/**
* @param \SKL\Post\Domain\Model\Author $author
* @return void
*/
public function editAction(Author $author)
{
$account = $this->securityContext->getAccount();
$this->view->assign('usrname', $account->getAccountIdentifier());
$this->view->assign('listCategories', $this->categoryRepository->findAll());
$this->view->assign('author', $author);
}
/**
* TODO: Document this Method! ( assignVariables )
*/
public function preToolbarRendering()
{
$account = $this->context->getAccount();
$votes = array();
$privilege = array('PRIVILEGE_ABSTAIN', 'PRIVILEGE_GRANT', 'PRIVILEGE_DENY');
$roleVotes = \Debug\Toolbar\Service\DataStorage::get('Security:RoleVotes');
if (is_array($roleVotes)) {
foreach ($roleVotes as $key => $value) {
$vote = array('role' => (string) $value['role']);
$vote['privilege'] = '';
if (is_array($value['privileges'])) {
foreach ($value['privileges'] as $k => $p) {
$vote['privilege'] = $privilege[$p];
}
}
$votes[$value['role'] . ':' . $vote['privilege']] = $vote;
}
} else {
$roles = $this->context->getRoles();
foreach ($roles as $key => $value) {
$vote = array('role' => (string) $value);
$votes[] = $vote;
}
}
\Debug\Toolbar\Service\Collector::getModule('Security')->getToolbar()->addIcon('user')->addText(is_object($account) ? $account->getAccountIdentifier() : 'Guest')->getPopup()->addPartial('Security', array('roles' => $this->context->getRoles(), 'account' => $this->context->getaccount(), 'votes' => $votes))->getPanel()->addPartial('Security', array('roles' => $this->context->getRoles(), 'account' => $this->context->getaccount(), 'votes' => $votes));
}
/**
* Get the account of the first authenticated token.
*
* @return \TYPO3\Flow\Security\Account|NULL
*/
public function getAccount()
{
if ($this->securityContext->canBeInitialized()) {
return $this->securityContext->getAccount();
}
return NULL;
}
/**
* @return void
*/
public function indexAction()
{
$account = $this->securityContext->getAccount();
$this->view->assign('usrname', $account->getAccountIdentifier());
$this->view->assign('setups', $this->setupRepository->findAll());
$this->view->assign('listCategories', $this->categoryRepository->findAll());
}
/**
* Initializes the controller before invoking an action method.
*
*/
public function initializeAction()
{
if ($this->securityContext->canBeInitialized()) {
$account = $this->securityContext->getAccount();
$this->bearbeiterObj = $this->bearbeiterRepository->findOneByAccount($account);
}
$this->cacheInterface = $this->cacheManager->getCache('GermaniaSacra_GermaniaCache');
}
/**
* Returns the currently logged in user, if any
*
* @return User The currently logged in user, or NULL
*/
public function getCurrentUser()
{
$account = $this->securityContext->getAccount();
if ($account === NULL) {
return NULL;
}
return $this->userRepository->findOneHavingAccount($account);
}
/**
* Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time).
* If no user is logged in this method returns "live".
*
* @return string
*/
public function getUserWorkspaceName()
{
$account = $this->securityContext->getAccount();
if ($account === NULL) {
return 'live';
}
return 'user-' . preg_replace('/[^a-z0-9]/i', '', $account->getAccountIdentifier());
}
/**
* @param string $title
* @param string $uri
* @param string $identifier
*/
public function disqusAction($title, $uri, $identifier)
{
$this->view->assign('title', $title);
$this->view->assign('uri', $uri);
$this->view->assign('identifier', $identifier);
if ($account = $this->securityContext->getAccount()) {
$this->view->assign('remoteAuth', $this->disqusRemoteAuthService->generateDisqusRemoteAuth($account));
}
}
/**
* Try to set the current account identifier emitting the events, if possible
*
* @return void
*/
protected function initializeAccountIdentifier()
{
if ($this->securityContext->canBeInitialized()) {
$account = $this->securityContext->getAccount();
if ($account !== NULL) {
$this->eventEmittingService->setCurrentAccountIdentifier($account->getAccountIdentifier());
}
}
}
/**
* Initializes some basic stuff that will basically be needed for each and
* every action that is executed later on.
