mirror of
https://github.com/alchemy-fr/Phraseanet.git
synced 2025-10-18 07:23:13 +00:00
PHRAS-2172_parade-saml-err500_MASTER (#2695)
fix : the user application was updated (=created) after the check add : "find()" on user repo (type hinted) to allow code sniff, completion etc.
This commit is contained in:
jygaulier
@@ -13,8 +13,12 @@ use Alchemy\Phrasea\Application;
|
|||||||
use Alchemy\Phrasea\Application\Helper\DispatcherAware;
|
use Alchemy\Phrasea\Application\Helper\DispatcherAware;
|
||||||
use Alchemy\Phrasea\Authentication\Context;
|
use Alchemy\Phrasea\Authentication\Context;
|
||||||
use Alchemy\Phrasea\Authentication\Exception\AccountLockedException;
|
use Alchemy\Phrasea\Authentication\Exception\AccountLockedException;
|
||||||
|
use Alchemy\Phrasea\Authentication\Exception\NotAuthenticatedException;
|
||||||
use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException;
|
use Alchemy\Phrasea\Authentication\Exception\RequireCaptchaException;
|
||||||
use Alchemy\Phrasea\Authentication\Phrasea\PasswordAuthenticationInterface;
|
use Alchemy\Phrasea\Authentication\Phrasea\PasswordAuthenticationInterface;
|
||||||
|
use Alchemy\Phrasea\Authentication\Provider\ProviderInterface;
|
||||||
|
use Alchemy\Phrasea\Authentication\ProvidersCollection;
|
||||||
|
use Alchemy\Phrasea\Authentication\SuggestionFinder;
|
||||||
use Alchemy\Phrasea\Controller\Controller;
|
use Alchemy\Phrasea\Controller\Controller;
|
||||||
use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
|
use Alchemy\Phrasea\Core\Configuration\PropertyAccess;
|
||||||
use Alchemy\Phrasea\Core\Event\PostAuthenticate;
|
use Alchemy\Phrasea\Core\Event\PostAuthenticate;
|
||||||
@@ -22,6 +26,9 @@ use Alchemy\Phrasea\Core\Event\PreAuthenticate;
|
|||||||
use Alchemy\Phrasea\Core\PhraseaEvents;
|
use Alchemy\Phrasea\Core\PhraseaEvents;
|
||||||
use Alchemy\Phrasea\Model\Manipulator\ApiAccountManipulator;
|
use Alchemy\Phrasea\Model\Manipulator\ApiAccountManipulator;
|
||||||
use Alchemy\Phrasea\Model\Repositories\ApiApplicationRepository;
|
use Alchemy\Phrasea\Model\Repositories\ApiApplicationRepository;
|
||||||
|
use Alchemy\Phrasea\Model\Repositories\UserRepository;
|
||||||
|
use Alchemy\Phrasea\Model\Repositories\UsrAuthProviderRepository;
|
||||||
|
use InvalidArgumentException;
|
||||||
use Symfony\Component\HttpFoundation\Request;
|
use Symfony\Component\HttpFoundation\Request;
|
||||||
use Symfony\Component\HttpFoundation\Response;
|
use Symfony\Component\HttpFoundation\Response;
|
||||||
use Symfony\Component\HttpFoundation\Session\Session;
|
use Symfony\Component\HttpFoundation\Session\Session;
|
||||||
@@ -103,7 +110,7 @@ class OAuth2Controller extends Controller
|
|||||||
return $this->app->redirectPath('oauth2_authorize', array_merge(array('error' => 'account-locked'), $params));
|
return $this->app->redirectPath('oauth2_authorize', array_merge(array('error' => 'account-locked'), $params));
|
||||||
}
|
}
|
||||||
|
|
||||||
$user = $this->app['repo.users']->find($usrId);
|
$user = $this->getUserRepository()->find($usrId);
|
||||||
$this->getAuthenticator()->openAccount($user);
|
$this->getAuthenticator()->openAccount($user);
|
||||||
$event = new PostAuthenticate($request, new Response(), $user, $context);
|
$event = new PostAuthenticate($request, new Response(), $user, $context);
|
||||||
$this->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event);
|
$this->dispatch(PhraseaEvents::POST_AUTHENTICATE, $event);
|
||||||
@@ -115,6 +122,8 @@ class OAuth2Controller extends Controller
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$account = $this->oAuth2Adapter->updateAccount($this->getAuthenticatedUser());
|
||||||
|
|
||||||
//check if current client is already authorized by current user
|
//check if current client is already authorized by current user
|
||||||
$clients = $appRepository->findAuthorizedAppsByUser($this->getAuthenticatedUser());
|
$clients = $appRepository->findAuthorizedAppsByUser($this->getAuthenticatedUser());
|
||||||
|
|
||||||
@@ -125,8 +134,6 @@ class OAuth2Controller extends Controller
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$account = $this->oAuth2Adapter->updateAccount($this->getAuthenticatedUser());
|
|
||||||
|
|
||||||
$params['account_id'] = $account->getId();
|
$params['account_id'] = $account->getId();
|
||||||
|
|
||||||
if (!$appAuthorized && $actionAccept === null) {
|
if (!$appAuthorized && $actionAccept === null) {
|
||||||
@@ -231,6 +238,8 @@ class OAuth2Controller extends Controller
|
|||||||
|
|
||||||
$this->oAuth2Adapter->setClient($client);
|
$this->oAuth2Adapter->setClient($client);
|
||||||
|
|
||||||
|
$account = $this->oAuth2Adapter->updateAccount($this->getAuthenticatedUser());
|
||||||
|
|
||||||
//check if current client is already authorized by current user
|
//check if current client is already authorized by current user
|
||||||
$clients = $appRepository->findAuthorizedAppsByUser($this->getAuthenticatedUser());
|
$clients = $appRepository->findAuthorizedAppsByUser($this->getAuthenticatedUser());
|
||||||
$appAuthorized = false;
|
$appAuthorized = false;
|
||||||
@@ -242,8 +251,6 @@ class OAuth2Controller extends Controller
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$account = $this->oAuth2Adapter->updateAccount($this->getAuthenticatedUser());
|
|
||||||
|
|
||||||
$params['account_id'] = $account->getId();
|
$params['account_id'] = $account->getId();
|
||||||
|
|
||||||
//if native app show template
|
//if native app show template
|
||||||
@@ -279,7 +286,7 @@ class OAuth2Controller extends Controller
|
|||||||
throw new HttpException(400, 'This route requires the use of the https scheme: ' . $config->get(['main', 'api_require_ssl']), null, ['content-type' => 'application/json']);
|
throw new HttpException(400, 'This route requires the use of the https scheme: ' . $config->get(['main', 'api_require_ssl']), null, ['content-type' => 'application/json']);
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->oAuth2Adapter->grantAccessToken($request);
|
$this->oAuth2Adapter->grantAccessToken();
|
||||||
ob_flush();
|
ob_flush();
|
||||||
flush();
|
flush();
|
||||||
|
|
||||||
@@ -340,4 +347,12 @@ class OAuth2Controller extends Controller
|
|||||||
{
|
{
|
||||||
return $this->app['authentication.suggestion-finder'];
|
return $this->app['authentication.suggestion-finder'];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @return UserRepository
|
||||||
|
*/
|
||||||
|
private function getUserRepository()
|
||||||
|
{
|
||||||
|
return $this->app['repo.users'];
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -22,6 +22,18 @@ use Alchemy\Phrasea\Model\Entities\User;
|
|||||||
*/
|
*/
|
||||||
class UserRepository extends EntityRepository
|
class UserRepository extends EntityRepository
|
||||||
{
|
{
|
||||||
|
/**
|
||||||
|
* Finds an User by its primary key / identifier.
|
||||||
|
*
|
||||||
|
* @inheritdoc
|
||||||
|
*
|
||||||
|
* @return User|null
|
||||||
|
*/
|
||||||
|
public function find($id, $lockMode = null, $lockVersion = null)
|
||||||
|
{
|
||||||
|
return parent::find($id, $lockMode, $lockVersion);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Finds admins.
|
* Finds admins.
|
||||||
*
|
*
|
||||||
|
|||||||
Reference in New Issue
Block a user