X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=src%2FWallabag%2FCoreBundle%2FController%2FConfigController.php;h=abd35c028b8aa3681e552ef62557d21eca514ad3;hb=7ac3e575f1285a07987346461cee9445ac8c0b3b;hp=28e33998d12a63f82cf688f3f7c3c5dbedc4181b;hpb=bf3dc999e7b25888460faff2251f75e4a79491c4;p=github%2Fwallabag%2Fwallabag.git

diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php
index 28e33998..abd35c02 100644
--- a/src/Wallabag/CoreBundle/Controller/ConfigController.php
+++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php
@@ -2,18 +2,16 @@
 
 namespace Wallabag\CoreBundle\Controller;
 
-use FOS\UserBundle\Event\UserEvent;
-use FOS\UserBundle\FOSUserEvents;
 use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
 use Symfony\Component\HttpFoundation\JsonResponse;
 use Symfony\Component\HttpFoundation\RedirectResponse;
 use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
 use Wallabag\CoreBundle\Entity\Config;
 use Wallabag\CoreBundle\Entity\TaggingRule;
 use Wallabag\CoreBundle\Form\Type\ConfigType;
 use Wallabag\CoreBundle\Form\Type\ChangePasswordType;
-use Wallabag\CoreBundle\Form\Type\NewUserType;
 use Wallabag\CoreBundle\Form\Type\RssType;
 use Wallabag\CoreBundle\Form\Type\TaggingRuleType;
 use Wallabag\CoreBundle\Form\Type\UserInformationType;
@@ -138,38 +136,12 @@ class ConfigController extends Controller
             return $this->redirect($this->generateUrl('config').'#set5');
         }
 
-        // handle adding new user
-        $newUser = $userManager->createUser();
-        // enable created user by default
-        $newUser->setEnabled(true);
-        $newUserForm = $this->createForm(NewUserType::class, $newUser, [
-            'validation_groups' => ['Profile'],
-            'action' => $this->generateUrl('config').'#set6',
-        ]);
-        $newUserForm->handleRequest($request);
-
-        if ($newUserForm->isValid() && $this->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN')) {
-            $userManager->updateUser($newUser);
-
-            // dispatch a created event so the associated config will be created
-            $event = new UserEvent($newUser, $request);
-            $this->get('event_dispatcher')->dispatch(FOSUserEvents::USER_CREATED, $event);
-
-            $this->get('session')->getFlashBag()->add(
-                'notice',
-                $this->get('translator')->trans('flashes.config.notice.user_added', ['%username%' => $newUser->getUsername()])
-            );
-
-            return $this->redirect($this->generateUrl('config').'#set6');
-        }
-
         return $this->render('WallabagCoreBundle:Config:index.html.twig', [
             'form' => [
                 'config' => $configForm->createView(),
                 'rss' => $rssForm->createView(),
                 'pwd' => $pwdForm->createView(),
                 'user' => $userForm->createView(),
-                'new_user' => $newUserForm->createView(),
                 'new_tagging_rule' => $newTaggingRule->createView(),
             ],
             'rss' => [
@@ -177,6 +149,9 @@ class ConfigController extends Controller
                 'token' => $config->getRssToken(),
             ],
             'twofactor_auth' => $this->getParameter('twofactor_auth'),
+            'enabled_users' => $this->getDoctrine()
+                ->getRepository('WallabagUserBundle:User')
+                ->getSumEnabledUsers(),
         ]);
     }
 
@@ -219,9 +194,7 @@ class ConfigController extends Controller
      */
     public function deleteTaggingRuleAction(TaggingRule $rule)
     {
-        if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) {
-            throw $this->createAccessDeniedException('You can not access this tagging rule.');
-        }
+        $this->validateRuleAction($rule);
 
         $em = $this->getDoctrine()->getManager();
         $em->remove($rule);
@@ -245,12 +218,22 @@ class ConfigController extends Controller
      * @return RedirectResponse
      */
     public function editTaggingRuleAction(TaggingRule $rule)
+    {
+        $this->validateRuleAction($rule);
+
+        return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5');
+    }
+
+    /**
+     * Validate that a rule can be edited/deleted by the current user.
+     *
+     * @param TaggingRule $rule
+     */
+    private function validateRuleAction(TaggingRule $rule)
     {
         if ($this->getUser()->getId() != $rule->getConfig()->getUser()->getId()) {
             throw $this->createAccessDeniedException('You can not access this tagging rule.');
         }
-
-        return $this->redirect($this->generateUrl('config').'?tagging-rule='.$rule->getId().'#set5');
     }
 
     /**
@@ -272,4 +255,37 @@ class ConfigController extends Controller
 
         return $config;
     }
+
+    /**
+     * Delete account for current user.
+     *
+     * @Route("/account/delete", name="delete_account")
+     *
+     * @param Request $request
+     *
+     * @throws AccessDeniedHttpException
+     *
+     * @return \Symfony\Component\HttpFoundation\RedirectResponse
+     */
+    public function deleteAccountAction(Request $request)
+    {
+        $enabledUsers = $this->getDoctrine()
+            ->getRepository('WallabagUserBundle:User')
+            ->getSumEnabledUsers();
+
+        if ($enabledUsers <= 1) {
+            throw new AccessDeniedHttpException();
+        }
+
+        $user = $this->getUser();
+
+        // logout current user
+        $this->get('security.token_storage')->setToken(null);
+        $request->getSession()->invalidate();
+
+        $em = $this->get('fos_user.user_manager');
+        $em->deleteUser($user);
+
+        return $this->redirect($this->generateUrl('fos_user_security_login'));
+    }
 }