*/
public function initializeAction()
{
// get the account of the authenticated user
$this->account = $this->securityContext->getAccount();
// set the locale
$this->locale = $this->localeDetector->detectLocaleFromLocaleTag($this->settings['defaultLanguage']);
if ($this->l18nService->getConfiguration()->getCurrentLocale() !== $this->locale) {
$this->l18nService->getConfiguration()->setCurrentLocale($this->locale);
}
}
/**
* @param string $session
*/
public function deleteAction($session)
{
$account = $this->securityContext->getAccount();
/** @var \T3DD\Backend\Domain\Model\Vote $vote */
$vote = $this->voteRepository->getVoteForAccountAndSession($session, $account);
if (!$vote) {
$this->response->setStatus(404);
return;
}
$this->voteRepository->remove($vote);
}
/**
* @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException
* @throws \TYPO3\Flow\Security\Exception\AccessDeniedException
* @return void
*/
public function authenticateAction()
{
try {
$this->authenticationManager->authenticate();
$account = $this->securityContext->getAccount();
$this->redirect('index', 'Dashboard', NULL, array('user' => $account));
} catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Bitte die korrekten Benutzerdaten eingeben.'));
//$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($exception->getMessage()));
throw $exception;
}
}
/**
* @param Participant $participant
*/
public function updateAction(Participant $participant)
{
$participantEntity = $participant->getPayload();
if ($participantEntity->getAccount() !== NULL && $participantEntity->getAccount() !== $this->securityContext->getAccount() && !$this->securityContext->hasRole('T3DD.Backend:Administrator')) {
$this->response->setStatus(403);
return;
}
if (!$participantEntity->isCompleted()) {
$participantEntity->setCompleted(TRUE);
$participantEntity->setAccount($this->securityContext->getAccount());
}
$this->participantRepository->update($participantEntity);
$this->view->assign('value', $participant);
}
/**
* Initialize view action
*
* @param \TYPO3\Flow\Mvc\View\ViewInterface $view
* @return void
*/
protected function initializeView(\TYPO3\Flow\Mvc\View\ViewInterface $view)
{
$loggedUser = $this->securityContext->getAccount();
$currentUrl = $this->request->getHttpRequest()->getUri();
$view->assign('currentpage', $currentUrl);
$view->assign('state', $this->base64UrlEncode($currentUrl));
if ($loggedUser != NULL) {
$view->assign('loggedInUser', $this->securityContext->getAccount()->getAccountIdentifier());
$view->assign('currentUser', $this->securityContext->getAccount()->getParty());
}
$facebook_appid = $this->facebookService->getAppId();
$facebook_redirecturi = $this->facebookService->getRedirectUri();
$vkLoginUrl = $this->vkService->getAuthorizationUri();
$this->view->assignMultiple(array('vk_url' => $vkLoginUrl, 'google_url' => $this->googlePlusService->getAuthorizationUri(), 'facebook_appid' => $facebook_appid, 'facebook_redirecturi' => $facebook_redirecturi));
}
/**
* The given $value is valid if it is an array of format array(hash:string, phrase:string) and the hash was derived from the entered phrase
*
* @param mixed $value The value that should be validated
* @return void
*/
protected function isValid($value)
{
if (!($this->options["ignoreWhenLoggedIn"] && $this->securityContext->getAccount())) {
if (is_array($value)) {
if (empty($value["hash"]) || empty($value["phrase"])) {
$this->addError("Malformed array given; expected array(hash:string, phrase:string)", 422526241);
} else {
if ($this->captchaService->validatePhrase($value["phrase"], $value["hash"]) !== true) {
$this->addError("Given captcha phrase mismatches the hash", 422526242);
}
}
} else {
$this->addError("This argument must be an array", 422526240);
}
}
}
/**
* Creats a file to be checked be cronjob before exporting the data
*/
public function dataexportAction()
{
$dumpDirectory = $this->dataImport->dumpDirectory;
$executeDumpExportFile = $dumpDirectory . self::executeExportDump;
if (!file_exists($executeDumpExportFile) && ($fileHandle = fopen($executeDumpExportFile, "w"))) {
$txt = '';
if ($this->securityContext->canBeInitialized()) {
if ($account = $this->securityContext->getAccount()) {
$jobOwner = $this->bearbeiterRepository->findOneByAccount($account);
$txt = 'Dieser Export wurde angelegt von ' . $jobOwner;
}
}
fwrite($fileHandle, $txt);
fclose($fileHandle);
$currentTimeMinutes = date('i');
