diff options
Diffstat (limited to 'scripts/cron')
| -rwxr-xr-x | scripts/cron/permissionreview.php | 87 | ||||
| -rwxr-xr-x | scripts/cron/refresh_stats.php | 307 | ||||
| -rwxr-xr-x | scripts/cron/warning.php | 43 |
3 files changed, 391 insertions, 46 deletions
diff --git a/scripts/cron/permissionreview.php b/scripts/cron/permissionreview.php index 0f2fc2e..ca95f18 100755 --- a/scripts/cron/permissionreview.php +++ b/scripts/cron/permissionreview.php @@ -27,7 +27,7 @@ $ORGANISATION_ASSURANCE_OFFICER = 'oao@cacert.org'; //defines to whom to send the lists $flags = array( - 'admin' => array( + 'admin=1' => array( 'name' => 'Support Engineer', 'own' => false, //Don't send twice 'board' => true, @@ -35,8 +35,8 @@ $flags = array( 'ao' => false, 'oao' => false ), - - 'orgadmin' => array( + + 'orgadmin=1' => array( 'name' => 'Organisation Assurer', 'own' => true, 'board' => true, @@ -44,8 +44,8 @@ $flags = array( 'ao' => true, 'oao' => true ), - - 'board' => array( + + 'board=1' => array( 'name' => 'Board Member', 'own' => false, 'board' => true, @@ -53,8 +53,8 @@ $flags = array( 'ao' => true, 'oao' => false ), - - 'ttpadmin' => array( + + 'ttpadmin=1' => array( 'name' => 'Trusted Third Party Admin', 'own' => true, 'board' => true, @@ -62,8 +62,17 @@ $flags = array( 'ao' => true, 'oao' => true ), - - 'tverify' => array( + + 'ttpadmin=2' => array( + 'name' => 'Trusted Third Party TOPUP Admin', + 'own' => true, + 'board' => true, + 'support' => true, + 'ao' => true, + 'oao' => true + ), + + 'tverify=1' => array( 'name' => 'Tverify Admin', 'own' => false, 'board' => true, @@ -71,8 +80,8 @@ $flags = array( 'ao' => true, 'oao' => false ), - - 'locadmin' => array( + + 'locadmin=1' => array( 'name' => 'Location Admin', 'own' => false, 'board' => true, @@ -80,30 +89,51 @@ $flags = array( 'ao' => false, 'oao' => false ), + + 'adadmin=1' => array( + 'name' => 'submit status for Advertising Admin', + 'own' => false, + 'board' => true, + 'support' => true, + 'ao' => false, + 'oao' => false + ), + + 'adadmin=2' => array( + 'name' => 'approve status for Advertising Admin', + 'own' => false, + 'board' => true, + 'support' => true, + 'ao' => false, + 'oao' => false + ), + + ); // Build up list of various admins $adminlist = array(); foreach ($flags as $flag => $flag_properties) { - $query = "select `fname`, `lname`, `email` from `users` where `$flag` = 1"; + $flagname = explode('=', $flag, 2 ); + $query = "select `fname`, `lname`, `email` from `users` where `$flagname[0]` = '$flagname[1]'"; if(! $res = mysql_query($query) ) { fwrite(STDERR, "MySQL query for flag $flag failed:\n". "\"$query\"\n". mysql_error() ); - + continue; } - + $adminlist[$flag] = array(); - + while ($row = mysql_fetch_assoc($res)) { $adminlist[$flag][] = $row; } - - + + // Send mail to admins of this group if 'own' is set if ($flag_properties['own']) { foreach ($adminlist[$flag] as $admin) { @@ -117,19 +147,20 @@ and report to the responsible team leader or board EOF; - + foreach ($adminlist[$flag] as $colleague) { $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n"; } - + $message .= <<<EOF Best Regards, CAcert Support EOF; - + sendmail($admin['email'], "Permissions Review", $message, 'support@cacert.org'); + echo "Sent $flag_properties[name] mail to $admin[email]\n"; } } } @@ -152,7 +183,7 @@ foreach ($flags as $flag => $flag_properties) { foreach ($adminlist[$flag] as $colleague) { $message .= "$colleague[fname] $colleague[lname] $colleague[email]\n"; } - + $message .