[#25649] - [4.0] Add user management to CLI
- Fixed in Code Base
- 27 Jul 2019
- Medium
- Build: 4.0-dev
- # 25649
- Diff
- f-hamel:cli/usermanagement
- Pending Hound Hound is busy sniffing around... Details
User tests: Successful: Unsuccessful:
Summary of Changes
Hello everyone,
This is my first PR (reopened for #20095)here and I want to add something what could help a lot of people.
I'm working as a technical consultant for a German hosting provider.
Often customers contact me because they forget there backend credentials and they are not
able to handle this issue on a easy way.
So I thought if we have already a CLI in Joomla 4, why don't get the possibility to add an new admin user(Suprer User) or change the password of an existing admin.
For this I add commands to CLI to create an admin user or change his password.
I tried to do everything correct like described in https://developer.joomla.org/coding-standards.html
and https://developer.joomla.org/news/586-joomla-development-strategy.html.
As this is my first PR please be patient with me, if there is something wrong.
I really would like to get some feedback and hint how to contribute right.
Testing Instructions
After getting this CLI patch use:
Add user:
php joomla.php
Joomla! 4.0.0-alpha7-dev
Usage:
command [options] [arguments]
Options:
-h, --help Display the help information
-q, --quiet Flag indicating that all output should be silenced
--ansi Force ANSI output
--no-ansi Disable ANSI output
-n, --no-interaction Flag to disable interacting with the user
-v|vv|vvv, --verbose Increase the verbosity of messages: 1 for normal output, 2 for more verbose output and 3 for debug
Available commands:
help Show the help for a command
list List the application's available commands
cache
cache:clean Cleans expired cache entries
session
session:gc Performs session garbage collection
session:metadata:gc Performs session metadata garbage collection
update
update:extensions:check Checks for pending extension updates
update:joomla:remove-old-files Removes old system files
user
user:add Adds an user
user:addtogroup Add an user to group
user:delete Delete an user
user:list List all users
user:removefromgroup Remove an user from group
user:reset-password Changes a users passwordTry the user:commands. Use -hflag to get information about parameter
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Libraries |
| Title |
|
||||||
| Labels |
Added:
?
|
||
Is it possible to do the validation at each step so that you dont have to go right back to the beginning and start again
Is it possible to do the validation at each step so that you dont have to go right back to the beginning and start again
addtogroup
If I undertand this correctly then after I have entered the user I should get a list of groups. I dont
When you have a user who is in multiple groups and the try user:addtogroup or user:removefromgroup you get a mysql error
When you have a user who is in multiple groups and the try user:addtogroup or user:removefromgroup you get a mysql error
@HLeithner this seems to be a problem in the database frame work. This works the last weeks without any problem. Is this maybe caused by one of these change:
joomla-framework/database#163
joomla-framework/database#164
joomla-framework/database#171
Since one of them whereIn and whereNotIn are not working anymore.
Can you show me the database query and the function call?
Can you show me the database query and the function call?
joomla-cms/libraries/src/Console/AddUserToGroupCommand.php
Lines 168 to 176 in 58b4f6d
joomla-cms/libraries/src/Console/RemoveUserFromGroupCommand.php
Lines 178 to 184 in 58b4f6d
looking quickly ... you must be sure that $user->groups is an array
looking quickly ... you must be sure that
$user->groupsis an array
Tanks for your help. Yes that's right, and I am aware of that. $user is a Joomla user-object, which is given to function "getGroups". So $user->groups is an array with all group ids of the user:
joomla-cms/libraries/src/Console/RemoveUserFromGroupCommand.php
Lines 90 to 101 in 58b4f6d
So this should be correct. And this was working all the time. Or maybe I miss something.
can you do a quick test assigning to a variable $usergroups =$user->groups; and then ->whereIn($db->quoteName('id'),$usergroup);
@HLeithner and @alikon thanks for your help.
Found the problem. $user->groups is now returning an "unsorted"(?) array:
php joomla.php user:addtogroup --username fhamel
Add user to group
=================
array(1) {
[8]=>
string(1) "8"
}array_values() will fix this.
@brianteeman thanks for your language suggestions. I fixed them.
Checking each step before completing all of them is not so easy, because we are getting the error message from the $user->save call. But I'll look in to it. May we can trigger the specific validation check, before trigger $user->save
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
@SniperSister Is that ok from the security point of view, adding users or changing passwords via CLI? I think it should be ok, but wanted to ask an expert ;-)
If someone already has CLI access then they can do what they want anyway
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
| Status | Pending | ⇒ | Ready to Commit |
Status "Ready To Commit".
Is that ok from the security point of view, adding users or changing passwords via CLI? I think it should be ok, but wanted to ask an expert ;-)
@richard67 that's perfectly fine. If you have CLI access, you have access to the configuration.php = full access anyway
| Labels |
Added:
?
|
||
@f-hamel Is it ready for being tested?
@richard67 Of course. You can test this any time. ;-)
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
@twister65 and @richard67 thanks for testing.
@f-hamel Well, because your last commits haven't changed cody style only but also code, @twister65 's test is not valid anymore, so he should re-test or someone else should test to get the required 2nd test.
Ok. @twister65 could yo test again? And maybe approve your requested changes I mad?
Hi @f-hamel, thanks for this feature. I like this and think it is a good addition. However, I'm very unhappy with just using $user->groups. I see that the API currently is inadequate to retrieve this directly from there, but I would really prefer if we would either use \Joomla\CMS\Access\Access::getGroupsByUser($user->id, false) or extend User::getAuthorisedGroups() with a parameter to not get any indirect groups, instead of relying on that groups attribute. That has been unstable since Joomla 1.5 and I really would want that to be dropped rather sooner than later...
And would you be able to create tests for this feature in the Codeception API tests?
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
Hi @f-hamel, thanks for this feature. I like this and think it is a good addition. However, I'm very unhappy with just using
$user->groups. I see that the API currently is inadequate to retrieve this directly from there, but I would really prefer if we would either use\Joomla\CMS\Access\Access::getGroupsByUser($user->id, false)or extendUser::getAuthorisedGroups()with a parameter to not get any indirect groups, instead of relying on that groups attribute. That has been unstable since Joomla 1.5 and I really would want that to be dropped rather sooner than later...
I wil change this to Access::getGroupsByUser().
And would you be able to create tests for this feature in the Codeception API tests?
Sadly I don't know how to create such tests
Ok, looks good. Not sure if I can test later today, but if not then I will for sure tomorrow.
@alikon thanks for your feedback here.
Would you test this again. This becomes necessary because I change the code the way @Hackwar described. Hannes maybe you could also test this, and if it's got mark as successful.
@richard67 would be great if you could test this later.
And yes I looking forward to contributing more to Joomla. There still some ideas in mind.
Even more CLI features.
Right now adding tests is not mandatory for a PR, but as I said, it would be nice to support this with tests. If you are interested, I'd be happy to give you an introduction on how to create these tests. So far there is no objection from me to this PR. Unfortunately, I've only done a cursory code review and don't have the time to give this an indepth test, so I can't mark this as tested by me.
Oh, and welcome in the circle of Joomla devs. One of us, one of us, one of us...
Well I hope he will not ONLY do CLI stuff .. otherwise the CLI might be soon better than the backend ;-)
I have tested this item
Thanks god I had all these commands still in the command buffer of the shell ;-)
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
I have tested this item
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/25649.
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2019-07-27 13:29:03 |
| Closed_By | ⇒ | wilsonge |
Thanks!
@f-hamel Thanks for this PR
I have made a few minor english language corrections
Tomorrow I hope to have time to actually test the code. I suspect there may be some more english changes to the messages when I can see them on the screen.