Apply act as user

Controller/GrouperGroupsController.php

@@ -42,6 +42,7 @@ class GrouperGroupsController extends GrouperLiteWidgetAppController
 
   // Dynamic properties are deprecated, so we will define the property here
   private $userId = null;
+  private $actAsIdentifier = null;
 
   public $uses = [
     'GrouperLiteWidget.GrouperGroup',
@@ -83,7 +84,7 @@ public function addSubscriber(): void
                                                                    : $groupName;
 
     try {
-      if(!$this->GrouperGroup->addGroupMember($this->userId,
+      if(!$this->GrouperGroup->addGroupMember($this->getActAsIdentifier(),
                                               $groupNameFormatted,
                                               $addUserId,
                                               $this->CoGrouperLiteWidget->getConfig())) {
@@ -132,11 +133,35 @@ public function beforeFilter()
     $cfg = $this->CoGrouperLiteWidget->find('first', $args);
     // Set the config so that everybody can access it
     $this->CoGrouperLiteWidget->setConfig($cfg);
+
+    // XXX We will make the ActAs calculations here the beforeRender callback does not always fire
+    //     This is happening because we have a mixed schema with API calls as well as MVC structure.
+    // Get the ActAs User Data
+    $roles = $this->Role->calculateCMRoles();
+    $co_person_id = $roles['copersonid'];
+    // Get the act as data from the database
+    $args = [];
+    $args['conditions']['ActAsPerson.co_person_id'] = $co_person_id;
+    $args['contain'] = false;
+    $act_as_record = $this->ActAsPerson->find('first', $args);
+    $this->set('vv_act_as_people', []);
+
+    // Get ActAs configuration
+    if(!empty($act_as_record)) {
+      $act_as_person = $this->GrouperGroup->dataConstructForPicker($this->cur_co['Co']['id'],
+                                                                   PeoplePickerModeEnum::All,
+                                                                   [$act_as_record['ActAsPerson']['act_as_co_person_id']]);
+      $this->set('vv_act_as_people', $act_as_person);
+      $this->set('vv_act_as_record_id', $act_as_record['ActAsPerson']['id']);
+      $act_as_identifier = $this->GrouperGroup->getIdentifierFromPersonId($act_as_record['ActAsPerson']['act_as_co_person_id'],
+                                                                          $cfg['CoGrouperLiteWidget']['identifier_type']);
+      $this->setActAsIdentifier($act_as_identifier);
+    }
   }
 
   /**
    * Callback after controller methods are invoked but before views are rendered.
-   * - precondition: Request Handler component has set $this->request
+   * - Precondition: A request Handler component has set $this->request
    *
    * @since  COmanage Registry v4.4.0
    */
@@ -147,38 +172,29 @@ public function beforeRender() {
     $this->set('vv_config', $cfg);
 
     $this->set('vv_title', _txt('pl.grouperlite.title.dashboard'));
-    $this->set('vv_is_user_owner', $this->GrouperGroup->isUserGroupOwner($this->userId ?? '', $cfg) );
-//    $this->set('vv_is_template_user', $this->GrouperGroup->isTemplateUser($this->userId ?? '', $cfg) );
-//    $this->set('vv_is_grouper_visible', $this->GrouperGroup->isGrouperVisible($this->userId ?? '', $cfg));
     $this->set('vv_coid', $this->cur_co['Co']['id']);
 
     $roles = $this->Role->calculateCMRoles();
     $this->set('vv_copersonid', $roles['copersonid'] ?? null);
     $this->set('vv_picker_mode', PeoplePickerModeEnum::All);
 
-    // Get the ActAs User Data
-    $co_person_id = $this->viewVars['roles']['copersonid'];
-    // Get the act as data from the database
-    $args = [];
-    $args['conditions']['ActAsPerson.co_person_id'] = $co_person_id;
-    $args['contain'] = false;
-    $act_as_record = $this->ActAsPerson->find('first', $args);
-    $this->set('vv_act_as_people', []);
-    if(!empty($act_as_record)) {
-      $act_as_person = $this->GrouperGroup->dataConstructForPicker($this->cur_co['Co']['id'],
-                                                                   PeoplePickerModeEnum::All,
-                                                                   [$act_as_record['ActAsPerson']['act_as_co_person_id']]);
-      $this->set('vv_act_as_people', $act_as_person);
-      $this->set('vv_act_as_record_id', $act_as_record['ActAsPerson']['id']);
-    }
+    $this->set('vv_act_as_identifier', $this->getActAsIdentifier());
+    $this->set('vv_is_user_owner',
+               $this->GrouperGroup->isUserGroupOwner($this->getUserId(),
+                                                     $this->getActAsIdentifier(),
+                                                     $cfg)
+    );
+//    $this->set('vv_is_template_user', $this->GrouperGroup->isTemplateUser($this->userId ?? '', $cfg) );
+//    $this->set('vv_is_grouper_visible', $this->GrouperGroup->isGrouperVisible($this->userId ?? '', $cfg));
   }
 
   /**
-   * @return null
+   * @return null|string
    */
-  public function getUserId()
+  public function getActAsIdentifier(): ?string
   {
-    return $this->userId;
+    //If the actor Identifier is not set we will return the current user
+    return $this->actAsIdentifier ?? $this->getUserId();
   }
 
   /**
@@ -208,6 +224,14 @@ public function findSubscriber(): void
     $this->set('_serialize', 'matches');
   }
 
+  /**
+   * @return null|string
+   */
+  public function getUserId(): null|string
+  {
+    return $this->userId;
+  }
+
   /**
    * GroupMember vue route for rendering groupmemberapi results
    *
@@ -254,7 +278,7 @@ public function groupSubscribers(): void
                                                                    : $groupName;
 
     try {
-      $subscribers = $this->GrouperGroup->getGroupMembers($this->userId,
+      $subscribers = $this->GrouperGroup->getGroupMembers($this->getActAsIdentifier(),
                                                           $groupNameFormatted,
                                                           $this->CoGrouperLiteWidget->getConfig());
     } catch (Exception $e) {
@@ -273,6 +297,7 @@ public function groupOwnerApi(): void {
     //Set initial setting
     $arguments = [
       'userId' => $this->userId,
+      'actorUserId' => $this->getActAsIdentifier(),
       'cfg' => $this->CoGrouperLiteWidget->getConfig()
     ];
 
@@ -282,7 +307,7 @@ public function groupOwnerApi(): void {
 
       //Add settings for search Owned Groups
       $arguments['searchCriteria'] = $searchCriteria;
-      $arguments['searchPage'] = 'ownerGroups';
+      $arguments['searchPage'] = 'getOwnedGroups';
 
       $func = 'getSearchedGroups';
       $errorHint = 'Search';
@@ -314,6 +339,7 @@ public function groupMemberApi(): void {
     //Set initial setting
     $arguments = [
       'userId' => $this->userId,
+      'actorUserId' => $this->getActAsIdentifier(),
       'cfg' => $this->CoGrouperLiteWidget->getConfig()
     ];
 
@@ -358,6 +384,7 @@ public function groupOptinApi() {
     //Set initial setting
     $arguments = [
       'userId' => $this->userId,
+      'actorUserId' => $this->getActAsIdentifier(),
       'cfg' => $this->CoGrouperLiteWidget->getConfig()
     ];
 
@@ -401,7 +428,7 @@ public function groupCreateTemplate()
   {
     if ($this->request->is('post')) {
       try {
-        $status = $this->GrouperGroup->createGroupWithTemplate($this->userId,
+        $status = $this->GrouperGroup->createGroupWithTemplate($this->getActAsIdentifier(),
                                                                $this->request->data,
                                                                $this->CoGrouperLiteWidget->getConfig());
 
@@ -447,19 +474,9 @@ public function isAuthorized(): array|bool
 
     $cfg = $this->CoGrouperLiteWidget->getConfig();
     // Find the identifier
-    $args = array();
-    $args['conditions']['Identifier.type'] = $cfg['CoGrouperLiteWidget']['identifier_type'];
-    $args['conditions']['Identifier.status'] = SuspendableStatusEnum::Active;
-    $args['conditions']['Identifier.co_person_id'] = !empty($roles['copersonid']) ? $roles['copersonid'] : $pids['copersonid'];
-    $args['contain'] = false;
-
-    $identifiers = $this->Identifier->find('first', $args);
-    if(!empty($identifiers)
-      && is_array($identifiers)
-      && isset($identifiers['Identifier']['identifier'])
-    ) {
-      $this->setUserId($identifiers['Identifier']['identifier']);
-    }
+    $copersonid = !empty($roles['copersonid']) ? $roles['copersonid'] : $pids['copersonid'];
+    $this->setUserId($this->GrouperGroup->getIdentifierFromPersonId($copersonid,
+                                                                    $cfg['CoGrouperLiteWidget']['identifier_type']));
 
     // Find if the user belongs to Group
     $eligibleGroup = $cfg['CoGrouperLiteWidget']['act_as_grp_name'];
@@ -515,7 +532,7 @@ public function joinGroup(): void
 
     try {
       // Add myself
-      if(!$this->GrouperGroup->addGroupMember($this->userId,
+      if(!$this->GrouperGroup->addGroupMember($this->getActAsIdentifier(),
                                               $groupName,
                                               $this->userId,
                                               $this->CoGrouperLiteWidget->getConfig())) {
@@ -542,7 +559,7 @@ public function leaveGroup(): void
     $groupName    = urldecode($this->request->query['GroupName']);
 
     try {
-      if(!$this->GrouperGroup->removeGroupMember($this->userId,
+      if(!$this->GrouperGroup->removeGroupMember($this->getActAsIdentifier(),
                                                  $groupName,
                                                  $this->userId,
                                                  $this->CoGrouperLiteWidget->getConfig())) {
@@ -601,7 +618,7 @@ public function removeSubscriber(): void
                                                                      : $groupName;
 
     try {
-      if(!$this->GrouperGroup->removeGroupMember($this->userId,
+      if(!$this->GrouperGroup->removeGroupMember($this->getActAsIdentifier(),
                                                  $groupNameFormatted,
                                                  $remUserId,
                                                  $this->CoGrouperLiteWidget->getConfig())) {
@@ -645,9 +662,17 @@ public function restResponse(int $status,
   }
 
   /**
-   * @param   null  $userId
+   * @param   null|string  $actAsIdentifier
+   */
+  public function setActAsIdentifier(?string $actAsIdentifier): void
+  {
+    $this->actAsIdentifier = $actAsIdentifier;
+  }
+
+  /**
+   * @param   null|string  $userId
    */
-  private function setUserId($userId): void
+  private function setUserId(?string $userId): void
   {
     $this->userId = $userId;
   }
@@ -677,7 +702,7 @@ public function userManagerApi(): void
     $memberId = urldecode($this->request->query['memberid']);
 
     try {
-      $groupsimanage = $this->GrouperGroup->getManagedUsers($this->userId,
+      $groupsimanage = $this->GrouperGroup->getManagedUsers($this->getActAsIdentifier(),
                                                             $memberId,
                                                             $cfg);
     } catch (Exception $e) {
@@ -694,10 +719,10 @@ public function userManagerApi(): void
   }
 
   /**
-   * Override the default sanity check performed in AppController
+   * Override the default check performed in AppController
    *
    * @since  COmanage Registry v4.3.0
-   * @return Boolean True if sanity check is successful
+   * @return Boolean True if check is successful
    */
 
   public function verifyRequestedId(): bool

Lib/GrouperApiAccess.php

@@ -472,11 +472,12 @@ public function getUserMemberships(string $userId, string $actAsUserId, string $
                                   true);
 
     // Build request logic
+    // XXX This is not working very well?
     $data = [
       'WsRestGetMembershipsRequest' => [
         'fieldName'             => $groupType,
         'actAsSubjectLookup'    => [
-          'subjectId' => true ? '': $actAsUserId
+          'subjectId' => ($userId !== $actAsUserId) ? $actAsUserId : ''
         ],
         'wsSubjectLookups'      => [
           ['subjectId' => $isOptinsOrOptouts ? GrouperConfigEnums::ALL : $userId]