src/Controller/AccountController.php line 93

Open in your IDE?
  1. <?php
  3. /**
  4.  * Pimcore
  5.  *
  6.  * This source file is available under two different licenses:
  7.  * - GNU General Public License version 3 (GPLv3)
  8.  * - Pimcore Enterprise License (PEL)
  9.  * Full copyright and license information is available in
  10.  * LICENSE.md which is distributed with this source code.
  11.  *
  12.  *  @copyright  Copyright (c) Pimcore GmbH (http://www.pimcore.org)
  13.  *  @license    http://www.pimcore.org/license     GPLv3 and PEL
  14.  */
  16. namespace App\Controller;
  18. use App\EventListener\AuthenticationLoginListener;
  19. use App\Form\LoginFormType;
  20. use App\Form\RegistrationFormHandler;
  21. use App\Form\RegistrationFormType;
  22. use App\Model\Customer;
  23. use App\Model\PreOrderItem;
  24. use App\Model\PurchaseOrder;
  25. use App\Services\CurlService;
  26. use App\Services\NewsletterDoubleOptInService;
  27. use App\Services\PasswordRecoveryService;
  28. use CustomerManagementFrameworkBundle\CustomerProvider\CustomerProviderInterface;
  29. use CustomerManagementFrameworkBundle\CustomerSaveValidator\Exception\DuplicateCustomerException;
  30. use CustomerManagementFrameworkBundle\Model\CustomerInterface;
  31. use CustomerManagementFrameworkBundle\Security\Authentication\LoginManagerInterface;
  32. use CustomerManagementFrameworkBundle\Security\OAuth\Exception\AccountNotLinkedException;
  33. use CustomerManagementFrameworkBundle\Security\OAuth\OAuthRegistrationHandler;
  34. use CustomerManagementFrameworkBundle\Security\SsoIdentity\SsoIdentityServiceInterface;
  35. use HWI\Bundle\OAuthBundle\OAuth\Response\UserResponseInterface;
  36. use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
  37. use Pimcore\Bundle\EcommerceFrameworkBundle\Factory;
  38. use Pimcore\Bundle\EcommerceFrameworkBundle\OrderManager\Order\Listing\Filter\CustomerObject;
  39. use Pimcore\DataObject\Consent\Service;
  40. use Pimcore\Translation\Translator;
  41. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Security;
  42. use Symfony\Component\HttpFoundation\RedirectResponse;
  43. use Symfony\Component\HttpFoundation\Request;
  44. use Symfony\Component\HttpFoundation\Response;
  45. use Symfony\Component\HttpFoundation\Session\SessionInterface;
  46. use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
  47. use Symfony\Component\Routing\Annotation\Route;
  48. use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
  49. use Symfony\Component\Security\Core\User\UserInterface;
  50. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
  51. use Symfony\Component\Uid\Uuid;
  52. use App\Model\Order;
  53. use Knp\Component\Pager\Pagination\SlidingPagination;
  54. use Knp\Component\Pager\PaginatorInterface;
  55. use Pimcore\Model\DataObject;
  56. use Box\Spout\Writer\Common\Creator\WriterEntityFactory;
  57. use Box\Spout\Common\Entity\Row;
  58. use Symfony\Component\EventDispatcher\EventDispatcherInterface;
  59. use FrontendPermissionToolkitBundle\Service as FrontenKitService;
  60. use Symfony\Component\Security\Core\Security as SymfonySecurity;
  61. use Doctrine\ORM\EntityManagerInterface;
  62. use App\Model\Utility;
  63. /**
  64.  * Class AccountController
  65.  *
  66.  * Controller that handles all account functionality, including register, login and connect to SSO profiles
  67.  */
  68. class AccountController extends BaseController
  69. {
  70.     const LIMIT_PER_PAGE 10;
  72.     protected $service;
  73.     public $security;
  75.     public function __construct(EventDispatcherInterface $eventDispatcher,SymfonySecurity $security)
  76.     {
  77.         $this->service = new FrontenKitService($eventDispatcher);
  78.         if($security->getUser() && $security->getUser()->getUserRoles() == 'customer'){
  79.             return $this->redirectToRoute('b2c-account-index');
  80.         }
  81.     }
  82.     /**
  83.      * @Route("/account/login", name="account-login")
  84.      *
  85.      * @param AuthenticationUtils $authenticationUtils
  86.      * @param OAuthRegistrationHandler $oAuthHandler
  87.      * @param SessionInterface $session
  88.      * @param Request $request
  89.      * @param UserInterface|null $user
  90.      *
  91.      * @return Response|RedirectResponse
  92.      */
  93.     public function loginAction(
  94.         AuthenticationUtils $authenticationUtils,
  95.         OAuthRegistrationHandler $oAuthHandler,
  96.         SessionInterface $session,
  97.         Request $request,
  98.         UserInterface $user null
  99.     ) {
  101.         \Pimcore\Cache::disable();
  104.         //redirect user to index page if logged in
  105.         if ($user && $this->isGranted('ROLE_USER')) {
  106.             return $this->redirectToRoute('account-index');
  107.         }
  109.         // get the login error if there is one
  110.         $error $authenticationUtils->getLastAuthenticationError();
  112.         // OAuth handling - the OAuth authenticator is configured to return to the login page on errors
  113.         // (see failure_path configuration) - therefore we can fetch the last authentication error
  114.         // here. If the error is an AccountNotLinkedException (as thrown by our user provider) save the
  115.         // OAuth token to the session and redirect to registration with a special key which can be used
  116.         // to load the token to prepopulate the registration form with account data.
  117.         if ($error instanceof AccountNotLinkedException) {
  118.             // this can be anything - for simplicity we just use an UUID as it is unique and random
  119.             $registrationKey = (string) Uuid::v4()->toRfc4122();
  120.             $oAuthHandler->saveToken($registrationKey$error->getToken());
  122.             return $this->redirectToRoute('account-register', [
  123.                 'registrationKey' => $registrationKey
  124.             ]);
  125.         }
  127.         // last username entered by the user
  128.         $lastUsername $authenticationUtils->getLastUsername();
  130.         $formData = [
  131.             '_username' => $lastUsername
  132.         ];
  134.         $form $this->createForm(LoginFormType::class, $formData, [
  135.             'action' => $this->generateUrl('account-login'),
  136.         ]);
  138.        // p_r($request->headers->get('referer'));exit;
  140.         //store referer in session to get redirected after login
  141.         if (!$request->get('no-referer-redirect')) {
  142.             $session->set('_security.demo_frontend.target_path'$request->headers->get('referer'));
  143.         }
  145.         if($this->document->getKey() == "b2c" || $this->document->getKey() == "en"){
  146.             return $this->render('account/b2c_login.html.twig', [
  147.                 'form' => $form->createView(),
  148.                 'error' => $error,
  149.                 'hideBreadcrumbs' => true,
  150.                 '_target_path'=>$request->headers->get('referer')
  151.             ]);
  152.         }else{
  153.             return $this->render('account/login.html.twig', [
  154.                 'form' => $form->createView(),
  155.                 'error' => $error,
  156.                 'hideBreadcrumbs' => true,
  157.                 '_target_path'=>$request->headers->get('referer')
  158.             ]);
  159.         }
  160.     }
  162.     /**
  163.      * If registration is called with a registration key, the key will be used to look for an existing OAuth token in
  164.      * the session. This OAuth token will be used to fetch user info which can be used to pre-populate the form and to
  165.      * link a SSO identity to the created customer object.
  166.      *
  167.      * This could be further separated into services, but was kept as single method for demonstration purposes as the
  168.      * registration process is different on every project.
