Inicio Explorar Ayuda
Registro Iniciar sesión
chengwenliang
/
newsupernova
2
0
Fork 0
Archivos Incidencias 0 Pull Requests 0 Wiki
Árbol: c9405dd336
Ramas Etiquetas
newsupernova
/
vendor
/
magento
/
module-user
/
Observer
/
Backend
/
ForceAdminPasswordChangeObserver.php

ForceAdminPasswordChangeObserver.php 4.4 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * Copyright © Magento, Inc. All rights reserved.
    4. 

  4.  * See COPYING.txt for license details.
    5. 

  5.  */
    6. 

  6. 

  7. namespace Magento\User\Observer\Backend;
    8. 

  8. 

  9. use Magento\Framework\Event\Observer as EventObserver;
    10. 

  10. use Magento\Framework\Event\ObserverInterface;
    11. 

  11. 

  12. /**
    13. 

  13.  * User backend observer model for passwords
    14. 

  14.  */
    15. 

  15. class ForceAdminPasswordChangeObserver implements ObserverInterface
    16. 

  16. {
    17. 

  17.     /**
    18. 

  18.      * Backend configuration interface
    19. 

  19.      *
    20. 

  20.      * @var \Magento\User\Model\Backend\Config\ObserverConfig
    21. 

  21.      */
    22. 

  22.     protected $observerConfig;
    23. 

  23. 

  24.     /**
    25. 

  25.      * Authorization interface
    26. 

  26.      *
    27. 

  27.      * @var \Magento\Framework\AuthorizationInterface
    28. 

  28.      */
    29. 

  29.     protected $authorization;
    30. 

  30. 

  31.     /**
    32. 

  32.      * Backend url interface
    33. 

  33.      *
    34. 

  34.      * @var \Magento\Backend\Model\UrlInterface
    35. 

  35.      */
    36. 

  36.     protected $url;
    37. 

  37. 

  38.     /**
    39. 

  39.      * Backend session
    40. 

  40.      *
    41. 

  41.      * @var \Magento\Backend\Model\Session
    42. 

  42.      */
    43. 

  43.     protected $session;
    44. 

  44. 

  45.     /**
    46. 

  46.      * Backend authorization session
    47. 

  47.      *
    48. 

  48.      * @var \Magento\Backend\Model\Auth\Session
    49. 

  49.      */
    50. 

  50.     protected $authSession;
    51. 

  51. 

  52.     /**
    53. 

  53.      * Action flag
    54. 

  54.      *
    55. 

  55.      * @var \Magento\Framework\App\ActionFlag
    56. 

  56.      */
    57. 

  57.     protected $actionFlag;
    58. 

  58. 

  59.     /**
    60. 

  60.      * Message manager interface
    61. 

  61.      *
    62. 

  62.      * @var \Magento\Framework\Message\ManagerInterface
    63. 

  63.      */
    64. 

  64.     protected $messageManager;
    65. 

  65. 

  66.     /**
    67. 

  67.      * @param \Magento\Framework\AuthorizationInterface $authorization
    68. 

  68.      * @param \Magento\User\Model\Backend\Config\ObserverConfig $observerConfig
    69. 

  69.      * @param \Magento\Backend\Model\UrlInterface $url
    70. 

  70.      * @param \Magento\Backend\Model\Session $session
    71. 

  71.      * @param \Magento\Backend\Model\Auth\Session $authSession
    72. 

  72.      * @param \Magento\Framework\App\ActionFlag $actionFlag
    73. 

  73.      * @param \Magento\Framework\Message\ManagerInterface $messageManager
    74. 

  74.      */
    75. 

  75.     public function __construct(
    76. 

  76.         \Magento\Framework\AuthorizationInterface $authorization,
    77. 

  77.         \Magento\User\Model\Backend\Config\ObserverConfig $observerConfig,
    78. 

  78.         \Magento\Backend\Model\UrlInterface $url,
    79. 

  79.         \Magento\Backend\Model\Session $session,
    80. 

  80.         \Magento\Backend\Model\Auth\Session $authSession,
    81. 

  81.         \Magento\Framework\App\ActionFlag $actionFlag,
    82. 

  82.         \Magento\Framework\Message\ManagerInterface $messageManager
    83. 

  83.     ) {
    84. 

  84.         $this->authorization = $authorization;
    85. 

  85.         $this->observerConfig = $observerConfig;
    86. 

  86.         $this->url = $url;
    87. 

  87.         $this->session = $session;
    88. 

  88.         $this->authSession = $authSession;
    89. 

  89.         $this->actionFlag = $actionFlag;
    90. 

  90.         $this->messageManager = $messageManager;
    91. 

  91.     }
    92. 

  92. 

  93.     /**
    94. 

  94.      * Force admin to change password
    95. 

  95.      *
    96. 

  96.      * @param EventObserver $observer
    97. 

  97.      * @return void
    98. 

  98.      */
    99. 

  99.     public function execute(EventObserver $observer)
    100. 

  100.     {
    101. 

  101.         if (!$this->observerConfig->isPasswordChangeForced()) {
    102. 

  102.             return;
    103. 

  103.         }
    104. 

  104.         if (!$this->authSession->isLoggedIn()) {
    105. 

  105.             return;
    106. 

  106.         }
    107. 

  107.         $actionList = [
    108. 

  108.             'adminhtml_system_account_index',
    109. 

  109.             'adminhtml_system_account_save',
    110. 

  110.             'adminhtml_auth_logout',
    111. 

  111.             'mui_index_render'
    112. 

  112.         ];
    113. 

  113.         /** @var \Magento\Framework\App\Action\Action $controller */
    114. 

  114.         $controller = $observer->getEvent()->getControllerAction();
    115. 

  115.         /** @var \Magento\Framework\App\RequestInterface $request */
    116. 

  116.         $request = $observer->getEvent()->getRequest();
    117. 

  117. 

  118.         if ($this->authSession->getPciAdminUserIsPasswordExpired()) {
    119. 

  119.             if (!in_array($request->getFullActionName(), $actionList)) {
    120. 

  120.                 if ($this->authorization->isAllowed('Magento_Backend::myaccount')) {
    121. 

  121.                     $controller->getResponse()->setRedirect($this->url->getUrl('adminhtml/system_account/'));
    122. 

  122.                     $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_DISPATCH, true);
    123. 

  123.                     $this->actionFlag->set('', \Magento\Framework\App\Action\Action::FLAG_NO_POST_DISPATCH, true);
    124. 

  124.                 } else {
    125. 

  125.                     /*
    126. 

  126.                      * if admin password is expired and access to 'My Account' page is denied
    127. 

  127.                      * than we need to do force logout with error message
    128. 

  128.                      */
    129. 

  129.                     $this->authSession->clearStorage();
    130. 

  130.                     $this->session->clearStorage();
    131. 

  131.                     $this->messageManager->addErrorMessage(
    132. 

  132.                         __('Your password has expired; please contact your administrator.')
    133. 

  133.                     );
    134. 

  134.                     $controller->getRequest()->setDispatched(false);
    135. 

  135.                 }
    136. 

  136.             }
    137. 

  137.         }
    138. 

  138.     }
    139. 

  139. }
    140.