]> Raphaël G. Git Repositories - airbundle/blobdiff - Controller/UserController.php
Display all user for admin and only organizers for others
[airbundle] / Controller / UserController.php
index 42023d4e5576f2e96693637ba2067a71a8e4765a..7d38c0285dd9ba3092ef63e9b977f8d646733c86 100644 (file)
@@ -4,12 +4,15 @@ namespace Rapsys\AirBundle\Controller;
 
 use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\RequestContext;
 use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
-use Rapsys\AirBundle\Entity\Slot;
-use Rapsys\AirBundle\Entity\Session;
+
+use Rapsys\AirBundle\Entity\Civility;
 use Rapsys\AirBundle\Entity\Location;
-use Rapsys\AirBundle\Entity\User;
+use Rapsys\AirBundle\Entity\Session;
+use Rapsys\AirBundle\Entity\Slot;
 use Rapsys\AirBundle\Entity\Snippet;
+use Rapsys\AirBundle\Entity\User;
 
 class UserController extends DefaultController {
        /**
@@ -25,11 +28,21 @@ class UserController extends DefaultController {
                //Fetch doctrine
                $doctrine = $this->getDoctrine();
 
-               //Set section
-               $section = $this->translator->trans('Libre Air users');
+               //With admin role
+               if ($this->isGranted('ROLE_ADMIN')) {
+                       //Set section
+                       $section = $this->translator->trans('Libre Air users');
 
-               //Set description
-               $this->context['description'] = $this->translator->trans('Libre Air user list');
+                       //Set description
+                       $this->context['description'] = $this->translator->trans('Libre Air user list');
+               //Without admin role
+               } else {
+                       //Set section
+                       $section = $this->translator->trans('Libre Air organizers');
+
+                       //Set description
+                       $this->context['description'] = $this->translator->trans('Libre Air organizers list');
+               }
 
                //Set keywords
                $this->context['keywords'] = [
@@ -57,10 +70,14 @@ class UserController extends DefaultController {
                        )
                );
 
+               //With admin role
+               if ($this->isGranted('ROLE_ADMIN')) {
+                       //Display all users
+                       $this->context['groups'] = $users;
                //Without admin role
-               if (!$this->isGranted('ROLE_ADMIN')) {
-                       //Remove users
-                       unset($users[$this->translator->trans('User')]);
+               } else {
+                       //Only display senior organizers
+                       $this->context['users'] = $users[$this->translator->trans('Senior')];
                }
 
                //Fetch locations
@@ -68,7 +85,7 @@ class UserController extends DefaultController {
                $locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period);
 
                //Render the view
-               return $this->render('@RapsysAir/user/index.html.twig', ['title' => $title, 'section' => $section, 'users' => $users, 'locations' => $locations]+$this->context);
+               return $this->render('@RapsysAir/user/index.html.twig', ['title' => $title, 'section' => $section, 'locations' => $locations]+$this->context);
        }
 
        /**
@@ -90,15 +107,15 @@ class UserController extends DefaultController {
                        throw $this->createNotFoundException($this->translator->trans('Unable to find user: %id%', ['%id%' => $id]));
                }
 
-               //Prevent non admin access to non guest users
-               if (!$this->isGranted('ROLE_ADMIN')) {
-                       //Get user token
-                       $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
+               //Get user token
+               $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
 
-                       //Check if guest access
-                       if (!($isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']))) {
-                               throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %id%', ['%id%' => $id]));
-                       }
+               //Check if guest
+               $isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']);
+
+               //Prevent access when not admin, user is not guest and not currently logged user
+               if (!$this->isGranted('ROLE_ADMIN') && empty($isGuest) && $user != $this->getUser()) {
+                       throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %id%', ['%id%' => $id]));
                }
 
                //Set section
@@ -132,14 +149,121 @@ class UserController extends DefaultController {
 
                //Fetch calendar
                //TODO: highlight with current session route parameter
-               $calendar = $doctrine->getRepository(Session::class)->fetchUserCalendarByDatePeriod($this->translator, $period, $id, $request->get('session'));
+               $calendar = $doctrine->getRepository(Session::class)->fetchUserCalendarByDatePeriod($this->translator, $period, $isGuest?$id:null, $request->get('session'));
 
                //Fetch locations
                //XXX: we want to display all active locations anyway
                $locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period, $id);
 
+               //Create user form for admin or current user
+               if ($this->isGranted('ROLE_ADMIN') || $user == $this->getUser()) {
+                       //Create SnippetType form
+                       $userForm = $this->createForm('Rapsys\AirBundle\Form\RegisterType', $user, [
+                               //Set action
+                               'action' => $this->generateUrl('rapsys_air_user_view', ['id' => $id]),
+                               //Set the form attribute
+                               'attr' => [ 'class' => 'col' ],
+                               //Set civility class
+                               'civility_class' => Civility::class,
+                               //Disable mail
+                               'mail' => $this->isGranted('ROLE_ADMIN'),
+                               //Disable password
+                               'password' => false
+                       ]);
+
+                       //Init user to context
+                       $this->context['forms']['user'] = $userForm->createView();
+
+                       //Check if submitted
+                       if ($request->isMethod('POST')) {
+                               //Refill the fields in case the form is not valid.
+                               $userForm->handleRequest($request);
+
+                               //Handle invalid form
+                               if (!$userForm->isSubmitted() || !$userForm->isValid()) {
+                                       //Render the view
+                                       return $this->render('@RapsysAir/user/view.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'calendar' => $calendar, 'locations' => $locations]+$this->context);
+                               }
+
+                               //Get data
+                               $data = $userForm->getData();
+
+                               //Get manager
+                               $manager = $doctrine->getManager();
+
+                               //Queue snippet save
+                               $manager->persist($data);
+
+                               //Flush to get the ids
+                               $manager->flush();
+
+                               //Add notice
+                               $this->addFlash('notice', $this->translator->trans('User %id% updated', ['%id%' => $id]));
+
+                               //Extract and process referer
+                               if ($referer = $request->headers->get('referer')) {
+                                       //Create referer request instance
+                                       $req = Request::create($referer);
+
+                                       //Get referer path
+                                       $path = $req->getPathInfo();
+
+                                       //Get referer query string
+                                       $query = $req->getQueryString();
+
+                                       //Remove script name
+                                       $path = str_replace($request->getScriptName(), '', $path);
+
+                                       //Try with referer path
+                                       try {
+                                               //Save old context
+                                               $oldContext = $this->router->getContext();
+
+                                               //Force clean context
+                                               //XXX: prevent MethodNotAllowedException because current context method is POST in onevendor/symfony/routing/Matcher/Dumper/CompiledUrlMatcherTrait.php+42
+                                               $this->router->setContext(new RequestContext());
+
+                                               //Retrieve route matching path
+                                               $route = $this->router->match($path);
+
+                                               //Reset context
+                                               $this->router->setContext($oldContext);
+
+                                               //Clear old context
+                                               unset($oldContext);
+
+                                               //Extract name
+                                               $name = $route['_route'];
+
+                                               //Remove route and controller from route defaults
+                                               unset($route['_route'], $route['_controller']);
+
+                                               //Check if user view route
+                                               if ($name == 'rapsys_air_user_view' && !empty($route['id'])) {
+                                                       //Replace id
+                                                       $route['id'] = $data->getId();
+                                               //Other routes
+                                               } else {
+                                                       //Set user
+                                                       $route['user'] = $data->getId();
+                                               }
+
+                                               //Generate url
+                                               return $this->redirectToRoute($name, $route);
+                                       //No route matched
+                                       } catch(MethodNotAllowedException|ResourceNotFoundException $e) {
+                                               //Unset referer to fallback to default route
+                                               unset($referer);
+                                       }
+                               }
+
+                               //Redirect to cleanup the form
+                               return $this->redirectToRoute('rapsys_air', ['user' => $data->getId()]);
+                       }
+               }
+
                //Create snippet forms for role_guest
-               if ($this->isGranted('ROLE_GUEST')) {
+               if ($this->isGranted('ROLE_ADMIN') || ($this->isGranted('ROLE_GUEST') && $user == $this->getUser())) {
                        //Fetch all user snippet
                        $snippets = $doctrine->getRepository(Snippet::class)->findByLocaleUserId($request->getLocale(), $id);
 
@@ -169,23 +293,15 @@ class UserController extends DefaultController {
                                }
 
                                //Create SnippetType form
-                               #$form = $this->createForm('Rapsys\AirBundle\Form\SnippetType', $snippet, [
                                $form = $this->container->get('form.factory')->createNamed('snipped_'.$request->getLocale().'_'.$locationId, 'Rapsys\AirBundle\Form\SnippetType', $snippet, [
                                        //Set the action
-                                       //TODO: voir si on peut pas faire sauter ça ici
                                        'action' =>
                                                !empty($snippet->getId()) ?
                                                $this->generateUrl('rapsys_air_snippet_edit', ['id' => $snippet->getId()]) :
                                                $this->generateUrl('rapsys_air_snippet_add', ['location' => $locationId]),
-                                       #'action' => $this->generateUrl('rapsys_air_snippet_add'),
                                        //Set the form attribute
-                                       'attr' => [],
-                                       //Set csrf_token_id
-                                       //TODO: would maybe need a signature field
-                                       //'csrf_token_id' => $request->getLocale().'_'.$id.'_'.$locationId
+                                       'attr' => []
                                ]);
-                               #return $this->container->get('form.factory')->create($type, $data, $options);
-                               #public function createNamed($name, $type = 'Symfony\Component\Form\Extension\Core\Type\FormType', $data = null, array $options = []);
 
                                //Add form to context
                                $this->context['forms']['snippets'][$locationId] = $form->createView();