Melhorias no microsite e sincronização de fotos LDAP

Fotos LDAP:
- Ignora sync quando conta ainda não tem UID (evitava URI compartilhada)
- Filtra fotos abaixo do tamanho mínimo configurável (padrão 10 KB)
- Adiciona campo ldap_min_photo_size nas configurações e schema
- Update 10010: remove fotos placeholder já existentes
- Update 10011: remove mídias com URI ldap_photo_.{ext} sem UID

Bloco de cabeçalho do microsite:
- Exibe departamento abaixo do nome, sem label, com link para a entidade
- Exibe telefone de trabalho (work_phone) no lugar de phone (restrito)

Página de perfil:
- Título fixo "Perfil de @name" via callback profileTitle()
- Exclui rota profile da substituição de título pelo nó homepage

Subpáginas com URL amigável:
- Adiciona MicrositeSubpagePathProcessor (inbound + outbound)
- Inbound: /user/{username}/{subpage} → /user/{uid}/{subpage}
- Outbound: /user/{uid}/{subpage} → /user/{username}/{subpage}
- Busca alias em todos os idiomas para contornar limitação do AliasManager

Tema do microsite em rotas externas:
- MicrositeThemeNegotiator cobre rotas com parâmetro user sob /user/{user}/
- Cobre nós do structural_pages cujo alias começa com /user/{uid}/

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

config/install/site_users.settings.yml

@@ -2,6 +2,7 @@ photos:
   max_count: 5
   ldap_attribute: 'jpegPhoto'
   ldap_sync_enabled: false
+  ldap_min_photo_size: 10240
 user_editable_fields:
   field_user_name: true
   field_user_phone: true

config/schema/site_users.schema.yml

@@ -15,6 +15,9 @@ site_users.settings:
         ldap_sync_enabled:
           type: boolean
           label: 'Enable LDAP photo synchronization'
+        ldap_min_photo_size:
+          type: integer
+          label: 'Minimum LDAP photo size in bytes'
     user_editable_fields:
       type: sequence
       label: 'User-editable profile fields'

modules/site_users_microsite/site_users_microsite.module

@@ -18,12 +18,14 @@ function site_users_microsite_theme(): array {
         'photo_alt' => '',
         'name'      => NULL,
         'bio'           => NULL,
-        'phone'         => NULL,
         'email'         => NULL,
         'homepage'      => NULL,
         'lattes_id'     => NULL,
         'orcid_id'      => NULL,
         'mathscinet_id' => NULL,
+      'department'     => NULL,
+      'department_url' => NULL,
+      'work_phone'     => NULL,
       ],
     ],
   ];
@@ -78,12 +80,19 @@ function site_users_microsite_preprocess_block(&$variables): void {
   }
 
   $route_match = \Drupal::routeMatch();
-  $route_name = $route_match->getRouteName();
+  $route_name = $route_match->getRouteName() ?? '';
+
+  // Rotas com título próprio não devem ser sobrescritas.
+  $excluded = [
+    'site_users_microsite.profile',
+    'site_users_microsite.settings',
+    'site_users_microsite.user_config',
+  ];
 
   $is_microsite = $route_name === 'entity.user.canonical'
     || str_starts_with($route_name, 'site_users_microsite.');
 
-  if (!$is_microsite) {
+  if (!$is_microsite || in_array($route_name, $excluded)) {
     return;
   }
 

modules/site_users_microsite/site_users_microsite.routing.yml

@@ -2,7 +2,7 @@ site_users_microsite.profile:
   path: '/user/{user}/profile'
   defaults:
     _controller: '\Drupal\site_users_microsite\Controller\MicrositeHomeController::profile'
-    _title_callback: '\Drupal\site_users_microsite\Controller\MicrositeHomeController::title'
+    _title_callback: '\Drupal\site_users_microsite\Controller\MicrositeHomeController::profileTitle'
   requirements:
     _entity_access: 'user.view'
     user: \d+

modules/site_users_microsite/site_users_microsite.services.yml

@@ -1,6 +1,14 @@
 services:
+  site_users_microsite.path_processor:
+    class: Drupal\site_users_microsite\PathProcessor\MicrositeSubpagePathProcessor
+    arguments: ['@path_alias.manager', '@language_manager']
+    tags:
+      - { name: path_processor_inbound, priority: 200 }
+      - { name: path_processor_outbound, priority: 200 }
+
   site_users_microsite.theme_negotiator:
     class: Drupal\site_users_microsite\Theme\MicrositeThemeNegotiator
+    arguments: ['@path_alias.manager']
     tags:
       - { name: theme_negotiator, priority: 100 }
 

modules/site_users_microsite/src/Controller/MicrositeHomeController.php

@@ -99,4 +99,11 @@ class MicrositeHomeController extends ControllerBase {
     return $this->t('@name', ['@name' => $user->getDisplayName()]);
   }
 
+  /**
+   * Callback de título para a página de perfil.
+   */
+  public function profileTitle(UserInterface $user): TranslatableMarkup {
+    return $this->t('Perfil de @name', ['@name' => $user->getDisplayName()]);
+  }
+
 }

modules/site_users_microsite/src/PathProcessor/MicrositeSubpagePathProcessor.php

@@ -0,0 +1,98 @@
+<?php
+
+namespace Drupal\site_users_microsite\PathProcessor;
+
+use Drupal\Core\Language\LanguageInterface;
+use Drupal\Core\Language\LanguageManagerInterface;
+use Drupal\Core\PathProcessor\InboundPathProcessorInterface;
+use Drupal\Core\PathProcessor\OutboundPathProcessorInterface;
+use Drupal\Core\Render\BubbleableMetadata;
+use Drupal\path_alias\AliasManagerInterface;
+use Symfony\Component\HttpFoundation\Request;
+
+/**
+ * Processa subpáginas do microsite para funcionar com aliases de usuário.
+ *
+ * Converte /user/{username}/{subpage} <-> /user/{uid}/{subpage} de forma
+ * transparente, complementando o alias exato /user/{username} do Pathauto.
+ */
+class MicrositeSubpagePathProcessor implements InboundPathProcessorInterface, OutboundPathProcessorInterface {
+
+  public function __construct(
+    private AliasManagerInterface $aliasManager,
+    private LanguageManagerInterface $languageManager,
+  ) {}
+
+  /**
+   * {@inheritdoc}
+   *
+   * Converte /user/{username}/{subpage} para /user/{uid}/{subpage}.
+   */
+  public function processInbound($path, Request $request) {
+    if (!preg_match('#^/user/([^/]+)(/.+)$#', $path, $matches)) {
+      return $path;
+    }
+
+    $segment = $matches[1];
+    $rest    = $matches[2];
+
+    // Segmento numérico já é UID — nada a fazer.
+    if (is_numeric($segment)) {
+      return $path;
+    }
+
+    $alias       = '/user/' . $segment;
+    $system_path = $this->lookupSystemPath($alias);
+
+    if ($system_path !== $alias && preg_match('#^/user/\d+$#', $system_path)) {
+      return $system_path . $rest;
+    }
+
+    return $path;
+  }
+
+  /**
+   * {@inheritdoc}
+   *
+   * Converte /user/{uid}/{subpage} para /user/{username}/{subpage}.
+   */
+  public function processOutbound($path, &$options = [], ?Request $request = NULL, ?BubbleableMetadata $bubbleable_metadata = NULL) {
+    if (!preg_match('#^/user/(\d+)(/.+)$#', $path, $matches)) {
+      return $path;
+    }
+
+    $uid   = $matches[1];
+    $rest  = $matches[2];
+    $alias = $this->aliasManager->getAliasByPath('/user/' . $uid);
+
+    if ($alias !== '/user/' . $uid) {
+      if ($bubbleable_metadata) {
+        $bubbleable_metadata->addCacheContexts(['url.path']);
+      }
+      return $alias . $rest;
+    }
+
+    return $path;
+  }
+
+  /**
+   * Busca o caminho interno para um alias tentando todos os idiomas.
+   *
+   * O alias manager só faz fallback para LANGCODE_NOT_SPECIFIED; aliases
+   * armazenados com 'en' não são encontrados quando o idioma atual é 'pt-br'.
+   */
+  private function lookupSystemPath(string $alias): string {
+    $langcodes = array_keys($this->languageManager->getLanguages());
+    $langcodes[] = LanguageInterface::LANGCODE_NOT_SPECIFIED;
+
+    foreach ($langcodes as $langcode) {
+      $system_path = $this->aliasManager->getPathByAlias($alias, $langcode);
+      if ($system_path !== $alias) {
+        return $system_path;
+      }
+    }
+
+    return $alias;
+  }
+
+}

modules/site_users_microsite/src/Plugin/Block/MicrositeHeaderBlock.php

@@ -66,12 +66,14 @@ class MicrositeHeaderBlock extends BlockBase implements ContainerFactoryPluginIn
       '#photo_alt' => $this->getPhotoAlt($user),
       '#name' => $this->getFieldValue($user, 'field_user_name') ?: $user->getDisplayName(),
       '#bio' => $this->getProcessedValue($user, 'field_user_bio'),
-      '#phone' => $this->getFieldValue($user, 'field_user_phone'),
       '#email' => $user->getEmail(),
       '#homepage' => $this->getFieldUri($user, 'field_user_homepage'),
       '#lattes_id' => $this->getFieldValue($user, 'field_user_id_lattes'),
       '#orcid_id' => $this->getFieldValue($user, 'field_user_orcid'),
       '#mathscinet_id' => $this->getFieldValue($user, 'field_user_mathscinetid'),
+      '#department'     => $this->getReferencedEntityLabel($user, 'field_user_department'),
+      '#department_url' => $this->getReferencedEntityUrl($user, 'field_user_department'),
+      '#work_phone'    => $this->getFieldValue($user, 'field_user_work_phone'),
       '#cache' => [
         'tags' => $user->getCacheTags(),
         'contexts' => ['route'],
@@ -145,6 +147,36 @@ class MicrositeHeaderBlock extends BlockBase implements ContainerFactoryPluginIn
     return NULL;
   }
 
+  /**
+   * Retorna o label da entidade referenciada por um campo entity_reference.
+   */
+  protected function getReferencedEntityLabel(UserInterface $user, string $field_name): ?string {
+    if (!$user->hasField($field_name) || $user->get($field_name)->isEmpty()) {
+      return NULL;
+    }
+    $entity = $user->get($field_name)->entity;
+    return $entity ? $entity->label() : NULL;
+  }
+
+  /**
+   * Retorna a URL canônica da entidade referenciada por um campo entity_reference.
+   */
+  protected function getReferencedEntityUrl(UserInterface $user, string $field_name): ?string {
+    if (!$user->hasField($field_name) || $user->get($field_name)->isEmpty()) {
+      return NULL;
+    }
+    $entity = $user->get($field_name)->entity;
+    if (!$entity || !$entity->hasLinkTemplate('canonical')) {
+      return NULL;
+    }
+    try {
+      return $entity->toUrl('canonical')->toString();
+    }
+    catch (\Exception $e) {
+      return NULL;
+    }
+  }
+
   /**
    * Retorna o valor de texto de um campo do usuário.
    */

modules/site_users_microsite/src/Theme/MicrositeThemeNegotiator.php

@@ -4,27 +4,70 @@ namespace Drupal\site_users_microsite\Theme;
 
 use Drupal\Core\Routing\RouteMatchInterface;
 use Drupal\Core\Theme\ThemeNegotiatorInterface;
+use Drupal\path_alias\AliasManagerInterface;
+use Drupal\user\UserInterface;
 
 /**
  * Aplica o tema microsite nas rotas de perfil de usuário e do micro-site.
  */
 class MicrositeThemeNegotiator implements ThemeNegotiatorInterface {
 
+  public function __construct(
+    private AliasManagerInterface $aliasManager,
+  ) {}
+
   /**
    * {@inheritdoc}
    */
   public function applies(RouteMatchInterface $route_match): bool {
-    $route_name = $route_match->getRouteName();
+    $route_name = $route_match->getRouteName() ?? '';
 
-    if ($route_name === 'site_users_microsite.settings') {
+    // Rotas administrativas e de edição nunca recebem o tema do microsite.
+    $excluded = [
+      'site_users_microsite.settings',
+      'site_users_microsite.user_config',
+      'site_users_microsite.my_config',
+    ];
+    if (in_array($route_name, $excluded, TRUE)) {
       return FALSE;
     }
+    foreach (['entity.user.edit_', 'entity.user.cancel', 'user.admin'] as $prefix) {
+      if (str_starts_with($route_name, $prefix)) {
+        return FALSE;
+      }
+    }
 
+    // Rota canônica e rotas próprias do microsite.
     if ($route_name === 'entity.user.canonical') {
       return TRUE;
     }
+    if (str_starts_with($route_name, 'site_users_microsite.')) {
+      return TRUE;
+    }
 
-    return str_starts_with($route_name, 'site_users_microsite.');
+    // Qualquer rota com parâmetro 'user' (entidade) sob /user/{user}/.
+    $user = $route_match->getParameter('user');
+    if ($user instanceof UserInterface) {
+      $route = $route_match->getRouteObject();
+      $path  = $route ? $route->getPath() : '';
+      if (str_starts_with($path, '/user/{user}/')) {
+        return TRUE;
+      }
+    }
+
+    // Nós cujo alias começa com /user/{uid}/ (ex.: structural_pages).
+    if ($route_name === 'entity.node.canonical') {
+      $node = $route_match->getParameter('node');
+      if ($node) {
+        $nid   = is_object($node) ? $node->id() : $node;
+        $alias = $this->aliasManager->getAliasByPath('/node/' . $nid);
+        if (preg_match('#^/user/\d+/#', $alias)) {
+          return TRUE;
+        }
+      }
+    }
+
+    return FALSE;
   }
 
   /**

modules/site_users_microsite/templates/microsite-header-block.html.twig

@@ -37,16 +37,26 @@
 
     <h1 class="msite-header-block__name">{{ name }}</h1>
 
+    {% if department %}
+      <div class="msite-header-block__department">
+        {% if department_url %}
+          <a href="{{ department_url }}">{{ department }}</a>
+        {% else %}
+          {{ department }}
+        {% endif %}
+      </div>
+    {% endif %}
+
     {% if bio %}
       <div class="msite-header-block__bio">{{ bio|raw }}</div>
     {% endif %}
 
-    {% if phone or email %}
+    {% if work_phone or email %}
       <ul class="msite-header-block__contact">
-        {% if phone %}
+        {% if work_phone %}
           <li class="msite-header-block__contact-item">
             <span class="msite-header-block__contact-label">{{ 'Telefone'|t }}:</span>
-            <a href="tel:{{ phone }}">{{ phone }}</a>
+            <a href="tel:{{ work_phone }}">{{ work_phone }}</a>
           </li>
         {% endif %}
         {% if email %}

site_users.install

@@ -194,6 +194,79 @@ function site_users_install() {
   }
 }
 
+/**
+ * Remove mídias LDAP geradas sem UID (URI ldap_photo_.jpg/png) de todos os
+ * usuários e apaga os arquivos e mídias correspondentes.
+ *
+ * Causa: durante provisionamento LDAP, $account->id() era vazio antes do
+ * primeiro save, gerando URI única compartilhada por todos os usuários.
+ */
+function site_users_update_10011() {
+  $file_storage  = \Drupal::entityTypeManager()->getStorage('file');
+  $media_storage = \Drupal::entityTypeManager()->getStorage('media');
+  $user_storage  = \Drupal::entityTypeManager()->getStorage('user');
+
+  // Localiza arquivos com URI sem UID (ldap_photo_.jpg, ldap_photo_.png…).
+  $fids = $file_storage->getQuery()
+    ->condition('uri', 'public://ldap_photos/ldap_photo_.', 'STARTS_WITH')
+    ->accessCheck(FALSE)
+    ->execute();
+
+  if (empty($fids)) {
+    return t('Nenhum arquivo LDAP sem UID encontrado.');
+  }
+
+  $removed_media  = 0;
+  $affected_users = 0;
+
+  foreach ($fids as $fid) {
+    $medias = $media_storage->loadByProperties([
+      'bundle' => 'image',
+      'field_media_image.target_id' => $fid,
+    ]);
+
+    foreach ($medias as $media) {
+      $mid = (int) $media->id();
+
+      $uids = $user_storage->getQuery()
+        ->condition('field_user_photos.target_id', $mid)
+        ->accessCheck(FALSE)
+        ->execute();
+
+      foreach ($uids as $uid) {
+        $user = $user_storage->load($uid);
+        if (!$user) {
+          continue;
+        }
+
+        $photos = array_column($user->get('field_user_photos')->getValue(), 'target_id');
+        $photos = array_values(array_filter($photos, fn($id) => (int) $id !== $mid));
+        $user->set('field_user_photos', array_map(fn($id) => ['target_id' => $id], $photos));
+
+        if ((int) $user->get('field_user_default_photo')->target_id === $mid) {
+          $user->set('field_user_default_photo', empty($photos) ? NULL : $photos[0]);
+        }
+
+        $user->save();
+        $affected_users++;
+      }
+
+      $media->delete();
+      $removed_media++;
+    }
+
+    $file = $file_storage->load($fid);
+    if ($file) {
+      $file->delete();
+    }
+  }
+
+  return t('Removidas @m mídias sem UID de @u usuários.', [
+    '@m' => $removed_media,
+    '@u' => $affected_users,
+  ]);
+}
+
 /**
  * Adiciona o campo field_user_default_photo para seleção de foto padrão.
  */
@@ -470,10 +543,10 @@ function site_users_update_10006() {
     $form_display->removeComponent('field_user_selected_view_mode')->save();
   }
 
-  // 6. Remover de todos os view displays existentes.
-  $displays = $display_storage->loadMultiple();
+  // 6. Remover de todos os view displays de usuário existentes.
+  $displays = $display_storage->loadByProperties(['targetEntityType' => 'user']);
   foreach ($displays as $display) {
-    if ($display->getTargetEntityTypeId() === 'user' && $display->getComponent('field_user_selected_view_mode')) {
+    if ($display->getComponent('field_user_selected_view_mode')) {
       $display->removeComponent('field_user_selected_view_mode')->save();
     }
   }
@@ -614,6 +687,86 @@ function site_users_update_10009() {
   return t('Campo field_user_homepage criado com sucesso.');
 }
 
+/**
+ * Remove fotos LDAP placeholder (abaixo do tamanho mínimo configurado).
+ *
+ * Limpa field_user_photos e field_user_default_photo dos usuários afetados
+ * e apaga as entidades de mídia e arquivo correspondentes.
+ */
+function site_users_update_10010() {
+  $min_size = (int) (\Drupal::config('site_users.settings')->get('photos.ldap_min_photo_size') ?? 10240);
+
+  // Busca arquivos LDAP abaixo do tamanho mínimo.
+  $fids = \Drupal::entityTypeManager()->getStorage('file')->getQuery()
+    ->condition('uri', 'public://ldap_photos/', 'STARTS_WITH')
+    ->condition('filesize', $min_size, '<')
+    ->accessCheck(FALSE)
+    ->execute();
+
+  if (empty($fids)) {
+    return t('Nenhuma foto LDAP placeholder encontrada.');
+  }
+
+  $media_storage = \Drupal::entityTypeManager()->getStorage('media');
+  $user_storage = \Drupal::entityTypeManager()->getStorage('user');
+  $removed_media = 0;
+  $affected_users = 0;
+
+  foreach ($fids as $fid) {
+    // Localiza a entidade de mídia que usa este arquivo.
+    $medias = $media_storage->loadByProperties([
+      'bundle' => 'image',
+      'field_media_image.target_id' => $fid,
+    ]);
+
+    foreach ($medias as $media) {
+      $mid = (int) $media->id();
+
+      // Busca usuários que têm esta mídia em field_user_photos.
+      $uids = $user_storage->getQuery()
+        ->condition('field_user_photos.target_id', $mid)
+        ->accessCheck(FALSE)
+        ->execute();
+
+      foreach ($uids as $uid) {
+        /** @var \Drupal\user\UserInterface $user */
+        $user = $user_storage->load($uid);
+        if (!$user) {
+          continue;
+        }
+
+        // Remove a mídia de field_user_photos.
+        $photos = array_column($user->get('field_user_photos')->getValue(), 'target_id');
+        $photos = array_values(array_filter($photos, fn($id) => (int) $id !== $mid));
+        $user->set('field_user_photos', array_map(fn($id) => ['target_id' => $id], $photos));
+
+        // Limpa field_user_default_photo se apontar para esta mídia.
+        $default_mid = $user->get('field_user_default_photo')->target_id;
+        if ((int) $default_mid === $mid) {
+          $user->set('field_user_default_photo', empty($photos) ? NULL : $photos[0]);
+        }
+
+        $user->save();
+        $affected_users++;
+      }
+
+      $media->delete();
+      $removed_media++;
+    }
+
+    // Apaga o arquivo gerenciado.
+    $file = \Drupal::entityTypeManager()->getStorage('file')->load($fid);
+    if ($file) {
+      $file->delete();
+    }
+  }
+
+  return t('Removidas @m mídias placeholder de @u usuários.', [
+    '@m' => $removed_media,
+    '@u' => $affected_users,
+  ]);
+}
+
 /**
  * Corrige mapeamentos LDAP com campos de string nulos na config ativa.
  */

src/Form/SiteUsersSettingsForm.php

@@ -118,6 +118,20 @@ class SiteUsersSettingsForm extends ConfigFormBase {
       ],
     ];
 
+    $form['photos']['photos_ldap_min_photo_size'] = [
+      '#type' => 'number',
+      '#title' => $this->t('Minimum LDAP photo size (bytes)'),
+      '#description' => $this->t('Photos smaller than this size are ignored during LDAP sync, avoiding placeholder images. Default: 10240 (10 KB).'),
+      '#default_value' => $config->get('photos.ldap_min_photo_size') ?? 10240,
+      '#min' => 0,
+      '#required' => TRUE,
+      '#states' => [
+        'visible' => [
+          ':input[name="photos_ldap_sync_enabled"]' => ['checked' => TRUE],
+        ],
+      ],
+    ];
+
     // Fieldset para campos editáveis pelo próprio usuário.
     $form['user_editable_fields'] = [
       '#type' => 'fieldset',
@@ -270,7 +284,8 @@ class SiteUsersSettingsForm extends ConfigFormBase {
     $config
       ->set('photos.max_count', $form_state->getValue('photos_max_count'))
       ->set('photos.ldap_sync_enabled', (bool) $form_state->getValue('photos_ldap_sync_enabled'))
-      ->set('photos.ldap_attribute', $form_state->getValue('photos_ldap_attribute'));
+      ->set('photos.ldap_attribute', $form_state->getValue('photos_ldap_attribute'))
+      ->set('photos.ldap_min_photo_size', (int) $form_state->getValue('photos_ldap_min_photo_size'));
 
     $definitions = \Drupal::service('entity_field.manager')
       ->getFieldDefinitions('user', 'user');

src/Service/LdapPhotoSyncService.php

@@ -32,6 +32,11 @@ class LdapPhotoSyncService {
    * changed since the last sync (same MD5), no file or media write occurs.
    */
   public function syncFromLdapEntry(UserInterface $account, Entry $ldapEntry): void {
+    // Usuário sem ID ainda não foi salvo — não é possível gerar URI única.
+    if (!$account->id()) {
+      return;
+    }
+
     $config = $this->configFactory->get('site_users.settings');
 
     if (!$config->get('photos.ldap_sync_enabled')) {
@@ -48,6 +53,11 @@ class LdapPhotoSyncService {
       return;
     }
 
+    $min_size = (int) ($config->get('photos.ldap_min_photo_size') ?? 10240);
+    if ($min_size > 0 && strlen($binary) < $min_size) {
+      return;
+    }
+
     $extension = $this->detectExtension($binary);
     if (!$extension) {
       return;