[CoreBundle] 8.x fix administration code issue (#1790)

* Added option is_user_admin_code_unique and fixed override issue

* Added administration code constraint

* Administration code constraint in class, not property

* Cleaned userscontroller for csv import

* Added admin code constraint to CsvUserValidator

Author: ptsavdar

main/core/Controller/Administration/UsersController.php

@@ -283,17 +283,24 @@ public function userWorkspaceListAction(User $user, $page, $max)
      * @EXT\Method("POST")
      * @EXT\Template("ClarolineCoreBundle:Administration/Users:importForm.html.twig")
      *
+     * @param Request $request
+     *
      * @return Response
+     *
+     * @throws \Claroline\CoreBundle\Manager\Exception\AddRoleException
      */
-    public function importAction()
+    public function importAction(Request $request)
     {
         $form = $this->formFactory->create(new ImportUserType(true));
-        $form->handleRequest($this->request);
+        $form->handleRequest($request);
         $mode = $form->get('mode')->getData();
+        $options = ['ignore-update' => true];
 
         if ($mode === 'update') {
             $form = $this->formFactory->create(new ImportUserType(true, 1));
             $form->handleRequest($this->request);
+            $options['ignore-update'] = false;
+        } else {
         }
 
         if ($form->isValid()) {
@@ -304,31 +311,10 @@ public function importAction()
             $data = $this->container->get('claroline.utilities.misc')->formatCsvOutput($data);
             $lines = str_getcsv($data, PHP_EOL);
             $users = [];
-            $toUpdate = [];
             $sessionFlashBag = $this->session->getFlashBag();
 
             foreach ($lines as $line) {
-                if (trim($line) !== '') {
-                    if ($mode === 'update') {
-                        $datas = str_getcsv($line, ';');
-                        $username = $datas[2];
-                        $email = $datas[4];
-                        $code = $datas[5];
-                        $existingUser = $this->userManager->getUserByUsernameOrMailOrCode(
-                            $username,
-                            $email,
-                            $code
-                        );
-
-                        if (is_null($existingUser)) {
-                            $users[] = $datas;
-                        } else {
-                            $toUpdate[] = $datas;
-                        }
-                    } else {
-                        $users[] = str_getcsv($line, ';');
-                    }
-                }
+                $users[] = str_getcsv($line, ';');
             }
 
             $roleUser = $this->roleManager->getRoleByName('ROLE_USER');
@@ -353,44 +339,31 @@ public function importAction()
                 }
             }
 
-            if (count($toUpdate) > 0) {
-                $updatedNames = $this->userManager->importUsers(
-                    $toUpdate,
-                    $sendMail,
-                    null,
-                    $additionalRoles,
-                    $enableEmailNotification
-                );
+            $logs = $this->userManager->importUsers(
+                $users,
+                $sendMail,
+                null,
+                $additionalRoles,
+                $enableEmailNotification,
+                $options
+            );
 
-                foreach ($updatedNames as $name) {
+            foreach ($logs as $key => $names) {
+                $msgClass = 'success';
+                if ($key === 'skipped') {
+                    $msgClass = 'error';
+                }
+                foreach ($names as $name) {
                     $msg = '<'.$name.'> ';
                     $msg .= $this->translator->trans(
-                        'has_been_updated',
+                        'has_been_'.$key,
                         [],
                         'platform'
                     );
-                    $sessionFlashBag->add('success', $msg);
+                    $sessionFlashBag->add($msgClass, $msg);
                 }
             }
 
-            $createdNames = $this->userManager->importUsers(
-                $users,
-                $sendMail,
-                null,
-                $additionalRoles,
-                $enableEmailNotification
-            );
-
-            foreach ($createdNames as $name) {
-                $msg = '<'.$name.'> ';
-                $msg .= $this->translator->trans(
-                    'has_been_created',
-                    [],
-                    'platform'
-                );
-                $sessionFlashBag->add('success', $msg);
-            }
-
             return new RedirectResponse($this->router->generate('claro_admin_users_index'));
         }
 

main/core/Controller/ProfileController.php

@@ -236,7 +236,6 @@ public function editProfileAction(User $loggedUser, User $user = null)
             throw new AccessDeniedException();
         }
 
-        $userRole = $this->roleManager->getUserRoleByUser($user);
         $roles = $this->roleManager->getPlatformRoles($user);
         $accesses = $this->profilePropertyManager->getAccessesForCurrentUser();
 
@@ -278,7 +277,6 @@ public function editProfileAction(User $loggedUser, User $user = null)
 
             $user = $form->getData();
             $this->userManager->rename($user, $user->getUsername());
-            $this->roleManager->renameUserRole($userRole, $user->getUsername());
 
