Merge branch 'main' of github.com:cerebrate-project/cerebrate into develop
commit
85fd938320
|
@ -136,6 +136,7 @@ class UsersController extends AppController
|
|||
if (!empty($responsePayload)) {
|
||||
return $responsePayload;
|
||||
}
|
||||
$this->set('keycloakConfig', Configure::read('keycloak'));
|
||||
$this->set('metaGroup', $this->isAdmin ? 'Administration' : 'Cerebrate');
|
||||
}
|
||||
|
||||
|
|
|
@ -66,9 +66,10 @@ class AuthKeycloakBehavior extends Behavior
|
|||
'name' => $profile_payload[$fields['role_name']],
|
||||
]
|
||||
];
|
||||
$user['user']['individual_id'] = $this->_table->captureIndividual($user);
|
||||
$user['user']['role_id'] = $this->_table->captureRole($user);
|
||||
//$user['user']['individual_id'] = $this->_table->captureIndividual($user);
|
||||
//$user['user']['role_id'] = $this->_table->captureRole($user);
|
||||
$existingUser = $this->_table->find()->where(['username' => $user['user']['username']])->first();
|
||||
/*
|
||||
if (empty($existingUser)) {
|
||||
$user['user']['password'] = Security::randomString(16);
|
||||
$existingUser = $this->_table->newEntity($user['user']);
|
||||
|
@ -92,6 +93,7 @@ class AuthKeycloakBehavior extends Behavior
|
|||
}
|
||||
}
|
||||
}
|
||||
*/
|
||||
return $existingUser;
|
||||
}
|
||||
|
||||
|
@ -150,15 +152,12 @@ class AuthKeycloakBehavior extends Behavior
|
|||
foreach ($roles as $role) {
|
||||
$rolesParsed[$role['name']] = $role['id'];
|
||||
}
|
||||
$this->createUser($user, $clientId, $rolesParsed);
|
||||
$logChange = [
|
||||
'username' => $user['username'],
|
||||
'individual_id' => $user['individual']['id'],
|
||||
'role_id' => $user['role']['id']
|
||||
];
|
||||
if (!$response->isOk()) {
|
||||
$logChange['code'] = $response->getStatusCode();
|
||||
$logChange['error_body'] = $response->getStringBody();
|
||||
if ($this->createUser($user, $clientId, $rolesParsed)) {
|
||||
$logChange = [
|
||||
'username' => $user['username'],
|
||||
'individual_id' => $user['individual']['id'],
|
||||
'role_id' => $user['role']['id']
|
||||
];
|
||||
$this->_table->auditLogs()->insert([
|
||||
'request_action' => 'enrollUser',
|
||||
'model' => 'User',
|
||||
|
@ -167,6 +166,11 @@ class AuthKeycloakBehavior extends Behavior
|
|||
'changed' => $logChange
|
||||
]);
|
||||
} else {
|
||||
$logChange = [
|
||||
'username' => $user['username'],
|
||||
'individual_id' => $user['individual']['id'],
|
||||
'role_id' => $user['role']['id']
|
||||
];
|
||||
$this->_table->auditLogs()->insert([
|
||||
'request_action' => 'enrollUser',
|
||||
'model' => 'User',
|
||||
|
@ -406,10 +410,14 @@ class AuthKeycloakBehavior extends Behavior
|
|||
]);
|
||||
}
|
||||
$newUser = $this->restApiRequest('%s/admin/realms/%s/users?username=' . urlencode($user['username']), [], 'get');
|
||||
$user['id'] = json_decode($newUser->getStringBody(), true);
|
||||
if (empty($user['id'])) {
|
||||
$users = json_decode($newUser->getStringBody(), true);
|
||||
if (empty($users[0]['id'])) {
|
||||
return false;
|
||||
}
|
||||
if (is_array($users[0]['id'])) {
|
||||
$users[0]['id'] = $users[0]['id'][0];
|
||||
}
|
||||
$user['id'] = $users[0]['id'];
|
||||
$this->assignRolesToUser($user, $rolesParsed, $clientId);
|
||||
return true;
|
||||
}
|
||||
|
|
|
@ -58,7 +58,12 @@ class AuditLogsTable extends AppTable
|
|||
$data['request_ip'] = '127.0.0.1';
|
||||
}
|
||||
}
|
||||
foreach (['user_id', 'request_type', 'authkey_id'] as $field) {
|
||||
$defaults = [
|
||||
'user_id' => 0,
|
||||
'request_type' => self::REQUEST_TYPE_CLI,
|
||||
'authkey_id' => 0
|
||||
];
|
||||
foreach (array_keys($defaults) as $field) {
|
||||
if (!isset($data[$field])) {
|
||||
if (!isset($userInfo)) {
|
||||
$userInfo = $this->userInfo();
|
||||
|
@ -92,6 +97,22 @@ class AuditLogsTable extends AppTable
|
|||
}
|
||||
$data['changed'] = $changed;
|
||||
}
|
||||
foreach ($defaults as $field => $default_value) {
|
||||
if (!isset($data[$field])) {
|
||||
$data[$field] = $default_value;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public function afterMarshal(
|
||||
EventInterface $event,
|
||||
EntityInterface $entity,
|
||||
ArrayObject $data,
|
||||
ArrayObject $options
|
||||
) {
|
||||
if ($entity->request_type === null) {
|
||||
$entity->request_type = self::REQUEST_TYPE_CLI;
|
||||
}
|
||||
}
|
||||
|
||||
public function beforeSave(EventInterface $event, EntityInterface $entity, ArrayObject $options)
|
||||
|
@ -157,7 +178,7 @@ class AuditLogsTable extends AppTable
|
|||
if ($this->user !== null) {
|
||||
return $this->user;
|
||||
}
|
||||
|
||||
|
||||
$this->user = ['id' => 0, /*'org_id' => 0, */'authkey_id' => 0, 'request_type' => self::REQUEST_TYPE_DEFAULT, 'name' => ''];
|
||||
|
||||
$isShell = (php_sapi_name() === 'cli');
|
||||
|
|
|
@ -1,57 +1,68 @@
|
|||
<?php
|
||||
$kcurl = $keycloakConfig['provider']['baseUrl'] . '/realms/' . $keycloakConfig['provider']['realm'] . '/account/#/security/signingin';
|
||||
$fields = [
|
||||
[
|
||||
'key' => __('ID'),
|
||||
'path' => 'id'
|
||||
],
|
||||
[
|
||||
'key' => __('UUID'),
|
||||
'path' => 'uuid'
|
||||
],
|
||||
[
|
||||
'key' => __('Username'),
|
||||
'path' => 'username'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Email'),
|
||||
'path' => 'individual.email',
|
||||
'url' => '/individuals/view/{{0}}',
|
||||
'url_vars' => 'individual_id'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Organisation'),
|
||||
'path' => 'organisation.name',
|
||||
'url' => '/organisations/view/{{0}}',
|
||||
'url_vars' => 'organisation.id'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Role'),
|
||||
'path' => 'role.name',
|
||||
'url' => '/roles/view/{{0}}',
|
||||
'url_vars' => 'role.id'
|
||||
],
|
||||
[
|
||||
'key' => __('First name'),
|
||||
'path' => 'individual.first_name'
|
||||
],
|
||||
[
|
||||
'key' => __('Last name'),
|
||||
'path' => 'individual.last_name'
|
||||
],
|
||||
[
|
||||
'key' => __('Alignments'),
|
||||
'type' => 'alignment',
|
||||
'path' => 'individual',
|
||||
'scope' => 'individuals'
|
||||
]
|
||||
];
|
||||
if ($keycloakConfig['enabled'] && $loggedUser['id'] == $entity['id']) {
|
||||
$fields[] = [
|
||||
'type' => 'generic',
|
||||
'key' => __('Modify keycloak profile'),
|
||||
'path' => 'username',
|
||||
'url' => $kcurl,
|
||||
'requirements' => false
|
||||
];
|
||||
}
|
||||
echo $this->element(
|
||||
'/genericElements/SingleViews/single_view',
|
||||
[
|
||||
'data' => $entity,
|
||||
'fields' => [
|
||||
[
|
||||
'key' => __('ID'),
|
||||
'path' => 'id'
|
||||
],
|
||||
[
|
||||
'key' => __('UUID'),
|
||||
'path' => 'uuid'
|
||||
],
|
||||
[
|
||||
'key' => __('Username'),
|
||||
'path' => 'username'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Email'),
|
||||
'path' => 'individual.email',
|
||||
'url' => '/individuals/view/{{0}}',
|
||||
'url_vars' => 'individual_id'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Organisation'),
|
||||
'path' => 'organisation.name',
|
||||
'url' => '/organisations/view/{{0}}',
|
||||
'url_vars' => 'organisation.id'
|
||||
],
|
||||
[
|
||||
'type' => 'generic',
|
||||
'key' => __('Role'),
|
||||
'path' => 'role.name',
|
||||
'url' => '/roles/view/{{0}}',
|
||||
'url_vars' => 'role.id'
|
||||
],
|
||||
[
|
||||
'key' => __('First name'),
|
||||
'path' => 'individual.first_name'
|
||||
],
|
||||
[
|
||||
'key' => __('Last name'),
|
||||
'path' => 'individual.last_name'
|
||||
],
|
||||
[
|
||||
'key' => __('Alignments'),
|
||||
'type' => 'alignment',
|
||||
'path' => 'individual',
|
||||
'scope' => 'individuals'
|
||||
]
|
||||
],
|
||||
'fields' => $fields,
|
||||
'children' => [
|
||||
[
|
||||
'url' => '/AuthKeys/index?Users.id={{0}}',
|
||||
|
|
|
@ -15,6 +15,9 @@ if (!empty($field['url'])) {
|
|||
$field['url'] = str_replace('{{' . $k . '}}', $this->Hash->extract($data, $path)[0], $field['url']);
|
||||
}
|
||||
}
|
||||
if (substr($field['url'], 0, 4) === 'http') {
|
||||
$baseurl = '';
|
||||
}
|
||||
$string = sprintf(
|
||||
'<a href="%s%s">%s</a>',
|
||||
$baseurl,
|
||||
|
|
Loading…
Reference in New Issue