Fix broken Upgrade Wizards within Install Tool

An _events_ user will be created and used on demand in order to allow
execution of upgrade wizards within install tool.
This commit is contained in:
Daniel Siepmann 2023-08-09 12:12:17 +02:00
parent 00946af6ad
commit 15a654cb69
Signed by: Daniel Siepmann
GPG key ID: 33D6629915560EF4
9 changed files with 363 additions and 24 deletions

View file

@ -28,8 +28,10 @@ use TYPO3\CMS\Core\Database\Query\QueryBuilder;
use TYPO3\CMS\Core\DataHandling\DataHandler;
use TYPO3\CMS\Core\Log\Logger;
use TYPO3\CMS\Core\Log\LogManager;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Install\Updates\DatabaseUpdatedPrerequisite;
use TYPO3\CMS\Install\Updates\UpgradeWizardInterface;
use Wrm\Events\Updates\UserAuthentication\User;
class MigrateOldLocations implements UpgradeWizardInterface
{
@ -159,6 +161,11 @@ class MigrateOldLocations implements UpgradeWizardInterface
}
$recordUid = 'NEW12121';
$l10nParentUid = $this->uidsForTranslation[$event['l10n_parent'] . '-0'] ?? 0;
if (($GLOBALS['BE_USER'] ?? null) === null) {
$GLOBALS['BE_USER'] = GeneralUtility::makeInstance(User::class);
$GLOBALS['BE_USER']->authenticate();
}
$dataHandler = clone $this->dataHandler;
if ($event['sys_language_uid'] > 0 && $l10nParentUid > 0) {

View file

@ -0,0 +1,142 @@
<?php
declare(strict_types=1);
/*
* Copyright (C) 2023 Daniel Siepmann <coding@daniel-siepmann.de>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
namespace Wrm\Events\Updates\UserAuthentication;
use Psr\Http\Message\ServerRequestInterface;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Utility\GeneralUtility;
/**
* An backend user used by Update Wizards.
*
* That way they can use Data Handler no matter how they are executed, e.g. cli, or install tool.
* That way edits also always have this user assigned.
*
* This was mostly copied from TYPO3 core CommandLineUserAuthentication.
*/
class User extends BackendUserAuthentication
{
/**
* @var string
*/
protected $username = '_events_';
public function __construct()
{
if (!$this->isUserAllowedToLogin()) {
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
}
$this->dontSetCookie = true;
parent::__construct();
}
public function start(ServerRequestInterface $request = null)
{
// do nothing
}
public function checkAuthentication(ServerRequestInterface $request = null)
{
// do nothing
}
public function authenticate()
{
// check if a _events_ user exists, if not, create one
$this->setBeUserByName($this->username);
if (!$this->user['uid']) {
// create a new BE user in the database
if (!$this->checkIfEventUserExists()) {
$this->createEventUser();
} else {
throw new \RuntimeException('No backend user named "_events_" could be authenticated, maybe this user is "hidden"?', 1484050401);
}
$this->setBeUserByName($this->username);
}
if (!$this->user['uid']) {
throw new \RuntimeException('No backend user named "_events_" could be created.', 1476107195);
}
// The groups are fetched and ready for permission checking in this initialization.
$this->fetchGroupData();
$this->backendSetUC();
// activate this functionality for DataHandler
$this->uc['recursiveDelete'] = true;
}
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
{
$this->authenticate();
}
/**
* Determines whether a CLI backend user is allowed to access TYPO3.
* Only when adminOnly is off (=0), and only allowed for admins and CLI users (=2)
*/
public function isUserAllowedToLogin()
{
return in_array((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
}
protected function checkIfEventUserExists(): bool
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
$queryBuilder->getRestrictions()
->removeAll()
->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$count = $queryBuilder
->count('*')
->from('be_users')
->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_events_')))
->execute()
->fetchColumn(0);
return (bool)$count;
}
protected function createEventUser(): void
{
$userFields = [
'username' => $this->username,
'password' => $this->generateHashedPassword(),
'admin' => 1,
'tstamp' => $GLOBALS['EXEC_TIME'],
'crdate' => $GLOBALS['EXEC_TIME'],
];
$databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('be_users');
$databaseConnection->insert('be_users', $userFields);
}
protected function generateHashedPassword(): string
{
$cryptoService = GeneralUtility::makeInstance(Random::class);
$password = $cryptoService->generateRandomBytes(20);
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
return $hashInstance->getHashedPassword($password);
}
}

View file

@ -0,0 +1,142 @@
<?php
declare(strict_types=1);
/*
* Copyright (C) 2023 Daniel Siepmann <coding@daniel-siepmann.de>
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; either version 2
* of the License, or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
* 02110-1301, USA.
*/
namespace Wrm\Events\Updates\UserAuthentication;
use TYPO3\CMS\Core\Authentication\BackendUserAuthentication;
use TYPO3\CMS\Core\Crypto\PasswordHashing\PasswordHashFactory;
use TYPO3\CMS\Core\Crypto\Random;
use TYPO3\CMS\Core\Database\ConnectionPool;
use TYPO3\CMS\Core\Database\Query\Restriction\DeletedRestriction;
use TYPO3\CMS\Core\Utility\GeneralUtility;
use TYPO3\CMS\Core\Utility\VersionNumberUtility;
/**
* An backend user used by Update Wizards.
*
* That way they can use Data Handler no matter how they are executed, e.g. cli, or install tool.
* That way edits also always have this user assigned.
*
* This was mostly copied from TYPO3 core CommandLineUserAuthentication.
*/
class UserV10 extends BackendUserAuthentication
{
/**
* @var string
*/
protected $username = '_events_';
public function __construct()
{
if (!$this->isUserAllowedToLogin()) {
throw new \RuntimeException('Login Error: TYPO3 is in maintenance mode at the moment. Only administrators are allowed access.', 1483971855);
}
$this->dontSetCookie = true;
parent::__construct();
}
public function start()
{
// do nothing
}
public function checkAuthentication()
{
// do nothing
}
public function authenticate()
{
// check if a _events_ user exists, if not, create one
$this->setBeUserByName($this->username);
if (!$this->user['uid']) {
// create a new BE user in the database
if (!$this->checkIfCliUserExists()) {
$this->createCliUser();
} else {
throw new \RuntimeException('No backend user named "_events_" could be authenticated, maybe this user is "hidden"?', 1484050401);
}
$this->setBeUserByName($this->username);
}
if (!$this->user['uid']) {
throw new \RuntimeException('No backend user named "_events_" could be created.', 1476107195);
}
// The groups are fetched and ready for permission checking in this initialization.
$this->fetchGroupData();
$this->backendSetUC();
// activate this functionality for DataHandler
$this->uc['recursiveDelete'] = true;
}
public function backendCheckLogin($proceedIfNoUserIsLoggedIn = false)
{
$this->authenticate();
}
/**
* Determines whether a CLI backend user is allowed to access TYPO3.
* Only when adminOnly is off (=0), and only allowed for admins and CLI users (=2)
*/
protected function isUserAllowedToLogin(): bool
{
return in_array((int)$GLOBALS['TYPO3_CONF_VARS']['BE']['adminOnly'], [0, 2], true);
}
protected function checkIfCliUserExists(): bool
{
$queryBuilder = GeneralUtility::makeInstance(ConnectionPool::class)->getQueryBuilderForTable('be_users');
$queryBuilder->getRestrictions()
->removeAll()
->add(GeneralUtility::makeInstance(DeletedRestriction::class));
$count = $queryBuilder
->count('*')
->from('be_users')
->where($queryBuilder->expr()->eq('username', $queryBuilder->createNamedParameter('_events_')))
->execute()
->fetchColumn(0);
return (bool)$count;
}
protected function createCliUser(): void
{
$userFields = [
'username' => $this->username,
'password' => $this->generateHashedPassword(),
'admin' => 1,
'tstamp' => $GLOBALS['EXEC_TIME'],
'crdate' => $GLOBALS['EXEC_TIME'],
];
$databaseConnection = GeneralUtility::makeInstance(ConnectionPool::class)
->getConnectionForTable('be_users');
$databaseConnection->insert('be_users', $userFields);
}
protected function generateHashedPassword(): string
{
$cryptoService = GeneralUtility::makeInstance(Random::class);
$password = $cryptoService->generateRandomBytes(20);
$hashInstance = GeneralUtility::makeInstance(PasswordHashFactory::class)->getDefaultHashInstance('BE');
return $hashInstance->getHashedPassword($password);
}
}

View file

@ -7,8 +7,11 @@ namespace Wrm\Events;
use Symfony\Component\DependencyInjection\Compiler\CompilerPassInterface;
use Symfony\Component\DependencyInjection\ContainerBuilder;
use Symfony\Component\DependencyInjection\Loader\Configurator\ContainerConfigurator;
use TYPO3\CMS\Core\Utility\VersionNumberUtility;
use Wrm\Events\Service\DestinationDataImportService\Slugger\Registry;
use Wrm\Events\Service\DestinationDataImportService\Slugger\SluggerType;
use Wrm\Events\Updates\UserAuthentication\User;
use Wrm\Events\Updates\UserAuthentication\UserV10;
return static function (ContainerConfigurator $container, ContainerBuilder $containerBuilder) {
$containerBuilder->registerForAutoconfiguration(SluggerType::class)->addTag('tx_events.slugger_type');
@ -21,4 +24,8 @@ return static function (ContainerConfigurator $container, ContainerBuilder $cont
}
}
});
if (version_compare(VersionNumberUtility::getNumericTypo3Version(), '11.0', '<')) {
$container->services()->set(User::class, UserV10::class);
}
};

View file

@ -6,6 +6,7 @@ services:
Wrm\Events\:
resource: '../Classes/*'
exclude: '../Classes/Updates/UserAuthentication*'
Wrm\Events\Command\ImportDestinationDataViaConfigruationCommand:
tags:

View file

@ -0,0 +1,32 @@
3.4.1
=====
Breaking
--------
Nothing
Features
--------
Nothing
Fixes
-----
* Do not break Upgrade Wizards in install tool.
TYPO3 does not provide a BE_USER within install tool.
That will break the Upgrade Wizards as they use DataHandler that relies on an existing backend user.
This was not an issue on command line where _cli_ user will be created and used by TYPO3.
The extension now adds an _events_ user as admin as well when necessary.
Tasks
-----
Nothing
Deprecation
-----------
Nothing

View file

@ -3,9 +3,14 @@ TYPO3 V10
Changes that should happen once we drop TYPO3 v10.
Remove fetching cached page stage from body from tests
------------------------------------------------------
We have different assertions based on TYPO3 version, due to how TYPO3 exposes the info.
We can remove the condition with its content once we drop v10.
Remove UserAuthenticationV10
----------------------------
TYPO3 has different signatures for AbstractUserAuthentication class.
There is an implementation for v10 that can be removed once we drop v10.

View file

@ -9,7 +9,7 @@ $EM_CONF['events'] = [
'state' => 'alpha',
'createDirs' => '',
'clearCacheOnLoad' => 0,
'version' => '3.4.0',
'version' => '3.4.1',
'constraints' => [
'depends' => [
'typo3' => '10.4.00-11.5.99',

View file

@ -5,6 +5,9 @@ parameters:
paths:
- Classes
- Configuration
excludePaths:
analyseAndScan:
- Classes/Updates/UserAuthentication/
checkMissingIterableValueType: false
checkGenericClassInNonGenericObjectType: false
reportUnmatchedIgnoredErrors: false