fix errors when creating user and updating password

2025-06-07 18:44:08 +00:00 · 2018-09-04 16:55:34 +02:00 · 2018-09-04 16:55:34 +02:00 · e88265adcd
commit e88265adcd
parent 04bdaa308a
4 changed files with 46 additions and 18 deletions
--- a/Controller/UserController.php
+++ b/Controller/UserController.php
@ -50,7 +50,7 @@ class UserController extends Controller
            $em = $this->getDoctrine()->getManager();

            $user->setPassword($this->get('security.password_encoder')
-                    ->encodePassword($user, $form['plainPassword']['password']->getData()));
+                    ->encodePassword($user, $form['plainPassword']->getData()));

            $em->persist($user);
            $em->flush();
@ -177,12 +177,14 @@ class UserController extends Controller
     */
    private function createEditPasswordForm(User $user)
    {
-        return $this->createForm(UserPasswordType::class, $user, array(
-            'action' =>
-                $this->generateUrl('admin_user_update_password', array('id' => $user->getId())),
-            'method' => 'PUT'
-            ))
-                ->add('submit', SubmitType::class, array('label' => 'Change password'))
+        return $this->createForm(UserPasswordType::class, null, array(
+                'action' =>
+                    $this->generateUrl('admin_user_update_password', array('id' => $user->getId())),
+                'method' => 'PUT',
+                'user' => $user
+                ))
+            ->add('submit', SubmitType::class, array('label' => 'Change password'))
+            ->remove('actual_password')
                ;
    }

@ -356,15 +358,13 @@ class UserController extends Controller
        $editForm->handleRequest($request);

        if ($editForm->isValid()) {
-            $password = $editForm->getData()->getPassword();
+            $password = $editForm->get('new_password')->getData();

-            // logging for debug !! WARNING print the new password !!
-            $this->get('logger')->debug('update password for an user',
-                    array('method' => __METHOD__, 'password' => $password,
-                        'user' => $user->getUsername()));
            // logging for prod
-            $this->get('logger')->info('update password for an user',
-                    array('method' => __METHOD__, 'user' => $user->getUsername()));
+            $this->get('logger')->info('update password for an user', [
+                    'by' => $this->getUser()->getUsername(), 
+                    'user' => $user->getUsername()
+                ]);

            $user->setPassword($this->get('security.password_encoder')
                    ->encodePassword($user, $password));
--- a/Form/UserType.php
+++ b/Form/UserType.php
@ -6,6 +6,11 @@ use Symfony\Component\Form\AbstractType;
 use Symfony\Component\Form\FormBuilderInterface;
 use Symfony\Component\OptionsResolver\OptionsResolver;
 use Symfony\Component\Form\Extension\Core\Type\ChoiceType;
+use Symfony\Component\Form\Extension\Core\Type\RepeatedType;
+use Symfony\Component\Validator\Constraints\Length;
+use Symfony\Component\Validator\Constraints\NotBlank;
+use Symfony\Component\Validator\Constraints\Regex;
+use Symfony\Component\Form\Extension\Core\Type\PasswordType;

 use Chill\MainBundle\Form\UserPasswordType;

@ -22,8 +27,31 @@ class UserType extends AbstractType
            ->add('email')
            ;
        if ($options['is_creation']) {
-            $builder->add('plainPassword', UserPasswordType::class, array(
-                'mapped' => false
+            $builder->add('plainPassword', RepeatedType::class, array(
+                'mapped' => false,
+                'type' => PasswordType::class,
+                'required' => false,
+                'options' => array(),
+                'first_options' => array(
+                    'label' => 'Password'
+                ),
+                'second_options' => array(
+                    'label' => 'Repeat the password'
+                ),
+                'invalid_message' => "The password fields must match",
+                'constraints' => array(
+                    new Length(array(
+                        'min' => 9,
+                        'minMessage' => 'The password must be greater than {{ limit }} characters'
+                        )),
+                    new NotBlank(),
+                    new Regex(array(
+                        'pattern' => "/((?=.*\d)(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%!,;:+\"'-\/{}~=µ\(\)£]).{6,})/",
+                        'message' => "The password must contains one letter, one "
+                        . "capitalized letter, one number and one special character "
+                        . "as *[@#$%!,;:+\"'-/{}~=µ()£]). Other characters are allowed."
+                        ))
+                )
            ));

        } else {
--- a/Resources/views/User/edit_password.html.twig
+++ b/Resources/views/User/edit_password.html.twig
@ -6,7 +6,7 @@
    <h1>{{ 'Edit password for %username%'|trans( { '%username%': entity.username } ) }}</h1>

    {{ form_start(edit_form) }}
-    {{ form_row(edit_form.password) }}
+    {{ form_row(edit_form.new_password) }}
    {{ form_widget(edit_form.submit, { 'attr': { 'class': 'sc-button orange' } } ) }}
    {{ form_end(edit_form) }}
    
--- a/Resources/views/User/new.html.twig
+++ b/Resources/views/User/new.html.twig
@ -8,7 +8,7 @@
    {{ form_start(form) }}
    {{ form_row(form.username) }}
    {{ form_row(form.email) }}
-    {{ form_row(form.plainPassword.password) }}
+    {{ form_row(form.plainPassword) }}
    {{ form_widget(form.submit, { 'attr' : { 'class': 'sc-button blue' } }) }}
    {{ form_end(form) }}