Commit a81b3663 authored by Thomas Löffler's avatar Thomas Löffler
Browse files

Cleanup of tx_ter_helper

* Use Doctrine instead of legacy db connection
* Add types to variables and returns
* Simplify functions
* Remove unused code
parent c242c51c
Pipeline #9069 failed with stages
in 57 seconds
......@@ -15,28 +15,9 @@
/**
* Helper functions used in the TER API
*
* $Id$
*
* @author Robert Lemke <robert@typo3.org>
*/
/**
* [CLASS/FUNCTION INDEX of SCRIPT]
*
*
*
* 103: class tx_ter_helper
* 114: public function __construct($pluginObj)
* 127: public function getValidUser ($accountData)
* 162: public function extensionKeyIsAvailable($extensionKey)
* 188: public function getExtensionKeyRecord ($extKey)
* 215: public function getLatestVersionNumberOfExtension ($extensionKey)
* 245: public function requestUpdateOfExtensionIndexFile()
* 260: public function writeExtensionIndexfile()
* 358: public function xmlentities ($string)
*
* TOTAL FUNCTIONS: 8
* (This index is automatically created/updated by the extension "extdeveval")
*/
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
// Make sure that we are executed only in TYPO3 context
......@@ -129,32 +110,40 @@ class tx_ter_helper
* @access public
* @throws \T3o\Ter\Exception\UnauthorizedException
*/
public function getValidUser($accountData)
public function getValidUser(object $accountData): ?array
{
if (!strlen($accountData->username) || (!strlen($accountData->password))) {
if ($accountData->username === '' || $accountData->password === '') {
throw new \T3o\Ter\Exception\UnauthorizedException('No user or no password submitted.', TX_TER_ERROR_GENERAL_NOUSERORPASSWORD);
}
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'*',
'fe_users',
'username=' . $this->getDatabaseConnection()->fullQuoteStr($accountData->username, 'fe_users') . $this->getTyposcriptFrontendObject()->sys_page->enableFields('fe_users')
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
if (!$this->userIsAlreadyLoggedIn(
$accountData
) && !$this->ldapValidationSucceeded($accountData)
) {
$user = $this->getUserByUsername($accountData->username);
if ($user) {
if (!$this->userIsAlreadyLoggedIn($accountData) && !$this->ldapValidationSucceeded($accountData)) {
throw new \T3o\Ter\Exception\UnauthorizedException('Wrong password.', TX_TER_ERROR_GENERAL_WRONGPASSWORD);
}
$user['admin'] = $this->userIsAdmin($user['usergroup']) || $this->userIsSecurityTeamMember($user['usergroup']);
} else {
throw new \T3o\Ter\Exception\UnauthorizedException('The specified user does not exist. You need to login first on extensions.typo3.org.', TX_TER_ERROR_GENERAL_USERNOTFOUND);
}
$row['admin'] = $this->userIsAdmin($row['usergroup']) || $this->userIsSecurityTeamMember($row['usergroup']);
return $user;
}
return $row;
private function getUserByUsername(string $username = ''): ?array
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$userRecord = $queryBuilder
->select('*')
->from('fe_users')
->where(
$queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter($username))
)
->execute()
->fetch();
return $userRecord ?: null;
}
/**
......@@ -182,15 +171,12 @@ class tx_ter_helper
* @param $accountData
* @return bool
*/
private function userIsAlreadyLoggedIn($accountData)
private function userIsAlreadyLoggedIn(object $accountData): bool
{
/** @var \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController $tsfe */
$tsfe = $GLOBALS['TSFE'];
if (!empty($tsfe->fe_user->user['username']) && $accountData->username === $tsfe->fe_user->user['username']) {
return true;
}
return false;
return !empty($tsfe->fe_user->user['username']) && $accountData->username === $tsfe->fe_user->user['username'];
}
/**
......@@ -199,7 +185,7 @@ class tx_ter_helper
* @param stdClass $accountData
* @return bool
*/
private function ldapValidationSucceeded(stdClass $accountData): bool
private function ldapValidationSucceeded(\stdClass $accountData): bool
{
if (!\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('ig_ldap_sso_auth')) {
