Code Coverage
 
Lines
Functions and Methods
Classes and Traits
Total
98.15%
53 / 54
50.00%
1 / 2
 CRAP
0.00%
0 / 1
UseraccountEdit
98.15%
53 / 54
50.00%
1 / 2
 12
0.00%
0 / 1
 readResponse
97.87%
46 / 47
0.00%
0 / 1
 11
 writeUpdatedEntity
100.00%
7 / 7
100.00%
1 / 1
 1
1<?php
2
3/**
4 *
5 * @package Zmsadmin
6 * @copyright BerlinOnline Stadtportal GmbH & Co. KG
7 *
8 */
9
10namespace BO\Zmsadmin;
11
12use BO\Zmsentities\Collection\RoleList;
13use BO\Zmsentities\Exception\UserAccountMissingRights;
14use BO\Zmsentities\Schema\Loader;
15use BO\Zmsentities\Useraccount as Entity;
16use BO\Mellon\Validator;
17use BO\Zmsclient\Auth;
18
19class UseraccountEdit extends BaseController
20{
21    /**
22     *
23     * @return \Psr\Http\Message\ResponseInterface
24     */
25    #[\Override]
26    public function readResponse(
27        \Psr\Http\Message\RequestInterface $request,
28        \Psr\Http\Message\ResponseInterface $response,
29        array $args
30    ): \Psr\Http\Message\ResponseInterface {
31        $workstation = \App::$http->readGetResult('/workstation/', ['resolveReferences' => 1])->getEntity();
32        if (! $workstation->getUseraccount()->hasPermissions(['useraccount'])) {
33            throw new UserAccountMissingRights();
34        }
35
36        $userAccountName = Validator::value($args['loginname'])->isString()->getValue();
37        $confirmSuccess = $request->getAttribute('validator')->getParameter('success')->isString()->getValue();
38        $userAccount = \App::$http->readGetResult('/useraccount/' . $userAccountName . '/')->getEntity();
39        $ownerList = \App::$http->readGetResult('/owner/', ['resolveReferences' => 2])->getCollection();
40
41        if ($request->getMethod() === 'POST') {
42            $input = $request->getParsedBody();
43            $result = $this->writeUpdatedEntity($input, $userAccountName);
44            if ($result instanceof Entity) {
45                return \BO\Slim\Render::redirect(
46                    'useraccountEdit',
47                    array('loginname' => $result->id),
48                    array('success' => 'useraccount_saved')
49                );
50            }
51        }
52
53        $config = \App::$http->readGetResult('/config/', [], \App::CONFIG_SECURE_TOKEN)->getEntity();
54        $allowedProviderList = explode(',', $config->getPreference('oidc', 'provider') ?? '');
55
56        $roleList = new RoleList();
57        $userAccountRoles = [];
58
59        // Until all controllers have been updated, only superusers should be allowed to assign the new roles
60        // @todo: remove isSuperUser() and replace with hasPermissions(['useraccount']) with ZMSKVR-1173
61        if ($workstation->getUseraccount()->isSuperUser()) {
62            $roleResult = \App::$http->readGetResult('/roles/', []);
63            if ($roleResult) {
64                $loaded = $roleResult->getCollection();
65                if ($loaded !== null) {
66                    $roleList = $loaded;
67                }
68            }
69            $userAccountRoles = (isset($userAccount->roles) && is_array($userAccount->roles))
70                ? $userAccount->roles
71                : [];
72        }
73
74        return \BO\Slim\Render::withHtml(
75            $response,
76            'page/useraccountEdit.twig',
77            [
78                'debug' => \App::DEBUG,
79                'userAccount' => $userAccount,
80                'success' => $confirmSuccess,
81                'ownerList' => $ownerList ? $ownerList->toDepartmentListByOrganisationName() : [],
82                'workstation' => $workstation,
83                'title' => 'Nutzer: Einrichtung und Administration','menuActive' => 'useraccount',
84                'exception' => (isset($result)) ? $result : null,
85                'metadata' => $this->getSchemaConstraintList(Loader::asArray(Entity::$schema)),
86                'oidcProviderList' => array_filter($allowedProviderList),
87                'isFromOidc' => in_array($userAccount->getOidcProviderFromName(), $allowedProviderList),
88                'roleList' => $roleList,
89                'userAccountRoles' => $userAccountRoles,
90            ]
91        );
92    }
93
94    protected function writeUpdatedEntity($input, $userAccountName)
95    {
96        $entity = (new Entity($input))->withCleanedUpFormData();
97        // TODO: Remove the password fields when password authentication is removed in the future
98        $entity->setPassword($input);
99        return $this->handleEntityWrite(function () use ($entity, $userAccountName) {
100            return \App::$http
101                ->readPostResult('/useraccount/' . $userAccountName . '/', $entity)
102                ->getEntity();
103        });
104    }
105}