src/AdminFOSUserBundle/Controller/AdminResettingController.php line 176

Open in your IDE?
  1. <?php
  3. /*
  4. * This file is part of the Sonata Project package.
  5. *
  6. * (c) Thomas Rabaix <thomas.rabaix@sonata-project.org>
  7. *
  8. * For the full copyright and license information, please view the LICENSE
  9. * file that was distributed with this source code.
  10. */
  12. namespace AdminFOSUserBundle\Controller;
  14. use AdminBundle\Entity\Booking;
  15. use AdminBundle\Entity\BookingHistory;
  16. use AdminBundle\Entity\BookingReview;
  17. use AdminBundle\WebSockets\NotificationPusher;
  18. use FOS\UserBundle\Util\TokenGeneratorInterface;
  19. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  20. use Symfony\Component\HttpFoundation\JsonResponse;
  21. use Symfony\Component\HttpFoundation\RedirectResponse;
  22. use Symfony\Component\HttpFoundation\Request;
  23. use Symfony\Component\HttpFoundation\Response;
  24. use Symfony\Component\Security\Core\Exception\AccountStatusException;
  26. class AdminResettingController extends AbstractController
  27. {
  28. /**
  29. * @param Request $request
  30. * @return Response
  31. */
  32. public function requestAction(Request $request)
  33. {
  34. if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  35. return $this->get('authentication.handler.login_success_handler')->onAuthenticationSuccess($request, $this->get('security.token_storage')->getToken());
  36. }
  38. return $this->render('@SonataUser/Admin/Security/Resetting/request.html.twig', array(
  39. 'base_template' => $this->get('sonata.admin.pool')->getTemplate('layout'),
  40. 'admin_pool' => $this->get('sonata.admin.pool'),
  41. ));
  42. }
  44. /**
  45. * @param Request $request
  46. *
  47. * @return Response
  48. */
  49. public function sendEmailAction(Request $request)
  50. {
  51. $username = $request->request->get('username');
  53. $userManager = $this->get('sonata.user.user_manager');
  55. $user = $userManager->findUserByUsernameOrEmail($username);
  57. $ttl = $this->container->getParameter('fos_user.resetting.retry_ttl');
  59. if (null !== $user && !$user->isPasswordRequestNonExpired($ttl)) {
  60. if (!$user->isAccountNonLocked()) {
  61. return new RedirectResponse($this->get('router')->generate('sonata_user_admin_resetting_request'));
  62. }
  64. if (null === $user->getConfirmationToken()) {
  65. /** @var $tokenGenerator TokenGeneratorInterface */
  66. $tokenGenerator = $this->get('fos_user.util.token_generator');
  67. $user->setConfirmationToken($tokenGenerator->generateToken());
  68. }
  70. $this->get('security.service')->sendResettingEmailMessage($user);
  71. $user->setPasswordRequestedAt(new \DateTime());
  72. $userManager->save($user);
  73. }
  75. return new RedirectResponse($this->generateUrl('sonata_user_admin_resetting_check_email', array(
  76. 'username' => $username,
  77. )));
  78. }
  80. /**
  81. * @param Request $request
  82. *
  83. * @return Response
  84. */
  85. public function checkEmailAction(Request $request)
  86. {
  87. $username = $request->query->get('username');
  89. if (empty($username)) {
  90. // the user does not come from the sendEmail action
  91. return new RedirectResponse($this->generateUrl('sonata_user_admin_resetting_request'));
  92. }
  94. return $this->render('@SonataUser/Admin/Security/Resetting/checkEmail.html.twig', array(
  95. 'base_template' => $this->get('sonata.admin.pool')->getTemplate('layout'),
  96. 'admin_pool' => $this->get('sonata.admin.pool'),
  97. 'tokenLifetime' => ceil($this->container->getParameter('fos_user.resetting.retry_ttl') / 3600),
  98. ));
  99. }
  101. /**
  102. * @param Request $request
  103. * @param string $token
  104. *
  105. * @return Response
  106. */
