src/Controller/AccountB2CController.php line 459

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Enterprise License (PEL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PEL
  14.  */
  16. namespace App\Controller;
  18. use App\EventListener\AuthenticationLoginListener;
  19. use App\Form\LoginFormType;
  20. use App\Form\RegistrationFormHandler;
  21. use App\Form\RegistrationFormType;
  22. use App\Model\Customer;
  23. use App\Services\NewsletterDoubleOptInService;
  24. use App\Services\PasswordRecoveryService;
  25. use CustomerManagementFrameworkBundle\CustomerProvider\CustomerProviderInterface;
  26. use CustomerManagementFrameworkBundle\CustomerSaveValidator\Exception\DuplicateCustomerException;
  27. use CustomerManagementFrameworkBundle\Model\CustomerInterface;
  28. use CustomerManagementFrameworkBundle\Security\Authentication\LoginManagerInterface;
  29. use CustomerManagementFrameworkBundle\Security\OAuth\Exception\AccountNotLinkedException;
  30. use CustomerManagementFrameworkBundle\Security\OAuth\OAuthRegistrationHandler;
  31. use CustomerManagementFrameworkBundle\Security\SsoIdentity\SsoIdentityServiceInterface;
  32. use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
  33. use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
  34. use Pimcore\Bundle\EcommerceFrameworkBundle\Factory;
  35. use Pimcore\Bundle\EcommerceFrameworkBundle\OrderManager\Order\Listing\Filter\CustomerObject;
  36. use Pimcore\DataObject\Consent\Service;
  37. use Pimcore\Translation\Translator;
  38. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
  39. use Symfony\Component\HttpFoundation\RedirectResponse;
  40. use Symfony\Component\HttpFoundation\Request;
  41. use Symfony\Component\HttpFoundation\Response;
  42. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  43. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  44. use Symfony\Component\Routing\Annotation\Route;
  45. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  46. use Symfony\Component\Security\Core\User\UserInterface;
  47. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  48. use Symfony\Component\Uid\Uuid;
  49. use App\Model\Order;
  50. use App\Model\QuoteModel;
  51. use Knp\Component\Pager\Pagination\SlidingPagination;
  52. use Knp\Component\Pager\PaginatorInterface;
  53. use Pimcore\Model\DataObject;
  54. use Box\Spout\Writer\Common\Creator\WriterEntityFactory;
  55. use Box\Spout\Common\Entity\Row;
  56. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  57. use FrontendPermissionToolkitBundle\Service as FrontenKitService;
  58. use Pimcore\Db;
  59. use App\Controller\CartB2CController;
  61. /**
  62.  * Class AccountController
  63.  *
  64.  * Controller that handles all account functionality, including register, login and connect to SSO profiles
  65.  */
  66. class AccountB2CController extends BaseB2CController
  67. {
  68.     const LIMIT_PER_PAGE 10;
  70.     protected $service;
  72.     public function __construct(EventDispatcherInterface $eventDispatcher)
  73.     {
  74.         $this->service = new FrontenKitService($eventDispatcher);
  76.     }
  77.     /**
  78.      * @Route("/b2c/account/login", name="b2c-account-login")
  79.      *
  80.      * @param AuthenticationUtils $authenticationUtils
  81.      * @param OAuthRegistrationHandler $oAuthHandler
  82.      * @param SessionInterface $session
  83.      * @param Request $request
  84.      * @param UserInterface|null $user
  85.      *
  86.      * @return Response|RedirectResponse
  87.      */
  88.     public function loginAction(
  89.         AuthenticationUtils $authenticationUtils,
  90.         OAuthRegistrationHandler $oAuthHandler,
  91.         SessionInterface $session,
  92.         Request $request,
  93.         UserInterface $user null
  94.     ) {
  96.         // //redirect user to index page if logged in
  97.         if ($user && $this->isGranted('ROLE_USER')) {
  98.             return $this->redirectToRoute('b2c-account-index');
  99.         }
  101.         // get the login error if there is one
  102.         $error $authenticationUtils->getLastAuthenticationError();
  105.         // OAuth handling - the OAuth authenticator is configured to return to the login page on errors
  106.         // (see failure_path configuration) - therefore we can fetch the last authentication error
  107.         // here. If the error is an AccountNotLinkedException (as thrown by our user provider) save the
  108.         // OAuth token to the session and redirect to registration with a special key which can be used
  109.         // to load the token to prepopulate the registration form with account data.
  110.         if ($error instanceof AccountNotLinkedException) {
  111.             // this can be anything - for simplicity we just use an UUID as it is unique and random
  112.             $registrationKey = (string) Uuid::v4()->toRfc4122();
  113.             $oAuthHandler->saveToken($registrationKey$error->getToken());
  115.             return $this->redirectToRoute('b2c-account-register', [
  116.                 'registrationKey' => $registrationKey
  117.             ]);
  118.         }
  120.         // last username entered by the user
  121.         $lastUsername $authenticationUtils->getLastUsername();
  123.         $formData = [
  124.             '_username' => $lastUsername
  125.         ];
  127.         $form $this->createForm(LoginFormType::class, $formData, [
  128.             'action' => $this->generateUrl('b2c-account-login'),
  129.         ]);
  131.         //store referer in session to get redirected after login
  132.         if (!$request->get('no-referer-redirect')) {
  133.             $session->set('_security.demo_frontend_b2c.target_path'$request->headers->get('referer'));
  134.         }
  136.         return $this->render('account/login.html.twig', [
  137.             'form' => $form->createView(),
  138.             'error' => $error,
  139.             'hideBreadcrumbs' => true
  140.         ]);
  141.     }
  143.     /**
  144.      * If registration is called with a registration key, the key will be used to look for an existing OAuth token in
  145.      * the session. This OAuth token will be used to fetch user info which can be used to pre-populate the form and to
  146.      * link a SSO identity to the created customer object.
  147.      *
  148.      * This could be further separated into services, but was kept as single method for demonstration purposes as the
  149.      * registration process is different on every project.
  150.      *
  151.      * @Route("/b2c/account/register", name="b2c-account-register")
  152.      *
  153.      * @param Request $request
  154.      * @param CustomerProviderInterface $customerProvider
  155.      * @param OAuthRegistrationHandler $oAuthHandler
  156.      * @param LoginManagerInterface $loginManager
  157.      * @param RegistrationFormHandler $registrationFormHandler
  158.      * @param SessionInterface $session
  159.      * @param AuthenticationLoginListener $authenticationLoginListener
  160.      * @param Translator $translator
  161.      * @param Service $consentService
  162.      * @param UrlGeneratorInterface $urlGenerator
  163.      * @param NewsletterDoubleOptInService $newsletterDoubleOptInService
  164.      * @param UserInterface|null $user
  165.      *
  166.      * @return Response|RedirectResponse
  167.      */
  168.     public function registerAction(
  169.         Request $request,
  170.         CustomerProviderInterface $customerProvider,
  171.         OAuthRegistrationHandler $oAuthHandler,
  172.         LoginManagerInterface $loginManager,
  173.         RegistrationFormHandler $registrationFormHandler,
  174.         SessionInterface $session,
  175.         AuthenticationLoginListener $authenticationLoginListener,
  176.         Translator $translator,
  177.         Service $consentService,
  178.         UrlGeneratorInterface $urlGenerator,
  179.         NewsletterDoubleOptInService $newsletterDoubleOptInService,
  180.         UserInterface $user null,
  181.         Factory $factory
  182.     ) {
  183.         if ($user && $this->isGranted('ROLE_USER')) {
  184.             return $this->redirectToRoute('b2c-account-index');
  185.         }
  187.         $form $this->createForm(RegistrationFormType::class,[],[]);
  188.         $form->handleRequest($request);
  191.         $customer $customerProvider->create();
  192.         $errors = [];
  193.         if ($form->isSubmitted()) {
  195.             $registrationFormHandler->setData($form,$request,$customer);
  196.             $customer->setCustomerLanguage($request->getLocale());
  197.             $customer->setActive(true);
  199.             try {
  200.                 $customer->save();
  202.                 $response $this->redirectToRoute('b2c-account-index');
  204.                 // log user in manually
  205.                 // pass response to login manager as it adds potential remember me cookies
  206.                 $loginManager->login($customer$request$response);
  208.                 //do ecommerce framework login
  209.                 $authenticationLoginListener->doEcommerceFrameworkLogin($customer);
  211.                 if($customer->getUserRoles() == 'Customer'){
  212.                     $cartManager $factory->getCartManager();
  213.                     $oldCart $cartManager->getCartByName(CartB2CController::DEFAULT_CART_NAME);
  214.                     if($oldCart){
  215.                         if($oldCart->getItems()){
  216.                             return new RedirectResponse('/b2c/cart');
  217.                         }
  218.                     }
  219.                 }
  221.                 return $response;
  222.             } catch (DuplicateCustomerException $e) {
  223.                 $errors[] = $translator->trans(
  224.                     'account.customer-already-exists',
  225.                     [
  226.                         $customer->getEmail(),
  227.                         $urlGenerator->generate('account-password-send-recovery', ['email' => $customer->getEmail()])
  228.                     ]
  229.                 );
  230.             } catch (\Exception $e) {
  231.                 $errors[] = $e->getMessage();
  232.             }
  233.         }
  235.         if ($form->isSubmitted() && !$form->isValid()) {
  236.             p_r($form->getErrors());
  237.             p_r(get_Class_methods($form));
  238.             p_r($errors);exit;
  239.             $this->addFlash("error","La password deve essere identica e contenere almeno 10 caratteri.");
  240.         }
  242.         return $this->render('account/b2c_customer_registration.html.twig', [
  243.             'form' => $form->createView(),
  244.             'errors' => $errors,
  245.             'hideBreadcrumbs' => true
  246.         ]);
  247.     }
  249.     /**
  250.      *
  251.      * @param array $formData
  252.      * @param UserResponseInterface $userInformation
  253.      *
  254.      * @return array
  255.      */
  256.     private function mergeOAuthFormData(
  257.         array $formData,
  258.         UserResponseInterface $userInformation
  259.     ): array {
  260.         return array_replace([
  261.             'firstname' => $userInformation->getFirstName(),
  262.             'lastname' => $userInformation->getLastName(),
  263.             'email' => $userInformation->getEmail()
  264.         ], $formData);
  265.     }
  267.     /**
  268.      * Index page for account - it is restricted to ROLE_USER via security annotation
  269.      *
  270.      * @Route("/b2c/account/index", name="b2c-account-index")
  271.      * @Route("/en/b2c/account/index", name="b2c-account-index-en")
  272.      * @Security("is_granted('ROLE_USER')")
  273.      *
  274.      * @param SsoIdentityServiceInterface $identityService
  275.      * @param UserInterface|null $user
  276.      *
  277.      * @return Response
  278.      */
  279.     public function indexAction(Request $requestUserInterface $user null,PaginatorInterface $paginatorSessionInterface $session)
  280.     {
  281.         if(!$user){
  282.             return $this->redirectToRoute('account-login');
  283.         }
  284.         $limit $request->get('limit',20);
  285.         $orderColumn $request->get('column','oo_id');
  286.         $orderBy $request->get('order','desc');
  288.         $quoteListing = new DataObject\Quote\Listing();
  289.         $quoteListing->filterByUser($user);
  290.         $quoteListing->setOrderKey($orderColumn);
  291.         $quoteListing->setOrder($orderBy);
  294.         $paginator $paginator->paginate(
  295.             $quoteListing,
  296.             $request->get('page'1),
  297.             $limit
  298.         );
  300.         return $this->render('account/b2c_quotation_list.html.twig', [
  301.             'paginator' => $paginator,
  302.             'column'=>$orderColumn,
  303.             'order'=>$orderBy,
  304.             'paginationVariables' => $paginator->getPaginationData(),
  305.             'limit'=>$limit
  306.         ]);
  307.     }
  309.     /**
  310.      * Index page for account - it is restricted to ROLE_USER via security annotation
  311.      *
  312.      * @Route("/b2c/account/profile", name="b2c-account-profile")
  313.      * @Security("is_granted('ROLE_USER')")
  314.      *
  315.      * @param RegistrationFormHandler $registrationFormHandler
  316.      * @param UserInterface|null $user
  317.      *
  318.      * @return Response
  319.      */
  320.     public function profileAction(Request $request,RegistrationFormHandler $registrationFormHandlerUserInterface $user null,PaginatorInterface $paginatorSessionInterface $session)
  321.     {
  322.          //redirect user to index page if logged in
  323.         if (!$user) {
  324.             return $this->redirectToRoute('b2c-account-login');
  325.         }
  327.         $customer $user;
  328.         $formData $registrationFormHandler->buildFormData($customer);
  329.         $form $this->createForm(RegistrationFormType::class,$formData);
  330.         $form->remove('password');
  331.         $form->remove('consent');
  332.         $form->handleRequest($request);
  334.         $errors = [];
  335.         if ($form->isSubmitted() && $form->isValid()) {
  337.             $registrationFormHandler->setData($form,$request,$customer,true);
  338.             $customer->setCustomerLanguage($request->getLocale());
  339.             $customer->setActive(true);
  341.             try {
  342.                 $customer->save();
  344.                 $response $this->redirectToRoute('b2c-account-index');
  347.                 return $response;
  348.             } catch (DuplicateCustomerException $e) {
  349.                 $errors[] = $translator->trans(
  350.                     'account.customer-already-exists',
  351.                     [
  352.                         $customer->getEmail(),
  353.                         $urlGenerator->generate('account-password-send-recovery', ['email' => $customer->getEmail()])
  354.                     ]
  355.                 );
  356.             } catch (\Exception $e) {
  357.                 $errors[] = $e->getMessage();
  358.             }
  359.         }
  361.         $customerAddress = new DataObject\CustomerAddressB2C\Listing();
  362.         $customerAddress->filterByUser($user);
  364.         return $this->render('account/b2c_customer_profile.html.twig', [
  365.             'form' => $form->createView(),
  366.             'errors' => $errors,
  367.             'addresses'=>$customerAddress,
  368.             'hideBreadcrumbs' => true
  369.         ]);
  371.     }
  373.     /**
  374.      * @Route("/account/send-password-recovery", name="account-password-send-recovery")
  375.      *
  376.      * @param Request $request
  377.      * @param PasswordRecoveryService $service
  378.      * @param Translator $translator
  379.      *
  380.      * @return Response
  381.      *
  382.      * @throws \Exception
  383.      */
  384.     public function sendPasswordRecoveryMailAction(Request $requestPasswordRecoveryService $serviceTranslator $translator)
  385.     {
  386.         if ($request->isMethod(Request::METHOD_POST)) {
  387.             try {
  388.                 $customer $service->sendRecoveryMail($request->get('email'''), $this->document->getProperty('password_reset_mail'));
  389.                 if (!$customer instanceof CustomerInterface) {
  390.                     throw new \Exception('Invalid Customer');
  391.                 }
  393.                 $this->addFlash('success'$translator->trans('account.reset-mail-sent-when-possible'));
  394.             } catch (\Exception $e) {
  395.                 $this->addFlash('danger'$e->getMessage());
  396.             }
  398.             return $this->redirectToRoute('b2c-account-login', ['no-referer-redirect' => true]);
  399.         }
  401.         return $this->render('account/send_password_recovery_mail.html.twig', [
  402.             'hideBreadcrumbs' => true,
  403.             'emailPrefill' => $request->get('email')
  404.         ]);
  405.     }
  407.     /**
  408.      * @Route("/b2c/account/reset-password", name="b2c-account-reset-password")
  409.      *
  410.      * @param Request $request
  411.      * @param PasswordRecoveryService $service
  412.      * @param Translator $translator
  413.      *
  414.      * @return Response|RedirectResponse
  415.      */
  416.     public function resetPasswordAction(Request $requestPasswordRecoveryService $serviceTranslator $translator)
  417.     {
  418.         $token $request->get('token');
  419.         $customer $service->getCustomerByToken($token);
  420.         if (!$customer) {
  421.             //TODO render error page
  422.             throw new NotFoundHttpException('Invalid token');
  423.         }
  425.         if ($request->isMethod(Request::METHOD_POST)) {
  426.             $newPassword $request->get('password');
  427.             $service->setPassword($token$newPassword);
  429.             $this->addFlash('success'$translator->trans('account.password-reset-successful'));
  431.             return $this->redirectToRoute('b2c-account-login', ['no-referer-redirect' => true]);
  432.         }
  434.         return $this->render('account/reset_password.html.twig', [
  435.             'hideBreadcrumbs' => true,
  436.             'token' => $token,
  437.             'email' => $customer->getEmail()
  438.         ]);
  439.     }
  442.     private function checkPermission(){
  443.         $allow false;
  444.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  445.         if($this->service->isAllowed($userObject"draft_create") || $this->service->isAllowed($userObject"booking_create") || $this->service->isAllowed($userObject"order_create") || $this->service->isAllowed($userObject"order_view")) {
  446.             $allow true;
  447.         }
  448.         return $allow;
  449.     }
  451.     /**
  452.      * @Route("/account/b2c/wish-list/index", name="b2c-wishlist-index")
  453.      * @Security("is_granted('ROLE_USER')")
  454.      * @param Request $request
  455.      * @return Response
  456.      *
  457.      * @throws \Exception
  458.      */
  459.     public function wishListIndexAction(Request $request,UserInterface $user null)
  460.     {
  461.         if (!$user) {
  462.             return $this->redirectToRoute('b2c-account-login');
  463.         }
  464.         $result = [];
  465.         $products = [];
  466.         $productId $request->get('id',0);
  467.         $params array_merge($request->query->all(), $request->attributes->all());
  469.         if($user){
  471.             $db Db::get();
  473.             $orderBy " ow.oo_id DESC";
  474.             if(isset($params['orderby'])){
  475.                 if($params['orderby'] == "price")
  476.                 {
  477.                     $orderBy 'CONSORZ ASC';
  478.                 }else if($params['orderby'] == "price-desc"){
  479.                     $orderBy =  'CONSORZ DESC';
  480.                 }else if($params['orderby'] == "date"){
  481.                     $orderBy 'oo_id DESC';
  482.                 }else if($params['orderby'] == "popularity"){
  483.                     $orderBy 'oo_id DESC';
  484.                 }
  485.             }else{
  486.                 $orderBy  "ow.o_modificationDate DESC";
  487.             }
  489.             $lists = [];
  490.             $sql 'SELECT ow.oo_id FROM `object_wishlist` ow LEFT JOIN object_prod op ON ow.item__id = op.oo_id WHERE user__id = '.$user->getId().' ORDER BY '.$orderBy;
  491.             $products $db->fetchAll($sql);
  492.             if($products)
  493.             {
  494.                 foreach($products as $prod){
  495.                     $lists[] = \Pimcore\Model\DataObject::getById($prod['oo_id']);
  496.                 }
  497.             }
  499.             $params['products'] = $lists;
  500.             $params['orderby'] = $orderBy;
  502.             $params['isMecstoreUser'] =  false;
  503.             $partner $user->getPartner();
  504.             if($partner->getisMecstoreHQ()){
  505.                 $params['isMecstoreUser'] =  true;
  506.             }
  507.         }
  508.         return $this->render('product_b2c/wishlist.html.twig'$params);
  509.     }
  512.     /**
  513.      * @Route("/account/get_branch_by_province", name="account-get-branch-by-province")
  514.      * @return Response|RedirectResponse
  515.      */
  516.     public function getBranchByRegion(Request $request){
  518.         $result = [];
  519.         $branches = [];
  520.         $user null;
  521.         $id $request->get('id',null);
  522.         if($id){
  523.             $db \Pimcore\Db::get();
  524.             $provinces $db->fetchAll("SELECT * FROM province WHERE code='$id' limit 1");
  525.             if($provinces){
  526.                 $partnerBranches = new DataObject\Partners\Listing();
  527.                 $partnerBranches->setCondition("Region = ? AND isMecstoreHQ != 1",[$provinces[0]['region']]);
  528.                 $partnerBranches $partnerBranches->load();
  529.                 if($partnerBranches)
  530.                 {
  531.                     foreach($partnerBranches as $branch){
  533.                         $branches[$branch->getId()] = $branch->getCompany().'-'.$branch->getCity().', '.$branch->getRegion().' - '.$branch->getZip();
  534.                     }
  536.                     $result = ['success'=>true,'data'=>$branches];
  537.                     return $this->json($result);
  538.                 }
  539.             }
  540.         }
  543.         return $this->json(['success'=>false]);
  544.     }
  545. }