]>
Commit | Line | Data |
---|---|---|
1 | <?php | |
2 | ||
3 | namespace Wallabag\UserBundle\Entity; | |
4 | ||
5 | use Doctrine\Common\Collections\ArrayCollection; | |
6 | use Doctrine\ORM\Mapping as ORM; | |
7 | use FOS\UserBundle\Model\User as BaseUser; | |
8 | use JMS\Serializer\Annotation\Accessor; | |
9 | use JMS\Serializer\Annotation\Groups; | |
10 | use JMS\Serializer\Annotation\XmlRoot; | |
11 | use Scheb\TwoFactorBundle\Model\BackupCodeInterface; | |
12 | use Scheb\TwoFactorBundle\Model\Email\TwoFactorInterface as EmailTwoFactorInterface; | |
13 | use Scheb\TwoFactorBundle\Model\Google\TwoFactorInterface as GoogleTwoFactorInterface; | |
14 | use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; | |
15 | use Symfony\Component\Security\Core\User\UserInterface; | |
16 | use Wallabag\ApiBundle\Entity\Client; | |
17 | use Wallabag\CoreBundle\Entity\Config; | |
18 | use Wallabag\CoreBundle\Entity\Entry; | |
19 | use Wallabag\CoreBundle\Helper\EntityTimestampsTrait; | |
20 | ||
21 | /** | |
22 | * User. | |
23 | * | |
24 | * @XmlRoot("user") | |
25 | * @ORM\Entity(repositoryClass="Wallabag\UserBundle\Repository\UserRepository") | |
26 | * @ORM\Table(name="`user`") | |
27 | * @ORM\HasLifecycleCallbacks() | |
28 | * | |
29 | * @UniqueEntity("email") | |
30 | * @UniqueEntity("username") | |
31 | */ | |
32 | class User extends BaseUser implements EmailTwoFactorInterface, GoogleTwoFactorInterface, BackupCodeInterface | |
33 | { | |
34 | use EntityTimestampsTrait; | |
35 | ||
36 | /** @Serializer\XmlAttribute */ | |
37 | /** | |
38 | * @var int | |
39 | * | |
40 | * @ORM\Column(name="id", type="integer") | |
41 | * @ORM\Id | |
42 | * @ORM\GeneratedValue(strategy="AUTO") | |
43 | * | |
44 | * @Groups({"user_api", "user_api_with_client"}) | |
45 | */ | |
46 | protected $id; | |
47 | ||
48 | /** | |
49 | * @var string | |
50 | * | |
51 | * @ORM\Column(name="name", type="text", nullable=true) | |
52 | * | |
53 | * @Groups({"user_api", "user_api_with_client"}) | |
54 | */ | |
55 | protected $name; | |
56 | ||
57 | /** | |
58 | * @var string | |
59 | * | |
60 | * @Groups({"user_api", "user_api_with_client"}) | |
61 | */ | |
62 | protected $username; | |
63 | ||
64 | /** | |
65 | * @var string | |
66 | * | |
67 | * @Groups({"user_api", "user_api_with_client"}) | |
68 | */ | |
69 | protected $email; | |
70 | ||
71 | /** | |
72 | * @var \DateTime | |
73 | * | |
74 | * @ORM\Column(name="created_at", type="datetime") | |
75 | * | |
76 | * @Groups({"user_api", "user_api_with_client"}) | |
77 | */ | |
78 | protected $createdAt; | |
79 | ||
80 | /** | |
81 | * @var \DateTime | |
82 | * | |
83 | * @ORM\Column(name="updated_at", type="datetime") | |
84 | * | |
85 | * @Groups({"user_api", "user_api_with_client"}) | |
86 | */ | |
87 | protected $updatedAt; | |
88 | ||
89 | /** | |
90 | * @ORM\OneToMany(targetEntity="Wallabag\CoreBundle\Entity\Entry", mappedBy="user", cascade={"remove"}) | |
91 | */ | |
92 | protected $entries; | |
93 | ||
94 | /** | |
95 | * @ORM\OneToOne(targetEntity="Wallabag\CoreBundle\Entity\Config", mappedBy="user", cascade={"remove"}) | |
96 | */ | |
97 | protected $config; | |
98 | ||
99 | /** | |
100 | * @var ArrayCollection | |
101 | * | |
102 | * @ORM\OneToMany(targetEntity="Wallabag\CoreBundle\Entity\SiteCredential", mappedBy="user", cascade={"remove"}) | |
103 | */ | |
104 | protected $siteCredentials; | |
105 | ||
106 | /** | |
107 | * @var ArrayCollection | |
108 | * | |
109 | * @ORM\OneToMany(targetEntity="Wallabag\ApiBundle\Entity\Client", mappedBy="user", cascade={"remove"}) | |
110 | */ | |
111 | protected $clients; | |
112 | ||
113 | /** | |
114 | * @see getFirstClient() below | |
115 | * | |
116 | * @Groups({"user_api_with_client"}) | |
117 | * @Accessor(getter="getFirstClient") | |
118 | */ | |
119 | protected $default_client; | |
120 | ||
121 | /** | |
122 | * @ORM\Column(type="integer", nullable=true) | |
123 | */ | |
124 | private $authCode; | |
125 | ||
126 | /** | |
127 | * @ORM\Column(name="googleAuthenticatorSecret", type="string", nullable=true) | |
128 | */ | |
129 | private $googleAuthenticatorSecret; | |
130 | ||
131 | /** | |
132 | * @ORM\Column(type="json_array", nullable=true) | |
133 | */ | |
134 | private $backupCodes; | |
135 | ||
136 | /** | |
137 | * @var bool | |
138 | * | |
139 | * @ORM\Column(type="boolean") | |
140 | */ | |
141 | private $emailTwoFactor = false; | |
142 | ||
143 | public function __construct() | |
144 | { | |
145 | parent::__construct(); | |
146 | $this->entries = new ArrayCollection(); | |
147 | $this->roles = ['ROLE_USER']; | |
148 | } | |
149 | ||
150 | /** | |
151 | * Set name. | |
152 | * | |
153 | * @param string $name | |
154 | * | |
155 | * @return User | |
156 | */ | |
157 | public function setName($name) | |
158 | { | |
159 | $this->name = $name; | |
160 | ||
161 | return $this; | |
162 | } | |
163 | ||
164 | /** | |
165 | * Get name. | |
166 | * | |
167 | * @return string | |
168 | */ | |
169 | public function getName() | |
170 | { | |
171 | return $this->name; | |
172 | } | |
173 | ||
174 | /** | |
175 | * @return \DateTime | |
176 | */ | |
177 | public function getCreatedAt() | |
178 | { | |
179 | return $this->createdAt; | |
180 | } | |
181 | ||
182 | /** | |
183 | * @return \DateTime | |
184 | */ | |
185 | public function getUpdatedAt() | |
186 | { | |
187 | return $this->updatedAt; | |
188 | } | |
189 | ||
190 | /** | |
191 | * @param Entry $entry | |
192 | * | |
193 | * @return User | |
194 | */ | |
195 | public function addEntry(Entry $entry) | |
196 | { | |
197 | $this->entries[] = $entry; | |
198 | ||
199 | return $this; | |
200 | } | |
201 | ||
202 | /** | |
203 | * @return ArrayCollection<Entry> | |
204 | */ | |
205 | public function getEntries() | |
206 | { | |
207 | return $this->entries; | |
208 | } | |
209 | ||
210 | public function isEqualTo(UserInterface $user) | |
211 | { | |
212 | return $this->username === $user->getUsername(); | |
213 | } | |
214 | ||
215 | /** | |
216 | * Set config. | |
217 | * | |
218 | * @param Config $config | |
219 | * | |
220 | * @return User | |
221 | */ | |
222 | public function setConfig(Config $config = null) | |
223 | { | |
224 | $this->config = $config; | |
225 | ||
226 | return $this; | |
227 | } | |
228 | ||
229 | /** | |
230 | * Get config. | |
231 | * | |
232 | * @return Config | |
233 | */ | |
234 | public function getConfig() | |
235 | { | |
236 | return $this->config; | |
237 | } | |
238 | ||
239 | /** | |
240 | * @return bool | |
241 | */ | |
242 | public function isEmailTwoFactor() | |
243 | { | |
244 | return $this->emailTwoFactor; | |
245 | } | |
246 | ||
247 | /** | |
248 | * @param bool $emailTwoFactor | |
249 | */ | |
250 | public function setEmailTwoFactor($emailTwoFactor) | |
251 | { | |
252 | $this->emailTwoFactor = $emailTwoFactor; | |
253 | } | |
254 | ||
255 | /** | |
256 | * Used in the user config form to be "like" the email option. | |
257 | */ | |
258 | public function isGoogleTwoFactor() | |
259 | { | |
260 | return $this->isGoogleAuthenticatorEnabled(); | |
261 | } | |
262 | ||
263 | /** | |
264 | * {@inheritdoc} | |
265 | */ | |
266 | public function isEmailAuthEnabled(): bool | |
267 | { | |
268 | return $this->emailTwoFactor; | |
269 | } | |
270 | ||
271 | /** | |
272 | * {@inheritdoc} | |
273 | */ | |
274 | public function getEmailAuthCode(): string | |
275 | { | |
276 | return $this->authCode; | |
277 | } | |
278 | ||
279 | /** | |
280 | * {@inheritdoc} | |
281 | */ | |
282 | public function setEmailAuthCode(string $authCode): void | |
283 | { | |
284 | $this->authCode = $authCode; | |
285 | } | |
286 | ||
287 | /** | |
288 | * {@inheritdoc} | |
289 | */ | |
290 | public function getEmailAuthRecipient(): string | |
291 | { | |
292 | return $this->email; | |
293 | } | |
294 | ||
295 | /** | |
296 | * {@inheritdoc} | |
297 | */ | |
298 | public function isGoogleAuthenticatorEnabled(): bool | |
299 | { | |
300 | return $this->googleAuthenticatorSecret ? true : false; | |
301 | } | |
302 | ||
303 | /** | |
304 | * {@inheritdoc} | |
305 | */ | |
306 | public function getGoogleAuthenticatorUsername(): string | |
307 | { | |
308 | return $this->username; | |
309 | } | |
310 | ||
311 | /** | |
312 | * {@inheritdoc} | |
313 | */ | |
314 | public function getGoogleAuthenticatorSecret(): string | |
315 | { | |
316 | return $this->googleAuthenticatorSecret; | |
317 | } | |
318 | ||
319 | /** | |
320 | * {@inheritdoc} | |
321 | */ | |
322 | public function setGoogleAuthenticatorSecret(?string $googleAuthenticatorSecret): void | |
323 | { | |
324 | $this->googleAuthenticatorSecret = $googleAuthenticatorSecret; | |
325 | } | |
326 | ||
327 | public function setBackupCodes(array $codes = null) | |
328 | { | |
329 | $this->backupCodes = $codes; | |
330 | } | |
331 | ||
332 | public function getBackupCodes() | |
333 | { | |
334 | return $this->backupCodes; | |
335 | } | |
336 | ||
337 | /** | |
338 | * {@inheritdoc} | |
339 | */ | |
340 | public function isBackupCode(string $code): bool | |
341 | { | |
342 | return false === $this->findBackupCode($code) ? false : true; | |
343 | } | |
344 | ||
345 | /** | |
346 | * {@inheritdoc} | |
347 | */ | |
348 | public function invalidateBackupCode(string $code): void | |
349 | { | |
350 | $key = $this->findBackupCode($code); | |
351 | ||
352 | if (false !== $key) { | |
353 | unset($this->backupCodes[$key]); | |
354 | } | |
355 | } | |
356 | ||
357 | /** | |
358 | * @param Client $client | |
359 | * | |
360 | * @return User | |
361 | */ | |
362 | public function addClient(Client $client) | |
363 | { | |
364 | $this->clients[] = $client; | |
365 | ||
366 | return $this; | |
367 | } | |
368 | ||
369 | /** | |
370 | * @return ArrayCollection<Entry> | |
371 | */ | |
372 | public function getClients() | |
373 | { | |
374 | return $this->clients; | |
375 | } | |
376 | ||
377 | /** | |
378 | * Only used by the API when creating a new user it'll also return the first client (which was also created at the same time). | |
379 | * | |
380 | * @return Client | |
381 | */ | |
382 | public function getFirstClient() | |
383 | { | |
384 | if (!empty($this->clients)) { | |
385 | return $this->clients->first(); | |
386 | } | |
387 | } | |
388 | ||
389 | /** | |
390 | * Try to find a backup code from the list of backup codes of the current user. | |
391 | * | |
392 | * @param string $code Given code from the user | |
393 | * | |
394 | * @return string|false | |
395 | */ | |
396 | private function findBackupCode(string $code) | |
397 | { | |
398 | foreach ($this->backupCodes as $key => $backupCode) { | |
399 | // backup code are hashed using `password_hash` | |
400 | // see ConfigController->otpAppAction | |
401 | if (password_verify($code, $backupCode)) { | |
402 | return $key; | |
403 | } | |
404 | } | |
405 | ||
406 | return false; | |
407 | } | |
408 | } |