admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
66ac2379ec191323bfbcb4021e06ab680aa095cc
e-ticket/src/Controller/AccountController.php
Serreau Jovann 66ac2379ec Add audit trail: AuditLog entity, AuditService, admin logs page 
- AuditLog entity: action, entityType, entityId, data (JSON), performedBy, ipAddress
- AuditService: logs actions with current user and IP
- Audit on: order_created, order_paid, order_cancelled, order_refunded
- Admin /admin/logs: paginated table with action badges, details, user, IP
- Navigation link 'Logs' in admin header

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-22 20:48:10 +01:00

1192 lines
47 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use App\Entity\Billet;
use App\Entity\BilletBuyer;
use App\Entity\BilletBuyerItem;
use App\Entity\BilletDesign;
use App\Entity\BilletOrder;
use App\Entity\Category;
use App\Entity\Event;
use App\Entity\Payout;
use App\Entity\User;
use App\Service\AuditService;
use App\Service\BilletOrderService;
use App\Service\EventIndexService;
use App\Service\MailerService;
use App\Service\OrderIndexService;
use App\Service\PayoutPdfService;
use App\Service\StripeService;
use Doctrine\ORM\EntityManagerInterface;
use Knp\Component\Pager\PaginatorInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Http\Attribute\IsGranted;
#[IsGranted('ROLE_USER')]
class AccountController extends AbstractController
{
private const BREADCRUMB_HOME = ['name' => 'Accueil', 'url' => '/'];
private const BREADCRUMB_ACCOUNT = ['name' => 'Mon compte', 'url' => '/mon-compte'];
private const EVENT_BASE_URL = '/mon-compte/evenement/';
private const EVENT_CATEGORIES_SUFFIX = '/modifier?tab=categories';
#[Route('/mon-compte', name: 'app_account')]
public function index(Request $request, StripeService $stripeService, EntityManagerInterface $em, PaginatorInterface $paginator, EventIndexService $eventIndex): Response
{
/** @var User $user */
$user = $this->getUser();
$isOrganizer = $this->isGranted('ROLE_ORGANIZER');
$defaultTab = $isOrganizer ? 'events' : 'tickets';
$tab = $request->query->getString('tab', $defaultTab);
if ($isOrganizer && $user->getStripeAccountId() && (!$user->isStripeChargesEnabled() || !$user->isStripePayoutsEnabled())) {
try { // @codeCoverageIgnoreStart
$account = $stripeService->getClient()->accounts->retrieve($user->getStripeAccountId());
$user->setStripeChargesEnabled((bool) $account->charges_enabled);
$user->setStripePayoutsEnabled((bool) $account->payouts_enabled);
$em->flush();
} catch (\Throwable) {
// Stripe API unavailable, keep current status
} // @codeCoverageIgnoreEnd
}
$payouts = [];
$subAccounts = [];
$events = [];
if ($isOrganizer) {
$payouts = $em->getRepository(Payout::class)->findBy(
['organizer' => $user],
['createdAt' => 'DESC'],
);
$subAccounts = $em->getRepository(User::class)->findBy(
['parentOrganizer' => $user],
['createdAt' => 'DESC'],
);
$searchQuery = $request->query->getString('q', '');
$eventsQuery = $eventIndex->searchEvents('event_'.$user->getId(), $searchQuery, ['account' => $user]);
$events = $paginator->paginate($eventsQuery, $request->query->getInt('page', 1), 10);
}
$orders = $em->getRepository(BilletBuyer::class)->findBy(
['user' => $user],
['createdAt' => 'DESC'],
);
$userTickets = [];
foreach ($orders as $order) {
$tickets = $em->getRepository(BilletOrder::class)->findBy(['billetBuyer' => $order]);
foreach ($tickets as $ticket) {
$userTickets[] = $ticket;
}
}
return $this->render('account/index.html.twig', [
'tab' => $tab,
'isOrganizer' => $isOrganizer,
'payouts' => $payouts,
'subAccounts' => $subAccounts,
'events' => $events,
'orders' => $orders,
'userTickets' => $userTickets,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
],
]);
}
#[Route('/mon-compte/parametres', name: 'app_account_settings', methods: ['POST'])]
public function settings(Request $request, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
$isOrganizer = $this->isGranted('ROLE_ORGANIZER');
if (!$isOrganizer) {
$user->setFirstName(trim($request->request->getString('first_name')));
$user->setLastName(trim($request->request->getString('last_name')));
}
