/**
* Get the account name of an user.
*
* @return string
*/
public function getAccountName()
{
if ($this->account == null) {
return $this->email;
} else {
return $this->account->getAccountIdentifier();
}
}
/**
* @param \TYPO3\Flow\Security\Account $account
* @return string
*/
public function generateDisqusRemoteAuth(\TYPO3\Flow\Security\Account $account)
{
/** @var \TYPO3\Party\Domain\Model\Person $person */
$person = $account->getParty();
$data = array('id' => $account->getAccountIdentifier(), 'username' => $person->getName()->getFullName(), 'email' => $person->getPrimaryElectronicAddress()->getIdentifier(), 'avatar' => sprintf('//typo3.org/services/userimage.php?username=%s&size=big', $account->getAccountIdentifier()));
if (!isset($this->settings['disqusApiSecret'])) {
throw new \InvalidArgumentException('You need to set up a disqusApiSecrect in your settings.', 1425572965);
}
$message = base64_encode(json_encode($data));
$timestamp = time();
$apiSecret = $this->settings['disqusApiSecret'];
$hmac = $this->disqusHmacSha1($message . ' ' . $timestamp, $apiSecret);
return $message . ' ' . $hmac . ' ' . $timestamp;
}
/**
* @return \Ag\Login\Domain\Model\AccountDescriptor
*/
public function getDescriptor()
{
$d = new AccountDescriptor();
$d->accountId = $this->accountId;
$d->email = $this->login->getAccountIdentifier();
$d->name = $this->name;
$d->imageId = $this->imageId;
$d->roles = $this->login->getRoles();
foreach ($d->roles as $key => $role) {
$d->roles[$key] = $this->flowRoleToRole($role);
}
return $d;
}
/**
* @param Account $account
* @return void
*/
protected function sendNotificationMail(Account $account)
{
$notificationMailSettings = $this->settings['notificationMail'];
if (!$notificationMailSettings['to']) {
return;
}
$httpRequest = Request::createFromEnvironment();
$failedAttemptsThreshold = $this->settings['failedAttemptsThreshold'];
$time = (new \DateTime())->format('Y-m-d H:i');
$replacePlaceholders = function ($string) use($account, $httpRequest, $failedAttemptsThreshold, $time) {
return str_replace(['{domain}', '{ip}', '{userAgent}', '{accountIdentifier}', '{failedAttemptsThreshold}', '{time}'], [$httpRequest->getUri()->getHost(), $httpRequest->getClientIpAddress(), $_SERVER['HTTP_USER_AGENT'], $account->getAccountIdentifier(), $failedAttemptsThreshold, $time], $string);
};
$mail = new Message();
$mail->setFrom($replacePlaceholders($notificationMailSettings['from']['email']), $replacePlaceholders($notificationMailSettings['from']['name']))->setTo($notificationMailSettings['to'])->setSubject($replacePlaceholders($notificationMailSettings['subject']))->setBody($replacePlaceholders($notificationMailSettings['message']))->send();
}
/**
* Edit the given account
*
* @param Account $account
* @return void
*/
public function editAccountAction(Account $account)
{
$this->view->assignMultiple(array('account' => $account, 'user' => $this->userService->getUser($account->getAccountIdentifier(), $account->getAuthenticationProviderName())));
}
/**
* Update a given account
*
* @param Account $account The account to update
* @param array $roleIdentifiers A possibly updated list of roles for the user's primary account
* @param array $password Expects an array in the format array('<password>', '<password confirmation>')
* @Flow\Validate(argumentName="password", type="\TYPO3\Neos\Validation\Validator\PasswordValidator", options={ "allowEmpty"=1, "minimum"=1, "maximum"=255 })
* @return void
*/
public function updateAccountAction(Account $account, array $roleIdentifiers, array $password = array())
{
$user = $this->userService->getUser($account->getAccountIdentifier(), $account->getAuthenticationProviderName());
if ($user === $this->currentUser) {
$roles = array();
foreach ($roleIdentifiers as $roleIdentifier) {
$roles[$roleIdentifier] = $this->policyService->getRole($roleIdentifier);
}
if (!$this->privilegeManager->isPrivilegeTargetGrantedForRoles($roles, 'TYPO3.Neos:Backend.Module.Administration.Users')) {
$this->addFlashMessage('With the selected roles the currently logged in user wouldn\'t have access to this module any longer. Please adjust the assigned roles!', 'Don\'t lock yourself out', Message::SEVERITY_WARNING, array(), 1416501197);
$this->forward('edit', null, null, array('user' => $this->currentUser));
}
}
$password = array_shift($password);
if (strlen(trim(strval($password))) > 0) {
$this->userService->setUserPassword($user, $password);
}
$this->userService->setRolesForAccount($account, $roleIdentifiers);
$this->addFlashMessage('The account has been updated.', 'Account updated', Message::SEVERITY_OK);
$this->redirect('edit', null, null, array('user' => $user));
}
/**
* Checks if the given account is already in the account repository
*
* @param \TYPO3\Flow\Security\Account $account
* @return bool
*/
public function doesAccountExist(\TYPO3\Flow\Security\Account $account)
{
$accountIdentifier = $account->getAccountIdentifier();
$authenticationProviderName = $account->getAuthenticationProviderName();
$existingAccount = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($accountIdentifier, $authenticationProviderName);
return $existingAccount !== NULL;
}
/**
* Creates a personal workspace for the given user's account if it does not exist already.
*
* @param User $user The new user to create a workspace for
* @param Account $account The user's backend account
* @throws IllegalObjectTypeException
*/
protected function createPersonalWorkspace(User $user, Account $account)
{
$userWorkspaceName = UserUtility::getPersonalWorkspaceNameForUsername($account->getAccountIdentifier());
$userWorkspace = $this->workspaceRepository->findByIdentifier($userWorkspaceName);
if ($userWorkspace === null) {
$liveWorkspace = $this->workspaceRepository->findByIdentifier('live');
if (!$liveWorkspace instanceof Workspace) {
$liveWorkspace = new Workspace('live');
$liveWorkspace->setTitle('Live');
$this->workspaceRepository->add($liveWorkspace);
}
$userWorkspace = new Workspace($userWorkspaceName, $liveWorkspace, $user);
$userWorkspace->setTitle((string) $user->getName());
$this->workspaceRepository->add($userWorkspace);
}
}
/**
* @return string
*/
public function getProfileImage()
{
return sprintf('//typo3.org/services/userimage.php?username=%s&size=big', $this->payload->getAccountIdentifier());
}
/**
* {@inheritDoc}
*/
public function getAccountIdentifier()
{
$this->__initializer__ && $this->__initializer__->__invoke($this, 'getAccountIdentifier', array());
return parent::getAccountIdentifier();
}
/**
* Persists new accounts only. If account is allready persisted, then account will be overridden with account from repository.
*
* @param string $providerName Provider name
* @param Account $account account to persist.
*
* @return void
*/
private function persistAccount($providerName, Account &$account)
{
$accountFromRepository = $this->accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($account->getAccountIdentifier(), $account->getAuthenticationProviderName());
if ($accountFromRepository instanceof Account) {
$account = $accountFromRepository;
$this->updateRolesInAccount($providerName, $account);
return;
}
$casAttributes = $this->casManager->getCasAttributes($providerName);
$account->setRoles($this->getRoles($providerName, $casAttributes));
$this->mekeRedirectByNewUserIfNeeded($providerName, $account);
$this->finalizePersistingNewUser($account);
}
