admin/e-ticket
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2bce4f1916d8f4bb161c172b101e9890a8a5b06
e-ticket/src/Controller/AccountController.php
Serreau Jovann f2bce4f191 Sortable tests, deduplicate event hydration, disable php:S1448 
- Add sortable.js tests (12 tests): drag/drop, reorder, early returns, edge cases
- Use target.before()/after() instead of list.insertBefore() in sortable.js
- Extract hydrateEventFromRequest() to eliminate duplicated code in createEvent/editEvent
- Disable SonarQube rule php:S1448 (too many methods per class)

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-21 10:12:17 +01:00

664 lines
26 KiB
PHP
Raw Blame History

<?php
namespace App\Controller;
use App\Entity\Category;
use App\Entity\Event;
use App\Entity\Payout;
use App\Entity\User;
use App\Service\EventIndexService;
use App\Service\MailerService;
use App\Service\PayoutPdfService;
use App\Service\StripeService;
use Doctrine\ORM\EntityManagerInterface;
use Knp\Component\Pager\PaginatorInterface;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface;
use Symfony\Component\Routing\Attribute\Route;
use Symfony\Component\Security\Http\Attribute\IsGranted;
#[IsGranted('ROLE_USER')]
class AccountController extends AbstractController
{
private const BREADCRUMB_HOME = ['name' => 'Accueil', 'url' => '/'];
private const BREADCRUMB_ACCOUNT = ['name' => 'Mon compte', 'url' => '/mon-compte'];
#[Route('/mon-compte', name: 'app_account')]
public function index(Request $request, StripeService $stripeService, EntityManagerInterface $em, PaginatorInterface $paginator, EventIndexService $eventIndex): Response
{
/** @var User $user */
$user = $this->getUser();
$isOrganizer = $this->isGranted('ROLE_ORGANIZER');
$defaultTab = $isOrganizer ? 'events' : 'tickets';
$tab = $request->query->getString('tab', $defaultTab);
if ($isOrganizer && $user->getStripeAccountId() && (!$user->isStripeChargesEnabled() || !$user->isStripePayoutsEnabled())) {
try { // @codeCoverageIgnoreStart
$account = $stripeService->getClient()->accounts->retrieve($user->getStripeAccountId());
$user->setStripeChargesEnabled((bool) $account->charges_enabled);
$user->setStripePayoutsEnabled((bool) $account->payouts_enabled);
$em->flush();
} catch (\Throwable) {
// Stripe API unavailable, keep current status
} // @codeCoverageIgnoreEnd
}
$payouts = [];
$subAccounts = [];
$events = [];
if ($isOrganizer) {
$payouts = $em->getRepository(Payout::class)->findBy(
['organizer' => $user],
['createdAt' => 'DESC'],
);
$subAccounts = $em->getRepository(User::class)->findBy(
['parentOrganizer' => $user],
['createdAt' => 'DESC'],
);
$searchQuery = $request->query->getString('q', '');
$eventsQuery = $eventIndex->searchEvents('event_'.$user->getId(), $searchQuery, ['account' => $user]);
$events = $paginator->paginate($eventsQuery, $request->query->getInt('page', 1), 10);
}
return $this->render('account/index.html.twig', [
'tab' => $tab,
'isOrganizer' => $isOrganizer,
'payouts' => $payouts,
'subAccounts' => $subAccounts,
'events' => $events,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
],
]);
}
#[Route('/mon-compte/parametres', name: 'app_account_settings', methods: ['POST'])]
public function settings(Request $request, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
$isOrganizer = $this->isGranted('ROLE_ORGANIZER');
if (!$isOrganizer) {
$user->setFirstName(trim($request->request->getString('first_name')));
$user->setLastName(trim($request->request->getString('last_name')));
}
$user->setEmail(trim($request->request->getString('email')));
$user->setPhone(trim($request->request->getString('phone')));
if (!$isOrganizer) {
$user->setAddress(trim($request->request->getString('address')));
$user->setPostalCode(trim($request->request->getString('postal_code')));
$user->setCity(trim($request->request->getString('city')));
}
if ($isOrganizer) {
$user->setWebsite(trim($request->request->getString('website')));
$user->setFacebook(trim($request->request->getString('facebook')));
$user->setInstagram(trim($request->request->getString('instagram')));
$user->setTwitter(trim($request->request->getString('twitter')));
$user->setTiktok(trim($request->request->getString('tiktok')));
$logoFile = $request->files->get('logo');
if ($logoFile) {
$user->setLogoFile($logoFile);
}
}
$em->flush();
$this->addFlash('success', 'Parametres mis a jour.');
return $this->redirectToRoute('app_account', ['tab' => 'settings']);
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-connect', name: 'app_account_stripe_connect')]
public function stripeConnect(StripeService $stripeService, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER')) {
return $this->redirectToRoute('app_account');
}
try {
if (!$user->getStripeAccountId()) {
$accountId = $stripeService->createAccountConnect($user);
$user->setStripeAccountId($accountId);
$user->setStripeStatus('started');
$em->flush();
}
$link = $stripeService->createAccountLink($user->getStripeAccountId());
return $this->redirect($link);
} catch (\Throwable $e) {
$this->addFlash('error', 'Erreur lors de la connexion a Stripe : '.$e->getMessage());
return $this->redirectToRoute('app_account');
}
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-cancel', name: 'app_account_stripe_cancel', methods: ['POST'])]
public function stripeCancel(StripeService $stripeService, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($this->isGranted('ROLE_ORGANIZER') && $user->getStripeAccountId()) {
try {
$stripeService->deleteAccount($user->getStripeAccountId());
} catch (\Throwable) {
// Account may already be deleted on Stripe side
}
$user->setStripeAccountId(null);
$user->setStripeChargesEnabled(false);
$user->setStripePayoutsEnabled(false);
$em->flush();
$this->addFlash('success', 'Compte Stripe cloture.');
}
return $this->redirectToRoute('app_account');
}
#[Route('/stripe/connect/return', name: 'app_stripe_connect_return')]
public function stripeConnectReturn(): Response
{
$this->addFlash('success', 'Configuration Stripe terminee.');
return $this->redirectToRoute('app_account');
}
#[Route('/stripe/connect/refresh', name: 'app_stripe_connect_refresh')]
public function stripeConnectRefresh(): Response
{
return $this->redirectToRoute('app_account_stripe_connect');
}
#[Route('/mon-compte/sous-compte/creer', name: 'app_account_create_subaccount', methods: ['POST'])]
public function createSubAccount(Request $request, EntityManagerInterface $em, UserPasswordHasherInterface $passwordHasher, MailerService $mailerService): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER')) {
return $this->redirectToRoute('app_account');
}
$plainPassword = bin2hex(random_bytes(8));
$subAccount = new User();
$subAccount->setFirstName(trim($request->request->getString('first_name')));
$subAccount->setLastName(trim($request->request->getString('last_name')));
$subAccount->setEmail(trim($request->request->getString('email')));
$subAccount->setPassword($passwordHasher->hashPassword($subAccount, $plainPassword));
$subAccount->setIsVerified(true);
$subAccount->setEmailVerifiedAt(new \DateTimeImmutable());
$subAccount->setParentOrganizer($user);
$permissions = $request->request->all('permissions');
$subAccount->setSubAccountPermissions($permissions);
$em->persist($subAccount);
$em->flush();
$mailerService->sendEmail(
to: $subAccount->getEmail(),
subject: 'Votre sous-compte E-Ticket a ete cree',
content: $this->renderView('email/subaccount_created.html.twig', [
'firstName' => $subAccount->getFirstName(),
'organizerName' => $user->getCompanyName() ?? $user->getFirstName().' '.$user->getLastName(),
'email' => $subAccount->getEmail(),
'password' => $plainPassword,
'permissions' => $permissions,
]),
withUnsubscribe: false,
);
$this->addFlash('success', sprintf('Sous-compte %s %s cree.', $subAccount->getFirstName(), $subAccount->getLastName()));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/sous-compte/{id}', name: 'app_account_edit_subaccount_page', methods: ['GET'])]
public function editSubAccountPage(User $subAccount): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return $this->render('account/edit_subaccount.html.twig', [
'subAccount' => $subAccount,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => 'Sous-compte', 'url' => self::BREADCRUMB_ACCOUNT['url'].'/sous-compte/'.$subAccount->getId()],
],
]);
}
#[Route('/mon-compte/sous-compte/{id}/modifier', name: 'app_account_edit_subaccount', methods: ['POST'])]
public function editSubAccount(User $subAccount, Request $request, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$permissions = $request->request->all('permissions');
$subAccount->setSubAccountPermissions($permissions);
$subAccount->setFirstName(trim($request->request->getString('first_name')));
$subAccount->setLastName(trim($request->request->getString('last_name')));
$subAccount->setEmail(trim($request->request->getString('email')));
$em->flush();
$this->addFlash('success', sprintf('Sous-compte %s %s mis a jour.', $subAccount->getFirstName(), $subAccount->getLastName()));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/sous-compte/{id}/supprimer', name: 'app_account_delete_subaccount', methods: ['POST'])]
public function deleteSubAccount(User $subAccount, EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if ($subAccount->getParentOrganizer()?->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$name = sprintf('%s %s', $subAccount->getFirstName(), $subAccount->getLastName());
$em->remove($subAccount);
$em->flush();
$this->addFlash('success', sprintf('Sous-compte %s supprime.', $name));
return $this->redirectToRoute('app_account', ['tab' => 'subaccounts']);
}
#[Route('/mon-compte/evenement/creer', name: 'app_account_create_event', methods: ['GET', 'POST'])]
