/** * @param \SKL\Post\Domain\Model\Author $author * @return void */ public function editAction(Author $author) { $account = $this->securityContext->getAccount(); $this->view->assign('usrname', $account->getAccountIdentifier()); $this->view->assign('listCategories', $this->categoryRepository->findAll()); $this->view->assign('author', $author); }
/** * TODO: Document this Method! ( assignVariables ) */ public function preToolbarRendering() { $account = $this->context->getAccount(); $votes = array(); $privilege = array('PRIVILEGE_ABSTAIN', 'PRIVILEGE_GRANT', 'PRIVILEGE_DENY'); $roleVotes = \Debug\Toolbar\Service\DataStorage::get('Security:RoleVotes'); if (is_array($roleVotes)) { foreach ($roleVotes as $key => $value) { $vote = array('role' => (string) $value['role']); $vote['privilege'] = ''; if (is_array($value['privileges'])) { foreach ($value['privileges'] as $k => $p) { $vote['privilege'] = $privilege[$p]; } } $votes[$value['role'] . ':' . $vote['privilege']] = $vote; } } else { $roles = $this->context->getRoles(); foreach ($roles as $key => $value) { $vote = array('role' => (string) $value); $votes[] = $vote; } } \Debug\Toolbar\Service\Collector::getModule('Security')->getToolbar()->addIcon('user')->addText(is_object($account) ? $account->getAccountIdentifier() : 'Guest')->getPopup()->addPartial('Security', array('roles' => $this->context->getRoles(), 'account' => $this->context->getaccount(), 'votes' => $votes))->getPanel()->addPartial('Security', array('roles' => $this->context->getRoles(), 'account' => $this->context->getaccount(), 'votes' => $votes)); }
/** * Get the account of the first authenticated token. * * @return \TYPO3\Flow\Security\Account|NULL */ public function getAccount() { if ($this->securityContext->canBeInitialized()) { return $this->securityContext->getAccount(); } return NULL; }
/** * @return void */ public function indexAction() { $account = $this->securityContext->getAccount(); $this->view->assign('usrname', $account->getAccountIdentifier()); $this->view->assign('setups', $this->setupRepository->findAll()); $this->view->assign('listCategories', $this->categoryRepository->findAll()); }
/** * Initializes the controller before invoking an action method. * */ public function initializeAction() { if ($this->securityContext->canBeInitialized()) { $account = $this->securityContext->getAccount(); $this->bearbeiterObj = $this->bearbeiterRepository->findOneByAccount($account); } $this->cacheInterface = $this->cacheManager->getCache('GermaniaSacra_GermaniaCache'); }
/** * Returns the currently logged in user, if any * * @return User The currently logged in user, or NULL */ public function getCurrentUser() { $account = $this->securityContext->getAccount(); if ($account === NULL) { return NULL; } return $this->userRepository->findOneHavingAccount($account); }
/** * Returns the name of the currently logged in user's personal workspace (even if that might not exist at that time). * If no user is logged in this method returns "live". * * @return string */ public function getUserWorkspaceName() { $account = $this->securityContext->getAccount(); if ($account === NULL) { return 'live'; } return 'user-' . preg_replace('/[^a-z0-9]/i', '', $account->getAccountIdentifier()); }
/** * @param string $title * @param string $uri * @param string $identifier */ public function disqusAction($title, $uri, $identifier) { $this->view->assign('title', $title); $this->view->assign('uri', $uri); $this->view->assign('identifier', $identifier); if ($account = $this->securityContext->getAccount()) { $this->view->assign('remoteAuth', $this->disqusRemoteAuthService->generateDisqusRemoteAuth($account)); } }
/** * Try to set the current account identifier emitting the events, if possible * * @return void */ protected function initializeAccountIdentifier() { if ($this->securityContext->canBeInitialized()) { $account = $this->securityContext->getAccount(); if ($account !== NULL) { $this->eventEmittingService->setCurrentAccountIdentifier($account->getAccountIdentifier()); } } }
/** * Initializes some basic stuff that will basically be needed for each and * every action that is executed later on. */ public function initializeAction() { // get the account of the authenticated user $this->account = $this->securityContext->getAccount(); // set the locale $this->locale = $this->localeDetector->detectLocaleFromLocaleTag($this->settings['defaultLanguage']); if ($this->l18nService->getConfiguration()->getCurrentLocale() !== $this->locale) { $this->l18nService->getConfiguration()->setCurrentLocale($this->locale); } }