  169.      *
  170.      * @Route("/account/register", name="account-register")
  171.      *
  172.      * @param Request $request
  173.      * @param CustomerProviderInterface $customerProvider
  174.      * @param OAuthRegistrationHandler $oAuthHandler
  175.      * @param LoginManagerInterface $loginManager
  176.      * @param RegistrationFormHandler $registrationFormHandler
  177.      * @param SessionInterface $session
  178.      * @param AuthenticationLoginListener $authenticationLoginListener
  179.      * @param Translator $translator
  180.      * @param Service $consentService
  181.      * @param UrlGeneratorInterface $urlGenerator
  182.      * @param NewsletterDoubleOptInService $newsletterDoubleOptInService
  183.      * @param UserInterface|null $user
  184.      *
  185.      * @return Response|RedirectResponse
  186.      */
  187.     public function registerAction(
  188.         Request $request,
  189.         CustomerProviderInterface $customerProvider,
  190.         OAuthRegistrationHandler $oAuthHandler,
  191.         LoginManagerInterface $loginManager,
  192.         RegistrationFormHandler $registrationFormHandler,
  193.         SessionInterface $session,
  194.         AuthenticationLoginListener $authenticationLoginListener,
  195.         Translator $translator,
  196.         Service $consentService,
  197.         UrlGeneratorInterface $urlGenerator,
  198.         NewsletterDoubleOptInService $newsletterDoubleOptInService,
  199.         UserInterface $user null
  200.     ) {
  202.         //redirect user to index page if logged in
  203.         if ($user && $this->isGranted('ROLE_USER')) {
  204.             return $this->redirectToRoute('account-index');
  205.         }
  207.         $registrationKey $request->get('registrationKey');
  209.         // create a new, empty customer instance
  210.         /** @var CustomerInterface|\Pimcore\Model\DataObject\Customer $customer */
  211.         $customer $customerProvider->create();
  213.         /** @var OAuthToken $oAuthToken */
  214.         $oAuthToken null;
  216.         /** @var UserResponseInterface $oAuthUserInfo */
  217.         $oAuthUserInfo null;
  219.         // load previously stored token from the session and try to load user profile
  220.         // from provider
  221.         if (null !== $registrationKey) {
  222.             $oAuthToken $oAuthHandler->loadToken($registrationKey);
  223.             $oAuthUserInfo $oAuthHandler->loadUserInformation($oAuthToken);
  224.         }
  226.         if (null !== $oAuthUserInfo) {
  227.             // try to load a customer with the given identity from our storage. if this succeeds, we can't register
  228.             // the customer and should either log in the existing identity or show an error. for simplicity, we just
  229.             // throw an exception here.
  230.             // this shouldn't happen as the login would log in the user if found
  231.             if ($oAuthHandler->getCustomerFromUserResponse($oAuthUserInfo)) {
  232.                 throw new \RuntimeException('Customer is already registered');
  233.             }
  234.         }
  236.         // the registration form handler is just a utility class to map pimcore object data to form
  237.         // and vice versa.
  238.         $formData $registrationFormHandler->buildFormData($customer);
  239.         $hidePassword false;
  240.         if (null !== $oAuthToken) {
  241.             $formData $this->mergeOAuthFormData($formData$oAuthUserInfo);
  242.             $hidePassword true;
  243.         }
  245.         // build the registration form and pre-fill it with customer data
  246.         $form $this->createForm(RegistrationFormType::class, $formData, ['hidePassword' => $hidePassword]);
  247.         $form->handleRequest($request);
  249.         $errors = [];
  250.         if ($form->isSubmitted() && $form->isValid()) {
  251.             $registrationFormHandler->updateCustomerFromForm($customer$form);
  252.             $customer->setCustomerLanguage($request->getLocale());
  253.             $customer->setActive(true);
  255.             try {
  256.                 $customer->save();
  258.                 if ($form->getData()['newsletter']) {
  259.                     $consentService->giveConsent($customer'newsletter'$translator->trans('general.newsletter'));
  260.                     $newsletterDoubleOptInService->sendDoubleOptInMail($customer$this->document->getProperty('newsletter_confirm_mail'));
  261.                 }
  262.                 if ($form->getData()['profiling']) {
  263.                     $consentService->giveConsent($customer'profiling'$translator->trans('general.profiling'));
  264.                 }
  266.                 // add SSO identity from OAuth data
  267.                 if (null !== $oAuthUserInfo) {
  268.                     $oAuthHandler->connectSsoIdentity($customer$oAuthUserInfo);
  269.                 }
  271.                 //check if special redirect is necessary
  272.                 if ($session->get('referrer')) {
  273.                     $response $this->redirect($session->get('referrer'));
  274.                     $session->remove('referrer');
  275.                 } else {
  276.                     $response $this->redirectToRoute('account-index');
  277.                 }
  279.                 // log user in manually
  280.                 // pass response to login manager as it adds potential remember me cookies
  281.                 $loginManager->login($customer$request$response);
  283.                 //do ecommerce framework login
  284.                 $authenticationLoginListener->doEcommerceFrameworkLogin($customer);
  286.                 return $response;
  287.             } catch (DuplicateCustomerException $e) {
  288.                 $errors[] = $translator->trans(
  289.                     'account.customer-already-exists',
  290.                     [
  291.                         $customer->getEmail(),
  292.                         $urlGenerator->generate('account-password-send-recovery', ['email' => $customer->getEmail()])
  293.                     ]
  294.                 );
  295.             } catch (\Exception $e) {
  296.                 $errors[] = $e->getMessage();
  297.             }
  298.         }
  300.         if ($form->isSubmitted() && !$form->isValid()) {
  301.             foreach ($form->getErrors() as $error) {
  302.                 $errors[] = $error->getMessage();
  303.             }
  304.         }
  306.         // re-save user info to session as we need it in subsequent requests (e.g. after form errors) or
  307.         // when form is rendered for the first time
  308.         if (null !== $registrationKey && null !== $oAuthToken) {
  309.             $oAuthHandler->saveToken($registrationKey$oAuthToken);
  310.         }
  312.         return $this->render('account/register.html.twig', [
  313.             'customer' => $customer,
  314.             'form' => $form->createView(),
  315.             'errors' => $errors,
  316.             'hideBreadcrumbs' => true,
  317.             'hidePassword' => $hidePassword
  318.         ]);
  319.     }
  321.     /**
  322.      * Special route for connecting to social profiles that saves referrer in session for later
  323.      * redirect to that referrer
  324.      *
  325.      * @param Request $request
  326.      * @param SessionInterface $session
  327.      * @param $service
  328.      *
  329.      * @return Response
  330.      * @Route("/auth/oauth/referrerLogin/{service}", name="app_auth_oauth_login_referrer")
  331.      */
  332.     public function connectAction(Request $requestSessionInterface $session$service)
  333.     {
  334.         // we overwrite this route to store user's referrer in the session
  335.         $session->set('referrer'$request->headers->get('referer'));
  337.         return $this->forward('HWIOAuthBundle:Connect:redirectToService', ['service' => $service]);
  338.     }
  340.     /**
  341.      * Connects an already logged in user to an auth provider
  342.      *
  343.      * @Route("/oauth/connect/{service}", name="app_auth_oauth_connect")
  344.      * @Security("is_granted('ROLE_USER')")
  345.      *
  346.      * @param Request $request
  347.      * @param OAuthRegistrationHandler $oAuthHandler
  348.      * @param UserInterface $user
  349.      * @param string $service
  350.      *
  351.      * @return RedirectResponse
  352.      */
  353.     public function oAuthConnectAction(
  354.         Request $request,
