Commit abbdf775 authored by Benni Mack's avatar Benni Mack
Browse files

Merge branch 'task/cleanup-ter-helperi' into 'develop'

Cleanup of tx_ter_helper

See merge request t3o/ter!496
parents c242c51c d82fbdfc
Pipeline #9072 passed with stages
in 10 minutes and 6 seconds
......@@ -15,35 +15,11 @@
/**
* Helper functions used in the TER API
*
* $Id$
*
* @author Robert Lemke <robert@typo3.org>
*/
/**
* [CLASS/FUNCTION INDEX of SCRIPT]
*
*
*
* 103: class tx_ter_helper
* 114: public function __construct($pluginObj)
* 127: public function getValidUser ($accountData)
* 162: public function extensionKeyIsAvailable($extensionKey)
* 188: public function getExtensionKeyRecord ($extKey)
* 215: public function getLatestVersionNumberOfExtension ($extensionKey)
* 245: public function requestUpdateOfExtensionIndexFile()
* 260: public function writeExtensionIndexfile()
* 358: public function xmlentities ($string)
*
* TOTAL FUNCTIONS: 8
* (This index is automatically created/updated by the extension "extdeveval")
*/
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;
// Make sure that we are executed only in TYPO3 context
if (!defined('TYPO3_MODE')) {
die('Access denied.');
}
// Error codes:
define('TX_TER_ERROR_GENERAL_EXTREPDIRDOESNTEXIST', '100');
define('TX_TER_ERROR_GENERAL_NOUSERORPASSWORD', '101');
......@@ -129,32 +105,40 @@ class tx_ter_helper
* @access public
* @throws \T3o\Ter\Exception\UnauthorizedException
*/
public function getValidUser($accountData)
public function getValidUser(object $accountData): ?array
{
if (!strlen($accountData->username) || (!strlen($accountData->password))) {
if ($accountData->username === '' || $accountData->password === '') {
throw new \T3o\Ter\Exception\UnauthorizedException('No user or no password submitted.', TX_TER_ERROR_GENERAL_NOUSERORPASSWORD);
}
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'*',
'fe_users',
'username=' . $this->getDatabaseConnection()->fullQuoteStr($accountData->username, 'fe_users') . $this->getTyposcriptFrontendObject()->sys_page->enableFields('fe_users')
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
if (!$this->userIsAlreadyLoggedIn(
$accountData
) && !$this->ldapValidationSucceeded($accountData)
) {
$user = $this->getUserByUsername($accountData->username);
if ($user) {
if (!$this->userIsAlreadyLoggedIn($accountData) && !$this->ldapValidationSucceeded($accountData)) {
throw new \T3o\Ter\Exception\UnauthorizedException('Wrong password.', TX_TER_ERROR_GENERAL_WRONGPASSWORD);
}
$user['admin'] = $this->userIsAdmin($user['usergroup']) || $this->userIsSecurityTeamMember($user['usergroup']);
} else {
throw new \T3o\Ter\Exception\UnauthorizedException('The specified user does not exist. You need to login first on extensions.typo3.org.', TX_TER_ERROR_GENERAL_USERNOTFOUND);
}
$row['admin'] = $this->userIsAdmin($row['usergroup']) || $this->userIsSecurityTeamMember($row['usergroup']);
return $user;
}
return $row;
private function getUserByUsername(string $username = ''): ?array
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('fe_users');
$userRecord = $queryBuilder
->select('*')
->from('fe_users')
->where(
$queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter($username))
)
->execute()
->fetch();
return $userRecord ?: null;
}
/**
......@@ -182,15 +166,12 @@ class tx_ter_helper
* @param $accountData
* @return bool
*/
private function userIsAlreadyLoggedIn($accountData)
private function userIsAlreadyLoggedIn(object $accountData): bool
{
/** @var \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController $tsfe */
$tsfe = $GLOBALS['TSFE'];
if (!empty($tsfe->fe_user->user['username']) && $accountData->username === $tsfe->fe_user->user['username']) {
return true;
}
return false;
return !empty($tsfe->fe_user->user['username']) && $accountData->username === $tsfe->fe_user->user['username'];
}
/**
......@@ -199,7 +180,7 @@ class tx_ter_helper
* @param stdClass $accountData
* @return bool
*/
private function ldapValidationSucceeded(stdClass $accountData): bool
private function ldapValidationSucceeded(\stdClass $accountData): bool
{
