Charles-Edouard
/
Easy_solution
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor monolog of organization controller

This commit is contained in:
Charles 2025-12-09 11:40:20 +01:00
parent 530c7df5e2
commit 6b4ad1d6fd
2 changed files with 68 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
src/Controller/OrganizationController.php
View File

@ -12,14 +12,17 @@ use App\Form\OrganizationForm;
use App\Repository\OrganizationsRepository; use App\Repository\OrganizationsRepository;
use App\Service\ActionService; use App\Service\ActionService;
use App\Service\AwsService; use App\Service\AwsService;
use App\Service\LoggerService;
use App\Service\OrganizationsService; use App\Service\OrganizationsService;
use App\Service\UserOrganizationService; use App\Service\UserOrganizationService;
use App\Service\UserService; use App\Service\UserService;
use Doctrine\ORM\EntityManagerInterface; use Doctrine\ORM\EntityManagerInterface;
use Exception; use Exception;
use Psr\Log\LoggerInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\JsonResponse; use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\HttpFoundation\Request; use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use Symfony\Component\Routing\Attribute\Route; use Symfony\Component\Routing\Attribute\Route;
use App\Entity\Organizations; use App\Entity\Organizations;
use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Response;
@ -37,7 +40,7 @@ class OrganizationController extends AbstractController
private readonly ActionService $actionService, private readonly ActionService $actionService,
private readonly UserOrganizationService $userOrganizationService, private readonly UserOrganizationService $userOrganizationService,
private readonly OrganizationsRepository $organizationsRepository, private readonly OrganizationsRepository $organizationsRepository,
private readonly AwsService $awsService) private readonly AwsService $awsService, private readonly LoggerService $loggerService, private readonly LoggerInterface $logger)
{ {
} }
@ -50,7 +53,6 @@ class OrganizationController extends AbstractController
if ($this->isGranted("ROLE_SUPER_ADMIN")) { if ($this->isGranted("ROLE_SUPER_ADMIN")) {
$organizations = $this->organizationsRepository->findBy(['isDeleted' => false]); $organizations = $this->organizationsRepository->findBy(['isDeleted' => false]);
} else { } else {
//get all the UO of the user //get all the UO of the user
$uos = $this->entityManager->getRepository(UsersOrganizations::class)->findBy(['users' => $user]); $uos = $this->entityManager->getRepository(UsersOrganizations::class)->findBy(['users' => $user]);
@ -100,6 +102,8 @@ class OrganizationController extends AbstractController
try { try {
$this->entityManager->persist($organization); $this->entityManager->persist($organization);
$this->entityManager->flush(); $this->entityManager->flush();
$this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(), "Organization Created");
$this->loggerService->logSuperAdmin($actingUser->getId(), $organization->getId(), $actingUser->getId(), "Organization Created");
$this->actionService->createAction("Create Organization", $actingUser, $organization, $organization->getName()); $this->actionService->createAction("Create Organization", $actingUser, $organization, $organization->getName());
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} catch (Exception $e) { } catch (Exception $e) {
@ -124,20 +128,33 @@ class OrganizationController extends AbstractController
$actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
$organization = $this->organizationsRepository->find($id); $organization = $this->organizationsRepository->find($id);
if (!$organization) { if (!$organization) {
$this->loggerService->logEntityNotFound('Organization', [
'org_id' => $id,
'message' => 'Organization not found for edit'], $actingUser->getId()
);
$this->addFlash('error', self::NOT_FOUND); $this->addFlash('error', self::NOT_FOUND);
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
if (!$this->isGranted("ROLE_SUPER_ADMIN")) { if (!$this->isGranted("ROLE_SUPER_ADMIN")) {
//check if the user is admin of the organization //check if the user is admin of the organization
$user = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $uo = $this->entityManager->getRepository(UsersOrganizations::class)->findOneBy(['users' => $actingUser, 'organization' => $organization]);
$uo = $this->entityManager->getRepository(UsersOrganizations::class)->findOneBy(['users' => $user, 'organization' => $organization]);
if (!$uo) { if (!$uo) {
$this->loggerService->logEntityNotFound('UO link', [
'user_id' => $actingUser->getId(),
'org_id' => $organization->getId(),
'message' => 'UO link not found for edit organization'
], $actingUser->getId());
$this->addFlash('error', self::ACCESS_DENIED); $this->addFlash('error', self::ACCESS_DENIED);
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
$roleAdmin = $this->entityManager->getRepository(Roles::class)->findOneBy(['name' => 'ADMIN']); $roleAdmin = $this->entityManager->getRepository(Roles::class)->findOneBy(['name' => 'ADMIN']);
$uoaAdmin = $this->entityManager->getRepository(UserOrganizatonApp::class)->findOneBy(['userOrganization' => $uo, 'role' => $roleAdmin]); $uoaAdmin = $this->entityManager->getRepository(UserOrganizatonApp::class)->findOneBy(['userOrganization' => $uo, 'role' => $roleAdmin]);
if (!$uoaAdmin) { if (!$uoaAdmin) {
$this->loggerService->logEntityNotFound('UOA link', [
'uo_id' => $uo->getId(),
'role_id' => $roleAdmin->getId(),
