ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes
sspmod_consent_Consent_Store_Database Class Reference
+ Inheritance diagram for sspmod_consent_Consent_Store_Database:
+ Collaboration diagram for sspmod_consent_Consent_Store_Database:

Public Member Functions

 __construct ($config)
 Parse configuration. More...
 
 __sleep ()
 Called before serialization. More...
 
 hasConsent ($userId, $destinationId, $attributeSet)
 Check for consent. More...
 
 saveConsent ($userId, $destinationId, $attributeSet)
 Save consent. More...
 
 deleteConsent ($userId, $destinationId)
 Delete consent. More...
 
 deleteAllConsents ($userId)
 Delete all consents. More...
 
 getConsents ($userId)
 Retrieve consents. More...
 
 getStatistics ()
 Get statistics from the database. More...
 
 selftest ()
 A quick selftest of the consent database. More...
 
 hasConsent ($userId, $destinationId, $attributeSet)
 Check for consent. More...
 
 saveConsent ($userId, $destinationId, $attributeSet)
 Save consent. More...
 
 deleteConsent ($userId, $destinationId)
 Delete consent. More...
 
 deleteAllConsents ($userId)
 Delete all consents. More...
 
 getStatistics ()
 Get statistics for all consent given in the consent store. More...
 
 getConsents ($userId)
 Retrieve consents. More...
 

Private Member Functions

 _execute ($statement, $parameters)
 Prepare and execute statement. More...
 
 _createTable ()
 Create consent table. More...
 
 _getDB ()
 Get database handle. More...
 

Static Private Member Functions

static _formatError ($error)
 Format PDO error. More...
 

Private Attributes

 $_dsn
 DSN for the database. More...
 
 $_dateTime
 The DATETIME SQL function to use. More...
 
 $_username
 Username for the database. More...
 
 $_password
 Password for the database;. More...
 
 $_table
 Table with consent. More...
 
 $_timeout = NULL
 
 $_db
 Database handle. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from sspmod_consent_Store
static parseStoreConfig ($config)
 Parse consent storage configuration. More...
 
- Protected Member Functions inherited from sspmod_consent_Store
 __construct (&$config)
 Constructor for the base class. More...
 

Detailed Description

Definition at line 18 of file Database.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_consent_Consent_Store_Database::__construct (   $config)

Parse configuration.

This constructor parses the configuration.

Parameters
array$configConfiguration for database consent store.
Exceptions
Exceptionin case of a configuration error.

Definition at line 69 of file Database.php.

70 {
71 parent::__construct($config);
72
73
74 if (!array_key_exists('dsn', $config)) {
75 throw new Exception('consent:Database - Missing required option \'dsn\'.');
76 }
77 if (!is_string($config['dsn'])) {
78 throw new Exception('consent:Database - \'dsn\' is supposed to be a string.');
79 }
80
81 $this->_dsn = $config['dsn'];
82 $this->_dateTime = (0 === strpos($this->_dsn, 'sqlite:')) ? 'DATETIME("NOW")' : 'NOW()';
83
84 if (array_key_exists('username', $config)) {
85 if (!is_string($config['username'])) {
86 throw new Exception('consent:Database - \'username\' is supposed to be a string.');
87 }
88 $this->_username = $config['username'];
89 } else {
90 $this->_username = null;
91 }
92
93 if (array_key_exists('password', $config)) {
94 if (!is_string($config['password'])) {
95 throw new Exception('consent:Database - \'password\' is supposed to be a string.');
96 }
97 $this->_password = $config['password'];
98 } else {
99 $this->_password = null;
100 }
101
102 if (array_key_exists('table', $config)) {
103 if (!is_string($config['table'])) {
104 throw new Exception('consent:Database - \'table\' is supposed to be a string.');
105 }
106 $this->_table = $config['table'];
107 } else {
108 $this->_table = 'consent';
109 }
110
111 if (isset($config['timeout'])) {
112 if (!is_int($config['timeout'])) {
113 throw new Exception('consent:Database - \'timeout\' is supposed to be an integer.');
114 }
115 $this->_timeout = $config['timeout'];
116 }
117 }

References $config.

Member Function Documentation

◆ __sleep()

sspmod_consent_Consent_Store_Database::__sleep ( )

Called before serialization.

Returns
array The variables which should be serialized.

Definition at line 125 of file Database.php.

126 {
127 return array(
128 '_dsn',
129 '_dateTime',
130 '_username',
131 '_password',
132 '_table',
133 '_timeout',
134 );
135 }

◆ _createTable()

sspmod_consent_Consent_Store_Database::_createTable ( )
private

Create consent table.

This function creates the table with consent data.

Returns
True if successful, false if not.

@TODO Remove this function since it is not used

Definition at line 436 of file Database.php.

437 {
438 $db = $this->_getDB();
439 if ($db === false) {
440 return false;
441 }
442
443 $res = $this->db->exec(
444 'CREATE TABLE ' . $this->_table . ' (consent_date TIMESTAMP NOT null, usage_date TIMESTAMP NOT null,' .
445 'hashed_user_id VARCHAR(80) NOT null, service_id VARCHAR(255) NOT null, attribute VARCHAR(80) NOT null,' .
446 'UNIQUE (hashed_user_id, service_id)'
447 );
448 if ($res === false) {
449 SimpleSAML\Logger::error('consent:Database - Failed to create table \'' . $this->_table . '\'.');
450 return false;
451 }
452
453 return true;
454 }
SimpleSAML\Logger\error
static error($string)
Definition: Logger.php:168
sspmod_consent_Consent_Store_Database\_getDB
_getDB()
Get database handle.
Definition: Database.php:462
$res
foreach($_POST as $key=> $value) $res
Definition: save_question_post_data.php:15

◆ _execute()

sspmod_consent_Consent_Store_Database::_execute (   $statement,
  $parameters 
)
private

Prepare and execute statement.

This function prepares and executes a statement. On error, false will be returned.

Parameters
string$statementThe statement which should be executed.
array$parametersParameters for the statement.
Returns
PDOStatement|false The statement, or false if execution failed.

Definition at line 337 of file Database.php.

338 {
339 assert('is_string($statement)');
340 assert('is_array($parameters)');
341
342 $db = $this->_getDB();
343 if ($db === false) {
344 return false;
345 }
346
347 $st = $db->prepare($statement);
348 if ($st === false) {
349 SimpleSAML\Logger::error(
350 'consent:Database - Error preparing statement \'' .
351 $statement . '\': ' . self::_formatError($db->errorInfo())
352 );
353 return false;
354 }
355
356 if ($st->execute($parameters) !== true) {
357 SimpleSAML\Logger::error(
358 'consent:Database - Error executing statement \'' .
359 $statement . '\': ' . self::_formatError($st->errorInfo())
360 );
361 return false;
362 }
363
364 return $st;
365 }

References _getDB(), and SimpleSAML\Logger\error().

Referenced by deleteAllConsents(), deleteConsent(), getConsents(), hasConsent(), and saveConsent().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _formatError()

static sspmod_consent_Consent_Store_Database::_formatError (   $error)
staticprivate

Format PDO error.

This function formats a PDO error, as returned from errorInfo.

Parameters
array$errorThe error information.
Returns
string Error text.

Definition at line 488 of file Database.php.

489 {
490 assert('is_array($error)');
491 assert('count($error) >= 3');
492
493 return $error[0] . ' - ' . $error[2] . ' (' . $error[1] . ')';
494 }
$error
$error
Definition: Error.php:17

◆ _getDB()

sspmod_consent_Consent_Store_Database::_getDB ( )
private

Get database handle.

Returns
PDO|false Database handle, or false if we fail to connect.

Definition at line 462 of file Database.php.

463 {
464 if ($this->_db !== null) {
465 return $this->_db;
466 }
467
468 $driver_options = array();
469 if (isset($this->_timeout)) {
470 $driver_options[PDO::ATTR_TIMEOUT] = $this->_timeout;
471 }
472
473 $this->_db = new PDO($this->_dsn, $this->_username, $this->_password, $driver_options);
474
475 return $this->_db;
476 }
sspmod_consent_Consent_Store_Database\$_db
$_db
Database handle.
Definition: Database.php:57
sspmod_consent_Consent_Store_Database\$_timeout
$_timeout
Definition: Database.php:50

Referenced by _execute().

+ Here is the caller graph for this function:

◆ deleteAllConsents()

sspmod_consent_Consent_Store_Database::deleteAllConsents (   $userId)

Delete all consents.

Parameters
string$userIdThe hash identifying the user at an IdP.
Returns
int Number of consents deleted

Reimplemented from sspmod_consent_Store.

Definition at line 271 of file Database.php.