  107. public function resetAction(Request $request, $token)
  108. {
  109. if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
  110. return $this->get('authentication.handler.login_success_handler')->onAuthenticationSuccess($request, $this->get('security.token_storage')->getToken());
  111. }
  113. /** @var $formFactory \FOS\UserBundle\Form\Factory\FactoryInterface */
  114. $formFactory = $this->get('fos_user.resetting.form.factory');
  115. $userManager = $this->get('sonata.user.user_manager');
  116. /** @var $loginManager \FOS\UserBundle\Security\LoginManagerInterface */
  117. $loginManager = $this->get('fos_user.security.login_manager');
  119. $user = $userManager->findUserByConfirmationToken($token);
  121. $firewallName = $this->container->getParameter('fos_user.firewall_name');
  123. if (null === $user) {
  124. $this->get('session')->getFlashBag()->add('danger', sprintf('The user with "confirmation token" does not exist for value "%s"', $token));
  125. return new RedirectResponse($this->generateUrl('sonata_user_admin_security_login'));
  126. }
  128. if (!$user->isPasswordRequestNonExpired($this->container->getParameter('fos_user.resetting.token_ttl'))) {
  129. return new RedirectResponse($this->generateUrl('sonata_user_admin_resetting_request'));
  130. }
  132. $form = $formFactory->createForm();
  133. $form->setData($user);
  135. $form->handleRequest($request);
  137. if ($form->isSubmitted() && $form->isValid()) {
  138. $user->setConfirmationToken(null);
  139. $user->setPasswordRequestedAt(null);
  140. $user->setEnabled(true);
  142. $message = $this->get('translator')->trans('resetting.flash.success', array(), 'FOSUserBundle');
  143. $this->addFlash('success', $message);
  144. $response = new RedirectResponse($this->generateUrl('sonata_admin_dashboard'));
  146. try {
  147. $loginManager->logInUser($firewallName, $user, $response);
  148. $response = $this->get('authentication.handler.login_success_handler')->onAuthenticationSuccess($request, $this->get('security.token_storage')->getToken());
  149. $user->setLastLogin(new \DateTime());
  150. } catch (AccountStatusException $ex) {
  151. // We simply do not authenticate users which do not pass the user
  152. // checker (not enabled, expired, etc.).
  153. if ($this->has('logger')) {
  154. $this->get('logger')->warning(sprintf(
  155. 'Unable to login user %d after password reset',
  156. $user->getId())
  157. );
  158. }
  159. }
  161. $userManager->save($user);
  163. return $response;
  164. }
  166. return $this->render('@SonataUser/Admin/Security/Resetting/reset.html.twig', array(
  167. 'token' => $token,
  168. 'form' => $form->createView(),
  169. 'base_template' => $this->get('sonata.admin.pool')->getTemplate('layout'),
  170. 'admin_pool' => $this->get('sonata.admin.pool'),
  171. ));
  172. }
  174. public function privacyAction(Request $request)
  175. {
  176. return $this->render('@SonataUser/Admin/privacy.html.twig');
  177. }
  179. public function appAction(Request $request)
  180. {
  181. return $this->render('SonataUserBundle:Admin:app.html.twig');
  182. }
  186. public function bookingReviewAction($id, Request $request)
  187. {
  188. $em = $this->getDoctrine()->getManager();
  189. $booking = $this->get('doctrine')->getRepository(Booking::class)->findOneBy([
  190. 'key' => $id,
  191. ]);
  193. if (!$booking) {
  194. return new JsonResponse([
  195. "status" => 400,
  196. "message" => "Invalid booking key.",
  197. ]);
  198. }
  200. if (empty($booking->getDriver())) {
  201. return new JsonResponse([
  202. "status" => 400,
  203. "message" => "This booking has no driver.",
  204. ]);
  205. }
  207. $user = $booking->getClientUser();
  209. if (empty($user)) {
  210. return new JsonResponse([
  211. "status" => 403,
  212. "message" => "You are not allowed to review this booking.",
  213. ]);
  214. }
  216. $securityService = $this->get('security.service');
  217. $roles = $securityService->isRoleClientOrCompany($user->getRoles());
  219. if (empty($roles)) {
  220. return new JsonResponse([
  221. "status" => 403,
  222. "message" => "You are not allowed to review this booking.",
  223. ]);
  224. }
  226. $review = $this->get('doctrine')->getRepository(BookingReview::class)->findOneBy([
  227. 'booking' => $booking->getId(), 'client' => $user->getId(),
  228. ]);
  230. $review_rating = 0;
  231. $review_content = "";
  232. $isReviewed = false;
  234. if (!empty($review)) {
  235. $review_rating = $review->getRating();
  236. $review_content = $review->getReviewContent();
  237. $isReviewed = true;
  238. }
  240. if ($request->isMethod('POST')) {
  241. $rating = intval($request->request->get('rating'));
  242. $reviewContent = addslashes($request->request->get('review_content'));
  244. if (!$rating) {
  245. return new JsonResponse([
  246. "status" => 400,
  247. "message" => "Please add a rating value.",
  248. ]);
  249. }
  251. if ($rating < 1 || $rating > 5) {
  252. return new JsonResponse([
  253. "status" => 400,
  254. "message" => "Rating value must be between 1-5.",
  255. ]);
  256. }
  258. if (empty($review)) {
  259. $bookingReview = new BookingReview();
  260. $bookingReview->setRating($rating);
  261. $bookingReview->setReviewContent($reviewContent);
  262. $bookingReview->setBooking($booking);
  263. $bookingReview->setClient($user);
  264. $bookingReview->setDriver($booking->getDriver());
  266. $em->persist($bookingReview);
  267. } else {
  268. $review->setRating($rating);
  269. $review->setReviewContent($reviewContent);
  270. }
  272. $bookingHistoryDriver = new BookingHistory();
  273. $bookingHistoryDriver->setBooking($booking);
  274. $bookingHistoryDriver->setActionType(BookingHistory::ACTION_TYPE_ADDED_REVIEW);
  275. $bookingHistoryDriver->setUser($user);
  277. $bookingHistoryDriver->setPayload(['status' => 'add_review']);
  279. $em->persist($bookingHistoryDriver);
  280. $em->flush();
  282. $driver = $booking->getDriver();
  284. if ($driver && $driver->getUser() && $driver->getUser()->getApiKey()) {
  285. $this
  286. ->get('websocket_notification.service')
  287. ->send([
  288. 'apiKey' => $driver->getUser()->getApiKey(),
  289. 'data' => [
  290. 'event' => NotificationPusher::SEND_CLIENT_BOOKING_REVIEW_EVENT,
  291. 'booking' => $id,
  292. 'message' => 'New review on one of your bookings',
  293. ],
  294. ]);
  295. }
  297. return $this->render('@SonataUser/Admin/Security/Review/review-booking.html.twig', array(
  298. 'base_template' => $this->get('sonata.admin.pool')->getTemplate('layout'),
  299. 'admin_pool' => $this->get('sonata.admin.pool'),
  300. 'review_rating' => $rating,
  301. 'review_content' => $reviewContent,
  302. 'bookingKey' => $booking->getKey(),
  303. 'pickupAddress' => $booking->getPickUpAddress(),
  304. 'destinationAddress' => $booking->getDestinationAddress(),
  305. 'bookingDate' => $booking->getPickUpDate(),
  306. 'isReviewed' => true,
  308. ));
  309. }
  311. return $this->render('@SonataUser/Admin/Security/Review/review-booking.html.twig', array(
  312. 'base_template' => $this->get('sonata.admin.pool')->getTemplate('layout'),
  313. 'admin_pool' => $this->get('sonata.admin.pool'),
  314. 'review_rating' => $review_rating,
  315. 'review_content' => $review_content,
  316. 'bookingKey' => $booking->getKey(),
  317. 'pickupAddress' => $booking->getPickUpAddress(),
  318. 'destinationAddress' => $booking->getDestinationAddress(),
  319. 'bookingDate' => $booking->getPickUpDateTime()->format('Y-m-d H:s:i'),
  320. 'isReviewed' => $isReviewed,
  321. ));
  322. }
  323. }