|
@@ -154,8 +154,10 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
// Request the latest data for the user and write it in the Typo3 DB
|
|
// Request the latest data for the user and write it in the Typo3 DB
|
|
|
// * The shouldUserBeUpdated() method checks if the user was already
|
|
// * The shouldUserBeUpdated() method checks if the user was already
|
|
|
// generated in the last minutes, to avoid unnecessary operations *
|
|
// generated in the last minutes, to avoid unnecessary operations *
|
|
|
|
|
+
|
|
|
if ($this->shouldUserBeUpdated($username)) {
|
|
if ($this->shouldUserBeUpdated($username)) {
|
|
|
- $wasUpdated = $this->createOrUpdateUser();
|
|
|
|
|
|
|
+ $wasUpdated = $this->createOrUpdateUser($this->authInfo['loginType'] === 'BE');
|
|
|
|
|
+
|
|
|
if (!$wasUpdated) {
|
|
if (!$wasUpdated) {
|
|
|
// An error happened during the update of the user's data
|
|
// An error happened during the update of the user's data
|
|
|
// since its data may have changed (credentials, rights, rôles...)
|
|
// since its data may have changed (credentials, rights, rôles...)
|
|
@@ -293,12 +295,12 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
* @param string $username
|
|
* @param string $username
|
|
|
* @return bool
|
|
* @return bool
|
|
|
*/
|
|
*/
|
|
|
- protected function shouldUserBeUpdated(string $username): bool
|
|
|
|
|
|
|
+ protected function shouldUserBeUpdated(string $username, bool $isBackend = false): bool
|
|
|
{
|
|
{
|
|
|
-
|
|
|
|
|
- $cnn = $this->connectionPool->getConnectionForTable('fe_users');
|
|
|
|
|
- $q = $cnn->select(['tx_opentalent_generationDate'], 'fe_users', ['username' => $username]);
|
|
|
|
|
- $strGenDate = $q->fetch(3)[0];
|
|
|
|
|
|
|
+ $table = $isBackend ? 'be_users' : 'fe_users';
|
|
|
|
|
+ $cnn = $this->connectionPool->getConnectionForTable($table);
|
|
|
|
|
+ $q = $cnn->select(['tx_opentalent_generationDate'], $table, ['username' => $username]);
|
|
|
|
|
+ $strGenDate = $q->fetch(3)[0] ?? '1970-01-01 00:00:00';
|
|
|
|
|
|
|
|
$genDate = DateTime::createFromFormat("Y-m-d H:i:s", $strGenDate);
|
|
$genDate = DateTime::createFromFormat("Y-m-d H:i:s", $strGenDate);
|
|
|
if ($genDate == null) {
|
|
if ($genDate == null) {
|
|
@@ -316,8 +318,11 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
*
|
|
*
|
|
|
* @return bool
|
|
* @return bool
|
|
|
*/
|
|
*/
|
|
|
- protected function createOrUpdateUser(): bool
|
|
|
|
|
|
|
+ protected function createOrUpdateUser(bool $isBackend = false): bool
|
|
|
{
|
|
{
|
|
|
|
|
+ $table = $isBackend ? 'be_users' : 'fe_users';
|
|
|
|
|
+ $group_table = $isBackend ? 'fe_groups' : 'fe_groups';
|
|
|
|
|
+
|
|
|
// Get user's data from the API
|
|
// Get user's data from the API
|
|
|
$userApiData = $this->getUserData();
|
|
$userApiData = $this->getUserData();
|
|
|
|
|
|
|
@@ -327,24 +332,33 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
return false;
|
|
return false;
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
- $connection = $this->connectionPool->getConnectionForTable('fe_users');
|
|
|
|
|
|
|
+ $connection = $this->connectionPool->getConnectionForTable($table);
|
|
|
|
|
|
|
|
// Since we don't want to store the password in the TYPO3 DB, we store a random string instead
|
|
// Since we don't want to store the password in the TYPO3 DB, we store a random string instead
|
|
|
$randomStr = (new Random)->generateRandomHexString(20);
|
|
$randomStr = (new Random)->generateRandomHexString(20);
|
|
|
|
|
|
|
|
// Front-end user
|
|
// Front-end user
|
|
|
- $fe_row = [
|
|
|
|
|
|
|
+ $user_row = [
|
|
|
'username' => $userApiData['username'],
|
|
'username' => $userApiData['username'],
|
|
|
'password' => $randomStr,
|
|
'password' => $randomStr,
|
|
|
- 'name' => $userApiData['name'],
|
|
|
|
|
- 'first_name' => $userApiData['first_name'],
|
|
|
|
|
'description' => '[Warning: auto-generated record, do not modify] FE User',
|
|
'description' => '[Warning: auto-generated record, do not modify] FE User',
|
|
|
'deleted' => 0,
|
|
'deleted' => 0,
|
|
|
