X-Git-Url: https://git.rapsys.eu/airbundle/blobdiff_plain/46821e617bffafd12f7d73d9ba47cc021604e9b2..672a568871fb5f23f6653d94226b98efbbe93ef5:/Controller/UserController.php?ds=sidebyside
diff --git a/Controller/UserController.php b/Controller/UserController.php
index 42023d4..3ed64c7 100644
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@@ -4,12 +4,15 @@ namespace Rapsys\AirBundle\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\Routing\RequestContext;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
-use Rapsys\AirBundle\Entity\Slot;
-use Rapsys\AirBundle\Entity\Session;
+
+use Rapsys\AirBundle\Entity\Civility;
use Rapsys\AirBundle\Entity\Location;
-use Rapsys\AirBundle\Entity\User;
+use Rapsys\AirBundle\Entity\Session;
+use Rapsys\AirBundle\Entity\Slot;
use Rapsys\AirBundle\Entity\Snippet;
+use Rapsys\AirBundle\Entity\User;
class UserController extends DefaultController {
/**
@@ -25,11 +28,21 @@ class UserController extends DefaultController {
//Fetch doctrine
$doctrine = $this->getDoctrine();
- //Set section
- $section = $this->translator->trans('Libre Air users');
+ //With admin role
+ if ($this->isGranted('ROLE_ADMIN')) {
+ //Set section
+ $section = $this->translator->trans('Libre Air users');
- //Set description
- $this->context['description'] = $this->translator->trans('Libre Air user list');
+ //Set description
+ $this->context['description'] = $this->translator->trans('Libre Air user list');
+ //Without admin role
+ } else {
+ //Set section
+ $section = $this->translator->trans('Libre Air organizers');
+
+ //Set description
+ $this->context['description'] = $this->translator->trans('Libre Air organizers list');
+ }
//Set keywords
$this->context['keywords'] = [
@@ -57,10 +70,14 @@ class UserController extends DefaultController {
)
);
+ //With admin role
+ if ($this->isGranted('ROLE_ADMIN')) {
+ //Display all users
+ $this->context['groups'] = $users;
//Without admin role
- if (!$this->isGranted('ROLE_ADMIN')) {
- //Remove users
- unset($users[$this->translator->trans('User')]);
+ } else {
+ //Only display senior organizers
+ $this->context['users'] = $users[$this->translator->trans('Senior')];
}
//Fetch locations
@@ -68,7 +85,7 @@ class UserController extends DefaultController {
$locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period);
//Render the view
- return $this->render('@RapsysAir/user/index.html.twig', ['title' => $title, 'section' => $section, 'users' => $users, 'locations' => $locations]+$this->context);
+ return $this->render('@RapsysAir/user/index.html.twig', ['title' => $title, 'section' => $section, 'locations' => $locations]+$this->context);
}
/**
@@ -90,15 +107,15 @@ class UserController extends DefaultController {
throw $this->createNotFoundException($this->translator->trans('Unable to find user: %id%', ['%id%' => $id]));
}
- //Prevent non admin access to non guest users
- if (!$this->isGranted('ROLE_ADMIN')) {
- //Get user token
- $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
+ //Get user token
+ $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
- //Check if guest access
- if (!($isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']))) {
- throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %id%', ['%id%' => $id]));
- }
+ //Check if guest
+ $isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']);
+
+ //Prevent access when not admin, user is not guest and not currently logged user
+ if (!$this->isGranted('ROLE_ADMIN') && empty($isGuest) && $user != $this->getUser()) {
+ throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %id%', ['%id%' => $id]));
}
//Set section
@@ -132,14 +149,121 @@ class UserController extends DefaultController {
//Fetch calendar
//TODO: highlight with current session route parameter
- $calendar = $doctrine->getRepository(Session::class)->fetchUserCalendarByDatePeriod($this->translator, $period, $id, $request->get('session'));
+ $calendar = $doctrine->getRepository(Session::class)->fetchUserCalendarByDatePeriod($this->translator, $period, $isGuest?$id:null, $request->get('session'), $request->getLocale());
//Fetch locations
//XXX: we want to display all active locations anyway
$locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period, $id);
+ //Create user form for admin or current user
+ if ($this->isGranted('ROLE_ADMIN') || $user == $this->getUser()) {
+ //Create SnippetType form
+ $userForm = $this->createForm('Rapsys\AirBundle\Form\RegisterType', $user, [
+ //Set action
+ 'action' => $this->generateUrl('rapsys_air_user_view', ['id' => $id]),
+ //Set the form attribute
+ 'attr' => [ 'class' => 'col' ],
+ //Set civility class
+ 'civility_class' => Civility::class,
+ //Disable mail
+ 'mail' => $this->isGranted('ROLE_ADMIN'),
+ //Disable password
+ 'password' => false
+ ]);
+
+ //Init user to context
+ $this->context['forms']['user'] = $userForm->createView();
+
+ //Check if submitted
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $userForm->handleRequest($request);
+
+ //Handle invalid form
+ if (!$userForm->isSubmitted() || !$userForm->isValid()) {
+ //Render the view
+ return $this->render('@RapsysAir/user/view.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'calendar' => $calendar, 'locations' => $locations]+$this->context);
+ }
+
+ //Get data
+ $data = $userForm->getData();
+
+ //Get manager
+ $manager = $doctrine->getManager();
+
+ //Queue snippet save
+ $manager->persist($data);
+
+ //Flush to get the ids
+ $manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('User %id% updated', ['%id%' => $id]));
+
+ //Extract and process referer
+ if ($referer = $request->headers->get('referer')) {
+ //Create referer request instance
+ $req = Request::create($referer);
+
+ //Get referer path
+ $path = $req->getPathInfo();
+
+ //Get referer query string
+ $query = $req->getQueryString();
+
+ //Remove script name
+ $path = str_replace($request->getScriptName(), '', $path);
+
+ //Try with referer path
+ try {
+ //Save old context
+ $oldContext = $this->router->getContext();
+
+ //Force clean context
+ //XXX: prevent MethodNotAllowedException because current context method is POST in onevendor/symfony/routing/Matcher/Dumper/CompiledUrlMatcherTrait.php+42
+ $this->router->setContext(new RequestContext());
+
+ //Retrieve route matching path
+ $route = $this->router->match($path);
+
+ //Reset context
+ $this->router->setContext($oldContext);
+
+ //Clear old context
+ unset($oldContext);
+
+ //Extract name
+ $name = $route['_route'];
+
+ //Remove route and controller from route defaults
+ unset($route['_route'], $route['_controller']);
+
+ //Check if user view route
+ if ($name == 'rapsys_air_user_view' && !empty($route['id'])) {
+ //Replace id
+ $route['id'] = $data->getId();
+ //Other routes
+ } else {
+ //Set user
+ $route['user'] = $data->getId();
+ }
+
+ //Generate url
+ return $this->redirectToRoute($name, $route);
+ //No route matched
+ } catch(MethodNotAllowedException|ResourceNotFoundException $e) {
+ //Unset referer to fallback to default route
+ unset($referer);
+ }
+ }
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute('rapsys_air', ['user' => $data->getId()]);
+ }
+ }
+
//Create snippet forms for role_guest
- if ($this->isGranted('ROLE_GUEST')) {
+ if ($this->isGranted('ROLE_ADMIN') || ($this->isGranted('ROLE_GUEST') && $user == $this->getUser())) {
//Fetch all user snippet
$snippets = $doctrine->getRepository(Snippet::class)->findByLocaleUserId($request->getLocale(), $id);
@@ -169,23 +293,15 @@ class UserController extends DefaultController {
}
//Create SnippetType form
- #$form = $this->createForm('Rapsys\AirBundle\Form\SnippetType', $snippet, [
$form = $this->container->get('form.factory')->createNamed('snipped_'.$request->getLocale().'_'.$locationId, 'Rapsys\AirBundle\Form\SnippetType', $snippet, [
//Set the action
- //TODO: voir si on peut pas faire sauter ça ici
'action' =>
!empty($snippet->getId()) ?
$this->generateUrl('rapsys_air_snippet_edit', ['id' => $snippet->getId()]) :
$this->generateUrl('rapsys_air_snippet_add', ['location' => $locationId]),
- #'action' => $this->generateUrl('rapsys_air_snippet_add'),
//Set the form attribute
- 'attr' => [],
- //Set csrf_token_id
- //TODO: would maybe need a signature field
- //'csrf_token_id' => $request->getLocale().'_'.$id.'_'.$locationId
+ 'attr' => []
]);
- #return $this->container->get('form.factory')->create($type, $data, $options);
- #public function createNamed($name, $type = 'Symfony\Component\Form\Extension\Core\Type\FormType', $data = null, array $options = []);
//Add form to context
$this->context['forms']['snippets'][$locationId] = $form->createView();