/** * This method is called when the form of this step has been submitted * * @param array $formValues * @return void */ public function postProcessFormValues(array $formValues) { $user = new \TYPO3\TYPO3\Domain\Model\User(); $name = new \TYPO3\Party\Domain\Model\PersonName('', $formValues['firstName'], '', $formValues['lastName'], '', $formValues['username']); $user->setName($name); $user->getPreferences()->set('context.workspace', 'user-' . $formValues['username']); $this->partyRepository->add($user); $account = $this->accountFactory->createAccountWithPassword($formValues['username'], $formValues['password'], array('Administrator'), 'Typo3BackendProvider'); $account->setParty($user); $this->accountRepository->add($account); }
/** * @param PersonDto $person * @param NodeInterface $userStorageNode * @param string $dateOfBirth * @param array $password * @param string $recaptcha_challenge_field * @return void * * @throws \Exception * @throws \TYPO3\Flow\Mvc\Exception\ForwardException * @throws \TYPO3\Flow\Persistence\Exception\IllegalObjectTypeException * @throws \TYPO3\Flow\Security\Exception * * @Flow\Validate(argumentName="password", type="\TYPO3\Neos\Validation\Validator\PasswordValidator", options={ "allowEmpty"=0, "minimum"=6, "maximum"=255 }) * @Flow\Validate(argumentName="recaptcha_challenge_field", type="\BuJitsuDo\Authentication\Validation\Validator\CaptchaValidator") * @Flow\Validate(argumentName="person.emailAddress", type="\BuJitsuDo\Authentication\Validation\Validator\AccountDoesNotExistsValidator") */ public function registerAction(PersonDto $person, NodeInterface $userStorageNode, $dateOfBirth = NULL, array $password, $recaptcha_challenge_field = '') { $account = $this->accountFactory->createAccountWithPassword($person->getEmailAddress(), array_shift($password), $this->defaultRoles); $party = $this->objectManager->get('\\TYPO3\\Neos\\Domain\\Model\\User'); if ($dateOfBirth !== NULL) { $date = new \DateTime(); $date->setTimestamp(strtotime($dateOfBirth)); $person->setDateOfBirth($date); } if (!$party instanceof AbstractParty) { throw new \Exception('The configured className did not result in an object that inherits from AbstractParty.', 1397043150); } /** @var $party User */ $party->setName(new PersonName('', $person->getFirstName(), '', $person->getLastName())); $this->partyRepository->add($party); $account->setParty($party); $this->accountRepository->add($account); $this->persistenceManager->persistAll(); $profile = $this->createProfileNode($account, $userStorageNode, $person); if ($profile instanceof NodeInterface) { $this->forward('show', 'Frontend\\Node', 'TYPO3.Neos', ['node' => $profile]); } else { throw new \Exception('No profile node returned', 1239187); } }
/** * Authenticates against a crowd instance. * * @param \TYPO3\Flow\Security\Authentication\TokenInterface $authenticationToken The token to be authenticated * @return void * @throws \TYPO3\Flow\Security\Exception\UnsupportedAuthenticationTokenException */ public function authenticate(TokenInterface $authenticationToken) { if (!$authenticationToken instanceof UsernamePassword) { throw new UnsupportedAuthenticationTokenException('This provider cannot authenticate the given token.', 1217339845); } $credentials = $authenticationToken->getCredentials(); if (is_array($credentials) && isset($credentials['username']) && isset($credentials['password'])) { $crowdAuthenticationResponse = $this->crowdClient->authenticate($credentials['username'], $credentials['password']); if ($crowdAuthenticationResponse !== NULL) { /** @var $account \TYPO3\Flow\Security\Account */ $account = NULL; $providerName = $this->name; $accountRepository = $this->accountRepository; $this->securityContext->withoutAuthorizationChecks(function () use($credentials, $providerName, $accountRepository, &$account) { $account = $accountRepository->findActiveByAccountIdentifierAndAuthenticationProviderName($credentials['username'], $providerName); }); if ($account === NULL) { $account = new Account(); $account->setAuthenticationProviderName($providerName); $account->setAccountIdentifier($credentials['username']); $this->accountRepository->add($account); } $authenticateRole = $this->policyService->getRole($this->options['authenticateRole']); if ($account->hasRole($authenticateRole) === FALSE) { $account->addRole($authenticateRole); } $crowdUser = $this->partyService->getAssignedPartyOfAccount($account); if ($crowdUser instanceof Person) { if ($crowdUser->getName()->getFirstName() !== $crowdAuthenticationResponse['first-name']) { $crowdUser->getName()->setFirstName($crowdAuthenticationResponse['first-name']); $this->partyRepository->update($crowdUser); } if ($crowdUser->getName()->getLastName() !== $crowdAuthenticationResponse['last-name']) { $crowdUser->getName()->setLastName($crowdAuthenticationResponse['last-name']); $this->partyRepository->update($crowdUser); } if ($crowdUser->getPrimaryElectronicAddress()->getIdentifier() !== $crowdAuthenticationResponse['email']) { $crowdUser->getPrimaryElectronicAddress()->setIdentifier($crowdAuthenticationResponse['email']); $this->partyRepository->update($crowdUser); } } else { $crowdUser = new Person(); $crowdUser->setName(new PersonName('', $crowdAuthenticationResponse['first-name'], '', $crowdAuthenticationResponse['last-name'])); $email = new ElectronicAddress(); $email->setIdentifier($crowdAuthenticationResponse['email']); $email->setType(ElectronicAddress::TYPE_EMAIL); $crowdUser->setPrimaryElectronicAddress($email); $this->partyRepository->add($crowdUser); $this->partyService->assignAccountToParty($account, $crowdUser); } $authenticationToken->setAuthenticationStatus(TokenInterface::AUTHENTICATION_SUCCESSFUL); $authenticationToken->setAccount($account); } else { $authenticationToken->setAuthenticationStatus(TokenInterface::WRONG_CREDENTIALS); } } elseif ($authenticationToken->getAuthenticationStatus() !== TokenInterface::AUTHENTICATION_SUCCESSFUL) { $authenticationToken->setAuthenticationStatus(TokenInterface::NO_CREDENTIALS_GIVEN); } }
/** * Persists new Account. * * @param Account $account * * @return void */ public function finalizePersistingNewUser(Account $account) { $party = $account->getParty(); if ($party instanceof AbstractParty) { $this->partyRepository->add($party); } $this->accountRepository->add($account); $this->persistenceManager->persistAll(); }
/** * Create a new user * * This command creates a new user which has access to the backend user interface. * It is recommended to user the email address as a username. * * @param string $username The username of the user to be created. * @param string $password Password of the user to be created * @param string $firstName First name of the user to be created * @param string $lastName Last name of the user to be created * @param string $roles A comma separated list of roles to assign * @FLOW3\Validate(argumentName="username", type="EmailAddress") * @return void */ public function createCommand($username, $password, $firstName, $lastName, $roles = NULL) { $account = $this->accountRepository->findByAccountIdentifierAndAuthenticationProviderName($username, 'Typo3BackendProvider'); if ($account instanceof \TYPO3\FLOW3\Security\Account) { $this->outputLine('User "%s" already exists.', array($username)); $this->quit(1); } $user = new \TYPO3\TYPO3\Domain\Model\User(); $name = new \TYPO3\Party\Domain\Model\PersonName('', $firstName, '', $lastName, '', $username); $user->setName($name); $workspaceName = 'user-' . preg_replace('/[^a-z0-9]/i', '', $username); $user->getPreferences()->set('context.workspace', $workspaceName); $this->partyRepository->add($user); $roles = empty($roles) ? array('Editor') : explode(',', $roles); $account = $this->accountFactory->createAccountWithPassword($username, $password, $roles, 'Typo3BackendProvider'); $account->setParty($user); $this->accountRepository->add($account); $this->outputLine('Created account "%s".', array($username)); }
/** * @dataProvider personsDataProvider * @test */ public function personsAndAccountPersistingAndRetrievingWorksCorrectly($firstName, $middleName, $lastName, $emailAddress) { $person = new Domain\Model\Person(); $person->setName(new Domain\Model\PersonName('', $firstName, $middleName, $lastName)); $electronicAddress = new Domain\Model\ElectronicAddress(); $electronicAddress->setType(Domain\Model\ElectronicAddress::TYPE_EMAIL); $electronicAddress->setIdentifier($emailAddress); $person->setPrimaryElectronicAddress($electronicAddress); $account = $this->accountFactory->createAccountWithPassword($emailAddress, $this->persistenceManager->getIdentifierByObject($person)); $this->accountRepository->add($account); $person->addAccount($account); $this->partyRepository->add($person); $this->persistenceManager->persistAll(); $this->assertEquals(1, $this->partyRepository->countAll()); $this->persistenceManager->clearState(); $foundPerson = $this->partyRepository->findByIdentifier($this->persistenceManager->getIdentifierByObject($person)); $this->assertEquals($foundPerson->getName()->getFullName(), $person->getName()->getFullName()); $this->assertEquals($foundPerson->getName()->getFullName(), $firstName . ' ' . $middleName . ' ' . $lastName); $this->assertEquals($foundPerson->getPrimaryElectronicAddress()->getIdentifier(), $emailAddress); }
/** * @param string $identifier * @FLOW3\Validate(argumentName="identifier", type="NotEmpty") * @FLOW3\Validate(argumentName="identifier", type="StringLength", options={ "minimum"=1, "maximum"=255 }) * @FLOW3\Validate(argumentName="identifier", type="\TYPO3\TYPO3\Validation\Validator\AccountExistsValidator", options={ "authenticationProviderName"="Typo3BackendProvider" }) * @param array $password * @FLOW3\Validate(argumentName="password", type="\TYPO3\TYPO3\Validation\Validator\PasswordValidator", options={ "allowEmpty"=0, "minimum"=1, "maximum"=255 }) * @param string $firstName * @FLOW3\Validate(argumentName="firstName", type="NotEmpty") * @FLOW3\Validate(argumentName="firstName", type="StringLength", options={ "minimum"=1, "maximum"=255 }) * @param string $lastName * @FLOW3\Validate(argumentName="lastName", type="NotEmpty") * @FLOW3\Validate(argumentName="lastName", type="StringLength", options={ "minimum"=1, "maximum"=255 }) * @return void * @todo Security */ public function createAction($identifier, array $password, $firstName, $lastName) { $user = new \TYPO3\TYPO3\Domain\Model\User(); $name = new \TYPO3\Party\Domain\Model\PersonName('', $firstName, '', $lastName, '', $identifier); $user->setName($name); $user->getPreferences()->set('context.workspace', 'user-' . $identifier); $this->partyRepository->add($user); $account = $this->accountFactory->createAccountWithPassword($identifier, array_shift($password), array('Administrator'), 'Typo3BackendProvider'); $account->setParty($user); $this->accountRepository->add($account); $this->redirect('index'); }
/** * Adds a user whose User object has been created elsewhere * * This method basically "creates" a user like createUser() would, except that it does not create the User * object itself. If you need to create the User object elsewhere, for example in your ActionController, make sure * to call this method for registering the new user instead of adding it to the PartyRepository manually. * * This method also creates a new user workspace for the given user if no such workspace exist. * * @param string $username The username of the user to be created. * @param string $password Password of the user to be created * @param User $user The pre-built user object to start with * @param array $roleIdentifiers A list of role identifiers to assign * @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider" * @return User The same user object * @api */ public function addUser($username, $password, User $user, array $roleIdentifiers = null, $authenticationProviderName = null) { if ($roleIdentifiers === null) { $roleIdentifiers = array('TYPO3.Neos:Editor'); } $roleIdentifiers = $this->normalizeRoleIdentifiers($roleIdentifiers); $account = $this->accountFactory->createAccountWithPassword($username, $password, $roleIdentifiers, $authenticationProviderName ?: $this->defaultAuthenticationProviderName); $this->partyService->assignAccountToParty($account, $user); $this->partyRepository->add($user); $this->accountRepository->add($account); $this->createPersonalWorkspace($user, $account); $this->emitUserCreated($user); return $user; }
/** * Adds a user whose User object has been created elsewhere * * This method basically "creates" a user like createUser() would, except that it does not create the User * object itself. If you need to create the User object elsewhere, for example in your ActionController, make sure * to call this method for registering the new user instead of adding it to the PartyRepository manually. * * This method also creates a new user workspace for the given user if no such workspace exist. * * @param string $username The username of the user to be created. * @param string $password Password of the user to be created * @param User $user The pre-built user object to start with * @param array $roleIdentifiers A list of role identifiers to assign * @param string $authenticationProviderName Name of the authentication provider to use. Example: "Typo3BackendProvider" * @return User The same user object * @api */ public function addUser($username, $password, User $user, array $roleIdentifiers = NULL, $authenticationProviderName = NULL) { if ($roleIdentifiers === NULL) { $roleIdentifiers = array('TYPO3.Neos:Editor'); } $roleIdentifiers = $this->normalizeRoleIdentifiers($roleIdentifiers); $account = $this->accountFactory->createAccountWithPassword($username, $password, $roleIdentifiers, $authenticationProviderName ?: $this->defaultAuthenticationProviderName); $user->addAccount($account); $this->partyRepository->add($user); $this->accountRepository->add($account); $this->createUserWorkspace($username); $this->emitUserCreated($user); return $user; }
/** * Creates a temporary account * * @param string $accountIdentifier * @param string $password * @param string $firstName * @param string $lastName * @return Account */ protected function createTemporaryAccount($accountIdentifier, $password, $firstName, $lastName) { if (strlen($firstName) === 0 && strlen($lastName) === 0) { $firstName = 'Santa'; $lastName = 'Claus'; } $user = new User(); $user->setName(new PersonName('', $firstName, '', $lastName)); $user->getPreferences()->set('context.workspace', 'user-' . $accountIdentifier); $this->partyRepository->add($user); $account = $this->accountFactory->createAccountWithPassword($accountIdentifier, $password, array('TYPO3.Neos:Editor'), 'Typo3BackendProvider'); $account->setParty($user); $account->setExpirationDate(new \DateTime('+1 week')); $this->accountRepository->add($account); }
/** * @param Account $account * @param array $userdata * @return \TYPO3\Flow\Security\Account */ protected function updateAccount(Account $account, array $userdata) { $person = $this->partyService->getAssignedPartyOfAccount($account); if ($person === null) { $person = new Person(); $this->partyRepository->add($person); $this->partyService->assignAccountToParty($account, $person); } if (!$account->getRoles()) { $account->setRoles(array($this->policyService->getRole('T3DD.Backend:Authenticated'))); } $this->updatePerson($person, $userdata); $this->accountRepository->update($account); $this->persistenceManager->persistAll(); return $account; }
/** * @param AbstractClientToken $token * @throws InvalidPartyDataException */ public function createPartyAndAttachToAccountFor(AbstractClientToken $token) { $userData = $this->authenticationServicesUserData[(string) $token]; $party = new Person(); $party->setName(new PersonName('', $userData['first_name'], '', $userData['last_name'])); // Todo: this is not covered by the Person implementation, we should have a solution for that #$party->setBirthDate(\DateTime::createFromFormat('!m/d/Y', $userData['birthday'], new \DateTimeZone('UTC'))); #$party->setGender(substr($userData['gender'], 0, 1)); $electronicAddress = new ElectronicAddress(); $electronicAddress->setType(ElectronicAddress::TYPE_EMAIL); $electronicAddress->setIdentifier($userData['email']); $party->addElectronicAddress($electronicAddress); $partyValidator = $this->validatorResolver->getBaseValidatorConjunction('TYPO3\\Party\\Domain\\Model\\Person'); $validationResult = $partyValidator->validate($party); if ($validationResult->hasErrors()) { throw new InvalidPartyDataException('The created party does not satisfy the requirements', 1384266207); } $account = $token->getAccount(); $account->setParty($party); // TODO: this must be properly specifiable (the Roles to add) #$account->setRoles(); $this->accountRepository->update($account); $this->partyRepository->add($party); }
/** * Executes this finisher * @see AbstractFinisher::execute() * * @return void * @throws \TYPO3\Flow\Mvc\Exception\StopActionException(); */ protected function executeInternal() { /** @var \TYPO3\Form\Core\Runtime\FormRuntime $formRuntime */ $formRuntime = $this->finisherContext->getFormRuntime(); $formValueArray = $formRuntime->getFormState()->getFormValues(); if ($formRuntime->getRequest()->getParentRequest()->getControllerActionName() == 'editDataSheet') { // we need to update the data sheet, we assume that the person is authenticated because a data sheet can only be edited by a authenticated user /** @var \GIB\GradingTool\Domain\Model\Project $project */ $project = $this->projectRepository->findByIdentifier($formRuntime->getRequest()->getParentRequest()->getArgument('project')); // make a HTML representation of a diff of the old and new data $diffContent = DiffUtility::arrayDiffRecursive($project->getDataSheetContentArray(), $formValueArray); // store changes to project $project->setDataSheetContent($formValueArray); $project->setLastUpdated(new \TYPO3\Flow\Utility\Now()); // update e-mail address (could have changed in the data sheet) $projectManagerElectronicAddress = new \TYPO3\Party\Domain\Model\ElectronicAddress(); $projectManagerElectronicAddress->setIdentifier($formValueArray['projectManagerEmail']); $projectManagerElectronicAddress->setType(\TYPO3\Party\Domain\Model\ElectronicAddress::TYPE_EMAIL); $project->getProjectManager()->setPrimaryElectronicAddress($projectManagerElectronicAddress); $this->partyRepository->update($project->getProjectManager()); $this->projectRepository->update($project); $this->persistenceManager->persistAll(); // send a notification mail to the Administrator containing the changes $templateIdentifierOverlay = $this->templateService->getTemplateIdentifierOverlay('editDataSheetNotification', $project); $this->notificationMailService->sendNotificationMail($templateIdentifierOverlay, $project, NULL, '', '', $diffContent); // add a flash message $message = new \TYPO3\Flow\Error\Message('Your data sheet for project "%s" was successfully edited.', \TYPO3\Flow\Error\Message::SEVERITY_OK, array($project->getProjectTitle())); $this->flashMessageContainer->addMessage($message); } else { // we need to add a new data sheet /** @var \GIB\GradingTool\Domain\Model\Project $project */ $project = new \GIB\GradingTool\Domain\Model\Project(); $project->setProjectTitle($formValueArray['projectTitle']); $project->setDataSheetFormIdentifier($this->settings['forms']['dataSheet']['default']); $project->setSubmissionFormIdentifier($this->settings['forms']['submission']['default']); // store identifier=userName and password for later usage $identifier = $formValueArray['userName']; $password = $formValueArray['password']; // remove userName and password from data array so it doesn't get saved unencrypted unset($formValueArray['userName']); unset($formValueArray['password']); $project->setDataSheetContent($formValueArray); $project->setCreated(new \TYPO3\Flow\Utility\Now()); $this->projectRepository->add($project); // add a flash message $message = new \TYPO3\Flow\Error\Message('Your data sheet for project "%s" was successfully submitted.', \TYPO3\Flow\Error\Message::SEVERITY_OK, array($formValueArray['projectTitle'])); $this->flashMessageContainer->addMessage($message); if (!$this->authenticationManager->isAuthenticated() || $this->authenticationManager->isAuthenticated() && $this->authenticationManager->getSecurityContext()->hasRole('GIB.GradingTool:Administrator')) { // the product manager (supposedly) doesn't have an account yet, so we create one $projectManager = new \GIB\GradingTool\Domain\Model\ProjectManager(); $projectManagerName = new \TYPO3\Party\Domain\Model\PersonName('', $formValueArray['projectManagerFirstName'], '', $formValueArray['projectManagerLastName']); $projectManager->setName($projectManagerName); $projectManagerElectronicAddress = new \TYPO3\Party\Domain\Model\ElectronicAddress(); $projectManagerElectronicAddress->setIdentifier($formValueArray['projectManagerEmail']); $projectManagerElectronicAddress->setType(\TYPO3\Party\Domain\Model\ElectronicAddress::TYPE_EMAIL); $projectManager->addElectronicAddress($projectManagerElectronicAddress); $projectManager->setPrimaryElectronicAddress($projectManagerElectronicAddress); // add account $roles = array('GIB.GradingTool:ProjectManager'); $authenticationProviderName = 'DefaultProvider'; $account = $this->accountFactory->createAccountWithPassword($identifier, $password, $roles, $authenticationProviderName); $this->accountRepository->add($account); // add account to ProjectManager $projectManager->addAccount($account); // add project to ProjectManager $projectManager->addProject($project); // finally add the complete ProjectManager $this->partyRepository->add($projectManager); if (!$this->authenticationManager->getSecurityContext()->hasRole('GIB.GradingTool:Administrator')) { // authenticate user if no Administrator is authenticated $authenticationTokens = $this->securityContext->getAuthenticationTokensOfType('TYPO3\\Flow\\Security\\Authentication\\Token\\UsernamePassword'); if (count($authenticationTokens) === 1) { $authenticationTokens[0]->setAccount($account); $authenticationTokens[0]->setAuthenticationStatus(\TYPO3\Flow\Security\Authentication\TokenInterface::AUTHENTICATION_SUCCESSFUL); } // add a flash message $message = new \TYPO3\Flow\Error\Message('The account "%s" was created and you were successfully logged in.', \TYPO3\Flow\Error\Message::SEVERITY_OK, array($identifier)); $this->flashMessageContainer->addMessage($message); } } elseif ($this->authenticationManager->isAuthenticated() && $this->authenticationManager->getSecurityContext()->hasRole('GIB.GradingTool:ProjectManager')) { // a productManager is adding a new project to his account /** @var \GIB\GradingTool\Domain\Model\ProjectManager $projectManager */ $projectManager = $this->authenticationManager->getSecurityContext()->getParty(); $projectManager->addProject($project); $this->partyRepository->update($projectManager); } $this->persistenceManager->persistAll(); // send notification mail to project manager (bcc to team) $templateIdentifierOverlay = $this->templateService->getTemplateIdentifierOverlay('newDataSheetProjectManagerNotification', $project); $this->notificationMailService->sendNotificationMail($templateIdentifierOverlay, $project, $projectManager, $formValueArray['projectManagerFirstName'] . ' ' . $formValueArray['projectManagerLastName'], $formValueArray['projectManagerEmail']); // send notification mail to the GIB team $templateIdentifierOverlay = $this->templateService->getTemplateIdentifierOverlay('newDataSheetTeamNotification', $project); $dataSheetArray = $this->dataSheetService->getProcessedDataSheet($project); $this->notificationMailService->sendNotificationMail($templateIdentifierOverlay, $project, $projectManager, '', '', $dataSheetArray); } $this->persistenceManager->persistAll(); // redirect to dashboard $formRuntime = $this->finisherContext->getFormRuntime(); $request = $formRuntime->getRequest()->getMainRequest(); $uriBuilder = new \TYPO3\Flow\Mvc\Routing\UriBuilder(); $uriBuilder->setRequest($request); $uriBuilder->reset(); $uri = $uriBuilder->uriFor('editDatasheet', array('project' => $project), 'Project'); $response = $formRuntime->getResponse(); $mainResponse = $response; while ($response = $response->getParentResponse()) { $mainResponse = $response; } $mainResponse->setStatus(303); $mainResponse->setHeader('Location', (string) $uri); throw new \TYPO3\Flow\Mvc\Exception\StopActionException(); }