. * * The interactive user interfaces in modified source and object code versions * of this program must display Appropriate Legal Notices, as required under * Section 5 of the GNU Affero General Public License version 3. * * In accordance with Section 7(b) of the GNU Affero General Public License version 3, * these Appropriate Legal Notices must retain the display of the "EspoCRM" word. ************************************************************************/ namespace Espo\Core\Authentication\Helper; use Espo\Core\Authentication\Logins\ApiKey; use Espo\Core\Authentication\Logins\Hmac; use Espo\ORM\EntityManager; use Espo\Entities\User; use Espo\ORM\Name\Attribute; /** * @internal */ class UserFinder { /** @var string[] */ private const array FORBIDDEN_USER_TYPE_LIST = [ User::TYPE_API, User::TYPE_SYSTEM, ]; public function __construct(private EntityManager $entityManager) {} public function find(string $username): ?User { return $this->entityManager ->getRDBRepositoryByClass(User::class) ->where([ User::FIELD_USER_NAME => $username, User::FIELD_TYPE . '!=' => self::FORBIDDEN_USER_TYPE_LIST, ]) ->findOne(); } public function findByAuthTokenData(string $username, string $id, ?int $passwordVersion): ?User { $where = [ User::FIELD_USER_NAME => $username, Attribute::ID => $id, User::FIELD_TYPE . '!=' => self::FORBIDDEN_USER_TYPE_LIST, ]; if ($passwordVersion !== null) { $where[User::FIELD_PASSWORD_VERSION] = $passwordVersion; } return $this->entityManager ->getRDBRepositoryByClass(User::class) ->where($where) ->findOne(); } public function findApiHmac(string $apiKey): ?User { return $this->entityManager ->getRDBRepositoryByClass(User::class) ->where([ User::FIELD_TYPE => User::TYPE_API, 'apiKey' => $apiKey, 'authMethod' => Hmac::NAME, ]) ->findOne(); } public function findApiApiKey(string $apiKey): ?User { return $this->entityManager ->getRDBRepositoryByClass(User::class) ->where([ User::FIELD_TYPE => User::TYPE_API, 'apiKey' => $apiKey, 'authMethod' => ApiKey::NAME, ]) ->findOne(); } }