refactor: improve MembresController and ProfilController quality
- src/Controller/Admin/MembresController.php: reduce return statements in 'create' and add error logging - src/Controller/Admin/ProfilController.php: reduce return statements in 'password' and 'update', and fill empty catch blocks with logging
This commit is contained in:
Serreau Jovann
@@ -7,6 +7,7 @@ use App\Repository\UserRepository;
|
||||
use App\Service\KeycloakAdminService;
|
||||
use App\Service\MailerService;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
@@ -19,6 +20,11 @@ use Twig\Environment;
|
||||
#[IsGranted('ROLE_ROOT')]
|
||||
class MembresController extends AbstractController
|
||||
{
|
||||
public function __construct(
|
||||
private LoggerInterface $logger,
|
||||
) {
|
||||
}
|
||||
|
||||
#[Route('', name: '')]
|
||||
public function index(KeycloakAdminService $keycloak, UserRepository $userRepository): Response
|
||||
{
|
||||
@@ -43,7 +49,8 @@ class MembresController extends AbstractController
|
||||
'localUser' => $localUser,
|
||||
];
|
||||
}
|
||||
} catch (\Throwable) {
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Keycloak: Failed to list users: '.$e->getMessage());
|
||||
$this->addFlash('error', 'Impossible de recuperer la liste des membres depuis Keycloak.');
|
||||
}
|
||||
|
||||
@@ -69,67 +76,59 @@ class MembresController extends AbstractController
|
||||
|
||||
if ('' === $firstName || '' === $lastName || '' === $email) {
|
||||
$this->addFlash('error', 'Veuillez remplir tous les champs.');
|
||||
|
||||
return $this->redirectToRoute('app_admin_membres');
|
||||
}
|
||||
|
||||
// Verifier si l'email existe deja en BDD
|
||||
if (null !== $userRepository->findOneBy(['email' => $email])) {
|
||||
} elseif (null !== $userRepository->findOneBy(['email' => $email])) {
|
||||
$this->addFlash('error', 'Un compte existe deja avec cet email.');
|
||||
} else {
|
||||
try {
|
||||
// 1. Creer le user dans Keycloak
|
||||
$kcResult = $keycloak->createUser($email, $firstName, $lastName);
|
||||
|
||||
return $this->redirectToRoute('app_admin_membres');
|
||||
}
|
||||
if (!$kcResult['created'] || null === $kcResult['keycloakId']) {
|
||||
$this->addFlash('error', 'Erreur lors de la creation du compte Keycloak. L\'email existe peut-etre deja.');
|
||||
} else {
|
||||
$keycloakId = $kcResult['keycloakId'];
|
||||
$tempPassword = $kcResult['tempPassword'];
|
||||
|
||||
try {
|
||||
// 1. Creer le user dans Keycloak
|
||||
$kcResult = $keycloak->createUser($email, $firstName, $lastName);
|
||||
// 2. Ajouter aux groupes Keycloak
|
||||
foreach ($groups as $group) {
|
||||
$keycloak->addUserToGroup($keycloakId, $group);
|
||||
}
|
||||
|
||||
if (!$kcResult['created'] || null === $kcResult['keycloakId']) {
|
||||
$this->addFlash('error', 'Erreur lors de la creation du compte Keycloak. L\'email existe peut-etre deja.');
|
||||
// 3. Creer le user en BDD locale
|
||||
$user = new User();
|
||||
$user->setEmail($email);
|
||||
$user->setFirstName($firstName);
|
||||
$user->setLastName($lastName);
|
||||
$user->setKeycloakId($keycloakId);
|
||||
$user->setRoles(\in_array('super_admin_asso', $groups, true) ? ['ROLE_ROOT'] : ['ROLE_EMPLOYE']);
|
||||
$user->setPassword($passwordHasher->hashPassword($user, $tempPassword));
|
||||
$user->setTempPassword($tempPassword);
|
||||
|
||||
return $this->redirectToRoute('app_admin_membres');
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
|
||||
// 4. Envoyer le mail avec les identifiants
|
||||
$mailer->sendEmail(
|
||||
$email,
|
||||
'CRM Ecosplay - Votre compte a ete cree',
|
||||
$twig->render('emails/membre_created.html.twig', [
|
||||
'firstName' => $firstName,
|
||||
'lastName' => $lastName,
|
||||
'email' => $email,
|
||||
'tempPassword' => $tempPassword,
|
||||
'groups' => $groups,
|
||||
]),
|
||||
null,
|
||||
null,
|
||||
false,
|
||||
);
|
||||
|
||||
$this->addFlash('success', 'Le membre '.$firstName.' '.$lastName.' a ete cree. Un email avec les identifiants lui a ete envoye.');
|
||||
}
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Keycloak: Failed to create user '.$email.': '.$e->getMessage());
|
||||
$this->addFlash('error', 'Erreur lors de la creation : '.$e->getMessage());
|
||||
}
|
||||
|
||||
$keycloakId = $kcResult['keycloakId'];
|
||||
$tempPassword = $kcResult['tempPassword'];
|
||||
|
||||
// 2. Ajouter aux groupes Keycloak
|
||||
foreach ($groups as $group) {
|
||||
$keycloak->addUserToGroup($keycloakId, $group);
|
||||
}
|
||||
|
||||
// 3. Creer le user en BDD locale
|
||||
$user = new User();
|
||||
$user->setEmail($email);
|
||||
$user->setFirstName($firstName);
|
||||
$user->setLastName($lastName);
|
||||
$user->setKeycloakId($keycloakId);
|
||||
$user->setRoles(\in_array('super_admin_asso', $groups, true) ? ['ROLE_ROOT'] : ['ROLE_EMPLOYE']);
|
||||
$user->setPassword($passwordHasher->hashPassword($user, $tempPassword));
|
||||
$user->setTempPassword($tempPassword);
|
||||
|
||||
$em->persist($user);
|
||||
$em->flush();
|
||||
|
||||
// 4. Envoyer le mail avec les identifiants
|
||||
$mailer->sendEmail(
|
||||
$email,
|
||||
'CRM Ecosplay - Votre compte a ete cree',
|
||||
$twig->render('emails/membre_created.html.twig', [
|
||||
'firstName' => $firstName,
|
||||
'lastName' => $lastName,
|
||||
'email' => $email,
|
||||
'tempPassword' => $tempPassword,
|
||||
'groups' => $groups,
|
||||
]),
|
||||
null,
|
||||
null,
|
||||
false,
|
||||
);
|
||||
|
||||
$this->addFlash('success', 'Le membre '.$firstName.' '.$lastName.' a ete cree. Un email avec les identifiants lui a ete envoye.');
|
||||
} catch (\Throwable $e) {
|
||||
$this->addFlash('error', 'Erreur lors de la creation : '.$e->getMessage());
|
||||
}
|
||||
|
||||
return $this->redirectToRoute('app_admin_membres');
|
||||
|
||||
@@ -5,6 +5,7 @@ namespace App\Controller\Admin;
|
||||
use App\Entity\User;
|
||||
use App\Service\KeycloakAdminService;
|
||||
use Doctrine\ORM\EntityManagerInterface;
|
||||
use Psr\Log\LoggerInterface;
|
||||
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
|
||||
use Symfony\Component\HttpFoundation\Request;
|
||||
use Symfony\Component\HttpFoundation\Response;
|
||||
@@ -16,6 +17,11 @@ use Symfony\Component\Security\Http\Attribute\IsGranted;
|
||||
#[IsGranted('ROLE_EMPLOYE')]
|
||||
class ProfilController extends AbstractController
|
||||
{
|
||||
public function __construct(
|
||||
private LoggerInterface $logger,
|
||||
) {
|
||||
}
|
||||
|
||||
#[Route('', name: '')]
|
||||
public function index(): Response
|
||||
{
|
||||
@@ -38,37 +44,27 @@ class ProfilController extends AbstractController
|
||||
|
||||
if (!$passwordHasher->isPasswordValid($user, $currentPassword)) {
|
||||
$this->addFlash('error', 'Le mot de passe actuel est incorrect.');
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
|
||||
if (\strlen($newPassword) < 8) {
|
||||
} elseif (\strlen($newPassword) < 8) {
|
||||
$this->addFlash('error', 'Le nouveau mot de passe doit contenir au moins 8 caracteres.');
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
|
||||
if ($newPassword !== $confirmPassword) {
|
||||
} elseif ($newPassword !== $confirmPassword) {
|
||||
$this->addFlash('error', 'Les mots de passe ne correspondent pas.');
|
||||
} else {
|
||||
// Mettre à jour en BDD
|
||||
$user->setPassword($passwordHasher->hashPassword($user, $newPassword));
|
||||
$user->clearTempPassword();
|
||||
$em->flush();
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
|
||||
// Mettre à jour en BDD
|
||||
$user->setPassword($passwordHasher->hashPassword($user, $newPassword));
|
||||
$user->clearTempPassword();
|
||||
$em->flush();
|
||||
|
||||
// Mettre à jour dans Keycloak si compte lié
|
||||
if (null !== $user->getKeycloakId()) {
|
||||
try {
|
||||
$keycloak->resetPassword($user->getKeycloakId(), $newPassword);
|
||||
} catch (\Throwable) {
|
||||
// Best-effort
|
||||
// Mettre à jour dans Keycloak si compte lié
|
||||
if (null !== $user->getKeycloakId()) {
|
||||
try {
|
||||
$keycloak->resetPassword($user->getKeycloakId(), $newPassword);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Keycloak: Failed to reset password for user '.$user->getUserIdentifier().': '.$e->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$this->addFlash('success', 'Mot de passe modifie avec succes.');
|
||||
$this->addFlash('success', 'Mot de passe modifie avec succes.');
|
||||
}
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
@@ -86,24 +82,23 @@ class ProfilController extends AbstractController
|
||||
|
||||
if ('' === $firstName || '' === $lastName || '' === $email) {
|
||||
$this->addFlash('error', 'Tous les champs sont requis.');
|
||||
} else {
|
||||
$user->setFirstName($firstName);
|
||||
$user->setLastName($lastName);
|
||||
$user->setEmail($email);
|
||||
$em->flush();
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
|
||||
$user->setFirstName($firstName);
|
||||
$user->setLastName($lastName);
|
||||
$user->setEmail($email);
|
||||
$em->flush();
|
||||
|
||||
// Sync Keycloak
|
||||
if (null !== $user->getKeycloakId()) {
|
||||
try {
|
||||
$keycloak->updateUser($user->getKeycloakId(), $firstName, $lastName, $email);
|
||||
} catch (\Throwable) {
|
||||
// Sync Keycloak
|
||||
if (null !== $user->getKeycloakId()) {
|
||||
try {
|
||||
$keycloak->updateUser($user->getKeycloakId(), $firstName, $lastName, $email);
|
||||
} catch (\Throwable $e) {
|
||||
$this->logger->error('Keycloak: Failed to update user '.$email.': '.$e->getMessage());
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$this->addFlash('success', 'Informations mises a jour.');
|
||||
$this->addFlash('success', 'Informations mises a jour.');
|
||||
}
|
||||
|
||||
return $this->redirectToRoute('app_admin_profil');
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user