/**
* Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time).
* If no user is logged in this method returns null.
*
* @return string
* @api
*/
public function getPersonalWorkspaceName()
{
$currentUser = $this->userDomainService->getCurrentUser();
if (!$currentUser instanceof User) {
return null;
}
$username = $this->userDomainService->getUsername($currentUser);
return $username === null ? null : UserUtility::getPersonalWorkspaceNameForUsername($username);
}
/**
* Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time).
* If no user is logged in this method returns null.
*
* @return string
* @api
*/
public function getPersonalWorkspaceName()
{
$currentUser = $this->userDomainService->getCurrentUser();
if (!$currentUser instanceof User) {
return null;
}
$username = $this->userDomainService->getUsername($currentUser);
return 'user-' . preg_replace('/[^a-z0-9]/i', '', $username);
}
/**
* @return \TYPO3\Flow\Security\Account
*/
public function getInstagramAccountHavingParty()
{
foreach ($this->userService->getCurrentUser()->getAccounts() as $account) {
/* @var $account \TYPO3\Flow\Security\Account */
if ($account->getAuthenticationProviderName() === 'InstagramOAuth2Provider') {
return $account;
}
}
return NULL;
}
/**
* Update/adds a user preference
*
* @param string $key The key of the preference to update/add
* @param string $value The value of the preference
* @return void
*/
public function updateAction($key, $value)
{
// TODO: This should be done in an earlier stage (TypeConverter ?)
if (strtolower($value) === 'false') {
$value = false;
} elseif (strtolower($value) === 'true') {
$value = true;
}
$user = $this->userService->getCurrentUser();
$user->getPreferences()->set($key, $value);
$this->userService->updateUser($user);
$this->throwStatus(204, 'User preferences have been updated');
}
/**
* @return void
*/
protected function initializeAction()
{
parent::initializeAction();
$translationHelper = new TranslationHelper();
$this->setTitle($translationHelper->translate($this->moduleConfiguration['label']) . ' :: ' . $translationHelper->translate(str_replace('label', 'action.', $this->moduleConfiguration['label']) . $this->request->getControllerActionName()));
if ($this->arguments->hasArgument('user')) {
$propertyMappingConfigurationForUser = $this->arguments->getArgument('user')->getPropertyMappingConfiguration();
$propertyMappingConfigurationForUserName = $propertyMappingConfigurationForUser->forProperty('user.name');
$propertyMappingConfigurationForPrimaryAccount = $propertyMappingConfigurationForUser->forProperty('user.primaryAccount');
$propertyMappingConfigurationForPrimaryAccount->setTypeConverterOption(PersistentObjectConverter::class, PersistentObjectConverter::CONFIGURATION_TARGET_TYPE, Account::class);
/** @var PropertyMappingConfiguration $propertyMappingConfiguration */
foreach (array($propertyMappingConfigurationForUser, $propertyMappingConfigurationForUserName, $propertyMappingConfigurationForPrimaryAccount) as $propertyMappingConfiguration) {
$propertyMappingConfiguration->setTypeConverterOption(PersistentObjectConverter::class, PersistentObjectConverter::CONFIGURATION_MODIFICATION_ALLOWED, true);
}
}
$this->currentUser = $this->userService->getCurrentUser();
}
/**
* Shows a list of existing workspaces
*
* @return string
*/
public function indexAction()
{
$user = $this->userService->getCurrentUser();
$workspacesArray = [];
/** @var Workspace $workspace */
foreach ($this->workspaceRepository->findAll() as $workspace) {
// FIXME: This check should be implemented through a specialized Workspace Privilege or something similar
if ($workspace->getOwner() !== null && $workspace->getOwner() !== $user) {
continue;
}
$workspaceArray = ['name' => $workspace->getName(), 'title' => $workspace->getTitle(), 'description' => $workspace->getDescription(), 'baseWorkspace' => $workspace->getBaseWorkspace()];
if ($user !== null) {
$workspaceArray['readonly'] = !$this->userService->currentUserCanPublishToWorkspace($workspace);
}
$workspacesArray[] = $workspaceArray;
}
$this->view->assign('workspaces', $workspacesArray);
}
/**
* Tries to authenticate the given token. Sets isAuthenticated to TRUE if authentication succeeded.