public function createEvent(Request $request, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($request->isMethod('POST')) {
$event = new Event();
$event->setAccount($user);
$this->hydrateEventFromRequest($event, $request);
$em->persist($event);
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', 'Evenement cree avec succes.');
return $this->redirectToRoute('app_account', ['tab' => 'events']);
}
return $this->render('account/create_event.html.twig', [
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => 'Creer un evenement', 'url' => '/mon-compte/evenement/creer'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/modifier', name: 'app_account_edit_event', methods: ['GET', 'POST'])]
public function editEvent(Event $event, Request $request, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
if ($request->isMethod('POST')) {
$this->hydrateEventFromRequest($event, $request);
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', 'Evenement modifie avec succes.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
$categories = $em->getRepository(Category::class)->findBy(
['event' => $event],
['position' => 'ASC'],
);
return $this->render('account/edit_event.html.twig', [
'event' => $event,
'categories' => $categories,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => '/mon-compte/evenement/'.$event->getId().'/modifier'],
],
]);
}
#[Route('/mon-compte/evenement/{id}/categorie/ajouter', name: 'app_account_event_add_category', methods: ['POST'])]
public function addCategory(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$name = trim($request->request->getString('name'));
if ('' === $name) {
$this->addFlash('error', 'Le nom de la categorie est requis.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
$maxPosition = $em->getRepository(Category::class)->count(['event' => $event]);
$category = new Category();
$category->setName($name);
$category->setEvent($event);
$category->setPosition($maxPosition);
$startAt = $request->request->getString('start_at');
if ('' !== $startAt) {
$category->setStartAt(new \DateTimeImmutable($startAt));
}
$endAt = $request->request->getString('end_at');
if ('' !== $endAt) {
$category->setEndAt(new \DateTimeImmutable($endAt));
}
if ($category->getEndAt() < $category->getStartAt()) {
$category->setEndAt($category->getStartAt()->modify('+30 days'));
}
$em->persist($category);
$em->flush();
$this->addFlash('success', sprintf('Categorie "%s" ajoutee.', $name));
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
#[Route('/mon-compte/evenement/{id}/categorie/{categoryId}/modifier', name: 'app_account_event_edit_category', methods: ['GET', 'POST'])]
public function editCategory(Event $event, int $categoryId, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if (!$category || $category->getEvent()->getId() !== $event->getId()) {
throw $this->createNotFoundException();
}
if ($request->isMethod('POST')) {
$category->setName(trim($request->request->getString('name')));
$startAt = $request->request->getString('start_at');
if ('' !== $startAt) {
$category->setStartAt(new \DateTimeImmutable($startAt));
}
$endAt = $request->request->getString('end_at');
if ('' !== $endAt) {
$category->setEndAt(new \DateTimeImmutable($endAt));
}
if ($category->getEndAt() < $category->getStartAt()) {
$category->setEndAt($category->getStartAt()->modify('+30 days'));
}
$category->setIsHidden($request->request->getBoolean('is_hidden'));
$em->flush();
$this->addFlash('success', 'Categorie modifiee.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
return $this->render('account/edit_category.html.twig', [
'event' => $event,
'category' => $category,
'breadcrumbs' => [
self::BREADCRUMB_HOME,
self::BREADCRUMB_ACCOUNT,
['name' => $event->getTitle(), 'url' => '/mon-compte/evenement/'.$event->getId().'/modifier?tab=categories'],
['name' => $category->getName(), 'url' => ''],
],
]);
}
#[Route('/mon-compte/evenement/{id}/categorie/{categoryId}/supprimer', name: 'app_account_event_delete_category', methods: ['POST'])]
public function deleteCategory(Event $event, int $categoryId, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$category = $em->getRepository(Category::class)->find($categoryId);
if ($category && $category->getEvent()->getId() === $event->getId()) {
$em->remove($category);
$em->flush();
$this->addFlash('success', 'Categorie supprimee.');
}
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId(), 'tab' => 'categories']);
}
#[Route('/mon-compte/evenement/{id}/categorie/reorder', name: 'app_account_event_reorder_categories', methods: ['POST'])]
public function reorderCategories(Event $event, Request $request, EntityManagerInterface $em): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$order = json_decode($request->getContent(), true);
if (\is_array($order)) {
foreach ($order as $position => $categoryId) {
$category = $em->getRepository(Category::class)->find($categoryId);