$minutesFraction = substr($currentTimeMinutes, 1, 1);
$nextImportDumpExecution = 10 - $minutesFraction;
echo 'Die nächste Veröffentlichung wird in ' . $nextImportDumpExecution . ' Minuten durchgeführt.' . '<br>';
echo 'Sie dauert ca. 5 Minuten.' . '<br>';
} elseif (file_exists($executeDumpExportFile)) {
echo "Die Veröffentlichung ist bereits vorgemerkt.";
} else {
echo "Der Veröffentlichung-Job konnte leider nicht angelegt werden.";
}
exit;
}
/**
* index action, does only display the form
*/
public function indexAction()
{
$account = $this->securityContext->getAccount();
$facebook_appid = $this->facebookService->getAppId();
$facebook_redirecturi = $this->facebookService->getRedirectUri();
$vkLoginUrl = $this->vkService->getAuthorizationUri();
$this->view->assignMultiple(array('vk_url' => $vkLoginUrl, 'twitter_url' => $this->twitterService->getAuthorizationUri(), 'google_url' => $this->googlePlusService->getAuthorizationUri(), 'facebook_appid' => $facebook_appid, 'facebook_redirecturi' => $facebook_redirecturi));
}
/**
* @return \TYPO3\Flow\Security\Account
* @throws Exception
* @throws \TYPO3\Flow\Persistence\Exception\IllegalObjectTypeException
*/
protected function generateTokenAccount()
{
$account = $this->securityContext->getAccount();
$tokenAccount = $this->accountFactory->createAccountWithPassword($account->getAccountIdentifier(), Algorithms::generateRandomString(25), array_keys($account->getRoles()), $this->apiToken->getAuthenticationProviderName());
$this->accountRepository->add($tokenAccount);
$this->persistenceManager->persistAll();
return $tokenAccount;
}
/**
* @param \T3DD\Backend\Domain\Model\Registration\Registration $registration
*/
public function deleteAction(\T3DD\Backend\Domain\Model\Registration\Registration $registration)
{
if (!$this->securityContext->hasRole('T3DD.Backend:Administrator') && (!$registration->getSecondsToExpiration() || $registration->getAccount() !== $this->securityContext->getAccount())) {
$this->response->setStatus(403);
return;
}
$this->registrationRepository->remove($registration);
$this->view->assign('value', NULL);
}
/**
* @return \Incvisio\LostFound\Domain\Model\User
*/
public function getCurrentUser()
{
if ($this->securityContext->getAccount() != NULL) {
return $this->securityContext->getAccount()->getParty();
} else {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('main.messages.pleaseLogin', array(), NULL, NULL, 'Main', 'Incvisio.LostFound')));
$this->redirect('index', 'Standard');
}
}
/**
* @param string $password
* @param string $passwordConfirmation
* @return void
*/
public function resetAction($password, $passwordConfirmation)
{
if ($password === '' || $password !== $passwordConfirmation) {
$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Passwords didn\'t match!', 1435750717));
return $this->errorAction();
}
$this->crowdClient->setPasswordForUser($this->securityContext->getAccount()->getAccountIdentifier(), $password);
$this->addFlashMessage('Your password has been updated!');
$this->redirect('resetForm');
}
/**
* @param string $sso
* @param string $sig
* @return void
* @Flow\SkipCsrfProtection
*/
public function authenticateDiscourseUserAction($sso = '', $sig = '')
{
if ($sso === '' && $sig === '') {
$argumentsOfInterceptedRequest = $this->securityContext->getInterceptedRequest()->getArguments();
if (!isset($argumentsOfInterceptedRequest['sso']) || !isset($argumentsOfInterceptedRequest['sig'])) {
return 'This page needs to be called with valid sso and sig arguments from crowd!';
}
$sso = $argumentsOfInterceptedRequest['sso'];
$sig = $argumentsOfInterceptedRequest['sig'];
}
if (hash_hmac('sha256', $sso, $this->ssoSecret) === $sig) {
parse_str(base64_decode($sso), $incomingPayload);
$currentAccount = $this->securityContext->getAccount();
/** @var Person $crowdUser */
$crowdUser = $this->partyService->getAssignedPartyOfAccount($currentAccount);
$outgoingPayload = base64_encode(http_build_query(array('nonce' => $incomingPayload['nonce'], 'email' => $crowdUser->getPrimaryElectronicAddress()->getIdentifier(), 'name' => $crowdUser->getName()->getFullName(), 'username' => $currentAccount->getAccountIdentifier(), 'external_id' => $currentAccount->getAccountIdentifier()), '', '&', PHP_QUERY_RFC3986));
$outgoingSignature = hash_hmac('sha256', $outgoingPayload, $this->ssoSecret);
$this->redirectToUri(sprintf('%s?%s', $this->discourseSsoUrl, http_build_query(array('sso' => $outgoingPayload, 'sig' => $outgoingSignature), '', '&', PHP_QUERY_RFC3986)), 0, 302);
