X-Git-Url: https://git.rapsys.eu/airbundle/blobdiff_plain/f7265e7a07fe3e7ac3a1df26328700c7f45c1755..2884b5c8b4514b0e1c0dd0449db2af5be32382b6:/Controller/UserController.php
diff --git a/Controller/UserController.php b/Controller/UserController.php
index c78c69b..5010e64 100644
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@@ -1,198 +1,739 @@
-<?php
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of the Rapsys AirBundle package.
+ *
+ * (c) Raphaël Gertz <symfony@rapsys.eu>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
namespace Rapsys\AirBundle\Controller;
+use Doctrine\ORM\EntityManagerInterface;
+use Doctrine\Persistence\ManagerRegistry;
+
+use Google\Client;
+
+use Psr\Container\ContainerInterface;
+use Psr\Log\LoggerInterface;
+
+use Symfony\Bundle\SecurityBundle\Security;
+use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\RequestStack;
use Symfony\Component\HttpFoundation\Response;
-use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
-use Rapsys\AirBundle\Entity\Slot;
-use Rapsys\AirBundle\Entity\Session;
-use Rapsys\AirBundle\Entity\Location;
+use Symfony\Component\Mailer\MailerInterface;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
+use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Symfony\Contracts\Cache\CacheInterface;
+use Symfony\Contracts\Cache\ItemInterface;
+use Symfony\Contracts\Translation\TranslatorInterface;
+
+use Rapsys\UserBundle\Controller\UserController as BaseUserController;
+
+use Rapsys\AirBundle\Entity\Dance;
+use Rapsys\AirBundle\Entity\GoogleCalendar;
+use Rapsys\AirBundle\Entity\GoogleToken;
use Rapsys\AirBundle\Entity\User;
-use Rapsys\AirBundle\Entity\Snippet;
-class UserController extends DefaultController {
+use Rapsys\PackBundle\Util\SluggerUtil;
+
+use Twig\Environment;
+
+/**
+ * {@inheritdoc}
+ */
+class UserController extends BaseUserController {
/**
- * List all users
- *
- * @desc Display all user with a group listed as users
- *
- * @param Request $request The request instance
+ * {@inheritdoc}
*
- * @return Response The rendered view
+ * @param CacheInterface $cache The cache instance
+ * @param AuthorizationCheckerInterface $checker The checker instance
+ * @param ContainerInterface $container The container instance
+ * @param ManagerRegistry $doctrine The doctrine instance
+ * @param FormFactoryInterface $factory The factory instance
+ * @param UserPasswordHasherInterface $hasher The password hasher instance
+ * @param LoggerInterface $logger The logger instance
+ * @param MailerInterface $mailer The mailer instance
+ * @param EntityManagerInterface $manager The manager instance
+ * @param RouterInterface $router The router instance
+ * @param Security $security The security instance
+ * @param SluggerUtil $slugger The slugger instance
+ * @param RequestStack $stack The stack instance
+ * @param TranslatorInterface $translator The translator instance
+ * @param Environment $twig The twig environment instance
+ * @param Client $google The google client instance
+ * @param integer $limit The page limit
*/
- public function index(Request $request): Response {
- //Fetch doctrine
- $doctrine = $this->getDoctrine();
-
- //Set section
- $section = $this->translator->trans('Libre Air users');
-
- //Set description
- $this->context['description'] = $this->translator->trans('Libre Air user list');
-
- //Set keywords
- $this->context['keywords'] = [
- $this->translator->trans('users'),
- $this->translator->trans('user list'),
- $this->translator->trans('listing'),
- $this->translator->trans('Libre Air')
- ];
-
- //Set title
- $title = $this->translator->trans($this->config['site']['title']).' - '.$section;
-
- //Fetch users
- $users = $doctrine->getRepository(User::class)->findUserGroupedByTranslatedGroup($this->translator);
-
- //Compute period
- $period = new \DatePeriod(
- //Start from first monday of week
- new \DateTime('Monday this week'),
- //Iterate on each day
- new \DateInterval('P1D'),
- //End with next sunday and 4 weeks
- new \DateTime(
- $this->isGranted('IS_AUTHENTICATED_REMEMBERED')?'Monday this week + 4 week':'Monday this week + 2 week'
- )
- );
-
- //Without admin role
- if (!$this->isGranted('ROLE_ADMIN')) {
- //Remove users
- unset($users[$this->translator->trans('User')]);
- }
-
- //Fetch locations
- //XXX: we want to display all active locations anyway
- $locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period);
+ public function __construct(protected CacheInterface $cache, protected AuthorizationCheckerInterface $checker, protected ContainerInterface $container, protected ManagerRegistry $doctrine, protected FormFactoryInterface $factory, protected UserPasswordHasherInterface $hasher, protected LoggerInterface $logger, protected MailerInterface $mailer, protected EntityManagerInterface $manager, protected RouterInterface $router, protected Security $security, protected SluggerUtil $slugger, protected RequestStack $stack, protected TranslatorInterface $translator, protected Environment $twig, protected Client $google, protected int $limit = 5) {
+ //Call parent constructor
+ parent::__construct($this->cache, $this->checker, $this->container, $this->doctrine, $this->factory, $this->hasher, $this->logger, $this->mailer, $this->manager, $this->router, $this->security, $this->slugger, $this->stack, $this->translator, $this->twig, $this->limit);
- //Render the view
- return $this->render('@RapsysAir/user/index.html.twig', ['title' => $title, 'section' => $section, 'users' => $users, 'locations' => $locations]+$this->context);
+ //Replace google client redirect uri
+ $this->google->setRedirectUri($this->router->generate($this->google->getRedirectUri(), [], UrlGeneratorInterface::ABSOLUTE_URL));
}
/**
- * List all sessions for the user
- *
- * @desc Display all sessions for the user with an application or login form
- *
- * @param Request $request The request instance
- * @param int $id The user id
- *
- * @return Response The rendered view
+ * {@inheritdoc}
*/
- public function view(Request $request, $id): Response {
- //Fetch doctrine
- $doctrine = $this->getDoctrine();
-
- //Fetch user
- if (empty($user = $doctrine->getRepository(User::class)->findOneById($id))) {
- throw $this->createNotFoundException($this->translator->trans('Unable to find user: %id%', ['%id%' => $id]));
+ public function edit(Request $request, string $hash, string $mail): Response {
+ //With invalid hash
+ if ($hash != $this->slugger->hash($mail)) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
}
- //Prevent non admin access to non guest users
- if (!$this->isGranted('ROLE_ADMIN')) {
- //Get user token
- $token = new UsernamePasswordToken($user, null, 'none', $user->getRoles());
+ //Get mail
+ $mail = $this->slugger->unshort($smail = $mail);
- //Check if guest access
- if (!($isGuest = $this->get('rapsys_user.access_decision_manager')->decide($token, ['ROLE_GUEST']))) {
- throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %id%', ['%id%' => $id]));
- }
+ //With existing subscriber
+ if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+ //Throw not found
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
}
- //Set section
- $section = $user->getPseudonym();
-
- //Set title
- $title = $this->translator->trans($this->config['site']['title']).' - '.$section;
-
- //Set description
- $this->context['description'] = $this->translator->trans('%pseudonym% outdoor Argentine Tango session calendar', [ '%pseudonym%' => $user->getPseudonym() ]);
-
- //Set keywords
- $this->context['keywords'] = [
- $user->getPseudonym(),
- $this->translator->trans('outdoor'),
- $this->translator->trans('Argentine Tango'),
- $this->translator->trans('calendar')
- ];
-
- //Compute period
- $period = new \DatePeriod(
- //Start from first monday of week
- new \DateTime('Monday this week'),
- //Iterate on each day
- new \DateInterval('P1D'),
- //End with next sunday and 4 weeks
- new \DateTime(
- $this->isGranted('IS_AUTHENTICATED_REMEMBERED')?'Monday this week + 4 week':'Monday this week + 2 week'
- )
- );
+ //Prevent access when not admin, user is not guest and not currently logged user
+ if (!$this->checker->isGranted('ROLE_ADMIN') && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) {
+ //Throw access denied
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail]));
+ }
- //Fetch calendar
- //TODO: highlight with current session route parameter
- $calendar = $doctrine->getRepository(Session::class)->fetchUserCalendarByDatePeriod($this->translator, $period, $id, $request->get('session'));
+ //Create the RegisterType form and give the proper parameters
+ $edit = $this->factory->create($this->config['edit']['view']['edit'], $user, [
+ //Set action to register route name and context
+ 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $hash]+$this->config['route']['edit']['context']),
+ //Set civility class
+ 'civility_class' => $this->config['class']['civility'],
+ //Set civility default
+ 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
+ //Set country class
+ 'country_class' => $this->config['class']['country'],
+ //Set country default
+ 'country_default' => $this->doctrine->getRepository($this->config['class']['country'])->findOneByTitle($this->config['default']['country']),
+ //Set country favorites
+ 'country_favorites' => $this->doctrine->getRepository($this->config['class']['country'])->findByTitle($this->config['default']['country_favorites']),
+ //Set dance
+ 'dance' => $this->checker->isGranted('ROLE_ADMIN'),
+ //Set dance choices
+ 'dance_choices' => $danceChoices = $this->doctrine->getRepository($this->config['class']['dance'])->findChoicesAsArray(),
+ //Set dance default
+ #'dance_default' => /*$this->doctrine->getRepository($this->config['class']['dance'])->findOneByNameType($this->config['default']['dance'])*/null,
+ //Set dance favorites
+ 'dance_favorites' => $this->doctrine->getRepository($this->config['class']['dance'])->findIdByNameTypeAsArray($this->config['default']['dance_favorites']),
+ //Set subscription
+ 'subscription' => $this->checker->isGranted('ROLE_ADMIN'),
+ //Set subscription choices
+ 'subscription_choices' => $subscriptionChoices = $this->doctrine->getRepository($this->config['class']['user'])->findChoicesAsArray(),
+ //Set subscription default
+ #'subscription_default' => /*$this->doctrine->getRepository($this->config['class']['user'])->findOneByPseudonym($this->config['default']['subscription'])*/null,
+ //Set subscription favorites
+ 'subscription_favorites' => $this->doctrine->getRepository($this->config['class']['user'])->findIdByPseudonymAsArray($this->config['default']['subscription_favorites']),
+ //Disable mail
+ 'mail' => $this->checker->isGranted('ROLE_ADMIN'),
+ //Disable pseudonym
+ 'pseudonym' => $this->checker->isGranted('ROLE_GUEST'),
+ //Disable password
+ 'password' => false,
+ //Set method
+ 'method' => 'POST'
+ ]+$this->config['edit']['field']);
+
+ //With admin role
+ if ($this->checker->isGranted('ROLE_ADMIN')) {
+ //Create the ResetType form and give the proper parameters
+ $reset = $this->factory->create($this->config['edit']['view']['reset'], $user, [
+ //Set action to register route name and context
+ 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $hash]+$this->config['route']['edit']['context']),
+ //Disable mail
+ 'mail' => false,
+ //Set method
+ 'method' => 'POST'
+ ]);
+
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $reset->handleRequest($request);
+
+ //With reset submitted and valid
+ if ($reset->isSubmitted() && $reset->isValid()) {
+ //Set data
+ $data = $reset->getData();
+
+ //Set password
+ $data->setPassword($this->hasher->hashPassword($data, $data->getPassword()));
+
+ //Queue user password save
+ $this->manager->persist($data);
+
+ //Flush to get the ids
+ $this->manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail]));
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $hash]+$this->config['route']['edit']['context']);
+ }
+ }
- //Fetch locations
- //XXX: we want to display all active locations anyway
- $locations = $doctrine->getRepository(Location::class)->findTranslatedSortedByPeriod($this->translator, $period, $id);
+ //Add reset view
+ $this->config['edit']['view']['context']['reset'] = $reset->createView();
+
+ //Add google calendar array
+ $this->config['edit']['view']['context']['calendar'] = [
+ //Form by mail
+ 'form' => [],
+ //Uri to link account
+ 'link' => null,
+ //Logo
+ 'logo' => [
+ 'png' => '@RapsysAir/png/calendar.png',
+ 'svg' => '@RapsysAir/svg/calendar.svg'
+ ]
+ ];
+
+ //Set login hint
+ $this->google->setLoginHint($user->getMail());
+
+ //With user tokens
+ if (!($googleTokens = $user->getGoogleTokens())->isEmpty()) {
+ //Iterate on each google token
+ //XXX: either we finish with a valid token set or a logic exception after token removal
+ foreach($googleTokens as $googleToken) {
+ //Clear client cache before changing access token
+ //TODO: set a per token cache ?
+ $this->google->getCache()->clear();
+
+ //Set access token
+ $this->google->setAccessToken(
+ [
+ 'access_token' => $googleToken->getAccess(),
+ 'refresh_token' => $googleToken->getRefresh(),
+ 'created' => $googleToken->getCreated()->getTimestamp(),
+ 'expires_in' => $googleToken->getExpired()->getTimestamp() - (new \DateTime('now'))->getTimestamp(),
+ ]
+ );
+
+ //With expired token
+ if ($this->google->isAccessTokenExpired()) {
+ //Refresh token
+ if (($refresh = $this->google->getRefreshToken()) && ($token = $this->google->fetchAccessTokenWithRefreshToken($refresh)) && empty($token['error'])) {
+ //Set access token
+ $googleToken->setAccess($token['access_token']);
+
+ //Set expires
+ $googleToken->setExpired(new \DateTime('+'.$token['expires_in'].' second'));
+
+ //Set refresh
+ $googleToken->setRefresh($token['refresh_token']);
+
+ //Queue google token save
+ $this->manager->persist($googleToken);
+
+ //Flush to get the ids
+ $this->manager->flush();
+ //Refresh failed
+ } else {
+ //Add error in flash message
+ $this->addFlash(
+ 'error',
+ $this->translator->trans(
+ empty($token['error'])?'Unable to refresh token':'Unable to refresh token: %error%',
+ empty($token['error'])?[]:['%error%' => str_replace('_', ' ', $token['error'])]
+ )
+ );
+
+ //Set calendar mails
+ $cmails = [];
+
+ //Iterate on each google token calendars
+ foreach($googleToken->getGoogleCalendars() as $googleCalendar) {
+ //Add calendar mail
+ $cmails[] = $googleCalendar->getMail();
+
+ //Remove google token calendar
+ $this->manager->remove($googleCalendar);
+ }
+
+ //Log unlinked google token infos
+ $this->logger->emergency(
+ $this->translator->trans(
+ 'expired: mail=%mail% gmail=%gmail% cmails=%cmails% locale=%locale%',
+ [
+ '%mail%' => $googleToken->getUser()->getMail(),
+ '%gmail%' => $googleToken->getMail(),
+ '%cmails' => implode(',', $cmails),
+ '%locale%' => $request->getLocale()
+ ]
+ )
+ );
+
+ //Remove google token
+ $this->manager->remove($googleToken);
+
+ //Flush to delete it
+ $this->manager->flush();
+
+ //TODO: warn user by mail ?
+
+ //Skip to next token
+ continue;
+ }
+ }
+
+ //XXX: TODO: remove DEBUG
+ #$this->cache->delete('user.edit.calendar.'.$this->slugger->short($googleToken->getMail()));
+
+ //Retrieve calendar
+ try {
+ //Get calendars
+ $calendars = $this->cache->get(
+ //Set key to user.edit.$mail
+ ($calendarKey = 'user.edit.calendar.'.($googleShortMail = $this->slugger->short($googleMail = $googleToken->getMail()))),
+ //Fetch mail calendar list
+ function (ItemInterface $item): array {
+ //Expire after 1h
+ $item->expiresAfter(3600);
+
+ //Get google calendar service
+ $service = new \Google\Service\Calendar($this->google);
+
+ //Init calendars
+ $calendars = [];
+
+ //Init counter
+ $count = 0;
+
+ //Set page token
+ $pageToken = null;
+
+ //Iterate until next page token is null
+ do {
+ //Get token calendar list
+ //XXX: require permission to read and write events
+ $calendarList = $service->calendarList->listCalendarList(['pageToken' => $pageToken, 'minAccessRole' => 'writer', 'showHidden' => true]);
+
+ //Iterate on items
+ foreach($calendarList->getItems() as $calendarItem) {
+ //With primary calendar
+ if ($calendarItem->getPrimary()) {
+ //Add primary calendar
+ //XXX: use primary as key as described in google api documentation
+ $calendars = ['primary' => $this->translator->trans('Primary') /*$calendarItem->getSummary()*/] + $calendars;
+ //With secondary calendar
+ } else {
+ //Add secondary calendar
+ //XXX: Append counter to make sure summary is unique for later array_flip call
+ $calendars += [$calendarItem->getId() => $calendarItem->getSummary().' ('.++$count.')'];
+ }
+ }
+ } while ($pageToken = $calendarList->getNextPageToken());
+
+ //Cache calendars
+ return $calendars;
+ }
+ );
+ //Catch exception
+ } catch(\Google\Service\Exception $e) {
+ //With 401 or code
+ //XXX: see https://cloud.google.com/apis/design/errors
+ if ($e->getCode() == 401 || $e->getCode() == 403) {
+ //Add error in flash message
+ $this->addFlash(
+ 'error',
+ $this->translator->trans(
+ 'Unable to list calendars: %error%',
+ ['%error%' => $e->getMessage()]
+ )
+ );
+
+ //Set calendar mails
+ $cmails = [];
+
+ //Iterate on each google token calendars
+ foreach($googleToken->getGoogleCalendars() as $googleCalendar) {
+ //Add calendar mail
+ $cmails[] = $googleCalendar->getMail();
+
+ //Remove google token calendar
+ $this->manager->remove($googleCalendar);
+ }
+
+ //Log unlinked google token infos
+ $this->logger->emergency(
+ $this->translator->trans(
+ 'denied: mail=%mail% gmail=%gmail% cmails=%cmails% locale=%locale%',
+ [
+ '%mail%' => $googleToken->getUser()->getMail(),
+ '%gmail%' => $googleToken->getMail(),
+ '%cmails' => implode(',', $cmails),
+ '%locale%' => $request->getLocale()
+ ]
+ )
+ );
+
+ //Remove google token
+ $this->manager->remove($googleToken);
+
+ //Flush to delete it
+ $this->manager->flush();
+
+ //TODO: warn user by mail ?
+
+ //Skip to next token
+ continue;
+ }
+
+ //Throw error
+ throw new \LogicException('Calendar list failed', 0, $e);
+ }
+
+ //Set formData array
+ $formData = ['calendar' => []];
+
+ //With google calendars
+ if (!($googleCalendars = $googleToken->getGoogleCalendars())->isEmpty()) {
+ //Iterate on each google calendars
+ foreach($googleCalendars as $googleCalendar) {
+ //With existing google calendar
+ if (isset($calendars[$googleCalendar->getMail()])) {
+ //Add google calendar to form data
+ $formData['calendar'][] = $googleCalendar->getMail();
+ } else {
+ //Remove google calendar from database
+ $this->manager->remove($googleCalendar);
+
+ //Flush to persist ids
+ $this->manager->flush();
+ }
+ }
+ }
+
+ //TODO: add feature for alerts (-30min/-1h) ?
+ //TODO: [Direct link to calendar ?][Direct link to calendar settings ?][Alerts][Remove]
+
+ //Create the CalendarType form and give the proper parameters
+ $form = $this->factory->createNamed('calendar_'.$googleShortMail, 'Rapsys\AirBundle\Form\CalendarType', $formData, [
+ //Set action to register route name and context
+ 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $hash]+$this->config['route']['edit']['context']),
+ //Set calendar choices
+ //XXX: unique calendar summary required by choice widget is guaranteed by appending ' (x)' to secondary calendars earlier
+ 'calendar_choices' => array_flip($calendars),
+ //Set method
+ 'method' => 'POST'
+ ]);
+
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $form->handleRequest($request);
+
+ //With reset submitted and valid
+ if ($form->isSubmitted() && $form->isValid()) {
+ //Set data
+ $data = $form->getData();
+
+ //Refresh button
+ if (($clicked = $form->getClickedButton()->getName()) == 'refresh') {
+ //Remove calendar key
+ $this->cache->delete($calendarKey);
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% calendars updated', ['%mail%' => $googleMail]));
+ //Add button
+ } elseif ($clicked == 'add') {
+ //Get google calendar service
+ $service = new \Google\Service\Calendar($this->google);
+
+ //Add calendar
+ try {
+ //Instantiate calendar
+ $calendar = new \Google\Service\Calendar\Calendar(
+ [
+ 'summary' => $this->translator->trans($this->config['context']['site']['title']),
+ 'timeZone' => date_default_timezone_get()
+ ]
+ );
+
+ //Insert calendar
+ $service->calendars->insert($calendar);
+ //Catch exception
+ } catch(\Google\Service\Exception $e) {
+ //Throw error
+ throw new \LogicException('Calendar insert failed', 0, $e);
+ }
+
+ //Remove calendar key
+ $this->cache->delete($calendarKey);
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% calendar added', ['%mail%' => $googleMail]));
+ //Delete button
+ } elseif ($clicked == 'delete') {
+ //Get google calendar service
+ $service = new \Google\Service\Calendar($this->google);
+
+ //Remove calendar
+ try {
+ //Set site title
+ $siteTitle = $this->translator->trans($this->config['context']['site']['title']);
+
+ //Iterate on calendars
+ foreach($calendars as $calendarId => $calendarSummary) {
+ //With calendar matching site title
+ if (substr($calendarSummary, 0, strlen($siteTitle)) == $siteTitle) {
+ //Delete the calendar
+ $service->calendars->delete($calendarId);
+ }
+ }
+ //Catch exception
+ } catch(\Google\Service\Exception $e) {
+ //Throw error
+ throw new \LogicException('Calendar delete failed', 0, $e);
+ }
+
+ //Remove calendar key
+ $this->cache->delete($calendarKey);
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% calendars deleted', ['%mail%' => $googleMail]));
+ //Unlink button
+ } elseif ($clicked == 'unlink') {
+ //Iterate on each google calendars
+ foreach($googleCalendars as $googleCalendar) {
+ //Remove google calendar from database
+ $this->manager->remove($googleCalendar);
+ }
+
+ //Remove google token from database
+ $this->manager->remove($googleToken);
+
+ //Flush to persist
+ $this->manager->flush();
+
+ //Revoke access token
+ $this->google->revokeToken($googleToken->getAccess());
+
+ //With refresh token
+ if ($refresh = $googleToken->getRefresh()) {
+ //Revoke refresh token
+ $this->google->revokeToken($googleToken->getRefresh());
+ }
+
+ //Remove calendar key
+ $this->cache->delete($calendarKey);
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% calendars unlinked', ['%mail%' => $googleMail]));
+ //Submit button
+ } else {
+ //Flipped calendar data
+ $dataCalendarFlip = array_flip($data['calendar']);
+
+ //Iterate on each google calendars
+ foreach($googleCalendars as $googleCalendar) {
+ //Without calendar in flipped data
+ if (!isset($dataCalendarFlip[$googleCalendarMail = $googleCalendar->getMail()])) {
+ //Remove google calendar from database
+ $this->manager->remove($googleCalendar);
+ //With calendar in flipped data
+ } else {
+ //Remove google calendar from calendar data
+ unset($data['calendar'][$dataCalendarFlip[$googleCalendarMail]]);
+ }
+ }
+
+ //Iterate on remaining calendar data
+ foreach($data['calendar'] as $googleCalendarMail) {
+ //Create new google calendar
+ //XXX: remove trailing ' (x)' from summary
+ $googleCalendar = new GoogleCalendar($googleToken, $googleCalendarMail, preg_replace('/ \([0-9]\)$/', '', $calendars[$googleCalendarMail]));
+
+ //Queue google calendar save
+ $this->manager->persist($googleCalendar);
+ }
+
+ //Flush to persist ids
+ $this->manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% calendars updated', ['%mail%' => $googleMail]));
+ }
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $hash]+$this->config['route']['edit']['context']);
+ }
+ }
+
+ //Add form view
+ $this->config['edit']['view']['context']['calendar']['form'][$googleToken->getMail()] = $form->createView();
+ }
+ }
- //Create snippet forms for role_guest
- if ($this->isGranted('ROLE_GUEST')) {
- //Fetch all user snippet
- $snippets = $doctrine->getRepository(Snippet::class)->findByLocaleUserId($request->getLocale(), $id);
+ //Add google calendar auth url
+ $this->config['edit']['view']['context']['calendar']['link'] = $this->google->createAuthUrl();
+ }
- //Rekey by location id
- $snippets = array_reduce($snippets, function($carry, $item){$carry[$item->getLocation()->getId()] = $item; return $carry;}, []);
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $edit->handleRequest($request);
+
+ //With edit submitted and valid
+ if ($edit->isSubmitted() && $edit->isValid()) {
+ //Set data
+ $data = $edit->getData();
+
+ //Queue user save
+ $this->manager->persist($data);
+
+ //Try saving in database
+ try {
+ //Flush to get the ids
+ $this->manager->flush();
+
+ //Add notice
+ //XXX: get mail from data as it may change
+ $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()]));
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+ //Catch double slug or mail
+ } catch (UniqueConstraintViolationException $e) {
+ //Add error message mail already exists
+ $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $data->getMail()]));
+ }
+ }
+ //Without admin role
+ //XXX: prefer a reset on login to force user unspam action
+ } elseif (!$this->checker->isGranted('ROLE_ADMIN')) {
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
+ }
- //Init snippets to context
- $this->context['forms']['snippets'] = [];
+ //Render view
+ return $this->render(
+ //Template
+ $this->config['edit']['view']['name'],
+ //Context
+ ['edit' => $edit->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
+ );
+ }
- //Iterate on locations
- foreach($locations as $locationId => $location) {
- //Init snippet
- $snippet = new Snippet();
+ /**
+ * Handle google callback
+ *
+ * @param Request $request The request
+ * @return Response The response
+ */
+ public function googleCallback(Request $request): Response {
+ //Without code
+ if (empty($code = $request->query->get('code', ''))) {
+ throw new \InvalidArgumentException('Query parameter code is empty');
+ }
- //Set default locale
- $snippet->setLocale($request->getLocale());
+ //Without user
+ if (empty($user = $this->security->getUser())) {
+ throw new \LogicException('User is empty');
+ }
- //Set default user
- $snippet->setUser($user);
+ //Set google client login hint
+ $this->google->setLoginHint($user->getMail());
+
+ //Set google client scopes
+ $googleScopes = [\Google\Service\Calendar::CALENDAR_EVENTS, \Google\Service\Calendar::CALENDAR, \Google\Service\Oauth2::USERINFO_EMAIL];
+
+ //Protect to extract failure
+ try {
+ //Authenticate with code
+ if (!empty($token = $this->google->authenticate($code))) {
+ //With error
+ if (!empty($token['error'])) {
+ throw new \LogicException('Client authenticate failed: '.str_replace('_', ' ', $token['error']));
+ //Without refresh token
+ } elseif (empty($token['refresh_token'])) {
+ throw new \LogicException('Refresh token is empty');
+ //Without expires in
+ } elseif (empty($token['expires_in'])) {
+ throw new \LogicException('Expires in is empty');
+ //Without scope
+ } elseif (empty($token['scope'])) {
+ throw new \LogicException('Scope in is empty');
+ //Without valid scope
+ } elseif (array_intersect($googleScopes, explode(' ', $token['scope'])) != $googleScopes) {
+ throw new \LogicException('Scope in is not valid');
+ }
- //Set default location
- $snippet->setLocation($doctrine->getRepository(Location::class)->findOneById($locationId));
+ //Get Oauth2 object
+ $oauth2 = new \Google\Service\Oauth2($this->google);
+
+ //Protect user info get call
+ try {
+ //Retrieve user info
+ $userInfo = $oauth2->userinfo->get();
+ //Catch exception
+ } catch(\Google\Service\Exception $e) {
+ //Throw error
+ throw new \LogicException('Userinfo get failed', 0, $e);
+ }
- //Get snippet
- if (!empty($snippets[$locationId])) {
- $snippet = $snippets[$locationId];
+ //With existing token
+ if (
+ //If available retrieve google token with matching mail
+ $googleToken = array_reduce(
+ $user->getGoogleTokens()->getValues(),
+ function ($c, $i) use ($userInfo) {
+ if ($i->getMail() == $userInfo['email']) {
+ return $i;
+ }
+ }
+ )
+ ) {
+ //Set mail
+ //XXX: TODO: should already be set and not change, remove ?
+ //XXX: TODO: store picture as well ?
+ $googleToken->setMail($userInfo['email']);
+
+ //Set access token
+ $googleToken->setAccess($token['access_token']);
+
+ //Set expires
+ $googleToken->setExpired(new \DateTime('+'.$token['expires_in'].' second'));
+
+ //Set refresh
+ $googleToken->setRefresh($token['refresh_token']);
+ } else {
+ //Create new token
+ //XXX: TODO: store picture as well ?
+ $googleToken = new GoogleToken($user, $userInfo['email'], $token['access_token'], new \DateTime('+'.$token['expires_in'].' second'), $token['refresh_token']);
}
- //Create SnippetType form
- #$form = $this->createForm('Rapsys\AirBundle\Form\SnippetType', $snippet, [
- $form = $this->container->get('form.factory')->createNamed('snipped_'.$request->getLocale().'_'.$locationId, 'Rapsys\AirBundle\Form\SnippetType', $snippet, [
- //Set the action
- //TODO: voir si on peut pas faire sauter ça ici
- 'action' =>
- !empty($snippet->getId()) ?
- $this->generateUrl('rapsys_air_snippet_edit', ['id' => $snippet->getId()]) :
- $this->generateUrl('rapsys_air_snippet_add', ['location' => $locationId]),
- #'action' => $this->generateUrl('rapsys_air_snippet_add'),
- //Set the form attribute
- 'attr' => [],
- //Set csrf_token_id
- //TODO: would maybe need a signature field
- //'csrf_token_id' => $request->getLocale().'_'.$id.'_'.$locationId
- ]);
- #return $this->container->get('form.factory')->create($type, $data, $options);
- #public function createNamed($name, $type = 'Symfony\Component\Form\Extension\Core\Type\FormType', $data = null, array $options = []);
-
- //Add form to context
- $this->context['forms']['snippets'][$locationId] = $form->createView();
+ //Queue google token save
+ $this->manager->persist($googleToken);
+
+ //Flush to get the ids
+ $this->manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% google token updated', ['%mail%' => $user->getMail()]));
+ //With failed authenticate
+ } else {
+ throw new \LogicException('Client authenticate failed');
}
+ //Catch exception
+ } catch(\Exception $e) {
+ //Add notice
+ $this->addFlash('error', $this->translator->trans('Account %mail% google token rejected: %error%', ['%mail%' => $user->getMail(), '%error%' => $e->getMessage()]));
}
- //Render the view
- return $this->render('@RapsysAir/user/view.html.twig', ['id' => $id, 'title' => $title, 'section' => $section, 'calendar' => $calendar, 'locations' => $locations]+$this->context);
+ //Redirect to user
+ return $this->redirectToRoute('rapsysuser_edit', ['mail' => $short = $this->slugger->short($user->getMail()), 'hash' => $this->slugger->hash($short)]);
}
}