]> Raphaƫl G. Git Repositories - userbundle/blobdiff - Controller/AbstractController.php
Remove mail and hash possible leak from failure_path context
[userbundle] / Controller / AbstractController.php
index 19e4782884271e4e084b38070d34cba0ebf543bf..d6f34a2936c475a3296d6d7fc2cb5d83937cb8eb 100644 (file)
@@ -16,13 +16,17 @@ use Doctrine\Persistence\ManagerRegistry;
 use Psr\Log\LoggerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController as BaseAbstractController;
 use Symfony\Bundle\FrameworkBundle\Controller\ControllerTrait;
 use Psr\Log\LoggerInterface;
 use Symfony\Bundle\FrameworkBundle\Controller\AbstractController as BaseAbstractController;
 use Symfony\Bundle\FrameworkBundle\Controller\ControllerTrait;
+use Symfony\Bundle\SecurityBundle\Security;
 use Symfony\Component\DependencyInjection\ContainerInterface;
 use Symfony\Component\DependencyInjection\ContainerInterface;
+use Symfony\Component\HttpFoundation\Request;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Routing\RouterInterface;
 use Symfony\Component\HttpFoundation\RequestStack;
 use Symfony\Component\HttpFoundation\Response;
 use Symfony\Component\Mailer\MailerInterface;
 use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
 use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
 use Symfony\Component\Routing\RouterInterface;
+use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
+use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Contracts\Service\ServiceSubscriberInterface;
 use Symfony\Contracts\Translation\TranslatorInterface;
 use Twig\Environment;
 use Symfony\Contracts\Service\ServiceSubscriberInterface;
 use Symfony\Contracts\Translation\TranslatorInterface;
 use Twig\Environment;
@@ -37,45 +41,95 @@ use Rapsys\UserBundle\RapsysUserBundle;
  * {@inheritdoc}
  */
 abstract class AbstractController extends BaseAbstractController implements ServiceSubscriberInterface {
  * {@inheritdoc}
  */
 abstract class AbstractController extends BaseAbstractController implements ServiceSubscriberInterface {
-       ///Config array
+       /**
+        * Config array
+        */
        protected array $config;
 
        protected array $config;
 
-       ///Context array
+       /**
+        * Context array
+        */
        protected array $context;
 
        protected array $context;
 
-       ///ManagerRegistry
+       /**
+        * Limit integer
+        */
+       protected int $limit;
+
+       /**
+        * Locale string
+        */
+       protected string $locale;
+
+       /**
+        * Page integer
+        */
+       protected int $page;
+
+       /**
+        * AuthorizationCheckerInterface instance
+        */
+       protected AuthorizationCheckerInterface $checker;
+
+       /**
+        * ManagerRegistry instance
+        */
        protected ManagerRegistry $doctrine;
 
        protected ManagerRegistry $doctrine;
 
-       ///UserPasswordHasherInterface
+       /**
+        * UserPasswordHasherInterface instance
+        */
        protected UserPasswordHasherInterface $hasher;
 
        protected UserPasswordHasherInterface $hasher;
 
-       ///LoggerInterface
+       /**
+        * LoggerInterface instance
+        */
        protected LoggerInterface $logger;
 
        protected LoggerInterface $logger;
 
-       ///MailerInterface
+       /**
+        * MailerInterface instance
+        */
        protected MailerInterface $mailer;
 
        protected MailerInterface $mailer;
 
-       ///EntityManagerInterface
+       /**
+        * EntityManagerInterface instance
+        */
        protected EntityManagerInterface $manager;
 
        protected EntityManagerInterface $manager;
 
-       ///Router instance
+       /**
+        * Request instance
+        */
+       protected Request $request;
+
+       /**
+        * Router instance
+        */
        protected RouterInterface $router;
 
        protected RouterInterface $router;
 
-       ///Slugger util
+       /**
+        * Security instance
+        */
+       protected Security $security;
+
+       /**
+        * Slugger util instance
+        */
        protected SluggerUtil $slugger;
 
        protected SluggerUtil $slugger;
 
-       ///Translator instance
+       /**
+        * Translator instance
+        */
        protected TranslatorInterface $translator;
 
        protected TranslatorInterface $translator;
 
-       ///Twig\Environment instance
+       /**
+        * Twig\Environment instance
+        */
        protected Environment $twig;
 
        protected Environment $twig;
 
-       ///Locale
-       protected string $locale;
-
        /**
         * Abstract constructor
         *
        /**
         * Abstract constructor
         *
+        * @param AuthorizationCheckerInterface $checker The checker instance
         * @param ContainerInterface $container The container instance
         * @param ManagerRegistry $doctrine The doctrine instance
         * @param UserPasswordHasherInterface $hasher The password hasher instance
         * @param ContainerInterface $container The container instance
         * @param ManagerRegistry $doctrine The doctrine instance
         * @param UserPasswordHasherInterface $hasher The password hasher instance
@@ -83,15 +137,20 @@ abstract class AbstractController extends BaseAbstractController implements Serv
         * @param MailerInterface $mailer The mailer instance
         * @param EntityManagerInterface $manager The manager instance
         * @param RouterInterface $router The router instance
         * @param MailerInterface $mailer The mailer instance
         * @param EntityManagerInterface $manager The manager instance
         * @param RouterInterface $router The router instance
+        * @param Security $security The security instance
         * @param SluggerUtil $slugger The slugger instance
         * @param RequestStack $stack The stack instance
         * @param TranslatorInterface $translator The translator instance
         * @param Environment $twig The twig environment instance
         * @param SluggerUtil $slugger The slugger instance
         * @param RequestStack $stack The stack instance
         * @param TranslatorInterface $translator The translator instance
         * @param Environment $twig The twig environment instance
+        * @param integer $limit The page limit
         */
         */
-       public function __construct(ContainerInterface $container, ManagerRegistry $doctrine, UserPasswordHasherInterface $hasher, LoggerInterface $logger, MailerInterface $mailer, EntityManagerInterface $manager, RouterInterface $router, SluggerUtil $slugger, RequestStack $stack, TranslatorInterface $translator, Environment $twig) {
+       public function __construct(AuthorizationCheckerInterface $checker, ContainerInterface $container, ManagerRegistry $doctrine, UserPasswordHasherInterface $hasher, LoggerInterface $logger, MailerInterface $mailer, EntityManagerInterface $manager, RouterInterface $router, Security $security, SluggerUtil $slugger, RequestStack $stack, TranslatorInterface $translator, Environment $twig, int $limit = 5) {
                //Retrieve config
                $this->config = $container->getParameter(RapsysUserBundle::getAlias());
 
                //Retrieve config
                $this->config = $container->getParameter(RapsysUserBundle::getAlias());
 
+               //Set checker
+               $this->checker = $checker;
+
                //Set container
                $this->container = $container;
 
                //Set container
                $this->container = $container;
 
@@ -104,6 +163,9 @@ abstract class AbstractController extends BaseAbstractController implements Serv
                //Set logger
                $this->logger = $logger;
 
                //Set logger
                $this->logger = $logger;
 
+               //Set limit
+               $this->limit = $limit;
+
                //Set mailer
                $this->mailer = $mailer;
 
                //Set mailer
                $this->mailer = $mailer;
 
@@ -113,6 +175,9 @@ abstract class AbstractController extends BaseAbstractController implements Serv
                //Set router
                $this->router = $router;
 
                //Set router
                $this->router = $router;
 
+               //Set security
+               $this->security = $security;
+
                //Set slugger
                $this->slugger = $slugger;
 
                //Set slugger
                $this->slugger = $slugger;
 
@@ -123,10 +188,18 @@ abstract class AbstractController extends BaseAbstractController implements Serv
                $this->twig = $twig;
 
                //Get current request
                $this->twig = $twig;
 
                //Get current request
-               $request = $stack->getCurrentRequest();
+               $this->request = $stack->getCurrentRequest();
+
+               //Get current page
+               $this->page = (int) $this->request->query->get('page');
+
+               //With negative page
+               if ($this->page < 0) {
+                       $this->page = 0;
+               }
 
                //Get current locale
 
                //Get current locale
-               $this->locale = $request->getLocale();
+               $this->locale = $this->request->getLocale();
 
                //Set translate array
                $translates = [];
 
                //Set translate array
                $translates = [];
@@ -257,7 +330,7 @@ abstract class AbstractController extends BaseAbstractController implements Serv
                                                                //With current locale
                                                                if ($locale == $this->locale) {
                                                                        //Set locale locales context
                                                                //With current locale
                                                                if ($locale == $this->locale) {
                                                                        //Set locale locales context
-                                                                       $this->config[$tag][$view]['context']['canonical'] = $this->router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL);
+                                                                       $this->config[$tag][$view]['context']['head']['canonical'] = $this->router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL);
                                                                } else {
                                                                        //Set locale locales context
                                                                        $this->config[$tag][$view]['context']['head']['alternates'][$locale] = [
                                                                } else {
                                                                        //Set locale locales context
                                                                        $this->config[$tag][$view]['context']['head']['alternates'][$locale] = [
@@ -339,7 +412,6 @@ abstract class AbstractController extends BaseAbstractController implements Serv
        public static function getSubscribedServices(): array {
                //Return subscribed services
                return [
        public static function getSubscribedServices(): array {
                //Return subscribed services
                return [
-                       'service_container' => ContainerInterface::class,
                        'doctrine' => ManagerRegistry::class,
                        'doctrine.orm.default_entity_manager' => EntityManagerInterface::class,
                        'logger' => LoggerInterface::class,
                        'doctrine' => ManagerRegistry::class,
                        'doctrine.orm.default_entity_manager' => EntityManagerInterface::class,
                        'logger' => LoggerInterface::class,
@@ -347,7 +419,10 @@ abstract class AbstractController extends BaseAbstractController implements Serv
                        'rapsys_pack.slugger_util' => SluggerUtil::class,
                        'request_stack' => RequestStack::class,
                        'router' => RouterInterface::class,
                        'rapsys_pack.slugger_util' => SluggerUtil::class,
                        'request_stack' => RequestStack::class,
                        'router' => RouterInterface::class,
+                       'security.authorization_checker' => AuthorizationCheckerInterface::class,
+                       'security' => Security::class,
                        'security.user_password_hasher' => UserPasswordHasherInterface::class,
                        'security.user_password_hasher' => UserPasswordHasherInterface::class,
+                       'service_container' => ContainerInterface::class,
                        'translator' => TranslatorInterface::class
                ];
        }
                        'translator' => TranslatorInterface::class
                ];
        }