CakeDC · ajibarra · Apr 16, 2019 · Apr 17, 2019 · Apr 17, 2019 · Apr 23, 2019
diff --git a/config/bootstrap.php b/config/bootstrap.php
@@ -22,7 +22,9 @@
     Configure::load($file);
 });
 
-TableRegistry::getTableLocator()->setConfig('Users', ['className' => Configure::read('Users.table')]);
+if (!TableRegistry::getTableLocator()->exists('Users')) {
+    TableRegistry::getTableLocator()->setConfig('Users', ['className' => Configure::read('Users.table')]);
+}
 TableRegistry::getTableLocator()->setConfig('CakeDC/Users.Users', ['className' => Configure::read('Users.table')]);
 
 if (Configure::check('Users.auth')) {

diff --git a/src/Auth/Social/Mapper/AbstractMapper.php b/src/Auth/Social/Mapper/AbstractMapper.php
@@ -65,6 +65,7 @@ public function __construct($rawData, $mapFields = null)
         }
         $this->_mapFields = array_merge($this->_defaultMapFields, $this->_mapFields);
     }
+
     /**
      * Invoke method
      *

diff --git a/src/Controller/Component/UsersAuthComponent.php b/src/Controller/Component/UsersAuthComponent.php
@@ -19,8 +19,10 @@
 use Cake\Event\EventManager;
 use Cake\Http\ServerRequest;
 use Cake\Routing\Exception\MissingRouteException;
+use Cake\Routing\Exception\RedirectException;
 use Cake\Routing\Router;
 use Cake\Utility\Hash;
+use Zend\Diactoros\Uri;
 
 class UsersAuthComponent extends Component
 {
@@ -166,23 +168,31 @@ public function isUrlAuthorized(Event $event)
             return false;
         }
 
-        if (is_array($url)) {
-            $requestUrl = Router::normalize(Router::reverse($url));
-            $requestParams = Router::parseRequest(new ServerRequest($requestUrl));
-        } else {
-            try {
-                //remove base from $url if exists
-                $normalizedUrl = Router::normalize($url);
-                $requestParams = Router::parseRequest(new ServerRequest($normalizedUrl));
-            } catch (MissingRouteException $ex) {
-                //if it's a url pointing to our own app
-                if (substr($normalizedUrl, 0, 1) === '/') {
-                    throw $ex;
-                }
+        try {
+            if (is_array($url)) {
+                $requestUrl = Router::normalize(Router::reverse($url));
+                $requestParams = Router::parseRequest(new ServerRequest($requestUrl));
+            } else {
+                try {
+                    //remove base from $url if exists
+                    $normalizedUrl = Router::normalize($url);
+                    $requestParams = Router::parseRequest(new ServerRequest($normalizedUrl));
+                } catch (MissingRouteException $ex) {
+                    //if it's a url pointing to our own app
+                    if (substr($normalizedUrl, 0, 1) === '/') {
+                        throw $ex;
+                    }
 
-                return true;
+                    return true;
+                }
+                $requestUrl = $url;
             }
-            $requestUrl = $url;
+        } catch (RedirectException $e) {
+            $uri = new Uri($e->getMessage());
+            $requestParams = Router::parseRequest(
+                new ServerRequest(['uri' => $uri])
+            );
+            $requestUrl = $uri->getPath();
         }
         // check if controller action is allowed
         if ($this->_isActionAllowed($requestParams)) {
@@ -194,7 +204,6 @@ public function isUrlAuthorized(Event $event)
         if (empty($user)) {
             return false;
         }
-
         $request = new ServerRequest($requestUrl);
         $request = $request->withAttribute('params', $requestParams);
 

diff --git a/src/Controller/Traits/LoginTrait.php b/src/Controller/Traits/LoginTrait.php
@@ -22,8 +22,8 @@
 use Cake\Core\Exception\Exception;
 use Cake\Event\Event;
 use Cake\Http\Exception\NotFoundException;
+use Cake\Http\Response;
 use Cake\Utility\Hash;
-use League\OAuth1\Client\Server\Twitter;
 
 /**
  * Covers the login, logout and social login
@@ -197,7 +197,7 @@ public function login()
         }
 
         if (!$this->request->is('post') && !$socialLogin) {
-            if ($this->Auth->user()) {
+            if ($user = $this->Auth->user()) {
                 if (!$this->request->getSession()->read('Users.successSocialLogin')) {
                     $msg = __d('CakeDC/Users', 'You are already logged in');
                     $this->Flash->error($msg);
@@ -207,6 +207,13 @@ public function login()
                 }
                 $url = $this->Auth->redirectUrl();
 
+                if ($this->getRequest()->is('ajax')) {
+                    $this->set('user', $user);
+                    $this->set('_serialize', ['user']);
+
+                    return;
+                }
+
                 return $this->redirect($url);
             }
         }
@@ -375,11 +382,24 @@ protected function _afterIdentifyUser($user, $socialLogin = false, $googleAuthen
 
             $url = $this->Auth->redirectUrl();
 
+            if ($this->request->is('ajax')) {
+                $this->set('user', $user);
+                $this->set('_serialize', ['user']);
+
+                return;
+            }
+
             return $this->redirect($url);
         } else {
             if (!$socialLogin) {
                 $message = __d('CakeDC/Users', 'Username or password is incorrect');
                 $this->Flash->error($message, 'default', [], 'auth');
+                if ($this->request->is('ajax')) {
+                    $this->set('error', $message);
+                    $this->set('_serialize', ['error']);
+
+                    return;
+                }
             }
 
             return $this->redirect(Configure::read('Auth.loginAction'));
@@ -408,7 +428,9 @@ public function logout()
             return $this->redirect($eventAfter->result);
         }
 
-        return $this->redirect($this->Auth->logout());
+        $redirectUrl = $this->request->getQuery('redirect_url');
+
+        return $this->redirect($redirectUrl ?: $this->Auth->logout());
     }
 
     /**

diff --git a/src/Controller/Traits/PasswordManagementTrait.php b/src/Controller/Traits/PasswordManagementTrait.php
@@ -168,6 +168,9 @@ public function resetGoogleAuthenticator($id = null)
     {
         if ($this->request->is('post')) {
             try {
+                if (empty($id)) {
+                    throw new \Exception(__('Invalid user id'));
+                }
                 $query = $this->getUsersTable()->query();
                 $query->update()
                     ->set(['secret_verified' => false, 'secret' => null])
@@ -177,8 +180,7 @@ public function resetGoogleAuthenticator($id = null)
                 $message = __d('CakeDC/Users', 'Google Authenticator token was successfully reset');
                 $this->Flash->success($message, 'default');
             } catch (\Exception $e) {
-                $message = $e->getMessage();
-                $this->Flash->error($message, 'default');
+                $this->Flash->error(__('Could not reset the token'), 'default');
             }
         }
 

diff --git a/src/Controller/Traits/RegisterTrait.php b/src/Controller/Traits/RegisterTrait.php
@@ -34,11 +34,16 @@ trait RegisterTrait
      */
     public function register()
     {
+        if ($this->request->is('ajax')) {
+            $this->viewBuilder()->setLayout('ajax');
+        }
+
         if (!Configure::read('Users.Registration.active')) {
             throw new NotFoundException();
         }
 
         $userId = $this->Auth->user('id');
+
         if (!empty($userId) && !Configure::read('Users.Registration.allowLoggedIn')) {
             $this->Flash->error(__d('CakeDC/Users', 'You must log out to register a new user account'));
 
@@ -61,14 +66,20 @@ public function register()
             'options' => $options,
             'userEntity' => $user,
         ]);
+        $this->set(compact('user'));
+        $this->set('_serialize', ['user']);
 
         if ($event->result instanceof EntityInterface) {
             $data = $event->result->toArray();
             $data['password'] = $requestData['password']; //since password is a hidden property
             if ($userSaved = $usersTable->register($user, $data, $options)) {
+                $this->set(compact('user'));
+                $this->set('_serialize', ['user']);
+
                 return $this->_afterRegister($userSaved);
             } else {
-                $this->set(compact('user'));
+                $this->set('error', $user->getErrors());
+                $this->set('_serialize', ['error']);
                 $this->Flash->error(__d('CakeDC/Users', 'The user could not be saved'));
 
                 return;
@@ -93,6 +104,8 @@ public function register()
 
         $userSaved = $usersTable->register($user, $requestData, $options);
         if (!$userSaved) {
+            $this->set('error', $user->getErrors());
+            $this->set('_serialize', ['error']);
             $this->Flash->error(__d('CakeDC/Users', 'The user could not be saved'));
 
             return;
@@ -134,12 +147,19 @@ protected function _afterRegister(EntityInterface $userSaved)
         $event = $this->dispatchEvent(UsersAuthComponent::EVENT_AFTER_REGISTER, [
             'user' => $userSaved
         ]);
+
         if ($event->result instanceof Response) {
             return $event->result;
         }
-        $this->Flash->success($message);
 
-        return $this->redirect(['action' => 'login']);
+        if (!$this->request->is('ajax')) {
+            if (Configure::check('Users.Registration.successMessage')) {
+                $message = Configure::read('Users.Registration.successMessage');
+            }
+            $this->Flash->success($message);
+
+            return $this->redirect(['action' => 'login']);
+        }
     }
 
     /**

diff --git a/src/Controller/Traits/U2fTrait.php b/src/Controller/Traits/U2fTrait.php
@@ -37,6 +37,7 @@ public function redirectWithQuery($url)
 
         return $this->redirect($url);
     }
+
     /**
      * U2f entry point
      *

diff --git a/src/Model/Behavior/RegisterBehavior.php b/src/Model/Behavior/RegisterBehavior.php
@@ -53,10 +53,12 @@ public function register($user, $data, $options)
     {
         $validateEmail = Hash::get($options, 'validate_email');
         $tokenExpiration = Hash::get($options, 'token_expiration');
+        $associated = Configure::read('Users.Registration.associated') ? ['associated' => Configure::read('Users.Registration.associated')] : [];
+
         $user = $this->_table->patchEntity(
             $user,
             $data,
-            ['validate' => Hash::get($options, 'validator') ?: $this->getRegisterValidators($options)]
+            array_merge(['validate' => Hash::get($options, 'validator') ?: $this->getRegisterValidators($options)], $associated)
         );
         $user['role'] = Configure::read('Users.Registration.defaultRole') ?: 'user';
         $user->validated = false;

diff --git a/src/Template/Email/text/validation.ctp b/src/Template/Email/text/validation.ctp
@@ -15,6 +15,7 @@ $activationUrl = [
     'plugin' => 'CakeDC/Users',
     'controller' => 'Users',
     'action' => 'validateEmail',
+	'prefix' => false,
     isset($token) ? $token : ''
 ];
 ?>

diff --git a/src/View/Helper/UserHelper.php b/src/View/Helper/UserHelper.php
@@ -188,6 +188,7 @@ public function isAuthorized($url = null)
 
         return $this->AuthLink->isAuthorized($url);
     }
+
     /**
      * Create links for all social providers enabled social link (connect)
      *

diff --git a/tests/TestCase/Controller/Component/RememberMeComponentTest.php b/tests/TestCase/Controller/Component/RememberMeComponentTest.php
@@ -28,6 +28,7 @@ class RememberMeComponentTest extends TestCase
     public $fixtures = [
         'plugin.CakeDC/Users.Users'
     ];
+
     /**
      * setUp method
      *

diff --git a/tests/TestCase/Controller/Component/UsersAuthComponentTest.php b/tests/TestCase/Controller/Component/UsersAuthComponentTest.php
@@ -24,6 +24,7 @@
 use Cake\Network\Request;
 use Cake\ORM\Entity;
 use Cake\Routing\Exception\MissingRouteException;
+use Cake\Routing\RouteBuilder;
 use Cake\Routing\Router;
 use Cake\TestSuite\TestCase;
 use Cake\Utility\Security;
@@ -65,7 +66,7 @@ public function setUp()
         ]);
         Security::setSalt('YJfIxfs2guVoUubWDYhG93b0qyJfIxfs2guwvniR2G0FgaC9mi');
         Configure::write('App.namespace', 'Users');
-        $this->request = $this->getMockBuilder('Cake\Network\Request')
+        $this->request = $this->getMockBuilder('Cake\Http\ServerRequest')
             ->setMethods(['is', 'method'])
             ->getMock();
         $this->request->expects($this->any())->method('is')->will($this->returnValue(true));
@@ -262,6 +263,42 @@ public function testIsUrlAuthorizedUrlRelativeString()
         $this->assertTrue($result);
     }
 
+    /**
+     * test
+     *
+     * @return void
+     */
+    public function testIsUrlAuthorizedUrlWithRedirectRoute()
+    {
+        (new RouteBuilder(Router::getRouteCollection(), '/'))->redirect("/my-redirect-route", "/route");
+        $event = new Event('event');
+
+        $event->setData([
+            'url' => '/my-redirect-route',
+        ]);
+        $this->Controller->Auth = $this->getMockBuilder('Cake\Controller\Component\AuthComponent')
+            ->setMethods(['user', 'isAuthorized'])
+            ->disableOriginalConstructor()
+            ->getMock();
+        $this->Controller->Auth->expects($this->once())
+            ->method('user')
+            ->will($this->returnValue(['id' => 1]));
+        $this->Controller->Auth->expects($this->once())
+            ->method('isAuthorized')
+            ->with(null, $this->callback(function ($subject) {
+                return $subject->getAttribute('params') === [
+                        'pass' => [],
+                        'plugin' => 'CakeDC/Users',
+                        'controller' => 'Users',
+                        'action' => 'requestResetPassword',
+                        '_matchedRoute' => '/route/*',
+                    ];
+            }))
+            ->will($this->returnValue(true));
+        $result = $this->Controller->UsersAuth->isUrlAuthorized($event);
+        $this->assertTrue($result);
+    }
+
     /**
      * test
      *
@@ -480,6 +517,7 @@ public function testIsUrlAuthorizedBaseUrl()
         $result = $this->Controller->UsersAuth->isUrlAuthorized($event);
         $this->assertTrue($result);
     }
+
     /**
      * test The user is logged in and allowed by rules to access this action,
      * and we are checking another controller action not allowed