/** * @param string $session */ public function deleteAction($session) { $account = $this->securityContext->getAccount(); /** @var \T3DD\Backend\Domain\Model\Vote $vote */ $vote = $this->voteRepository->getVoteForAccountAndSession($session, $account); if (!$vote) { $this->response->setStatus(404); return; } $this->voteRepository->remove($vote); }
/** * @throws \TYPO3\Flow\Security\Exception\AuthenticationRequiredException * @throws \TYPO3\Flow\Security\Exception\AccessDeniedException * @return void */ public function authenticateAction() { try { $this->authenticationManager->authenticate(); $account = $this->securityContext->getAccount(); $this->redirect('index', 'Dashboard', NULL, array('user' => $account)); } catch (\TYPO3\Flow\Security\Exception\AuthenticationRequiredException $exception) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Bitte die korrekten Benutzerdaten eingeben.')); //$this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($exception->getMessage())); throw $exception; } }
/** * @param Participant $participant */ public function updateAction(Participant $participant) { $participantEntity = $participant->getPayload(); if ($participantEntity->getAccount() !== NULL && $participantEntity->getAccount() !== $this->securityContext->getAccount() && !$this->securityContext->hasRole('T3DD.Backend:Administrator')) { $this->response->setStatus(403); return; } if (!$participantEntity->isCompleted()) { $participantEntity->setCompleted(TRUE); $participantEntity->setAccount($this->securityContext->getAccount()); } $this->participantRepository->update($participantEntity); $this->view->assign('value', $participant); }
/** * Initialize view action * * @param \TYPO3\Flow\Mvc\View\ViewInterface $view * @return void */ protected function initializeView(\TYPO3\Flow\Mvc\View\ViewInterface $view) { $loggedUser = $this->securityContext->getAccount(); $currentUrl = $this->request->getHttpRequest()->getUri(); $view->assign('currentpage', $currentUrl); $view->assign('state', $this->base64UrlEncode($currentUrl)); if ($loggedUser != NULL) { $view->assign('loggedInUser', $this->securityContext->getAccount()->getAccountIdentifier()); $view->assign('currentUser', $this->securityContext->getAccount()->getParty()); } $facebook_appid = $this->facebookService->getAppId(); $facebook_redirecturi = $this->facebookService->getRedirectUri(); $vkLoginUrl = $this->vkService->getAuthorizationUri(); $this->view->assignMultiple(array('vk_url' => $vkLoginUrl, 'google_url' => $this->googlePlusService->getAuthorizationUri(), 'facebook_appid' => $facebook_appid, 'facebook_redirecturi' => $facebook_redirecturi)); }
/** * The given $value is valid if it is an array of format array(hash:string, phrase:string) and the hash was derived from the entered phrase * * @param mixed $value The value that should be validated * @return void */ protected function isValid($value) { if (!($this->options["ignoreWhenLoggedIn"] && $this->securityContext->getAccount())) { if (is_array($value)) { if (empty($value["hash"]) || empty($value["phrase"])) { $this->addError("Malformed array given; expected array(hash:string, phrase:string)", 422526241); } else { if ($this->captchaService->validatePhrase($value["phrase"], $value["hash"]) !== true) { $this->addError("Given captcha phrase mismatches the hash", 422526242); } } } else { $this->addError("This argument must be an array", 422526240); } } }
/** * Creats a file to be checked be cronjob before exporting the data */ public function dataexportAction() { $dumpDirectory = $this->dataImport->dumpDirectory; $executeDumpExportFile = $dumpDirectory . self::executeExportDump; if (!file_exists($executeDumpExportFile) && ($fileHandle = fopen($executeDumpExportFile, "w"))) { $txt = ''; if ($this->securityContext->canBeInitialized()) { if ($account = $this->securityContext->getAccount()) { $jobOwner = $this->bearbeiterRepository->findOneByAccount($account); $txt = 'Dieser Export wurde angelegt von ' . $jobOwner; } } fwrite($fileHandle, $txt); fclose($fileHandle); $currentTimeMinutes = date('i'); $minutesFraction = substr($currentTimeMinutes, 1, 1); $nextImportDumpExecution = 10 - $minutesFraction; echo 'Die nächste Veröffentlichung wird in ' . $nextImportDumpExecution . ' Minuten durchgeführt.' . '<br>'; echo 'Sie dauert ca. 5 Minuten.' . '<br>'; } elseif (file_exists($executeDumpExportFile)) { echo "Die Veröffentlichung ist bereits vorgemerkt."; } else { echo "Der Veröffentlichung-Job konnte leider nicht angelegt werden."; } exit; }