*
* @param TokenInterface $authenticationToken The token to be authenticated
* @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException
* @return void
*/
public function authenticate(TokenInterface $authenticationToken)
{
if (!$authenticationToken instanceof AbstractClientToken) {
throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1383754993);
}
$credentials = $authenticationToken->getCredentials();
// There is no way to validate the Token or check the scopes at the moment apart from "trying" (and possibly receiving an access denied)
// we could check the validity of the Token and the scopes here in the future when Instagram provides that
// Only check if an access Token is present at this time and do a single test call
if (isset($credentials['accessToken']) && $credentials['accessToken'] !== NULL) {
// check if a secure request is possible (https://www.instagram.com/developer/secure-api-requests/)
$userInfo = $this->instagramTokenEndpoint->validateSecureRequestCapability($credentials['accessToken']);
if ($userInfo === FALSE) {
$authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS);
$this->securityLogger->log('A secure call to the API with the provided accessToken and clientSecret was not possible', LOG_NOTICE);
return FALSE;
}
} else {
}
// From here, we surely know the user is considered authenticated against the remote service,
// yet to check if there is an immanent account present.
$authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL);
/** @var $account \TYPO3\Flow\Security\Account */
$account = NULL;
$providerName = $this->name;
$accountRepository = $this->accountRepository;
$this->securityContext->withoutAuthorizationChecks(function () use($userInfo, $providerName, $accountRepository, &$account) {
$account = $accountRepository->findByAccountIdentifierAndAuthenticationProviderName($userInfo['id'], $providerName);
});
if ($account === NULL) {
$account = new Account();
$account->setAccountIdentifier($userInfo['id']);
$account->setAuthenticationProviderName($providerName);
$this->accountRepository->add($account);
}
$authenticationToken->setAccount($account);
// the access token is valid for an "undefined time" according to instagram (so we cannot know when the user needs to log in again)
$account->setCredentialsSource($credentials['accessToken']);
$this->accountRepository->update($account);
// check if a user is already attached to this account
if ($this->partyService->getAssignedPartyOfAccount($account) === null || count($this->partyService->getAssignedPartyOfAccount($account)) < 1) {
$user = $this->userService->getCurrentUser();
if ($user !== null) {
$user->addAccount($account);
$this->userService->updateUser($user);
$this->persistenceManager->whitelistObject($user);
} else {
$this->securityLogger->logException(new Exception("The InstagramProvider was unable to determine the backend user, make sure the configuration Typo3BackendProvider requestPattern matches the Instagram Controller and the authentication strategy is set to 'atLeastOne' Token"));
}
}
// persistAll is called automatically at the end of this function, account gets whitelisted to allow
// persisting for an object thats tinkered with via a GET request
$this->persistenceManager->whitelistObject($account);
}
/**
* Create a workspace
*
* @Flow\Validate(argumentName="title", type="\TYPO3\Flow\Validation\Validator\NotEmptyValidator")
* @param string $title Human friendly title of the workspace, for example "Christmas Campaign"
* @param Workspace $baseWorkspace Workspace the new workspace should be based on
* @param string $visibility Visibility of the new workspace, must be either "internal" or "shared"
* @param string $description A description explaining the purpose of the new workspace
* @return void
*/
public function createAction($title, Workspace $baseWorkspace, $visibility, $description = '')
{
$workspace = $this->workspaceRepository->findOneByTitle($title);
if ($workspace instanceof Workspace) {
$this->addFlashMessage($this->translator->translateById('workspaces.workspaceWithThisTitleAlreadyExists', [], null, null, 'Modules', 'TYPO3.Neos'), '', Message::SEVERITY_WARNING);
$this->redirect('new');
}
$workspaceName = Utility::renderValidNodeName($title) . '-' . substr(base_convert(microtime(false), 10, 36), -5, 5);
while ($this->workspaceRepository->findOneByName($workspaceName) instanceof Workspace) {
$workspaceName = Utility::renderValidNodeName($title) . '-' . substr(base_convert(microtime(false), 10, 36), -5, 5);
}
if ($visibility === 'private') {
$owner = $this->userService->getCurrentUser();
} else {
$owner = null;
}
$workspace = new Workspace($workspaceName, $baseWorkspace, $owner);
$workspace->setTitle($title);
$workspace->setDescription($description);
$this->workspaceRepository->add($workspace);
$this->redirect('index');
}
