/**
* @param \Magento\User\Model\User $model
* @param array $data
* @return void
*/
protected function redirectToEdit(\Magento\User\Model\User $model, array $data)
{
$this->_getSession()->setUserData($data);
$arguments = $model->getId() ? ['user_id' => $model->getId()] : [];
$arguments = array_merge($arguments, ['_current' => true, 'active_tab' => '']);
$this->_redirect('adminhtml/*/edit', $arguments);
}
/**
* {@inheritdoc}
*/
public function createAdminAccessToken($username, $password)
{
$this->validatorHelper->validate($username, $password);
$this->userModel->login($username, $password);
if (!$this->userModel->getId()) {
/*
* This message is same as one thrown in \Magento\Backend\Model\Auth to keep the behavior consistent.
* Constant cannot be created in Auth Model since it uses legacy translation that doesn't support it.
* Need to make sure that this is refactored once exception handling is updated in Auth Model.
*/
throw new AuthenticationException(__('You did not sign in correctly or your account is temporarily disabled.'));
}
return $this->tokenModelFactory->create()->createAdminToken($this->userModel->getId())->getToken();
}
/**
* @magentoDbIsolation enabled
*/
public function testBeforeSavePasswordHash()
{
$this->_model->setUsername('john.doe')->setFirstname('John')->setLastname('Doe')->setEmail('*****@*****.**')->setPassword('123123q');
$this->_model->save();
$this->assertNotContains('123123q', $this->_model->getPassword(), 'Password is expected to be hashed');
$this->assertRegExp('/^[0-9a-f]+:[0-9a-zA-Z]{32}$/', $this->_model->getPassword(), 'Salt is expected to be saved along with the password');
/** @var \Magento\User\Model\User $model */
$model = \Magento\TestFramework\Helper\Bootstrap::getObjectManager()->create('Magento\\User\\Model\\User');
$model->load($this->_model->getId());
$this->assertEquals($this->_model->getPassword(), $model->getPassword(), 'Password data has been corrupted during saving');
}
/**
* {@inheritdoc}
*/
public function createAdminAccessToken($username, $password)
{
$this->validatorHelper->validateCredentials($username, $password);
try {
$this->userModel->login($username, $password);
if (!$this->userModel->getId()) {
/*
* This message is same as one thrown in \Magento\Backend\Model\Auth to keep the behavior consistent.
* Constant cannot be created in Auth Model since it uses legacy translation that doesn't support it.
* Need to make sure that this is refactored once exception handling is updated in Auth Model.
*/
throw new AuthenticationException('Please correct the user name or password.');
}
} catch (\Magento\Backend\Model\Auth\Exception $e) {
throw new AuthenticationException($e->getMessage(), [], $e);
} catch (\Magento\Framework\Model\Exception $e) {
throw new LocalizedException($e->getMessage(), [], $e);
}
return $this->tokenModelFactory->create()->createAdminToken($this->userModel->getId())->getToken();
}
/**
* Run installation in context of the specified admin user
*
* @param \Magento\User\Model\User $adminUser
* @throws \Exception
*
* @return void
*/
public function run(\Magento\User\Model\User $adminUser)
{
set_time_limit(3600);
if (!$adminUser || !$adminUser->getId()) {
throw new \Exception('Invalid admin user provided');
}
$this->session->setUser($adminUser);
$this->deploy->run();
$resources = $this->initResources();
foreach ($this->moduleList->getNames() as $moduleName) {
if (isset($resources[$moduleName])) {
$resourceType = $resources[$moduleName];
$this->setupFactory->create($resourceType)->run();
$this->postInstaller->addModule($moduleName);
}
}
$this->session->unsUser();
$this->postInstaller->run();
}
/**
* Check is user logged in and permissions
*
* @param \Magento\User\Model\User|null $user
* @return bool
*/
protected function _checkUserAccess($user = null)
{
if ($user && !$user->getId()) {
$this->addMessage('error', 'Invalid user name or password');
$this->controller()->setAction('login');
} elseif ($this->getUserId() || $user && $user->getId()) {
if (\Mage::getSingleton('Magento\\Framework\\AuthorizationInterface')->isAllowed('Magento_Adminhtml::all')) {
return true;
} else {
$this->logout();
$this->addMessage('error', 'Access Denied', true);
$this->controller()->setAction('login');
}
}
return false;
}
/**
* Remember a password hash for further usage
*
* @param ModelUser $user
* @param string $passwordHash
* @param int $lifetime
* @return void
*/
public function trackPassword($user, $passwordHash, $lifetime)
{
$now = time();
$this->getConnection()->insert($this->getTable('admin_passwords'), ['user_id' => $user->getId(), 'password_hash' => $passwordHash, 'expires' => $now + $lifetime, 'last_updated' => $now]);
}
/**
* Create role for provided user of provided type
*
* @param int $parentId
* @param ModelUser $user
* @return void
*/
protected function _createUserRole($parentId, ModelUser $user)
{
if ($parentId > 0) {
/** @var \Magento\Authorization\Model\Role $parentRole */
$parentRole = $this->_roleFactory->create()->load($parentId);
} else {
$role = new \Magento\Framework\Object();
$role->setTreeLevel(0);
}
if ($parentRole->getId()) {
$data = new \Magento\Framework\Object(array('parent_id' => $parentRole->getId(), 'tree_level' => $parentRole->getTreeLevel() + 1, 'sort_order' => 0, 'role_type' => RoleUser::ROLE_TYPE, 'user_id' => $user->getId(), 'user_type' => UserContextInterface::USER_TYPE_ADMIN, 'role_name' => $user->getFirstname()));
$insertData = $this->_prepareDataForTable($data, $this->getTable('authorization_role'));
$this->_getWriteAdapter()->insert($this->getTable('authorization_role'), $insertData);
$this->_aclCache->clean();
}
}