  355.         OAuthRegistrationHandler $oAuthHandler,
  356.         UserInterface $user,
  357.         string $service
  358.     ) {
  359.         $resourceOwner $oAuthHandler->getResourceOwner($service);
  361.         $redirectUrl $this->generateUrl('app_auth_oauth_connect', [
  362.             'service' => $service
  363.         ], UrlGeneratorInterface::ABSOLUTE_URL);
  365.         // redirect to authorization
  366.         if (!$resourceOwner->handles($request)) {
  367.             $authorizationUrl $oAuthHandler->getAuthorizationUrl($request$service$redirectUrl);
  369.             return $this->redirect($authorizationUrl);
  370.         }
  372.         // get access token from URL
  373.         $accessToken $resourceOwner->getAccessToken($request$redirectUrl);
  375.         // e.g. user cancelled auth on provider side
  376.         if (null === $accessToken) {
  377.             return $this->redirectToRoute('account-index');
  378.         }
  380.         $oAuthUserInfo $resourceOwner->getUserInformation($accessToken);
  382.         // we don't want to allow linking an OAuth account to multiple customers
  383.         if ($oAuthHandler->getCustomerFromUserResponse($oAuthUserInfo)) {
  384.             throw new \RuntimeException('There\'s already a customer registered with this provider identity');
  385.         }
  387.         // create a SSO identity object and save it to the user
  388.         $oAuthHandler->connectSsoIdentity($user$oAuthUserInfo);
  390.         // redirect to secure page which should now list the newly linked profile
  391.         return $this->redirectToRoute('account-index');
  392.     }
  394.     /**
  395.      *
  396.      * @param array $formData
  397.      * @param UserResponseInterface $userInformation
  398.      *
  399.      * @return array
  400.      */
  401.     private function mergeOAuthFormData(
  402.         array $formData,
  403.         UserResponseInterface $userInformation
  404.     ): array {
  405.         return array_replace([
  406.             'firstname' => $userInformation->getFirstName(),
  407.             'lastname' => $userInformation->getLastName(),
  408.             'email' => $userInformation->getEmail()
  409.         ], $formData);
  410.     }
  412.     /**
  413.      * Index page for account - it is restricted to ROLE_USER via security annotation
  414.      *
  415.      * @Route("/account/index", name="account-index")
  416.      * @Security("is_granted('ROLE_USER')")
  417.      *
  418.      * @param SsoIdentityServiceInterface $identityService
  419.      * @param UserInterface|null $user
  420.      *
  421.      * @return Response
  422.      */
  423.     public function indexAction(SsoIdentityServiceInterface $identityServiceUserInterface $user null,PaginatorInterface $paginatorSessionInterface $session)
  424.     {
  425.         if($this->checkPermission() != true)
  426.         {
  427.             throw new \Exception("Permission denied");
  428.         }
  430.         if($user->getPartner()->getIsMecstoreHQ()){
  431.             return $this->redirectToRoute("account-order-list",["type"=>"ordini"]);
  432.         }
  434.         $blacklist = [];
  435.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  436.             $blacklist[] = $identity->getProvider();
  437.         }
  439.         $branches $this->getBranches($session,$user);
  440.         if(empty($branches))
  441.         {
  442.             throw new \Exception("Permission denied");
  443.         }
  445.         $order = new Order();
  447.         $draftOrder $order->getOrderByStatus('Draft',$branches,$paginator);
  448.         $bookedOrder $order->getOrderByStatus('Booked',$branches,$paginator);
  449.         $sentOrder $order->getOrderByStatus('Sent',$branches,$paginator);
  451.         $orderManager Factory::getInstance()->getOrderManager();
  452.         $orderList $orderManager->createOrderList();
  453.         $orderList->addFilter(new CustomerObject($user));
  454.         $orderList->setOrder('orderDate DESC');
  456.         return $this->render('account/index.html.twig', [
  457.             'blacklist' => $blacklist,
  458.             'orderList' => $orderList,
  459.             'hideBreadcrumbs' => true,
  460.             'draftOrder'=> $draftOrder,
  461.             'bookedOrder'=> $bookedOrder,
  462.             'sentOrder'=> $sentOrder
  463.         ]);
  464.     }
  466.     /**
  467.      * @Route("/account/update-marketing", name="account-update-marketing-permission")
  468.      * @Security("is_granted('ROLE_USER')")
  469.      *
  470.      * @param Request $request
  471.      * @param Service $consentService
  472.      * @param Translator $translator
  473.      * @param NewsletterDoubleOptInService $newsletterDoubleOptInService
  474.      * @param UserInterface|null $user
  475.      *
  476.      * @return RedirectResponse
  477.      *
  478.      * @throws \Exception
  479.      */
  480.     public function updateMarketingPermissionAction(Request $requestService $consentServiceTranslator $translatorNewsletterDoubleOptInService $newsletterDoubleOptInServiceUserInterface $user null)
  481.     {
  482.         if ($user instanceof Customer) {
  483.             $currentNewsletterPermission $user->getNewsletter()->getConsent();
  484.             if (!$currentNewsletterPermission && $request->get('newsletter')) {
  485.                 $consentService->giveConsent($user'newsletter'$translator->trans('general.newsletter'));
  486.                 $newsletterDoubleOptInService->sendDoubleOptInMail($user$this->document->getProperty('newsletter_confirm_mail'));
  487.             } elseif ($currentNewsletterPermission && !$request->get('newsletter')) {
  488.                 $user->setNewsletterConfirmed(false);
  489.                 $consentService->revokeConsent($user'newsletter');
  490.             }
  492.             $currentProfilingPermission $user->getProfiling()->getConsent();
  493.             if (!$currentProfilingPermission && $request->get('profiling')) {
  494.                 $consentService->giveConsent($user'profiling'$translator->trans('general.profiling'));
  495.             } elseif ($currentProfilingPermission && !$request->get('profiling')) {
  496.                 $consentService->revokeConsent($user'profiling');
  497.             }
  499.             $user->save();
  501.             $this->addFlash('success'$translator->trans('account.marketing-permissions-updated'));
  502.         }
  504.         return $this->redirectToRoute('account-index');
  505.     }
  507.     /**
  508.      * @Route("/account/confirm-newsletter", name="account-confirm-newsletter")
  509.      *
  510.      * @param Request $request
  511.      * @param NewsletterDoubleOptInService $newsletterDoubleOptInService
  512.      * @param Translator $translator
  513.      *
  514.      * @return RedirectResponse
  515.      */
  516.     public function confirmNewsletterAction(Request $requestNewsletterDoubleOptInService $newsletterDoubleOptInServiceTranslator $translator)
  517.     {
  518.         $token $request->get('token');
  519.         $customer $newsletterDoubleOptInService->handleDoubleOptInConfirmation($token);
  520.         if ($customer) {
  521.             $this->addFlash('success'$translator->trans('account.marketing-permissions-confirmed-newsletter'));
  523.             return $this->redirectToRoute('account-index');
  524.         } else {
  525.             throw new NotFoundHttpException('Invalid token');
  526.         }
  527.     }
  529.     /**
  530.      * @Route("/account/send-password-recovery", name="account-password-send-recovery")
  531.      *
  532.      * @param Request $request
  533.      * @param PasswordRecoveryService $service
  534.      * @param Translator $translator
  535.      *
  536.      * @return Response
  537.      *
  538.      * @throws \Exception
  539.      */
  540.     public function sendPasswordRecoveryMailAction(Request $requestPasswordRecoveryService $serviceTranslator $translator)
  541.     {
  542.         if ($request->isMethod(Request::METHOD_POST)) {
  543.             try {
  544.                 $emailDocument \Pimcore\Model\Document::getByPath('/b2c/email/password-recovery');
  545.                 $customer $service->sendRecoveryMail($request->get('email'''), $emailDocument);
  546.                 if (!$customer instanceof CustomerInterface) {
  547.                     throw new \Exception('Cliente non valido');
  548.                 }