= "\n\n"; } } @@ -163,12 +194,13 @@ Best Regards, CAcert Support EOF; -foreach ($adminlist['admin'] as $support_engineer) { +foreach ($adminlist['admin=1'] as $support_engineer) { sendmail( $support_engineer['email'], "Permissions Review", $message, 'support@cacert.org'); + echo "Sent Support Engineer mail to $support_engineer[email]\n"; } @@ -188,14 +220,14 @@ foreach (array( Dear $values[description], it's time for the permission review again. Here is the list of privileged users -in the CAcert web application. Please review them and also ask the persons +in the CAcert web application. Please review them and also ask the persons responsible for an up-to-date copy of access lists not directly recorded in the -web application (critical admins, software assessors etc.) +web application (critical admins, software assessors etc.) EOF; - + foreach ($flags as $flag => $flag_properties) { if ($flag_properties[$key]) { $message .= "List of $flag_properties[name]s:\n\n"; @@ -205,13 +237,14 @@ EOF; $message .= "\n\n"; } } - + $message .= <<<EOF Best Regards, CAcert Support EOF; - + sendmail($values['email'], "Permissions Review", $message, 'support@cacert.org'); + echo "Sent $values[description] mail to $values[email]\n"; } diff --git a/scripts/cron/refresh_stats.php b/scripts/cron/refresh_stats.php new file mode 100755 index 0000000..2a3d2b5 --- /dev/null +++ b/scripts/cron/refresh_stats.php @@ -0,0 +1,307 @@ +#!/usr/bin/php -q +<?php +/* +LibreSSL - CAcert web application +Copyright (C) 2004-2012 CAcert Inc. + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; version 2 of the License. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA +*/ + +require_once(dirname(__FILE__).'/../../includes/mysql.php'); + +/** + * Wrapper around mysql_query() to provide some error handling. Prints an error + * message and dies if query fails + * + * @param string $sql + * the SQL statement to execute + * @return resource|boolean + * the MySQL result set + */ +function sql_query($sql) { + $res = mysql_query($sql); + if (!$res) { + fwrite(STDERR, "MySQL query failed:\n\"$sql\"\n".mysql_error()); + die(1); + } + + return $res; +} + +function tc($sql) { + $row = mysql_fetch_assoc(sql_query($sql)); + return(intval($row['count'])); +} + +/** +* writes new data to cache, create cache or update existing cache, set current +* time stamp +* @return boolean +*/ +function updateCache($stats) { + $timestamp = time(); + $sql = "insert into `statscache` (`timestamp`, `cache`) values + ('$timestamp', '".mysql_real_escape_string(serialize($stats))."')"; + sql_query($sql); + + // Make sure the new statistic was inserted successfully + $res = sql_query( + "select 1 from `statscache` where `timestamp` = '$timestamp'"); + if (mysql_num_rows($res) !== 1) { + fwrite(STDERR, "Error on inserting the new statistic"); + return false; + } + + sql_query("delete from `statscache` where `timestamp` != '$timestamp'"); + return true; +} + +/** +* get statistics data from live tables, takes a long time so please try to use the +* cache +* @return array +*/ +function getDataFromLive() { + echo "Calculating current statistics\n"; + + $stats = array(); + $stats['verified_users'] = number_format(tc( + "select count(*) as `count` from `users` + where `verified` = 1 + and `deleted` = 0 + and `locked` = 0")); + + $stats['verified_emails'] = number_format(tc( + "select count(*) as `count` from `email` + where `hash` = '' and `deleted` = 0")); + + $stats['verified_domains'] = number_format(tc( + "select count(*) as `count` from `domains` + where `hash` = '' and `deleted` = 0")); + + $certs = tc("select count(*) as `count` from `domaincerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `emailcerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `gpg` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `orgdomaincerts` + where `expire` != 0"); + $certs += tc("select count(*) as `count` from `orgemailcerts` + where `expire` != 0"); + $stats['verified_certificates'] = number_format($certs); + + $certs = tc("select count(*) as `count` from `domaincerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `emailcerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `gpg` + where `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `orgdomaincerts` + where `revoked` = 0 and `expire` > NOW()"); + $certs += tc("select count(*) as `count` from `orgemailcerts` + where `revoked` = 0 and `expire` > NOW()"); + $stats['valid_certificates'] = number_format($certs); + + $stats['assurances_made'] = number_format(tc( + "select count(*) as `count` from `notary` + where `method` = '' or `method` = 'Face to Face Meeting'")); + + $stats['users_1to49'] = number_format(tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `deleted` = 0 + group by `to` + having sum(`points`) > 0 and sum(`points`) < 50 + ) as `low_points`")); + + $stats['users_50to99'] = number_format(tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `deleted` = 0 + group by `to` + having sum(`points`) >= 50 and sum(`points`) < 100 + ) as `high_points`")); + + $stats['assurer_candidates'] = number_format(tc( + "select count(*) as `count` from `users` + where ( + select sum(`points`) from `notary` + where `to`=`users`.`id` + and `deleted` = 0 + ) >= 100 + and not exists( + select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` + where `cp`.`user_id`=`users`.`id` + and `cp`.`variant_id`=`cv`.`id` + and `cv`.`type_id`=1 + )" + )); + + $stats['aussurers_with_test'] = number_format(tc( + "select count(*) as `count` from `users` + where ( + select sum(`points`) from `notary` + where `to`=`users`.`id` + and `deleted` = 0 + ) >= 100 + and exists( + select 1 from `cats_passed` as `cp`, `cats_variant` as `cv` + where `cp`.`user_id`=`users`.`id` + and `cp`.`variant_id`=`cv`.`id` + and `cv`.`type_id`=1 + )" + )); + + $stats['points_issued'] = number_format(tc( + "select sum(greatest(`points`, `awarded`)) as `count` from `notary` + where `deleted` = 0 + and `method` = 'Face to Face Meeting'")); + + $totalusers=0; + $totassurers=0; + $totalcerts=0; + for($i = 0; $i < 12; $i++) { + $first_ts = mktime(0, 0, 0, date("m") - $i, 1, date("Y")); + $next_month_ts = mktime(0, 0, 0, date("m") - $i + 1, 1, date("Y")); + $first = date("Y-m-d", $first_ts); + $next_month = date("Y-m-d", $next_month_ts); + + echo "Calculating statistics for month $first\n"; + + $totalusers += $users = tc( + "select count(*) as `count` from `users` + where `created` >= '$first' and `created` < '$next_month' + and `verified` = 1 + and `deleted` = 0 + and `locked` = 0"); + + $totassurers += $assurers = tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `when` >= '$first' and `when` < '$next_month' + and `method`!='Administrative Increase' + and `deleted` = 0 + group by `to` having sum(`points`) >= 100 + ) as `assurer_candidates`"); + + $certs = tc( + "select count(*) as `count` from `domaincerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `emailcerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `gpg` + where `issued` >= '$first' and `issued` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgdomaincerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgemailcerts` + where `created` >= '$first' and `created` < '$next_month' + and `expire` != 0"); + $totalcerts += $certs; + + $tmp_arr = array(); + $tmp_arr['date'] = date("Y-m", $first_ts); + $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_assurers'] = number_format($assurers); + $tmp_arr['new_certificates'] = number_format($certs); + + $stats['growth_last_12m'][] = $tmp_arr; + } + $stats['growth_last_12m_total'] = array( + 'new_users' => number_format($totalusers), + 'new_assurers' => number_format($totassurers), + 'new_certificates' => number_format($totalcerts), + ); + + $totalcerts = 0; + $totalusers = 0; + $totassurers = 0; + for($i = date("Y"); $i >= 2002; $i--) { + $first_ts = mktime(0, 0, 0, 1, 1, $i); + $next_year_ts = mktime(0, 0, 0, 1, 1, $i + 1); + $first = date("Y-m-d", $first_ts); + $next_year = date("Y-m-d", $next_year_ts); + + echo "Calculating statistics for year $i\n"; + + $totalusers += $users = tc( + "select count(*) as `count` from `users` + where `created` >= '$first' and `created` < '$next_year' + and `verified` = 1 + and `deleted` = 0 + and `locked` = 0"); + + $totassurers += $assurers = tc( + "select count(*) as `count` from ( + select 1 from `notary` + where `when` >= '$first' and `when` < '$next_year' + and `method`!