272 {
273 assert('is_string($userId)');
274
275 $st = $this->_execute(
276 'DELETE FROM ' . $this->_table . ' WHERE hashed_user_id = ?',
277 array($userId)
278 );
279
280 if ($st === false) {
281 return;
282 }
283
284 if ($st->rowCount() > 0) {
285 SimpleSAML\Logger::debug('consent:Database - Deleted (' . $st->rowCount() . ') consent(s).');
286 return $st->rowCount();
287 } else {
288 SimpleSAML\Logger::warning('consent:Database - Attempted to delete nonexistent consent');
289 }
290 }
SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:179
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:213
sspmod_consent_Consent_Store_Database\_execute
_execute($statement, $parameters)
Prepare and execute statement.
Definition: Database.php:337

References _execute(), SimpleSAML\Logger\debug(), and SimpleSAML\Logger\warning().

+ Here is the call graph for this function:

◆ deleteConsent()

sspmod_consent_Consent_Store_Database::deleteConsent (   $userId,
  $destinationId 
)

Delete consent.

Called when a user revokes consent for a given destination.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
Returns
int Number of consents deleted

Reimplemented from sspmod_consent_Store.

Definition at line 239 of file Database.php.

240 {
241 assert('is_string($userId)');
242 assert('is_string($destinationId)');
243
244 $st = $this->_execute(
245 'DELETE FROM ' . $this->_table . ' WHERE hashed_user_id = ? AND service_id = ?;',
246 array($userId, $destinationId)
247 );
248
249 if ($st === false) {
250 return;
251 }
252
253 if ($st->rowCount() > 0) {
254 SimpleSAML\Logger::debug('consent:Database - Deleted consent.');
255 return $st->rowCount();
256 } else {
257 SimpleSAML\Logger::warning(
258 'consent:Database - Attempted to delete nonexistent consent'
259 );
260 }
261 }

References _execute(), SimpleSAML\Logger\debug(), and SimpleSAML\Logger\warning().

+ Here is the call graph for this function:

◆ getConsents()

sspmod_consent_Consent_Store_Database::getConsents (   $userId)

Retrieve consents.

This function should return a list of consents the user has saved.

Parameters
string$userIdThe hash identifying the user at an IdP.
Returns
array Array of all destination ids the user has given consent for.

Reimplemented from sspmod_consent_Store.

Definition at line 302 of file Database.php.

303 {
304 assert('is_string($userId)');
305
306 $ret = array();
307
308 $st = $this->_execute(
309 'SELECT service_id, attribute, consent_date, usage_date FROM ' . $this->_table .
310 ' WHERE hashed_user_id = ?',
311 array($userId)
312 );
313
314 if ($st === false) {
315 return array();
316 }
317
318 while ($row = $st->fetch(PDO::FETCH_NUM)) {
319 $ret[] = $row;
320 }
321
322 return $ret;
323 }
$ret
$ret
Definition: parser.php:6

References $ret, $row, and _execute().

+ Here is the call graph for this function:

◆ getStatistics()

sspmod_consent_Consent_Store_Database::getStatistics ( )

Get statistics from the database.

The returned array contains 3 entries

  • total: The total number of consents
  • users: Total number of uses that have given consent ' services: Total number of services that has been given consent to
Returns
array Array containing the statistics @TODO Change fixed table name to config option

Reimplemented from sspmod_consent_Store.

Definition at line 379 of file Database.php.

380 {
381 $ret = array();
382
383 // Get total number of consents
384 $st = $this->_execute('SELECT COUNT(*) AS no FROM consent', array());
385
386 if ($st === false) {
387 return array();
388 }
389
390 if ($row = $st->fetch(PDO::FETCH_NUM)) {
391 $ret['total'] = $row[0];
392 }
393
394 // Get total number of users that has given consent
395 $st = $this->_execute(
396 'SELECT COUNT(*) AS no ' .
397 'FROM (SELECT DISTINCT hashed_user_id FROM consent ) AS foo',
398 array()
399 );
400
401 if ($st === false) {
402 return array();
403 }
404
405 if ($row = $st->fetch(PDO::FETCH_NUM)) {
406 $ret['users'] = $row[0];
407 }
408
409 // Get total number of services that has been given consent to
410 $st = $this->_execute(
411 'SELECT COUNT(*) AS no FROM (SELECT DISTINCT service_id FROM consent) AS foo',
412 array()
413 );
414
415 if ($st === false) {
416 return array();
417 }
418
419 if ($row = $st->fetch(PDO::FETCH_NUM)) {
420 $ret['services'] = $row[0];
421 }
422
423 return $ret;
424 }

◆ hasConsent()

sspmod_consent_Consent_Store_Database::hasConsent (   $userId,
  $destinationId,
  $attributeSet 
)

Check for consent.

This function checks whether a given user has authorized the release of the attributes identified by $attributeSet from $source to $destination.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
string$attributeSetA hash which identifies the attributes.
Returns
bool True if the user has given consent earlier, false if not (or on error).

