rnsrk/wisski_cloud_account_manager
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

more validation

Browse source
This commit is contained in:
Robert Nasarek 2023-09-04 14:38:02 +02:00
parent bb4d5b65d5
commit e0db22915b
12 changed files with 196 additions and 82 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/Controller/WisskiCloudAccountManagerController.php
View file

@ -47,7 +47,7 @@ class WisskiCloudAccountManagerController extends ControllerBase {
*/
public function termsAndConditionsPage(): array {
$build = [
'#theme' => 'terms_and_conditions_page',
'#theme' => 'wisski_cloud_account_manager_terms_and_conditions_page',
'#date' => date('Y'),
];
return $build;
@ -63,10 +63,7 @@ class WisskiCloudAccountManagerController extends ControllerBase {
* The page build array.
*/
public function validationPage(string $validationCode): array {
$validationResponse = $this->wisskiCloudAccountManagerDaemonApiActions->validateAccount($validationCode);
$account = json_decode($validationResponse->getBody()
->getContents(), TRUE);
$account = $this->wisskiCloudAccountManagerDaemonApiActions->validateAccount($validationCode);
return [
'#theme' => 'wisski_cloud_account_manager_validation_page',
'#account' => $account,

11
src/Form/WisskiCloudAccountManagerCreateForm.php
View file

@ -172,6 +172,7 @@ class WisskiCloudAccountManagerCreateForm extends FormBase {
// @todo Check if username is WissKI Cloud accounts, i.e add direct by admin?.
$dataToCheck['username'] = $form_state->getValue('username');
$dataToCheck['email'] = $form_state->getValue('email');
$dataToCheck['emailProvider'] = explode('@', $dataToCheck['email'])[1];
$dataToCheck['subdomain'] = $form_state->getValue('subdomain');
$response = $this->wisskiCloudAccountManagerDaemonApiActions->checkAccountData($dataToCheck);
@ -182,13 +183,17 @@ class WisskiCloudAccountManagerCreateForm extends FormBase {
if (strlen($dataToCheck['username']) < 3) {
$form_state->setErrorByName('username', $this->t('The username "@username" is too short, please use at least 3 characters.', ['@username' => $dataToCheck['username']]));
}
if (in_array($dataToCheck['username'], explode(',', $this->settings->get('usernameBlacklist')))) {
if (in_array($dataToCheck['username'], preg_split('/\r\n|\r|\n/', $this->settings->get('usernameBlacklist')))) {
$form_state->setErrorByName('username', $this->t('The username "@username" is not allowed.', ['@username' => $dataToCheck['username']]));
}
if ($response['accountData']['accountWithUsername']) {
$form_state->setErrorByName('username', $this->t('The username "@username" is already in use.', ['@username' => $dataToCheck['username']]));
}
if (in_array($dataToCheck['emailProvider'], preg_split('/\r\n|\r|\n/', $this->settings->get('emailProviderBlacklist')))) {
$form_state->setErrorByName('email', $this->t('The email provider "@provider"is not allowed.', ['@provider' => $dataToCheck['emailProvider']]));
}
if ($response['accountData']['accountWithEmail']) {
$form_state->setErrorByName('email', $this->t('The email "@email" is already in use.', ['@email' => $dataToCheck['email']]));
}
@ -197,7 +202,7 @@ class WisskiCloudAccountManagerCreateForm extends FormBase {
$form_state->setErrorByName('subdomain', $this->t('The subdomain "@subdomain" is too short, please use at least 3 characters.', ['@subdomain' => $dataToCheck['subdomain']]));
}
if (in_array($dataToCheck['subdomain'], explode(',', $this->settings->get('subdomainBlacklist')))) {
if (in_array($dataToCheck['subdomain'], preg_split('/\r\n|\r|\n/', $this->settings->get('subdomainBlacklist')))) {
$form_state->setErrorByName('subdomain', $this->t('The subdomain "@subdomain" is not allowed.', ['@subdomain' => $dataToCheck['subdomain']]));
}
if ($response['accountData']['accountWithSubdomain']) {
@ -231,6 +236,8 @@ class WisskiCloudAccountManagerCreateForm extends FormBase {
->addMessage($this->t('The account data has been successfully saved, please check your email for validation!'));
}
catch (\Exception $ex) {
$this->messenger()
->addError($this->t('The account data could not be saved, please try again later or write an email to cloud@wiss-ki.eu.'));
$this->logger('wisski_cloud_account_manager')->error($ex->getMessage());
}
}

33
src/Form/WisskiCloudAccountManagerSettingsForm.php
View file

@ -71,15 +71,28 @@ class WisskiCloudAccountManagerSettingsForm extends ConfigFormBase {
];
$form['usernameBlacklist'] = [
'#type' => 'textfield',
'#type' => 'textarea',
'#title' => $this->t('Username blacklist'),
'#description' => $this->t('Provide blocked usernames with a comma separated list, i. e. "admin,root"'),
'#rows' => '5',
'#cols' => '60',
'#description' => $this->t('Provide blocked usernames separeated by new lines, i. e. "\n admin \n root"'),
'#default_value' => $config->get('usernameBlacklist'),
];
$form['emailProviderBlacklist'] = [
'#type' => 'textarea',
'#title' => $this->t('Email provider blacklist'),
'#rows' => '5',
'#cols' => '60',
'#resizable' => 'vertical',
'#description' => $this->t('Provide blocked email providers with a comma separated list, i. e. "\n admin\nroot"'),
'#default_value' => $config->get('emailProviderBlacklist'),
];
$form['subdomainBlacklist'] = [
'#type' => 'textfield',
'#type' => 'textarea',
'#rows' => '5',
'#cols' => '60',
'#title' => $this->t('Subdomain blacklist'),
'#description' => $this->t('Provide blocked subdomain with a comma separated list, i. e. "www,admin,root"'),
'#description' => $this->t('Provide blocked subdomain with a comma separated list, i. e. "\nwww\nadmin\nroot"'),
'#default_value' => $config->get('subdomainBlacklist'),
];
@ -91,11 +104,14 @@ class WisskiCloudAccountManagerSettingsForm extends ConfigFormBase {
*/
public function validateForm(array &$form, FormStateInterface $form_state): void {
parent::validateForm($form, $form_state);
if (!preg_match("/^(?:\w+(?:,\w+)*)?$/", $form_state->getValue('usernameBlacklist'))) {
$form_state->setErrorByName('usernameBlacklist', $this->t('The username blacklist is not valid. Only words separated by commas are allowed.'));
if (!preg_match("/^[a-zA-Z0-9\-]+(\r?\n[a-zA-Z0-9\-]+)*$/", $form_state->getValue('usernameBlacklist'))) {
$form_state->setErrorByName('usernameBlacklist', $this->t('The username blacklist is not valid. Only words separated by new lines are allowed.'));
}
if (!preg_match("/^(?:\w+(?:,\w+)*)?$/", $form_state->getValue('subdomainBlacklist'))) {
$form_state->setErrorByName('subdomainBlacklist', $this->t('The subdomain blacklist is not valid. Only words separated by commas are allowed.'));
if (!preg_match("/^([a-zA-Z0-9-]+\.[a-zA-Z0-9-]+)+(\r?\n[a-zA-Z0-9-]+\.[a-zA-Z0-9-]+)*$/", $form_state->getValue('emailProviderBlacklist'))) {
$form_state->setErrorByName('emailProviderBlacklist', $this->t('The email provider blacklist is not valid. Only &lt;second level domain&gt; &lt;dot&gt; &lt;first level domain&gt; separated by new lines are allowed.'));
}
if (!preg_match("/^[a-zA-Z0-9\-]+(\r?\n[a-zA-Z0-9\-]+)*$/", $form_state->getValue('subdomainBlacklist'))) {
$form_state->setErrorByName('subdomainBlacklist', $this->t('The subdomain blacklist is not valid. Only words separated by new lines are allowed.'));
}
}
@ -111,6 +127,7 @@ class WisskiCloudAccountManagerSettingsForm extends ConfigFormBase {
->set('accountProvisionAndValidationCheck', $form_state->getValue('accountProvisionAndValidationCheck'))
->set('accountValidation', $form_state->getValue('accountValidation'))
->set('usernameBlacklist', $form_state->getValue('usernameBlacklist'))
->set('emailProviderBlacklist', $form_state->getValue('emailProviderBlacklist'))
->set('subdomainBlacklist', $form_state->getValue('subdomainBlacklist'))
->save();

