diff options
Diffstat (limited to 'src/Wallabag/UserBundle')
-rw-r--r-- | src/Wallabag/UserBundle/Controller/ManageController.php | 70 |
1 files changed, 19 insertions, 51 deletions
diff --git a/src/Wallabag/UserBundle/Controller/ManageController.php b/src/Wallabag/UserBundle/Controller/ManageController.php index 08ed25dd..b9fd8660 100644 --- a/src/Wallabag/UserBundle/Controller/ManageController.php +++ b/src/Wallabag/UserBundle/Controller/ManageController.php | |||
@@ -8,7 +8,6 @@ use Pagerfanta\Adapter\DoctrineORMAdapter; | |||
8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; | 8 | use Pagerfanta\Exception\OutOfRangeCurrentPageException; |
9 | use Pagerfanta\Pagerfanta; | 9 | use Pagerfanta\Pagerfanta; |
10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; | 10 | use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
11 | use Symfony\Component\Form\FormInterface; | ||
12 | use Symfony\Component\HttpFoundation\Request; | 11 | use Symfony\Component\HttpFoundation\Request; |
13 | use Symfony\Component\Routing\Annotation\Route; | 12 | use Symfony\Component\Routing\Annotation\Route; |
14 | use Wallabag\UserBundle\Entity\User; | 13 | use Wallabag\UserBundle\Entity\User; |
@@ -32,10 +31,10 @@ class ManageController extends Controller | |||
32 | // enable created user by default | 31 | // enable created user by default |
33 | $user->setEnabled(true); | 32 | $user->setEnabled(true); |
34 | 33 | ||
35 | $form = $this->createEditForm('NewUserType', $user, $request); | 34 | $form = $this->createForm('Wallabag\UserBundle\Form\NewUserType', $user); |
35 | $form->handleRequest($request); | ||
36 | 36 | ||
37 | if ($form->isSubmitted() && $form->isValid()) { | 37 | if ($form->isSubmitted() && $form->isValid()) { |
38 | $user = $this->handleOtp($form, $user); | ||
39 | $userManager->updateUser($user); | 38 | $userManager->updateUser($user); |
40 | 39 | ||
41 | // dispatch a created event so the associated config will be created | 40 | // dispatch a created event so the associated config will be created |
@@ -66,10 +65,25 @@ class ManageController extends Controller | |||
66 | $userManager = $this->container->get('fos_user.user_manager'); | 65 | $userManager = $this->container->get('fos_user.user_manager'); |
67 | 66 | ||
68 | $deleteForm = $this->createDeleteForm($user); | 67 | $deleteForm = $this->createDeleteForm($user); |
69 | $form = $this->createEditForm('UserType', $user, $request); | 68 | $form = $this->createForm('Wallabag\UserBundle\Form\UserType', $user); |
69 | $form->handleRequest($request); | ||
70 | |||
71 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | ||
72 | if ($this->getParameter('twofactor_auth') && true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { | ||
73 | $form->get('googleTwoFactor')->setData(true); | ||
74 | } | ||
70 | 75 | ||
71 | if ($form->isSubmitted() && $form->isValid()) { | 76 | if ($form->isSubmitted() && $form->isValid()) { |
72 | $user = $this->handleOtp($form, $user); | 77 | // handle creation / reset of the OTP secret if checkbox changed from the previous state |
78 | if ($this->getParameter('twofactor_auth')) { | ||
79 | if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | ||
80 | $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret()); | ||
81 | $user->setEmailTwoFactor(false); | ||
82 | } elseif (false === $form->get('googleTwoFactor')->getData() && true === $user->isGoogleAuthenticatorEnabled()) { | ||
83 | $user->setGoogleAuthenticatorSecret(null); | ||
84 | } | ||
85 | } | ||
86 | |||
73 | $userManager->updateUser($user); | 87 | $userManager->updateUser($user); |
74 | 88 | ||
75 | $this->get('session')->getFlashBag()->add( | 89 | $this->get('session')->getFlashBag()->add( |
@@ -172,50 +186,4 @@ class ManageController extends Controller | |||
172 | ->getForm() | 186 | ->getForm() |
173 | ; | 187 | ; |
174 | } | 188 | } |
175 | |||
176 | /** | ||
177 | * Create a form to create or edit a User entity. | ||
178 | * | ||
179 | * @param string $type Might be NewUserType or UserType | ||
180 | * @param User $user The new / edit user | ||
181 | * @param Request $request The request | ||
182 | * | ||
183 | * @return FormInterface | ||
184 | */ | ||
185 | private function createEditForm($type, User $user, Request $request) | ||
186 | { | ||
187 | $form = $this->createForm('Wallabag\UserBundle\Form\\' . $type, $user); | ||
188 | $form->handleRequest($request); | ||
189 | |||
190 | // `googleTwoFactor` isn't a field within the User entity, we need to define it's value in a different way | ||
191 | if (true === $user->isGoogleAuthenticatorEnabled() && false === $form->isSubmitted()) { | ||
192 | $form->get('googleTwoFactor')->setData(true); | ||
193 | } | ||
194 | |||
195 | return $form; | ||
196 | } | ||
197 | |||
198 | /** | ||
199 | * Handle OTP update, taking care to only have one 2fa enable at a time. | ||
200 | * | ||
201 | * @see ConfigController | ||
202 | * | ||
203 | * @param FormInterface $form | ||
204 | * @param User $user | ||
205 | * | ||
206 | * @return User | ||
207 | */ | ||
208 | private function handleOtp(FormInterface $form, User $user) | ||
209 | { | ||
210 | if (true === $form->get('googleTwoFactor')->getData() && false === $user->isGoogleAuthenticatorEnabled()) { | ||
211 | $user->setGoogleAuthenticatorSecret($this->get('scheb_two_factor.security.google_authenticator')->generateSecret()); | ||
212 | $user->setEmailTwoFactor(false); | ||
213 | |||
214 | return $user; | ||
215 | } | ||
216 | |||
217 | $user->setGoogleAuthenticatorSecret(null); | ||
218 | |||
219 | return $user; | ||
220 | } | ||
221 | } | 189 | } |