/** * Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time). * If no user is logged in this method returns null. * * @return string * @api */ public function getPersonalWorkspaceName() { $currentUser = $this->userDomainService->getCurrentUser(); if (!$currentUser instanceof User) { return null; } $username = $this->userDomainService->getUsername($currentUser); return $username === null ? null : UserUtility::getPersonalWorkspaceNameForUsername($username); }
/** * Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time). * If no user is logged in this method returns null. * * @return string * @api */ public function getPersonalWorkspaceName() { $currentUser = $this->userDomainService->getCurrentUser(); if (!$currentUser instanceof User) { return null; } $username = $this->userDomainService->getUsername($currentUser); return 'user-' . preg_replace('/[^a-z0-9]/i', '', $username); }
/** * @return \TYPO3\Flow\Security\Account */ public function getInstagramAccountHavingParty() { foreach ($this->userService->getCurrentUser()->getAccounts() as $account) { /* @var $account \TYPO3\Flow\Security\Account */ if ($account->getAuthenticationProviderName() === 'InstagramOAuth2Provider') { return $account; } } return NULL; }
/** * Update/adds a user preference * * @param string $key The key of the preference to update/add * @param string $value The value of the preference * @return void */ public function updateAction($key, $value) { // TODO: This should be done in an earlier stage (TypeConverter ?) if (strtolower($value) === 'false') { $value = false; } elseif (strtolower($value) === 'true') { $value = true; } $user = $this->userService->getCurrentUser(); $user->getPreferences()->set($key, $value); $this->userService->updateUser($user); $this->throwStatus(204, 'User preferences have been updated'); }
/** * @return void */ protected function initializeAction() { parent::initializeAction(); $translationHelper = new TranslationHelper(); $this->setTitle($translationHelper->translate($this->moduleConfiguration['label']) . ' :: ' . $translationHelper->translate(str_replace('label', 'action.', $this->moduleConfiguration['label']) . $this->request->getControllerActionName())); if ($this->arguments->hasArgument('user')) { $propertyMappingConfigurationForUser = $this->arguments->getArgument('user')->getPropertyMappingConfiguration(); $propertyMappingConfigurationForUserName = $propertyMappingConfigurationForUser->forProperty('user.name'); $propertyMappingConfigurationForPrimaryAccount = $propertyMappingConfigurationForUser->forProperty('user.primaryAccount'); $propertyMappingConfigurationForPrimaryAccount->setTypeConverterOption(PersistentObjectConverter::class, PersistentObjectConverter::CONFIGURATION_TARGET_TYPE, Account::class); /** @var PropertyMappingConfiguration $propertyMappingConfiguration */ foreach (array($propertyMappingConfigurationForUser, $propertyMappingConfigurationForUserName, $propertyMappingConfigurationForPrimaryAccount) as $propertyMappingConfiguration) { $propertyMappingConfiguration->setTypeConverterOption(PersistentObjectConverter::class, PersistentObjectConverter::CONFIGURATION_MODIFICATION_ALLOWED, true); } } $this->currentUser = $this->userService->getCurrentUser(); }
/** * Shows a list of existing workspaces * * @return string */ public function indexAction() { $user = $this->userService->getCurrentUser(); $workspacesArray = []; /** @var Workspace $workspace */ foreach ($this->workspaceRepository->findAll() as $workspace) { // FIXME: This check should be implemented through a specialized Workspace Privilege or something similar if ($workspace->getOwner() !== null && $workspace->getOwner() !== $user) { continue; } $workspaceArray = ['name' => $workspace->getName(), 'title' => $workspace->getTitle(), 'description' => $workspace->getDescription(), 'baseWorkspace' => $workspace->getBaseWorkspace()]; if ($user !== null) { $workspaceArray['readonly'] = !$this->userService->currentUserCanPublishToWorkspace($workspace); } $workspacesArray[] = $workspaceArray; } $this->view->assign('workspaces', $workspacesArray); }
