1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
declare(strict_types=1); |
4
|
|
|
|
5
|
|
|
/* |
6
|
|
|
* This file is part of the Superdesk Web Publisher User Bundle. |
7
|
|
|
* |
8
|
|
|
* Copyright 2016 Sourcefabric z.ú. and contributors. |
9
|
|
|
* |
10
|
|
|
* For the full copyright and license information, please see the |
11
|
|
|
* AUTHORS and LICENSE files distributed with this source code. |
12
|
|
|
* |
13
|
|
|
* @copyright 2016 Sourcefabric z.ú |
14
|
|
|
* @license http://www.superdesk.org/license |
15
|
|
|
*/ |
16
|
|
|
|
17
|
|
|
namespace SWP\Bundle\UserBundle\Controller; |
18
|
|
|
|
19
|
|
|
use FOS\UserBundle\Model\UserManagerInterface; |
20
|
|
|
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route; |
21
|
|
|
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Method; |
22
|
|
|
use Nelmio\ApiDocBundle\Annotation\ApiDoc; |
23
|
|
|
use SWP\Bundle\UserBundle\Form\Type\UserRolesType; |
24
|
|
|
use SWP\Bundle\UserBundle\Model\UserInterface; |
25
|
|
|
use SWP\Component\Common\Response\SingleResourceResponse; |
26
|
|
|
use Symfony\Bundle\FrameworkBundle\Controller\Controller; |
27
|
|
|
use Symfony\Component\HttpFoundation\Request; |
28
|
|
|
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException; |
29
|
|
|
use Symfony\Component\Security\Core\Exception\AccessDeniedException; |
30
|
|
|
|
31
|
|
|
class UserController extends Controller |
32
|
|
|
{ |
33
|
|
|
/** |
34
|
|
|
* Add new Roles for User. |
35
|
|
|
* |
36
|
|
|
* @ApiDoc( |
37
|
|
|
* resource=true, |
38
|
|
|
* description="Change user roles", |
39
|
|
|
* statusCodes={ |
40
|
|
|
* 200="Returned on success.", |
41
|
|
|
* 404="Returned on user not found.", |
42
|
|
|
* 403="Returned when user don't have permissions to change roles" |
43
|
|
|
* }, |
44
|
|
|
* input="SWP\Bundle\UserBundle\Form\Type\UserRolesType" |
45
|
|
|
* ) |
46
|
|
|
* @Route("/api/{version}/users/{id}/promote", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_user_promote_user") |
47
|
|
|
* @Route("/api/{version}/users/{id}/demote", options={"expose"=true}, defaults={"version"="v1"}, name="swp_api_user_demote_user") |
48
|
|
|
* @Method("PATCH") |
49
|
|
|
*/ |
50
|
|
|
public function modifyRolesAction(Request $request, $id) |
51
|
|
|
{ |
52
|
|
|
$requestedUser = $this->container->get('swp.repository.user')->find($id); |
53
|
|
|
if (!is_object($requestedUser) || !$requestedUser instanceof UserInterface) { |
54
|
|
|
throw new NotFoundHttpException('Requested user don\'t exists'); |
55
|
|
|
} |
56
|
|
|
|
57
|
|
|
if (!$this->get('security.authorization_checker')->isGranted('ROLE_ADMIN')) { |
58
|
|
|
throw new AccessDeniedException('This user does not have access to this section.'); |
59
|
|
|
} |
60
|
|
|
|
61
|
|
|
$form = $this->createForm(UserRolesType::class, [], ['method' => $request->getMethod()]); |
62
|
|
|
$form->handleRequest($request); |
63
|
|
|
if ($form->isSubmitted() && $form->isValid()) { |
64
|
|
|
/** @var $userManager UserManagerInterface */ |
65
|
|
|
$userManager = $this->get('fos_user.user_manager'); |
66
|
|
|
foreach (explode(',', $form->getData()['roles']) as $role) { |
67
|
|
|
$role = trim($role); |
68
|
|
|
if ('swp_api_user_promote_user' === $request->attributes->get('_route')) { |
69
|
|
|
$requestedUser->addRole($role); |
70
|
|
|
} elseif ('swp_api_user_demote_user' === $request->attributes->get('_route')) { |
71
|
|
|
$requestedUser->removeRole($role); |
72
|
|
|
} |
73
|
|
|
} |
74
|
|
|
$userManager->updateUser($requestedUser); |
75
|
|
|
|
76
|
|
|
return new SingleResourceResponse($requestedUser); |
77
|
|
|
} |
78
|
|
|
|
79
|
|
|
return new SingleResourceResponse($form); |
80
|
|
|
} |
81
|
|
|
} |
82
|
|
|
|