ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Private Member Functions | Static Private Member Functions | Private Attributes
sspmod_consent_Consent_Store_Database Class Reference
+ Inheritance diagram for sspmod_consent_Consent_Store_Database:
+ Collaboration diagram for sspmod_consent_Consent_Store_Database:

Public Member Functions

 __construct ($config)
 Parse configuration. More...
 
 __sleep ()
 Called before serialization. More...
 
 hasConsent ($userId, $destinationId, $attributeSet)
 Check for consent. More...
 
 saveConsent ($userId, $destinationId, $attributeSet)
 Save consent. More...
 
 deleteConsent ($userId, $destinationId)
 Delete consent. More...
 
 deleteAllConsents ($userId)
 Delete all consents. More...
 
 getConsents ($userId)
 Retrieve consents. More...
 
 getStatistics ()
 Get statistics from the database. More...
 
 selftest ()
 A quick selftest of the consent database. More...
 
 hasConsent ($userId, $destinationId, $attributeSet)
 Check for consent. More...
 
 saveConsent ($userId, $destinationId, $attributeSet)
 Save consent. More...
 
 deleteConsent ($userId, $destinationId)
 Delete consent. More...
 
 deleteAllConsents ($userId)
 Delete all consents. More...
 
 getStatistics ()
 Get statistics for all consent given in the consent store. More...
 
 getConsents ($userId)
 Retrieve consents. More...
 

Private Member Functions

 _execute ($statement, $parameters)
 Prepare and execute statement. More...
 
 _getDB ()
 Get database handle. More...
 

Static Private Member Functions

static _formatError ($error)
 Format PDO error. More...
 

Private Attributes

 $_dsn
 DSN for the database. More...
 
 $_dateTime
 The DATETIME SQL function to use. More...
 
 $_username
 Username for the database. More...
 
 $_password
 Password for the database;. More...
 
 $_options
 Options for the database;. More...
 
 $_table
 Table with consent. More...
 
 $_timeout = null
 
 $_db
 Database handle. More...
 

Additional Inherited Members

- Static Public Member Functions inherited from sspmod_consent_Store
static parseStoreConfig ($config)
 Parse consent storage configuration. More...
 
- Protected Member Functions inherited from sspmod_consent_Store
 __construct (&$config)
 Constructor for the base class. More...
 

Detailed Description

Definition at line 18 of file Database.php.

Constructor & Destructor Documentation

◆ __construct()

sspmod_consent_Consent_Store_Database::__construct (   $config)

Parse configuration.

This constructor parses the configuration.

Parameters
array$configConfiguration for database consent store.
Exceptions
Exceptionin case of a configuration error.

Definition at line 74 of file Database.php.

75 {
76 parent::__construct($config);
77
78 if (!array_key_exists('dsn', $config)) {
79 throw new Exception('consent:Database - Missing required option \'dsn\'.');
80 }
81 if (!is_string($config['dsn'])) {
82 throw new Exception('consent:Database - \'dsn\' is supposed to be a string.');
83 }
84
85 $this->_dsn = $config['dsn'];
86 $this->_dateTime = (0 === strpos($this->_dsn, 'sqlite:')) ? 'DATETIME("NOW")' : 'NOW()';
87
88 if (array_key_exists('username', $config)) {
89 if (!is_string($config['username'])) {
90 throw new Exception('consent:Database - \'username\' is supposed to be a string.');
91 }
92 $this->_username = $config['username'];
93 } else {
94 $this->_username = null;
95 }
96
97 if (array_key_exists('password', $config)) {
98 if (!is_string($config['password'])) {
99 throw new Exception('consent:Database - \'password\' is supposed to be a string.');
100 }
101 $this->_password = $config['password'];
102 } else {
103 $this->_password = null;
104 }
105
106 if (array_key_exists('options', $config)) {
107 if (!is_array($config['options'])) {
108 throw new Exception('consent:Database - \'options\' is supposed to be an array.');
109 }
110 $this->_options = $config['options'];
111 } else {
112 $this->_options = null;
113 }
114 if (array_key_exists('table', $config)) {
115 if (!is_string($config['table'])) {
116 throw new Exception('consent:Database - \'table\' is supposed to be a string.');
117 }
118 $this->_table = $config['table'];
119 } else {
120 $this->_table = 'consent';
121 }
122
123 if (isset($config['timeout'])) {
124 if (!is_int($config['timeout'])) {
125 throw new Exception('consent:Database - \'timeout\' is supposed to be an integer.');
126 }
127 $this->_timeout = $config['timeout'];
128 }
129 }
$config
$config
Definition: bootstrap.php:15

References $config.

Member Function Documentation

◆ __sleep()

sspmod_consent_Consent_Store_Database::__sleep ( )

Called before serialization.

Returns
array The variables which should be serialized.

Definition at line 137 of file Database.php.

138 {
139 return array(
140 '_dsn',
141 '_dateTime',
142 '_username',
143 '_password',
144 '_table',
145 '_timeout',
146 );
147 }

◆ _execute()

sspmod_consent_Consent_Store_Database::_execute (   $statement,
  $parameters 
)
private

Prepare and execute statement.

This function prepares and executes a statement. On error, false will be returned.

Parameters
string$statementThe statement which should be executed.
array$parametersParameters for the statement.
Returns
PDOStatement|false The statement, or false if execution failed.

Definition at line 349 of file Database.php.

350 {
351 assert(is_string($statement));
352 assert(is_array($parameters));
353
354 $db = $this->_getDB();
355 if ($db === false) {
356 return false;
357 }
358
359 $st = $db->prepare($statement);
360 if ($st === false) {
361 SimpleSAML\Logger::error(
362 'consent:Database - Error preparing statement \'' .
363 $statement . '\': ' . self::_formatError($db->errorInfo())
364 );
365 return false;
366 }
367
368 if ($st->execute($parameters) !== true) {
369 SimpleSAML\Logger::error(
370 'consent:Database - Error executing statement \'' .
371 $statement . '\': ' . self::_formatError($st->errorInfo())
372 );
373 return false;
374 }
375
376 return $st;
377 }
SimpleSAML\Logger\error
static error($string)
Definition: Logger.php:166
sspmod_consent_Consent_Store_Database\_getDB
_getDB()
Get database handle.
Definition: Database.php:443

References _getDB(), and SimpleSAML\Logger\error().

Referenced by deleteAllConsents(), deleteConsent(), getConsents(), hasConsent(), and saveConsent().

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ _formatError()

static sspmod_consent_Consent_Store_Database::_formatError (   $error)
staticprivate

Format PDO error.

This function formats a PDO error, as returned from errorInfo.

Parameters
array$errorThe error information.
Returns
string Error text.

Definition at line 474 of file Database.php.

475 {
476 assert(is_array($error));
477 assert(count($error) >= 3);
478
479 return $error[0] . ' - ' . $error[2] . ' (' . $error[1] . ')';
480 }

◆ _getDB()

sspmod_consent_Consent_Store_Database::_getDB ( )
private

Get database handle.

Returns
PDO|false Database handle, or false if we fail to connect.

Definition at line 443 of file Database.php.

444 {
445 if ($this->_db !== null) {
446 return $this->_db;
447 }
448
449 $driver_options = array();
450 if (isset($this->_timeout)) {
451 $driver_options[PDO::ATTR_TIMEOUT] = $this->_timeout;
452 }
453 if (isset($this->_options)) {
454 $this->_options = array_merge($driver_options, $this->_options);
455 } else {
456 $this->_options = $driver_options;
457 }
458
459 $this->_db = new PDO($this->_dsn, $this->_username, $this->_password, $this->_options);
460
461 return $this->_db;
462 }
sspmod_consent_Consent_Store_Database\$_db
$_db
Database handle.
Definition: Database.php:62
sspmod_consent_Consent_Store_Database\$_timeout
$_timeout
Definition: Database.php:55

Referenced by _execute().

+ Here is the caller graph for this function:

◆ deleteAllConsents()

sspmod_consent_Consent_Store_Database::deleteAllConsents (   $userId)

Delete all consents.

Parameters
string$userIdThe hash identifying the user at an IdP.
Returns
int Number of consents deleted

Reimplemented from sspmod_consent_Store.

Definition at line 283 of file Database.php.

284 {
285 assert(is_string($userId));
286
287 $st = $this->_execute(
288 'DELETE FROM ' . $this->_table . ' WHERE hashed_user_id = ?',
289 array($userId)
290 );
291
292 if ($st === false) {
293 return;
294 }
295
296 if ($st->rowCount() > 0) {
297 SimpleSAML\Logger::debug('consent:Database - Deleted (' . $st->rowCount() . ') consent(s).');
298 return $st->rowCount();
299 } else {
300 SimpleSAML\Logger::warning('consent:Database - Attempted to delete nonexistent consent');
301 }
302 }
SimpleSAML\Logger\warning
static warning($string)
Definition: Logger.php:177
SimpleSAML\Logger\debug
static debug($string)
Definition: Logger.php:211
sspmod_consent_Consent_Store_Database\_execute
_execute($statement, $parameters)
Prepare and execute statement.
Definition: Database.php:349

References _execute(), SimpleSAML\Logger\debug(), and SimpleSAML\Logger\warning().

+ Here is the call graph for this function:

◆ deleteConsent()

sspmod_consent_Consent_Store_Database::deleteConsent (   $userId,
  $destinationId 
)

Delete consent.

Called when a user revokes consent for a given destination.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
Returns
int Number of consents deleted

Reimplemented from sspmod_consent_Store.

Definition at line 251 of file Database.php.

252 {
253 assert(is_string($userId));
254 assert(is_string($destinationId));
255
256 $st = $this->_execute(
257 'DELETE FROM ' . $this->_table . ' WHERE hashed_user_id = ? AND service_id = ?;',
258 array($userId, $destinationId)
259 );
260
261 if ($st === false) {
262 return;
263 }
264
265 if ($st->rowCount() > 0) {
266 SimpleSAML\Logger::debug('consent:Database - Deleted consent.');
267 return $st->rowCount();
268 } else {
269 SimpleSAML\Logger::warning(
270 'consent:Database - Attempted to delete nonexistent consent'
271 );
272 }
273 }

References _execute(), SimpleSAML\Logger\debug(), and SimpleSAML\Logger\warning().

+ Here is the call graph for this function:

◆ getConsents()

sspmod_consent_Consent_Store_Database::getConsents (   $userId)

Retrieve consents.

This function should return a list of consents the user has saved.

Parameters
string$userIdThe hash identifying the user at an IdP.
Returns
array Array of all destination ids the user has given consent for.

Reimplemented from sspmod_consent_Store.

Definition at line 314 of file Database.php.

315 {
316 assert(is_string($userId));
317
318 $ret = array();
319
320 $st = $this->_execute(
321 'SELECT service_id, attribute, consent_date, usage_date FROM ' . $this->_table .
322 ' WHERE hashed_user_id = ?',
323 array($userId)
324 );
325
326 if ($st === false) {
327 return array();
328 }
329
330 while ($row = $st->fetch(PDO::FETCH_NUM)) {
331 $ret[] = $row;
332 }
333
334 return $ret;
335 }
$row
$row
Definition: migrateto20.php:360
$ret
$ret
Definition: parser.php:6

References $ret, $row, and _execute().

+ Here is the call graph for this function:

◆ getStatistics()

sspmod_consent_Consent_Store_Database::getStatistics ( )

Get statistics from the database.

The returned array contains 3 entries

  • total: The total number of consents
  • users: Total number of uses that have given consent ' services: Total number of services that has been given consent to
Returns
array Array containing the statistics

Reimplemented from sspmod_consent_Store.

Definition at line 390 of file Database.php.

391 {
392 $ret = array();
393
394 // Get total number of consents
395 $st = $this->_execute('SELECT COUNT(*) AS no FROM '.$this->_table, array());
396
397 if ($st === false) {
398 return array();
399 }
400
401 if ($row = $st->fetch(PDO::FETCH_NUM)) {
402 $ret['total'] = $row[0];
403 }
404
405 // Get total number of users that has given consent
406 $st = $this->_execute(
407 'SELECT COUNT(*) AS no ' .
408 'FROM (SELECT DISTINCT hashed_user_id FROM '.$this->_table.' ) AS foo',
409 array()
410 );
411
412 if ($st === false) {
413 return array();
414 }
415
416 if ($row = $st->fetch(PDO::FETCH_NUM)) {
417 $ret['users'] = $row[0];
418 }
419
420 // Get total number of services that has been given consent to
421 $st = $this->_execute(
422 'SELECT COUNT(*) AS no FROM (SELECT DISTINCT service_id FROM '.$this->_table.') AS foo',
423 array()
424 );
425
426 if ($st === false) {
427 return array();
428 }
429
430 if ($row = $st->fetch(PDO::FETCH_NUM)) {
431 $ret['services'] = $row[0];
432 }
433
434 return $ret;
435 }

◆ hasConsent()

sspmod_consent_Consent_Store_Database::hasConsent (   $userId,
  $destinationId,
  $attributeSet 
)

Check for consent.

This function checks whether a given user has authorized the release of the attributes identified by $attributeSet from $source to $destination.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
string$attributeSetA hash which identifies the attributes.
Returns
bool True if the user has given consent earlier, false if not (or on error).

Reimplemented from sspmod_consent_Store.

Definition at line 163 of file Database.php.

164 {
165 assert(is_string($userId));
166 assert(is_string($destinationId));
167 assert(is_string($attributeSet));
168
169 $st = $this->_execute(
170 'UPDATE ' . $this->_table . ' ' .
171 'SET usage_date = ' . $this->_dateTime . ' ' .
172 'WHERE hashed_user_id = ? AND service_id = ? AND attribute = ?',
173 array($userId, $destinationId, $attributeSet)
174 );
175
176 if ($st === false) {
177 return false;
178 }
179
180 $rowCount = $st->rowCount();
181 if ($rowCount === 0) {
182 SimpleSAML\Logger::debug('consent:Database - No consent found.');
183 return false;
184 } else {
185 SimpleSAML\Logger::debug('consent:Database - Consent found.');
186 return true;
187 }
188 }

References _execute(), and SimpleSAML\Logger\debug().

+ Here is the call graph for this function:

◆ saveConsent()

sspmod_consent_Consent_Store_Database::saveConsent (   $userId,
  $destinationId,
  $attributeSet 
)

Save consent.

Called when the user asks for the consent to be saved. If consent information for the given user and destination already exists, it should be overwritten.

Parameters
string$userIdThe hash identifying the user at an IdP.
string$destinationIdA string which identifies the destination.
string$attributeSetA hash which identifies the attributes.
Returns
void|true True if consent is deleted.

Reimplemented from sspmod_consent_Store.

Definition at line 203 of file Database.php.

204 {
205 assert(is_string($userId));
206 assert(is_string($destinationId));
207 assert(is_string($attributeSet));
208
209 // Check for old consent (with different attribute set)
210 $st = $this->_execute(
211 'UPDATE ' . $this->_table . ' ' .
212 'SET consent_date = ' . $this->_dateTime . ', usage_date = ' . $this->_dateTime . ', attribute = ? ' .
213 'WHERE hashed_user_id = ? AND service_id = ?',
214 array($attributeSet, $userId, $destinationId)
215 );
216
217 if ($st === false) {
218 return;
219 }
220
221 if ($st->rowCount() > 0) {
222 // Consent has already been stored in the database
223 SimpleSAML\Logger::debug('consent:Database - Updated old consent.');
224 return;
225 }
226
227 // Add new consent
228 $st = $this->_execute(
229 'INSERT INTO ' . $this->_table . ' (' . 'consent_date, usage_date, hashed_user_id, service_id, attribute' .
230 ') ' . 'VALUES (' . $this->_dateTime . ', ' . $this->_dateTime . ', ?, ?, ?)',
231 array($userId, $destinationId, $attributeSet)
232 );
233
234 if ($st !== false) {
235 SimpleSAML\Logger::debug('consent:Database - Saved new consent.');
236 }
237 return true;
238 }

References _execute(), and SimpleSAML\Logger\debug().

+ Here is the call graph for this function:

◆ selftest()

sspmod_consent_Consent_Store_Database::selftest ( )

A quick selftest of the consent database.

Returns
boolean True if OK, false if not. Will throw an exception on connection errors.

Definition at line 488 of file Database.php.

489 {
490 $st = $this->_execute(
491 'SELECT * FROM ' . $this->_table . ' WHERE hashed_user_id = ? AND service_id = ? AND attribute = ?',
492 array('test', 'test', 'test')
493 );
494
495 if ($st === false) {
496 // normally, the test will fail by an exception, so we won't reach this code
497 return false;
498 }
499 return true;
500 }

Field Documentation

◆ $_dateTime

sspmod_consent_Consent_Store_Database::$_dateTime
private

The DATETIME SQL function to use.

Definition at line 28 of file Database.php.

◆ $_db

sspmod_consent_Consent_Store_Database::$_db
private

Database handle.

This variable can't be serialized.

Definition at line 62 of file Database.php.

◆ $_dsn

sspmod_consent_Consent_Store_Database::$_dsn
private

DSN for the database.

Definition at line 23 of file Database.php.

◆ $_options

sspmod_consent_Consent_Store_Database::$_options
private

Options for the database;.

Definition at line 43 of file Database.php.

◆ $_password

sspmod_consent_Consent_Store_Database::$_password
private

Password for the database;.

Definition at line 38 of file Database.php.

◆ $_table

sspmod_consent_Consent_Store_Database::$_table
private

Table with consent.

Definition at line 48 of file Database.php.

◆ $_timeout

sspmod_consent_Consent_Store_Database::$_timeout = null
private

Definition at line 55 of file Database.php.

◆ $_username

sspmod_consent_Consent_Store_Database::$_username
private

Username for the database.

Definition at line 33 of file Database.php.

The documentation for this class was generated from the following file: