738 lines
32 KiB
PHP
738 lines
32 KiB
PHP
|
<?php
|
|||
|
|
|||
|
namespace App\Controller;
|
|||
|
|
|||
|
|
|||
|
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
|||
|
use Symfony\Component\HttpFoundation\Request;
|
|||
|
use Symfony\Component\HttpFoundation\Response;
|
|||
|
use Symfony\Component\HttpFoundation\JsonResponse;
|
|||
|
use Doctrine\Persistence\ManagerRegistry;
|
|||
|
use Symfony\Component\Form\FormError;
|
|||
|
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
|
|||
|
use App\Service\MailService;
|
|||
|
|
|||
|
use Ramsey\Uuid\Uuid;
|
|||
|
|
|||
|
use App\Entity\User;
|
|||
|
use App\Entity\Usergroup;
|
|||
|
use App\Entity\Registration;
|
|||
|
use App\Form\RegistrationType as Form;
|
|||
|
use App\Form\ResetpwdType;
|
|||
|
|
|||
|
class RegistrationController extends AbstractController
|
|||
|
{
|
|||
|
private $data="registration";
|
|||
|
private $entity="App\Entity\Registration";
|
|||
|
private $twig="Registration/";
|
|||
|
private $route="app_admin_registration";
|
|||
|
|
|||
|
private $mail;
|
|||
|
public function __construct(MailService $mail) {
|
|||
|
$this->mail = $mail;
|
|||
|
}
|
|||
|
|
|||
|
public function list($access)
|
|||
|
{
|
|||
|
$appmoderegistration = $this->getParameter('appModeregistration');
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
if($appmoderegistration=="none"||$appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
return $this->render($this->twig.'list.html.twig',[
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => true,
|
|||
|
'access' => $access,
|
|||
|
]);
|
|||
|
}
|
|||
|
|
|||
|
public function tablelist($access, Request $request,ManagerRegistry $em): Response
|
|||
|
{
|
|||
|
|
|||
|
$query=$request->query->all();
|
|||
|
$start=$query['start'];
|
|||
|
$length=$query['length'];
|
|||
|
$search=$query['search'];
|
|||
|
$draw= $query['draw'];
|
|||
|
$ordercolumn=$query['order'][0]['column'];
|
|||
|
$orderdir=$query['order'][0]['dir'];
|
|||
|
|
|||
|
// Nombre total d'enregistrement
|
|||
|
if($access=="admin")
|
|||
|
$total = $em->getManager()->createQueryBuilder()->select('COUNT(entity)')->from($this->entity,'entity')->getQuery()->getSingleScalarResult();
|
|||
|
else {
|
|||
|
$usermodo=$this->getUser();
|
|||
|
$total = $em->getManager()->createQueryBuilder()
|
|||
|
->select('COUNT(entity)')
|
|||
|
->from($this->entity,'entity')
|
|||
|
->from("App:UserModo",'usermodo')
|
|||
|
->where("usermodo.niveau01 = entity.niveau01")
|
|||
|
->andWhere("usermodo.user = :user")
|
|||
|
->setParameter("user", $usermodo)
|
|||
|
->getQuery()->getSingleScalarResult();
|
|||
|
}
|
|||
|
|
|||
|
// Nombre d'enregistrement filtré
|
|||
|
if($search["value"]=="")
|
|||
|
$totalf = $total;
|
|||
|
else {
|
|||
|
if($access=="admin")
|
|||
|
$totalf= $em->getManager()->createQueryBuilder()
|
|||
|
->select('COUNT(entity)')
|
|||
|
->from($this->entity,'entity')
|
|||
|
->where('entity.username LIKE :value')
|
|||
|
->orWhere('entity.email LIKE :value')
|
|||
|
->setParameter("value", "%".$search["value"]."%")
|
|||
|
->getQuery()
|
|||
|
->getSingleScalarResult();
|
|||
|
else
|
|||
|
$totalf= $em->getManager()->createQueryBuilder()
|
|||
|
->select('COUNT(entity)')
|
|||
|
->from($this->entity,'entity')
|
|||
|
->from("App:UserModo",'usermodo')
|
|||
|
->where('entity.username LIKE :value OR entity.email LIKE :value')
|
|||
|
->andWhere("usermodo.niveau01 = entity.niveau01")
|
|||
|
->andWhere("usermodo.user = :user")
|
|||
|
->setParameter("value", "%".$search["value"]."%")
|
|||
|
->setParameter("user", $usermodo)
|
|||
|
->getQuery()
|
