PHP Class Neos\Neos\Domain\Service\UserService

Show file Open project: neos/neos-development-collection Class Usage Examples

Protected Properties

Property Type Description
$accountFactory Neos\Flow\Security\AccountFactory
$accountRepository Neos\Flow\Security\AccountRepository
$authenticationManager Neos\Flow\Security\Authentication\AuthenticationManagerInterface
$defaultAuthenticationProviderName string Might be configurable in the future, for now centralising this as a "constant"
$hashService Neos\Flow\Security\Cryptography\HashService
$now Neos\Flow\Utility\Now
$partyRepository Neos\Party\Domain\Repository\PartyRepository
$partyService Neos\Party\Domain\Service\PartyService
$policyService Neos\Flow\Security\Policy\PolicyService
$privilegeManager Neos\Flow\Security\Authorization\PrivilegeManagerInterface
$publishingService Neos\Neos\Service\PublishingService
$runtimeUserCache array
$securityContext Neos\Flow\Security\Context
$userRepository Neos\Neos\Domain\Repository\UserRepository
$workspaceRepository Neos\ContentRepository\Domain\Repository\WorkspaceRepository

Public Methods

Method Description
activateUser ( User $user ) : void Reactivates the given user
addRoleToAccount ( Account $account, string $roleIdentifier ) : integer Adds the specified role to the given account and potentially carries out further actions which are needed to properly reflect these changes.
addRoleToUser ( User $user, string $roleIdentifier ) : integer Adds the specified role to all accounts of the given user and potentially carries out further actions which are needed to properly reflect these changes.
addUser ( string $username, string $password, User $user, array $roleIdentifiers = null, string $authenticationProviderName = null ) : User Adds a user whose User object has been created elsewhere
createUser ( string $username, string $password, string $firstName, string $lastName, array $roleIdentifiers = null, string $authenticationProviderName = null ) : User Creates a user based on the given information
currentUserCanManageWorkspace ( Workspace $workspace ) : boolean Checks if the current user may manage the given workspace according to one the roles of the user's accounts
currentUserCanPublishToWorkspace ( Workspace $workspace ) : boolean Checks if the current user may publish to the given workspace according to one the roles of the user's accounts
currentUserCanReadWorkspace ( Workspace $workspace ) : boolean Checks if the current user may read the given workspace according to one the roles of the user's accounts
currentUserCanTransferOwnershipOfWorkspace ( Workspace $workspace ) : boolean Checks if the current user may transfer ownership of the given workspace
deactivateUser ( User $user ) : void Deactivates the given user
deleteUser ( User $user ) : void Deletes the specified user and all remaining content in his personal workspaces
emitRolesAdded ( Account $account, array $roles ) : void Signals that new roles have been assigned to the given account
emitRolesRemoved ( Account $account, array $roles ) : void Signals that roles have been removed to the given account
emitUserActivated ( User $user ) : void Signals that the given user has been activated
emitUserCreated ( User $user ) : void Signals that a new user, including a new account has been created.
emitUserDeactivated ( User $user ) : void Signals that the given user has been activated
emitUserDeleted ( User $user ) : void Signals that the given user has been deleted.
emitUserUpdated ( User $user ) : void Signals that the given user data has been updated.
getCurrentUser ( ) : User Returns the currently logged in user, if any
getDefaultAuthenticationProviderName ( ) : string Returns the default authentication provider name
getUser ( string $username, string $authenticationProviderName = null ) : User Retrieves an existing user by the given username
getUsername ( User $user, string $authenticationProviderName = null ) : string Returns the username of the given user
getUsers ( ) : array Retrieves a list of all existing users
removeRoleFromAccount ( Account $account, string $roleIdentifier ) : integer Removes the specified role from the given account and potentially carries out further actions which are needed to properly reflect these changes.
removeRoleFromUser ( User $user, string $roleIdentifier ) : integer Removes the specified role from all accounts of the given user and potentially carries out further actions which are needed to properly reflect these changes.
setRolesForAccount ( Account $account, array $newRoleIdentifiers ) : void Overrides any assigned roles of the given account and potentially carries out further actions which are needed to properly reflect these changes.
setUserPassword ( User $user, string $password ) : void Sets a new password for the given user
updateUser ( User $user ) : void Updates the given user in the respective repository and potentially executes further actions depending on what has been changed.

Protected Methods

Method Description
createPersonalWorkspace ( User $user, Account $account ) Creates a personal workspace for the given user's account if it does not exist already.
deletePersonalWorkspace ( string $accountIdentifier ) : void Removes all personal workspaces of the given user's account if these workspaces exist. Also removes all possibly existing content of these workspaces.
getAllRoles ( User $user ) : array Returns an array with all roles of a user's accounts, including parent roles, the "Everybody" role and the "AuthenticatedUser" role, assuming that the user is logged in.
normalizeRoleIdentifier ( string $roleIdentifier ) : string Replaces a role identifier not containing a "." into fully qualified role identifier from the Neos.Neos namespace.
normalizeRoleIdentifiers ( array $roleIdentifiers ) : array Replaces role identifiers not containing a "." into fully qualified role identifiers from the Neos.Neos namespace.
removeOwnerFromUsersWorkspaces ( User $user ) : void Removes ownership of all workspaces currently owned by the given user

Method Details

activateUser() public method

Reactivates the given user
public activateUser ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user to deactivate
return void

addRoleToAccount() public method

Adds the specified role to the given account and potentially carries out further actions which are needed to properly reflect these changes.
public addRoleToAccount ( Account $account, string $roleIdentifier ) : integer
$account Neos\Flow\Security\Account The account to add roles to
$roleIdentifier string A fully qualified role identifier, or a role identifier relative to the Neos.Neos namespace
return integer How often this role has been added to the given account (effectively can be 1 or 0)

addRoleToUser() public method

Adds the specified role to all accounts of the given user and potentially carries out further actions which are needed to properly reflect these changes.
public addRoleToUser ( User $user, string $roleIdentifier ) : integer
$user Neos\Neos\Domain\Model\User The user to add roles to
$roleIdentifier string A fully qualified role identifier, or a role identifier relative to the Neos.Neos namespace
return integer How often this role has been added to accounts owned by the user

addUser() public method

This method basically "creates" a user like createUser() would, except that it does not create the User object itself. If you need to create the User object elsewhere, for example in your ActionController, make sure to call this method for registering the new user instead of adding it to the PartyRepository manually. This method also creates a new user workspace for the given user if no such workspace exist.
public addUser ( string $username, string $password, User $user, array $roleIdentifiers = null, string $authenticationProviderName = null ) : User
$username string The username of the user to be created.
$password string Password of the user to be created
$user Neos\Neos\Domain\Model\User The pre-built user object to start with
$roleIdentifiers array A list of role identifiers to assign
$authenticationProviderName string Name of the authentication provider to use. Example: "Typo3BackendProvider"
return Neos\Neos\Domain\Model\User The same user object

createPersonalWorkspace() protected method

Creates a personal workspace for the given user's account if it does not exist already.
protected createPersonalWorkspace ( User $user, Account $account )
$user Neos\Neos\Domain\Model\User The new user to create a workspace for
$account Neos\Flow\Security\Account The user's backend account

createUser() public method

The created user and account are automatically added to their respective repositories and thus be persisted.
public createUser ( string $username, string $password, string $firstName, string $lastName, array $roleIdentifiers = null, string $authenticationProviderName = null ) : User
$username string The username of the user to be created.
$password string Password of the user to be created
$firstName string First name of the user to be created
$lastName string Last name of the user to be created
$roleIdentifiers array A list of role identifiers to assign
$authenticationProviderName string Name of the authentication provider to use. Example: "Typo3BackendProvider"
return Neos\Neos\Domain\Model\User The created user instance

currentUserCanManageWorkspace() public method

In future versions, this logic may be implemented in Neos in a more generic way (for example, by means of an ACL object), but for now, this method exists in order to at least centralize and encapsulate the required logic.
public currentUserCanManageWorkspace ( Workspace $workspace ) : boolean
$workspace Neos\ContentRepository\Domain\Model\Workspace The workspace
return boolean

currentUserCanPublishToWorkspace() public method

In future versions, this logic may be implemented in Neos in a more generic way (for example, by means of an ACL object), but for now, this method exists in order to at least centralize and encapsulate the required logic.
public currentUserCanPublishToWorkspace ( Workspace $workspace ) : boolean
$workspace Neos\ContentRepository\Domain\Model\Workspace The workspace
return boolean

currentUserCanReadWorkspace() public method

In future versions, this logic may be implemented in Neos in a more generic way (for example, by means of an ACL object), but for now, this method exists in order to at least centralize and encapsulate the required logic.
public currentUserCanReadWorkspace ( Workspace $workspace ) : boolean
$workspace Neos\ContentRepository\Domain\Model\Workspace The workspace
return boolean

currentUserCanTransferOwnershipOfWorkspace() public method

In future versions, this logic may be implemented in Neos in a more generic way (for example, by means of an ACL object), but for now, this method exists in order to at least centralize and encapsulate the required logic.
public currentUserCanTransferOwnershipOfWorkspace ( Workspace $workspace ) : boolean
$workspace Neos\ContentRepository\Domain\Model\Workspace The workspace
return boolean

deactivateUser() public method

Deactivates the given user
public deactivateUser ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user to deactivate
return void

deletePersonalWorkspace() protected method

Removes all personal workspaces of the given user's account if these workspaces exist. Also removes all possibly existing content of these workspaces.
protected deletePersonalWorkspace ( string $accountIdentifier ) : void
$accountIdentifier string Identifier of the user's account
return void

deleteUser() public method

Deletes the specified user and all remaining content in his personal workspaces
public deleteUser ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user to delete
return void

emitRolesAdded() public method

Signals that new roles have been assigned to the given account
public emitRolesAdded ( Account $account, array $roles ) : void
$account Neos\Flow\Security\Account The account
$roles array
return void

emitRolesRemoved() public method

Signals that roles have been removed to the given account
public emitRolesRemoved ( Account $account, array $roles ) : void
$account Neos\Flow\Security\Account The account
$roles array
return void

emitUserActivated() public method

Signals that the given user has been activated
public emitUserActivated ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user
return void

emitUserCreated() public method

Signals that a new user, including a new account has been created.
public emitUserCreated ( User $user ) : void
$user Neos\Neos\Domain\Model\User The created user
return void

emitUserDeactivated() public method

Signals that the given user has been activated
public emitUserDeactivated ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user
return void

emitUserDeleted() public method

Signals that the given user has been deleted.
public emitUserDeleted ( User $user ) : void
$user Neos\Neos\Domain\Model\User The created user
return void

emitUserUpdated() public method

Signals that the given user data has been updated.
public emitUserUpdated ( User $user ) : void
$user Neos\Neos\Domain\Model\User The created user
return void

getAllRoles() protected method

Returns an array with all roles of a user's accounts, including parent roles, the "Everybody" role and the "AuthenticatedUser" role, assuming that the user is logged in.
protected getAllRoles ( User $user ) : array
$user Neos\Neos\Domain\Model\User The user
return array

getCurrentUser() public method

Returns the currently logged in user, if any
public getCurrentUser ( ) : User
return Neos\Neos\Domain\Model\User The currently logged in user, or null

getDefaultAuthenticationProviderName() public method

Returns the default authentication provider name
public getDefaultAuthenticationProviderName ( ) : string
return string

getUser() public method

Retrieves an existing user by the given username
public getUser ( string $username, string $authenticationProviderName = null ) : User
$username string The username
$authenticationProviderName string Name of the authentication provider to use. Example: "Typo3BackendProvider"
return Neos\Neos\Domain\Model\User The user, or null if the user does not exist

getUsername() public method

Technically, this method will look for the user's backend account (or, if authenticationProviderName is specified, for the account matching the given authentication provider) and return the account's identifier.
public getUsername ( User $user, string $authenticationProviderName = null ) : string
$user Neos\Neos\Domain\Model\User
$authenticationProviderName string
return string The username or null if the given user does not have a backend account

getUsers() public method

Retrieves a list of all existing users
public getUsers ( ) : array
return array

normalizeRoleIdentifier() protected method

Replaces a role identifier not containing a "." into fully qualified role identifier from the Neos.Neos namespace.
protected normalizeRoleIdentifier ( string $roleIdentifier ) : string
$roleIdentifier string
return string

normalizeRoleIdentifiers() protected method

Replaces role identifiers not containing a "." into fully qualified role identifiers from the Neos.Neos namespace.
protected normalizeRoleIdentifiers ( array $roleIdentifiers ) : array
$roleIdentifiers array
return array

removeOwnerFromUsersWorkspaces() protected method

Removes ownership of all workspaces currently owned by the given user
protected removeOwnerFromUsersWorkspaces ( User $user ) : void
$user Neos\Neos\Domain\Model\User The user currently owning workspaces
return void

removeRoleFromAccount() public method

Removes the specified role from the given account and potentially carries out further actions which are needed to properly reflect these changes.
public removeRoleFromAccount ( Account $account, string $roleIdentifier ) : integer
$account Neos\Flow\Security\Account The account to remove roles from
$roleIdentifier string A fully qualified role identifier, or a role identifier relative to the Neos.Neos namespace
return integer How often this role has been removed from the given account (effectively can be 1 or 0)

removeRoleFromUser() public method

Removes the specified role from all accounts of the given user and potentially carries out further actions which are needed to properly reflect these changes.
public removeRoleFromUser ( User $user, string $roleIdentifier ) : integer
$user Neos\Neos\Domain\Model\User The user to remove roles from
$roleIdentifier string A fully qualified role identifier, or a role identifier relative to the Neos.Neos namespace
return integer How often this role has been removed from accounts owned by the user

setRolesForAccount() public method

Overrides any assigned roles of the given account and potentially carries out further actions which are needed to properly reflect these changes.
public setRolesForAccount ( Account $account, array $newRoleIdentifiers ) : void
$account Neos\Flow\Security\Account The account to assign the roles to
$newRoleIdentifiers array A list of fully qualified role identifiers, or role identifiers relative to the Neos.Neos namespace
return void

setUserPassword() public method

This method will iterate over all accounts owned by the given user and, if the account uses a UsernamePasswordToken, sets a new password accordingly.
public setUserPassword ( User $user, string $password ) : void
$user Neos\Neos\Domain\Model\User The user to set the password for
$password string A new password
return void

updateUser() public method

Note: changes to the user's account will not be committed for persistence. Please use addRoleToAccount(), removeRoleFromAccount(), setRolesForAccount() and setUserPassword() for changing account properties.
public updateUser ( User $user ) : void
$user Neos\Neos\Domain\Model\User The modified user
return void

Property Details

$accountFactory protected property

protected AccountFactory,Neos\Flow\Security $accountFactory
return Neos\Flow\Security\AccountFactory

$accountRepository protected property

protected AccountRepository,Neos\Flow\Security $accountRepository
return Neos\Flow\Security\AccountRepository

$authenticationManager protected property

protected AuthenticationManagerInterface,Neos\Flow\Security\Authentication $authenticationManager
return Neos\Flow\Security\Authentication\AuthenticationManagerInterface

$defaultAuthenticationProviderName protected property

Might be configurable in the future, for now centralising this as a "constant"
protected string $defaultAuthenticationProviderName
return string

$hashService protected property

protected HashService,Neos\Flow\Security\Cryptography $hashService
return Neos\Flow\Security\Cryptography\HashService

$now protected property

protected Now,Neos\Flow\Utility $now
return Neos\Flow\Utility\Now

$partyRepository protected property

protected PartyRepository,Neos\Party\Domain\Repository $partyRepository
return Neos\Party\Domain\Repository\PartyRepository

$partyService protected property

protected PartyService,Neos\Party\Domain\Service $partyService
return Neos\Party\Domain\Service\PartyService

$policyService protected property

protected PolicyService,Neos\Flow\Security\Policy $policyService
return Neos\Flow\Security\Policy\PolicyService

$privilegeManager protected property

protected PrivilegeManagerInterface,Neos\Flow\Security\Authorization $privilegeManager
return Neos\Flow\Security\Authorization\PrivilegeManagerInterface

$publishingService protected property

protected PublishingService,Neos\Neos\Service $publishingService
return Neos\Neos\Service\PublishingService

$runtimeUserCache protected property

protected array $runtimeUserCache
return array

$securityContext protected property

protected Context,Neos\Flow\Security $securityContext
return Neos\Flow\Security\Context

$userRepository protected property

protected UserRepository,Neos\Neos\Domain\Repository $userRepository
return Neos\Neos\Domain\Repository\UserRepository

$workspaceRepository protected property

protected WorkspaceRepository,Neos\ContentRepository\Domain\Repository $workspaceRepository
return Neos\ContentRepository\Domain\Repository\WorkspaceRepository