/** * index action, does only display the form */ public function indexAction() { $account = $this->securityContext->getAccount(); $facebook_appid = $this->facebookService->getAppId(); $facebook_redirecturi = $this->facebookService->getRedirectUri(); $vkLoginUrl = $this->vkService->getAuthorizationUri(); $this->view->assignMultiple(array('vk_url' => $vkLoginUrl, 'twitter_url' => $this->twitterService->getAuthorizationUri(), 'google_url' => $this->googlePlusService->getAuthorizationUri(), 'facebook_appid' => $facebook_appid, 'facebook_redirecturi' => $facebook_redirecturi)); }
/** * @return \TYPO3\Flow\Security\Account * @throws Exception * @throws \TYPO3\Flow\Persistence\Exception\IllegalObjectTypeException */ protected function generateTokenAccount() { $account = $this->securityContext->getAccount(); $tokenAccount = $this->accountFactory->createAccountWithPassword($account->getAccountIdentifier(), Algorithms::generateRandomString(25), array_keys($account->getRoles()), $this->apiToken->getAuthenticationProviderName()); $this->accountRepository->add($tokenAccount); $this->persistenceManager->persistAll(); return $tokenAccount; }
/** * @param \T3DD\Backend\Domain\Model\Registration\Registration $registration */ public function deleteAction(\T3DD\Backend\Domain\Model\Registration\Registration $registration) { if (!$this->securityContext->hasRole('T3DD.Backend:Administrator') && (!$registration->getSecondsToExpiration() || $registration->getAccount() !== $this->securityContext->getAccount())) { $this->response->setStatus(403); return; } $this->registrationRepository->remove($registration); $this->view->assign('value', NULL); }
/** * @return \Incvisio\LostFound\Domain\Model\User */ public function getCurrentUser() { if ($this->securityContext->getAccount() != NULL) { return $this->securityContext->getAccount()->getParty(); } else { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error($this->translator->translateById('main.messages.pleaseLogin', array(), NULL, NULL, 'Main', 'Incvisio.LostFound'))); $this->redirect('index', 'Standard'); } }
/** * @param string $password * @param string $passwordConfirmation * @return void */ public function resetAction($password, $passwordConfirmation) { if ($password === '' || $password !== $passwordConfirmation) { $this->flashMessageContainer->addMessage(new \TYPO3\Flow\Error\Error('Passwords didn\'t match!', 1435750717)); return $this->errorAction(); } $this->crowdClient->setPasswordForUser($this->securityContext->getAccount()->getAccountIdentifier(), $password); $this->addFlashMessage('Your password has been updated!'); $this->redirect('resetForm'); }
/** * @param string $sso * @param string $sig * @return void * @Flow\SkipCsrfProtection */ public function authenticateDiscourseUserAction($sso = '', $sig = '') { if ($sso === '' && $sig === '') { $argumentsOfInterceptedRequest = $this->securityContext->getInterceptedRequest()->getArguments(); if (!isset($argumentsOfInterceptedRequest['sso']) || !isset($argumentsOfInterceptedRequest['sig'])) { return 'This page needs to be called with valid sso and sig arguments from crowd!'; } $sso = $argumentsOfInterceptedRequest['sso']; $sig = $argumentsOfInterceptedRequest['sig']; } if (hash_hmac('sha256', $sso, $this->ssoSecret) === $sig) { parse_str(base64_decode($sso), $incomingPayload); $currentAccount = $this->securityContext->getAccount(); /** @var Person $crowdUser */ $crowdUser = $this->partyService->getAssignedPartyOfAccount($currentAccount); $outgoingPayload = base64_encode(http_build_query(array('nonce' => $incomingPayload['nonce'], 'email' => $crowdUser->getPrimaryElectronicAddress()->getIdentifier(), 'name' => $crowdUser->getName()->getFullName(), 'username' => $currentAccount->getAccountIdentifier(), 'external_id' => $currentAccount->getAccountIdentifier()), '', '&', PHP_QUERY_RFC3986)); $outgoingSignature = hash_hmac('sha256', $outgoingPayload, $this->ssoSecret); $this->redirectToUri(sprintf('%s?%s', $this->discourseSsoUrl, http_build_query(array('sso' => $outgoingPayload, 'sig' => $outgoingSignature), '', '&', PHP_QUERY_RFC3986)), 0, 302); } return 'Sorry, we couldn\'t log you in'; }