|||
|
->getSingleScalarResult();
|
|||
|
}
|
|||
|
|
|||
|
// Construction du tableau de retour
|
|||
|
$output = array(
|
|||
|
'draw' => $draw,
|
|||
|
'recordsFiltered' => $totalf,
|
|||
|
'recordsTotal' => $total,
|
|||
|
'data' => array(),
|
|||
|
);
|
|||
|
|
|||
|
// Parcours des Enregistrement
|
|||
|
$qb = $em->getManager()->createQueryBuilder();
|
|||
|
if($this->isGranted('ROLE_ADMIN')) {
|
|||
|
$qb->select('entity')->from($this->entity,'entity')->from('App:Niveau01','niveau01');
|
|||
|
$qb->where('entity.niveau01=niveau01.id');
|
|||
|
}
|
|||
|
else{
|
|||
|
$qb->select('entity')->from($this->entity,'entity')->from('App:Niveau01','niveau01')->from("App:UserModo",'usermodo');
|
|||
|
$qb->where('entity.niveau01=niveau01.id')
|
|||
|
->andWhere("usermodo.niveau01 = entity.niveau01")
|
|||
|
->andWhere("usermodo.user = :user")
|
|||
|
->setParameter("user", $usermodo);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
if($search["value"]!="") {
|
|||
|
$qb ->andWhere('entity.username LIKE :value OR entity.email LIKE :value OR niveau01.label LIKE :value')
|
|||
|
->setParameter("value", "%".$search["value"]."%");
|
|||
|
}
|
|||
|
switch($ordercolumn) {
|
|||
|
case 1 :
|
|||
|
$qb->orderBy('entity.username',$orderdir);
|
|||
|
break;
|
|||
|
|
|||
|
case 2 :
|
|||
|
$qb->orderBy('entity.email',$orderdir);
|
|||
|
break;
|
|||
|
|
|||
|
case 3 :
|
|||
|
$qb->orderBy('entity.label',$orderdir);
|
|||
|
break;
|
|||
|
|
|||
|
case 4 :
|
|||
|
$qb->orderBy('entity.statut',$orderdir);
|
|||
|
break;
|
|||
|
|
|||
|
case 5 :
|
|||
|
$qb->orderBy('entity.keyexpire',$orderdir);
|
|||
|
break;
|
|||
|
}
|
|||
|
|
|||
|
$datas=$qb->setFirstResult($start)->setMaxResults($length)->getQuery()->getResult();
|
|||
|
|
|||
|
foreach($datas as $data) {
|
|||
|
$action ="";
|
|||
|
// Si inscription non périmée
|
|||
|
if($data->getStatut()<=2) {
|
|||
|
$action.="<a href='".$this->generateUrl('app_'.$access.'_registration_update', array('id'=>$data->getId()))."'><i class='fa fa-envelope fa-2x fa-fw'></i></a>";
|
|||
|
}
|
|||
|
|
|||
|
$statut="";
|
|||
|
switch($data->getStatut()) {
|
|||
|
case 1: $statut='En attente validation Administration'; break;
|
|||
|
case 2: $statut='En attente validation Utilisateur'; break;
|
|||
|
case 3: $statut='Inscription expirée'; break;
|
|||
|
}
|
|||
|
|
|||
|
array_push($output["data"],array(
|
|||
|
$action,
|
|||
|
$data->getUsername(),
|
|||
|
$data->getEmail(),
|
|||
|
$data->getNiveau01()->getLabel(),
|
|||
|
$statut,
|
|||
|
(is_null($data->getKeyexpire())?"":$data->getKeyexpire()->format('d/m/Y H:i:s'))
|
|||
|
));
|
|||
|
}
|
|||
|
|
|||
|
// Retour
|
|||
|
return new JsonResponse($output);
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
|
|||
|
public function submit(Request $request,ManagerRegistry $em): Response
|
|||
|
{
|
|||
|
$appmoderegistration = $this->getParameter('appModeregistration');
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
|
|||
|
if($appmoderegistration=="none"||$appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
$data = new Registration();
|
|||
|
$data->setIsvisible(true);
|
|||
|
|
|||
|
// Création du formulaire
|
|||
|
$form = $this->createForm(Form::class,$data,array(
|
|||
|
"mode"=>"submit",
|
|||
|
"access"=>"user",
|
|||
|
"userid"=>null,
|
|||
|
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
|
|||
|
"appNiveau01label"=>$this->GetParameter("appNiveau01label"),
|
|||
|
"appNiveau02label"=>$this->GetParameter("appNiveau02label"),
|
|||
|
));
|
|||
|
|
|||
|
// Récupération des data du formulaire
|
|||
|
$form->handleRequest($request);