}
return 'Sorry, we couldn\'t log you in';
}
/**
* @param string $requestID
* @return string
*/
public function callbackAction($requestID)
{
$requestID = $this->sanitizeReturnTo($requestID);
return sprintf('<html><body>
<script>
try {
// Catch Security error
window.opener.onSSOAuth("%s", %s);
} catch(exception){}
window.close();
</script>
</body></html>', $requestID, json_encode($this->buildAccountDTO($this->securityContext->getAccount(), $this->response->getCookie('TYPO3_Flow_Session'))));
}
/**
* Returns the processed Configuration
*
* @param \TYPO3\TYPO3CR\Domain\Model\NodeType $nodeType (uninitialized) The node type to process
* @param array $configuration input configuration
* @param array $options The processor options
* @return void
*/
public function process(NodeType $nodeType, array &$configuration, array $options)
{
if ($this->securityContext->canBeInitialized()) {
/* Check if user is logged in */
if ($this->securityContext->getAccount()) {
$admin = false;
$role = $this->policyService->getRole('TYPO3.Neos:Administrator');
if ($role && $this->securityContext->getAccount()->hasRole($role)) {
$admin = true;
}
if (!$admin) {
// foreach ($configuration['properties']['departmentName']['ui']['inspector']['editorOptions']['values'] as $key => $val) {
// $configuration['properties']['departmentName']['ui']['inspector']['editorOptions']['values'][$key]['disabled'] = TRUE;
// }
// if ($nodeType->getName() == 'TYPO3.Neos.NodeTypes:Page') {
// $configuration['constraints']['nodeTypes']['TYPO3.Neos.NodeTypes:Page'] = FALSE;
// }
unset($configuration['properties']['departmentName']);
}
}
}
}
/**
* @param Session $session
*/
public function deleteAction(Session $session)
{
if ($session->getAccount() !== $this->securityContext->getAccount() && !$this->securityContext->hasRole('T3DD.Backend:Administrator')) {
$this->response->setStatus(403);
return;
}
foreach ($this->voteRepository->findBySession($session) as $vote) {
$this->voteRepository->remove($vote);
}
$this->sessionRepository->remove($session);
// TODO Fix redirect
$this->redirect('index');
}
/**
* Stores log entries for given actions.
*
* @param string $component of the whole application
* @param string $action the performed action to be logged
*/
protected function writeLogEntry($component, $action)
{
$entry = new \Roketi\Panel\Domain\Model\LogEntry();
$entry->setTimeStamp(new \DateTime());
$entry->setAction($action);
$entry->setComponent($component);
if ($this->doLogTheCurrentUser === TRUE) {
$account = $this->context->getAccount();
$entry->setAccount($account);
} else {
$entry->unsetAccount();
}
// fiddle out the IP of the client
$requestHandler = $this->bootstrap->getActiveRequestHandler();
if ($requestHandler instanceof \TYPO3\Flow\Http\HttpRequestHandlerInterface) {
$ip = $requestHandler->getHttpRequest()->getClientIPAddress();
} else {
$ip = '';
}
$entry->setRemoteIp($ip);
$this->logEntryRepository->add($entry);
$this->persistenceManager->persistAll();
}
/**
* Initializes all actions with commons logic.
*/
protected function initializeAction()
{
// Alternative to Flow's own json handling
// FIXME
if ($this->request->hasArgument('json')) {
$this->isJson = true;
$this->request->setFormat('json');
$this->view = new \TYPO3\Flow\Mvc\View\JsonView();
$this->view->setControllerContext($this->controllerContext);
}
if ($this->securityContext != null) {
$account = $this->securityContext->getAccount();
if ($account == null) {
if ($this->isJson) {
$this->throwStatus(403);
} else {
$this->authenticationManager->authenticate();
}
} else {
/** @var \_OurBrand_\My\Domain\Model\User $user */
$user = $account->getParty();
if (!$user) {
// Seriously bad!
$this->throwStatus(403);
}
// Necessary for our easy role identifier functions!
if ($user->getAccounts()->count() == 0) {
$user->addAccount($account);
}
$this->currentUser = $user;
// Set the quiz subjects that this user has access to.
if (count($user->getQuizSubscriptionDataForQuizType(0)) == 0) {
$this->accessHelper->setUserSubjectsAndTeamLevels($user);
}
}
} else {
if ($this->isJson) {
$this->throwStatus(403);
} else {
$this->authenticationManager->authenticate();
}
}
if ($this->loginSession->getData('studentQuizSession') != null) {
$this->studentQuizSession = $this->loginSession->getData('studentQuizSession');
}
// Prevent browser caching of content. Everything is dynamic in this application.