$user->setEmail(trim($request->request->getString('email')));
$user->setPhone(trim($request->request->getString('phone')));
if (!$isOrganizer) {
$user->setAddress(trim($request->request->getString('address')));
$user->setPostalCode(trim($request->request->getString('postal_code')));
$user->setCity(trim($request->request->getString('city')));
}
if ($isOrganizer) {
$user->setWebsite(trim($request->request->getString('website')));
$user->setFacebook(trim($request->request->getString('facebook')));
$user->setInstagram(trim($request->request->getString('instagram')));
$user->setTwitter(trim($request->request->getString('twitter')));
$user->setTiktok(trim($request->request->getString('tiktok')));
$logoFile = $request->files->get('logo');
if ($logoFile) {
$user->setLogoFile($logoFile);
}
}
$em->flush();
$this->addFlash('success', 'Parametres mis a jour.');
return $this->redirectToRoute('app_account', ['tab' => 'settings']);
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-connect', name: 'app_account_stripe_connect')]
public function stripeConnect(StripeService $stripeService, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER')) {
return $this->redirectToRoute('app_account');
}
try {
if (!$user->getStripeAccountId()) {
$accountId = $stripeService->createAccountConnect($user);
$user->setStripeAccountId($accountId);
$user->setStripeStatus('started');
$em->flush();
}
$link = $stripeService->createAccountLink($user->getStripeAccountId());
return $this->redirect($link);
} catch (\Throwable $e) {
$this->addFlash('error', 'Erreur lors de la connexion a Stripe : '.$e->getMessage());
return $this->redirectToRoute('app_account');
}
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-cancel', name: 'app_account_stripe_cancel', methods: ['POST'])]
public function stripeCancel(StripeService $stripeService, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($this->isGranted('ROLE_ORGANIZER') && $user->getStripeAccountId()) {
try {
$stripeService->deleteAccount($user->getStripeAccountId());
} catch (\Throwable) {
// Account may already be deleted on Stripe side
}
$user->setStripeAccountId(null);
$user->setStripeChargesEnabled(false);
$user->setStripePayoutsEnabled(false);
$em->flush();
$this->addFlash('success', 'Compte Stripe cloture.');
}
return $this->redirectToRoute('app_account');
}
#[Route('/stripe/connect/return', name: 'app_stripe_connect_return')]
public function stripeConnectReturn(): Response
{
$this->addFlash('success', 'Configuration Stripe terminee.');
return $this->redirectToRoute('app_account');
}
#[Route('/stripe/connect/refresh', name: 'app_stripe_connect_refresh')]
public function stripeConnectRefresh(): Response
{
return $this->redirectToRoute('app_account_stripe_connect');
}
#[Route('/mon-compte/sous-compte/creer', name: 'app_account_create_subaccount', methods: ['POST'])]
public function createSubAccount(Request $request, EntityManagerInterface $em, UserPasswordHasherInterface $passwordHasher, MailerService $mailerService): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER')) {
return $this->redirectToRoute('app_account');
}
$plainPassword = bin2hex(random_bytes(8));
$subAccount = new User();
$subAccount->setFirstName(trim($request->request->getString('first_name')));
$subAccount->setLastName(trim($request->request->getString('last_name')));
$subAccount->setEmail(trim($request->request->getString('email')));
$subAccount->setPassword($passwordHasher->hashPassword($subAccount, $plainPassword));
$subAccount->setIsVerified(true);
$subAccount->setEmailVerifiedAt(new \DateTimeImmutable());
$subAccount->setParentOrganizer($user);
$permissions = $request->request->all('permissions');
$subAccount->setSubAccountPermissions($permissions);
$em->persist($subAccount);
$em->flush();
$mailerService->sendEmail(
to: $subAccount->getEmail(),
subject: 'Votre sous-compte E-Ticket a ete cree',
content: $this->renderView('email/subaccount_created.html.twig', [
'firstName' => $subAccount->getFirstName(),
'organizerName' => $user->getCompanyName() ?? $user->getFirstName().' '.$user->getLastName(),
'email' => $subAccount->getEmail(),
'password' => $plainPassword,
'permissions' => $permissions,
]),
withUnsubscribe: false,
);
$this->addFlash('success', sprintf('Sous-compte %s %s cree.', $subAccount->getFirstName(), $subAccount->getLastName()));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/sous-compte/{id}', name: 'app_account_edit_subaccount_page', methods: ['GET'])]
public function editSubAccountPage(User $subAccount): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return $this->render('account/edit_subaccount.html.twig', [
'subAccount' => $subAccount,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => 'Sous-compte', 'url' => self::BREADCRUMB_ACCOUNT['url'].'/sous-compte/'.$subAccount->getId()],
],
]);
}
#[Route('/mon-compte/sous-compte/{id}/modifier', name: 'app_account_edit_subaccount', methods: ['POST'])]
public function editSubAccount(User $subAccount, Request $request, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$permissions = $request->request->all('permissions');
$subAccount->setSubAccountPermissions($permissions);
$subAccount->setFirstName(trim($request->request->getString('first_name')));
$subAccount->setLastName(trim($request->request->getString('last_name')));
$subAccount->setEmail(trim($request->request->getString('email')));
$em->flush();
$this->addFlash('success', sprintf('Sous-compte %s %s mis a jour.', $subAccount->getFirstName(), $subAccount->getLastName()));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/sous-compte/{id}/supprimer', name: 'app_account_delete_subaccount', methods: ['POST'])]
public function deleteSubAccount(User $subAccount, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$name = sprintf('%s %s', $subAccount->getFirstName(), $subAccount->getLastName());
$em->remove($subAccount);
$em->flush();
$this->addFlash('success', sprintf('Sous-compte %s supprime.', $name));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/evenement/creer', name: 'app_account_create_event', methods: ['GET', 'POST'])]
public function createEvent(Request $request, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($request->isMethod('POST')) {
$event = new Event();
$event->setAccount($user);
$this->hydrateEventFromRequest($event, $request);
$em->persist($event);
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', 'Evenement cree avec succes.');
return $this->redirectToRoute('app_account', ['tab' => 'events']);
}
return $this->render('account/create_event.html.twig', [
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => 'Creer un evenement', 'url' => '/mon-compte/evenement/creer'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/modifier', name: 'app_account_edit_event', methods: ['GET', 'POST'])]
public function editEvent(Event $event, Request $request, EntityManagerInterface $em, EventIndexService $eventIndex, PaginatorInterface $paginator, OrderIndexService $orderIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
if ($request->isMethod('POST')) {
$this->hydrateEventFromRequest($event, $request);
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', 'Evenement modifie avec succes.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
$categories = $em->getRepository(Category::class)->findBy(
['event' => $event],
['position' => 'ASC'],
);
$allBillets = $em->getRepository(Billet::class)->findBy(['category' => $categories], ['position' => 'ASC']);
$billets = [];
$billetIds = [];
foreach ($allBillets as $billet) {
$catId = $billet->getCategory()->getId();
$billets[$catId][] = $billet;
$billetIds[] = $billet->getId();
}
$soldCounts = [];
if ($billetIds) {
$rows = $em->createQueryBuilder()
->select('IDENTITY(bo.billet) AS billetId, COUNT(bo.id) AS cnt')
->from(BilletOrder::class, 'bo')
->where('bo.billet IN (:ids)')
->setParameter('ids', $billetIds)
->groupBy('bo.billet')
->getQuery()
->getArrayResult();
foreach ($rows as $row) {
$soldCounts[$row['billetId']] = (int) $row['cnt'];
}
}
$searchQuery = $request->query->getString('q', '');
$ordersQuery = '' !== $searchQuery
? $orderIndex->searchOrders($event->getId(), $searchQuery)
: $em->getRepository(BilletBuyer::class)->findBy(['event' => $event], ['createdAt' => 'DESC']);
