src/Entity/Admin.php line 98

  1. <?php
  2. namespace App\Entity;
  4. use Doctrine\ORM\Mapping as ORM,
  5.     Doctrine\DBAL\Types\Types,
  6.     Doctrine\Common\Collections\Collection,
  7.     Doctrine\Common\Collections\ArrayCollection;
  9. use Symfony\Component\Serializer\Annotation\Groups,
  10.     Symfony\Component\Validator\Constraints as Assert,
  11.     Symfony\Component\PasswordHasher\Hasher\UserPasswordHasherInterface,
  12.     Symfony\Component\Validator\Constraint;
  14. use ApiPlatform\Metadata\ApiResource,
  15.     ApiPlatform\Metadata\ApiProperty,
  16.     ApiPlatform\Metadata\Get,
  17.     ApiPlatform\Metadata\GetCollection,
  18.     ApiPlatform\Metadata\Post,
  19.     ApiPlatform\Metadata\Put,
  20.     ApiPlatform\Metadata\Delete,
  21.     ApiPlatform\Metadata\ApiFilter,
  22.     ApiPlatform\Doctrine\Orm\Filter\SearchFilter,
  23.     ApiPlatform\Doctrine\Orm\Filter\BooleanFilter,
  24.     ApiPlatform\Doctrine\Orm\Filter\OrderFilter;
  26. use App\Entity\Trait\IdTrait,
  27.     App\Entity\Trait\UuidTrait,
  28.     App\Entity\Trait\TimestampableTrait,
  29.     App\Entity\Trait\StatTrait,
  30.     App\Entity\Interface\AdminInterface,
  31.     App\Entity\Interface\PasswordResetableInterface,
  32.     App\Repository\AdminRepository;
  34. use App\Lib\Roles,
  35.     App\Lib\ModuleRoles,
  36.     App\Lib\Actions,
  37.     App\StateProvider\AdminCollectionProvider,
  38.     App\StateProvider\ProfileProvider,
  39.     App\Security\Voter\Resource\ProfileVoter,
  40.     App\Validator\Constraints as CustomAssert,
  41.     App\Enum\JournalAdminColumn,
  42.     App\Enum\JournalArticleAdminColumn,
  43.     App\Enum\JournalArticleAdminStatsColumn,
  44.     App\Doctrine\DBAL\Types\JournalAdminColumnsType,
  45.     App\Doctrine\DBAL\Types\JournalArticleAdminColumnsType,
  46.     App\Doctrine\DBAL\Types\JournalArticleAdminStatsColumnsType;
  48. #[ApiResource(
  49.     description'Administrators',
  50.     normalizationContext: ['groups' => ['read''read:' self::class]],
  51.     denormalizationContext: ['groups' => ['write']],
  52.     order: ['createdAt' => 'desc'],
  53.     operations: [
  54.         new GetCollection(
  55.             providerAdminCollectionProvider::class,
  56.             security'is_granted("' self::class . '")'
  57.         ),
  58.         new Post(
  59.             security'is_granted("' self::class . '")',
  60.             validationContext: ['groups' => [Constraint::DEFAULT_GROUP'post']],
  61.             securityPostDenormalize'is_granted("' Actions::CREATE '", object)'
  62.         ),
  63.         new Get(
  64.             security'is_granted("' self::class . '")',
  65.             securityPostDenormalize'is_granted("' Actions::VIEW '", object)'
  66.         ),
  67.         new Put(
  68.             security'is_granted("' self::class . '")',
  69.             securityPostDenormalize'is_granted("' Actions::EDIT '", object)'
  70.         ),
  71.         new Delete(
  72.             security'is_granted("' self::class . '")',
  73.             securityPostDenormalize'is_granted("' Actions::DELETE '", object)'
  74.         ),
  75.         new Get(
  76.             uriTemplate'/profile',
  77.             providerProfileProvider::class,
  78.             securityPostDenormalize'is_granted("' ProfileVoter::ATTRIBUTE '", object)'
  79.         ),
  80.         new Put(
  81.             uriTemplate'/profile',
  82.             providerProfileProvider::class,
  83.             denormalizationContext: ['groups' => ['profile']],
  84.             securityPostDenormalize'is_granted("' ProfileVoter::ATTRIBUTE '", object)',