  550.                 $this->addFlash('success'"Il link per la reimpostazione della password viene inviato all'indirizzo e-mail registrato");
  551.             } catch (\Exception $e) {
  552.                 $this->addFlash('danger'$e->getMessage());
  553.             }
  555.             return $this->redirectToRoute('account-password-send-recovery', ['no-referer-redirect' => true]);
  556.         }
  558.         return $this->render('account/send_password_recovery_mail.html.twig', [
  559.             'hideBreadcrumbs' => true,
  560.             'emailPrefill' => $request->get('email')
  561.         ]);
  562.     }
  564.     /**
  565.      * @Route("/account/reset-password", name="account-reset-password")
  566.      *
  567.      * @param Request $request
  568.      * @param PasswordRecoveryService $service
  569.      * @param Translator $translator
  570.      *
  571.      * @return Response|RedirectResponse
  572.      */
  573.     public function resetPasswordAction(Request $requestPasswordRecoveryService $serviceTranslator $translator)
  574.     {
  575.         $token $request->get('token');
  576.         $customer $service->getCustomerByToken($token);
  577.         if (!$customer) {
  578.             //TODO render error page
  579.             throw new NotFoundHttpException('Token non valido');
  580.         }
  582.         if ($request->isMethod(Request::METHOD_POST)) {
  583.             $newPassword $request->get('password');
  584.             $service->setPassword($token$newPassword);
  586.             $this->addFlash('success',"La password Ã¨ stata aggiornata con successo ");
  588.             return $this->redirectToRoute('account-password-send-recovery', ['no-referer-redirect' => true]);
  589.         }
  591.         return $this->render('account/reset_password.html.twig', [
  592.             'hideBreadcrumbs' => true,
  593.             'token' => $token,
  594.             'email' => $customer->getEmail()
  595.         ]);
  596.     }
  598.     /**
  599.      * Index page for account - it is restricted to ROLE_USER via security annotation
  600.      *
  601.      * @Route("/account/order/list/{type}", name="account-order-list")
  602.      * @Security("is_granted('ROLE_USER')")
  603.      *
  604.      * @param SsoIdentityServiceInterface $identityService
  605.      * @param UserInterface|null $user
  606.      *
  607.      * @return Response
  608.      */
  609.     public function orderListAction(Request $requestSsoIdentityServiceInterface $identityServiceSessionInterface $session null ,UserInterface $user null,PaginatorInterface $paginatorFactory $ecommerceFactory)
  610.     {
  611.         if ($this->checkPermission() != true) {
  612.             return $this->redirectToRoute('account-index');
  613.         }
  614.         $type strtolower($request->get('type''all'));
  615.         $page $request->get('page'1);
  616.         $limit = ($request->get('limit'12)) ? $request->get('limit'12) : 12;
  617.         $type $request->get('type''confirm');
  618.         $startDate $request->get('startDate'null);
  619.         $endDate $request->get('endDate'null);
  620.         $orderType $request->get('order_type'null);
  621.         $term $request->get('term'null);
  623.         $blacklist = [];
  624.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  625.             $blacklist[] = $identity->getProvider();
  626.         }
  628.         $branches $this->getBranches($session$user);
  630.         if (empty($branches)) {
  631.             throw new \Exception("Permission denied");
  632.         }
  634.         $order = new Order();
  636.         if($type == 'draft')
  637.         {
  638.             $params['heading'] = "BOZZE";
  639.             $result $order->getOrderByStatus('Draft',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term);
  641.         }else if($type == 'booked'){
  643.             $params['heading'] = "PRENOTAZIONI";
  644.             $result $order->getOrderByStatus('Booked',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term);
  646.         }
  647.         else if($type == 'impegnati'){
  649.             $params['heading'] = "IMPEGNATI";
  650.             $searchBy $request->get('filter_by',null);
  651.             $result $order->getImpegnati($paginator,$page,$limit,$searchBy,$term);
  652.             $params['result'] = $result;
  653.             $params['type'] = $type;
  654.             $params['paginationVariables'] = $result->getPaginationData();
  655.             $params['totalCount'] = $result->getTotalItemCount();
  656.             $params['offset'] = $result->getCurrentPageNumber();
  657.             $params['limit'] = $result->getItemNumberPerPage();
  658.             $params['order_type'] = $orderType;
  659.             $params['start_date'] = $startDate;
  660.             $params['end_date'] = $endDate;
  661.             $params['term'] = $term;
  662.             $params['filterBy'] = $searchBy;
  663.             $this->deleteOrdersDeleted($result);
  664.             return $this->render('account/mecstore/order_engaged_list.html.twig'$params);
  666.         }
  667.         else if($type == 'riepilogo'){
  669.             $params['heading'] = "RIEPILOGO";
  670.             $result $order->getRiepligo($paginator,$page,$limit,$term);
  671.             $params['result'] = $result;
  672.             $params['type'] = $type;
  673.             $params['paginationVariables'] = $result->getPaginationData();
  674.             $params['totalCount'] = $result->getTotalItemCount();
  675.             $params['offset'] = $result->getCurrentPageNumber();
  676.             $params['limit'] = $result->getItemNumberPerPage();
  677.             $params['order_type'] = $orderType;
  678.             $params['start_date'] = $startDate;
  679.             $params['end_date'] = $endDate;
  680.             $params['term'] = $term;
  681.             $this->deleteOrdersDeleted($result);
  682.             return $this->render('account/mecstore/order_summary_list_HQ.html.twig'$params);
  684.         }
  685.         else if($type == 'ordini'){
  687.             $params['heading'] = "ORDINI";
  688.             $result $order->getOrderByStatus('confirm',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term,'o_id','desc',true);
  690.             $params['result'] = $result;
  691.             $params['type'] = $type;
  692.             $params['paginationVariables'] = $result->getPaginationData();
  693.             $params['totalCount'] = $result->getTotalItemCount();
  694.             $params['offset'] = $result->getCurrentPageNumber();
  695.             $params['limit'] = $result->getItemNumberPerPage();
  696.             $params['order_type'] = $orderType;
  697.             $params['start_date'] = $startDate;
  698.             $params['end_date'] = $endDate;
  699.             $params['term'] = $term;
  700.             $this->deleteOrdersDeleted($result);
  701.             return $this->render('account/mecstore/ordini_list.html.twig'$params);
  703.         }
  704.         else if($type == 'bozze-ordini'){
  706.             $params['heading'] = "BOZZE ORDINI";
  707.             $result $order->getOrderByStatus('Draft',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term,'o_id','desc',true);
  708.             $params['result'] = $result;
  709.             $params['type'] = $type;
  710.             $params['paginationVariables'] = $result->getPaginationData();
  711.             $params['totalCount'] = $result->getTotalItemCount();
  712.             $params['offset'] = $result->getCurrentPageNumber();
  713.             $params['limit'] = $result->getItemNumberPerPage();
  714.             $params['order_type'] = $orderType;
  715.             $params['start_date'] = $startDate;
  716.             $params['end_date'] = $endDate;
  717.             $params['term'] = $term;
  718.             $this->deleteOrdersDeleted($result);
  719.             return $this->render('account/mecstore/bozze_list.html.twig'$params);
  721.         }
  722.         else if($type == 'pre-ordini'){
  723.             $availableStock = [];
  724.             $preOrderStock = [];
  725.             $itemsForRecalculation = [];
  726.             $partner $user->getPartner();
  727.             $params['heading'] = "PREORDINE";
  728.             $preOrderItem = new DataObject\PreOrderItem\Listing();
  729.             //$preOrderItem->filterByProduct($product);
  730.             $preOrderItem->filterByPartner($partner);
  731.             $preOrderItems $preOrderItem->load();
  733.             // Recalculating available qty
  734.             if($preOrderItems){
  735.                 foreach($preOrderItems as $item){
  736.                     $itemsForRecalculation[] = $item->getProduct()->getItem();
  737.                 }
  738.                 //$recalculatedCart = Utility::getOrders($itemsForRecalculation,$user->getPartner()->getCustSupp());
  739.             }
  741.             $cartManager $ecommerceFactory->getCartManager();
  742.             $preOrderCart $cartManager->getOrCreateCartByName('cart_pre_order_available');
  743.             $preOrderCart->clear();
  745.             if($preOrderItems){
  746.                 foreach($preOrderItems as $item){
  747.                     $availInStock $item->getAvailableInStock(true);
  749.                     if(is_array($availInStock) && !empty($availInStock)){
  750.                         $product $item->getProduct();
  751.                         if($availInStock['adjusted_qty']>0){
  752.                             // p_r($item->getProduct()->getItem());
  753.                             // p_r($availInStock);
  754.                             // exit;
  755.                             $preOrderCart->addItem($product,$availInStock['adjusted_qty']);
  756.                             $preOrderCart->save();
  757.                         }
  758.                         if($availInStock['carry_forwared'] > 0){
  759.                             $preOrderStock[] = ['product'=>$item->getProduct(),'totalPrice'=>($availInStock['carry_forwared']*$product->getCONSORZ()),'qty'=>$availInStock['carry_forwared'],'notes'=>'','modified_date'=>$item->getModificationDate()];
  760.                         }
  761.                     }
  762.                 }
  763.             }
  765.             $hqBranch \Pimcore\Model\DataObject\Partners::getByIsMecstoreHQ(1,true);
  766.             // Branches
  767.             // Branches
  768.             $availableBranches $this->getBranches($session,$user);
  769.             if(empty($availableBranches))
  770.             {
  771.                 throw new \Exception("Permission denied");
  772.             }
  773.             $branches = new DataObject\Partners\Listing();
  774.             $branches->setCondition('oo_id IN ('.implode(",",$availableBranches).')');
  775.             $branches $branches->load();
  777.             $customerAddresses = new DataObject\CustomerAddress\Listing();
  778.             $customerAddresses->setCondition('user__id = ?',[$user->getId()]);
  779.             $customerAddresses $customerAddresses->load();
  781.             $params['products'] = $preOrderItems;
  782.             $params['order_type'] = $orderType;
  783.             $params['term'] = $term;
  784.             $params['type'] = $type;
  785.             $params['cart'] = $preOrderCart;
  786.             $params['pre_order_stock'] = $preOrderStock;
  787.             $params['branches'] = $branches;
  788.             $params['addresses'] = $customerAddresses;
  789.             $params['hqBranch'] = $hqBranch;
  790.             $params['orderType'] = $orderType;
  791.             $params['start_date'] = $startDate;
  792.             $params['end_date'] = $endDate;
  794.             return $this->render('account/pre-order-list.html.twig'$params);
  795.         }
  796.         else
  797.         {
  798.             $params['heading'] = "ORDINI";
  799.             $result $order->getOrderByStatus('confirm',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term);
  800.         }
  801.         //p_r($result);exit;
  802.         //p_r(get_class_methods($result[0]));exit;
  803.         //p_r($result[count($result)-1]);
  805.         $params['result'] = $result;
  806.         $params['type'] = $type;
  807.         $params['paginationVariables'] = $result->getPaginationData();
  808.         $params['totalCount'] = $result->getTotalItemCount();
  809.         $params['offset'] = $result->getCurrentPageNumber();
  810.         $params['limit'] = $result->getItemNumberPerPage();
  811.         $params['order_type'] = $orderType;
  812.         $params['term'] = $term;
  813.         $params['start_date'] = $startDate;
  814.         $params['end_date'] = $endDate;
  817.         if($type != 'booked' && $type != 'draft'){
  818.             $this->deleteOrdersDeleted($result);
  819.         }
  821.         return $this->render('account/order_list.html.twig'$params);
  822.     }
  824.     public function deleteOrdersDeleted($listaOrdini){
  825.         $salesOrdersIds = [];
  826.         foreach($listaOrdini as $ordine){
  827.             if(!is_array($ordine)) {
  828.                 $salesOrdersIds[] = $ordine->getSalesOrderId();
  829.             }
  830.         }
  831.         $salesOrdersIds implode(","$salesOrdersIds);
  832.         //echo $salesOrdersIds;
  834.         $responseArr = [];
  835.         $curl = new CurlService();
  836.         try {
  837.             $request '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
  838.             <soapenv:Header/>
  839.             <soapenv:Body>
  840.                 <tem:getNumOrdNoMatch>
  841.                     <tem:Token_Client>' SOAP_TOKEN '</tem:Token_Client>
  842.                     <tem:ListSaleOrdId>' $salesOrdersIds '</tem:ListSaleOrdId>
  843.                 </tem:getNumOrdNoMatch>
  844.             </soapenv:Body>
  845.             </soapenv:Envelope>';
  846.             \Pimcore\Log\Simple::log('erp_order_request'$request);
  847.             $xml sprintf($requestSOAP_TOKEN);
  848.             $response $curl->getCurlResponseNew($request$xml);
  849.             $ordersToDelete $response->xpath('//ListaOrdiniRichiesti/SaleOrdId');
  850.         } catch (Exception $e) {
  851.             //\Pimcore\Log\Simple::log('soap', $e->getMessage());
  852.             echo "ERRORE";
  853.         }
  854.         //echo $xml; //die();
  855.         //print_r($response);
  856.         //print_r($ordersToDelete);
  857.         foreach($ordersToDelete as $orderToDelete){
  858.             $otd \Pimcore\Model\DataObject\OnlineShopOrder::getBySalesOrderId($orderToDeletetrue);
  859.             if($otd){
  860.                 //echo $otd->getOrdernumber();
  861.                 $otd->delete();
  862.             }
  863.         }
  864.     }
  866.     public function deleteOrdersNoMatch($branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term){
  867.         $order = new Order();
  868.         $result $order->getOrderByStatus('confirm',$branches,$paginator,$page,$limit,$orderType,$startDate,$endDate,$term,'o_id','desc',true);
  869.     }
  871.     /**
  872.      * Index page for account - it is restricted to ROLE_USER via security annotation
  873.      *
  874.      * @Route("/account/order/detail/impegnati/{id}", name="account-impagniti-detail")
  875.      * @Security("is_granted('ROLE_USER')")
  876.      *
  877.      * @param SsoIdentityServiceInterface $identityService
  878.      * @param UserInterface|null $user
  879.      *
  880.      * @return Response
  881.      */
  882.     public function orderImpagnitiRieplogoAction(Request $requestSsoIdentityServiceInterface $identityServiceUserInterface $user nullSessionInterface $session=null)
  883.     {
  884.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  885.         if(!$this->service->isAllowed($userObject"order_create")) {
  886.             throw new \Exception("Permission denied");
  887.         }
  888.         $blacklist = [];
  889.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  890.             $blacklist[] = $identity->getProvider();
  891.         }
  893.         $productId $request->get('id',null);
  894.         if(!$productId){
  895.             throw new \Exception("Product not found");
  896.         }
  898.         $product \Pimcore\Model\DataObject::getById($productId);
  900.         $order = new Order();
  902.         // Booking statistics
  903.         $db \Pimcore\Db::get();
  904.         $response['booking'] = $order->getBookingStatistics($db,$productId);
  907.         // Pre Order statistics
  908.         $response['pre_order'] = $order->getPreOrderStatistics($db,$productId);
  911.         return $this->render('account/mecstore/order_engaged_detail.html.twig', [
  912.             'response' => $response,
  913.             'product'=>$product,
  914.             'hideBreadcrumbs' => true
  915.         ]);
  916.     }
  918.     /**
  919.      * Index page for account - it is restricted to ROLE_USER via security annotation
  920.      *