'message' => 'UOA link not found for edit organization, user is not admin of organization'
], $actingUser->getId());
$this->addFlash('error', self::ACCESS_DENIED); $this->addFlash('error', self::ACCESS_DENIED);
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
@ -152,6 +169,10 @@ class OrganizationController extends AbstractController
try { try {
$this->entityManager->persist($organization); $this->entityManager->persist($organization);
$this->entityManager->flush(); $this->entityManager->flush();
$this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(), "Organization Edited");
if ($this->isGranted("ROLE_SUPER_ADMIN")) {
$this->loggerService->logSuperAdmin($actingUser->getId(), $organization->getId(), $actingUser->getId(), "Organization Edited");
}
$this->actionService->createAction("Edit Organization", $actingUser, $organization, $organization->getName()); $this->actionService->createAction("Edit Organization", $actingUser, $organization, $organization->getName());
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} catch (Exception $e) { } catch (Exception $e) {
@ -171,28 +192,18 @@ class OrganizationController extends AbstractController
$organization = $this->organizationsRepository->find($id); $organization = $this->organizationsRepository->find($id);
$actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
if (!$organization) { if (!$organization) {
$this->loggerService->logEntityNotFound('Organization', [
'org_id' => $id,
'message' => 'Organization not found for view'
], $actingUser->getId());
$this->addFlash('error', self::NOT_FOUND); $this->addFlash('error', self::NOT_FOUND);
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
//check if the user is admin of the organization //check if the user is admin of the organization
if (!$this->isGranted("ROLE_SUPER_ADMIN") && !$this->userService->isAdminOfOrganization($organization)) { if (!$this->userService->isAdminOfOrganization($organization) && !$this->isGranted("ROLE_SUPER_ADMIN")) {
$this->createNotFoundException(self::NOT_FOUND); $this->loggerService->logAccessDenied($actingUser->getId());
throw new AccessDeniedHttpException('Access denied');
} }
$newUO = $this->entityManager->getRepository(UsersOrganizations::class)->findNewestUO($organization);
$newUsers = [];
foreach ($newUO as $uo) {
$newUsers[] = $uo->getUsers();
}
$adminUO = $this->entityManager->getRepository(UsersOrganizations::class)->findAdminsInOrganization($organization);
$adminUsers = [];
foreach ($adminUO as $uo) {
$adminUsers[] = $uo->getUsers();
}
$uos = $this->entityManager
->getRepository(UsersOrganizations::class)
->findBy(['organization' => $organization]);
$users = $this->userService->formatOrgUsers($uos);
$allApps = $this->entityManager->getRepository(Apps::class)->findAll(); // appsAll $allApps = $this->entityManager->getRepository(Apps::class)->findAll(); // appsAll
$orgApps = $organization->getApps()->toArray(); // apps $orgApps = $organization->getApps()->toArray(); // apps
@ -205,9 +216,6 @@ class OrganizationController extends AbstractController
$this->actionService->createAction("View Organization", $actingUser, $organization, $organization->getName()); $this->actionService->createAction("View Organization", $actingUser, $organization, $organization->getName());
return $this->render('organization/show.html.twig', [ return $this->render('organization/show.html.twig', [
'organization' => $organization, 'organization' => $organization,
'newUsers' => $newUsers,
'adminUsers' => $adminUsers,
'users' => $users,
'applications' => $apps, 'applications' => $apps,
'activities' => $activities, 'activities' => $activities,
]); ]);
@ -220,15 +228,25 @@ class OrganizationController extends AbstractController
$actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
$organization = $this->organizationsRepository->find($id); $organization = $this->organizationsRepository->find($id);
if (!$organization) { if (!$organization) {
$this->loggerService->logEntityNotFound('Organization', [
'org_id' => $id,
'message' => 'Organization not found for delete'
], $actingUser->getId());
throw $this->createNotFoundException(self::NOT_FOUND); throw $this->createNotFoundException(self::NOT_FOUND);
} }
$organization->setIsActive(false); try {
$organization->setIsDeleted(true); $organization->setIsActive(false);
// Deactivate all associated UsersOrganizations $organization->setIsDeleted(true);
$this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization); // Deactivate all associated UsersOrganizations
$this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization);
$this->entityManager->persist($organization);
$this->actionService->createAction("Delete Organization", $actingUser, $organization, $organization->getName());
}catch (\Exception $e){
$this->loggerService->logError($actingUser->getId(), ['message' => 'Error deleting organization: '.$e->getMessage()]);
$this->addFlash('error', 'Error deleting organization: ' . $e->getMessage());
}
$this->entityManager->persist($organization);
$this->actionService->createAction("Delete Organization", $actingUser, $organization, $organization->getName());
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
@ -239,12 +257,19 @@ class OrganizationController extends AbstractController
$actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
$organization = $this->organizationsRepository->find($id); $organization = $this->organizationsRepository->find($id);
if (!$organization) { if (!$organization) {
$this->loggerService->logEntityNotFound('Organization', [
'org_id' => $id,
