diff --git a/src/Controller/UserController.php b/src/Controller/UserController.php index e65cac7..ee1808b 100644 --- a/src/Controller/UserController.php +++ b/src/Controller/UserController.php @@ -79,18 +79,18 @@ class UserController extends AbstractController $this->denyAccessUnlessGranted('ROLE_USER'); // Utilisateur courant (acting user) via UserService - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); // Chargement de l'utilisateur cible à afficher $user = $this->userRepository->find($id); if (!$user) { - $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'utilisateur demandé n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } //if hasAccessTo is false, turn to true and denie access - if (!$this->userService->hasAccessTo($user)) { - $this->loggerService->logAccessDenied($actingUser->getId()); + if (!$this->userService->isAdminOfUser($user)) { + $this->loggerService->logAccessDenied($actingUser->getUserIdentifier()); $this->addFlash('danger', "Vous n'avez pas accès à cette information."); throw new AccessDeniedHttpException (self::ACCESS_DENIED); } @@ -105,7 +105,7 @@ class UserController extends AbstractController } catch (\Exception $e) { $this->loggerService->logError('error while loading user information', [ 'target_user_id' => $id, - 'acting_user_id' => $actingUser->getId(), + 'acting_user_id' => $actingUser->getUserIdentifier(), 'error' => $e->getMessage(), ]); $this->addFlash('danger', 'Une erreur est survenue lors du chargement des informations utilisateur.'); @@ -122,15 +122,15 @@ class UserController extends AbstractController public function edit(int $id, Request $request): Response { $this->denyAccessUnlessGranted('ROLE_USER'); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); $user = $this->userRepository->find($id); if (!$user) { - $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'utilisateur demandé n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } try { - if ($this->userService->hasAccessTo($user)) { + if ($this->userService->isAdminOfUser($user)) { $form = $this->createForm(UserForm::class, $user); $form->handleRequest($request); @@ -144,31 +144,31 @@ class UserController extends AbstractController $this->entityManager->flush(); //log and action - $this->loggerService->logUserAction($user->getId(), $actingUser->getId(), 'User information edited'); + $this->loggerService->logUserAction($user->getId(), $actingUser->getUserIdentifier(), 'User information edited'); $orgId = $request->get('organizationId'); if ($orgId) { $org = $this->organizationRepository->find($orgId); if ($org) { $this->actionService->createAction("Edit user information", $actingUser, $org, $user->getUserIdentifier()); - $this->loggerService->logUserAction($user->getId(), $actingUser->getId(), 'User information edited'); + $this->loggerService->logUserAction($user->getId(), $actingUser->getUserIdentifier(), 'User information edited'); if ($this->isGranted('ROLE_SUPER_ADMIN')) { $this->loggerService->logSuperAdmin( $user->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), "Super Admin accessed user edit page", ); } $this->addFlash('success', 'Information modifié avec success.'); return $this->redirectToRoute('user_show', ['id' => $user->getId(), 'organizationId' => $orgId]); } - $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'organisation n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } if ($this->isGranted('ROLE_SUPER_ADMIN')) { $this->loggerService->logSuperAdmin( $user->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), "Super Admin accessed user edit page", ); } @@ -183,7 +183,7 @@ class UserController extends AbstractController 'organizationId' => $request->get('organizationId') ]); } - $this->loggerService->logAccessDenied($actingUser->getId()); + $this->loggerService->logAccessDenied($actingUser->getUserIdentifier()); $this->addFlash('danger', "Accès non autorisé."); throw $this->createAccessDeniedException(self::ACCESS_DENIED); } catch (\Exception $e) { @@ -200,7 +200,7 @@ class UserController extends AbstractController { $this->denyAccessUnlessGranted('ROLE_USER'); try { - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser =$this->getUser(); $user = new User(); $form = $this->createForm(UserForm::class, $user); @@ -210,17 +210,17 @@ class UserController extends AbstractController if ($orgId) { $org = $this->organizationRepository->find($orgId); if (!$org) { - $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'organisation n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } if (!$this->isGranted('ROLE_ADMIN') && !$this->userService->isAdminOfOrganization($org)) { - $this->loggerService->logAccessDenied($actingUser->getId()); + $this->loggerService->logAccessDenied($actingUser->getUserIdentifier()); $this->addFlash('danger', "Accès non autorisé."); throw $this->createAccessDeniedException(self::ACCESS_DENIED); } } else{ - $this->loggerService->logAccessDenied($actingUser->getId()); + $this->loggerService->logAccessDenied($actingUser->getUserIdentifier()); $this->addFlash('danger', "Accès non autorisé."); throw $this->createAccessDeniedException(self::ACCESS_DENIED); } @@ -238,7 +238,7 @@ class UserController extends AbstractController if ($this->isGranted('ROLE_ADMIN')) { $this->loggerService->logSuperAdmin( $existingUser->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), "Super Admin linked user to organization", $org->getId(), ); @@ -287,12 +287,12 @@ class UserController extends AbstractController { $this->denyAccessUnlessGranted('ROLE_ADMIN'); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser =$this->getUser(); $status = $request->request->get('status'); try { $user = $this->userRepository->find($id); if (!