packages/Menke/UserBundle/Controller/UserController.php line 152

Open in your IDE?
  1. <?php
  3. namespace Menke\UserBundle\Controller;
  5. use Menke\UserBundle\Entity\User;
  6. use Menke\UserBundle\Form\UserType;
  7. use Doctrine\Persistence\ManagerRegistry;
  8. use Menke\UserBundle\Service\MailerService;
  9. use Menke\UserBundle\Form\PasswordResetType;
  10. use Menke\UserBundle\Form\PasswordForgotType;
  11. use Symfony\Component\HttpFoundation\Request;
  12. use Menke\UserBundle\Event\UserActivatedEvent;
  13. use Symfony\Component\HttpFoundation\Response;
  14. use Menke\UserBundle\Repository\UserRepository;
  15. use Symfony\Component\Routing\Annotation\Route;
  16. use Menke\UserBundle\Security\TokenGeneratorInterface;
  17. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  18. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  20. class UserController extends AbstractClientableController
  21. {
  22.     /**
  23.      * @Route("/user/", name="user_index", methods="GET")
  24.      */
  25.     public function index(UserRepository $userRepository): Response
  26.     {
  27.         return $this->render('@MenkeUser/user/index.html.twig', [
  28.             'users' => $userRepository->findBy(['client' => $this->getCurrentClient(), 'role' => [User::ROLE_ADMINUser::ROLE_MANAGER]])
  29.         ]);
  30.     }
  32.     /**
  33.      * @Route("/user/new", name="user_new", methods="GET|POST")
  34.      */
  35.     public function new(Request $requestUserPasswordHasherInterface $passwordHasherManagerRegistry $managerRegistry): Response
  36.     {
  37.         $user = new User();
  38.         $form $this->createForm(UserType::class, $user, [
  39.             'be_role_selectable' => true,
  40.             'pw_editable' => true,
  41.         ]);
  42.         $form->handleRequest($request);
  44.         if ($form->isSubmitted() && $form->isValid()) {
  45.             $user $form->getData();
  46.             $hash $passwordHasher->hashPassword($user$user->getPassword());
  47.             $user->setPassword($hash);
  49.             $em $managerRegistry->getManager();
  51.             // ToDo: remove this assignment when client system is expanded
  52.             $client $this->getCurrentClient();
  53.             $user->setClient($client);
  54.             $user->setActivatedAt(new \DateTime());
  56.             $em->persist($user);
  57.             $em->flush();
  59.             $this->addFlash('notice''Benutzer angelegt');
  60.             return $this->redirectToRoute('user_index');
  61.         }
  63.         return $this->render('@MenkeUser/user/new.html.twig', [
  64.             'user' => $user,
  65.             'form' => $form->createView(),
  66.         ]);
  67.     }
  69.     /**
  70.      * @Route("/user/{id}", name="user_show", methods="GET")
  71.      */
  72.     public function show(User $user): Response
  73.     {
  74.         $this->denyAccessUnlessGranted('ROLE_ADMIN'$user);
  75.         return $this->render('@MenkeUser/user/show.html.twig', ['user' => $user]);
  76.     }
  78.     /**
  79.      * @Route("/user/{id}/edit", name="user_edit", methods="GET|POST")
  80.      */
  81.     public function edit(Request $requestUser $userUserPasswordHasherInterface $passwordHasherManagerRegistry $managerRegistry): Response
  82.     {
  83.         $this->denyAccessUnlessGranted('ROLE_ADMIN'$user);
  84.         $password $user->getPassword();
  85.         $form $this->createForm(UserType::class, $user, [
  86.             'required_pw' => false,
  87.             'pw_editable' => true,
  88.             'be_role_selectable' => true
  89.         ]);
  90.         $form->handleRequest($request);
  92.         if ($form->isSubmitted() && $form->isValid()) {
  93.             $user $form->getData();
  94.             if (!empty($user->getPassword())) {
  95.                 $hash $passwordHasher->hashPassword($user$user->getPassword());
  96.                 $user->setPassword($hash);
  97.             } else {
  98.                 $user->setPassword($password);
  99.             }
  101.             $managerRegistry->getManager()->flush();
  102.             $this->addFlash('notice''Benutzer gespeichert');
  103.             return $this->redirectToRoute('user_edit', ['id' => $user->getId()]);
  104.         }
  106.         return $this->render('@MenkeUser/user/edit.html.twig', [
  107.             'user' => $user,
  108.             'form' => $form->createView(),
  109.         ]);
  110.     }
  112.     /**
  113.      * @Route("/user/{id}", name="user_delete", methods="DELETE", requirements={"id"="\d+"})
  114.      */
  115.     public function delete(Request $requestUser $userManagerRegistry $managerRegistry): Response
  116.     {
  117.         $this->denyAccessUnlessGranted('ROLE_ADMIN'$user);
  118.         if ($this->isCsrfTokenValid('delete'.$user->getId(), $request->request->get('_token'))) {
  119.             $em $managerRegistry->getManager();
  120.             $em->remove($user);
  121.             $em->flush();
  122.         }
  124.         return $this->redirectToRoute('user_index');
  125.     }
  127.     /**
  128.      * @Route("/user/multiple", name="user_delete-multiple", methods="DELETE")
  129.      */
  130.     public function deleteMultiple(Request $requestUserRepository $userRepoManagerRegistry $managerRegistry): Response
  131.     {
  132.         if ($this->isCsrfTokenValid('delete_users'$request->request->get('_token'))) {
  133.             $em $managerRegistry->getManager();
  134.             /** @var array $deleteIds */
  135.             $deleteIds $request->request->get('delete');
  136.             foreach ($deleteIds as $id => $value) {
  137.                 if ($value) {
  138.                     $user $userRepo->find($id);
  139.                     $this->denyAccessUnlessGranted('ROLE_ADMIN'$user);
  140.                     $em->remove($user);
  141.                 }
  142.             }
  143.             $em->flush();
  144.         }
  146.         return $this->redirectToRoute('user_index');
  147.     }
  149.     /**
  150.      * @Route("/forgot-password", name="user_forgot", methods="GET|POST")
  151.      */
  152.     public function forgotPassword(
  153.         Request $request,
  154.         TokenGeneratorInterface $generator,
  155.         UserRepository $repo,
  156.         MailerService $mailer
  157.         ManagerRegistry $managerRegistry
  158.     ) {
  159.         $form $this->createForm(PasswordForgotType::class);
  160.         $form->handleRequest($request);
  162.         $userNotFound false;
  163.         $emailSent false;
  165.         if ($form->isSubmitted() && $form->isValid()) {
  166.             $em $managerRegistry->getManager();
  167.             $data $form->getData();
  168.             $user $repo->findOneBy(array('username' => $data['email']));
  170.             if ($user) {
  171.                 $user->setPasswordResetToken($generator->generateToken());
  172.                 $user->setPasswordRequestedAt(new \DateTime());
  173.                 $em->flush();
  175.                 $mailer->sendPasswordForgotMessage($user$user->getPasswordResetToken());
  177.                 $emailSent true;
  178.             } else {
  179.                 $userNotFound true;
  180.             }
  181.         }
  183.         return $this->render('@MenkeUser/user/forgot.html.twig', array(
  184.             'form' => $form->createView(),
  185.             'userNotFound' => $userNotFound,
  186.             'emailSent' => $emailSent,
  187.         ));
  188.     }
  190.     /**
  191.      * @Route("/reset-password/{token}", name="user_reset", methods="GET|POST")
  192.      */
  193.     public function resetPasswordAction(
  194.         Request $request,
  195.         UserRepository $repo,
  196.         MailerService $mailer,
  197.         UserPasswordHasherInterface $passwordHasher,
  198.         $token,
  199.         ManagerRegistry $managerRegistry
  200.     ) {
  201.         $user $repo->findOneBy(array('passwordResetToken' => $token));
  202.         $passwordReset false;
  204.         if (!$user) {
  205.             $response = new Response();
  206.             $response->setStatusCode(Response::HTTP_NOT_FOUND);
  207.             return $response;
  208.         }
  210.         $form $this->createForm(PasswordResetType::class);
  211.         $form->handleRequest($request);
  213.         if ($form->isSubmitted() && $form->isValid()) {
  214.             $data $form->getData();
  215.             $em $managerRegistry->getManager();
  217.             $hash $passwordHasher->hashPassword($user$data['password']);
  218.             $user->setPassword($hash);
  219.             $user->setPasswordResetToken(null);
  220.             $user->setPasswordResetAt(new \DateTime());
  221.             $em->flush();
  223.             $mailer->sendPasswordResetMessage($user);
  225.             $passwordReset true;
  226.         }
  228.         return $this->render('@MenkeUser/user/reset.html.twig', array(
  229.             'form' => $form->createView(),
  230.             'passwordReset' => $passwordReset
  231.         ));
  232.     }
  234.     /**
  235.      * @Route("/activate/{token}", name="user_activate", methods="GET")
  236.      */
  237.     public function activateAccountAction($tokenUserRepository $repo,  EventDispatcherInterface $dispatcherManagerRegistry $managerRegistry)
  238.     {
  239.         $user $repo->findOneBy(array('activateToken' => $token));
  241.         if (!$user) {
  242.             $response = new Response();
  243.             $response->setStatusCode(Response::HTTP_NOT_FOUND);
  244.             return $response;
  245.         }
  247.         $user->setActivateToken(null);
  248.         $user->setActivatedAt(new \DateTime());
  250.         $event = new UserActivatedEvent($user);
  251.         $dispatcher->dispatch($eventUserActivatedEvent::NAME);
  253.         $em $managerRegistry->getManager();
  254.         $em->flush();
  256.         return $this->render('@MenkeUser/user/activated.html.twig');
  257.     }
  258. }