);
$t->data['noTarget'] = SimpleSAML\Module::getModuleURL('consent/noconsent.php');
$t->data['noData'] = array('StateId' => $id);
$t->data['attributes'] = $attributes;
$t->data['stateId'] = $_REQUEST['StateId'];
$t->data['checked'] = $state['consent:checked'];
$srcName = htmlspecialchars(is_array($srcName) ? $t->t($srcName) : $srcName);
$dstName = htmlspecialchars(is_array($dstName) ? $t->t($dstName) : $dstName);
$t->data['consent_attributes_header'] = $t->t(
'{consent:consent:consent_attributes_header}',
array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
);
$t->data['consent_accept'] = $t->t(
'{consent:consent:consent_accept}',
array('SPNAME' => $dstName, 'IDPNAME' => $srcName)
);
if (array_key_exists('descr_purpose', $state['Destination'])) {
$t->data['consent_purpose'] = $t->t(
'{consent:consent:consent_purpose}',
array(
'SPNAME' => $dstName,
'SPDESC' => $t->getTranslator()->getPreferredTranslation(
SimpleSAML\Utils\Arrays::arrayize(
$state['Destination']['descr_purpose'],
'en'
)
),
)
);
}
$t->data['srcName'] = $srcName;
$t->data['dstName'] = $dstName;
// Fetch privacypolicy
if (array_key_exists('privacypolicy', $state['Destination'])) {
$privacypolicy = $state['Destination']['privacypolicy'];
......@@ -139,11 +182,7 @@ switch ($state['consent:focus']) {
break;
}
if (array_key_exists('consent:store', $state)) {
$t->data['usestorage'] = true;
} else {
$t->data['usestorage'] = false;
}
$t->data['usestorage'] = array_key_exists('consent:store', $state);
if (array_key_exists('consent:hiddenAttributes', $state)) {
$t->data['hiddenAttributes'] = $state['consent:hiddenAttributes'];
......@@ -151,4 +190,102 @@ if (array_key_exists('consent:hiddenAttributes', $state)) {
$t->data['hiddenAttributes'] = array();
}
$t->data['attributes_html'] = present_attributes($t, $attributes, '');
$t->show();
/**
* Recursive attribute array listing function
*
* @param SimpleSAML_XHTML_Template $t Template object
* @param array $attributes Attributes to be presented
* @param string $nameParent Name of parent element
*
* @return string HTML representation of the attributes
*/
function present_attributes($t, $attributes, $nameParent)
{
$translator = $t->getTranslator();
$alternate = array('odd', 'even');
$i = 0;
$summary = 'summary="' . $t->t('{consent:consent:table_summary}') . '"';
if (strlen($nameParent) > 0) {
$parentStr = strtolower($nameParent) . '_';
$str = '<table class="attributes" ' . $summary . '>';
} else {
$parentStr = '';
$str = '<table id="table_with_attributes" class="attributes" '. $summary .'>';
$str .= "\n" . '<caption>' . $t->t('{consent:consent:table_caption}') .
'</caption>';
}
foreach ($attributes as $name => $value) {
$nameraw = $name;
$name = $translator->getAttributeTranslation($parentStr . $nameraw);
if (preg_match('/^child_/', $nameraw)) {
// insert child table
$parentName = preg_replace('/^child_/', '', $nameraw);
foreach ($value as $child) {
$str .= "\n" . '<tr class="odd"><td class="td_odd">' .
present_attributes($t, $child, $parentName) . '</td></tr>';
}
} else {
// insert values directly
$str .= "\n" . '<tr class="' . $alternate[($i++ % 2)] .
'"><td><span class="attrname">' . htmlspecialchars($name) . '</span>';
$isHidden = in_array($nameraw, $t->data['hiddenAttributes'], true);
if ($isHidden) {
$hiddenId = SimpleSAML\Utils\Random::generateID();
$str .= '<div class="attrvalue hidden" id="hidden_' . $hiddenId . '">';
} else {
$str .= '<div class="attrvalue">';
}
if (sizeof($value) > 1) {
// we hawe several values
$str .= '<ul>';
foreach ($value as $listitem) {
if ($nameraw === 'jpegPhoto') {
$str .= '<li><img src="data:image/jpeg;base64,' .
htmlspecialchars($listitem) .
'" alt="User photo" /></li>';
} else {
$str .= '<li>' . htmlspecialchars($listitem) . '</li>';
}
}
$str .= '</ul>';
} elseif (isset($value[0])) {
// we hawe only one value
if ($nameraw === 'jpegPhoto') {
$str .= '<img src="data:image/jpeg;base64,' .
htmlspecialchars($value[0]) .
'" alt="User photo" />';
} else {
$str .= htmlspecialchars($value[0]);
}
} // end of if multivalue
$str .= '</div>';
if ($isHidden) {
$str .= '<div class="attrvalue consent_showattribute" id="visible_' . $hiddenId . '">';
$str .= '... ';
$str .= '<a class="consent_showattributelink" href="javascript:SimpleSAML_show(\'hidden_' . $hiddenId;
$str .= '\'); SimpleSAML_hide(\'visible_' . $hiddenId . '\');">';
$str .= $t->t('{consent:consent:show_attribute}');
$str .= '</a>';
$str .= '</div>';
}
$str .= '</td></tr>';
} // end else: not child table
} // end foreach
$str .= isset($attributes) ? '</table>' : '';
return $str;
}
modules/consent/www/noconsent.php
+ 14
2
View file @ a23a4fc8
......@@ -23,7 +23,6 @@ $logoutLink = SimpleSAML\Module::getModuleURL(
array('StateId' => $id)
);
$aboutService = null;
if (!isset($state['consent:showNoConsentAboutService']) || $state['consent:showNoConsentAboutService']) {
if (isset($state['Destination']['url.about'])) {
......@@ -37,11 +36,24 @@ if (isset($state['Destination']['entityid'])) {
}
SimpleSAML_Stats::log('consent:reject', $statsInfo);
if (array_key_exists('name', $state['Destination'])) {
$dstName = $state['Destination']['name'];
} elseif (array_key_exists('OrganizationDisplayName', $state['Destination'])) {
$dstName = $state['Destination']['OrganizationDisplayName'];
} else {
$dstName = $state['Destination']['entityid'];
}
$globalConfig = SimpleSAML_Configuration::getInstance();
$t = new SimpleSAML_XHTML_Template($globalConfig, 'consent:noconsent.php');
$t->data['dstMetadata'] = $state['Destination'];
$t->data['resumeFrom'] = $resumeFrom;
$t->data['aboutService'] = $aboutService;
$t->data['logoutLink'] = $logoutLink;
$dstName = htmlspecialchars(is_array($dstName) ? $t->t($dstName) : $dstName);
$t->data['noconsent_text'] = $t->t('{consent:consent:noconsent_text}', array('SPNAME' => $dstName));
$t->data['noconsent_abort'] = $t->t('{consent:consent:abort}', array('SPNAME' => $dstName));
$t->show();
modules/consent/www/style.css
+ 19
0
View file @ a23a4fc8
......@@ -33,3 +33,22 @@ table#table_with_attributes ul {
margin: 0px;
padding-left: 1em;
}
form#consent_yes {
display: inline;
margin: 0px;
padding: 0px;
}
form#consent_no {
display: inline;
margin-left: .5em;
}
.hidden {
display: none;
}
td.td_odd {
padding: 2em;
}
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment