2 command to work with admin users and its roles

Author: Stepa4man

app/code/Magento/Authorization/Command/AdminRolesListCommand.php

@@ -0,0 +1,72 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Authorization\Command;
+
+use Magento\Authorization\Model\GetAdminRolesList;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Helper\Table;
+use Symfony\Component\Console\Helper\TableFactory;
+
+/**
+ * Class AdminRolesListCommand is cli command for showing all existing admin role ids and names
+ */
+class AdminRolesListCommand extends Command
+{
+    /**
+     * @var GetAdminRolesList
+     */
+    private $getAdminRolesListService;
+
+    /**
+     * @var TableFactory
+     */
+    private $tableFactory;
+
+    /**
+     * @param GetAdminRolesList $getAdminRolesListService
+     * @param TableFactory $tableFactory
+     * @param string|null $name
+     */
+    public function __construct(
+        GetAdminRolesList $getAdminRolesListService,
+        TableFactory $tableFactory,
+        string $name = null
+    ) {
+        parent::__construct($name);
+        $this->getAdminRolesListService = $getAdminRolesListService;
+        $this->tableFactory = $tableFactory;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function configure(): void
+    {
+        $this->setName("admin:role:list");
+        $this->setDescription("Shows all existing admin role ids and names");
+        parent::configure();
+    }
+
+    /**
+     * Provides table with admin roles
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output
+     * @SuppressWarnings(PHPMD.UnusedFormalParameter)
+     */
+    protected function execute(InputInterface $input, OutputInterface $output): void
+    {
+        $output->writeln('Existing admin roles:');
+        $table = $this->tableFactory->create(['output' => $output]);
+        $table->setHeaders(['Role ID', 'Role Name']);
+        $table->setRows($this->getAdminRolesListService->execute());
+        $table->render();
+    }
+}

app/code/Magento/Authorization/Model/GetAdminRolesList.php

@@ -0,0 +1,45 @@
+<?php
+/**
+ *
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Authorization\Model;
+
+use Magento\Authorization\Model\ResourceModel\Role\Grid\CollectionFactory;
+
+/**
+ * Class GetAdminRolesList provides information about all existing group roles
+ */
+class GetAdminRolesList
+{
+    /**
+     * @var CollectionFactory
+     */
+    private $rolesGridCollectionFactory;
+
+    /**
+     * @param CollectionFactory $rolesGridCollectionFactory
+     */
+    public function __construct(
+        CollectionFactory $rolesGridCollectionFactory
+    ) {
+        $this->rolesGridCollectionFactory = $rolesGridCollectionFactory;
+    }
+
+    /**
+     * Provides information about all existing group roles
+     *
+     * @return array
+     */
+    public function execute(): array
+    {
+        return $this->rolesGridCollectionFactory->create()
+            ->addFieldToSelect('role_id')
+            ->addFieldToSelect('role_name')
+            ->load()
+            ->toArray()['items'];
+    }
+}

app/code/Magento/Authorization/Test/Integration/Console/Command/AdminRolesListCommandTest.php

@@ -0,0 +1,33 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\Authorization\Test\Integration\Console\Command;
+
+use Magento\Authorization\Command\AdminRolesListCommand;
+use Magento\TestFramework\Helper\Bootstrap;
+use PHPUnit\Framework\TestCase;
+use Symfony\Component\Console\Tester\CommandTester;
+
+/**
+ * Class AdminRolesListCommandTes
+ */
+class AdminRolesListCommandTest extends TestCase
+{
+    /**
+     * @magentoDataFixture ./../../../../app/code/Magento/Authorization/Test/Integration/_files/test_role.php
+     */
+    public function testExecute(): void
+    {
+        $objectManager = Bootstrap::getObjectManager();
+        $command = $objectManager->get(AdminRolesListCommand::class);
+        $commandTester = new CommandTester($command);
+        $commandTester->execute([]);
+        $this->assertStringContainsString('Role ID ', $commandTester->getDisplay());
+        $this->assertStringContainsString('Role Name', $commandTester->getDisplay());
+        $this->assertStringContainsString('test_role', $commandTester->getDisplay());
+    }
+}

app/code/Magento/Authorization/Test/Integration/_files/test_role.php

@@ -0,0 +1,30 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+use Magento\Authorization\Model\Acl\Role\Group as RoleGroup;
+use Magento\Authorization\Model\ResourceModel\Role as RoleResource;
+use Magento\Authorization\Model\RoleFactory;
+use Magento\Authorization\Model\RulesFactory;
+use Magento\Authorization\Model\UserContextInterface;
+use Magento\Backend\App\Area\FrontNameResolver;
+use Magento\TestFramework\Helper\Bootstrap;
+
+Bootstrap::getInstance()->loadArea(FrontNameResolver::AREA_CODE);
+$objectManager = Bootstrap::getObjectManager();
+/** @var RoleResource $roleResource */
+$roleResource = $objectManager->get(RoleResource::class);
+/** @var RoleFactory $roleFactory */
+$roleFactory = $objectManager->get(RoleFactory::class);
+$role = $roleFactory->create();
+$role->setName('test_role')
+    ->setPid(0)
+    ->setRoleType(RoleGroup::ROLE_TYPE)
+    ->setUserType(UserContextInterface::USER_TYPE_ADMIN);
+
+$roleResource->save($role);
+$ruleFactory = $objectManager->get(RulesFactory::class);
+$ruleFactory->create()->setRoleId($role->getId())->setResources(['Magento_Backend::all'])->saveRel();

app/code/Magento/Authorization/etc/di.xml

@@ -5,7 +5,8 @@
  * See COPYING.txt for license details.
  */
 -->
-<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
+<config xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xsi:noNamespaceSchemaLocation="urn:magento:framework:ObjectManager/etc/config.xsd">
     <type name="Magento\Authorization\Model\Role" shared="false" />
     <type name="Magento\Authorization\Model\ResourceModel\Rules">
         <arguments>
@@ -24,4 +25,11 @@
         </arguments>
     </type>
     <preference for="Magento\Authorization\Model\UserContextInterface" type="Magento\Authorization\Model\CompositeUserContext"/>
+    <type name="Magento\Framework\Console\CommandListInterface">
+        <arguments>
+            <argument name="commands" xsi:type="array">
+                <item name="adminRolesListCommand" xsi:type="object">Magento\Authorization\Command\AdminRolesListCommand</item>
+            </argument>
+        </arguments>
+    </type>
 </config>

app/code/Magento/User/Console/AssignAdminToRoleCommand.php

@@ -0,0 +1,162 @@
+<?php
+/**
+ * Copyright © Magento, Inc. All rights reserved.
+ * See COPYING.txt for license details.
+ */
+declare(strict_types=1);
+
+namespace Magento\User\Console;
+
+use InvalidArgumentException;
+use Magento\Authorization\Model\GetAdminRolesList;
+use Magento\Framework\Exception\AlreadyExistsException;
+use Magento\User\Model\AssignUserToRole;
+use Magento\User\Model\GetAdminUserList;
+use Magento\User\Model\User;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Helper\QuestionHelper;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Input\InputOption;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\Question;
+
+/**
+ * Class AssignAdminToRoleCommand assigns role to user
+ */
+class AssignAdminToRoleCommand extends Command
+{
+    private const USER_NAME_OPTION = 'username';
+    private const ROLE_ID_OPTION = 'role-id';
+
+    /**
+     * @var AssignUserToRole
+     */
+    private $assignUserToRoleService;
+
+    /**
+     * @var GetAdminRolesList
+     */
+    private $getAdminRolesListService;
+
+    /**
+     * @var GetAdminUserList
+     */
+    private $getAdminUserListService;
+
+    /**
+     * @param AssignUserToRole $assignUserToRoleService
+     * @param GetAdminRolesList $getAdminRolesListService
+     * @param GetAdminUserList $getAdminUserListService
+     * @param string|null $name
+     */
+    public function __construct(
+        AssignUserToRole $assignUserToRoleService,
+        GetAdminRolesList $getAdminRolesListService,
+        GetAdminUserList $getAdminUserListService,
+        string $name = null
+    ) {
+        parent::__construct($name);
+        $this->assignUserToRoleService = $assignUserToRoleService;
+        $this->getAdminRolesListService = $getAdminRolesListService;
+        $this->getAdminUserListService = $getAdminUserListService;
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function configure(): void
+    {
+        $this->setName("admin:user:assign-role");
+        $this->setDescription("Assigns user to role");
+        $this->setDefinition($this->getOptionsList());
+
+        parent::configure();
+    }
+
+    /**
+     * Assigns role to user
+     *
+     * @param InputInterface $input
+     * @param OutputInterface $output
+     *
+     * @return void
+     * @throws AlreadyExistsException
+     */
+    protected function execute(InputInterface $input, OutputInterface $output): void
+    {
+        $this->assignUserToRoleService->execute(
+            $input->getOption(self::USER_NAME_OPTION),
+            (int)$input->getOption(self::ROLE_ID_OPTION)
+        );
+        $output->writeln("User assigned to the role.");
+    }
+
+    /**
+     * @inheritDoc
+     */
+    protected function interact(InputInterface $input, OutputInterface $output)
+    {
+        /** @var QuestionHelper $questionHelper */
+        $questionHelper = $this->getHelper('question');
+
+        if (!$input->getOption(self::USER_NAME_OPTION)) {
+            $question = new Question('<question>Admin username:</question> ', '');
+            $userList = $this->getAdminUserListService->execute();
+            $question->setValidator(function ($value) use ($userList) {
+                /** @var User $user */
+                foreach ($userList as $user) {
+                    if ($user->getUserName() === $value) {
+                        return $value;
+                    }
+                }
+                throw new InvalidArgumentException(sprintf(AssignUserToRole::USER_DOES_NOT_EXISTS_ERROR_MSG, $value));
+            });
+
+            $input->setOption(
+                self::USER_NAME_OPTION,
+                $questionHelper->ask($input, $output, $question)
+            );
+        }
+
+        if (!$input->getOption(self::ROLE_ID_OPTION)) {
+            $question = new Question('<question>Role ID:</question> ', '');
+            $rolesList = $this->getAdminRolesListService->execute();
+            $question->setValidator(function ($value) use ($rolesList) {
+                foreach ($rolesList as $role) {
+                    if ($role['role_id'] === $value) {
+                        return $value;
+                    }
+                }
+                throw new InvalidArgumentException(sprintf(AssignUserToRole::ROLE_DOES_NOT_EXISTS_ERROR_MSG, $value));
+            });
+
+            $input->setOption(
+                self::ROLE_ID_OPTION,
+                $questionHelper->ask($input, $output, $question)
+            );
+        }
+    }
+
+    /**
+     * Get list of arguments for the command
+     *
+     * @return InputOption[]
+     */
+    public function getOptionsList(): array
+    {
+        return [
+            new InputOption(
+                self::USER_NAME_OPTION,
+                null,
+                InputOption::VALUE_REQUIRED,
+                '(Required) Admin Username'
+            ),
+            new InputOption(
+                self::ROLE_ID_OPTION,
+                null,
+                InputOption::VALUE_REQUIRED,
+                '(Required) Role ID'
+            )
+        ];
+    }
+}