$user) { - $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } @@ -308,12 +308,12 @@ class UserController extends AbstractController $user->setModifiedAt(new \DateTimeImmutable('now')); $this->entityManager->persist($user); $this->entityManager->flush(); - $this->loggerService->logUserAction($user->getId(), $actingUser->getId(), 'User deactivated'); + $this->loggerService->logUserAction($user->getId(), $actingUser->getUserIdentifier(), 'User deactivated'); if ($this->isGranted('ROLE_SUPER_ADMIN')) { $this->loggerService->logSuperAdmin( $user->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), 'Super admin deactivated user' ); } @@ -329,13 +329,13 @@ class UserController extends AbstractController $user->setModifiedAt(new \DateTimeImmutable('now')); $this->entityManager->persist($user); $this->entityManager->flush(); - $this->loggerService->logUserAction($user->getId(), $actingUser->getId(), 'User activated'); + $this->loggerService->logUserAction($user->getId(), $actingUser->getUserIdentifier(), 'User activated'); if ($this->isGranted('ROLE_SUPER_ADMIN')) { $this->loggerService->logSuperAdmin( $user->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), 'Super admin activated user' ); } @@ -370,18 +370,18 @@ class UserController extends AbstractController public function activateStatusOrganization(int $id, Request $request): JsonResponse { $this->denyAccessUnlessGranted('ROLE_USER'); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); try { $user = $this->userRepository->find($id); if (!$user) { - $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } if ($this->userService->isAdminOfUser($user)) { $orgId = $request->get('organizationId'); $org = $this->organizationRepository->find($orgId); if (!$org) { - $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } @@ -389,7 +389,7 @@ class UserController extends AbstractController 'organization' => $org]); if (!$uo) { $this->loggerService->logEntityNotFound('UsersOrganization', ['user_id' => $user->getId(), - 'organization_id' => $org->getId()], $actingUser->getId()); + 'organization_id' => $org->getId()], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } $status = $request->get('status'); @@ -401,7 +401,7 @@ class UserController extends AbstractController $data = ['user' => $user, 'organization' => $org]; $this->organizationsService->notifyOrganizationAdmins($data, "USER_DEACTIVATED"); - $this->loggerService->logOrganizationInformation($org->getId(), $actingUser->getId(), "UO link deactivated with uo id : {$uo->getId()}"); + $this->loggerService->logOrganizationInformation($org->getId(), $actingUser->getUserIdentifier(), "UO link deactivated with uo id : {$uo->getId()}"); $this->actionService->createAction("Deactivate user in organization", $actingUser, $org, $org->getName() . " for user " . $user->getUserIdentifier()); return new JsonResponse(['status' => 'deactivated'], Response::HTTP_OK); } @@ -409,7 +409,7 @@ class UserController extends AbstractController $uo->setIsActive(true); $this->entityManager->persist($uo); $this->entityManager->flush(); - $this->loggerService->logOrganizationInformation($orgId, $actingUser->getId(), "UO link activated with uo id : {$uo->getId()}"); + $this->loggerService->logOrganizationInformation($orgId, $actingUser->getUserIdentifier(), "UO link activated with uo id : {$uo->getId()}"); $this->actionService->createAction("Activate user in organization", $actingUser, $org, $org->getName() . " for user " . $user->getUserIdentifier()); $data = ['user' => $user, 'organization' => $org]; @@ -435,13 +435,13 @@ class UserController extends AbstractController { $this->denyAccessUnlessGranted('ROLE_SUPER_ADMIN'); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); try { $user = $this->userRepository->find($id); if (!$user) { // Security/audit log for missing user - $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $id], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'utilisateur demandé n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } @@ -454,7 +454,7 @@ class UserController extends AbstractController $user->setModifiedAt(new \DateTimeImmutable('now')); // Deactivate all org links $this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, $user); - $this->loggerService->logOrganizationInformation($user->getId(), $actingUser->getId(), 'All user organization links deactivated'); + $this->loggerService->logOrganizationInformation($user->getId(), $actingUser->getUserIdentifier(), 'All user organization links deactivated'); // Revoke tokens if connected if ($this->userService->isUserConnected($user->getUserIdentifier())) { @@ -464,13 +464,13 @@ class UserController extends AbstractController $this->entityManager->flush(); // User management log - $this->loggerService->logUserAction($user->getId(), $actingUser->getId(), 'User deleted'); + $this->loggerService->logUserAction($user->getId(), $actingUser->getUserIdentifier(), 'User deleted'); // Super admin log (standardized style) if ($this->isGranted('ROLE_SUPER_ADMIN')) { $this->loggerService->logSuperAdmin( $user->getId(), - $actingUser->getId(), + $actingUser->getUserIdentifier(), 'Super admin deleted user' ); } @@ -514,18 +514,18 @@ class UserController extends AbstractController public function applicationRole(int $id, Request $request): Response { $this->denyAccessUnlessGranted("ROLE_ADMIN"); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); if ($this->userService->hasAccessTo($actingUser, true)) { $uo = $this->entityManager->getRepository(UsersOrganizations::class)->find($id); if (!$uo) { - $this->loggerService->logEntityNotFound('UsersOrganization', ['id' => $id], $actingUser->getId()); + $this->loggerService->logEntityNotFound('UsersOrganization', ['id' => $id], $actingUser->getUserIdentifier()); $this->addFlash('danger', "La liaison utilisateur-organisation n'existe pas."); throw new NotFoundHttpException("UserOrganization not found"); } $application = $this->entityManager->getRepository(Apps::class)->find($request->get('appId')); if (!$application) { - $this->loggerService->logEntityNotFound('Application', ['id' => $request->get('appId')], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Application', ['id' => $request->get('appId')], $actingUser->getUserIdentifier()); $this->addFlash('danger', "L'application demandée n'existe pas."); throw $this->createNotFoundException(self::NOT_FOUND); } @@ -533,7 +533,7 @@ class UserController extends AbstractController $selectedRolesIds = $request->get('roles', []); $roleUser = $this->entityManager->getRepository(Roles::class)->findOneBy(['name' => 'USER']); if (!$roleUser) { - $this->loggerService->logEntityNotFound('Role', ['name' => 'USER'], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Role', ['name' => 'USER'], $actingUser->getUserIdentifier()); $this->addFlash('danger', "Le role de l'utilisateur n'existe pas."); throw $this->createNotFoundException('User role not found'); } @@ -638,7 +638,7 @@ class UserController extends AbstractController #[Route(path: '/data/new', name: 'dataNew', methods: ['GET'])] public function dataNew(Request $request): JsonResponse { - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); if ($this->userService->hasAccessTo($actingUser, true) && $this->isGranted("ROLE_USER")) { $orgId = $request->query->get('orgId'); $uos = $this->uoRepository->findBy(['organization' => $orgId, 'statut' => ["ACCEPTED", "INVITED"]], @@ -674,7 +674,7 @@ class UserController extends AbstractController #[Route(path: '/data/admin', name: 'dataAdmin', methods: ['GET'])] public function dataAdmin(Request $request): JsonResponse { - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); if ($this->userService->hasAccessTo($actingUser, true) && $this->isGranted("ROLE_USER")) { $orgId = $request->query->get('orgId'); $uos = $this->uoRepository->findBy(['organization' => $orgId]); @@ -715,7 +715,7 @@ class UserController extends AbstractController #[Route(path: '/data/organization', name: 'dataUserOrganization', methods: ['GET'])] public function dataUserOrganization(Request $request): JsonResponse { - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); if ($this->userService->hasAccessTo($actingUser, true) && $this->isGranted("ROLE_USER")) { $orgId = $request->query->get('orgId'); @@ -774,17 +774,17 @@ class UserController extends AbstractController public function resendInvitation(int $userId, Request $request): JsonResponse { $this->denyAccessUnlessGranted("ROLE_ADMIN"); - $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); + $actingUser = $this->getUser(); if ($this->userService->hasAccessTo($actingUser, true)) { $orgId = $request->get('organizationId'); $org = $this->organizationRepository->find($orgId); if (!$org) { - $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getId()); + $this->loggerService->logEntityNotFound('Organization', ['id' => $orgId], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } $user = $this->userRepository->find($userId); if (!$user) { - $this->loggerService->logEntityNotFound('User', ['id' => $user->getId()], $actingUser->getId()); + $this->loggerService->logEntityNotFound('User', ['id' => $user->getId()], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } $token = $this->userService->generatePasswordToken($user, $org->getId()); @@ -797,7 +797,7 @@ class UserController extends AbstractController if (!$uo) { $this->loggerService->logEntityNotFound('UsersOrganization', [ 'user_id' => $user->getId(), - 'organization_id' => $orgId], $actingUser->getId()); + 'organization_id' => $orgId], $actingUser->getUserIdentifier()); throw $this->createNotFoundException(self::NOT_FOUND); } $uo->setModifiedAt(new \DateTimeImmutable()); @@ -811,7 +811,7 @@ class UserController extends AbstractController $this->loggerService->logCritical('Error while resending invitation', [ 'target_user_id' => $user->getId(), 'organization_id' => $orgId, - 'acting_user_id' => $actingUser->getId(), + 'acting_user_id' => $actingUser->getUserIdentifier(), 'error' => $e->getMessage(), ]); return $this->json(['message' => 'Erreur lors de l\'envoie du mail.'], Response::HTTP_INTERNAL_SERVER_ERROR);