Commit b5b02944 authored by Thomas Löffler's avatar Thomas Löffler
Browse files

Finalizes LDAP connection of user management

* Add check if username is used in LDAP yet
* Create user in LDAP
* Change user in LDAP
* Password update in LDAP
* No password update from TYPO3 backend
parent 1133aa02
Pipeline #3830 passed with stages
in 5 minutes and 16 seconds
...@@ -12,4 +12,19 @@ use TYPO3\CMS\Extbase\Persistence\Repository; ...@@ -12,4 +12,19 @@ use TYPO3\CMS\Extbase\Persistence\Repository;
class MyProfileRepository extends Repository class MyProfileRepository extends Repository
{ {
/**
* @param int $uid
* @return \T3o\T3omy\Domain\Model\MyProfile|object
*/
public function findDisabledByUid(int $uid)
{
$query = $this->createQuery();
$query->getQuerySettings()
->setIgnoreEnableFields(true)
->setEnableFieldsToBeIgnored(['disable'])
->setRespectStoragePage(false);
return $query->matching($query->equals('uid', $uid))->execute()->getFirst();
}
} }
<?php
namespace T3o\T3omy\Domain\Validator;
/*
* This file is part of the TYPO3 CMS project.
*
* It is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, either version 2
* of the License, or any later version.
*
* For the full copyright and license information, please read the
* LICENSE.txt file that was distributed with this source code.
*
* The TYPO3 project - inspiring people to share!
*/
class ServersideValidator extends \In2code\Femanager\Domain\Validator\ServersideValidator
{
/**
* Validation of given Params
*
* @param User $user
* @return bool
*/
public function isValid($user): bool
{
$this->init();
if ($this->validationSettings['_enable']['server'] === '1') {
foreach ($this->validationSettings as $fieldName => $validations) {
if ($this->shouldBeValidated($user, $fieldName)) {
$value = $this->getValue($user, $fieldName);
foreach ($validations as $validation => $validationSetting) {
switch ($validation) {
case 'required':
$this->checkRequiredValidation($validationSetting, $value, $fieldName);
break;
case 'email':
$this->checkEmailValidation($value, $validationSetting, $fieldName);
break;
case 'min':
$this->checkMinValidation($value, $validationSetting, $fieldName);
break;
case 'max':
$this->checkMaxValidation($value, $validationSetting, $fieldName);
break;
case 'intOnly':
$this->checkIntOnlyValidation($value, $validationSetting, $fieldName);
break;
case 'lettersOnly':
$this->checkLetterOnlyValidation($value, $validationSetting, $fieldName);
break;
case 'uniqueInPage':
$this->checkUniqueInPageValidation($user, $value, $validationSetting, $fieldName);
break;
case 'uniqueInDb':
$this->checkUniqueInDbValidation($user, $value, $validationSetting, $fieldName);
break;
case 'uniqueInLdap':
$this->checkUniqueInLdapValidation($user, $value, $validationSetting, $fieldName);
break;
case 'mustInclude':
$this->checkMustIncludeValidation($value, $validationSetting, $fieldName);
break;
case 'mustNotInclude':
$this->checkMustNotIncludeValidation($value, $validationSetting, $fieldName);
break;
case 'inList':
$this->checkInListValidation($value, $validationSetting, $fieldName);
break;
case 'sameAs':
$this->checkSameAsValidation($user, $validationSetting, $value, $fieldName);
break;
case 'date':
// Nothing to do. ServersideValidator runs after converter
// If dateTimeConverter exception $value is the old DateTime Object => True
// If dateTimeConverter runs well we have an DateTime Object => True
break;
default:
// e.g. search for method validateCustom()
$this->checkAnyValidation($validation, $value, $validationSetting, $fieldName);
}
}
}
}
}
return $this->isValid;
}
/**
* @param \In2code\Femanager\Domain\Model\User $user
* @param string $value
* @param array $validationSetting
* @param string $fieldName
* @return void
*/
protected function checkUniqueInLdapValidation($user, $value, $validationSetting, $fieldName)
{
$ldap = \TYPO3\CMS\Core\Utility\GeneralUtility::makeInstance(\T3o\T3oLdap\Connectors\Ldap::class);
if ($ldap->userExists($value)) {
$this->addError(ucfirst($fieldName) . ' is already in use (LDAP)', $fieldName);
$this->isValid = false;
}
}
}
...@@ -63,6 +63,12 @@ class FeManagerHooks ...@@ -63,6 +63,12 @@ class FeManagerHooks
*/ */
protected $myProfileRepository; protected $myProfileRepository;
/**
* @var \TYPO3\CMS\Extbase\Persistence\Generic\PersistenceManager
* @inject
*/
protected $persistenceManager;
/** /**
* DataHandlerHook constructor * DataHandlerHook constructor
*/ */
...@@ -163,6 +169,24 @@ class FeManagerHooks ...@@ -163,6 +169,24 @@ class FeManagerHooks
); );
} }
/**
* @param \In2code\Femanager\Domain\Model\User $user
* @param \In2code\Femanager\Controller\EditController $plugin
* @return void
*/
public function selfUpdateOfUser(User $user, \In2code\Femanager\Controller\EditController $plugin)
{
$myProfileUser = $this->myProfileRepository->findDisabledByUid($user->getUid());
$plainTextPassword = '';
if ($user->_isDirty('password')) {
$plainTextPassword = $user->getPassword();
\In2code\Femanager\Utility\UserUtility::convertPassword($user, '');
$cryptedPassword = $user->getPassword();
$myProfileUser->setPassword($cryptedPassword);
}
$this->ldapUserCreateUpdateDelete->updateUser($myProfileUser, true, $plainTextPassword);
}
/** /**
* Use DataHandler "afterAllOperations" hook to update or create FE Users * Use DataHandler "afterAllOperations" hook to update or create FE Users
* in LDAP. * in LDAP.