$eventOrders = $paginator->paginate($ordersQuery, $request->query->getInt('page', 1), 20);
$paidEventOrders = $em->createQueryBuilder()
->select('o', 'i')
->from(BilletBuyer::class, 'o')
->leftJoin('o.items', 'i')
->where('o.event = :event')
->andWhere('o.status = :status')
->setParameter('event', $event)
->setParameter('status', BilletBuyer::STATUS_PAID)
->getQuery()
->getResult();
$eventStats = $this->computeEventStats($paidEventOrders);
return $this->render('account/edit_event.html.twig', [
'event' => $event,
'categories' => $categories,
'billets' => $billets,
'sold_counts' => $soldCounts,
'commission_rate' => $user->getCommissionRate() ?? 0,
'billet_design' => $em->getRepository(BilletDesign::class)->findOneBy(['event' => $event]),
'event_orders' => $eventOrders,
'invitations' => $em->getRepository(BilletBuyer::class)->findBy(['event' => $event, 'isInvitation' => true], ['createdAt' => 'DESC']),
'event_total_ht' => $eventStats['totalHT'] / 100,
'event_total_sold' => $eventStats['totalSold'],
'event_total_orders' => \count($paidEventOrders),
'billet_stats' => $eventStats['billetStats'],
'search_query' => $searchQuery,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => self::EVENT_BASE_URL.$event->getId().'/modifier'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/categorie/ajouter', name: 'app_account_event_add_category', methods: ['POST'])]
public function addCategory(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$name = trim($request->request->getString('name'));
if ('' === $name) {
$this->addFlash('error', 'Le nom de la categorie est requis.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
$maxPosition = $em->getRepository(Category::class)->count(['event' => $event]);
$category = new Category();
$category->setName($name);
$category->setEvent($event);
$category->setPosition($maxPosition);
$startAt = $request->request->getString('start_at');
if ('' !== $startAt) {
$category->setStartAt(new \DateTimeImmutable($startAt));
}
$endAt = $request->request->getString('end_at');
if ('' !== $endAt) {
$category->setEndAt(new \DateTimeImmutable($endAt));
}
if ($category->getEndAt() < $category->getStartAt()) {
$category->setEndAt($category->getStartAt()->modify('+30 days'));
}
$em->persist($category);
$em->flush();
$this->addFlash('success', sprintf('Categorie "%s" ajoutee.', $name));
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
#[Route('/mon-compte/evenement/{id}/categorie/{categoryId}/modifier', name: 'app_account_event_edit_category', methods: ['GET', 'POST'])]
public function editCategory(Event $event, int $categoryId, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
if ($request->isMethod('POST')) {
$category->setName(trim($request->request->getString('name')));
$startAt = $request->request->getString('start_at');
if ('' !== $startAt) {
$category->setStartAt(new \DateTimeImmutable($startAt));
}
$endAt = $request->request->getString('end_at');
if ('' !== $endAt) {
$category->setEndAt(new \DateTimeImmutable($endAt));
}
if ($category->getEndAt() < $category->getStartAt()) {
$category->setEndAt($category->getStartAt()->modify('+30 days'));
}
$category->setIsHidden($request->request->getBoolean('is_hidden'));
$em->flush();
$this->addFlash('success', 'Categorie modifiee.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
return $this->render('account/edit_category.html.twig', [
'event' => $event,
'category' => $category,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => self::EVENT_BASE_URL.$event->getId().self::EVENT_CATEGORIES_SUFFIX],
['name' => $category->getName(), 'url' => ''],
],
]);
}
#[Route('/mon-compte/evenement/{id}/categorie/{categoryId}/supprimer', name: 'app_account_event_delete_category', methods: ['POST'])]
public function deleteCategory(Event $event, int $categoryId, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if ($category && $category->getEvent()->getId() === $event->getId()) {
$em->remove($category);
$em->flush();
$this->addFlash('success', 'Categorie supprimee.');
}
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
#[Route('/mon-compte/evenement/{id}/categorie/reorder', name: 'app_account_event_reorder_categories', methods: ['POST'])]
public function reorderCategories(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = json_decode($request->getContent(), true);
if (\is_array($order)) {
foreach ($order as $position => $categoryId) {
$category = $em->getRepository(Category::class)->find($categoryId);
if ($category && $category->getEvent()->getId() === $event->getId()) {
$category->setPosition($position);
}
}
$em->flush();
}
return $this->json(['success' => true]);
}
#[Route('/mon-compte/evenement/{id}/categorie/{categoryId}/billet/ajouter', name: 'app_account_event_add_billet', methods: ['GET', 'POST'])]
public function addBillet(Event $event, int $categoryId, Request $request, EntityManagerInterface $em, StripeService $stripeService): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
if ($request->isMethod('POST')) {
$billet = new Billet();
$billet->setCategory($category);
$billet->setPosition($em->getRepository(Billet::class)->count(['category' => $category]));
$this->hydrateBilletFromRequest($billet, $request);
$em->persist($billet);
$this->syncBilletToStripe($billet, $user, $stripeService);
$em->flush();
$this->addFlash('success', 'Billet ajoute avec succes.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
return $this->render('account/add_billet.html.twig', [
'event' => $event,
'category' => $category,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => self::EVENT_BASE_URL.$event->getId().self::EVENT_CATEGORIES_SUFFIX],
['name' => 'Ajouter un billet'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/billet/{billetId}/modifier', name: 'app_account_event_edit_billet', methods: ['GET', 'POST'])]
public function editBillet(Event $event, int $billetId, Request $request, EntityManagerInterface $em, StripeService $stripeService): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
if ($request->isMethod('POST')) {
$this->hydrateBilletFromRequest($billet, $request);
$this->syncBilletToStripe($billet, $user, $stripeService);
$em->flush();
$this->addFlash('success', 'Billet modifie avec succes.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
return $this->render('account/edit_billet.html.twig', [
'event' => $event,
'billet' => $billet,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => self::EVENT_BASE_URL.$event->getId().self::EVENT_CATEGORIES_SUFFIX],
['name' => 'Modifier un billet'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/billet/{billetId}/supprimer', name: 'app_account_event_delete_billet', methods: ['POST'])]
public function deleteBillet(Event $event, int $billetId, EntityManagerInterface $em, StripeService $stripeService): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
$this->deleteBilletFromStripe($billet, $user, $stripeService);
$em->remove($billet);
$em->flush();
$this->addFlash('success', 'Billet supprime avec succes.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
#[Route('/mon-compte/evenement/{id}/billet/reorder', name: 'app_account_event_reorder_billets', methods: ['POST'])]
public function reorderBillets(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = json_decode($request->getContent(), true);
if (\is_array($order)) {
foreach ($order as $position => $billetId) {
$billet = $em->getRepository(Billet::class)->find($billetId);
if ($billet && $billet->getCategory()->getEvent()->getId() === $event->getId()) {
$billet->setPosition($position);
}
}
$em->flush();
}
return $this->json(['success' => true]);
}
#[Route('/mon-compte/evenement/{id}/invitation', name: 'app_account_event_create_invitation', methods: ['POST'])]
public function createInvitation(Event $event, Request $request, EntityManagerInterface $em, BilletOrderService $billetOrderService): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$firstName = trim($request->request->getString('first_name'));
$lastName = trim($request->request->getString('last_name'));
$email = trim($request->request->getString('email'));
$items = $request->request->all('items');
if ('' === $firstName || '' === $lastName || '' === $email || 0 === \count($items)) {
$this->addFlash('error', 'Tous les champs sont requis.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
$count = $em->getRepository(BilletBuyer::class)->count([]) + 1;
$order = new BilletBuyer();
$order->setEvent($event);
$order->setFirstName($firstName);
$order->setLastName($lastName);
$order->setEmail($email);
$order->setOrderNumber(date('Y-m-d').'-'.$count);
$order->setTotalHT(0);
$order->setIsInvitation(true);
foreach ($items as $itemData) {
$billetId = (int) ($itemData['billet_id'] ?? 0);
$qty = max(1, (int) ($itemData['quantity'] ?? 1));
$billet = $em->getRepository(Billet::class)->find($billetId);
if (!$billet || $billet->getCategory()->getEvent()->getId() !== $event->getId()) {
continue;
}
$item = new BilletBuyerItem();
$item->setBillet($billet);
$item->setBilletName($billet->getName());
$item->setQuantity($qty);
$item->setUnitPriceHT(0);
$order->addItem($item);
}
if ($order->getItems()->isEmpty()) {
$this->addFlash('error', 'Aucun billet valide selectionne.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
$em->persist($order);
$em->flush();
$billetOrderService->generateOrderTickets($order);
$tickets = $em->getRepository(BilletOrder::class)->findBy(['billetBuyer' => $order]);
foreach ($tickets as $ticket) {
$ticket->setIsInvitation(true);
}
$em->flush();
$billetOrderService->generateAndSendTickets($order);
$this->addFlash('success', 'Invitation envoyee a '.$email.'.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
#[Route('/mon-compte/evenement/{id}/invitation/{orderId}/renvoyer', name: 'app_account_event_resend_invitation', methods: ['POST'])]
public function resendInvitation(Event $event, int $orderId, EntityManagerInterface $em, BilletOrderService $billetOrderService): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
$billetOrderService->generateAndSendTickets($order);
$this->addFlash('success', 'Invitation renvoyee a '.$order->getEmail().'.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'invitations']);
}
#[Route('/mon-compte/evenement/{id}/commande/{orderId}/annuler', name: 'app_account_event_cancel_order', methods: ['POST'])]
public function cancelOrder(Event $event, int $orderId, EntityManagerInterface $em, AuditService $audit): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
$order->setStatus(BilletBuyer::STATUS_CANCELLED);
$tickets = $em->getRepository(BilletOrder::class)->findBy(['billetBuyer' => $order]);
foreach ($tickets as $ticket) {
$ticket->setState(BilletOrder::STATE_INVALID);
}
$em->flush();
$audit->log('order_cancelled', 'BilletBuyer', $order->getId(), [
'orderNumber' => $order->getOrderNumber(),
'event' => $event->getTitle(),
]);
$this->addFlash('success', 'Commande '.$order->getOrderNumber().' annulee.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'stats']);
}
/**
* @codeCoverageIgnore Requires live Stripe API
*/
#[Route('/mon-compte/evenement/{id}/commande/{orderId}/rembourser', name: 'app_account_event_refund_order', methods: ['POST'])]
public function refundOrder(Event $event, int $orderId, EntityManagerInterface $em, StripeService $stripeService, AuditService $audit): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = $em->getRepository(BilletBuyer::class)->find($orderId);
if (!$order || $order->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
if ($order->getStripeSessionId() && $user->getStripeAccountId()) {
try {
$stripeService->getClient()->refunds->create([
'payment_intent' => $order->getStripeSessionId(),
], ['stripe_account' => $user->getStripeAccountId()]);
} catch (\Exception) {
// Stripe failure is non-blocking
}
}
$order->setStatus(BilletBuyer::STATUS_REFUNDED);
$tickets = $em->getRepository(BilletOrder::class)->findBy(['billetBuyer' => $order]);
foreach ($tickets as $ticket) {
$ticket->setState(BilletOrder::STATE_INVALID);
}
$em->flush();
$audit->log('order_refunded', 'BilletBuyer', $order->getId(), [
'orderNumber' => $order->getOrderNumber(),
'event' => $event->getTitle(),
'totalHT' => $order->getTotalHTDecimal(),
]);
$this->addFlash('success', 'Commande '.$order->getOrderNumber().' remboursee.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'stats']);
}
