fix ot_connect be_users creation

ot_connect/Classes/Service/OtAuthenticationService.php

@@ -35,7 +35,7 @@ class OtAuthenticationService extends AbstractAuthenticationService
         "artist-standard" => 1, // Association writer basic
         "school-premium" => 3, // Association writer full
         "artist-premium" => 3, // Association writer full
-        "manager-standard" => 3, // Association writer full
+        "manager" => 3, // Association writer full
     ];
 
     /**
@@ -260,7 +260,7 @@ class OtAuthenticationService extends AbstractAuthenticationService
     protected function shouldUserBeUpdated($username) {
 
         $connection = GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable('fe_users');
-        $q = $connection->select(['tx_otconnect_generationDate'], 'fe_users', ['username' => $username]);
+        $q = $connection->select(['tx_opentalent_generationDate'], 'fe_users', ['username' => $username]);
         $strGenDate = $q->fetch(3)[0];
 
         $genDate = DateTime::createFromFormat("Y-m-d H:i:s", $strGenDate);
@@ -294,7 +294,7 @@ class OtAuthenticationService extends AbstractAuthenticationService
         $connection = GeneralUtility::makeInstance(ConnectionPool::class)->getConnectionForTable('fe_users');
 
         // Since we don't want to store the password in the TYPO3 DB, we store a random string instead
-        $randomStr = (new Random)->generateRandomHexString(10);
+        $randomStr = (new Random)->generateRandomHexString(20);
 
         // Front-end user
         $fe_row = [
@@ -303,49 +303,94 @@ class OtAuthenticationService extends AbstractAuthenticationService
             'name' => $userApiData['name'],
             'first_name' => $userApiData['first_name'],
             'description' => '[ATTENTION: enregistrement auto-généré, ne pas modifier directement] FE User',
-            'tx_otconnect_opentalentId' => $userApiData['id'],
-            'tx_otconnect_generationDate' => date('Y/m/d H:i:s')
+            'deleted' => 0,
+            'tx_opentalent_opentalentId' => $userApiData['id'],
+            'tx_opentalent_generationDate' => date('Y/m/d H:i:s')
         ];
 
         // TODO: log a warning if a user with the same opentalentId exists (the user might have changed of username)
-        $q = $connection->select(['uid'], 'fe_users', ['tx_otconnect_opentalentId' => $userApiData['id']]);
-        $uid = $q->fetch(3)[0];
+        $q = $connection->select(
+            ['uid', 'tx_opentalent_opentalentId'],
+            'fe_users',
+            ['username' => $userApiData['username']]
+        );
+        $row = $q->fetch(3);
+        $uid = $row[0];
+        $tx_opentalent_opentalentId = $row[1];
+
         if (!$uid) {
             // No existing user: create
             $connection->insert('fe_users', $fe_row);
         } else {
             // User exists: update
+            if (!$tx_opentalent_opentalentId > 0) {
+                $this->writeLogMessage('WARNING: FE user ' . $userApiData['username'] . ' has been replaced by an auto-generated version.');
+            }
             $connection->update('fe_users', $fe_row, ['uid' => $uid]);
         }
 
         // Back-end user: only if admin
         foreach ($userApiData['accesses'] as $access) {
 
-            //<<<<< for testing purpose TODO: remove
-            $access['admin_access'] = 'true';
-            // >>>>>
-
             if ($access['admin_access'] == 'true') {
 
