Back to index

d-push  2.0
Public Member Functions | Static Public Member Functions | Static Protected Attributes
Provisioning Class Reference
Inheritance diagram for Provisioning:
Inheritance graph
[legend]
Collaboration diagram for Provisioning:
Collaboration graph
[legend]

List of all members.

Public Member Functions

 Handle ($commandCode)
 Handles the Provisioning command.

Static Public Member Functions

static Authenticate ()
 Authenticates the remote user The sent HTTP authentication information is used to on Backend->Logon().
static isUserAuthenticated ()
 Indicates if the user was "authenticated".
static Initialize ()
 Initialize the RequestProcessor.
static HandleRequest ()
 Loads the command handler and processes a command sent from the mobile.

Static Protected Attributes

static $backend
static $deviceManager
static $topCollector
static $decoder
static $encoder
static $userIsAuthenticated

Detailed Description

Definition at line 44 of file provisioning.php.


Member Function Documentation

static RequestProcessor::Authenticate ( ) [static, inherited]

Authenticates the remote user The sent HTTP authentication information is used to on Backend->Logon().

As second step the GET-User verified by Backend->Setup() for permission check Request::GetGETUser() is usually the same as the Request::GetAuthUser(). If the GETUser is different from the AuthUser, the AuthUser MUST HAVE admin permissions on GETUsers data store. Only then the Setup() will be sucessfull. This allows the user 'john' to do operations as user 'joe' if he has sufficient privileges.

public

Returns:
Exceptions:
AuthenticationRequiredException

Definition at line 72 of file requestprocessor.php.

                                          {
        self::$userIsAuthenticated = false;

        $backend = ZPush::GetBackend();
        if($backend->Logon(Request::GetAuthUser(), Request::GetAuthDomain(), Request::GetAuthPassword()) == false)
            throw new AuthenticationRequiredException("Access denied. Username or password incorrect");

        // mark this request as "authenticated"
        self::$userIsAuthenticated = true;

        // check Auth-User's permissions on GETUser's store
        if($backend->Setup(Request::GetGETUser(), true) == false)
            throw new AuthenticationRequiredException(sprintf("Not enough privileges of '%s' to setup for user '%s': Permission denied", Request::GetAuthUser(), Request::GetGETUser()));
    }

Here is the call graph for this function:

Here is the caller graph for this function:

Provisioning::Handle ( commandCode)

Handles the Provisioning command.

Parameters:
int$commandCodepublic
Returns:
boolean

Reimplemented from RequestProcessor.

Definition at line 54 of file provisioning.php.

                                         {
        $status = SYNC_PROVISION_STATUS_SUCCESS;
        $policystatus = SYNC_PROVISION_POLICYSTATUS_SUCCESS;

        $rwstatus = self::$deviceManager->GetProvisioningWipeStatus();
        $rwstatusWiped = false;

        // if this is a regular provisioning require that an authenticated remote user
        if ($rwstatus < SYNC_PROVISION_RWSTATUS_PENDING) {
            ZLog::Write(LOGLEVEL_DEBUG, "RequestProcessor::HandleProvision(): Forcing delayed Authentication");
            self::Authenticate();
        }

        $phase2 = true;

        if(!self::$decoder->getElementStartTag(SYNC_PROVISION_PROVISION))
            return false;

        //handle android remote wipe.
        if (self::$decoder->getElementStartTag(SYNC_PROVISION_REMOTEWIPE)) {
            if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS))
                return false;

            $instatus = self::$decoder->getElementContent();

            if(!self::$decoder->getElementEndTag())
                return false;

            if(!self::$decoder->getElementEndTag())
                return false;

            $phase2 = false;
            $rwstatusWiped = true;
        }
        else {

            if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICIES))
                return false;

            if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICY))
                return false;

            if(!self::$decoder->getElementStartTag(SYNC_PROVISION_POLICYTYPE))
                return false;

            $policytype = self::$decoder->getElementContent();
            if ($policytype != 'MS-WAP-Provisioning-XML' && $policytype != 'MS-EAS-Provisioning-WBXML') {
                $status = SYNC_PROVISION_STATUS_SERVERERROR;
            }
            if(!self::$decoder->getElementEndTag()) //policytype
                return false;

            if (self::$decoder->getElementStartTag(SYNC_PROVISION_POLICYKEY)) {
                $devpolicykey = self::$decoder->getElementContent();

                if(!self::$decoder->getElementEndTag())
                    return false;

                if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS))
                    return false;

                $instatus = self::$decoder->getElementContent();

                if(!self::$decoder->getElementEndTag())
                    return false;

                $phase2 = false;
            }

            if(!self::$decoder->getElementEndTag()) //policy
                return false;

            if(!self::$decoder->getElementEndTag()) //policies
                return false;

            if (self::$decoder->getElementStartTag(SYNC_PROVISION_REMOTEWIPE)) {
                if(!self::$decoder->getElementStartTag(SYNC_PROVISION_STATUS))
                    return false;

                $status = self::$decoder->getElementContent();

                if(!self::$decoder->getElementEndTag())
                    return false;

                if(!self::$decoder->getElementEndTag())
                    return false;

                $rwstatusWiped = true;
            }
        }
        if(!self::$decoder->getElementEndTag()) //provision
            return false;

        if (PROVISIONING !== true) {
            ZLog::Write(LOGLEVEL_INFO, "No policies deployed to device");
            $policystatus = SYNC_PROVISION_POLICYSTATUS_NOPOLICY;
        }

        self::$encoder->StartWBXML();

