You are here

Home » API reference » Force Password Change 2.0.x » ForcePasswordChangeService.php

class ForcePasswordChangeService in Force Password Change 2.0.x

Same name and namespace in other branches
  1. 8 src/Service/ForcePasswordChangeService.php \Drupal\force_password_change\Service\ForcePasswordChangeService

Hierarchy

Expanded class hierarchy of ForcePasswordChangeService

2 files declare their use of ForcePasswordChangeService
ForcePasswordChangeController.php in src/Controller/ForcePasswordChangeController.php
ForcePasswordChangeServiceTest.php in tests/modules/force_password_change_service_test/src/Service/ForcePasswordChangeServiceTest.php
1 string reference to 'ForcePasswordChangeService'
force_password_change.services.yml in ./force_password_change.services.yml
force_password_change.services.yml

File

src/Service/ForcePasswordChangeService.php, line 15

Namespace

Drupal\force_password_change\Service
View source 
class ForcePasswordChangeService implements ForcePasswordChangeServiceInterface {

  /**
   * The force password change data mapper.
   *
   * @var \Drupal\force_password_change\Mapper\ForcePasswordChangeMapperInterface
   */
  protected $mapper;

  /**
   * The current user.
   *
   * @var \Drupal\Core\Session\AccountProxyInterface
   */
  protected $currentUser;

  /**
   * The config factory object.
   *
   * @var \Drupal\Core\Config\ConfigFactoryInterface
   */
  protected $configFactory;

  /**
   * The config factory object.
   *
   * @var \Drupal\user\UserDataInterface
   */
  protected $userData;

  /**
   * The time service.
   *
   * @var \Drupal\Component\Datetime\TimeInterface
   */
  protected $time;

  /**
   * Constructs a ForcePasswordChangeService object.
   *
   * @param \Drupal\force_password_change\Mapper\ForcePasswordChangeMapperInterface $mapper
   *   The force password change data mapper.
   * @param \Drupal\Core\Session\AccountProxyInterface $currentUser
   *   The current user.
   * @param \Drupal\Core\Config\ConfigFactoryInterface $configFactory
   *   The config factory.
   * @param \Drupal\user\UserDataInterface $userData
   *   The user data service.
   * @param \Drupal\Component\Datetime\TimeInterface $time
   *   The time service.
   */
  public function __construct(ForcePasswordChangeMapperInterface $mapper, AccountProxyInterface $currentUser, ConfigFactoryInterface $configFactory, UserDataInterface $userData, TimeInterface $time) {
    $this->mapper = $mapper;
    $this->currentUser = $currentUser;
    $this->configFactory = $configFactory;
    $this->userData = $userData;
    $this->time = $time;
  }

  /**
   * {@inheritdoc}
   */
  public function forceUsersPasswordChange($uids = []) {
    if (!count($uids)) {
      $uids = $this->mapper
        ->getActiveUserIds();
    }
    foreach ($uids as $uid) {
      $this
        ->forceUserPasswordChange($uid);
      $this
        ->registerForcePasswordTime($uid);
    }
  }

  /**
   * {@inheritdoc}
   */
  public function forceUserPasswordChange($uid) {
    $this->userData
      ->set('force_password_change', $uid, 'pending_force', 1);
  }

  /**
   * {@inheritdoc}
   */
  public function registerForcePasswordTime($uid) {
    $this->userData
      ->set('force_password_change', $uid, 'last_force', $this
      ->getRequestTime());
  }

  /**
   * {@inheritdoc}
   */
  public function checkForForce() {

    // Default is to not redirect.
    $redirect = FALSE;

    // If the user's account has been flagged for expiry,
    // a redirect is required.
    if ($this->userData
      ->get('force_password_change', $this->currentUser
      ->id(), 'pending_force')) {
      $redirect = 'admin_forced';
    }
    elseif ($this->configFactory
      ->get('force_password_change.settings')
      ->get('expire_password')) {

      // The user's account has not been flagged for password expiry.
      // Check to see if their password has expired according to
      // the rules of the module.
      // First thing is to check the time of their last password change,
      // and the time of their account creation.
      $last_change = $this->userData
        ->get('force_password_change', $this->currentUser
        ->id(), 'last_change');
      $created = $this->mapper
        ->getUserCreatedTime($this->currentUser
        ->id());

      // Get the time period after which their password should expire
      // according to the rules laid out in the module settings page. Only the
      // role with the highest priority is retrieved.
      $expiry = $this->mapper
        ->getExpiryTimeFromRoles($this->currentUser
        ->getRoles());

      // Test to see if their password has expired.
      if ($expiry && ($last_change && $this
        ->getRequestTime() - $expiry > $last_change) || !$last_change && $this
        ->getRequestTime() - $expiry > $created) {

        // Their password has expired, so their user account is flagged
        // and the expiration time period is returned, which will trigger
        // the redirect and be used to generate the message shown to the user.
        $this->userData
          ->set('force_password_change', $this->currentUser
          ->id(), 'pending_force', 1);
        $redirect = 'expired';
      }
    }
    return $redirect;
  }

  /**
   * {@inheritdoc}
   */
  public function getLastChangeForRole($rid) {
    return $this->mapper
      ->getLastChangeForRole($rid);
  }

  /**
   * {@inheritdoc}
   */
  public function updateLastChangeForRoles($rids) {
    $this->mapper
      ->updateLastChangeForRoles($rids);
  }

  /**
   * {@inheritdoc}
   */
  public function insertExpiryForRoles($values) {
    $this->mapper
      ->insertExpiryForRoles($values);
  }

  /**
   * {@inheritdoc}
   */
  public function updateExpiryForRole($rid, $time_period, $weight) {
    $this->mapper
      ->updateExpiryForRole($rid, $time_period, $weight);
  }

  /**
   * {@inheritdoc}
   */
  public function getUserCountForRole($rid) {
    $rid = $rid == 'authenticated' ? FALSE : $rid;
    return $this->mapper
      ->getUserCountForRole($rid);
  }

  /**
   * {@inheritdoc}
   */
  public function getPendingUsersForRole($rid, $countQuery = FALSE) {
    $rid = $rid == 'authenticated' ? FALSE : $rid;
    $uids = $this->mapper
      ->getPendingUserIds($rid);
    if ($countQuery) {
      return count($uids);
    }
    return $this
      ->userLoadMultiple($uids);
  }

  /**
   * {@inheritdoc}
   */
  public function getNonPendingUsersForRole($rid) {
    $rid = $rid == 'authenticated' ? FALSE : $rid;
    $uids = $this->mapper
      ->getNonPendingUserIds($rid);
    return $this
      ->userLoadMultiple($uids);
  }

  /**
   * {@inheritdoc}
   */
  public function getRoleExpiryTimePeriods() {
    return $this->mapper
      ->getRoleExpiryTimePeriods();
  }

  /**
   * {@inheritdoc}
   */
  public function getUsersForRole($rid, $uidOnly = TRUE) {
    $uids = $this->mapper
      ->getUserIdsForRole($rid);
    if ($uidOnly) {
      return $uids;
    }
    return $this
      ->userLoadMultiple($uids);
  }

  /**
   * {@inheritdoc}
   */
  public function setChangedTimeForUser($uid) {
    $this->userData
      ->set('force_password_change', $uid, 'last_change', $this
      ->getRequestTime());
  }

  /**
   * {@inheritdoc}
   */
  public function removePendingForce($uid) {
    $this->userData
      ->set('force_password_change', $uid, 'pending_force', 0);
  }

  /**
   * {@inheritdoc}
   */
  public function getTextDate($seconds) {
    $year = 60 * 60 * 24 * 365;
    if ($timestamp % $year === 0) {
      $time_period = $timestamp / $year;
      $time_period = $time_period > 1 ? $time_period . ' ' . t('years') : t('year');
    }
    else {
      $week = 60 * 60 * 24 * 7;
      if ($timestamp % $week === 0) {
        $time_period = $timestamp / $week;
        $time_period = $time_period > 1 ? $time_period . ' ' . t('weeks') : t('week');
      }
      else {
        $day = 60 * 60 * 24;
        if ($timestamp % $day === 0) {
          $time_period = $timestamp / $day;
          $time_period = $time_period > 1 ? $time_period . ' ' . t('days') : t('day');
        }
        else {
          $hour = 60 * 60;
          if ($timestamp % $hour === 0) {
            $time_period = $timestamp / $hour;
            $time_period = $time_period > 1 ? $time_period . ' ' . t('hours') : t('hour');
          }
        }
      }
    }
    return $time_period;
  }

  /**
   * {@inheritdoc}
   */
  public function addFirstTimeLogin($uid) {
    $this->mapper
      ->addFirstTimeLogin($uid);
  }

  /**
   * {@inheritdoc}
   */
  public function removeFirstTimeLogin($uid) {
    $this->mapper
      ->removeFirstTimeLogin($uid);
  }

  /**
   * {@inheritdoc}
   */
  public function getFirstTimeLoginUids() {
    return $this->mapper
      ->getFirstTimeLoginUids();
  }

  /**
   * Helper function to load mulitple user objects. Spun out into a
   * protected function to allow for overriding in Unit Tests.
   *
   * @param array $uids
   *   The User IDs of the users to load.
   *
   * @return array
   *   An array of fully loaded user objects.
   */
  protected function userLoadMultiple(array $uids) {
    return User::loadMultiple($uids);
  }

  /**
   * Retrieve the timestamp for the current request. Spun out into a
   * protected function to allow for overriding in Unit Tests.
   *
   * @return int
   *   A UNIX timestamp representing the time of the current request
   */
  protected function getRequestTime() {
    $request_time = $this->time
      ->getRequestTime();
    return $request_time;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
ForcePasswordChangeService::$configFactory protected property The config factory object.
ForcePasswordChangeService::$currentUser protected property The current user.
ForcePasswordChangeService::$mapper protected property The force password change data mapper.
ForcePasswordChangeService::$time protected property The time service.
ForcePasswordChangeService::$userData protected property The config factory object.
ForcePasswordChangeService::addFirstTimeLogin public function Mark a user as having been forced to change their password on their first login. Overrides ForcePasswordChangeServiceInterface::addFirstTimeLogin
ForcePasswordChangeService::checkForForce public function Check to see if the current user has a pending forced password change. Overrides ForcePasswordChangeServiceInterface::checkForForce
ForcePasswordChangeService::forceUserPasswordChange public function Force a password change for a given user. Overrides ForcePasswordChangeServiceInterface::forceUserPasswordChange
ForcePasswordChangeService::forceUsersPasswordChange public function Force a password change for the given users. Overrides ForcePasswordChangeServiceInterface::forceUsersPasswordChange
ForcePasswordChangeService::getFirstTimeLoginUids public function Retrieve a list of users who have a pending forced password change on their first login. Overrides ForcePasswordChangeServiceInterface::getFirstTimeLoginUids
ForcePasswordChangeService::getLastChangeForRole public function Get the last time at which a role was forced to change passwords for all users. Overrides ForcePasswordChangeServiceInterface::getLastChangeForRole
ForcePasswordChangeService::getNonPendingUsersForRole public function Retrieve the user accounts of users in the role who do not have a pending forced password change. Overrides ForcePasswordChangeServiceInterface::getNonPendingUsersForRole
ForcePasswordChangeService::getPendingUsersForRole public function Retrieve the users with a pending forced password change in a given role. Overrides ForcePasswordChangeServiceInterface::getPendingUsersForRole
ForcePasswordChangeService::getRequestTime protected function Retrieve the timestamp for the current request. Spun out into a protected function to allow for overriding in Unit Tests.
ForcePasswordChangeService::getRoleExpiryTimePeriods public function Get the time periods after which each role will expire. Overrides ForcePasswordChangeServiceInterface::getRoleExpiryTimePeriods
ForcePasswordChangeService::getTextDate public function Converts a number of seconds to a human-friendly time period. Overrides ForcePasswordChangeServiceInterface::getTextDate
ForcePasswordChangeService::getUserCountForRole public function Get the number of users in the given role. Overrides ForcePasswordChangeServiceInterface::getUserCountForRole
ForcePasswordChangeService::getUsersForRole public function Retrieve the users in a given role. Overrides ForcePasswordChangeServiceInterface::getUsersForRole
ForcePasswordChangeService::insertExpiryForRoles public function Insert the time period after which passwords should expire, for the given roles. Overrides ForcePasswordChangeServiceInterface::insertExpiryForRoles
ForcePasswordChangeService::registerForcePasswordTime public function Register the time at which a user has been forced to change their password. Overrides ForcePasswordChangeServiceInterface::registerForcePasswordTime
ForcePasswordChangeService::removeFirstTimeLogin public function Remove the mark for a user who was forced to change their password on their first login. Overrides ForcePasswordChangeServiceInterface::removeFirstTimeLogin
ForcePasswordChangeService::removePendingForce public function Remove a pending force for a given user. Overrides ForcePasswordChangeServiceInterface::removePendingForce
ForcePasswordChangeService::setChangedTimeForUser public function Set the last time a user's password was changed to the current timestamp. Overrides ForcePasswordChangeServiceInterface::setChangedTimeForUser
ForcePasswordChangeService::updateExpiryForRole public function Update the time period expiration data for a given role. Overrides ForcePasswordChangeServiceInterface::updateExpiryForRole
ForcePasswordChangeService::updateLastChangeForRoles public function Update the time at which all users in the given roles have been forced to change their passwords. Overrides ForcePasswordChangeServiceInterface::updateLastChangeForRoles
ForcePasswordChangeService::userLoadMultiple protected function Helper function to load mulitple user objects. Spun out into a protected function to allow for overriding in Unit Tests. 1
ForcePasswordChangeService::__construct public function Constructs a ForcePasswordChangeService object.