src/Controller/Auth/SecurityController.php line 36

Open in your IDE?
  1. <?php
  3. namespace App\Controller\Auth;
  5. use App\Entity\User;
  6. use App\Form\UserType;
  7. use App\Repository\RoleRepository;
  8. use App\Repository\UserRepository;
  9. use App\Form\UserChangePasswordType;
  10. use App\Form\UserWithoutPasswordType;
  11. use App\Message\MessageAlert;
  12. use Doctrine\Persistence\ManagerRegistry;
  13. use Symfony\Component\HttpFoundation\Request;
  14. use Symfony\Component\HttpFoundation\Response;
  15. use Symfony\Component\Routing\Annotation\Route;
  16. use Doctrine\Common\Collections\ArrayCollection;
  17. use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
  18. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
  19. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  20. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  21. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  23. #[Route('/security')]
  24. class SecurityController extends AbstractController
  25. {
  27.     public function __construct(
  28.         public UserPasswordHasherInterface $passwordHasher,
  29.         public UserRepository $userRepository,
  30.         public RoleRepository $roleRepository,
  31.         public ManagerRegistry $doctrine
  32.     ) {
  33.     }
  35.     #[Route(path'/login'name'app_login')]
  36.     public function login(AuthenticationUtils $authenticationUtils): Response
  37.     {
  38.         // if ($this->getUser()) {
  39.         //     return $this->redirectToRoute('target_path');
  40.         // }
  42.         // get the login error if there is one
  43.         $error $authenticationUtils->getLastAuthenticationError();
  44.         // last username entered by the user
  45.         $lastUsername $authenticationUtils->getLastUsername();
  47.         return $this->render('security/login.html.twig', ['last_username' => $lastUsername'error' => $error]);
  48.     }
  50.     #[Route(path'/logout'name'app_logout')]
  51.     public function logout(): void
  52.     {
  53.         throw new \LogicException('This method can be blank - it will be intercepted by the logout key on your firewall.');
  54.     }
  56.     #[Route('/users'name'app_user_index')]
  57.     #[Security("is_granted('ROLE_USER') or is_granted('ROLE_PDV') or is_granted('ROLE_SUP')")]
  58.     public function index(): Response
  59.     {
  60.         // dd($this->userRepository->findAll());
  61.         return $this->render('security/index.html.twig', [
  62.             'users' => $this->userRepository->findAll(),
  63.         ]);
  64.     }
  66.     #[IsGranted('ROLE_SUP')]
  67.     #[Route('/register'name'app_register'methods: ['GET''POST'])]
  68.     public function register(Request $request): Response
  69.     {
  70.         $user = new User();
  72.         $form $this->createForm(UserType::class, $user);
  73.         $form->handleRequest($request);
  75.         if ($form->isSubmitted() && $form->isValid()) {
  77.             //Hash password
  78.             $plainTextPasswors $user->getPassword();
  80.             $hashedPassword $this->passwordHasher->hashPassword(
  81.                 $user,
  82.                 $plainTextPasswors
  83.             );
  85.             $user->setUsername($user->getFirstName() . ' ' $user->getLastName());
  87.             $user->setPassword($hashedPassword);
  89.             $manager $this->doctrine->getManager();
  91.             foreach ($user->getUserRoles() as $role) {
  92.                 $user->addUserRole($role);
  93.                 $role->addUser($user);
  94.                 $manager->persist($role);
  95.             }
  97.             $manager->flush();
  99.             $this->userRepository->save($usertrue);
  101.             $this->addFlash(
  102.                 MessageAlert::$success['type'],
  103.                 MessageAlert::$success['title'] . '' .
  104.                     MessageAlert::$success['message']
  105.             );
  107.             return $this->redirectToRoute('app_user_index', [], Response::HTTP_SEE_OTHER);
  108.         }
  110.         return $this->renderForm('security/registerAdmin.html.twig', [
  111.             'user' => $user,
  112.             'form' => $form,
  113.         ]);
  114.     }
  116.     #[IsGranted('ROLE_SUP')]
  117.     #[Route('/register_without_password'name'app_user_register_wPass'methods: ['GET''POST'])]
  118.     public function registerWithoutPassword(Request $request): Response
  119.     {
  120.         $user = new User();
  122.         $form $this->createForm(UserWithoutPasswordType::class, $user);
  124.         $form->handleRequest($request);
  126.         if ($form->isSubmitted() && $form->isValid()) {
  128.             $plainTextPassword "password";
  130.             $hashedPassword $this->passwordHasher->hashPassword($user$plainTextPassword);
  132.             $user->setPassword($hashedPassword);
  134.             $user->setUsername($user->getFirstName() . ' ' $user->getLastName());
  136.             $manager $this->doctrine->getManager();
  138.             foreach ($user->getUserRoles() as $role) {
  139.                 $user->addUserRole($role);
  140.                 $role->addUser($user);
  141.                 $manager->persist($role);
  142.             }
  144.             $manager->flush();
  146.             $this->userRepository->save($usertrue);
