/** * If user is logged-in in legacy_mode (e.g. legacy admin interface), * will inject currently logged-in user in the repository. * * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { /** @var \eZ\Publish\Core\MVC\ConfigResolverInterface $configResolver */ $request = $event->getRequest(); $session = $request->getSession(); if ($event->getRequestType() !== HttpKernelInterface::MASTER_REQUEST || !$this->configResolver->getParameter('legacy_mode') || !($session->isStarted() && $session->has('eZUserLoggedInID'))) { return; } try { $apiUser = $this->repository->getUserService()->loadUser($session->get('eZUserLoggedInID')); $this->repository->setCurrentUser($apiUser); $token = $this->tokenStorage->getToken(); if ($token instanceof TokenInterface) { $token->setUser(new User($apiUser)); // Don't embed if we already have a LegacyToken, to avoid nested session storage. if (!$token instanceof LegacyToken) { $this->tokenStorage->setToken(new LegacyToken($token)); } } } catch (NotFoundException $e) { // Invalid user ID, the user may have been removed => invalidate the token and the session. $this->tokenStorage->setToken(null); $session->invalidate(); } }
/** * Set admin as current user */ public function auth() { $userService = $this->apiRepository->getUserService(); $user = $userService->loadUserByLogin('admin'); // login user for API $this->apiRepository->setCurrentUser($user); }
/** * Refreshes the user for the account interface. * * It is up to the implementation to decide if the user data should be * totally reloaded (e.g. from the database), or if the UserInterface * object can just be merged into some internal array of users / identity * map. * * @param \Symfony\Component\Security\Core\User\UserInterface $user * * @throws \Symfony\Component\Security\Core\Exception\UnsupportedUserException * * @return \Symfony\Component\Security\Core\User\UserInterface */ public function refreshUser(CoreUserInterface $user) { if (!$user instanceof UserInterface) { throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); } $this->repository->setCurrentUser($user->getAPIUser()); return $user; }
public function handleAction(Request $request) { $user = $this->userService->loadUserByCredentials($request->username, $request->password); $this->repository->setCurrentUser($user); $contentCreateStruct = $this->contentProvider->newContentCreateStructFromRequest($request); $locationCreateStruct = $this->contentProvider->newLocationCreateStructFromRequest($request); $content = $this->contentService->createContent($contentCreateStruct, array($locationCreateStruct)); $this->contentService->publishVersion($content->versionInfo); }
/** * Refreshes the user for the account interface. * * It is up to the implementation to decide if the user data should be * totally reloaded (e.g. from the database), or if the UserInterface * object can just be merged into some internal array of users / identity * map. * * @param \Symfony\Component\Security\Core\User\UserInterface $user * * @throws \Symfony\Component\Security\Core\Exception\UnsupportedUserException * * @return \Symfony\Component\Security\Core\User\UserInterface */ public function refreshUser(CoreUserInterface $user) { if (!$user instanceof UserInterface) { throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); } try { $refreshedAPIUser = $this->repository->getUserService()->loadUser($user->getAPIUser()->id); $user->setAPIUser($refreshedAPIUser); $this->repository->setCurrentUser($refreshedAPIUser); return $user; } catch (NotFoundException $e) { throw new UsernameNotFoundException($e->getMessage(), 0, $e); } }
/** * If user is logged-in in legacy_mode (e.g. legacy admin interface), * will inject currently logged-in user in the repository. * * @param GetResponseEvent $event */ public function onKernelRequest(GetResponseEvent $event) { /** @var \eZ\Publish\Core\MVC\ConfigResolverInterface $configResolver */ $request = $event->getRequest(); if ($event->getRequestType() !== HttpKernelInterface::MASTER_REQUEST || !$this->configResolver->getParameter('legacy_mode') || !$request->getSession()->has('eZUserLoggedInID')) { return; } $apiUser = $this->repository->getUserService()->loadUser($request->getSession()->get('eZUserLoggedInID')); $this->repository->setCurrentUser($apiUser); $token = $this->securityContext->getToken(); if ($token instanceof TokenInterface) { $token->setUser(new User($apiUser)); $token->setAuthenticated(true); } }