/** * Tries to authenticate the given token. Sets isAuthenticated to TRUE if authentication succeeded. * * @param TokenInterface $authenticationToken The token to be authenticated * @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException * @return void */ public function authenticate(TokenInterface $authenticationToken) { if (!$authenticationToken instanceof AbstractClientToken) { throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1383754993); } $credentials = $authenticationToken->getCredentials(); // There is no way to validate the Token or check the scopes at the moment apart from "trying" (and possibly receiving an access denied) // we could check the validity of the Token and the scopes here in the future when Instagram provides that // Only check if an access Token is present at this time and do a single test call if (isset($credentials['accessToken']) && $credentials['accessToken'] !== NULL) { // check if a secure request is possible (https://www.instagram.com/developer/secure-api-requests/) $userInfo = $this->instagramTokenEndpoint->validateSecureRequestCapability($credentials['accessToken']); if ($userInfo === FALSE) { $authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS); $this->securityLogger->log('A secure call to the API with the provided accessToken and clientSecret was not possible', LOG_NOTICE); return FALSE; } } else { } // From here, we surely know the user is considered authenticated against the remote service, // yet to check if there is an immanent account present. $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); /** @var $account \TYPO3\Flow\Security\Account */ $account = NULL; $providerName = $this->name; $accountRepository = $this->accountRepository; $this->securityContext->withoutAuthorizationChecks(function () use($userInfo, $providerName, $accountRepository, &$account) { $account = $accountRepository->findByAccountIdentifierAndAuthenticationProviderName($userInfo['id'], $providerName); }); if ($account === NULL) { $account = new Account(); $account->setAccountIdentifier($userInfo['id']); $account->setAuthenticationProviderName($providerName); $this->accountRepository->add($account); } $authenticationToken->setAccount($account); // the access token is valid for an "undefined time" according to instagram (so we cannot know when the user needs to log in again) $account->setCredentialsSource($credentials['accessToken']); $this->accountRepository->update($account); // check if a user is already attached to this account if ($this->partyService->getAssignedPartyOfAccount($account) === null || count($this->partyService->getAssignedPartyOfAccount($account)) < 1) { $user = $this->userService->getCurrentUser(); if ($user !== null) { $user->addAccount($account); $this->userService->updateUser($user); $this->persistenceManager->whitelistObject($user); } else { $this->securityLogger->logException(new Exception("The InstagramProvider was unable to determine the backend user, make sure the configuration Typo3BackendProvider requestPattern matches the Instagram Controller and the authentication strategy is set to 'atLeastOne' Token")); } } // persistAll is called automatically at the end of this function, account gets whitelisted to allow // persisting for an object thats tinkered with via a GET request $this->persistenceManager->whitelistObject($account); }
/** * Create a workspace * * @Flow\Validate(argumentName="title", type="\TYPO3\Flow\Validation\Validator\NotEmptyValidator") * @param string $title Human friendly title of the workspace, for example "Christmas Campaign" * @param Workspace $baseWorkspace Workspace the new workspace should be based on * @param string $visibility Visibility of the new workspace, must be either "internal" or "shared" * @param string $description A description explaining the purpose of the new workspace * @return void */ public function createAction($title, Workspace $baseWorkspace, $visibility, $description = '') { $workspace = $this->workspaceRepository->findOneByTitle($title); if ($workspace instanceof Workspace) { $this->addFlashMessage($this->translator->translateById('workspaces.workspaceWithThisTitleAlreadyExists', [], null, null, 'Modules', 'TYPO3.Neos'), '', Message::SEVERITY_WARNING); $this->redirect('new'); } $workspaceName = Utility::renderValidNodeName($title) . '-' . substr(base_convert(microtime(false), 10, 36), -5, 5); while ($this->workspaceRepository->findOneByName($workspaceName) instanceof Workspace) { $workspaceName = Utility::renderValidNodeName($title) . '-' . substr(base_convert(microtime(false), 10, 36), -5, 5); } if ($visibility === 'private') { $owner = $this->userService->getCurrentUser(); } else { $owner = null; } $workspace = new Workspace($workspaceName, $baseWorkspace, $owner); $workspace->setTitle($title); $workspace->setDescription($description); $this->workspaceRepository->add($workspace); $this->redirect('index'); }