Browse Source

added check to validate lastname matches what is stored in relais

9.x-1.0
Paul Pound 8 years ago
parent
commit
ffb1344ad4
  1. 19
      includes/form.inc
  2. 14
      includes/relais.inc

19
includes/form.inc

@ -37,6 +37,16 @@ function upei_roblib_ill_form($form, &$form_state) {
* An array containing the Drupal form state.
*/
function upei_roblib_ill_form_validate($form, &$form_state) {
module_load_include('inc', 'upei_roblib_ill', 'includes/relais');
if ($form_state['step'] == 'upei_roblib_ill_auth_form') {
$aid = upei_roblib_ill_authenticate($form_state['values']['campus_id'], $form_state['values']['Surname']);
if (is_array($aid) && isset($aid['Problem']['Message'])) {
form_set_error('Surname', $aid['Problem']['Message']);
}
else {
$form_state['storage']['aid'] = $aid;
}
}
if ($form_state['step'] == 'upei_roblib_ill_request_form' && empty($form_state['values']['doi']) && empty($form_state['values']['Title']) &&
empty($form_state['values']['ArticleTitle'])
) {
@ -54,7 +64,7 @@ function upei_roblib_ill_form_validate($form, &$form_state) {
* An array containing the Drupal form state.
*/
function upei_roblib_ill_form_submit($form, &$form_state) {
module_load_include('inc', 'upei_roblib_ill', 'includes/relais');
$form_state['storage'][$form_state['step']] = $form_state['values'];
switch ($form_state['step']) {
case 'upei_roblib_ill_request_form':
@ -65,8 +75,7 @@ function upei_roblib_ill_form_submit($form, &$form_state) {
break;
case 'upei_roblib_ill_auth_form':
//process the form
$aid = upei_roblib_ill_authenticate($form_state['values']['campus_id']);
$response = upei_roblib_ill_add_request($form_state, $aid);
$response = upei_roblib_ill_add_request($form_state, $form_state['storage']['aid']);
$form_state['redirect'] = array(
'upei/roblib/ill/finished',
array(
@ -89,12 +98,10 @@ function upei_roblib_ill_form_redirect() {
//TODO phone number, email etc. could be variables read from the database.
$std_message = "<div class='upei-roblib-ill-message'>To contact the department about this request, you can send a message to <a href='mailto:ill@upei.ca'>ill@upei.ca</a> or
call 902-566-0445</div>";
return "<div class='upei-roblib-ill-relais-message'>" . $_GET['message'] . '</div>'. $std_message;
return "<div class='upei-roblib-ill-relais-message'>" . $_GET['message'] . '</div>' . $std_message;
}
/**
* The patron portion of the ILL form.
*

14
includes/relais.inc

@ -45,7 +45,7 @@ function upei_roblib_ill_add_request($form_state, $aid) {
if(!isset($aid) || is_array($aid)) {
upei_roblib_ill_log_request($relais_arr, $aid);
drupal_set_message(t('Error retrieving authentication token, @message', array('@message' => $aid['Problem']['Message'])), 'error');
return array('ConfirmMessage' => $aid['Problem']['Message'] . ' You may have entered an incorrect Campus ID');
return array('ConfirmMessage' => t('There was an error processing your request, @msg', array('@msg' => $aid['Problem']['Message'])));
}
$result = drupal_http_request($url . '?aid=' . $aid, $options);
module_load_include('inc', 'upei_roblib_ill', 'includes/db');
@ -65,7 +65,7 @@ function upei_roblib_ill_add_request($form_state, $aid) {
* @return string/array
* Returns a Relais authentication id (token) or an array containing the Relais response error which should include the error message if authentication fails
*/
function upei_roblib_ill_authenticate($barcode) {
function upei_roblib_ill_authenticate($barcode, $surname) {
$url = variable_get('upei_roblib_ill_auth_url', 'https://caul-cbua.relais-host.com/portal-service/user/authentication');
$json_arr = array();
$json_arr['ApiKey'] = variable_get('upei_roblib_ill_relais_key');
@ -80,14 +80,20 @@ function upei_roblib_ill_authenticate($barcode) {
'headers' => array('Content-Type' => 'application/json'),
);
$result = drupal_http_request($url, $options);
if($result->code != '200') {
$response_data['Problem']['Message'] = $result->error;
return $response_data;
}
$response_data = json_decode($result->data, TRUE);
if ($result->code == '200') {
if (isset($response_data['Problem'])) {
if (isset($response_data['Problem']) || $response_data['LastName'] !== $surname) {
$err_message = isset($response_data['Problem']['Message']) ? $response_data['Problem']['Message'] : '';
$err_message .= t( ' Your Campus ID could be incorrect or your Last Name does not match what is stored in the profile for the user with the specified Campus ID');
$response_data['Problem']['Message'] = $err_message;
return $response_data;
}
$aid = $response_data['AuthorizationId'];
}
return isset($aid) ? $aid : $response_data;
}

Loading…
Cancel
Save