  85.             validationContext: ['groups' => [Constraint::DEFAULT_GROUP'profile']]
  86.         ),
  87.     ],
  88.     extraProperties: ['standard_put' => false],
  89. )]
  90. #[ApiFilter(SearchFilter::class, properties: [
  91.     'email' => 'partial',
  92.     'fullName' => 'partial',
  93.     'group.title' => 'partial'
  94. ])]
  95. #[ApiFilter(BooleanFilter::class, properties: ['stat'])]
  96. #[ApiFilter(OrderFilter::class, properties: ['email''fullName''stat''createdAt''updatedAt'])]
  97. #[ORM\Entity(repositoryClassAdminRepository::class)]
  98. class Admin implements AdminInterfacePasswordResetableInterface
  99. {
  100.     use IdTrait,
  101.         UuidTrait,
  102.         TimestampableTrait,
  103.         StatTrait;
  105.     const MAX_PREVIOUS_PASSWORDS 5;
  107.     #[ApiProperty(description'Email')]
  108.     #[Groups(['read''write'])]
  109.     #[Assert\NotBlank]
  110.     #[Assert\Email]
  111.     #[ORM\Column(typeTypes::STRINGlength191uniquetrue)]
  112.     private string $email;
  114.     #[ApiProperty(description'Persisted password')]
  115.     #[ORM\Column(typeTypes::STRINGlength255)]
  116.     private ?string $password null;
  118.     #[ApiProperty(description'New password')]
  119.     #[Groups(['write''profile'])]
  120.     #[Assert\NotBlank(groups: ['post'])]
  121.     #[Assert\Length(max50)]
  122.     #[Assert\Regex(
  123.         pattern'/^(?=.*?[A-Z])(?=.*?[a-z])(?=.*?[0-9])(?=.*?[#?!@$%^&*-\.]).{8,}$/',
  124.         match: true,
  125.         message'Password must consist of at least 8 characters (upper case, lower case, number, special character)'
  126.     )]
  127.     #[Assert\Expression(
  128.         expression'!value || this.getCurrentPassword() !== null',
  129.         message'Current password is required.'
  130.     )]
  131.     #[Assert\NotCompromisedPassword]
  132.     #[CustomAssert\User\PreviousPasswords]
  133.     private ?string $rawPassword null;
  135.     #[ApiProperty(description'Current password')]
  136.     #[Groups(['profile'])]
  137.     #[CustomAssert\User\CurrentPassword(groups: ['profile'])]
  138.     private ?string $currentPassword null;
  140.     #[ApiProperty(description'Previous passwords')]
  141.     #[ORM\Column(typeTypes::JSON)]
  142.     private array $previousPasswords = [];
  144.     #[ApiProperty(description'Name and surname')]
  145.     #[Groups(['read''write''profile'])]
  146.     #[Assert\NotBlank]
  147.     #[Assert\Length(min3)]
  148.     #[ORM\Column(typeTypes::STRINGlength255)]
  149.     private string $fullName;
  151.     #[ApiProperty(description'Last activity')]
  152.     #[Groups(['read:' self::class])]
  153.     #[ORM\Column(typeTypes::DATETIME_IMMUTABLE)]
  154.     private \DateTimeImmutable $lastActivityAt;
  156.     #[ApiProperty(description'Reset password hash')]
  157.     #[ORM\Column(typeTypes::STRINGlength255nullabletrue)]
  158.     private ?string $resetPasswordHash null;
  160.     #[ApiProperty(description'Reset password hash generated at')]
  161.     #[ORM\Column(typeTypes::DATETIME_IMMUTABLEnullabletrue)]
  162.     private ?\DateTimeImmutable $resetPasswordHashGeneratedAt null;
  164.     #[ApiProperty(description'Is password reset required (account is inactive till reset)')]
  165.     #[Groups(['read:' self::class])]
  166.     #[ORM\Column(typeTypes::BOOLEANoptions: ['default' => false])]
  167.     private bool $isPasswordResetRequired false;
  169.     #[ApiProperty(description'Is contextual hints visible')]
  170.     #[Groups(['read:' self::class, 'profile'])]
  171.     #[ORM\Column(typeTypes::BOOLEANoptions: ['default' => true])]
  172.     private bool $isContextualHintsVisible true;
  174.     #[ApiProperty(description'Visible journal admin columns'writableLinkfalse)]
  175.     #[Groups(['read:' self::class, 'write''profile'])]
  176.     #[Assert\Choice(callback: [JournalAdminColumn::class, 'cases'], multipletrue)]
  177.     #[Assert\Unique]
  178.     #[Assert\Count(min1)]
  179.     #[ORM\Column(typeJournalAdminColumnsType::NAME)]
  180.     private array $visibleJournalAdminColumns = [
  181.         JournalAdminColumn::NO,
  182.         JournalAdminColumn::WORKINGTITLE,
  183.         JournalAdminColumn::AFFILIATION,
  184.         JournalAdminColumn::PERIODICITY,
  185.         JournalAdminColumn::STAT
  186.     ];
  188.     #[ApiProperty(description'Visible journal article admin columns'writableLinkfalse)]
  189.     #[Groups(['read:' self::class, 'write''profile'])]
  190.     #[Assert\Choice(callback: [JournalArticleAdminColumn::class, 'cases'], multipletrue)]
  191.     #[Assert\Unique]
  192.     #[Assert\Count(min1)]
  193.     #[ORM\Column(typeJournalArticleAdminColumnsType::NAME)]
  194.     private array $visibleJournalArticleAdminColumns = [
  195.         JournalArticleAdminColumn::NO,
  196.         JournalArticleAdminColumn::TITLE,
  197.         JournalArticleAdminColumn::ISSUE,
  198.         JournalArticleAdminColumn::TYPE,
  199.         JournalArticleAdminColumn::SECTION,
  200.         JournalArticleAdminColumn::UPDATED_AT,
  201.         JournalArticleAdminColumn::DOI,
  202.         JournalArticleAdminColumn::FILES,
  203.         JournalArticleAdminColumn::STAT
  204.     ];
  206.     #[ApiProperty(description'Visible journal article admin stats columns'writableLinkfalse)]
  207.     #[Groups(['read:' self::class, 'write''profile'])]
  208.     #[Assert\Choice(callback: [JournalArticleAdminStatsColumn::class, 'cases'], multipletrue)]
  209.     #[Assert\Unique]
  210.     // #[Assert\Count(min: 1)]
  211.     #[ORM\Column(typeJournalArticleAdminStatsColumnsType::NAME)]
  212.     private array $visibleJournalArticleAdminStatsColumns = [
  213.         JournalArticleAdminStatsColumn::NATIVE_TITLE,
  214.         JournalArticleAdminStatsColumn::STATS_AMOUNT_OF_DOWNLOADS,
  215.         JournalArticleAdminStatsColumn::JOURNAL,
  216.         JournalArticleAdminStatsColumn::TYPE,
  217.         JournalArticleAdminStatsColumn::AUTHORS,
  218.         JournalArticleAdminStatsColumn::AUTHORS_AFFILIATIONS
  219.     ];
  221.     #[ApiProperty(description'Administration group'writableLinkfalse)]
  222.     #[Groups(['read:' self::class, 'write'])]
  223.     #[ORM\ManyToOne(targetEntityAdminGroup::class, inversedBy'members')]
  224.     #[ORM\JoinColumn(onDelete'set null')]
  225.     private ?AdminGroup $group null;
  227.     #[ApiProperty(description'Registry entries')]
  228.     #[ORM\OneToMany(targetEntityRegistryEntry::class, mappedBy'admin')]
  229.     private Collection $registryEntries;
  231.     public function __construct(string $emailstring $fullName)
  232.     {
  233.         $this->setUuid();
  235.         $this->email $email;
  236.         $this->fullName $fullName;
  238.         $this->lastActivityAt = new \DateTimeImmutable();
  240.         $this->registryEntries = new ArrayCollection();
  242.         $this->createdAt = new \DateTimeImmutable();
  243.         $this->updatedAt = new \DateTimeImmutable();
  244.     }
  246.     public function getEmail(): string
  247.     {
  248.         return $this->email;
  249.     }
  251.     public function setEmail(string $email): self
  252.     {
  253.         $this->email $email;
  255.         return $this;
  256.     }
  258.     public function getPassword(): string
  259.     {
  260.         return $this->password;
  261.     }
  263.     public function getRawPassword(): ?string
  264.     {
  265.         return $this->rawPassword;
  266.     }
  268.     public function setRawPassword(
  269.         ?string $rawPassword,
  270.         UserPasswordHasherInterface $encoder,
  271.         Admin $setBy
  272.     ): self {
  273.         if (! $rawPassword) {
  274.             return $this;
  275.         }
  277.         $this->rawPassword $rawPassword;
  278.         $this->password $encoder->hashPassword($this$rawPassword);
  280.         if (count($this->previousPasswords) >= self::MAX_PREVIOUS_PASSWORDS) {
  281.             $this->previousPasswords array_slice($this->previousPasswords1);
  282.         }
  284.         $this->previousPasswords[] = password_hash($rawPasswordPASSWORD_DEFAULT);
  286.         $this->isPasswordResetRequired $setBy->getUuid() !== $this->getUuid();
  288.         $this->resetPasswordHash null;
  289.         $this->resetPasswordHashGeneratedAt null;
  291.         return $this;
  292.     }
  294.     public function setHashedPassword(string $hashedPassword): self
  295.     {
  296.         $this->password $hashedPassword;
  298.         return $this;
  299.     }
  301.     public function getCurrentPassword(): ?string
  302.     {
  303.         return $this->currentPassword;
  304.     }
  306.     public function setCurrentPassword(?string $currentPassword): self
  307.     {
  308.         $this->currentPassword $currentPassword;
  310.         return $this;
  311.     }
  313.     public function getPreviousPasswords(): array
  314.     {
  315.         return $this->previousPasswords;
  316.     }
  318.     public function getFullName(): string
  319.     {
  320.         return $this->fullName;
  321.     }
  323.     public function setFullName(string $fullName): self
  324.     {
  325.         $this->fullName $fullName;
  327.         return $this;
  328.     }
  330.     public function getLastActivityAt(): \DateTimeImmutable
  331.     {
  332.         return $this->lastActivityAt;
  333.     }
  335.     public function setLastActivityAt(\DateTimeImmutable $lastActivityAt): self
  336.     {
  337.         $this->lastActivityAt $lastActivityAt;
  339.         return $this;
  340.     }
  342.     public function getUsername(): string
  343.     {
  344.         return $this->email;
  345.     }
  347.     public function getUserIdentifier(): string
  348.     {
  349.         return $this->email;
  350.     }
  352.     public function getRoles(): array
  353.     {
  354.         $roles = [Roles::ROLE_ADMIN];
  356.         if (! $this->group?->getStat()) {
  357.             return $roles;
  358.         }
  360.         if ($this->group->getIsOpenform()) {
  361.             $roles[] = Roles::ROLE_OPENFORM;
  363.             return $roles;
  364.         }
  366.         if ($this->group->getIsSuperAdmin()) {
  367.             $roles[] = Roles::ROLE_SUPER_ADMIN;
  369.             return $roles;
  370.         }
  372.         foreach ($this->group->getFullyQualifiedResourceAccess() as $resourceAccess) {
  373.             switch(true) {
  374.                 case defined(ModuleRoles::class . '::ROLE_MODULE_' strtoupper($resourceAccess)):
  375.                     return constant(ModuleRoles::class . '::ROLE_MODULE_' strtoupper($resourceAccess));
  376.                 case class_exists($resourceAccess):
  377.                     $roles[] = str_replace('\\'''$resourceAccess);
  378.                 default:
  379.                     throw new \Exception('Resource access is invalid.');
  380.             }
  382.             $roles[] = str_replace('\\'''$resourceAccess);
  383.         }
