]> git.immae.eu Git - github/wallabag/wallabag.git/blob - src/Wallabag/CoreBundle/Controller/ConfigController.php
projects / github / wallabag / wallabag.git / blob
? search:


56efe82bb88775a8f3e5fac4134a53bec85e72b8
[github/wallabag/wallabag.git] / src / Wallabag / CoreBundle / Controller / ConfigController.php
1 <?php
2
3 namespace Wallabag\CoreBundle\Controller;
4
5 use JMS\Serializer\SerializationContext;
6 use JMS\Serializer\SerializerBuilder;
7 use PragmaRX\Recovery\Recovery as BackupCodes;
8 use Symfony\Bundle\FrameworkBundle\Controller\Controller;
9 use Symfony\Component\HttpFoundation\JsonResponse;
10 use Symfony\Component\HttpFoundation\RedirectResponse;
11 use Symfony\Component\HttpFoundation\Request;
12 use Symfony\Component\HttpFoundation\Response;
13 use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
14 use Symfony\Component\Routing\Annotation\Route;
15 use Symfony\Component\Validator\Constraints\Locale as LocaleConstraint;
16 use Wallabag\CoreBundle\Entity\Config;
17 use Wallabag\CoreBundle\Entity\TaggingRule;
18 use Wallabag\CoreBundle\Form\Type\ChangePasswordType;
19 use Wallabag\CoreBundle\Form\Type\ConfigType;
20 use Wallabag\CoreBundle\Form\Type\FeedType;
21 use Wallabag\CoreBundle\Form\Type\TaggingRuleImportType;
22 use Wallabag\CoreBundle\Form\Type\TaggingRuleType;
23 use Wallabag\CoreBundle\Form\Type\UserInformationType;
24 use Wallabag\CoreBundle\Tools\Utils;
25
26 class ConfigController extends Controller
27 {
28 /**
29 * @Route("/config", name="config")
30 */
31 public function indexAction(Request $request)
32 {
33 $em = $this->getDoctrine()->getManager();
34 $config = $this->getConfig();
35 $userManager = $this->container->get('fos_user.user_manager');
36 $user = $this->getUser();
37
38 // handle basic config detail (this form is defined as a service)
39 $configForm = $this->createForm(ConfigType::class, $config, ['action' => $this->generateUrl('config')]);
40 $configForm->handleRequest($request);
41
42 if ($configForm->isSubmitted() && $configForm->isValid()) {
43 $em->persist($config);
44 $em->flush();
45
46 $request->getSession()->set('_locale', $config->getLanguage());
47
48 // switch active theme
49 $activeTheme = $this->get('liip_theme.active_theme');
50 $activeTheme->setName($config->getTheme());
51
52 $this->addFlash(
53 'notice',
54 'flashes.config.notice.config_saved'
55 );
56
57 return $this->redirect($this->generateUrl('config'));
58 }
59
60 // handle changing password
61 $pwdForm = $this->createForm(ChangePasswordType::class, null, ['action' => $this->generateUrl('config') . '#set4']);
62 $pwdForm->handleRequest($request);
63
64 if ($pwdForm->isSubmitted() && $pwdForm->isValid()) {
65 if ($this->get('craue_config')->get('demo_mode_enabled') && $this->get('craue_config')->get('demo_mode_username') === $user->getUsername()) {
66 $message = 'flashes.config.notice.password_not_updated_demo';
67 } else {
68 $message = 'flashes.config.notice.password_updated';
69
70 $user->setPlainPassword($pwdForm->get('new_password')->getData());
71 $userManager->updateUser($user, true);
72 }
73
74 $this->addFlash('notice', $message);
75
76 return $this->redirect($this->generateUrl('config') . '#set4');
77 }
78
79 // handle changing user information
80 $userForm = $this->createForm(UserInformationType::class, $user, [
81 'validation_groups' => ['Profile'],
82 'action' => $this->generateUrl('config') . '#set3',
83 ]);
84 $userForm->handleRequest($request);
85
86 if ($userForm->isSubmitted() && $userForm->isValid()) {
87 $userManager->updateUser($user, true);