Reimplemented from sspmod_consent_Store.

Definition at line 151 of file Database.php.

152 {
153 assert('is_string($userId)');
154 assert('is_string($destinationId)');
155 assert('is_string($attributeSet)');
156
157 $st = $this->_execute(
158 'UPDATE ' . $this->_table . ' ' .
159 'SET usage_date = ' . $this->_dateTime . ' ' .
160 'WHERE hashed_user_id = ? AND service_id = ? AND attribute = ?',
161 array($userId, $destinationId, $attributeSet)
162 );
163
164 if ($st === false) {
165 return false;
166 }
167
168 $rowCount = $st->rowCount();
169 if ($rowCount === 0) {
170 SimpleSAML\Logger::debug('consent:Database - No consent found.');
171 return false;
172 } else {
173 SimpleSAML\Logger::debug('consent:Database - Consent found.');
174 return true;
175 }
176 }

References _execute(), and SimpleSAML\Logger\debug().

+ Here is the call graph for this function:

◆ saveConsent()

sspmod_consent_Consent_Store_Database::saveConsent (   $userId,
  $destinationId,
  $attributeSet 
)

Save consent.

Called when the user asks for the consent to be saved. If consent information for the given user and destination already exists, it should be overwritten.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
string$attributeSetA hash which identifies the attributes.
Returns
void|true True if consent is deleted.

Reimplemented from sspmod_consent_Store.

Definition at line 191 of file Database.php.

192 {
193 assert('is_string($userId)');
194 assert('is_string($destinationId)');
195 assert('is_string($attributeSet)');
196
197 // Check for old consent (with different attribute set)
198 $st = $this->_execute(
199 'UPDATE ' . $this->_table . ' ' .
200 'SET consent_date = ' . $this->_dateTime . ', usage_date = ' . $this->_dateTime . ', attribute = ? ' .
201 'WHERE hashed_user_id = ? AND service_id = ?',
202 array($attributeSet, $userId, $destinationId)
203 );
204
205 if ($st === false) {
206 return;
207 }
208
209 if ($st->rowCount() > 0) {
210 // Consent has already been stored in the database
211 SimpleSAML\Logger::debug('consent:Database - Updated old consent.');
212 return;
213 }
214
215 // Add new consent
216 $st = $this->_execute(
217 'INSERT INTO ' . $this->_table . ' (' . 'consent_date, usage_date, hashed_user_id, service_id, attribute' .
218 ') ' . 'VALUES (' . $this->_dateTime . ', ' . $this->_dateTime . ', ?, ?, ?)',
219 array($userId, $destinationId, $attributeSet)
220 );
221
222 if ($st !== false) {
223 SimpleSAML\Logger::debug('consent:Database - Saved new consent.');
224 }
225 return true;
226 }

References _execute(), and SimpleSAML\Logger\debug().

+ Here is the call graph for this function:

◆ selftest()

sspmod_consent_Consent_Store_Database::selftest ( )

A quick selftest of the consent database.

Returns
boolean True if OK, false if not. Will throw an exception on connection errors.

Definition at line 502 of file Database.php.

503 {
504 $st = $this->_execute(
505 'SELECT * FROM ' . $this->_table . ' WHERE hashed_user_id = ? AND service_id = ? AND attribute = ?',
506 array('test', 'test', 'test')
507 );
508
509 if ($st === false) {
510 // normally, the test will fail by an exception, so we won't reach this code
511 return false;
512 }
513 return true;
514 }

Field Documentation

◆ $_dateTime

sspmod_consent_Consent_Store_Database::$_dateTime
private

The DATETIME SQL function to use.

Definition at line 28 of file Database.php.

◆ $_db

sspmod_consent_Consent_Store_Database::$_db
private

Database handle.

This variable can't be serialized.

Definition at line 57 of file Database.php.

◆ $_dsn

sspmod_consent_Consent_Store_Database::$_dsn
private

DSN for the database.

Definition at line 23 of file Database.php.

◆ $_password

sspmod_consent_Consent_Store_Database::$_password
private

Password for the database;.

Definition at line 38 of file Database.php.

◆ $_table

sspmod_consent_Consent_Store_Database::$_table
private

Table with consent.

Definition at line 43 of file Database.php.

◆ $_timeout

sspmod_consent_Consent_Store_Database::$_timeout = NULL
private

Definition at line 50 of file Database.php.

◆ $_username

sspmod_consent_Consent_Store_Database::$_username
private

Username for the database.

Definition at line 33 of file Database.php.

The documentation for this class was generated from the following file: