<?php
namespace Suzuki\AccountBundle\Controller;
use Exception;
use Sonata\AdminBundle\Controller\CRUDController;
use Sonata\AdminBundle\Datagrid\ProxyQueryInterface;
use Suzuki\AccountBundle\Entity\DealerShip;
use Suzuki\AccountBundle\Entity\User;
use Suzuki\CoreBundle\Helpers\CoreHelper;
use Suzuki\SettingBundle\Constants\Constants;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException;
use function in_array;
/**
* Class AccountController
*
* @package Suzuki\AccountBundle\Controller
*/
class AccountController extends CRUDController
{
/**
* @param int|string|null $id
*
* @return RedirectResponse|Response
*/
public function deleteAction($id)
{
$request = $this->getRequest();
$id = $request->get($this->admin->getIdParameter());
$object = $this->admin->getObject($id);
if ( !$object) {
throw $this->createNotFoundException(
sprintf(
'unable to find the object with id: %s',
$id
)
);
}
$currentUserId = $this->getUser()->getId(); // ID of the current user
if ($currentUserId == $id) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return $this->redirectTo($object);
}
return parent::deleteAction($id);
}
/**
* @param ProxyQueryInterface $query
*
* @return RedirectResponse
*/
public function batchActionDelete(ProxyQueryInterface $query)
{
$currentUserId = $this->getUser()->getId(); // ID of the current user
$selectedUsers = $query->execute();
foreach ($selectedUsers as $selectedUser) {
if ($selectedUser->getId() == $currentUserId) {
$this->addFlash(
'sonata_flash_error',
'You cannot delete your own account.'
);
return new RedirectResponse(
$this->admin->generateUrl(
'list',
['filter' => $this->admin->getFilterParameters()]
)
);
}
}
return parent::batchActionDelete($query);
}
/**
* @param null $id
*
* @return RedirectResponse|Response
* @throws Exception
*/
public function editAction($id = NULL)
{
$user = $this->getUser();
$coreHelper = new CoreHelper();
$isAdmin = in_array(Constants::ROLE_ADMIN, $user->getRoles());
$isSuperAdmin = in_array(Constants::ROLE_SUPER_ADMIN, $user->getRoles());
$em = $this->container->get('doctrine.orm.entity_manager');
$userRepo = $em->getRepository(User::class);
$targetUser = $userRepo->find($id);
if ($isAdmin && in_array(Constants::ROLE_SUPER_ADMIN, $targetUser->getRoles())) {
throw new AccessDeniedHttpException("Access Denied");
}
if ( !$isSuperAdmin && !$isAdmin) {
$isAccess = 1;
switch (TRUE) {
case $id == $user->getID():
$isAccess = 1;
break;
case in_array(
Constants::ROLE_REGION_MANAGER,
$user->getRoles()
):
if ( !empty($user->getRegion())) {
$isAccess = count(
$this->getDoctrine()
->getRepository(User::class)
->checkAccessEditForm(
$id,
$user->getRegion()
->getID()
)
);
}
break;
case in_array(Constants::ROLE_DEALER, $user->getRoles()):
if ( !empty($user->getDealerShip())) {
$isAccess = count(
$this->getDoctrine()
->getRepository(User::class)
->checkAccessEditForm(
$id,
NULL,
$coreHelper->getAllIdByObject(
$user,
'getDealerShip'
)
)
);
}
break;
case in_array(Constants::ROLE_SELLER, $user->getRoles()):
$isAccess = 0;
break;
default:
$isAccess = 0;
}
if ($isAccess == 0) {
throw new AccessDeniedHttpException("Access Denied");
}
}
return parent::editAction($id);
}
/**
* @param Request $request
*
* @return Response
*/
public function getDealerShipByRegionAction(Request $request)
{
$html = "";
$regionId = $request->request->get('regionId');
$userId = $request->request->get('userId');
$dealerShip = $this->getDoctrine()
->getRepository(DealerShip::class)
->getDealerShipEqualRegionVente($regionId);
$dealerShipByUser = $this->getDoctrine()
->getRepository(DealerShip::class)
->getDealerShipByUser($userId);
$dealerShipByUser = array_column($dealerShipByUser, 'id');
foreach ($dealerShip as $item) {
$title = 'Suzuki - ' .
$item->getReasonSocial() .
', ' .
trim($item->getAdr3() . ' ' . $item->getAdr4() . ' ' . $item->getAdr4()) .
', ' .
$item->getCodePostal() . ' ' . $item->getVille();
$html .= '<option ' . (in_array(
$item->getId(),
$dealerShipByUser
) ? 'selected="selected"' : "") . ' value="' . $item->getId() . '" >' . $title . '</option>';
}
return new Response($html, 200);
}
}