src/Controller/ProfileController.php line 314

Open in your IDE?
  1. <?php
  3. namespace App\Controller;
  5. use App\Entity\User;
  6. use App\Entity\Role;
  7. use App\Utils\EmailSignature;
  8. use App\Utils\XmlRender;
  9. use App\Form\ChangePasswordFormType;
  10. use Doctrine\ORM\EntityManagerInterface;
  11. use App\Service\UserSession;
  12. use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
  13. use Symfony\Component\Filesystem\Filesystem;
  14. use Symfony\Component\HttpFoundation\Request;
  15. use Symfony\Component\HttpFoundation\Response;
  16. use Symfony\Component\Routing\Annotation\Route;
  17. use Symfony\Component\Process\Process;
  18. use Symfony\Component\Process\Exception\ProcessFailedException;
  19. use Symfony\Component\Ldap\Adapter\ExtLdap\Adapter;
  20. use Symfony\Component\Ldap\Ldap;
  21. use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
  22. use Symfony\Component\Form\Form;
  23. use Sabre\VObject\Component\VCard;
  24. use Sabre\VObject\Document;
  26. class ProfileController extends AbstractController
  27. {
  28.     private $pdo;
  30.     #[Route('/profile'name'profile')]
  31.     public function profile(Request $requestUserSession $userSession): Response
  32.     {
  33.         if (!$user $this->getUser()) return $this->redirectToRoute('login');
  34.         else $userData $userSession->getEntryFromSession();
  36.         $type preg_split('/@/',$user->getUsername());
  37.         $vcard = new VCard([
  38.             'FN'  =>  mb_convert_case($userData->getFirstname(), MB_CASE_TITLE"UTF-8").' '.preg_replace(array('/\bVon\b/u','/\bDe\b/u'), array('von','de'), mb_convert_case($userData->getLastname(), MB_CASE_TITLE"UTF-8")),
  39.             'N'   => [ preg_replace(array('/\bVon\b/u','/\bDe\b/u'), array('von','de'), mb_convert_case($userData->getLastname(), MB_CASE_TITLE"UTF-8")),  mb_convert_case($userData->getFirstname(), MB_CASE_TITLE"UTF-8"), ''''''],
  40.             'ROLE'  => $userData->getDepartment(),
  41.             'TITLE'  => mb_convert_case($userData->getJob(), MB_CASE_TITLE"UTF-8"),
  42.             'NOTE'  => 'Site '.$userData->getOrganization(),
  43.         ]);
  44.         $vcard->add('ADR', [''''$userData->getStreet(), $userData->getCity(), ''$userData->getZipcode()], ['type' => 'work']);
  45.         if($type[1] == 'batiformes.com' || $type[1] == 'scorev.fr'$vcard->add('EMAIL'$user->getUsername(), ['type' => 'work']);
  46.         if($userData->getPhone() != ''$vcard->add('TEL'$userData->getPhone(), ['type' => 'work']);
  47.         if($userData->getMobile() != ''$vcard->add('TEL'$userData->getMobile(), ['type' => 'cell']);
  48.         if($userData->getFax() != ''$vcard->add('TEL'$userData->getFax(), ['type' => 'fax']);
  49.         if($userData->getOrganization() == 'SCOREV'){
  50.             $vcard->add('ORG''SCOREV');
  51.             $vcard->add('URL''https://www.scorev.fr', ['type' => 'work']);
  52.             $vcard->add('PHOTO''https://www.scorev.fr/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  53.         }
  54.         if($userData->getOrganization() == 'TOLARTOIS'){
  55.             $vcard->add('ORG''TOLARTOIS');
  56.             $vcard->add('URL''https://www.tolartois.com', ['type' => 'work']);
  57.             $vcard->add('PHOTO''https://www.tolartois.com/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  58.         }
  59.         if($userData->getOrganization() != 'TOLARTOIS' && $userData->getOrganization() != 'SCOREV'){
  60.             $vcard->add('ORG''Bati Formes');
  61.             $vcard->add('URL''https://www.batiformes.com', ['type' => 'work']);
  62.             $vcard->add('PHOTO''https://www.batiformes.com/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  63.         }
  64.         $vcard $vcard->convert(Document::VCARD30);
  65.         $vcard base64_encode($vcard->serialize());
  68.         $nickhandle preg_split('/@/',$user->getUsername());
