/** * Before execute login * * @param Login $login * @return void */ public function beforeExecute(Login $login) { $logoutReasonCode = $this->securityCookieHelper->getLogoutReasonCookie(); if ($this->isLoginForm($login) && $logoutReasonCode >= 0) { $this->messageManager->addError($this->sessionsManager->getLogoutReasonMessageByStatus($logoutReasonCode)); $this->securityCookieHelper->deleteLogoutReasonCookie(); } }
/** * Add user logout notification * * @return $this */ protected function addUserLogoutNotification() { if ($this->isAjaxRequest()) { $this->securityCookieHelper->setLogoutReasonCookie($this->sessionsManager->getCurrentSession()->getStatus()); } else { $this->messageManager->addError($this->sessionsManager->getLogoutReasonMessage()); } return $this; }
/** * @return void * @SuppressWarnings(PHPMD.CyclomaticComplexity) * @SuppressWarnings(PHPMD.NPathComplexity) */ public function execute() { $userId = (int) $this->getRequest()->getParam('user_id'); $data = $this->getRequest()->getPostValue(); if (!$data) { $this->_redirect('adminhtml/*/'); return; } /** @var $model \Magento\User\Model\User */ $model = $this->_userFactory->create()->load($userId); if ($userId && $model->isObjectNew()) { $this->messageManager->addError(__('This user no longer exists.')); $this->_redirect('adminhtml/*/'); return; } $model->setData($this->_getAdminUserData($data)); $uRoles = $this->getRequest()->getParam('roles', []); if (count($uRoles)) { $model->setRoleId($uRoles[0]); } /** @var $currentUser \Magento\User\Model\User */ $currentUser = $this->_objectManager->get('Magento\\Backend\\Model\\Auth\\Session')->getUser(); if ($userId == $currentUser->getId() && $this->_objectManager->get('Magento\\Framework\\Validator\\Locale')->isValid($data['interface_locale'])) { $this->_objectManager->get('Magento\\Backend\\Model\\Locale\\Manager')->switchBackendInterfaceLocale($data['interface_locale']); } /** Before updating admin user data, ensure that password of current admin user is entered and is correct */ $currentUserPasswordField = \Magento\User\Block\User\Edit\Tab\Main::CURRENT_USER_PASSWORD_FIELD; $isCurrentUserPasswordValid = isset($data[$currentUserPasswordField]) && !empty($data[$currentUserPasswordField]) && is_string($data[$currentUserPasswordField]); try { if (!$isCurrentUserPasswordValid) { throw new AuthenticationException(__('You have entered an invalid password for current user.')); } $currentUser->performIdentityCheck($data[$currentUserPasswordField]); $model->save(); $model->sendNotificationEmailsIfRequired(); $this->messageManager->addSuccess(__('You saved the user.')); $this->_getSession()->setUserData(false); $this->_redirect('adminhtml/*/'); } catch (UserLockedException $e) { $this->_auth->logout(); $this->securityCookieHelper->setLogoutReasonCookie(\Magento\Security\Model\AdminSessionsManager::LOGOUT_REASON_USER_LOCKED); $this->_redirect('adminhtml/*/'); } catch (\Magento\Framework\Exception\AuthenticationException $e) { $this->messageManager->addError(__('You have entered an invalid password for current user.')); $this->redirectToEdit($model, $data); } catch (\Magento\Framework\Validator\Exception $e) { $messages = $e->getMessages(); $this->messageManager->addMessages($messages); $this->redirectToEdit($model, $data); } catch (\Magento\Framework\Exception\LocalizedException $e) { if ($e->getMessage()) { $this->messageManager->addError($e->getMessage()); } $this->redirectToEdit($model, $data); } }
/** * Test delete logout reason cookie * @return void */ public function testDeleteLogoutReasonCookie() { $frontName = 'FrontName'; $this->createCookieMetaData(); $this->backendDataMock->expects($this->once())->method('getAreaFrontName')->willReturn($frontName); $this->cookieMetadataMock->expects($this->once())->method('setPath')->with('/' . $frontName)->willReturnSelf(); $this->cookieMetadataMock->expects($this->once())->method('setDuration')->with(-1)->willReturnSelf(); $this->phpCookieManagerMock->expects($this->once())->method('setPublicCookie')->with(\Magento\Security\Helper\SecurityCookie::LOGOUT_REASON_CODE_COOKIE_NAME, '', $this->cookieMetadataMock)->willReturnSelf(); $this->assertEquals($this->helper, $this->helper->deleteLogoutReasonCookie()); }
/** * Saving edited user information * * @return \Magento\Backend\Model\View\Result\Redirect * @SuppressWarnings(PHPMD.CyclomaticComplexity) */ public function execute() { $userId = $this->_objectManager->get('Magento\\Backend\\Model\\Auth\\Session')->getUser()->getId(); $password = (string) $this->getRequest()->getParam('password'); $passwordConfirmation = (string) $this->getRequest()->getParam('password_confirmation'); $interfaceLocale = (string) $this->getRequest()->getParam('interface_locale', false); /** @var $user \Magento\User\Model\User */ $user = $this->_objectManager->create('Magento\\User\\Model\\User')->load($userId); $user->setId($userId)->setUsername($this->getRequest()->getParam('username', false))->setFirstname($this->getRequest()->getParam('firstname', false))->setLastname($this->getRequest()->getParam('lastname', false))->setEmail(strtolower($this->getRequest()->getParam('email', false))); if ($this->_objectManager->get('Magento\\Framework\\Validator\\Locale')->isValid($interfaceLocale)) { $user->setInterfaceLocale($interfaceLocale); /** @var \Magento\Backend\Model\Locale\Manager $localeManager */ $localeManager = $this->_objectManager->get('Magento\\Backend\\Model\\Locale\\Manager'); $localeManager->switchBackendInterfaceLocale($interfaceLocale); } /** Before updating admin user data, ensure that password of current admin user is entered and is correct */ $currentUserPasswordField = \Magento\User\Block\User\Edit\Tab\Main::CURRENT_USER_PASSWORD_FIELD; $currentUserPassword = $this->getRequest()->getParam($currentUserPasswordField); try { $user->performIdentityCheck($currentUserPassword); if ($password !== '') { $user->setPassword($password); $user->setPasswordConfirmation($passwordConfirmation); } $errors = $user->validate(); if ($errors !== true && !empty($errors)) { foreach ($errors as $error) { $this->messageManager->addError($error); } } else { $user->save(); $user->sendNotificationEmailsIfRequired(); $this->messageManager->addSuccess(__('You saved the account.')); } } catch (UserLockedException $e) { $this->_auth->logout(); $this->securityCookieHelper->setLogoutReasonCookie(\Magento\Security\Model\AdminSessionsManager::LOGOUT_REASON_USER_LOCKED); } catch (ValidatorException $e) { $this->messageManager->addMessages($e->getMessages()); if ($e->getMessage()) { $this->messageManager->addError($e->getMessage()); } } catch (LocalizedException $e) { $this->messageManager->addError($e->getMessage()); } catch (\Exception $e) { $this->messageManager->addError(__('An error occurred while saving account.')); } /** @var \Magento\Backend\Model\View\Result\Redirect $resultRedirect */ $resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT); return $resultRedirect->setPath("*/*/"); }
/** * @return void */ public function testBeforeExecute() { $logoutReasonCode = 2; $uri = '/uri/'; $errorMessage = 'Error Message'; $this->securityCookieHelperMock->expects($this->once())->method('getLogoutReasonCookie')->willReturn($logoutReasonCode); $this->backendControllerAuthLoginMock->expects($this->once())->method('getRequest')->willReturn($this->requestMock); $this->requestMock->expects($this->once())->method('getUri')->willReturn($uri); $this->backendControllerAuthLoginMock->expects($this->once())->method('getUrl')->willReturn($uri); $this->adminSessionsManagerMock->expects($this->once())->method('getLogoutReasonMessageByStatus')->with($logoutReasonCode)->willReturn($errorMessage); $this->messageManagerMock->expects($this->once())->method('addError')->with($errorMessage); $this->securityCookieHelperMock->expects($this->once())->method('deleteLogoutReasonCookie')->willReturnSelf(); $this->controller->beforeExecute($this->backendControllerAuthLoginMock); }
/** * @return void */ public function testAroundProlongSessionIsNotActiveAndIsAjaxRequest() { $result = 'result'; $status = 1; $proceed = function () use($result) { return $result; }; $this->currentSessionMock->expects($this->any())->method('isActive')->willReturn(false); $this->authSessionMock->expects($this->once())->method('destroy'); $this->requestMock->expects($this->once())->method('getParam')->with('isAjax')->willReturn(true); $this->currentSessionMock->expects($this->once())->method('getStatus')->willReturn($status); $this->securityCookieHelperMock->expects($this->once())->method('setLogoutReasonCookie')->with($status)->willReturnSelf(); $this->model->aroundProlong($this->authSessionMock, $proceed); }
/** * Role form submit action to save or create new role * * @return \Magento\Backend\Model\View\Result\Redirect */ public function execute() { /** @var \Magento\Backend\Model\View\Result\Redirect $resultRedirect */ $resultRedirect = $this->resultFactory->create(ResultFactory::TYPE_REDIRECT); $rid = $this->getRequest()->getParam('role_id', false); $resource = $this->getRequest()->getParam('resource', false); $roleUsers = $this->getRequest()->getParam('in_role_user', null); parse_str($roleUsers, $roleUsers); $roleUsers = array_keys($roleUsers); $isAll = $this->getRequest()->getParam('all'); if ($isAll) { $resource = [$this->_objectManager->get('Magento\\Framework\\Acl\\RootResource')->getId()]; } $role = $this->_initRole('role_id'); if (!$role->getId() && $rid) { $this->messageManager->addError(__('This role no longer exists.')); return $resultRedirect->setPath('adminhtml/*/'); } try { $this->validateUser(); $roleName = $this->_filterManager->removeTags($this->getRequest()->getParam('rolename', false)); $role->setName($roleName)->setPid($this->getRequest()->getParam('parent_id', false))->setRoleType(RoleGroup::ROLE_TYPE)->setUserType(UserContextInterface::USER_TYPE_ADMIN); $this->_eventManager->dispatch('admin_permissions_role_prepare_save', ['object' => $role, 'request' => $this->getRequest()]); $role->save(); $this->_rulesFactory->create()->setRoleId($role->getId())->setResources($resource)->saveRel(); $this->processPreviousUsers($role); foreach ($roleUsers as $nRuid) { $this->_addUserToRole($nRuid, $role->getId()); } $this->messageManager->addSuccess(__('You saved the role.')); } catch (UserLockedException $e) { $this->_auth->logout(); $this->securityCookieHelper->setLogoutReasonCookie(\Magento\Security\Model\AdminSessionsManager::LOGOUT_REASON_USER_LOCKED); return $resultRedirect->setPath('*'); } catch (\Magento\Framework\Exception\AuthenticationException $e) { $this->messageManager->addError(__('You have entered an invalid password for current user.')); return $this->saveDataToSessionAndRedirect($role, $this->getRequest()->getPostValue(), $resultRedirect); } catch (\Magento\Framework\Exception\LocalizedException $e) { $this->messageManager->addError($e->getMessage()); } catch (\Exception $e) { $this->messageManager->addError(__('An error occurred while saving this role.')); } return $resultRedirect->setPath('*/*/'); }