#[Route('/mon-compte/evenement/{id}/billet-preview', name: 'app_account_event_billet_preview', methods: ['GET'])]
public function billetPreview(Event $event, Request $request): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return $this->render('account/billet_preview.html.twig', [
'event' => $event,
'user' => $user,
'bg_color' => '#ffffff',
'text_color' => '#111111',
'accent_color' => $request->query->getString('accent_color', '#4f46e5'),
'show_logo' => true,
'show_invitation' => true,
'invitation_title' => $request->query->getString('invitation_title', 'Invitation'),
'invitation_color' => $request->query->getString('invitation_color', '#d4a017'),
]);
}
#[Route('/mon-compte/evenement/{id}/billet-design', name: 'app_account_event_save_billet_design', methods: ['POST'])]
public function saveBilletDesign(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$design = $em->getRepository(BilletDesign::class)->findOneBy(['event' => $event]);
if (!$design) {
$design = new BilletDesign();
$design->setEvent($event);
$em->persist($design);
}
$design->setAccentColor($request->request->getString('accent_color', '#4f46e5'));
$design->setInvitationTitle($request->request->getString('invitation_title', 'Invitation'));
$design->setInvitationColor($request->request->getString('invitation_color', '#d4a017'));
$design->setUpdatedAt(new \DateTimeImmutable());
$em->flush();
return $this->json(['success' => true]);
}
#[Route('/mon-compte/evenement/{id}/en-ligne', name: 'app_account_toggle_event_online', methods: ['POST'])]
public function toggleEventOnline(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
if (!$event->isOnline() && (!$user->isStripeChargesEnabled() || !$user->isStripePayoutsEnabled())) {
$this->addFlash('error', 'Configuration Stripe requise pour mettre un evenement en ligne.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
$event->setIsOnline(!$event->isOnline());
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', $event->isOnline() ? 'Evenement mis en ligne.' : 'Evenement passe hors ligne.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
#[Route('/mon-compte/evenement/{id}/secret', name: 'app_account_toggle_event_secret', methods: ['POST'])]
public function toggleEventSecret(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$event->setIsSecret(!$event->isSecret());
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', $event->isSecret() ? 'Evenement marque comme secret.' : 'Evenement rendu public.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
#[Route('/mon-compte/evenement/{id}/supprimer', name: 'app_account_delete_event', methods: ['POST'])]
public function deleteEvent(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$eventIndex->removeEvent($event);
$em->remove($event);
$em->flush();
$this->addFlash('success', 'Evenement supprime.');
return $this->redirectToRoute('app_account', ['tab' => 'events']);
}
/** @codeCoverageIgnore Test helper, not used in production */
#[Route('/mon-compte/test-payout', name: 'app_account_test_payout', methods: ['POST'])]
public function testPayout(EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER') || !$user->getStripeAccountId()) {
return $this->redirectToRoute('app_account');
}
$payout = new Payout();
$payout->setOrganizer($user);
$payout->setStripePayoutId('po_test_'.bin2hex(random_bytes(8)));
$payout->setStatus('paid');
$payout->setAmount(random_int(1000, 50000));
$payout->setCurrency('eur');
$payout->setDestination('ba_test_bank');
$payout->setStripeAccountId($user->getStripeAccountId());
$payout->setArrivalDate(new \DateTimeImmutable('+2 days'));
$em->persist($payout);
$em->flush();
$this->addFlash('success', sprintf('Payout test cree : %s (%.2f EUR)', $payout->getStripePayoutId(), $payout->getAmountDecimal()));
return $this->redirectToRoute('app_account', ['tab' => 'payouts']);
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-dashboard', name: 'app_account_stripe_dashboard')]
public function stripeDashboard(StripeService $stripeService): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER') || !$user->getStripeAccountId()) {
return $this->redirectToRoute('app_account');
}
try {
