/**
* Imports a given user to the TYPO3 database.
*
* @param array $user Local user information
* @param array $ldapUser LDAP user information
* @param string $restoreBehavior How to restore users (only for update)
* @return array Modified user data
* @throws ImportUsersException
*/
public function import($user, $ldapUser, $restoreBehavior = 'both')
{
// Store the extra data for later restore and remove it
if (isset($user['__extraData'])) {
$extraData = $user['__extraData'];
unset($user['__extraData']);
}
if (empty($user['uid'])) {
// Set other necessary information for a new user
// First make sure to be acting in the right context
Configuration::setMode($this->context);
$user['username'] = Typo3UserRepository::setUsername($user['username']);
$user['password'] = Typo3UserRepository::setRandomPassword();
$typo3Groups = Authentication::getUserGroups($ldapUser, $this->configuration, $this->groupTable);
if ($typo3Groups === NULL) {
// Required LDAP groups are missing: quit!
return $user;
}
$user = Typo3UserRepository::setUserGroups($user, $typo3Groups);
$user = Typo3UserRepository::add($this->userTable, $user);
$this->usersAdded++;
} else {
// Restore user that may have been previously deleted or disabled, depending on chosen behavior
// (default to both undelete and re-enable)
switch ($restoreBehavior) {
case 'enable':
$user[$GLOBALS['TCA'][$this->userTable]['ctrl']['enablecolumns']['disabled']] = 0;
break;
case 'undelete':
$user[$GLOBALS['TCA'][$this->userTable]['ctrl']['delete']] = 0;
break;
case 'nothing':
break;
default:
$user[$GLOBALS['TCA'][$this->userTable]['ctrl']['enablecolumns']['disabled']] = 0;
$user[$GLOBALS['TCA'][$this->userTable]['ctrl']['delete']] = 0;
}
$typo3Groups = Authentication::getUserGroups($ldapUser, $this->configuration, $this->groupTable);
$user = Typo3UserRepository::setUserGroups($user, $typo3Groups === NULL ? array() : $typo3Groups);
$success = Typo3UserRepository::update($this->userTable, $user);
if ($success) {
$this->usersUpdated++;
}
}
// Restore the extra data and trigger a signal
if (isset($extraData)) {
$user['__extraData'] = $extraData;
// Hook for processing the extra data
if (is_array($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['ig_ldap_sso_auth']['extraDataProcessing'])) {
foreach ($GLOBALS['TYPO3_CONF_VARS']['EXTCONF']['ig_ldap_sso_auth']['extraDataProcessing'] as $className) {
/** @var $postProcessor \Causal\IgLdapSsoAuth\Utility\ExtraDataProcessorInterface */
$postProcessor = GeneralUtility::getUserObj($className);
if ($postProcessor instanceof \Causal\IgLdapSsoAuth\Utility\ExtraDataProcessorInterface) {
$postProcessor->processExtraData($this->userTable, $user);
} else {
throw new ImportUsersException(sprintf('Invalid post-processing class %s. It must implement the \\Causal\\IgLdapSsoAuth\\Utility\\ExtraDataProcessorInterface interface', $className), 1414136057);
}
}
}
}
return $user;
}
/**
* Returns TYPO3 users associated to $ldap_users or create fresh records
* if they don't exist yet.
*
* @param array $ldapUsers
* @param array $mapping
* @param string $table
* @param int|NULL $pid
* @return array
*/
public static function getTypo3Users(array $ldapUsers = array(), array $mapping = array(), $table = NULL, $pid = NULL)
{
if (count($ldapUsers) === 0) {
// Early return
return array();
}
$typo3Users = array();
foreach ($ldapUsers as $ldapUser) {
$existingTypo3Users = Typo3UserRepository::fetch($table, 0, $pid, NULL, $ldapUser['dn']);
if (count($existingTypo3Users) > 0) {
$typo3User = $existingTypo3Users[0];
} else {
$typo3User = Typo3UserRepository::create($table);
$typo3User['pid'] = (int) $pid;
$typo3User['crdate'] = $GLOBALS['EXEC_TIME'];
$typo3User['tstamp'] = $GLOBALS['EXEC_TIME'];
}
$typo3Users[] = $typo3User;
}
return $typo3Users;
}
/**
* Actual search action using AJAX.
*
* @param \Causal\IgLdapSsoAuth\Domain\Model\Configuration $configuration
* @param string $type
* @param bool $firstEntry
* @param bool $showStatus
* @param string $baseDn
* @param string $filter
* @return void
*/
public function searchAjaxAction(\Causal\IgLdapSsoAuth\Domain\Model\Configuration $configuration = NULL, $type, $firstEntry, $showStatus, $baseDn, $filter)
{
list($mode, $key) = explode('_', $type, 2);
Configuration::initialize($mode, $configuration);
$config = $mode === 'be' ? Configuration::getBackendConfiguration() : Configuration::getFrontendConfiguration();
try {
$success = $this->ldap->connect(Configuration::getLdapConfiguration());
} catch (\Exception $e) {
$success = FALSE;
}
if ($showStatus) {
$this->view->assign('status', $this->ldap->getStatus());
}
if ($success) {
$filter = Configuration::replaceFilterMarkers($filter);
if ($firstEntry) {
$attributes = array();
} else {
$attributes = Configuration::getLdapAttributes($config[$key]['mapping']);
if (strpos($config[$key]['filter'], '{USERUID}') !== FALSE) {
$attributes[] = 'uid';
$attributes = array_unique($attributes);
}
}
$resultset = $this->ldap->search($baseDn, $filter, $attributes, $firstEntry, 100);
// With PHP 5.4 and above this could be renamed as
// ksort_recursive($result, SORT_NATURAL)
if (is_array($resultset)) {
$this->uksort_recursive($resultset, 'strnatcmp');
}
$this->view->assign('resultset', $resultset);
if ($firstEntry && is_array($resultset) && count($resultset) > 1) {
if ($key === 'users') {
$mapping = $config['users']['mapping'];
$blankTypo3Record = Typo3UserRepository::create($type);
} else {
$mapping = $config['groups']['mapping'];
$blankTypo3Record = Typo3GroupRepository::create($type);
}
$preview = Authentication::merge($resultset, $blankTypo3Record, $mapping, TRUE);
// Remove empty lines
$keys = array_keys($preview);
foreach ($keys as $key) {
if (empty($preview[$key])) {
unset($preview[$key]);
}
}
$this->view->assign('preview', $preview);
}
}
$this->returnAjax(array('success' => $success, 'html' => $this->view->render()));
}