|
|||
|
|
|||
|
// si mode de registration byuser
|
|||
|
if($appmoderegistration=="byuser") {
|
|||
|
$idstatut=2;
|
|||
|
}
|
|||
|
else {
|
|||
|
// On recherche le domaine du mail dans la liste blanche
|
|||
|
$email=explode("@",$data->getEmail());
|
|||
|
$domaine=end($email);
|
|||
|
$whitelist = $em->getRepository("App\Entity\Whitelist")->findBy(["label"=>$domaine]);
|
|||
|
$idstatut=(!$whitelist?1:2);
|
|||
|
}
|
|||
|
$data->setStatut($idstatut);
|
|||
|
|
|||
|
// Sur erreur
|
|||
|
$this->getErrorForm(null,$form,$request,$data,"submit",$idstatut);
|
|||
|
|
|||
|
// Sur validation
|
|||
|
if ($form->get('submit')->isClicked() && $form->isValid()) {
|
|||
|
$data = $form->getData();
|
|||
|
|
|||
|
$appname = $request->getSession()->get('appname');
|
|||
|
$noreply = $this->getParameter('appMailnoreply');
|
|||
|
$appModeregistrationterme = $this->getParameter('appModeregistrationterme');
|
|||
|
|
|||
|
// si non : validation par administrateur
|
|||
|
if($idstatut==1) {
|
|||
|
// Email à destination de l'inscript pour le prévenir qu'un administrateur doit valider
|
|||
|
$subject=$appname." : Inscription en cours de validation";
|
|||
|
$body="Votre inscription a bien été enregistrée.<br>Cependant, un administrateur doit encore valider votre inscription avant que celle-ci ne devienne effective.<br><br>Vous recevrez un mail quand votre inscription sera validée";
|
|||
|
$info=$body;
|
|||
|
$to = $data->getEmail();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
|
|||
|
// Email à l'ensemble administrateurs pour les prévenir qu'il y a une personne à valider
|
|||
|
$url = $this->generateUrl('app_admin_registration', [], UrlGeneratorInterface::ABSOLUTE_URL);
|
|||
|
$to=array();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$subject=$appname." : Inscription à valider";
|
|||
|
$motivation = "Login = ".$data->getUsername()."<br>";
|
|||
|
$motivation.= "Nom = ".$data->getLastname()."<br>";
|
|||
|
$motivation.= "Prénom = ".$data->getFirstname()."<br>";
|
|||
|
$motivation.= "Mail = ".$data->getEmail()."<br>";
|
|||
|
$motivation.= $this->getParameter("appNiveau01label")." = ".$data->getNiveau01()->getLabel();
|
|||
|
$motivation.= $data->getMotivation();
|
|||
|
$body="Un utilisateur dont le mail n’est pas en liste blanche souhaite s’inscrire à ".$appname.".\nMerci d’approuver son inscription pour finaliser celle-ci.<br><br>Veuillez vérifier cette inscription à cette adresse:<br><a href='$url'>$url</a><br><br>".$motivation;
|
|||
|
$emailadmins= $em ->getManager()->createQueryBuilder()
|
|||
|
->select('table.email')
|
|||
|
->from("App:User",'table')
|
|||
|
->where('table.roles LIKE :value')
|
|||
|
->setParameter("value", "%ROLE_ADMIN%")
|
|||
|
->getQuery()
|
|||
|
->getResult(\Doctrine\ORM\Query::HYDRATE_SCALAR);
|
|||
|
foreach($emailadmins as $emailadmin) {
|
|||
|
array_push($to,$emailadmin["email"]);
|
|||
|
}
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
|
|||
|
// Email à l'ensemble des modérateurs du service pour les prévenir qu'il y a une personne à valider
|
|||
|
$niveau01id=$data->getNiveau01()->getId();
|
|||
|
$url = $this->generateUrl('app_modo_registration', [], UrlGeneratorInterface::ABSOLUTE_URL);
|
|||
|
$to=array();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$subject=$appname." : Inscription à valider";
|
|||
|
$motivation = "Login = ".$data->getUsername()."<br>";
|
|||
|
$motivation.= "Nom = ".$data->getLastname()."<br>";
|
|||
|
$motivation.= "Prénom = ".$data->getFirstname()."<br>";
|
|||
|
$motivation.= "Mail = ".$data->getEmail()."<br>";
|
|||
|