             $successMessage = $translator->trans('edit_profile_success', [], 'platform');
             $errorMessage = $translator->trans('edit_profile_error', [], 'platform');

main/core/Entity/User.php

@@ -45,6 +45,7 @@
  * @DoctrineAssert\UniqueEntity("mail")
  * @Assert\Callback(methods={"isPublicUrlValid"})
  * @ClaroAssert\Username()
+ * @ClaroAssert\UserAdministrativeCode()
  */
 class User extends AbstractRoleSubject implements Serializable, AdvancedUserInterface, EquatableInterface, OrderableInterface
 {

main/core/Library/Configuration/PlatformConfiguration.php

@@ -89,6 +89,7 @@ class PlatformConfiguration
     private $loginTargetRoute;
     private $enableOpengraph;
     private $tmpDir;
+    private $isUserAdminCodeUnique;
     /**
      * @param mixed $sessionDbDataCol
      */
@@ -810,4 +811,24 @@ public function getTmpDir()
     {
         return $this->tmpDir;
     }
+
+    /**
+     * @return mixed
+     */
+    public function getIsUserAdminCodeUnique()
+    {
+        return $this->isUserAdminCodeUnique;
+    }
+
+    /**
+     * @param mixed $isUserAdminCodeUnique
+     *
+     * @return $this
+     */
+    public function setIsUserAdminCodeUnique($isUserAdminCodeUnique)
+    {
+        $this->isUserAdminCodeUnique = $isUserAdminCodeUnique;
+
+        return $this;
+    }
 }

main/core/Library/Configuration/PlatformConfigurationHandler.php

@@ -99,6 +99,7 @@ class PlatformConfigurationHandler
         'enable_rich_text_file_import' => false,
         'login_target_route' => 'claro_security_login',
         'enable_opengraph' => true,
+        'is_user_admin_code_unique' => true,
     ];
     private $lockedParameters;
 
@@ -229,6 +230,7 @@ public function getPlatformConfig()
         $config->setLoginTargetRoute($this->parameters['login_target_route']);
         $config->setEnableOpengraph($this->parameters['enable_opengraph']);
         $config->setTmpDir($this->parameters['tmp_dir']);
+        $config->setIsUserAdminCodeUnique($this->parameters['is_user_admin_code_unique']);
 
         return $config;
     }

main/core/Manager/UserManager.php

@@ -373,11 +373,19 @@ public function deleteUser(User $user)
      * )
      *
      * @param array    $users
-     * @param string   $authentication an authentication source
-     * @param bool     $mail           do the users need to be mailed
-     * @param \Closure $logger         an anonymous function allowing to log actions
+     * @param bool     $sendMail
+     * @param \Closure $logger                 an anonymous function allowing to log actions
+     * @param array    $additionalRoles
+     * @param bool     $enableEmailNotifaction
+     * @param array    $options
      *
      * @return array
+     *
+     * @throws AddRoleException
+     * @throws \Claroline\CoreBundle\Persistence\NoFlushSuiteStartedException
+     *
+     * @internal param string $authentication an authentication source
+     * @internal param bool $mail do the users need to be mailed
      */
     public function importUsers(
         array $users,
@@ -392,8 +400,16 @@ public function importUsers(
             $options['ignore-update'] = false;
         }
 
-        $returnValues = [];
+        if (!isset($options['single-validate'])) {
+            $options['single-validate'] = false;
+        }
+
+        // Return values
+        $created = [];
+        $updated = [];
         $skipped = [];
+        // Skipped users table
+        $skippedUsers = [];
         //keep these roles before the clear() will mess everything up. It's not what we want.
         $tmpRoles = $additionalRoles;
         $additionalRoles = [];
@@ -424,6 +440,7 @@ public function importUsers(
         foreach ($users as $user) {
             $firstName = $user[0];
             $lastName = $user[1];
+            $fullName = $firstName.' '.$lastName;
             $username = $user[2];
             $pwd = $user[3];
             $email = trim($user[4]);
@@ -484,7 +501,6 @@ public function importUsers(
                 $organizations = [];
             }
 
-            $group = $groupName ? $this->groupManager->getGroupByName($groupName) : null;
             if ($groupName) {
                 $group = $this->groupManager->getGroupByNameAndScheduledForInsert($groupName);
 
@@ -497,20 +513,13 @@ public function importUsers(
                 $group = null;
             }
 
-            $userEntity = $this->userRepo->findOneByMail($email);
-
-            if (!$userEntity) {
-                $userEntity = $this->userRepo->findOneByUsername($username);
-                if (!$userEntity && $code !== null) {
-                    //the code isn't required afaik
-                    $userEntity = $this->userRepo->findOneByAdministrativeCode($code);
-                }
-            }
+            $userEntity = $this->getUserByUsernameOrMailOrCode($username, $email, $code);
 
             if ($userEntity && $options['ignore-update']) {
                 if ($logger) {
                     $logger(" Skipping  {$userEntity->getUsername()}...");
                 }
+                $skipped[] = $fullName;
                 continue;
             }
 
@@ -539,7 +548,8 @@ public function importUsers(
             if ($options['single-validate']) {
                 $errors = $this->validator->validate($userEntity);
                 if (count($errors) > 0) {
-                    $skipped[$i] = $userEntity;
+                    $skippedUsers[$i] = $userEntity;
+                    $skipped[] = $fullName;
                     if ($isNew) {
                         --$countCreated;
                     } else {
@@ -572,7 +582,11 @@ public function importUsers(
             }
 
             $this->objectManager->persist($userEntity);
-            $returnValues[] = $firstName.' '.$lastName;
+            if ($isNew) {
+                $created[] = $fullName;
+            } else {
+                $updated[] = $fullName;
+            }
 
             if ($group) {
                 $this->groupManager->addUsersToGroup($group, [$userEntity]);
@@ -616,11 +630,15 @@ public function importUsers(
             $logger($countUpdated.' users updated.');
         }
 
-        foreach ($skipped as $key => $user) {
+        foreach ($skippedUsers as $key => $user) {
             $logger('The user '.$user.' was skipped at line '.$key.' because it failed the validation pass.');
         }
 
-        return $returnValues;
+        return [
+            'created' => $created,
+            'updated' => $updated,
+            'skipped' => $skipped,
+        ];
     }
 
     /**
@@ -1282,6 +1300,10 @@ public function getUserByUsernameOrMail($username, $mail, $executeQuery = true)
 
     public function getUserByUsernameOrMailOrCode($username, $mail, $code)
     {
+        if (empty($code) || !$this->platformConfigHandler->getParameter('is_user_admin_code_unique')) {
+            return $this->getUserByUsernameOrMail($username, $mail, true);
+        }
+
         return $this->userRepo->findUserByUsernameOrMailOrCode($username, $mail, $code);
     }
 

main/core/Repository/UserRepository.php

@@ -17,28 +17,56 @@
 use Claroline\CoreBundle\Entity\Role;
 use Claroline\CoreBundle\Entity\User;
 use Claroline\CoreBundle\Entity\Workspace\Workspace;
+use Claroline\CoreBundle\Library\Configuration\PlatformConfigurationHandler;
 use Doctrine\ORM\EntityRepository;
 use Doctrine\ORM\NoResultException;
 use Doctrine\ORM\Query;
+use JMS\DiExtraBundle\Annotation as DI;
 use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
 use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
 use Symfony\Component\Security\Core\User\UserInterface;
 use Symfony\Component\Security\Core\User\UserProviderInterface;
 
+/**
+ * Class UserRepository.
+ */
 class UserRepository extends EntityRepository implements UserProviderInterface
 {
+    /**
+     * @var PlatformConfigurationHandler
+     */
+    private $platformConfigHandler;
+
+    /**
+     * @param PlatformConfigurationHandler $platformConfigHandler
+     *
+     * @DI\InjectParams({
+     *      "platformConfigHandler" = @DI\Inject("claroline.config.platform_config_handler")
+     * })
+     */
+    public function setPlatformConfigurationHandler(PlatformConfigurationHandler $platformConfigHandler)
+    {
+        $this->platformConfigHandler = $platformConfigHandler;
+    }
+
     /**
      * {@inheritdoc}
      */
     public function loadUserByUsername($username)
     {
+        $isUserAdminCodeUnique = $this->platformConfigHandler->getParameter('is_user_admin_code_unique');
+
         $dql = '
             SELECT u FROM Claroline\CoreBundle\Entity\User u
             WHERE u.username LIKE :username
-            OR u.mail LIKE :username
-            OR u.administrativeCode LIKE :username
-            AND u.isEnabled = true
-        ';
+            OR u.mail LIKE :username';
+
+        if ($isUserAdminCodeUnique) {
+            $dql .= '
+                OR u.administrativeCode LIKE :username';
+        }
+        $dql .= '
+            AND u.isEnabled = true';
         $query = $this->_em->createQuery($dql);
         $query->setParameter('username', $username);
 

main/core/Resources/translations/platform.de.yml

@@ -403,6 +403,7 @@ has_been_emptied: 'a été vidé'
 has_been_put_in_category: 'a été placé dans la catégorie'
 has_been_registered_in_workspace: 'a été inscrit dans l''espace d''activités'
 has_been_registered_to_group: 'a été inscrit dans le groupe'
+has_been_skipped: 'n''a pas été créé'
 has_been_suscribed_with_role: 'a été inscrit(e) avec le rôle'
 has_been_suscribed_with_role_group: 'a été inscrit avec le rôle'
 has_been_unregistered_from_group: 'a été désincrit du groupe'