if ($category && $category->getEvent()->getId() === $event->getId()) {
$category->setPosition($position);
}
}
$em->flush();
}
return $this->json(['success' => true]);
}
#[Route('/mon-compte/evenement/{id}/en-ligne', name: 'app_account_toggle_event_online', methods: ['POST'])]
public function toggleEventOnline(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
if (!$event->isOnline() && (!$user->isStripeChargesEnabled() || !$user->isStripePayoutsEnabled())) {
$this->addFlash('error', 'Configuration Stripe requise pour mettre un evenement en ligne.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
$event->setIsOnline(!$event->isOnline());
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', $event->isOnline() ? 'Evenement mis en ligne.' : 'Evenement passe hors ligne.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
#[Route('/mon-compte/evenement/{id}/secret', name: 'app_account_toggle_event_secret', methods: ['POST'])]
public function toggleEventSecret(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$event->setIsSecret(!$event->isSecret());
$em->flush();
$eventIndex->indexEvent($event);
$this->addFlash('success', $event->isSecret() ? 'Evenement marque comme secret.' : 'Evenement rendu public.');
return $this->redirectToRoute('app_account_edit_event', ['id' => $event->getId()]);
}
#[Route('/mon-compte/evenement/{id}/supprimer', name: 'app_account_delete_event', methods: ['POST'])]
public function deleteEvent(Event $event, EntityManagerInterface $em, EventIndexService $eventIndex): Response
{
$this->denyAccessUnlessGranted('ROLE_ORGANIZER');
/** @var User $user */
$user = $this->getUser();
if ($event->getAccount()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
$eventIndex->removeEvent($event);
$em->remove($event);
$em->flush();
$this->addFlash('success', 'Evenement supprime.');
return $this->redirectToRoute('app_account', ['tab' => 'events']);
}
/** @codeCoverageIgnore Test helper, not used in production */
#[Route('/mon-compte/test-payout', name: 'app_account_test_payout', methods: ['POST'])]
public function testPayout(EntityManagerInterface $em): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER') || !$user->getStripeAccountId()) {
return $this->redirectToRoute('app_account');
}
$payout = new Payout();
$payout->setOrganizer($user);
$payout->setStripePayoutId('po_test_'.bin2hex(random_bytes(8)));
$payout->setStatus('paid');
$payout->setAmount(random_int(1000, 50000));
$payout->setCurrency('eur');
$payout->setDestination('ba_test_bank');
$payout->setStripeAccountId($user->getStripeAccountId());
$payout->setArrivalDate(new \DateTimeImmutable('+2 days'));
$em->persist($payout);
$em->flush();
$this->addFlash('success', sprintf('Payout test cree : %s (%.2f EUR)', $payout->getStripePayoutId(), $payout->getAmountDecimal()));
return $this->redirectToRoute('app_account', ['tab' => 'payouts']);
}
/** @codeCoverageIgnore Requires live Stripe API */
#[Route('/mon-compte/stripe-dashboard', name: 'app_account_stripe_dashboard')]
public function stripeDashboard(StripeService $stripeService): Response
{
/** @var User $user */
$user = $this->getUser();
if (!$this->isGranted('ROLE_ORGANIZER') || !$user->getStripeAccountId()) {
return $this->redirectToRoute('app_account');
}
try {
$link = $stripeService->createLoginLink($user->getStripeAccountId());
return $this->redirect($link);
} catch (\Throwable $e) {
$this->addFlash('error', 'Erreur Stripe : '.$e->getMessage());
return $this->redirectToRoute('app_account');
}
}
/** @codeCoverageIgnore Generates PDF with dompdf */
#[Route('/mon-compte/payout/{id}/attestation', name: 'app_account_payout_pdf')]
public function payoutPdf(Payout $payout, PayoutPdfService $pdfService): Response
{
/** @var User $user */
$user = $this->getUser();
if ($payout->getOrganizer()->getId() !== $user->getId()) {
throw $this->createAccessDeniedException();
}
return new Response($pdfService->generate($payout), 200, [
'Content-Type' => 'application/pdf',
'Content-Disposition' => 'inline; filename="attestation_'.$payout->getStripePayoutId().'.pdf"',
]);
}
private function hydrateEventFromRequest(Event $event, Request $request): void
{
$event->setTitle(trim($request->request->getString('title')));
$event->setDescription(trim($request->request->getString('description')) ?: null);
$event->setStartAt(new \DateTimeImmutable($request->request->getString('start_at')));
$event->setEndAt(new \DateTimeImmutable($request->request->getString('end_at')));
$event->setAddress(trim($request->request->getString('address')));
$event->setZipcode(trim($request->request->getString('zipcode')));
$event->setCity(trim($request->request->getString('city')));
$pictureFile = $request->files->get('event_main_picture');
if ($pictureFile) {
$event->setEventMainPictureFile($pictureFile);
}
}
}
Reference in New Issue View Git Blame Copy Permalink