X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2FWallabag%2FCoreBundle%2FController%2FConfigController.php;h=52a0307016d5b240f0ba2905787b82afc3787be8;hb=68003139e133835805b143b62c4407f19b495dab;hp=779be2689897a3344a279f4b667acbc03b0cffbe;hpb=439b36323e37f669b056cc5228c44bb91196256c;p=github%2Fwallabag%2Fwallabag.git diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 779be268..52a03070 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php @@ -7,11 +7,11 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException; use Wallabag\CoreBundle\Entity\Config; use Wallabag\CoreBundle\Entity\TaggingRule; use Wallabag\CoreBundle\Form\Type\ConfigType; use Wallabag\CoreBundle\Form\Type\ChangePasswordType; -use Wallabag\CoreBundle\Form\Type\NewUserType; use Wallabag\CoreBundle\Form\Type\RssType; use Wallabag\CoreBundle\Form\Type\TaggingRuleType; use Wallabag\CoreBundle\Form\Type\UserInformationType; @@ -32,13 +32,15 @@ class ConfigController extends Controller $user = $this->getUser(); // handle basic config detail (this form is defined as a service) - $configForm = $this->createForm(ConfigType::class, $config, array('action' => $this->generateUrl('config'))); + $configForm = $this->createForm(ConfigType::class, $config, ['action' => $this->generateUrl('config')]); $configForm->handleRequest($request); if ($configForm->isValid()) { $em->persist($config); $em->flush(); + $request->getSession()->set('_locale', $config->getLanguage()); + // switch active theme $activeTheme = $this->get('liip_theme.active_theme'); $activeTheme->setName($config->getTheme()); @@ -52,7 +54,7 @@ class ConfigController extends Controller } // handle changing password - $pwdForm = $this->createForm(ChangePasswordType::class, null, array('action' => $this->generateUrl('config').'#set4')); + $pwdForm = $this->createForm(ChangePasswordType::class, null, ['action' => $this->generateUrl('config').'#set4']); $pwdForm->handleRequest($request); if ($pwdForm->isValid()) { @@ -71,10 +73,10 @@ class ConfigController extends Controller } // handle changing user information - $userForm = $this->createForm(UserInformationType::class, $user, array( - 'validation_groups' => array('Profile'), + $userForm = $this->createForm(UserInformationType::class, $user, [ + 'validation_groups' => ['Profile'], 'action' => $this->generateUrl('config').'#set3', - )); + ]); $userForm->handleRequest($request); if ($userForm->isValid()) { @@ -89,7 +91,7 @@ class ConfigController extends Controller } // handle rss information - $rssForm = $this->createForm(RssType::class, $config, array('action' => $this->generateUrl('config').'#set2')); + $rssForm = $this->createForm(RssType::class, $config, ['action' => $this->generateUrl('config').'#set2']); $rssForm->handleRequest($request); if ($rssForm->isValid()) { @@ -106,7 +108,21 @@ class ConfigController extends Controller // handle tagging rule $taggingRule = new TaggingRule(); - $newTaggingRule = $this->createForm(TaggingRuleType::class, $taggingRule, array('action' => $this->generateUrl('config').'#set5')); + $action = $this->generateUrl('config').'#set5'; + + if ($request->query->has('tagging-rule')) { + $taggingRule = $this->getDoctrine() + ->getRepository('WallabagCoreBundle:TaggingRule') + ->find($request->query->get('tagging-rule')); + + if ($this->getUser()->getId() !== $taggingRule->getConfig()->getUser()->getId()) { + return $this->redirect($action); + } + + $action = $this->generateUrl('config').'?tagging-rule='.$taggingRule->getId().'#set5'; + } + + $newTaggingRule = $this->createForm(TaggingRuleType::class, $taggingRule, ['action' => $action]); $newTaggingRule->handleRequest($request); if ($newTaggingRule->isValid()) { @@ -122,52 +138,24 @@ class ConfigController extends Controller return $this->redirect($this->generateUrl('config').'#set5'); } - // handle adding new user - $newUser = $userManager->createUser(); - // enable created user by default - $newUser->setEnabled(true); - $newUserForm = $this->createForm(NewUserType::class, $newUser, array( - 'validation_groups' => array('Profile'), - 'action' => $this->generateUrl('config').'#set6', - )); - $newUserForm->handleRequest($request); - - if ($newUserForm->isValid() && $this->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN')) { - $userManager->updateUser($newUser, true); - - $config = new Config($newUser); - $config->setTheme($this->getParameter('wallabag_core.theme')); - $config->setItemsPerPage($this->getParameter('wallabag_core.items_on_page')); - $config->setRssLimit($this->getParameter('wallabag_core.rss_limit')); - $config->setLanguage($this->getParameter('wallabag_core.language')); - - $em->persist($config); - - $em->flush(); - - $this->get('session')->getFlashBag()->add( - 'notice', - $this->get('translator')->trans('flashes.config.notice.user_added', array('%username%' => $newUser->getUsername())) - ); - - return $this->redirect($this->generateUrl('config').'