[BUGFIX] Fix Online BE-Users->Terminate be user sessions termination
[Packages/TYPO3.CMS.git] / typo3 / sysext / beuser / Classes / Controller / BackendUserController.php
1 <?php
2 namespace TYPO3\CMS\Beuser\Controller;
3
4 /**
5 * This file is part of the TYPO3 CMS project.
6 *
7 * It is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU General Public License, either version 2
9 * of the License, or any later version.
10 *
11 * For the full copyright and license information, please read the
12 * LICENSE.txt file that was distributed with this source code.
13 *
14 * The TYPO3 project - inspiring people to share!
15 */
16 use TYPO3\CMS\Backend\Utility\BackendUtility;
17 use TYPO3\CMS\Extbase\Utility\LocalizationUtility;
18
19 /**
20 * Backend module user administration controller
21 *
22 * @author Felix Kopp <felix-source@phorax.com>
23 */
24 class BackendUserController extends \TYPO3\CMS\Extbase\Mvc\Controller\ActionController {
25
26 /**
27 * @var \TYPO3\CMS\Beuser\Domain\Model\ModuleData
28 */
29 protected $moduleData;
30
31 /**
32 * @var \TYPO3\CMS\Beuser\Service\ModuleDataStorageService
33 * @inject
34 */
35 protected $moduleDataStorageService;
36
37 /**
38 * @var \TYPO3\CMS\Beuser\Domain\Repository\BackendUserRepository
39 * @inject
40 */
41 protected $backendUserRepository;
42
43 /**
44 * @var \TYPO3\CMS\Beuser\Domain\Repository\BackendUserGroupRepository
45 * @inject
46 */
47 protected $backendUserGroupRepository;
48
49 /**
50 * @var \TYPO3\CMS\Beuser\Domain\Repository\BackendUserSessionRepository
51 * @inject
52 */
53 protected $backendUserSessionRepository;
54
55 /**
56 * Load and persist module data
57 *
58 * @param \TYPO3\CMS\Extbase\Mvc\RequestInterface $request
59 * @param \TYPO3\CMS\Extbase\Mvc\ResponseInterface $response
60 * @return void
61 * @throws \TYPO3\CMS\Extbase\Mvc\Exception\StopActionException
62 */
63 public function processRequest(\TYPO3\CMS\Extbase\Mvc\RequestInterface $request, \TYPO3\CMS\Extbase\Mvc\ResponseInterface $response) {
64 $this->moduleData = $this->moduleDataStorageService->loadModuleData();
65 // We "finally" persist the module data.
66 try {
67 parent::processRequest($request, $response);
68 $this->moduleDataStorageService->persistModuleData($this->moduleData);
69 } catch (\TYPO3\CMS\Extbase\Mvc\Exception\StopActionException $e) {
70 $this->moduleDataStorageService->persistModuleData($this->moduleData);
71 throw $e;
72 }
73 }
74
75 /**
76 * Initialize actions
77 *
78 * @return void
79 * @throws \RuntimeException
80 */
81 public function initializeAction() {
82 // @TODO: Extbase backend modules relies on frontend TypoScript for view, persistence
83 // and settings. Thus, we need a TypoScript root template, that then loads the
84 // ext_typoscript_setup.txt file of this module. This is nasty, but can not be
85 // circumvented until there is a better solution in extbase.
86 // For now we throw an exception if no settings are detected.
87 if (empty($this->settings)) {
88 throw new \RuntimeException('No settings detected. This module can not work then. This usually happens if there is no frontend TypoScript template with root flag set. ' . 'Please create a frontend page with a TypoScript root template.', 1344375003);
89 }
90 }
91
92 /**
93 * Displays all BackendUsers
94 * - Switch session to different user
95 *
96 * @param \TYPO3\CMS\Beuser\Domain\Model\Demand $demand
97 * @return void
98 */
99 public function indexAction(\TYPO3\CMS\Beuser\Domain\Model\Demand $demand = NULL) {
100 if ($demand === NULL) {
101 $demand = $this->moduleData->getDemand();
102 } else {
103 $this->moduleData->setDemand($demand);
104 }
105 // Switch user until logout
106 $switchUser = (int)\TYPO3\CMS\Core\Utility\GeneralUtility::_GP('SwitchUser');
107 if ($switchUser > 0) {
108 $this->switchUser($switchUser);
109 }
110 $compareUserList = $this->moduleData->getCompareUserList();
111 $this->view->assign('demand', $demand);
112 $this->view->assign('returnUrl', rawurlencode(BackendUtility::getModuleUrl('system_BeuserTxBeuser')));
113 $this->view->assign('dateFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy']);
114 $this->view->assign('timeFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm']);
115 $this->view->assign('backendUsers', $this->backendUserRepository->findDemanded($demand));
116 $this->view->assign('backendUserGroups', array_merge(array(''), $this->backendUserGroupRepository->findAll()->toArray()));