$link = $stripeService->createLoginLink($user->getStripeAccountId());
return $this->redirect($link);
} catch (\Throwable $e) {
$this->addFlash('error', 'Erreur Stripe : '.$e->getMessage());
return $this->redirectToRoute('app_account');
}
}
/** @codeCoverageIgnore Generates PDF with dompdf */
#[Route('/mon-compte/payout/{id}/attestation', name: 'app_account_payout_pdf')]
public function payoutPdf(Payout $payout, PayoutPdfService $pdfService): Response
{
/** @var User $user */
$user = $this->getUser();
if ($payout->getOrganizer()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return new Response($pdfService->generate($payout), 200, [
'Content-Type' => 'application/pdf',
'Content-Disposition' => 'inline; filename="attestation_'.$payout->getStripePayoutId().'.pdf"',
]);
}
/**
* @codeCoverageIgnore Requires live Stripe API
*/
private function deleteBilletFromStripe(Billet $billet, User $user, StripeService $stripeService): void
{
if ($billet->getStripeProductId() && $user->getStripeAccountId()) {
try {
$stripeService->deleteProduct($billet->getStripeProductId(), $user->getStripeAccountId());
} catch (\Exception) {
// Stripe failure is non-blocking
}
}
}
/**
* @codeCoverageIgnore Requires live Stripe API
*/
private function syncBilletToStripe(Billet $billet, User $user, StripeService $stripeService): void
{
if (!$user->getStripeAccountId()) {
return;
}
try {
if ($billet->getStripeProductId()) {
$stripeService->updateProduct($billet, $user->getStripeAccountId());
} else {
$productId = $stripeService->createProduct($billet, $user->getStripeAccountId());
$billet->setStripeProductId($productId);
}
} catch (\Exception) {
// Stripe failure is non-blocking
}
}
/**
* @param list<BilletBuyer> $paidOrders
*
* @return array{totalHT: int, totalSold: int, billetStats: array<int, array{name: string, sold: int, revenue: int}>}
*/
private function computeEventStats(array $paidOrders): array
{
$totalHT = 0;
$totalSold = 0;
$billetStats = [];
foreach ($paidOrders as $order) {
$totalHT += $order->getTotalHT();
foreach ($order->getItems() as $item) {
$totalSold += $item->getQuantity();
$billetId = $item->getBillet()?->getId();
if (!$billetId) {
continue;
}
if (!isset($billetStats[$billetId])) {
$billetStats[$billetId] = ['name' => $item->getBilletName(), 'sold' => 0, 'revenue' => 0];
}
$billetStats[$billetId]['sold'] += $item->getQuantity();
$billetStats[$billetId]['revenue'] += $item->getLineTotalHT();
}
}
return ['totalHT' => $totalHT, 'totalSold' => $totalSold, 'billetStats' => $billetStats];
}
private function hydrateEventFromRequest(Event $event, Request $request): void
{
$event->setTitle(trim($request->request->getString('title')));
$event->setDescription(trim($request->request->getString('description')) ?: null);
$event->setStartAt(new \DateTimeImmutable($request->request->getString('start_at')));
$event->setEndAt(new \DateTimeImmutable($request->request->getString('end_at')));
$event->setAddress(trim($request->request->getString('address')));
$event->setZipcode(trim($request->request->getString('zipcode')));
$event->setCity(trim($request->request->getString('city')));
$pictureFile = $request->files->get('event_main_picture');
if ($pictureFile) {
$event->setEventMainPictureFile($pictureFile);
}
}
private function hydrateBilletFromRequest(Billet $billet, Request $request): void
{
$billet->setName(trim($request->request->getString('name')));
$billet->setPriceHT((int) round((float) $request->request->getString('price_ht') * 100));
$qty = $request->request->getString('quantity');
$billet->setQuantity('' === $qty ? null : (int) $qty);
$billet->setIsGeneratedBillet($request->request->getBoolean('is_generated_billet'));
$billet->setHasDefinedExit($request->request->getBoolean('has_defined_exit'));
$billet->setNotBuyable($request->request->getBoolean('not_buyable'));
$billet->setType($request->request->getString('type', 'billet'));
$billet->setDescription(trim($request->request->getString('description')) ?: null);
$pictureFile = $request->files->get('picture');
if ($pictureFile) {
$billet->setPictureFile($pictureFile);
}
}
}
Reference in New Issue View Git Blame Copy Permalink