#set6'); - } - - return $this->render('WallabagCoreBundle:Config:index.html.twig', array( - 'form' => array( + return $this->render('WallabagCoreBundle:Config:index.html.twig', [ + 'form' => [ 'config' => $configForm->createView(), 'rss' => $rssForm->createView(), 'pwd' => $pwdForm->createView(), 'user' => $userForm->createView(), - 'new_user' => $newUserForm->createView(), 'new_tagging_rule' => $newTaggingRule->createView(), - ), - 'rss' => array( + ], + 'rss' => [ 'username' => $user->getUsername(), 'token' => $config->getRssToken(), - ), + ], 'twofactor_auth' => $this->getParameter('twofactor_auth'), - )); + 'wallabag_url' => $this->get('craue_config')->get('wallabag_url'), + 'enabled_users' => $this->getDoctrine() + ->getRepository('WallabagUserBundle:User') + ->getSumEnabledUsers(), + ]); } /** @@ -187,7 +175,7 @@ class ConfigController extends Controller $em->flush(); if ($request->isXmlHttpRequest()) { - return new JsonResponse(array('token' => $config->getRssToken())); + return new JsonResponse(['token' => $config->getRssToken()]); } $this->get('session')->getFlashBag()->add( @@ -209,9 +197,7 @@ class ConfigController extends Controller */ public function deleteTaggingRuleAction(TaggingRule $rule) { - if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) { - throw $this->createAccessDeniedException('You can not access this tagging rule.'); - } + $this->validateRuleAction($rule); $em = $this->getDoctrine()->getManager(); $em->remove($rule); @@ -225,11 +211,111 @@ class ConfigController extends Controller return $this->redirect($this->generateUrl('config').'#set5'); } + /** + * Edit a tagging rule. + * + * @param TaggingRule $rule + * + * @Route("/tagging-rule/edit/{id}", requirements={"id" = "\d+"}, name="edit_tagging_rule") + * + * @return RedirectResponse + */ + public function editTaggingRuleAction(TaggingRule $rule) + { + $this->validateRuleAction($rule); + + return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5'); + } + + /** + * Remove all annotations OR tags OR entries for the current user. + * + * @Route("/reset/{type}", requirements={"id" = "annotations|tags|entries"}, name="config_reset") + * + * @return RedirectResponse + */ + public function resetAction($type) + { + switch ($type) { + case 'annotations': + $this->getDoctrine() + ->getRepository('WallabagAnnotationBundle:Annotation') + ->removeAllByUserId($this->getUser()->getId()); + break; + + case 'tags': + $this->removeAllTagsByUserId($this->getUser()->getId()); + break; + + case 'entries': + // SQLite doesn't care about cascading remove, so we need to manually remove associated stuf + // otherwise they won't be removed ... + if ($this->get('doctrine')->getConnection()->getDriver() instanceof \Doctrine\DBAL\Driver\PDOSqlite\Driver) { + $this->getDoctrine()->getRepository('WallabagAnnotationBundle:Annotation')->removeAllByUserId($this->getUser()->getId()); + } + + // manually remove tags to avoid orphan tag + $this->removeAllTagsByUserId($this->getUser()->getId()); + + $this->getDoctrine() + ->getRepository('WallabagCoreBundle:Entry') + ->removeAllByUserId($this->getUser()->getId()); + } + + $this->get('session')->getFlashBag()->add( + 'notice', + 'flashes.config.notice.'.$type.'_reset' + ); + + return $this->redirect($this->generateUrl('config').'#set3'); + } + + /** + * Remove all tags for a given user and cleanup orphan tags. + * + * @param int $userId + */ + private function removeAllTagsByUserId($userId) + { + $tags = $this->getDoctrine()->getRepository('WallabagCoreBundle:Tag')->findAllTags($userId); + + if (empty($tags)) { + return; + } + + $this->getDoctrine() + ->getRepository('WallabagCoreBundle:Entry') + ->removeTags($userId, $tags); + + // cleanup orphan tags + $em = $this->getDoctrine()->getManager(); + + foreach ($tags as $tag) { + if (count($tag->getEntries()) === 0) { + $em->remove($tag); + } + } + + $em->flush(); + } + + /** + * Validate that a rule can be edited/deleted by the current user. + * + * @param TaggingRule $rule + */ + private function validateRuleAction(TaggingRule $rule) + { + if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) { + throw $this->createAccessDeniedException('You can not access this tagging rule.'); + } + } + /** * Retrieve config for the current user. * If no config were found, create a new one. * - * @return Wallabag\CoreBundle\Entity\Config + * @return Config */ private function getConfig() { @@ -237,10 +323,44 @@ class ConfigController extends Controller ->getRepository('WallabagCoreBundle:Config') ->findOneByUser($this->getUser()); + // should NEVER HAPPEN ... if (!$config) { $config = new Config($this->getUser()); } return $config; } + + /** + * Delete account for current user. + * + * @Route("/account/delete", name="delete_account") + * + * @param Request $request + * + * @throws AccessDeniedHttpException + * + * @return \Symfony\Component\HttpFoundation\RedirectResponse + */ + public function deleteAccountAction(Request $request) + { + $enabledUsers = $this->getDoctrine() + ->getRepository('WallabagUserBundle:User') + ->getSumEnabledUsers(); + + if ($enabledUsers <= 1) { + throw new AccessDeniedHttpException(); + } + + $user = $this->getUser(); + + // logout current user + $this->get('security.token_storage')->setToken(null); + $request->getSession()->invalidate(); + + $em = $this->get('fos_user.user_manager'); + $em->deleteUser($user); + + return $this->redirect($this->generateUrl('fos_user_security_login')); + } }