  69.         $qrcode $request->getScheme() . '://' $request->getHttpHost() . '/qr-code/png/' $userData->getWeb() . '/vcard/' preg_replace('/\./''-'$nickhandle[0]) . '.html';
  71.         $signature = new EmailSignature();
  72.         $email $signature->signature($userData,$user->getUsername(),$vcard);
  74.         $password $this->createForm(ChangePasswordFormType::class);
  75.         $password->handleRequest($request);
  78.         /*$defaultData = ['message' => 'Type your message here'];
  79.         $form = $this->createFormBuilder($defaultData)
  80.             ->add('name', TextType::class)
  81.             ->add('email', EmailType::class)
  82.             ->add('message', TextareaType::class)
  83.             ->add('send', SubmitType::class)
  84.             ->getForm();
  86.         $form->handleRequest($request);*/
  89.         return $this->render('profile/index.html.twig', [
  90.             'title_meta' => 'Mon compte utilisateur',
  91.             'page' => 'profile',
  92.             'user' => $userData,
  93.             'vcard' => $vcard,
  94.             'qrcode' => $qrcode,
  95.             'email' => $email,
  96.             'password' => $password->createView(),
  97.         ]);
  98.     }
  100.     #[Route('/profile/password'name'profile_pswd')]
  101.     public function profile_pswd(Request $requestAdapter $ldapAdapterEntityManagerInterface $entityManagerUserPasswordHasherInterface $passwordEncoder): Response
  102.     {
  103.         if (!$user $this->getUser()) return $this->redirectToRoute('login');
  104.         
  105.         $form $this->createForm(ChangePasswordFormType::class);
  106.         $form->handleRequest($request);
  108.         if ($form->isSubmitted()){
  109.             if (!$form->isValid()) {
  110.                 $data = [
  111.                     'alert' => 'error',
  112.                     'message' => $this->getErrorMessages($form)
  113.                 ];
  114.             }
  115.             if($form->isValid()) {
  116.                 $userpassword '{SHA}' base64_encode(sha1$form->get('plainPassword')->getData(), TRUE ));
  117.                 $ldap = new Ldap($ldapAdapter);
  118.                 $ldap->bind($this->getParameter('app.ldap_service_user').','.$this->getParameter('app.ldap_service_dn'), $this->getParameter('app.ldap_service_password'));
  119.                 $entryManager $ldap->getEntryManager();
  120.                 $query $ldap->query($this->getParameter('app.ldap_service_dn'), '(&(uid='.$user->getUsername().'))');
  121.                 $result $query->execute()->toArray();
  122.                 $entry $result[0];
  123.                 $entry->setAttribute('userPassword', [$userpassword]);
  124.                 $entryManager->update($entry);
  125.                 $password $passwordEncoder->hashPassword($this->getUser(), $form->get('plainPassword')->getData());
  126.                 $entityManager->getRepository(User::class)->upgradePassword($this->getUser(),$password);
  127.                 $bdd $this->getDatabaseConnection();
  128.                 $sabrePswdUpdate $bdd->prepare("UPDATE `users` SET `digesta1`= md5('".$user->getUsername().":BaikalDAV:".$form->get('plainPassword')->getData()."') WHERE `username`='".$user->getUsername()."' ");
  129.                 $sabrePswdUpdate->execute();
  130.                 $file '/opt/picapport/.picapport/users/user/'.$user->getUsername().'/'.$user->getUsername().'.xml';
  131.                 $xmlUser = new XmlRender();
  132.                 $xmlUser->user_edit($file,$form->get('plainPassword')->getData());
  133.                 $pathToPicApportScript "/home/websites/scripts/picapport.sh";
  134.                 $process = new Process(['sh'$pathToPicApportScript]);
  135.                 $process->run();
  136.                 $bdd null;
  138.                 $data = [
  139.                     'alert' => 'success',
  140.                     'message' => 'Votre mot de passe a été modifié.'
  141.                 ];
  142.             }
  143.         } else {
  144.             $data = [
  145.                 'alert' => 'error',
  146.                 'message' => 'Une erreur est intervenue.'
  147.             ];
  148.         }
  149.         return $this->json(
  150.             $data,
  151.             headers: ['Content-Type' => 'application/json;charset=UTF-8']
  152.         );
  153.     }
  155.     #[Route('/profile/add'name'profile_add')]
  156.     public function profile_add(Request $requestAdapter $ldapAdapterEntityManagerInterface $entityManagerUserSession $userSession): Response
  157.     {
  158.         $submittedToken $request->request->get('token');
  159.         if ($this->isCsrfTokenValid('picture-add'$submittedToken))
  160.         {
  161.             if ($_FILES['file']['size'] != '0') {
  162.                 $userSession->getEntryFromSession();
  163.                 $data file_get_contents($_FILES['file']['tmp_name']);
  164.                 $picture base64_encode($data);
  165.                 $ldap = new Ldap($ldapAdapter);
  166.                 $ldap->bind($this->getParameter('app.ldap_service_user').','.$this->getParameter('app.ldap_service_dn'), $this->getParameter('app.ldap_service_password'));
  167.                 $entryManager $ldap->getEntryManager();
  168.                 $query $ldap->query($this->getParameter('app.ldap_service_dn'), '(&(uid='.$this->getUser()->getUsername().'))');
  169.                 $result $query->execute()->toArray();
  170.                 $entry $result[0];
  171.                 $entryManager->addAttributeValues($entry'jpegPhoto', [$picture]);
  172.                 $userSession->addImageFromSession($picture);
  173.                 $data = [
  174.                     'alert' => 'success',
  175.                     'message' => 'data:image/jpeg;base64,'.$picture
  176.                 ];
  177.             }
  178.             else{
  179.                 $data = [
  180.                     'alert' => 'danger',
  181.                     'message' => "Aucun finchié n'a été récupéré."
  182.                 ];
  183.             }
  184.             return $this->json(
  185.                 $data,
  186.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  187.             );
  188.         } else {
  189.             $data = [
  190.                 'alert' => 'danger',
  191.                 'message' => 'Problème de CRSF.'
  192.             ];
  193.             return $this->json(
  194.                 $data,
  195.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  196.             );
  197.         }
  198.     }
  200.     #[Route('/profile/delete'name'profile_delete')]
  201.     public function profile_delete(Request $requestAdapter $ldapAdapterEntityManagerInterface $entityManagerUserSession $userSession): Response
  202.     {
  203.         $submittedToken $request->request->get('token');
  204.         if ($this->isCsrfTokenValid('picture-delete'$submittedToken))
  205.         {
  206.             $ldap = new Ldap($ldapAdapter);
  207.             $ldap->bind($this->getParameter('app.ldap_service_user').','.$this->getParameter('app.ldap_service_dn'), $this->getParameter('app.ldap_service_password'));
  208.             $entryManager $ldap->getEntryManager();
  209.             $query $ldap->query($this->getParameter('app.ldap_service_dn'), '(&(uid='.$this->getUser()->getUsername().'))');
  210.             $result $query->execute()->toArray();
  211.             $entry $result[0];
  212.             $entryManager->removeAttributeValues($entry'jpegPhoto', []);
  213.             $userSession->deleteImageFromSession();
  214.             $data = [
  215.                 'alert' => 'success',
  216.                 'message' => '/assets/images/avatar.jpg'
  217.             ];
  218.             return $this->json(
  219.                 $data,
  220.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  221.             );
  222.         } else {
  223.             $data = [
  224.                 'alert' => 'danger',
  225.                 'message' => 'Problème de CRSF.'
