src/WPXToolsBundle/Controller/UserController.php line 44

Open in your IDE?
  1. <?php
  2. declare(strict_types=1);
  3. namespace WPXToolsBundle\Controller;
  5. use PDO;
  6. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
  7. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
  8. use Symfony\Component\HttpFoundation\Request;
  9. use Symfony\Component\HttpFoundation\Response;
  10. use Symfony\Component\HttpFoundation\Session\Session;
  11. use Validator\Validator;
  12. use WPXToolsBundle\Entity\Role;
  13. use WPXToolsBundle\Entity\User;
  14. use WPXToolsBundle\Entity\UserDepartment;
  15. use WPXToolsBundle\Entity\UserPosition;
  16. use WPXToolsBundle\Form\LoginType;
  18. class UserController extends Controller
  19. {
  21.     /**
  22.      * @param Request $request
  23.      * @Route("/login", name="login")
  24.      * @return \Symfony\Component\HttpFoundation\Response
  25.      */
  26.     public function loginForm(Request $request)
  27.     {
  28.         if($request->server->get('HTTP_X_REQUESTED_WITH') === 'XMLHttpRequest'){
  29.             $response = new Response();
  30.             $response->headers->set('x-is-ajax-call'true);
  31.             return $response;
  32.         }
  33.         $login = new User();
  34.         $loginForm $this->createForm(LoginType::class, $login);
  35.         $loginForm->handleRequest($request);
  36.         $authenticationUtils $this->get('security.authentication_utils');
  37.         $error $authenticationUtils->getLastAuthenticationError();
  38.         if(($loginForm->isSubmitted() && $loginForm->isValid()) || $this->getUser()){
  39.             return $this->redirectToRoute('dashboard');
  40.         }else{
  41.             return $this->render('default/login_form.html.twig', [
  42.                 'title' => 'User Login',
  43.                 'loginForm' => $loginForm->createView(),
  44.                 'error' => $error
  45.             ]);
  46.         }
  47.     }
  49.     /**
  50.      * @Route ("/logout", name="logout")
  51.      * @return \Symfony\Component\HttpFoundation\RedirectResponse
  52.      * @internal param Request $request
  53.      */
  54.     public function logoutProcess()
  55.     {
  56.         $session = new Session();
  57.         $session->clear();
  58.         return $this->redirectToRoute('dashboard');
  59.     }
  61.     /**
  62.      * @Route("/notifications", name="user_notifications")
  63.      * @Route("/notifications/view/{id}", name="user_notifications_view_message")
  64.      * @param Request $request
  65.      * @return string
  66.      */
  67.     public function userNotifications(Request $request){
  68.         $validator = new Validator([
  69.             'id' => $request->attributes->get('id')
  70.         ], false);
  71.         $validator->validateAll([
  72.             'id' => [
  73.                 'type' => 'int',
  74.                 'required' => false,
  75.                 'msg' => 'The notification ID provided isn\'t valid.'
  76.             ]
  77.         ]);
  79.         if($validator->hasErrors()){
  80.             foreach ($validator->errors as $string){
  81.                 $this->addFlash('warning'$string);
  82.             }
  83.             return false;
  84.         }
  86.         $notificationService $this->get('user_notification');
  88.         if(!empty($validator->valid['id']))
  89.         {
  91.             $notification $notificationService->viewNotification((int)$validator->valid['id']);
  93.             if(!$notification) return $this->redirectToRoute('user_notifications');
  95.             return $this->render('default/user/notifications_view.html.twig', [
  96.                 'title' => $notification['notificationSubject'],
  97.                 'notification' => $notification
  98.             ]);
  100.         }else{
  102.             return $this->render('default/user/notifications.html.twig',[
  103.                 'notifications' => $notificationService->notifications,
  104.                 'title' => 'User notifications'
  105.             ]);
  107.         }
  109.     }
  111.     /**
  112.      * @Route("/notifications/markRead", name="notifications_mark_read")
  113.      * @param Request $request
  114.      * @return \Symfony\Component\HttpFoundation\JsonResponse
  115.      */
  116.     public function notificationMarkRead(Request $request){
  118.         if($this->get('user_notification')->setSeenNotification($request->request->get('alertId'))){
  119.             return $this->json([
  120.                 'message' => 'Successfully marked as read.',
  121.                 'status' => 0
  122.             ]);
  123.         }else{
  124.             return $this->json([
  125.                 'message' => 'Failed to mark the notification as read!',
  126.                 'status' => 1
  127.             ]);
  128.         }
  130.     }
  132.     /**
  133.      * @Route("/profile", name="user_profile")
  134.      * @Route("/profile/{id}", name="user_profile_admin")
  135.      * @param Request $request
  136.      * @return bool|\Symfony\Component\HttpFoundation\JsonResponse|\Symfony\Component\HttpFoundation\Response
  137.      */
  138.     public function userProfile(Request $request){