        //set the new final policy key in the device manager
        // START ADDED dw2412 Android provisioning fix
        if (!$phase2) {
            $policykey = self::$deviceManager->GenerateProvisioningPolicyKey();
            self::$deviceManager->SetProvisioningPolicyKey($policykey);
            self::$topCollector->AnnounceInformation("Policies deployed", true);
        }
        else {
            // just create a temporary key (i.e. iPhone OS4 Beta does not like policykey 0 in response)
            $policykey = self::$deviceManager->GenerateProvisioningPolicyKey();
        }
        // END ADDED dw2412 Android provisioning fix

        self::$encoder->startTag(SYNC_PROVISION_PROVISION);
        {
            self::$encoder->startTag(SYNC_PROVISION_STATUS);
                self::$encoder->content($status);
            self::$encoder->endTag();

            self::$encoder->startTag(SYNC_PROVISION_POLICIES);
                self::$encoder->startTag(SYNC_PROVISION_POLICY);

                if(isset($policytype)) {
                    self::$encoder->startTag(SYNC_PROVISION_POLICYTYPE);
                        self::$encoder->content($policytype);
                    self::$encoder->endTag();
                }

                self::$encoder->startTag(SYNC_PROVISION_STATUS);
                    self::$encoder->content($policystatus);
                self::$encoder->endTag();

                self::$encoder->startTag(SYNC_PROVISION_POLICYKEY);
                       self::$encoder->content($policykey);
                self::$encoder->endTag();

                if ($phase2 && $policystatus === SYNC_PROVISION_POLICYSTATUS_SUCCESS) {
                    self::$encoder->startTag(SYNC_PROVISION_DATA);
                    if ($policytype == 'MS-WAP-Provisioning-XML') {
                        self::$encoder->content('<wap-provisioningdoc><characteristic type="SecurityPolicy"><parm name="4131" value="1"/><parm name="4133" value="1"/></characteristic></wap-provisioningdoc>');
                    }
                    elseif ($policytype == 'MS-EAS-Provisioning-WBXML') {
                        self::$encoder->startTag(SYNC_PROVISION_EASPROVISIONDOC);

                            $prov = self::$deviceManager->GetProvisioningObject();
                            if (!$prov->Check())
                                throw new FatalException("Invalid policies!");

                            $prov->Encode(self::$encoder);
                        self::$encoder->endTag();
                    }
                    else {
                        ZLog::Write(LOGLEVEL_WARN, "Wrong policy type");
                        self::$topCollector->AnnounceInformation("Policytype not supported", true);
                        return false;
                    }
                    self::$topCollector->AnnounceInformation("Updated provisiong", true);

                    self::$encoder->endTag();//data
                }
                self::$encoder->endTag();//policy
            self::$encoder->endTag(); //policies
        }

        //wipe data if a higher RWSTATUS is requested
        if ($rwstatus > SYNC_PROVISION_RWSTATUS_OK && $policystatus === SYNC_PROVISION_POLICYSTATUS_SUCCESS) {
            self::$encoder->startTag(SYNC_PROVISION_REMOTEWIPE, false, true);
            self::$deviceManager->SetProvisioningWipeStatus(($rwstatusWiped)?SYNC_PROVISION_RWSTATUS_WIPED:SYNC_PROVISION_RWSTATUS_REQUESTED);
            self::$topCollector->AnnounceInformation(sprintf("Remote wipe %s", ($rwstatusWiped)?"executed":"requested"), true);
        }

        self::$encoder->endTag();//provision

        return true;
    }

Here is the call graph for this function:

static RequestProcessor::HandleRequest ( ) [static, inherited]

Loads the command handler and processes a command sent from the mobile.

public

Returns:
boolean

Definition at line 122 of file requestprocessor.php.

                                           {
        $handler = ZPush::GetRequestHandlerForCommand(Request::GetCommandCode());

        // TODO handle WBXML exceptions here and print stack
        return $handler->Handle(Request::GetCommandCode());
    }

Here is the call graph for this function:

static RequestProcessor::Initialize ( ) [static, inherited]

Initialize the RequestProcessor.

public

Returns:

Definition at line 105 of file requestprocessor.php.

                                        {
        self::$backend = ZPush::GetBackend();
        self::$deviceManager = ZPush::GetDeviceManager();
        self::$topCollector = ZPush::GetTopCollector();

        if (!ZPush::CommandNeedsPlainInput(Request::GetCommandCode()))
            self::$decoder = new WBXMLDecoder(Request::GetInputStream());

        self::$encoder = new WBXMLEncoder(Request::GetOutputStream());
    }

Here is the call graph for this function:

static RequestProcessor::isUserAuthenticated ( ) [static, inherited]

Indicates if the user was "authenticated".

public

Returns:
boolean

Definition at line 93 of file requestprocessor.php.

                                                 {
        if (!isset(self::$userIsAuthenticated))
            return false;
        return self::$userIsAuthenticated;
    }

Here is the caller graph for this function:


Member Data Documentation

RequestProcessor::$backend [static, protected, inherited]

Definition at line 52 of file requestprocessor.php.

RequestProcessor::$decoder [static, protected, inherited]

Definition at line 55 of file requestprocessor.php.

RequestProcessor::$deviceManager [static, protected, inherited]

Definition at line 53 of file requestprocessor.php.

RequestProcessor::$encoder [static, protected, inherited]

Definition at line 56 of file requestprocessor.php.

RequestProcessor::$topCollector [static, protected, inherited]

Definition at line 54 of file requestprocessor.php.

RequestProcessor::$userIsAuthenticated [static, protected, inherited]

Definition at line 57 of file requestprocessor.php.


The documentation for this class was generated from the following file: