From 0b052aaebfda86014d5e18936fcc99dffde7bf7f Mon Sep 17 00:00:00 2001
From: Sami Mokaddem <sami.mokaddem@circl.lu>
Date: Tue, 13 Dec 2022 15:44:37 +0100
Subject: [PATCH] fix: [users:view] Gracefully handle the case where user exist
 in cerebrate but not in keycloak

---
 src/Controller/UsersController.php          | 2 +-
 src/Model/Behavior/AuthKeycloakBehavior.php | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Controller/UsersController.php b/src/Controller/UsersController.php
index f2636e6..5bf94f8 100644
--- a/src/Controller/UsersController.php
+++ b/src/Controller/UsersController.php
@@ -160,7 +160,7 @@ class UsersController extends AppController
             'afterFind' => function($data) use ($keycloakUsersParsed) {
                 $data = $this->fetchTable('PermissionLimitations')->attachLimitations($data);
                 if (!empty(Configure::read('keycloak.enabled'))) {
-                    $keycloakUser = $keycloakUsersParsed[$data->username];
+                    $keycloakUser = $keycloakUsersParsed[$data->username] ?? [];
                     $data['keycloak_status'] = array_values($this->Users->checkKeycloakStatus([$data->toArray()], [$keycloakUser]))[0];
                 }
                 return $data;
diff --git a/src/Model/Behavior/AuthKeycloakBehavior.php b/src/Model/Behavior/AuthKeycloakBehavior.php
index 60bebbb..38bd14f 100644
--- a/src/Model/Behavior/AuthKeycloakBehavior.php
+++ b/src/Model/Behavior/AuthKeycloakBehavior.php
@@ -405,7 +405,8 @@ class AuthKeycloakBehavior extends Behavior
         $status = [];
         foreach ($users as $username => $user) {
             $differences = [];
-            $requireUpdate = $this->checkKeycloakUserRequiresUpdate($keycloakUsersParsed[$username], $user, $differences);
+            $keycloakUser = $keycloakUsersParsed[$username] ?? [];
+            $requireUpdate = $this->checkKeycloakUserRequiresUpdate($keycloakUser, $user, $differences);
             $status[$user['id']] = [
                 'require_update' => $requireUpdate,
                 'differences' => $differences,
@@ -416,7 +417,6 @@ class AuthKeycloakBehavior extends Behavior
 
     private function checkKeycloakUserRequiresUpdate(array $keycloakUser, array $user, array &$differences = []): bool
     {
-
         $condEnabled = $keycloakUser['enabled'] == $user['disabled'];
         $condFirstname = mb_strtolower($keycloakUser['firstName']) !== mb_strtolower($user['individual']['first_name']);
         $condLastname = mb_strtolower($keycloakUser['lastName']) !== mb_strtolower($user['individual']['last_name']);