88
89 $this->addFlash(
90 'notice',
91 'flashes.config.notice.user_updated'
92 );
93
94 return $this->redirect($this->generateUrl('config') . '#set3');
95 }
96
97 // handle feed information
98 $feedForm = $this->createForm(FeedType::class, $config, ['action' => $this->generateUrl('config') . '#set2']);
99 $feedForm->handleRequest($request);
100
101 if ($feedForm->isSubmitted() && $feedForm->isValid()) {
102 $em->persist($config);
103 $em->flush();
104
105 $this->addFlash(
106 'notice',
107 'flashes.config.notice.feed_updated'
108 );
109
110 return $this->redirect($this->generateUrl('config') . '#set2');
111 }
112
113 // handle tagging rule
114 $taggingRule = new TaggingRule();
115 $action = $this->generateUrl('config') . '#set5';
116
117 if ($request->query->has('tagging-rule')) {
118 $taggingRule = $this->getDoctrine()
119 ->getRepository('WallabagCoreBundle:TaggingRule')
120 ->find($request->query->get('tagging-rule'));
121
122 if ($this->getUser()->getId() !== $taggingRule->getConfig()->getUser()->getId()) {
123 return $this->redirect($action);
124 }
125
126 $action = $this->generateUrl('config') . '?tagging-rule=' . $taggingRule->getId() . '#set5';
127 }
128
129 $newTaggingRule = $this->createForm(TaggingRuleType::class, $taggingRule, ['action' => $action]);
130 $newTaggingRule->handleRequest($request);
131
132 if ($newTaggingRule->isSubmitted() && $newTaggingRule->isValid()) {
133 $taggingRule->setConfig($config);
134 $em->persist($taggingRule);
135 $em->flush();
136
137 $this->addFlash(
138 'notice',
139 'flashes.config.notice.tagging_rules_updated'
140 );
141
142 return $this->redirect($this->generateUrl('config') . '#set5');
143 }
144
145 // handle tagging rules import
146 $taggingRulesImportform = $this->createForm(TaggingRuleImportType::class);
147 $taggingRulesImportform->handleRequest($request);
148
149 if ($taggingRulesImportform->isSubmitted() && $taggingRulesImportform->isValid()) {
150 $message = 'flashes.config.notice.tagging_rules_not_imported';
151 $file = $taggingRulesImportform->get('file')->getData();
152
153 if (null !== $file && $file->isValid() && \in_array($file->getClientMimeType(), ['application/json', 'application/octet-stream'], true)) {
154 $content = json_decode(file_get_contents($file->getPathname()), true);
155
156 if (\is_array($content)) {
157 foreach ($content as $rule) {
158 $taggingRule = new TaggingRule();
159 $taggingRule->setRule($rule['rule']);
160 $taggingRule->setTags($rule['tags']);
161 $taggingRule->setConfig($config);
162 $em->persist($taggingRule);
163 }
164
165 $em->flush();
166
167 $message = 'flashes.config.notice.tagging_rules_imported';
168 }
169 }
170
171 $this->addFlash('notice', $message);
172
173 return $this->redirect($this->generateUrl('config') . '#set5');
174 }
175
176 return $this->render('WallabagCoreBundle:Config:index.html.twig', [
177 'form' => [
178 'config' => $configForm->createView(),
179 'feed' => $feedForm->createView(),
180 'pwd' => $pwdForm->createView(),
181 'user' => $userForm->createView(),
182 'new_tagging_rule' => $newTaggingRule->createView(),
183 'import_tagging_rule' => $taggingRulesImportform->createView(),
184 ],
185 'feed' => [
186 'username' => $user->getUsername(),
187 'token' => $config->getFeedToken(),
188 ],
189 'twofactor_auth' => $this->getParameter('twofactor_auth'),
190 'wallabag_url' => $this->getParameter('domain_name'),
191 'enabled_users' => $this->get('wallabag_user.user_repository')->getSumEnabledUsers(),
192 ]);
193 }
194
195 /**
196 * Disable 2FA using email.