  385.         return $roles;
  386.     }
  388.     public function getSalt(): ?string
  389.     {
  390.         return null;
  391.     }
  393.     public function eraseCredentials(): void
  394.     {
  395.         return;
  396.     }
  398.     public function setResetPasswordHash(string $hash): self
  399.     {
  400.         $this->resetPasswordHash $hash;
  401.         $this->resetPasswordHashGeneratedAt = new \DateTimeImmutable();
  403.         return $this;
  404.     }
  406.     public function getResetPasswordHash(): ?string
  407.     {
  408.         return $this->resetPasswordHash;
  409.     }
  411.     public function getResetPasswordHashGeneratedAt(): ?\DateTimeImmutable
  412.     {
  413.         return $this->resetPasswordHashGeneratedAt;
  414.     }
  416.     public function getIsPasswordResetRequired(): bool
  417.     {
  418.         return $this->isPasswordResetRequired;
  419.     }
  421.     public function setIsPasswordResetRequired(bool $isPasswordResetRequired): self
  422.     {
  423.         $this->isPasswordResetRequired $isPasswordResetRequired;
  425.         return $this;
  426.     }
  428.     public function getIsContextualHintsVisible(): bool
  429.     {
  430.         return $this->isContextualHintsVisible;
  431.     }
  433.     public function setIsContextualHintsVisible(bool $isContextualHintsVisible): self
  434.     {
  435.         $this->isContextualHintsVisible $isContextualHintsVisible;
  437.         return $this;
  438.     }
  440.     public function getVisibleJournalAdminColumns(): array
  441.     {
  442.         return $this->visibleJournalAdminColumns;
  443.     }
  445.     public function setVisibleJournalAdminColumns(array $visibleJournalAdminColumns): self
  446.     {
  447.         $this->visibleJournalAdminColumns $visibleJournalAdminColumns;
  449.         return $this;
  450.     }
  452.     public function getVisibleJournalArticleAdminColumns(): array
  453.     {
  454.         return $this->visibleJournalArticleAdminColumns;
  455.     }
  457.     public function setVisibleJournalArticleAdminColumns(array $visibleJournalArticleAdminColumns): self
  458.     {
  459.         $this->visibleJournalArticleAdminColumns $visibleJournalArticleAdminColumns;
  461.         return $this;
  462.     }
  464.     public function getVisibleJournalArticleAdminStatsColumns(): array
  465.     {
  466.         return $this->visibleJournalArticleAdminStatsColumns;
  467.     }
  469.     public function setVisibleJournalArticleAdminStatsColumns(array $visibleJournalArticleAdminStatsColumns): self
  470.     {
  471.         $this->visibleJournalArticleAdminStatsColumns $visibleJournalArticleAdminStatsColumns;
  473.         return $this;
  474.     }
  476.     public function getGroup(): ?AdminGroup
  477.     {
  478.         return $this->group;
  479.     }
  481.     public function setGroup(?AdminGroup $group): self
  482.     {
  483.         $this->group $group;
  485.         return $this;
  486.     }
  488.     public function getRegistryEntries(): Collection
  489.     {
  490.         return $this->registryEntries;
  491.     }
  493.     public function addRegistryEntry(RegistryEntry $registryEntry): self
  494.     {
  495.         if ($this->registryEntries->contains($registryEntry)) {
  496.             return $this;
  497.         }
  499.         $this->registryEntries[] = $registryEntry;
  501.         return $this;
  502.     }
  504.     public function removeRegistryEntry(RegistryEntry $registryEntry): self
  505.     {
  506.         $this->registryEntries->removeElement($registryEntry);
  508.         return $this;
  509.     }
  510. }