From c485740d273613239529f279f3aa6cdf32a589e7 Mon Sep 17 00:00:00 2001
From: mathis <m.buchet@sudalys.fr>
Date: Wed, 25 Feb 2026 14:15:02 +0100
Subject: [PATCH] add command to create super admin user

---
 config/services.yaml                    |   3 +
 src/Command/CreateSuperAdminCommand.php | 142 ++++++++++++++++++++++++
 2 files changed, 145 insertions(+)
 create mode 100644 src/Command/CreateSuperAdminCommand.php

diff --git a/config/services.yaml b/config/services.yaml
index fb8d70f..3ab0764 100644
--- a/config/services.yaml
+++ b/config/services.yaml
@@ -53,6 +53,9 @@ services:
     League\OAuth2\Server\Repositories\AccessTokenRepositoryInterface:
         class: App\Repository\AccessTokenRepository
         decorates: 'League\Bundle\OAuth2ServerBundle\Repository\AccessTokenRepository'
+    App\Command\CreateSuperAdminCommand:
+        arguments:
+            $environment: '%kernel.environment%'
 
     # add more service definitions when explicit configuration is needed
     # please note that last definitions always *replace* previous ones
diff --git a/src/Command/CreateSuperAdminCommand.php b/src/Command/CreateSuperAdminCommand.php
new file mode 100644
index 0000000..7625e58
--- /dev/null
+++ b/src/Command/CreateSuperAdminCommand.php
@@ -0,0 +1,142 @@
+<?php
+
+namespace App\Command;
+
+use App\Entity\User;
+use Doctrine\ORM\EntityManagerInterface;
+use Symfony\Component\Console\Attribute\AsCommand;
+use Symfony\Component\Console\Command\Command;
+use Symfony\Component\Console\Input\InputInterface;
+use Symfony\Component\Console\Output\OutputInterface;
+use Symfony\Component\Console\Question\Question;
+use Symfony\Component\Console\Style\SymfonyStyle;
+use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
+
+#[AsCommand(
+    name: 'app:create-super-admin',
+    description: 'Creates the first super admin user'
+)]
+class CreateSuperAdminCommand extends Command
+{
+    private EntityManagerInterface $entityManager;
+    private UserPasswordHasherInterface $passwordHasher;
+    private string $environment;
+
+    public function __construct(
+        EntityManagerInterface $entityManager,
+        UserPasswordHasherInterface $passwordHasher,
+        string $environment
+    ) {
+        parent::__construct();
+        $this->entityManager = $entityManager;
+        $this->passwordHasher = $passwordHasher;
+        $this->environment = $environment;
+    }
+
+    protected function execute(InputInterface $input, OutputInterface $output): int
+    {
+        $io = new SymfonyStyle($input, $output);
+        $helper = $this->getHelper('question');
+
+        $io->title('Create Super Admin User');
+
+        // Ask for email
+        $emailQuestion = new Question('Email address: ');
+        $emailQuestion->setValidator(function ($answer) {
+            if (empty($answer)) {
+                throw new \RuntimeException('Email cannot be empty');
+            }
+            if (!filter_var($answer, FILTER_VALIDATE_EMAIL)) {
+                throw new \RuntimeException('Invalid email format');
+            }
+            return $answer;
+        });
+        $email = $helper->ask($input, $output, $emailQuestion);
+
+        // Check if user already exists
+        $existingUser = $this->entityManager->getRepository(User::class)
+            ->findOneBy(['email' => $email]);
+
+        if ($existingUser) {
+            $io->error("A user with email '{$email}' already exists.");
+            return Command::FAILURE;
+        }
+
+        // Ask for name
+        $nameQuestion = new Question('First name: ');
+        $nameQuestion->setValidator(function ($answer) {
+            if (empty(trim($answer))) {
+                throw new \RuntimeException('First name cannot be empty');
+            }
+            return trim($answer);
+        });
+        $name = $helper->ask($input, $output, $nameQuestion);
+
+        // Ask for surname
+        $surnameQuestion = new Question('Last name: ');
+        $surnameQuestion->setValidator(function ($answer) {
+            if (empty(trim($answer))) {
+                throw new \RuntimeException('Last name cannot be empty');
+            }
+            return trim($answer);
+        });
+        $surname = $helper->ask($input, $output, $surnameQuestion);
+
+        // Ask for password
+        $isDev = $this->environment === 'dev';
+        $passwordQuestion = new Question('Password: ');
+        $passwordQuestion->setHidden(true);
+        $passwordQuestion->setHiddenFallback(false);
+        $passwordQuestion->setValidator(function ($answer) use ($isDev) {
+            if (empty($answer)) {
+                throw new \RuntimeException('Password cannot be empty');
+            }
+            if (!$isDev && strlen($answer) < 8) {
+                throw new \RuntimeException('Password must be at least 8 characters long');
+            }
+            return $answer;
+        });
+        $password = $helper->ask($input, $output, $passwordQuestion);
+        
+        if ($isDev && strlen($password) < 8) {
+            $io->warning('Development mode: password length requirement bypassed');
+        }
+
+        // Confirm password
+        $confirmPasswordQuestion = new Question('Confirm password: ');
+        $confirmPasswordQuestion->setHidden(true);
+        $confirmPasswordQuestion->setHiddenFallback(false);
+        $confirmPassword = $helper->ask($input, $output, $confirmPasswordQuestion);
+
+        if ($password !== $confirmPassword) {
+            $io->error('Passwords do not match.');
+            return Command::FAILURE;
+        }
+
+        // Create user
+        $user = new User();
+        $user->setEmail($email);
+        $user->setName($name);
+        $user->setSurname($surname);
+        $user->setRoles(['ROLE_SUPER_ADMIN', 'ROLE_ADMIN']);
+        $user->setIsActive(true);
+        $user->setIsDeleted(false);
+
+        // Hash password
+        $hashedPassword = $this->passwordHasher->hashPassword($user, $password);
+        $user->setPassword($hashedPassword);
+
+        // Persist user
+        $this->entityManager->persist($user);
+        $this->entityManager->flush();
+
+        $io->success([
+            'Super Admin user created successfully!',
+            "Email: {$email}",
+            "Name: {$name} {$surname}",
+            'Roles: ROLE_SUPER_ADMIN, ROLE_ADMIN'
+        ]);
+
+        return Command::SUCCESS;
+    }
+}