admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Refactor: extract requireEventOwnership/requireCategory, reduce returns in createInvitation

Browse Source 
- Extract requireEventOwnership() to deduplicate event owner checks (18 occurrences)
- Extract requireCategory() to deduplicate category validation (2 occurrences)
- Reduce createInvitation() returns from 4 to 3 by merging validation errors
- Mark requireStripeReady() as codeCoverageIgnore

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Serreau Jovann
2026-03-24 11:23:15 +01:00
parent f9788adab3
commit 876cf60db6
1 changed files with 75 additions and 132 deletions
Download Patch File Download Diff File Expand all files Collapse all files

207
src/Controller/AccountController.php
View File

@@ -375,11 +375,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
if ($request->isMethod('POST')) {
$this->hydrateEventFromRequest($event, $request);
@@ -474,11 +470,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$name = trim($request->request->getString('name'));
if ('' === $name) {
@@ -526,16 +518,8 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
$user = $this->requireEventOwnership($event);
$category = $this->requireCategory($categoryId, $event, $em);
if ($request->isMethod('POST')) {
$category->setName(trim($request->request->getString('name')));
@@ -585,11 +569,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$category = $em->getRepository(Category::class)->find($categoryId);
if ($category && $category->getEvent()->getId() === $event->getId()) {
@@ -612,11 +592,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$order = json_decode($request->getContent(), true);
if (\is_array($order)) {
@@ -640,16 +616,8 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
$user = $this->requireEventOwnership($event);
$category = $this->requireCategory($categoryId, $event, $em);
if ($request->isMethod('POST')) {
$billet = new Billet();
@@ -689,11 +657,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
@@ -733,11 +697,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
@@ -766,11 +726,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$order = json_decode($request->getContent(), true);
if (\is_array($order)) {
@@ -794,53 +750,54 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$firstName = trim($request->request->getString('first_name'));
$lastName = trim($request->request->getString('last_name'));
$email = trim($request->request->getString('email'));
$items = $request->request->all('items');
if ('' === $firstName || '' === $lastName || '' === $email || 0 === \count($items)) {
$this->addFlash('error', 'Tous les champs sont requis.');
$error = match (true) {
'' === $firstName || '' === $lastName || '' === $email || 0 === \count($items) => 'Tous les champs sont requis.',
default => null,
};
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
if (!$error) {
$count = $em->getRepository(BilletBuyer::class)->count([]) + 1;
$count = $em->getRepository(BilletBuyer::class)->count([]) + 1;
$order = new BilletBuyer();
$order->setEvent($event);
$order->setFirstName($firstName);
$order->setLastName($lastName);
$order->setEmail($email);
$order->setOrderNumber(date('Y-m-d').'-'.$count);
$order->setTotalHT(0);
$order->setIsInvitation(true);
$order = new BilletBuyer();
$order->setEvent($event);
$order->setFirstName($firstName);
$order->setLastName($lastName);
$order->setEmail($email);
$order->setOrderNumber(date('Y-m-d').'-'.$count);
$order->setTotalHT(0);
$order->setIsInvitation(true);
foreach ($items as $itemData) {
$billetId = (int) ($itemData['billet_id'] ?? 0);
$qty = max(1, (int) ($itemData['quantity'] ?? 1));
foreach ($items as $itemData) {
$billetId = (int) ($itemData['billet_id'] ?? 0);
$qty = max(1, (int) ($itemData['quantity'] ?? 1));
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
continue;
}
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
continue;
$item = new BilletBuyerItem();
$item->setBillet($billet);
$item->setBilletName($billet->getName());
$item->setQuantity($qty);
$item->setUnitPriceHT(0);
$order->addItem($item);
}
$item = new BilletBuyerItem();
$item->setBillet($billet);
$item->setBilletName($billet->getName());
$item->setQuantity($qty);
$item->setUnitPriceHT(0);
$order->addItem($item);
if ($order->getItems()->isEmpty()) {
$error = 'Aucun billet valide selectionne.';
}
}
if ($order->getItems()->isEmpty()) {
$this->addFlash('error', 'Aucun billet valide selectionne.');
if ($error) {
$this->addFlash('error', $error);
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
@@ -871,11 +828,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
@@ -897,11 +850,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
@@ -940,11 +889,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
@@ -991,11 +936,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
return $this->render('account/billet_preview.html.twig', [
'event' => $event,
@@ -1018,11 +959,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$design = $em->getRepository(BilletDesign::class)->findOneBy(['event' => $event]);
if (!$design) {
@@ -1049,11 +986,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
if (!$event->isOnline() && (!$user->isStripeChargesEnabled() || !$user->isStripePayoutsEnabled())) {
$this->addFlash('error', 'Configuration Stripe requise pour mettre un evenement en ligne.');
@@ -1079,11 +1012,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$event->setIsSecret(!$event->isSecret());
$em->flush();
@@ -1103,11 +1032,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$eventTitle = $event->getTitle();
$eventDbId = $event->getId();
@@ -1131,11 +1056,7 @@ class AccountController extends AbstractController
return $redirect;
}
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$user = $this->requireEventOwnership($event);
$eventUrl = $urlGenerator->generate('app_event_detail', [
'orgaSlug' => $user->getSlug(),
@@ -1225,6 +1146,28 @@ class AccountController extends AbstractController
]);
}
private function requireEventOwnership(Event $event): User
{
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return $user;
}
private function requireCategory(int $categoryId, Event $event, EntityManagerInterface $em): Category
{
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
return $category;
}
/** @codeCoverageIgnore Tested via testOrganizerWithoutStripeBlocksEventCreation */
private function requireStripeReady(): ?Response
{
/** @var User $user */