if (!\TYPO3\CMS\Core\Utility\ExtensionManagementUtility::isLoaded('ig_ldap_sso_auth')) {
return false;
......@@ -221,28 +202,13 @@ class tx_ter_helper
* @param object $accountData
* @return bool
*/
public function checkValidUser($accountData)
public function checkValidUser(string $accountData): bool
{
if (!strlen($accountData->username) || (!strlen($accountData->password))) {
if ($accountData->username === '' || $accountData->password === '') {
$success = false;
} else {
$success = false;
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'*',
'fe_users',
'username=' . $this->getDatabaseConnection()->fullQuoteStr(
$accountData->username,
'fe_users'
) . $GLOBALS['TSFE']->sys_page->enableFields('fe_users')
);
if ($row = $this->getDatabaseConnection()->sql_fetch_assoc($res)) {
if ($this->ldapValidationSucceeded($accountData)
) {
$success = true;
}
}
$this->getDatabaseConnection()->sql_free_result($res);
$user = $this->getUserByUsername($accountData->username);
$success = $user && $this->ldapValidationSucceeded($accountData);
}
return $success;
......@@ -258,23 +224,18 @@ class tx_ter_helper
* @access public
* @author Elmar Hinz
*/
public function extensionKeyIsAvailable($extensionKey)
public function extensionKeyIsAvailable(string $extensionKey): bool
{
$cleanedExtensionKey = str_replace('_', '', $extensionKey);
$isAvailable = true;
$res = $this->getDatabaseConnection()->exec_SELECTquery(
'extensionkey',
'tx_ter_extensionkeys',
'1'
);
while ($row = $this->getDatabaseConnection()->sql_fetch_row($res)) {
if ($cleanedExtensionKey === str_replace('_', '', $row[0])) {
$isAvailable = false;
}
}
return $isAvailable;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('tx_ter_extensionkeys');
$result = $queryBuilder->select('extensionkey')
->from('tx_ter_extensionkeys')
->add('where', 'REPLACE(extensionkey, "_", "") = ' . $queryBuilder->createNamedParameter($cleanedExtensionKey))
->execute()
->rowCount();
return $result === 0;
}
/**
......@@ -284,27 +245,30 @@ class tx_ter_helper
* @return mixed The extension key row or FALSE
* @access public
*/
public function getExtensionKeyRecord($extKey)
public function getExtensionKeyRecord(string $extKey): ?array
{
$row = $this->getDatabaseConnection()->exec_SELECTgetSingleRow(
'*',
'tx_ter_extensionkeys',
'extensionkey=' . $this->getDatabaseConnection()->fullQuoteStr($extKey, 'tx_ter_extensionkeys') .
$this->getTyposcriptFrontendObject()->sys_page->enableFields('tx_ter_extensionkeys')
);
return $row;
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('tx_ter_extensionkeys');
$extensionKeyRecord = $queryBuilder
->select('*')
->from('tx_ter_extensionkeys')
->where(
$queryBuilder->expr()->eq('extensionkey', $queryBuilder->createNamedParameter($extKey))
)
->execute()
->fetch();
return $extensionKeyRecord ?: null;
}
/***
* Load an instance of the BE_USER to use with TCEFORM
*
* @param integer $uid UID of the virtual user
* @param string $username Username
* @param boolean $isAdmin Set admin rights
* @return void
*/
public function loadBackendUser($uid, $username, $isAdmin = false)
public function loadBackendUser(string $username, bool $isAdmin = false): void
{
if (!empty($GLOBALS['BE_USER'])) {
return;
......@@ -321,31 +285,15 @@ class tx_ter_helper
/**
* Load an instance of the LANG object
*
* @param string $language Used language ident
* @param string $lang Used language ident
*/
public function loadLang($lang = 'default')
public function loadLang(string $lang = 'default'): void
{
if (!empty($GLOBALS['LANG'])) {
return;
}
$GLOBALS['LANG'] = GeneralUtility::makeInstance(\TYPO3\CMS\Lang\LanguageService::class);
$GLOBALS['LANG'] = GeneralUtility::makeInstance(\TYPO3\CMS\Core\Localization\LanguageService::class);
$GLOBALS['LANG']->init($lang);
}
/**
* @return \TYPO3\CMS\Core\Database\DatabaseConnection
*/
private function getDatabaseConnection()
{
return $GLOBALS['TYPO3_DB'];
}
/**
* @return \TYPO3\CMS\Frontend\Controller\TypoScriptFrontendController
*/
private function getTyposcriptFrontendObject()
{
return $GLOBALS['TSFE'];
}
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment