-<?php
+<?php declare(strict_types=1);
+
+/*
+ * This file is part of the Rapsys UserBundle package.
+ *
+ * (c) Raphaël Gertz <symfony@rapsys.eu>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
namespace Rapsys\UserBundle\Controller;
-use Rapsys\UserBundle\Utils\Slugger;
+use Doctrine\DBAL\Exception\UniqueConstraintViolationException;
use Symfony\Bridge\Twig\Mime\TemplatedEmail;
-use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
-use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\Form\FormError;
use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+use Symfony\Component\HttpKernel\Exception\BadRequestHttpException;
use Symfony\Component\Mailer\Exception\TransportExceptionInterface;
-use Symfony\Component\Mailer\MailerInterface;
-use Symfony\Component\Mime\NamedAddress;
+use Symfony\Component\Mime\Address;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
-use Symfony\Component\Routing\RouterInterface;
-use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
-use Symfony\Component\Translation\TranslatorInterface;
+use Rapsys\UserBundle\RapsysUserBundle;
+
+/**
+ * {@inheritdoc}
+ */
class DefaultController extends AbstractController {
- //Config array
- protected $config;
-
- //Translator instance
- protected $translator;
-
- public function __construct(ContainerInterface $container, TranslatorInterface $translator, RouterInterface $router) {
- //Retrieve config
- $this->config = $container->getParameter($this->getAlias());
-
- //Set the translator
- $this->translator = $translator;
-
- //Get current action
- //XXX: we don't use this as it would be too slow, maybe ???
- #$action = str_replace(self::getAlias().'_', '', $container->get('request_stack')->getCurrentRequest()->get('_route'));
-
- //Inject every requested route in view and mail context
- foreach($this->config as $tag => $current) {
- //Look for entry with route subkey
- if (!empty($current['route'])) {
- //Generate url for both view and mail
- foreach(['view', 'mail'] as $view) {
- //Check that context key is usable
- if (isset($current[$view]['context']) && is_array($current[$view]['context'])) {
- //Process every routes
- foreach($current['route'] as $route => $key) {
- //Skip recover_mail route as it requires some parameters
- if ($route == 'recover_mail') {
- continue;
- }
- //Check that key is empty
- if (!isset($current[$view]['context'][$key])) {
- //Generate the route
- $this->config[$tag][$view]['context'][$key] = $router->generate(
- $this->config['route'][$route]['name'],
- $this->config['route'][$route]['context'],
- //Generate absolute url for mails
- $view=='mail'?UrlGeneratorInterface::ABSOLUTE_URL:UrlGeneratorInterface::ABSOLUTE_PATH
- );
- }
- }
- }
- }
- }
+ /**
+ * User index
+ *
+ * @param Request $request The request
+ * @return Response The response
+ */
+ public function index(Request $request): Response {
+ //Without admin
+ if (!$this->checker->isGranted($this->config['default']['admin'])) {
+ //Throw 403
+ throw $this->createAccessDeniedException($this->translator->trans('Unable to list users'));
}
- }
- public function login(Request $request, AuthenticationUtils $authenticationUtils) {
- //Create the LoginType form and give the proper parameters
- $form = $this->createForm($this->config['login']['view']['form'], null, [
- //Set action to login route name and context
- 'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']),
- 'method' => 'POST'
- ]);
+ //Get count
+ $this->context['count'] = $this->doctrine->getRepository($this->config['class']['user'])->findCountAsInt();
- //Get the login error if there is one
- if ($error = $authenticationUtils->getLastAuthenticationError()) {
- //Get translated error
- $error = $this->translator->trans($error->getMessageKey());
-
- //Add error message to mail field
- $form->get('mail')->addError(new FormError($error));
+ //With not enough users
+ if ($this->context['count'] - $this->page * $this->limit < 0) {
+ //Throw 404
+ throw $this->createNotFoundException($this->translator->trans('Unable to find users'));
}
- //Last username entered by the user
- if ($lastUsername = $authenticationUtils->getLastUsername()) {
- $form->get('mail')->setData($lastUsername);
- }
+ //Get users
+ $this->context['users'] = $this->doctrine->getRepository($this->config['class']['user'])->findAllAsArray($this->page, $this->limit);
//Render view
return $this->render(
//Template
- $this->config['login']['view']['name'],
+ $this->config['index']['view']['name'],
//Context
- ['form' => $form->createView(), 'error' => $error]+$this->config['login']['view']['context']
+ $this->context+$this->config['index']['view']['context']
);
}
- public function recover(Request $request, Slugger $slugger, MailerInterface $mailer) {
- //Create the RecoverType form and give the proper parameters
- $form = $this->createForm($this->config['recover']['view']['form'], null, array(
- //Set action to recover route name and context
- 'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
- 'method' => 'POST'
- ));
+ /**
+ * Confirm account from mail link
+ *
+ * @param Request $request The request
+ * @param string $hash The hashed password
+ * @param string $mail The shorted mail address
+ * @return Response The response
+ */
+ public function confirm(Request $request, string $hash, string $mail): Response {
+ //With invalid hash
+ if ($hash != $this->slugger->hash($mail)) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+ }
- if ($request->isMethod('POST')) {
- //Refill the fields in case the form is not valid.
- $form->handleRequest($request);
+ //Get mail
+ $mail = $this->slugger->unshort($smail = $mail);
- if ($form->isValid()) {
- //Get doctrine
- $doctrine = $this->getDoctrine();
+ //Without valid mail
+ if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+ //Throw bad request
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+ }
- //Set data
- $data = $form->getData();
+ //Without existing registrant
+ if (!($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+ //Add error message mail already exists
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ $this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail]));
- //Try to find user
- if ($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) {
- //Set mail shortcut
- $mail =& $this->config['recover']['mail'];
+ //Redirect to register view
+ return $this->redirectToRoute($this->config['route']['register']['name'], $this->config['route']['register']['context']);
+ }
- //Generate each route route
- foreach($this->config['recover']['route'] as $route => $tag) {
- //Only process defined routes
- if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
- //Process for recover mail url
- if ($route == 'recover_mail') {
- //Prepend recover context with tag
- $this->config['route'][$route]['context'] = [
- 'recipient' => $slugger->short($user->getMail()),
- 'hash' => $slugger->hash($user->getPassword())
- ]+$this->config['route'][$route]['context'];
- }
- //Set the url in context
- $mail['context'][$tag] = $this->get('router')->generate(
- $this->config['route'][$route]['name'],
- $this->config['route'][$route]['context'],
- UrlGeneratorInterface::ABSOLUTE_URL
- );
+ //Set active
+ $user->setActive(true);
- }
- }
+ //Persist user
+ $this->manager->persist($user);
- //Set recipient_name
- $mail['context']['recipient_mail'] = $data['mail'];
+ //Send to database
+ $this->manager->flush();
- //Set recipient_name
- $mail['context']['recipient_name'] = trim($user->getForename().' '.$user->getSurname().($user->getPseudonym()?' ('.$user->getPseudonym().')':''));
+ //Add error message mail already exists
+ $this->addFlash('notice', $this->translator->trans('Your account has been activated'));
- //Init subject context
- $subjectContext = [];
+ //Redirect to user view
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+ }
- //Process each context pair
- foreach($mail['context']+$this->config['recover']['view']['context'] as $k => $v) {
- //Reinsert each context pair with the key surrounded by %
- $subjectContext['%'.$k.'%'] = $v;
- }
+ /**
+ * Edit account by shorted mail
+ *
+ * @param Request $request The request
+ * @param string $hash The hashed password
+ * @param string $mail The shorted mail address
+ * @return Response The response
+ */
+ public function edit(Request $request, string $hash, string $mail): Response {
+ //With invalid hash
+ if ($hash != $this->slugger->hash($mail)) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+ }
- //Translate subject
- $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+ //Get mail
+ $mail = $this->slugger->unshort($smail = $mail);
- //Create message
- $message = (new TemplatedEmail())
- //Set sender
- ->from(new NamedAddress($this->config['contact']['mail'], $this->config['contact']['name']))
- //Set recipient
- //XXX: remove the debug set in vendor/symfony/mime/Address.php +46
- ->to(new NamedAddress($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
- //Set subject
- ->subject($mail['subject'])
+ //With existing subscriber
+ if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+ //Throw not found
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
+ }
- //Set path to twig templates
- ->htmlTemplate($mail['html'])
- ->textTemplate($mail['text'])
+ //Prevent access when not admin, user is not guest and not currently logged user
+ if (!$this->checker->isGranted($this->config['default']['admin']) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) {
+ //Throw access denied
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail]));
+ }
+
+ //Create the EditType form and give the proper parameters
+ $edit = $this->createForm($this->config['edit']['view']['edit'], $user, [
+ //Set action to edit route name and context
+ 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']),
+ //Set civility class
+ 'civility_class' => $this->config['class']['civility'],
+ //Set civility default
+ 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
+ //Set method
+ 'method' => 'POST'
+ ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['edit']['admin']:$this->config['edit']['field']));
+
+ //With admin role
+ if ($this->checker->isGranted($this->config['default']['admin'])) {
+ //Create the EditType form and give the proper parameters
+ $reset = $this->createForm($this->config['edit']['view']['reset'], $user, [
+ //Set action to edit route name and context
+ 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']),
+ //Set method
+ 'method' => 'POST'
+ ]);
+
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $reset->handleRequest($request);
- //Set context
- ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['recover']['view']['context']);
+ //With reset submitted and valid
+ if ($reset->isSubmitted() && $reset->isValid()) {
+ //Set data
+ $data = $reset->getData();
- //Try sending message
- //XXX: mail delivery may silently fail
- try {
- //Send message
- $mailer->send($message);
+ //Set password
+ $data->setPassword($this->hasher->hashPassword($data, $data->getPassword()));
- //Redirect on the same route with sent=1 to cleanup form
- #return $this->redirectToRoute('rapsys_user_register', array('sent' => 1));
- return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
- //Catch obvious transport exception
- } catch(TransportExceptionInterface $e) {
- //Add error message mail unreachable
- $form->get('mail')->addError(new FormError($this->translator->trans('Account found but unable to contact: %mail%', array('%mail%' => $data['mail']))));
- }
- //Accout not found
- } else {
- //Add error message to mail field
- $form->get('mail')->addError(new FormError($this->translator->trans('Unable to find account: %mail%', ['%mail%' => $data['mail']])));
+ //Queue snippet save
+ $this->manager->persist($data);
+
+ //Flush to get the ids
+ $this->manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()]));
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+ }
+ }
+
+ //Add reset view
+ $this->config['edit']['view']['context']['reset'] = $reset->createView();
+ }
+
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $edit->handleRequest($request);
+
+ //With edit submitted and valid
+ if ($edit->isSubmitted() && $edit->isValid()) {
+ //Set data
+ $data = $edit->getData();
+
+ //Queue snippet save
+ $this->manager->persist($data);
+
+ //Try saving in database
+ try {
+ //Flush to get the ids
+ $this->manager->flush();
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()]));
+
+ //Redirect to cleanup the form
+ return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']);
+ //Catch double slug or mail
+ } catch (UniqueConstraintViolationException $e) {
+ //Add error message mail already exists
+ $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $data->getMail()]));
}
}
+ //Without admin role
+ //XXX: prefer a reset on login to force user unspam action
+ } elseif (!$this->checker->isGranted($this->config['default']['admin'])) {
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
}
//Render view
return $this->render(
//Template
- $this->config['recover']['view']['name'],
+ $this->config['edit']['view']['name'],
//Context
- ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['recover']['view']['context']
+ ['edit' => $edit->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['edit']['view']['context']
);
}
- public function recoverMail(Request $request, UserPasswordEncoderInterface $encoder, Slugger $slugger, MailerInterface $mailer, $recipient, $hash) {
- //Create the RecoverType form and give the proper parameters
- $form = $this->createForm($this->config['recover_mail']['view']['form'], null, array(
- //Set action to recover route name and context
- 'action' => $this->generateUrl($this->config['route']['recover_mail']['name'], ['recipient' => $recipient, 'hash' => $hash]+$this->config['route']['recover_mail']['context']),
+ /**
+ * Login
+ *
+ * @param Request $request The request
+ * @param AuthenticationUtils $authenticationUtils The authentication utils
+ * @param ?string $hash The hashed password
+ * @param ?string $mail The shorted mail address
+ * @return Response The response
+ */
+ public function login(Request $request, AuthenticationUtils $authenticationUtils, ?string $hash, ?string $mail): Response {
+ //Create the LoginType form and give the proper parameters
+ $login = $this->createForm($this->config['login']['view']['form'], null, [
+ //Set action to login route name and context
+ 'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']),
+ //Set method
'method' => 'POST'
- ));
+ ]);
- //Get doctrine
- $doctrine = $this->getDoctrine();
+ //Init context
+ $context = [];
- //Init not found
- $notfound = 1;
+ //With mail
+ if (!empty($mail) && !empty($hash)) {
+ //With invalid hash
+ if ($hash != $this->slugger->hash($mail)) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+ }
- //Retrieve user
- if (($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($slugger->unshort($recipient))) && $hash == $slugger->hash($user->getPassword())) {
- //User was found
- $notfound = 0;
+ //Get mail
+ $mail = $this->slugger->unshort($smail = $mail);
- if ($request->isMethod('POST')) {
- //Refill the fields in case the form is not valid.
- $form->handleRequest($request);
+ //Without valid mail
+ if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+ }
- if ($form->isValid()) {
- //Set data
- $data = $form->getData();
+ //Prefilled mail
+ $login->get('mail')->setData($mail);
+ //Last username entered by the user
+ } elseif ($lastUsername = $authenticationUtils->getLastUsername()) {
+ $login->get('mail')->setData($lastUsername);
+ }
- //set encoded password
- $encoded = $encoder->encodePassword($user, $data['password']);
+ //Get the login error if there is one
+ if ($error = $authenticationUtils->getLastAuthenticationError()) {
+ //Get translated error
+ $error = $this->translator->trans($error->getMessageKey());
- //Set user password
- $user->setPassword($encoded);
+ //Add error message to mail field
+ $login->get('mail')->addError(new FormError($error));
+
+ //Create the RecoverType form and give the proper parameters
+ $recover = $this->createForm($this->config['recover']['view']['form'], null, [
+ //Set action to recover route name and context
+ 'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']),
+ //Without password
+ 'password' => false,
+ //Set method
+ 'method' => 'POST'
+ ]);
+
+ //Get recover mail entity
+ $recover->get('mail')
+ //Set mail from login form
+ ->setData($login->get('mail')->getData())
+ //Add recover error
+ ->addError(new FormError($this->translator->trans('Use this form to recover your account')));
+
+ //Add recover form to context
+ $context['recover'] = $recover->createView();
+ } else {
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure'));
+ }
- //Get manager
- $manager = $doctrine->getManager();
+ //Render view
+ return $this->render(
+ //Template
+ $this->config['login']['view']['name'],
+ //Context
+ ['login' => $login->createView(), 'disabled' => $request->query->get('disabled', 0), 'sent' => $request->query->get('sent', 0)]+$context+$this->config['login']['view']['context']
+ );
+ }
+
+ /**
+ * Recover account
+ *
+ * @param Request $request The request
+ * @param ?string $hash The hashed password
+ * @param ?string $pass The shorted password
+ * @param ?string $mail The shorted mail address
+ * @return Response The response
+ */
+ public function recover(Request $request, ?string $hash, ?string $pass, ?string $mail): Response {
+ //Set user
+ $user = null;
+
+ //Set context
+ $context = [];
+
+ //With mail, pass and hash
+ if (!empty($mail) && !empty($pass) && !empty($hash)) {
+ //With invalid hash
+ if ($hash != $this->slugger->hash($mail.$pass)) {
+ //Throw bad request
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash]));
+ }
+
+ //Get mail
+ $mail = $this->slugger->unshort($smail = $mail);
+
+ //Without valid mail
+ if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) {
+ //Throw bad request
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'mail', '%value%' => $smail]));
+ }
+
+ //With existing subscriber
+ if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) {
+ //Throw not found
+ //XXX: prevent slugger reverse engineering by not displaying decoded mail
+ throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail]));
+ }
+
+ //With unmatched pass
+ if ($pass != $this->slugger->hash($user->getPassword())) {
+ //Throw not found
+ //XXX: prevent use of outdated recover link
+ throw $this->createNotFoundException($this->translator->trans('Outdated recover link'));
+ }
+
+ //Set context
+ $context = ['mail' => $smail, 'pass' => $pass, 'hash' => $hash];
+ }
+
+ //Create the LoginType form and give the proper parameters
+ $form = $this->createForm($this->config['recover']['view']['form'], $user, [
+ //Set action to recover route name and context
+ 'action' => $this->generateUrl($this->config['route']['recover']['name'], $context+$this->config['route']['recover']['context']),
+ //With user disable mail
+ 'mail' => ($user === null),
+ //With user enable password
+ 'password' => ($user !== null),
+ //Set method
+ 'method' => 'POST'
+ ]);
+
+ //With post method
+ if ($request->isMethod('POST')) {
+ //Refill the fields in case the form is not valid.
+ $form->handleRequest($request);
+
+ //With form submitted and valid
+ if ($form->isSubmitted() && $form->isValid()) {
+ //Set data
+ $data = $form->getData();
+
+ //With user
+ if ($user !== null) {
+ //Set hashed password
+ $hashed = $this->hasher->hashPassword($user, $user->getPassword());
+
+ //Update pass
+ $pass = $this->slugger->hash($hashed);
+
+ //Set user password
+ $user->setPassword($hashed);
//Persist user
- $manager->persist($user);
+ $this->manager->persist($user);
//Send to database
- $manager->flush();
+ $this->manager->flush();
- //Set mail shortcut
- $mail =& $this->config['recover_mail']['mail'];
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Account password updated'));
- //Regen hash
- $hash = $slugger->hash($encoded);
+ //Redirect to user login
+ return $this->redirectToRoute($this->config['route']['login']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['login']['context']);
+ //Find user by data mail
+ } elseif ($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) {
+ //Set context
+ $context = [
+ 'recipient_mail' => $user->getMail(),
+ 'recipient_name' => $user->getRecipientName()
+ ] + array_replace_recursive(
+ $this->config['context'],
+ $this->config['recover']['view']['context'],
+ $this->config['recover']['mail']['context']
+ );
//Generate each route route
- foreach($this->config['recover_mail']['route'] as $route => $tag) {
+ foreach($this->config['recover']['route'] as $route => $tag) {
//Only process defined routes
- if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
+ if (!empty($this->config['route'][$route])) {
//Process for recover mail url
- if ($route == 'recover_mail') {
- //Prepend recover context with tag
- $this->config['route'][$route]['context'] = [
- 'recipient' => $recipient,
- 'hash' => $hash
- ]+$this->config['route'][$route]['context'];
+ if ($route == 'recover') {
+ //Set the url in context
+ $context[$tag] = $this->router->generate(
+ $this->config['route'][$route]['name'],
+ //Prepend recover context with tag
+ [
+ 'mail' => $smail = $this->slugger->short($context['recipient_mail']),
+ 'pass' => $spass = $this->slugger->hash($pass = $user->getPassword()),
+ 'hash' => $this->slugger->hash($smail.$spass)
+ ]+$this->config['route'][$route]['context'],
+ UrlGeneratorInterface::ABSOLUTE_URL
+ );
}
- //Set the url in context
- $mail['context'][$tag] = $this->get('router')->generate(
- $this->config['route'][$route]['name'],
- $this->config['route'][$route]['context'],
- UrlGeneratorInterface::ABSOLUTE_URL
- );
}
}
- //Set recipient_name
- $mail['context']['recipient_mail'] = $user->getMail();
+ //Iterate on keys to translate
+ foreach($this->config['translate'] as $translate) {
+ //Extract keys
+ $keys = explode('.', $translate);
+
+ //Set current
+ $current =& $context;
+
+ //Iterate on each subkey
+ do {
+ //Skip unset translation keys
+ if (!isset($current[current($keys)])) {
+ continue(2);
+ }
- //Set recipient_name
- $mail['context']['recipient_name'] = trim($user->getForename().' '.$user->getSurname().($user->getPseudonym()?' ('.$user->getPseudonym().')':''));
+ //Set current to subkey
+ $current =& $current[current($keys)];
+ } while(next($keys));
- //Init subject context
- $subjectContext = [];
+ //Set translation
+ $current = $this->translator->trans($current);
- //Process each context pair
- foreach($mail['context']+$this->config['recover_mail']['view']['context'] as $k => $v) {
- //Reinsert each context pair with the key surrounded by %
- $subjectContext['%'.$k.'%'] = $v;
+ //Remove reference
+ unset($current);
}
//Translate subject
- $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+ $context['subject'] = $subject = ucfirst(
+ $this->translator->trans(
+ $this->config['recover']['mail']['subject'],
+ $this->slugger->flatten($context, null, '.', '%', '%')
+ )
+ );
//Create message
$message = (new TemplatedEmail())
//Set sender
- ->from(new NamedAddress($this->config['contact']['mail'], $this->config['contact']['name']))
+ ->from(new Address($this->config['contact']['address'], $this->config['contact']['name']))
//Set recipient
//XXX: remove the debug set in vendor/symfony/mime/Address.php +46
- ->to(new NamedAddress($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
+ ->to(new Address($context['recipient_mail'], $context['recipient_name']))
//Set subject
- ->subject($mail['subject'])
+ ->subject($context['subject'])
//Set path to twig templates
- ->htmlTemplate($mail['html'])
- ->textTemplate($mail['text'])
+ ->htmlTemplate($this->config['recover']['mail']['html'])
+ ->textTemplate($this->config['recover']['mail']['text'])
//Set context
- ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['recover_mail']['view']['context']);
+ ->context($context);
//Try sending message
//XXX: mail delivery may silently fail
try {
//Send message
- $mailer->send($message);
+ $this->mailer->send($message);
+
+ //Add notice
+ $this->addFlash('notice', $this->translator->trans('Your recovery mail has been sent, to retrieve your account you must follow the recuperate link inside'));
+
+ //Add junk warning
+ $this->addFlash('warning', $this->translator->trans('If you did not receive a recovery mail, check your Spam or Junk mail folders'));
//Redirect on the same route with sent=1 to cleanup form
- return $this->redirectToRoute($request->get('_route'), ['recipient' => $recipient, 'hash' => $hash, 'sent' => 1]+$request->get('_route_params'));
+ return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'), 302);
//Catch obvious transport exception
} catch(TransportExceptionInterface $e) {
//Add error message mail unreachable
- $form->get('mail')->addError(new FormError($this->translator->trans('Account password updated but unable to contact: %mail%', array('%mail%' => $mail['context']['recipient_mail']))));
+ $form->get('mail')->addError(new FormError($this->translator->trans('Unable to reach account')));
}
}
}
- //Accout not found
- } else {
- //Add error message to mail field
- $form->get('mail')->addError(new FormError($this->translator->trans('Unable to find account: %mail%', ['%mail%' => $slugger->unshort($recipient)])));
}
//Render view
return $this->render(
//Template
- $this->config['recover_mail']['view']['name'],
+ $this->config['recover']['view']['name'],
//Context
- ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0), 'notfound' => $notfound]+$this->config['recover_mail']['view']['context']
+ ['recover' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['recover']['view']['context']
);
}
- public function register(Request $request, UserPasswordEncoderInterface $encoder, MailerInterface $mailer) {
+ /**
+ * Register an account
+ *
+ * @param Request $request The request
+ * @return Response The response
+ */
+ public function register(Request $request): Response {
+ //With mail
+ if (!empty($_POST['register']['mail'])) {
+ //Log new user infos
+ $this->logger->emergency(
+ $this->translator->trans(
+ 'register: mail=%mail% locale=%locale% confirm=%confirm%',
+ [
+ '%mail%' => $postMail = $_POST['register']['mail'],
+ '%locale%' => $request->getLocale(),
+ '%confirm%' => $this->router->generate(
+ $this->config['route']['confirm']['name'],
+ //Prepend subscribe context with tag
+ [
+ 'mail' => $postSmail = $this->slugger->short($postMail),
+ 'hash' => $this->slugger->hash($postSmail)
+ ]+$this->config['route']['confirm']['context'],
+ UrlGeneratorInterface::ABSOLUTE_URL
+ )
+ ]
+ )
+ );
+ }
+
+ //Init reflection
+ $reflection = new \ReflectionClass($this->config['class']['user']);
+
+ //Create new user
+ $user = $reflection->newInstance('', '');
+
//Create the RegisterType form and give the proper parameters
- $form = $this->createForm($this->config['register']['view']['form'], null, array(
- 'class_title' => $this->config['class']['title'],
+ $form = $this->createForm($this->config['register']['view']['form'], $user, [
//Set action to register route name and context
'action' => $this->generateUrl($this->config['route']['register']['name'], $this->config['route']['register']['context']),
+ //Set civility class
+ 'civility_class' => $this->config['class']['civility'],
+ //Set civility default
+ 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']),
+ //Set method
'method' => 'POST'
- ));
+ ]+($this->checker->isGranted($this->config['default']['admin'])?$this->config['register']['admin']:$this->config['register']['field']));
+ //With post method
if ($request->isMethod('POST')) {
//Refill the fields in case the form is not valid.
$form->handleRequest($request);
- if ($form->isValid()) {
+ //With form submitted and valid
+ if ($form->isSubmitted() && $form->isValid()) {
//Set data
$data = $form->getData();
- //Set mail shortcut
- $mail =& $this->config['register']['mail'];
+ //Set password
+ $user->setPassword($this->hasher->hashPassword($user, $user->getPassword()));
+
+ //Persist user
+ $this->manager->persist($user);
+
+ //Iterate on default group
+ foreach($this->config['default']['group'] as $i => $groupTitle) {
+ //Fetch group
+ if (($group = $this->doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) {
+ //Set default group
+ //XXX: see vendor/symfony/security-core/Role/Role.php
+ $user->addGroup($group);
+ //Group not found
+ } else {
+ //Throw exception
+ //XXX: consider missing group as fatal
+ throw new \Exception(sprintf('Group %s listed in %s.default.group[%d] not found by title', $groupTitle, RapsysUserBundle::getAlias(), $i));
+ }
+ }
+
+ //Set context
+ $context = [
+ 'recipient_mail' => $user->getMail(),
+ 'recipient_name' => $user->getRecipientName()
+ ] + array_replace_recursive(
+ $this->config['context'],
+ $this->config['register']['view']['context'],
+ $this->config['register']['mail']['context']
+ );
//Generate each route route
foreach($this->config['register']['route'] as $route => $tag) {
- if (empty($mail['context'][$tag]) && !empty($this->config['route'][$route])) {
- $mail['context'][$tag] = $this->get('router')->generate(
- $this->config['route'][$route]['name'],
- $this->config['route'][$route]['context'],
- UrlGeneratorInterface::ABSOLUTE_URL
- );
+ //Only process defined routes
+ if (!empty($this->config['route'][$route])) {
+ //Process for confirm mail url
+ if ($route == 'confirm') {
+ //Set the url in context
+ $context[$tag] = $this->router->generate(
+ $this->config['route'][$route]['name'],
+ //Prepend register context with tag
+ [
+ 'mail' => $smail = $this->slugger->short($context['recipient_mail']),
+ 'hash' => $this->slugger->hash($smail)
+ ]+$this->config['route'][$route]['context'],
+ UrlGeneratorInterface::ABSOLUTE_URL
+ );
+ }
}
}
- //Set recipient_name
- $mail['context']['recipient_mail'] = $data['mail'];
+ //Iterate on keys to translate
+ foreach($this->config['translate'] as $translate) {
+ //Extract keys
+ $keys = explode('.', $translate);
+
+ //Set current
+ $current =& $context;
+
+ //Iterate on each subkey
+ do {
+ //Skip unset translation keys
+ if (!isset($current[current($keys)])) {
+ continue(2);
+ }
- //Set recipient_name
- $mail['context']['recipient_name'] = trim($data['forename'].' '.$data['surname'].($data['pseudonym']?' ('.$data['pseudonym'].')':''));
+ //Set current to subkey
+ $current =& $current[current($keys)];
+ } while(next($keys));
- //Init subject context
- $subjectContext = [];
+ //Set translation
+ $current = $this->translator->trans($current);
- //Process each context pair
- foreach($mail['context']+$this->config['register']['view']['context'] as $k => $v) {
- //Reinsert each context pair with the key surrounded by %
- $subjectContext['%'.$k.'%'] = $v;
+ //Remove reference
+ unset($current);
}
//Translate subject
- $mail['subject'] = ucfirst($this->translator->trans($mail['subject'], $subjectContext));
+ $context['subject'] = $subject = ucfirst(
+ $this->translator->trans(
+ $this->config['register']['mail']['subject'],
+ $this->slugger->flatten($context, null, '.', '%', '%')
+ )
+ );
//Create message
$message = (new TemplatedEmail())
//Set sender
- ->from(new NamedAddress($this->config['contact']['mail'], $this->config['contact']['name']))
+ ->from(new Address($this->config['contact']['address'], $this->config['contact']['name']))
//Set recipient
//XXX: remove the debug set in vendor/symfony/mime/Address.php +46
- ->to(new NamedAddress($mail['context']['recipient_mail'], $mail['context']['recipient_name']))
+ ->to(new Address($context['recipient_mail'], $context['recipient_name']))
//Set subject
- ->subject($mail['subject'])
+ ->subject($context['subject'])
//Set path to twig templates
- ->htmlTemplate($mail['html'])
- ->textTemplate($mail['text'])
+ ->htmlTemplate($this->config['register']['mail']['html'])
+ ->textTemplate($this->config['register']['mail']['text'])
//Set context
- ->context(['subject' => $mail['subject']]+$mail['context']+$this->config['register']['view']['context']);
-
- //Get doctrine
- $doctrine = $this->getDoctrine();
-
- //Get manager
- $manager = $doctrine->getManager();
-
- //Init reflection
- $reflection = new \ReflectionClass($this->config['class']['user']);
-
- //Create new user
- $user = $reflection->newInstance();
-
- $user->setMail($data['mail']);
- $user->setPseudonym($data['pseudonym']);
- $user->setForename($data['forename']);
- $user->setSurname($data['surname']);
- $user->setPhone($data['phone']);
- $user->setPassword($encoder->encodePassword($user, $data['password']));
- $user->setActive(true);
- $user->setTitle($data['title']);
-
- //XXX: For now there is no point in setting a role at subscription
- //TODO: see if we can't modify group constructor to set role directly from args
- //XXX: see vendor/symfony/symfony/src/Symfony/Component/Security/Core/Role/Role.php
- #$user->addGroup($doctrine->getRepository($this->config['class']['group'])->findOneByRole('ROLE_USER'));
-
- $user->setCreated(new \DateTime('now'));
- $user->setUpdated(new \DateTime('now'));
-
- //Persist user
- $manager->persist($user);
+ ->context($context);
//Try saving in database
try {
//Send to database
- $manager->flush();
+ $this->manager->flush();
+
+ //Add error message mail already exists
+ $this->addFlash('notice', $this->translator->trans('Your account has been created'));
//Try sending message
//XXX: mail delivery may silently fail
try {
//Send message
- $mailer->send($message);
+ $this->mailer->send($message);
//Redirect on the same route with sent=1 to cleanup form
- #return $this->redirectToRoute('rapsys_user_register', array('sent' => 1));
return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'));
//Catch obvious transport exception
} catch(TransportExceptionInterface $e) {
//Add error message mail unreachable
- $form->get('mail')->addError(new FormError($this->translator->trans('Account created but unable to contact: %mail%', array('%mail%' => $data['mail']))));
+ $form->get('mail')->addError(new FormError($this->translator->trans('Unable to reach account')));
}
//Catch double subscription
- } catch (\Doctrine\DBAL\Exception\UniqueConstraintViolationException $e) {
+ } catch (UniqueConstraintViolationException $e) {
//Add error message mail already exists
- $form->get('mail')->addError(new FormError($this->translator->trans('Account already exists: %mail%', ['%mail%' => $data['mail']])));
+ $this->addFlash('error', $this->translator->trans('Account already exists'));
}
}
}
//Template
$this->config['register']['view']['name'],
//Context
- ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
+ ['register' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context']
);
}
-
- /**
- * {@inheritdoc}
- */
- public function getAlias() {
- return 'rapsys_user';
- }
}
Rapsys Git / userbundle / blobdiff