/** * @param string $requestID * @return string */ public function callbackAction($requestID) { $requestID = $this->sanitizeReturnTo($requestID); return sprintf('<html><body> <script> try { // Catch Security error window.opener.onSSOAuth("%s", %s); } catch(exception){} window.close(); </script> </body></html>', $requestID, json_encode($this->buildAccountDTO($this->securityContext->getAccount(), $this->response->getCookie('TYPO3_Flow_Session')))); }
/** * Returns the processed Configuration * * @param \TYPO3\TYPO3CR\Domain\Model\NodeType $nodeType (uninitialized) The node type to process * @param array $configuration input configuration * @param array $options The processor options * @return void */ public function process(NodeType $nodeType, array &$configuration, array $options) { if ($this->securityContext->canBeInitialized()) { /* Check if user is logged in */ if ($this->securityContext->getAccount()) { $admin = false; $role = $this->policyService->getRole('TYPO3.Neos:Administrator'); if ($role && $this->securityContext->getAccount()->hasRole($role)) { $admin = true; } if (!$admin) { // foreach ($configuration['properties']['departmentName']['ui']['inspector']['editorOptions']['values'] as $key => $val) { // $configuration['properties']['departmentName']['ui']['inspector']['editorOptions']['values'][$key]['disabled'] = TRUE; // } // if ($nodeType->getName() == 'TYPO3.Neos.NodeTypes:Page') { // $configuration['constraints']['nodeTypes']['TYPO3.Neos.NodeTypes:Page'] = FALSE; // } unset($configuration['properties']['departmentName']); } } } }
/** * @param Session $session */ public function deleteAction(Session $session) { if ($session->getAccount() !== $this->securityContext->getAccount() && !$this->securityContext->hasRole('T3DD.Backend:Administrator')) { $this->response->setStatus(403); return; } foreach ($this->voteRepository->findBySession($session) as $vote) { $this->voteRepository->remove($vote); } $this->sessionRepository->remove($session); // TODO Fix redirect $this->redirect('index'); }
/** * Stores log entries for given actions. * * @param string $component of the whole application * @param string $action the performed action to be logged */ protected function writeLogEntry($component, $action) { $entry = new \Roketi\Panel\Domain\Model\LogEntry(); $entry->setTimeStamp(new \DateTime()); $entry->setAction($action); $entry->setComponent($component); if ($this->doLogTheCurrentUser === TRUE) { $account = $this->context->getAccount(); $entry->setAccount($account); } else { $entry->unsetAccount(); } // fiddle out the IP of the client $requestHandler = $this->bootstrap->getActiveRequestHandler(); if ($requestHandler instanceof \TYPO3\Flow\Http\HttpRequestHandlerInterface) { $ip = $requestHandler->getHttpRequest()->getClientIPAddress(); } else { $ip = ''; } $entry->setRemoteIp($ip); $this->logEntryRepository->add($entry); $this->persistenceManager->persistAll(); }
/** * Initializes all actions with commons logic. */ protected function initializeAction() { // Alternative to Flow's own json handling // FIXME if ($this->request->hasArgument('json')) { $this->isJson = true; $this->request->setFormat('json'); $this->view = new \TYPO3\Flow\Mvc\View\JsonView(); $this->view->setControllerContext($this->controllerContext); } if ($this->securityContext != null) { $account = $this->securityContext->getAccount(); if ($account == null) { if ($this->isJson) { $this->throwStatus(403); } else { $this->authenticationManager->authenticate(); } } else { /** @var \_OurBrand_\My\Domain\Model\User $user */ $user = $account->getParty(); if (!$user) { // Seriously bad! $this->throwStatus(403); } // Necessary for our easy role identifier functions! if ($user->getAccounts()->count() == 0) { $user->addAccount($account); } $this->currentUser = $user; // Set the quiz subjects that this user has access to. if (count($user->getQuizSubscriptionDataForQuizType(0)) == 0) { $this->accessHelper->setUserSubjectsAndTeamLevels($user); } } } else { if ($this->isJson) { $this->throwStatus(403); } else { $this->authenticationManager->authenticate(); } } if ($this->loginSession->getData('studentQuizSession') != null) { $this->studentQuizSession = $this->loginSession->getData('studentQuizSession'); } // Prevent browser caching of content. Everything is dynamic in this application. $this->response->setHeader('Cache-Control', 'no-cache, no-store, must-revalidate'); $this->response->setHeader('Pragma', 'no-cache'); $this->response->setHeader('Expires', '0'); }