  921.      * @Route("/account/order/detail/{type}/{id}", name="account-order-detail")
  922.      * @Security("is_granted('ROLE_USER')")
  923.      *
  924.      * @param SsoIdentityServiceInterface $identityService
  925.      * @param UserInterface|null $user
  926.      *
  927.      * @return Response
  928.      */
  929.     public function orderDetailAction(Request $requestSsoIdentityServiceInterface $identityServiceUserInterface $user nullSessionInterface $session=null)
  930.     {
  931.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  932.         if(!$this->service->isAllowed($userObject"order_create")) {
  933.             throw new \Exception("Permission denied");
  934.         }
  935.         $blacklist = [];
  936.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  937.             $blacklist[] = $identity->getProvider();
  938.         }
  940.         $branches = [];
  942.         if(!$userObject->getPartner()->getIsMecstoreHQ() && !$userObject->getUserRoles() != "Customer"){
  943.             $branches $this->getBranches($session,$user);
  944.             if(empty($branches))
  945.             {
  946.                 throw new \Exception("Permission denied");
  947.             }
  948.         }
  950.         $orderId $request->get('id');
  951.         $type strtolower($request->get('type','all'));
  952.         $order = new Order();
  954.         $order $order->getOrderById($orderId,$branches);
  956.         if(empty($order)){
  957.             throw new \Exception("Permission denied");
  958.         }
  960.         $deliveredQty $this->getProductsDeliveredQty($order[0]->getSalesOrderId());
  961.         //print_r($deliveredQty);
  963.        // p_r(get_class_methods($order[0]));exit;
  964.         $order is_array($order)?$order[0]:[];
  965.         if($order)
  966.         {
  967.             $orderDetail $order->getOrderDetail();
  968.             if($orderDetail)
  969.             {
  970.                 $orderDetail $orderDetail->getItems();
  971.                 $orderDetail = isset($orderDetail)?$orderDetail[0]:[];
  972.             }
  973.         }
  975.         // Get DDT
  977.         if($type == "ordini"){
  978.             return $this->render('account/mecstore/ordini_detail.html.twig', [
  979.                 'blacklist' => $blacklist,
  980.                 'hideBreadcrumbs' => true,
  981.                 'order'=> $order,
  982.                 'type'=>$type,
  983.                 'orderBrick'=>$orderDetail,
  984.                 'deliveredQty'=>$deliveredQty,
  985.             ]);
  986.         }
  987.         else if($type == "invoice"){
  988.             return $this->render('account/order_invoice.html.twig', [
  989.                 'blacklist' => $blacklist,
  990.                 'hideBreadcrumbs' => true,
  991.                 'order'=> $order,
  992.                 'type'=>$type,
  993.                 'orderBrick'=>$orderDetail
  994.             ]);
  995.         }
  996.         else if($type == "future_invoice"){
  997.             return $this->render('account/order_future_invoice.html.twig', [
  998.                 'blacklist' => $blacklist,
  999.                 'hideBreadcrumbs' => true,
  1000.                 'order'=> $order,
  1001.                 'type'=>$type,
  1002.                 'orderBrick'=>$orderDetail
  1003.             ]);
  1004.         }
  1005.         else{
  1006.             return $this->render('account/order_detail.html.twig', [
  1007.                 'blacklist' => $blacklist,
  1008.                 'hideBreadcrumbs' => true,
  1009.                 'order'=> $order,
  1010.                 'type'=>$type,
  1011.                 'orderBrick'=>$orderDetail,
  1012.                 'deliveredQty'=>$deliveredQty,
  1013.             ]);
  1014.         }
  1016.     }
  1018.     private function getProductsDeliveredQty($salesOrderId){
  1020.         $return = [];
  1021.         if($salesOrderId) {
  1022.                 $curl = new CurlService();
  1023.                 $request '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tem="http://tempuri.org/">
  1024.                 <soapenv:Header/>
  1025.                 <soapenv:Body>
  1026.                     <tem:getMembersSaleOrdersDetails_Parameters>
  1027.                         <!--Optional:-->
  1028.                         <tem:Token_Client>%s</tem:Token_Client>
  1029.                         <!--Optional:-->
  1030.                         <tem:ToDate></tem:ToDate>
  1031.                         <!--Optional:-->
  1032.                         <tem:Customer/>
  1033.                         <tem:FromSaleOrdId>%s</tem:FromSaleOrdId>
  1034.                         <!--Optional:-->
  1035.                         <tem:LimitRecords>1</tem:LimitRecords>
  1036.                         <!--Optional:-->
  1037.                         <tem:FromDate></tem:FromDate>
  1038.                     </tem:getMembersSaleOrdersDetails_Parameters>
  1039.                 </soapenv:Body>
  1040.                 </soapenv:Envelope>';
  1041.                 $xml sprintf($requestSOAP_TOKEN$salesOrderId);
  1042.                 $response $curl->getCurlResponseNew($request$xml);
  1043.                 //print_r($response);
  1044.                 $membersOrdersDetails $response->xpath('//MembersOrdersDetailsParameters');
  1045.                 if (count($membersOrdersDetails)) {
  1046.                     foreach ($membersOrdersDetails as $membersOrderDetails) {
  1047.                         if($membersOrderDetails->Item != '') {
  1048.                             $return[(string)$membersOrderDetails->Item] = (float)$membersOrderDetails->DeliveredQty;
  1049.                         }
  1050.                     }
  1051.                 }
  1052.         }
  1053.         return $return;
  1054.     }
  1056.     /**
  1057.      * Index page for account - it is restricted to ROLE_USER via security annotation
  1058.      *
  1059.      * @Route("/account/order-booked/{id}", name="account-order-detail-booking")
  1060.      * @Security("is_granted('ROLE_USER')")
  1061.      *
  1062.      * @param SsoIdentityServiceInterface $identityService
  1063.      * @param UserInterface|null $user
  1064.      *
  1065.      * @return Response
  1066.      */
  1067.     public function orderBookingAction(Request $requestSsoIdentityServiceInterface $identityServiceUserInterface $user nullSessionInterface $session=null)
  1068.     {
  1069.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  1070.         if(!$this->service->isAllowed($userObject"booking_create")) {
  1071.             throw new \Exception("Permission denied");
  1072.         }
  1073.         $blacklist = [];
  1074.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  1075.             $blacklist[] = $identity->getProvider();
  1076.         }
  1078.         $availbaleBranches $this->getBranches($session,$user);
  1079.         if(empty($availbaleBranches))
  1080.         {
  1081.             throw new \Exception("Permission denied");
  1082.         }
  1085.         $orderType=$request->get('order_type',null);
  1086.         $term=$request->get('term',null);
  1088.         $customerAddresses = new DataObject\CustomerAddress\Listing();
  1089.         $customerAddresses->setCondition('user__id = ?',[$userObject->getId()]);
  1090.         $customerAddresses $customerAddresses->load();
  1093.         $orderId $request->get('id');
  1094.         $order = new Order();
  1096.         $order \Pimcore\Model\DataObject::getById($orderId);
  1099.         if(!$order instanceof \Pimcore\Model\DataObject\PurchaseOrder)
  1100.         {
  1101.             $this->addFlash('error'"Order does not exists");
  1102.             return $this->redirectToRoute('account-index');
  1103.         }
  1105.         $orderBranch $order->getBranch();
  1107.         if($orderBranch){
  1108.             $branchID $orderBranch->getID();
  1109.             if(!in_array($branchID,$availbaleBranches))
  1110.             {
  1111.                 throw new \Exception("Permission denied");
  1112.             }
  1113.         }
  1115.         // Branches
  1116.         $branches = new DataObject\Partners\Listing();
  1117.         $branches->setCondition('oo_id IN ('.implode(",",$availbaleBranches).')');
  1118.         $branches $branches->load();
  1120.         $hqBranch \Pimcore\Model\DataObject\Partners::getByIsMecstoreHQ(1,true);
  1122.         if($order)
  1123.         {
  1124.             $orderDetail $order->getOrderDetail();
  1125.             $items $order->getChildren();
