mirror of
https://github.com/MarijnDoeve/TijdVoorDeTest.git
synced 2026-07-06 07:30:17 +02:00
281462fab8
* Added Gedmo stuff, fix translations * Add CSRF token validation across backoffice forms - Added CSRF validations to candidate correction, penalty, answer saving, and elimination forms. - Updated corresponding Twig templates to include CSRF token inputs. - Adjusted column count in `tab_result` template to maintain layout consistency. * Add unique index constraint for `quiz_candidate` with soft delete support - Updated migration to include a unique index on `quiz_candidate` table that excludes soft-deleted records. - Adjusted `QuizCandidate` entity to reflect the new unique constraint with `deleted_at` condition. * Add CSRF token validation for quiz-related actions - Added CSRF validation to `enableQuiz`, `clearQuiz`, `deleteQuiz`, `toggleCandidate`, and `prepareElimination` actions. - Updated Twig templates to replace links with POST forms to include CSRF tokens. - Set HTTP method restrictions for related endpoints to `POST`. * Fix unique index condition for `quiz_candidate` with soft deletes - Updated condition in unique index definition of `quiz_candidate` to add parentheses for clarity. - Adjusted related migration to reflect the revised condition. * Remove if for post an use methods in Route instead * Refactor CSRF token validation in backoffice controllers - Applied `#[IsCsrfTokenValid]` attribute for CSRF checks to simplify and standardize validation. - Removed manual `isCsrfTokenValid` calls and associated exception throwing. - Updated method signatures across affected endpoints to remove unnecessary `Request` dependency. - Ensured consistency in route HTTP method restrictions where applicable. * Add rector and phpstan * Add validation for answering incorrect quiz question - Added logic to prevent candidates from answering questions out of sequence in `QuizController`. - Updated Dutch translations to include the new error message. * Things
111 lines
2.9 KiB
PHP
111 lines
2.9 KiB
PHP
<?php
|
|
|
|
declare(strict_types=1);
|
|
|
|
namespace Tvdt\Entity;
|
|
|
|
use Doctrine\Common\Collections\ArrayCollection;
|
|
use Doctrine\Common\Collections\Collection;
|
|
use Doctrine\DBAL\Types\Types;
|
|
use Doctrine\ORM\Mapping as ORM;
|
|
use Symfony\Bridge\Doctrine\Types\UuidType;
|
|
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
|
|
use Symfony\Component\Security\Core\User\PasswordAuthenticatedUserInterface;
|
|
use Symfony\Component\Security\Core\User\UserInterface;
|
|
use Symfony\Component\Uid\Uuid;
|
|
use Tvdt\Repository\UserRepository;
|
|
|
|
#[ORM\Entity(repositoryClass: UserRepository::class)]
|
|
#[ORM\Table(name: '`user`')]
|
|
#[ORM\UniqueConstraint(name: 'UNIQ_IDENTIFIER_EMAIL', fields: ['email'])]
|
|
#[UniqueEntity(fields: ['email'], message: 'There is already an account with this email')]
|
|
class User implements UserInterface, PasswordAuthenticatedUserInterface
|
|
{
|
|
#[ORM\Column(type: UuidType::NAME, unique: true)]
|
|
#[ORM\CustomIdGenerator(class: 'doctrine.uuid_generator')]
|
|
#[ORM\GeneratedValue(strategy: 'CUSTOM')]
|
|
#[ORM\Id]
|
|
public private(set) Uuid $id;
|
|
|
|
#[ORM\Column(length: 180)]
|
|
public string $email;
|
|
|
|
/** @var list<string> The user roles */
|
|
#[ORM\Column(type: Types::JSON)]
|
|
public array $roles = [];
|
|
|
|
/** @var string The hashed password */
|
|
#[ORM\Column]
|
|
public string $password;
|
|
|
|
/** @var Collection<int, Season> */
|
|
#[ORM\ManyToMany(targetEntity: Season::class, mappedBy: 'owners')]
|
|
public private(set) Collection $seasons;
|
|
|
|
#[ORM\Column]
|
|
public bool $isVerified = false;
|
|
|
|
public bool $isAdmin {
|
|
get => \in_array('ROLE_ADMIN', $this->getRoles(), true);
|
|
}
|
|
|
|
public function __construct()
|
|
{
|
|
$this->seasons = new ArrayCollection();
|
|
}
|
|
|
|
/**
|
|
* A visual identifier that represents this user.
|
|
*
|
|
* @see UserInterface
|
|
*
|
|
* @return non-empty-string
|
|
*/
|
|
public function getUserIdentifier(): string
|
|
{
|
|
/** @var non-empty-string $identifier */
|
|
$identifier = $this->email;
|
|
|
|
return $identifier;
|
|
}
|
|
|
|
/**
|
|
* @see UserInterface
|
|
*
|
|
* @return non-empty-array<int<0, max>, string>
|
|
*/
|
|
public function getRoles(): array
|
|
{
|
|
$roles = $this->roles;
|
|
// guarantee every user at least has ROLE_USER
|
|
$roles[] = 'ROLE_USER';
|
|
|
|
return array_unique($roles);
|
|
}
|
|
|
|
/** @see PasswordAuthenticatedUserInterface */
|
|
public function getPassword(): ?string
|
|
{
|
|
return $this->password;
|
|
}
|
|
|
|
public function addSeason(Season $season): static
|
|
{
|
|
if (!$this->seasons->contains($season)) {
|
|
$this->seasons->add($season);
|
|
$season->addOwner($this);
|
|
}
|
|
|
|
return $this;
|
|
}
|
|
|
|
public function removeSeason(Season $season): static
|
|
{
|
|
if ($this->seasons->removeElement($season)) {
|
|
$season->removeOwner($this);
|
|
}
|
|
|
|
return $this;
|
|
}
|
|
}
|