Completed
Push — master ( 5f7378...7a35f9 )
by Paweł
08:11
created

UserController::__construct()   A

Complexity

Conditions 1
Paths 1

Size

Total Lines 11

Duplication

Lines 0
Ratio 0 %

Importance

Changes 0
Metric Value
dl 0
loc 11
rs 9.9
c 0
b 0
f 0
cc 1
nc 1
nop 4
1
<?php
2
3
declare(strict_types=1);
4
5
/*
6
 * This file is part of the Superdesk Web Publisher User Bundle.
7
 *
8
 * Copyright 2016 Sourcefabric z.ú. and contributors.
9
 *
10
 * For the full copyright and license information, please see the
11
 * AUTHORS and LICENSE files distributed with this source code.
12
 *
13
 * @copyright 2016 Sourcefabric z.ú
14
 * @license http://www.superdesk.org/license
15
 */
16
17
namespace SWP\Bundle\UserBundle\Controller;
18
19
use FOS\UserBundle\Model\UserManagerInterface;
20
use Nelmio\ApiDocBundle\Annotation\Model;
21
use Nelmio\ApiDocBundle\Annotation\Operation;
22
use Swagger\Annotations as SWG;
23
use SWP\Bundle\SettingsBundle\Context\ScopeContextInterface;
24
use SWP\Bundle\SettingsBundle\Exception\InvalidScopeException;
25
use SWP\Bundle\SettingsBundle\Form\Type\SettingType;
26
use SWP\Bundle\SettingsBundle\Manager\SettingsManagerInterface;
27
use SWP\Bundle\SettingsBundle\Model\SettingsInterface;
28
use SWP\Bundle\UserBundle\Form\Type\UserRolesType;
29
use SWP\Bundle\UserBundle\Model\UserInterface;
30
use SWP\Component\Common\Response\ResponseContext;
31
use SWP\Component\Common\Response\SingleResourceResponse;
32
use SWP\Component\Common\Response\SingleResourceResponseInterface;
33
use SWP\Component\Storage\Repository\RepositoryInterface;
34
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
35
use Symfony\Component\Form\FormFactoryInterface;
36
use Symfony\Component\HttpFoundation\Request;
37
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
38
use Symfony\Component\Routing\Annotation\Route;
39
use Symfony\Component\Security\Core\Authorization\AuthorizationCheckerInterface;
40
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
41
42
class UserController extends AbstractController
43
{
44
    protected $settingsManager;
45
46
    protected $scopeContext;
47
48
    protected $formFactory;
49
50
    protected $userRepository;
51
52
    public function __construct(
53
        SettingsManagerInterface $settingsManager,
54
        ScopeContextInterface $scopeContext,
55
        FormFactoryInterface $formFactory,
56
        RepositoryInterface $userRepository
57
    ) {
58
        $this->settingsManager = $settingsManager;
59
        $this->scopeContext = $scopeContext;
60
        $this->formFactory = $formFactory;
61
        $this->userRepository = $userRepository;
62
    }
63
64
    /**
65
     * @Operation(
66
     *     tags={"user"},
67
     *     summary="Change user roles",
68
     *     @SWG\Parameter(
69
     *         name="body",
70
     *         in="body",
71
     *         @SWG\Schema(
72
     *             ref=@Model(type=UserRolesType::class)
73
     *         )
74
     *     ),
75
     *     @SWG\Response(
76
     *         response="200",
77
     *         description="Returned on success.",
78
     *         @Model(type=\SWP\Bundle\CoreBundle\Model\User::class, groups={"api"})
79
     *     ),
80
     *     @SWG\Response(
81
     *         response="404",
82
     *         description="Returned on user not found."
83
     *     ),
84
     *     @SWG\Response(
85
     *         response="403",
86
     *         description="Returned when user don't have permissions to change roles"
87
     *     )
88
     * )
89
     *
90
     *
91
     * @Route("/api/{version}/users/{id}/promote", methods={"PATCH"}, options={"expose"=true}, defaults={"version"="v2"}, name="swp_api_user_promote_user")
92
     * @Route("/api/{version}/users/{id}/demote", methods={"PATCH"}, options={"expose"=true}, defaults={"version"="v2"}, name="swp_api_user_demote_user")
93
     */
94
    public function modifyRoles(Request $request, $id, UserManagerInterface $userManager, AuthorizationCheckerInterface $authorizationChecker)
95
    {
96
        $requestedUser = $this->userRepository->find($id);
97
        if (!is_object($requestedUser) || !$requestedUser instanceof UserInterface) {
98
            throw new NotFoundHttpException('Requested user don\'t exists');
99
        }
100
101
        if (!$authorizationChecker->isGranted('ROLE_ADMIN')) {
102
            throw new AccessDeniedException('This user does not have access to this section.');
103
        }
104
105
        $form = $this->formFactory->createNamed('', UserRolesType::class, [], ['method' => $request->getMethod()]);
106
        $form->handleRequest($request);
107
        if ($form->isSubmitted() && $form->isValid()) {
108
            /* @var $userManager UserManagerInterface */
109
            foreach (explode(',', $form->getData()['roles']) as $role) {
110
                $role = trim($role);
111
                if ('swp_api_user_promote_user' === $request->attributes->get('_route')) {
112
                    $requestedUser->addRole($role);
113
                } elseif ('swp_api_user_demote_user' === $request->attributes->get('_route')) {
114
                    $requestedUser->removeRole($role);
115
                }
116
            }
117
            $userManager->updateUser($requestedUser);
118
119
            return new SingleResourceResponse($requestedUser);
120
        }
121
122
        return new SingleResourceResponse($form);
123
    }
124
125
    /**
126
     * @Operation(
127
     *     tags={"user"},
128
     *     summary="Get user settings",
129
     *     @SWG\Response(
130
     *         response="200",
131
     *         description="Returned on success.",
132
     *         @Model(type=\SWP\Bundle\CoreBundle\Model\User::class, groups={"api"})
133
     *     ),
134
     *     @SWG\Response(
135
     *         response="401",
136
     *         description="Returned on user not found."
137
     *     )
138
     * )
139
     *
140
     * @Route("/api/{version}/users/settings/", methods={"GET"}, options={"expose"=true}, defaults={"version"="v2"}, name="swp_api_user_get_settings")
141
     */
142
    public function listSettings(): SingleResourceResponseInterface
143
    {
144
        $user = $this->getUser();
145
        if (!$user instanceof UserInterface) {
146
            return new SingleResourceResponse([
147
                'status' => 401,
148
                'message' => 'Unauthorized',
149
            ], new ResponseContext(401));
150
        }
151
152
        $settings = $this->settingsManager->getByScopeAndOwner(ScopeContextInterface::SCOPE_USER, $user);
0 ignored issues
show
Documentation introduced by
$user is of type object<SWP\Bundle\UserBundle\Model\UserInterface>, but the function expects a object<SWP\Bundle\Settin...SettingsOwnerInterface>.

It seems like the type of the argument is not accepted by the function/method which you are calling.

In some cases, in particular if PHP’s automatic type-juggling kicks in this might be fine. In other cases, however this might be a bug.

We suggest to add an explicit type cast like in the following example:

function acceptsInteger($int) { }

$x = '123'; // string "123"

// Instead of
acceptsInteger($x);

// we recommend to use
acceptsInteger((integer) $x);
Loading history...
153
154
        return new SingleResourceResponse($settings);
155
    }
156
157
    /**
158
     * @Operation(
159
     *     tags={"user"},
160
     *     summary="Update user setting",
161
     *     @SWG\Parameter(
162
     *         name="body",
163
     *         in="body",
164
     *         @SWG\Schema(
165
     *             ref=@Model(type=SettingType::class)
166
     *         )
167
     *     ),
168
     *     @SWG\Response(
169
     *         response="200",
170
     *         description="Returned on success.",
171
     *         @Model(type=\SWP\Bundle\CoreBundle\Model\Settings::class, groups={"api"})
172
     *     ),
173
     *     @SWG\Response(
174
     *         response="404",
175
     *         description="Setting not found"
176
     *     )
177
     * )
178
     *
179
     * @Route("/api/{version}/users/settings/", methods={"PATCH"}, options={"expose"=true}, defaults={"version"="v2"}, name="swp_api_user_update_settings")
180
     */
181 View Code Duplication
    public function updateSettings(Request $request): SingleResourceResponseInterface
0 ignored issues
show
Duplication introduced by
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
182
    {
183
        $form = $this->formFactory->createNamed('', SettingType::class, [], [
184
            'method' => $request->getMethod(),
185
        ]);
186
187
        $form->handleRequest($request);
188
        if ($form->isSubmitted() && $form->isValid()) {
189
            $data = $form->getData();
190
191
            /** @var SettingsInterface $setting */
192
            $setting = $this->settingsManager->getOneSettingByName($data['name']);
193
            $scope = $setting['scope'];
194
195
            if (null === $setting || ScopeContextInterface::SCOPE_USER !== $scope) {
196
                throw new NotFoundHttpException('Setting with this name was not found.');
197
            }
198
199
            $owner = null;
200
            if (ScopeContextInterface::SCOPE_GLOBAL !== $scope) {
201
                $owner = $this->scopeContext->getScopeOwner($scope);
202
                if (null === $owner) {
203
                    throw new InvalidScopeException($scope);
204
                }
205
            }
206
207
            $setting = $this->settingsManager->set($data['name'], $data['value'], $scope, $owner);
208
209
            return new SingleResourceResponse($setting);
210
        }
211
212
        return new SingleResourceResponse($form, new ResponseContext(400));
213
    }
214
}
215