117 $this->view->assign('compareUserList', !empty($compareUserList) ? $this->backendUserRepository->findByUidList($compareUserList) : '');
118 }
119
120 /**
121 * Views all currently logged in BackendUsers and their sessions
122 *
123 * @return void
124 */
125 public function onlineAction() {
126 $onlineUsersAndSessions = array();
127 $onlineUsers = $this->backendUserRepository->findOnline();
128 foreach ($onlineUsers as $onlineUser) {
129 $onlineUsersAndSessions[] = array(
130 'backendUser' => $onlineUser,
131 'sessions' => $this->backendUserSessionRepository->findByBackendUser($onlineUser)
132 );
133 }
134 $this->view->assign('dateFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy']);
135 $this->view->assign('timeFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm']);
136 $this->view->assign('onlineUsersAndSessions', $onlineUsersAndSessions);
137 $this->view->assign('currentSessionId', $GLOBALS['BE_USER']->user['ses_id']);
138 }
139
140 /**
141 * Compare backend users from demand
142 *
143 * @return void
144 */
145 public function compareAction() {
146 $compareUserList = $this->moduleData->getCompareUserList();
147 $this->view->assign('dateFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy']);
148 $this->view->assign('timeFormat', $GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm']);
149 $this->view->assign('compareUserList', !empty($compareUserList) ? $this->backendUserRepository->findByUidList($compareUserList) : '');
150 }
151
152 /**
153 * Attaches one backend user to the compare list
154 *
155 * @param int $uid
156 * @return void
157 */
158 public function addToCompareListAction($uid) {
159 $this->moduleData->attachUidCompareUser($uid);
160 $this->moduleDataStorageService->persistModuleData($this->moduleData);
161 $this->forward('index');
162 }
163
164 /**
165 * Removes given backend user to the compare list
166 *
167 * @param int $uid
168 * @return void
169 */
170 public function removeFromCompareListAction($uid) {
171 $this->moduleData->detachUidCompareUser($uid);
172 $this->moduleDataStorageService->persistModuleData($this->moduleData);
173 $this->forward('index');
174 }
175
176 /**
177 * Terminate BackendUser session and logout corresponding client
178 * Redirects to onlineAction with message
179 *
180 * @param \TYPO3\CMS\Beuser\Domain\Model\BackendUser $backendUser
181 * @param string $sessionId
182 * @return void
183 */
184 protected function terminateBackendUserSessionAction(\TYPO3\CMS\Beuser\Domain\Model\BackendUser $backendUser, $sessionId) {
185 $GLOBALS['TYPO3_DB']->exec_DELETEquery(
186 'be_sessions',
187 'ses_userid = "' . (int)$backendUser->getUid() . '" AND ses_id = ' . $GLOBALS['TYPO3_DB']->fullQuoteStr($sessionId, 'be_sessions') . ' LIMIT 1'
188 );
189 if ($GLOBALS['TYPO3_DB']->sql_affected_rows() == 1) {
190 $this->addFlashMessage(LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:terminateSessionSuccess', 'beuser'));
191 }
192 $this->forward('online');
193 }
194
195 /**
196 * Switches to a given user (SU-mode) and then redirects to the start page of the backend to refresh the navigation etc.
197 *
198 * @param string $switchUser BE-user record that will be switched to
199 * @return void
200 */
201 protected function switchUser($switchUser) {
202 $targetUser = \TYPO3\CMS\Backend\Utility\BackendUtility::getRecord('be_users', $switchUser);
203 if (is_array($targetUser) && $GLOBALS['BE_USER']->isAdmin()) {
204 $updateData['ses_userid'] = (int)$targetUser['uid'];
205 $updateData['ses_backuserid'] = (int)$GLOBALS['BE_USER']->user['uid'];
206
207 // Set backend user listing module as starting module for switchback
208 $GLOBALS['BE_USER']->uc['startModuleOnFirstLogin'] = 'system_BeuserTxBeuser';
209 $GLOBALS['BE_USER']->writeUC();
210
211 $whereClause = 'ses_id=' . $GLOBALS['TYPO3_DB']->fullQuoteStr($GLOBALS['BE_USER']->id, 'be_sessions');
212 $whereClause .= ' AND ses_name=' . $GLOBALS['TYPO3_DB']->fullQuoteStr(\TYPO3\CMS\Core\Authentication\BackendUserAuthentication::getCookieName(), 'be_sessions');
213 $whereClause .= ' AND ses_userid=' . (int)$GLOBALS['BE_USER']->user['uid'];
214
215 $GLOBALS['TYPO3_DB']->exec_UPDATEquery(
216 'be_sessions',
217 $whereClause,
218 $updateData
219 );
220
221 $redirectUrl = $GLOBALS['BACK_PATH'] . 'index.php' . ($GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
222 \TYPO3\CMS\Core\Utility\HttpUtility::redirect($redirectUrl);
223 }
224 }
225 }