  140.         $validator = new Validator($_REQUEST);
  141.         $validator->validateAll([
  142.             'id' => [
  143.                 'type' => 'int',
  144.                 'required' => 0,
  145.                 'value' => $request->attributes->get('id'),
  146.                 'default' => $this->getUser()->getId()
  147.             ],
  148.             'action' => [
  149.                 'required' => false
  150.             ]
  151.         ]);
  153.         $adminCheck $this->isGranted('ROLE_ADMIN');
  155.         if($validator->hasErrors()){
  156.             foreach ($validator->errors as $string){
  157.                 $this->addFlash('warning'$string);
  158.             }
  159.             return false;
  160.         }
  162.         if( $validator->valid['action'] ){
  163.             if( !$this->updateProfile($validator->valid['id'], $adminCheck) ){
  164.                 $this->addFlash('warning''Could not update profile.');
  165.             }
  166.         }
  168.         $em $this->getDoctrine();
  169.         $user $em->getRepository(User::class)->findOneBy(['id' => $validator->valid['id']]);
  171.         if(!is_object($user)){
  172.             $this->addFlash('warning''User with this ID doesn\'t exist.');
  173.             return $this->redirectToRoute('user_staff_list');
  174.         }
  176.         if($this->getUser()->getId() != $validator->valid['id'] && !$adminCheck){
  177.             return $this->render('default/user/view_profile.html.twig',[
  178.                 'title' => 'View Profile',
  179.                 'userData' => $user
  180.             ]);
  181.         }
  183.         $roles $em->getRepository(Role::class)->findAll();
  184.         $departments $em->getRepository(UserDepartment::class)->findAll();
  185.         $positions $em->getRepository(UserPosition::class)->findAll();
  187.         $hb $this->get('hb_initialize');
  188.         $hostBillUsers $hb->makeAction('getAllUsers');
  190.         return $this->render('default/user/profile.html.twig',[
  191.             'title' => 'Edit Profile',
  192.             'userData' => $user,
  193.             'roles' => $roles,
  194.             'departments' => $departments,
  195.             'positions' => $positions,
  196.             'hbUsers' => $hostBillUsers['result'],
  197.         ]);
  199.     }
  201.     /**
  202.      * @param $userId
  203.      * @param $adminCheck
  204.      * @return bool|\Symfony\Component\HttpFoundation\JsonResponse
  205.      */
  206.     public function updateProfile($userId$adminCheck){
  208.         if($this->getUser()->getId() != $userId && !$adminCheck){
  209.             return false;
  210.         }
  212.         $validator = new Validator($_REQUESTfalse);
  213.         $validator->validateAll([
  214.             'username' => [
  215.                 'filter' => 'trim',
  216.                 'msg' => 'The username is invalid.',
  217.                 'msg_miss' => 'You haven\'t provided username.'
  218.             ],
  219.             'realname' => [
  220.                 'filter' => 'trim',
  221.                 'msg' => 'The name is invalid.',
  222.                 'msg_miss' => 'You haven\'t provided any name for the account'
  223.             ],
  224.             'fullName' => [
  225.                 'filter' => 'trim',
  226.                 'msg' => 'The name is invalid.',
  227.                 'msg_miss' => 'You haven\'t provided any name for the account'
  228.             ],
  229.             'realPosition' => [
  230.                 'filter' => 'trim',
  231.                 'msg' => 'The real position is invalid.',
  232.                 'msg_miss' => 'You haven\'t provided any real position for the account'
  233.             ],
  234.             'currentPassword' => [
  235.                 'required' => false,
  236.                 'requires' => ['newPassword''newPasswordAgain'],
  237.                 'msg' => 'The entered password is invalid',
  238.                 'msg_miss' => 'The current password wasn\'t provided'
  239.             ],
  240.             'newPassword' => [
  241.                 'required' => false,
  242.                 'requires' => ['currentPassword''newPasswordAgain'],
  243.                 'match' => '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*(_|[^\w])).+$/',
  244.                 'msg' => 'Password should be containing at least 1 lower case letter, at least 1 upper case letter, at least 1 digit and at least 1 special symbol.',
  245.                 'msg_miss' => 'No new password provided.'
  246.             ],
  247.             'newPasswordAgain' => [
  248.                 'required' => false,
  249.                 'requires' => ['currentPassword''newPassword'],
  250.                 'match' => '/^(?=.*[a-z])(?=.*[A-Z])(?=.*\d)(?=.*(_|[^\w])).+$/',
  251.                 'msg' => 'Password should be the same as the previous field.',
  252.                 'msg_miss' => 'You should repeat the new password.'
  253.             ],
  254.             'email' => [
  255.                 'type' => 'email',
  256.                 'msg' => 'The email address isn\'t valid.',
  257.                 'msg_miss' => 'You haven\'t provided any email address.'