='Administrative Increase' + and `deleted` = 0 + group by `to` having sum(`points`) >= 100 + ) as `assurer_candidates`"); + + $certs = tc( + "select count(*) as `count` from `domaincerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `emailcerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `gpg` + where `issued` >= '$first' and `issued` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgdomaincerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $certs += tc( + "select count(*) as `count` from `orgemailcerts` + where `created` >= '$first' and `created` < '$next_year' + and `expire` != 0"); + $totalcerts += $certs; + + $tmp_arr = array(); + $tmp_arr['date'] = $i; + $tmp_arr['new_users'] = number_format($users); + $tmp_arr['new_assurers'] = number_format($assurers); + $tmp_arr['new_certificates'] = number_format($certs); + + $stats['growth_last_years'][] = $tmp_arr; + } + $stats['growth_last_years_total'] = array( + 'new_users' => number_format($totalusers), + 'new_assurers' => number_format($totassurers), + 'new_certificates' => number_format($totalcerts), + ); + + return $stats; +} + + +$stats = getDataFromLive(); +if (! updateCache($stats) ) { + fwrite(STDERR, + "An error occured. The statistics were not successfully updated!"); + die(1); +} diff --git a/scripts/cron/warning.php b/scripts/cron/warning.php index 5cf7c31..0c97ba2 100755 --- a/scripts/cron/warning.php +++ b/scripts/cron/warning.php @@ -72,32 +72,37 @@ echo $row['fname']." ".$row['lname']." <".$row['email']."> (memid: ".$row['memid foreach($days as $day => $warning) { - $query = - "SELECT DISTINCT `domaincerts`.`id`, + $select_clause = + "`domaincerts`.`id`, `users`.`fname`, `users`.`lname`, `users`.`email`, `domains`.`memid`, `domaincerts`.`subject`, `domaincerts`.`crt_name`, `domaincerts`.`CN`, `domaincerts`.`serial`, - (UNIX_TIMESTAMP(`domaincerts`.`expire`) - - UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft` - - FROM `users`, `domaincerts`, `domlink`, `domains` - WHERE UNIX_TIMESTAMP(`domaincerts`.`expire`) - + (UNIX_TIMESTAMP(`domaincerts`.`expire`) - + UNIX_TIMESTAMP(NOW())) / 86400 AS `daysleft`"; + $where_clause = + "UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) > -7 * 86400 - AND UNIX_TIMESTAMP(`domaincerts`.`expire`) - + AND UNIX_TIMESTAMP(`domaincerts`.`expire`) - UNIX_TIMESTAMP(NOW()) < $day * 86400 - AND `domaincerts`.`renewed` = 0 - AND `domaincerts`.`warning` <= '$warning' - AND `domaincerts`.`revoked` = 0 - AND ( - `domaincerts`.`domid` = `domains`.`id` - OR ( - `domaincerts`.`id` = `domlink`.`certid` - AND `domlink`.`domid` = `domains`.`id` - ) - ) - AND `domains`.`memid` = `users`.`id`"; + AND `domaincerts`.`renewed` = 0 + AND `domaincerts`.`warning` <= '$warning' + AND `domaincerts`.`revoked` = 0 + AND `domains`.`memid` = `users`.`id`"; + $query = + "SELECT $select_clause + FROM `users`, `domaincerts`, `domains` + WHERE $where_clause + AND `domaincerts`.`domid` = `domains`.`id` + UNION DISTINCT + SELECT $select_clause + FROM `users`, + `domaincerts` LEFT JOIN `domlink` ON + (`domaincerts`.`id` = `domlink`.`certid`), + `domains` + WHERE $where_clause + AND `domlink`.`domid` = `domains`.`id`"; $res = mysql_query($query); while($row = mysql_fetch_assoc($res)) { |