...@@ -172,10 +196,8 @@ class FeManagerHooks ...@@ -172,10 +196,8 @@ class FeManagerHooks
*/ */
public function createUser(User $user) public function createUser(User $user)
{ {
// Due to a dirty state of the user we need to persist before fetch $this->persistenceManager->persistAll();
$persistenceManager = GeneralUtility::makeInstance(\TYPO3\CMS\Extbase\Persistence\Generic\PersistenceManager::class); $myProfileUser = $this->myProfileRepository->findDisabledByUid($user->getUid());
$persistenceManager->persistAll();
$myProfileUser = $this->myProfileRepository->findByUid($user->getUid());
$result = $this->ldapUserCreateUpdateDelete->updateUser($myProfileUser); $result = $this->ldapUserCreateUpdateDelete->updateUser($myProfileUser);
// TODO: Create log entry if user has been successfully added or throw an exception otherwise // TODO: Create log entry if user has been successfully added or throw an exception otherwise
...@@ -191,7 +213,7 @@ class FeManagerHooks ...@@ -191,7 +213,7 @@ class FeManagerHooks
*/ */
public function updateUser(User $user) public function updateUser(User $user)
{ {
$myProfileUser = $this->myProfileRepository->findByUid($user->getUid()); $myProfileUser = $this->myProfileRepository->findDisabledByUid($user->getUid());
$result = $this->ldapUserCreateUpdateDelete->updateUser($myProfileUser); $result = $this->ldapUserCreateUpdateDelete->updateUser($myProfileUser);
// TODO: Create log entry if user has been successfully updated or throw an exception othwerwise // TODO: Create log entry if user has been successfully updated or throw an exception othwerwise
......
...@@ -10,6 +10,10 @@ plugin.tx_femanager { ...@@ -10,6 +10,10 @@ plugin.tx_femanager {
validation { validation {
terms.required = 1 terms.required = 1
name.required = 1 name.required = 1
username {
uniqueInDb = 0
uniqueInLdap = 1
}
} }
requestRedirect = TEXT requestRedirect = TEXT
...@@ -43,6 +47,12 @@ plugin.tx_femanager { ...@@ -43,6 +47,12 @@ plugin.tx_femanager {
email.createUserNotify._enable.value = 1 email.createUserNotify._enable.value = 1
email.createAdminNotify._enable.value = 0 email.createAdminNotify._enable.value = 0
} }
edit {
misc {
# No password conversion, we need plain text for LDAP
passwordSave = none
}
}
page.termsAndConditions = 6 page.termsAndConditions = 6
# Femanager autoAdminConfirmation classes # Femanager autoAdminConfirmation classes
...@@ -59,4 +69,10 @@ plugin.tx_femanager { ...@@ -59,4 +69,10 @@ plugin.tx_femanager {
} }
} }
config.tx_extbase{
objects {
In2code\Femanager\Domain\Validator\ServersideValidator.className = T3o\T3omy\Domain\Validator\ServersideValidator
}
}
page.includeJSFooter.femanagerValidation > page.includeJSFooter.femanagerValidation >
...@@ -51,5 +51,12 @@ $dispatcher->connect( ...@@ -51,5 +51,12 @@ $dispatcher->connect(
'newUserAdminDecline' 'newUserAdminDecline'
); );
$dispatcher->connect(
\In2code\Femanager\Controller\EditController::class,
'updateActionBeforePersist',
\T3o\T3omy\Hooks\FeManagerHooks::class,
'selfUpdateOfUser'
);
$GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed'][] = \T3o\T3omy\Hooks\FeManagerHooks::class . '->writePassword'; $GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['felogin']['password_changed'][] = \T3o\T3omy\Hooks\FeManagerHooks::class . '->writePassword';
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment