Work-Related/events
Work-Related/events
1
0
mirror of https://github.com/werkraum-media/events.git synced 2024-11-24 16:56:09 +01:00
Code Issues Activity

Fix broken Upgrade Wizards within Install Tool

Browse source 
An _events_ user will be created and used on demand in order to allow
execution of upgrade wizards within install tool.
This commit is contained in:
Daniel Siepmann 2023-08-09 12:12:17 +02:00
parent 00946af6ad
commit 15a654cb69
Signed by: Daniel Siepmann
GPG key ID: 33D6629915560EF4
9 changed files with 363 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
Classes/Updates/MigrateOldLocations.php
View file

@ -28,8 +28,10 @@ use TYPO3\CMS\Core\Database\Query\QueryBuilder;
use TYPO3\CMS\Core\DataHandling\DataHandler; use TYPO3\CMS\Core\DataHandling\DataHandler;
use TYPO3\CMS\Core\Log\Logger; use TYPO3\CMS\Core\Log\Logger;
use TYPO3\CMS\Core\Log\LogManager; use TYPO3\CMS\Core\Log\LogManager;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Install\Updates\DatabaseUpdatedPrerequisite; use TYPO3\CMS\Install\Updates\DatabaseUpdatedPrerequisite;
use TYPO3\CMS\Install\Updates\UpgradeWizardInterface; use TYPO3\CMS\Install\Updates\UpgradeWizardInterface;
use Wrm\Events\Updates\UserAuthentication\User;
class MigrateOldLocations implements UpgradeWizardInterface class MigrateOldLocations implements UpgradeWizardInterface
{ {
@ -159,6 +161,11 @@ class MigrateOldLocations implements UpgradeWizardInterface
} }
$recordUid = 'NEW12121'; $recordUid = 'NEW12121';
$l10nParentUid = $this->uidsForTranslation[$event['l10n_parent'] . '-0'] ?? 0; $l10nParentUid = $this->uidsForTranslation[$event['l10n_parent'] . '-0'] ?? 0;
if (($GLOBALS['BE_USER'] ?? null) === null) {
$GLOBALS['BE_USER'] = GeneralUtility::makeInstance(User::class);
$GLOBALS['BE_USER']->authenticate();
}
$dataHandler = clone $this->dataHandler; $dataHandler = clone $this->dataHandler;
if ($event['sys_language_uid'] > 0 && $l10nParentUid > 0) { if ($event['sys_language_uid'] > 0 && $l10nParentUid > 0) {

142
Classes/Updates/UserAuthentication/User.php Normal file
View file

@ -0,0 +1,142 @@
<?php
declare(strict_types=1);
/*
* Copyright (C) 2023 Daniel Siepmann <coding@daniel-siepmann.de>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
namespace Wrm\Events\Updates\UserAuthentication;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* An backend user used by Update Wizards.
*
* That way they can use Data Handler no matter how they are executed, e.g. cli, or install tool.
* That way edits also always have this user assigned.
*
* This was mostly copied from TYPO3 core CommandLineUserAuthentication.
*/
class User extends BackendUserAuthentication
{
/**
* @var string
*/
protected $username = '_events_';
public function __construct()
{
if (!$this->isUserAllowedToLogin()) {
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
}
$this->dontSetCookie = true;
parent::__construct();
}
public function start(ServerRequestInterface $request = null)
{
// do nothing
}
public function checkAuthentication(ServerRequestInterface $request = null)
{
// do nothing
}
public function authenticate()
{
// check if a _events_ user exists, if not, create one
$this->setBeUserByName($this->username);
if (!$this->user['uid']) {
// create a new BE user in the database
if (!$this->checkIfEventUserExists()) {
$this->createEventUser();
} else {
throw new \RuntimeException('No backend user named "_events_" could be authenticated, maybe this user is "hidden"?', 1484050401);
}
$this->setBeUserByName($this->username);
}
if (!$this->user['uid']) {
throw new \RuntimeException('No backend user named "_events_" could be created.', 1476107195);
}
// The groups are fetched and ready for permission checking in this initialization.
$this->fetchGroupData();
$this->backendSetUC();
// activate this functionality for DataHandler
$this->uc['recursiveDelete'] = true;
}
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
{
$this->authenticate();
}
/**
* Determines whether a CLI backend user is allowed to access TYPO3.
* Only when adminOnly is off (=0), and only allowed for admins and CLI users (=2)
*/
public function isUserAllowedToLogin()
{
return in_array((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
}
protected function checkIfEventUserExists(): bool
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
$queryBuilder->getRestrictions()
->removeAll()
->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$count = $queryBuilder
->count('*')
->from('be_users')
->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_events_')))
->execute()
->fetchColumn(0);
return (bool)$count;
}
protected function createEventUser(): void
{
$userFields = [
'username' => $this->username,
'password' => $this->generateHashedPassword(),
'admin' => 1,
'tstamp' => $GLOBALS['EXEC_TIME'],
'crdate' => $GLOBALS['EXEC_TIME'],
];
$databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('be_users');
$databaseConnection->insert('be_users', $userFields);
}
protected function generateHashedPassword(): string
{
$cryptoService = GeneralUtility::makeInstance(Random::class);
$password = $cryptoService->generateRandomBytes(20);
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
return $hashInstance->getHashedPassword($password);
}
}

142
Classes/Updates/UserAuthentication/UserV10.php Normal file
View file

@ -0,0 +1,142 @@
<?php
declare(strict_types=1);
/*
* Copyright (C) 2023 Daniel Siepmann <coding@daniel-siepmann.de>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
namespace Wrm\Events\Updates\UserAuthentication;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\VersionNumberUtility;
/**
* An backend user used by Update Wizards.
*
* That way they can use Data Handler no matter how they are executed, e.g. cli, or install tool.
* That way edits also always have this user assigned.
*
* This was mostly copied from TYPO3 core CommandLineUserAuthentication.
*/
class UserV10 extends BackendUserAuthentication
{
/**
* @var string
*/
protected $username = '_events_';
public function __construct()
{
if (!$this->isUserAllowedToLogin()) {
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
}
$this->dontSetCookie = true;
parent::__construct();
}
public function start()
{
// do nothing
}
public function checkAuthentication()
{
// do nothing
}
public function authenticate()
{
// check if a _events_ user exists, if not, create one
$this->setBeUserByName($this->username);
if (!$this->user['uid']) {
// create a new BE user in the database
if (!$this->checkIfCliUserExists()) {
$this->createCliUser();
} else {
throw new \RuntimeException('No backend user named "_events_" could be authenticated, maybe this user is "hidden"?', 1484050401);
}
$this->setBeUserByName($this->username);
}
if (!$this->user['uid']) {
throw new \RuntimeException('No backend user named "_events_" could be created.', 1476107195);
}
// The groups are fetched and ready for permission checking in this initialization.
$this->fetchGroupData();
$this->backendSetUC();
// activate this functionality for DataHandler
$this->uc['recursiveDelete'] = true;
}
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
{
$this->authenticate();
}
/**
* Determines whether a CLI backend user is allowed to access TYPO3.
* Only when adminOnly is off (=0), and only allowed for admins and CLI users (=2)
*/
protected function isUserAllowedToLogin(): bool
{
return in_array((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
}
protected function checkIfCliUserExists(): bool
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
$queryBuilder->getRestrictions()
->removeAll()
->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$count = $queryBuilder
->count('*')
->from('be_users')
->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_events_')))
->execute()
->fetchColumn(0);
return (bool)$count;
}
protected function createCliUser(): void
{
$userFields = [
'username' => $this->username,
'password' => $this->generateHashedPassword(),
'admin' => 1,
'tstamp' => $GLOBALS['EXEC_TIME'],
'crdate' => $GLOBALS['EXEC_TIME'],
];
$databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('be_users');
$databaseConnection->insert('be_users', $userFields);
}
protected function generateHashedPassword(): string
{
$cryptoService = GeneralUtility::makeInstance(Random::class);
$password = $cryptoService->generateRandomBytes(20);
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
return $hashInstance->getHashedPassword($password);
}
}

7
Configuration/Services.php
View file

@ -7,8 +7,11 @@ namespace Wrm\Events;
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface; use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
use Symfony\Component\DependencyInjection\ContainerBuilder; use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator; use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
use TYPO3\CMS\Core\Utility\VersionNumberUtility;
use Wrm\Events\Service\DestinationDataImportService\Slugger\Registry; use Wrm\Events\Service\DestinationDataImportService\Slugger\Registry;
use Wrm\Events\Service\DestinationDataImportService\Slugger\SluggerType; use Wrm\Events\Service\DestinationDataImportService\Slugger\SluggerType;
use Wrm\Events\Updates\UserAuthentication\User;
use Wrm\Events\Updates\UserAuthentication\UserV10;
return static function (ContainerConfigurator $container, ContainerBuilder $containerBuilder) { return static function (ContainerConfigurator $container, ContainerBuilder $containerBuilder) {
$containerBuilder->registerForAutoconfiguration(SluggerType::class)->addTag('tx_events.slugger_type'); $containerBuilder->registerForAutoconfiguration(SluggerType::class)->addTag('tx_events.slugger_type');
@ -21,4 +24,8 @@ return static function (ContainerConfigurator $container, ContainerBuilder $cont
} }
} }
}); });
if (version_compare(VersionNumberUtility::getNumericTypo3Version(), '11.0', '<')) {
$container->services()->set(User::class, UserV10::class);
}
}; };

1
Configuration/Services.yaml
View file

@ -6,6 +6,7 @@ services:
Wrm\Events\: Wrm\Events\:
resource: '../Classes/*' resource: '../Classes/*'
exclude: '../Classes/Updates/UserAuthentication*'
Wrm\Events\Command\ImportDestinationDataViaConfigruationCommand: Wrm\Events\Command\ImportDestinationDataViaConfigruationCommand:
tags: tags:

32
Documentation/Changelog/3.4.1.rst Normal file
View file

@ -0,0 +1,32 @@
3.4.1
=====
Breaking
--------
Nothing
Features
--------
Nothing
Fixes
-----
* Do not break Upgrade Wizards in install tool.
TYPO3 does not provide a BE_USER within install tool.
That will break the Upgrade Wizards as they use DataHandler that relies on an existing backend user.
This was not an issue on command line where _cli_ user will be created and used by TYPO3.
The extension now adds an _events_ user as admin as well when necessary.
Tasks
-----
Nothing
Deprecation
-----------
Nothing

7
Documentation/Maintenance/TYPO3/V10.rst
View file

@ -3,9 +3,14 @@ TYPO3 V10
Changes that should happen once we drop TYPO3 v10. Changes that should happen once we drop TYPO3 v10.
Remove fetching cached page stage from body from tests Remove fetching cached page stage from body from tests
------------------------------------------------------ ------------------------------------------------------
We have different assertions based on TYPO3 version, due to how TYPO3 exposes the info. We have different assertions based on TYPO3 version, due to how TYPO3 exposes the info.
We can remove the condition with its content once we drop v10. We can remove the condition with its content once we drop v10.
Remove UserAuthenticationV10
----------------------------
TYPO3 has different signatures for AbstractUserAuthentication class.
There is an implementation for v10 that can be removed once we drop v10.

2
ext_emconf.php
View file

@ -9,7 +9,7 @@ $EM_CONF['events'] = [
'state' => 'alpha', 'state' => 'alpha',
'createDirs' => '', 'createDirs' => '',
'clearCacheOnLoad' => 0, 'clearCacheOnLoad' => 0,
'version' => '3.4.0', 'version' => '3.4.1',
'constraints' => [ 'constraints' => [
'depends' => [ 'depends' => [
'typo3' => '10.4.00-11.5.99', 'typo3' => '10.4.00-11.5.99',

47
phpstan.neon
View file

@ -1,25 +1,28 @@
includes: includes:
- phpstan-baseline.neon - phpstan-baseline.neon
parameters: parameters:
level: max level: max
paths: paths:
- Classes - Classes
- Configuration - Configuration
checkMissingIterableValueType: false excludePaths:
checkGenericClassInNonGenericObjectType: false analyseAndScan:
reportUnmatchedIgnoredErrors: false - Classes/Updates/UserAuthentication/
ignoreErrors: checkMissingIterableValueType: false
- "#^Call to an undefined method Doctrine\\\\DBAL\\\\Result\\:\\:fetch\\(\\)\\.$#" checkGenericClassInNonGenericObjectType: false
- "#^Cannot call method fetchAll\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" reportUnmatchedIgnoredErrors: false
- "#^Cannot call method fetchAll\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" ignoreErrors:
- "#^Cannot call method fetchAllAssociative\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" - "#^Call to an undefined method Doctrine\\\\DBAL\\\\Result\\:\\:fetch\\(\\)\\.$#"
- "#^Cannot call method fetchAllAssociative\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" - "#^Cannot call method fetchAll\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Cannot call method fetchColumn\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" - "#^Cannot call method fetchAll\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Cannot call method fetchColumn\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" - "#^Cannot call method fetchAllAssociative\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Cannot call method fetchFirstColumn\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" - "#^Cannot call method fetchAllAssociative\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Cannot call method fetchFirstColumn\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" - "#^Cannot call method fetchColumn\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Cannot call method fetch\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" - "#^Cannot call method fetchColumn\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Cannot call method fetch\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" - "#^Cannot call method fetchFirstColumn\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Cannot call method fetchOne\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#" - "#^Cannot call method fetchFirstColumn\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Cannot call method fetchOne\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#" - "#^Cannot call method fetch\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Parameter \\#1 \\.\\.\\.\\$predicates of method TYPO3\\\\CMS\\\\Core\\\\Database\\\\Query\\\\QueryBuilder\\:\\:where\\(\\) expects array\\<int, mixed\\>\\|Doctrine\\\\DBAL\\\\Query\\\\Expression\\\\CompositeExpression, string given\\.$#" - "#^Cannot call method fetch\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Cannot call method fetchOne\\(\\) on Doctrine\\\\DBAL\\\\Driver\\\\ResultStatement\\|int\\.$#"
- "#^Cannot call method fetchOne\\(\\) on Doctrine\\\\DBAL\\\\Result\\|int\\.$#"
- "#^Parameter \\#1 \\.\\.\\.\\$predicates of method TYPO3\\\\CMS\\\\Core\\\\Database\\\\Query\\\\QueryBuilder\\:\\:where\\(\\) expects array\\<int, mixed\\>\\|Doctrine\\\\DBAL\\\\Query\\\\Expression\\\\CompositeExpression, string given\\.$#"