X-Git-Url: https://git.rapsys.eu/userbundle/blobdiff_plain/feb820aea1304e9c63ca1aeca47bcaf0aa78b195..662088d3b367d419c5861e992913b29ed830f316:/Controller/UserController.php diff --git a/Controller/UserController.php b/Controller/UserController.php index 3698493..4058c91 100644 --- a/Controller/UserController.php +++ b/Controller/UserController.php @@ -12,6 +12,9 @@ namespace Rapsys\UserBundle\Controller; use Doctrine\DBAL\Exception\UniqueConstraintViolationException; + +use Rapsys\UserBundle\RapsysUserBundle; + use Symfony\Bridge\Twig\Mime\TemplatedEmail; use Symfony\Component\Form\FormError; use Symfony\Component\HttpFoundation\Request; @@ -22,8 +25,6 @@ use Symfony\Component\Mime\Address; use Symfony\Component\Routing\Generator\UrlGeneratorInterface; use Symfony\Component\Security\Http\Authentication\AuthenticationUtils; -use Rapsys\UserBundle\RapsysUserBundle; - /** * {@inheritdoc} */ @@ -91,7 +92,7 @@ class UserController extends AbstractController { if (!($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Add error message mail already exists //XXX: prevent slugger reverse engineering by not displaying decoded mail - $this->addFlash('error', $this->translator->trans('Account %mail% do not exists', ['%mail%' => $smail])); + $this->addFlash('error', $this->translator->trans('Account do not exists')); //Redirect to register view return $this->redirectToRoute($this->config['route']['register']['name'], $this->config['route']['register']['context']); @@ -135,18 +136,18 @@ class UserController extends AbstractController { if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Throw not found //XXX: prevent slugger reverse engineering by not displaying decoded mail - throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail])); + throw $this->createNotFoundException($this->translator->trans('Unable to find account')); } //Prevent access when not admin, user is not guest and not currently logged user if (!$this->checker->isGranted($this->config['default']['admin']) && $user != $this->security->getUser() || !$this->checker->isGranted('IS_AUTHENTICATED_FULLY')) { //Throw access denied //XXX: prevent slugger reverse engineering by not displaying decoded mail - throw $this->createAccessDeniedException($this->translator->trans('Unable to access user: %mail%', ['%mail%' => $smail])); + throw $this->createAccessDeniedException($this->translator->trans('Unable to access user')); } //Create the EditType form and give the proper parameters - $edit = $this->createForm($this->config['edit']['view']['edit'], $user, [ + $edit = $this->factory->create($this->config['edit']['view']['edit'], $user, [ //Set action to edit route name and context 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']), //Set civility class @@ -160,7 +161,7 @@ class UserController extends AbstractController { //With admin role if ($this->checker->isGranted($this->config['default']['admin'])) { //Create the EditType form and give the proper parameters - $reset = $this->createForm($this->config['edit']['view']['reset'], $user, [ + $reset = $this->factory->create($this->config['edit']['view']['reset'], $user, [ //Set action to edit route name and context 'action' => $this->generateUrl($this->config['route']['edit']['name'], ['mail' => $smail, 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']), //Set method @@ -187,7 +188,7 @@ class UserController extends AbstractController { $this->manager->flush(); //Add notice - $this->addFlash('notice', $this->translator->trans('Account %mail% password updated', ['%mail%' => $mail = $data->getMail()])); + $this->addFlash('notice', $this->translator->trans('Account password updated')); //Redirect to cleanup the form return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']); @@ -217,14 +218,14 @@ class UserController extends AbstractController { $this->manager->flush(); //Add notice - $this->addFlash('notice', $this->translator->trans('Account %mail% updated', ['%mail%' => $mail = $data->getMail()])); + $this->addFlash('notice', $this->translator->trans('Account updated')); //Redirect to cleanup the form return $this->redirectToRoute($this->config['route']['edit']['name'], ['mail' => $smail = $this->slugger->short($mail), 'hash' => $this->slugger->hash($smail)]+$this->config['route']['edit']['context']); //Catch double slug or mail } catch (UniqueConstraintViolationException $e) { //Add error message mail already exists - $this->addFlash('error', $this->translator->trans('Account %mail% already exists', ['%mail%' => $data->getMail()])); + $this->addFlash('error', $this->translator->trans('Account already exists')); } } //Without admin role @@ -254,7 +255,7 @@ class UserController extends AbstractController { */ public function login(Request $request, AuthenticationUtils $authenticationUtils, ?string $hash, ?string $mail): Response { //Create the LoginType form and give the proper parameters - $login = $this->createForm($this->config['login']['view']['form'], null, [ + $login = $this->factory->create($this->config['login']['view']['form'], null, [ //Set action to login route name and context 'action' => $this->generateUrl($this->config['route']['login']['name'], $this->config['route']['login']['context']), //Set method @@ -297,7 +298,7 @@ class UserController extends AbstractController { $login->get('mail')->addError(new FormError($error)); //Create the RecoverType form and give the proper parameters - $recover = $this->createForm($this->config['recover']['view']['form'], null, [ + $recover = $this->factory->create($this->config['recover']['view']['form'], null, [ //Set action to recover route name and context 'action' => $this->generateUrl($this->config['route']['recover']['name'], $this->config['route']['recover']['context']), //Without password @@ -367,7 +368,7 @@ class UserController extends AbstractController { if (empty($user = $this->doctrine->getRepository($this->config['class']['user'])->findOneByMail($mail))) { //Throw not found //XXX: prevent slugger reverse engineering by not displaying decoded mail - throw $this->createNotFoundException($this->translator->trans('Unable to find account %mail%', ['%mail%' => $smail])); + throw $this->createNotFoundException($this->translator->trans('Unable to find account')); } //With unmatched pass @@ -382,7 +383,7 @@ class UserController extends AbstractController { } //Create the LoginType form and give the proper parameters - $form = $this->createForm($this->config['recover']['view']['form'], $user, [ + $form = $this->factory->create($this->config['recover']['view']['form'], $user, [ //Set action to recover route name and context 'action' => $this->generateUrl($this->config['route']['recover']['name'], $context+$this->config['route']['recover']['context']), //With user disable mail @@ -495,7 +496,7 @@ class UserController extends AbstractController { //Create message $message = (new TemplatedEmail()) //Set sender - ->from(new Address($this->config['contact']['address'], $this->config['contact']['name'])) + ->from(new Address($this->config['contact']['address'], $this->translator->trans($this->config['contact']['name']))) //Set recipient //XXX: remove the debug set in vendor/symfony/mime/Address.php +46 ->to(new Address($context['recipient_mail'], $context['recipient_name'])) @@ -516,10 +517,10 @@ class UserController extends AbstractController { $this->mailer->send($message); //Add notice - $this->addFlash('notice', $this->translator->trans('Your recovery mail has been sent, to retrieve your account you must follow the recuperate link inside')); + $this->addFlash('notice', $this->translator->trans('Your recovery mail has been sent, to retrieve your account follow the recuperate link inside')); //Add junk warning - $this->addFlash('warning', $this->translator->trans('If you did not receive a recovery mail, check your Spam or Junk mail folders')); + $this->addFlash('warning', $this->translator->trans('If you did not receive a recovery mail, check your Spam or Junk mail folder')); //Redirect on the same route with sent=1 to cleanup form return $this->redirectToRoute($request->get('_route'), ['sent' => 1]+$request->get('_route_params'), 302); @@ -553,7 +554,7 @@ class UserController extends AbstractController { //Log new user infos $this->logger->emergency( $this->translator->trans( - 'register: mail=%mail% locale=%locale% confirm=%confirm%', + 'register: mail=%mail% locale=%locale% confirm=%confirm% ip=%ip%', [ '%mail%' => $postMail = $_POST['register']['mail'], '%locale%' => $request->getLocale(), @@ -565,7 +566,8 @@ class UserController extends AbstractController { 'hash' => $this->slugger->hash($postSmail) ]+$this->config['route']['confirm']['context'], UrlGeneratorInterface::ABSOLUTE_URL - ) + ), + '%ip%' => $request->getClientIp() ] ) ); @@ -578,9 +580,11 @@ class UserController extends AbstractController { $user = $reflection->newInstance('', ''); //Create the RegisterType form and give the proper parameters - $form = $this->createForm($this->config['register']['view']['form'], $user, [ + $form = $this->factory->create($this->config['register']['view']['form'], $user, [ //Set action to register route name and context 'action' => $this->generateUrl($this->config['route']['register']['name'], $this->config['route']['register']['context']), + //Set captcha + 'captcha' => true, //Set civility class 'civility_class' => $this->config['class']['civility'], //Set civility default @@ -687,7 +691,7 @@ class UserController extends AbstractController { //Create message $message = (new TemplatedEmail()) //Set sender - ->from(new Address($this->config['contact']['address'], $this->config['contact']['name'])) + ->from(new Address($this->config['contact']['address'], $this->translator->trans($this->config['contact']['name']))) //Set recipient //XXX: remove the debug set in vendor/symfony/mime/Address.php +46 ->to(new Address($context['recipient_mail'], $context['recipient_name'])) @@ -707,7 +711,7 @@ class UserController extends AbstractController { $this->manager->flush(); //Add error message mail already exists - $this->addFlash('notice', $this->translator->trans('Your account has been created')); + $this->addFlash('notice', $this->translator->trans('Account created')); //Try sending message //XXX: mail delivery may silently fail