100
src/WisskiCloudAccountManagerDaemonApiActions.php
View file

@ -2,6 +2,7 @@
namespace Drupal\wisski_cloud_account_manager;
use Symfony\Component\HttpFoundation\RequestStack;
use Drupal\Core\Config\Config;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\DependencyInjection\DependencySerializationTrait;
@ -12,7 +13,6 @@ use Drupal\Core\Messenger\MessengerInterface;
use Drupal\Core\Render\Markup;
use Drupal\Core\StringTranslation\TranslationInterface;
use GuzzleHttp\ClientInterface;
use Psr\Http\Message\ResponseInterface;
/**
* Handles the communication with the WissKI Cloud account manager daemon.
@ -105,6 +105,13 @@ class WisskiCloudAccountManagerDaemonApiActions {
*/
protected MailManagerInterface $mailManager;
/**
* The request stack.
*
* @var \Symfony\Component\HttpFoundation\RequestStack
*/
protected RequestStack $requestStack;
/**
* The string translation service.
*
@ -122,21 +129,21 @@ class WisskiCloudAccountManagerDaemonApiActions {
LoggerChannelFactoryInterface $loggerFactory,
MessengerInterface $messenger,
MailManagerInterface $mailManager,
RequestStack $requestStack,
TranslationInterface $stringTranslation,
) {
// Services from container.
$settings = $configFactory
->getEditable('wisski_cloud_account_manager.settings');
$this->settings = $settings;
$this->stringTranslation = $stringTranslation;
$this->loggerFactory = $loggerFactory;
$this->messenger = $messenger;
$this->httpClient = $httpClient;
$this->mailManager = $mailManager;
$this->requestStack = $requestStack;
$this->languageManager = $languageManager;
// Settings.
$settings = $configFactory
->getEditable('wisski_cloud_account_manager.settings');
$this->settings = $settings;
// Set the daemon URL and the URL parts class variables.
$this->DAEMON_URL = $settings->get('daemonUrl') ?: 'http://wisski_cloud_api_daemon:3000/wisski-cloud-daemon/api/v1';
$this->ALL_ACCOUNTS = $settings->get('allAccounts') ?: '/account/all';
@ -156,6 +163,7 @@ class WisskiCloudAccountManagerDaemonApiActions {
* The response from the daemon (account id with validation code).
*/
public function addAccount(array $account): array {
try {
$request = [
'headers' => [
'Content-Type' => 'application/json',
@ -164,8 +172,25 @@ class WisskiCloudAccountManagerDaemonApiActions {
];
$accountPostUrl = $this->DAEMON_URL . $this->ACCOUNT_POST_URL_PART;
$response = $this->httpClient->post($accountPostUrl, $request);
return array_merge(json_decode($response->getBody()
->getContents(), TRUE), ['statusCode' => $response->getStatusCode()]);
return json_decode($response->getBody()
->getContents(), TRUE);
}
catch (\Exception $e) {
// Request failed, handle the error.
$this->loggerFactory
->get('wisski_cloud_account_manager')
->error('Request failed with exception: ' . $e->getMessage());
$this->messenger
->addError($this->stringTranslation->translate('Can not communicate with the WissKI Cloud account manager daemon. Try again later or contact cloud@wiss-ki.eu.'));
return [
"message" => 'Request failed with exception: ' . $e->getMessage(),
"data" => [
'email' => NULL,
'validationCode' => NULL,
],
'success' => FALSE,
];
}
}
/**
@ -219,6 +244,8 @@ class WisskiCloudAccountManagerDaemonApiActions {
$this->loggerFactory
->get('wisski_cloud_account_manager')
->error('Request failed with exception: ' . $e->getMessage());
$this->messenger
->addError($this->stringTranslation->translate('Can not communicate with the WissKI Cloud account manager daemon. Try again later or contact cloud@wiss-ki.eu.'));
return [
"message" => 'Request failed with exception: ' . $e->getMessage(),
"accountData" => [
@ -238,12 +265,27 @@ class WisskiCloudAccountManagerDaemonApiActions {
* The accounts response from the daemon.
*/
public function getAccounts(): array {
try {
// Combine the base URL and the query string.
$request_url = $this->DAEMON_URL . $this->ALL_ACCOUNTS;
// Send the GET request using the `drupal_http_request()` function.
$response = $this->httpClient->get($request_url);
return json_decode($response->getBody()->getContents(), TRUE);
}
catch (\Exception $e) {
// Request failed, handle the error.
$this->loggerFactory
->get('wisski_cloud_account_manager')
->error('Request failed with exception: ' . $e->getMessage());
$this->messenger
->addError($this->stringTranslation->translate('Can not communicate with the WissKI Cloud account manager daemon. Try again later or contact cloud@wiss-ki.eu.'));
return [
"message" => 'Request failed with exception: ' . $e->getMessage(),
"accounts" => [],
'success' => FALSE,
];
}
}
/**
* Checks the validation status of the given validation code.
@ -251,12 +293,29 @@ class WisskiCloudAccountManagerDaemonApiActions {
* @param string $validationCode
* The validation code to check.
*
* @return \Psr\Http\Message\ResponseInterface
* The response from the daemon.
* @return array
* The account data from the daemon.
*/
public function validateAccount(string $validationCode): ResponseInterface {
public function validateAccount(string $validationCode): array {
try {
$url = $this->DAEMON_URL . $this->ACCOUNT_VALIDATION_URL_PART . '/' . $validationCode;
return $this->httpClient->put($url);
$validationResponse = $this->httpClient->put($url);
return json_decode($validationResponse->getBody()
->getContents(), TRUE);
}
catch (\Exception $e) {
// Request failed, handle the error.
$this->loggerFactory
->get('wisski_cloud_account_manager')
->error('Request failed with exception: ' . $e->getMessage());
$this->messenger
->addError($this->stringTranslation->translate('Can not communicate with the WissKI Cloud account manager daemon. Try again later or contact cloud@wiss-ki.eu.'));
return [
"message" => 'Request failed with exception: ' . $e->getMessage(),
"accounts" => [],
'success' => FALSE,
];
}
}
/**
@ -268,26 +327,37 @@ class WisskiCloudAccountManagerDaemonApiActions {
* The validation code to be used in the validation link.
*/
public function sendValidationEmail(string $email, string $validationCode): void {
try {
$module = 'wisski_cloud_account_manager';
$key = 'wisski_cloud_account_validation';
$langcode = $this->languageManager->getDefaultLanguage()->getId();
$to = $email;
$validationLink = \Drupal::request()
$validationLink = $this->requestStack->getCurrentRequest()
->getSchemeAndHttpHost() . '/wisski-cloud-account-manager/validate/' . $validationCode;
$params['message'] = Markup::create($this->stringTranslation->translate('<p>Please validate your account by clicking on this <a href="@validationLink" target="_blank">link</a> or copy this to the address bar of your browser: <p>@validationLink</p>.</p>', ['@validationLink' => $validationLink]));
$params['subject'] = $this->stringTranslation->translate('WissKI Cloud account validation');
$result = $this->mailManager->mail($module, $key, $to, $langcode, $params, NULL, TRUE);
if ($result['result'] === TRUE) {
$this->messenger
->addMessage($this->stringTranslation->translate('Email sent successfully.'));
->addMessage($this->stringTranslation->translate('Email send successfully.'));
}
else {
$this->messenger
->addMessage($this->stringTranslation->translate('There was an error sending the email.'), 'error');
}
}
catch (\Exception $e) {
// Request failed, handle the error.
$this->loggerFactory
->get('wisski_cloud_account_manager')
->error('Email sending operation ended with exception: ' . $e->getMessage());
$this->messenger
->addError($this->stringTranslation->translate('Email sending operation ended with error. Try again later or contact cloud@wiss-ki.eu.'));
}
}
}

2
templates/wisski-cloud-account-manager-account-managing-page.html.twig
View file

@ -10,7 +10,6 @@
<th>Subdomain</th>
<th>Valid</th>
<th>Provisioned</th>
<th>Error</th>
<th>Options</th>
</tr>
{% for item in accounts.data %}
@ -38,7 +37,6 @@
{% else %}
unknown
{% endif %}</td>
<td>{{ accounts.error }}</td>
<td><label for="account-edit"></label>
<select name="account-edit" id="account-edit">
<option value="edit">edit</option>

0
templates/wisski_cloud_account_manager_terms-and-conditions-page.html.twig → templates/wisski-cloud-account-manager-terms-and-conditions-page.html.twig
View file

2
templates/wisski-cloud-account-manager-validation-page.html.twig
View file

@ -9,7 +9,6 @@
<th>Subdomain</th>
<th>Valid</th>
<th>Provisioned</th>
<th>Error</th>
</tr>
<tr>
<td>{{ account.data.personName }}</td>
@ -34,7 +33,6 @@
{% else %}
unknown
{% endif %}</td>
<td>{{ account.error }}</td>
</tr>
</table>
<hr>

23
wisski_cloud_account_manager.links.menu.yml
View file

@ -1,6 +1,17 @@
# @TODO: Find bug why this is not working
wisski_cloud_account.settings.menu:
title: 'WissKI cloud account settings'
description: 'WissKI cloud account settings'
parent: system.admin_config_wisski_cloud_account
route_name: wisski_cloud_account.settings
wisski_cloud_account_manager.settings_menu_block:
title: 'WissKI cloud account manager'
description: 'WissKI cloud account manager'
parent: system.admin_config
route_name: wisski_cloud_account_manager.settings.menu
wisski_cloud_account_manager.settings_form:
title: 'WissKI cloud account manager settings'
description: 'WissKI cloud account manager settings'
parent: wisski_cloud_account_manager.settings_menu_block
route_name: wisski_cloud_account_manager.settings
wisski_cloud_account_manager.overview_page:
title: 'WissKI cloud account manager overview page'
description: 'WissKI cloud account manager overview page'
parent: wisski_cloud_account_manager.settings_menu_block
route_name: wisski_cloud_account_manager.manage

25
wisski_cloud_account_manager.module
View file

@ -7,27 +7,38 @@ use Drupal\Component\Utility\Html;
/**
* Implements hook_help().
*/
function wisski_cloud_account_manager_help($route_name, \Drupal\Core\Routing\RouteMatchInterface $route_match){
function wisski_cloud_account_manager_help($route_name, \Drupal\Core\Routing\RouteMatchInterface $route_match) {
$output = '';
switch ($route_name) {
case 'help.page.wisski_cloud_account_manager':
$output = '';
$output .= '<h3>' . t('About') . '</h3>';
$output .= '<p>' . t('This module provides a form to create a WissKI Cloud account. Create form can be found at the route <a href="@createPage"> "/wisski_cloud_account_manager/create" </a>', ['@createPage' => '/wisski-cloud-account-manager/create']). '</p>';
return $output;
$output .= '<p>' . t('This module provides the functionality to create, validate and manage WissKI Cloud accounts.') . '</p>';
$output .= '<h3>' . t('Configuration') . '</h3>';
$output .= '<p>' . t('Configuration is done on the <a href="@settingsPage" targer="_blank">settings page</a>.', ['@settingsPage' => '/admin/config/wisski-cloud-account-manager/settings']) . '</p>';
$output .= '<h3>' . t('Create WissKI Cloud Account') . '</h3>';
$output .= '<p>' . t('<a href="@createPage" targer="_blank">This page</a> allows you to create a WissKI Cloud account.', ['@createPage' => '/wisski-cloud-account-manager/create']) . '</p>';
$output .= '<h3>' . t('Validate WissKI Cloud Account') . '</h3>';
$output .= '<p>' . t('<a href="@validationPage" targer="_blank">This page</a> allows you to validate your account and check the status of the provision.', ['@validationPage' => '/wisski-cloud-account-manager/validate/GsyMv5DdFhPCixL1wTLZhzFg7sVDOiHq']) . '</p>';
break;
}
return $output;
}
/**
* Implements hook_mail().
*/
function wisski_cloud_account_manager_mail($key, &$message, $params) {
$options = array(
$options = [
'langcode' => $message['langcode'],
);
];
switch ($key) {
case 'wisski_cloud_account_validation':
$message['from'] = \Drupal::config('system.site')->get('mail');
$message['subject'] = t('@subject', array('@subject' => $params['subject']), $options);
$message['subject'] = t('@subject', ['@subject' => $params['subject']], $options);
$message['body'][] = $params['message'];
$headers = [

6
wisski_cloud_account_manager.permissions.yml Normal file
View file

@ -0,0 +1,6 @@
admister wisski cloud account manager:
title: 'Administer WissKI Cloud Account Manager'
description: 'Administer WissKI Cloud Account Manager Settings and Accounts'
restrict access: true

20
wisski_cloud_account_manager.routing.yml
View file

@ -1,13 +1,12 @@
# Site config group
system.admin_config_wisski_cloud_account:
wisski_cloud_account_manager.settings.menu:
path: '/admin/config/wisski-cloud-account-manager'
defaults:
_controller: '\Drupal\system\Controller\SystemController::systemAdminMenuBlockPage'
_title: 'WissKI cloud account manager'
requirements:
_permission: 'administer site configuration'
_permission: 'admister wisski cloud account manager'
wisski_cloud_account.create:
wisski_cloud_account_manager.create:
path: '/wisski-cloud-account-manager/create'
defaults:
_form: '\Drupal\wisski_cloud_account_manager\Form\WisskiCloudAccountManagerCreateForm'
@ -15,24 +14,23 @@ wisski_cloud_account.create:
requirements:
_access: 'TRUE'
wisski_cloud_account.manage:
wisski_cloud_account_manager.manage:
path: '/wisski-cloud-account-manager/manage'
defaults:
_controller: '\Drupal\wisski_cloud_account_manager\Controller\WisskiCloudAccountManagerController::accountManagingPage'
_title: 'Account managing page'
requirements:
_access: 'TRUE'
_permission: 'admister wisski cloud account manager'
wisski_cloud_account.settings:
wisski_cloud_account_manager.settings:
path: '/admin/config/wisski-cloud-account-manager/settings'
defaults:
_form: '\Drupal\wisski_cloud_account_manager\Form\WisskiCloudAccountManagerSettingsForm'
_title: 'WissKI cloud account settings'
requirements:
_permission: 'administer site configuration'
_permission: 'admister wisski cloud account manager'
wisski_cloud_account.terms_and_conditions:
wisski_cloud_account_manager.terms_and_conditions:
path: '/wisski-cloud-account-manager/terms-and-conditions'
defaults:
_controller: '\Drupal\wisski_cloud_account_manager\Controller\WisskiCloudAccountManagerController::termsAndConditionsPage'
@ -40,7 +38,7 @@ wisski_cloud_account.terms_and_conditions:
requirements:
_access: 'TRUE'
wisski_cloud_account.validate:
wisski_cloud_account_manager.validate:
path: '/wisski-cloud-account-manager/validate/{validationCode}'
defaults:
_controller: '\Drupal\wisski_cloud_account_manager\Controller\WisskiCloudAccountManagerController::validationPage'

1
wisski_cloud_account_manager.services.yml
View file

@ -8,5 +8,6 @@ services:
- '@logger.factory'
- '@messenger'
- '@plugin.manager.mail'
- '@request_stack'
- '@string_translation'