  258.             ],
  259.             'skype' => [
  260.                 'filter' => 'trim',
  261.                 'required' => false,
  262.                 'msg' => 'The provided Skype name isn\'t valid'
  263.             ],
  264.             'mobileNumber' => [
  265.                 'match' => '/^\+?\d{6,12}$/',
  266.                 'required' => false,
  267.                 'msg' => 'Invalid mobile number provided. Should be containing digits only and starting with +359 or 0 only.',
  268.                 'msg_miss' => 'No mobile number provided'
  269.             ],
  270.             'birthdate' => [
  271.                 'type' => 'date',
  272.                 'filter' => 'trim',
  273.                 'required' => false,
  274.                 'msg' => 'The birth date is invalid.',
  275.                 'msg_miss' => 'No birth date provided.'
  277.             ],
  278.             'canUsePLAfter' => [
  279.                 'type' => 'date',
  280.                 'filter' => 'trim',
  281.                 'required' => false,
  282.                 'msg' => 'The paid leave date is invalid.',
  283.                 'msg_miss' => 'No paid leave date provided.'
  285.             ],
  286.             'paidLeaveDays' => [
  287.                 'type' => 'int',
  288.                 'required' => false,
  289.                 'msg' => 'The paid leave value is invalid.',
  290.                 'msg_miss' => 'No paid leave value provided.'
  291.             ],
  292.             'isActive' => [
  293.                 'match' => ['on''off'],
  294.                 'required' => false,
  295.                 'msg' => 'Invalid active status provided.'
  296.             ],
  297.             'popupNotifications' => [
  298.                 'match' => ['on''off'],
  299.                 'required' => false,
  300.                 'msg' => 'Invalid popup notification status provided.'
  301.             ],
  302.             'userRole' => [
  303.                 'type' => 'int',
  304.                 'required' => false,
  305.                 'msg' => 'Invalid user Role provided.'
  306.             ],
  307.             'positions' => [
  308.                 'type' => 'int',
  309.                 'msg' => 'Invalid user Position provided.'
  310.             ],
  311.             'hostBillUser' => [
  312.                 'type' => 'int',
  313.                 'required' => false,
  314.                 'msg' => 'Invalid hostBillUser ID provided.'
  315.             ]
  316.         ]);
  318.         if($validator->hasErrors()){
  319.             foreach ($validator->errors as $string){
  320.                 $this->addFlash('warning'$string);
  321.             }
  322.             return false;
  323.         }
  325.         $valid $validator->valid;
  327.         $em $this->getDoctrine();
  329.         $user $em->getRepository(User::class)->findOneBy(['id'=>$userId]);
  331.         if($valid['hostBillUser'] !== $user->getHostBillId() && $adminCheck) {
  332.             $checkHBUser $em->getRepository(User::class)->findOneBy(['hostBillId' => $valid['hostBillUser']]);
  333.             if (is_object($checkHBUser) && $valid['hostBillUser'] !== && $checkHBUser->getId() !== $user->getId()) {
  334.                 $this->addFlash('warning'$checkHBUser->getRealName() . ' is already related with this HostBill account. Two users can\'t have the same HostBill account relation.');
  335.                 return false;
  336.             }else{
  337.                 $user->setHostBillId($valid['hostBillUser']);
  338.             }
  339.         }
  341.         $currentPassword = (!$adminCheck) ? password_verify($valid['currentPassword'], $user->getPassword()) : true;
  343.         if(!empty($valid['newPassword']) && $currentPassword){
  345.             if($valid['newPassword'] == $valid['newPasswordAgain']){
  346.                 $password $this->get('security.password_encoder')->encodePassword($user$valid['newPassword']);
  347.                 $user->setPassword($password);
  349.             }else{
  351.                 $this->addFlash('warning''The new passwords do not match.');
  352.             }
  354.         }else{
  356.             if(!empty($valid['currentPassword'])){
  357.                 $this->addFlash('warning''The current password doesn\'t match. New password was NOT updated.');
  358.             }elseif(!empty($valid['newPassword'])){
  359.                 $this->addFlash('warning''New password was entered but either wrong or no password was provided as current.');
  360.             }
  362.         }
  363.         if($adminCheck){
  364.             $position $em->getRepository(UserPosition::class)->findOneBy(['id'=>$valid['positions']]);
  365.             $user->setRealName($valid['realname']);
  366.             $user->setUsername($valid['username']);
  367.             $user->setEmail($valid['email']);
  369.             if ($valid['realPosition']) {
  370.                 $user->setDepartmentNameInCyrillic($valid['realPosition']);
  371.             }
  373.             if($valid['canUsePLAfter']){