197 *
198 * @Route("/config/otp/email/disable", name="disable_otp_email")
199 */
200 public function disableOtpEmailAction()
201 {
202 if (!$this->getParameter('twofactor_auth')) {
203 return $this->createNotFoundException('two_factor not enabled');
204 }
205
206 $user = $this->getUser();
207 $user->setEmailTwoFactor(false);
208
209 $this->container->get('fos_user.user_manager')->updateUser($user, true);
210
211 $this->addFlash(
212 'notice',
213 'flashes.config.notice.otp_disabled'
214 );
215
216 return $this->redirect($this->generateUrl('config') . '#set3');
217 }
218
219 /**
220 * Enable 2FA using email.
221 *
222 * @Route("/config/otp/email", name="config_otp_email")
223 */
224 public function otpEmailAction()
225 {
226 if (!$this->getParameter('twofactor_auth')) {
227 return $this->createNotFoundException('two_factor not enabled');
228 }
229
230 $user = $this->getUser();
231
232 $user->setGoogleAuthenticatorSecret(null);
233 $user->setBackupCodes(null);
234 $user->setEmailTwoFactor(true);
235
236 $this->container->get('fos_user.user_manager')->updateUser($user, true);
237
238 $this->addFlash(
239 'notice',
240 'flashes.config.notice.otp_enabled'
241 );
242
243 return $this->redirect($this->generateUrl('config') . '#set3');
244 }
245
246 /**
247 * Disable 2FA using OTP app.
248 *
249 * @Route("/config/otp/app/disable", name="disable_otp_app")
250 */
251 public function disableOtpAppAction()
252 {
253 if (!$this->getParameter('twofactor_auth')) {
254 return $this->createNotFoundException('two_factor not enabled');
255 }
256
257 $user = $this->getUser();
258
259 $user->setGoogleAuthenticatorSecret('');
260 $user->setBackupCodes(null);
261
262 $this->container->get('fos_user.user_manager')->updateUser($user, true);
263
264 $this->addFlash(
265 'notice',
266 'flashes.config.notice.otp_disabled'
267 );
268
269 return $this->redirect($this->generateUrl('config') . '#set3');
270 }
271
272 /**
273 * Enable 2FA using OTP app, user will need to confirm the generated code from the app.
274 *
275 * @Route("/config/otp/app", name="config_otp_app")
276 */
277 public function otpAppAction()
278 {
279 if (!$this->getParameter('twofactor_auth')) {
280 return $this->createNotFoundException('two_factor not enabled');
281 }
282
283 $user = $this->getUser();
284 $secret = $this->get('scheb_two_factor.security.google_authenticator')->generateSecret();
285
286 $user->setGoogleAuthenticatorSecret($secret);
287 $user->setEmailTwoFactor(false);
288
289 $backupCodes = (new BackupCodes())->toArray();
290 $backupCodesHashed = array_map(
291 function ($backupCode) {
292 return password_hash($backupCode, PASSWORD_DEFAULT);
293 },
294 $backupCodes
295 );
296
297 $user->setBackupCodes($backupCodesHashed);
298
299 $this->container->get('fos_user.user_manager')->updateUser($user, true);
300
301 $this->addFlash(
302 'notice',
303 'flashes.config.notice.otp_enabled'
304 );
305
306 return $this->render('WallabagCoreBundle:Config:otp_app.html.twig', [
307 'backupCodes' => $backupCodes,
308 'qr_code' => $this->get('scheb_two_factor.security.google_authenticator')->getQRContent($user),
309 ]);
310 }
311
312 /**
313 * Cancelling 2FA using OTP app.
