BulkUpdateTask.php

Go to the documentation of this file.

<?php
namespace TYPO3\CMS\Saltedpasswords\Task;

/*
 * This file is part of the TYPO3 CMS project.
 *
 * It is free software; you can redistribute it and/or modify it under
 * the terms of the GNU General Public License, either version 2
 * of the License, or any later version.
 *
 * For the full copyright and license information, please read the
 * LICENSE.txt file that was distributed with this source code.
 *
 * The TYPO3 project - inspiring people to share!
 */

use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Utility\GeneralUtility;

class BulkUpdateTask extends \TYPO3\CMS\Scheduler\Task\AbstractTask
{
    protected $canDeactivateSelf = true;

    protected $numberOfRecords = 250;

    protected $userRecordPointer = [];

    public function __construct()
    {
        parent::__construct();
        $this->userRecordPointer = [
            'FE' => 0,
            'BE' => 0
        ];
    }

    public function execute()
    {
        $processedAllRecords = true;
        // For frontend and backend
        foreach ($this->userRecordPointer as $mode => $pointer) {
            // If saltedpasswords is active for frontend / backend
            if (\TYPO3\CMS\Saltedpasswords\Utility\SaltedPasswordsUtility::isUsageEnabled($mode)) {
                $usersToUpdate = $this->findUsersToUpdate($mode);
                $numberOfRows = count($usersToUpdate);
                if ($numberOfRows > 0) {
                    $processedAllRecords = false;
                    $this->activateSelf();
                    $this->incrementUserRecordPointer($mode, $numberOfRows);
                    $this->convertPasswords($mode, $usersToUpdate);
                }
            }
        }
        if ($processedAllRecords) {
            // Reset the user record pointer
            $this->userRecordPointer = [
                'FE' => 0,
                'BE' => 0
            ];
            // Determine if task should disable itself
            if ($this->canDeactivateSelf) {
                $this->deactivateSelf();
            }
        }
        // Use save() of parent class \TYPO3\CMS\Scheduler\Task\AbstractTask to persist changed task variables
        $this->save();
        return true;
    }

    public function getAdditionalInformation()
    {
        $information = $GLOBALS['LANG']->sL('LLL:EXT:saltedpasswords/Resources/Private/Language/locallang.xlf:ext.saltedpasswords.tasks.bulkupdate.label.additionalinformation.deactivateself') . $this->getCanDeactivateSelf() . '; ' . $GLOBALS['LANG']->sL('LLL:EXT:saltedpasswords/Resources/Private/Language/locallang.xlf:ext.saltedpasswords.tasks.bulkupdate.label.additionalinformation.numberofrecords') . $this->getNumberOfRecords();
        return $information;
    }

    protected function findUsersToUpdate($mode)
    {
        $queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)
            ->getQueryBuilderForTable($this->getTablename($mode));
        $queryBuilder->getRestrictions()->removeAll();

        $usersToUpdate = $queryBuilder
            ->select('uid', 'password')
            ->from($this->getTablename($mode))
            ->orderBy('uid')
            ->setFirstResult($this->userRecordPointer[$mode])
            ->setMaxResults($this->numberOfRecords)
            ->execute()
            ->fetchAll();

        return $usersToUpdate;
    }

    protected function convertPasswords($mode, array $users)
    {
        $updateUsers = [];
        foreach ($users as $user) {
            // If a password is already a salted hash it must not be updated
            if ($this->isSaltedHash($user['password'])) {
                continue;
            }
            $updateUsers[] = $user;
        }
        if (!empty($updateUsers)) {
            $this->updatePasswords($mode, $updateUsers);
        }
    }

    protected function updatePasswords($mode, array $users)
    {
        $saltedpasswordsInstance = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::getSaltingInstance(null, $mode);
        foreach ($users as $user) {
            $newPassword = $saltedpasswordsInstance->getHashedPassword($user['password']);
            // If a given password is a md5 hash (usually default be_users without saltedpasswords activated),
            // result of getHashedPassword() is a salted hashed md5 hash.
            // We prefix those with 'M', saltedpasswords will then update this password
            // to a usual salted hash upon first login of the user.
            if ($this->isMd5Password($user['password'])) {
                $newPassword = 'M' . $newPassword;
            }
            // Persist updated password

            GeneralUtility::makeInstance(ConnectionPool::class)
                ->getConnectionForTable($this->getTablename($mode))
                ->update(
                    $this->getTablename($mode),
                    ['password' => $newPassword],
                    ['uid' => (int)$user['uid']]
                );
        }
    }

    protected function isSaltedHash($password)
    {
        $isSaltedHash = false;
        if (strlen($password) > 2 && (\TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'C$') || \TYPO3\CMS\Core\Utility\GeneralUtility::isFirstPartOfStr($password, 'M$'))) {
            // Cut off M or C and test if we have a salted hash
            $isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod(substr($password, 1));
        }
        // Test if given password is already a usual salted hash
        if (!$isSaltedHash) {
            $isSaltedHash = \TYPO3\CMS\Saltedpasswords\Salt\SaltFactory::determineSaltingHashingMethod($password);
        }
        return $isSaltedHash;
    }

    protected function isMd5Password($password)
    {
        return (bool)preg_match('/[0-9abcdef]{32,32}/i', $password);
    }

    protected function incrementUserRecordPointer($mode, $number)
    {
        $this->userRecordPointer[$mode] += $number;
    }

    protected function activateSelf()
    {
        $this->setDisabled(false);
    }

    protected function deactivateSelf()
    {
        $this->setDisabled(true);
    }

    public function setCanDeactivateSelf($canDeactivateSelf)
    {
        $this->canDeactivateSelf = $canDeactivateSelf;
    }

    public function getCanDeactivateSelf()
    {
        return $this->canDeactivateSelf;
    }

    public function setNumberOfRecords($numberOfRecords)
    {
        $this->numberOfRecords = $numberOfRecords;
    }

    public function getNumberOfRecords()
    {
        return $this->numberOfRecords;
    }

    protected function getTablename(string $mode): string
    {
        $mode = strtolower($mode);
        if ($mode === 'be') {
            return 'be_users';
        }
        if ($mode === 'fe') {
            return 'fe_users';
        }
        throw new \InvalidArgumentException(
            'Invalid mode "' . $mode . '" for salted passwords bulk update',
            1465392861
        );
    }
}