  226.             ];
  227.             return $this->json(
  228.                 $data,
  229.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  230.             );
  231.         }
  232.     }
  234.     #[Route('/profile/notify'name'profile_notify')]
  235.     public function profile_notify(Request $requestEntityManagerInterface $entityManager): Response
  236.     {
  237.         $submittedToken $request->request->get('token');
  238.         if ($this->isCsrfTokenValid('notifications-token'$submittedToken))
  239.         {
  240.             $user $this->getUser();
  241.             $notifications $user->getParameters();
  242.             foreach($notifications as $key => $value){
  243.                 if($key == $request->request->get('id')) {
  244.                     if($request->request->get('box') == 0$notification false;
  245.                     if($request->request->get('box') == 1$notification true;
  246.                     $notifications[$key] = $notification;
  247.                 }
  248.             }
  249.             $user->setParameters($notifications);
  250.             $entityManager->persist($user);
  251.             $entityManager->flush();
  252.     
  253.             $data = [
  254.                 'alert' => 'success',
  255.                 'message' => 'Vos péférences ont été updatées'
  256.             ];
  257.             return $this->json(
  258.                 $data,
  259.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  260.             );
  261.         } else {
  262.             $data = [
  263.                 'alert' => 'error',
  264.                 'message' => 'Problème de CRSF.'
  265.             ];
  266.             return $this->json(
  267.                 $data,
  268.                 headers: ['Content-Type' => 'application/json;charset=UTF-8']
  269.             );
  270.         }
  271.     }
  273.     #[Route('/vcard/{_site}/{_id}'name'vcard')]
  274.     public function vcard(Adapter $ldapAdapterEntityManagerInterface $entityManagerstring $_sitestring $_id): Response
  275.     {
  276.         $ext '@batiformes.com';
  277.         if($_site == 'SCOREV'$ext '@scorev.fr';
  278.         $mail preg_replace('/-/','.',$_id).$ext;
  279.         $data = [];
  280.         
  281.         $ldap = new Ldap($ldapAdapter);
  282.         $ldap->bind($this->getParameter('app.ldap_service_user').','.$this->getParameter('app.ldap_service_dn'), $this->getParameter('app.ldap_service_password'));
  283.         $query $ldap->query($this->getParameter('app.ldap_service_dn'), '(&(uid='.$mail.'))');
  284.         $result $query->execute()->toArray();
  285.         $entry $result[0];
  286.         if(!empty($entry)){
  287.             $role $entityManager->getRepository(Role::class)->findOneBy(array("description" => $entry->getAttribute('o')[0]));
  289.             $vcard = new VCard([
  290.                 'FN'  =>  mb_convert_case($entry->getAttribute('givenName')[0], MB_CASE_TITLE"UTF-8").' '.preg_replace(array('/\bVon\b/u','/\bDe\b/u'), array('von','de'), mb_convert_case($entry->getAttribute('sn')[0], MB_CASE_TITLE"UTF-8")),
  291.                 'N'   => [ ucfirst($entry->getAttribute('sn')[0]),  mb_convert_case($entry->getAttribute('givenName')[0], MB_CASE_TITLE"UTF-8"), ''''''],
  292.                 'ROLE'  => $entry->getAttribute('departmentNumber')[0],
  293.                 'TITLE'  => mb_convert_case($entry->getAttribute('title')[0], MB_CASE_TITLE"UTF-8"),
  294.                 'NOTE'  => 'Site '.$entry->getAttribute('o')[0],
  295.             ]);
  296.             $vcard->add('ADR', [''''$role->getData()['direction'], $role->getData()['city'], ''$role->getData()['zipcode']], ['type' => 'work']);
  297.             $vcard->add('EMAIL'$mail, ['type' => 'work']);
  298.             if($entry->hasAttribute('telephoneNumber')) $vcard->add('TEL'$entry->getAttribute('telephoneNumber')[0], ['type' => 'work']);
  299.             if($entry->hasAttribute('mobile')) $vcard->add('TEL'$entry->getAttribute('mobile')[0], ['type' => 'cell']);
  300.             if($entry->hasAttribute('facsimileTelephoneNumber')) $vcard->add('TEL'$entry->getAttribute('facsimileTelephoneNumber')[0], ['type' => 'fax']);
  301.             if($_site == 'SCOREV'){
  302.                 $vcard->add('ORG''SCOREV');
  303.                 $vcard->add('URL''https://www.scorev.fr', ['type' => 'work']);
  304.                 $vcard->add('PHOTO''https://www.scorev.fr/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  305.             }
  306.             if($_site == 'TOLARTOIS'){
  307.                 $vcard->add('ORG''TOLARTOIS');
  308.                 $vcard->add('URL''https://www.tolartois.com', ['type' => 'work']);
  309.                 $vcard->add('PHOTO''https://www.tolartois.com/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  310.             }
  311.             if($_site != 'TOLARTOIS' && $_site != 'SCOREV'){
  312.                 $vcard->add('ORG''Bati Formes');
  313.                 $vcard->add('URL''https://www.batiformes.com', ['type' => 'work']);
  314.                 $vcard->add('PHOTO''https://www.batiformes.com/assets/images/vcard/logo_vcard.jpg', ['type' => 'JPEG']);
  315.             }
  316.             $vcard $vcard->convert(Document::VCARD30);
  317.     
  318.             $data['email'] = $mail;
  319.             $data['name'] = strtoupper($entry->getAttribute('sn')[0]);
  320.             $data['firstname'] = ucfirst($entry->getAttribute('givenName')[0]);
  321.             $data['activity'] = ucfirst($entry->getAttribute('title')[0]);
  322.             $data['mobile'] = ($entry->hasAttribute('mobile') ? $entry->getAttribute('mobile')[0] : '');
  323.             $data['mobileFormated'] = chunk_split($data['mobile'], 2" ");
  324.             $data['phone'] = ($entry->hasAttribute('telephoneNumber') ? $entry->getAttribute('telephoneNumber')[0] : '');
  325.             $data['phoneFormated'] = chunk_split($data['phone'], 2" ");
  326.             $data['street'] = $role->getData()['direction'];
  327.             $data['city'] = $role->getData()['city'];
  328.             $data['zipcode'] = $role->getData()['zipcode'];
  329.             $data['lat'] = $role->getData()['lat'];
  330.             $data['lng'] = $role->getData()['lng'];
  331.             $data['map'] = $role->getData()['gmap'];
  332.             $data['vcard'] = base64_encode($vcard->serialize());
  333.         }
  335.         return $this->json(
  336.             $data,
  337.             headers: ['Content-Type' => 'application/json;charset=UTF-8']
  338.         );
  339.     }
  341.     private function getDatabaseConnection()
  342.     { 
  343.         if ($this->pdo === null) {
  344.             $this->pdo = new \PDO('mysql:host=ma77924-001.dbaas.ovh.net:35815;dbname='.$this->getParameter('app.sabre_bdd'),'sabre','d4cvRR2bNvqsbmC68yPFJJa1ACw87DD');
  345.             $this->pdo->setAttribute(\PDO::ATTR_ERRMODE\PDO::ERRMODE_EXCEPTION);
  346.             $this->pdo->query("SET NAMES 'UTF8'"); 
  347.         }
  348.         return $this->pdo;
  349.     }
  350.     
  351.     // Generate an array contains a key -> value with the errors where the key is the name of the form field
  352.     protected function getErrorMessages(Form $form
  353.     {
  354.         $errors = array();
  355.         foreach ($form->getErrors() as $key => $error) {
  356.             $errors[] = $error->getMessage();
  357.         }
  359.         foreach ($form->all() as $child) {
  360.             if (!$child->isValid()) {
  361.                 $errors[$child->getName()] = $this->getErrorMessages($child);
  362.             }
  363.         }
  365.         return $errors;
  366.     }    
  367. }