  1126.         }
  1128.         return $this->render('account/order_booking.html.twig', [
  1129.             'blacklist' => $blacklist,
  1130.             'hideBreadcrumbs' => true,
  1131.             'order'=> $order,
  1132.             'items'=> $items,
  1133.             'type'=>'booked',
  1134.             'orderBrick'=>$orderDetail,
  1135.             'branches'=>$branches,
  1136.             'hqBranch'=>$hqBranch,
  1137.             'addresses'=>$customerAddresses,
  1138.             'order_type'=>$orderType,
  1139.             'term'=>$term
  1140.         ]);
  1141.     }
  1144.     /**
  1145.      * Index page for account - it is restricted to ROLE_USER via security annotation
  1146.      *
  1147.      * @Route("/account/order-draft/{id}", name="account-order-detail-draft")
  1148.      * @Security("is_granted('ROLE_USER')")
  1149.      *
  1150.      * @param SsoIdentityServiceInterface $identityService
  1151.      * @param UserInterface|null $user
  1152.      *
  1153.      * @return Response
  1154.      */
  1155.     public function orderDraftAction(Request $requestSsoIdentityServiceInterface $identityServiceUserInterface $user nullSessionInterface $session=null)
  1156.     {
  1157.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  1158.         if(!$this->service->isAllowed($userObject"draft_create")) {
  1159.             throw new \Exception("Permission denied");
  1160.         }
  1162.         $blacklist = [];
  1163.         foreach ($identityService->getSsoIdentities($user) as $identity) {
  1164.             $blacklist[] = $identity->getProvider();
  1165.         }
  1166.         $orderId $request->get('id');
  1167.         $term=$request->get('term',null);
  1168.         $order = new Order();
  1170.         $order \Pimcore\Model\DataObject::getById($orderId);
  1173.         if(!$order instanceof \Pimcore\Model\DataObject\PurchaseOrder)
  1174.         {
  1175.             $this->addFlash('error'"Order does not exists");
  1176.             return $this->redirectToRoute('account-index');
  1177.         }
  1179.         $availableBranches $this->getBranches($session,$user);
  1180.         if(empty($availableBranches))
  1181.         {
  1182.             throw new \Exception("Permission denied");
  1183.         }
  1185.         $orderBranch $order->getBranch();
  1186.         if($orderBranch){
  1187.             $branchID $orderBranch->getID();
  1188.             if(!in_array($branchID,$availableBranches))
  1189.             {
  1190.                 throw new \Exception("Permission denied");
  1191.             }
  1192.         }
  1194.         // Branches
  1195.         $branches = new DataObject\Partners\Listing();
  1196.         $branches->setCondition('oo_id IN ('.implode(",",$availableBranches).')');
  1197.         $branches $branches->load();
  1199.         // Customer Addresses
  1200.         $customerAddresses = new DataObject\CustomerAddress\Listing();
  1201.         $customerAddresses->setCondition('user__id = ?',[$userObject->getId()]);
  1202.         $customerAddresses $customerAddresses->load();
  1204.         $hqBranch \Pimcore\Model\DataObject\Partners::getByIsMecstoreHQ(1,true);
  1206.         if($order)
  1207.         {
  1208.             $orderDetail $order->getOrderDetail();
  1209.             $items $order->getChildren();
  1210.         }
  1212.         if($userObject->getPartner()->getIsMecstoreHQ() && $userObject->getUserRoles() != "Customer"){
  1213.             return $this->render('account/mecstore/order_draft.html.twig', [
  1214.                 'blacklist' => $blacklist,
  1215.                 'hideBreadcrumbs' => true,
  1216.                 'order'=> $order,
  1217.                 'items'=> $items,
  1218.                 'type'=>'booking',
  1219.                 'orderBrick'=>$orderDetail,
  1220.                 'branches'=>$branches,
  1221.                 'hqBranch'=>$hqBranch,
  1222.                 'addresses'=>$customerAddresses,
  1223.                 'term'=>$term
  1224.             ]);
  1225.         }else{
  1226.             return $this->render('account/order_draft.html.twig', [
  1227.                 'blacklist' => $blacklist,
  1228.                 'hideBreadcrumbs' => true,
  1229.                 'order'=> $order,
  1230.                 'items'=> $items,
  1231.                 'type'=>'booking',
  1232.                 'orderBrick'=>$orderDetail,
  1233.                 'branches'=>$branches,
  1234.                 'hqBranch'=>$hqBranch,
  1235.                 'addresses'=>$customerAddresses,
  1236.                 'term'=>$term
  1237.             ]);
  1238.         }
  1239.     }
  1243.     /**
  1244.      * Index page for account - it is restricted to ROLE_USER via security annotation
  1245.      *
  1246.      * @Route("/account/pre-order-checkout", name="shop-checkout-confirm-order-pre-order")
  1247.      * @Security("is_granted('ROLE_USER')")
  1248.      *
  1249.      * @param Factory $ecommerceFactory
  1250.      * @param UserInterface|null $user
  1251.      *
  1252.      * @return Response
  1253.      */
  1254.     public function preOrderCheckoutAction(Request $requestFactory $ecommerceFactoryUserInterface $user nullSessionInterface $session=null)
  1255.     {
  1256.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  1258.         $deliveryBranch $userObject->getPartner();
  1259.         //$formData = $request->query->all();
  1261.         $note $request->get('order_reference_pre_order');
  1262.         $additionalNote $request->get('additional_note_pre_order');
  1264.         $params $request->get('accordion-notes');//('accordion-notes');
  1267.         if($params){
  1268.             $session->set('accordion-notes',$request->get('accordion-notes'));
  1269.             $session->set('order_reference_pre_order',$request->get('order_reference_pre_order'));
  1270.             $session->set('additional_note_pre_order',$request->get('additional_note_pre_order'));
  1271.         }else{
  1272.             $params $session->get('accordion-notes');
  1273.             $note $session->get('order_reference_pre_order');
  1274.             $additionalNote $session->get('additional_note_pre_order');
  1275.         }
  1278.         $cartManager $ecommerceFactory->getCartManager();
  1279.         $cart $cartManager->getOrCreateCartByName('cart_pre_order_available');
  1280.         $preOrderCart $cartManager->getOrCreateCartByName('cart_pre_order');
  1281.         $reviewCart $cartManager->getOrCreateCartByName('cart_review');
  1282.         $preOrderCart->clear();
  1283.         $reviewCart->clear();
  1285.         if($params){
  1286.             foreach($params as $key=>$value){
  1287.                 $additionalNotes[$key] = $value[0];
  1288.             }
  1289.         }
  1291.         $items $cart->getItems();
  1293.         if(!$items){
  1294.             throw new \Exception("Prodotti non disponibili nel carrello");
  1295.         }
  1297.         //p_r($params);exit;
  1298.         foreach($items as $item){
  1299.             $prod $item->getProduct();
  1300.             $itemsForRecalculation[] = $prod->getItem();
  1301.         }
  1303.        // p_r($cart);exit;
  1305.         $partner $user->getPartner();
  1307.         if(!empty($itemsForRecalculation) && $partner){
  1308.             $recalculatedCart Utility::getOrders($itemsForRecalculation,$partner->getCustSupp());
  1309.         }
  1311.       // p_r($recalculatedCart);exit;
  1313.         if(!$recalculatedCart){
  1314.             throw new \Exception("Impossibile ricalcolare il carrello");
  1315.         }
  1317.         $oldMetadata = [];
  1318.         $preOrder = [];
  1320.         foreach($items as $item){
  1322.             $prod $item->getProduct();
  1324.             $preorderitems = new DataObject\PreOrderItem\Listing();
  1325.             $preorderitems->filterByUser($user);
  1326.             $preorderitems->filterByProduct($prod);
  1327.             $preorderitems->filterByIsAvailable(true);
  1328.             $preorderitems->setLimit(1);
  1330.             $updatedPrice 0;
  1331.             $updateStock 0;
  1333.             // Price fetched from old product
  1334.            // p_r($item);
  1335.             $requiredQty $item->getCount();
  1336.             $currentPrice $prod->getCONSORZ();
  1337.             $recalculatedItem $recalculatedCart[$prod->getItem()];
  1339.             if(!empty($recalculatedItem) && $preorderitems->getCount()>0){
  1340.                 $updatedPrice $recalculatedItem['Price'];
