src/Controller/UserController.php line 145

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  6. use Symfony\Component\Routing\Annotation\Route;
  7. use Sensio\Bundle\FrameworkExtraBundle\Configuration\IsGranted;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\Security\Core\User\UserInterface;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use Symfony\Contracts\Translation\TranslatorInterface;
  12. use Knp\Component\Pager\PaginatorInterface;
  14. use Scheb\TwoFactorBundle\Security\TwoFactor\Provider\Google\GoogleAuthenticatorInterface;
  15. use Endroid\QrCode\QrCode;
  17. use App\Form\UserSettingsFormType;
  18. use App\Form\User2FAFormType;
  19. use App\Form\UserSearchFormType;
  20. use App\Form\UserRolesFormType;
  21. use App\Entity\User;
  22. use App\Entity\UserProfile;
  24. use App\Repository\UserRepository;
  26. class UserController extends AbstractController
  27. {
  28.     public function __construct(TranslatorInterface $translator)
  29.     {
  30.         $this->translator $translator;
  31.     }
  33.     /**
  34.      * @Route("/settings/", name="user")
  35.      */
  36.     public function profile(UserInterface $userRequest $requestEntityManagerInterface $emTranslatorInterface $translatorGoogleAuthenticatorInterface $googleAuthenticatorService)
  37.     {
  38.         $this->denyAccessUnlessGranted('ROLE_USER');
  39.         $this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
  41.         $repository $this->getDoctrine()->getRepository(User::class);
  42.         $user $repository->findOneBy(array('id' => $user->getId()));
  44.         $repository $this->getDoctrine()->getRepository(UserProfile::class);
  45.         $userprofile $repository->findOneBy(array('user' => $user->getId()));
  47.         $newsletter_form $this->createForm(UserSettingsFormType::class, $user);
  49.         $newsletter_form->handleRequest($request);
  50.         if ($newsletter_form->isSubmitted() && $newsletter_form->isValid()){
  51.             $user $newsletter_form->getData();
  53.             $em->persist($user);
  54.             $em->flush();
  56.             $this->addFlash('success'$translator->trans("Nieuwsbrief instelling opgeslagen"));
  57.         }
  59.         $forumdb_conn $this->getDoctrine()->getConnection('forumdb');
  60.         $forumprofile_query $forumdb_conn->prepare("SELECT `user_regdate`,`user_lastmark`,`user_posts` FROM `phpbb_users` WHERE `user_id` = '".$this->getUser()->getId()."' LIMIT 1");
  61.         $forumprofile_query->execute();
  62.         $forumprofile $forumprofile_query->fetchAll()[0];
  64.         $profileflairs_query $forumdb_conn->prepare("SELECT phpbb_flair.flair_id, phpbb_flair.flair_icon, phpbb_flair.flair_color, phpbb_flair.flair_icon_color, phpbb_flair.flair_name FROM phpbb_user_group, phpbb_flair_groups, phpbb_flair WHERE phpbb_user_group.group_id = phpbb_flair_groups.group_id AND phpbb_flair_groups.flair_id = phpbb_flair.flair_id AND phpbb_user_group.user_id = '".$this->getUser()->getId()."'");
  65.         $profileflairs_query->execute();
  66.         $profileflairs $profileflairs_query->fetchAll();
  68.         // 2FA start
  69.         $repository $this->getDoctrine()->getRepository(User::class);
  70.         $user $repository->findOneBy(array('id' => $this->getUser()->getId()));
  72.         $mfa_form $this->createForm(User2FAFormType::class);
  74.         $mfa_form->handleRequest($request);
  75.         if ($mfa_form->isSubmitted() && $mfa_form->isValid()) {
  76.             $code $mfa_form->getData()['code'];
  77.             $mode $request->getSession()->get('2famode''none');
  78.             $secret $request->getSession()->get('2fasecret'null);
  80.             if($mode == 'add') {
  81.                 $user->setGoogleAuthenticatorSecret($secret);
  82.                 $validation $googleAuthenticatorService->checkCode($user$code);
  83.                 if($validation) {
  84.                     $em->persist($user);
  85.                     $em->flush();
  87.                     $this->addFlash('success'$this->translator->trans('2 staps authenticatie aangezet'));
  88.                 } else {
  89.                     $this->addFlash('success'$this->translator->trans('Foutieve validatiecode'));
  90.                 }
  91.             }
  92.             elseif($mode == 'remove') {
  93.                 $validation $googleAuthenticatorService->checkCode($user$code);
  94.                 if($validation) {
  95.                     $user->setGoogleAuthenticatorSecret(NULL);
  96.                     $em->persist($user);
  97.                     $em->flush();
  99.                     $this->addFlash('success'$this->translator->trans('2 staps authenticatie uitgezet'));
  100.                 } else {
  101.                     $this->addFlash('success'$this->translator->trans('Foutieve validatiecode'));
  102.                 }
  103.             } else {
  104.                 dd("2fa mode error");
  105.             }
  107.             $request->getSession()->set('2fasecret'null);
  108.             return $this->redirectToRoute('user');
  109.         } else {
  110.             if(empty($user->getGoogleAuthenticatorSecret())) {
  111.                 $user_2fa false;
  112.     
  113.                 $secret $googleAuthenticatorService->generateSecret();
  114.                 $request->getSession()->set('2famode''add');
  115.                 $request->getSession()->set('2fasecret'$secret);
  116.                 $user->setGoogleAuthenticatorSecret($secret);
  117.     
  118.                 $qrCode = new QrCode($googleAuthenticatorService->getQRContent($user));
  119.                 $qrPNGBase64 base64_encode($qrCode->writeString());
  120.                 $user->setGoogleAuthenticatorSecret(null);
  121.             } else {
  122.                 $user_2fa true;
  123.                 $qrPNGBase64 null;
  124.                 $request->getSession()->set('2famode''remove');
  125.                 $request->getSession()->set('2fasecret'null);
  126.             }
  127.         }
  129.         return $this->render('user_profile.html.twig' , [
  130.             'avatar' => $user->getAvatar(),
  131.             'userprofile' => $userprofile,
  132.             'newsletter_form' => $newsletter_form->createView(),
  133.             'forumprofile' => $forumprofile,
  134.             'profileflairs' => $profileflairs,
  136.             'user_2fa' => $user_2fa,
  137.             'qrcode' => $qrPNGBase64,
  138.             'mfa_form' => $mfa_form->createView()
  139.         ]);
  140.     }
  142.     /**
  143.      * @Route("/user/{username}", name="user_profile_public")
  144.      */
  145.     public function user_profile_public(string $usernameEntityManagerInterface $em)
  146.     {
  147.         $this->denyAccessUnlessGranted('ROLE_USER');
  149.         $repository $this->getDoctrine()->getRepository(User::class);
  150.         $user $repository->findOneBy(array('username' => $username));
  152.         $repository $this->getDoctrine()->getRepository(UserProfile::class);
  153.         $userprofile $repository->findOneBy(array('user' => $user->getId()));
  155.         $forumdb_conn $this->getDoctrine()->getConnection('forumdb');
  156.         $forumprofile_query $forumdb_conn->prepare("SELECT `user_regdate`,`user_lastmark`,`user_posts` FROM `phpbb_users` WHERE `user_id` = '".$user->getId()."' LIMIT 1");
  157.         $forumprofile_query->execute();
  158.         $forumprofile $forumprofile_query->fetchAll()[0];
  160.         $profileflairs_query $forumdb_conn->prepare("SELECT phpbb_flair.flair_id, phpbb_flair.flair_icon, phpbb_flair.flair_color, phpbb_flair.flair_icon_color, phpbb_flair.flair_name FROM phpbb_user_group, phpbb_flair_groups, phpbb_flair WHERE phpbb_user_group.group_id = phpbb_flair_groups.group_id AND phpbb_flair_groups.flair_id = phpbb_flair.flair_id AND phpbb_user_group.user_id = '".$user->getId()."'");
  161.         $profileflairs_query->execute();
  162.         $profileflairs $profileflairs_query->fetchAll();
  164.         return $this->render('user_profile_public.html.twig' , [
  165.             'avatar' => $user->getAvatar(),
  166.             'userid' => $user->getId(),
  167.             'username' => $user->getUsername(),
  168.             'userprofile' => $userprofile,
  169.             'forumprofile' => $forumprofile,
  170.             'profileflairs' => $profileflairs,
  171.         ]);
  172.     }
  174.     /**
  175.      * @Route("/moderate/users", name="users_moderate")
  176.      */
  177.     public function users_moderate(Request $requestTranslatorInterface $translatorEntityManagerInterface $emPaginatorInterface $paginator)
  178.     {
  179.         $this->denyAccessUnlessGranted('ROLE_MOD_USER');
  181.         $filter = array();
  182.         $form $this->createForm(UserSearchFormType::class);
  183.         $form->handleRequest($request);
  185.         if ($form->isSubmitted() && $form->isValid()){
  186.             $filter $form->getData();
  187.         } else {
  188.             if(!$request->query->get('page')){
  189.                 $form->get('user')->setData("");
  190.             } elseif($request->query->get('page') && $request->query->get('filter')) {
  191.                 $filter $request->query->get('filter');
  192.                 if(isset($filter['user']) && $filter['user'] != '') { $form->get('user')->setData($filter['user']); } else { $form->get('user')->setData(null); $filter['user'] = null;};
  193.             }
  194.         }
  196.         $qb $em->createQueryBuilder('u')
  197.             ->from('App\Entity\User''u')
  198.             ->addSelect('u')
  199.             ->orderBy('u.username','ASC')
  200.         ;
  202.         if(!empty($filter['user'])) {
  203.             $qb->andWhere("u.username LIKE :user")
  204.                 ->setParameter('user'str_replace("*","%",$filter['user']))
  205.             ;
  206.         }
  208.         $result $paginator->paginate(
  209.             $qb/* query NOT result */
  210.             $request->query->getInt('page'1), /*page number*/
  211.             10 /*limit per page*/
  212.         );
  214.         $result->setParam('filter'$filter);
  216.         $result->setCustomParameters([
  217.             'align' => 'right'# center|right (for template: twitter_bootstrap_v4_pagination)
  218.         ]);
  220.         return $this->render('user_moderate.html.twig', [
  221.             'form' => $form->createView(),
  222.             'result' => $result
  223.         ]);
  224.     }
  227.     /**
  228.      * @Route("/moderate/users/rights/{user}", name="users_moderate_editrights")
  229.      */
  230.     public function users_moderate_editrights(User $userRequest $requestTranslatorInterface $translatorEntityManagerInterface $em)
  231.     {
  232.         $this->denyAccessUnlessGranted('ROLE_ADMIN');
  234.         $roles=array();
  235.         foreach ($user->getRoles() as $i => $role) {
  236.             if($role != ""){
  237.                 $roles[$i] = $role;
  238.             }
  239.         }
  241.         $total count($roles);
  242.         $i=0;
  243.         $groups "";
  244.         foreach ($roles as $role) {
  245.             if($role == "ROLE_USER") { $role ""; }
  246.             elseif($role == "ROLE_ADMIN") { $role $translator->trans("Beheerder"); }
  247.             elseif($role == "ROLE_SUPER_MOD") { $role $translator->trans("Super moderator"); }
  248.             elseif($role == "ROLE_FOSSILDB_MOD") { $role $translator->trans("Fossieldatabase moderator"); }
  249.             elseif($role == "ROLE_LOCATION_MOD") { $role $translator->trans("Locatiedatabase moderator"); }
  250.             $groups=$groups.$role;
  251.             $i++;
  252.             if($i<$total){ $groups=$groups.","; }
  253.         }
  255.         $form $this->createForm(UserRolesFormType::class);
  257.         $form->handleRequest($request);
  258.         if ($form->isSubmitted() && $form->isValid()){
  259.             $formdata $form->getData();
  261.             $formdata json_decode($formdata["groups"]);
  263.             $user_roles = array();
  264.             $user_roles[]="ROLE_USER";
  265.             if($formdata){
  266.                 foreach ($formdata as $item) {
  267.                     if($item->value == $translator->trans("Beheerder")) { $user_roles[]="ROLE_ADMIN"; }
  268.                     elseif($item->value == $translator->trans("Super moderator")) { $user_roles[]="ROLE_SUPER_MOD"; }
  269.                     elseif($item->value == $translator->trans("Fossieldatabase moderator")) { $user_roles[]="ROLE_FOSSILDB_MOD"; }
  270.                     elseif($item->value == $translator->trans("Locatiedatabase moderator")) { $user_roles[]="ROLE_LOCATION_MOD"; }
  271.                 }
  272.             }
  274.             $user->setRoles($user_roles);
  275.             $em->persist($user);
  276.             $em->flush();
  278.             $this->addFlash('success'"Gebruikers rechten bijgewerkt");
  279.             
  280.             return $this->redirectToRoute('users_moderate_editrights',array('user' => $user->getId()));
  281.         }
  282.         $form->get('groups')->setData($groups);
  284.         return $this->render('user_moderate_roles.html.twig', [
  285.             'form' => $form->createView(),
  286.             'role' => $role,
  287.             'username' => $user->getUsername()
  288.         ]);
  289.     }
  292.     /**
  293.      * @Route("/api/v1/user/getuser", methods="GET", name="api_getuser")
  294.      */
  295.     public function api_getuser(UserRepository $userRepositoryRequest $request)
  296.     {
  297.         $users $userRepository->findAllMatching($request->query->get('query'));
  298.         return $this->json($users200, [], ['groups' => ['main']]);
  299.     }
  300. }