diff options
Diffstat (limited to 'src/Wallabag/CoreBundle/Controller')
3 files changed, 12 insertions, 166 deletions
diff --git a/src/Wallabag/CoreBundle/Controller/ConfigController.php b/src/Wallabag/CoreBundle/Controller/ConfigController.php index 5affdee8..ecfecc66 100644 --- a/src/Wallabag/CoreBundle/Controller/ConfigController.php +++ b/src/Wallabag/CoreBundle/Controller/ConfigController.php | |||
@@ -7,7 +7,7 @@ use Symfony\Bundle\FrameworkBundle\Controller\Controller; | |||
7 | use Symfony\Component\HttpFoundation\Request; | 7 | use Symfony\Component\HttpFoundation\Request; |
8 | use Symfony\Component\HttpFoundation\JsonResponse; | 8 | use Symfony\Component\HttpFoundation\JsonResponse; |
9 | use Wallabag\CoreBundle\Entity\Config; | 9 | use Wallabag\CoreBundle\Entity\Config; |
10 | use Wallabag\CoreBundle\Entity\User; | 10 | use Wallabag\UserBundle\Entity\User; |
11 | use Wallabag\CoreBundle\Form\Type\ChangePasswordType; | 11 | use Wallabag\CoreBundle\Form\Type\ChangePasswordType; |
12 | use Wallabag\CoreBundle\Form\Type\UserInformationType; | 12 | use Wallabag\CoreBundle\Form\Type\UserInformationType; |
13 | use Wallabag\CoreBundle\Form\Type\NewUserType; | 13 | use Wallabag\CoreBundle\Form\Type\NewUserType; |
@@ -25,6 +25,7 @@ class ConfigController extends Controller | |||
25 | { | 25 | { |
26 | $em = $this->getDoctrine()->getManager(); | 26 | $em = $this->getDoctrine()->getManager(); |
27 | $config = $this->getConfig(); | 27 | $config = $this->getConfig(); |
28 | $userManager = $this->container->get('fos_user.user_manager'); | ||
28 | $user = $this->getUser(); | 29 | $user = $this->getUser(); |
29 | 30 | ||
30 | // handle basic config detail (this form is defined as a service) | 31 | // handle basic config detail (this form is defined as a service) |
@@ -52,9 +53,8 @@ class ConfigController extends Controller | |||
52 | $pwdForm->handleRequest($request); | 53 | $pwdForm->handleRequest($request); |
53 | 54 | ||
54 | if ($pwdForm->isValid()) { | 55 | if ($pwdForm->isValid()) { |
55 | $user->setPassword($pwdForm->get('new_password')->getData()); | 56 | $user->setPlainPassword($pwdForm->get('new_password')->getData()); |
56 | $em->persist($user); | 57 | $userManager->updateUser($user, true); |
57 | $em->flush(); | ||
58 | 58 | ||
59 | $this->get('session')->getFlashBag()->add( | 59 | $this->get('session')->getFlashBag()->add( |
60 | 'notice', | 60 | 'notice', |
@@ -69,8 +69,7 @@ class ConfigController extends Controller | |||
69 | $userForm->handleRequest($request); | 69 | $userForm->handleRequest($request); |
70 | 70 | ||
71 | if ($userForm->isValid()) { | 71 | if ($userForm->isValid()) { |
72 | $em->persist($user); | 72 | $userManager->updateUser($user, true); |
73 | $em->flush(); | ||
74 | 73 | ||
75 | $this->get('session')->getFlashBag()->add( | 74 | $this->get('session')->getFlashBag()->add( |
76 | 'notice', | 75 | 'notice', |
@@ -97,14 +96,14 @@ class ConfigController extends Controller | |||
97 | } | 96 | } |
98 | 97 | ||
99 | // handle adding new user | 98 | // handle adding new user |
100 | $newUser = new User(); | 99 | $newUser = $userManager->createUser(); |
101 | // enable created user by default | 100 | // enable created user by default |
102 | $newUser->setEnabled(true); | 101 | $newUser->setEnabled(true); |
103 | $newUserForm = $this->createForm(new NewUserType(), $newUser, array('validation_groups' => array('Profile'))); | 102 | $newUserForm = $this->createForm(new NewUserType(), $newUser, array('validation_groups' => array('Profile'))); |
104 | $newUserForm->handleRequest($request); | 103 | $newUserForm->handleRequest($request); |
105 | 104 | ||
106 | if ($newUserForm->isValid()) { | 105 | if ($newUserForm->isValid() && $this->get('security.authorization_checker')->isGranted('ROLE_SUPER_ADMIN')) { |
107 | $em->persist($newUser); | 106 | $userManager->updateUser($newUser, true); |
108 | 107 | ||
109 | $config = new Config($newUser); | 108 | $config = new Config($newUser); |
110 | $config->setTheme($this->container->getParameter('theme')); | 109 | $config->setTheme($this->container->getParameter('theme')); |
diff --git a/src/Wallabag/CoreBundle/Controller/RssController.php b/src/Wallabag/CoreBundle/Controller/RssController.php index 6121f361..023a6228 100644 --- a/src/Wallabag/CoreBundle/Controller/RssController.php +++ b/src/Wallabag/CoreBundle/Controller/RssController.php | |||
@@ -5,7 +5,7 @@ namespace Wallabag\CoreBundle\Controller; | |||
5 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; | 5 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; |
6 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; | 6 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\ParamConverter; |
7 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | 7 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
8 | use Wallabag\CoreBundle\Entity\User; | 8 | use Wallabag\UserBundle\Entity\User; |
9 | use Wallabag\CoreBundle\Entity\Entry; | 9 | use Wallabag\CoreBundle\Entity\Entry; |
10 | use Pagerfanta\Adapter\DoctrineORMAdapter; | 10 | use Pagerfanta\Adapter\DoctrineORMAdapter; |
11 | use Pagerfanta\Pagerfanta; | 11 | use Pagerfanta\Pagerfanta; |
@@ -16,7 +16,7 @@ class RssController extends Controller | |||
16 | * Shows unread entries for current user. | 16 | * Shows unread entries for current user. |
17 | * | 17 | * |
18 | * @Route("/{username}/{token}/unread.xml", name="unread_rss", defaults={"_format"="xml"}) | 18 | * @Route("/{username}/{token}/unread.xml", name="unread_rss", defaults={"_format"="xml"}) |
19 | * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") | 19 | * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") |
20 | * | 20 | * |
21 | * @return \Symfony\Component\HttpFoundation\Response | 21 | * @return \Symfony\Component\HttpFoundation\Response |
22 | */ | 22 | */ |
@@ -29,7 +29,7 @@ class RssController extends Controller | |||
29 | * Shows read entries for current user. | 29 | * Shows read entries for current user. |
30 | * | 30 | * |
31 | * @Route("/{username}/{token}/archive.xml", name="archive_rss") | 31 | * @Route("/{username}/{token}/archive.xml", name="archive_rss") |
32 | * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") | 32 | * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") |
33 | * | 33 | * |
34 | * @return \Symfony\Component\HttpFoundation\Response | 34 | * @return \Symfony\Component\HttpFoundation\Response |
35 | */ | 35 | */ |
@@ -42,7 +42,7 @@ class RssController extends Controller | |||
42 | * Shows starred entries for current user. | 42 | * Shows starred entries for current user. |
43 | * | 43 | * |
44 | * @Route("/{username}/{token}/starred.xml", name="starred_rss") | 44 | * @Route("/{username}/{token}/starred.xml", name="starred_rss") |
45 | * @ParamConverter("user", class="WallabagCoreBundle:User", converter="username_rsstoken_converter") | 45 | * @ParamConverter("user", class="WallabagUserBundle:User", converter="username_rsstoken_converter") |
46 | * | 46 | * |
47 | * @return \Symfony\Component\HttpFoundation\Response | 47 | * @return \Symfony\Component\HttpFoundation\Response |
48 | */ | 48 | */ |
diff --git a/src/Wallabag/CoreBundle/Controller/SecurityController.php b/src/Wallabag/CoreBundle/Controller/SecurityController.php deleted file mode 100644 index f0a7ab6d..00000000 --- a/src/Wallabag/CoreBundle/Controller/SecurityController.php +++ /dev/null | |||
@@ -1,153 +0,0 @@ | |||
1 | <?php | ||
2 | |||
3 | namespace Wallabag\CoreBundle\Controller; | ||
4 | |||
5 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; | ||
6 | use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; | ||
7 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | ||
8 | use Symfony\Component\HttpFoundation\Request; | ||
9 | use Symfony\Component\Security\Core\SecurityContext; | ||
10 | use Wallabag\CoreBundle\Form\Type\ResetPasswordType; | ||
11 | |||
12 | class SecurityController extends Controller | ||
13 | { | ||
14 | public function loginAction(Request $request) | ||
15 | { | ||
16 | $session = $request->getSession(); | ||
17 | // get the login error if there is one | ||
18 | if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) { | ||
19 | $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR); | ||
20 | } else { | ||
21 | $error = $session->get(SecurityContext::AUTHENTICATION_ERROR); | ||
22 | $session->remove(SecurityContext::AUTHENTICATION_ERROR); | ||
23 | } | ||
24 | |||
25 | return $this->render('WallabagCoreBundle:Security:login.html.twig', array( | ||
26 | // last username entered by the user | ||
27 | 'last_username' => $session->get(SecurityContext::LAST_USERNAME), | ||
28 | 'error' => $error, | ||
29 | )); | ||
30 | } | ||
31 | |||
32 | /** | ||
33 | * Request forgot password: show form. | ||
34 | * | ||
35 | * @Route("/forgot-password", name="forgot_password") | ||
36 | * | ||
37 | * @Method({"GET", "POST"}) | ||
38 | */ | ||
39 | public function forgotPasswordAction(Request $request) | ||
40 | { | ||
41 | $form = $this->createForm('forgot_password'); | ||
42 | $form->handleRequest($request); | ||
43 | |||
44 | if ($form->isValid()) { | ||
45 | $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByEmail($form->get('email')->getData()); | ||
46 | |||
47 | // generate "hard" token | ||
48 | $user->setConfirmationToken(rtrim(strtr(base64_encode(hash('sha256', uniqid(mt_rand(), true), true)), '+/', '-_'), '=')); | ||
49 | $user->setPasswordRequestedAt(new \DateTime()); | ||
50 | |||
51 | $em = $this->getDoctrine()->getManager(); | ||
52 | $em->persist($user); | ||
53 | $em->flush(); | ||
54 | |||
55 | $message = \Swift_Message::newInstance() | ||
56 | ->setSubject('Reset Password') | ||
57 | ->setFrom($this->container->getParameter('from_email')) | ||
58 | ->setTo($user->getEmail()) | ||
59 | ->setBody($this->renderView('WallabagCoreBundle:Mail:forgotPassword.txt.twig', array( | ||
60 | 'username' => $user->getUsername(), | ||
61 | 'confirmationUrl' => $this->generateUrl('forgot_password_reset', array('token' => $user->getConfirmationToken()), true), | ||
62 | ))) | ||
63 | ; | ||
64 | $this->get('mailer')->send($message); | ||
65 | |||
66 | return $this->redirect($this->generateUrl('forgot_password_check_email', | ||
67 | array('email' => $this->getObfuscatedEmail($user->getEmail())) | ||
68 | )); | ||
69 | } | ||
70 | |||
71 | return $this->render('WallabagCoreBundle:Security:forgotPassword.html.twig', array( | ||
72 | 'form' => $form->createView(), | ||
73 | )); | ||
74 | } | ||
75 | |||
76 | /** | ||
77 | * Tell the user to check his email provider. | ||
78 | * | ||
79 | * @Route("/forgot-password/check-email", name="forgot_password_check_email") | ||
80 | * | ||
81 | * @Method({"GET"}) | ||
82 | */ | ||
83 | public function checkEmailAction(Request $request) | ||
84 | { | ||
85 | $email = $request->query->get('email'); | ||
86 | |||
87 | if (empty($email)) { | ||
88 | // the user does not come from the forgotPassword action | ||
89 | return $this->redirect($this->generateUrl('forgot_password')); | ||
90 | } | ||
91 | |||
92 | return $this->render('WallabagCoreBundle:Security:checkEmail.html.twig', array( | ||
93 | 'email' => $email, | ||
94 | )); | ||
95 | } | ||
96 | |||
97 | /** | ||
98 | * Reset user password. | ||
99 | * | ||
100 | * @Route("/forgot-password/{token}", name="forgot_password_reset") | ||
101 | * | ||
102 | * @Method({"GET", "POST"}) | ||
103 | */ | ||
104 | public function resetAction(Request $request, $token) | ||
105 | { | ||
106 | $user = $this->getDoctrine()->getRepository('WallabagCoreBundle:User')->findOneByConfirmationToken($token); | ||
107 | |||
108 | if (null === $user) { | ||
109 | throw $this->createNotFoundException(sprintf('No user found with token "%s"', $token)); | ||
110 | } | ||
111 | |||
112 | $form = $this->createForm(new ResetPasswordType()); | ||
113 | $form->handleRequest($request); | ||
114 | |||
115 | if ($form->isValid()) { | ||
116 | $user->setPassword($form->get('new_password')->getData()); | ||
117 | |||
118 | $em = $this->getDoctrine()->getManager(); | ||
119 | $em->persist($user); | ||
120 | $em->flush(); | ||
121 | |||
122 | $this->get('session')->getFlashBag()->add( | ||
123 | 'notice', | ||
124 | 'The password has been reset successfully' | ||
125 | ); | ||
126 | |||
127 | return $this->redirect($this->generateUrl('login')); | ||
128 | } | ||
129 | |||
130 | return $this->render('WallabagCoreBundle:Security:reset.html.twig', array( | ||
131 | 'token' => $token, | ||
132 | 'form' => $form->createView(), | ||
133 | )); | ||
134 | } | ||
135 | |||
136 | /** | ||
137 | * Get the truncated email displayed when requesting the resetting. | ||
138 | * | ||
139 | * Keeping only the part following @ in the address. | ||
140 | * | ||
141 | * @param string $email | ||
142 | * | ||
143 | * @return string | ||
144 | */ | ||
145 | protected function getObfuscatedEmail($email) | ||
146 | { | ||
147 | if (false !== $pos = strpos($email, '@')) { | ||
148 | $email = '...'.substr($email, $pos); | ||
149 | } | ||
150 | |||
151 | return $email; | ||
152 | } | ||
153 | } | ||