  148.             $this->addFlash(
  149.                 MessageAlert::$success['type'],
  150.                 MessageAlert::$success['title'] . '' .
  151.                     MessageAlert::$success['message']
  152.             );
  154.             return $this->redirectToRoute('app_user_index', [], Response::HTTP_SEE_OTHER);
  155.         }
  157.         return $this->renderForm('security/registerAdmin.html.twig', [
  158.             'user' => $user,
  159.             'form' => $form
  160.         ]);
  161.     }
  164.     #[Route('/{id}'name'app_user_show'methods: ['GET'])]
  165.     public function show(User $user): Response
  166.     {
  167.         return $this->render('security/show.html.twig', [
  168.             'user' => $user,
  169.         ]);
  170.     }
  172.     #[IsGranted('ROLE_SUP')]
  173.     #[Route('/{id}/edit/'name'app_user_edit'methods: ['GET''POST'])]
  174.     public function edit(Request $requestUser $user): Response
  175.     {
  177.         $form $this->createForm(UserType::class, $user);
  178.         $form->handleRequest($request);
  180.         $originalRoles = new ArrayCollection();
  181.         $roles $this->roleRepository->getRoleByUserId($user->getId());
  183.         foreach ($roles as $role) {
  184.             $originalRoles->add($role);
  185.         }
  187.         if ($form->isSubmitted() && $form->isValid()) {
  189.             $user->setUsername($user->getFirstName() . ' ' $user->getLastName());
  192.             $plainTextPasswors $user->getPassword();
  194.             $hashedPassword $this->passwordHasher->hashPassword(
  195.                 $user,
  196.                 $plainTextPasswors
  197.             );
  199.             $user->setPassword($hashedPassword);
  201.             $manager $this->doctrine->getManager();
  204.             foreach ($originalRoles as $role) {
  205.                 if (false === $user->getUserRoles()->contains($role)) {
  206.                     $role->removeUser($user);
  207.                     $user->removeUserRole($role);
  208.                 } else {
  209.                     foreach ($user->getUserRoles() as $role2) {
  210.                         $user->addUserRole($role2);
  211.                         $role2->addUser($user);
  212.                         $manager->persist($role2);
  213.                     }
  214.                 }
  215.             }
  217.             foreach ($user->getUserRoles() as $role) {
  218.                 $role->addUser($user);
  219.                 $manager->persist($role);
  220.             }
  222.             $this->addFlash(
  223.                 MessageAlert::$success['type'],
  224.                 MessageAlert::$success['title'] . '' .
  225.                     MessageAlert::$success['message']
  226.             );
  228.             $manager->flush();
  230.             $this->userRepository->save($usertrue);
  232.             return $this->redirectToRoute('app_user_index', [], Response::HTTP_SEE_OTHER);
  233.         }
  235.         return $this->renderForm('security/edit.html.twig', [
  236.             'form' => $form,
  237.             'user' => $user
  238.         ]);
  239.     }
  241.     #[Security('is_granted("ROLE_USR") or is_granted("ROLE_PDV") or is_granted("ROLE_USR")')]
  242.     #[Route("/{id}/change_password""app_user_ch_password"methods: ['GET''POST'])]
  243.     public function changePassword(Request $requestUser $user): Response
  244.     {
  246.         $form $this->createForm(UserChangePasswordType::class, $user);
  248.         $form->handleRequest($request);
  250.         if ($form->isSubmitted() && $form->isValid()) {
  252.             $holdPassword $request->request->all()['user_change_password']['password'];
  253.             $newPassword $request->request->all()['user_change_password']['newPassword']['first'];
  255.             if ($this->passwordHasher->isPasswordValid($user$holdPassword) === true) {
  258.                 $hashedPassword $this->passwordHasher->hashPassword($user$newPassword);
  260.                 $user->setPassword($hashedPassword);
  262.                 $this->userRepository->save($usertrue);
  264.                 return $this->redirectToRoute('app_logout', [], Response::HTTP_SEE_OTHER);
  265.             }
  266.         }
  269.         return $this->renderForm('security/changePassword.html.twig', [
  270.             'user' => $user,
  271.             'form' => $form,
  272.         ]);
  273.     }
  275.     #[IsGranted('ROLE_SUP')]
  276.     #[Route('/{id}'name'app_user_remove'methods: ['POST'])]
  277.     public function delete(Request $requestUser $user): Response
  278.     {
  280.         if ($this->isCsrfTokenValid('delete'$user->getId(), $request->request->get('_token'))) {
  282.             $this->userRepository->remove($usertrue);
  283.         }
  285.         return $this->redirectToRoute('app_user_index', [], Response::HTTP_SEE_OTHER);
  286.     }
  287. }