/** * @param array $password * @throws UpdateNodeException * @Flow\Validate(argumentName="password", type="\TYPO3\Neos\Validation\Validator\PasswordValidator", options={ "allowEmpty"=0, "minimum"=6, "maximum"=255 }) * @return string */ public function updatePasswordAction(array $password) { $account = $this->securityContext->getAccount(); $locale = new Locale('nl'); if (!$account instanceof Account) { $this->response->setHeader('Notification', $this->translator->translateById('profile.update.password.response.failure', [], NULL, $locale, 'Main', 'BuJitsuDo.Authentication')); throw new UpdateNodeException('No account (session) present', 127381164); } $newPassword = $this->hashService->hashPassword($password[0], 'default'); $account->setCredentialsSource($newPassword); $this->accountRepository->update($account); $this->response->setHeader('Notification', $this->translator->translateById('profile.update.password.response.success', [], NULL, $locale, 'Main', 'BuJitsuDo.Authentication')); $this->response->setHeader('NotificationType', 'success'); return ''; }
/** * Render user initials or an abbreviated name for a given username. If the account was deleted, use the username as fallback. * * @param string $format Supported are "fullFirstName" and "initials" * @return string */ public function render($format = 'initials') { if (!in_array($format, array('fullFirstName', 'initials', 'fullName'))) { throw new \InvalidArgumentException(sprintf('Format "%s" given to history:userInitials(), only supporting "fullFirstName", "initials" and "fullName".', $format), 1415705861); } $accountIdentifier = $this->renderChildren(); // TODO: search by credential source is still needed /* @var $account \TYPO3\Flow\Security\Account */ $account = $this->accountRepository->findOneByAccountIdentifier($accountIdentifier); if ($account === null) { return $accountIdentifier; } /* @var $requestedUser Person */ $requestedUser = $account->getParty(); if ($requestedUser === null || $requestedUser->getName() === null) { return $accountIdentifier; } if ($this->securityContext->canBeInitialized()) { if ($this->securityContext->getAccount()) { /** @var User $currentUser */ $currentUser = $this->securityContext->getAccount()->getParty(); if ($currentUser === $requestedUser) { $languageIdentifier = $currentUser->getPreferences()->get('interfaceLanguage') ? $currentUser->getPreferences()->get('interfaceLanguage') : $this->defaultLanguageIdentifier; $you = $translation = $this->translator->translateById('you', array(), 1, new Locale($languageIdentifier), 'Main', 'TYPO3.Neos'); } } } switch ($format) { case 'initials': return mb_substr($requestedUser->getName()->getFirstName(), 0, 1) . mb_substr($requestedUser->getName()->getLastName(), 0, 1); case 'fullFirstName': return isset($you) ? $you : $requestedUser->getName()->getFirstName() . ' ' . mb_substr($requestedUser->getName()->getLastName(), 0, 1) . '.'; case 'fullName': return isset($you) ? $you : $requestedUser->getName()->getFullName(); } }
/** * Rebase the current users personal workspace onto the given $targetWorkspace and then * redirects to the $targetNode in the content module. * * @param NodeInterface $targetNode * @param Workspace $targetWorkspace * @return void */ public function rebaseAndRedirectAction(NodeInterface $targetNode, Workspace $targetWorkspace) { $currentAccount = $this->securityContext->getAccount(); $personalWorkspace = $this->workspaceRepository->findOneByName('user-' . $currentAccount->getAccountIdentifier()); /** @var Workspace $personalWorkspace */ if ($this->publishingService->getUnpublishedNodesCount($personalWorkspace) > 0) { $message = $this->translator->translateById('workspaces.cantEditBecauseWorkspaceContainsChanges', [], null, null, 'Modules', 'TYPO3.Neos'); $this->addFlashMessage($message, '', Message::SEVERITY_WARNING, [], 1437833387); $this->redirect('show', null, null, ['workspace' => $targetWorkspace]); } $personalWorkspace->setBaseWorkspace($targetWorkspace); $this->workspaceRepository->update($personalWorkspace); $contextProperties = $targetNode->getContext()->getProperties(); $contextProperties['workspaceName'] = $personalWorkspace->getName(); $context = $this->contextFactory->create($contextProperties); $mainRequest = $this->controllerContext->getRequest()->getMainRequest(); /** @var ActionRequest $mainRequest */ $this->uriBuilder->setRequest($mainRequest); $this->redirect('show', 'Frontend\\Node', 'TYPO3.Neos', ['node' => $context->getNode($targetNode->getPath())]); }