314 *
315 * @Route("/config/otp/app/cancel", name="config_otp_app_cancel")
316 */
317 public function otpAppCancelAction()
318 {
319 if (!$this->getParameter('twofactor_auth')) {
320 return $this->createNotFoundException('two_factor not enabled');
321 }
322
323 $user = $this->getUser();
324 $user->setGoogleAuthenticatorSecret(null);
325 $user->setBackupCodes(null);
326
327 $this->container->get('fos_user.user_manager')->updateUser($user, true);
328
329 return $this->redirect($this->generateUrl('config') . '#set3');
330 }
331
332 /**
333 * Validate OTP code.
334 *
335 * @Route("/config/otp/app/check", name="config_otp_app_check")
336 */
337 public function otpAppCheckAction(Request $request)
338 {
339 $isValid = $this->get('scheb_two_factor.security.google_authenticator')->checkCode(
340 $this->getUser(),
341 $request->get('_auth_code')
342 );
343
344 if (true === $isValid) {
345 $this->addFlash(
346 'notice',
347 'flashes.config.notice.otp_enabled'
348 );
349
350 return $this->redirect($this->generateUrl('config') . '#set3');
351 }
352
353 $this->addFlash(
354 'two_factor',
355 'scheb_two_factor.code_invalid'
356 );
357
358 return $this->redirect($this->generateUrl('config_otp_app'));
359 }
360
361 /**
362 * @Route("/generate-token", name="generate_token")
363 *
364 * @return RedirectResponse|JsonResponse
365 */
366 public function generateTokenAction(Request $request)
367 {
368 $config = $this->getConfig();
369 $config->setFeedToken(Utils::generateToken());
370
371 $em = $this->getDoctrine()->getManager();
372 $em->persist($config);
373 $em->flush();
374
375 if ($request->isXmlHttpRequest()) {
376 return new JsonResponse(['token' => $config->getFeedToken()]);
377 }
378
379 $this->addFlash(
380 'notice',
381 'flashes.config.notice.feed_token_updated'
382 );
383
384 return $this->redirect($this->generateUrl('config') . '#set2');
385 }
386
387 /**
388 * @Route("/revoke-token", name="revoke_token")
389 *
390 * @return RedirectResponse|JsonResponse
391 */
392 public function revokeTokenAction(Request $request)
393 {
394 $config = $this->getConfig();
395 $config->setFeedToken(null);
396
397 $em = $this->getDoctrine()->getManager();
398 $em->persist($config);
399 $em->flush();
400
401 if ($request->isXmlHttpRequest()) {
402 return new JsonResponse();
403 }
404
405 $this->addFlash(
406 'notice',
407 'flashes.config.notice.feed_token_revoked'
408 );
409
410 return $this->redirect($this->generateUrl('config') . '#set2');
411 }
412
413 /**
414 * Deletes a tagging rule and redirect to the config homepage.
415 *
416 * @Route("/tagging-rule/delete/{id}", requirements={"id" = "\d+"}, name="delete_tagging_rule")
417 *
418 * @return RedirectResponse
419 */
420 public function deleteTaggingRuleAction(TaggingRule $rule)
421 {
422 $this->validateRuleAction($rule);
423
424 $em = $this->getDoctrine()->getManager();
425 $em->remove($rule);
426 $em->flush();
427
428 $this->addFlash(
429 'notice',
430 'flashes.config.notice.tagging_rules_deleted'
431 );
432
433 return $this->redirect($this->generateUrl('config') . '#set5');
434 }
435
436 /**
437 * Edit a tagging rule.
438 *
439 * @Route("/tagging-rule/edit/{id}", requirements={"id" = "\d+"}, name="edit_tagging_rule")
440 *
441 * @return RedirectResponse
442 */
443 public function editTaggingRuleAction(TaggingRule $rule)
444 {
445 $this->validateRuleAction($rule);
446
447 return $this->redirect($this->generateUrl('config') . '?tagging-rule=' . $rule->getId() . '#set5');
448 }
449
450 /**
451 * Remove all annotations OR tags OR entries for the current user.
452 *
453 * @Route("/reset/{type}", requirements={"id" = "annotations|tags|entries"}, name="config_reset")
454 *
455 * @return RedirectResponse
456 */
457 public function resetAction($type)
458 {
459 switch ($type) {
460 case 'annotations':
461 $this->getDoctrine()
462 ->getRepository('WallabagAnnotationBundle:Annotation')
463 ->removeAllByUserId($this->getUser()->getId());
464 break;
465 case 'tags':
466 $this->removeAllTagsByUserId($this->getUser()->getId());
467 break;
468 case 'entries':
469 // SQLite doesn't care about cascading remove, so we need to manually remove associated stuff
470 // otherwise they won't be removed ...
471 if ($this->get('doctrine')->getConnection()->getDatabasePlatform() instanceof \Doctrine\DBAL\Platforms\SqlitePlatform) {
472 $this->getDoctrine()->getRepository('WallabagAnnotationBundle:Annotation')->removeAllByUserId($this->getUser()->getId());
473 }
474
475 // manually remove tags to avoid orphan tag
476 $this->removeAllTagsByUserId($this->getUser()->getId());
477
478 $this->get('wallabag_core.entry_repository')->removeAllByUserId($this->getUser()->getId());
479 break;
480 case 'archived':
481 if ($this->get('doctrine')->getConnection()->getDatabasePlatform() instanceof \Doctrine\DBAL\Platforms\SqlitePlatform) {
482 $this->removeAnnotationsForArchivedByUserId($this->getUser()->getId());
483 }
484
485 // manually remove tags to avoid orphan tag
486 $this->removeTagsForArchivedByUserId($this->getUser()->getId());
487
488 $this->get('wallabag_core.entry_repository')->removeArchivedByUserId($this->getUser()->getId());
489 break;
490 }
491
492 $this->addFlash(
493 'notice',
494 'flashes.config.notice.' . $type . '_reset'
495 );
496
497 return $this->redirect($this->generateUrl('config') . '#set3');
498 }
499
500 /**
501 * Delete account for current user.
502 *
503 * @Route("/account/delete", name="delete_account")
504 *
505 * @throws AccessDeniedHttpException
506 *
507 * @return \Symfony\Component\HttpFoundation\RedirectResponse
508 */
509 public function deleteAccountAction(Request $request)
510 {
511 $enabledUsers = $this->get('wallabag_user.user_repository')
512 ->getSumEnabledUsers();
513
514 if ($enabledUsers <= 1) {
515 throw new AccessDeniedHttpException();
516 }
517
518 $user = $this->getUser();
519
520 // logout current user
521 $this->get('security.token_storage')->setToken(null);
522 $request->getSession()->invalidate();
523
524 $em = $this->get('fos_user.user_manager');
525 $em->deleteUser($user);
526
527 return $this->redirect($this->generateUrl('fos_user_security_login'));
528 }
529
530 /**
531 * Switch view mode for current user.
532 *
533 * @Route("/config/view-mode", name="switch_view_mode")
534 *
535 * @return \Symfony\Component\HttpFoundation\RedirectResponse
536 */
537 public function changeViewModeAction(Request $request)
538 {
539 $user = $this->getUser();
540 $user->getConfig()->setListMode(!$user->getConfig()->getListMode());
541
542 $em = $this->getDoctrine()->getManager();
543 $em->persist($user);
544 $em->flush();
545
546 return $this->redirect($request->headers->get('referer'));
547 }
548
549 /**
550 * Change the locale for the current user.
551 *
552 * @param string $language
553 *
554 * @Route("/locale/{language}", name="changeLocale")
555 *
556 * @return \Symfony\Component\HttpFoundation\RedirectResponse
557 */
558 public function setLocaleAction(Request $request, $language = null)
559 {
560 $errors = $this->get('validator')->validate($language, (new LocaleConstraint()));
561
562 if (0 === \count($errors)) {
563 $request->getSession()->set('_locale', $language);
564 }
565
566 return $this->redirect($request->headers->get('referer', $this->generateUrl('homepage')));
567 }
568
569 /**
570 * Export tagging rules for the logged in user.
571 *
572 * @Route("/tagging-rule/export", name="export_tagging_rule")
573 *
574 * @return Response
575 */
576 public function exportTaggingRulesAction()
577 {
578 $data = SerializerBuilder::create()->build()->serialize(
579 $this->getUser()->getConfig()->getTaggingRules(),
580 'json',
581 SerializationContext::create()->setGroups(['export_tagging_rule'])
582 );
583
584 return Response::create(
585 $data,
586 200,
587 [
588 'Content-type' => 'application/json',
589 'Content-Disposition' => 'attachment; filename="tagging_rules_' . $this->getUser()->getUsername() . '.json"',
590 'Content-Transfer-Encoding' => 'UTF-8',
591 ]
592 );
593 }
594
595 /**
596 * Remove all tags for given tags and a given user and cleanup orphan tags.
597 *
598 * @param array $tags
599 * @param int $userId
600 */
601 private function removeAllTagsByStatusAndUserId($tags, $userId)
602 {
603 if (empty($tags)) {
604 return;
605 }
606
607 $this->get('wallabag_core.entry_repository')
608 ->removeTags($userId, $tags);
609
610 // cleanup orphan tags
611 $em = $this->getDoctrine()->getManager();
612
613 foreach ($tags as $tag) {
614 if (0 === \count($tag->getEntries())) {
615 $em->remove($tag);
616 }
617 }
618
619 $em->flush();
620 }
621
622 /**
623 * Remove all tags for a given user and cleanup orphan tags.
624 *
625 * @param int $userId
626 */
627 private function removeAllTagsByUserId($userId)
628 {
629 $tags = $this->get('wallabag_core.tag_repository')->findAllTags($userId);
630 $this->removeAllTagsByStatusAndUserId($tags, $userId);
631 }
632
633 /**
634 * Remove all tags for a given user and cleanup orphan tags.
635 *
636 * @param int $userId
637 */
638 private function removeTagsForArchivedByUserId($userId)
639 {
640 $tags = $this->get('wallabag_core.tag_repository')->findForArchivedArticlesByUser($userId);
641 $this->removeAllTagsByStatusAndUserId($tags, $userId);
642 }
643
644 private function removeAnnotationsForArchivedByUserId($userId)
645 {
646 $em = $this->getDoctrine()->getManager();
647
648 $archivedEntriesAnnotations = $this->getDoctrine()
649 ->getRepository('WallabagAnnotationBundle:Annotation')
650 ->findAllArchivedEntriesByUser($userId);
651
652 foreach ($archivedEntriesAnnotations as $archivedEntriesAnnotation) {
653 $em->remove($archivedEntriesAnnotation);
654 }
655
656 $em->flush();
657 }
658
659 /**
660 * Validate that a rule can be edited/deleted by the current user.
661 */
662 private function validateRuleAction(TaggingRule $rule)
663 {
664 if ($this->getUser()->getId() !== $rule->getConfig()->getUser()->getId()) {
665 throw $this->createAccessDeniedException('You can not access this tagging rule.');
666 }
667 }
668
669 /**
670 * Retrieve config for the current user.
671 * If no config were found, create a new one.
672 *
673 * @return Config
674 */
675 private function getConfig()
676 {
677 $config = $this->getDoctrine()
678 ->getRepository('WallabagCoreBundle:Config')
679 ->findOneByUser($this->getUser());
680
681 // should NEVER HAPPEN ...
682 if (!$config) {
683 $config = new Config($this->getUser());
684 }
685
686 return $config;
687 }
688 }
A self hostable application for saving web pages: Save and classify articles. Read them later. Freely.