  374.                 $user->setPaidLeaveDaysDate(new \DateTime($valid['canUsePLAfter']));
  375.             }else{
  376.                 $user->setPaidLeaveDaysDate(NULL);
  377.             }
  378.             $user->setPaidLeaveDays($valid['paidLeaveDays']);
  379.             $user->setPosition($position);
  380.             if($valid['userRole'] === && !$this->isGranted('ROLE_SUPER_ADMIN')) {
  381.                 $roleId 1;
  382.             }else{
  383.                 $roleId $valid['userRole'];
  384.             }
  385.             $sql "UPDATE users_roles SET role_id = :roleId WHERE user_id = :userId";
  386.             $query $em->getConnection()->prepare($sql);
  387.             $query->execute([
  388.                 'roleId' => $roleId,
  389.                 'userId' => $userId
  390.             ]);
  391.             $active = ($valid['isActive'] == 'on') ?  :  0;
  392.             $popupNotifications = ($valid['popupNotifications'] == 'on') ?  :  0;
  394.             $user->setIsActive($active);
  395.             $user->setPopupNotifications($popupNotifications);
  396.         }
  398.         if ($valid['fullName']) {
  399.             $user->setNameInCyrillic($valid['fullName']);
  400.         }
  402.         $user->setSkype($valid['skype']);
  403.         $user->setPhoneNumber($valid['mobileNumber']);
  404.         if($valid['birthdate']){
  405.             $user->setBirthDate(new \DateTime($valid['birthdate']));
  406.         }else{
  407.             $user->setBirthDate(NULL);
  408.         }
  410.         $em->getManager()->flush();
  411.         $this->addFlash('success''Profile has been updated successfully.');
  412.         return true;
  413.     }
  415.     /**
  416.      * @Route("/getPositions", name="get_positions")
  417.      */
  418.     public function getPositions(){
  419.         $validator = new Validator($_REQUESTfalse);
  420.         $validator->validateAll([
  421.             'departmentId' => [
  422.                 'type' => 'int'
  423.             ]
  424.         ]);
  426.         if($validator->hasErrors()){
  427.             foreach ($validator->errors as $string){
  428.                 $this->addFlash('warning'$string);
  429.             }
  430.             return false;
  431.         }
  433.         $em $this->getDoctrine();
  435.         $sql "SELECT positionName, id FROM users_positions WHERE department_id = :departmentId";
  436.         $query $em->getConnection()->prepare($sql);
  437.         $query->execute([
  438.             'departmentId' => $validator->valid['departmentId']
  439.         ]);
  440.         $positions $query->fetchAll();
  442.         return $this->json([
  443.             'message' => 'Shifts have been successfully retrieved.',
  444.             'status' => 0,
  445.             'data' => $positions
  446.         ]);
  447.     }
  449.     /**
  450.      * @Route("/staff", name="user_staff_list")
  451.      */
  452.     public function staffList(){
  453.         $em $this->getDoctrine()->getConnection();
  455.         $sqlStaffList "SELECT d.DepartmentName, u.id, u.realName, u.email, u.skype, u.phoneNumber, u.isActive, p.positionName
  456.                            FROM users as u
  457.                            INNER JOIN users_positions as p ON u.position_id = p.id
  458.                            INNER JOIN users_departments as d ON p.department_id = d.id
  459.                            WHERE u.isActive = '1'
  460.                            ORDER BY d.sortOrder ASC, p.positionPriority ASC";
  461.         $queryStaffList $em->prepare($sqlStaffList);
  462.         $queryStaffList->execute();
  463.         $staffList $queryStaffList->fetchAll(PDO::FETCH_GROUP);
  465.         return $this->render('default/user/staff_list.html.twig',[
  466.             'title' => 'Staff list',
  467.             'staffList' => $staffList
  468.         ]);
  469.     }
  471.     /**
  472.      * @Route("/pull/data", name="pull_data")
  473.      * @param Request $request
  474.      * @return \Symfony\Component\HttpFoundation\JsonResponse
  475.      */
  476.     public function pullData(Request $request){
  478.         /**
  479.          * List all the data that will be pulled and returned in the JSON.
  480.          */
  481.         $notifications $this->get('user_notification');
  482.         $activity $this->get('user_activity')->refreshActivity($request->headers->get('referer'));
  484.         return $this->json([
  485.             'message' => 'OK',
  486.             'status' => 0,
  487.             'data' => [
  488.                 'notifications' => $notifications->notificationsUnseen,
  489.                 'activity' => ($activity['status'] === 0) ? $activity['data'] : 'Failed to update activity.',
  490.                 'feedbackChats' => $notifications->notificationFeedbackChats,
  491.                 'feedbackTickets' => $notifications->notificationFeedbackTickets,
  492.                 'assignedIssues' => $notifications->notificationAssignedIssues
  493.             ]
  494.         ]);
  496.     }
  497. }