Files
TijdVoorDeTest/src/Entity/User.php
T
Marijn 281462fab8 Added Gedmo stuff, fix translations (#117)
* Added Gedmo stuff, fix translations

* Add CSRF token validation across backoffice forms

- Added CSRF validations to candidate correction, penalty, answer saving, and elimination forms.
- Updated corresponding Twig templates to include CSRF token inputs.
- Adjusted column count in `tab_result` template to maintain layout consistency.

* Add unique index constraint for `quiz_candidate` with soft delete support

- Updated migration to include a unique index on `quiz_candidate` table that excludes soft-deleted records.
- Adjusted `QuizCandidate` entity to reflect the new unique constraint with `deleted_at` condition.

* Add CSRF token validation for quiz-related actions

- Added CSRF validation to `enableQuiz`, `clearQuiz`, `deleteQuiz`, `toggleCandidate`, and `prepareElimination` actions.
- Updated Twig templates to replace links with POST forms to include CSRF tokens.
- Set HTTP method restrictions for related endpoints to `POST`.

* Fix unique index condition for `quiz_candidate` with soft deletes

- Updated condition in unique index definition of `quiz_candidate` to add parentheses for clarity.
- Adjusted related migration to reflect the revised condition.

* Remove if for post an use methods in Route instead

* Refactor CSRF token validation in backoffice controllers

- Applied `#[IsCsrfTokenValid]` attribute for CSRF checks to simplify and standardize validation.
- Removed manual `isCsrfTokenValid` calls and associated exception throwing.
- Updated method signatures across affected endpoints to remove unnecessary `Request` dependency.
- Ensured consistency in route HTTP method restrictions where applicable.

* Add rector and phpstan

* Add validation for answering incorrect quiz question

- Added logic to prevent candidates from answering questions out of sequence in `QuizController`.
- Updated Dutch translations to include the new error message.

* Things
2026-05-24 19:43:30 +02:00

111 lines
2.9 KiB
PHP

<?php
declare(strict_types=1);
namespace Tvdt\Entity;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\Common\Collections\Collection;
use Doctrine\DBAL\Types\Types;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Types\UuidType;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Uid\Uuid;
use Tvdt\Repository\UserRepository;
#[ORM\Entity(repositoryClass: UserRepository::class)]
#[ORM\Table(name: '`user`')]
#[ORM\UniqueConstraint(name: 'UNIQ_IDENTIFIER_EMAIL', fields: ['email'])]
#[UniqueEntity(fields: ['email'], message: 'There is already an account with this email')]
class User implements UserInterface, PasswordAuthenticatedUserInterface
{
#[ORM\Column(type: UuidType::NAME, unique: true)]
#[ORM\CustomIdGenerator(class: 'doctrine.uuid_generator')]
#[ORM\GeneratedValue(strategy: 'CUSTOM')]
#[ORM\Id]
public private(set) Uuid $id;
#[ORM\Column(length: 180)]
public string $email;
/** @var list<string> The user roles */
#[ORM\Column(type: Types::JSON)]
public array $roles = [];
/** @var string The hashed password */
#[ORM\Column]
public string $password;
/** @var Collection<int, Season> */
#[ORM\ManyToMany(targetEntity: Season::class, mappedBy: 'owners')]
public private(set) Collection $seasons;
#[ORM\Column]
public bool $isVerified = false;
public bool $isAdmin {
get => \in_array('ROLE_ADMIN', $this->getRoles(), true);
}
public function __construct()
{
$this->seasons = new ArrayCollection();
}
/**
* A visual identifier that represents this user.
*
* @see UserInterface
*
* @return non-empty-string
*/
public function getUserIdentifier(): string
{
/** @var non-empty-string $identifier */
$identifier = $this->email;
return $identifier;
}
/**
* @see UserInterface
*
* @return non-empty-array<int<0, max>, string>
*/
public function getRoles(): array
{
$roles = $this->roles;
// guarantee every user at least has ROLE_USER
$roles[] = 'ROLE_USER';
return array_unique($roles);
}
/** @see PasswordAuthenticatedUserInterface */
public function getPassword(): ?string
{
return $this->password;
}
public function addSeason(Season $season): static
{
if (!$this->seasons->contains($season)) {
$this->seasons->add($season);
$season->addOwner($this);
}
return $this;
}
public function removeSeason(Season $season): static
{
if ($this->seasons->removeElement($season)) {
$season->removeOwner($this);
}
return $this;
}
}