  1341.                 $updateStock $recalculatedItem['Disponibilita'] + $preorderitems->load()[0]->getQty() ;
  1342.                 // Checking if required qty in cart is more than recent qty fetched by API
  1343.                 //p_r($requiredQty.'----'.$updateStock);     exit;
  1344.                 if($requiredQty >= $updateStock){
  1346.                     $reviewCart->addItem($prod,$requiredQty);
  1347.                     // Update cart
  1348.                     /*$preOrderStock = $requiredQty-$updateStock;
  1349.                     $prod->setDisponibilita($updateStock);
  1350.                     $prod->setCONSORZ($updatedPrice);
  1351.                     $prod->save();
  1353.                     if($preOrderStock > 0){
  1354.                         $preOrderCart->addItem($prod,$preOrderStock);
  1355.                         $preOrder[$prod->getId()]['new_price'] = (float) $updatedPrice;
  1356.                         $preOrder[$prod->getId()]['old_price'] = (float) $currentPrice;
  1357.                         $preOrder[$prod->getId()]['new_stock'] = (float) $preOrderStock;
  1358.                         $preOrder[$prod->getId()]['old_stock'] = (float) $requiredQty;
  1359.                         $preOrder[$prod->getId()]['inStock'] = false;
  1360.                     }
  1363.                     $calReqQty = $requiredQty-$preOrderStock;
  1365.                     $prod->setDisponibilita($updateStock);
  1366.                     $prod->setCONSORZ($updatedPrice);
  1367.                     $prod->save();
  1368.                     if($calReqQty > 0){
  1369.                         $reviewCart->addItem($prod,$calReqQty);
  1370.                         $oldMetadata[$prod->getId()]['new_price'] = (float) $updatedPrice;
  1371.                         $oldMetadata[$prod->getId()]['old_price'] = (float) $currentPrice;
  1372.                         $oldMetadata[$prod->getId()]['new_stock'] = (float) $calReqQty;
  1373.                         $oldMetadata[$prod->getId()]['old_stock'] = (float) $calReqQty;
  1374.                         $oldMetadata[$prod->getId()]['inStock'] = ($updateStock)?true:false;
  1375.                     }else{
  1376.                         $preOrderCart->addItem($prod,$requiredQty);
  1377.                     }*/
  1379.                 }else{
  1380.                     $preOrderCart->addItem($prod,$requiredQty);
  1381.                     /*$prod->setDisponibilita($updateStock);
  1382.                     $prod->setCONSORZ($updatedPrice);
  1383.                     $prod->save();
  1385.                     if($requiredQty>0){
  1386.                         $reviewCart->addItem($prod,$requiredQty);
  1387.                     }else{
  1388.                         $preOrderCart->addItem($prod,$requiredQty);
  1389.                     }
  1390.                     $oldMetadata[$prod->getId()]['new_price'] = (float) $updatedPrice;
  1391.                     $oldMetadata[$prod->getId()]['old_price'] = (float) $currentPrice;
  1392.                     $oldMetadata[$prod->getId()]['new_stock'] = (float) $requiredQty;
  1393.                     $oldMetadata[$prod->getId()]['old_stock'] = (float) $requiredQty;
  1394.                     $oldMetadata[$prod->getId()]['inStock'] = ($updateStock)?true:false;*/
  1395.                 }
  1398.             }else{
  1399.                 $preOrder[$prod->getId()]['new_price'] = 0;
  1400.                 $preOrder[$prod->getId()]['old_price'] = 0;
  1401.                 $preOrder[$prod->getId()]['new_stock'] = 0;
  1402.                 $preOrder[$prod->getId()]['old_stock'] = 0;
  1403.                 $preOrder[$prod->getId()]['inStock'] = false;
  1404.                 $preOrder[$prod->getId()]['message'] = "Esaurito";
  1406.                 // Updating available qty of product to 0 if product is not present in API
  1407.                 $prod->setDisponibilita(0);
  1408.                 $prod->save();
  1409.                 $preOrderCart->addItem($prod,$requiredQty);
  1410.             }
  1412.             $reviewCart->save();
  1413.             $preOrderCart->save();
  1414.         }
  1417.         $reviewCart->setCheckoutData('oldMetadata',$oldMetadata);
  1418.         $reviewCart->save();
  1420.         $preOrderCart->setCheckoutData('oldMetadata',$preOrder);
  1421.         $preOrderCart->save();
  1424.         $availableBranches $this->getBranches($session,$user);
  1425.         if(empty($availableBranches))
  1426.         {
  1427.             throw new \Exception("Permission denied");
  1428.         }
  1430.         $hqBranch \Pimcore\Model\DataObject\Partners::getByIsMecstoreHQ(1,true);
  1432.         $branches = new DataObject\Partners\Listing();
  1433.         $branches->setCondition('oo_id IN ('.implode(",",$availableBranches).')');
  1434.         $branches $branches->load();
  1436.         $customerAddresses = new DataObject\CustomerAddress\Listing();
  1437.         $customerAddresses->setCondition('user__id = ?',[$user->getId()]);
  1438.         $customerAddresses $customerAddresses->load();
  1441.        //p_r($branches);exit;
  1442.         return $this->render('account/order_summary.html.twig', [
  1443.             'cart' => $reviewCart,
  1444.             'pre_order_cart' => $preOrderCart,
  1445.             'hideBreadcrumbs' => true,
  1446.             'deliveryBranch'=>$deliveryBranch,
  1447.             'params'=>$params,
  1448.             'additionalNotes'=>$additionalNotes,
  1449.             'checkoutData'=>$oldMetadata,
  1450.             'checkoutDataPreOrder'=>$preOrder,
  1451.             'additionalNote' => $additionalNote,
  1452.             'note' => $note,
  1453.             'branches'=>$branches,
  1454.             'hqBranch'=>$hqBranch,
  1455.             'addresses'=>$customerAddresses
  1456.         ]);
  1459.     }
  1462.     /**
  1463.      * Index page for account - it is restricted to ROLE_USER via security annotation
  1464.      *
  1465.      * @Route("/account/download-order/{id}", name="account-order-download-order")
  1466.      * @Security("is_granted('ROLE_USER')")
  1467.      *
  1468.      * @param SsoIdentityServiceInterface $identityService
  1469.      * @param UserInterface|null $user
  1470.      *
  1471.      * @return Response
  1472.      */
  1473.     public function downloadOrder(Request $requestSsoIdentityServiceInterface $identityServiceUserInterface $user null)
  1474.     {
  1475.         $writer WriterEntityFactory::createXLSXWriter();
  1476.         $writer->openToFile($filePath); // write data to a file or to a PHP stream
  1477.         //$writer->openToBrowser($fileName); // stream data directly to the browser
  1479.         $cells = [
  1480.             WriterEntityFactory::createCell('Carl'),
  1481.             WriterEntityFactory::createCell('is'),
  1482.             WriterEntityFactory::createCell('great!'),
  1483.         ];
  1485.         /** add a row at a time */
  1486.         $singleRow WriterEntityFactory::createRow($cells);
  1487.         $writer->addRow($singleRow);
  1489.         /** add multiple rows at a time */
  1490.         $multipleRows = [
  1491.             WriterEntityFactory::createRow($cells),
  1492.             WriterEntityFactory::createRow($cells),
  1493.         ];
  1494.         $writer->addRows($multipleRows);
  1496.         /** Shortcut: add a row from an array of values */
  1497.         $values = ['Carl''is''great!'];
  1498.         $rowFromValues WriterEntityFactory::createRowFromArray($values);
  1499.         $writer->addRow($rowFromValues);
  1500.         $writer->close();
  1501.     }
  1503.     private function checkPermission(){
  1504.         $allow false;
  1505.         $userObject \Pimcore::getContainer()->get('security.token_storage')->getToken()->getUser();
  1506.         if($this->service->isAllowed($userObject"draft_create") || $this->service->isAllowed($userObject"booking_create") || $this->service->isAllowed($userObject"order_create") || $this->service->isAllowed($userObject"order_view")) {
  1507.             $allow true;
  1508.         }
  1510.         //Whitelist admin route for mecstore
  1511.         if(in_array($_SERVER['REQUEST_URI'],MECSTORE_WHITELIST_URLS)){
  1512.             if($userObject->getPartner()->getIsMecstoreHQ() && $userObject->getUserRoles() != "Customer"){
  1513.                 $allow true;
  1514.             }else{
  1515.                 $allow false;
  1516.             }
  1517.         }
  1519.         return $allow;
  1520.     }
  1522. }