1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace App\Service\User; |
4
|
|
|
|
5
|
|
|
use App\Entity\User\Organization; |
6
|
|
|
use App\Entity\User\User; |
7
|
|
|
use Doctrine\ORM\EntityManagerInterface; |
8
|
|
|
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface; |
9
|
|
|
|
10
|
|
|
class UserManager |
11
|
|
|
{ |
12
|
|
|
/** |
13
|
|
|
* @var EntityManagerInterface |
14
|
|
|
*/ |
15
|
|
|
private $em; |
16
|
|
|
|
17
|
|
|
/** |
18
|
|
|
* @var UserPasswordEncoderInterface |
19
|
|
|
*/ |
20
|
|
|
private $encoder; |
21
|
|
|
|
22
|
|
|
public function __construct(EntityManagerInterface $em, UserPasswordEncoderInterface $encoder) |
23
|
|
|
{ |
24
|
|
|
$this->em = $em; |
25
|
|
|
$this->encoder = $encoder; |
26
|
|
|
} |
27
|
|
|
|
28
|
|
|
/** |
29
|
|
|
* Creates a user. |
30
|
|
|
* |
31
|
|
|
* @return string The user's password |
32
|
|
|
* |
33
|
|
|
* @throws \Exception if it was not possible to gather sufficient entropy |
34
|
|
|
*/ |
35
|
|
|
public function addNewUser(string $username, Organization $org, ?string $plainPassword = null, ?string $role = null, ?int $status = null): string |
36
|
|
|
{ |
37
|
|
|
if (null === $plainPassword || empty(trim($plainPassword))) { |
38
|
|
|
// if there is no password, make something ugly up |
39
|
|
|
$plainPassword = rtrim(strtr(base64_encode(random_bytes(15)), '+/', '-_'), '='); |
40
|
|
|
} |
41
|
|
|
|
42
|
|
|
if (null === $role) { |
43
|
|
|
$role = 'ROLE_USER'; |
44
|
|
|
} |
45
|
|
|
if (0 !== strpos($role, 'ROLE_')) { |
46
|
|
|
$role = 'ROLE_'.preg_replace('/[^A-Z]/', '_', strtoupper($role)); |
47
|
|
|
} |
48
|
|
|
|
49
|
|
|
if (!in_array($role, array_merge(User::USER_ROLES, ['ROLE_USER']), true)) { |
50
|
|
|
throw new \InvalidArgumentException("Role {$role} is not a valid role."); |
51
|
|
|
} |
52
|
|
|
|
53
|
|
|
$user = new User($username); |
54
|
|
|
$user->setOrg($org); |
55
|
|
|
$password = $this->encoder->encodePassword($user, $plainPassword); |
56
|
|
|
$user->setPassword($password); |
57
|
|
|
$user->addRole($role); |
58
|
|
|
if (User::ACTIVE === $status) { |
59
|
|
|
$user->activateUser(); |
60
|
|
|
} |
61
|
|
|
|
62
|
|
|
$this->em->persist($user); |
63
|
|
|
|
64
|
|
|
return $plainPassword; |
65
|
|
|
} |
66
|
|
|
|
67
|
|
|
/** |
68
|
|
|
* Sets the password for a user. |
69
|
|
|
* |
70
|
|
|
* @return string The user's password |
71
|
|
|
* |
72
|
|
|
* @throws \Exception if it was not possible to gather sufficient entropy |
73
|
|
|
*/ |
74
|
|
|
public function setUserPassword(string $username, ?string $plainPassword = null): string |
75
|
|
|
{ |
76
|
|
|
if (null === $plainPassword || empty(trim($plainPassword))) { |
77
|
|
|
// if there is no password, make something ugly up |
78
|
|
|
$plainPassword = rtrim(strtr(base64_encode(random_bytes(15)), '+/', '-_'), '='); |
79
|
|
|
} |
80
|
|
|
|
81
|
|
|
$user = $this->loadUserByUsername($username); |
82
|
|
|
if (null === $user) { |
83
|
|
|
throw new \InvalidArgumentException(sprintf('The user "%s" does not exist.', $username)); |
84
|
|
|
} |
85
|
|
|
$password = $this->encoder->encodePassword($user, $plainPassword); |
86
|
|
|
$user->setPassword($password); |
87
|
|
|
|
88
|
|
|
return $plainPassword; |
89
|
|
|
} |
90
|
|
|
|
91
|
|
|
/** |
92
|
|
|
* Add a role to a user. |
93
|
|
|
* |
94
|
|
|
* @throws \InvalidArgumentException |
95
|
|
|
*/ |
96
|
|
|
public function addRoleToUser(string $username, string $role): void |
97
|
|
|
{ |
98
|
|
|
$user = $this->loadUserByUsername($username); |
99
|
|
|
if (null === $user) { |
100
|
|
|
throw new \InvalidArgumentException(sprintf('The user "%s" does not exist.', $username)); |
101
|
|
|
} |
102
|
|
|
|
103
|
|
|
$user->addRole($role); |
104
|
|
|
} |
105
|
|
|
|
106
|
|
|
/** |
107
|
|
|
* Remove a role from a user. |
108
|
|
|
* |
109
|
|
|
* @throws \InvalidArgumentException |
110
|
|
|
*/ |
111
|
|
|
public function removeRoleFromUser(string $username, string $role): void |
112
|
|
|
{ |
113
|
|
|
$user = $this->loadUserByUsername($username); |
114
|
|
|
if (null === $user) { |
115
|
|
|
throw new \InvalidArgumentException(sprintf('The user "%s" does not exist.', $username)); |
116
|
|
|
} |
117
|
|
|
|
118
|
|
|
$user->removeRole($role); |
119
|
|
|
} |
120
|
|
|
|
121
|
|
|
public function loadUserByUsername(string $username): ?User |
122
|
|
|
{ |
123
|
|
|
return $this->em->getRepository(User::class)->loadUserByUsername($username); |
124
|
|
|
} |
125
|
|
|
} |
126
|
|
|
|