Search users by external logins

app/V1Module/presenters/RegistrationPresenter.php

@@ -18,11 +18,9 @@
 use App\Model\Entity\Instance;
 use App\Model\Repository\Groups;
 use App\Model\Repository\Logins;
-use App\Model\Repository\ExternalLogins;
 use App\Model\Repository\Instances;
 use App\Model\View\UserViewFactory;
 use App\Security\AccessManager;
-use App\Helpers\ExternalLogin\ExternalServiceAuthenticator;
 use App\Helpers\EmailVerificationHelper;
 use App\Helpers\RegistrationConfig;
 use App\Helpers\InvitationHelper;
@@ -47,12 +45,6 @@ class RegistrationPresenter extends BasePresenter
      */
     public $logins;
 
-    /**
-     * @var ExternalLogins
-     * @inject
-     */
-    public $externalLogins;
-
     /**
      * @var AccessManager
      * @inject
@@ -71,12 +63,6 @@ class RegistrationPresenter extends BasePresenter
      */
     public $groups;
 
-    /**
-     * @var ExternalServiceAuthenticator
-     * @inject
-     */
-    public $externalServiceAuthenticator;
-
     /**
      * @var EmailVerificationHelper
      * @inject

app/V1Module/presenters/UsersPresenter.php

@@ -214,6 +214,29 @@ public function actionDetail(string $id)
         $this->sendSuccessResponse($this->userViewFactory->getUser($user));
     }
 
+    public function checkFindByExternalLogin(string $service, string $externalId)
+    {
+        $user = $this->externalLogins->getUser($service, $externalId);
+        if (!$user) {
+            throw new NotFoundException("User with given external login not found.");
+        }
+        if (!$this->userAcl->canViewPublicData($user)) {
+            throw new ForbiddenRequestException();
+        }
+    }
+
+    /**
+     * Get details of a user identified via external login.
+     * @GET
+     */
+    #[Path("service", new VString(1), "External authentication service name", required: true)]
+    #[Path("externalId", new VString(1), "External user identifier", required: true)]
+    public function actionFindByExternalLogin(string $service, string $externalId)
+    {
+        $user = $this->externalLogins->getUser($service, $externalId);
+        $this->sendSuccessResponse($user ? $this->userViewFactory->getUser($user) : null);
+    }
+
     public function checkDelete(string $id)
     {
         $user = $this->users->findOrThrow($id);
@@ -351,20 +374,20 @@ private function changeUserEmail(User $user, ?string $email)
      * Change first name and last name and check if user can change them.
      * @param User $user
      * @param null|string $titlesBefore
-     * @param null|string $firstname
-     * @param null|string $lastname
+     * @param null|string $firstName
+     * @param null|string $lastName
      * @param null|string $titlesAfter
      * @throws ForbiddenRequestException
      */
     private function changePersonalData(
         User $user,
         ?string $titlesBefore,
-        ?string $firstname,
-        ?string $lastname,
+        ?string $firstName,
+        ?string $lastName,
         ?string $titlesAfter
     ) {
         if (
-            ($titlesBefore !== null || $firstname !== null || $lastname !== null || $titlesAfter !== null) &&
+            ($titlesBefore !== null || $firstName !== null || $lastName !== null || $titlesAfter !== null) &&
             !$this->userAcl->canUpdatePersonalData($user)
         ) {
             throw new ForbiddenRequestException("You cannot update personal data");
@@ -374,12 +397,12 @@ private function changePersonalData(
             $user->setTitlesBeforeName(trim($titlesBefore));
         }
 
-        if ($firstname && trim($firstname)) {
-            $user->setFirstName(trim($firstname));
+        if ($firstName && trim($firstName)) {
+            $user->setFirstName(trim($firstName));
         }
 
-        if ($lastname && trim($lastname)) {
-            $user->setLastName(trim($lastname));
+        if ($lastName && trim($lastName)) {
+            $user->setLastName(trim($lastName));
         }
 
         if ($titlesAfter !== null) {

app/V1Module/router/RouterFactory.php

@@ -506,6 +506,7 @@ private static function createUsersRoutes(string $prefix): RouteList
         $router[] = new PostRoute("$prefix/accept-invitation", "Registration:acceptInvitation");
 
         $router[] = new GetRoute("$prefix/<id>", "Users:detail");
+        $router[] = new GetRoute("$prefix/external-login/<service>/<externalId>", "Users:findByExternalLogin");
         $router[] = new PostRoute("$prefix/<id>/invalidate-tokens", "Users:invalidateTokens");
         $router[] = new DeleteRoute("$prefix/<id>", "Users:delete");
         $router[] = new GetRoute("$prefix/<id>/groups", "Users:groups");

docs/swagger.yaml

@@ -5548,6 +5548,33 @@ paths:
       responses:
         '200':
           description: 'Placeholder response'
+  '/v1/users/external-login/{service}/{externalId}':
+    get:
+      summary: 'Get details of a user identified via external login.'
+      description: 'Get details of a user identified via external login.'
+      operationId: usersPresenterActionFindByExternalLogin
+      parameters:
+        -
+          name: service
+          in: path
+          description: 'External authentication service name'
+          required: true
+          schema:
+            type: string
+            minLength: 1
+            nullable: false
+        -
+          name: externalId
+          in: path
+          description: 'External user identifier'
+          required: true
+          schema:
+            type: string
+            minLength: 1
+            nullable: false
+      responses:
+        '200':
+          description: 'Placeholder response'
   '/v1/users/{id}/invalidate-tokens':
     post:
       summary: 'Invalidate all existing tokens issued for given user'

fixtures/demo/20-groups.neon

@@ -155,6 +155,13 @@ App\Model\Entity\Login:
                 - 'demoGroupMember<current()>\@example.com'
                 - "password"
 
+App\Model\Entity\ExternalLogin:
+    demoGroupMemberExternalLogin:
+        __construct:
+            - @demoGroupMember1
+            - 'ext-service'
+            - 'external-login1'
+
 App\Model\Entity\GroupInvitation:
     validInviation:
         __construct:

tests/Presenters/UsersPresenter.phpt

@@ -5,7 +5,6 @@ $container = require_once __DIR__ . "/../bootstrap.php";
 use App\Exceptions\ForbiddenRequestException;
 use App\Helpers\EmailVerificationHelper;
 use App\Helpers\AnonymizationHelper;
-use App\Model\Entity\Exercise;
 use App\Model\Entity\Login;
 use App\Model\Entity\ExternalLogin;
 use App\Model\Entity\User;
@@ -225,6 +224,36 @@ class TestUsersPresenter extends Tester\TestCase
         Assert::same($user->getId(), $result["payload"]["id"]);
     }
 
+    public function testFindByExternalLogin()
+    {
+        PresenterTestHelper::loginDefaultAdmin($this->container);
+        $extLogins = $this->presenter->externalLogins->findAll();
+        Assert::count(1, $extLogins);
+        $el = $extLogins[0];
+
+        $payload = PresenterTestHelper::performPresenterRequest(
+            $this->presenter,
+            $this->presenterPath,
+            'GET',
+            ['action' => 'findByExternalLogin', 'service' => $el->getAuthService(), 'externalId' => $el->getExternalId()]
+        );
+
+        Assert::same($el->getUser()->getId(), $payload["id"]);
+    }
+
+    public function testFindByExternalLoginEmptyResult()
+    {
+        PresenterTestHelper::loginDefaultAdmin($this->container);
+        Assert::exception(function () {
+            PresenterTestHelper::performPresenterRequest(
+                $this->presenter,
+                $this->presenterPath,
+                'GET',
+                ['action' => 'findByExternalLogin', 'service' => 'ext-service', 'externalId' => 'blabla']
+            );
+        }, App\Exceptions\NotFoundException::class);
+    }
+
     public function testUpdateProfileWithoutEmailAndPassword()
     {
         PresenterTestHelper::loginDefaultAdmin($this->container);
@@ -857,7 +886,7 @@ class TestUsersPresenter extends Tester\TestCase
         Assert::true($payload['privateData']['isExternal']);
         Assert::equal(['test-cas' => 'abc'], $payload['privateData']['externalIds']);
 
-        $els = $this->presenter->externalLogins->findAll();
+        $els = $this->presenter->externalLogins->findBy(['authService' => 'test-cas']);
         Assert::count(1, $els);
         Assert::equal($user->getId(), $els[0]->getUser()->getId());
         Assert::equal('abc', $els[0]->getExternalId());
@@ -890,7 +919,7 @@ class TestUsersPresenter extends Tester\TestCase
         Assert::true($payload['privateData']['isExternal']);
         Assert::equal(['test-cas' => 'abc'], $payload['privateData']['externalIds']);
 
-        $els = $this->presenter->externalLogins->findAll();
+        $els = $this->presenter->externalLogins->findBy(['authService' => 'test-cas']);
         Assert::count(1, $els);
         Assert::equal($user->getId(), $els[0]->getUser()->getId());
         Assert::equal('abc', $els[0]->getExternalId());
@@ -922,7 +951,7 @@ class TestUsersPresenter extends Tester\TestCase
         Assert::false($payload['privateData']['isExternal']);
         Assert::equal([], $payload['privateData']['externalIds']);
 
-        $els = $this->presenter->externalLogins->findAll();
+        $els = $this->presenter->externalLogins->findBy(['authService' => 'test-cas']);
         Assert::count(0, $els);
 
         $this->users->refresh($user);