BackendUserController.php

Go to the documentation of this file.

<?php
 
/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */
 
namespace ‪TYPO3\CMS\Beuser\Controller;
 
use ‪TYPO3\CMS\Backend\Authentication\Event\SwitchUserEvent;
use ‪TYPO3\CMS\Backend\Authentication\PasswordReset;
use ‪TYPO3\CMS\Backend\Utility\BackendUtility;
use ‪TYPO3\CMS\Beuser\Domain\Model\BackendUser;
use ‪TYPO3\CMS\Beuser\Domain\Model\Demand;
use ‪TYPO3\CMS\Beuser\Domain\Repository\BackendUserGroupRepository;
use ‪TYPO3\CMS\Beuser\Domain\Repository\BackendUserRepository;
use ‪TYPO3\CMS\Beuser\Domain\Repository\BackendUserSessionRepository;
use ‪TYPO3\CMS\Beuser\Service\ModuleDataStorageService;
use ‪TYPO3\CMS\Beuser\Service\UserInformationService;
use ‪TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use ‪TYPO3\CMS\Core\Context\Context;
use ‪TYPO3\CMS\Core\Messaging\FlashMessage;
use ‪TYPO3\CMS\Core\Session\Backend\HashableSessionBackendInterface;
use ‪TYPO3\CMS\Core\Session\Backend\SessionBackendInterface;
use ‪TYPO3\CMS\Core\Session\SessionManager;
use ‪TYPO3\CMS\Core\Utility\GeneralUtility;
use ‪TYPO3\CMS\Core\Utility\HttpUtility;
use ‪TYPO3\CMS\Extbase\Mvc\Controller\ActionController;
use ‪TYPO3\CMS\Extbase\Mvc\Exception\StopActionException;
use ‪TYPO3\CMS\Extbase\Mvc\RequestInterface;
use ‪TYPO3\CMS\Extbase\Mvc\ResponseInterface;
use ‪TYPO3\CMS\Extbase\Mvc\View\ViewInterface;
use ‪TYPO3\CMS\Extbase\Utility\LocalizationUtility;
 
class ‪BackendUserController extends ‪ActionController
{
    const ‪RECENT_USERS_LIMIT = 3;
 
    protected ‪$moduleData;
 
    protected ‪$moduleDataStorageService;
 
    protected ‪$backendUserRepository;
 
    protected ‪$backendUserGroupRepository;
 
    protected ‪$backendUserSessionRepository;
 
    protected ‪$userInformationService;
 
    public function ‪__construct(
        ‪ModuleDataStorageService ‪$moduleDataStorageService,
        ‪BackendUserRepository ‪$backendUserRepository,
        ‪BackendUserGroupRepository ‪$backendUserGroupRepository,
        ‪BackendUserSessionRepository ‪$backendUserSessionRepository,
        ‪UserInformationService ‪$userInformationService
    ) {
        $this->moduleDataStorageService = ‪$moduleDataStorageService;
        $this->backendUserRepository = ‪$backendUserRepository;
        $this->backendUserGroupRepository = ‪$backendUserGroupRepository;
        $this->backendUserSessionRepository = ‪$backendUserSessionRepository;
        $this->userInformationService = ‪$userInformationService;
    }
 
    public function ‪processRequest(‪RequestInterface ‪$request, ‪ResponseInterface ‪$response)
    {
        $this->moduleData = $this->moduleDataStorageService->loadModuleData();
        // We "finally" persist the module data.
        try {
            parent::processRequest(‪$request, ‪$response);
            $this->moduleDataStorageService->persistModuleData($this->moduleData);
        } catch (StopActionException $e) {
            $this->moduleDataStorageService->persistModuleData($this->moduleData);
            throw $e;
        }
    }
 
    protected function ‪initializeView(‪ViewInterface ‪$view)
    {
        ‪$view->‪assignMultiple([
            'shortcutLabel' => 'backendUsers',
            'dateFormat' => ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['ddmmyy'],
            'timeFormat' => ‪$GLOBALS['TYPO3_CONF_VARS']['SYS']['hhmm'],
        ]);
    }
 
    public function ‪indexAction(Demand $demand = null)
    {
        if ($demand === null) {
            $demand = $this->moduleData->getDemand();
        } else {
            $this->moduleData->setDemand($demand);
        }
        // Switch user until logout
        $switchUser = (int)GeneralUtility::_GP('SwitchUser');
        if ($switchUser > 0) {
            $this->‪switchUser($switchUser);
        }
        $compareUserList = $this->moduleData->getCompareUserList();
 
        $this->view->assignMultiple([
            'onlineBackendUsers' => $this->‪getOnlineBackendUsers(),
            'demand' => $demand,
            'backendUsers' => $this->backendUserRepository->findDemanded($demand),
            'backendUserGroups' => array_merge([''], $this->backendUserGroupRepository->findAll()->toArray()),
            'compareUserUidList' => array_combine($compareUserList, $compareUserList),
            'currentUserUid' => $this->‪getBackendUserAuthentication()->user['uid'],
            'compareUserList' => !empty($compareUserList) ? $this->backendUserRepository->findByUidList($compareUserList) : '',
        ]);
    }
 
    public function ‪onlineAction()
    {
        $onlineUsersAndSessions = [];
        $onlineUsers = $this->backendUserRepository->findOnline();
        foreach ($onlineUsers as $onlineUser) {
            $onlineUsersAndSessions[] = [
                'backendUser' => $onlineUser,
                'sessions' => $this->backendUserSessionRepository->findByBackendUser($onlineUser)
            ];
        }
 
        $currentSessionId = $this->‪getBackendUserAuthentication()->‪getSessionId();
        $sessionBackend = $this->‪getSessionBackend();
        if ($sessionBackend instanceof HashableSessionBackendInterface) {
            $currentSessionId = $sessionBackend->hash($currentSessionId);
        }
        $this->view->assignMultiple([
            'shortcutLabel' => 'onlineUsers',
            'onlineUsersAndSessions' => $onlineUsersAndSessions,
            'currentSessionId' => $currentSessionId,
        ]);
    }
 
    public function ‪showAction(int $uid = 0): void
    {
        $data = $this->userInformationService->getUserInformation($uid);
        $this->view->assignMultiple([
            'shortcutLabel' => 'showUser',
            'data' => $data
        ]);
    }
 
    public function ‪compareAction()
    {
        $compareUserList = $this->moduleData->getCompareUserList();
        if (empty($compareUserList)) {
            $this->‪redirect('index');
        }
 
        $compareData = [];
        foreach ($compareUserList as $uid) {
            if ($compareInformation = $this->userInformationService->getUserInformation($uid)) {
                $compareData[] = $compareInformation;
            }
        }
 
        $this->view->assignMultiple([
            'shortcutLabel' => 'compareUsers',
            'compareUserList' => $compareData,
            'onlineBackendUsers' => $this->‪getOnlineBackendUsers()
        ]);
    }
 
    public function ‪initiatePasswordResetAction(int $user): void
    {
        $context = GeneralUtility::makeInstance(Context::class);
        $user = $this->backendUserRepository->findByUid($user);
        if (!$user || !$user->isPasswordResetEnabled() || !$context->getAspect('backend.user')->isAdmin()) {
            // Add an error message
            $this->‪addFlashMessage(
                ‪LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:flashMessage.resetPassword.error.text', 'beuser') ?? '',
                ‪LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:flashMessage.resetPassword.error.title', 'beuser') ?? '',
                ‪FlashMessage::ERROR
            );
        } else {
            GeneralUtility::makeInstance(PasswordReset::class)->initiateReset(
                ‪$GLOBALS['TYPO3_REQUEST'],
                $context,
                $user->getEmail()
            );
            $this->‪addFlashMessage(
                ‪LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:flashMessage.resetPassword.success.text', 'beuser', [$user->getEmail()]) ?? '',
                ‪LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:flashMessage.resetPassword.success.title', 'beuser') ?? '',
                ‪FlashMessage::OK
            );
        }
        $this->‪forward('index');
    }
 
    public function ‪addToCompareListAction($uid)
    {
        $this->moduleData->attachUidCompareUser($uid);
        $this->moduleDataStorageService->persistModuleData($this->moduleData);
        $this->‪forward('index');
    }
 
    public function ‪removeFromCompareListAction($uid, int $redirectToCompare = 0)
    {
        $this->moduleData->detachUidCompareUser($uid);
        $this->moduleDataStorageService->persistModuleData($this->moduleData);
        if ($redirectToCompare) {
            $this->‪redirect('compare');
        } else {
            $this->‪redirect('index');
        }
    }
 
    public function ‪removeAllFromCompareListAction(): void
    {
        foreach ($this->moduleData->getCompareUserList() as $user) {
            $this->moduleData->detachUidCompareUser($user);
        }
        $this->moduleDataStorageService->persistModuleData($this->moduleData);
        $this->‪redirect('index');
    }
 
    protected function ‪terminateBackendUserSessionAction(BackendUser $backendUser, $sessionId)
    {
        // terminating value of persisted session ID (probably hashed value)
        $sessionBackend = $this->‪getSessionBackend();
        $success = $sessionBackend->remove($sessionId);
 
        if ($success) {
            $this->‪addFlashMessage(‪LocalizationUtility::translate('LLL:EXT:beuser/Resources/Private/Language/locallang.xlf:terminateSessionSuccess', 'beuser') ?? '');
        }
        $this->‪forward('online');
    }
 
    protected function ‪switchUser($switchUser)
    {
        $targetUser = ‪BackendUtility::getRecord('be_users', $switchUser);
        if (is_array($targetUser) && $this->‪getBackendUserAuthentication()->isAdmin()) {
            // Set backend user listing module as starting module for switchback
            $this->‪getBackendUserAuthentication()->uc['startModuleOnFirstLogin'] = 'system_BeuserTxBeuser';
            $this->‪getBackendUserAuthentication()->uc['recentSwitchedToUsers'] = $this->‪generateListOfMostRecentSwitchedUsers($targetUser['uid']);
            $this->‪getBackendUserAuthentication()->‪writeUC();
 
            // User switch   written to log
            $this->‪getBackendUserAuthentication()->‪writelog(
                255,
                2,
                0,
                1,
                'User %s switched to user %s (be_users:%s)',
                [
                    $this->‪getBackendUserAuthentication()->user['username'],
                    $targetUser['username'],
                    $targetUser['uid'],
                ]
            );
 
            $this->‪getSessionBackend()->‪update(
                $this->‪getBackendUserAuthentication()->getSessionId(),
                [
                    'ses_userid' => (int)$targetUser['uid'],
                    'ses_backuserid' => (int)$this->‪getBackendUserAuthentication()->user['uid']
                ]
            );
 
            $event = new ‪SwitchUserEvent(
                $this->‪getBackendUserAuthentication()->getSessionId(),
                $targetUser,
                (array)$this->‪getBackendUserAuthentication()->user
            );
            $this->eventDispatcher->dispatch($event);
 
            $redirectUrl = 'index.php' . (‪$GLOBALS['TYPO3_CONF_VARS']['BE']['interfaces'] ? '' : '?commandLI=1');
            ‪HttpUtility::redirect($redirectUrl);
        }
    }
 
    protected function ‪generateListOfMostRecentSwitchedUsers(int $targetUserUid): array
    {
        $latestUserUids = [];
        $backendUser = $this->‪getBackendUserAuthentication();
 
        if (isset($backendUser->uc['recentSwitchedToUsers']) && is_array($backendUser->uc['recentSwitchedToUsers'])) {
            $latestUserUids = $backendUser->uc['recentSwitchedToUsers'];
        }
 
        // Remove potentially existing user in that list
        $index = array_search($targetUserUid, $latestUserUids, true);
        if ($index !== false) {
            unset($latestUserUids[$index]);
        }
 
        array_unshift($latestUserUids, $targetUserUid);
        $latestUserUids = array_slice($latestUserUids, 0, static::RECENT_USERS_LIMIT);
 
        return $latestUserUids;
    }
 
    protected function ‪getBackendUserAuthentication(): ‪BackendUserAuthentication
    {
        return ‪$GLOBALS['BE_USER'];
    }
 
    protected function ‪getSessionBackend()
    {
        $loginType = $this->‪getBackendUserAuthentication()->‪getLoginType();
        return GeneralUtility::makeInstance(SessionManager::class)->getSessionBackend($loginType);
    }
 
    protected function ‪getOnlineBackendUsers(): array
    {
        $onlineUsers = $this->backendUserSessionRepository->findAllActive();
        $onlineBackendUsers = [];
        if (is_array($onlineUsers)) {
            foreach ($onlineUsers as $onlineUser) {
                $onlineBackendUsers[$onlineUser['ses_userid']] = true;
            }
        }
        return $onlineBackendUsers;
    }
}