'tx_opentalent_opentalentId' => $userApiData['id'],
|
|
'tx_opentalent_opentalentId' => $userApiData['id'],
|
|
|
'tx_opentalent_generationDate' => date('Y/m/d H:i:s')
|
|
'tx_opentalent_generationDate' => date('Y/m/d H:i:s')
|
|
|
];
|
|
];
|
|
|
|
|
|
|
|
- $groupsUid = [self::GROUP_FE_ALL_UID];
|
|
|
|
|
|
|
+ if (!$isBackend) {
|
|
|
|
|
+ $user_row['name'] = $userApiData['name'];
|
|
|
|
|
+ $user_row['first_name'] = $userApiData['first_name'];
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ $groupsUid = [];
|
|
|
|
|
+
|
|
|
|
|
+ if (!$isBackend) {
|
|
|
|
|
+ $groupsUid[] = self::GROUP_FE_ALL_UID;
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
|
|
+ // Loop over the accesses of the user to find the matching organization group
|
|
|
if ($userApiData['accesses']) {
|
|
if ($userApiData['accesses']) {
|
|
|
foreach ($userApiData['accesses'] as $accessData) {
|
|
foreach ($userApiData['accesses'] as $accessData) {
|
|
|
$organizationId = $accessData['organizationId'];
|
|
$organizationId = $accessData['organizationId'];
|
|
@@ -352,7 +366,7 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
// get the fe_group for this organization
|
|
// get the fe_group for this organization
|
|
|
$groupUid = $connection->fetchOne(
|
|
$groupUid = $connection->fetchOne(
|
|
|
"select g.uid
|
|
"select g.uid
|
|
|
- from typo3.fe_groups g
|
|
|
|
|
|
|
+ from typo3.$group_table g
|
|
|
inner join (select uid, ot_website_uid from typo3.pages where is_siteroot) p
|
|
inner join (select uid, ot_website_uid from typo3.pages where is_siteroot) p
|
|
|
on g.pid = p.uid
|
|
on g.pid = p.uid
|
|
|
inner join typo3.ot_websites w on p.ot_website_uid = w.uid
|
|
inner join typo3.ot_websites w on p.ot_website_uid = w.uid
|
|
@@ -363,31 +377,34 @@ class OtAuthenticationService extends AbstractAuthenticationService
|
|
|
if ($groupUid) {
|
|
if ($groupUid) {
|
|
|
$groupsUid[] = $groupUid;
|
|
$groupsUid[] = $groupUid;
|
|
|
} else {
|
|
} else {
|
|
|
- OtLogger::warning("Warning: no fe_group found for organization " . $organizationId);
|
|
|
|
|
|
|
+ OtLogger::warning("Warning: no " . ($isBackend ? 'be' : 'fe') . "_group found for organization " . $organizationId);
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
}
|
|
}
|
|
|
- $fe_row['usergroup'] = join(',', $groupsUid);
|
|
|
|
|
|
|
+ $user_row['usergroup'] = join(',', $groupsUid);
|
|
|
|
|
|
|
|
// TODO: log a warning if a user with the same opentalentId exists (the user might have changed of username)
|
|
// TODO: log a warning if a user with the same opentalentId exists (the user might have changed of username)
|
|
|
$q = $connection->select(
|
|
$q = $connection->select(
|
|
|
['uid', 'tx_opentalent_opentalentId'],
|
|
['uid', 'tx_opentalent_opentalentId'],
|
|
|
- 'fe_users',
|
|
|
|
|
|
|
+ $table,
|
|
|
['username' => $userApiData['username']]
|
|
['username' => $userApiData['username']]
|
|
|
);
|
|
);
|
|
|
$row = $q->fetch(3);
|
|
$row = $q->fetch(3);
|
|
|
- $uid = $row[0];
|
|
|
|
|
- $tx_opentalent_opentalentId = $row[1];
|
|
|
|
|
|
|
+ $uid = $row[0] ?? null;
|
|
|
|
|
+ $tx_opentalent_opentalentId = $row[1] ?? null;
|
|
|
|
|
|
|
|
if (!$uid) {
|
|
if (!$uid) {
|
|
|
// No existing user: create
|
|
// No existing user: create
|
|
|
- $connection->insert('fe_users', $fe_row);
|
|
|
|
|
|
|
+ $connection->insert($table, $user_row);
|
|
|
} else {
|
|
} else {
|
|
|
// User exists: update
|
|
// User exists: update
|
|
|
if (!$tx_opentalent_opentalentId > 0) {
|
|
if (!$tx_opentalent_opentalentId > 0) {
|
|
|
- OtLogger::warning('WARNING: FE user ' . $userApiData['username'] . ' has been replaced by an auto-generated version.');
|
|
|
|
|
|
|
+ OtLogger::warning(
|
|
|
|
|
+ 'WARNING: ' . ($isBackend ? 'BE' : 'FE') .' user ' . $userApiData['username'] .
|
|
|
|
|
+ ' has been replaced by an auto-generated version.'
|
|
|
|
|
+ );
|
|
|
}
|
|
}
|
|
|
- $connection->update('fe_users', $fe_row, ['uid' => $uid]);
|
|
|
|
|
|
|
+ $connection->update($table, $user_row, ['uid' => $uid]);
|
|
|
}
|
|
}
|
|
|
|
|
|
|
|
return true;
|
|
return true;
|
Olivier Massot