/** * Tries to retrieve a valid eZ user if authenticated user doesn't come from the repository (foreign user provider). * Will dispatch an event allowing listeners to return a valid eZ user for current authenticated user. * Will by default let the repository load the anonymous user. * * @param \Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event */ public function onInteractiveLogin(BaseInteractiveLoginEvent $event) { $token = $event->getAuthenticationToken(); $originalUser = $token->getUser(); if ($originalUser instanceof eZUser || !$originalUser instanceof UserInterface) { return; } /* * 1. Send the event. * 2. If no eZ user is returned, load Anonymous user. * 3. Inject eZ user in repository. * 4. Create the UserWrapped user object (implementing eZ UserInterface) with loaded eZ user. * 5. Create new token with UserWrapped user * 6. Inject the new token in security context */ $subLoginEvent = new InteractiveLoginEvent($event->getRequest(), $token); $this->eventDispatcher->dispatch(MVCEvents::INTERACTIVE_LOGIN, $subLoginEvent); if ($subLoginEvent->hasAPIUser()) { $apiUser = $subLoginEvent->getAPIUser(); } else { $apiUser = $this->repository->getUserService()->loadUser($this->configResolver->getParameter("anonymous_user_id")); } $this->repository->setCurrentUser($apiUser); $providerKey = method_exists($token, 'getProviderKey') ? $token->getProviderKey() : __CLASS__; $interactiveToken = new InteractiveLoginToken($this->getUser($originalUser, $apiUser), get_class($token), $token->getCredentials(), $providerKey, $token->getRoles()); $interactiveToken->setAttributes($token->getAttributes()); $this->securityContext->setToken($interactiveToken); }
/** * {@inheritdoc} */ protected function initialize(InputInterface $input, OutputInterface $output) { $input; // phpmd trick $output; // phpmd trick $this->eZPublishRepository = $this->getContainer()->get("ezpublish.api.repository"); $this->eZPublishRepository->setCurrentUser($this->eZPublishRepository->getUserService()->loadUser(14)); }
/** * @param UserEvent $event */ public function onImplicitLogin(UserEvent $event) { $originalUser = $event->getUser(); if ($originalUser instanceof eZUser || !$originalUser instanceof UserInterface) { return; } // Already Authenticated Token ( we are in ImplicitLogin of FOS) $token = $this->tokenStorage->getToken(); $subLoginEvent = new InteractiveLoginEvent($event->getRequest(), $token); $this->eventDispatcher->dispatch(MVCEvents::INTERACTIVE_LOGIN, $subLoginEvent); if ($subLoginEvent->hasAPIUser()) { $apiUser = $subLoginEvent->getAPIUser(); } else { $apiUser = $this->repository->getUserService()->loadUser($this->configResolver->getParameter('anonymous_user_id')); } $this->repository->setCurrentUser($apiUser); $providerKey = method_exists($token, 'getProviderKey') ? $token->getProviderKey() : __CLASS__; $interactiveToken = new InteractiveLoginToken(new UserWrapped($originalUser, $apiUser), get_class($token), $token->getCredentials(), $providerKey, $token->getRoles()); $interactiveToken->setAttributes($token->getAttributes()); $this->tokenStorage->setToken($interactiveToken); }
protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) { if (!$user instanceof EzUserInterface) { return parent::checkAuthentication($user, $token); } // $currentUser can either be an instance of UserInterface or just the username (e.g. during form login). /** @var EzUserInterface|string $currentUser */ $currentUser = $token->getUser(); if ($currentUser instanceof UserInterface) { if ($currentUser->getAPIUser()->passwordHash !== $user->getAPIUser()->passwordHash) { throw new BadCredentialsException('The credentials were changed from another session.'); } $apiUser = $currentUser->getAPIUser(); } else { try { $apiUser = $this->repository->getUserService()->loadUserByCredentials($token->getUsername(), $token->getCredentials()); } catch (NotFoundException $e) { throw new BadCredentialsException('Invalid credentials', 0, $e); } } // Finally inject current user in the Repository $this->repository->setCurrentUser($apiUser); }
public function login($username, $password) { $this->repository->setCurrentUser($this->repository->getUserService()->loadUserByCredentials($username, $password)); }
private function login($username, $password) { $this->repository->setCurrentUser($this->userService->loadUserByCredentials($username, $password)); }
/** * Sets the current user to the given $user. * * @param \eZ\Publish\API\Repository\Values\User\User $user * * @return void */ public function setCurrentUser(User $user) { return $this->repository->setCurrentUser($user); }
/** * Sets the current ez user to the user with the given user name. * * @param string $username */ private function setMigrationUser($username) { $this->repository->setCurrentUser($this->repository->getUserService()->loadUserByLogin($username)); }
/** * @BeforeScenario */ public function loginAdmin($event) { $this->repository->setCurrentUser(new UserReference($this->adminUserId)); }
/** * Setup test */ protected function setUp() { parent::setUp(); $this->repository = static::getRepository(); $this->repository->setCurrentUser($this->getStubbedUser(14)); }
public function authenticate(TokenInterface $token) { $token = parent::authenticate($token); $this->repository->setCurrentUser($this->repository->getUserService()->loadUser($this->configResolver->getParameter('anonymous_user_id'))); return $token; }