X-Git-Url: https://git.rapsys.eu/userbundle/blobdiff_plain/c0d7b2e1474eff99cf5f3b0b79d25bdcd0086ab2..43469deb349e799bbf590f5e3570d1ffd69ecb2c:/Controller/DefaultController.php diff --git a/Controller/DefaultController.php b/Controller/DefaultController.php index 3a65712..de4ff4e 100644 --- a/Controller/DefaultController.php +++ b/Controller/DefaultController.php @@ -11,247 +11,38 @@ namespace Rapsys\UserBundle\Controller; -use Doctrine\Bundle\DoctrineBundle\Registry; -use Doctrine\ORM\EntityManagerInterface; -use Psr\Log\LoggerInterface; +use Doctrine\DBAL\Exception\UniqueConstraintViolationException; use Symfony\Bridge\Twig\Mime\TemplatedEmail; -use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; -use Symfony\Component\DependencyInjection\ContainerInterface; use Symfony\Component\Form\FormError; use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpKernel\Exception\BadRequestHttpException; use Symfony\Component\Mailer\Exception\TransportExceptionInterface; -use Symfony\Component\Mailer\MailerInterface; use Symfony\Component\Mime\Address; use Symfony\Component\Routing\Generator\UrlGeneratorInterface; -use Symfony\Component\Routing\RouterInterface; -use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationUtils; -use Symfony\Component\Translation\TranslatorInterface; - -use Rapsys\PackBundle\Util\SluggerUtil; -use Rapsys\UserBundle\RapsysUserBundle; +/** + * {@inheritdoc} + */ class DefaultController extends AbstractController { - //Config array - protected $config; - - //Translator instance - protected $translator; - - /** - * Constructor - * - * @TODO: move all canonical and other view related stuff in an user AbstractController like in RapsysAir render feature !!!! - * - * @param ContainerInterface $container The containter instance - * @param RouterInterface $router The router instance - * @param TranslatorInterface $translator The translator instance - */ - public function __construct(ContainerInterface $container, RouterInterface $router, TranslatorInterface $translator) { - //Retrieve config - $this->config = $container->getParameter(self::getAlias()); - - //Set the translator - $this->translator = $translator; - - //Get request stack - $stack = $container->get('request_stack'); - - //Get current request - $request = $stack->getCurrentRequest(); - - //Get current locale - $currentLocale = $request->getLocale(); - - //Set locale - $this->config['context']['locale'] = str_replace('_', '-', $currentLocale); - - //Set translate array - $translates = []; - - //Look for keys to translate - if (!empty($this->config['translate'])) { - //Iterate on keys to translate - foreach($this->config['translate'] as $translate) { - //Set tmp - $tmp = null; - //Iterate on keys - foreach(array_reverse(explode('.', $translate)) as $curkey) { - $tmp = array_combine([$curkey], [$tmp]); - } - //Append tree - $translates = array_replace_recursive($translates, $tmp); - } - } - - //Inject every requested route in view and mail context - foreach($this->config as $tag => $current) { - //Look for entry with title subkey - if (!empty($current['title'])) { - //Translate title value - $this->config[$tag]['title'] = $translator->trans($current['title']); - } - - //Look for entry with route subkey - if (!empty($current['route'])) { - //Generate url for both view and mail - foreach(['view', 'mail'] as $view) { - //Check that context key is usable - if (isset($current[$view]['context']) && is_array($current[$view]['context'])) { - //Merge with global context - $this->config[$tag][$view]['context'] = array_replace_recursive($this->config['context'], $this->config[$tag][$view]['context']); - - //Process every routes - foreach($current['route'] as $route => $key) { - //With confirm route - if ($route == 'confirm') { - //Skip route as it requires some parameters - continue; - } - - //Set value - $value = $router->generate( - $this->config['route'][$route]['name'], - $this->config['route'][$route]['context'], - //Generate absolute url for mails - $view=='mail'?UrlGeneratorInterface::ABSOLUTE_URL:UrlGeneratorInterface::ABSOLUTE_PATH - ); - - //Multi level key - if (strpos($key, '.') !