+                // get the site root of the user
+                $q = $connection->select(
+                    ['uid'],
+                    'pages',
+                    ['tx_opentalent_structure_id' => $access['organizationId'], 'is_siteroot' => 1]
+                );
+                $rootUid = $q->fetch(3)[0];
+
+                if (!$rootUid) {
+                    $this->writeLogMessage('ERROR: Unable to find the root page for user ' . $userApiData['username']);
+                }
+
+                // get the filemounts uids
+                $q = $connection->createQueryBuilder();
+                $q->select('uid')
+                    ->from('sys_filemounts')
+                    ->where("path LIKE '/user_upload/" . $access['organizationId'] . "/%'");
+                $res = $q->execute();
+                $rows = $res->fetchAll(3) ?: [];
+                $files = [];
+                foreach ($rows as $row) {
+                    $files[] = $row[0];
+                }
+
                 $be_row = [
                     'username' => $userApiData['username'],
                     'password' => $randomStr,
                     'description' => '[ATTENTION: enregistrement auto-généré, ne pas modifier directement] BE Admin for ' . $access['subDomain'] . ' (id: ' . $access['id'] . ')',
-//                    'avatar' => $userApiData['profile']['avatar'],
+                    'deleted' => 0,
                     'lang' => 'fr',
                     'usergroup' => isset(self::PRODUCT_MAPPING[$access['product']]) ? self::PRODUCT_MAPPING[$access['product']] : 1,
-                    'tx_otconnect_opentalentId' => $userApiData['id'],
-                    'tx_otconnect_organizationId' => $access['organizationId'],
-                    'tx_otconnect_generationDate' => date('Y/m/d H:i:s')
+                    'db_mountpoints' => $rootUid,
+                    'file_mountPoints' => join(',', $files),
+                    'options' => 2,
+                    'file_permissions' => 'readFolder,writeFolder,addFolder,renameFolder,moveFolder,deleteFolder,readFile,writeFile,addFile,renameFile,replaceFile,moveFile,copyFile,deleteFile',
+                    'tx_opentalent_opentalentId' => $userApiData['id'],
+                    'tx_opentalent_organizationId' => $access['organizationId'],
+                    'tx_opentalent_generationDate' => date('Y/m/d H:i:s')
                 ];
 
-                $q = $connection->select(['uid'], 'be_users', ['tx_otconnect_opentalentId' => $userApiData['id']]);
-                $uid = $q->fetch(3)[0];
+                $q = $connection->select(
+                    ['uid'],
+                    'be_users',
+                    ['username' => $userApiData['username']]
+                );
+                $row = $q->fetch(3);
+                $uid = $row[0];
+                $tx_opentalent_opentalentId = $row[1];
+
                 if (!$uid) {
                     // No existing user: create
                     $connection->insert('be_users', $be_row);
                 } else {
                     // User exists: update
+                    if (!$tx_opentalent_opentalentId > 0) {
+                        $this->writeLogMessage('WARNING: BE user ' . $userApiData['username'] . ' has been replaced by an auto-generated version.');
+                    }
                     $connection->update('be_users', $be_row, ['uid' => $uid]);
                 }
             }
@@ -389,7 +434,7 @@ class OtAuthenticationService extends AbstractAuthenticationService
         } else if ($this->authInfo['loginType'] === 'FE') {
             return self::STATUS_AUTHENTICATION_FAILURE;
 
-        } else if (isset($user['tx_otconnect_opentalentId']) and $user['tx_otconnect_opentalentId'] != null) {
+        } else if (isset($user['tx_opentalent_opentalentId']) and $user['tx_opentalent_opentalentId'] != null) {
             // This is a user from the Opentalent DB, and the API refused its auth
             // (For performance only, since the password stored in the Typo3 is a random string,
             //  the auth will be refused by the other services anyway)

ot_connect/ext_tables.sql

@@ -4,15 +4,15 @@
 # Table structure for table 'be_users'
 #
 CREATE TABLE be_users (
-	tx_otconnect_opentalentId bigint,
-	tx_otconnect_organizationId bigint,
-	tx_otconnect_generationDate datetime
+	tx_opentalent_opentalentId bigint,
+	tx_opentalent_organizationId bigint,
+	tx_opentalent_generationDate datetime
 );
 
 #
 # Table structure for table 'fe_users'
 #
 CREATE TABLE fe_users (
-    tx_otconnect_opentalentId bigint,
-    tx_otconnect_generationDate datetime
+    tx_opentalent_opentalentId bigint,
+    tx_opentalent_generationDate datetime
 );