return false;
......@@ -221,28 +207,13 @@ class tx_ter_helper
* @param object $accountData
* @return bool
*/
public function checkValidUser($accountData)
public function checkValidUser(string $accountData): bool
{
if (!strlen($accountData->username) || (!strlen($accountData->password))) {
if ($accountData->username === '' || $accountData->password === '') {
$success = false;
} else {
$success = false;
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'*',
'fe_users',
'username=' . $this->getDatabaseConnection()->fullQuoteStr(
$accountData->username,
'fe_users'
) . $GLOBALS['TSFE']->sys_page->enableFields('fe_users')
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
if ($this->ldapValidationSucceeded($accountData)
) {
$success = true;
}
}
$this->getDatabaseConnection()->sql_free_result($res);
$user = $this->getUserByUsername($accountData->username);
$success = $user && $this->ldapValidationSucceeded($accountData);
}
return $success;
......@@ -258,23 +229,22 @@ class tx_ter_helper
* @access public
* @author Elmar Hinz
*/
public function extensionKeyIsAvailable($extensionKey)
public function extensionKeyIsAvailable(string $extensionKey): bool
{
$cleanedExtensionKey = str_replace('_', '', $extensionKey);
$isAvailable = true;
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'extensionkey',
'tx_ter_extensionkeys',
'1'
);
while ($row = $this->getDatabaseConnection()->sql_fetch_row($res)) {
if ($cleanedExtensionKey === str_replace('_', '', $row[0])) {
$isAvailable = false;
$allExtensions = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('tx_ter_extensionkeys')
->select(['extensionkey'], 'tx_ter_extensionkeys')
->fetchAll();
foreach ($allExtensions as $extension) {
if ($cleanedExtensionKey === str_replace('_', '', $extension['extensionkey'])) {
return false;
}
}
return $isAvailable;
return true;
}
/**
......@@ -284,27 +254,30 @@ class tx_ter_helper
* @return mixed The extension key row or FALSE
* @access public
*/
public function getExtensionKeyRecord($extKey)
public function getExtensionKeyRecord(string $extKey): ?array
{
$row = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
'*',
'tx_ter_extensionkeys',
'extensionkey=' . $this->getDatabaseConnection()->fullQuoteStr($extKey, 'tx_ter_extensionkeys') .
$this->getTyposcriptFrontendObject()->sys_page->enableFields('tx_ter_extensionkeys')
);
return $row;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('tx_ter_extensionkeys');
$extensionKeyRecord = $queryBuilder
->select('*')
->from('tx_ter_extensionkeys')
->where(
$queryBuilder->expr()->eq('extensionkey', $queryBuilder->createNamedParameter($extKey))
)
->execute()
->fetch();
return $extensionKeyRecord ?: null;
}
/***
* Load an instance of the BE_USER to use with TCEFORM
*
* @param integer $uid UID of the virtual user
* @param string $username Username
* @param boolean $isAdmin Set admin rights
* @return void
*/
public function loadBackendUser($uid, $username, $isAdmin = false)
public function loadBackendUser(string $username, bool $isAdmin = false): void
{
if (!empty($GLOBALS['BE_USER'])) {
return;
......@@ -321,31 +294,15 @@ class tx_ter_helper
/**
* Load an instance of the LANG object
*
* @param string $language Used language ident
* @param string $lang Used language ident
*/
public function loadLang($lang = 'default')
public function loadLang(string $lang = 'default'): void
{
if (!empty($GLOBALS['LANG'])) {
return;
}
$GLOBALS['LANG'] = GeneralUtility::makeInstance(\TYPO3\CMS\Lang\LanguageService::class);
$GLOBALS['LANG'] = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\LanguageService::class);
$GLOBALS['LANG']->init($lang);
}
/**
* @return \TYPO3\CMS\Core\Database\DatabaseConnection
*/
private function getDatabaseConnection()
{
return $GLOBALS['TYPO3_DB'];
}
/**
* @return \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController
*/
private function getTyposcriptFrontendObject()
{
return $GLOBALS['TSFE'];
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment