CABPI-27::Implement Admin Users export from Adobe to Commerce - Import IMS User & role into Adobe commerce

rimple-saini · rimple-saini · commit ae0843ca836a · 2022-09-15T01:01:47.000+05:30
diff --git a/app/code/Magento/AdminAdobeIms/Api/SaveImsUserAndRoleInterface.php b/app/code/Magento/AdminAdobeIms/Api/SaveImsUserAndRoleInterface.php
@@ -0,0 +1,26 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminAdobeIms\Api;
+
+use Magento\Framework\Exception\CouldNotSaveException;
+
+/**
+ * Interface SaveImsUserAndRoleInterface
+ * Save Ims User & Role
+ */
+interface SaveImsUserAndRoleInterface
+{
+    /**
+     * Add Admin Adobe IMS User with Default Role i.e "Adobe Ims" & No Permissions
+     *
+     * @param array $profile
+     * @return void
+     * @throws CouldNotSaveException
+     */
+    public function save(array $profile): void;
+}
diff --git a/app/code/Magento/AdminAdobeIms/Model/Authorization/AdobeImsAdminTokenUserService.php b/app/code/Magento/AdminAdobeIms/Model/Authorization/AdobeImsAdminTokenUserService.php
@@ -18,6 +18,7 @@
 use Magento\AdobeImsApi\Api\OrganizationMembershipInterface;
 use Magento\Framework\App\RequestInterface;
 use Magento\Framework\Exception\AuthenticationException;
+use Magento\AdminAdobeIms\Api\SaveImsUserAndRoleInterface;
 
 /**
  * Adobe IMS Auth Model for getting Admin Token
@@ -63,6 +64,11 @@ class AdobeImsAdminTokenUserService
      */
     private RequestInterface $request;
 
+    /**
+     * @var SaveImsUserAndRoleInterface
+     */
+    private SaveImsUserAndRoleInterface $saveImsUserAndRole;
+
     /**
      * @param ImsConfig $adminImsConfig
      * @param OrganizationMembershipInterface $organizationMembership
@@ -71,6 +77,7 @@ class AdobeImsAdminTokenUserService
      * @param RequestInterface $request
      * @param GetTokenInterface $token
      * @param GetProfileInterface $profile
+     * @param SaveImsUserAndRoleInterface $saveImsUserAndRole
      */
     public function __construct(
         ImsConfig $adminImsConfig,
@@ -79,7 +86,8 @@ public function __construct(
         AdminReauthProcessService $adminReauthProcessService,
         RequestInterface $request,
         GetTokenInterface $token,
-        GetProfileInterface $profile
+        GetProfileInterface $profile,
+        SaveImsUserAndRoleInterface $saveImsUserAndRole
     ) {
         $this->adminImsConfig = $adminImsConfig;
         $this->organizationMembership = $organizationMembership;
@@ -88,6 +96,7 @@ public function __construct(
         $this->request = $request;
         $this->token = $token;
         $this->profile = $profile;
+        $this->saveImsUserAndRole = $saveImsUserAndRole;
     }
 
     /**
@@ -122,6 +131,7 @@ public function processLoginRequest(bool $isReauthorize = false): void
                 if ($isReauthorize) {
                     $this->adminReauthProcessService->execute($tokenResponse);
                 } else {
+                    $this->saveImsUserAndRole->save($profile);
                     $this->adminLoginProcessService->execute($tokenResponse, $profile);
                 }
             } catch (AdobeImsAuthorizationException $e) {
diff --git a/app/code/Magento/AdminAdobeIms/Model/SaveImsUserAndRole.php b/app/code/Magento/AdminAdobeIms/Model/SaveImsUserAndRole.php
@@ -0,0 +1,138 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\AdminAdobeIms\Model;
+
+use Magento\AdminAdobeIms\Api\SaveImsUserAndRoleInterface;
+use Magento\User\Model\User;
+use Magento\User\Model\ResourceModel\User\CollectionFactory as UserCollectionFactory;
+use Magento\Authorization\Model\ResourceModel\Role\CollectionFactory as RoleCollectionFactory;
+use Magento\Authorization\Model\Acl\Role\User as UserRoleType;
+use Magento\AdminAdobeIms\Logger\AdminAdobeImsLogger;
+use Exception;
+use Magento\Framework\Exception\CouldNotSaveException;
+
+/**
+ * Class SaveImsUserAndRole
+ * Save Adobe IMS User with Default Role i.e "Adobe Ims" & No Permissions
+ */
+class SaveImsUserAndRole implements SaveImsUserAndRoleInterface
+{
+    private const ADMIN_IMS_ROLE = 'Adobe Ims';
+
+    /**
+     * @var User
+     */
+    private User $user;
+
+    /**
+     * @var UserCollectionFactory
+     */
+    private UserCollectionFactory $userCollectionFactory;
+
+    /**
+     * @var RoleCollectionFactory
+     */
+    private RoleCollectionFactory $roleCollectionFactory;
+
+    /**
+     * @var AdminAdobeImsLogger
+     */
+    private AdminAdobeImsLogger $logger;
+
+    /**
+     * SaveImsUserAndRole constructor.
+     * @param User $user
+     * @param UserCollectionFactory $userCollectionFactory
+     * @param RoleCollectionFactory $roleCollectionFactory
+     * @param AdminAdobeImsLogger $logger
+     */
+    public function __construct(
+        User $user,
+        UserCollectionFactory $userCollectionFactory,
+        RoleCollectionFactory $roleCollectionFactory,
+        AdminAdobeImsLogger $logger
+    ) {
+        $this->user = $user;
+        $this->userCollectionFactory = $userCollectionFactory;
+        $this->roleCollectionFactory = $roleCollectionFactory;
+        $this->logger = $logger;
+    }
+
+    /**
+     * @inheritdoc
+     */
+    public function save(array $profile): void
+    {
+        $username = strtolower(strstr($profile['email'], '@', true));
+        $userCollection = $this->userCollectionFactory->create()
+            ->addFieldToFilter('email', ['eq' => $profile['email']])
+            ->addFieldToFilter('username', ['eq' => $username]);
+
+        if (!$userCollection->getSize()) {
+            $roleId = $this->getImsDefaultRole();
+            if ($roleId > 0) {
+                try {
+                    $this->user->setFirstname($profile['first_name'])
+                        ->setLastname($profile['last_name'])
+                        ->setUsername($username)
+                        ->setPassword($this->generateRandomPassword())
+                        ->setEmail($profile['email'])
+                        ->setRoleType(UserRoleType::ROLE_TYPE)
+                        ->setPrivileges("")
+                        ->setAssertId(0)
+                        ->setRoleId((int)$roleId)
+                        ->setPermission('allow')
+                        ->save();
+                    unset($this->user);
+                } catch (Exception $e) {
+                    $this->logger->critical($e->getMessage());
+                    throw new CouldNotSaveException(__('Could not save ims user.'));
+                }
+            }
+        }
+        $userCollection->clear();
+    }
+
+    /**
+     * Fetch Default Role "Adobe Ims"
+     *
+     * @return int
+     */
+    private function getImsDefaultRole(): int
+    {
+        $roleId = 0;
+        $roleCollection = $this->roleCollectionFactory->create()
+            ->addFieldToFilter('role_name', ['eq' => self::ADMIN_IMS_ROLE])
+            ->addFieldToSelect('role_id');
+
+        if ($roleCollection->getSize() > 0) {
+            $objRole = $roleCollection->fetchItem();
+            $roleId = (int) $objRole->getId();
+        }
+        $roleCollection->clear();
+
+        return $roleId;
+    }
+
+    /**
+     * Generate random password string
+     *
+     * @return string
+     */
+    private function generateRandomPassword(): string
+    {
+        $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_-.';
+        $pass = [];
+        $alphaLength = strlen($characters) - 1;
+        for ($i = 0; $i < 100; $i++) {
+            $n = random_int(0, $alphaLength);
+            $pass[] = $characters[$n];
+        }
+        return implode($pass);
+    }
+}
diff --git a/app/code/Magento/AdminAdobeIms/Test/Unit/Model/Authorization/AdobeImsAdminTokenUserServiceTest.php b/app/code/Magento/AdminAdobeIms/Test/Unit/Model/Authorization/AdobeImsAdminTokenUserServiceTest.php
@@ -19,6 +19,8 @@
 use Magento\Framework\Exception\AuthenticationException;
 use Magento\Framework\TestFramework\Unit\Helper\ObjectManager;
 use PHPUnit\Framework\TestCase;
+use Magento\AdminAdobeIms\Service\AdminReauthProcessService;
+use Magento\AdminAdobeIms\Api\SaveImsUserAndRoleInterface;
 
 /**
  * Tests Magento\AdminAdobeIms\Model\Authorization\AdobeImsAdminTokenUserService
@@ -65,6 +67,16 @@ class AdobeImsAdminTokenUserServiceTest extends TestCase
      */
     private $requestInterfaceMock;
 
+    /**
+     * @var AdminReauthProcessService
+     */
+    private $adminReauthProcessService;
+
+    /**
+     * @var SaveImsUserAndRoleInterface
+     */
+    private $saveImsUserAndRole;
+
     protected function setUp(): void
     {
         $this->objectManager = new ObjectManager($this);
@@ -75,6 +87,8 @@ protected function setUp(): void
         $this->organizationMembership = $this->createMock(OrganizationMembershipInterface::class);
         $this->adminLoginProcessService = $this->createMock(AdminLoginProcessService::class);
         $this->requestInterfaceMock = $this->createMock(RequestInterface::class);
+        $this->adminReauthProcessService = $this->createMock(AdminReauthProcessService::class);
+        $this->saveImsUserAndRole = $this->createMock(SaveImsUserAndRoleInterface::class);
 
         $this->adminImsConfigMock->expects($this->any())
             ->method('enabled')
@@ -86,9 +100,11 @@ protected function setUp(): void
                 'adminImsConfig' => $this->adminImsConfigMock,
                 'organizationMembership' => $this->organizationMembership,
                 'adminLoginProcessService' => $this->adminLoginProcessService,
+                'adminReauthProcessService' => $this->adminReauthProcessService,
                 'request' => $this->requestInterfaceMock,
                 'token' => $this->token,
-                'profile' => $this->profile
+                'profile' => $this->profile,
+                'saveImsUserAndRole' => $this->saveImsUserAndRole
             ]
         );
     }
@@ -128,6 +144,14 @@ public function testProcessLoginRequest(string $code, array $responseData)
             ->method('checkOrganizationMembership')
             ->with($responseData['access_token']);
 
+        $this->saveImsUserAndRole->expects($this->once())
+            ->method('save')
+            ->with($responseData);
+
+        $this->adminLoginProcessService->expects($this->once())
+            ->method('execute')
+            ->with($tokenResponse, $responseData);
+
         $this->adobeImsAdminTokenUserService->processLoginRequest();
     }
 
@@ -256,7 +280,9 @@ public function responseDataProvider(): array
                         'email' => 'user@test.com',
                         'access_token' => 'kladjflakdjf3423rfzddsf',
                         'refresh_token' => 'kladjflakdjf3423rfzddsf',
-                        'expires_in' => 1642259230998
+                        'expires_in' => 1642259230998,
+                        'first_name' => 'Test',
+                        'last_name' => 'User'
                     ]
                 ]
             ];
diff --git a/app/code/Magento/AdminAdobeIms/etc/di.xml b/app/code/Magento/AdminAdobeIms/etc/di.xml
@@ -11,6 +11,7 @@
     <preference for="Magento\AdminAdobeIms\Api\Data\ImsWebapiInterface" type="Magento\AdminAdobeIms\Model\ImsWebapi"/>
     <preference for="Magento\AdobeImsApi\Api\GetAccessTokenInterface" type="Magento\AdminAdobeIms\Model\GetAccessTokenProxy"/>
     <preference for="Magento\AdobeImsApi\Api\UserAuthorizedInterface" type="Magento\AdminAdobeIms\Model\UserAuthorizedProxy"/>
+    <preference for="Magento\AdminAdobeIms\Api\SaveImsUserAndRoleInterface" type="Magento\AdminAdobeIms\Model\SaveImsUserAndRole"/>
 
     <type name="Magento\Framework\Console\CommandListInterface">
         <arguments>
diff --git a/dev/tests/integration/testsuite/Magento/AdminAdobeIms/Model/SaveImsUserAndRoleTest.php b/dev/tests/integration/testsuite/Magento/AdminAdobeIms/Model/SaveImsUserAndRoleTest.php