== false) { - //Set tmp - $tmp = $value; - - //Iterate on key - foreach(array_reverse(explode('.', $key)) as $curkey) { - $tmp = array_combine([$curkey], [$tmp]); - } - - //Set value - $this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp); - //Single level key - } else { - //Set value - $this->config[$tag][$view]['context'][$key] = $value; - } - } - - //Look for successful intersections - if (!empty(array_intersect_key($translates, $this->config[$tag][$view]['context']))) { - //Iterate on keys to translate - foreach($this->config['translate'] as $translate) { - //Set keys - $keys = explode('.', $translate); - - //Set tmp - $tmp = $this->config[$tag][$view]['context']; - - //Iterate on keys - foreach($keys as $curkey) { - //Without child key - if (!isset($tmp[$curkey])) { - //Skip to next key - continue(2); - } - - //Get child key - $tmp = $tmp[$curkey]; - } - - //Translate tmp value - $tmp = $translator->trans($tmp); - - //Iterate on keys - foreach(array_reverse($keys) as $curkey) { - //Set parent key - $tmp = array_combine([$curkey], [$tmp]); - } - - //Set value - $this->config[$tag][$view]['context'] = array_replace_recursive($this->config[$tag][$view]['context'], $tmp); - } - } - - //With view context - if ($view == 'view') { - //Get context path - $pathInfo = $router->getContext()->getPathInfo(); - - //Iterate on locales excluding current one - foreach($this->config['locales'] as $locale) { - //Set titles - $titles = []; - - //Iterate on other locales - foreach(array_diff($this->config['locales'], [$locale]) as $other) { - $titles[$other] = $translator->trans($this->config['languages'][$locale], [], null, $other); - } - - //Retrieve route matching path - $route = $router->match($pathInfo); - - //Get route name - $name = $route['_route']; - - //Unset route name - unset($route['_route']); - - //With current locale - if ($locale == $currentLocale) { - //Set locale locales context - $this->config[$tag][$view]['context']['canonical'] = $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL); - } else { - //Set locale locales context - $this->config[$tag][$view]['context']['alternates'][$locale] = [ - 'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL), - 'relative' => $router->generate($name, ['_locale' => $locale]+$route), - 'title' => implode('/', $titles), - 'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale) - ]; - } - - //Add shorter locale - if (empty($this->config[$tag][$view]['context']['alternates'][$slocale = substr($locale, 0, 2)])) { - //Add shorter locale - $this->config[$tag][$view]['context']['alternates'][$slocale] = [ - 'absolute' => $router->generate($name, ['_locale' => $locale]+$route, UrlGeneratorInterface::ABSOLUTE_URL), - 'relative' => $router->generate($name, ['_locale' => $locale]+$route), - 'title' => implode('/', $titles), - 'translated' => $translator->trans($this->config['languages'][$locale], [], null, $locale) - ]; - } - } - } - } - } - } - } - } - /** * Confirm account from mail link * * @param Request $request The request - * @param Registry $manager The doctrine registry - * @param UserPasswordEncoderInterface $encoder The password encoder - * @param EntityManagerInterface $manager The doctrine entity manager - * @param SluggerUtil $slugger The slugger - * @param MailerInterface $mailer The mailer - * @param string $mail The shorted mail address * @param string $hash The hashed password + * @param string $mail The shorted mail address * @return Response The response */ - public function confirm(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $hash): Response { + public function confirm(Request $request, string $hash, string $mail): Response { //With invalid hash - if ($hash != $slugger->hash($mail)) { + if ($hash != $this->slugger->hash($mail)) { //Throw bad request throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash])); } //Get mail - $mail = $slugger->unshort($smail = $mail); + $mail = $this->slugger->unshort($smail = $mail); //Without valid mail if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) { @@ -261,55 +52,51 @@ class DefaultController extends AbstractController { } //Without existing registrant - if (!($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { + if (!($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Add error message mail already exists //XXX: prevent slugger reverse engineering by not displaying decoded mail $this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail])); //Redirect to register view - return $this->redirectToRoute($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield = $slugger->serialize([]), 'hash' => $slugger->hash($smail.$sfield)]+$this->config['route']['register']['context']); + return $this->redirectToRoute($this->config['route']['register']['name'], ['mail' => $smail, 'field' => $sfield = $this->slugger->serialize([]), 'hash' => $this->slugger->hash($smail.$sfield)]+$this->config['route']['register']['context']); } //Set active $user->setActive(true); //Persist user - $manager->persist($user); + $this->manager->persist($user); //Send to database - $manager->flush(); + $this->manager->flush(); //Add error message mail already exists $this->addFlash('notice', $this->translator->trans('Your account has been activated')); //Redirect to user view - return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']); + return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']); } /** * Edit account by shorted mail * * @param Request $request The request - * @param Registry $manager The doctrine registry - * @param UserPasswordEncoderInterface $encoder The password encoder - * @param EntityManagerInterface $manager The doctrine entity manager - * @param SluggerUtil $slugger The slugger - * @param string $mail The shorted mail address * @param string $hash The hashed password + * @param string $mail The shorted mail address * @return Response The response */ - public function edit(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, $mail, $hash): Response { + public function edit(Request $request, string $hash, string $mail): Response { //With invalid hash - if ($hash != $slugger->hash($mail)) { + if ($hash != $this->slugger->hash($mail)) { //Throw bad request throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash])); } //Get mail - $mail = $slugger->unshort($smail = $mail); + $mail = $this->slugger->unshort($smail = $mail); //With existing subscriber - if (empty($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { + if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Throw not found //XXX: prevent slugger reverse engineering by not displaying decoded mail throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail])); @@ -325,25 +112,25 @@ class DefaultController extends AbstractController { //Create the RegisterType form and give the proper parameters $edit = $this->createForm($this->config['edit']['view']['edit'], $user, [ //Set action to register route name and context - 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']), + 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']), //Set civility class 'civility_class' => $this->config['class']['civility'], //Set civility default - 'civility_default' => $doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']), + 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']), //Disable mail 'mail' => $this->isGranted('ROLE_ADMIN'), //Disable password 'password' => false, //Set method 'method' => 'POST' - ]); + ]+$this->config['edit']['field']); //With admin role if ($this->isGranted('ROLE_ADMIN')) { //Create the LoginType form and give the proper parameters $reset = $this->createForm($this->config['edit']['view']['reset'], $user, [ //Set action to register route name and context - 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']), + 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']), //Disable mail 'mail' => false, //Set method @@ -361,29 +148,24 @@ class DefaultController extends AbstractController { $data = $reset->getData(); //Set password - $data->setPassword($encoder->encodePassword($data, $data->getPassword())); + $data->setPassword($this->hasher->hashPassword($data, $data->getPassword())); //Queue snippet save - $manager->persist($data); + $this->manager->persist($data); //Flush to get the ids - $manager->flush(); + $this->manager->flush(); //Add notice $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()])); //Redirect to cleanup the form - return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']); + return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']); } } //Add reset view $this->config['edit']['view']['context']['reset'] = $reset->createView(); - //Without admin role - //XXX: prefer a reset on login to force user unspam action - } else { - //Add notice - $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure')); } //With post method @@ -397,17 +179,29 @@ class DefaultController extends AbstractController { $data = $edit->getData(); //Queue snippet save - $manager->persist($data); + $this->manager->persist($data); - //Flush to get the ids - $manager->flush(); + //Try saving in database + try { + //Flush to get the ids + $this->manager->flush(); - //Add notice - $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()])); + //Add notice + $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()])); - //Redirect to cleanup the form - return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $slugger->short($mail), 'hash' => $slugger->hash($smail)]+$this->config['route']['edit']['context']); + //Redirect to cleanup the form + return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']); + //Catch double slug or mail + } catch (UniqueConstraintViolationException $e) { + //Add error message mail already exists + $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $data->getMail()])); + } } + //Without admin role + //XXX: prefer a reset on login to force user unspam action + } elseif (!$this->isGranted('ROLE_ADMIN')) { + //Add notice + $this->addFlash('notice', $this->translator->trans('To change your password login with your mail and any password then follow the procedure')); } //Render view @@ -424,13 +218,11 @@ class DefaultController extends AbstractController { * * @param Request $request The request * @param AuthenticationUtils $authenticationUtils The authentication utils - * @param RouterInterface $router The router instance - * @param SluggerUtil $slugger The slugger - * @param string $mail The shorted mail address - * @param string $hash The hashed password + * @param ?string $hash The hashed password + * @param ?string $mail The shorted mail address * @return Response The response */ - public function login(Request $request, AuthenticationUtils $authenticationUtils, RouterInterface $router, SluggerUtil $slugger, $mail, $hash): Response { + public function login(Request $request, AuthenticationUtils $authenticationUtils, ?string $hash, ?string $mail): Response { //Create the LoginType form and give the proper parameters $login = $this->createForm($this->config['login']['view']['form'], null, [ //Set action to login route name and context @@ -447,13 +239,13 @@ class DefaultController extends AbstractController { //With mail if (!empty($mail) && !empty($hash)) { //With invalid hash - if ($hash != $slugger->hash($mail)) { + if ($hash != $this->slugger->hash($mail)) { //Throw bad request throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash])); } //Get mail - $mail = $slugger->unshort($smail = $mail); + $mail = $this->slugger->unshort($smail = $mail); //Without valid mail if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) { @@ -513,17 +305,12 @@ class DefaultController extends AbstractController { * Recover account * * @param Request $request The request - * @param Registry $manager The doctrine registry - * @param UserPasswordEncoderInterface $encoder The password encoder - * @param EntityManagerInterface $manager The doctrine entity manager - * @param SluggerUtil $slugger The slugger - * @param MailerInterface $mailer The mailer - * @param string $mail The shorted mail address - * @param string $pass The shorted password - * @param string $hash The hashed password + * @param ?string $hash The hashed password + * @param ?string $pass The shorted password + * @param ?string $mail The shorted mail address * @return Response The response */ - public function recover(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, $mail, $pass, $hash): Response { + public function recover(Request $request, ?string $hash, ?string $pass, ?string $mail): Response { //Without mail, pass and hash if (empty($mail) && empty($pass) && empty($hash)) { //Create the LoginType form and give the proper parameters @@ -536,24 +323,26 @@ class DefaultController extends AbstractController { 'method' => 'POST' ]); + //With post method if ($request->isMethod('POST')) { //Refill the fields in case the form is not valid. $form->handleRequest($request); - if ($form->isValid()) { + //With form submitted and valid + if ($form->isSubmitted() && $form->isValid()) { //Set data $data = $form->getData(); //Find user by data mail - if ($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) { + if ($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($data['mail'])) { //Set mail shortcut $recoverMail =& $this->config['recover']['mail']; //Set mail - $mail = $slugger->short($user->getMail()); + $mail = $this->slugger->short($user->getMail()); //Set pass - $pass = $slugger->hash($user->getPassword()); + $pass = $this->slugger->hash($user->getPassword()); //Generate each route route foreach($this->config['recover']['route'] as $route => $tag) { @@ -562,13 +351,13 @@ class DefaultController extends AbstractController { //Process for recover mail url if ($route == 'recover') { //Set the url in context - $recoverMail['context'][$tag] = $this->get('router')->generate( + $recoverMail['context'][$tag] = $this->router->generate( $this->config['route'][$route]['name'], //Prepend recover context with tag [ 'mail' => $mail, 'pass' => $pass, - 'hash' => $slugger->hash($mail.$pass) + 'hash' => $this->slugger->hash($mail.$pass) ]+$this->config['route'][$route]['context'], UrlGeneratorInterface::ABSOLUTE_URL ); @@ -580,10 +369,10 @@ class DefaultController extends AbstractController { $recoverMail['context']['recipient_mail'] = $user->getMail(); //Set recipient_name - $recoverMail['context']['recipient_name'] = trim($user->getForename().' '.$user->getSurname().($user->getPseudonym()?' ('.$user->getPseudonym().')':'')); + $recoverMail['context']['recipient_name'] = $user->getRecipientName(); //Init subject context - $subjectContext = $slugger->flatten(array_replace_recursive($this->config['recover']['view']['context'], $recoverMail['context']), null, '.', '%', '%'); + $subjectContext = $this->slugger->flatten(array_replace_recursive($this->config['recover']['view']['context'], $recoverMail['context']), null, '.', '%', '%'); //Translate subject $recoverMail['subject'] = ucfirst($this->translator->trans($recoverMail['subject'], $subjectContext)); @@ -611,7 +400,7 @@ class DefaultController extends AbstractController { //XXX: mail delivery may silently fail try { //Send message - $mailer->send($message); + $this->mailer->send($message); //Redirect on the same route with sent=1 to cleanup form return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params')); @@ -638,13 +427,13 @@ class DefaultController extends AbstractController { } //With invalid hash - if ($hash != $slugger->hash($mail.$pass)) { + if ($hash != $this->slugger->hash($mail.$pass)) { //Throw bad request throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash])); } //Get mail - $mail = $slugger->unshort($smail = $mail); + $mail = $this->slugger->unshort($smail = $mail); //Without valid mail if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) { @@ -654,14 +443,14 @@ class DefaultController extends AbstractController { } //With existing subscriber - if (empty($user = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { + if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Throw not found //XXX: prevent slugger reverse engineering by not displaying decoded mail throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail])); } //With unmatched pass - if ($pass != $slugger->hash($user->getPassword())) { + if ($pass != $this->slugger->hash($user->getPassword())) { //Throw not found //XXX: prevent use of outdated recover link throw $this->createNotFoundException($this->translator->trans('Outdated recover link')); @@ -677,34 +466,36 @@ class DefaultController extends AbstractController { 'method' => 'POST' ]); + //With post method if ($request->isMethod('POST')) { //Refill the fields in case the form is not valid. $form->handleRequest($request); - if ($form->isValid()) { + //With form submitted and valid + if ($form->isSubmitted() && $form->isValid()) { //Set data $data = $form->getData(); - //Set encoded password - $encoded = $encoder->encodePassword($user, $user->getPassword()); + //Set hashed password + $hashed = $this->hasher->hashPassword($user, $user->getPassword()); //Update pass - $pass = $slugger->hash($encoded); + $pass = $this->slugger->hash($hashed); //Set user password - $user->setPassword($encoded); + $user->setPassword($hashed); //Persist user - $manager->persist($user); + $this->manager->persist($user); //Send to database - $manager->flush(); + $this->manager->flush(); //Add notice $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail])); //Redirect to user login - return $this->redirectToRoute($this->config['route']['login']['name'], ['mail' => $smail, 'hash' => $slugger->hash($smail)]+$this->config['route']['login']['context']); + return $this->redirectToRoute($this->config['route']['login']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['login']['context']); } } @@ -721,33 +512,27 @@ class DefaultController extends AbstractController { * Register an account * * @param Request $request The request - * @param Registry $manager The doctrine registry - * @param UserPasswordEncoderInterface $encoder The password encoder - * @param EntityManagerInterface $manager The doctrine entity manager - * @param SluggerUtil $slugger The slugger - * @param MailerInterface $mailer The mailer - * @param LoggerInterface $logger The logger - * @param string $mail The shorted mail address - * @param string $field The serialized then shorted form field array - * @param string $hash The hashed serialized field array + * @param ?string $hash The hashed serialized field array + * @param ?string $field The serialized then shorted form field array + * @param ?string $mail The shorted mail address * @return Response The response */ - public function register(Request $request, Registry $doctrine, UserPasswordEncoderInterface $encoder, EntityManagerInterface $manager, SluggerUtil $slugger, MailerInterface $mailer, LoggerInterface $logger, $mail, $field, $hash): Response { + public function register(Request $request, ?string $hash, ?string $field, ?string $mail): Response { //With mail if (!empty($_POST['register']['mail'])) { //Log new user infos - $logger->emergency( + $this->logger->emergency( $this->translator->trans( 'register: mail=%mail% locale=%locale% confirm=%confirm%', [ '%mail%' => $postMail = $_POST['register']['mail'], '%locale%' => $request->getLocale(), - '%confirm%' => $this->get('router')->generate( + '%confirm%' => $this->router->generate( $this->config['route']['confirm']['name'], //Prepend subscribe context with tag [ - 'mail' => $postSmail = $slugger->short($postMail), - 'hash' => $slugger->hash($postSmail) + 'mail' => $postSmail = $this->slugger->short($postMail), + 'hash' => $this->slugger->hash($postSmail) ]+$this->config['route']['confirm']['context'], UrlGeneratorInterface::ABSOLUTE_URL ) @@ -759,7 +544,7 @@ class DefaultController extends AbstractController { //With mail and field if (!empty($field) && !empty($hash)) { //With invalid hash - if ($hash != $slugger->hash($mail.$field)) { + if ($hash != $this->slugger->hash($mail.$field)) { //Throw bad request throw new BadRequestHttpException($this->translator->trans('Invalid %field% field: %value%', ['%field%' => 'hash', '%value%' => $hash])); } @@ -767,7 +552,7 @@ class DefaultController extends AbstractController { //With mail if (!empty($mail)) { //Get mail - $mail = $slugger->unshort($smail = $mail); + $mail = $this->slugger->unshort($smail = $mail); //Without valid mail if (filter_var($mail, FILTER_VALIDATE_EMAIL) === false) { @@ -777,22 +562,25 @@ class DefaultController extends AbstractController { } //With existing registrant - if ($existing = $doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) { + if ($existing = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail)) { //With disabled existing if ($existing->isDisabled()) { //Render view - return $this->render( + $response = $this->render( //Template $this->config['register']['view']['name'], //Context - ['title' => $this->translator->trans('Access denied'), 'disabled' => 1]+$this->config['register']['view']['context'], - //Set 403 - new Response('', 403) + ['title' => $this->translator->trans('Access denied'), 'disabled' => 1]+$this->config['register']['view']['context'] ); + + //Set 403 + $response->setStatusCode(403); + + //Return response + return $response; //With unactivated existing } elseif (!$existing->isActivated()) { //Set mail shortcut - //TODO: change for activate ??? $activateMail =& $this->config['register']['mail']; //Generate each route route @@ -802,12 +590,12 @@ class DefaultController extends AbstractController { //Process for confirm url if ($route == 'confirm') { //Set the url in context - $activateMail['context'][$tag] = $this->get('router')->generate( + $activateMail['context'][$tag] = $this->router->generate( $this->config['route'][$route]['name'], //Prepend subscribe context with tag [ - 'mail' => $smail = $slugger->short($existing->getMail()), - 'hash' => $slugger->hash($smail) + 'mail' => $smail = $this->slugger->short($existing->getMail()), + 'hash' => $this->slugger->hash($smail) ]+$this->config['route'][$route]['context'], UrlGeneratorInterface::ABSOLUTE_URL ); @@ -819,10 +607,10 @@ class DefaultController extends AbstractController { $activateMail['context']['recipient_mail'] = $existing->getMail(); //Set recipient name - $activateMail['context']['recipient_name'] = implode(' ', [$existing->getForename(), $existing->getSurname(), $existing->getPseudonym()?'('.$existing->getPseudonym().')':'']); + $activateMail['context']['recipient_name'] = $existing->getRecipientName(); //Init subject context - $subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $activateMail['context']), null, '.', '%', '%'); + $subjectContext = $this->slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $activateMail['context']), null, '.', '%', '%'); //Translate subject $activateMail['subject'] = ucfirst($this->translator->trans($activateMail['subject'], $subjectContext)); @@ -848,7 +636,7 @@ class DefaultController extends AbstractController { //XXX: mail delivery may silently fail try { //Send message - $mailer->send($message); + $this->mailer->send($message); //Catch obvious transport exception } catch(TransportExceptionInterface $e) { //Add error message mail unreachable @@ -872,8 +660,8 @@ class DefaultController extends AbstractController { return $this->redirectToRoute( $this->config['route']['edit']['name'], [ - 'mail' => $smail = $slugger->short($existing->getMail()), - 'hash' => $slugger->hash($smail) + 'mail' => $smail = $this->slugger->short($existing->getMail()), + 'hash' => $this->slugger->hash($smail) ]+$this->config['route']['edit']['context'] ); } @@ -886,7 +674,7 @@ class DefaultController extends AbstractController { //Try try { //Unshort then unserialize field - $field = $slugger->unserialize($sfield = $field); + $field = $this->slugger->unserialize($sfield = $field); //Catch type error } catch (\Error|\Exception $e) { //Throw bad request @@ -923,23 +711,25 @@ class DefaultController extends AbstractController { //Set civility class 'civility_class' => $this->config['class']['civility'], //Set civility default - 'civility_default' => $doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']), + 'civility_default' => $this->doctrine->getRepository($this->config['class']['civility'])->findOneByTitle($this->config['default']['civility']), //With mail 'mail' => true, //Set method 'method' => 'POST' - ]); + ]+$this->config['register']['field']); + //With post method if ($request->isMethod('POST')) { //Refill the fields in case the form is not valid. $form->handleRequest($request); - if ($form->isValid()) { + //With form submitted and valid + if ($form->isSubmitted() && $form->isValid()) { //Set data $data = $form->getData(); //With existing registrant - if ($doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail = $data->getMail())) { + if ($this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail = $data->getMail())) { //Add error message mail already exists $this->addFlash('warning', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail])); @@ -947,8 +737,8 @@ class DefaultController extends AbstractController { return $this->redirectToRoute( $this->config['route']['edit']['name'], [ - 'mail' => $smail = $slugger->short($mail), - 'hash' => $slugger->hash($smail) + 'mail' => $smail = $this->slugger->short($mail), + 'hash' => $this->slugger->hash($smail) ]+$this->config['route']['edit']['context'] ); } @@ -956,34 +746,16 @@ class DefaultController extends AbstractController { //Set mail shortcut $registerMail =& $this->config['register']['mail']; - //Extract names and pseudonym from mail - $names = explode(' ', $pseudonym = ucwords(trim(preg_replace('/[^a-zA-Z]+/', ' ', current(explode('@', $data->getMail())))))); - - //Set pseudonym - $user->setPseudonym($user->getPseudonym()??$pseudonym); - - //Set forename - $user->setForename($user->getForename()??$names[0]); - - //Set surname - $user->setSurname($user->getSurname()??$names[1]??$names[0]); - //Set password - $user->setPassword($encoder->encodePassword($user, $user->getPassword()??$data->getMail())); - - //Set created - $user->setCreated(new \DateTime('now')); - - //Set updated - $user->setUpdated(new \DateTime('now')); + $user->setPassword($this->hasher->hashPassword($user, $user->getPassword())); //Persist user - $manager->persist($user); + $this->manager->persist($user); //Iterate on default group foreach($this->config['default']['group'] as $i => $groupTitle) { //Fetch group - if (($group = $doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) { + if (($group = $this->doctrine->getRepository($this->config['class']['group'])->findOneByTitle($groupTitle))) { //Set default group //XXX: see vendor/symfony/security-core/Role/Role.php $user->addGroup($group); @@ -1002,12 +774,12 @@ class DefaultController extends AbstractController { //Process for confirm url if ($route == 'confirm') { //Set the url in context - $registerMail['context'][$tag] = $this->get('router')->generate( + $registerMail['context'][$tag] = $this->router->generate( $this->config['route'][$route]['name'], //Prepend subscribe context with tag [ - 'mail' => $smail = $slugger->short($data->getMail()), - 'hash' => $slugger->hash($smail) + 'mail' => $smail = $this->slugger->short($data->getMail()), + 'hash' => $this->slugger->hash($smail) ]+$this->config['route'][$route]['context'], UrlGeneratorInterface::ABSOLUTE_URL ); @@ -1015,20 +787,14 @@ class DefaultController extends AbstractController { } } - //XXX: DEBUG: remove me - //die($registerMail['context']['confirm_url']); - //Set recipient_name $registerMail['context']['recipient_mail'] = $data->getMail(); //Set recipient name - $registerMail['context']['recipient_name'] = ''; - - //Set recipient name - $registerMail['context']['recipient_name'] = implode(' ', [$data->getForename(), $data->getSurname(), $data->getPseudonym()?'('.$data->getPseudonym().')':'']); + $registerMail['context']['recipient_name'] = $data->getRecipientName(); //Init subject context - $subjectContext = $slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $registerMail['context']), null, '.', '%', '%'); + $subjectContext = $this->slugger->flatten(array_replace_recursive($this->config['register']['view']['context'], $registerMail['context']), null, '.', '%', '%'); //Translate subject $registerMail['subject'] = ucfirst($this->translator->trans($registerMail['subject'], $subjectContext)); @@ -1053,7 +819,7 @@ class DefaultController extends AbstractController { //Try saving in database try { //Send to database - $manager->flush(); + $this->manager->flush(); //Add error message mail already exists $this->addFlash('notice', $this->translator->trans('Your account has been created')); @@ -1062,7 +828,7 @@ class DefaultController extends AbstractController { //XXX: mail delivery may silently fail try { //Send message - $mailer->send($message); + $this->mailer->send($message); //Redirect on the same route with sent=1 to cleanup form return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params')); @@ -1072,7 +838,7 @@ class DefaultController extends AbstractController { $form->get('mail')->addError(new FormError($this->translator->trans('Account %mail% tried subscribe but unable to contact', ['%mail%' => $data->getMail()]))); } //Catch double subscription - } catch (\Doctrine\DBAL\Exception\UniqueConstraintViolationException $e) { + } catch (UniqueConstraintViolationException $e) { //Add error message mail already exists $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $mail])); } @@ -1087,11 +853,4 @@ class DefaultController extends AbstractController { ['form' => $form->createView(), 'sent' => $request->query->get('sent', 0)]+$this->config['register']['view']['context'] ); } - - /** - * {@inheritdoc} - */ - public function getAlias(): string { - return RapsysUserBundle::getAlias(); - } }