$motivation.= $this->getParameter("appNiveau01label")." = ".$data->getNiveau01()->getLabel();
|
|||
|
$motivation.= $data->getMotivation();
|
|||
|
$body="Un utilisateur dont le mail n’est pas en liste blanche souhaite s’inscrire à ".$appname.".\nMerci d’approuver son inscription pour finaliser celle-ci.<br><br>Veuillez vérifier cette inscription à cette adresse:<br><a href='$url'>$url</a><br><br>".$motivation;
|
|||
|
$emailmodos= $em ->getManager()->createQueryBuilder()
|
|||
|
->select('user.email')
|
|||
|
->from("App:UserModo",'usermodo')
|
|||
|
->from("App:User",'user')
|
|||
|
->where("usermodo.niveau01 = :niveau01id")
|
|||
|
->andWhere("user.id = usermodo.user")
|
|||
|
->andWhere('user.roles LIKE :value')
|
|||
|
->setParameter("niveau01id", $niveau01id)
|
|||
|
->setParameter("value", "%ROLE_MODO%")
|
|||
|
->getQuery()
|
|||
|
->getResult(\Doctrine\ORM\Query::HYDRATE_SCALAR);
|
|||
|
foreach($emailmodos as $emailmodo) {
|
|||
|
array_push($to,$emailmodo["email"]);
|
|||
|
}
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
|
|||
|
}
|
|||
|
|
|||
|
// si oui : Domaine de confiance : email de validation d'inscription directement à l'utilisateur
|
|||
|
else {
|
|||
|
// Génération de la date de fin de validité de la clé
|
|||
|
$keyexpire=new \DateTime();
|
|||
|
$keyexpire->add(new \DateInterval('PT'.$appModeregistrationterme.'H'));
|
|||
|
|
|||
|
// Enregistrement des valeurs
|
|||
|
$data->setKeyvalue(Uuid::uuid4());
|
|||
|
$data->setKeyexpire($keyexpire);
|
|||
|
|
|||
|
// Email à l'utilisateur
|
|||
|
$url = $this->generateUrl('app_registration_validation', array("key"=>$data->getKeyvalue()), UrlGeneratorInterface::ABSOLUTE_URL);
|
|||
|
$subject=$appname." : confirmation de validation";
|
|||
|
$body="<p>Merci de confirmer votre inscription en cliquant sur le lien suivant</p><p><a href='".$url."'>".$url."</a></p><br><p>Attention vous disposez d’un délai de 8 heures pour le faire. Passé ce délai, vous devrez vous réinscrire.</p>";
|
|||
|
$info="Vous allez recevoir un mail de confirmation pour finaliser votre inscription";
|
|||
|
$to = $data->getEmail();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
}
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->persist($data);
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
// A voir retour sur un écran d'info indiquant si validation par admion ou s'il doit matter ses email
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', "info");
|
|||
|
$request->getSession()->set('registrationredirectto', null);
|
|||
|
|
|||
|
return $this->redirectToRoute('app_registration_info');
|
|||
|
}
|
|||
|
else {
|
|||
|
return $this->render($this->twig.'edit.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => false,
|
|||
|
'maxsize' => 1200,
|
|||
|
$this->data => $data,
|
|||
|
'mode' => 'submit',
|
|||
|
'form' => $form->createView()
|
|||
|
]);
|
|||
|
}
|
|||
|
|
|||
|
}
|
|||
|
public function info(Request $request)
|
|||
|
{
|
|||
|
$info = $request->getSession()->get('registrationinfo');
|
|||
|
$mode = $request->getSession()->get('registrationmode');
|
|||
|
$redirectto = $request->getSession()->get('registrationredirectto');
|
|||
|
|
|||
|
|
|||
|
return $this->render($this->twig.'info.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => false,
|
|||
|
'maxwidth' => true,
|
|||
|
'info' => $info,
|
|||
|
'mode' => $mode,
|
|||
|
'redirectto' => $redirectto,
|
|||
|
]);
|
|||
|
}
|
|||
|
|
|||
|
public function update($id,$access,Request $request,ManagerRegistry $em): Response
|
|||
|
{
|
|||
|
$appname = $request->getSession()->get('appname');
|
|||
|
$noreply = $this->getParameter('appMailnoreply');
|
|||
|
$appModeregistrationterme = $this->getParameter('appModeregistrationterme');
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
|
|||
|
if($appModeregistrationterme=="none"||$appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
// Initialisation de l'enregistrement
|
|||
|
$data=$em->getRepository($this->entity)->find($id);
|
|||
|
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
|
|||
|
|
|||
|
// Controler les permissions
|
|||
|
$this->canupdate($access,$data,$em);
|
|||
|
|
|||
|
// Création du formulaire
|
|||
|
$form = $this->createForm(Form::class,$data,array(
|
|||
|
"mode"=>"update",
|
|||
|
"access"=>$access,
|
|||
|
"userid"=>$this->getUser()->getId(),
|
|||
|
"appMasteridentity"=>$this->GetParameter("appMasteridentity"),
|
|||
|
"appNiveau01label"=>$this->GetParameter("appNiveau01label"),
|
|||
|
"appNiveau02label"=>$this->GetParameter("appNiveau02label"),
|
|||
|
));
|
|||
|
|
|||
|
// Récupération des data du formulaire
|
|||
|
$form->handleRequest($request);
|
|||
|
|
|||
|
// Sur validation
|
|||
|
if ($form->get('save')->isClicked() && $form->isValid()) {
|
|||
|
$data = $form->getData();
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
// Retour à la liste
|
|||
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|||
|
}
|
|||
|
|
|||
|
// Sur validation
|
|||
|
if ($form->get('submit')->isClicked() && $form->isValid()) {
|
|||
|
$data = $form->getData();
|
|||
|
|
|||
|
$appname = $request->getSession()->get('appname');
|
|||
|
$noreply = $this->getParameter('appMailnoreply');
|
|||
|
$appModeregistrationterme = $this->getParameter('appModeregistrationterme');
|
|||
|
|
|||
|
// Génération de la date de fin de validité de la clé
|
|||
|
$keyexpire=new \DateTime();
|
|||
|
$keyexpire->add(new \DateInterval('PT'.$appModeregistrationterme.'H'));
|
|||
|
|
|||
|
// Enregistrement des valeurs
|
|||
|
$data->setKeyvalue(Uuid::uuid4());
|
|||
|
$data->setKeyexpire($keyexpire);
|
|||
|
|
|||
|
// Statut en attente validation utilisateur
|
|||
|
$data->setStatut(2);
|
|||
|
|
|||
|
// Email à l'utilisateur
|
|||
|
$url = $this->generateUrl('app_registration_validation', array("key"=>$data->getKeyvalue()), UrlGeneratorInterface::ABSOLUTE_URL);
|
|||
|
$subject=$appname." : confirmation de validation";
|
|||
|
$body="<p>Merci de confirmer votre inscription en cliquant sur le lien suivant</p><p><a href='".$url."'>".$url."</a></p><br><p>Attention vous disposez d’un délai de 8 heures pour le faire. Passé ce délai, vous devrez vous réinscrire.</p>";
|
|||
|
$to = $data->getEmail();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
// Retour à la liste
|
|||
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|||
|
}
|
|||
|
|
|||
|
// Affichage du formulaire
|
|||
|
return $this->render($this->twig.'edit.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => true,
|
|||
|
$this->data => $data,
|
|||
|
'mode' => 'update',
|
|||
|
'access' => $access,
|
|||
|
'form' => $form->createView()
|
|||
|
]);
|
|||
|
}
|
|||
|
|
|||
|
public function validation($key,Request $request,ManagerRegistry $em)
|
|||
|
{
|
|||
|
$appmoderegistration = $this->getParameter('appModeregistration');
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
|
|||
|
if($appmoderegistration=="none"||$appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
$now=new \DateTime();
|
|||
|
|
|||
|
$data = $em ->getManager()->createQueryBuilder()
|
|||
|
->select('entity')
|
|||
|
->from($this->entity,'entity')
|
|||
|
->where('entity.keyvalue= :key')
|
|||
|
->andWhere('entity.keyexpire >= :date')
|
|||
|
->setParameter("key", $key)
|
|||
|
->setParameter("date", $now)
|
|||
|
->getQuery()
|
|||
|
->getSingleResult();
|
|||
|
|
|||
|
if(!$data) {
|
|||
|
$info="Clé de validation invalide";
|
|||
|
$mode="danger";
|
|||
|
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', $mode);
|
|||
|
$request->getSession()->set('registrationredirectto', null);
|
|||
|
}
|
|||
|
else {
|
|||
|
$url=$this->generateUrl('app_login');
|
|||
|
$info="<p>Votre compte est à présent activé</p><p>Vous allez être redirigé vers la mire de connexion</p><p><a href='".$url."'>Connexion</a>";
|
|||
|
$mode="success";
|
|||
|
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', $mode);
|
|||
|
|
|||
|
// Initialisation de l'enregistrement
|
|||
|
$user = new User();
|
|||
|
$user->setAvatar("noavatar.png");
|
|||
|
$user->setUsername($data->getUsername());
|
|||
|
$user->setEmail($data->getEmail());
|
|||
|
$user->setLastname($data->getLastname());
|
|||
|
$user->setFirstname($data->getFirstname());
|
|||
|
$user->setSalt($data->getSalt());
|
|||
|
$user->setPasswordDirect($data->getPassword());
|
|||
|
$user->setIsvisible($data->isIsvisible());
|
|||
|
$user->setMotivation($data->getMotivation());
|
|||
|
$user->setNote($data->getNote());
|
|||
|
$user->setApikey(Uuid::uuid4());
|
|||
|
|
|||
|
$user->setNiveau01($data->getNiveau01());
|
|||
|
$user->setNiveau02($data->getNiveau02());
|
|||
|
|
|||
|
$user->setTelephonenumber($data->getTelephonenumber());
|
|||
|
$user->setPostaladress($data->getPostaladress());
|
|||
|
$user->setJob($data->getJob());
|
|||
|
$user->setPosition($data->getPosition());
|
|||
|
$user->setRoles(["ROLE_USER"]);
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->persist($user);
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
// Suppression inscription
|
|||
|
$em->getManager()->remove($data);
|
|||
|
$em->getManager()->flush();
|
|||
|
}
|
|||
|
|
|||
|
return $this->redirectToRoute('app_registration_info');
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
public function delete($id,$access,Request $request,ManagerRegistry $em)
|
|||
|
{
|
|||
|
// Récupération de l'enregistrement courant
|
|||
|
$data=$em->getRepository($this->entity)->find($id);
|
|||
|
if (!$data) throw $this->createNotFoundException('Unable to find entity.');
|
|||
|
|
|||
|
// Controler les permissions
|
|||
|
$this->candelete($access,$data,$em);
|
|||
|
|
|||
|
|
|||
|
// Tentative de suppression
|
|||
|
try{
|
|||
|
$em->getManager()->remove($data);
|
|||
|
$em->getManager()->flush();
|
|||
|
}
|
|||
|
catch (\Exception $e) {
|
|||
|
$request->getSession()->getFlashBag()->add("error", $e->getMessage());
|
|||
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route)."_update",["id"=>$id]);
|
|||
|
}
|
|||
|
|
|||
|
return $this->redirectToRoute(str_replace("_admin_","_".$access."_",$this->route));
|
|||
|
}
|
|||
|
|
|||
|
public function resetpwd01(Request $request,ManagerRegistry $em)
|
|||
|
{
|
|||
|
$appmoderegistration = $this->getParameter('appModeregistration');
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
if($appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
// Création du formulaire
|
|||
|
$form = $this->createForm(ResetpwdType::class,null,array("mode"=>"resetpwd01"));
|
|||
|
|
|||
|
// Récupération des data du formulaire
|
|||
|
$form->handleRequest($request);
|
|||
|
$data = $form->getData();
|
|||
|
|
|||
|
if ($form->get('submit')->isClicked()) {
|
|||
|
$user=$em->getRepository("App\Entity\User")->findOneby(["email"=>$data->getEmail()]);
|
|||
|
|
|||
|
// On s'assure que le mail existe dans la base des utilisateurs
|
|||
|
if(!$user) {
|
|||
|
$request->getSession()->getFlashBag()->add("error", 'Mail inconnu');
|
|||
|
|
|||
|
// Affichage du formulaire
|
|||
|
dump("here");
|
|||
|
return $this->render($this->twig.'resetpwd01.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => false,
|
|||
|
'maxsize' => 1200,
|
|||
|
'form' => $form->createView()
|
|||
|
]);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
// Sur validation
|
|||
|
if ($form->get('submit')->isClicked()) {
|
|||
|
$user=$em->getRepository("App\Entity\User")->findOneby(["email"=>$data->getEmail()]);
|
|||
|
|
|||
|
$appname = $request->getSession()->get('appname');
|
|||
|
$noreply = $this->getParameter('appMailnoreply');
|
|||
|
$appModeregistrationterme = $this->getParameter('appModeregistrationterme');
|
|||
|
|
|||
|
// Génération de la date de fin de validité de la clé
|
|||
|
$keyexpire=new \DateTime();
|
|||
|
$keyexpire->add(new \DateInterval('PT'.$appModeregistrationterme.'H'));
|
|||
|
|
|||
|
// Enregistrement des valeurs
|
|||
|
$user->setKeyvalue(Uuid::uuid4());
|
|||
|
$user->setKeyexpire($keyexpire);
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
// Email au user
|
|||
|
$url = $this->generateUrl('app_resetpwd02', array("key"=>$user->getKeyvalue()), UrlGeneratorInterface::ABSOLUTE_URL);
|
|||
|
$subject=$appname." : réinitialisation mot de passe";
|
|||
|
$body="<p>Merci de réinitialiser votre mot de passe en cliquant sur le lien suivant</p><p><a href='".$url."'>".$url."</a></p><br><p>Attention vous disposez d’un délai de ".$appModeregistrationterme." heures pour le faire.</p><p>Vous pourrez par la suite vous connecter avec votre login : ".$user->getUsername()."</p>";
|
|||
|
$to = $user->getEmail();
|
|||
|
$from = $noreply;
|
|||
|
$fromName = $appname;
|
|||
|
$this->mail->sendEmail($subject, $body, $to, $from, $fromName);
|
|||
|
|
|||
|
// Info
|
|||
|
$info="Vous allez recevoir un mail avec lien qui vous permettra de réinitialiser votre mot de passe";
|
|||
|
$mode="info";
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', $mode);
|
|||
|
$request->getSession()->set('registrationredirectto', null);
|
|||
|
|
|||
|
return $this->redirectToRoute('app_registration_info');
|
|||
|
}
|
|||
|
|
|||
|
// Affichage du formulaire
|
|||
|
return $this->render($this->twig.'resetpwd01.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => false,
|
|||
|
'maxsize' => 1200,
|
|||
|
'form' => $form->createView()
|
|||
|
]);
|
|||
|
}
|
|||
|
|
|||
|
public function resetpwd02($key,Request $request,ManagerRegistry $em)
|
|||
|
{
|
|||
|
$appMasteridentity = $this->getParameter('appMasteridentity');
|
|||
|
if($appMasteridentity!="SQL")
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
|
|||
|
$now=new \DateTime();
|
|||
|
|
|||
|
$user = $em ->getManager()->createQueryBuilder()
|
|||
|
->select('table')
|
|||
|
->from("App:User",'table')
|
|||
|
->where('table.keyvalue= :key')
|
|||
|
->andWhere('table.keyexpire >= :date')
|
|||
|
->setParameter("key", $key)
|
|||
|
->setParameter("date", $now)
|
|||
|
->getQuery()
|
|||
|
->getSingleResult();
|
|||
|
|
|||
|
if(!$user) {
|
|||
|
$info="Clé de validation invalide";
|
|||
|
$mode="danger";
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', $mode);
|
|||
|
$request->getSession()->set('registrationredirectto', null);
|
|||
|
return $this->redirectToRoute('app_registration_info');
|
|||
|
}
|
|||
|
else {
|
|||
|
// Création du formulaire
|
|||
|
$form = $this->createForm(ResetpwdType::class,$user,array("mode"=>"resetpwd02"));
|
|||
|
|
|||
|
// Récupération des data du formulaire
|
|||
|
$form->handleRequest($request);
|
|||
|
|
|||
|
if ($form->get('submit')->isClicked() && $form->isValid()) {
|
|||
|
$data = $form->getData();
|
|||
|
$user->setKeyvalue(null);
|
|||
|
$user->setKeyexpire(null);
|
|||
|
$user->setPassword($data->getPassword());
|
|||
|
|
|||
|
// Sauvegarde
|
|||
|
$em->getManager()->flush();
|
|||
|
|
|||
|
$url=$this->generateUrl('app_login');
|
|||
|
$info="<p>Nouveau mot de passe prise en compte</p><p>Vous allez être redirigé vers la mire de connexion</p><p><a href='".$url."'>Connexion</a>";
|
|||
|
$mode="success";
|
|||
|
$request->getSession()->set('registrationinfo', $info);
|
|||
|
$request->getSession()->set('registrationmode', $mode);
|
|||
|
$request->getSession()->set('registrationredirectto', null);
|
|||
|
return $this->redirectToRoute('app_registration_info');
|
|||
|
}
|
|||
|
|
|||
|
// Affichage du formulaire
|
|||
|
return $this->render($this->twig.'resetpwd02.html.twig', [
|
|||
|
'useheader' => true,
|
|||
|
'usemenu' => false,
|
|||
|
'usesidebar' => false,
|
|||
|
'maxsize' => 1200,
|
|||
|
'form' => $form->createView()
|
|||
|
]);
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
private function canupdate($access,$entity,$em) {
|
|||
|
switch($access) {
|
|||
|
case "admin" : return true; break;
|
|||
|
case "modo" :
|
|||
|
$usermodo=$em->getRepository("App\Entity\UserModo")->findOneBy(["user"=>$this->getUser(),"niveau01"=>$entity->getNiveau01()]);
|
|||
|
if(!$usermodo) throw $this->createAccessDeniedException('Permission denied');
|
|||
|
return true;
|
|||
|
break;
|
|||
|
}
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
}
|
|||
|
|
|||
|
private function candelete($access,$entity,$em) {
|
|||
|
switch($access) {
|
|||
|
case "admin" : return true; break;
|
|||
|
case "modo" :
|
|||
|
$usermodo=$em->getRepository("App\Entity\UserModo")->findOneBy(["user"=>$this->getUser(),"niveau01"=>$entity->getNiveau01()]);
|
|||
|
if(!$usermodo) throw $this->createAccessDeniedException('Permission denied');
|
|||
|
return true;
|
|||
|
break;
|
|||
|
}
|
|||
|
throw $this->createAccessDeniedException('Permission denied');
|
|||
|
}
|
|||
|
|
|||
|
protected function getErrorForm($id,$form,$request,$data,$mode,$idstatut) {
|
|||
|
if ($form->get('submit')->isClicked() && $mode=="submit") {
|
|||
|
// Si validation par administrateur demander une motivation
|
|||
|
$appmoderegistration = $this->getParameter('appModeregistration');
|
|||
|
if(is_null($data->getMotivation())&&$appmoderegistration=="byadmin") {
|
|||
|
// On recherche le domaine du mail dans la liste blanche
|
|||
|
$email=explode("@",$data->getEmail());
|
|||
|
$domaine=end($email);
|
|||
|
$whitelist = $this->getDoctrine()->getManager()->getRepository("App\Entity\Whitelist")->findBy(["label"=>$domaine]);
|
|||
|
if(!$whitelist)
|
|||
|
$form->addError(new FormError("Attention, le suffixe de votre adresse mail n’est pas dans la liste des administrations autorisées, merci de bien vouloir privilégier votre adresse professionnelle si vous en avez une.<br>Si ce n’est pas le cas, il faut que vous renseigniez la case motivation de votre demande"));
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
if ($form->get('submit')->isClicked() && !$form->isValid()) {
|
|||
|
$errors = $form->getErrors();
|
|||
|
foreach( $errors as $error ) {
|
|||
|
$request->getSession()->getFlashBag()->add("error", $error->getMessage());
|
|||
|
$request->getSession()->getFlashBag()->add("error", $error->getMessage());
|
|||
|
}
|
|||
|
}
|
|||
|
}
|
|||
|
|
|||
|
|
|||
|
}
|