$this->response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate');
$this->response->setHeader('Pragma', 'no-cache');
$this->response->setHeader('Expires', '0');
}
/**
* @param array $password
* @throws UpdateNodeException
* @Flow\Validate(argumentName="password", type="\TYPO3\Neos\Validation\Validator\PasswordValidator", options={ "allowEmpty"=0, "minimum"=6, "maximum"=255 })
* @return string
*/
public function updatePasswordAction(array $password)
{
$account = $this->securityContext->getAccount();
$locale = new Locale('nl');
if (!$account instanceof Account) {
$this->response->setHeader('Notification', $this->translator->translateById('profile.update.password.response.failure', [], NULL, $locale, 'Main', 'BuJitsuDo.Authentication'));
throw new UpdateNodeException('No account (session) present', 127381164);
}
$newPassword = $this->hashService->hashPassword($password[0], 'default');
$account->setCredentialsSource($newPassword);
$this->accountRepository->update($account);
$this->response->setHeader('Notification', $this->translator->translateById('profile.update.password.response.success', [], NULL, $locale, 'Main', 'BuJitsuDo.Authentication'));
$this->response->setHeader('NotificationType', 'success');
return '';
}
/**
* Render user initials or an abbreviated name for a given username. If the account was deleted, use the username as fallback.
*
* @param string $format Supported are "fullFirstName" and "initials"
* @return string
*/
public function render($format = 'initials')
{
if (!in_array($format, array('fullFirstName', 'initials', 'fullName'))) {
throw new \InvalidArgumentException(sprintf('Format "%s" given to history:userInitials(), only supporting "fullFirstName", "initials" and "fullName".', $format), 1415705861);
}
$accountIdentifier = $this->renderChildren();
// TODO: search by credential source is still needed
/* @var $account \TYPO3\Flow\Security\Account */
$account = $this->accountRepository->findOneByAccountIdentifier($accountIdentifier);
if ($account === null) {
return $accountIdentifier;
}
/* @var $requestedUser Person */
$requestedUser = $account->getParty();
if ($requestedUser === null || $requestedUser->getName() === null) {
return $accountIdentifier;
}
if ($this->securityContext->canBeInitialized()) {
if ($this->securityContext->getAccount()) {
/** @var User $currentUser */
$currentUser = $this->securityContext->getAccount()->getParty();
if ($currentUser === $requestedUser) {
$languageIdentifier = $currentUser->getPreferences()->get('interfaceLanguage') ? $currentUser->getPreferences()->get('interfaceLanguage') : $this->defaultLanguageIdentifier;
$you = $translation = $this->translator->translateById('you', array(), 1, new Locale($languageIdentifier), 'Main', 'TYPO3.Neos');
}
}
}
switch ($format) {
case 'initials':
return mb_substr($requestedUser->getName()->getFirstName(), 0, 1) . mb_substr($requestedUser->getName()->getLastName(), 0, 1);
case 'fullFirstName':
return isset($you) ? $you : $requestedUser->getName()->getFirstName() . ' ' . mb_substr($requestedUser->getName()->getLastName(), 0, 1) . '.';
case 'fullName':
return isset($you) ? $you : $requestedUser->getName()->getFullName();
}
}
/**
* Rebase the current users personal workspace onto the given $targetWorkspace and then
* redirects to the $targetNode in the content module.
*
* @param NodeInterface $targetNode
* @param Workspace $targetWorkspace
* @return void
*/
public function rebaseAndRedirectAction(NodeInterface $targetNode, Workspace $targetWorkspace)
{
$currentAccount = $this->securityContext->getAccount();
$personalWorkspace = $this->workspaceRepository->findOneByName('user-' . $currentAccount->getAccountIdentifier());
/** @var Workspace $personalWorkspace */
if ($this->publishingService->getUnpublishedNodesCount($personalWorkspace) > 0) {
$message = $this->translator->translateById('workspaces.cantEditBecauseWorkspaceContainsChanges', [], null, null, 'Modules', 'TYPO3.Neos');
$this->addFlashMessage($message, '', Message::SEVERITY_WARNING, [], 1437833387);
$this->redirect('show', null, null, ['workspace' => $targetWorkspace]);
}
$personalWorkspace->setBaseWorkspace($targetWorkspace);
$this->workspaceRepository->update($personalWorkspace);
$contextProperties = $targetNode->getContext()->getProperties();
$contextProperties['workspaceName'] = $personalWorkspace->getName();
$context = $this->contextFactory->create($contextProperties);
$mainRequest = $this->controllerContext->getRequest()->getMainRequest();
/** @var ActionRequest $mainRequest */
$this->uriBuilder->setRequest($mainRequest);
$this->redirect('show', 'Frontend\\Node', 'TYPO3.Neos', ['node' => $context->getNode($targetNode->getPath())]);
}