'message' => 'Organization not found for deactivate'
], $actingUser->getId());
throw $this->createNotFoundException(self::NOT_FOUND); throw $this->createNotFoundException(self::NOT_FOUND);
} }
$organization->setIsActive(false); $organization->setIsActive(false);
// $this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization); // $this->userOrganizationService->deactivateAllUserOrganizationLinks($actingUser, null, $organization);
$this->entityManager->persist($organization); $this->entityManager->persist($organization);
$this->actionService->createAction("Deactivate Organization", $actingUser, $organization, $organization->getName()); $this->actionService->createAction("Deactivate Organization", $actingUser, $organization, $organization->getName());
$this->loggerService->logSuperAdmin($actingUser->getId(), $organization->getId(), $actingUser->getId(),'Organization deactivated');
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
@ -255,10 +280,16 @@ class OrganizationController extends AbstractController
$actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier()); $actingUser = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
$organization = $this->organizationsRepository->find($id); $organization = $this->organizationsRepository->find($id);
if (!$organization) { if (!$organization) {
$this->loggerService->logEntityNotFound('Organization', [
'org_id' => $id,
'message' => 'Organization not found for activate'
], $actingUser->getId());
throw $this->createNotFoundException(self::NOT_FOUND); throw $this->createNotFoundException(self::NOT_FOUND);
} }
$organization->setIsActive(true); $organization->setIsActive(true);
$this->entityManager->persist($organization); $this->entityManager->persist($organization);
$this->loggerService->logOrganizationInformation($organization->getId(), $actingUser->getId(),'Organization Activated');
$this->loggerService->logSuperAdmin($actingUser->getId(), $organization->getId(), $actingUser->getId(),'Organization Activated');
$this->actionService->createAction("Activate Organization", $actingUser, $organization, $organization->getName()); $this->actionService->createAction("Activate Organization", $actingUser, $organization, $organization->getName());
return $this->redirectToRoute('organization_index'); return $this->redirectToRoute('organization_index');
} }
@ -276,8 +307,6 @@ class OrganizationController extends AbstractController
$filters = $request->query->all('filter'); $filters = $request->query->all('filter');
$user = $this->userService->getUserByIdentifier($this->getUser()->getUserIdentifier());
$qb = $this->organizationsRepository->createQueryBuilder('o') $qb = $this->organizationsRepository->createQueryBuilder('o')
->where('o.isDeleted = :del')->setParameter('del', false); ->where('o.isDeleted = :del')->setParameter('del', false);

13
src/Service/LoggerService.php
View File

@ -16,6 +16,7 @@ readonly class LoggerService
private LoggerInterface $adminActionsLogger, private LoggerInterface $adminActionsLogger,
private LoggerInterface $securityLogger, private LoggerInterface $securityLogger,
private LoggerInterface $errorLogger, private LoggerInterface $errorLogger,
private LoggerInterface $awsLogger,
private RequestStack $requestStack, private RequestStack $requestStack,
) {} ) {}
@ -155,18 +156,18 @@ readonly class LoggerService
public function logEntityNotFound(string $entityType, array $criteria, ?int $actingUserId): void public function logEntityNotFound(string $entityType, array $criteria, ?int $actingUserId): void
{ {
$this->errorLogger->warning('Entity not found', [ $this->errorLogger->error('Entity not found', array_merge($criteria, [
'entity_type' => $entityType, 'entity_type' => $entityType,
'criteria' => $criteria,
'acting_user_id' => $actingUserId, 'acting_user_id' => $actingUserId,
'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown', 'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown',
'timestamp' => $this->now(), 'timestamp' => $this->now(),
]); 'page_accessed' => $_SERVER['REQUEST_URI'] ?? 'unknown',
]));
} }
public function logAWSAction(string $action, array $details): void public function logAWSAction(string $action, array $details): void
{ {
$this->securityLogger->info("AWS action performed: $action", array_merge($details, [ $this->awsLogger->info("AWS action performed: $action", array_merge($details, [
'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown', 'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown',
'timestamp' => $this->now(), 'timestamp' => $this->now(),
])); ]));
@ -174,7 +175,7 @@ readonly class LoggerService
public function logTokenRevocation(string $message, array $array): void public function logTokenRevocation(string $message, array $array): void
{ {
$this->securityLogger->notice($message, array_merge($array, [ $this->securityLogger->warning($message, array_merge($array, [
'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown', 'ip' => $this->requestStack->getCurrentRequest()?->getClientIp() ?? 'unknown',
'timestamp' => $this->now(), 'timestamp' => $this->now(),
])); ]));
@ -182,7 +183,7 @@ readonly class LoggerService
public function logUOALinkDeactivated(int $uoaId, int $appId, int $roleId): void public function logUOALinkDeactivated(int $uoaId, int $appId, int $roleId): void
{ {
$this->securityLogger->notice('UOA link deactivated', [ $this->organizationManagementLogger->notice('UOA link deactivated', [
'uoa_id' => $uoaId, 'uoa_id' => $uoaId,
'app_id' => $appId, 'app_id' => $appId,
'role_id' => $roleId, 'role_id' => $roleId,