Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop

cli-modification-summary
Sami Mokaddem 2022-06-08 10:40:54 +02:00
commit 85fd938320
No known key found for this signature in database
GPG Key ID: 164C473F627A06FA
5 changed files with 108 additions and 64 deletions

View File

@ -136,6 +136,7 @@ class UsersController extends AppController
if (!empty($responsePayload)) {
return $responsePayload;
}
$this->set('keycloakConfig', Configure::read('keycloak'));
$this->set('metaGroup', $this->isAdmin ? 'Administration' : 'Cerebrate');
}

View File

@ -66,9 +66,10 @@ class AuthKeycloakBehavior extends Behavior
'name' => $profile_payload[$fields['role_name']],
]
];
$user['user']['individual_id'] = $this->_table->captureIndividual($user);
$user['user']['role_id'] = $this->_table->captureRole($user);
//$user['user']['individual_id'] = $this->_table->captureIndividual($user);
//$user['user']['role_id'] = $this->_table->captureRole($user);
$existingUser = $this->_table->find()->where(['username' => $user['user']['username']])->first();
/*
if (empty($existingUser)) {
$user['user']['password'] = Security::randomString(16);
$existingUser = $this->_table->newEntity($user['user']);
@ -92,6 +93,7 @@ class AuthKeycloakBehavior extends Behavior
}
}
}
*/
return $existingUser;
}
@ -150,15 +152,12 @@ class AuthKeycloakBehavior extends Behavior
foreach ($roles as $role) {
$rolesParsed[$role['name']] = $role['id'];
}
$this->createUser($user, $clientId, $rolesParsed);
$logChange = [
'username' => $user['username'],
'individual_id' => $user['individual']['id'],
'role_id' => $user['role']['id']
];
if (!$response->isOk()) {
$logChange['code'] = $response->getStatusCode();
$logChange['error_body'] = $response->getStringBody();
if ($this->createUser($user, $clientId, $rolesParsed)) {
$logChange = [
'username' => $user['username'],
'individual_id' => $user['individual']['id'],
'role_id' => $user['role']['id']
];
$this->_table->auditLogs()->insert([
'request_action' => 'enrollUser',
'model' => 'User',
@ -167,6 +166,11 @@ class AuthKeycloakBehavior extends Behavior
'changed' => $logChange
]);
} else {
$logChange = [
'username' => $user['username'],
'individual_id' => $user['individual']['id'],
'role_id' => $user['role']['id']
];
$this->_table->auditLogs()->insert([
'request_action' => 'enrollUser',
'model' => 'User',
@ -406,10 +410,14 @@ class AuthKeycloakBehavior extends Behavior
]);
}
$newUser = $this->restApiRequest('%s/admin/realms/%s/users?username=' . urlencode($user['username']), [], 'get');
$user['id'] = json_decode($newUser->getStringBody(), true);
if (empty($user['id'])) {
$users = json_decode($newUser->getStringBody(), true);
if (empty($users[0]['id'])) {
return false;
}
if (is_array($users[0]['id'])) {
$users[0]['id'] = $users[0]['id'][0];
}
$user['id'] = $users[0]['id'];
$this->assignRolesToUser($user, $rolesParsed, $clientId);
return true;
}

View File

@ -58,7 +58,12 @@ class AuditLogsTable extends AppTable
$data['request_ip'] = '127.0.0.1';
}
}
foreach (['user_id', 'request_type', 'authkey_id'] as $field) {
$defaults = [
'user_id' => 0,
'request_type' => self::REQUEST_TYPE_CLI,
'authkey_id' => 0
];
foreach (array_keys($defaults) as $field) {
if (!isset($data[$field])) {
if (!isset($userInfo)) {
$userInfo = $this->userInfo();
@ -92,6 +97,22 @@ class AuditLogsTable extends AppTable
}
$data['changed'] = $changed;
}
foreach ($defaults as $field => $default_value) {
if (!isset($data[$field])) {
$data[$field] = $default_value;
}
}
}
public function afterMarshal(
EventInterface $event,
EntityInterface $entity,
ArrayObject $data,
ArrayObject $options
) {
if ($entity->request_type === null) {
$entity->request_type = self::REQUEST_TYPE_CLI;
}
}
public function beforeSave(EventInterface $event, EntityInterface $entity, ArrayObject $options)
@ -157,7 +178,7 @@ class AuditLogsTable extends AppTable
if ($this->user !== null) {
return $this->user;
}
$this->user = ['id' => 0, /*'org_id' => 0, */'authkey_id' => 0, 'request_type' => self::REQUEST_TYPE_DEFAULT, 'name' => ''];
$isShell = (php_sapi_name() === 'cli');

View File

@ -1,57 +1,68 @@
<?php
$kcurl = $keycloakConfig['provider']['baseUrl'] . '/realms/' . $keycloakConfig['provider']['realm'] . '/account/#/security/signingin';
$fields = [
[
'key' => __('ID'),
'path' => 'id'
],
[
'key' => __('UUID'),
'path' => 'uuid'
],
[
'key' => __('Username'),
'path' => 'username'
],
[
'type' => 'generic',
'key' => __('Email'),
'path' => 'individual.email',
'url' => '/individuals/view/{{0}}',
'url_vars' => 'individual_id'
],
[
'type' => 'generic',
'key' => __('Organisation'),
'path' => 'organisation.name',
'url' => '/organisations/view/{{0}}',
'url_vars' => 'organisation.id'
],
[
'type' => 'generic',
'key' => __('Role'),
'path' => 'role.name',
'url' => '/roles/view/{{0}}',
'url_vars' => 'role.id'
],
[
'key' => __('First name'),
'path' => 'individual.first_name'
],
[
'key' => __('Last name'),
'path' => 'individual.last_name'
],
[
'key' => __('Alignments'),
'type' => 'alignment',
'path' => 'individual',
'scope' => 'individuals'
]
];
if ($keycloakConfig['enabled'] && $loggedUser['id'] == $entity['id']) {
$fields[] = [
'type' => 'generic',
'key' => __('Modify keycloak profile'),
'path' => 'username',
'url' => $kcurl,
'requirements' => false
];
}
echo $this->element(
'/genericElements/SingleViews/single_view',
[
'data' => $entity,
'fields' => [
[
'key' => __('ID'),
'path' => 'id'
],
[
'key' => __('UUID'),
'path' => 'uuid'
],
[
'key' => __('Username'),
'path' => 'username'
],
[
'type' => 'generic',
'key' => __('Email'),
'path' => 'individual.email',
'url' => '/individuals/view/{{0}}',
'url_vars' => 'individual_id'
],
[
'type' => 'generic',
'key' => __('Organisation'),
'path' => 'organisation.name',
'url' => '/organisations/view/{{0}}',
'url_vars' => 'organisation.id'
],
[
'type' => 'generic',
'key' => __('Role'),
'path' => 'role.name',
'url' => '/roles/view/{{0}}',
'url_vars' => 'role.id'
],
[
'key' => __('First name'),
'path' => 'individual.first_name'
],
[
'key' => __('Last name'),
'path' => 'individual.last_name'
],
[
'key' => __('Alignments'),
'type' => 'alignment',
'path' => 'individual',
'scope' => 'individuals'
]
],
'fields' => $fields,
'children' => [
[
'url' => '/AuthKeys/index?Users.id={{0}}',

View File

@ -15,6 +15,9 @@ if (!empty($field['url'])) {
$field['url'] = str_replace('{{' . $k . '}}', $this->Hash->extract($data, $path)[0], $field['url']);
}
}
if (substr($field['url'], 0, 4) === 'http') {
$baseurl = '';
}
$string = sprintf(
'<a href="%s%s">%s</a>',
$baseurl,